Chapter 5 Configuring Encryption Types

Configure Encryption Types

Note Client devices using static WEP cannot use the access point when you enable broadcast key rotation. When you enable broadcast key rotation, only wireless client devices using 802.1x authentication (such as LEAP, EAP-TLS, or PEAP) can use the access point.

Configure Encryption Types

These sections describe how to configure encryption, such as WEP, AES-CCM, and and broadcast key rotation:

Creating WEP Keys, page 5-3

Creating Cipher Suites, page 5-5

Enabling and Disabling Broadcast Key Rotation, page 5-7

Note All encryption types are disabled by default.

Creating WEP Keys

Note

You need to configure static WEP keys only if your access point needs to support client devices that use

 

static WEP. If all the client devices that associate to the access point use key management (WPA or

 

802.1x authentication) you do not need to configure static WEP keys.

 

 

 

 

Beginning in privileged EXEC mode, follow these steps to create a WEP key and set the key properties:

 

 

 

 

Command

Purpose

Step 1

 

 

configure terminal

Enter global configuration mode.

Step 2

 

 

interface dot11radio { 0 1 }

Enter interface configuration mode for the radio interface. The

 

 

2.4-GHz radio is radio 0, and the 5-GHz radio is radio 1.

 

 

 

Cisco Wireless ISR and HWIC Access Point Configuration Guide

 

OL-6415-04

5-3

 

 

 

Page 79
Image 79
Cisco Systems OL-6415-04 manual Configure Encryption Types, Creating WEP Keys