Cisco Systems 1140 specifications Express Security Types, Configuring Security for 802.11n

Page 16

you cannot create additional SSIDs with WPA authentication because they use different encryption settings. If you find that the security setting for an SSID conflicts with another SSID, you can delete one or more SSIDs to eliminate the conflict.

If any VLANs are defined on the access point, the trunk port on the switch must be limited to allow only the VLANs defined on the access point.

Express Security Types

There are four security types you can assign to an SSID:

No security—The least secure option. Use this option only for SSIDs used in a public space, and assign it to a VLAN that restricts access to your network.

Static WEP Key—More secure than no security. Static WEP keys are vulnerable to attack. There are two different lengths for WEP keys: 40-bit and 128-bit (hexadecimal or ASCII characters). Cisco access points use hexadecimal characters. Client adapters can use either, depending on how the vendor chooses to configure them.

EAP Authentication—Enables 802.1x authentication. Requires an IP address and shared secret from an authentication server on your network (server authentication port 1645). You do not need to enter a WEP key.

WPA—Wi-Fi Protected Access (WPA) permits wireless access to users authenticated against a database through the services of an authentication server and encrypts their IP traffic with stronger algorithms than those used in WEP. As with EAP authentication, you must enter the IP address and shared secret for an authentication server on your network (server authentication port 1645).

Configuring Security for 802.11n

To achieve 802.11n speeds, you need to configure the access point for no encryption or WPA2/AES encryption. Any other setting eliminates 802.11n capabilities from the configuration.

Express Security Limitations

Because the Express Security page is designed for simple configuration of basic security, the options available are a subset of the access point security capabilities. Keep these limitations in mind when using the Express Security page:

You cannot edit SSIDs. However, you can delete SSIDs and recreate them.

You cannot assign SSIDs to specific radio interfaces. The SSIDs that you create are enabled on all radio interfaces. To assign SSIDs to specific radio interfaces, choose Security > SSID Manager.

You cannot configure multiple authentication servers. To configure multiple authentication servers, click Security > Server Manager.

16

Page 15 Page 17
Image 16
Page 15 Page 17
Contents Cisco Aironet 1140 Series Autonomous Access Point Safety Instructions About this Guide20A. Statement Overview Verifying Shipped ComponentsAccess Point Ports and Connections Key Ports and ComponentsObtaining and Assigning an IP Address Performing a Site SurveyCommand Purpose Connecting to the Access Point LocallyAssigning the IP Address to the BVI Assigning an IP Address Using the CLI Interface bvi1Mounting the Access Point Configuring Basic SettingsPage Page Configuring the Radios Default Settings on the Express Setup Setting DefaultEnabling the Radio Interfaces Configuring Security SettingsClick Apply Understanding Express Security Settings Configuring Basic Security SettingsUsing VLANs Express Security Types Configuring Security for 802.11nExpress Security Limitations Using the Express Security Troubleshooting Checking the Access Point LEDMessage Type Status LED Message Meaning Configuring System Power Settings Power Source System Power Settings Switch Status Low Power Mode WarningFinding More Troubleshooting Help Access Point Specifications Category SpecificationObtaining Documentation and Submitting a Service Request Declarations of Conformity and Regulatory InformationFor Home or Office USE ModelsVcci Statement for Japan Japanese Translation English TranslationIndustry Canada Statement 371-Power Cable and AC AdapterCanadian Compliance Statement Page Page Page Declaration of Conformity for RF Exposure United StatesCanada European UnionChinese Translation English Translation Access Point Models Operation of Cisco Aironet Access Points in BrazilChinese Translation Regulatory Information Portuguese TranslationCisco Systems, Inc. All rights reserved 78-18997-01
Top Page Image Contents