Wireless/Redundant Edge Services xl Module Management and Configuration Guide WS.01.03 or greater
3-49
Wireless Local Area Networks (WLANs)
Configuring a WLAN
Table 3-4. Options for WPA/WPA2
Note that WPA2-enabled stations can connect to a WLAN that uses any of these
options, but that WPA-enabled stations can only connect to a WPA2 AES
WLAN if they have software to support AES encryption.
As noted above, for its standard Enterprise mode, WPA/WPA2 requires 802.1X
authentication. However, WPA can also function in Personal mode, typically
used for home networks, in which users enter a preshared key to authenticate
themselves. This means that you can select one of the WPA/WPA2 options
even if this WLAN does not use 802.1X authentication. (However, such a WLAN
is less secure.)
To configure WPA/WPA2 encryption, follow these steps:
1. Select Network Setup > WLAN Setup, select the WLAN, and click Edit.
2. Select either 802.1X EAP or No Authentication under Authentication in the
WLAN’s Edit screen.
3. Select your encryption protocol:
• To use TKIP only, select WPA/WPA2-TKIP under Encryption.
All RPs and wireless stations, both WPA and WPA2, will use TKIP to
generate all keys.
• To use AES only, select WPA2-AES under Encryption.
This option forces all wireless stations and RPs to use AES, the most
secure algorithm used for wireless encryption.
• You can alternatively select 802.11 Mixed Mode (WPA2/AES TKIP), which
is commonly used for networks migrating to WPA2 from WPA.
Encryption Option Multicast and Broadcast
Keys
Per-Session Keys Supported Stations
WPA/WPA2 TKIP TKIP TKIP WPA-enabled stations
WPA2-enabled stations
WPA2 AES AES AES WPA2-enabled stations
WPA-enabled stations
that support AES
802.11i Mixed Mode
(WPA2/AES-TKIP)
TKIP Negotiate either:
TKIP
AES
WPA-enabled stations
WPA2-enabled stations