beautypg.com

Brocade Mobility 5181 Access Point Product Reference Guide (Supporting software release 4.4.0.0) User Manual

Page 159

background image

Brocade Mobility 5181 Access Point Product Reference Guide

145

53-1002516-01

Configuring WPA2-CCMP (802.11i)

6

3. Select the WPA2/CCMP (802.11i) checkbox.

The WPA2/CCMP Settings field displays within the New Security Policy screen.

4. Ensure the Name of the security policy entered suits the intended configuration or function of

the policy.

5. Configure the Key Rotation Settings field as required to set Broadcast Key Rotation and the

update interval.

6. Configure the Key Settings area as needed to set an ASCII Passphrase and 128-bit key.

Default (hexadecimal) 256-bit keys for WP2A/CCMP include:

1011121314151617

18191A1B1C1D1E1F

2021222324252627

28292A2B2C2D2E2F

7. Configure the WPA2-CCMP Mixed Mode field as needed to allow WPA and WPA2 TKIP client

interoperation.

Broadcast Key
Rotation

Select the Broadcast Key Rotation checkbox to enable or disable
broadcast key rotation. When enabled, the key indices used for
encrypting/decrypting broadcast traffic will be alternatively rotated
on every interval specified in the Broadcast Key Rotation Interval.
Enabling broadcast key rotation enhances the broadcast traffic
security on the WLAN. This value is disabled by default.

Update broadcast
keys every
(300-604800
seconds)

Specify a time period in seconds to rotate the key index used for
the broadcast key. Set the interval to a shorter duration like 3600
seconds for tighter broadcast traffic security on the wireless LAN.
Set the interval to a longer duration like 86400 seconds for less
broadcast traffic security requirements. Default value is 86400
secs.

ASCII Passphrase

To use an ASCII passphrase (and not a hexadecimal value), select
the checkbox enter an alphanumeric string of 8 to 63 characters.
The string allows character spaces. The

Mobility 5181

Access Point

converts the string to a numeric value. This

passphrase saves the administrator from entering the 256-bit key
each time keys are generated.

256-bit Key

To use a hexadecimal value (and not an ASCII passphrase), select
the checkbox and enter 16 hexadecimal characters into each of
the four fields displayed.

Allow
WPA/WPA2-TKIP
clients

WPA2-CCMP Mixed Mode enables WPA2-CCMP, WPA-TKIP and
WPA2-TKIP clients to operate together on the network. Enabling
this option allows backwards compatibility for clients that support
WPA-TKIP and WPA2-TKIP but do not support WPA2-CCMP.
Brocade recommends enabling this feature if WPA-TKIP or
WPA2-TKIP supported Clients operate within a WLAN populated by
WPA2-CCMP enabled clients.

See also other documents in the category Brocade Computer Accessories: