3com WXR100 3CRWXR10095A User Manual
302
C
HAPTER
13: C
ONFIGURING
U
SER
E
NCRYPTION
To configure an SSID that uses service profile wepsrvc4 to use WEP key
index 4 for encrypting unicast traffic, type the following command:
index 4 for encrypting unicast traffic, type the following command:
WX1200# set service-profile wepsrvc4 wep
active-unicast-index 4
success: change accepted.
active-unicast-index 4
success: change accepted.
Encryption
Configuration
Scenarios
Configuration
Scenarios
The following scenarios provide examples of ways in which you can
configure encryption for network clients:
configure encryption for network clients:
Enabling WPA with
TKIP
The following example shows how to configure MSS to provide
authentication and TKIP encryption for 801.X WPA clients. This example
assumes that pass-through authentication is used for all users. A RADIUS
server group performs all authentication and authorization for the users.
authentication and TKIP encryption for 801.X WPA clients. This example
assumes that pass-through authentication is used for all users. A RADIUS
server group performs all authentication and authorization for the users.
1 Create an authentication rule that sends all 802.1X users of SSID mycorp
in the EXAMPLE domain to the server group shorebirds for
authentication. Type the following command:
authentication. Type the following command:
WX1200# set authentication dot1x ssid mycorp EXAMPLE\*
pass-through shorebirds
pass-through shorebirds
2 Create a service profile named wpa for the SSID. Type the following
command:
WX1200# set service-profile wpa
success: change accepted.
success: change accepted.
3 Set the SSID in the service profile to mycorp. Type the following
command:
WX1200# set service-profile wpa ssid-name wpa
success: change accepted.
success: change accepted.
4 Enable WPA in service profile wpa. Type the following command:
WX1200# set service-profile wpa wpa-ie enable
success: change accepted.
success: change accepted.
TKIP is already enabled by default when WPA is enabled.
5 Display the service profile wpa to verify the changes. Type the following
command: