Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/clients/client0/web23/web/includes/pages/manual_inc.php on line 26
Cisco Systems IOS Releases 15.2(4)JA manuale d’uso - BKManuals

Cisco Systems IOS Releases 15.2(4)JA manuale d’uso

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540

Vai alla pagina of

Un buon manuale d’uso

Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso Cisco Systems IOS Releases 15.2(4)JA. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica Cisco Systems IOS Releases 15.2(4)JA o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.

Che cosa è il manuale d’uso?

La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso Cisco Systems IOS Releases 15.2(4)JA descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.

Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.

Quindi cosa dovrebbe contenere il manuale perfetto?

Innanzitutto, il manuale d’uso Cisco Systems IOS Releases 15.2(4)JA dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo Cisco Systems IOS Releases 15.2(4)JA
- nome del fabbricante e anno di fabbricazione Cisco Systems IOS Releases 15.2(4)JA
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature Cisco Systems IOS Releases 15.2(4)JA
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti

Perché non leggiamo i manuali d’uso?

Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio Cisco Systems IOS Releases 15.2(4)JA non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti Cisco Systems IOS Releases 15.2(4)JA e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio Cisco Systems in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche Cisco Systems IOS Releases 15.2(4)JA, come nel caso della versione cartacea.

Perché leggere il manuale d’uso?

Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo Cisco Systems IOS Releases 15.2(4)JA, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.

Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso Cisco Systems IOS Releases 15.2(4)JA. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.

Sommario del manuale d’uso

  • Pagina 1

    Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco we bsite at www.cisco.com/go/ offices. Cisco IOS S of tw are Conf iguration Guide f or Cisco Air o net A ccess P oints Cisco IOS Releases 15.2(4)JA, 1 5.2(2)JB, 15.2(2)JA,1 2.4( 25 d ) JA, and 12.3(8)JEE Tex[...]

  • Pagina 2

    THE SPECIFICATION S AND INFORMAT ION REGARDING THE PRODUCTS IN THIS MA NUAL ARE SUBJ ECT TO CHANGE WITHOUT NOT ICE. ALL STATEMENTS , INFORMATION , AND RECOMMEN DATIONS I N THIS MANUA L ARE BELIEVE D TO BE ACCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FUL L RESPONSIBILITY FOR THEIR APPLICAT ION OF ANY[...]

  • Pagina 3

    Contents 1 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Audience i-xix Purpose i-xix Organization i-xx Conventi ons i-xxi Related Publication s i-xxii Obtaining Documentation, Obtaining Support, and Security Guid elines i-xxii CHAPTER 1 Overview 1-1 Features 1-2 Features Introduced in This Release 1-2 Support [...]

  • Pagina 4

    Contents 2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Getting Help 3-3 Abbreviating Command s 3-3 Using the no and Default Forms of Commands 3-4 Understanding CLI Messages 3-4 Using Command History 3-4 Changing the Co mmand History Buffer Size 3-5 Recalling Commands 3-5 Disabling the Command History Feature[...]

  • Pagina 5

    Contents 3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Using the Express Security Page 4-20 CLI Conf iguratio n Exampl es 4-21 Configuring System Power Settings Access Points 4-26 Using the AC Power Adapter 4-26 Using a Switch Capable of IEEE 802.3af Power Negotiat ion 4-26 Using a Switch That Does Not Suppor[...]

  • Pagina 6

    Contents 4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Configuring Spectrum Expert Mode 5-10 Controlling Access Point Acce ss with RADIUS 5-11 Default RADIUS Configuration 5-12 Configuring RADIUS Login Authentication 5-12 Defining AAA Server Groups 5-14 Configuring RADIUS Authorization for User Privileged Ac[...]

  • Pagina 7

    Contents 5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Defining HTTP Access 5-35 Configuring a System Name and Prompt 5-35 Default System Name and Prompt Configuration 5-35 Configuring a System Name 5-35 Understanding DNS 5-36 Default DNS Configuration 5-36 Setting Up DNS 5-37 Displaying the DNS Configuration[...]

  • Pagina 8

    Contents 6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Confirming th at DFS is Enabled 6-20 Configuring a Channel 6-20 Blocking Chann els from DFS Selection 6-21 Setting the 802.11n Guard Interva l 6-22 Configuring Location-Based Services 6-22 Understanding L ocation-Based Se rvices 6-22 Configuring LBS on A[...]

  • Pagina 9

    Contents 7 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Default SSID Configuration 7-4 Creating an SSID Globally 7-4 Viewing SSIDs Configured Globally 7-6 Using Spaces in SSIDs 7-6 Using a RADIUS Server to Restrict SSIDs 7-7 Configuring Multiple Basic SSIDs 7-8 Requirements for Configuring Multiple BSSIDs 7-8 [...]

  • Pagina 10

    Contents 8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Non-Root Bridge with VLANs 8-13 Displaying Spannin g-Tree Status 8-14 CHAPTER 9 Configuring an Acc ess Poin t as a Local Authenticator 9-1 Understanding L ocal Authenticatio n 9-2 Configuring a Local Authenticator 9-2 Guidelines for Local Authenticators [...]

  • Pagina 11

    Contents 9 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Software and Firmware Requirements for WPA, CCKM, CKIP, and WPA-TKIP 11-8 Configuring Authentication Types 11-10 Assigning Authentication Types to an SSID 11-10 Configuring WPA Migration Mode 11-13 Configuring Additional WPA Settings 11-14 Configuring MAC[...]

  • Pagina 12

    Contents 10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 CLI Configuration Example 12-24 Support for 802.11r 12-24 Configuring Management Frame Protec tion 12-25 Management Fram e Protection 12-25 Overview 12-26 Protection of Unicast Management Frame s 12-26 Protection of Broadcast Mana gement Frames 12-26 Cl[...]

  • Pagina 13

    Contents 11 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Understanding T ACACS+ 13-23 TACACS+ Operation 13-24 Configuring TACACS+ 13-24 Default TAC ACS+ Config uration 13-25 Identifying the TACACS+ Server Host and Setting the Authenticatio n Key 13-25 Configuring TACACS+ Login Authentication 13-26 Configuring [...]

  • Pagina 14

    Contents 12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Rate Limiting 15-11 Adjusting Radio Access Categories 15-12 Configuring Nominal Rates 15-13 Optimized Voice Settings 15 -14 Configuring Call Admission Control 15-14 QoS Configuration Examples 15-15 Giving Priority to Voice Traffic 15-15 Giving Priority [...]

  • Pagina 15

    Contents 13 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 SNMP Community Strings 18-4 Using SNMP to Access MIB Variables 18-4 Configuring SNMP 18-5 Default SNMP Configuration 18-5 Enabling the SNMP Agent 18 -5 Configuring Community Strings 18-6 Specifying SNMP-Server Group Names 18-7 Configuring SNMP-Server Hos[...]

  • Pagina 16

    Contents 14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Guidelines for Using Workgroup Bridges in a Lightweig ht Environment 19-20 Sample Workgroup Bridge Configuratio n 19-22 Enabling VideoStream Sup port on Workgroup Bridges 19-23 CHAPTER 20 Managing Firmware and Configurations 20-1 Working with the Flash [...]

  • Pagina 17

    Contents 15 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Copying Image Files by Using TFTP 20-19 Preparing to Download or Upload an Image File by Using TFTP 20-19 Downloading an Image F ile by Using TFTP 20-20 Uploading an Image File by Using TFT P 20-22 Copying Image Files by Using FTP 20-22 Preparing to Down[...]

  • Pagina 18

    Contents 16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Indicators on 1260 Series Access Points 22-15 Indicators on 1300 Outdoor Acces s Point/Bridges 22-17 Normal Mode LED Indications 22-18 Power Injector 22-20 Checking Power 22 -21 Low Power Conditio n 22-21 Checking Basic Settings 22-22 SSID 22-22 WEP Key[...]

  • Pagina 19

    Contents 17 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Local Authenticator Messages C-21 WDS Messages C-24 Mini IOS Messages C-25 Access Point/Bridge Messages C-26 Cisco Discovery Protocol Messages C-26 External Radius Server Error Messages C-26 LWAPP Error Messages C-27 Sensor Messages C-28 SNMP Error Messa[...]

  • Pagina 20

    Contents 18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01[...]

  • Pagina 21

    -xix Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Preface Audience This guide is for the n etworkin g professional who in stalls and manages Cisco Aironet Access Points. T o use this guide, you should ha ve experience w orking with the Cisco IOS softw are and be familiar with the concepts and terminology of w[...]

  • Pagina 22

    -xx Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Organization This guide also includes an ov ervie w of the acce ss point web-based interface (APWI), wh ich contains all the functionality of th e command-line interf ace (CLI). This guide does not pr ovide f ield-le vel descriptions of the APWI wind ows nor do[...]

  • Pagina 23

    -xxi Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Conventions Chapter 15, “Conf iguring QoS, ” describes ho w to conf igure and manage MA C address, IP , and EtherT ype filters on the access poi nt using the web-br ow ser interface. Chapter 16, “Conf iguring Filters, ” describes how to config ure and [...]

  • Pagina 24

    -xxii Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Related Publications Caution Means reader be careful. In this situation, yo u mi ght do someth ing that coul d result equipment damage or loss of data. Ti p Means the follo wing will help you sol ve a probl em. The tips information might n ot be troubleshoot [...]

  • Pagina 25

    -xxiii Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Obtaining Do cumentation, Obta ining Support, and Security Guidelines[...]

  • Pagina 26

    -xxiv Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Obtaining Documentation, Obtaining Support, and Security G uidelines[...]

  • Pagina 27

    CH A P T E R 1-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 1 Overview Cisco Aironet Access Poin ts (herea fter called ac cess points ) provide a secure, affordable, and easy-to-use wireless LAN solution that combines mobility and f lexibilit y with the enterprise-class features required b y networking prof[...]

  • Pagina 28

    1-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Features • The 1300 series o utdoor access point/bridge uses an inte grated antenna and can be config ured to use external, dual-di v ersity antennas. • The 2600 series access point contains dual-band ra dios (2.4 GHz and 5 GHz) with int[...]

  • Pagina 29

    1-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 1 Overview Management Options Support for 802.11w Cisco IOS Release 15.2(4)J A pro vides support for the 802.11w p rotocol. Unlik e encrypted data tr af fi c, management frames are sent in an unsecure manner while using the 802. 11 protocol for d ata tr[...]

  • Pagina 30

    1-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Network Config uration Exam ples seamless and transparen t to the user . Figure 1-1 shows access points acting as root units on a wired LAN. Figur e 1 -1 Access P oints as Ro ot Units on a Wired LAN Repeater Access Point An access point can [...]

  • Pagina 31

    1-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 1 Overview Network Configuration Examp les Figure 1 -2 Access P oint as Repeater Bridges The 1140, 1200, 1240, and 1250 seri es access points and the 1300 access point/b ridge can be configured as root or non-root bri dges. In this role, an access point[...]

  • Pagina 32

    1-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Network Config uration Exam ples Figur e 1 -4 Access P oints as Root an d Non-r oot Bridg es with Clients Workgroup Bridge Y ou can configure access points as workg roup bridges. I n workgroup bridge mode, the unit asso ciates to another acc[...]

  • Pagina 33

    1-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 1 Overview Network Configuration Examp les Central Unit in an All-Wireless Network In an all-wireless network, an access point acts as a stand-alone r oot unit. The access point is no t attached to a wired LAN; it functions as a hub linking all stations[...]

  • Pagina 34

    1-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Network Config uration Exam ples[...]

  • Pagina 35

    CH A P T E R 2-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 2 Using the Web-Browser Interface This chapter describes the web-brow ser interface that you can use to conf igure the wireless de vice. This chapter contains the following sections: • Using the W eb-Browser Interface for the First T ime, page 2-[...]

  • Pagina 36

    2-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Using the Web-Browser Inte rf ace for the First Time Using the Web-Browser Interface for the First Time Use the wireless device IP address to br owse to the management system. See t he “Logging into the Access Point?[...]

  • Pagina 37

    2-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Using the Management Pag es in the Web-Browser Inte rface Using Action Buttons Ta b l e 2 - 1 lists the page links and b uttons that appear on most management pages. T able 2-1 Common Butt ons on Manageme nt P ages But[...]

  • Pagina 38

    2-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Character Restrictions in Entry Fields Because the 1200 series acce ss point uses Cisco IO S software, there are certain characters that you cannot use in the entry fields on the web[...]

  • Pagina 39

    2-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Figur e 2-2 Expr ess Setup P age Step 3 Enter a name for the access p oint in the System Name f ield and click Apply . Step 4 Brow se to the Services – DNS page. Figure 2-3 sho ws t[...]

  • Pagina 40

    2-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Figur e 2-3 Services – DNS P a ge Step 5 Click Enable for DNS. Step 6 In the Domain Name f ield, enter your compan y domain name. Step 7 Enter at least one IP address for your DNS [...]

  • Pagina 41

    2-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Step 10 Browse to the Services: HTTP W eb Server page. Figure 2-4 sho ws the HTTP W eb Serv er page: Figur e 2-4 Services: HTTP W eb Server P age Step 11 Select the Enable Secur e (HT[...]

  • Pagina 42

    2-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Step 14 Another warn ing appears stating that th e access point securi ty certif icate is valid but is not from a kno wn source. Howe ver , you can accept the certificate with co nf [...]

  • Pagina 43

    2-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Figur e 2-7 Certificat e Window Step 16 In the Certificate windo w , click Install Certif icate . The Microsoft W indows Cert if icate Import W izard appears. Figure 2-8 sho ws the Ce[...]

  • Pagina 44

    2-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Figur e 2-8 Certificat e Import Wizar d Step 17 Click Next . The next screen asks where you want to sto r e the certificate. W e recommend that you use the default storage area on y[...]

  • Pagina 45

    2-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Figure 2-1 0 Certificat e Completion Screen Step 19 Click Finish . Windo ws displays a final security warning. Figure 2-11 shows the security w arning. Figur e 2-1 1 Certificat e Sec[...]

  • Pagina 46

    2-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Figure 2-12 Import Successful Scr een Step 21 Click OK . Step 22 On the Certificate windo w shown in Figure 2-7 , which is still displayed, cli ck OK . Step 23 On the Security Alert[...]

  • Pagina 47

    2-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Using Online Help Using Online Help Click the help icon at the top of an y page in the web-bro wser interf ace to display online help . Figure 2-13 sho ws the help and print icons. Figur e 2-13 Help and Print Icons Wh[...]

  • Pagina 48

    2-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Disabling the Web-Brow ser Interface Ta b l e 2 - 2 sho ws an e xample help location and He lp Root URL for an 1100 series access poi nt. Step 5 Click A pply . Disabling the Web-Browser Interface T o prevent all use o[...]

  • Pagina 49

    CH A P T E R 3-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 3 Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) that you can use to configure the wireless de vice. It contains th e follo wing sections: • Cisco IOS Command Modes, page 3-2 • Getting Help, p[...]

  • Pagina 50

    3-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Cisco IOS Command Mode s Cisco IOS Command Modes The Cisco IOS user interface is di vided into many dif f erent modes. The commands av ailable to you depend on which mode y ou are currently in. Enter a quest ion mark [...]

  • Pagina 51

    3-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Getting Help Getting Help Y ou ca n enter a question mark (?) at the system prompt to display a list of commands a vailable for each command mo de. Y ou can also obtain a list of asso ciated keyw ords and ar guments [...]

