3Com WX2200 3CRWX220095A Switch User Manual


 
302 CHAPTER 13: CONFIGURING USER ENCRYPTION
To configure an SSID that uses service profile wepsrvc4 to use WEP key
index 4 for encrypting unicast traffic, type the following command:
WX1200# set service-profile wepsrvc4 wep
active-unicast-index 4
success: change accepted.
Encryption
Configuration
Scenarios
The following scenarios provide examples of ways in which you can
configure encryption for network clients:
“Enabling WPA with TKIP” on page 302
“Enabling Dynamic WEP in a WPA Network” on page 304
“Configuring Encryption for MAC Clients” on page 306
Enabling WPA with
TKIP
The following example shows how to configure MSS to provide
authentication and TKIP encryption for 801.X WPA clients. This example
assumes that pass-through authentication is used for all users. A RADIUS
server group performs all authentication and authorization for the users.
1 Create an authentication rule that sends all 802.1X users of SSID mycorp
in the EXAMPLE domain to the server group shorebirds for
authentication. Type the following command:
WX1200# set authentication dot1x ssid mycorp EXAMPLE\*
pass-through shorebirds
2 Create a service profile named wpa for the SSID. Type the following
command:
WX1200# set service-profile wpa
success: change accepted.
3 Set the SSID in the service profile to mycorp. Type the following
command:
WX1200# set service-profile wpa ssid-name wpa
success: change accepted.
4 Enable WPA in service profile wpa. Type the following command:
WX1200# set service-profile wpa wpa-ie enable
success: change accepted.
TKIP is already enabled by default when WPA is enabled.
5 Display the service profile wpa to verify the changes. Type the following
command: