User's Manual

ManualsBrandsSMC Networks ManualsAccess PointsSMC Networks WAP5110

Chapter 6

| Wireless Settings

Virtual Access Points (VAPs)

– 80 –

on the access point and all wireless clients. The PSK mode uses the same

TKIP packet encryption and key management as WPA in the enterprise,

providing a robust and manageable alternative for small networks.

■

WPA2: WPA was introduced as an interim solution for the vulnerability of

WEP pending the ratification of the IEEE 802.11i wireless security standard.

In effect, the WPA security features are a subset of the 802.11i standard.

WPA2 includes the now ratified 802.11i standard, but also offers backward

compatibility with WPA. Therefore, WPA2 includes the same 802.1X and PSK

modes of operation and support for TKIP encryption.

■

WPA2-PSK: Clients using WPA2 with a Pre-shared Key are accepted for

authentication.

■

WPA-WPA2 Mixed: Clients using WPA or WPA2 are accepted for

authentication.

■

WPA-WPA2-PSK-mixed: Clients using WPA or WPA2 with a Pre-shared Key

are accepted for authentication.

◆ Encryption Method — Selects an encryption method for the global key used

for multicast and broadcast traffic, which is supported by all wireless clients.

■

WEP: WEP is used as the multicast encryption cipher. You should select

WEP only when both WPA and WEP clients are supported.

■

TKIP: TKIP is used as the multicast encryption cipher.

■

AES-CCMP: AES-CCMP is used as the multicast encryption cipher. AES-

CCMP is the standard encryption cipher required for WPA2.

◆ 802.1X — The access point supports 802.1X authentication only for clients

initiating the 802.1X authentication process (i.e., the access point does not

initiate 802.1X authentication). For clients initiating 802.1X, only those

successfully authenticated are allowed to access the network. For those clients

not initiating 802.1X, access to the network is allowed after successful wireless

association with the access point. The 802.1X mode allows access for clients not

using WPA or WPA2 security.

◆ Pre-Authentication — When using WPA2 over 802.1X, pre-authentication can

be enabled, which allows clients to roam to a new access point and be quickly

associated without performing full 802.1X authentication. (Default: Disabled)

◆ 802.1x Reauthentication Time — The time period after which a connected

client must be re-authenticated. During the re-authentication process of

verifying the client’s credentials on the RADIUS server, the client remains

connected the network. Only if re-authentication fails is network access

blocked. (Range: 0-65535 seconds; Default: 0 means disabled)