  • Pagina 52

    3-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Using the no and Default Forms of Com mands Using the no and Default Forms of Commands Most confi guration command s also ha ve a no form. In general, use the no form to disable a feature or function or re verse the a[...]

  • Pagina 53

    3-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Using Comman d History Changing the Command History Buffer Size By default, the wi reless de vice records ten command lines in i ts history b uf fer . Beginning in pr iv ileged EXEC mode, enter this command to change[...]

  • Pagina 54

    3-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Using Editing Features Using Editing Features This section descri bes the editing features that can help you manipu late the command line. It contains these sections: • Enabling and Disabling Edit ing Features, page[...]

  • Pagina 55

    3-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Using Editing Features Editing Command Lines that Wrap Y ou can use a wraparound feature for commands th at exten d beyond a sin gle line on the screen. When the cursor reaches the right margin, the command line shif[...]

  • Pagina 56

    3-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Searching and Filteri ng Output of show and more Commands In this e xample, the access-list global co nfigu ration command entry e xtends be yond one line. When the cursor first reaches the end of the line, the line i[...]

  • Pagina 57

    3-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Accessing the CLI Accessing the CLI Y ou c an open the wire less device CLI using T elnet or Secure Shell (SSH). Opening the CLI with Telnet Follo w these steps to open the CLI with T elnet. The se steps are for a PC[...]

  • Pagina 58

    3-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Accessing the CLI[...]

  • Pagina 59

    CH A P T E R 4-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 4 Configuring the Access Point for the First Time This chapter describe s how to configure basic settin gs on the wireless de vice for the first time. The contents of this chapter are similar to the instru ct ions in the quick start gui de that shi[...]

  • Pagina 60

    4-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Before You Start Before You Start Before you install the wireless de vice, make sure you are u sing a comput er connecte d to the same network as t he wireless de vice, and obtain the fo llo wing inform[...]

  • Pagina 61

    4-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Before You Start Step 5 Click System Software and the System Software screen appears. Step 6 Click System Conf iguration and the System Conf iguration screen appears. Step 7 Click the Reset to Defaults [...]

  • Pagina 62

    4-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Logging into the Access Point Logging into the Access Point A user can login to the access poin t using one of the follo wing methods: • graphica l user interf ace (GUI) • T elnet (if the AP is conf[...]

  • Pagina 63

    4-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Connecting to the 1100 Series A ccess Point Locally to the 1040, 1140,1 200, 1230, 1240, 1250 , 1260, and 2600 Series Access Po ints Locally” section on page 4-6 to connect to the consol e port. – P[...]

  • Pagina 64

    4-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Connecting to the 1130 Seri es Access Point Locally Step 2 Connect your PC to the access point using a Category 5 Ethernet cable. Y ou can use either a c rossov er cable or a straight-t hrough cable. St[...]

  • Pagina 65

    4-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Connecting to the 1300 Series Access Point/Bridge Locally Step 1 Connect a nine-pin , female DB-9 to RJ-45 serial cable to the RJ-45 se rial port on the access point and to the COM port on a computer . [...]

  • Pagina 66

    4-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Default Radio Settings Note When you connect your PC to the access point/bridge or reconnect yo ur PC to the wired LAN, you might need to release and renew the IP addr ess on the PC. On most PCs, you ca[...]

  • Pagina 67

    4-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s Figure 4-1 Summary Status P age Step 5 Click Express Set up . The Express Setup screen appears. Figure 4-2 and Figure 4-3 sho ws the Express Setup page for the 1100 series acce[...]

  • Pagina 68

    4-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings Figur e 4-2 Expr ess Setu p P age for 1 1 00 Ser ies Access P oints Figur e 4-3 Expr ess Setup P age f or 1 130, 120 0, and 1240 Ser ies Access P oints Note Figure 4-3 sho ws t[...]

  • Pagina 69

    4-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s Figure 4-4 Expr ess Setup P age f or 1 040, 1 140, 1260 and 1260 Ser ies Access P oints[...]

  • Pagina 70

    4-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings Figur e 4-5 Expr ess Setup P age f or the 1300 Ser ies Access P oint/Br idge Step 6 Enter the conf iguration settings you obtained from your system admini strator . The conf ig[...]

  • Pagina 71

    4-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s • IP Address —Use th is setting to assign or chan ge the wi reless de vice IP address. If DHCP is enabled for your netw ork, lea ve thi s field blank. Note If the wireless[...]

  • Pagina 72

    4-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings • Optimize Radio Netw ork for —Use t his setting to select either preconf igured settings for the wireless de vice radio or cu stomized se t tings for the wireless de vice [...]

  • Pagina 73

    4-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s IP Subnet Mask Assigned by DHCP by defa ult; if DHCP is disabled, the def ault setting is 255. 255.255.224 Default Gate way Assigned by DHCP by default ; if DHCP is disabled, [...]

  • Pagina 74

    4-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings Configuring Basic Security Settings After you assign basic settings to the wireless de vi ce, you must con figure secu rity settings to pre vent unauthorized access [...]

  • Pagina 75

    4-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s Understanding Express Security Settings The SSIDs that you create using the Express security page appear in the SSID ta ble at the bottom of the page. Y ou can crea[...]

  • Pagina 76

    4-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings Express Security Types Ta b l e 4 - 2 describes the four security t ypes that you can assign t o an SSID. T able 4-2 Securi ty T ypes on Expr ess Security Set up Pag[...]

  • Pagina 77

    4-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s EAP Authentication This option en ables 802.1X authentication (such as LEA P , PEAP , EAP-TLS, EAP-F AST , EAP-TTLS, EAP-GTC, EAP-SIM, and other 802.1X/EAP based pr[...]

  • Pagina 78

    4-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings Express Security Limitations Because the Express Security page is designed for simple configuration of basic security , the opti ons av ailable are a subset of the w[...]

  • Pagina 79

    4-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s CLI Configuration Examples The examples in this section sho w the CLI commands that are equiv alent to creating SSIDs using each security type on the Express Securi[...]

  • Pagina 80

    4-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 20 key 3 size 128bit 7 FFD518A21653687A4251AEE1230C transmit-key encryption vlan 20 mode we[...]

  • Pagina 81

    4-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s Example: EAP Authentication This example sho ws part of the configurati on that re sults from using the Express Security pa ge to create an SSID called eap_ssid , e[...]

  • Pagina 82

    4-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings ! interface Dot11Radio0/1.30 encapsulation dot1Q 30 no ip route-cache bridge-group 30 bridge-group 30 subscriber-loop-control bridge-group 30 block-unknown-source no[...]

  • Pagina 83

    4-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s aaa new-model ! ! aaa group server radius rad_eap server 10.91.104.92 auth-port 1645 acct-port 1646 ! aaa group server radius rad_mac ! aaa group server radius rad_[...]

  • Pagina 84

    4-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring System Powe r Settings Access P oints bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface FastEthernet0.40 encapsulation dot1Q 40 no ip route-cache[...]

  • Pagina 85

    4-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring System Power Settings Access Points Using a Power Injector If you use a po wer injector to pro vide po wer to the 1040, 1130, 1140, 1240, 1250, or 1260 access point, select Powe r I n je c [...]

  • Pagina 86

    4-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning an IP A ddress Using the CLI 1. Maximum transmit power will vary by channel and accordin g to individual country regulations. Refer to the product documentation for specific details. 2. Tx—[...]

  • Pagina 87

    4-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring the 802.1X Supplicant If T elnet is not listed in your Accessories menu, select Start > Run , type Te l n e t in the entry field, and press Enter . Step 2 When the T elnet windo w appear[...]

  • Pagina 88

    4-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring the 802.1X Supp licant Use the no form of the dot1x credent ials command to ne gate a parameter . The follo wing example creates a credentials prof ile named test with the username Cisco an[...]

  • Pagina 89

    4-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring the 802.1X Supplicant The follo wing e xample applies the cred entials prof ile test to the access point Fast Ethernet port: ap1240AG> enable Password: xxxxxxx ap1240AG# config terminal [...]

  • Pagina 90

    4-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 Creating and Applying EAP Method Profiles Y ou can optionally conf igure an EAP method list to en able the supplicant to recognize a particular EAP method. See the “Creating an d App[...]

  • Pagina 91

    4-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 The follo wing modes are supp orted • Root • Root bridge • Non Root bridge • Repeater • WGB The follo wing modes are not supp orted • Spectrum mode • Monitor mode Beginni[...]

  • Pagina 92

    4-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 normal four-message e xchange (so licit, advertise, request, rep ly). By default, the four -message exchange is used. When the rapid-commit option is en abled by both client an d serve[...]

  • Pagina 93

    4-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 Configuring IPv6 Access Lists IPv6 access lists (ACL) are used to fi lter traf f ic and restrict ac cess to th e router . IPv6 prefix lists are used to fi lter routing pro tocol update[...]

  • Pagina 94

    4-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 IPv6 WDS AP registration The first acti ve IPv6 address is used to regi ster the WDS. Ta b l e 4 - 5 sho ws different scenarios in the IPv6 WDS AP regi stration process. Note 11r roami[...]

  • Pagina 95

    4-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 RA filtering RA filterin g increases the security of the IPv6 network by dropp ing RAs coming from wireless clients. RA filt ering pre vents misconf igured or malicious IPv 6 clients f[...]

  • Pagina 96

    4-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6[...]

  • Pagina 97

    CH A P T E R 5-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 5 Administering the Access Point This chapter de scribes ho w to administer the wirele ss de vice. This chapter conta ins the follo wing sections: • Disabling the Mo de Button, page 5-2 • Pre venting Unauthorized Access to Y our Access Point, p[...]

  • Pagina 98

    5-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Disabling the Mode Button Disabling the Mode Button Y ou can disable the mode b utton on access points ha ving a console port by using th e [no] boot mode-button co mmand. This command pre vents password reco very and i[...]

  • Pagina 99

    5-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Preventing Unauthorized Acc ess to Your Access Po int Preventing Unauthorized Access to Your Access Point Y ou can prev ent unauthorized users from reconfi guring the wireless de vice and vie wing conf iguration informat[...]

  • Pagina 100

    5-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Protecting Ac cess to Pr ivileged EXEC Commands Default Password and Privilege Level Configuration Ta b l e 5 - 1 sho ws the defa ult password and p riv ilege le vel conf iguration. Setting or Changing a Static Enable P[...]

  • Pagina 101

    5-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Protecting A ccess to Privile ged EXEC Commands This example sho w s how to ch ange the enable password to l1u2c3k4y5 . The passwo rd is not encrypted and provides access to le vel 15 (tradi tional pri vileg ed EXEC mode[...]

  • Pagina 102

    5-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Protecting Ac cess to Pr ivileged EXEC Commands Protecting Enable and Enable Secret Passwords with Encryption T o provide an additional layer of securi ty , particular ly for passwords that cross the netw ork or that ar[...]

  • Pagina 103

    5-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Protecting A ccess to Privile ged EXEC Commands If both the enable and enable secret passwords are defined, users must enter the enable secret password. Use the level keyw ord to def ine a password for a specif ic pri vi[...]

  • Pagina 104

    5-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Protecting Ac cess to Pr ivileged EXEC Commands T o disa ble username authenticatio n for a specific user , use the no username name global configurat ion command. T o dis able password checking and allo w connections w[...]

  • Pagina 105

    5-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring Easy Setup When you set a command to a privilege le vel, all commands whose syntax is a subset of that command are also set to that le vel. For e xample, if you set the show ip route command to level 15, the [...]

  • Pagina 106

    5-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Spectru m Expert Mode Network Configuration T o c onf igure an access point using the network config uration, enter the v alues for the following f ields: • Hostname • IP Address • Server protocol •[...]

  • Pagina 107

    5-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Point Access with RADIUS Step 1 Choose Home > Easy Setup > Network Conf iguration . Step 2 From the Role in Radio Netw ork drop-dow n list choose Spectrum . Step 3 Click Apply . Step 4 Launch th[...]

  • Pagina 108

    5-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with RADIUS RADIUS provid es detailed accounting in formation and fle x ible administ rati ve control o ver authentication and authorization processes. RADIUS is facilitated thr ough AAA[...]

  • Pagina 109

    5-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Point Access with RADIUS T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1 [[...]

  • Pagina 110

    5-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with RADIUS Defining AAA Server Groups Y ou can configure the wi reless de vice to use AAA serv er groups to group e xisting server hosts for authentication. Y o u select a subset of the[...]

  • Pagina 111

    5-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Point Access with RADIUS Step 3 radius-server host { hostname | ip-addr ess } [ auth-port port-number ] [ acct-port port-number ] [ timeout seconds ] [ retransmit re t r i e s ] [ key string ] Specify[...]

  • Pagina 112

    5-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with RADIUS T o remove the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess glo bal confi guration command. T o remov e a server group from t he config ura[...]

  • Pagina 113

    5-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Poin t Access with TACACS+ T o dis able authorization, use the no aaa au thorization { network | exec } method1 global configuration command. Displaying the RADIUS Configuration T o display the RADIUS[...]

  • Pagina 114

    5-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with TACACS+ authentication met hods are performed. The onl y exceptio n is the default met hod list (which, b y coincidence, is named default ). The default metho d list is automaticall[...]

  • Pagina 115

    5-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Poin t Access with TACACS+ T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1[...]

  • Pagina 116

    5-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Ethernet Sp eed and Dupl ex Settings Configuring Ethernet Speed and Duplex Settings Y ou can assign the wireless de vice Ethernet port speed and duple x settings. W e recommend th at you use auto , the defa[...]

  • Pagina 117

    5-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configu ring the A ccess Poin t for L oca l Authentica tion and Authorization Configuring the Access Point for Local Authentication and Authorization Y ou c an configure AAA to operate without a serv er by configuring t[...]

  • Pagina 118

    5-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring the Authen tication Cache and Profile T o disable AAA, use the no aaa new-model global confi guration command. T o disable authorizati on, use the no aaa authorization { network | ex ec } method1 global co [...]

  • Pagina 119

    5-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring the Auth enti cation Cache and Profile ! aaa group server tacacs+ tac_admin server 192.168.133.231 cache expiry 1 cache authorization profile admin_cache cache authentication profile admin_cache ! aaa group [...]

  • Pagina 120

    5-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring the Access Poin t to Provide DHCP Service ! ip http server ip http authentication aaa no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius sour[...]

  • Pagina 121

    5-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring the Access Point to Pr ovide DHCP Service http://www .cisco.com/uni vercd/cc/td/doc/product/ sof tware/i os122/122cgcr/f ipr_c/ipcprt1/1cfdhcp.htm Beginning in pri vileged EXEC mode, follo w these steps to c[...]

  • Pagina 122

    5-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring the Access Poin t to Provide DHCP Service AP(dhcp-config)# end Monitoring and Maintaining the DHCP Server Access Point These sections describe commands you can use to monitor and maintain the DHCP serv er a[...]

  • Pagina 123

    5-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring the Ac cess Point for Secure Shell Debug Command T o enable DHCP server deb ugging, use this command in pri vileged EXEC mode: debug ip dhcp serv er { even ts | packets | linkage } Use the no form of the com[...]

