Announcement

Collapse
No announcement yet.

Cisco 1200 Series Wireless WPA2?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 1200 Series Wireless WPA2?

    I have a Cisco 1200 series WAP that has been kicking around for a long time doing a wonderful job running in wireless b, with 128Wep encryption.

    We need to upgrade our wireless secuity...so I did the conversion to IOS on this AP and upgraded to the latest IOS available. WPA2 is not an option for me unless I am missing something.

    The HowTo I am using says to choose "AES CCMP" in the cipher pulldown for WPA2, and it is not an option.

    Does anybody know if this is a software upgrade I can do, or will this unit never be able to have WPA2? There is a hardware radio upgrade available for this unit that will make it 802.11G but I am not going to bother if I cannot use the same security as the other 7 AP's I have.



    ----------------------------------------------------------------------------
    Product/Model Number: AIR-AP1220-IOS-UPGRD
    Top Assembly Serial Number:
    System Software Filename: c1200-k9w7-tar.123-8.JEC1
    System Software Version: 12.3(8 )JEC1
    Bootloader Version: 12.2(8 )JA
    ----------------------------------------------------------------------------

  • #2
    Re: Cisco 1200 Series Wireless WPA2?

    May I suggest to have a look at 802.1x authentication?
    http://en.wikipedia.org/wiki/802.1x
    http://technet.microsoft.com/en-us/l.../cc759077.aspx

    It's way more secure then WPA2
    See this for example using backtrack3 how easily it is too hack WPA2
    http://nl.youtube.com/watch?v=_TuuTCnCVOA
    http://nl.youtube.com/watch?v=pejgAqgnTAk

    (I still need to test those movies when I've time but it's rather interesting )


    edit: however to answer your question, according this document it should support wpa2
    http://www.cisco.com/en/US/prod/coll...0800937a6.html


    WPA
    WPA2 (802.11i)
    Cisco TKIP
    Cisco message integrity check (MIC)
    IEEE 802.11 WEP keys of 40 bits and 128 bits
    802.1X EAP types:

    EAP-Flexible Authentication via Secure Tunneling (EAP-FAST)
    Protected EAP-Generic Token Card (PEAP-GTC)
    PEAP-Microsoft Challenge Authentication Protocol Version 2 (PEAP-MSCHAP)
    EAP-Transport Layer Security (EAP-TLS)
    EAP-Tunneled TLS (EAP-TTLS)
    EAP-Subscriber Identity Module (EAP-SIM)
    Cisco LEAP
    Encryption

    AES-CCMP encryption (WPA2)
    TKIP (WPA)
    Cisco TKIP
    WPA TKIP
    IEEE 802.11 WEP keys of 40 bits and 128 bits
    Last edited by Dumber; 13th August 2008, 20:22.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Cisco 1200 Series Wireless WPA2?

      The Cisco document you linked to looks like the right information, except it has "AIR-AP1231G-x-K9 Cisco IOS Software" listed under part numbers, so I think that means it is the specs for a 1231G hardware and I have the 1220B hardware.

      As far as those you tube videos that is amazing, but what a pain for those of us in the IT department.

      Looking at the more robust solution of 802.11 auth it appears that most of my ap's have that ability, but I am not sure about the Motorola PocketPC's we use.

      Comment


      • #4
        Re: Cisco 1200 Series Wireless WPA2?

        Well I would suggest to check if all AP and PocketPc's supports IEEE 802.1x
        Although is quite easy to configure, especially if they are in a domain.

        (ps you also can use it for wired authenctication http://technet.microsoft.com/en-us/m.../cc194418.aspx)
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment

        Working...
        X