Wpa And Wpa2 - Cisco Aironet CB21AG Installation And Configuration Manual

Cisco aironet 802.11a/b/g wireless lan client adapters

Hide thumbs Also See for Aironet CB21AG:

Installation and configuration manual (286 pages)

Install wizard (34 pages)

User manual (22 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

page of 159

/ 159
Contents
Table of Contents
Bookmarks

Table of Contents

Chapter 5

Configuring the Client Adapter

Refer to the following pages for instructions on enabling these EAP types:

•

Refer to the IEEE 802.11 Standard for more information on 802.1X authentication and to the following

Note

URL for additional information on RADIUS servers:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter0918

6a00800ca7ab.html

WPA and WPA2

Wi-Fi Protected Access (WPA) and WPA2 are standards-based security solutions from the Wi-Fi

Alliance that provide data protection and access control for wireless LAN systems. WPA is compatible

with the IEEE 802.11i standard but was implemented prior to the standard's ratification; WPA2 is the

Wi-Fi Alliance's implementation of the ratified IEEE 802.11i standard.

WPA uses Temporal Key Integrity Protocol (TKIP) and message integrity check (MIC) for data

protection while WPA2 uses the stronger Advanced Encryption Standard encryption algorithm using

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (AES-CCMP). Both

WPA and WPA2 use 802.1X for authenticated key management.

Both WPA and WPA2 support two mutually exclusive key management types: WPA/WPA2 and

WPA/WPA2 passphrase (also known as WPA pre-shared key or WPA-PSK). Using WPA or WPA2, clients

and the authentication server authenticate to each other using an EAP authentication method, and the

client and server generate a pairwise master key (PMK). The server generates the PMK dynamically and

passes it to the access point. Using WPA or WPA2 passphrase, however, you configure a passphrase (or

pre-shared key) on both the client and the access point, and that passphrase is used as the PMK.

Refer to the following pages for instructions on enabling these WPA variations:

•

WPA must also be enabled on the access point. To use WPA, access points must use Cisco IOS Release

Note

12.2(11)JA or later. To use WPA2, access points must use Cisco IOS Release 12.3(2)JA or later. Refer

to the documentation for your access point for instructions on enabling this feature.

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide

OL-4211-05

The RADIUS server transmits the key to the access point using a secure channel on the wired LAN.

For the length of a session, or time period, the access point and the client use this key to encrypt or

decrypt all unicast packets (and broadcast packets if the access point is set up to do so) that travel

between them.

LEAP,

page 5-29

EAP-FAST,

page 5-34

EAP-TLS, PEAP (EAP-GTC), or PEAP (EAP-MSCHAP V2),

WPA/WPA2 passphrase,

page 5-28

LEAP with WPA/WPA2,

page 5-29

EAP-FAST with WPA/WPA2,

EAP-TLS with WPA/WPA2,

PEAP (EAP-GTC) with WPA/WPA2,

PEAP (EAP-MSCHAP V2) with WPA/WPA2,

page 5-34

page 5-45

page 5-48

page 5-52

Setting Security Parameters

page 5-44

5-19

Table of Contents

This manual is also suitable for:

Aironet pi21ag

Wpa And Wpa2 - Cisco Aironet CB21AG Installation And Configuration Manual

WPA and WPA2

Related Manuals for Cisco Aironet CB21AG

Related Content for Cisco Aironet CB21AG

This manual is also suitable for:

Table of Contents