Appendix D Wireless LANs
2The AP checks each wireless client's password and allows it to join the network only if the password matches.
3The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the network, but is derived from the PSK and the SSID.
4The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them.
Figure 200
Security Parameters Summary
Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type. MAC address filters are not dependent on how you configure these security features.
Table 129 Wireless Security Relational Matrix
AUTHENTICATION | ENCRYPTIO | ENTER |
|
METHOD/ KEY | IEEE 802.1X | ||
MANAGEMENT | N METHOD | MANUAL KEY | |
PROTOCOL |
|
|
|
Open | None | No | Disable |
|
|
|
|
|
|
| Enable without Dynamic WEP |
|
|
| Key |
|
|
|
|
Open | WEP | No | Enable with Dynamic WEP Key |
|
|
|
|
|
| Yes | Enable without Dynamic WEP |
|
|
| Key |
|
|
|
|
|
| Yes | Disable |
|
|
|
|
Shared | WEP | No | Enable with Dynamic WEP Key |
|
|
|
|
|
| Yes | Enable without Dynamic WEP |
|
|
| Key |
|
|
|
|
|
| Yes | Disable |
|
|
|
|
WPA | TKIP/AES | No | Enable |
|
|
|
|
TKIP/AES | Yes | Disable | |
|
|
|
|
| 377 |
|
|