Professional Access Point Administrator Guide

Field

Authentication Algorithm

Description

The authentication algorithm defines the method used to determine whether a client is allowed to associate with an access point when static WEP is the security mode.

Specify the authentication algorithm you want to use by choosing one of the follow- ing:

Open System

Shared Key

Both

Open System authentication allows any client to associate with the access point whether that client has the correct WEP key or not. This algorithm is also used in None, IEEE 802.1x, and WPA modes. When the authentication algorithm is set to Open System, any client can associate with the access point.

That a client is allowed to associate does not ensure that the client can exchange traffic with an access point. A client must have the correct WEP key to be able to successfully access and decrypt data from an access point, and to transmit reada- ble data to the access point.

Shared Key authentication requires the client to have the correct WEP key in order to associate with the access point. When the authentication algorithm is set to Shared Key, a station with an incorrect WEP key will not be able to associate with the access point.

Both is the default. When the authentication algorithm is set to Both:

Clients configured to use WEP in shared key mode must have a valid WEP key in order to associate with the access point.

Clients configured to use WEP in an open system mode (shared key mode not enabled) will be able to associate with the access point even if they do not have the correct WEP key.

Rules to Remember for Static WEP

All clients must have the Wireless LAN (WLAN) security set to WEP, and all clients must have one of the WEP keys specified on the access point in order to decode access-point-to-station data transmis- sions.

The access point must have all keys used by clients for station-to-access-point transmit so that it can decode the station transmissions.

The same key must occupy the same slot on all nodes (access point and clients). For example, if the access point defines abc123 key as WEP key 3, then the clients must define that same string as WEP key 3.

On some wireless client software (like Funk Odyssey), you can configure multiple WEP keys and define a client transfer key index, then set the stations to encrypt the data they transmit using different keys. This ensures that neighbouring APs cannot decode each other’s transmissions.

Security - 111

Page 111
Image 111
USRobotics Instant802 APSDK manual Authentication Algorithm, Open System Shared Key Both