Configuring wpa security ie, Configuring rsn security ie, Configuring cipher suit – H3C Technologies H3C WA2600 Series WLAN Access Points User Manual

5-7

Disable 802.1X online user handshake function before starting PTK and GTK negotiation.

Configuring WPA security IE

Wi-Fi Protected Access (WPA) ensures greater protection than WEP. WPA operates in either WPA-PSK

(or called Personal) mode or WPA-802.1X (or called Enterprise) mode. In Personal mode, a pre-shared

key or pass-phrase is used for authentication. In Enterprise mode, 802.1X and RADIUS servers and the

Extensible Authentication Protocol (EAP) are used for authentication.

Follow these steps to configure WPA security IE:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter WLAN service template

wlan service-template
service-template-number crypto

Required

Enable the WPA security IE

security-ie wpa

Required

Configuring RSN security IE

An RSN is a security network that allows only the creation of robust security network associations

(RSNAs). An RSN can be identified by the indication in the RSN Information Element (IE) of beacon

frames. It provides greater protection than WEP and WPA.

Follow these steps to configure the RSN security IE:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter WLAN service template

wlan service-template
service-template-number crypto

Required

Enable the RSN security IE

security-ie rsn

Required

Configuring Cipher Suit

Cipher suite is used for data encapsulation and de-capsulation; it uses the following encryptions:

z

WEP40/WEP104/WEP128

z

TKIP

z

CCMP

Configuring WEP

1) Configure static WEP encryption

The WEP encryption mechanism requires that the authenticator and clients on a WLAN have the same

key configured. WEP adopts the RC4 algorithm (a stream encryption algorithm), supporting WEP40,

WEP104 and WEP128 keys.

WEP can be used with either open system authentication mode or shared key authentication mode: