SMC Networks SMC EliteConnect SMC2586W-G User Manual

Page 45

Advertising
background image

As illustrated in Fig. 46 when AP 1 and AP 2 are using the “This AP Only”
option, AP1 blocks wireless traffic between STA 1 and STA 2, while wireless
traffic between STA 2 and STA 3, which are associated with different APs, is
still allowed. If the “All APs in This Subnet” option is used as shown in Fig. 47,
AP 1 and AP 2 communicates with each other via an inter-AP protocol to
share their STA association information to block wireless traffic among all
the STAs.

There are up to 7 security modes:

• Open System. No authentication, no data encryption.

• Static WEP. WEP (Wired Equivalent Privacy) keys must be manually configured.

• Static TKIP (WPA-PSK). Only TKIP (Temporal Key Integrity Protocol)

mechanism of WPA (Wi-Fi Protected Access) is enabled. In this mode, you
have to specify the Pre-shared key, which will be used by the TKIP engine
as a master key to generate keys that actually encrypt outgoing packets
and decrypt incoming packets.

NOTE: The number of characters of the Pre-shared key setting must be at
least between 8 and can be up to 63.

• IEEE 802.1x EAP without Encryption (EAP-MD5). The IEEE 802.1x

functionality is enabled and the user-name/password-based EAP-MD5
authentication is used. No data encryption.

• IEEE 802.1x EAP with Static WEP (EAP-MD5). The IEEE 802.1x

functionality is enabled and the user-name/password-based EAP-MD5
authentication is used. Data encryption is achieved by static WEP.

• IEEE 802.1x EAP with Dynamic WEP (EAP-TLS, EAP-TTLS, PEAP). The

IEEE 802.1x functionality is enabled and dynamic WEP key distribution
authentication (EAP-TLS, EAP-TTLS, or PEAP) is used. Data encryption is
achieved by dynamic WEP.

• IEEE 802.1x EAP with Dynamic TKIP (WPA). This is a full WPA mode, in

which both the TKIP and IEEE 802.1x dynamic key exchange mechanisms
are enabled. The SMC2586W-G is highly secured in this mode.

In the above security modes, a back-end RADIUS (Remote Authentication
Dial-In User Service) server is needed if IEEE 802.1x functionality is enabled.
See Section 3.5.3 for more information about IEEE 802.1x and RADIUS.

According to the IEEE 802.11 standard, WEP can be used for authentication
and data encryption. Normally, Shared Key authentication is used if WEP
data encryption is enabled. In rare cases, Open System authentication may
be used when WEP data encryption is enabled. The Authentication algorithm
setting is provided for better compatibility with wireless client computers

44

Advertising
See also other documents in the category SMC Networks Hardware: