Solved

Show all SSID's - Switch to WPA - 1600 Series - Autonomous - AIR-SAP1602I-K9

Posted on 2014-11-20
1
309 Views
Last Modified: 2014-12-04
The Situation:
I have (5) Autonomous Cisco AIR-SAP1602I-K9 Access points.  They are current set up with (3) SSID's in (3) different VLAN's.  One for inside network access for our main VLAN, one for inside network access for our Phones VLAN, and one for visitors that shoots straight out to the internet.

Right now - the "DATA" & "VOICE" SSID's are hidden.  I want to broadcast them all.

Right now all SSID's are configured to use WEP 128-bit as the "encryption method".  I'd like to change the "DATA" SSID to use WPA2 because I'm getting newer devices that aren't playing well with the old WEP standard.

So - how do I configure these AP's individually to show all SSID's and change my "DATA" SSID to use WPA2 for connectivity security.  

I'm sure this is an easy one for Cisco AP experts - I however am not one which is why I love Experts Exchange :)  I'm using the GUI to set this up - so any help would be greatly appreciated.

Thanks!
0
Comment
Question by:mfehrmann
1 Comment
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40456200
Firstly, you can't mix WPA and WEP on the SAME radio interface, so you can't mix unless one goes on the 2.4GHz interface and one goes on the 5GHz interface, so you'll probably have to convert ALL SSIDs to WPA.  This may be an issue for your phones in the short-term.

Anyhow, to broadcast multiple SSIDs via the same radio you need to use the mbssid command in the SSID and the radio interface...

dot11 ssid Tsunami
 authentication open
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 encryption vlan 10 mode ciphers tkip aes-ccm
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window


To convert from WEP to WPA you need to set the encryption mode to TKIP or AES, and set the authentication mode/key...

dot11 ssid Tsunami
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
!
interface dot11Radio0
 encryption mode ciphers tkip aes-ccm
 ssid Tsunami

Open in new window


Put both of those requirements together (including example VLAN info)...

dot11 ssid Tsunami
 vlan 10
 authentication open
 authentication key-management wpa
 wpa-psk ascii PRESHAREDKEY
 mbssid guest-mode
!
dot11 ssid AnotherSSID
 authentication open
 mbssid guest-mode
!
interface dot11Radio0
 mbssid
 ssid Tsunami
 ssid AnotherSSID

Open in new window

0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now