Cisco AIR-AP1252AG-E-K9 Hardware Installation Guide - Page 48
Express Security Limitations, Security Type, Description, Security Features Enabled
View all Cisco AIR-AP1252AG-E-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 48 highlights
Configuring Basic Security Settings Chapter 3 Configuring the Access Point for the First Time Table 3-2 Security Types on Express Security Setup Page (continued) Security Type EAP Authentication WPA Description Security Features Enabled This option enables 802.1x authentication (such as LEAP, PEAP, EAP-TLS, EAP-GTC, EAP-SIM, and others) and requires you to enter the IP address and shared secret for an authentication server on your network (server authentication port 1645). Because 802.1x authentication provides dynamic encryption keys, you do not need to enter a WEP key. Mandatory 802.1x authentication. Client devices that associate using this SSID must perform 802.1x authentication. Wi-Fi Protected Access (WPA) permits wireless access to users authenticated against a database through the services of an authentication server, then encrypts their IP traffic with stronger algorithms than those used in WEP. As with EAP authentication, you must enter the IP address and shared secret for an authentication server on your network (server authentication port 1645). Mandatory WPA authentication. Client devices that associate using this SSID must be WPA-capable. 28 Express Security Limitations Because the Express Security page is designed for simple configuration of basic security, the options available are a subset of the bridge's security capabilities. Keep these limitations in mind when using the Express Security page: • If the No VLAN option is selected, the static WEP key can be configured once. If you select Enable VLAN, the static WEP key should be disabled. • You cannot edit SSIDs. However, you can delete SSIDs and re-create them. • You cannot assign SSIDs to specific radio interfaces. The SSIDs that you create are enabled on all radio interfaces. To assign SSIDs to specific radio interfaces, use the Security SSID Manager page. • You cannot configure multiple authentication servers. To configure multiple authentication servers, use the Security Server Manager page. • You cannot configure multiple WEP keys. To configure multiple WEP keys, use the Security Encryption Manager page. • You cannot assign an SSID to a VLAN that is already configured on the bridge. To assign an SSID to an existing VLAN, use the Security SSID Manager page. • You cannot configure combinations of authentication types on the same SSID (for example, MAC address authentication and EAP authentication). To configure combinations of authentication types, use the Security SSID Manager page. Note For detailed information about security and security settings, refer to the Cisco IOS Software Configuration Guide for Cisco Aironet Access Points. 3-12 Cisco Aironet 1200 Series Access Point Hardware Installation Guide OL-4310-05