User Manual

ManualsBrandsPsion ManualsComputers & AccessoriesPSION TEKLOGIX WIRELESS GATEWAY 802.11a/b/g

151

152

153

154

155

156

157

158

159

160

Chapter 13: Configuring Security

WPA/WPA2 Enterprise (RADIUS)

138

Psion Teklogix 9160 Wireless Gateway User Manual

Cipher Suites

Select the cipher you want to use from the drop-down menu:

• TKIP

• CCMP (AES)

•Both

Temporal Key Integrity Protocol

(

TKIP

) is the default.

TKIP provides a more secure encryption solution than WEP keys. The TKIP process more frequently

changes the encryption key used and better ensures that the same key will not be re-used to encrypt

data (a weakness of WEP).

TKIP uses a 128-bit “temporal key” shared by clients and access points. The temporal key is com-

bined with the client's MAC address and a 16-octet initialization vector to produce the key that will

encrypt the data. This ensures that each client station uses a different key to encrypt data.

TKIP uses RC4 to perform the encryption, which is the same as WEP. But TKIP changes temporal

keys every 10,000 packets and distributes them, thereby greatly improving the security of the network.

Counter mode/CBC-MAC Protocol

(

CCMP

) is an encryption method for IEEE

802.11i

that uses

the

Advanced Encryption Algorithm

(

AES

). It uses a CCM combined with Cipher Block Chaining

Counter mode (CBC-CTR) and Cipher Block Chaining Message Authentication Code (CBC-MAC)

for encryption and message integrity.

When the authentication algorithm is set to “

Both

”, both TKIP and AES clients can associate with the

access point. Client stations configured to use WPA with RADIUS must have one of the following to

be able to associate with the AP:

• A valid TKIP RADIUS IP address and valid shared Key.

• A valid CCMP (AES) IP address and valid shared Key.

Clients not configured to use WPA with RADIUS will not be able to associate with AP.

Both

is the default. When the authentication algorithm is set to “Both”, client stations configured to

use WPA with RADIUS must have one of the following:

• A valid TKIP RADIUS IP address and RADIUS Key.

• A valid CCMP (AES) IP address and RADIUS Key.

Field Description

Table 13.12 WPA/WPA2 Enterprise (RADIUS) Security Settings