User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point

191

192

193

194

195

196

197

198

199

200

190

DWS-1008 User’s Manual

D-Link Systems, Inc.

Conguring User Encryption

190D-Link Systems, Inc.

Encryption Conguration Scenarios

The following scenarios provide examples of ways in which you can congure encryption

for network clients:

Enabling WPA with TKIP

The following example shows how to congure MSS to provide authentication and TKIP

encryption for 801.X WPA clients. This example assumes that pass-through authentication is

used for all users. A RADIUS server group performs all authentication and authorization for

the users.

1. Create an authentication rule that sends all 802.1X users of SSID mycorp in the EXAMPLE

domain to the server group shorebirds for authentication. Type the following command:

DWS-1008# set authentication dot1x ssid mycorp EXAMPLE\* pass-through

shorebirds

2. Create a service prole named wpa for the SSID. Type the following command:

DWS-1008# set service-prole wpa

success: change accepted.

3. Set the SSID in the service prole to mycorp. Type the following command:

DWS-1008# set service-prole wpa ssid-name wpa

success: change accepted.

4. Enable WPA in service prole wpa. Type the following command:

DWS-1008# set service-prole wpa wpa-ie enable

success: change accepted.

TKIP is already enabled by default when WPA is enabled.

5. Display the service prole wpa to verify the changes. Type the following command:

DWS-1008# show service-prole wpa

ssid-name: mycorp ssid-type: crypto

beacon: yes auth-fallthru: none

WEP Key 1 value: <none> WEP Key 2 value: <none>

WEP Key 3 value: <none> WEP Key 4 value: <none>

WEP Unicast Index: 1 WEP Multicast Index: 1

Shared Key Auth: NO

WPA enabled:

ciphers: cipher-tkip

authentication: 802.1X

TKIP countermeasures time: 60000ms