Improve wireless security on the 877W

cisco-877w-frontI just discovered my three year old Cisco wireless router was configured to do WPA encryption instead of the more secure WPA2 version, which is the standard nowadays. WPA uses TKIP (Temporal Key Integrity Protocol) while WPA2 is capable of using TKIP or the more advanced AES algorithm. Doing a search on Google it appears it’s just a IOS configuration option.

Change:

interface Dot11Radio0 no ip address ! encryption vlan 2 mode ciphers tkip !

To:

interface Dot11Radio0 no ip address ! encryption vlan 2 mode ciphers aes-ccm !

If the option is not there, your IOS version does not support it. I’m currently using: C870 Software, Version 12.4(24)T1 (c870-advipservicesk9-mz.124-24.T1.bin).