Configuring group key updates – Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual
Page 365
Rockwell Automation Publication 1783-UM006A-EN-P - May 2014
365
Configuring Authentication Types
Chapter 12
Configuring Group Key Updates
In the last step in the WPA process, the access point distributes a group key to the
authenticated client device. You can use these optional settings to configure the
access point to change and distribute the group key based on client association
and disassociation:
• Membership termination
The access point generates and distributes a new group key when any
authenticated device disassociates from the access point. This feature keeps
the group key private for associated devices, but it can generate some
overhead traffic if clients on your network roam frequently among access
points.
• Capability change
The access point generates and distributes a dynamic group key when the
last non-key management (static WEP) client disassociates, and it
distributes the statically configured WEP key when the first non-key
management (static WEP) client authenticates. In WPA migration mode,
this feature significantly improves the security of key-management capable
clients when there are no static-WEP clients associated to the access point.
Beginning in privileged EXEC mode, follow these steps to configure a WPA pre-
shared key and group key update options:
1. Enter global configuration mode.
configure terminal
2. Enter SSID configuration mode for the SSID.
ssid ssid-string
3. Enter a pre-shared key for client devices by using WPA that also use static
WEP keys.
wpa-psk { hex | ascii } [ 0 | 7 ] encryption-key
Enter the key by using either hexadecimal or ASCII characters. If you use
hexadecimal, you must enter 64 hexadecimal characters to complete the
256-bit key. If you use ASCII, you must enter a minimum of 8 letters,
numbers, or symbols, and the access point expands the key for you. You can
enter a maximum of 63 ASCII characters.
1. Enter interface configuration mode for the radio interface.
interface dot11radio { 0 | 1 }
• The 2.4 GHz radio and the 2.4 GHz 802.11n radio is 0.
• The 5 GHz radio and the 5 GHz 802.11n radio is 1.