Allied Telesis AT-TQ2403 238

238		AT-TQ2403 - Management Software - User's Guide


	Feature or Setting	CLI Command

	To set the cipher suite to CCMP (AES)	set bss wlan0bssInternal wpa-cipher-tkip off
	only:	set bss wlan0bssInternal wpa-cipher-ccmp on
	CCMP (AES) - Counter mode/CBC-	set bss wlan0bssInternal wpa-cipher-ccmp on
	CCMP (AES) - Counter mode/CBC-
	MAC Protocol (CCMP) is an
	encryption method for IEEE 802.11i
	that uses the Advanced Encryption
	Algorithm (AES).

	To set the cipher suite to Both:	set bss wlan0bssInternal wpa-cipher-tkip on
	Both - When the authentication	set bss wlan0bssInternal wpa-cipher-ccmp on
	algorithm is set to "Both", both TKIP
	and AES clients can associate with the
	access point. WPA clients must have
	either a valid TKIP key or a valid CCMP
	(AES) key to be able to associate with
	the AP.

In this example, we’ll set the cipher suite to Both:

AT-TQ2403# set bss wlan0bssInternal wpa-cipher-tkip on

AT-TQ2403# set bss wlan0bssInternal wpa-cipher-ccmp on

4. Set the Pre-shared Key

The Pre-shared Key is the shared secret key for WPA-PSK. Enter a string of at least 8 characters to a maximum of 63 characters. Following are two examples; the first sets the key to "SeCret !", the second sets the key to "KeepSecret".

Ex1.

AT-TQ2403# set interface wlan0 wpa-personal-key “SeCret !”

Ex2.

AT-TQ2403# set interface wlan0 wpa-personal-key “KeepSecre”

Note: Shared secret keys can include spaces and special characters if the key is placed inside quotation marks as in the first example above. If the key is a string of characters with no spaces or special characters in it, the quotation marks are not necessary as in the second example above.

5.Get Current Security Settings After Re-Configuring to WPA/WPA2 Personal (PSK)

Now we can use the "get" command again to view the updated security configuration and see the results of our new settings.

The following command gets the security mode in use on the Internal network:

AT-TQ2403# get interface wlan0 security