182
DWS-1008 User’s Manual
D-Link Systems, Inc.
Configuring User Encryption
182
D-Link Systems, Inc.
To create a new service profile named
wpa
, type the following command:
DWS-1008#
set service-profile wpa
success: change accepted.
Enabling WPA
To enable WPA, you must enable the WPA information element (IE) in the service profile. To
enable the WPA IE, use the following command:
set
service-profile
name
wpa-ie
{
enable
|
disable
}
To enable WPA in service profile
wpa
, type the following command:
DWS-1008#
set service-profile wpa wpa-ie enable
success: change accepted.
Specifying the WPA Cipher Suites
To use WPA, at least one cipher suite must be enabled. You can enable one or more of the
following cipher suites:
• CCMP
• TKIP
• 40-bit WEP
• 104-bit WEP
By default, TKIP is enabled and the other cipher suites are disabled.
To enable or disable cipher suites, use the following commands:
set service-profile
name
cipher-ccmp
{
enable
|
disable
}
set service-profile
name
cipher-tkip
{
enable
|
disable
}
set service-profile
name
cipher-wep104
{
enable
|
disable
}
set service-profile
name
cipher-wep40
{
enable
|
disable
}
To enable the 40-bit WEP cipher suite in service profile
wpa
, type the following command:
DWS-1008#
set service-profile wpa cipher-wep40 enable
success: change accepted.
After you type this command, the service profile supports TKIP and 40-bit WEP.
Changing the TKIP Countermeasures Timer Value
By default, MSS enforces TKIP countermeasures for 60,000 ms (60 seconds) after a second
MIC failure within a one-minute interval. To change the countermeasures timer value, use the
following command: