Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EAP Recommendation

Hi All,

I recently received the duty to design and configure the access security and encription for a series of outdoor point to (multi)point links.

Previously we used non-Cisco equipment with MAC authentification for access control with WEP 128 bits RC4 algorithms for encription.

However, it seems that newer equipment (besides being faster) has much better intrusion protection.

I would like to know what could be recommended anti-hackers protection for Cisco Aironet 1310G equipment.

From what I have seen, Cisco can use LEAP or PEAP for access control. Can the LEAP be secure enough with a strong password, or is better to avoid? And can the PEAP be configured with what comes from the box, or external services are requerired? And can one of the 1310G or perhaps a Cisco router operate efficently as RADIUS server for EAP authentification?

Also, I would like to know of what could be the recommmended encription methods, available in the WPA2 Aironet 1310G's.

Thanks in advance for any information and recommendations.


Igor Sotelo.


Re: EAP Recommendation

The following are the encryption methods



New Member

Re: EAP Recommendation

For PEAP, you need Windows XP service pack 1(atleast) to be able to use Windows PEAP. Plus I guess you need Certification server to download certificates to root directory of laptops.

LEAP is much easier than PEAP in terms of use, but PEAP is much more secured than LEAP. Please read some other postings regarding PEAP for PEAP drawbacks.

WPA2 uses AES encryption which is the most secured encryption mechanism.