1.Topology: 2.Notes before configuration: 2.1 The wireless terminals should support WPA3-Personal. Otherwise, they will not be allowed to search and connect toWPA3 Wi-Fi. For Windows, you can use this CMD command to verify: netsh wlan show drivers For other terminals like mobile phones, please confirm with the vendor of your terminals.  2.2 WPA3 relies on the management frame encryption feature, so you need to enable the management frame encryption feature before you can turn on WPA3. 2.3 For Pure WPA3-Personal, the method of management frame encryption can only be mandatory. Only terminals that support WPA3 can search and connect to this SSID. 2.4 WPA3-Personal can only be deployed along withWPA2, also known as WPA2/WPA3. And the encryption method of WPA2 can only be AES. 2.5 For WPA2/WPA3, the method of management frame encryption can be optional (Suggested Configuration), and the password for WPA2/WPA3 needs to be the same. 3.Configuration Steps & Commands: 3.1 Please make sure that the firmware version of Ruijie AP and Ruijie AC is W1B1 or later. And Fit AP needs to go online on AC.  3.2 Create SSID, Bind SSID into ap-group on RuijieWS6008: WS6008> enable WS6008# config WS6008(config)# wlan-config 1 WPA3-TEST //Configure wlan-config, id is 1, SSID isWPA3-TEST. WS6008(config-wlan)# exit WS6008(config)# ap-group default //By default, all Fit APs are associated tothe default group. WS6008(config-ap-group)# interface-mapping 120 //Associate wlan-config 1 with vlan 20. "1" is wlan-config,"20" is vlan for wireless users. WS6008(config-ap-group)# exit Tips:The next step is to configure wlan security. You can refer to Part 3.3 or 3.4to continue the configuration according to your actual needs. 3.3 For Pure WPA3 Authentication, you may refer tothis part: WS6008(config)# wlansec 1 WS6008(config)# security pmf mandatory //Configure the method of management frame encryption:mandatory WS6008(config)# security wpa3 personal passphraseascii patrick1123 //Configure the password for WPA3 WS6008(config)# security wpa3 mode personal //Enablethe WPA3-Personal Authentication 3.4 For WPA2/WPA3 Authentication, you may refer tothis part: WS6008(config)# wlansec 1 WS6008(config-wlansec)# security rsn enable //Enablethe WPA2 Authentication WS6008(config-wlansec)# security rsn ciphers aesenable //Configurethe encryption method of WPA2: AES WS6008(config-wlansec)# security rsn akm pskenable //EnablePSK WS6008(config-wlansec)# security rsn akm pskset-key ascii seeyoutmr //Configure thepassword for PSK WS6008(config-wlansec)# security pmf optional //Configurethe method of management frame encryption: optional WS6008(config-wlansec)# security wpa3 modepersonal //Enablethe WPA3-Personal Authentication 3.5 Remember to save the configuration. WS6008(config-wlansec)# end WS6008# write 4.Result: You can check the wireless adapter of your terminal after connecting to Wi-Fi. Please note that with WPA2 or WPA3 access, this is the behavior of the terminal itself. The wireless device cannot decide. Here is an example of Win10. Check it out by using this command: netsh wlan show interfaces  You also can use this checking command on Ruijie AC: show ac-config client  |
This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.
More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.
©2000-2023 Ruijie Networks Co,Ltd
Level 5
