< Home

Configure Dynamic WEP

Context

In static WEP encryption mode, the same WEP key is used for encrypting different users, bringing security risks. Before 802.11i is launched, no unified wireless encryption standard is available. Vendors enhance WEP encryption by leveraging 802.1X authentication to achieve dynamic WEP encryption. Keys for dynamic WEP encryption are dynamically generated and delivered by the server. In this manner, different WEP keys are used for encrypting different users.

To achieve dynamic WEP, you need to manually add a WLAN on a STA, and then enter the SSID, identity authentication and encryption modes configured on the device. After that, the STA can connect to the WLAN.
  • Configuration on the iOS operating system:
    1. Access the network management page. On the Wi-Fi tab, tap to manually add a WLAN.
    2. On the page for manually adding a WLAN, set the network name to the SSID configured on the device, set the security policy to Dynamic WEP, and configure the user name and password.
  • Configuration on the Windows 7 operating system:
    1. Access the Manage wireless networks page, click Add and select Manually create a network profile. Set the network name to the SSID configured on the device, set the authentication mode to 802.1x and encryption mode to WEP, and click Next.
    2. Scan SSIDs and double-click SSID wlan-net. On the Security tab page, set EAP type to PEAP and click Settings. In the dialog box that is displayed, deselect Validate server certificate and click Configure. In the dialog box that is displayed, deselect Automatically use my Windows logon name and password and click OK.

The WEP encryption algorithm is insecure. WPA2 is recommended in scenarios that have high security requirements.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run wlan

    The WLAN view is displayed.

  3. Run security-profile name profile-name

    The security profile view is displayed.

  4. Run security wep dynamic

    The security policy is set to dynamic WEP.

    By default, the security policy is open system.

  5. Run wep key key-id { wep-40 | wep-104 | wep-128 } dot1x

    The dynamic WEP key index and length are configured.

    By default, WEP-40 is used, and the key is Admin.

  6. Run wep default-key key-id

    The index of the shared key used by WEP is configured.

    By default, key 0 is used for WEP authentication or encryption.

    Four shared keys can be configured for WEP. You can run this command to make the key with the specified index to take effect. The key index ID of the device starts from 0.

  7. Configure 802.1X authentication. For details, see "NAC Configuration (Unified Mode)" in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - User Access and Authentication Configuration Guide.
Parent Topic: Configuring a Security Policy
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >