Professional Access Point
Administrator Guide
RECOMMENDATIONS
WPA/WPA2 Personal (PSK) is not recommended for use with the Professional Access Point when WPA/ WPA2 Enterprise (RADIUS) is an option.
USRobotics recommends that you use WPA/WPA2 Enterprise (RADIUS) mode instead, unless you have interoperability issues that prevent you from using this mode.
For example, some devices on your network may not support WPA or WPA2 with EAP talking to a RADIUS server. Embedded printer servers or other small client devices with very limited space for implementation may not support RADIUS. For such cases, USRobotics recommends that you use WPA/ WPA2 Personal (PSK).
SEE ALSO
For information on how to configure this security mode, see “WPA/WPA2 Personal (PSK)” on page 115.
When to Use WPA/WPA2 Enterprise (RADIUS)
This security mode also provides backward compatibility for wireless clients that support only the original WPA.
Key Management
WPA/WPA2 Enterprise (RADIUS) mode provides
There are different Unicast keys for each station.
Encryption Algorithms
•Temporal Key Integrity Protocol (TKIP)
•Counter
User Authentication
Remote Authentication Dial-In User
Service (RADIUS)
You have a choice of using the Pro- fessional Access Point embedded RADIUS server or an external RADIUS server. The embedded RADIUS server supports Protected EAP (PEAP) and MSCHAP V2.
RECOMMENDATIONS
WPA/WPA2 Enterprise (RADIUS) mode is the recommended mode. The CCMP (AES) and TKIP encryption algorithms used with WPA modes are far superior to the RC4 algorithm used for Static WEP or IEEE 802.1x modes. Therefore, CCMP (AES) or TKIP should be used whenever possible. All WPA modes allow you to use these encryption schemes, so WPA security modes are recommended above the others when using WPA is an option.
Additionally, this mode incorporates a RADIUS server for user authentication, which gives it an edge over WPA/WPA2 Personal (PSK) mode.
Use the following guidelines for choosing options within the WPA/WPA2 Enterprise (RADIUS) mode security mode:
Security - 105