  • Pagina 124

    5-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Client ARP Caching Support for Secure Copy Protocol The Secure Copy Protocol (SCP) supports file transf ers between hosts on a network using Secure Shell (SSH) for security . Cisco IOS Release 15.2(2)JB sup[...]

  • Pagina 125

    5-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Managing the System Time and Date Optional ARP Caching When a non-Cisco client de vice is associated to an access point and is not passing data, the wireless device might not know the client IP address. If th is situati[...]

  • Pagina 126

    5-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Managing the System Time and Date Understanding Simple Network Time Protocol Simple Network T ime Protocol (SNTP) is a simplif ied, client-only version of NT P . SNTP can only recei ve the time from NTP ser vers; it ca[...]

  • Pagina 127

    5-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Managing the System Time and Date • Config uring the T ime Zone, page 5-32 • Config uring Summer T ime (Daylight Savin g T ime), page 5-33 Setting the System Clock If you ha ve an outside source on the net work that[...]

  • Pagina 128

    5-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Managing the System Time and Date Beginning in privileged EXEC mode, follow these steps to set th e system clock: This exampl e sho ws ho w to manually set the system cl ock to 1:32 p.m. on July 23, 2001: AP# clock set[...]

  • Pagina 129

    5-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Managing the System Time and Date The minutes-offset variable in the clock timezone global conf iguration command is a vailable for tho se cases where a local time zone is a percentage of an hour dif ferent from UTC. Fo[...]

  • Pagina 130

    5-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Managing the System Time and Date The first part of the clock summer -time global conf iguration command specifies when su mmer time begins, and t he second part specif ies when it ends. All ti mes are relati ve to the[...]

  • Pagina 131

    5-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Defining H TTP Access Defining HTTP Access By default, 80 is used fo r HTTP access, and port 443 is used for HTTPS access. These values can be customized by the user . Follo w thes e steps to define the HTTP access. Ste[...]

  • Pagina 132

    5-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring a System N ame and Prompt When you set the system name, it is also used as the system prompt. T o return to the default host name, use th e no hostname global conf iguration command. Understanding DNS The D[...]

  • Pagina 133

    5-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring a System Name and Prompt Setting Up DNS Beginning in pri vile ged EXEC mode, follo w these st eps to set up the wireless device to use the DNS: If you use the wireless de vice IP address as its host name, th[...]

  • Pagina 134

    5-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Creating a Banne r T o remove a do main name, use the no ip domain- name name global conf iguration command. T o remov e a name server address, use the no ip name-server server-addr ess global conf iguration command. T[...]

  • Pagina 135

    5-39 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Creating a Banner Beginni ng in pri vile ged EXEC mode, follo w these steps to configure a MO TD login banner: T o delete the MOTD b anner , use the no banner motd global config uration command. This exampl e sho ws ho [...]

  • Pagina 136

    5-40 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Upgrading Autonomous Cisco Aironet Access Points to Lightweight Mode Configuring a Login Banner Y ou can configure a login banner to ap pear on all c onnected termin als. This banner appears after the MO TD banner and [...]

  • Pagina 137

    5-41 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Migrating to Japan W52 Domain Migrating to Japan W52 Domain This utility is used to migrate 802.11a radios fr om the J52 to W52 domains. The utility operates on the 1130, 1200 (with RM2 0, RM21, and RM22A radios), an d [...]

  • Pagina 138

    5-42 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Migrating to Japan W52 Domain[...]

  • Pagina 139

    5-43 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring Multiple VLAN and Rate Li miting for Point-to-Multipoint Bridging Verifying the Migration Use the show controllers command to conf irm the migration as sho wn in this typical e xample: ap# show controllers d[...]

  • Pagina 140

    5-44 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Multiple VLAN and Rate Limiting for Poin t-to-Multipoint Bridging In a typical scenario, multiple VLAN support perm its users to set u p point-to-mu ltipoint bri dge links with remote sites, with each remot[...]

  • Pagina 141

    CH A P T E R 6-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 6 Configuring Radio Settings This chapter describes h ow to config ure radio settings for the wireless device. Th is chapter includes the follo wing sections: • Enabling the Radio Inter face, page 6-2 • Config uring the Role in Radi o Network, [...]

  • Pagina 142

    6-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling the Radio Interface Enabling the Radio Interface The wireless de vice radios are disabled by def ault. Note Beginning wit h Cisco IOS Release 12.3(8)J A there is no SSID. Y ou must create an SSID before you can enab[...]

  • Pagina 143

    6-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Y ou can also configure a fallback role for root access points. The wi reless de vice automatically assumes the fallback role when it s Ethernet port is disabled or disconnected from [...]

  • Pagina 144

    6-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring the Role in Radio Network Step 3 station-role non-root {bridge | wir eless-clients} rep e a te r root {access-point | ap-only | [bridge | wireless- clients] | [fallback | repeater | shutdo wn]} scanner workgr oup[...]

  • Pagina 145

    6-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Note When you enable the role in the radio network as a Bridge/w orkg roup bridge and enable the interface using the no shut command, the physical status and t he software status of t[...]

  • Pagina 146

    6-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring the Role in Radio Network Note In point-to-multip oint bridging, WGB i s not recommended wit h the root bridge. WGB sh ould be associated to the root AP i n point-to-multi point bridging setup. Configuring Dual-R[...]

  • Pagina 147

    6-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Radio Tracking Y ou can configure the access point to track or monitor the status of on e of its radios. It the tracked radio goes down or is disabl ed , the access point shuts do wn [...]

  • Pagina 148

    6-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Data Rates Bridge Features Not Supported The follo wing features are not supported when a 1200 or 1240 series access point is configured as a bridge: • Clear Channel Assessment (CCA) • Interoperability [...]

  • Pagina 149

    6-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuri ng Radio Data Rates to be made based on reso urces av ailable to the wireless project, typ e of traf f ic the users will be passing , service lev el desired, and as always, the qu ality of the RF en vironment.When[...]

  • Pagina 150

    6-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Data Rates Step 3 speed 802.11b, 2.4-GHz radio: {[ 1.0 ] [ 11.0 ] [ 2.0 ] [ 5.5 ] [ basic-1.0 ] [ basic-11.0 ] [ basic- 2.0 ] [ basic-5.5 ] | range | thro ughput } 802.11g, 2.4-GHz radio: {[ 1.0 ] [ 2.0 ] [...]

  • Pagina 151

    6-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring MCS Rates Use the no form of the speed command to remov e one or more data rates from the conf iguration. This example sho ws how t o remov e data rates basic-2.0 and basic-5.5 fr om the conf iguration: ap1200#[...]

  • Pagina 152

    6-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Transmit Powe r MCS rates are confi gured using the speed command. The follo wing example sho ws a speed setting for an 802.11n 5-GHz radio: interface Dot11Radio0 no ip address no ip route-cache ! ssid 125[...]

  • Pagina 153

    6-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radi o Transmit Power Step 2 Click T echnical Support & Documentation . A small window appears contai ning a list o f technical support links. Step 3 Click T echnical Support & Documentati on . The T ec[...]

  • Pagina 154

    6-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Transmit Powe r Use the no form of the po wer command to return the po wer setting to maximum , the defa ult setting. Step 3 power local These option s are a v ailable for the 802.11b, 2.4-GHz radio (in mW[...]

  • Pagina 155

    6-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radi o Transmit Power Limiting the Power Level for Associated Client Devices Y ou can also limit the po wer le vel on client de vices that associate to the wirel ess dev ice. When a client dev ice associates to[...]

  • Pagina 156

    6-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Use the no form of the client power command to disabl e the maximum po wer level for associat ed clients. Note Aironet extensions must be enabled to limit the po wer lev el on associated [...]

  • Pagina 157

    6-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s Because they change frequent ly , channel settings are not in cluded in this document. F or up-to-date information on channel settings for your access point or bridge, see the Channels a[...]

  • Pagina 158

    6-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Dynamic Frequency Selection Access points with 5-GHz radios configured at th e factory for use in the United States, Europe, Singapore, K orea, Japan, Israel, and T aiwan no w comp ly wi [...]

  • Pagina 159

    6-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s If radar is detected on a manually con figur ed DFS channel, the channel will be cha nged automatically and will not return to the configured channel. Prior to transmitt ing on an y chan[...]

  • Pagina 160

    6-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Confirming that DFS is Enabled Use the show controllers dot11radio1 command to conf irm that DFS is enabled. The command also includes indicat ions that uniform spreading is requ ired and[...]

  • Pagina 161

    6-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s The follo wing e xample selects channel 36 and conf igures it to use DFS on a frequency band 1: ap#configure terminal ap(config)interface dot11radio1 ap(config-if) channel 36 ap(config-i[...]

  • Pagina 162

    6-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Loca tion-Based Services This exampl e sho ws ho w to unb lock all frequencies for DFS: ap(config-if)# no dfs band block Setting the 802.11n Guard Interval The 802.11n guard interv al is the period in nanosecond[...]

  • Pagina 163

    6-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Location-Base d Services Figure 6-2 Basic LBS Networ k Configuration The access points that you conf igure for LBS should be in the same vicinity . If only one or two access points report messages from a tag, t[...]

  • Pagina 164

    6-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling and Disabling World Mode In this e xample, the prof ile southside is enabled on th e access poi nt 802.11g radi o: ap# configure terminal ap(config)# dot11 lbs southside ap(dot11-lbs)# server-address 10.91.105.90 p[...]

  • Pagina 165

    6-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Disabling and Enabling Short Rad io Preambles Use the no form of the command to disable world mode. Disabling and Enabling Short Radio Preambles The radio preamb le (s ometimes called a header ) is a section of data at the[...]

  • Pagina 166

    6-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Transmit and Receive Antenna s Short preambles are enab led by default. Use the pr eamble-short command to enable short preambles if they are disa bled. Configuring Transmit and Receive Antennas Y ou ca n select[...]

  • Pagina 167

    6-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Enabling and Disab ling Gratuitous Probe Response Enabling and Disabling Gratuitous Probe Response Gratuitous Probe Response (GPR) aids in conservi ng battery po wer in dual mode phones that support cellular and WLAN modes[...]

  • Pagina 168

    6-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Disabling and Enabling Aironet Extens ions (config-if)# probe-response gratuitous speed 12.0 (config-if)# probe-response gratuitous period 30 speed 12.0 Use the no form of the command to disable the GPR feature. Disabling a[...]

  • Pagina 169

    6-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ethernet Encaps ulation Transformation Method Configuring the Ethernet Encapsulation Transformation Method When the wireless device receiv es data packets that are not 802.3 packets, the wireless de vice mu[...]

  • Pagina 170

    6-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling and Disabling Public Secure Pa cket Forwarding Note This feature is best sui ted for use with stati onary workgroup bridges. Mobile w orkgroup bridges mig ht encounter spots in the wireless device's co verage [...]

  • Pagina 171

    6-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Enabling and Disabling Pu bl ic Secure Packet Forwa rding PSPF is disabled by default. Be ginning in pri v ileged EXEC mode, follo w these steps to enable PSPF: Use the no form of the command to disable PSPF . Configuring [...]

  • Pagina 172

    6-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring the Beaco n Period and the DTIM Configuring the Beacon Period and the DTIM The beacon period is the amount of time between acc ess po int beacons in Kilomicroseconds. One Kµsec equals 1,024 m icroseconds. The D[...]

  • Pagina 173

    6-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuri ng the Maxi mum Data Retries Use the no form of the command to reset the R TS settings to def aults. Configuring the Maximum Data Retries The maximum data retries setting determines the nu mber of attempts the wi[...]

  • Pagina 174

    6-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling Short Slot Tim e for 802.11g Radios Use the no form of the command to reset the setting t o defaults. Enabling Short Slot Time for 802.11g Radios Y ou can increase throughput on the 802.11g, 2 .4-GHz radio by enabl[...]

  • Pagina 175

    6-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics The Stream page appears. Step 4 Click the tab for the radio to co nfigu re. Step 5 For both CoS 5 (V ideo) and CoS 6 (V oice) user priorities, ch oose Lo w Latenc y from the P acket Handlin g drop-do[...]

  • Pagina 176

    6-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Viewing VoWLAN Metrics Viewing Voice Reports Y ou ca n use a browser to access voice reports listing V oWL AN metrics stored on a WLSE. Y o u can view reports for access point groups and for indi vidual access p oints. T o [...]

  • Pagina 177

    6-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics • T o view a graph of v oice bandwidth in use during the last hour , choose Bandwidth In Use (% Allowed) from the Report Name drop-do wn list. • T o view graphs of v oice streams in progress, cho[...]

  • Pagina 178

    6-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Viewing VoWLAN Metrics Figur e 6-6 V oice Streaming Pr ogr ess Viewing Wireless Client Reports In addition to vie wing voice reports from an access point perspective, you can vie w them from a client perspective. F or e ver[...]

  • Pagina 179

    6-39 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics Figure 6-7 Wir eless Client Metr ics Viewing Voice Fault Summary The Faults > V oice Summary page in WLSE displays a summary of the faults detected with the follo wing voice fault types: • Exces[...]

  • Pagina 180

    6-40 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Viewing VoWLAN Metrics Figur e 6-8 V oice Fault Summary Configuring Voice QoS Settings Y ou can use WLSE Faults > V oice QoS Settings scre en to define the v oice QoS thresholds for the follo wing parameter s: • Down s[...]

  • Pagina 181

    6-41 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics Figure 6-9 V oice QoS Settings Configuring Voice Fault Settings Y ou can use WLSE Faults > Manage F ault Settings sc reen to enab le fault generation and specify the priority of th e faults genera[...]

  • Pagina 182

    6-42 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring ClientLink Configuring ClientLink Cisco ClientLink (referred to as Beam Fo rming) is an intelligent beamformin g technology that directs the RF signal to 802.11a/g de vices to improv e performance by 65%, impro [...]

  • Pagina 183

    6-43 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Debugging Radio Functions This exampl e sho ws ho w to beg in debu gging of all radio-related e vents: AP# debug dot11 events This exampl e sho ws how to begin d ebuggi ng of radio packets: AP# debug dot11 packets This exa[...]

  • Pagina 184

    6-44 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Debugging Radi o Functions[...]

  • Pagina 185

    CH A P T E R 7-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 7 Configuring Multiple SSIDs This chapter describe s how to configure and manage multiple Service Set Identif iers (SSIDs) on the access point. This chapter contains the following sections: • Understanding Multiple SSIDs, page 7-2 • Config urin[...]

  • Pagina 186

    7-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Understanding Multiple SSIDs Understanding Multiple SSIDs The SSID is a unique identif ier that wireless networki ng devices use to esta blish and m aintain wi reless connectivity . Multiple access points on a network or s[...]

  • Pagina 187

    7-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Understanding Multiple SSIDs Cisco IOS Release 12.3(10b)J A supports conf iguration of SSID parameters at the interface le vel on th e CLI, but t he SSIDs are stored in global mode. Storing all SSI Ds in global mode ensures [...]

  • Pagina 188

    7-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple SSIDs Configuring Multiple SSIDs These sections contain conf iguration information for multip le SSIDs: • Default SSID Confi guration, page 7-4 • Creating an SSID Globally , page 7-4 • Using a RA[...]

  • Pagina 189

    7-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple SSIDs Step 3 authentication client username username password passwor d (Optional) Set an authen tication username and password that the access point uses to authenti cate to the network when in repeater[...]

