cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
776
Views
0
Helpful
4
Replies

Securely Connect two BR1310 Bridges

Markus Pethe
Level 1
Level 1

Did anyone of you found an Configuration Example for an secure Connection between two 1310 Bridges.

4 Replies 4

jdewberr
Level 1
Level 1

try this for WPA-PSK:

***global config for both bridges***

!

dot11 ssid cisco

authentication open

authentication key-management wpa

infrastructure-ssid

wpa-psk ascii 0 1234567890

!

**Root bridge config (only showing the relevant part of config)**

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip

!

ssid cisco

!

NON-ROOT config****

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip

!

ssid cisco

!

--

joe

WPA-PSK is vulnerable against dictionary attacks, ideally use a

random hex string as PSK. (I guess "1234567890" was just an example)

Since you are using 1310 on both sides, I'd suggest using AES (WPA2)

for encryption. Simply replace

encryption mode ciphers tkip

with

encryption mode ciphers aes-ccm

The only disadvantage is the missing "concatenation" support if AES is enabled.

Thanks for your replys!

I also added this:

*dot11 ssid

#max-associations 1 ! So after the other bridge is associated no more would be allowed (I hope)

I also tried to apply the filter

*dot11 radio 0

#l2-filter block-arp

But when I do this on both sides (root and non-root) I lose the association.

did you ever get WPA2 encryption to work between the 2 cisco 1310 bridges ?

Review Cisco Networking for a $25 gift card