Cisco Systems 1140 specifications Express Security Types, Configuring Security for 802.11n

Models: 1140

1 36
Download 36 pages 45.88 Kb
Page 16
Image 16

you cannot create additional SSIDs with WPA authentication because they use different encryption settings. If you find that the security setting for an SSID conflicts with another SSID, you can delete one or more SSIDs to eliminate the conflict.

If any VLANs are defined on the access point, the trunk port on the switch must be limited to allow only the VLANs defined on the access point.

Express Security Types

There are four security types you can assign to an SSID:

No security—The least secure option. Use this option only for SSIDs used in a public space, and assign it to a VLAN that restricts access to your network.

Static WEP Key—More secure than no security. Static WEP keys are vulnerable to attack. There are two different lengths for WEP keys: 40-bit and 128-bit (hexadecimal or ASCII characters). Cisco access points use hexadecimal characters. Client adapters can use either, depending on how the vendor chooses to configure them.

EAP Authentication—Enables 802.1x authentication. Requires an IP address and shared secret from an authentication server on your network (server authentication port 1645). You do not need to enter a WEP key.

WPA—Wi-Fi Protected Access (WPA) permits wireless access to users authenticated against a database through the services of an authentication server and encrypts their IP traffic with stronger algorithms than those used in WEP. As with EAP authentication, you must enter the IP address and shared secret for an authentication server on your network (server authentication port 1645).

Configuring Security for 802.11n

To achieve 802.11n speeds, you need to configure the access point for no encryption or WPA2/AES encryption. Any other setting eliminates 802.11n capabilities from the configuration.

Express Security Limitations

Because the Express Security page is designed for simple configuration of basic security, the options available are a subset of the access point security capabilities. Keep these limitations in mind when using the Express Security page:

You cannot edit SSIDs. However, you can delete SSIDs and recreate them.

You cannot assign SSIDs to specific radio interfaces. The SSIDs that you create are enabled on all radio interfaces. To assign SSIDs to specific radio interfaces, choose Security > SSID Manager.

You cannot configure multiple authentication servers. To configure multiple authentication servers, click Security > Server Manager.

16

Page 16
Image 16
Cisco Systems 1140 specifications Express Security Types, Configuring Security for 802.11n, Express Security Limitations