Nokia A032 - page 25

Radius operation 25

the AP. If a WEP key has been stored in the

Radius database for this station, it uses the

Blowfish algorithm to encrypt the WEP key and

includes this as a Vendor-Specific Radius

attribute. Otherwise, no Vendor-Specific

attribute is included.

The WEP key is transmitted as a 32-character

hexadecimal ASCII string derived as follows:

• Copy the n-byte WEP key to a 16-byte

buffer.

• Fill the remainder of the buffer with 0x00.

• Encrypt the 16-byte buffer using Blowfish

with the shared secret as the key.

• Encode the 16-byte buffer as a 32-character

hexadecimal string.

The WEPkeygen utility provided with the AP

can be used to generate the encrypted keys. The

data can be entered as normal, and saved to a

file instead of being sent to the AP. This is a

simple text file, and the encrypted key values

can be copied across to the Radius database.

The 32-character string representing the

encrypted key is sent to the AP as a vendor-

specific attribute (see RFC2138 section 5.26)

with the vendor ID set to the Nokia value (94).

This is shown below.

Field Octets

Type (26) 1

Length 1

Vendor ID (94) 4

WEP key attribute

(see following tables)

34 or 36

Contents

Main ii Copyright notices Table of contents Page 1. Introduction Purpose Scope Page 2. Access point parameters Table of parameters This section describes the changes to AP parameters, and the use of newly added parameters. Page Page Page Page Radio parameters Path delay Beacon interval TX power DTIM interval CCA mode ED Threshold ED Absolute 3. Minor functional changes Learn mode SNMP changes WEP key lengths 4. Radius operation Introduction 20 Technical information Radius overview Page Page Radius operation Page Page Page Page 28 Configuration Page 5. DHCP operation Introduction Server operation 32 Client operation 34 Operational sequence Page Page Accepting dynamic IP addresses Page DHCP Vendor class options Page Page 42 TFTP download Page Page 6. TFTP config.txt file