Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CKIP and other cipher options.

Hi - I'm installing 1310 bridges for the first time. I've seen Release Notes that state CKIP is the recommended option for encrypting traffic between the two bridges. I have many other options in that field - tkip, tkip+128bit wep, etc.

Is it the consensus of this forum that CKIP should be used? Can someone explain to me why I would choose any of the other options? And if I set the cipher, do I need to use WPA for any reason in a point to point only scenario?

Any advice would be appreciated.

Thank you -

2 REPLIES

Re: CKIP and other cipher options.

Hi,

CKIP is a Cisco version of TKIP. I believe CKIP was released just before TKIP, but it was released for the same reasons, ie, better than WEP, but still based on RC4.

Anyway, I'd suggest that TKIP, or even better, AES is used to encrypt your link. Using TKIP and/or AES will require the use of WPA / WPA2, which can be configured to use static keys, or dynamic keys via RADIUS authentication. If you don't have a RADIUS server, you can configure a RADIUS service on your Root AP without too much hassle.

Best regards,

Richard

New Member

Re: CKIP and other cipher options.

Thanks for your reply. My wireless bridge is currently using TKIP+128bitWEP, as that is what one "expert" advised. I select that entry, then type a 128bit hex wep key. With only that, I'm able to establish an encrypted link between the two APs. Is this any better than using just WEP?

Is there any Cisco documentation that discusses the function of the encryption tab versus the authentication modes found on the SSID tab? (Hope that made sense!)

132
Views
0
Helpful
2
Replies