Hello everyone. I have been searching for documentation from Cisco regarding a secure configuration for Cisco 1300 series bridges. I have viewed the "Cisco IOS Software Configuration Guide for Cisco Aironet 1300 Series Outdoor Access Point/Bridge" (http://www.cisco.com/en/US/products/ps5861/products_configuration_guide_book09186a00804ebd50.html).
We currently have three sites with point-to-point 1310 wireless bridges. The security config is as follows:
-AES CCMP + TKIP, Mandatory WPA (not psk)
-Key Rotation set to 1800 seconds, Enable Group Key Update On Membership Termination,Enable Group Key Update On Member's Capability Change
-SSID: Open Authentication w/ EAP, Network EAP
-Root Node acts as the RADIUS server for EAP authentication, Admin Authentication
-Association Limit set to 1
-"Force Infrastructure Devices to associate only to this SSID"
-SSID is not broadcast
-http secure-server (no http)
-I want implement SSH but it has not been approved yet (yes, odd).
Should Open Authentication be removed? I generated a key for EAP-FAST but the association shows WPAv2-LEAP. Why would an organization choose WEP over WPA?
Any suggestions would be helpful. I know there are others that are concerned as well. Thank you in advance.
Tim