Solved

WPA or WPA2 or Both?

Posted on 2006-05-11
14
2,367 Views
Last Modified: 2013-11-12
I see the following on my router's setup page, and I don't know if I should enable WPA, WPA2 or both?  Will this slow my wireless network down due to having to encrypt decrypt the data it sends?

http://www.davidgareau.com/expertExchange/WPA%20&%20WPA2.JPG

0
Comment
Question by:davidgareau
  • 4
  • 4
  • 2
  • +2
14 Comments
 

Author Comment

by:davidgareau
Comment Utility
Also, TKIP is stronger than AES, right? But is TKIP+AES (a third option) even better?
And what about the group key renewal? Is 3600 second one good?
0
 
LVL 5

Accepted Solution

by:
Mad_Jasper earned 168 total points
Comment Utility
I have noticed no slow down in my wireless network since implementation of WPA/TKIP. I would have used WPA 2, but had some compliancy issues that will be addressed in the upcoming budget year.

In my network, we have 80 wireless laptops and 6 wireless printers, and 11 Cisco 1200 APs. Each laptop is configured by Group Policy to be auto rolled by our Certificate Authority. The CA is also our Radius server which authenticates the APs. All WLAN settings are distributed to the laptops via Group Policy so I never have to touch a laptop once it is imaged.

In order to access our network, the laptop must have certificate, the laptop must be a member of the domain, and the user that logs on to the laptop must be a member of the domain. It would VERY difficult to hack into our network via the WLAN.
0
 
LVL 5

Expert Comment

by:Mad_Jasper
Comment Utility
AES is stronger, but not all client hardware is compatible. Using AES may require hardware/firmware upgrades.
0
 
LVL 8

Expert Comment

by:hiteshgupta1
Comment Utility
how many nodes do u have in ur network??
0
 
LVL 4

Assisted Solution

by:amanzoor
amanzoor earned 166 total points
Comment Utility
0
 

Author Comment

by:davidgareau
Comment Utility
I have 3 nodes in the network.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:davidgareau
Comment Utility
What I'm most confused by is that I have the option of using WPA, WPA2 or both.
And I also have the options of using TKIP, AES or a combo TKIP+AES

0
 
LVL 5

Expert Comment

by:Mad_Jasper
Comment Utility
Either way, WPA or WPA 2 is more secure than WEP. WPA/TKIP has worked very well for us.
0
 
LVL 5

Expert Comment

by:Blue_Rishi
Comment Utility
Hi,

The way it works on my linksys wrt54g v.3.1; combo settings will allow clients to use either WPA or WPA2.
I use WPA2 myself with TKIP+AES, so I can use AES encryption on cards that support it and use TKIP otherwise.

Grz Blue Rishi

0
 

Author Comment

by:davidgareau
Comment Utility
Thanks, so, I have 3 wireless USB adapters, all the same that support WPA2 and AES, so I should just set my router to allow only those two?  Is there any benefit to allowing the others if I don't plan on adding any other clients?
And you have experienced speed with WPA2 + AES that is about the same as without any security in place?

thanks
david
0
 
LVL 5

Expert Comment

by:Mad_Jasper
Comment Utility
I would use the strongest encryption that you network supports. I can't speak for WPA2 + AES for speed, but I have WPA + TKIP and 80 wireless clients, migrated from WEP and I have seen no difference when roaming to other access points.
0
 
LVL 5

Assisted Solution

by:Blue_Rishi
Blue_Rishi earned 166 total points
Comment Utility
> Is there any benefit to allowing the others if I don't plan on adding any other clients?

Nope, unless you need to swap hardware that might not support WPA2/AES or get visitors without support on a regular basis.

> And you have experienced speed with WPA2 + AES that is about the same as without any security in place?

I notice no difference when coping large amounts of data. It should not affect transmit rates, only tax the wifi-adapter or take a few cpu cycles depending on hardware/driver. So, under heavy load it could up the latency which could affect performance during gaming. However, I have had no problems with this so far.

Blue Rishi
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now