Manualshelf

Specifications

ManualsBrandsMotorola ManualsComputer equipmentWS2000 - Wireless Switch - Network Management Device
919293949596979899100
5-14 WS2000 Wireless Switch System Reference Guide
(CBC-MAC) method. Changing even one bit in a message produces a totally different result thus providing
strong authentication.
WPA2-CCMP is based upon the concept of a robust security network (RSN), which defines a hierarchy of keys
that have a limited lifetime, similar to TKIP. Also like TKIP, the keys that the administrator provides are used
to derive other keys. Messages are encrypted using a 128-bit secret key and a 128-bit block of data. The end
result is encryption that is extremely secure.
1. Select the WPA2-CCMP radio button to enable Wi-Fi Protected Access (WPA) with Temporal Key
Integrity Protocol (TKIP).
2. To use WPA-TKIP encryption with 802.1x EAP authentication or the No Authentication selection,
click the WPA-TKIP Settings button to display a sub-screen for key and key rotation settings.
3. Check the Broadcast Key Rotation check box to enable or disable the broadcasting of encryption-key
changes to mobile units.
4. Specify a time period in seconds for broadcasting encryption-key changes to mobile units. Set key
broadcasts to a shorter time interval (at least 300 seconds) for tighter security on this WLAN’s wireless
connections. Set key broadcasts to a longer time interval (at most, 200,000 seconds) to relax security on
wireless connections.
5. Select either the ASCII Passphrase or the 256-bit Key radio button.
6. If ASCII Passphrase is selected, specify a 8 to 63 character ASCII string. The ASCII string allows
character spaces. The switch converts the string to a numeric value.
7. To use the 256-bit Key option, enter 16 hexadecimal characters into each of four fields.
8. WPA2-CCMP Mixed Mode enables WPA2-CCMP and WPA-TKIP Clients to operate simultaneously on
the network. Enabling this option allows backwards compatibility for clients that support WPA-TKIP but
do not support WPA2-CCMP.
9. The Fast Roaming area provides two fields. Enabling Pre-Authentication enables a client associated
with one Access Port to carry out an 802.1x authentication with another Access Port before it roams over
to it. The WS2000 switch will cache the keying information of the client until it roams to the new Access
Port. This enables the roaming the client to start sending and receiving data sooner by not having to do
802.1x authentication after it roams. Enabling Opportunistic Key Caching allows the switch to use a
Pairwise Master Key (PMK) derived with a client on one Access Port with the same client when it roams
over to another Access Port. Upon roaming the client does not have to do 802.1x authentication and can
start sending/receiving data sooner.