Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
417
Views
0
Helpful
1
Replies

Recommended Security for Cisco 1300 Bridges

augsupport
Level 1
Level 1

‎11-01-2006 06:24 AM - edited ‎07-03-2021 01:10 PM

Hello everyone. I have been searching for documentation from Cisco regarding a secure configuration for Cisco 1300 series bridges. I have viewed the "Cisco IOS Software Configuration Guide for Cisco Aironet 1300 Series Outdoor Access Point/Bridge" (http://www.cisco.com/en/US/products/ps5861/products_configuration_guide_book09186a00804ebd50.html).

We currently have three sites with point-to-point 1310 wireless bridges. The security config is as follows:

-AES CCMP + TKIP, Mandatory WPA (not psk)

-Key Rotation set to 1800 seconds, Enable Group Key Update On Membership Termination,Enable Group Key Update On Member's Capability Change

-SSID: Open Authentication w/ EAP, Network EAP

-Root Node acts as the RADIUS server for EAP authentication, Admin Authentication

-Association Limit set to 1

-"Force Infrastructure Devices to associate only to this SSID"

-SSID is not broadcast

-http secure-server (no http)

-I want implement SSH but it has not been approved yet (yes, odd).

Should Open Authentication be removed? I generated a key for EAP-FAST but the association shows WPAv2-LEAP. Why would an organization choose WEP over WPA?

Any suggestions would be helpful. I know there are others that are concerned as well. Thank you in advance.

Tim

Labels:
0 Helpful
1 Reply 1

Not applicable

‎11-07-2006 06:52 AM

WEP has several vulnerabilities, so always WPA is preferred than WEP.

One point is the RADIUS server and the Wireless client needs to be configured for EAP-fast, if EAP-FAST is rather then authentication protocol need to be used. The bridge cannot be configured specifically.

Try this link:

http://www.cisco.com/en/US/products/ps5861/products_configuration_guide_chapter09186a00804ed726.html

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card