Wireless
Networks
Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE 83
5
WPA EnterpriseWPA Enterprise with RADIUS is an implementation of the Wi-Fi Alliance IEEE
802.11i standard, which includes CCMP (AES), and TKIP encryption. The
Enterprise mode requires the use of a RADIUS server to authenticate users.
This security mode is backwards-compatible with wireless clients that support
the original WPA.
These parameters configure WPA Enterprise:
•WPA Versions—The types of client stations to be supported:
-WPA—If all client stations on the network support the original WPA but
none support the newer WPA2, and then select WPA.
-WPA2—If all client stations on the network support WPA2, we suggest
using WPA2 which provides the best security per the IEEE 802.11i
standard.
-WPA and WPA2—If you have a mix of clients, some of which support
WPA2 and others which support only the original WPA, select both WPA
and WPA2. This setting lets both WPA and WPA2 client stations
associate and authenticate, but uses the more robust WPA2 for clients
who support it. This WPA configuration allows more interoperability, in
place of some security.
•Enable pre-authentication—If for WPA Versions you select only WPA2 or
both WPA and WPA2, you can enable pre-authentication for WPA2 clients.
Click Enable pre-authentication if you want WPA2 wireless clients to send
pre-authentication packets. The pre-authentication information is relayed
from the WAP device that the client is currently using to the target WAP
device. Enabling this feature can help speed up authentication for roaming
clients who connect to multiple APs.
This option does not apply if you selected WPA for WPA Versions because
the original WPA does not support this feature.
•Cipher Suites—The cipher suite you want to use:
-TKIP
-CCMP (AES)
-TKIP and CCMP (AES)