AES config for Aironet 1231

Unanswered Question
Oct 22nd, 2008


I would like to configure my air-ap1231g-e-k9 to use a pre-shared key with AES authentication. I've updated my IOS software to the latest (don't remember the release). I'm a home user with maximum of 5 users + visitors. I want the visitors to be able access the shared network drives on the network (same rights as any other user within the network).

I want this to be as simple and fast as it gets but still strong encryption. pop the key and voila internet/network access.

There was some guide on doing something similar of what I wanted but then I needed some Cisco client adapter.

Network setup:

DSL/Router -> AP -> Laptops

Thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jeff.kish Wed, 10/22/2008 - 07:33

Are you running multiple SSIDs? Since you're running this from home, I'm guessing that you aren't.

You can do this via the web GUI or console. Here are some directions for configuring it via the web GUI:

1. Click Security on the left

2. Go to Encryption Manager

3. Select Ciphers, then use the dropdown to select AES CCMP. Click Apply at the bottom

4. Click SSID Manager on the left

5. Select your SSID in the list (or create one if you haven't yet done so). Scroll down a bit to "Client Authenticated Key Management", use the dropdown to select Mandatory, check the WPA box, and enter your key. Scroll down and click Apply (the first one, not the one at the very bottom).

That should work for you!

hallstrom Tue, 10/28/2008 - 08:45

For some reason I can't connect it with my work laptop. Using XP pro Through Xp's wireless network connections. When it tries to aquire the authentication it just gives me an error. I changed it to TKIP encryption instead and it worked instantly. Is it some old drivers or can't XP recognise AES CCMP encryption ?

jeff.kish Thu, 10/30/2008 - 06:24

Are you running SP2? SP2 has AES support and should work. SP1 and below do not support AES.

As for hardware, if you're using an older wireless card, it might not support AES. Unfortunately, AES required new hardware when it came out, so old wireless clients cannot be upgraded to support WPA.

TKIP is a valid backup solution. If you can make AES happen, use that. But TKIP is still considered to be strong encryption. It's just getting old, and it would theoretically be hacked well before AES would be.

hallstrom Wed, 11/05/2008 - 01:55

Well my work computer has SP2. It's a Dell Latitude 620 im uncertain that it has a "up-to date" wireless card. The laptop aint that old max 2-3 years. Anyway I will use the AES encrytion as soon as I get another laptop or check if I can do anything with my work laptop atm. This pretty much solved my concerns :)

Thanks for your help


This Discussion