Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Best way to secure Aironet 1200 for small office

We are getting ready to install 4 aironet 1200 AP's into an office that will only be used by 5 people with T43 Thinkpads (Intel 2200 built-in card).

What is the best method to secure the connection and prevent the outside world from accessing our internal network?

I don't feel WEP/WPA encryption is enough -- Would be interested in using the built in security that comes with the Aironet and not an external security server, yet.

Any info or push in the right direction is greatly appreciated.

Thanks

4 REPLIES
Green

Re: Best way to secure Aironet 1200 for small office

You could pretty easily use the "local" RADIUS built-in to the AP firmware and implement LEAP or EAP-FAST.

Both are pretty easy to set up, the AP can handle that small load without any real performance issues, and the Intel client software supports it (you'll want to make sure all the client software and drivers are the most recent, there were some issues in the past).

Both LEAP and EAP-FASt will support seamless roaming, You'd set one of the APs up for WDS and the others to point to it.

Admin (add/change/delete users) via the Web GUI is also pretty straight forward.

Good Luck

Scott

Community Member

Re: Best way to secure Aironet 1200 for small office

Thanks buddy! Any configuration guides you can think of that would get me started with EAP-FAST and the local radius? I found a configuration guide from cisco but it requires an ACS server

Green

Re: Best way to secure Aironet 1200 for small office

Your best bet (probably) would be to use the Web GUI. Just aim your browser at the AP's address.

The Local RADIUS server is set up in the "Security" link. The only trick there is to make sure you use *exactly* the same key (spaces are significant) when you set up the other APs.

The online help offered (icon in the upper right of the WebGUI) is likely all you'll need.

If not, let us know.

Good Luck

Scott

Community Member

Re: Best way to secure Aironet 1200 for small office

I configured the 1200 for EAP-Fast with Open WEP encryption. I also installed the latest Intel software and drivers.

At first, it wouldn't connect at all.

Then I disabled "Cisco Extensions" on the 1200. After this I could get the PAC provisioned and the built-in radius log shows "successful provisions". But it doesn't show anything about successful username/passwords.

Seems like it's getting held up passing the authentication credentials somewhere.

Any suggestions? Unfortunately all of the thinkpads have the Intel cards.

Thanks!

143
Views
0
Helpful
4
Replies
CreatePlease to create content