Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
618
Views
0
Helpful
1
Replies

Do I use dynamic WEP?

jferr
Level 1
Level 1

‎06-12-2002 12:15 PM - edited ‎07-04-2021 11:14 PM

I admit: I don't use RADIUS! I've got many (in my opinion) good reasons why not - I won't bother you with that.

I configure my BR350 with static 128 bit keys as they're supposed to link two LANs. I tell those boxes to expire the key at some time and expects the software to exchange some new keys.

But do they shift keys? Or do I in fact keep using my static keys?

Would it be possible anyway to use that RADIUS-thing? I mean - the only connection to the outside world from the 'satelite-LAN' is through the air. And the boxes are set up only to accept encrypted traffic in order to keep everybody else away.

Best regards

Jan Ferré

Labels:
0 Helpful
1 Reply 1

bmcmurdo
Cisco Employee
Cisco Employee

‎06-12-2002 12:31 PM

A RADIUS server is necessary for Dynamic WEP keys.

If you don't use a RADIUS server you can still get Ciscos enhancements to **static** WEP. There are;

Message Integrity Check (MIC)

MIC prevents attacks on encrypted packets called bit-flip attacks. During a bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and retransmits it, and the receiver accepts the retransmitted message as legitimate. The MIC, implemented on both the bridge and all associated client devices, adds a few bytes to each packet to make the packets tamper-proof.

Temporal Key Integrity Protocol (TKIP)

Temporal Key Integrity Protocol (TKIP), also known as WEP key hashing, defends against an attack on WEP in which the intruder uses an unencrypted segment called the initialization vector (IV) in encrypted packets to calculate the WEP key. TKIP removes the predictability that an intruder relies on to determine the WEP key by exploiting IVs. TKIP protects both unicast and broadcast WEP keys.

Further information on Cisco Bridge security features is available here;

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/350brdgs/brscg/br350ch4.htm

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card