Cisco AIR-AP1242AG-E-K9, AIR-AP1242AG-A-K9, AIR-AP1242AG-C-K9, AIR-AP1242AG-I-K9, AIR-AP1242AG-J-K9 Datasheet

Data Sheet

Cisco Aironet 1240AG Series 802.11A/B/G Access Point

Cisco® Aironet® 1240AG Series Access Points deliver the versatility, high capacity,
security, and enterprise-class features demanded by WLAN customers. These IEEE

802.11a/b/g access points are designed specifically for challenging RF environments
such as factories, warehouses, and large retail establishments that require the antenna
versatility associated with connectorized antennas, a rugged metal enclosure, and a
broad operating temperature range. The Cisco Aironet 1240AG Series provides local as
well as inline power, including support for IEEE 802.3af Power over Ethernet (PoE).

The Cisco Aironet 1240AG Series is a component of the Cisco Unified Wireless Network, a
comprehensive solution that delivers an integrated, end-to-end wired and wireless network. Using
the radio and network management features of the Cisco Unified Wireless Network for simplified
deployment, the Cisco Aironet 1240AG Series extends the security, scalability, reliability, ease of
deployment, and manageability available in wired networks to the wireless LAN.

The Cisco Aironet 1240AG Series is available in two versions: unified or autonomous. Unified
access points operate with the Lightweight Access Point Protocol (LWAPP) and work in
conjunction with Cisco wireless LAN controllers and the Cisco Wireless Control System (WCS).
When configured with LWAPP, the Cisco Aironet 1240AG Series can automatically detect the
best-available Cisco wireless LAN controller and download appropriate policies and configuration
information with no manual intervention. Autonomous access points are based on Cisco IOS®
Software and may optionally operate with the CiscoWorks Wireless LAN Solution Engine (WLSE).
Autonomous access points, along with the CiscoWorks WLSE, deliver a core set of features and
may be field-upgraded to take advantage of the full benefits of the Cisco Unified Wireless Network
as requirements evolve.

All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 9

Data Sheet

Award-Winning Security

The Cisco Aironet 1240AG Series has achieved National Institute of Standards and Technology
(NIST) FIPS 140-2 level 2 validation and is in process for Common Criteria validation under the
National Information Assurance Partnership (NIAP) program.

The Cisco Aironet 1240AG Series supports 802.11i, Wi-Fi Protected Access (WPA), WPA2, and
numerous Extensible Authentication Protocol (EAP) types. WPA and WPA2 are the Wi-Fi Alliance
certifications for interoperable, standards-based WLAN security. These certifications support IEEE

802.1X for user-based authentication, Temporal Key Integrity Protocol (TKIP) for WPA encryption,
and Advanced Encryption Standard (AES) for WPA2 encryption. These certifications help to
ensure interoperability between Wi-Fi-certified WLAN devices from different manufacturers.

The Cisco Aironet 1240AG Series hardware-accelerated AES encryption supports enterprise­class, government-grade secure encryption over the WLAN without compromising performance.
IEEE 802.1X authentication helps to ensure that only authorized users are allowed on the network.
Backward compatibility and support for WPA client devices running TKIP, the RC4 encryption
algorithm, is also supported by the Cisco Aironet 1240AG Series.

Cisco Aironet 1240AG Series Access Points operating with LWAPP support Cisco Unified
Intrusion Detection System/Intrusion Prevention System (IDS/IPS), a software feature that is part
of the Cisco Self-Defending Network and is the industry’s first integrated wired and wireless
security solution. Cisco Unified IDS/IPS takes a comprehensive approach to security—at the
wireless edge, wired edge, WAN edge, and through the data center. When an associated client
sends malicious traffic through the Cisco Unified Wireless Network, a Cisco wired IDS device
detects the attack and sends shun requests to Cisco wireless LAN controllers, which will then
disassociate the client device.

Autonomous or unified Cisco Aironet 1240AG Series Access Points support management frame
protection for the authentication of 802.11 management frames by the wireless network
infrastructure. This allows the network to detect spoofed frames from access points or malicious
users impersonating infrastructure access points. If an access point detects a malicious attack, an
incident will be generated by the access point and reports will be gathered on the Cisco wireless
LAN controller, Cisco WCS, or CiscoWorks WLSE.

