Configuring tkip cipher suite, Configuring aes-ccmp cipher suite, Configuring port security – H3C Technologies H3C MSR 50 User Manual

40

Step Command

Remarks

180.

Configure the WEP default
key.

wep default-key { 1 | 2 | 3 | 4 }
{ wep40 | wep104 | wep128 }
{ pass-phrase | raw-key } [ cipher |

simple ] key

By default, the WEP default key
index number is 1.

181.

Specify a key index
number.

wep key-id { 1 | 2 | 3 | 4 }

Optional.
By default, the key index number
is that configured with the wep

default-key command.

Configuring TKIP cipher suite

Message integrity check (MIC) is used to prevent attackers from data modification. It ensures data
security by using the Michael algorithm. When a fault occurs to the MIC, the device will consider that the

data has been modified and the system is being attacked. Upon detecting the attack, TKIP will suspend

within the countermeasure interval. No TKIP associations can be established within the interval.
To configure TKIP cipher suite:

Step Command

Remarks

182.

Enter system view.

system-view

N/A

183.

Enter WLAN service template
view.

wlan service-template
service-template-number crypto

N/A

184.

Enable the TKIP cipher suite.

cipher-suite tkip

By default, no cipher suite is
selected.

185.

Configure the TKIP

countermeasure interval.

tkip-cm-time time

Optional.
The default countermeasure

interval is 0 seconds. No
countermeasures are taken.

Configuring AES-CCMP cipher suite

Step Command

Remarks

186.

Enter system view.

system-view

N/A

187.

Enter WLAN service template
view.

wlan service-template

service-template-number crypto

N/A

188.

Enable the AES-CCMP cipher
suite.

cipher-suite ccmp

By default, no cipher suite is
selected.

Configuring port security

The authentication type configuration includes the following options:

•

PSK

•

802.1X

•

MAC

•

PSK and MAC