Manualshelf

User's Manual

ManualsBrandsMoxa ManualsElectronicsNport Device Server
71727374757677787980
NPort W2150A/W2250A Series Web Console: Network Settings
7-18
Encryption
Default Disable
Options Disable, WEP, TKIP, AES-CCMP
Description This field specifies the type of encryption to use during wireless communication. Different
encryption methods are available depending on the Authentication setting. Also, each
encryption method has its own set of parameters that may also require configuration.
Disable: No encryption is applied to the data during wireless communication. This option is
only available if Authentication is set to Open System.
WEP: Wired Equivalent Privacy (WEP) is only available for Open System and Shared Key
authentication methods. Data is encrypted according to a key. The NPort supports both 64
and 128-bit keys. This method may deter casual snooping but is not considered very
secure.
TKIP: Temporal Key Integrity Protocol (TKIP) is only available for WPA, WPA2, WPA-PSK,
and WPA2-PSK authentication methods. TKIP is part of a draft standard from the IEEE
802.11i working group and utilizes the RC4 stream cipher with 128-bit keys for encryption
and 64-bit keys for authentication. TKIP improves on WEP by adding a per-packet key
mixing function to de-correlate the public initialization vectors (IVs) from weak keys.
AES-CCMP: This is a powerful encryption method that is only available for WPA, WPA2,
WPA-PSK, and WPA2-PSK authentication methods. Advanced Encryption Standard (AES) is
the block cipher system used by the Robust Secure Network (RSN) protocol and is
equivalent to the RC4 algorithm used by WPA. CCMP is the security protocol used by AES,
equivalent to TKIP for WPA. Data undergoes a Message Integrity Check (MIC) using a
well-known and proven technique called Cipher Block Chaining Message Authentication
Code (CBC-MAC). The technique ensures that even a one-bit alteration in a message
produces a dramatically different result. Master keys are not used directly but are used to
derive other keys, each of which expire after a certain amount of time. Messages are
encrypted using a secret 128-bit key and a 128-bit block of data. The encryption process
is complex, but the administrator does not need to be aware of the intricacies of the
computations. The end result is encryption that is much harder to break than even WPA.
PSK Passphrase
Default
Options free text (e.g., “This is the WLAN passphrase”)
Description This field is only available for WPA-PSK and WPA2-PSK authentication methods. If the
NPort’s passphrase does not match the AP’s passphrase, the connection will be denied. A
PSK of sufficient strength—one that uses a mix of letters, numbers and non-alphanumeric
characters—is recommended.