04-27-2007 11:03 AM - edited 07-03-2021 01:59 PM
I've been tasked with implementing a pair of Aironet 1130AG's in a remote office. The requirements are:
1) The two AP's are roots.
2) There will be two SSID's, one for internal use, one for guests (seperate VLAN).
3) All security services must come from the AP's. There are no systems acting as security servers on the site.
4) All the clients are XP PC's running native wireless (no Cisco clients).
5) There are only about 20 regular clients.
What would be the suggested security implementation for this configuration?
Thanks.
05-03-2007 11:46 AM
For your scenario, I think 802.1x based EAP authentication is the recommended security implementation. I have seen several cisco documents explaining 802.1x based authentication.
05-12-2007 02:50 PM
Greetings!
Create 2 VLANs on an AP (one for Internal and other for guest internet Access)
Set WPA-PSK on internal network VLAN.
Broadcast guest VLAN with no security or if you want put a simple WEP key.
WPA-PSK is a most secure method for such deplyment.
Security FAQ:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e8297.shtml
Thanks for your time!
-Jai
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide