Cisco Systems 3.2 Wireless Office Headset User Manual


 
6-5
Cisco Wireless LAN Controller Configuration Guide
OL-8335-02
Chapter 6 Configuring WLANs
Configuring Wireless LANs
If you want to change the 802.1X encryption level for a wireless LAN, use this command:
config wlan security 802.1X encryption wlan-id [40 | 104 | 128]
Use the 40 option to specify 40/64-bit encryption.
Use the 104 option to specify 104/128-bit encryption. (This is the default encryption setting.)
Use the 128 option to specify 128/152-bit encryption.
WEP Keys
Cisco Wireless LAN Controllers can control static WEP keys across access points. Use these commands
to configure static WEP for wireless LANs:
Enter this command to disable 802.1X encryption:
config wlan security 802.1X disable wlan-id
Enter this command to configure 40/64, 104/128, or 128/152-bit WEP keys:
config wlan security static-wep-key encryption wlan-id {40 | 104 | 128} {hex | ascii} key
key-index
Use the 40, 104, or 128 options to specify 40/64-bit, 104/128-bit, or 128/152-bit encryption.
The default setting is 104/128.
Use the hex or ascii option to specify the character format for the WEP key.
Enter 10 hexadecimal digits (any combination of 0-9, a-f, or A-F) or five printable ASCII
characters for 40-bit/64-bit WEP keys; enter 26 hexadecimal or 13 ASCII characters for
104-bit/128-bit keys; enter 32 hexadecimal or 16 ASCII characters for 128-bit/152-bit keys.
Enter a key index (sometimes called a key slot) 1 through 4.
Note One unique WEP key index must be applied to each wireless LAN that uses static WEP.
Because there are only four key indexes, only four wireless LANs can be configured for
static WEP Layer 2 encryption. Also note that some legacy clients can only access key index
1 through 3 but cannot access key index 4.
Dynamic WPA Keys and Encryption
Cisco Wireless LAN Controllers can control WPA (Wi-Fi Protected Access) across access points. Enter
these commands to configure WPA for a wireless LAN:
Enter this command to disable 802.1X encryption:
config wlan security 802.1X disable wlan-id
Enter these commands to configure authorization and dynamic key exchange on a wireless LAN:
config wlan security wpa enable wlan-id
config wlan security wpa encryption aes-ocb wlan-id
config wlan security wpa encryption tkip wlan-id
config wlan security wpa encryption wep wlan-id {40 | 104 | 128}
Enter show wlan to verify that you have WPA enabled.