Cisco Support Community
Community Member

should security implemented on a public wireless network?

Hi everyone,

We are setting up a Cisco Wireless newtork for public access. That means any poeple on the soon as they are in our building they would get free wifi. However, one of my managers would like to implement at least preshare key for the wireless network.

My question is then... is it meanful to deploy the security if everyone in the public can get the same preshare key, or wpa (if leap is used, user account will be wide open offered)?

If the answer is no, it is not menaful to deploy the secuirty, how would I explain technically or logically to my manager? What about if yes, and which kind of security should we use?

I know ssl2 or ssl3 is the way to provide application level encrpytion...

So what is your opinion?

Thank you very much

Takami Chiro


Re: should security implemented on a public wireless network?


Security will encrypt the traffic so people does not know the preshared key cant see and analyze packets you send and receive.

Or peshared key can be used if you want only people that knows the key to Connect. This will restrct the network usage to those that knows the key. Leaving the network as open may make everyone to connect including outsiders.



Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
VIP Purple

should security implemented on a public wireless network?

You receive a security-benefit as it's much harder to sniff traffic of other users. Even if everyone has the PSK. So from a security-standpoint it will get better then before.

From a psychololical standpoint is could get worse. The wireless users see that the WLAN is secured and start to use communication without end to end encryption. But that's a false sense of security because the attacks are just harder, but not impossible.

If there is no security at all on the WLAN, at least some people will recognize that they shouldn't use any communication without end to end security.

And for the mentioned application level encryption: SSLv2 is not an option any more:


should security implemented on a public wireless network?

Hi Takami

The purpose of public wifi is so that your external clients can have hassle-free internet connectivity. If you implement a PSK, then users would have to type the key and once it is saved, they would always have unlimited access to Internet without your permission unless you keep changing the key or provide another layer of authentication.

I would suggest that you do not implement PSK and instead reduce the dhcp lease time for IP addresses to about 30mins so that people on the street do not clog up your IPs. Secondly, implement a Radius authentication scheme, so that once your clients have an IP, they only have to type in the Username and Password provided by you. Hence your clients only have one level of authentication and not 2 levels.

CreatePlease to create content