Chapter 5 Configuring the Access Point/Bridge for the First Time

Configuring Basic Security Settings

Table 5-2

Security Types on Express Security Setup Page (continued)

 

 

 

 

Security Type

 

Description

Security Features Enabled

 

 

 

 

EAP

 

This option enables 802.1x authentication

Mandatory 802.1x authentication.

Authentication

 

(such as LEAP, PEAP, EAP-TLS,

Client devices that associate using

 

 

EAP-GTC, EAP-SIM, and others) and

this SSID must perform 802.1x

 

 

requires you to enter the IP address and

authentication.

 

 

shared secret for an authentication server on

 

 

 

your network (server authentication port

 

 

 

1645). Because 802.1x authentication

 

 

 

provides dynamic encryption keys, you do

 

 

 

not need to enter a WEP key.

 

 

 

 

 

WPA

 

Wi-Fi Protected Access (WPA) permits

Mandatory WPA authentication.

 

 

wireless access to users authenticated

Client devices that associate using

 

 

against a database through the services of

this SSID must be WPA-capable.

 

 

an authentication server, then encrypts their

 

 

 

IP traffic with stronger algorithms than

 

 

 

those used in WEP. As with EAP

 

 

 

authentication, you must enter the IP

 

 

 

address and shared secret for an

 

 

 

authentication server on your network

 

 

 

(server authentication port 1645).

 

 

 

 

 

28

Express Security Limitations

Because the Express Security page is designed for simple configuration of basic security, the options available are a subset of the access point/bridge’s security capabilities. Keep these limitations in mind when using the Express Security page:

If the No VLAN option is selected, the static WEP key can be configured once. If you select Enable VLAN, the static WEP key should be disabled.

You cannot edit SSIDs. However, you can delete SSIDs and re-create them.

You cannot assign SSIDs to specific radio interfaces. The SSIDs that you create are enabled on all radio interfaces. To assign SSIDs to specific radio interfaces, use the Security SSID Manager page.

You cannot configure multiple authentication servers. To configure multiple authentication servers, use the Security Server Manager page.

You cannot configure multiple WEP keys. To configure multiple WEP keys, use the Security Encryption Manager page.

You cannot assign an SSID to a VLAN that is already configured on the bridge. To assign an SSID to an existing VLAN, use the Security SSID Manager page.

You cannot configure combinations of authentication types on the same SSID (for example, MAC address authentication and EAP authentication). To configure combinations of authentication types, use the Security SSID Manager page.

Note For detailed information about security and security settings, refer to the Cisco IOS Software Configuration Guide for Cisco Aironet Access Points.

Cisco Aironet 1300 Series Outdoor Access Point/Bridge Hardware Installation Guide

5-12

OL-5048-02

 

 

Page 65 Page 67
Page 66
Image 66
Cisco Systems 1300 Series manual Express Security Limitations
Page 65 Page 67

1300 Series specifications

The Cisco Systems 1300 Series represents an essential line of products designed for versatile network access, tailored especially for indoor and outdoor wireless environments. With a focus on delivering robust performance and vital security features, this series is well equipped to meet the demands of evolving business networks and enterprise applications.

One of the standout features of the 1300 Series is its dual-band capability, which operates efficiently on both 2.4 GHz and 5 GHz frequency bands. This flexibility allows for improved wireless performance and better bandwidth management, making it ideal for high-density environments such as schools, airports, and corporate offices. The series also integrates advanced technologies such as 802.11ac Wave 2 and Multi-User MIMO (MU-MIMO), facilitating simultaneous data transmission to multiple devices, thus enhancing the overall network throughput.

Security is a paramount concern in today's digital landscape, and the Cisco 1300 Series addresses this through comprehensive measures. The devices come equipped with WPA3 (Wi-Fi Protected Access 3) support, ensuring enhanced encryption and improved security protocols. In addition, the series supports Cisco’s Identity Services Engine (ISE), which provides centralized management for device authentication, enabling organizations to enforce policies based on user roles.

Power over Ethernet (PoE) support is another important characteristic of the 1300 Series. This feature allows for easier installation and flexibility in deployment, as it eliminates the need for additional power sources, thereby streamlining the setup process. Furthermore, the devices are designed with ruggedness in mind, offering an IP55 rating for environmental resilience, making them suitable for outdoor installation without compromising on performance.

Management and configuration of the network can be seamlessly performed through Cisco’s network management solutions, such as Cisco DNA Center and Cisco Prime Infrastructure. These platforms provide intuitive interfaces, simplifying operations and facilitating effective monitoring and troubleshooting.

In summary, the Cisco Systems 1300 Series is a powerful solution tailored for dynamic wireless networking. With its dual-band capabilities, advanced security features, support for POE, and ease of management, this series is ideally positioned to meet the demands of modern enterprises, ensuring reliable connectivity in a wide array of environments. As organizations continue to expand their wireless infrastructures, the 1300 Series stands out as a dependable choice for enhancing user experience and operational efficiency.
Top Page Image Contents