Enabling and disabling broadcast key rotation – Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Page 349

Advertising
background image

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

349

Configuring Cipher Suites and WEP

Chapter 11

key management type. This table lists the cipher suites that are compatible with
WPA and CCKM.

For a complete description of WPA

and instructions for configuring

authenticated key management, see

Using WPA Key Management on page 357

.

Enabling and Disabling Broadcast Key Rotation

Broadcast key rotation is disabled by default. Client devices using static WEP
cannot use the access point when you enable broadcast key rotation. Broadcast
key rotation is supported only when using key management (such as dynamic
WEP (802.1x), WPA with EAP, or preshared key).

Beginning in privileged EXEC mode, follow these steps to enable broadcast key
rotation:

1. Enter global configuration mode.

configure terminal

2. Enter interface configuration mode for the radio interface.

The 2.4 GHz radio and the 2.4 GHz 802.11n radio is 0.
The 5 GHz radio and the 5 GHz 802.11n radio is 1.

interface dot11radio { 0 | 1 }

Table 94 - Cipher Suites Compatible with WPA and CCKM

Authenticated Key Management Types

Compatible Cipher Suites

CCKM

encryption mode ciphers wep128
encryption mode ciphers wep40
encryption mode ciphers ckip
encryption mode ciphers cmic
encryption mode ciphers ckip-cmic
encryption mode ciphers tkip
encryption mode aes

WPA

encryption mode ciphers tkip
encryption mode ciphers tkip wep128
encryption mode ciphers tkip wep40
encryption mode ciphers eas
Encryption mode ciphers tkip wep128 and tkip wep-40 can only be
used is WPA is configured as optional.

IMPORTANT

If using WPA and CCKM as key management, only tkip and aes ciphers are
supported. If using only CCKM as key management, ckip, cmic, ckip-cmic, tkip,
wep, and aes ciphers are supported.

When you configure the cipher TKIP (not TKIP + WEP 128 or TKIP + WEP 40)
for an SSID, the SSID must use WPA or CCKM key management. Client
authentication fails on an SSID that uses the cipher TKIP without enabling WPA
or CCKM key management.

Advertising
Popular Brands
Popular manuals