Cisco Systems CISCO881SECK9 manual Configuring Wireless Quality of Service, EAP1, WPA9

Page 52

Chapter 4 Basic Wireless Device Configuration

Configuring Wireless Settings

Table 4-1

Types of SSID Security (continued)

 

 

 

 

 

Security Type

 

Description

Security Features Enabled

 

 

 

 

EAP1

 

This option enables 802.1X authentication (such as LEAP2,

Mandatory 802.1X authentication. Client

authentication

 

PEAP3, EAP-TLS4, EAP-FAST5, EAP-TTLS6, EAP-GTC7,

devices that associate using this SSID must

 

 

EAP-SIM8, and other 802.1X/EAP-based products)

perform 802.1X authentication.

 

 

This setting uses mandatory encryption, WEP, open

If radio clients are configured to

 

 

authentication plus EAP, network EAP authentication, no

authenticate using EAP-FAST, open

 

 

key management, and RADIUS server authentication port

authentication with EAP should also be

 

 

1645.

configured. If you do not configure open

 

 

You are required to enter the IP address and shared secret

authentication with EAP, the following

 

 

warning message appears:

 

 

for an authentication server on your network (server

 

 

 

 

 

authentication port 1645). Because 802.1X authentication

SSID CONFIG WARNING: [SSID]: If radio

 

 

provides dynamic encryption keys, you do not need to enter

clients are using EAP-FAST, AUTH OPEN

 

 

a WEP key.

with EAP should also be configured.

 

 

 

 

 

 

 

WPA9

 

This option permits wireless access to users who are

Mandatory WPA authentication. Client

 

 

authenticated against a database. Access is through the

devices that associate using this SSID must

 

 

services of an authentication server. Users’ IP traffic is then

be WPA capable.

 

 

encrypted with stronger algorithms than those used in WEP.

If radio clients are configured to

 

 

This setting uses encryption ciphers, TKIP10, open

authenticate using EAP-FAST, open

 

 

authentication plus EAP, network EAP authentication, key

authentication with EAP should also be

 

 

management WPA mandatory, and RADIUS server

configured. If you don’t configure open

 

 

authentication port 1645.

authentication with EAP, the following

 

 

As with EAP authentication, you must enter the IP address

warning message appears:

 

 

and shared secret for an authentication server on your

SSID CONFIG WARNING: [SSID]: If radio

 

 

network (server authentication port 1645).

clients are using EAP-FAST, AUTH OPEN

 

 

 

 

 

 

with EAP should also be configured.

 

 

 

 

1.EAP = Extensible Authentication Protocol.

2.LEAP = Lightweight Extensible Authentication Protocol.

3.PEAP = Protected Extensible Authentication Protocol.

4.EAP-TLS = Extensible Authentication Protocol—Transport Layer Security.

5.EAP-FAST = Extensible Authentication Protocol—Flexible Authentication via Secure Tunneling.

6.EAP-TTLS = Extensible Authentication Protocol—Tunneled Transport Layer Security.

7.EAP-GTC = Extensible Authentication Protocol—Generic Token Card.

8.EAP-SIM = Extensible Authentication Protocol—Subscriber Identity Module.

9.WPA = Wi-Fi Protected Access.

10. TKIP = Temporal Key Integrity Protocol.

Configuring Wireless Quality of Service

Configuring quality of service (QoS) can provide preferential treatment to certain traffic at the expense of other traffic. Without QoS, the device offers best-effort service to each packet, regardless of the packet contents or size. It sends the packets without any assurance of reliability, delay bounds, or throughput. To configure quality of service (QoS) for your wireless device, see Quality of Service in a Wireless Environment at: http://www.cisco.com/en/US/docs/routers/access/wireless/software/guide/QualityOfService.html.

Cisco 880 Series Integrated Services Router Software Configuration Guide

 

4-8

OL-22206-01

 

 

 

