We are impementing 2 aironet 1400's as a link to a different building. The AP's
are connected to our switch....and users on our local LAN will utilize them to access data between buildings.
We have no authentication or security servers in our network currently.
No other users should be accessting the wireles direclty from a wireless card.
What can I confgiure to lock security between the two AP's so only they speak to each other?
I have WEP generated on one. I will have
to configure WEP on the other. But
will i need to configure more WEP keys so there is two way traffic? What other options do I have to make this secure
After WEP .. WPA is a good security but cannot done on BR1400 ..
here is a link for your reference:-
Therefore, next we can go for Leap authentication making Root bridge as radius server..
Here is a link for your reference on BR1300 ...it is done in the same way on 1400
Here is one more link about leap
Rate if these helps so that other can take benefit of this forum ..
hello-this document appears to show the 1400 is WPA compatible? Im a little confused.
WPA-PSK is supported .... which define shared secret between the devices ..
WPA2 is no supported the link which i refered ..
You can configured WPA-PSK between the bridges..
great..now ive had a heck of a time trying to configure this.
As I said we have no servers-would this work in the same manner as a WPA at home.
I would simply configure a passphrase on
one bridge and the same on the other and they should authenticate?
Yes, WPA-PSK will be configured as you define in your note..
In future, if you plan to change the security then you can jump to Leap with local authentication server means making Root bridge as server for authentication.
but everytime i attempt to change one of the
bridges to root and the other non root. I lose
complete association and I dont understand why.
They are configured with the same ssid, basic wep but for some reason i still cant get association up.
Try these steps:-
* Open the GUI of Root bridge
Go to Security/SSID Manager/create SSid/map it to the radio
* Under Client Authentication setting
Check the box Open authentication with no Addition ..
* Then click Apply
* Go to Ecryption Manager page
Under Ecryption Modes
Select Cipher ---TKIP
Under Encryption Keys
Select Encryption Key 2 ------Don't put any key ... Leave the box blank and key size be 128bit
Then click Apply
* Come back to SSID Manager page
Under Client Authenticated Key Management ..
Select Key Management:- Mandatory
Check the box:- WPA
Under WPA Pre-shared Key:- Type atleast 8 character key..
* Then we need to repeat the same settings on Other bridge except the station role will be non-root.
Now to troubleshoot...
* First make Bridge are able to talk to each when there is on security setup
* Set a simple Pre-shared Key ... example 1234567890 on both bridge .. Bridge will not associate if key mismatch..
Hope this will work for you.
great I will try that...as I said currently we have WEP set up...Im going to see if this works..If I create the new ssid as you stated...will the ssid that is using WEP still be active?
also, if these are set up as root and non root bridges...does this mean that clients, such as a laptop will not be able to direclty connect any of the two bridges? Ideally we do not
want users or somebody off the street to directly connect to any of the two bridges