Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

221

222

223

224

225

226

227

228

229

230

Configuring WPA

RoamAbout Mobility System Software Configuration Guide 10-3

Figure 10-1 Default Encryption

Thisrestofthischapterdescribestheencryptiontypesandhowtoconfigurethem,andprovides

configurationscenarios.

Configuring WPA

Wi‐FiProtectedAccess(WPA)isasecurityenhancementtotheIEEE802.11wirelessstandard.

WPAprovidesenhancedencryptionwithnewciphersuitesandprovidesper‐packetmessage

integritychecks.WPAisbasedonthe802.11istandard.YoucanuseWPAwith802.1X

authentication.Iftheclientdoesnotsupport802.1 X,

youcanuseapresharedkeyontheAPand

theclientforauthentication.

WPA Cipher Suites

WPAsupportsthefollowingciphersuitesforpacketencryption,listedfrommostsecuretoleast

secure:

• CounterModewithCipherBlockChainingMessageAuthenticationCodeProtocol(CCMP)—

CCMPprovidesAdvancedEncryptionStandard(AES)dataencryption.Toprovidemessage

integrity,CCMPusestheCipherBlockChainingMessageAuthenticationCode(CBC‐MAC).

•TemporalKey

IntegrityProtocol(TKIP)—TKIPusestheRC4encryptionalgorithm,a128‐bit

encryptionkey,a48‐bitinitializationvector(IV),andamessageintegritycode(MIC)called

Michael.

•WiredEquivalentPrivacy(WEP)with104‐bitkeys—104‐bitWEPusestheRC4encryption

algorithmwitha104‐bitkey.

Encryption settings:

-WPA disabled

-Dynamic WEP enabled

-Static WEP disabled

User D

TKIP

WPA

User C

Static WEP

Non-WPA

User B

Dynamic 40-bit WEP

WPA

User A

Dynamic WEP

Non-WPA

RoamAbout Switch

Layer 2