3Com 3CRWE825075A-US User Guide - Page 44

The following sections describe how to configure each type of encryption. When you are finished configuring the encryption, click Apply. WPA Configuration To configure WPA encryption: 1 Under WPA Configuration, click the Required check box if you want to limit access to clients using WPA encryption. If you also want to allow WEP clients, do not check this box. 2 Select the Cipher Mode, which determines the method by which keys are computed. WEP is the weakest Multicast Cipher Mode and is only provided for support of legacy clients which do not fully support WPA. Clients associated with WPA-TKIP will have unicast packets directed at them with corresponding encryption keys. However, with WEP selected as the Cipher Mode, ALL multicast traffic is sent out with WEP encryption. It is recommended to only select WEP as the Cipher Mode if legacy client support is critical. AES - Advanced Encryption Standard (Highest Security) TKIP-(Temporal Key Integrity Protocol) provides per-packet key mixing, a message integrity check and a re-keying mechanism WEP-Provides standard WEP ciphering (Least Secure) 3 Select the type of WPA Key Management: WPA authentication over 802.1x (More secure, but requires a RADIUS authentication server setup. See WPA note below) WPA Pre-shared Key (PSK) (see WPA note below) 4 Select the Key Type: Hexadecimal (0~9, A~F; for example, D7 0A 9C 7F E5) Alphanumeric (0~9, A~F; for example 01234) 5 Enter the pre-shared key in the space provided if necessary. WPA Note: The WPA key management must match the settings on the Authentication Page. When using 802.1x, the access point uses session keys provided during the 802.1x EAP key exchange as the "seed key" for WPA. This is more secure than PSK, since each client starts with a unique session key for all subsequent keys generated. Otherwise, the PSK is used for the "seed key". The 802.1x Wireless Setup on the Authentication Page should be set as follows: 44