Administrator’s Handbook

Wireless Privacy Settings

set wireless network-id privacy option { off WEP WPA-PSK WPA-802.1x }

Specifies the type of privacy enabled on the wireless LAN. off = no privacy; WEP = WEP encryption; WPA- PSK = Wireless Protected Access/Pre-Shared Key; WPA-802.1x = Wireless Protected Access/802.1x authentication. See “Wireless” on page 53 for a discussion of these options.

WPA provides Wireless Protected Access, the most secure option for your wireless network. This mecha- nism provides the best data protection and access control. PSK requires a Pre-Shared Key; 802.1x requires a RADIUS server for authentication.

WEP is Wired Equivalent Privacy, a method of encrypting data between the wireless Gateway and its clients. It is strongly recommended to turn this on as it is the primary way to protect your network and data from intruders. Note that 40bit is the same as 64bit and will work with either type of wireless client. The default is off.

A single key is selected (see default-key) for encryption of outbound/transmitted packets. The WEP- enabled client must have the identical key, of the same length, in the identical slot (1..4) as the wireless Gateway, in order to successfully receive and decrypt the packet. Similarly, the client also has a ‘default’ key that it uses to encrypt its transmissions. In order for the wireless Gateway to receive the client’s data, it must likewise have the identical key, of the same length, in the same slot. For simplicity, a wireless Gate- way and its clients need only enter, share, and use the first key.

set wireless network-id privacy pre-shared-key string

The Pre Shared Key is a passphrase shared between the Router and the clients and is used to generate dynamically changing keys, when WPA-PSKis selected or enabled. The passphrase can be 8 – 63 charac- ters. It is recommended to use at least 20 characters for best security.

set wireless network-id privacy default-keyid { 1...4 }

Specifies which WEP encryption key (of 4) the wireless Gateway will use to transmit data. The client must have an identical matching key, in the same numeric slot, in order to successfully decode. Note that a client allows you to choose which of its keys it will use to transmit. Therefore, you must have an identical key in the same numeric slot on the Gateway.

For simplicity, it is easiest to have both the Gateway and the client transmit with the same key. The default is 1.

set wireless network-id privacy encryption-key1-length {40/64bit, 128bit, 256bit}

set wireless network-id privacy encryption-key2-length {40/64bit, 128bit, 256bit}

set wireless network-id privacy encryption-key3-length {40/64bit, 128bit, 256bit}

set wireless network-id privacy encryption-key4-length {40/64bit, 128bit, 256bit}

Selects the length of each encryption key. 40bit encryption is equivalent to 64bit encryption. The longer the key, the stronger the encryption and the more difficult it is to break the encryption.

308

Page 307 Page 309
Page 308
Image 308
Motorola 3342 Set wireless network-id privacy pre-shared-key string, Set wireless network-id privacy default-keyid, 308
Page 307 Page 309
Top Page Image Contents