Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems 1300 Series manual Express Security Limitations, 5-12

Models: 1300 Series

1 146
Download 146 pages 10.97 Kb
Page 66
Image 66
Security Types on Express Security Setup Page (continued)

Chapter 5 Configuring the Access Point/Bridge for the First Time

Configuring Basic Security Settings

Table 5-2

Security Types on Express Security Setup Page (continued)

 

 

 

 

Security Type

 

Description

Security Features Enabled

 

 

 

 

EAP

 

This option enables 802.1x authentication

Mandatory 802.1x authentication.

Authentication

 

(such as LEAP, PEAP, EAP-TLS,

Client devices that associate using

 

 

EAP-GTC, EAP-SIM, and others) and

this SSID must perform 802.1x

 

 

requires you to enter the IP address and

authentication.

 

 

shared secret for an authentication server on

 

 

 

your network (server authentication port

 

 

 

1645). Because 802.1x authentication

 

 

 

provides dynamic encryption keys, you do

 

 

 

not need to enter a WEP key.

 

 

 

 

 

WPA

 

Wi-Fi Protected Access (WPA) permits

Mandatory WPA authentication.

 

 

wireless access to users authenticated

Client devices that associate using

 

 

against a database through the services of

this SSID must be WPA-capable.

 

 

an authentication server, then encrypts their

 

 

 

IP traffic with stronger algorithms than

 

 

 

those used in WEP. As with EAP

 

 

 

authentication, you must enter the IP

 

 

 

address and shared secret for an

 

 

 

authentication server on your network

 

 

 

(server authentication port 1645).

 

 

 

 

 

28

Express Security Limitations

Because the Express Security page is designed for simple configuration of basic security, the options available are a subset of the access point/bridge’s security capabilities. Keep these limitations in mind when using the Express Security page:

If the No VLAN option is selected, the static WEP key can be configured once. If you select Enable VLAN, the static WEP key should be disabled.

You cannot edit SSIDs. However, you can delete SSIDs and re-create them.

You cannot assign SSIDs to specific radio interfaces. The SSIDs that you create are enabled on all radio interfaces. To assign SSIDs to specific radio interfaces, use the Security SSID Manager page.

You cannot configure multiple authentication servers. To configure multiple authentication servers, use the Security Server Manager page.

You cannot configure multiple WEP keys. To configure multiple WEP keys, use the Security Encryption Manager page.

You cannot assign an SSID to a VLAN that is already configured on the bridge. To assign an SSID to an existing VLAN, use the Security SSID Manager page.

You cannot configure combinations of authentication types on the same SSID (for example, MAC address authentication and EAP authentication). To configure combinations of authentication types, use the Security SSID Manager page.

Note For detailed information about security and security settings, refer to the Cisco IOS Software Configuration Guide for Cisco Aironet Access Points.

Cisco Aironet 1300 Series Outdoor Access Point/Bridge Hardware Installation Guide

5-12

OL-5048-02

 

 

Page 65 Page 67
Page 66
Image 66
Cisco Systems 1300 Series Express Security Limitations, 5-12, Security Types on Express Security Setup Page continued
Page 65 Page 67