Cisco Aironet – WEP configuration

This post describes how to configure WEP security option on Cisco Aironet AP.

Quick Notes

1. WEP – Wired Equivalent Privacy – security algorithm for WLANs networks
2. WEP uses the RC4 algorithm for confidentiality (encryption) and the CRC-32 checksum for integrity
3. shared key
4. not secure (not recommended)
5. you can configure upto four keys (there are “four WEP key slots”)
6. usually you configure only the key 1 on the AP and key 1 on the client. These keys must match.The keys are set as transmit key (the transmit key is used for encryption)
7. the AP transmit key must match client key (in the same slot)
8. the client transmit key must match the AP key (in the same slot)
9. Example: If you configure AP key 1 as transmit key and client key 2 as transmit key then:
   – key 1 on AP must match key 1 on client
   – key 2 on AP must match key 2 on client.
   – the other keys don’t have to match
10. 40 and 128 bits key lengths
11. you enter 128 bits key as 26 hexadecimal digits
12. note that Cisco AP encrypts entered 26-hex-key (in configuration file). You can put into CLI command encrypted and un-encrypted version of the key

ConfigurationIn this example WEP was configured as mandatory (there is no possibility to connect without WEP enabled on client).

ap(config)#
ap(config)# dot11 ssid wep_net
ap(config-ssid)# authentication open
ap(config-ssid)# guest-mode
ap(config-ssid)# exit
ap(config)# interface dot11Radio 0
ap(config-if)# ssid wep_net
ap(config-if)# encryption key 1 size 128bit 12345678901234567890123456 transmit-key
ap(config-if)# encryption mode wep mandatory
ap(config-if)# no shutdown
ap(config-if)#