Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure different security options on a Cisco AP

Resolution

Various authentication types, such as open authentication, shared key authentication, Service Set Identifier (SSID), authentication by client media access control and 802.1x/EAP (LEAP and PEAP), can be used with Cisco Access Points (APs).

The EAP authentication types include:

  • EAP
  • LEAP
  • PEAP

Security in the IEEE 802.11 specification, which applies to 802.11b, 802.11a, and 802.11g, has come under intense scrutiny. Appropriate security measures must be taken in regard to the authentication, data-privacy, and message-integrity mechanisms defined in the specification.

For information on 802.11 Wireless, LAN security and the Cisco Wireless Security Suite, refer to the Wireless LAN Security White Paper.

For more information on how to configure authentication types, refer to these sections of Configuring Authentication Types

For more information on how to assign the authentication types, refer to Assigning Authentication Types to an SSID.

There are also some encryption standards that can be configured to provide more security, such as Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP) and Advanced Encryption standard (AES). For more information on how to configure the cipher suites and WEP, refer to Configuring Cipher Suites and WEP.

For more information on configuring EAP and PEAP, refer EAP Authentication with RADIUS Server, Protected EAP (PEAP) Application Note

For more information on configuration, refer to the IOS Software Configuration Guide.

The AP can be configured as a local authenticator  to serve as a stand-alone authenticator for a small wireless LAN or to provide backup authentication service. As a local authenticator, the AP performs LEAP, EAP-FAST, and MAC-based authentication for up to 50 client devices. For more information on how to configure the AP as a local authenticator, refer to Configuring an Access Point as a Local Authenticator

For more information on Configuring RADIUS and TACACS+ Servers,refer Configuring RADIUS and TACACS+ Servers.

Problem Type

Configure / Configuration issues

Products

Access point

1608
Views
3
Helpful
0
Comments