CHAPT ER
10-1
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-30644-01
10
Configuring WLAN Authentication and Encryption
This chapter describes how to configure authentication and encryption schemes to protect your WLANs.
Encryption can be achieved using shared keys or individual client keys. Individual client keys are more
robust, but need to be managed. Key management can be achieved using cipher suites with Wi-Fi
Protected Access (WPA) version 1 or version 2 and Cisco Centralized Key Management (CCKM)
authenticated key management.
Encryption robustness can be achieved using Wired Equivalent Privacy (WEP), WEP features including
AES, Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC), and broadcast key
rotation. Authentication can be achieved using shared keys (with WEP), pre-shared keys (with WPA v1
or WPAv2) or individual client authentication with 802.1x/EAP.
This chapter contains the following sections: