4-8
Cisco 880 Series Integrated Services Router Software Configuration Guide
OL-22206-01
Chapter 4 Basic Wireless Device Configuration
Configuring Wireless Settings
Configuring Wireless Quality of Service
Configuring quality of service (QoS) can provide preferential treatment to certain traffic at the expense
of other traffic. Without QoS, the device offers best-effort service to each packet, regardless of the
packet contents or size. It sends the packets without any assurance of reliability, delay bounds, or
throughput. To configure quality of service (QoS) for your wireless device, see
Quality of Service in a
Wireless Environment
at:
http://www.cisco.com/en/US/docs/routers/access/wireless/software/guide/QualityOfService.html.
EAP
1
authentication
This option enables 802.1X authentication (such as LEAP
2
,
PEAP
3
, EAP-TLS
4
, EAP-FAST
5
, EAP-TTLS
6
, EAP-GTC
7
,
EAP-SIM
8
, and other 802.1X/EAP-based products)
This setting uses mandatory encryption, WEP, open
authentication plus EAP, network EAP authentication, no
key management, and RADIUS server authentication port
1645.
You are required to enter the IP address and shared secret
for an authentication server on your network (server
authentication port 1645). Because 802.1X authentication
provides dynamic encryption keys, you do not need to enter
a WEP key.
Mandatory 802.1X authentication. Client
devices that associate using this SSID must
perform 802.1X authentication.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also be
configured. If you do not configure open
authentication with EAP, the following
warning message appears:
SSID CONFIG WARNING: [SSID]: If radio
clients are using EAP-FAST, AUTH OPEN
with EAP should also be configured.
WPA
9
This option permits wireless access to users who are
authenticated against a database. Access is through the
services of an authentication server. Users’ IP traffic is then
encrypted with stronger algorithms than those used in WEP.
This setting uses encryption ciphers, TKIP
10
, open
authentication plus EAP, network EAP authentication, key
management WPA mandatory, and RADIUS server
authentication port 1645.
As with EAP authentication, you must enter the IP address
and shared secret for an authentication server on your
network (server authentication port 1645).
Mandatory WPA authentication. Client
devices that associate using this SSID must
be WPA capable.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also be
configured. If you don’t configure open
authentication with EAP, the following
warning message appears:
SSID CONFIG WARNING: [SSID]: If radio
clients are using EAP-FAST, AUTH OPEN
with EAP should also be configured.
1.
EAP = Extensible Authentication Protocol.
2.
LEAP = Lightweight Extensible Authentication Protocol.
3.
PEAP = Protected Extensible Authentication Protocol.
4.
EAP-TLS = Extensible Authentication Protocol—Transport Layer Security.
5.
EAP-FAST = Extensible Authentication Protocol—Flexible Authentication via Secure Tunneling.
6.
EAP-TTLS = Extensible Authentication Protocol—Tunneled Transport Layer Security.
7.
EAP-GTC = Extensible Authentication Protocol—Generic Token Card.
8.
EAP-SIM = Extensible Authentication Protocol—Subscriber Identity Module.
9.
WPA = Wi-Fi Protected Access.
10. TKIP = Temporal Key Integrity Protocol.
Table 4-1
Types of SSID Security (continued)
Security Type
Description
Security Features Enabled