Security Setup

The Intel® PRO/Wireless 2011B LAN Access Point supports four encryption keys. Each key enables encryption between the access point and an associated client with the same encryption key and key value. The Web interface Security Setup screen or the Management Console Encryption Key Maintenance screen allows you to configure the encryption keys used for the site network. To use the access point without encryption (Open Mode), select Disabled for the WEP (privacy) setting on the RF Configuration screen.

The access point supports three encryption methods: Open, 64-bit WEP, and 128-bit WEP. Open encryption means that no encryption method is used. 128-bit WEP provides more security than 64-bit WEP. 64-bit WEP is also called 40-bit WEP.

This table shows the access point association capability with the selected Wired Equivalent Privacy (WEP) Algorithm.

    Access Point Selected WEP Algorithm

    Client Selected     WEP Algorithm

    Association Status

    Open (disable)

    Open

    Associated

    Open (disable)

    64

    No Association

    Open (disable)

    128

    No Association

    64

    Open

    No Association

    64

    64

    Associated

    64

    128

    Associated, but cannot transmit data

    128

    Open

    No Association

    128

    64

    Associated, but cannot transmit data

    128

    128

    Associated

Use caution when assigning keys. Keys must be in the same order with the same value per key for the access point and client to authenticate data transmission using encryption. For example, if an access point uses Key 1 with a value of 1011121314 the associated client requires the same Key 1 to have the value 1011121314.

NOTE: Some countries do not have access to the 128-bit encryption screens due to encryption export restrictions. To access the 128-bit encryption screens, see Intel Technical Support website (http://support.intel.com) or the Intel Networking and Communications Products website (http://www.intel.com/network) for a unique access code to enable this feature.

Enabling Encryption

Web Interface

  1. Under Configuration on the left side of the screen, click Security.
  2. Configure the access point system settings as required.
  3. After changing the settings, click Save Settings at the bottom of the screen.

 

Management Console

  1. Select Set RF Configuration from the Main Menu.
  2. Select WEP (Privacy) on the RF Configuration screen.
  3. Use the arrow keys to change the setting to Enabled.
  4. Select the strength of WEP algorithm.
  5. Select OK or Save to register the settings.
  6. Select Save ALL APs-[F2] to save the RF Configuration information to all access points with the same SSID. This option saves the configuration changes for the current access point and sends two messages to all other access points on the Known APs table to update their configuration and reset after the configuration has been modified. You can perform this option only among the same hardware platforms and same firmware versions.

Parameter Descriptions

For the Management Console, the descriptions in this table cover the settings highlighted on the right side of the RF Configuration screen.

WEP (Privacy)

Defines the Wired Equivalent Privacy (WEP) algorithm. You must have Admin privileges to make changes to this parameter. The default is Disabled.

WEP Algorithm

Defines the number of bits and the type of WEP algorithm used. You must have Admin privileges to make changes to this parameter. The default is 40 bit shared key.

Encryption Key ID

Change the Active Key number. You must have Admin privileges to make changes to this parameter. The default key ID is 1. Reset the access point to have the new key value become the active key.

Encryption Key Maintenance

Change the values for each encryption key. You must have Admin privileges to make changes to this parameter.

Enable Strong Encryption

Allows access to and use of the 128-bit encryption keys. Some countries do not have access to the 128-bit encryption screens due to encryption export restrictions. To access the 128-bit encryption key screen contact the Intel Customer Support Center for a unique access code to enable this feature.

Encryption Key Maintenance

Depending on the strength of encryption determined by the WEP algorithm, two screens are available—one for 64-bit (identified in the interface as 40-bit encryption) and one for 128-bit encryption.

Web Interface (128-bit shown)

  1. Under Configuration on the left side of the screen, click Security.
  2. Under Encryption Key Setup click Modify. 
  3. Enter the values for the key in the fields.
  4. Click Save Settings to register settings by writing changes to NVM.
  5. Click Security Homepage to return to the previous screen.

Management Console (128-bit shown)

  1. Select Set RF Configuration from the Main Menu.
  2. Select Encryption Key Maintenance from the RF Configuration Menu.

  3. Enter the values for the key in the fields.

  4. Select OK or Save to register the settings by writing changes to NVM.
  5. Select Save ALL APs-[F2] to save the Encryption Key Maintenance information to all access points with the same SSID. This option saves the configuration changes for the current access point, and sends two messages to all other access points on the Known APs table to update their configuration and reset after the configuration has been modified. You can perform this option only among the same hardware platforms and same firmware versions.

 

64-Bit versus 128-Bit Encryption

Each 64-bit key has 40 bits available for configuration that are displayed in two 20-bit segments. The remaining 24 bits are factory set and not configurable. A 128-bit key has 124 bits available for configuration that are displayed in two 20-bit segments and four 16-bit segments. The remaining 24 bits are factory set and not configurable.

Enabling Strong Encryption

Some countries do not have access to the 128-bit encryption screens due to encryption export restrictions. For countries outside the United States an access code is required to enable Strong Encryption, like 128-bitt encryption. If you are eligible to use 128-bit strong encryption, you can contact Intel Support Center ( http://support.intel.com/support/network/#Wireless_Ethernet_LAN Top Technical Issues page and FAQ document), or the Intel Networking and Communications Division ( http://www.intel.com/network ), to obtain the Access Code.

  1. To enable Strong Encryption (128-bit encryption) select Enable Strong Encryption on the RF Configuration screen.
  2. Enter the acquired access code in the space provided.
  3. Select OK or Save to register settings by writing changes to NVM.
  4. Select Save ALL APs-[F2] to save the Enable Strong Encryption access code to all access points with the same SSID. This option saves the configuration changes for the current access point, and sends two messages to all other access points on the Known APs table to update their configuration and reset after the configuration has been modified. You can perform this option only among the same hardware platforms and same firmware versions.


Copyright© 2002 Intel Corporation. Legal Information