Manualshelf

User's Manual

ManualsBrandsCisco Systems ManualsElectronics4.9 GHz WMIC Mini PCI Module
41424344454647484950
2-18
Cisco 3200 Series Wireless MIC Software Configuration Guide
OL-7734-02
Chapter 2 Configuring the WMIC for the First Time
Protecting Your Wireless LAN
Understanding Express Security Settings
When the WMIC configuration is at factory defaults, the first SSID that you create using the Express
security page overwrites the default SSID, install, which has no security settings. The SSIDs that you
create appear in the SSID table at the bottom of the page. You can create up to 16 SSIDs on the access
point.
Using VLANs
If you use VLANs on your wireless LAN and assign SSIDs to VLANs, you can create multiple SSIDs
using any of the four security settings on the Express Security page. However, if you do not use VLANs
on your wireless LAN, the security options that you can assign to SSIDs are limited because, on the
Express Security page, encryption settings and authentication types are linked. Without VLANs,
encryption settings (WEP and ciphers) apply to an interface such as the 2.4-GHz radio, and you cannot
use more than one encryption setting on an interface. For example, when you create an SSID with static
WEP with VLANs disabled, you cannot create additional SSIDs with WPA authentication because they
use different encryption settings. If you find that the security setting for an SSID conflicts with another
SSID, you can delete one or more SSIDs to eliminate the conflict.
Express Security Types
Table 2-2 describes the four security types that you can assign to an SSID.
Table 2-2 Security Types on Express Security Setup Page
Security Type Description Security Features Enabled
No Security This is the least secure option. You
should use this option only for SSIDs
used in a public space and assign it to
a VLAN that restricts access to your
network.
None.
Static WEP Key This option is more secure than no
security. However, static WEP keys
are vulnerable to attack. If you
configure this setting, you should
consider limiting association to the
access point based on MAC address
or, if your network does not have a
RADIUS server, consider using an
access point as a local authentication
server.
Mandatory WEP encryption, no key
management, and open
authentication. In Root AP mode,
client devices cannot associate using
this SSID without a WEP key that
matches the access point key.