  • Pagina 190

    7-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple SSIDs Note Y o u use the ssid command authenticatio n options to configure an authen tication type for each SSID. See Chapter 9, “Configuring an Access Point as a Local Authenticator, ” for in stru[...]

  • Pagina 191

    7-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple SSIDs ssid buffalo vlan 7 authentication open Howe ver , this sample output from a show dot11 associations pri vileged EXEC command sho ws the spaces in the SSIDs: SSID [buffalo] : SSID [buffalo ] : SSID[...]

  • Pagina 192

    7-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple Basic SSIDs Configuring Multiple Basic SSIDs Access point 802.1 1a, 802.11g, 802.11n radios support up to 8 basic SSIDs (BSSIDs), which are similar to MA C addresses. Y ou use multiple BSSIDs to a ssig[...]

  • Pagina 193

    7-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple Basic SSIDs Figure 7 -1 Global SSID Manager P age Step 2 Enter the SSID name in the SSID fie l d . Step 3 Use the VLAN drop-do wn list to select the VLAN to which the SSID is assign ed. Step 4 Select the[...]

  • Pagina 194

    7-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple Basic SSIDs Step 7 (Optiona l) In the Mul tiple BSSI D B eacon Settings section, select the Set SSID as Guest Mode check box to include the SSID in beacons. Step 8 (Optional) T o increase the battery [...]

  • Pagina 195

    7-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Assigning IP Redirection for an SSID Assigning IP Redirection for an SSID When you conf igure IP redirection for an SSID, the access point redire cts all packets sent from c lient devices associated to that SSID to a specif[...]

  • Pagina 196

    7-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Assigning IP Redirection for an SSID Guidelines for Using IP Redirection K eep these guidelines in mind when using IP redirection: • The access point does not redire ct broadcast, unicas t, or multicast BOOTP/DHCP packe[...]

  • Pagina 197

    7-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Including an SSID in an SSIDL IE This example sho w s ho w to configure IP redirection only for packets sent to the sp ecific TCP and UDP ports specif ied in an A CL applied to the BVI1 inte rface. When the access point rec[...]

  • Pagina 198

    7-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID NAC Support for MBSSID Networks must be protected fr om security threats, su ch as viruses, worms, and spyw are. These security threats disrupt b usiness, causing do wntime and continual patching. E[...]

  • Pagina 199

    7-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs NAC Support for MBSSID When a client associates and the RADIUS server dete rmines that it is unh ealthy , the server returns one of the quarantine N A C VLANs in its RADIUS auth entication response for dot1x auth entication[...]

  • Pagina 200

    7-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID Configuring NAC for MBSSID Note This feature supports only Layer 2 mobility within VLANs. Layer 3 mob ility using netwo rk ID is not supported in this feature. Note Before you attempt to enable NA C[...]

  • Pagina 201

    7-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs NAC Support for MBSSID authentication open authentication network-eap eap_methods ! dot11 ssid mktg vlan mktg-normal backup mktg-infected1, mktg-infected2, mktg-infected3 authentication open authentication network-eap eap_m[...]

  • Pagina 202

    7-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID[...]

  • Pagina 203

    CH A P T E R 8-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 8 Configuring Spanning Tree Protocol This chapter descibes ho w to configure Spanning T r ee Protocol (STP) on your access point/bridge. This chapter contains the following sections: • Understanding Spanning Tree Protocol, page 8-2 • Config uri[...]

  • Pagina 204

    8-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol Understanding Spanning Tree Protocol This section describes ho w spanning-tree features work. It includes this information: • STP Overvie w , page 8-2 • Access Point/Bridge [...]

  • Pagina 205

    8-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol The access point/bridge maintain s a separate spanning -tree instance for each ac tiv e VLAN configu red on it. A bridge ID, con sisting of the brid ge priority and the access po[...]

  • Pagina 206

    8-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol When a access point/bridge receiv es a configuration BPDU that contains superior information (lower access point/bridge ID, lower path cost , and so forth), it st ores the infor[...]

  • Pagina 207

    8-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol BPDUs contain information about the sending acce ss point/bridge and its po rts, including access point/bridge and MA C addresses, access point/bridge pr iority , port pr iority [...]

  • Pagina 208

    8-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol Spanning-Tree Interface States Propagation dela ys can occur when p rotocol informa tion passes throug h a wireless LAN. As a re sult, topology changes can take pl ace at dif fe[...]

  • Pagina 209

    8-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol When the spanning-tree algorithm pl aces a Laye r 2 interface in the forwarding state, this process occ urs: 1. The interface is in the listening st ate while spanning tree wa it[...]

  • Pagina 210

    8-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features • Receiv es BPDUs Forwarding State An interface in the forwar ding state forwards frames . The interface enters the fo rwarding sta te from the learning state. An interface in the forw ard[...]

  • Pagina 211

    8-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features The radio and Ethernet interfaces and the nati ve VLAN on the access point/bridge are as signed t o bridge group 1 by def ault. When you enable STP and assign a priori ty on bridge grou p 1,[...]

  • Pagina 212

    8-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features STP Configuration Examples These configuration e x amples sho w how to enable STP on root and non-root acc ess point/bridges w ith and without VL ANs: • Root Bridge W ithout VLANs, page 8[...]

  • Pagina 213

    8-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features Non-Root Bridge Without VLANs This exampl e sho ws the conf iguration of a non-root bridge with no VLANs conf igured with STP enabled: hostname client-bridge-north ip subnet-zero ! bridge i[...]

  • Pagina 214

    8-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features ! interface Dot11Radio0 no ip address no ip route-cache ! ssid vlan1 vlan 1 infrastructure-ssid authentication open ! speed basic-6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 rts threshold 2312 st[...]

  • Pagina 215

    8-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features bridge 2 priority 10000 bridge 3 protocol ieee bridge 3 priority 3100 ! line con 0 exec-timeout 0 0 line vty 5 15 ! end Non-Root Bridge with VLANs This exampl e sho ws the conf iguration of[...]

  • Pagina 216

    8-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Displaying Spanning-T ree Status encapsulation dot1Q 1 native no ip route-cache bridge-group 1 ! interface FastEthernet0.2 encapsulation dot1Q 2 no ip route-cache bridge-group 2 ! interface FastEthernet0.3 encapsul[...]

  • Pagina 217

    CH A P T E R 9-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 9 Configuring an Access Point as a Local Authenticator This chapter describes ho w to conf igure the access poin t as a local authentica tor to serve as a stand-alone authenticator for a small wireless LAN or to pro v ide backup authentication serv[...]

  • Pagina 218

    9-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Understanding Local Authentication Understanding Local Authentication Many smal l wireless LANs that could be made more secure w ith 802.1x authenticatio n do not ha ve access to a RADIUS server .[...]

  • Pagina 219

    9-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Guidelines for Local Authenticators Follo w these guidelines w hen configuring an access point as a local authenticator: • Use an access point that does not se[...]

  • Pagina 220

    9-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r Step 3 radius-server local Enable the access point as a local authenticator and enter conf iguration mode for the auth enticator . Step 4 nas ip-addr ess key sha[...]

  • Pagina 221

    9-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator This exampl e sho ws ho w to set up a lo cal authenticator used by three access points with three user groups and sev eral users: AP# configure terminal AP(confi[...]

  • Pagina 222

    9-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r AP(config-radsrv)# user 00095125d02b password 00095125d02b group cashiers AP(config-radsrv)# user 00079431f04a password 00079431f04a group cashiers AP(config-rad[...]

  • Pagina 223

    9-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Each time the access point t ries to use the main serv ers while they are do wn, th e client device trying to authenticate might repor t an authentication timeou[...]

  • Pagina 224

    9-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r In this example, the local authenticat or generates a P A C for the username joe , password-protects the file with the password bingo , sets the P AC to e xpire [...]

  • Pagina 225

    9-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Limiting the Local Authenticator to One Authentication Type By default, a local authenticator access poi nt performs LEAP , EAP-F AST , and MA C-based authentica[...]

  • Pagina 226

    9-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r The second section lists stats for each acces s point (N A S) authorized to use th e local authenticator . The EAP-F A ST statistics in th is section include th[...]

  • Pagina 227

    CH A P T E R 10-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 10 Configuring Cipher Suites and WEP This chapter describes ho w to configure th e cipher suites required to use W i-Fi Protected Access (WP A) and Cisco Cen tralized Key Management (CCKM) aut henticated key manageme nt, W ired Equiv ale nt Pri va[...]

  • Pagina 228

    10-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Understanding Cipher Suites and WEP Understanding Cipher Suites and WEP This section descri bes ho w WEP and cipher suit es protect traf fic on your wireless LAN. Just as anyone with in range of a radio station can[...]

  • Pagina 229

    10-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP • TKIP (T emporal K ey Integrit y Protocol)—TKIP is a suite of algorithms sur rounding WEP that is designed to ac hiev e the best possible se curity on legacy hardware built t[...]

  • Pagina 230

    10-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP Beginni ng in pri vileged EXEC mode, foll ow these st eps to create a WEP ke y and set the key properties: This example sh ow s how to create a 128-bit WEP k ey in slot 3 f or VLA[...]

  • Pagina 231

    10-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP WEP Key Restrictions T able 10-1 lists WEP key restrictions based o n your securit y configuration. Example WEP Key Setup T able 10-2 shows an e xample WEP key setup that would wo[...]

  • Pagina 232

    10-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP Note If you enable MIC but you use static WEP (you do not enable an y type of EAP authentication), both the access point and any devices with whic h it co mmunicates must use the [...]

  • Pagina 233

    10-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP Use the no form of the encryption command to disable a cipher suite. Matching Cipher Suites with WPA or CCKM If you conf igure your access point to use WP A or CCKM authenticated [...]

  • Pagina 234

    10-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP Note If using WP A and CCKM as ke y ma nagement, only tkip and aes ciphers are supported . If using only CCKM as key management, ckip, cmic, ckip-cmic, tkip, wep, and aes ciphers [...]

  • Pagina 235

    10-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP Beginni ng in pri vile ged EXEC mode, follo w th ese steps to enable broadcast k ey rotati on: Use the no form of the encryption command to disable b roadcast key rotation. This e[...]

  • Pagina 236

    10-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP[...]

  • Pagina 237

    CH A P T E R 11-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 11 Configuring Authentication Types This chapter describes how to conf igure authenticati on types on the access point. This chapter contains the following sections: • Understanding Authen tication T ypes, page 11-2 • Config uring Authenticati[...]

  • Pagina 238

    11-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Understanding Authentication Types This section describes the authentication types that you can co nfigure on the access point. The authentication types are ti ed to the SSIDs tha[...]

  • Pagina 239

    11-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types Figur e 1 1 -1 Sequence for Open A uthentication Shared Key Authentication to the Access Point Cisco provides shared k ey authenti cation to comply with the IEEE 8 02.11b standard.[...]

  • Pagina 240

    11-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types EAP Authentication to the Network This authentication t ype provides t he highest le vel o f security for your wireless network. By using t he Extensible A uthentica tion Protoco [...]

  • Pagina 241

    11-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types There is more than one typ e of EAP authentication, b ut the access point behav es the same way for each type: it re lays authen tication m ess ages from the wireless client de vic[...]

  • Pagina 242

    11-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Figur e 1 1 -4 Sequence for MAC-Based A uthentication Combining MAC-Based, EAP, and Open Authentication Y ou can set up the access point to authenticate c lient devices using a co[...]

  • Pagina 243

    11-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types Figure 11-5 sho ws the reassociation proce ss using CCKM. Figur e 1 1 -5 Client R eassociation Using CCKM Using WPA Key Management W i-Fi Protected Acces s (WP A) is a st anda rds-[...]

  • Pagina 244

    11-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Figure 11-6 sh ows the WP A key management process. Figure 1 1 -6 WP A Key Management Pr ocess Software and Firmware Requirements for WPA, CCKM, CKIP, and WPA-TKIP T able 11-1 lis[...]

  • Pagina 245

    11-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types T o support the security combi nations in T able 11-1 , your Ci sco Aironet access p oints and Cisco Airon et client de vices must run the follo wing software and f irmware v ersio[...]

  • Pagina 246

    11-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Note When you configure TKIP -only cipher encryp tion (not TKIP + WE P 128 or TKIP + WEP 40 ) on any radio interface o r VLAN, e ver y SSID on that radio or VLAN must be set to use[...]

  • Pagina 247

    11-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Step 3 authentication open [ mac-address list -name [ alter nate ]] [[ optional ] eap list-name ] (Optional) Set the authenticati on type to open for this SSID. Open authenticati [...]

  • Pagina 248

    11-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Step 5 authentication network-eap list-name [ mac-address list -name ] (Optional) Set the authenticati on type for the SSID to Network-EAP . Using the Extensible Authenti cation Pr[...]

  • Pagina 249

    11-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Use the no form of the SSID commands to disable th e SSID or to disable SSID features. This exampl e sets the authenticati on type for the SSID batman to Network-EAP wi th CCKM au[...]

  • Pagina 250

    11-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Configuring Additional WPA Settings Use two optional sett ings to conf igure a preshar ed key o n the access point and adjust the frequ ency of group k ey upd ates. Setting a presh[...]

  • Pagina 251

    11-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types This exampl e sho ws ho w to conf igure a preshared ke y for clients using WP A and static WEP , with group ke y update options: ap# configure terminal ap(config-if)# ssid batman [...]

  • Pagina 252

    11-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types This exampl e sho ws how to enable MA C authentication caching with a one-hour timeout: ap# configure terminal ap(config)# dot11 aaa mac-authen filter-cache timeout 3600 ap(config)[...]

  • Pagina 253

    11-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Use the no form of these commands to reset the v alues to default settings. Creating and Applying EAP Method Pr ofiles for the 802.1X Supplicant This section descri bes the option[...]

  • Pagina 254

    11-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Creating an EAP Method Profile Beginni ng in pri vile ged ex ec mode, follo w these steps to define a ne w EAP profile: Use the no command to negate a command or set it s defaults.[...]

  • Pagina 255

    11-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Matching Access Point and Client Device Authentication Type s Applying an EAP Prof ile to an Uplink SSID This operation typical ly applies to repeater access points. Be ginning in the pri vileged e xec mode, fol lo[...]

  • Pagina 256

    11-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Matching Access Point and Client Device Au thentication Types T able 1 1 -2 Client and Access P oint Security Set tings Security Feature Client Setting Access Point Setting Static WEP with open authentication Creat[...]

  • Pagina 257

    11-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Matching Access Point and Client Device Authentication Type s 802.1X authen tication and CCKM Enable LEAP Select a ciph er suite and enable Network-EAP an d CCKM for the SSID Note T o allow both 80 2.1X clients and[...]

  • Pagina 258

    11-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement Guest Access Management Guest Access allows a guest to gain access to the Internet, and the guest’ s o wn enterprise wit hout compromising the security o f the host enterprise. EAP-MD5 au[...]

  • Pagina 259

    11-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Guest Access Management Guest access is allowed through these method s: • W eb Authentication (secured) • W eb Pass-through Web Authentication (secured ) W eb authentication is a Layer 3 security feature that e[...]

  • Pagina 260

    11-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement Beginni ng in pri vile ged EXEC mode, use these commands to enable W eb Pass-through : – ap(config)# ip admission name W eb_passthrough consent – ap(config)# interface dot11Radio 0 – [...]

