~ >> is saying that you need 12.3(2)JA or later for WPA2 (ie. aes, aka ~ >> aes-ccm). ~ >>
~ ~ >Don't forget that for aes you need the right radio module on the ap, not ~ >sure but for old 1130 devices you need to change the radio module in order ~ >to support aes. ~ ~ ~ The 1130's aren't that old? ~ ~ The 350 may be. I can do only TKIP/WPA on it.
All 1130s support WPA2/AES.
So you could do (WPA with TKIP) and/or (WPA2 with TKIP and/or AES.) Either with EAP or (typically more suitable for hime use) PSK.
Unfortunately, the AP GUI doesn't provide WPA[2]-PSK as an option, so you'll have to do it by hand. Here's a config that should do the needful:
dot11 ssid WPAPSK authentication open authentication key-management wpa guest-mode wpa-psk ascii 0 YOURKEYHERE ! interface Dot11Radio0 encryption mode ciphers aes-ccm tkip ! ssid WPAPSK
[ Similarly for dot11radio1 ]
Aaron