D-Link AirPremier DWL-2210AP Manual page 69

802.11g wireless adaptive access point

Hide thumbs Also See for AirPremier DWL-2210AP:

Quick installation manual (16 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

Table of Contents

Conﬁguring Security

Key Management Encryption Algorithm

WPA with RADIUS

provides dynamically

generated keys that

are periodically

refreshed.

There are different

Unicast

keys for

each station.

Recommendations

WPA

with

RADIUS

encryption algorithms used with WPA modes are far superior to the

for Static

WEP

or IEEE 802.1x modes. Therefore, CCMP (AES) or TKIP should be used

whenever possible. All WPA modes allow you to use these encryption schemes, so WPA

security modes are recommended above the others when using WPA is an option.

Additionally, this mode (WPA with RADIUS) incorporates a RADIUS server for user

authentication which gives it an edge over WPA-PSK.

Use the following guidelines for choosing options within the WPA with RADIUS security

mode:

The best security you can have to date on a wireless network is WPA with RADIUS

using CCMP (AES) encryption algorithm. AES is a symmetric 128-bit block data

encryption technique that works on multiple layers of the network. It is the most effective

encryption system currently available for wireless networks. If all clients or other APs

on the network are WPA/CCMP compatible, use this encryption algorithm.

The second best choice is WPA with RADIUS with the encryption algorithm set to

"Both" (that is, both TKIP and CCMP). This lets WPA client stations without CCMP

associate, uses TKIP for encrypting

to select whether to use CCMP or TKIP for

WPA conﬁguration allows more interoperability, at the expense of some security. Client

stations that support CCMP can use it for their

to-station interoperability problems with the "Both" encryption algorithm setting, then

you will need to select TKIP instead.

The third best choice is WPA with RADIUS with the encryption algorithm set to TKIP.

Some clients have interoperability issues with CCMP and TKIP enabled at the same

time. If you encounter this problem, then choose TKIP as the encryption algorithm.

This is the standard WPA mode, and most interoperable mode with client Wireless

software security features. TKIP is the only encryption algorithm that is being tested

Wi-Fi WPA

certiﬁcation.

• Temporal Key Integrity

Protocol (TKIP)

• Counter mode/CBC-MAC

Protocol (CCMP) Advanced

Encryption Standard (AES)

mode is the recommended mode. The

Multicast

User Authentication

Keentication

Remote Authentication Dial-In

User Service (RADIUS).

You have a choice of using

the D-Link DWL-2210AP

embedded RADIUS server or

an external RADIUS server.

The embedded RADIUS server

supports Protected

EAP

CCMP

and

Broadcast

frames, and allows clients

Unicast

(AP-to-single-station) frames. This

Unicast

frames. If you encounter AP-

(PEAP) and MSCHAP V2.

(AES) and

RC4

algorithm used

TKIP

Table of Contents

D-Link AirPremier DWL-2210AP Manual page 69

Related Manuals for D-Link AirPremier DWL-2210AP

Related Products for D-Link AirPremier DWL-2210AP

Table of Contents