Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout 3000

261

262

263

264

265

266

267

268

269

270

Command Groups

RoamAbout Access Point 3000 Configuration Guide A-143

multicast-cipher

Thiscommanddefinesthecipheralgorithmusedforbroadcastingandmulticastingwhenusing

Wi‐FiProtectedAccess(WPA)security.

Syntax

multicast-cipher <AES | TKIP | WEP>

•AES‐AdvancedEncryptionStandard

•TKIP‐TemporalKeyIntegrityProtocol

•WEP‐WiredEquivalentPrivacy

Default Setting

WEP

Command Mode

InterfaceConfiguration(Wireless)

InterfaceConfiguration(Wireless):VAP

Command Usage

•UsethiscommandforthedefaultinterfaceoranyofthesevenVAPsconfigurableperradio

interface.

•WPAenablestheaccesspointtosupportdifferentunicastencryptionkeysforeachclient.

However,theglobalencryptionkeyformulticastandbroadcasttrafficmustbe thesamefor

allclients.This

commandsetstheencryptiontypethatissupportedbyallclients.

•IfanyclientssupportedbytheaccesspointarenotWPAenabled,themulticast‐cipher

algorithmmustbesettoWEP.

•WEPisthefirstgenerationsecurityprotocolusedtoencryptdatacrossingthewireless

mediumusingafairly

shortkey.CommunicatingdevicesmustusethesameWEPkeyto

encryptanddecryptradiosignals.WEPhasmanysecurityflaws,andisnotrecommended

fortransmittinghighlysensitivedata.

•TKIPprovidesdata encryptionenhancementsincludingper‐packetkeyhashing(i.e.,

changingtheencryptionkeyoneachpacket),amessage

integritycheck,anextended

initializationvectorwithsequencingrules,anda re‐keyingmechanism.

•TKIPdefendsagainstattacksonWEPinwhichtheun‐encryptedinitializationvectorin

encryptedpacketsisusedtocalculatetheWEPkey.TKIPchangestheencryptionkeyon

eachpacket,androtatesnotjust

theunicastkeys,butthebroadcastkeysaswell.TKIPisa

replacementforWEPthatremovesthepredictabilitythatintrudersreliedontodete rmine

theWEPkey.

•AEShasbeendesignatedbytheNationalInstituteofStandardsandTe chnology asthe

successortotheDataEncryptionStandard(DES)encryption

algorithm,andwillbeusedby

theU.S.governmentforencryptingallsens itive,nonclassifiedinformation.Becauseofits

strength,andresistancetoattack,AESisalsobeingincorporatedaspartofthe802.11

standard.