Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2828
Views
0
Helpful
3
Replies

WPA on CIsco 1120

Go to solution
carbonscoring
Level 1
Level 1

‎10-26-2008 10:44 PM - edited ‎07-03-2021 04:41 PM

Hi All, new to the wireless world, I have a config that a co-worker that swears works to enable WPA-PSK on the WAP heres what he laid out for me:

dot11 ssid SUSD-LAB

authentication open

authentication key-management wpa

guest-mode

infrastructure-ssid optional

wpa-psk ascii fakepassword

interface Dot11Radio0

encryption mode ciphers aes-ccm tkip

ssid SUSD-LAB

Unfortunately it seems that aes is not an option on the 1120. When I substitute the "aes-ccm" for "tkip wep128" I get the following statement from the WAP:

"WPA mandatory key mgmt requires TKIP only no WEP delete key mgmt under ssid before changing cipher"

Any suggestions I have configured this offsite so I have not have a chance to see if this will still work.

thanks,

Mike

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jeff.kish
Level 7
Level 7
In response to Gerald Vogt

‎10-27-2008 05:50 AM

You should also eliminate the infrastructure command under the SSID. Not a big deal, but you don't need that unless you're planning to perform bridging connections with this AP.

You can perform both TKIP and WEP, but it's not recommended since this provides a backdoor into your wireless network. The only reason you should do that is if you have clients that only support WEP.

Other than that, just do what Gerald says.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Gerald Vogt
Level 3
Level 3

‎10-27-2008 01:02 AM

If the 1120 does not support WPA2/AES-CCM then only set up TKIP. Leave out the aes-ccm for WPA2 connections, i.e.

encryption mode ciphers tkip

aes-ccm is used in WPA2.

0 Helpful

Go to solution
jeff.kish
Level 7
Level 7
In response to Gerald Vogt

‎10-27-2008 05:50 AM

You should also eliminate the infrastructure command under the SSID. Not a big deal, but you don't need that unless you're planning to perform bridging connections with this AP.

You can perform both TKIP and WEP, but it's not recommended since this provides a backdoor into your wireless network. The only reason you should do that is if you have clients that only support WEP.

Other than that, just do what Gerald says.

0 Helpful

Go to solution
carbonscoring
Level 1
Level 1
In response to jeff.kish

‎10-28-2008 07:18 PM

Thanks guys for the suggestions. Will follow both reccomendations.

Mike

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card