|
You use Wired Equivalent Privacy (WEP) to encrypt radio signals
sent by the device and decrypt radio signals received by the device.
This page allows you to select authentication types for the access
point. The internal radio and the radio module both have an AP Radio
Data Encryption page. Both pages contain the same settings, but
you can can assign different security settings to each radio.
Settings
Use of Data Encryption by Station is:
Determine whether clients should use data encryption when communicating
with the device. WEP is enabled by selecting Optional or Full Encryption.
The three options are:
- No encryption -- (Default) The device
communicates only with client devices that are not using WEP.
- Optional --
Client devices can communicate with this access point or bridge
either with or without WEP.
- Full encryption -- Client devices
must use WEP when communicating with the access point or bridge.
Devices not using WEP are not allowed to communicate.
- Not available - You must set an encryption
key or enable Broadcast Key Rotation first.
Note You must set a WEP key before you enable
use of encryption.
Accept Authentication Types
Select how to set the authentications the device recognizes.
- Open -- (Default) Allows any device
to authenticate and then attempt to communicate with the bridge
or access point. If the bridge or access point is using WEP and
the other device is not, the other device does not attempt to
authenticate with the bridge. If the other device is using WEP
but its WEP keys do not match the keys on the bridge or access
point, the other device authenticates with the bridge or access
point but does not pass data to it. The device’s WEP key does
not match the bridge’s or access point's key, so it can authenticate
but not pass data.
Note While a bridge or access
point can use EAP to authenticate a wireless client device, a bridge
or access point cannot use EAP to authenticate another bridge or
access point. In other words, when two bridges communicate with
each other, the bridges must authenticate each other using the open
or shared key authentication type.
- Shared key -- The bridge or access
point sends an unencrypted challenge text string to any device
attempting to communicate with the bridge/access point. The device
requesting authentication encrypts the challenge text and sends
it back to the bridge or access point. If the challenge text is
encrypted correctly, the bridge or access point allows the requesting
device to authenticate. Both the unencrypted challenge and the
encrypted challenge can be monitored, however, which leaves the
bridge or access point open to attack from an intruder who guesses
the WEP key by comparing the unencrypted and encrypted text strings.
Because of this weakness, Shared Key authentication can be less
secure than Open authentication.
- Network-EAP
-- The device uses the Extensible Authentication Protocol (EAP)
to interact with an EAP-compatible RADIUS server on your network
to provide authentication for wireless client devices. Client
devices use dynamic WEP keys to authenticate to the network.
Require EAP
If you use open or shared authentication as well as EAP authentication,
select Require EAP under Open or Shared
to block client devices that are not using EAP from authenticating
through the access point.
Transmit with Key
Click the Transmit with Key button to
allow you to select the key this device uses when transmitting data.
Only one key can be selected at a time. All set keys can be used
to receive data. The selected key must already be set before it
can be specified as the Transmit key.
Note The key that you select as the transmit
key must also be entered in the same key slot on client devices that
associate with the access point or bridge, but it does not have to
be selected as the transmit key on the client devices.
Encryption Key
Enter a WEP key in one of the Encryption Key
fields. For 40-bit encryption, enter 10 hexadecimal digits; for
128-bit encryption, enter 26 hexadecimal digits. Hexadecimal digits
are a set of characters that includes numbers 0 through 9, lower-case
letters a through f, and uppercase letters A through F. Your WEP
keys can contain combinations of any of these characters. WEP keys
are not case-sensitive.
You can enter up to four WEP keys. The
key that you select as the transmit key must also be entered in
the same key slot on client devices that associate with the access
point or bridge, but it does not have to be selected as the transmit
key on the client devices.
This table shows an example WEP key setup
that would work for the access point or bridge and an associated
client device.
|
Key Slot
|
Access Point/Bridge
|
Client Device
|
|
Transmit?
|
Key Contents
|
Transmit?
|
Key Contents
|
|
WEP Key 1
|
x
|
12345678901234567890abcdef
|
|
12345678901234567890abcdef
|
|
WEP Key 2
|
|
09876543210987654321fedcba
|
x
|
09876543210987654321fedcba
|
|
WEP Key 3
|
|
not set
|
|
not set
|
|
WEP Key 4
|
|
not set
|
|
FEDCBA09876543211234567890
|
Because the WEP key 2 is selected as the transmit key, WEP key
2 on the client device must contain the same contents. WEP key 4
on the client device is set, but because it is not selected as the
transmit key, WEP key 4 on the access point/bridge does not need
to be set at all.
The characters you type for the key contents appear only when
you type them. After you click Apply or
OK, you cannot view the key contents.
You cannot delete a WEP key, but you can write new characters
over an existing key.
Key Size
Select 40-bit or 128-bit encryption for each key. The not
set selection clears the key and indicates empty key slots.
Action Buttons
|
Command
|
Description
|
|
Apply
|
Activates the new setting. The browser remains on this page.
|
|
OK
|
Applies the new settings and moves the browser back to the
main Setup page.
|
|
Cancel
|
Cancels all changes to the setting, returns the settings
to the previously stored values, and redirects the user back
the main Setup page.
|
|
Restore Defaults
|
Changes all settings back to the factory default.
|
|
