Cisco Systems 12.4(25d)JA Universal Remote User Manual


 
10-8
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-29225-01
Chapter 10 Configuring Cipher Suites and WEP
Configuring Cipher Suites and WEP
Note If using WPA and CCKM as key management, only tkip and aes ciphers are supported. If using only
CCKM as key management, ckip, cmic, ckip-cmic, tkip, wep, and aes ciphers are supported.
Note When you configure the cipher TKIP (not TKIP + WEP 128 or TKIP + WEP 40) for an SSID, the SSID
must use WPA or CCKM key management. Client authentication fails on an SSID that uses the cipher
TKIP without enabling WPA or CCKM key management.
For a complete description of WPA and instructions for configuring authenticated key management, see
the “Using WPA Key Management” section on page 11-7.
Enabling and Disabling Broadcast Key Rotation
Broadcast key rotation is disabled by default.
Note Client devices using static WEP cannot use the access point when you enable broadcast key rotation.
Broadcast key rotation is supported only when using key management (such as dynamic WEP (802.1x),
WPA with EAP, or preshared key).
Table 10-3 Cipher Suites Compatible with WPA and CCKM
Authenticated Key Management Types Compatible Cipher Suites
CCKM
encryption mode ciphers wep128
encryption mode ciphers wep40
encryption mode ciphers ckip
encryption mode ciphers cmic
encryption mode ciphers ckip-cmic
encryption mode ciphers tkip
encryption mode aes
WPA
encryption mode ciphers tkip
encryption mode ciphers tkip wep128
encryption mode ciphers tkip wep40
encryption mode ciphers eas
Note Encryption mode ciphers tkip wep128 and
tkip wep-40 can only be used is WPA is
configured as optional.