Company Name

  • Network Engineering Skills

    Configured Cisco Routers (2500, 3000, 4000) using RIP, IGRP, OSPF, EIGRP and Switches (5000, 3524, 2900).
    Implementation of DHCP, DNS, FTP, TFTP.
    Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
    Routing Protocol (BGP, OSPF, EIGRP, IGRP, RIP, IS-IS), Routed Protocol (TCP/IP).
    Install and Configuration of DHCP Server, DNS Server, FTP Server, Squid, Web Server On Linux.

  • Computer Programming Skills

    Office Package: Microsoft Word, Microsoft Excel, Microsoft Access, Microsoft PowerPoint, Microsoft Outlook Express.
    Programming Language:Pascal, C, C++, Java, Java Swing, PHP, Dot Net.
    Operating Systems: Windows9X, Windows Server200X, Windows ME, Windows XP, Windows Vista, Windows 7, Linux, MS DOS.
    HTML Editing Tools: Macromedia Dreamweaver, Microsoft FrontPage, Adobe GoLive.
    Graphics Tools: Macromedia Flash, Macromedia Fireworks, Adobe Photoshop, Adobe PageMaker, Adobe Illustrator,SwishMX.

  • Technical Support Specialist

    Install Network Interface Cards NIC s . Setup bindings, IP addresses, WINS, and DNS configurations. Operate, and maintain Local Area Network LAN connectivity using TCP/IP protocol.
    Identify, troubleshoot, and analyze computer related issues. Determine appropriate course of action, and conduct repairs, modifications, and upgrade internal components and peripherals as needed.
    Plan layout of workstation locations and LAN cabling. Coordinate teardown, move, and install of office partitions, desks, and equipment. Install PC workstations, LAN cabling and setup network connectivity.
    Maintained excellent working relationships with customers, field service, sales and marketing people.

Configuring WEP Authentication on Cisco Aironet

The wireless network you installed for your LAN can mean that you are directly exposing your network to the public.

Anyone can use a wireless sniffer and view all the traffics going between the wireless access point and the clients. That’s why you need to add security in your wireless LAN.

This post will talk about WEP or Wired Equivalent Privacy, the name states that your wireless network will be as safe as your wired network but not in reality.

There are many WEP decryption tools available out there. Just capture some packets using wireless sniffer and use the the decryption tool to find out the WEP key.

So we know the WEP is not secure, nevertheless I want to show how to configure WEP authentication for Cisco Aironet wireless access point.

WEP uses 40 bits encryption key (10 hexadecimal characters) or 128 bits (26 hexadecimal characters).
Don’t get a false sense of security with the length of the encryption, the longer the encryption key just mean the more packets you need to capture and more time to decrypt them.

There are two types authentication for security according the IEEE 802.11 committee, the shared-key and open authentication.

In a shared-key authentication, the access point will send a challenge packet to the client and the client must encrypt the packet with with the right key (WEP key) then return it to the access point.
This method is not secure since everything sent in clear text.

The other method is open authentication, just like the name the authentication is open or you can say no authentication required.
But when open authentication used with the WEP, the WEP key will be used to encrypt all data before sending them.

I have to admit, I get a little confused when first time configuring authentication in Cisco Aironet wireless access points since no one thought me so I had to browse all the configuration examples.

It’s easier to use the web interface of the access point, but I want to configure it through CLI.
To configure WEP authentication you should do this by entering the dot11radio interface:

1240AG> enable
1240AG# configure terminal
1240AG (config)# interface dot11radio 0

Create the SSID and associate it with VLAN if you haven’t done it:

1240AG (config-if)# ssid Guest
1240AG (config-if-ssid)# vlan 40
1240AG (config-if-ssid)# authentication open
1240AG (config-if-ssid)# exit

Configure the WEP authentication:

1240AG (config-if)# encryption vlan 40 mode wep mandatory
1240AG (config-if)# encryption vlan 40 key 1 size 128bit 12345678901234567890123456 transmit-key

The above first command tell the Cisco Aironet to do WEP encryption on vlan 40 (SSID Guest) and set it as mandatory.
If you replace mandatory with optional, the use of WEP encryption depends on the client configuration, they can choose to encrypt the packets or not.

This entry was posted in Cisco.

Leave a Reply