Configuring WEP Keys

Aironet Client Utility

Cisco.com

Cisco.com

© 2003, Cisco Systems, Inc. All rights re

© 2003, Cisco Systems, Inc. All rights re

Static WEP keys are set on the client using the Aironet Client Utility (ACU). From the ACU, click Profile Manager. This will launch the Profile Manager screen. From the Profile Manager, choose the desired profile from the drop down box and click the Edit button.

© 2003, Cisco Systems, Inc. All rights re

© 2003, Cisco Systems, Inc. All rights re

Once the desired profile is brought up, click the Network Security tab. This will allow you to view and edit the Security settings for this profile.

To set up static WEP keys, click the Use Static WEP Keys radio button under WEP. Once this button has been checked, the WEP keys can be entered.

The WEP keys are entered here just as they are on the access point. 26 hexadecimal characters (13 bytes) for 128-bit, 10 hexadecimal characters (5 bytes) for 40-bit. Choose the key size by checking the appropriate radio button next to the WEP key entry box. Once a WEP key is entered, it can be overwritten, but it cannot be edited or deleted. Up to four keys may be configured.

■ Access Point Authentication: Choose which type of authentication will be used, Open Authentication (default, more secure) or Shared Key Authentication (less secure).

■ WEP Key Entry Method: You can choose to enter the WEP key as hexadecimal characters, or as ASCII text. The default is hexadecimal characters.

■ Allow Association to Mixed Cells: If a client is to associate with an access point using Optional WEP (Open Authentication supporting both encrypted and non-encrypted clients) this box must be checked.

Note If this box is not checked, the client will be able to communicate with clients configured for

Full Encryption only.

Access Point

Access Point

© 2003, Cisco Systems, Inc. All rights re

© 2003, Cisco Systems, Inc. All rights re

No matter which type of authentication is used, the WEP keys entered on the client and the access point must match. The key(s) themselves must match, and the order of the key(s) must match (i.e., 40 bit key entered as Key 1 on the client must match the 40 bit key entered as Key 1 on the access point).

Cisco.com

Cisco.com

Key1=1234. Key2=5678. Key3=9012. Key4=3456.

Key1=1234. Key2=5678 Key3=9012 Key4=3456

Header: Use Key3

Data: Encrypted using KEY3

Trailer

Header: Use Key2

Data: Encrypted using KEY2 Trailer

© 2003, Cisco Systems, Inc. All rights re

The reason the order of the keys must match is because a transmit key will have to be chosen. When sending encrypted data, the client (or access point) will use the transmit key to encrypt the packet. The Transmit Key information is included in the packet's header. This lets the access point (or client) know which key to use to decrypt the packet.

Was this article helpful?

0 0

Post a comment