Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

231

232

233

234

235

236

237

238

239

240

Configuring WEP

RoamAbout Mobility System Software Configuration Guide 10-15

Configuring WEP

Wired‐EquivalentPriva c y(WEP)isasecurityprotocoldefinedinthe802.11standard.WEPuses

theRC4encryptionalgorithmtoencryptdata.

Toprovideintegritychecking,WEPaccesspointsandclientschecktheintegrityofaframe’scyclic

redundancycheck(CRC),generateanintegritycheckvalue(ICV),andappendthevalue

tothe

framebeforesendingit.TheradioorclientthatreceivestheframerecalculatestheICVand

comparestheresulttotheICVintheframe.Ifthevaluesmatch,theframeisprocessed.Ifthe

valuesdonotmatch,theframeisdiscarded.

WEPiseitherdynamicorstatic

dependingonhowtheencryptionkeysaregenerated.APs

supportdynamicWEPandstaticWEP.

•FordynamicWEP,MSSdynamicallygenerateskeysforbroadcast,multicast,andunicast

traffic.MSSgeneratesuniq ueunicastkeysforeachclientsessionandperiodicallyregenerates

(rotates)thebroadcastandmulticastkeysforallclients.You

canchangeordisablethe

broadcastormulticastrekeyinginterval.

•ForstaticWEP,MSSusesstatically configuredkeystypedintheRoamAboutSwitch’s

configurationandonthewirelessclientanddoesnotrotatethekeys.

DynamicWEPencryptionisenabledbydefault.YoucandisabledynamicWEPsupportby

enablingWPA

andleavingtheWEP‐40orWEP‐104ciphersuitesdisabled.Ifyouusedynamic

WEP,802.1XmustalsobeconfiguredontheclientinadditiontoWEP.

StaticWEPencryptionisdisabledbydefault.ToenablestaticWEPencryption,configurethestatic

WEPkeysandassignthemtounicastand

multicasttraffic.Makesureyouconfigurethesame

statickeysontheclients.

TosupportdynamicWEPinaWPAenvironment,enableWPAandenabletheWEP‐40orWEP‐

104ciphersuite.(SeeConfiguringWPAonpage 10‐7.)

ThissectiondescribeshowtoconfigureandassignstaticWEPkeys.(To

changeotherkey‐related

settings,see“Managing802.1XEncryptionKeys”onpage 19‐3.)

Figure 10‐4onpage 10‐16showsanexampleofaradioconfiguredtoprovidestaticanddynamic

WEPencryptionfornon‐WPAclients.Theradiousesdynamicallygeneratedkeystoencrypt

trafficfordynamicWEPclients.The

radioalsoencryptstrafficforstaticWEPclientswhosekeys

matchthekeysconfiguredontheradio.