Filter
Top Products
4-13
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-30644-01
Chapter 4 Configuring the Access Point for the First Time
Assigning Basic Settings
EAP Authentication This option enables 802.1X
authentication (such as LEAP, PEAP,
EAP-TLS, EAP-FAST, EAP-TTLS,
EAP-GTC, EAP-SIM, and other
802.1X/EAP based products)
This setting uses mandatory
encryption, WEP, open authentication
+ EAP, network EAP authentication,
no key management, RADIUS server
authentication port 1645.
You are required to enter the IP
address and shared secret for an
authentication server on your network
(server authentication port 1645).
Because 802.1X authentication
provides dynamic encryption keys,
you do not need to enter a WEP key.
Mandatory 802.1X authentication.
Client devices that associate using this
SSID must perform 802.1X
authentication.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also
be configured. If you do not configure
open authentication with EAP, the
following GUI warning message
appears:
WA RN IN G:
Network EAP is used for LEAP
authentication only. If radio clients
are configured to authenticate using
EAP-FAST, Open Authentication
with EAP should also be configured.
If you are using the CLI, this warning
message appears:
SSID CONFIG WARNING: [SSID]:
If radio clients are using EAP-FAST,
AUTH OPEN with EAP should also
be configured.
WPA Wi-Fi Protected Access (WPA)
permits wireless access to users
authenticated against a database
through the services of an
authentication server, then encrypts
their IP traffic with stronger
algorithms than those used in WEP.
This setting uses encryption ciphers,
TKIP, open authentication + EAP,
network EAP authentication, key
management WPA mandatory, and
RADIUS server authentication port
1645.
As with EAP authentication, you
must enter the IP address and shared
secret for an authentication server on
your network (server authentication
port 1645).
Mandatory WPA authentication.
Client devices that associate using this
SSID must be WPA-capable.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also
be configured. If you do not configure
open authentication with EAP, the
following GUI warning message
appears:
WA RN IN G:
Network EAP is used for LEAP
authentication only. If radio clients
are configured to authenticate using
EAP-FAST, Open Authentication
with EAP should also be configured.
If you are using the CLI, this warning
message appears:
SSID CONFIG WARNING: [SSID]:
If radio clients are using EAP-FAST,
AUTH OPEN with EAP should also
be configured.
Table 4-2 Security Types on Express Security Setup Page (continued)
Security Type Description Security Features Enabled