  • Pagina 261

    11-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Guest Access Management Guest access is allo wed for a maximum of twent-four days and a mini mum of fi ve minutes. Beginni ng in pri vile ged EXEC mode, use this command to delete a gu est user: ap# clear dot11 gue[...]

  • Pagina 262

    11-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement – ap(config-ext-nacl)# permit tcp any host 40.40.5.10 eq 443 – ap(config-ext-nacl)# exit Note acl-in and acl-out are the names of the Access-list. These acl's allo w you to downloa[...]

  • Pagina 263

    CH A P T E R 12-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 12 Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services This chapter describes how to configure your access points for wireless domain services (WDS), fast, secure roaming of cli ent devices, radio mana[...]

  • Pagina 264

    12-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Understanding WDS Understanding WDS When you conf igure W ireless Domain Services on your netw ork, access points on your wi reless LAN use the WDS device ([...]

  • Pagina 265

    12-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Understanding Fast Secure Roaming Role of Access Points Using the WDS Device The access points on your wir eless LAN intera ct with the WDS device in[...]

  • Pagina 266

    12-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Understanding Fast Secure Roaming Figur e 12-1 Client Au thentication Using a RADIUS Server When you conf igure your wireless LAN for fast, secure roaming, [...]

  • Pagina 267

    12-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Understanding Radio Mana gement device. The WDS de vice forwards the client’ s cred entials to the new access point, and the ne w access point send[...]

  • Pagina 268

    12-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Understanding Wireless Intr usion Detection Services Figur e 12-3 Require d Components for Lay er 3 Mobility Click this link to bro wse to the information p[...]

  • Pagina 269

    12-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS access points. The WLSE examines the BRIDG E MIB of each CDP-discovered switch to determine if they contain an y of the target MA C a[...]

  • Pagina 270

    12-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS • Config uring the Authenticatio n Server to Supp ort WDS, page 12-15 • Config uring WDS Only Mode, page 1 2-19 • V ie wing WDS Inform[...]

  • Pagina 271

    12-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Figure 12-4 sho ws the required configuration for each de vice that pa rticipates in WDS. Figure 12-4 Config urations on Devices Par [...]

  • Pagina 272

    12-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS On the access point that you want to conf igure as your primary WDS access point, follo w these steps to configure the access point as the [...]

  • Pagina 273

    12-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 5 In the W ireless Domain Services Priority f ield, enter a priority number f rom 1 to 255 to set the prio rity of this WDS ca [...]

  • Pagina 274

    12-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Figur e 12-7 WDS Server Gr oups P age Step 10 Create a group of serv ers to be used for 802.1x authenticati on for the infrastructure de vi[...]

  • Pagina 275

    12-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 14 Config ure the list of serv ers to be us ed for 802.1x authenticat ion for client de vices. Y ou can specify a separate list[...]

  • Pagina 276

    12-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Configuring Access Points to use the WDS Device Follo w these steps to configure an access point to authenti cate through the WDS de vice a[...]

  • Pagina 277

    12-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS The access points that you configur e to interact with the WDS auto matically perform these steps: • Discov er and track the curre[...]

  • Pagina 278

    12-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Figur e 12-9 Networ k Configuration P age Step 2 Click Add Entry unde r the AAA C lients tabl e. The Add AA A Client page appears. Figure 1[...]

  • Pagina 279

    12-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Figure 12-1 0 Add AAA Client P age Step 3 In the AAA Client Hostname f ield, enter the name of the WDS de vice. Step 4 In the AAA Cl[...]

  • Pagina 280

    12-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Step 9 Click User Setup to bro wse to the User Setup page. Y ou must use th e User Setup page to crea te entries for the access points that[...]

  • Pagina 281

    12-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 13 Select CiscoSecure Database from the P assword Aut hentication drop-d own li st. Step 14 In the Passw ord and Conf irm Passw[...]

  • Pagina 282

    12-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Viewing WDS Information On the web-b rowser interface, browse to the W irele ss Services Summary page to vie w a summary of WDS status. On [...]

  • Pagina 283

    12-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Fast Secure Roaming Using Debug Messages In pri vileg ed ex ec mode, use these deb ug commands to control the display of deb ug messages[...]

  • Pagina 284

    12-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Fa st Secure Roaming Configuring Access Points to Support Fast Secure Roaming T o support fast, secure roaming, the access poi nts on your wir [...]

  • Pagina 285

    12-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Fast Secure Roaming Figure 12-15 Global SSID Ma nager P age Step 6 On the SSID that suppor ts CCKM, select these settings: a. If your ac[...]

  • Pagina 286

    12-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Fa st Secure Roaming c. Select Mandatory or Optional under Authenticate d Ke y Managemen t. If you select Mandatory , only clients that support[...]

  • Pagina 287

    12-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Management Frame Protection Step 4 Click the over-air or ove r -ds radio butt on. Step 5 Enter the reassociation time. The v alues range[...]

  • Pagina 288

    12-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Management Frame Pro tection Management Frame Protection operation requires a WDS and is av ailable on 32 Mb platforms only (1130, 1140, 1240, [...]

  • Pagina 289

    12-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Management Frame Protection rejected. If you attempt to change the ke y management with Client MFP conf igured as required and ke y mana[...]

  • Pagina 290

    12-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Management Frame Pro tection Beginni ng in pri vile ged EXEC mode, follo w these steps to conf igure the WDS: Management Frame Protection with [...]

  • Pagina 291

    12-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Management Frame Protection This CLI command is us ed to en able 802.11w on the access point: ap(config-ssid)# 11w-pmf client r equired/[...]

  • Pagina 292

    12-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Radio Manage ment Configuring Radio Management When you conf igure access points on y our wireless LAN to use WDS, the access points automatica[...]

  • Pagina 293

    12-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Radio Mana gement Figure 12-1 7 WDS/WNM General Setup P age Step 4 Check the Configure W ireless Network Manager check box. Step 5 In th[...]

  • Pagina 294

    12-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Access Points to Participate in WIDS Configuring Access Points to Participate in WIDS T o partic ipate in WIDS, access points must be configure[...]

  • Pagina 295

    12-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Access Points to Participate in WIDS Beginning in pri vile ged EXEC mode, follo w these st eps to configure the access point to capture [...]

  • Pagina 296

    12-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Access Points to Participate in WIDS Configuring Monitor Mode Limits Y ou c an configure threshold v a lues that the access po int uses in moni[...]

  • Pagina 297

    CH A P T E R 13-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 13 Configuring RADIUS and TACACS+ Servers This chapter describes ho w to enable and configur e the Remote Authen ticati on Dial-In Use r Service (RADIUS) and T erminal Access Cont roller Access Control System Plus (T A CA CS+), that provides detai[...]

  • Pagina 298

    13-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Understanding RADIUS RADIUS is a distributed client/server system th at secures networks against unauthorized access. RADIUS clien ts run on suppo rted Cisco devices and send a[...]

  • Pagina 299

    13-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Figur e 13-1 Sequence fo r EAP A uthentication In Steps 1 through 9 in Fi gure 13-1 , a wireless client devi ce and a RADIUS serv er on the wired LAN use 802.1x and EAP to perf[...]

  • Pagina 300

    13-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS A method list def ines the sequence and methods to be used to au thenticate, to author ize, or to keep accounts on a user. Y ou can use method lists to designate one or more se[...]

  • Pagina 301

    13-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Y ou identify R ADIUS security server s by their host name or IP address, host name and specif ic UDP port numbers, or t heir IP address and specif ic UDP po rt numbers. The co[...]

  • Pagina 302

    13-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Step 3 radius server {hostname | ip-address}[ auth-port port-numb er ] [ acct-port port-number ] [ timeout seconds ] [ retransmit re t r i e s ] [ key string ] Note This comman[...]

  • Pagina 303

    13-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T o remove the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess glo bal confi guration command. This example shows ho w to configure one RADIUS s[...]

  • Pagina 304

    13-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1 [ [...]

  • Pagina 305

    13-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Defining AAA Server Groups Y ou can configure the access point t o use AAA server gr oups to group e xisting serv er hosts for authentication. Y o u select a subset of the conf[...]

  • Pagina 306

    13-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Step 3 radius-server host { hostname | ip-addr ess } [ auth-port port-number ] [ acct-port port-number ] [ timeout seconds ] [ retransmit re t r i e s ] [ key string ] Specify[...]

  • Pagina 307

    13-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T o remove the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess glo bal confi guration command. T o remov e a server group from t he config urat[...]

  • Pagina 308

    13-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Beginni ng in pri vileged EXEC mode, fol lo w these steps to specify RADIUS authorizatio n for pri vile ged EXEC access and network services: T o dis able authorization, use t[...]

  • Pagina 309

    13-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Note When WDS is configured, PoD requ ests should be directed to the WDS. The WDS forwards the disassociation request to the parent access point and th en purges the sessi on [...]

  • Pagina 310

    13-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o disable accounting, use the no aaa accounting { network | exec } { start-stop } method1... global confi guration command. Selecting the CSID Format Y ou c an select the fo[...]

  • Pagina 311

    13-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Configuring Settings fo r All RADIUS Servers Beginni ng in pri vile ged EXEC mode, follo w these steps to configure global com munication settin gs between the acc ess point a[...]

  • Pagina 312

    13-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS This ex ample sho ws how to set up two main serv ers and a local authenticator with a serv er deadtime of 10 minutes: AP(config)# aaa new-model AP(config)# radius-server host [...]

  • Pagina 313

    13-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS For a complete list of RADIUS attribut es or more information about VSA 26, refer to the “RADIUS Attrib utes” appendix in th e Cisco IOS Security Conf iguration Guide f or[...]

  • Pagina 314

    13-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o delete the vendor -proprietary RADIUS host, use the no radius-server host { hostna me | ip-addr ess } non-standard global conf iguration command. T o disable the key , use[...]

  • Pagina 315

    13-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Beginning in pri vile ged EXEC mode, follo w these st eps to specify WISPr RADIUS attributes on the access point: This exampl e sho ws ho w to conf igur e the WISPr location-n[...]

  • Pagina 316

    13-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS RADIUS Attributes Sent by the Access Point T able 13-2 through Ta b l e 1 3 - 6 identify the at trib utes sent by an a ccess point to a client in access-request, access-accept[...]

  • Pagina 317

    13-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T able 1 3-4 At tr ibutes Sent in Ac counting-Request (start) P ack ets Attribute ID Description 1U s e r - N a m e 4 N AS-IP-Addres s 5N A S - P o r t 6 Service-T ype 25 Clas[...]

  • Pagina 318

    13-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Note By default, the access point sends reauthenticati on requests to the authenticat ion server with the service-type attrib ute set to authenticat e-only . Ho wever , some M[...]

  • Pagina 319

    13-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ Configuring and Enabling TACACS+ This section contains this conf iguration information: • Understanding T A CACS+, p age 13-23 • T A CACS+ Operation, p age 13-24 • Confi[...]

  • Pagina 320

    13-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ TACACS+ Operation When an administrator attempts a simple ASCII login by authenticating to an access po int using T A CA CS+, this process occurs: 1. When the connection i s [...]

  • Pagina 321

    13-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ This section contains this conf iguration information: • Default T ACA CS+ Conf iguration, page 13-25 • Identifying t he T A CA CS+ Server Host and Setting the A uthentica[...]

  • Pagina 322

    13-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ T o remove the specified T A CA CS+ server name or address, use the no tacacs-server host hostname global conf iguration command. T o remove a ser ver group fro m the conf ig[...]

  • Pagina 323

    13-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1 [[...]

  • Pagina 324

    13-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ The aaa authoriza tion exec ta cacs+ local command set s these authorization pa rameters: • Use T A CA CS+ for privile ged EXEC access authorization if authent ication was [...]

  • Pagina 325

    13-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ T o disable accounting, use the no aaa accounting { network | exec } { start-stop } method1... global confi guration command. Displaying the TACACS+ Configuration T o display [...]

  • Pagina 326

    13-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+[...]

  • Pagina 327

    CH A P T E R 14-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 14 Configuring VLANs This chapter describes how to configure your access point to operate with the VLANs set up on your wired LAN. This chapter contains th e follo wing sections : • Understanding VLANs, page 14-2 • Conf iguring VLANs, p age 14[...]

  • Pagina 328

    14-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Understanding VLANs Understanding VLANs A VLAN is a switched network that is logically segmen ted, by functions, project teams, or applications rather than on a physical or geographical basis. For e xample, all w orkstations and s[...]

  • Pagina 329

    14-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Understanding VLANs Figur e 14-1 LAN and VLAN Segmentation with Wireless Devices Related Documents These documents prov ide more detailed informati on pertaining to V LAN design an d conf iguration: • Cisco IOS Switchi ng Service[...]

  • Pagina 330

    14-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Configuring VLANs Incorporating Wireless Devices into VLANs The basic wireless componen ts of a VLAN consist of an access point and a client associated to it using wireless technology . The access point is physically connected th [...]

  • Pagina 331

    14-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Configuri ng VLANs Configuring a VLAN Note When you confi gure VLANs on access points, the nati ve VLAN must be VLAN1. In a sin gle architecture, client traff ic rece i ved by the access poi nt is tunneled through an IP-GRE tunnel,[...]

  • Pagina 332

    14-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Configuring VLANs Step 3 ssid ssid-string Create an SSID and enter SSID configuration mode for the new SSID. The SSID can consist of up t o 32 alphanumeric characters. SSI Ds are cas e sensiti ve. The SSID can consist of up to 32 [...]

  • Pagina 333

    14-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Configuri ng VLANs This example sho ws how to: • Name an SSID • Assign the SSID to a V LAN • Enable the VLAN on the radio and Ethernet ports as the na tiv e VLAN ap1200# configure terminal ap1200(config)# interface dot11radio[...]

  • Pagina 334

    14-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Configuring VLANs Creating a VLAN Name Beginning in pri vileged EXEC mod e, follo w these steps to assign a name to a VLAN: Use the no form of the command to remov e the name from the VLAN. Use the show dot11 vlan-name priv ileged[...]

  • Pagina 335

    14-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Configuri ng VLANs Using a RADIUS Server for Dynamic Mobility Group Assignment Y ou can configure a RADIUS server to dynamically assi gn mobility groups to users or user g roups. This eliminates the need to conf igure multiple SSID[...]

  • Pagina 336

    14-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns VLAN Configuration Ex ample Virtual-Dot11Radio0 Protocols Configured: Address: Received: Transmitted: Bridging Bridge Group 1 201688 0 Bridging Bridge Group 1 201688 0 Bridging Bridge Group 1 201688 0 Virtual LAN ID: 2 (IEEE 802.[...]

  • Pagina 337

    14-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs VLAN Configuration Example 4. Configure VLAN 1, the Management VLAN, on both the fastEthernet and do t11radio interfaces on the access point. Y ou should make th is VLAN the nati ve VLAN. 5. Config ure VLANs 2 and 3 on both the f [...]

  • Pagina 338

    14-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns VLAN Configuration Ex ample T able 14-3 shows th e results of the conf iguration commands in T able 14-2 . Use the sho w running command to display th e running conf igurati on on the access point. Notice that when yo u config ur[...]

  • Pagina 339

    CH A P T E R 15-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 15 Configuring QoS This chapter describes how to conf igure quality of se rvice (QoS) on your access point. W ith this feature, you can provide preferential treatment to certain traff i c at the expense of others. W ithout QoS, the access point of[...]

