https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237063#M98011 <HTML><HEAD></HEAD><BODY><P>In particular, WPA-PSK, or Personal mode, is what you are looking for. Here's how to configure it in the CLI (using whatever shared key you want to use in place of passphrase). If your client doesn't support AES, replace it with TKIP.</P><P></P><P>dot11 ssid Wireless</P><P> authentication open</P><P> authentication key-management wpa</P><P> wpa-psk ascii passphrase</P><P></P><P>interface Dot11Radio0</P><P> encryption mode ciphers aes-ccm</P><P> ssid Wireless</P><P> </P></BODY></HTML> Tue, 26 May 2009 02:21:09 GMT JASON BOYERS 2009-05-26T02:21:09Z https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237061#M98009 <P>Using WEP static now and need something better. Not using a RADIUS server. Whats the best we can do? Can we go to WPA without a RADIUS server? Can someone post a config please?</P> Sun, 04 Jul 2021 00:37:46 GMT https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237061#M98009 northtexasnetworks 2021-07-04T00:37:46Z https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237062#M98010 <HTML><HEAD></HEAD><BODY><P>Yes... you should go with WPA2-AES if possible. This way you don't have to worry about any radius server setup.</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008054339e.shtml" target="_blank">http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008054339e.shtml</A></P><P></P></BODY></HTML> Thu, 21 May 2009 10:55:58 GMT https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237062#M98010 Scott Fella 2009-05-21T10:55:58Z https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237063#M98011 <HTML><HEAD></HEAD><BODY><P>In particular, WPA-PSK, or Personal mode, is what you are looking for. Here's how to configure it in the CLI (using whatever shared key you want to use in place of passphrase). If your client doesn't support AES, replace it with TKIP.</P><P></P><P>dot11 ssid Wireless</P><P> authentication open</P><P> authentication key-management wpa</P><P> wpa-psk ascii passphrase</P><P></P><P>interface Dot11Radio0</P><P> encryption mode ciphers aes-ccm</P><P> ssid Wireless</P><P> </P></BODY></HTML> Tue, 26 May 2009 02:21:09 GMT https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237063#M98011 JASON BOYERS 2009-05-26T02:21:09Z https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237064#M98012 <HTML><HEAD></HEAD><BODY><P>Thank you, this is just wanted I needed to know!</P></BODY></HTML> Fri, 29 May 2009 15:50:38 GMT https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237064#M98012 northtexasnetworks 2009-05-29T15:50:38Z https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237065#M98013 <HTML><HEAD></HEAD><BODY><P>It's great to get away from WEP. Keep in mind PSK is vulnerable to static attacks at the work station, if you are using windows zero config. And a wireless dictionary attack from Co-Patty.</P><P></P><P>So I wouldn't use windows zero config and make sure you use a crazy key so not to match anything in a dictionary. Also the obvious, anyone who has the key and should they leave may leave with the key.</P><P></P><P>just 2 cents </P><P></P></BODY></HTML> Fri, 29 May 2009 16:45:14 GMT https://community.cisco.com/t5/wireless/encryption-on-1131ag/m-p/1237065#M98013 George Stefanick 2009-05-29T16:45:14Z