Solved

Show all SSID's - Switch to WPA - 1600 Series - Autonomous - AIR-SAP1602I-K9

Posted on 2014-11-20
1
325 Views
Last Modified: 2014-12-04
The Situation:
I have (5) Autonomous Cisco AIR-SAP1602I-K9 Access points.  They are current set up with (3) SSID's in (3) different VLAN's.  One for inside network access for our main VLAN, one for inside network access for our Phones VLAN, and one for visitors that shoots straight out to the internet.

Right now - the "DATA" & "VOICE" SSID's are hidden.  I want to broadcast them all.

Right now all SSID's are configured to use WEP 128-bit as the "encryption method".  I'd like to change the "DATA" SSID to use WPA2 because I'm getting newer devices that aren't playing well with the old WEP standard.

So - how do I configure these AP's individually to show all SSID's and change my "DATA" SSID to use WPA2 for connectivity security.  

I'm sure this is an easy one for Cisco AP experts - I however am not one which is why I love Experts Exchange :)  I'm using the GUI to set this up - so any help would be greatly appreciated.

Thanks!
0
Comment
Question by:mfehrmann
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40456200
Firstly, you can't mix WPA and WEP on the SAME radio interface, so you can't mix unless one goes on the 2.4GHz interface and one goes on the 5GHz interface, so you'll probably have to convert ALL SSIDs to WPA.  This may be an issue for your phones in the short-term.

Anyhow, to broadcast multiple SSIDs via the same radio you need to use the mbssid command in the SSID and the radio interface...

dot11 ssid Tsunami
 authentication open
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 encryption vlan 10 mode ciphers tkip aes-ccm
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window


To convert from WEP to WPA you need to set the encryption mode to TKIP or AES, and set the authentication mode/key...

dot11 ssid Tsunami
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
!
interface dot11Radio0
 encryption mode ciphers tkip aes-ccm
 ssid Tsunami

Open in new window


Put both of those requirements together (including example VLAN info)...

dot11 ssid Tsunami
 vlan 10
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window

0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question