Cisco Cisco Aironet 1524 Lightweight Outdoor Mesh Access Point
24
Mobile Access Router and Mesh Networks Design Guide
OL-11823-01
Security
To configure a WPA pre-shared key and group key update options, in privileged EXEC mode, perform
the following steps:
the following steps:
Step 1
To enter global configuration mode, enter:
bridge# configure terminal
Step 2
To enter SSID configuration mode for the SSID, enter:
bridge(config)# dot11 ssid
ssid-string
Step 3
To specify a pre-shared key for bridges using WPA that also use static WEP keys, enter:
bridge(config)# wpa-psk { hex | ascii } [ 0 | 7 ]
encryption-key
Enter this key using either hexadecimal or ASCII characters. If you use hexadecimal, you must enter 64
hexadecimal characters to complete the 256-bit key. If you use ASCII, you must enter a minimum of
eight letters, numbers, or symbols, and the bridge expands the key for you. You can enter a maximum of
63 ASCII characters.
hexadecimal characters to complete the 256-bit key. If you use ASCII, you must enter a minimum of
eight letters, numbers, or symbols, and the bridge expands the key for you. You can enter a maximum of
63 ASCII characters.
Step 4
Enter the end command to complete the configuration.
WPA and Pre-Shared Key Configuration Example
This example shows how to configure a pre-shared key for non-root bridges using WPA and static WEP,
with group key update options:
with group key update options:
bridge# configure terminal
bridge(config)# dot11 ssid batman
bridge(config-ssid)# wpa-psk ascii batmobile65
bridge(config-ssid)# end
Matching Authentication Types on Root and Non-Root Bridges
To use the authentication types described in this section, the root device authentication settings must
match the settings on the non-root bridges that associate to the root device.
match the settings on the non-root bridges that associate to the root device.
lists the settings required for each authentication type on the root and non-root bridges.
Table 6
Client and Bridge Security Settings
Security Feature
Non-Root Bridge Setting
Root Device Setting
Static WEP with open
authentication
authentication
Set up and enable WEP
Set up and enable WEP and enable
open authentication
open authentication
Static WEP with
shared key
authentication
shared key
authentication
Set up and enable WEP and enable
shared key authentication
shared key authentication
Set up and enable WEP and enable
shared key authentication
shared key authentication
LEAP authentication
Configure a LEAP username and
password
password
Set up and enable WEP and enable
network-EAP authentication
network-EAP authentication