3Com 3CRWX120695A, 3CRWX440095A Configuration Manual page 176

176 C 7: C U E
HAPTER ONFIGURING SER NCRYPTION
Changing the TKIP Countermeasures Timer Value
By default, MSS enforces TKIP countermeasures for 60,000 ms (60
seconds) after a second MIC failure within a one-minute interval. To
change the countermeasures timer value, use the following command:
set service-profile name tkip-mc-time wait-time
To change the countermeasures wait time in service profile wpa to 30
seconds, type the following command:
WX1200# set service-profile wpa tkip-mc-time 30000
success: change accepted.
Enabling PSK Authentication for WPA
By default, WPA uses 802.1X dynamic keying. If you plan to use static
keys, you must enable PSK authentication and configure a passphrase or
the raw key. You can configure the passphrase or key globally. You also
can configure keys on an individual MAC client basis.
By default, 802.1X authentication remains enabled when you enable
PSK authentication.
To enable PSK authentication, use the following command:
set service-profile name auth-psk {enable | disable}
To enable PSK authentication in service profile wpa, type the following
command:
WX1200# set service-profile wpa auth-psk enable
success: change accepted.
Configuring a Global PSK Passphrase or Raw Key for All Clients
To configure a global passphrase for all WPA clients, use the following
command:
set service-profile name psk-phrase passphrase
The passphrase must be exactly 63 characters long, including blanks. If
you use blanks, you must enclose the string in quotation marks.
To configure service profile wpa to use passphrase
1234567890123<>?=+&% The quick brown fox jumps over the lazy sl,
type the following command:
WX1200# set service-profile wpa psk-phrase "1234567890123<>