Specifications

ManualsBrandsCisco ManualsComputer equipmentAironet 700 Series

2-13

Cisco IOS Software Configuration Guide for Cisco Aironet Access Points

OL-5260-01

Chapter 2 Configuring the Access Point for the First Time

Configuring Basic Security Settings

Express Security Limitations

Because the Express Security page is designed for simple configuration of basic security, the options

available are a subset of the access point’s security capabilities. Keep these limitations in mind when

using the Express Security page:

• You cannot edit SSIDs. However, you can delete SSIDs and re-create them.

• You cannot assign SSIDs to specific radio interfaces. The SSIDs that you create are enabled on all

radio interfaces. To assign SSIDs to specific radio interfaces, use the Security SSID Manager page.

• You cannot configure multiple authentication servers. To configure multiple authentication servers,

use the Security Server Manager page.

• You cannot configure multiple WEP keys. To configure multiple WEP keys, use the Security

Encryption Manager page.

• You cannot assign an SSID to a VLAN that is already configured on the access point. To assign an

SSID to an existing VLAN, use the Security SSID Manager page.

• You cannot configure combinations of authentication types on the same SSID (for example, MAC

address authentication and EAP authentication). To configure combinations of authentication types,

use the Security SSID Manager page.

EAP Authentication This option enables 802.1x

authentication (such as LEAP, PEAP,

EAP-TLS, EAP-GTC, EAP-SIM, and

others) and requires you to enter the

IP address and shared secret for an

authentication server on your network

(server authentication port 1645).

Because 802.1x authentication

provides dynamic encryption keys,

you do not need to enter a WEP key.

Mandatory 802.1x authentication.

Client devices that associate using this

SSID must perform 802.1x

authentication.

WPA Wi-Fi Protected Access (WPA)

permits wireless access to users

authenticated against a database

through the services of an

authentication server, then encrypts

their IP traffic with stronger

algorithms than those used in WEP.

As with EAP authentication, you

must enter the IP address and shared

secret for an authentication server on

your network (server authentication

port 1645).

Mandatory WPA authentication.

Client devices that associate using this

SSID must be WPA-capable.

Table 2-2 Security Types on Express Security Setup Page (continued)

Security Type Description Security Features Enabled