Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
352
Views
0
Helpful
4
Replies

Best way to secure Aironet 1200 for small office

nyciscotech
Level 1
Level 1

‎08-05-2006 12:44 PM - edited ‎07-04-2021 12:48 PM

We are getting ready to install 4 aironet 1200 AP's into an office that will only be used by 5 people with T43 Thinkpads (Intel 2200 built-in card).

What is the best method to secure the connection and prevent the outside world from accessing our internal network?

I don't feel WEP/WPA encryption is enough -- Would be interested in using the built in security that comes with the Aironet and not an external security server, yet.

Any info or push in the right direction is greatly appreciated.

Thanks

Labels:
0 Helpful
4 Replies 4

scottmac
Level 10
Level 10

‎08-05-2006 02:03 PM

You could pretty easily use the "local" RADIUS built-in to the AP firmware and implement LEAP or EAP-FAST.

Both are pretty easy to set up, the AP can handle that small load without any real performance issues, and the Intel client software supports it (you'll want to make sure all the client software and drivers are the most recent, there were some issues in the past).

Both LEAP and EAP-FASt will support seamless roaming, You'd set one of the APs up for WDS and the others to point to it.

Admin (add/change/delete users) via the Web GUI is also pretty straight forward.

Good Luck

Scott

0 Helpful

nyciscotech
Level 1
Level 1
In response to scottmac

‎08-07-2006 02:57 PM

Thanks buddy! Any configuration guides you can think of that would get me started with EAP-FAST and the local radius? I found a configuration guide from cisco but it requires an ACS server

0 Helpful

scottmac
Level 10
Level 10
In response to nyciscotech

‎08-08-2006 08:03 AM

Your best bet (probably) would be to use the Web GUI. Just aim your browser at the AP's address.

The Local RADIUS server is set up in the "Security" link. The only trick there is to make sure you use *exactly* the same key (spaces are significant) when you set up the other APs.

The online help offered (icon in the upper right of the WebGUI) is likely all you'll need.

If not, let us know.

Good Luck

Scott

0 Helpful

nyciscotech
Level 1
Level 1
In response to scottmac

‎08-15-2006 07:20 PM

I configured the 1200 for EAP-Fast with Open WEP encryption. I also installed the latest Intel software and drivers.

At first, it wouldn't connect at all.

Then I disabled "Cisco Extensions" on the 1200. After this I could get the PAC provisioned and the built-in radius log shows "successful provisions". But it doesn't show anything about successful username/passwords.

Seems like it's getting held up passing the authentication credentials somewhere.

Any suggestions? Unfortunately all of the thinkpads have the Intel cards.

Thanks!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card