We want to use an 1131 AP with IOS version 12.4-3g as workgroup bridge in a Cisco unified wireless infrastructure. We prefer to use PEAP for authentication and AES for encryption (WPA2). If this is not possible EAP-Fast would be an acceptable alternative for authentication. Can someone tell me if this is possible and if so explain me how I need to configure the Access Point?
Thanks in advance.
The workgroup bridge must be configured as a client. This is off the top of my head, but should get you pointed in the right direction:
dot11 ssid my_wifi
authent network-eap 192.168.1.10
authent client usern MYAUTHUSERNAMEHERE password 0 MYPASSWORDHERE
encryp key 1 size 12 0 MY26DIGITWEPKEYHERE transmit-key
encryption mode ciphers aes-ccm tkip wep128
I believe the WEP key is still required
In the configuration guide of version 4.1 I see the following:
These features are supported for use with a WGB:
? Guest N+1 redundancy
? Local EAP
? These features are not supported for use with a WGB:
? Cisco Centralized Key Management (CCKM)
? Hybrid REAP
? Idle timeout
? Web authentication
IS PEAP for authentication and AES for encryption supported in the unified infrastructure?
Unified Wireless does support PEAP combined with AES encryption.
If You however have to connect a WorkGroupBridge please keep in mind that LEAP, EAP-FAST and EAP-TLS are the only EAP authentication types supported.
You may have to upgrade to IOS 12.4(3g)JA