Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Setup Vendor Wireless LAN

I understand and already have working a two VLAN wireless SSID. One for Internal Users and the Other for Vendors. My question, How can I make it easy for vendors of various sorts to come in and hookup wirlessly with ease but yet still maintain encryption for there protection?

Thank You,

... Feel free to ask more questions.


Re: Setup Vendor Wireless LAN

What is your current setup for the vendors?

Is your RF pattern designed to limit the amount of signal & availability to the area of need (versus blasting waves out to the road, sidewalk, and parking lot)?

Captive portals tend to be the easiest, WPA-PSK would probably be OK, at least for vendors that frequent your organization.

What have you got now?

Let us know


New Member

Re: Setup Vendor Wireless LAN


Thanks for the help. We currently are doing WPA-PSK. Here is our problem. Most of the vendors have the cisco wireless card and it does not do WPA-PSK to the best of my knowledge. Windows wireless zero certainly does and most other cards do the same. Any suggestions would be appreciated.

Thanks Again,


Cisco Employee

Re: Setup Vendor Wireless LAN

Hi Joel,

You have a couple of options:

1. Use WPA Migration mode to allow both WEP and WPA-PSK clients to associate to the same VLAN/SSID. The configuration might look like the following:


dot11 ssid Guests

vlan 10

authentication open

authenication key-management wpa optional

wpa-psk ascii whatever


Interface Dot11Radio0

encryption vlan 10 mode ciphers tkip wep128

encryption vlan 10 key 1 size 128bit 1122..

ssid Guests



The problem with this option is that some clients do not understand the options and may not work. Also, you'd be offering a "less secure" encryption option, so it may just be simpler to go with straight WEP (see option 2).

2. Go with straight 40 or 128 bit WEP. 40 bit WEP tends to work universally among clients and is a simpler configuration task (10 hex characters) versus 128 bit (26 hex characters).

Hope this helps,