254
Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide
Chapter Configuring the Wireless Device
Configuring Wireless Settings
Configuring Wireless Quality of Service
Configuring Quality of Service (QoS) can provide preferential treatment to certain traffic at the expense
of other traffic. Without QoS, the device offers best-effort service to each packet, regardless of the packet
contents or size. It sends the packets without any assurance of reliability, delay bounds, or throughput.
To configure quality of service (QoS) for your wireless device, see Quality of Service in a Wireless
Environment at:
http://www.cisco.com/en/US/docs/routers/access/wireless/software/guide/QualityOfService.html.
EAP
1
Authentication This option enables 802.1X authentication (such as
LEAP
2
, PEAP
3
, EAP-TLS
4
, EAP-FAST
5
, EAP-TTLS
6
,
EAP-GTC
7
EAP-SIM
8
, and other 802.1X/EAP based
products)
This setting uses mandatory encryption, WEP, open
authentication + EAP, network EAP authentication, no
key management, RADIUS server authentication port
1645.
You are required to enter the IP address and shared secret
for an authentication server on your network (server
authentication port 1645). Because 802.1X
authentication provides dynamic encryption keys, you do
not need to enter a WEP key.
Mandatory 802.1X authentication.
Client devices that associate using
this SSID must perform 802.1X
authentication.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also
be configured. If you do not
configure open authentication with
EAP, the following warning message
appears:
SSID CONFIG WARNING: [SSID]: If
radio clients are using
EAP-FAST, AUTH OPEN with EAP
should also be configured.
WPA
9
This option permits wireless access to users
authenticated against a database through the services of
an authentication server, then encrypts their IP traffic
with stronger algorithms than those used in WEP.
This setting uses encryption ciphers, TKIP
10
, open
authentication + EAP, network EAP authentication, key
management WPA mandatory, and RADIUS server
authentication port 1645.
As with EAP authentication, you must enter the IP
address and shared secret for an authentication server on
your network (server authentication port 1645).
Mandatory WPA authentication.
Client devices that associate using
this SSID must be WPA-capable.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also
be configured. If you don’t configure
open authentication with EAP, the
following message appears:
SSID CONFIG WARNING: [SSID]: If
radio clients are using
EAP-FAST, AUTH OPEN with EAP
should also be configured.
1. EAP = Extensible Authentication Protocol.
2. LEAP = Lightweight Extensible Authentication Protocol.
3. PEAP = Protected Extensible Authentication Protocol.
4. EAP-TLS = Extensible Authentication Protocol - Transport Layer Security.
5. EAP-FAST = Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling.
6. EAP-TTLS = Extensible Authentication Protocol-Tunneled Transport Layer Security.
7. EAP-GTC = Extensible Authentication Protocol--Generic Token Card.
8. EAP-SIM = Extensible Authentication Protocol--Subscriber Identity Module.
9. WA = Wi-Fi Protected Access.
10. TKIP = Temporal Key Integrity Protocol.
Table 1 Types of SSID Security (continued)
Security Type Description Security Features Enabled
To Next Page
Loading...
