Rockwell Collins Inc. 8222210 Manuel D’Utilisation
D r a f t 1 A - C I S C O C O N F I D E N T I A L
3-11
Cisco Aironet 1240AG Series Access Point Hardware Installation Guide
OL-7293-01
Chapter 3 Configuring the Access Point for the First Time
Configuring Basic Security Settings
Understanding Express Security Settings
When the access point configuration is at factory defaults, the first SSID that you create by using the
Express Security page overwrites the default SSID (tsunami), which has no security settings. The SSIDs
that you create appear in the SSID table at the bottom of the page. You can create up to 16 SSIDs on the
access point.
Express Security page overwrites the default SSID (tsunami), which has no security settings. The SSIDs
that you create appear in the SSID table at the bottom of the page. You can create up to 16 SSIDs on the
access point.
Note
In
Cisco IOS Release 12.3(4)JA or later
, there is no default SSID. You must configure an SSID before
client devices can associate to the access point.
Using VLANs
If you use VLANs on your wireless LAN and assign SSIDs to VLANs, you can create multiple SSIDs
by using any of the four security settings on the Express Security page. However, if you do not use
VLANs on your wireless LAN, the security options that you can assign to SSIDs are limited because on
the Express Security page encryption settings and authentication types are linked. Without VLANs,
encryption settings (WEP and ciphers) apply to an interface, such as the radio, and you cannot use more
than one encryption setting on an interface. For example, when you create an SSID with static WEP with
VLANs disabled, you cannot create additional SSIDs with WPA authentication because they use
different encryption settings. If you find that the security setting for an SSID conflicts with another
SSID, you can delete one or more SSIDs to eliminate the conflict.
by using any of the four security settings on the Express Security page. However, if you do not use
VLANs on your wireless LAN, the security options that you can assign to SSIDs are limited because on
the Express Security page encryption settings and authentication types are linked. Without VLANs,
encryption settings (WEP and ciphers) apply to an interface, such as the radio, and you cannot use more
than one encryption setting on an interface. For example, when you create an SSID with static WEP with
VLANs disabled, you cannot create additional SSIDs with WPA authentication because they use
different encryption settings. If you find that the security setting for an SSID conflicts with another
SSID, you can delete one or more SSIDs to eliminate the conflict.
If any VLANs are defined on the access point, the trunk port on the switch must be limited to allow only
the VLANs defined on the access point.
the VLANs defined on the access point.
Express Security Types
Table 3-2
Security Types on Express Security Setup Page
Security Type
Description
Security Features Enabled
No Security
This is the least secure option. You should
use this option only for SSIDs used in a
public space and assign it to a VLAN that
restricts access to your network.
use this option only for SSIDs used in a
public space and assign it to a VLAN that
restricts access to your network.
None.
Static WEP Key
This option is more secure than no security.
However, static WEP keys are vulnerable to
attack. If you configure this setting, you
should consider limiting association to the
bridge based on MAC address (refer to the
However, static WEP keys are vulnerable to
attack. If you configure this setting, you
should consider limiting association to the
bridge based on MAC address (refer to the
Cisco IOS Software Configuration Guide
for Cisco Aironet Access Points).
for Cisco Aironet Access Points).
Mandatory WEP. Client devices
cannot associate using this SSID
without a WEP key that matches
the bridge
cannot associate using this SSID
without a WEP key that matches
the bridge
’s
key.