devices to authenticate successfully, you must configure the same SSIDs with their authentication and encryption
schemes on the APs and on the Cisco Desktop Collaboration Experience.
Some authentication schemes require specific types of encryption. With Open authentication, you can use
static WEP for encryption for added security. But if you are using Shared Key authentication, you must set
static WEP for encryption, and you must configure a WEP key on the phone.
When you use Authenticated Key Management (AKM) for the Cisco Desktop Collaboration Experience,
several choices for both authentication and encryption can be set up on the APs with different SSIDs. When
the phone attempts to authenticate, it chooses the AP that advertises the authentication and encryption scheme
that the phone can support. Auto (AKM) mode can authenticate by using WPA, WPA2, WPA pre-shared key,
or CCKM.
Note
•
When you use WPA pre-shared key or WPA2 pre-shared key, the pre-shared key must be statically
set on the phone. These keys must match the keys that are on the AP.
•
When you use Auto (AKM), encryption options are automatically configured for WPA, WPA2,
WPA Pre-shared key, WPA2 Pre-shared key, or CCKM.
•
In AKM mode, the phone authenticates with LEAP if the phone is configured with WPA, WPA2,
or CCKM key management, or if 802.1X is used.
•
The Cisco Desktop Collaboration Experience does not support auto EAP negotiation; to use
EAP-FAST mode, you must specify it.
The following table provides a list of authentication and encryption schemes that are configured on the Cisco
Aironet APs that the Cisco Desktop Collaboration Experience supports. The table shows the network
configuration option for the phone that corresponds to the AP configuration.
Table 20: Authentication and Encryption Schemes
Cisco Desktop Collaboration
Experience configuration
Cisco AP configuration
AuthenticationCommon
encryption
Key managementAuthentication
OpenNoneOpen
Open+WEPWEPOpen (Static WEP)
Shared+WEPWEPShared key (Static WEP)
LEAP or Auto (AKM)WEPOptional CCKMLEAP
802.1X
LEAP or Auto (AKM)TKIPWPA with optional
CCKM
LEAP
WPA
LEAP or Auto (AKM)AESWPA2LEAP
WPA2
Cisco Desktop Collaboration Experience DX650 Administration Guide, Release 10.1(1)
92
Security for Voice Communications in WLANs
To Next Page
Loading...
Need help?
General
