beautypg.com

Configuring rsn security ie, Configuring cipher suite, Configuring wep cipher suite – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 70

background image

58

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter WLAN service

template view.

wlan service-template
service-template-number crypto

N/A

3.

Enable the WPA-IE in the
beacon and probe

responses.

security-ie wpa

By default, WPA-IE is disabled.

Configuring RSN security IE

An RSN is a security network that allows only the creation of robust security network associations

(RSNAs). An RSN can be identified by the indication in the RSN Information Element (IE) of beacon
frames. It provides greater protection than WEP and WPA.
To configure RSN security IE:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter WLAN service
template view.

wlan service-template
service-template-number crypto

N/A

3.

Enable the RSN security IE

in the beacon and probe
responses.

security-ie rsn

By default, RSN-IE is disabled.

Configuring cipher suite

A cipher suite is used for data encapsulation and de-encapsulation. It uses the following encryption
methods:

WEP40/WEP104/WEP128

TKIP

CCMP

Configuring WEP cipher suite

1.

Configure static WEP encryption
The WEP encryption mechanism requires that the authenticator and clients on a WLAN have the
same key configured. WEP adopts the RC4 algorithm (a stream encryption algorithm), supporting

WEP40, WEP104 and WEP128 keys.
WEP can be used with either open system authentication mode or shared key authentication
mode:

{

In open system authentication mode, a WEP key is used for encryption only. A client can access
the WLAN without having the same key as the authenticator. But, if the receiver has a different
key from the sender, it discards the packets received from the sender.

{

In shared key authentication mode, the WEP key is used for both encryption and authentication.
If the key of a client is different from that of the authenticator, the client cannot pass the

authentication and cannot access the WLAN.

To configure static WEP encryption: