Enterasys Networks 9033900-04 Benutzerhandbuch
Security
4-74
Advanced Configuration
CLI Commands for 802.1x Authentication
Use the 802.1x supported or 802.1x required command from the Interface Wireless or Interface
Wireless: VAP configuration modes to enable 802.1x authentication, or the no 8021.x to disable it.
Use the 802.1x broadcast‐key‐refresh‐rate, 802.1x session‐key‐refresh‐rate, and 802.1x session‐
timeout commands to set the broadcast and session key refresh rates, and the re‐authentication
timeout. To display the current settings, use the show interface wireless <a|g> <vap#> command
from the Exec mode (not shown here).
Wireless: VAP configuration modes to enable 802.1x authentication, or the no 8021.x to disable it.
Use the 802.1x broadcast‐key‐refresh‐rate, 802.1x session‐key‐refresh‐rate, and 802.1x session‐
timeout commands to set the broadcast and session key refresh rates, and the re‐authentication
timeout. To display the current settings, use the show interface wireless <a|g> <vap#> command
from the Exec mode (not shown here).
Using the CLI for WEP Shared Key Security
From the interface wireless or interface wireless: VAP configuration modes, use the
authentication command to enable WEP shared‐key authentication and the encryption command
to enable WEP encryption. Use the multicast‐cipher command to select WEP cipher type for
broadcasting and multicasting. To enter WEP keys, use the key command (from the interface
wireless mode only), and then set one key as the transmit key using the transmit‐key command. If
necessary, disable 802.1x port authentication with the no 802.1x command. To view the current
security settings, use the show interface wireless a <vap#> or show interface wireless g <vap#>
command.
authentication command to enable WEP shared‐key authentication and the encryption command
to enable WEP encryption. Use the multicast‐cipher command to select WEP cipher type for
broadcasting and multicasting. To enter WEP keys, use the key command (from the interface
wireless mode only), and then set one key as the transmit key using the transmit‐key command. If
necessary, disable 802.1x port authentication with the no 802.1x command. To view the current
security settings, use the show interface wireless a <vap#> or show interface wireless g <vap#>
command.
RoamAbout 3000#configure
Enter configuration commands, one per line. End with CTRL/Z
RoamAbout 3000(config)#interface wireless g
Enter Wireless configuration commands, one per line.
RoamAbout 3000(if-wireless g)#802.1x supported
RoamAbout 3000(if-wireless g)#802.1x broadcast-key-refresh-rate 5
RoamAbout 3000(if-wireless g)#802.1x session-key-refresh-rate 5
RoamAbout 3000(if-wireless g)#802.1x session-timeout 300
RoamAbout 3000(if-wireless g)#vap 4
RoamAbout 3000(if-wireless g: VAP[4])#802.1x required
RoamAbout 3000(if-wireless g: VAP[4])#802.1x broadcast-key-refresh-rate 5
RoamAbout 3000(if-wireless g: VAP[4])#802.1x session-key-refresh-rate 5
RoamAbout 3000(if-wireless g: VAP[4])#802.1x session-timeout 300
RoamAbout 3000(if-wireless g: VAP[4])#exit
RoamAbout 3000#
Note: The index and length values used in the key command must be the same values used in the
encryption and transmit-key commands.
encryption and transmit-key commands.