Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 347
  • Last Modified:

Show all SSID's - Switch to WPA - 1600 Series - Autonomous - AIR-SAP1602I-K9

The Situation:
I have (5) Autonomous Cisco AIR-SAP1602I-K9 Access points.  They are current set up with (3) SSID's in (3) different VLAN's.  One for inside network access for our main VLAN, one for inside network access for our Phones VLAN, and one for visitors that shoots straight out to the internet.

Right now - the "DATA" & "VOICE" SSID's are hidden.  I want to broadcast them all.

Right now all SSID's are configured to use WEP 128-bit as the "encryption method".  I'd like to change the "DATA" SSID to use WPA2 because I'm getting newer devices that aren't playing well with the old WEP standard.

So - how do I configure these AP's individually to show all SSID's and change my "DATA" SSID to use WPA2 for connectivity security.  

I'm sure this is an easy one for Cisco AP experts - I however am not one which is why I love Experts Exchange :)  I'm using the GUI to set this up - so any help would be greatly appreciated.

Thanks!
0
mfehrmann
Asked:
mfehrmann
1 Solution
 
Craig BeckCommented:
Firstly, you can't mix WPA and WEP on the SAME radio interface, so you can't mix unless one goes on the 2.4GHz interface and one goes on the 5GHz interface, so you'll probably have to convert ALL SSIDs to WPA.  This may be an issue for your phones in the short-term.

Anyhow, to broadcast multiple SSIDs via the same radio you need to use the mbssid command in the SSID and the radio interface...

dot11 ssid Tsunami
 authentication open
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 encryption vlan 10 mode ciphers tkip aes-ccm
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window


To convert from WEP to WPA you need to set the encryption mode to TKIP or AES, and set the authentication mode/key...

dot11 ssid Tsunami
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
!
interface dot11Radio0
 encryption mode ciphers tkip aes-ccm
 ssid Tsunami

Open in new window


Put both of those requirements together (including example VLAN info)...

dot11 ssid Tsunami
 vlan 10
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now