Configuring user encryption 315Nortel WLAN—Security Switch 2300 Series Configuration GuideEnabling dynamic WEP in a WPA networkThe following example shows how to configure WSS Software to provide authentication and encryption for801.X dynamic WEP clients, and for 801.X WPA clients using TKIP. This example assumes that pass-throughauthentication is used for all users. The commands are the same as those in “Enabling WPA with TKIP”(page 313), with the addition of a command to enable a WEP cipher suite. The WEP cipher suite allowsauthentication and encryption for both WPA and non-WPA clients that want to authenticate using dynamicWEP.1 Create an authentication rule that sends all 802.1X users of SSID mycorp in the EXAMPLEdomain to the server group shorebirds for authentication. Type the following command:WSS# set authentication dot1x ssid thiscorp EXAMPLE\* pass-throughshorebirds2 Create a service profile named wpa-wep for the SSID. Type the following command:WSS# set service-profile wpa-wepsuccess: change accepted.3 Set the SSID in the service profile to thiscorp. Type the following command:WSS# set service-profile wpa-wep ssid-name thiscorpsuccess: change accepted.4 Enable WPA in service profile wpa-wep. Type the following command:WSS# set service-profile wpa-wep wpa-ie enablesuccess: change accepted.5 Enable the WEP40 cipher suite in service profile wpa-wep. Type the following command:WSS# set service-profile wpa-wep cipher-wep40 enablesuccess: change accepted.TKIP is already enabled by default when WPA is enabled.6 Display the service profile wpa-wep to verify the changes. Type the following command:WSS# show service-profile sp1ssid-name: mycorp ssid-type: cryptoBeacon: yes Proxy ARP: noDHCP restrict: no No broadcast: noShort retry limit: 5 Long retry limit: 5Auth fallthru: none Sygate On-Demand (SODA): noEnforce SODA checks: yes SODA remediation ACL:Custom success web-page: Custom failure web-page:Custom logout web-page: Custom agent-directory:Static COS: no COS: 0CAC mode: none CAC sessions: 14User idle timeout: 180 Idle client probing: yesKeep initial vlan: no Web Portal Session Timeout: 5Web Portal ACL:WEP Key 1 value: WEP Key 2 value: WEP Key 3 value: WEP Key 4 value: WEP Unicast Index: 1 WEP Multicast Index: 1Shared Key Auth: NO