Specifications

Configuring WPA

10-4 Configuring User Encryption

•WEPwith40‐bitkeys—40‐bitWEPusestheRC4encryptionalgorithmwitha 40‐bitkey.

YoucanconfigureAPstosupportoneormoreoftheseciphersuites.Forallof theseciphersuites,

MSSdynamicallygeneratesuniquesessionkeysforeachsession.MSSperiodicallychangesthe

keysto

reducethelikelihoodthatanetworkintrudercaninterceptenoughframesto decodeakey.

Figure 10‐2onpage 10‐4showstheclientsupportwhenWPAencryptionforTKIPonlyisenabled.

AradiousingWPAwithTKIPencryptstrafficonlyforWPATKIPclientsbutnotforCCMPor

WEPclients.Theradiodisassociatesfromtheseotherclients.

Figure 10-2 WPA Encryption with TKIP Only

Figure 10‐3onpage 10‐5showstheclientsupportwhenbothWEPencryptionandTKIPare

enabled.AradiousingWPAwithTKIPandWEPencryptstrafficforWPA TKIPclients,WPA

WEPclients,andnon‐WPAdynamicWEPclients,butnot

forCCMPorstaticWEPclients.The

radiodisassociatesfromtheseotherclients.

Encryption settings:

-WPA enabled: TKIP only

-Dynamic WEP disabled

-Static WEP disabled

User D

TKIP

WPA

User C

Static WEP

Non-WPA

User B

Dynamic 40-bit WEP

WPA

User A

Dynamic WEP

Non-WPA

RoamAbout Switch

Layer 2