Applications

Designed for rugged environments and installations that require antenna versatility, the Cisco
Aironet 1240AG Series features antenna connectors for extended range or coverage versatility
and more flexible installation options. Manufacturing applications, for example, can place WLANs
in hazardous locations and remotely place antennas in the hazardous locations while securing the
Cisco Aironet 1240AG Series Access Points. The access point without wired connection will use
the 5-GHz radio to wirelessly connect to the other access point for backhaul to the network.

The metal housing and industrial-grade components of the Cisco Aironet 1240AG Series provide
the ruggedness and extended operating temperature range required in factories, warehouses, “big
box” retail environments, and similar facilities. High transmit power, receive sensitivity, and delay
spread for both 2.4-GHz and 5-GHz radios provide the long range and large coverage area
consistent with these applications. 5-GHz radios are used as wireless bridges between access
points for backhaul to the network.

All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 9

Data Sheet

Access points may be placed above ceilings or suspended ceilings, allowing antennas to be
discreetly placed below drop ceilings. The UL 2043 rating of the Cisco Aironet 1240AG Series
allows the access points to be placed above ceilings in plenum areas regulated by municipal fire
codes. Public access applications such as large hotel buildings may also present a challenging RF
environment; the antenna versatility of the Cisco Aironet 1240AG Series, together with industry­leading range and coverage, provides reliable performance for the most demanding environments.

Features and Benefits

Table 1 lists the features and benefits of Cisco Aironet 1240AG Series Access Points.

Table 1. Features and Benefits of Cisco Aironet 1240AG Series Access Points

Feature Benefit

Dual 802.11a and 802.11g
Radios

Dual RP-TNC Antenna
Connectors for Both 2.4-GHz
and 5-GHz Radios

Link-Role Flexibility Autonomous access points can function as an access point or bridge, whether set up

Cisco Unified IDS/IPS This integrated software feature is part of the Cisco Self-Defending Network and is the

Management Frame
Protection

Security Authentication

Currently Supports 12 Non­Overlapping Channels, with
Potentially up to
23 Channels

Rugged Metal Housing Metal case and rugged features support deployment in factories, warehouses, the

UL 2043 Plenum Rating and
Extended Operating

Provides up to 108 Mbps of capacity in a single device for industry-leading capacity
and compatibility with older 802.11b clients.

Antenna connectors support a variety of Cisco 2.4-GHz and 5-GHz antennas, providing
range and coverage versatility.

as a single-band or dual-band platform, allowing each radio to be individually
configured as an access point repeater, root bridge, non-root bridge, or workgroup
bridge, enabling a broad array of applications.

industry’s first integrated wired and wireless security solution. When a trusted client
acts maliciously, the wired IDS detects the attack and sends shun requests to Cisco
WLAN controllers, which will then disassociate the client device.

This feature provides for the authentication of 802.11 management frames by the
wireless network infrastructure. This allows the network to detect spoofed frames from
access points or malicious users impersonating infrastructure access points. If an
access point detects a malicious attack, an incident will be generated by the access
points and reports will be gathered on the Cisco wireless LAN controller, Cisco WCS,
or CiscoWorks WLSE.

Security Standards
WPA
WPA2 (802.11i)
Cisco TKIP
Cisco message integrity check (MIC)
IEEE 802.11 WEP keys of 40 bits and 128 bits

802.1X EAP types:

EAP-Flexible Authentication via Secure Tunneling (EAP-FAST)
Protected EAP-Generic Token Card (PEAP-GTC)
PEAP-Microsoft Challenge Authentication Protocol Version 2 (PEAP-MSCHAP)
EAP-Transport Layer Security (EAP-TLS)
EAP-Tunneled TLS (EAP-TTLS)
EAP-Subscriber Identity Module (EAP-SIM)
Cisco LEAP

Encryption:

AES-CCMP encryption (WPA2)
TKIP (WPA)
Cisco TKIP
WPA TKIP
IEEE 802.11 WEP keys of 40 bits and 128 bits

Lower potential interference with neighboring access points simplifies deployment.
Fewer transmission errors deliver greater throughput.

outdoors (NEMA enclosure required), and other industrial environments.
Supports installation in environmental airspaces such as areas above suspended

ceilings.

All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 9