  • Pagina 340

    15-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Understanding QoS for Wireless LANs T ypically , networks operate on a best-ef fort deliv ery ba sis, which means that all traf fic has equal priority and an equal chance of being deli vered in a t[...]

  • Pagina 341

    15-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs QoS on the wireless LAN focuses on do wnstream prioritization from the access point. Fi gure 15-1 sho ws the upstream and downstream traf f ic flow . Figur e 15-1 Upstream and Downstr eam T raf fic[...]

  • Pagina 342

    15-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Note This release continues to support e xisting 7920 wireless phone f irmwa re. Do not attempt to u se the ne w standard (IEEE 802.11e dr aft 13) QBSS Load IE with the 7 920 W ireless Phone until [...]

  • Pagina 343

    15-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Using Band Select Band Select allo ws you to mo ve to the less cong ested radios if your W i-Fi radios are capable of dual band operati on. This feat ure improves the ov erall performance of the ne[...]

  • Pagina 344

    15-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS - ap (conf ig)# dot11 ssid abcd - ap(conf ig-ssid)# band-select Configuring QoS QoS is disabled by default (ho wever , the radio interf ace al ways honors tagged 802. 1P packets e ven when you have not configured a Qo[...]

  • Pagina 345

    15-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS Figur e 15-2 QoS Policies P age Step 3 Wi t h <NEW> selected in the Create/Edit Polic y f ield, type a name for the QoS polic y in the Policy Name entry fi eld. The name can contain up to 25 alphanumer ic chara[...]

  • Pagina 346

    15-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS Step 4 If the packets that you need to pr ioritize contain IP preced ence information in the IP header TOS field, select an IP precedence classifica tion from the IP Precede nce drop-do w n list. Menu selections i ncl[...]

  • Pagina 347

    15-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS • Class Selector 1 • Class Selector 2 • Class Selector 3 • Class Selector 4 • Class Selector 5 • Class Selector 6 • Class Selector 7 • Expedited Forwarding Step 8 Use the Apply Class of Service drop-d[...]

  • Pagina 348

    15-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS Step 19 Click the A pply bu tton at the bottom of the page to apply the policies t o the access point ports. The QoS Policies Advanced Page The QoS Policies Advanced page ( Fi gure 15-3 ) Figur e 15-3 QoS Policies - [...]

  • Pagina 349

    15-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS IGMP Snooping When Internet Group Membership Protocol (IG MP) snooping is enabled on a switch and a client roams from one access point to another, the clients’ multicast session is dropped. When the ac cess points[...]

  • Pagina 350

    15-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS Adjusting Radio Access Categories The access point uses the radio access categories to calculate backoff times for each packet. As a rule, high-priority packets hav e short backoff times. The default v alues in the M[...]

  • Pagina 351

    15-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS Figur e 15-4 Radio Access Categ or i es P a ge Note In this release, clients are blocked from using an access category when you select Enable for Admission Control. Configuring Nominal Rates When an access point rec[...]

  • Pagina 352

    15-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS http://cisco. com/en/US/docs/wireless/access_poin t/12.4_10b_J A/command/reference/cr12410b-chap2 . html#wp325708 0 Note The abov e rates work f ine for Cisco phones. Third parties wireless phones may ha ve a dif fer[...]

  • Pagina 353

    15-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Examples Troubleshooting Admissio n Control Y ou can use two CLI commands to d isplay information to h elp you troubleshoot adm ission control problems: • T o display current admission control sett ings on radio [...]

  • Pagina 354

    15-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Example s Figure 15-5 QoS Policies P age f or V oice Example The network admin istrat or also enables the QoS element for wir eless phones setting on the QoS Policies - Adv anced page. This setting gi ves priority [...]

  • Pagina 355

    15-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Examples Figure 15-6 QoS Policies P age for Video Example[...]

  • Pagina 356

    15-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Example s[...]

  • Pagina 357

    CH A P T E R 16-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 16 Configuring Filters This chapter describe s how to configure and manage MA C address, IP , and EtherT ype filters on the access point using the we b-bro wser interface. Th is chapter contains the follo wing sections: • Understanding Filters, [...]

  • Pagina 358

    16-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Understanding Filters Understanding Filters Protocol filters (IP protocol , IP port, and EtherT ype) pr ev en t or allow the use of specific protocols through the acc ess point’ s Ethernet and rad io ports. Y ou can se t up ind[...]

  • Pagina 359

    16-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Configuring Filters Using the Web-Browser Interface This section descri bes ho w to conf igure and enab le f ilters using the web-bro wser interface. Y ou complete two steps to [...]

  • Pagina 360

    16-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Figure 16-1 MAC Addr ess Filters P age Follo w this link path to reach the Address Filters page: 1. Click Services in the page na vigation bar . 2. In the Services page list, [...]

  • Pagina 361

    16-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Step 5 Use the Mask entry field to indicate ho w many bits, from left to right, the f ilter checks against the MA C address. For e xample, to require an exact matc h with the MA[...]

  • Pagina 362

    16-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface If clients are not f iltered immediately , click Reload on the System Confi guration page to restart t he access point. T o reach the Syst em Conf iguration page, click System[...]

  • Pagina 363

    16-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Step 3 Click Advanced Security to bro wse to the Adv anced Security: MA C Address Authentication page. Figure 16-4 sho ws the MAC Address Authentication page. Figur e 16-4 Adv a[...]

  • Pagina 364

    16-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Step 6 Click A pply . Creating a Time-Based ACL T ime-ba sed A CLs are ACLs that can be enabled or disabled for a specific period of time. This cap ability provid es robust ne[...]

  • Pagina 365

    16-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface ACL Logging A CL logging is not supported on the br idging interfaces of A P platforms. When applied on bridgin g interface, it wi ll work as if conf igured without “log” op[...]

  • Pagina 366

    16-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Figure 16-6 I P Filters P age Follo w this link path to reach the IP Filters page: 1. Click Services in the page na vigation bar . 2. In the Services page list, click Filters[...]

  • Pagina 367

    16-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Creating an IP Filter Follo w these steps to create an IP filter: Step 1 Follo w the link path to the IP Filters page. Step 2 If you are creating a new f ilter, mak e sure <[...]

  • Pagina 368

    16-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Step 15 When the f ilter is complete, click A pply . The f ilter is sav ed on the access point, but it i s not enabled unti l you apply it on the Appl y Filters pa ge. Step 1[...]

  • Pagina 369

    16-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Figur e 16-8 Ethe rT ype Filters P age Follo w this link path to reach the EtherT ype Filters page: 1. Click Services in the page na vigation bar . 2. In the Services page list[...]

  • Pagina 370

    16-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Step 7 Click Add . The EtherT ype appears in the Filters Classes fi eld. T o remove the EtherT ype from the Filters Classes list, select it and click Delete Class . Repeat St[...]

  • Pagina 371

    CH A P T E R 17-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 17 Configuring CDP This chapter describes ho w to configure Cisco Disco very Protocol (CDP) on your access point . Note For complete syntax and usage in formation for the co mmands used in this chapter, refer to the Cisco Air onet IOS Command Refe[...]

  • Pagina 372

    17-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Understanding CDP Understanding CDP Cisco Discov ery Protocol (CDP) is a de vice-disco v ery protocol that runs on all Ci sco network equipment. Each de vice sends identifying messages to a multicast address, and e ach device monito[...]

  • Pagina 373

    17-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 17 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This exampl e sho ws ho w to conf igur e and verify CDP characteristics: AP# configure terminal AP(config)# cdp holdtime 120 AP(config)# cdp time[...]

  • Pagina 374

    17-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Monitoring and Maintaining CDP This e xample sho ws how to enable CDP . AP# configure terminal AP(config)# cdp run AP(config)# end Disabling and Enabling CDP on an Interface CDP is enabled by def ault on all supported in terfaces to[...]

  • Pagina 375

    17-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 17 Configuring CDP Monitori ng and Maintaining CDP Belo w are si x exampl es of output from t he CDP show pri vileged EXEC commands: AP# show cdp Global CDP information: Sending CDP packets every 50 seconds Sending a holdtime value of 120 seconds AP# s[...]

  • Pagina 376

    17-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Monitoring and Maintaining CDP Device ID: idf2-1-lab-l3.cisco.com Entry address(es): IP address: 10.1.1.10 Platform: cisco WS-C3524-XL, Capabilities: Trans-Bridge Switch Interface: GigabitEthernet0/1, Port ID (outgoing port): FastEt[...]

  • Pagina 377

    17-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 17 Configuring CDP Monitori ng and Maintaining CDP AP# show cdp neighbor Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device IDLocal InterfaceHoldtmeCapabilityPlatformPort ID Perdi[...]

  • Pagina 378

    17-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Monitoring and Maintaining CDP[...]

  • Pagina 379

    CH A P T E R 18-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 18 Configuring SNMP This chapter describe s how to configure the Simple Network Managemen t Protocol (SNM P) on your access point. Note For complete syntax and usage info rmation for th e commands used i n this chapter , refer to the Cisco IOS Com[...]

  • Pagina 380

    18-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Understanding SNMP Understanding SNMP SNMP is an appli cation-layer protocol that p r ovides a message format for communication between SNMP manage rs and agents. The SN MP manager ca n be part of a net work management system (NMS)[...]

  • Pagina 381

    18-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Understanding SNMP T able 18-1 lists the SNMP versio ns and security le vels supported on access points. For detailed infor mation on SN MPv3, click th is link to browse to the Ne w F eature Do cumentation for Cisco IOS Release 12.0[...]

  • Pagina 382

    18-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Understanding SNMP SNMP Agent Functions The SNMP agent responds to SNMP manager request s as follo ws: • Get a MIB variable—The SNM P agent b egins this func tion in r esponse to a request f rom the NMS. The agent retriev e s t[...]

  • Pagina 383

    18-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP Configuring SNMP This section descri bes ho w to conf igure SNMP on your access point. I t contains this conf iguration inform ation: • Default SNMP Conf iguration, page 18-5 • Enabling the SNMP Agent, page 18-5[...]

  • Pagina 384

    18-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Configuring SNMP Configuring Community Strings Y ou use the SNMP community string to def ine th e relationship between the SNMP manager and the agent. The community stri ng acts like a passw ord to permit access to the agent on the[...]

  • Pagina 385

    18-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP T o disable access for an SNMP community , set the communi ty string for that community to the null string (do not enter a v alue for th e community string). T o remov e a specif ic community string , use the no snm[...]

  • Pagina 386

    18-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Configuring SNMP Configuring SNMP-Server Hosts T o configure the recip ient of an SNMP trap oper ation, use the follo wing command in global confi guration mode: Configuring SNMP-Server Users T o configure a ne w user to an SNMP gr[...]

  • Pagina 387

    18-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP Some notif ication types cannot be contro lled with the snmp-server enable global conf iguration command, such as udp-port . These notification types are always enabled. Y ou can use the snmp-server host global conf[...]

  • Pagina 388

    18-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Configuring SNMP T o remov e the specified hos t from receiving traps , use the no snmp-server host host global confi guration command. T o disable a specif ic trap type, use the no snmp-server enable traps notif ication-t ypes gl[...]

  • Pagina 389

    18-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP This example sho ws how to assign the strings open and ieee to SNMP , to allow read-write access for both, and to specify that open is the community string for quer ies on non-IEEE80 2dot11-MIB objects and ieee is [...]

  • Pagina 390

    18-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Displaying SNMP Status AP(config)# snmp-server group admin v3 priv read iso write iso AP(config)# snmp-server user joe admin v3 auth md5 xyz123 priv des56 key007 AP(config)# snmp-server user fred admin v3 encrypted auth md5 abc789[...]

  • Pagina 391

    CH A P T E R 19-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 19 Configuring Repeater and Standby Access Points and Workgroup Bridge Mode This chapter describes how to conf ig ure your a ccess point as a repeater , as a hot standby unit, or as a workgroup bridge. This chapter co ntains the following sections[...]

  • Pagina 392

    19-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Repeater Ac cess Points Understanding Repeater Access Points A repeater access point is not connected to the wired LAN ; it is placed within radio range of an [...]

  • Pagina 393

    19-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Repeater Access Point Figur e 19-1 Access P o int as a Repeater Configuring a Repeater Access Point This section pro vides instruct ions for setting u p an acc[...]

  • Pagina 394

    19-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Re peater Access Point Default Configuration Access points are configured as root units by default. T able 19-1 sho ws the default v alues for settings that co[...]

  • Pagina 395

    19-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Repeater Access Point Setting Up a Repeater Beginning in Pri vileged Exec mode, fol low th ese steps to conf igure an access point as a repeater: Command Purpo[...]

  • Pagina 396

    19-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Aligning Antennas The follo wing example sho ws how to set up a repeat er access point with three potential parents, designated 1 t o 3: AP# configure terminal AP(config)# i[...]

  • Pagina 397

    19-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Aligning Antennas Use the show dot11 antenna-alignment command to list the MA C addresses and signal level for the last 10 de vices that responded to the probe. Verifying Re[...]

  • Pagina 398

    19-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Aligning Antennas Setting Up a Repeater As a WPA Client WP A key management uses a combination of encr yption methods to protect communi cation between client devices and th[...]

  • Pagina 399

    19-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Hot Standby Understanding Hot Standby Hot Standby mode designates an access point as a backup for another acces s point. The standby access point is placed nea[...]

  • Pagina 400

    19-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Hot Standby Access Point Configuring a Hot Standby Access Point When you set up the standby access po int, you must enter the MA C addr ess of the access poin[...]

  • Pagina 401

    19-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Hot Standby Access Po int Beginni ng in Pri vileg ed Exec mode , follow these st eps to enable hot standby mode on an access point: Command Purpose Step 1 con[...]

  • Pagina 402

    19-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Hot Standby Access Point After you enable standby mode, conf igure the settings that you recorded from the monitored access p oint to match on the standby acc[...]

  • Pagina 403

    19-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Workgroup Bridge Mode Use this command to check the stand by confi guration: show iapp standby-parms This command di splays the MAC address of the st andby ac[...]

  • Pagina 404

    19-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Wo rkgroup Brid ge Mode Caution An access point in workgroup bridge mode can introd uce a bridge loop if you co nnect its Ethernet port to your wired LAN. T o[...]

  • Pagina 405

    19-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Workgroup Bridge Mode Figure 19-2 sho ws an a ccess point in workgroup br idge mode. Figur e 1 9-2 Access P oint in W ork group Br idg e Mode Treating Workgro[...]

  • Pagina 406

    19-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Wo rkgroup Brid ge Mode bridges, t hat can as sociat e to an access point or bridge. T o increase beyond 20 the number of w orkgroup bridges that can associat[...]

  • Pagina 407

    19-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Workgroup Bridge VLAN Tagging The follo wing e xample sho ws ho w the command is used . In the example, channels 1, 6, and 11 are specified to scan: ap# ap#confure terminal[...]

  • Pagina 408

    19-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring Work group Bridge Mode In the upstream direction, WGB remo ves the 802 .1q he ader from the pack et while sending to the WLC. In the downst ream direction while[...]

  • Pagina 409

    19-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring Workgroup Bridge Mode This exampl e sho ws how to conf igure an 1100 series access point as a workgroup bri dge. In this exam ple, the workgrou p bridge uses th[...]

  • Pagina 410

    19-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge s in a Lightweight Environment This example sho w s how to set up a w orkgroup bridge with the parent access points, designated 1 and 2: AP(config-if[...]

  • Pagina 411

    19-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Using Workgroup Bridges in a Lightweight Environment • The workgroup bridge can be any autonomous acce ss point that supports the workgroup bridge mode and is running Cis[...]

  • Pagina 412

    19-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge s in a Lightweight Environment • When you delete a workgroup bridg e record from the controller , all of the workgroup bridg e wired clients’ rec[...]

  • Pagina 413

    19-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Using Workgroup Bridges in a Lightweight Environment Enabling VideoStream Suppo rt on Workgroup Bridges V ideoStream impro ves the reliabi lity of an IP multicast stream by[...]

  • Pagina 414

    19-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge s in a Lightweight Environment[...]

  • Pagina 415

    CH A P T E R 20-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 20 Managing Firmware and Configurations This chapter describ es how to manipulate the Flash fi le system, ho w to copy configuration f iles, a nd ho w to archiv e (upload and download) software images. Note For complete syntax and usage info rmati[...]

  • Pagina 416

    20-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System Displaying Available File Systems T o display the av ailable file systems on your access point, use the sho w f ile systems privile ged EXEC command as sho wn in this e xample:[...]

  • Pagina 417

    20-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with the Flash File System Setting the Default File System Y ou can specify the file system or direct ory that the system uses as the default file system by usi ng the cd filesyst em: pri vile ged EXEC co[...]

  • Pagina 418

    20-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System Creating and Removing Directories Beginning in pri vile ged EXEC mode, follo w these steps to create and remo ve a directory: T o delete a directory with all its files and subd[...]

  • Pagina 419

    20-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with the Flash File System • From a startup conf iguration to a startup configuration • From a de vice to the same de vice (for example, the copy flash: flash: command is in v alid) For specific e xam[...]

  • Pagina 420

    20-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System • For the T rivial Fil e T ransfer Protocol (TFTP), the syntax i s tftp: [[ // location ] / dir ectory ] / tar- fil ename .tar The tar-filename .tar is the tar file to be cre[...]

  • Pagina 421

    20-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s Extracting a tar File T o e xtract a ta r file into a directory o n the Flash file system, use this pr i vileged EXEC comm and: archiv e tar /xtract sour c e-url flash:/ fi le - [...]

  • Pagina 422

    20-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Yo u c a n c o p y ( download ) configuration f iles from a TFTP , FTP , or RCP server to the running configuration of the access point for v arious reasons: • T o restore a ba[...]

  • Pagina 423

    20-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s config uration is used. Ho wever , some commands in the e xisting conf iguration might not be replaced or nega ted. In this case, the resulting conf iguration f ile is a mixture [...]

  • Pagina 424

    20-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Preparing to Download or Upload a Configuration File by Using TFTP Before you be gin do wnloading or uploading a conf iguratio n file by using TFTP , perform these tasks: • En[...]

  • Pagina 425

    20-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s The configuration f ile do w nloads, and the commands are executed as th e f ile is parsed line-by-line. This example sho w s ho w to conf igure the software from the f ile toky[...]

  • Pagina 426

    20-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files • The access point forms a password named username@apn ame. domain . The v ariable username is the username associated with the current session, apname is the configured host [...]

  • Pagina 427

    20-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s This example sho ws how to cop y a config uration f ile named host1-confg from the netadmin1 directory on the remo te server with an IP address of 172.16.101.101 and to lo ad an[...]

  • Pagina 428

    20-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files This exampl e sho ws how to copy the run ning conf iguration f ile named ap2-confg to the netadmin1 directory on the remote host with an IP address of 172.16.101.101: ap# copy s[...]

  • Pagina 429

    20-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s access to a server that supports the remote shell (rsh). (Most UNIX systems support rsh.) Because you are copying a f ile from one place to another , you must hav e read permiss[...]

  • Pagina 430

    20-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files ap1.company.com ap1 For more information, r efer to th e documentation for yo ur RCP server . Downloading a Configuration File by Using RCP Beginni ng in pri vileged EXEC mode, [...]

  • Pagina 431

    20-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s %SYS-5-CONFIG_NV:Non-volatile store configured from host2-config by rcp from 172.16.101.101 Uploading a Configuration File by Using RCP Beginni ng in pri vile ged EXEC mode, fol[...]

  • Pagina 432

    20-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Deleting a Stored Configuration File Caution Y ou cannot restore a file af ter it has been deleted. T o delete a saved conf iguration from Flash memory , use the d elete flash: fi [...]

  • Pagina 433

    20-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images tar File Format of Images on a Server or Cisco.com Software images located on a server or d ownload ed from Cisco .com are pro vided in a tar f ile format, which contains these files[...]

  • Pagina 434

    20-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Note Y ou must restart the inetd daemon after modify ing the /etc/inetd.conf and / etc/services f iles. T o restart the daem on, either stop the inetd process and restart it, or en[...]

  • Pagina 435

    20-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note T o a void an unsuccessful do wnload, use the archi ve dow nload-sw /safe command, whi ch do wnloads the image fi rst and does not delete the current runnin g version un til the[...]

  • Pagina 436

    20-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s The algorithm installs the do wnloaded image on the system board Flash de vice (flash:). The image is placed into a ne w directory named with the softw are version string , and the[...]

  • Pagina 437

    20-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images • Downloading an Image File by Using FTP , page 20-24 • Uploading an Im age File by Using FTP , pa ge 20-26 Preparing to Download or Upload an Image File by Using FTP Y ou can co[...]

  • Pagina 438

    20-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s For more information, r efer to th e documentation for yo ur FTP server . Downloading an Image File by Using FTP Y ou can dow nload a ne w image fi le and o ve rwrite the cur rent [...]

  • Pagina 439

    20-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note T o a void an unsuccessful do wnload, use the archi ve dow nload-sw /safe command, whi ch do wnloads the image fi rst and does not delete the current runnin g version un til the[...]

  • Pagina 440

    20-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s If you specify the /lea ve-old-sw , the e xisting f iles are not remo ved. If there is no t enough space to install the ne w image and k eep the r unning image, the do wn load proc[...]

  • Pagina 441

    20-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images The archiv e upload-sw command b uilds an image f ile on the serv er by uploading th ese fi les in order: info, the Cisco IOS image, th e HTML files, and i nfo.ver . After these file[...]

  • Pagina 442

    20-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s RCP requires a client to send a remote usern ame on each RCP request to a server . When you copy an image from the access point to a server by using RCP , the Cisco IOS software se[...]

  • Pagina 443

    20-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Downloading an Image File by Using RCP Y ou c an download a ne w image file an d replace or keep the current image. Caution For the do wn load and upload algo rithms to operat e prop[...]

  • Pagina 444

    20-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Note T o a void an unsuccessful do wnload, use the archi ve dow nload-sw /safe command, whi ch do wnloads the image fi rst and does not delete the current runnin g version un til t[...]

  • Pagina 445

    20-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note If the Flash de vice has suff icient space to hold two images and you want to ov erwrite one of these images with the same versi on, you must specify the /ov erwrite optio n. If[...]

  • Pagina 446

    20-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s The archive upload-sw pri vile ged EXEC command buil ds an image f ile on the serv er by uploading these files in order: info, the Cisco IOS i mage, the HTML files, and info.ver . [...]

  • Pagina 447

    20-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Step 7 Click the Upgrade b utton. For additi onal information, cl ick the Help icon on the Software Upgrade screen. Browser TFTP Interface The TFTP interface allo ws you to use a TFT[...]

  • Pagina 448

    20-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s[...]

  • Pagina 449

    CH A P T E R 21-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 21 Configuring System Message Logging This chapter describes how to conf igure sy stem message logging on your acces s point. Note For complete syntax and usage info rmation for th e commands used i n this chapter , refer to the Cisco IOS Confi gu[...]

  • Pagina 450

    21-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Understanding System Message Lo gging Understanding System Message Logging By default, access points send the outpu t from system messages and deb ug privile ged EXEC commands to a logging process. The l ogging [...]

  • Pagina 451

    21-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging T able 21-1 describes the elements of syslog messages. This example show s a partial access point system message : 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed stat[...]

  • Pagina 452

    21-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging Disabling and Enabling Message Logging Message logging is enabled by default. It must be en abled to send messages to any d estination other than the console. When enabled, log[...]

  • Pagina 453

    21-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging Setting the Message Display Destination Device If message logging is en abled, you ca n send messages to specific locati ons in addition to the cons ole. Beginni ng in pri vile g[...]

  • Pagina 454

    21-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging Enabling and Disabling Timestamps on Log Messages By default, log messag es are not timestamped. Beginni ng in pri vile ged EXEC mode, follo w these steps to enable ti mestampi[...]

  • Pagina 455

    21-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging This example sh ow s part of a logging display with sequenc e numbers enabled: 000019: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) Defining the Message Severi[...]

  • Pagina 456

    21-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging T able 21-3 describes the level ke yword s. It also lists the corresponding UNIX syslo g defini tions from the most se vere le vel to the least se vere le vel. The software gen[...]

  • Pagina 457

    21-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging Beginni ng in pri vile ged EXEC mode, follo w these steps to change the lev el and history table size defaults: When the history table is fu ll (it contains the maximum number of[...]

  • Pagina 458

    21-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging Configuring UNIX Syslog Servers The next sections describe how to configure the 4.3 BSD U NIX server syslog daemon and de fine the UNIX system logging f acility . Logging Mess[...]

  • Pagina 459

    21-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging T o remove a syslog server , use the no logg ing host global conf iguration comman d, and specify the syslog server IP address. T o disable logg ing to syslog servers, enter the[...]

  • Pagina 460

    21-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Displaying the Logging Configuration Displaying the Logging Configuration T o display the current logging con figur ation and the co ntents of the log b uffer , use the show lo gging pri vileged EXEC co mmand. [...]

  • Pagina 461

    CH A P T E R 22-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 22 Troubleshooting This chapter pro vides troubleshooting procedures for basic p roblems with the wireless de vice. For the most up-to-date, detail ed troubleshooting i nformation, refer to the Cisco T A C website at the follow ing URL (select T o[...]

  • Pagina 462

    22-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Checking the Top Panel Indicators If your wireless de vice is not communicating, check the three LED indicators on the top panel to quickly assess the device ’s status. Figure 22-1 sho ws the indi[...]

  • Pagina 463

    22-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Figur e 22-2 Indicators on the 1 1 00 Series A ccess Point Figur e 22-3 Indicators on the 350 Ser ies Access P oint (Plastic Case) Ethernet Status Radio 81597 S CISCO AIRONET 350 SERIES WIRELESS ACC[...]

  • Pagina 464

    22-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Figur e 22-4 Indicators on the 350 Ser ies Access P oint (Metal Case) The indicator sign als on the wi reless de vice hav e the follo wing meanings (for additional d etails refer to T able 22-1 ): ?[...]

  • Pagina 465

    22-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note Regarding LED status colors, it is expected that there will be small v ariations in color intensity and hue from unit to unit. This is within the normal range of the LED manufa cturer’ s spec[...]

  • Pagina 466

    22-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators The LED signals are listed in Ta b l e 2 2 - 2 . T able 22-2 LED Signals Message type Cable Bay Area T op of Unit Meaning Ethernet LED Radio LED Status LED Boot loader st atus Green Green Green DRAM[...]

  • Pagina 467

    22-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note Regarding LED status colors, it is expected that there will be small v ariations in color intensity and hue from unit to unit. This is within the normal range of the LED manufa cturer’ s spec[...]

  • Pagina 468

    22-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Indicators on 1040 or 1140 Series Access Point If your access point i s not workin g properly , check the Eth ernet and Status LEDs of the uni t. Y ou can use the LED indications to quickly assess t[...]

  • Pagina 469

    22-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators 48VD C MO D E CO NSOL E E T HE RNE T 207523 2 3 4 1 1 Reset Button 3 Ethernet LED 2 Console LED 4 DC Po wer T able 2 2-3 1 040 or 1 140 Ser ies Access P oint LED Signals Message type Ethernet LED St[...]

  • Pagina 470

    22-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Note It is expected that there will be small va riations in LED color intensity and hue from unit to unit. This is within the normal range of th e LED manufact urer’ s specifications and is not a[...]

  • Pagina 471

    22-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Indicators on 1240 Series Access Points If your access point is not w orking properly , check the Status, Ethernet, and Radio LEDs on the 2.4 GHz end of the unit. Y ou can use the LED indicati ons [...]

  • Pagina 472

    22-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Note It is expected that there will be small va riations in LED color intensity and hue from unit to unit. This is within the normal range of th e LED manufact urer’ s specifications and is not a[...]

  • Pagina 473

    22-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Indicators on 1250 Access Points If your access point is not w orking properly , check the Ethernet, Status, and Radio LEDs on the 2.4 GHz end of the unit. Y ou can use the LED indicatio ns to quic[...]

  • Pagina 474

    22-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators T able 2 2-5 1250 Ser ies Access P oint LED Signals Message type Ethernet LED Status LED Radio LED Meaning Boot loader status G reen Off Amber DR AM test in progress. Green Green Green DRAM memory [...]

  • Pagina 475

    22-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note It is expect ed that there will be small v ariations in LED color intensity and hue from unit to un it. This is within the normal range of th e LED manufact urer’ s specifications and is not[...]

  • Pagina 476

    22-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Figur e 22-8 126 0 Ser i es Access P oint LED T able 22-6 shows th e 1260 access point LED indicators for v arious conditions. T able 2 2-6 1260 A ccess Point LED Status Indicat ors 1 207522 1 Stat[...]

  • Pagina 477

    22-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Indicators on 1300 Outdoor Access Point/Bridges If your access point/bridge is no t associating with a remot e bridge or access point, check the four LEDs on the back panel. Y ou can use them to qu[...]

  • Pagina 478

    22-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Figur e 22-9 LEDs Normal Mode LE D Indications During access poi nt/bridge op eration the LEDs provide status information as sho w n in T a ble 22-7 . R Radio LED E Ethernet LED S Status LED I Inst[...]

  • Pagina 479

    22-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note It is expect ed that there will be small v ariations in LED color intensity and hue from unit to un it. This is within the normal range of th e LED manufact urer’ s specifications and is not[...]

  • Pagina 480

    22-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Power Injector When the po wer injector is po wered up, it applie s 48-VDC to the dual-coax cables to the access point/bridge. When po wer is applied to the access point/bridge , th e unit acti vat[...]

  • Pagina 481

    22-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking Power • Cisco Aironet Power Injector LR2— standard (inclu ded with the b ridge) – 48-VDC inpu t power – Uses the 48-VDC po wer module (included with the bridge) • Cisco Aironet Po wer Injector LR2T—optional tran[...]

  • Pagina 482

    22-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking Basic Settings access point remains in lo w power mode wi th the radios disabled to pre vent a possible o ve r-cu rrent condition. In lo w power mode, the access point acti vates the S tatus LED lo w po wer error indicatio[...]

  • Pagina 483

    22-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Resetting to the Default Configuration Note The wireless de vice MAC address th at appears on the Status page in the Air onet Client Utility (A CU) is the MA C address for the wireless device radio. The MA C address for the acces s [...]

  • Pagina 484

    22-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Resetting to th e Default Configuration Using the Web Browser Interface Follo w these steps to delete the current conf iguration and return all wireless de vice settings to the fact ory defaults usin g the web bro wser interface: S[...]

