Configuring rsn security ie, Configuring cipher suite, Configuring wep cipher suite – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 70
58
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter WLAN service
template view.
wlan service-template
service-template-number crypto
N/A
3.
Enable the WPA-IE in the
beacon and probe
responses.
security-ie wpa
By default, WPA-IE is disabled.
Configuring RSN security IE
An RSN is a security network that allows only the creation of robust security network associations
(RSNAs). An RSN can be identified by the indication in the RSN Information Element (IE) of beacon
frames. It provides greater protection than WEP and WPA.
To configure RSN security IE:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter WLAN service
template view.
wlan service-template
service-template-number crypto
N/A
3.
Enable the RSN security IE
in the beacon and probe
responses.
security-ie rsn
By default, RSN-IE is disabled.
Configuring cipher suite
A cipher suite is used for data encapsulation and de-encapsulation. It uses the following encryption
methods:
•
WEP40/WEP104/WEP128
•
TKIP
•
CCMP
Configuring WEP cipher suite
1.
Configure static WEP encryption
The WEP encryption mechanism requires that the authenticator and clients on a WLAN have the
same key configured. WEP adopts the RC4 algorithm (a stream encryption algorithm), supporting
WEP40, WEP104 and WEP128 keys.
WEP can be used with either open system authentication mode or shared key authentication
mode:
{
In open system authentication mode, a WEP key is used for encryption only. A client can access
the WLAN without having the same key as the authenticator. But, if the receiver has a different
key from the sender, it discards the packets received from the sender.
{
In shared key authentication mode, the WEP key is used for both encryption and authentication.
If the key of a client is different from that of the authenticator, the client cannot pass the
authentication and cannot access the WLAN.
To configure static WEP encryption: