3com WXR100 3CRWXR10095A User Manual

302

HAPTER

13: C

ONFIGURING

SER

NCRYPTION

To configure an SSID that uses service profile wepsrvc4 to use WEP key
index 4 for encrypting unicast traffic, type the following command:

WX1200# set service-profile wepsrvc4 wep
active-unicast-index 4
success: change accepted.

Encryption
Configuration
Scenarios

The following scenarios provide examples of ways in which you can
configure encryption for network clients:

“Enabling WPA with TKIP” on page 302

“Enabling Dynamic WEP in a WPA Network” on page 304

“Configuring Encryption for MAC Clients” on page 306

Enabling WPA with

TKIP

The following example shows how to configure MSS to provide
authentication and TKIP encryption for 801.X WPA clients. This example
assumes that pass-through authentication is used for all users. A RADIUS
server group performs all authentication and authorization for the users.

1 Create an authentication rule that sends all 802.1X users of SSID mycorp

in the EXAMPLE domain to the server group shorebirds for
authentication. Type the following command:

WX1200# set authentication dot1x ssid mycorp EXAMPLE\*
pass-through shorebirds

2 Create a service profile named wpa for the SSID. Type the following

command:

WX1200# set service-profile wpa
success: change accepted.

3 Set the SSID in the service profile to mycorp. Type the following

command:

WX1200# set service-profile wpa ssid-name wpa
success: change accepted.

4 Enable WPA in service profile wpa. Type the following command:

WX1200# set service-profile wpa wpa-ie enable
success: change accepted.

TKIP is already enabled by default when WPA is enabled.

5 Display the service profile wpa to verify the changes. Type the following

command: