Security
Using the CLI to Configure WPA Pre-Shared Key
To enter a key value, use the wpa‐psk‐type command to specify a hexadecimal or alphanumeric
key, and then use the wpa‐preshared‐key command to define the key. To view the current security
settings, use the show interface wireless a or show interface wireless g command (not shown in
example).
Example
RoamAbout 4102#configure
RoamAbout 4102(config)#no 802.1X
RoamAbout 4102(config)#interface wireless g
Enter Wireless configuration commands, one per line.
RoamAbout 4102(if-wireless g)#no 802.1x
WPA-Mode have been converted to preshare key
RoamAbout 4102(if-wireless g)#authentication open
RoamAbout 4102(if-wireless g)#authentication wpa-psk required
Data Encryption is set to Enabled.
WPA2 Clients Mode is set to Disabled.
WPA Clients Mode is set to Required.
WPA Multicast Cipher is set to TKIP.
WPA Unicast Ciphers can accept TKIP.
WPA Authentication is set to Pre-Shared Key.
RoamAbout 4102(if-wireless g)#wpa-pre pass agoodsecret
RoamAbout 4102(if-wireless g)#
Using the CLI to Configure WPA over 802.1X Security
First set 802.1X to required using the 802.1X command and set the 802.1X key refresh rates. Then,
from the 802.11a or 802.11g interface configuration mode, use the vap command to access each
VAP interface to configure other security settings.
From the interface configuration mode, use the authentication command to select open system
authentication and the encryption command to enable data encryption. Use the authentication
command to enable WPA dynamic keys over 802.1X. Set the broadcast and multicast key
encryption using the cipher‐suite command.
Example
RoamAbout 4102#configure
Enter configuration commands, one per line. End with CTRL/Z
RoamAbout 4102(config)#interface wire g
Enter Wireless configuration commands, one per line.
RoamAbout 4102(if-wireless g)#authentication wpa required
Data Encryption is set to Enabled.
WPA2 Clients mode is set to Disabled.
WPA Clients Mode is set to Required.
WPA Multicast Cipher is set to TKIP.
WPA Unicast Ciphers can accept TKIP.
WPA Authentication is set to 802.1X Required.
RoamAbout 4102(if-wireless g)#802.1X broadcast-key-refresh-rate 5
RoamAbout 4102(if-wireless g)#802.1X session-key-refresh-rate 5
RoamAbout 4102(if-wireless g)#802.1X session-timeout 300
RoamAbout 4102(if-wireless g)#
4-82 Advanced Configuration