Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

362

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

Chapter 12

Configuring Authentication Types

• To enable CCKM for an SSID, you must also enable Network-EAP

authentication. When CCKM and Network EAP are enabled for an
SSID, client devices using LEAP, EAP-FAST, PEAP/GTC, MSPEAP,
EAP-TLS, and EAP-FAST can authenticate by using the SSID.

• To enable WPA for an SSID, you must also enable Open authentication

or Network-EAP or both.

When you enable both WPA and CCKM for an SSID, you must enter
wpa first and cckm second. Any WPA client can attempt to
authenticate, but only CCKM voice clients can attempt to
authenticate.

Before you can enable CCKM or WPA, you must set the encryption
mode for the SSID’s VLAN to one of the cipher suite options. To
enable both CCKM and WPA, you must set the encryption mode to a
cipher suite that includes TKIP.

See the

Configuring Cipher Suites and WEP on page 343

for

instructions on configuring the VLAN encryption mode.

If you enable WPA for an SSID without a pre-shared key, the key
management type is WPA. If you enable WPA with a pre-shared key,
the key management type is WPA-PSK.

• See the

Configuring Additional WPA Settings on page 364

for

instructions on configuring a pre-shared key.

• See

Configuring WDS, Fast Secure Roaming, Radio Management, and

Wireless Intrusion Detection Services on page 375

for detailed

instructions on setting up your wireless LAN to use CCKM and a subnet
context manager.

7. Return to privileged EXEC mode.

end

8. (Optional) Save your entries in the configuration file.

copy running-config startup-config