Cisco Aironet – WEP configuration
September 18, 2015
This post describes how to configure WEP security option on Cisco Aironet AP.
- WEP – Wired Equivalent Privacy – security algorithm for WLANs networks
- WEP uses the RC4 algorithm for confidentiality (encryption) and the CRC-32 checksum for integrity
- shared key
- not secure (not recommended)
- you can configure upto four keys (there are “four WEP key slots”)
- usually you configure only the key 1 on the AP and key 1 on the client. These keys must match.The keys are set as transmit key (the transmit key is used for encryption)
- the AP transmit key must match client key (in the same slot)
- the client transmit key must match the AP key (in the same slot)
- Example: If you configure AP key 1 as transmit key and client key 2 as transmit key then:
– key 1 on AP must match key 1 on client
– key 2 on AP must match key 2 on client.
– the other keys don’t have to match
- 40 and 128 bits key lengths
- you enter 128 bits key as 26 hexadecimal digits
- note that Cisco AP encrypts entered 26-hex-key (in configuration file). You can put into CLI command encrypted and un-encrypted version of the key
ConfigurationIn this example WEP was configured as mandatory (there is no possibility to connect without WEP enabled on client).
ap(config)# ap(config)# dot11 ssid wep_net ap(config-ssid)# authentication open ap(config-ssid)# guest-mode ap(config-ssid)# exit ap(config)# interface dot11Radio 0 ap(config-if)# ssid wep_net ap(config-if)# encryption key 1 size 128bit 12345678901234567890123456 transmit-key ap(config-if)# encryption mode wep mandatory ap(config-if)# no shutdown ap(config-if)#