Manualshelf

Specifications

ManualsBrandsMotorola ManualsNetworkingAP-7131 - Wireless Access Point
231232233234235236237238239240
AP-7131 Access Point Product Reference Guide
6-22
8. Configure the Fast Roaming (802.1x only) field as required to enable additional access
point roaming and key caching options. This feature is applicable only when using 802.1x
EAP authentication with WPA2-TKIP.
9. Click the Apply button to save any changes made within this New Security Policy screen.
10. Click the Cancel button to undo any changes made within the WPA/TKIP Settings field and
return to the WLAN screen. This reverts all settings to the last saved configuration.
6.9 Configuring WPA2-CCMP (802.11i)
WPA2 is a newer 802.11i standard that provides even stronger wireless security than Wi-Fi Protected
Access (WPA) and WEP. CCMP is the security standard used by the Advanced Encryption Standard
(AES). AES serves the same function TKIP does for WPA-TKIP. CCMP computes a Message Integrity
Check (MIC) using the proven Cipher Block Chaining (CBC) technique. Changing just one bit in a
message produces a totally different result.
WPA2/CCMP is based on the concept of a Robust Security Network (RSN), which defines a hierarchy
of keys with a limited lifetime (similar to TKIP). Like TKIP, the keys the administrator provides are used
to derive other keys. Messages are encrypted using a 128-bit secret key and a 128-bit block of data.
The end result is an encryption scheme as secure as any the access point provides.
To configure WPA2-CCMP on the access point:
1. Select Network Configuration -> Wireless -> Security from the access point menu tree.
If security policies supporting WPA2-CCMP exist, they appear within the Security
Configuration screen. These existing policies can be used as is, or their properties edited
Pre-Authentication Selecting this option enables an associated MU to carry out an
802.1x authentication with another access point before it roams to
it. The access point caches the keying information of the client until
it roams to the other access point. This enables the roaming client
to start sending and receiving data sooner by not having to do
802.1x authentication after it roams. This feature is only supported
when 802.1x EAP authentication and WPA2-TKIP is enabled.
NOTE PMK key caching is enabled internally by default for WPA2-TKIP when
802.1x EAP authentication is enabled.