Show all SSID's - Switch to WPA - 1600 Series - Autonomous - AIR-SAP1602I-K9

The Situation:
I have (5) Autonomous Cisco AIR-SAP1602I-K9 Access points.  They are current set up with (3) SSID's in (3) different VLAN's.  One for inside network access for our main VLAN, one for inside network access for our Phones VLAN, and one for visitors that shoots straight out to the internet.

Right now - the "DATA" & "VOICE" SSID's are hidden.  I want to broadcast them all.

Right now all SSID's are configured to use WEP 128-bit as the "encryption method".  I'd like to change the "DATA" SSID to use WPA2 because I'm getting newer devices that aren't playing well with the old WEP standard.

So - how do I configure these AP's individually to show all SSID's and change my "DATA" SSID to use WPA2 for connectivity security.  

I'm sure this is an easy one for Cisco AP experts - I however am not one which is why I love Experts Exchange :)  I'm using the GUI to set this up - so any help would be greatly appreciated.

Thanks!
LVL 5
Info TechIT DepartmentAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Craig BeckCommented:
Firstly, you can't mix WPA and WEP on the SAME radio interface, so you can't mix unless one goes on the 2.4GHz interface and one goes on the 5GHz interface, so you'll probably have to convert ALL SSIDs to WPA.  This may be an issue for your phones in the short-term.

Anyhow, to broadcast multiple SSIDs via the same radio you need to use the mbssid command in the SSID and the radio interface...

dot11 ssid Tsunami
 authentication open
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 encryption vlan 10 mode ciphers tkip aes-ccm
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window


To convert from WEP to WPA you need to set the encryption mode to TKIP or AES, and set the authentication mode/key...

dot11 ssid Tsunami
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
!
interface dot11Radio0
 encryption mode ciphers tkip aes-ccm
 ssid Tsunami

Open in new window


Put both of those requirements together (including example VLAN info)...

dot11 ssid Tsunami
 vlan 10
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.