![](/images/new-backgrounds/1109091/109091161x1.webp)
Wireless | 5 |
| |
Networks |
|
|
|
|
|
-Both Open System and Shared Key. When you select both authentication algorithms, client stations configured to use WEP in shared key mode must have a valid WEP key in order to associate with the WAP device. Also, client stations configured to use WEP as an open system (shared key mode not enabled) can associate with the WAP device even if they do not have the correct WEP key.
Static WEP Rules
If you use Static WEP, these rules apply:
•All client stations must have the Wireless LAN (WLAN) security set to WEP, and all clients must have one of the WEP keys specified on the WAP device in order to decode
•The WAP device must have all keys used by clients for
•The same key must occupy the same slot on all nodes (AP and clients). For example, if the WAP device defines abc123 key as WEP key 3, then the client stations must define that same string as WEP key 3.
•Client stations can use different keys to transmit data to the access point. (Or they can all use the same key, but using the same key is less secure because it means one station can decrypt the data being sent by another.)
•On some wireless client software, you can configure multiple WEP keys and define a client station transfer key index, and then set the stations to encrypt the data they transmit using different keys. This ensures that neighboring access points cannot decode other access point transmissions.
•You cannot mix
Dynamic WEP
Dynamic WEP refers to the combination of 802.1x technology and the Extensible Authentication Protocol (EAP). With Dynamic WEP security, WEP keys are changed dynamically.
EAP messages are sent over an IEEE 802.11 wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL). IEEE 802.1X provides dynamically generated keys that are periodically refreshed. An RC4 stream cipher is used to encrypt the frame body and cyclic redundancy checking (CRC) of each 802.11 frame.
Cisco Small Business WAP121 and WAP321 | 79 |