191

Configuring User Encryption

Configuring WPA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

Configuring WEP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

Encryption Configuration Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212

WLAN 2300 System Software (WSS Software) encrypts wireless user traffic for all users who are successfully authenti- cated to join an encrypted SSID and who are then authorized to join a VLAN. WSS Software supports the following types of encryption for wireless user traffic:

802.11i

Wi-Fi Protected Access (WPA)

Non-WPA dynamic Wired Equivalent Privacy (WEP)

Non-WPA static WEP

WEP is described in the IEEE 802.11 standard and WPA is described in the 802.11i standard.

WPA and 802.11i provide stronger security than WEP. (802.11i uses Robust Security Network (RSN), and is sometimes called WPA2.)

To use WPA or RSN, a client must support it. For non-WPA clients, WSS Software supports WEP. If your network contains a combination of WPA, RSN, clients and non-WPA clients, you can configure WSS Software to provide encryption for both types of clients.

To configure encryption parameters for an SSID, create or edit a service profile, map the service profile to a radio profile, and add radios to the radio profile. The SSID name, advertisement setting (beaconing), and encryption settings are configured in the service profile.

You can configure an SSID to support any combination of WPA, RSN, and non-WPA clients. For example, a radio can simultaneously use Temporal Key Integrity Protocol (TKIP) encryption for WPA clients and WEP encryption for non-WPA clients.

The SSID type must be crypto (encrypted) for encryption to be used. If the SSID type is clear, wireless traffic is not encrypted, regardless of the encryption settings.

Note. WSS Software does not encrypt traffic in the wired part of the network. WSS Software does not encrypt wireless or wired traffic for users who associate with an unencrypted (clear) SSID.

Table 5 on page 192 lists the encryption types supported by WSS Software and their default states.

Nortel WLAN Security Switch 2300 Series Configuration Guide

Page 190 Page 192
Page 191
Image 191
Nortel Networks 2300 manual Configuring User Encryption
Page 190 Page 192
Top Page Image Contents