Cisco Wireless VoIP Phones Integration

Toggle sidebar Toggle sidebar
J

JustAGuy51

Distinguished
Oct 1, 2008
180
0
18,690
I know this could be classified as VoIP but also falls into this forum.

I am planning to integrate wireless VoIP phones (Cisco models, not sure which) in the future and wondering if they'll work with my existing wireless network. Existing wireless network currently consists of strictly laptops utilizing WPA2-Enterprise (802.11i)
along with 802.1x. I am currently using EAP-TTLS for outside tunnel and EAP-MD5 for inside authentication.

Equipment I have are Cisco AP1232AG-A-K9 access points chained up in WDS setup and one RADIUS server. My questions are:

1) Will Cisco *wireless* VoIP phones handle WPA2-Ent./802.1x stuffs? How about if they cross AP boundaries in WDS? I am
unwilling to downgrade from WPA2-Ent. but willing to switch to EAP-PEAP/PEAP if more compatible with Cisco

2) If you have integrate handhelds (blackberry, etc.) into WPA2-Ent. network, please let me know too. I like to know which
model you use and some good/bad experiences, etc.

Thanks in advance for your input. I appreciate it!!!
 
gstefanick

gstefanick

Distinguished
Nov 12, 2005
63
0
18,630



The current Cisco offerings for VoIP Wireless phones are the 7921 and 7925. The current security authentication they support and encryption:

• Authentication:
• Cisco Wireless Security Suite IEEE 802.1X
• Lightweight Extensible Authentication Protocol (LEAP) Authentication
• Protected Extensible Authentication Protocol (PEAP) MS-CHAP v2
• Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST)
• Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)
• Wi-Fi Protected Access (WPA) Versions 1 and 2; Personal and Enterprise
• Cisco Centralized Key Management (CCKM)

• Encryption:
• 40- and 128-bit static Wired Equivalent Privacy (WEP)
• Temporal Key Integrity Protocol (TKIP) and Message Integrity Check (MIC)
• Advanced Encryption Standard (AES)

So you have options under then 802.1X frame work to work with and you can still keep your higher level of encryption.

WORD TO THE WISE: If you do use 802.1X with AES on a VoIP phone you need to test this on your wireless network at length. Poor wireless network designs MAY cause longer delays while roaming and jitter or dead air can be expected during a roaming event. A protocol analyzer is very helpful determining this and troubleshooting if there is issues.

A recent troubleshooting event at a customer site i found that their network was causing a 1 - 2 second 802.1X auth. Something that should have been 20-100 mS. They had a tremendous amount of co- and adjacent channel interference.

I worked recently with a customer and we were able to get PEAP working on a number of BBs with server side certs. So you should be fine there, just google it lots of info can be found on that topic.

If you have a choice, i would check out the Ascom VoIP handsets. They are much better. Just my .02

 
J

JustAGuy51

Distinguished
Oct 1, 2008
180
0
18,690
Thanks for explanation at length.

Maybe I should dedicate a separate channel with separate APs. I just need to support 3 or 4 wireless handset, not many. Doing my homework in case if being asked (likely). With this economy, gotta worry!!!
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom