Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Securely Connect two BR1310 Bridges

Did anyone of you found an Configuration Example for an secure Connection between two 1310 Bridges.

4 REPLIES
New Member

Re: Securely Connect two BR1310 Bridges

try this for WPA-PSK:

***global config for both bridges***

!

dot11 ssid cisco

authentication open

authentication key-management wpa

infrastructure-ssid

wpa-psk ascii 0 1234567890

!

**Root bridge config (only showing the relevant part of config)**

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip

!

ssid cisco

!

NON-ROOT config****

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip

!

ssid cisco

!

--

joe

kka
New Member

Re: Securely Connect two BR1310 Bridges

WPA-PSK is vulnerable against dictionary attacks, ideally use a

random hex string as PSK. (I guess "1234567890" was just an example)

Since you are using 1310 on both sides, I'd suggest using AES (WPA2)

for encryption. Simply replace

encryption mode ciphers tkip

with

encryption mode ciphers aes-ccm

The only disadvantage is the missing "concatenation" support if AES is enabled.

New Member

Re: Securely Connect two BR1310 Bridges

Thanks for your replys!

I also added this:

*dot11 ssid

#max-associations 1 ! So after the other bridge is associated no more would be allowed (I hope)

I also tried to apply the filter

*dot11 radio 0

#l2-filter block-arp

But when I do this on both sides (root and non-root) I lose the association.

New Member

Re: Securely Connect two BR1310 Bridges

did you ever get WPA2 encryption to work between the 2 cisco 1310 bridges ?

352
Views
0
Helpful
4
Replies
CreatePlease login to create content