190
DWS-1008 User’s Manual
D-Link Systems, Inc.
Configuring User Encryption
190
D-Link Systems, Inc.
Encryption Configuration Scenarios
The following scenarios provide examples of ways in which you can configure encryption
for network clients:
Enabling WPA with TKIP
The following example shows how to configure MSS to provide authentication and TKIP
encryption for 801.X WPA clients. This example assumes that pass-through authentication is
used for all users. A RADIUS server group performs all authentication and authorization for
the users.
1.
Create an authentication rule that sends all 802.1X users of SSID
mycorp
in the
EXAMPLE
domain to the server group
shorebirds
for authentication. Type the following command:
DWS-1008#
set authentication dot1x ssid mycorp EXAMPLE\* pass-through
shorebirds
2.
Create a service profile named
wpa
for the SSID. Type the following command:
DWS-1008#
set service-profile wpa
success: change accepted.
3.
Set the SSID in the service profile to
mycorp
. Type the following command:
DWS-1008#
set service-profile wpa ssid-name wpa
success: change accepted.
4.
Enable WPA in service profile
wpa
. Type the following command:
DWS-1008#
set service-profile wpa wpa-ie enable
success: change accepted.
TKIP is already enabled by default when WPA is enabled.
5.
Display the service profile
wpa
to verify the changes. Type the following command:
DWS-1008#
show service-profile wpa
ssid-name: mycorp ssid-type: crypto
beacon: yes
auth-fallthru: none
WEP Key 1 value: <none> WEP Key 2 value: <none>
WEP Key 3 value: <none> WEP Key 4 value: <none>
WEP Unicast Index: 1 WEP Multicast Index: 1
Shared Key Auth: NO
WPA enabled:
ciphers: cipher-tkip
authentication: 802.1X
TKIP countermeasures time: 60000ms
Summary of Contents for DWS-1008
Page 1: ......