WPA3 different mode Service template configuration Compare
- 0 Followed
- 0Collected ,392Browsed
Network Topology
Ap-sw-AC
Configuration Steps
Configure WPA3-Personal mode wireless services:
[AC] wlan service-template wpa3_personal
[AC-wlan-st-wpa3_personal] ssid wpa3_personal
[AC-wlan-st-wpa3_personal] vlan 200
# Set the AKM mode to PSK and configure simple character string of 12345678 as the PSK.
[AC-wlan-st-wpa3_personal] akm mode psk
[AC-wlan-st-wpa3_personal] preshared-key pass-phrase simple 12345678
# Personal mode must set the cipher suite to CCMP and set the security IE to RSN.
[AC-wlan-st-wpa3_personal] cipher-suite ccmp
[AC-wlan-st-wpa3_personal] security-ie rsn
# Set the WPA security mode to personal (WPA3-SAE) and specify the mandatory mode.
[AC-wlan-st-wpa3_personal] wpa3 personal mandatory
[AC-wlan-st-wpa3_personal] pmf mandatory
[AC-wlan-st-wpa3_personal] client forwarding-location ac
[AC-wlan-st-wpa3_personal] service-template enable
Configure WPA3-Enterprise mode wireless services:
[AC] wlan service-template wpa3_Enterprise
[AC-wlan-st-wpa3_Enterprise] ssid wpa3_Enterprise
[AC-wlan-st-wpa3_Enterprise] vlan 200
# Set the AKM mode to dot1x
[AC-wlan-st-wpa3_Enterprise] akm mode dot1x
# Set the cipher suite to CCMP and set the security IE to RSN.
[AC-wlan-st-wpa3_Enterprise] cipher-suite ccmp
[AC-wlan-st-wpa3_Enterprise] security-ie rsn
# Set the WPA security mode to Enterprise (WPA3-dot1x)
[AC-wlan-st-wpa3_Enterprise] wpa3 enterprise-transition-mode
[AC-wlan-st-wpa3_Enterprise] client forwarding-location ac
[AC-wlan-st-wpa3_Enterprise] dot1x domain dm1x
[AC-wlan-st-wpa3_Enterprise] service-template enable
Key Configuration
WPA3-personal mode can specify pmf as optional or madatory, but WPA3-Enterprise must use madatory
Detail config about the switch , ap and vlan can be see here:
Support - 11-WPA3-SAE PSK Encryption Configuration Examples- H3C