Specifications

RoamAbout Mobility System Software Configuration Guide 10-1

Configuring User Encryption

MobilitySystemSoftware(MSS)encryptswirelessusertrafficforalluserswhoaresuccessfully

authenticatedtojoinan encryptedSSIDandwhoarethenauthorizedtojoinaVLAN.MSS

supportsthefollowingtypesofencryptionforwirelessusertraffic:

• 802.11i

•Wi‐FiProtectedAccess(WPA)

•RobustSecurityNetwork(RSN)

•Non‐WPA

dynamicWiredEquivalentPrivacy(WEP)

•Non‐WPAstaticWEP

WEPisdescribedintheIEEE802.11standardandWPAisdescribedinthe802.11istandard.

WPAand802.11iprovidestrongersecuritythanWEP.(802.11iusesRobustSecurityNetwork(RSN),

andissometimescalledWPA2.)

TouseWPAorRSN,aclient

mustsupportit.Fornon‐WPAclients,MSSsupportsWEP.Ifyour

networkcontainsacombinationofWPA,RSN,clientsandnon‐WPAclients,youcanconfigure

MSStoprovideencryptionforbothtypesofclients.

ToconfigureencryptionparametersforanSSID,createoreditaserviceprofile,mapthe

service

profiletoaradioprofile,andaddradiostotheradioprofile.TheSSIDname,advertisement

setting(beaconing),andencryptionsettingsareconfiguredintheserviceprofile.

YoucanconfigureanSSIDtosupportanycombinationofWPA,RSN,andnon‐WPAclients.For

example,aradiocansimultaneouslyuse

TemporalKeyIntegrityProtocol(TKIP)encryptionfor

WPAclientsandWEPencryptionfornon‐WPAclients.

TheSSIDtypemustbecrypto(encrypted)forencryptiontobeused.IftheSSIDtypeisclear,

wirelesstrafficisnotencrypted,regardlessoftheencryptionsettings.

For information about...

Refer to page...

Configuring WPA 10-3

Configuring RSN (802.11i) 10-12

Configuring WEP 10-15

Encryption Configuration Scenarios 10-18

Note: MSS does not encrypt traffic in the wired part of the network. MSS does not encrypt wireless

or wired traffic for users who associate with an unencrypted (clear) SSID.