Appendix D Wireless LANs
3The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the network, but is derived from the PSK and the SSID.
4The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them.
Figure 278
Security Parameters Summary
Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type. MAC address filters are not dependent on how you configure these security features.
Table 203 Wireless Security Relational Matrix
AUTHENTICATION | ENCRYPTIO | ENTER |
| |
METHOD/ KEY | IEEE 802.1X | |||
N METHOD | MANUAL KEY | |||
MANAGEMENT PROTOCOL |
| |||
Open | None | No | Disable | |
|
|
|
| |
|
|
| Enable without Dynamic WEP Key | |
|
|
|
| |
Open | WEP | No | Enable with Dynamic WEP Key | |
|
|
|
| |
|
| Yes | Enable without Dynamic WEP Key | |
|
|
|
| |
|
| Yes | Disable | |
|
|
|
| |
Shared | WEP | No | Enable with Dynamic WEP Key | |
|
|
|
| |
|
| Yes | Enable without Dynamic WEP Key | |
|
|
|
| |
|
| Yes | Disable | |
|
|
|
| |
WPA | TKIP/AES | No | Enable | |
|
|
|
| |
TKIP/AES | Yes | Disable | ||
|
|
|
| |
WPA2 | TKIP/AES | No | Enable | |
|
|
|
| |
TKIP/AES | Yes | Disable | ||
|
|
|
|
472 |
| |
| ||
|
|
|