Cisco 7920 Administration Guide - Page 49
Choosing Authentication and Encryption Methods - setup
UPC - 746320774732
View all Cisco 7920 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 49 highlights
Chapter 2 An Overview of the Wireless Network Components of the VoIP Wireless Network • WEP -When using WEP in the wireless network, authentication happens at the access point by using open or shared-key authentication. The WEP key that is setup on the phone must match with the WEP key that is configured at the access point for successful connections. The Cisco Wireless IP Phone 7920 supports WEP keys that use 40-bit encryption or a 128-bit encryption and remain static on the phone and access point. LEAP and CCKM authentication can use WEP keys for encryption. The RADIUS server manages the WEP key and passes a unique key to the access point after authentication for encrypting all voice packets; consequently, these WEP keys can change with each authentication. • Temporal Key Integrity Protocol (TKIP)-WPA and CCKM use TKIP encryption that has several improvements over WEP. TKIP provides per-packet key ciphering and longer initialization vectors (IVs) that strengthen encryption. In addition, a message integrity check (MIC) ensures that encrypted packets are not being altered. TKIP removes the predictability of WEP that helps intruders decipher the WEP key. Note The Cisco Wireless IP Phone 7920 does not support Cisco Key Integrity Protocol (CKIP) with CMIC or Advanced Encryption Standard (AES) encryption. Choosing Authentication and Encryption Methods Authentication and encryption schemes are setup within the wireless LAN. VLANS are configured in the network and on the access points and specify different combinations of authentication and encryption. An SSID is associated with a VLAN and its particular authentication and encryption scheme. In order for wireless client devices to authenticate successfully, you must configure the same SSIDs with their authentication and encryption scheme requirements on the access points and on the wireless client devices, such as the Cisco Wireless IP Phone. Some authentication schemes require specific types of encryption. With Open authentication, you have the option to use static WEP for encryption and added security. But if you are using Shared Key authentication, you must set static WEP for encryption, and you must configure the WEP key on the phone. OL-7104-01 Cisco Wireless IP Phone 7920 Administration Guide for Cisco CallManager Release 4.0 and 4.1 2-15