Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Security configuration question for 1220 AP as a Workgroup Bridge

I have a couple of older 1220 access points that we have decommissioned and I would like to configure them as Workgroup Bridges for use on the floor. I have successfully upgraded one of them to IOS 12.3(8)JEC. I have been trying to follow the article "Access Point as a Workgroup Bridge Configuration Example" but it does not cover the case where security is enabled on the root access point. In our network we have the 1242s configured to use AES-CCM and TKIP for Cipher suites. They are also setup to use WPA2 with a couple of Microsoft Radius servers for EAP. How should I configure the security and encryption on the 1220?

So far on the 1220 I have enabled the TKIP cipher suite and setup the SSID to match. I have also made key management mandatory and selected the WPA check box but I have no way to specify WPA2. Console reports that the radio cannot associate and that WPAIE not found and required.

Any help would be appreciated.


Re: Security configuration question for 1220 AP as a Workgroup B

AES is a hardware feature, so it's unlikely the 1220 will do AES at all, which limits you to TKIP which uses the same RC4 Cipher Stream hardware as WEP.

I'm not familiar with the 1220, but I think you'll be limited to EAP-TLS authentication, given what RADIUS Servers you're using.

As most people still don't run their own CA, EAP-TLS is probably not an option either, so then you're looking at using WPA-PSK.

Might also be worth checking your root AP is configured correctly, last time i did WGB's there were come minor configuration changes to be made on the Root AP.

Failing that, grab your configs, rip out the passwords and post them up.