Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Encryption on 1131AG

Using WEP static now and need something better. Not using a RADIUS server. Whats the best we can do? Can we go to WPA without a RADIUS server? Can someone post a config please?

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Encryption on 1131AG

In particular, WPA-PSK, or Personal mode, is what you are looking for. Here's how to configure it in the CLI (using whatever shared key you want to use in place of passphrase). If your client doesn't support AES, replace it with TKIP.

dot11 ssid Wireless

authentication open

authentication key-management wpa

wpa-psk ascii passphrase

interface Dot11Radio0

encryption mode ciphers aes-ccm

ssid Wireless

4 REPLIES
Hall of Fame Super Silver

Re: Encryption on 1131AG

Yes... you should go with WPA2-AES if possible. This way you don't have to worry about any radius server setup.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008054339e.shtml

-Scott
*** Please rate helpful posts ***
New Member

Re: Encryption on 1131AG

In particular, WPA-PSK, or Personal mode, is what you are looking for. Here's how to configure it in the CLI (using whatever shared key you want to use in place of passphrase). If your client doesn't support AES, replace it with TKIP.

dot11 ssid Wireless

authentication open

authentication key-management wpa

wpa-psk ascii passphrase

interface Dot11Radio0

encryption mode ciphers aes-ccm

ssid Wireless

Re: Encryption on 1131AG

Thank you, this is just wanted I needed to know!

Re: Encryption on 1131AG

It's great to get away from WEP. Keep in mind PSK is vulnerable to static attacks at the work station, if you are using windows zero config. And a wireless dictionary attack from Co-Patty.

So I wouldn't use windows zero config and make sure you use a crazy key so not to match anything in a dictionary. Also the obvious, anyone who has the key and should they leave may leave with the key.

just 2 cents

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
265
Views
0
Helpful
4
Replies