Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Security suggestions for Aironet 1130AG in remote office

I've been tasked with implementing a pair of Aironet 1130AG's in a remote office. The requirements are:

1) The two AP's are roots.

2) There will be two SSID's, one for internal use, one for guests (seperate VLAN).

3) All security services must come from the AP's. There are no systems acting as security servers on the site.

4) All the clients are XP PC's running native wireless (no Cisco clients).

5) There are only about 20 regular clients.

What would be the suggested security implementation for this configuration?

Thanks.

2 REPLIES
Community Member

Re: Security suggestions for Aironet 1130AG in remote office

For your scenario, I think 802.1x based EAP authentication is the recommended security implementation. I have seen several cisco documents explaining 802.1x based authentication.

Community Member

Re: Security suggestions for Aironet 1130AG in remote office

Greetings!

Create 2 VLANs on an AP (one for Internal and other for guest internet Access)

Set WPA-PSK on internal network VLAN.

Broadcast guest VLAN with no security or if you want put a simple WEP key.

WPA-PSK is a most secure method for such deplyment.

Security FAQ:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e8297.shtml

Thanks for your time!

-Jai

224
Views
0
Helpful
2
Replies
CreatePlease to create content