Chapter 5 Configuring the Access Point/Bridge for the First Time

Configuring Basic Security Settings

Understanding Express Security Settings

When the access point/bridge configuration is at factory defaults, the first SSID that you create by using the Express Security page overwrites the default SSID (tsunami), which has no security settings. The SSIDs that you create appear in the SSID table at the bottom of the page. You can create up to 16 SSIDs on the access point/bridge.

Note In Cisco IOS Release 12.3(4)JA, there is no default SSID and the radio is disabled by default. You must

configure an SSID and enable the radio before client devices can associate to the access point.

Using VLANs

If you use VLANs on your wireless LAN and assign SSIDs to VLANs, you can create multiple SSIDs by using any of the four security settings on the Express Security page. However, if you do not use VLANs on your wireless LAN, the security options that you can assign to SSIDs are limited because on the Express Security page encryption settings and authentication types are linked. Without VLANs, encryption settings (WEP and ciphers) apply to an interface, such as the radio, and you cannot use more than one encryption setting on an interface. For example, when you create an SSID with static WEP with VLANs disabled, you cannot create additional SSIDs with WPA authentication because they use different encryption settings. If you find that the security setting for an SSID conflicts with another SSID, you can delete one or more SSIDs to eliminate the conflict.

If any VLANs are defined on the access point/bridge, the trunk port on the switch must be limited to allow only the VLANs defined on the access point/bridge.

Express Security Types

Table 5-2describes the four security types that you can assign to an SSID.

Table 5-2

Security Types on Express Security Setup Page

 

 

 

 

 

Security Type

 

Description

Security Features Enabled

 

 

 

 

No Security

 

This is the least secure option. You should

None.

 

 

use this option only for SSIDs used in a

 

 

 

public space and assign it to a VLAN that

 

 

 

restricts access to your network.

 

 

 

 

Static WEP Key

This option is more secure than no security.

Mandatory WEP. Client devices

 

 

However, static WEP keys are vulnerable to

cannot associate using this SSID

 

 

attack. If you configure this setting, you

without a WEP key that matches

 

 

should consider limiting association to the

the bridge’s key.

 

 

bridge based on MAC address (refer to the

 

 

 

Cisco IOS Software Configuration Guide

 

 

 

for Cisco Aironet Access Points).

 

 

 

 

 

Cisco Aironet 1300 Series Outdoor Access Point/Bridge Hardware Installation Guide

 

OL-5048-02

5-11

 

 

 

Page 64 Page 66
Page 65
Image 65
Cisco Systems 1300 Series Understanding Express Security Settings, Security Type Description Security Features Enabled
Page 64 Page 66

1300 Series specifications

The Cisco Systems 1300 Series represents an essential line of products designed for versatile network access, tailored especially for indoor and outdoor wireless environments. With a focus on delivering robust performance and vital security features, this series is well equipped to meet the demands of evolving business networks and enterprise applications.

One of the standout features of the 1300 Series is its dual-band capability, which operates efficiently on both 2.4 GHz and 5 GHz frequency bands. This flexibility allows for improved wireless performance and better bandwidth management, making it ideal for high-density environments such as schools, airports, and corporate offices. The series also integrates advanced technologies such as 802.11ac Wave 2 and Multi-User MIMO (MU-MIMO), facilitating simultaneous data transmission to multiple devices, thus enhancing the overall network throughput.

Security is a paramount concern in today's digital landscape, and the Cisco 1300 Series addresses this through comprehensive measures. The devices come equipped with WPA3 (Wi-Fi Protected Access 3) support, ensuring enhanced encryption and improved security protocols. In addition, the series supports Cisco’s Identity Services Engine (ISE), which provides centralized management for device authentication, enabling organizations to enforce policies based on user roles.

Power over Ethernet (PoE) support is another important characteristic of the 1300 Series. This feature allows for easier installation and flexibility in deployment, as it eliminates the need for additional power sources, thereby streamlining the setup process. Furthermore, the devices are designed with ruggedness in mind, offering an IP55 rating for environmental resilience, making them suitable for outdoor installation without compromising on performance.

Management and configuration of the network can be seamlessly performed through Cisco’s network management solutions, such as Cisco DNA Center and Cisco Prime Infrastructure. These platforms provide intuitive interfaces, simplifying operations and facilitating effective monitoring and troubleshooting.

In summary, the Cisco Systems 1300 Series is a powerful solution tailored for dynamic wireless networking. With its dual-band capabilities, advanced security features, support for POE, and ease of management, this series is ideally positioned to meet the demands of modern enterprises, ensuring reliable connectivity in a wide array of environments. As organizations continue to expand their wireless infrastructures, the 1300 Series stands out as a dependable choice for enhancing user experience and operational efficiency.
Top Page Image Contents