Filter
Top Products
Configuring user encryption 373
Nortel WLAN—Security Switch 2300 Series Configuration Guide
Configuring WPA
To configure AP radios to support WPA:
1 Create a service profile for each SSID that will support WPA clients.
2 Enable the WPA IE in the service profile.
3 Enable the cipher suites you want to support in the service profile. (TKIP is enabled by default.)
Optionally, you also can change the countermeasures timer value for TKIP.
4 Map the service profile to the radio profile that will control IEEE settings for the radios.
5 Assign the radio profile to the radios and enable the radios.
If you plan to use PSK authentication, you also need to enable this authentication method and enter an ASCII
passphrase or a hexadecimal (raw) key.
Creating a service profile for WPA
Encryption parameters apply to all users who use the SSID configured by a service profile. To create a service
profile, use the following command:
set service-profile name
To create a new service profile named wpa, type the following command:
WSS# set service-profile wpa
success: change accepted.
Enabling WPA
To enable WPA, you must enable the WPA information element (IE) in the service profile. To enable the
WPA IE, use the following command:
set service-profile name wpa-ie {enable | disable}
To enable WPA in service profile wpa, type the following command:
WSS# set service-profile wpa wpa-ie enable
success: change accepted.
Specifying the WPA cipher suites
To use WPA, at least one cipher suite must be enabled. You can enable one or more of the following cipher
suites:
• CCMP
•TKIP
• 40-bit WEP
• 104-bit WEP
By default, TKIP is enabled and the other cipher suites are disabled.