Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Recommended Security for Cisco 1300 Bridges

Hello everyone. I have been searching for documentation from Cisco regarding a secure configuration for Cisco 1300 series bridges. I have viewed the "Cisco IOS Software Configuration Guide for Cisco Aironet 1300 Series Outdoor Access Point/Bridge" (

We currently have three sites with point-to-point 1310 wireless bridges. The security config is as follows:

-AES CCMP + TKIP, Mandatory WPA (not psk)

-Key Rotation set to 1800 seconds, Enable Group Key Update On Membership Termination,Enable Group Key Update On Member's Capability Change

-SSID: Open Authentication w/ EAP, Network EAP

-Root Node acts as the RADIUS server for EAP authentication, Admin Authentication

-Association Limit set to 1

-"Force Infrastructure Devices to associate only to this SSID"

-SSID is not broadcast

-http secure-server (no http)

-I want implement SSH but it has not been approved yet (yes, odd).

Should Open Authentication be removed? I generated a key for EAP-FAST but the association shows WPAv2-LEAP. Why would an organization choose WEP over WPA?

Any suggestions would be helpful. I know there are others that are concerned as well. Thank you in advance.



Re: Recommended Security for Cisco 1300 Bridges

WEP has several vulnerabilities, so always WPA is preferred than WEP.

One point is the RADIUS server and the Wireless client needs to be configured for EAP-fast, if EAP-FAST is rather then authentication protocol need to be used. The bridge cannot be configured specifically.

Try this link: