Here you configure the encryption method.
Important: The WEP process no longer provides adequate security and should only be used to integrate legacy clients that do not support a newer security method. If this is the case, we recommend that you isolate the WEP clients in their own VLAN to keep them separate from the rest of the WLAN infrastructure.
- SNMP ID:
- 2.20.3.4
- Console path:
- Setup > WLAN > Encryption
- Possible values:
- WEP-40-Bits
- AES with 40 bits key length
- WEP-104-Bits
- AES with 104 bits key length
- WEP-128-Bits
- AES with 128 bits key length
- WEP-40-Bits-802.1X
-
AES with 40 bits key length and 802.1X
Important: Note that 802.1X requires a RADIUS server profile to be specified as well.
- WEP-104-Bits-802.1X
-
AES with 104 bits key length and 802.1X
Important: Note that 802.1X requires a RADIUS server profile to be specified as well.
- WEP-128-Bits-802.1X
-
AES with 128 bits key length and 802.1X
Important: Note that 802.1X requires a RADIUS server profile to be specified as well.
- 802.11i-WPA-PSK
- WPA(2) with Pre-Shared-Key
- 802.11i-WPA-802.1X-192-Bits
-
WPA(2) with 802.1X and 192 bits key length
Important: Note that 802.1X requires a RADIUS server profile to be specified as well.
- Enhanced-Open
- Until now, hotspots were mainly operated without encryption, meaning that the data transmitted over the wireless interface was open to inspection. What also offers only limited security is the widespread practice of securing a hotspot with WPA2-PSK and publicly announcing the shared key, for example, on a poster. Since WPA2-PSK does not offer Perfect Forward Secrecy, an attacker who knows this key can use it to subsequently decrypt recordings of secure data traffic. The Enhanced Open method minimizes these risks. Clients that support this method use encrypted communication to prevent other users in the same radio cell from eavesdropping on their communications. The threat of a man-in-the-middle attack remains, but the risk is much lower than when using an unencrypted open hotspot. Just set the encryption method. That is all you need to do to encrypt communications for clients that support this method.