  • Pagina 485

    22-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Reloading the Access Point Image flashfs[0]: flashfs fsck took 0 seconds. ...done initializing Flash. Step 5 Use the dir flash: command to display the contents of Flash and f ind the config.txt conf iguration file. ap: dir flash: Di[...]

  • Pagina 486

    22-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Reloading the A ccess Point Image Using the MODE button Y ou can use the MODE but ton on 1040, 1100 and 1200 series access point s to reload the access point image file from an acti ve Tri vial File T ransfer Pr otocol (TFTP) serve[...]

  • Pagina 487

    22-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Reloading the Access Point Image Browser HTTP Interface The HTTP interface enables you to bro w se to the wireless de vice image file on your PC and do wnload the image to the wireless de vice. Follo w the instructions belo w to use[...]

  • Pagina 488

    22-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Reloading the A ccess Point Image Using the CLI Follo w the steps belo w to reload the wirel ess de vice image using the CLI. When the wireless device begin s to boot, you interru pt the boot process and use bo ot loader commands t[...]

  • Pagina 489

    22-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Reloading the Access Point Image extracting c350-k9w7-mx.122-13.JA1/html/level1/appsui.js (558 bytes) extracting c350-k9w7-mx.122-13.JA1/html/level1/back.htm (205 bytes) extracting c350-k9w7-mx.122-13.JA1/html/level1/cookies.js (502[...]

  • Pagina 490

    22-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Image Recovery on the 1520 Access Point Step 6 Click IOS . A list of av ailable C isco IOS versions appears. Step 7 Choose the v ersion you wish to do wnload. The do wnload page for the v ersion you chose appears. Step 8 Click WIRE[...]

  • Pagina 491

    22-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Image Recovery on the 1520 Access Point T o perform image recovery on the 15 20 access point, follo w these steps: Step 1 W ith the ac cess point powered of f, connect an RJ45 console cable t o the console port (). The console port [...]

  • Pagina 492

    22-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Image Recovery on the 1520 Access Point Note If the ENABLE_BREAK=no envir onmental variab le is set, you will not be able to escape to the bootloader . Step 5 Cable the 1520 access point’ s LAN port (“PoE In”) to a TFTP serve[...]

  • Pagina 493

    22-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Image Recovery on the 1520 Access Point MAC_ADDR=00:1F:27:75:DB:00 MAC_ADDR_BLOCK_SIZE=01 00 NETMASK=255.255.255.0 NEW_IMAGE=yes PCA_ASSY_NUM_800=03 20 00 70 ed 03 PCA_PART_NUM_73=49 2a a6 03 PCA_REVISION_NUM=B0 PCA_REVISION_NUM_800[...]

  • Pagina 494

    22-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Image Recovery on the 1520 Access Point[...]

  • Pagina 495

    A-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-29225-01 APPENDIX A Protocol Filters The tables in this appendix list some of the prot ocol s that you can f ilter on th e access point. The tables include: • T able A-1, EtherT ype Pr otocols • T able A-2, IP Protocols • T able A-3, IP Port Protocols In each table,[...]

  • Pagina 496

    A-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix A Protocol Filters T able A -1 Ether T ype Prot ocols Protocol Additional Identifier ISO Designator ARP — 0x0806 RARP — 0x8035 IP — 0x0800 Berkele y T railer Negotiation — 0x1000 LAN T est — 0x0708 X.25 Le vel3 X.25 0x0805 Ban yan — 0x0B AD[...]

  • Pagina 497

    A-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix A Protocol Filters T able A -2 IP Protocols Protocol Additional Identifier ISO Designator dummy — 0 Internet Control Message Protocol ICMP 1 Internet Group Management Prot ocol IGMP 2 T ransmission Control Protocol TCP 6 Exterior Gate way Protocol EGP[...]

  • Pagina 498

    A-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix A Protocol Filters T able A -3 IP P or t Pr ot ocols Protocol Additional Identifier ISO Designator TCP port service multiple xer tcpmux 1 echo — 7 discard (9) — 9 systat (11) — 11 daytime (13) — 13 netstat (15) — 15 Quote of the Day qot d quo[...]

  • Pagina 499

    A-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix A Protocol Filters TSAP iso-tsap 102 CSO Name Serv er cso-ns csnet-ns 105 Remote T elnet rtelnet 107 Postoff ice v2 POP2 POP v2 109 Postoff ice v3 POP3 POP v3 110 Sun RPC sunrpc 111 tap ident authentication auth 113 sftp — 115 uucp-path — 117 Networ[...]

  • Pagina 500

    A-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix A Protocol Filters SNMP Unix Multiple xer smux 199 AppleT alk Routing at-rtmp 201 AppleT alk name binding at-nbp 202 AppleT alk echo at-e cho 204 AppleT alk Zone Information at-zis 206 NISO Z39.50 da tabase z395 0 210 IPX — 213 Interactiv e Mail Acce[...]

  • Pagina 501

    B-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-29225-01 APPENDIX B Supported MIBs This appendi x lists the Simple Network Manag ement Protocol (SNMP) Management Information Bases (MIBs) that the access point su pports for this soft w are release. The Cisco IOS SNMP agent supports SNMPv1, SNMPv2, and SNMPv3. This ap pe[...]

  • Pagina 502

    B-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix B Supported MIBs Using FTP to Acce ss the MIB Files • CISCO-MEMOR Y -POOL-MIB • CISCO-PR OCESS-MIB • CISCO-PR ODUCTS-MIB • CISCO-SMI-MIB • CISCO-TC-MIB • CISCO-SYSLOG-MIB • CISCO-WDS-INFO-MIB • ENTITY -MIB • IF-MIB • OLD-CISCO-CHASS[...]

  • Pagina 503

    C-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-29225-01 APPENDIX C Error and Event Messages This appendix lists t he CLI error and e vent message s. The appendix contains the follo wing sections: • Con ventions, page C-2 • Software Auto Upgrade Message s, page C-3 • Association Man agement Messages, page C-5 •[...]

  • Pagina 504

    C-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Conventions Conventions System error messages are displa yed in the fo rmat shown in Ta b l e C - 1 . T able C-1 System Er ror Message F ormat Message Component Description Example Error identif ier A string categorizing the[...]

  • Pagina 505

    C-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Software Auto Upgrade Message s Software Auto Upgrade Messages Error Message SW-AUTO-UPGRADE-2-FATAL_FAILURE: “At tempt to upgrade softw are failed, software on flash may be deleted. Pl ease copy software into flash. Explana[...]

  • Pagina 506

    C-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Software Auto Upgrade Messages Error Message AUTO-INSTALL-4-IP_ADDRESS_DH CP: “The radio is operating in automati c install mode and has set ip address dhcp.” Explanation The radio is oper ating in au tomatic inst all m [...]

  • Pagina 507

    C-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Association Management Message s Association Management Messages Error Message DOT11-3-BADSTATE: “%s %s -> %s.” Explanation 802 .11 associatio n and managem ent uses a ta ble-dri ven stat e machin e to k eep track and t[...]

  • Pagina 508

    C-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Unzip Mess ages Error Message DOT11-4-DIVER_USED: Interf ace $s, Mcs rates 8-15 disabled due to only one transmit or recieve antenna enab led Explanation These rates require that at lea st 2 rece iv e and transmit antennas b[...]

  • Pagina 509

    C-7 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages System Log Messages System Log Messages Error Message %DOT11-4-LOADING_RADIO: Interface [ chars], loading the radio firmware ([chars]) Explanation The radio has been stopped to load ne w firmware. Recommended Action None. Erro[...]

  • Pagina 510

    C-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages 802.11 Subsystem Messages Error Message DOT11-6-FREQ_USED: “Interfa ce %s, frequency %d selected.” Explanation After scanning for an unused frequency , th e indicated interface selected the disp[...]

  • Pagina 511

    C-9 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-3-TX_PWR_OUT_OF_RANGE : “Interface %s Radio transmit power out of range.” Explanation The transmitter po wer le vel is o utside the normal range on the indicated radio interf a[...]

  • Pagina 512

    C-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-6-DFS_SCAN_START: “DF S: Scanning frequency %d MHz for %d seconds.” Explanation The device has be gun its DFS scanning process. Recommended Action None. Error Message DOT11-[...]

  • Pagina 513

    C-11 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT114-NO_MBSSID_BACKUP_VLA N: “Backup VLANs cannot be configured if MBSSID is not enabled. %s not starte d. Explanation T o enable a backup VLAN, MBSSID mode should be con figured . [...]

  • Pagina 514

    C-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-2-UPLINK_FAILED: “Upl ink to parent failed: %s.” Explanation The connection to the parent access point f ailed for the di splayed reason. The uplink will stop its connection[...]

  • Pagina 515

    C-13 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-MAXRETRIES: “Packet to client %e reached max retries, removing the client.” Explanation The maximum packet send retry limit has been reached and th e client is being re mov [...]

  • Pagina 516

    C-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-RADIO_NO_FREQ: “Int erface &s, all frequencies have been blocked, interface not started.” Explanation The frequencies set for operatio n are in valid an d a channel sc[...]

  • Pagina 517

    C-15 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-FLASHING_RADIO: “Interfa ce %s, flashing radio firmware (%s).” Explanation The indic ated interface radio has been stop ped to loa d the indicated new f irmware. Recommended[...]

  • Pagina 518

    C-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-UPLINK_LINK_DOWN: “ Interface %s, parent lost: %s.” Explanation The connection to the parent access point on the indicated interf ace was lost for the reason indicated. Th[...]

  • Pagina 519

    C-17 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-6-ANTENNA_GAIN: “Inte rface %s, antenna position/gain changed, adjusting transmitter power.” Explanation The antenna gain has changed so the list of allo wed power le vels mus[...]

  • Pagina 520

    C-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-CKIP_MIC_FAILURE: “CKIP MIC failure was detect ed on a packet (Digest 0x%x) received from %e).” Explanation CKIP MIC failure was detected on a frame. A failure of the CKIP[...]

  • Pagina 521

    C-19 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-TKIP_REPLAY: “TKIP TSC replay was detected on a packet (TSC 0x%ssx received from %e).” Explanation TKIP TSC re play was detected on a frame. A replay of the TKIP TSC in a re[...]

  • Pagina 522

    C-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message SOAP_FIPS-2-INIT_FAILURE: “ SOAP FIPS initialization failure: %s.” Explanation SOAP FIPS i nitialization fa ilure. Recommended Action None. Error Message SOAP_FIPS-4-PROC_FAILURE:[...]

  • Pagina 523

    C-21 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Inter-Access Point Protocol Messages Error Message DOT11-6-MCAST_DISCARD: “%s mode multicast packets are discarded in %s multicast mode.” Explanation The access point conf igured as a workgrou p bridge and drops i nfrastr[...]

  • Pagina 524

    C-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Local Authenticator Messages Error Message RADSRV-4-NAS_KEYMIS: NAS sh ared key mismatch. Explanation The local RADIU S server recei ved an authen tication request but the message signature indicates that th e shared ke y t[...]

  • Pagina 525

    C-23 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Local Authenticator Message s Error Message DPT1X-SHIM-4-PLUMB_KEY_ERR: “Unable to plumb keys - %s.” Explanation An unexpected error occu rred when the shim layer t ried to plumb the k eys. Recommended Action None. Error [...]

  • Pagina 526

    C-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es WDS Messages WDS Messages Error Message WLCCP-WDS-6-REPEATER_STOP: WLCCP WDS on Repe ater unsupported, WDS is disabled. Explanation Repeater access points do not support WD S. Recommended Action None. Error Message WLCCP-WD[...]

  • Pagina 527

    C-25 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Mini IOS Messages Error Message WLCCP-NM-6-WNM_LINK_UP: Lin k to WNM is up Explanation The network manager is no w responding to k eep-acti ve messages. Recommended Action None. Error Message WLCCP-NM-6-RESET: Resetting WLCCP[...]

  • Pagina 528

    C-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Access Point/Bridge Messages Access Point/Bridge Messages Error Message APBR-4-SEND_PCKT_FAILED: Failed to Send Packet on port ifDescr (error= errornum)errornum: status er ror number HASH(0x2096974) Explanation The access p[...]

  • Pagina 529

    C-27 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages LWAPP Error Messages LWAPP Error Messages Error Message LWAPP-3-CDP: Failure sendin g CDP Update to Controller. Reason “s” Explanation Could not send access point CDP update to controller Recommended Action None. Error Me[...]

  • Pagina 530

    C-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Sensor Messages Sensor Messages Error Message SENSOR-3-TEMP_CRITICAL: Sys tem sensor “d” has exceeded CRITCAL temperature thresholds Explanation One of the measured en vironmental test poin ts exceeds the e xtreme thres[...]

  • Pagina 531

    C-29 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages SNMP Error Messages Error Message SENSOR-3-VOLT_NORMAL: Syste m sensor “d”(“d”) is now operating under NORMAL voltage Explanation One of the measured en vironmental test points is u nder normal operating voltage. Reco[...]

  • Pagina 532

    C-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es SSH Error Mess ages Error Message SNMP-4-NOENGINEIDV6: Remote snmpEngineID f or Unrecognized format ‘ %P’ not found when creating user: “s” Explanation An attempt to create a user failed.This is lik ely because the [...]

  • Pagina 533

    C-31 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages SSH Error Messages Error Message SSH-5-SSH_CLOSE: SSH Sessio n from “%s”(tty = “%d”) for user ’”%s”’ using crypto cipher ’”%s”’ closed Explanation The SSH Session closure information Recommended Action[...]

  • Pagina 534

    C-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es SSH Error Mess ages[...]

  • Pagina 535

    GL-1 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 GLOSSARY 802.11 The IEEE standard that specifies carrier sense media access control and physical layer specif ications for 1- and 2- megabi t-per -second (Mbps) wireless LANs operating in the 2. 4-GHz band. 802.11a The IEEE standard that specifies carrier sense[...]

  • Pagina 536

    Glossary GL-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 beacon A wireless LAN pa cket that signals the a v ailability and presence of the wireless de vice. Beacon packets are sent by access points and base stations; howe ver , client radio ca rds send beaco ns when op erating in computer to computer (Ad Ho[...]

  • Pagina 537

    Glossar y GL-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 dipole A ty pe of low-gain (2.2-dBi ) antenna consisting of tw o (often internal) elements. domain n ame The text name that refers to a groupi ng of networks or network resources based on org anization-type or geography; for e xample: name.com—comme[...]

  • Pagina 538

    Glossary GL-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 IP subnet mask The number used to identi fy the IP subnetwork, i ndicating whether the IP address can be recognized on the LAN or if it must be reached through a gate way . This number is expressed in a f orm similar to an IP address; for example: 255[...]

  • Pagina 539

    Glossar y GL-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 roaming A feature of some Access Points that a llows users to mo ve through a f acility while maintaining an unbrok en connection t o the LAN. RP-TNC A connector type unique to Cisco Aironet rad ios and antennas. P art 15.203 of the FCC rules co veri [...]

  • Pagina 540

    Glossary GL-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 W WDS W ireless Domain Services (WDS). An access point providing WDS on your wireless LAN maintains a cache of credenti als for CCKM-capable client de vices on your wireless LAN. When a CCKM- capable client roam s from one a ccess point to another , t[...]