Configure WEP SSID Authentication

Before you begin

Create a standard wireless network policy. For more information, see About SSIDs.

About this task

Extreme Networks supports both WEP 802.1X and WEP. The difference is in how they manage keys. WEP 802.1X can refresh keys dynamically, whereas WEP requires keys to be changed manually. Because of the effort required to enter keys manually on clients, WEP is only suitable for a relatively small number of clients. Use these steps to configure WEP SSID authentication options.

Note

Although WEP can deter casual eavesdropping, it cannot withstand more serious attacks. More secure replacements for WEP are WPA and WPA2, and Extreme Networks encourages the use of these stronger security mechanisms whenever possible.

Procedure

Select WEP for Key Management.

Note
If you select WEP 802.1X, you will only need to perform Step 2.
For Encryption Method, choose either WEP 104 or WEP 40.
The difference is the length (104-bit or 40-bit) of the encryption keys. The shared secrets are derived from values you enter in the Key Value fields. Generally, a longer key is more secure than a shorter one.
For Authentication Method, choose either Open or Shared.
- Open: The Extreme Networks device accepts any client without challenging it.
- Shared: The Extreme Networks device sends a random plain text string to the client. The client encrypts the string and sends it back. The device decrypts it and compares the string with the one it sent. If they match, the client has authenticated itself by proving it possesses the same shared encryption key as the device.
Choose either ASCII Key or Hex Key.
- If you chose WEP 104 and ASCII Key, enter a 13-character ASCII string in the Key Type fields. If you chose WEP 104 and Hex Key, enter a 26-digit hexadecimal string.
- If you chose WEP 40 and ASCII Key, enter a 5-character ASCII string in the Key Type fields. If you chose WEP 40 and Hex Key, enter a 10-digit hexadecimal string.
Specify the Default Key the device uses to encrypt the data it sends.

You can change this to Key Values 2, 3, or 4. Use Show Password to display the strings as you enter them. When the Extreme Networks device encrypts data with its Default Key, it includes the key ID number that WEP adds to the 802.11 frame header. The recipient can locate the key with the same ID number. Similarly, when a client encrypts data with its Default Key, it includes the key so that the Extreme Networks device can locate a matching key. The client can use the same default key as the Extreme Networks device to encrypt data, or it can use one of the other three keys, and still decrypt it by using the key ID number to locate the matching key.

Note
When entering WEP keys on wireless clients, make sure those keys are in the same order as the matching keys on the Extreme Networks device. For clients that store keys numbered 1, 2, 3, 4 or keys numbered 0, 1, 2, 3, the keys in the first, second, third, and fourth positions, regardless of their numbers, must correspond with the keys at the same positions on Extreme Networks devices. For example, the key in the first position numbered either 1 or 0 on a client must match the key in the first position (Key Value 1) on an Extreme Networks device.