cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
391
Views
0
Helpful
0
Replies
Beginner

1300 wireless bridge secured data traffic encryption --high

   Hi All,

I am looking secured encrypt configuration for the 1300 bridge wireless network . i have below configuration please suggest any change or modification on the configuration .

network topology

R1--------------SW1<-----------------> root bride-1 <---------------------------> Non-root bridge-1 <------------------------ >SW2( remote office)--------LAN hosts                   

SW1- Gi0/0- 10.200.32.1/29            BVI- 32.2/29                               BVI - 32.3/29                                   SW2-GI0/0 - 32.4/29

                 

network setup :  SW1 - LAN port to root bridge connection --  Gi 0/0 - ip address configured -10.200.32.1/29

                         Root-brdge -------------------------------------------- BVI  10.200.32.2/29 -----

                         Non root bridge----------------------------------------BVI 10.200.32.3/29

                         SW2 LAN port-Non root bridge ----------------- Gi0/0  10.200.32.4/29

both bridge have only BVI configured and no VLAN or subniterface on the both bridge .

SW1 and SW2 port connected to bridges are not part of vlan  , ports configured with specfic IP address

Below is bridge configration .  I would like to know with this below configuration data traffic will get compelete encrytion ??? or any security threat ?? . please suggest

!
dot11 ssid
   authentication open
   authentication key-management wpa
   wpa-psk ascii 7 123456
!
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm


station-role root bridge
bridge-group 1
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
hold-queue 80 in
!
interface BVI1
ip address 10.200.32.2 255.255.255.248
no ip route-cache
!        
ip default-gateway 10.200.32.1
ip http server
no ip http secure-server

!
!
control-plane
!
bridge 1 route ip
!
!
!

************************************Configuration on non root bridge.******************************************************************

!
dot11 ssid
   authentication open
   authentication key-management wpa
   wpa-psk ascii 7 123456

!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!

!
bridge-group 1
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
hold-queue 80 in
!
interface BVI1
ip address 10.200.32.3 255.255.255.248
no ip route-cache
!
ip default-gateway 10.200.32.2
ip http server
no ip http secure-server

!
!
control-plane
!
bridge 1 route ip
!
!

CreatePlease to create content
Content for Community-Ad