troubleshooting Question

How to secure wireless network

Avatar of Daryl Ponting
Daryl PontingFlag for United Kingdom of Great Britain and Northern Ireland asked on
RoutersWireless Networking
4 Comments2 Solutions329 ViewsLast Modified:
Hi all,

I've got a Cisco 871 wireless router.  I've got most of it configured using SDM.  The only thing I'm unable to do is secure the wireless network.  I've put a WPA key in where I think it should go but it still shows up as an unsecured network.  

Here's a copy of the config.  If anyone has a command or instruction how to do it in SDM, I'd greatly appreciate it.  

sh run
Building configuration...
Current configuration : 5583 bytes
! Last configuration change at 12:01:22 PCTime Thu Dec 24 2009 by administrator
! NVRAM config last updated at 11:48:39 PCTime Thu Dec 24 2009 by administrator
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname ciscowireless
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
 --More--         logging console critical
enable secret 5 $1$TyD1$WNZyQJgoXjAje928BCEGj.
no aaa new-model
resource policy
clock timezone PCTime 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address
ip dhcp excluded-address
ip dhcp pool sdm-pool1
   import all
 --More--         ip tcp synwait-time 10
ip domain name cms.local
ip name-server
ip ssh time-out 60
ip ssh authentication-retries 2
crypto pki trustpoint TP-self-signed-3841103926
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3841103926
 revocation-check none
 rsakeypair TP-self-signed-3841103926
crypto pki certificate chain TP-self-signed-3841103926
 certificate self-signed 01
  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33383431 31303339 3236301E 170D3032 30333031 30303538
  31325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38343131
  30333932 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C8DF E942156D EF9DCA12 160073C5 25C3E272 92193D16 D371F8D4 5C12CE11
 --More--           6A57DD2B 9271C6A4 69450CD6 28B0306F 0D1B157E D758625E 38DC551A B8E91DA4
  BFE8F95F B37D3BFC 40AB4A3D 187D119E 5E6A924C 3C3BA345 152DCE8E 0A316245
  67F76B03 2BA2093B 99B8D37F 7E4B96C7 F0EF79C9 9A99F497 7447FA2F E074BDB0
  E34F0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
  551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
  301F0603 551D2304 18301680 14AC346D BEBEEA64 689F56AE 8C2FB9AC 869F3CC5
  1C301D06 03551D0E 04160414 AC346DBE BEEA6468 9F56AE8C 2FB9AC86 9F3CC51C
  300D0609 2A864886 F70D0101 04050003 8181005B 8BCB6196 64509B44 F78EEE3B
  A9F96AD8 8D2B9D6E 0D97C1A3 283E14CA 8F004685 0D2E89FE BA289336 40C605B7
  9674A37B 0039B984 BB073194 A29A5D4C 79FDB677 32E3A71E 5B011DD5 D266D619
  99205D9E 2887E18A 6439EC25 00F63839 2814E239 B6D48244 524347C2 9205710A
  6A13F485 8FCBB6A3 21FE9C06 17E6DEBC 250039
username administrator privilege 15 secret 5 $1$awfJ$fqhvuLDY8I8ukpQUoFMNT1
bridge irb
interface FastEthernet0
 --More--         interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
 description $ES_WAN$$FW_OUTSIDE$
 ip address
 ip nat outside
 ip virtual-reassembly
 ip route-cache flow
 duplex auto
 speed auto
interface Dot11Radio0
 no ip address
 ssid CMSUK
    authentication open
    wpa-psk ascii 7 073C345C4F5B495447
 --More--          speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 bridge-group 1
 bridge-group 1 spanning-disabled
interface Vlan1
 no ip address
 ip tcp adjust-mss 1452
 bridge-group 1
interface BVI1
 description $ES_LAN$
 ip address
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1412
ip route
ip http server
 --More--         ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet4 overload
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit
no cdp run
bridge 1 protocol ieee
bridge 1 route ip
banner exec ^C
% Password expiration warning.
Cisco Router and Security Device Manager (SDM) is installed on this device and
 --More--         it provides the default username "cisco" for  one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
line con 0
 login local
 no modem enable
 transport output telnet
 --More--         line aux 0
 login local
 transport output telnet
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
webvpn context Default_context
 ssl authenticate verify all
 no inservice


Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros