said by pwanghk:
I am all confuse. Based on your explanation, I don't need to change the shared key on the router. Just set it and forget it.
What I don't understand is why my desktop PC connecting to the Westell via D-LINK USB 54G stops functioning every couple of month or so. At this point I need to set up a new shared key to re-establish the connection.
As stated above, the PTK does not change until the wireless client reconnects to the access point. The 802.11i design requirements prevent reuse of a sequence number when using TKIP, or a packet number when using CCMP. If the number space is exhausted, a fresh temporal key must be used, or communications must end. This should not be an issue, unless the client remains connected to the access point for an extended period of time.
It is possible that the D-Link stops operating because the number space is being exhausted after a month or two. That meets the 802.11i design requirements.
It could also be a bug in the D-Link or the access point.
When I set up my wireless network I let XP Prof sp2 automatically manage my network key. How does this thing work after you authenticate your Wireless PC with the router? Does XP generates the network key randomly and automatically? Does the network key changes periodically? If so, how can the router and the wireless PC identify each other with a different keys? Is it possible to set a duration for this network key to be expired at a predefined interval 3, 6, 12 months etc?
Authentication occurs during a 4-way handshake between the wireless device and the access point. This produces a unique PTK from the PMK, access point nonce, wireless client nonce, and MAC addresses of the access point and the wireless client. The nonces are random numbers.
The PTK does not change, unless re-authentication occurs. In typical wireless devices used by homeowners, re-authentication only occurs when the wireless client disconnects and then reconnects. Some access points include a re-authentication time period, in addition to the group re-key time period. When the re-authentication time period expires, the access point starts the 4-way handshake again. This produces a fresh PTK. The typical re-authentication time period is 30 minutes.
If your access point does not include a re-authentication timer, you should disconnect and then reconnect your wireless client at regular intervals to produce a fresh temporal key.