User`s guide
Table Of Contents
- About This User's Guide
- Document Conventions
- Safety Warnings
- Table of Contents
- Part I: Introduction
- 1. Getting to Know Your MWR222
- 2.
- 2. Introducing the Web Configurator
- 3. Monitor
- 4.
- 4.
- 4. MWR222 Modes
- 5. Router Mode
- 6. Access Point Mode
- 5.
- 5.
- 7. WISP Mode
- 7
- 7
- 8 Tutorials
- 8.3 Connecting to Internet from an Access Point
- 8.4 Configuring Wireless Security Using WPS
- 9 Wireless LAN
- 9.1 Overview
- 9.2 What You Can Do
- Use the General screen to enable the Wireless LAN, enter the SSID and select the wireless security mode.
- 9.3 What You Should Know
- 9.4 General Wireless LAN Screen
- 9.5 Security
- 9.6 MAC Filter
- 9.7 Wireless LAN Advanced Screen
- 9.8 Quality of Service (QoS) Screen
- 9.9 WPS Screen
- 9.10 WPS Station Screen
- 9.11 Scheduling Screen
- 9.12 WDS Screen
- 10.1 Overview
- 10.2 What You Can Do
- 10.3 What You Need To Know
- 10.2
- 10.3
- 10.4 Internet Connection
- 10.5 Mobile WAN
- 10.7 IGMP Snooping Screen
- 11 LAN
- 12 DHCP Server
- 13. Network Address Translation (NAT)
- 14 Dynamic DNS
- 15. OpenDNS
- 16 Static Route
- 17.
- 17.
- 17. Routing Information Protocol
- Part III
- Part V
- Maintenance and Troubleshooting
- Part VI
- Appendices and Index
- Appendix A
- Pop-up Windows, JavaScripts and Java Permissions
- End-User License Agreement for “MWR222”
- NOTE: Some components of this product incorporate free software programs covered under the open source code licenses which allows you to freely copy, modify and redistribute the software. For at least three (3) years from the date of distribution of t...
- Notice
- Information herein is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any p...
- Notice
- GNU GENERAL PUBLIC LICENSE
- GNU LESSER GENERAL PUBLIC LICENSE
MWR211 User’s Guide
272
WPA(2)
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2
(IEEE 802.11i) is a wireless security standard that defines stronger encryption,
authentication and key management than WPA.
Key differences between WPA(2) and WEP are improved data encryption and user
authentication.
Encryption
Both WPA and WPA2 improve data encryption by using Temporal Key Integrity
Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to
TKIP, WPA2 also uses Advanced Encryption Standard (AES) in the Counter mode
with Cipher block chaining Message authentication code Protocol (CCMP) to offer
stronger encryption.
Temporal Key Integrity Protocol (TKIP) uses 128-bit keys that are dynamically
generated and distributed by the authentication server. It includes a per-packet
key mixing function, a Message Integrity Check (MIC) named Michael, an
extended initialization vector (IV) with sequencing rules, and a re-keying
mechanism.
TKIP regularly changes and rotates the encryption keys so that the same
encryption key is never used twice. The RADIUS server distributes a Pairwise
Master Key (PMK) key to the AP that then sets up a key hierarchy and
management system, using the pair-wise key to dynamically generate unique
data encryption keys to encrypt every data packet that is wirelessly
communicated between the AP and the wireless clients. This all happens in the
background automatically.
WPA2 AES (Advanced Encryption Standard) is a block cipher that uses a 256-bit
mathematical algorithm called Rijndael.
The Message Integrity Check (MIC) is designed to prevent an attacker from
capturing data packets, altering them and resending them. The MIC provides a
strong mathematical function in which the receiver and the transmitter each
compute and then compare the MIC. If they do not match, it is assumed that the
data has been tampered with and the packet is dropped.
By generating unique data encryption keys for every data packet and by creating
an integrity checking mechanism (MIC), TKIP makes it much more difficult to
decode data on a Wi-Fi network than WEP, making it difficult for an intruder to
break into the network.
The encryption mechanisms used for WPA and WPA-PSK are the same. The only
difference between the two is that WPA-PSK uses a simple common password,