User's Manual
Table Of Contents
- Warranty and Product Registration
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Command Line Interface
- Using the Command Line Interface
- General Commands
- System Management Commands
- country
- prompt
- system name
- system-resource
- password
- reboot-schedule
- apmgmgtui ssh enable
- apmgmtui ssh port
- apmgmtui telnet- server enable
- apmgmtui http port
- apmgmtui http server
- apmgmtui http session-timeout
- apmgmtui https port
- apmgmtui https server
- apmgmtui snmp
- apmgmtip
- show apmanagement
- show system
- show system resource
- show version
- show config
- System Logging Commands
- System Clock Commands
- DHCP Relay Commands
- SNMP Commands
- snmp-server community
- snmp-server contact
- snmp-server location
- snmp-server enable server
- snmp-server host
- snmp-server trap
- snmp-server vacm view
- snmp-server vacm group
- snmp-server user
- snmp-server target
- snmp-server filter
- show snmp users
- show snmp target
- show snmp filter
- show snmp
- show snmp vacm view
- show snmp vacm group
- Flash/File Commands
- RADIUS Client Commands
- 802.1X Authentication Commands
- MAC Address Authentication Commands
- Filtering Commands
- Spanning Tree Commands
- bridge stp service
- bridge stp br-conf forwarding-delay
- bridge stp br-conf hello-time
- bridge stp br-conf max-age
- bridge stp br-conf priority
- bridge stp port-conf interface
- bridge-link path-cost
- bridge-link port- priority
- vap (STP Interface)
- path-cost (STP Interface)
- port-priority (STP Interface)
- bridge mac-aging
- show bridge stp
- show bridge br-conf
- show bridge port-conf interface
- show bridge status
- show bridge forward address
- show bridge mac- aging
- WDS Bridge Commands
- Ethernet Interface Commands
- Wireless Interface Commands
- interface wireless
- vap
- a-mpdu
- a-msdu
- channel
- transmit-power
- min-allowed-rate
- disable-coexist
- make-rf-setting- effective
- preamble
- short-guard-interval
- beacon-interval
- dtim-period
- rts-threshold
- ssid
- closed-system
- max-client
- max-association
- client-assoc-preempt
- assoc-timeout- interval
- auth-timeout-interval
- multicast-enhance
- shutdown (VAP)
- interfere-chan- recover
- antenna-chain
- long-distance
- long-distance reference-data
- long-distance slottime
- long-distance acktimeout
- long-distance ctstimeout
- bandwidth-control downlink
- bandwidth-control downlink rate
- bandwidth-control uplink
- bandwidth-control uplink rate
- show interface wireless
- show station
- show station statistics
- Wireless Security Commands
- Rogue AP Detection Commands
- Link Integrity Commands
- Link Layer Discovery Commands
- VLAN Commands
- WMM Commands
- QoS Commands
- Appendices
- Index of CLI Commands
- Index
Chapter 25
| Wireless Security Commands
– 234 –
◆ WPA2 defines a transitional mode of operation for networks moving from WPA
security to WPA2. WPA2 Mixed Mode allows both WPA and WPA2 clients to
associate to a common VAP interface. When the encryption cipher suite is set to
TKIP, the unicast encryption cipher (TKIP or AES-CCMP) is negotiated for each
client. The access point advertises it’s supported encryption ciphers in beacon
frames and probe responses. WPA and WPA2 clients select the cipher they
support and return the choice in the association request to the access point.
For mixed-mode operation, the cipher used for broadcast frames is always TKIP.
WEP encryption is not allowed.
Example
AP(if-wireless 0: VAP[0])# auth wpa-psk
AP(if-wireless 0: VAP[0])#
Related Commands
encryption
key
encryption This command enables data encryption for wireless communications. Use the no
form to disable data encryption.
Syntax
[no] encryption
Default Setting
disabled
Command Mode
Interface Configuration (Wireless-VAP)
Command Usage
◆ Selecting a security method using the auth command, automatically enables
data encryption (WEP, TKIP, or AES-CCMP) for the VAP. Only use this command
when using WEP encryption with an Open System.
◆ Encryption is implemented in this device to prevent unauthorized access to
your wireless network. For more secure data transmissions, enable encryption
by selecting a security method using the auth command, or by using the
encryption command when using WEP encryption only.
◆ The encryption settings must be the same on each client in your wireless
network.
◆ Note that encryption protects data transmitted between wireless nodes, but
does not protect any transmissions over your wired network or over the
Internet.