Image 52
Contents Americas Headquarters Page Objective AudienceOrganization ConventionsChapters Convention Description Boldface fontRelated Documentation Searching Cisco DocumentsObtaining Documentation and Submitting a Service Request Cisco 880 Series ISR General DescriptionModels of the Cisco 880 Series ISRs Common Features Port 10/100 FE LAN Switch802.11b/g/n Wireless LAN Battery-backed-up Real-Time ClockSelecting Feature Sets LicensingC881W C886VA-WC881GW C887VA-WMB memory MB Flash Memory C887GWOn Board Memory 1st core 2nd core Flash sizeLED Overview Color Description IndicationFE/GE LAN/WAN Steady on= linkVpnok PppokPower Supply Images supportedMinimum software version needed to support AP802 Software Minimum versionTBD MR2OL-22206-01 Wireless Device Overview Software ModesManagement Options Network Configuration Examples Root Access PointCentral Unit in an All-Wireless Network Access pointBasic Router Configuration Interface Ports Default ConfigurationRouter Interface Port Label Basic Router Configuration Default Configuration Information Needed for Configuration Configuring Command-Line Access Command PurposeLine aux console tty vty line-number ExampleCommand Purpose ExampleConfiguring Global Parameters Configuring WAN InterfacesTerminal, use the following Hostname name Specifies the name for the router ExampleConfiguring a Fast Ethernet WAN Interface Configuring a VDSL2 WAN InterfaceNo shutdown Exit Controller vdslShutdown No shutdown Exit ShutdownConfiguring Adsl Mode 1shows an ATM WAN or Ethernet WAN network topographyConfiguring CPE and Peer Adsl Mode Configuring Adsl Auto ModeVerifying CPE to Peer Connection for Adsl No shutdown Interface atm0.1 point-to-point Configuring the ATM CPE SidePvc name vpi/vci Adsl Configuration Example Command Purpose StepConfigures a static map for an ATM Virtual-template inarp noNo fair-queue Verifying Adsl Configuration ATMConfiguring the Wireless LAN Interface Configuring the Fast Ethernet LAN InterfacesVerifying CPE to Peer Connection for Adsl Configuring a Loopback Interface Verifying Configuration Configuring Static RoutesAnother way to verify the loopback interface is to ping it Verifying Configuration ExampleConfiguring Dynamic Routes Configuring Routing Information ProtocolNo auto-summary Configuring Enhanced Interior Gateway Routing Protocol Router eigrp as-numberBasic Router Configuration Configuring Dynamic Routes OL-22206-01 Basic Wireless Device Configuration Starting a Wireless Configuration Session Interface wlan-ap0Service-module wlan-ap 0 session Wireless Device Control-Shift-6 x Router DisconnectConfiguring Wireless Settings Cisco Express SetupCisco IOS Command Line Interface Configuring the RadioConfiguring Wireless Security Settings Configuring Access Point as Local AuthenticatorConfiguring WEP and Cipher Suites Assigning SSIDsSecurity Types Security Type Description Security Features EnabledInstructions Configuring Wireless Quality of Service EAP1PEAP3, EAP-TLS4, EAP-FAST5, EAP-TTLS6, EAP-GTC7 WPA9Configuring the Access Point in Hot Standby Mode Preparing for the UpgradeUpgrading to Cisco Unified Software Software PrerequisitesSecure an IP Address on the Access Point Performing the UpgradeConfirm that the Mode Setting is Enabled Upgrading AP bootloader Downgrading the Software on the Access PointRecovering Software on the Access Point Wireless OverviewNetwork Design Links Security LinksWhy Migrate to the Cisco Unified Wireless Network? Administering LinksLWAPP1 Wireless LAN Controllers Lwapp Wireless LAN Access Points Home.html

CISCO881SECK9 specifications

The Cisco Systems CISCO881SECK9 is a robust and flexible router designed to cater to the needs of small to medium-sized businesses and branch offices. It is part of the Cisco 8800 series, known for its powerful performance, security features, and advanced functionalities, making it suitable for various networking applications.

One of the standout features of the CISCO881SECK9 is its integrated security capabilities. With a built-in Cisco IOS Firewall and comprehensive security features such as intrusion prevention systems (IPS), secure virtual private network (VPN) services, and support for advanced encryption protocols, businesses can confidently protect their data and communications. This level of security is crucial in today’s cyber threat landscape, where data breaches and cyberattacks can have severe implications.

Another key characteristic of the CISCO881SECK9 is its support for multiple WAN connectivity options, including Ethernet, DSL, and 3G/4G cellular connections. This versatility allows organizations to choose their preferred internet connection method, providing reliable and continuous connectivity. The device also supports load balancing across multiple WAN links, which helps optimize bandwidth utilization and enhance the overall network performance.

The router also features a range of integrated services, including voice, video, and data services, which are essential for modern business operations. With support for Voice over IP (VoIP) and video conferencing, the CISCO881SECK9 ensures that organizations can maintain effective communication and collaboration among employees, partners, and clients. This dual functionality enhances productivity while simplifying network management.

In terms of performance, the CISCO881SECK9 is equipped with advanced Quality of Service (QoS) features that prioritize critical applications and ensure optimal performance even during peak traffic periods. This capability is particularly important for businesses that rely on real-time applications such as video conferencing and VoIP, ensuring high-quality service delivery.

Moreover, the router's scalability allows organizations to grow without needing to overhaul their entire network infrastructure. It supports various expansion modules, providing flexibility to add additional features and capabilities as business needs evolve.

With its combination of security, performance, and integrated services, the Cisco Systems CISCO881SECK9 stands out as a reliable choice for enterprises looking to enhance their networking capabilities while ensuring a secure and scalable infrastructure. Its thoughtful design, robust features, and adaptability make it suitable for a wide range of business applications, enabling companies to thrive in a fast-paced digital landscape.