302
DWS-1008 User’s Manual
D-Link Systems, Inc.
Configuring AAA for Network Users
Assigning and Clearing Encryption Types Locally
To restrict wireless uses or groups with user profiles in the local DWS-1008 switch database
to particular encryption algorithms for accessing the network, use one of the following
commands:
set
user
username
attr
encryption-type
value
set
usergroup
groupname
attr
encryption-type
value
set
mac-user
username
attr encryption-type
value
set mac-usergroup
groupname
attr
encryption-type
value
MSS supports the following values for Encryption-Type, listed from most secure to least
secure.
Encryption-Type
Value
Encryption Algorithm Assigned
1
Advanced Encryption Standard using Counter with
Cipher Block Chaining Message Authentication Code
(CBC-MAC) - or AES_CCM.
2
Reserved.
4
Temporal Key Integrity Protocol (TKIP).
8
Wired-Equivalent Privacy protocol using 104 bits of key
strength (WEP_104). This is the default.
16
Wired-Equivalent Privacy protocol using 40 bits of key
strength (WEP_40).
32
No encryption.
64
Static WEP
For example, the following command restricts the MAC user group
mac-fans
to access the
network by using only TKIP:
DWS-1008#
set mac-usergroup mac-fans attr encryption-type 4
success: change accepted.
You can also specify a combination of allowed encryption types by summing the values. For
example, the following command allows
mac-fans
to associate using either TKIP or WEP_104:
DWS-1008#
set mac-usergroup mac-fans attr encryption-type 12
success: change accepted.
To clear an encryption type from the profile of a use or group of users in the local DWS-1008
switch database, use one of the following commands:
clear
user
username
attr
encryption-type
clear
usergroup
groupname
attr
encryption-type
clear
mac-user
username
attr
encryption-type
clear
mac-usergroup
groupname
attr
encryption-type
Summary of Contents for DWS-1008
Page 1: ......