- Community Home
- >
- Networking
- >
- Wireless
- >
- M and MSM Series
- >
- Re: How secure is the client data tunnel?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2012 10:52 AM
тАО03-04-2012 10:52 AM
How secure is the client data tunnel?
Apologies if this is a repeat post - I thought i'd asked this questio but cant find it now
If I was to put an AP at another site and use the client data tunnel to tunnel over the internet back to the controller's internet port, is it secure and if so how secure? I assume the data is encrypted but to what level?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2012 01:24 PM
тАО03-04-2012 01:24 PM
Re: How secure is the client data tunnel?
Its not encrypted at all. For encryption you have to enable "Terminate WPA at the controller", which severely limits the maximum number of clients supported to 10 on a MSM710 and 50 on the MSM760 and 765zl. Its all in the MCG pdf.
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2012 02:14 PM
тАО03-04-2012 02:14 PM
Re: How secure is the client data tunnel?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2012 08:02 PM - edited тАО03-04-2012 08:04 PM
тАО03-04-2012 08:02 PM - edited тАО03-04-2012 08:04 PM
Re: How secure is the client data tunnel?
* Less security/better performance: This option provides security using a secret key that is attached to each packet. The key is rotated every 200 seconds. * High security/less performance : This option uses HMAC (Hash based message authentication code) to ensure the data integrity and authenticity of each packet. Performance is reduced due to the overhead needed to calculate HMAC. Regardless of the security me thod used, the client tunnel does not encrypt the data stream. To protect client traffic with encryption requires that client stations use WPA or VPN software. * Under Wireless protection, enable WPA with the Terminate WPA at the controller. This requires client stations that support WPA. * Use VPN-based authentication. See Securing wireless client sessions with VPNs on page 15-3.
Chapter 4: Working with VSCs -> VSC Configuration options -> Virtual AP -> Wireless Clients.
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-05-2012 05:22 AM
тАО03-05-2012 05:22 AM
Re: How secure is the client data tunnel?
Thanks Fredrik
I understand now, this setting is about how the controller authenticates the data. I thought it was about how it encrypts the data