Go to page of
Similar user manuals
-
Universal Remote
Cisco Systems AT3400
2 pages 0.27 mb -
Universal Remote
Cisco Systems 15.2(2)JA
540 pages 8.57 mb -
Universal Remote
Cisco Systems 12.4(25d)JA
540 pages 8.57 mb -
Universal Remote
Cisco Systems ISA550
479 pages 4.28 mb -
Universal Remote
Cisco Systems 12.3(8)JEE
540 pages 8.57 mb -
Universal Remote
Cisco Systems IOS Releases 15.2(4)JA
540 pages 8.57 mb -
Universal Remote
Cisco Systems 15.2(2)JB
540 pages 8.57 mb -
Universal Remote
Cisco Systems AT6400
2 pages 0.79 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of Cisco Systems 15.2(2)JA, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Cisco Systems 15.2(2)JA one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of Cisco Systems 15.2(2)JA. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of Cisco Systems 15.2(2)JA should contain:
- informations concerning technical data of Cisco Systems 15.2(2)JA
- name of the manufacturer and a year of construction of the Cisco Systems 15.2(2)JA item
- rules of operation, control and maintenance of the Cisco Systems 15.2(2)JA item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Cisco Systems 15.2(2)JA alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Cisco Systems 15.2(2)JA, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Cisco Systems service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Cisco Systems 15.2(2)JA.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the Cisco Systems 15.2(2)JA item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco we bsite at www.cisco.com/go/ offices. Cisco IOS S of tw are Conf iguration Guide f or Cisco Air o net A ccess P oints Cisco IOS Releases 15.2(4)JA, 1 5.2(2)JB, 15.2(2)JA,1 2.4( 25 d ) JA, and 12.3(8)JEE Tex[...]
-
Page 2
THE SPECIFICATION S AND INFORMAT ION REGARDING THE PRODUCTS IN THIS MA NUAL ARE SUBJ ECT TO CHANGE WITHOUT NOT ICE. ALL STATEMENTS , INFORMATION , AND RECOMMEN DATIONS I N THIS MANUA L ARE BELIEVE D TO BE ACCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FUL L RESPONSIBILITY FOR THEIR APPLICAT ION OF ANY[...]
-
Page 3
Contents 1 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Audience i-xix Purpose i-xix Organization i-xx Conventi ons i-xxi Related Publication s i-xxii Obtaining Documentation, Obtaining Support, and Security Guid elines i-xxii CHAPTER 1 Overview 1-1 Features 1-2 Features Introduced in This Release 1-2 Support [...]
-
Page 4
Contents 2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Getting Help 3-3 Abbreviating Command s 3-3 Using the no and Default Forms of Commands 3-4 Understanding CLI Messages 3-4 Using Command History 3-4 Changing the Co mmand History Buffer Size 3-5 Recalling Commands 3-5 Disabling the Command History Feature[...]
-
Page 5
Contents 3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Using the Express Security Page 4-20 CLI Conf iguratio n Exampl es 4-21 Configuring System Power Settings Access Points 4-26 Using the AC Power Adapter 4-26 Using a Switch Capable of IEEE 802.3af Power Negotiat ion 4-26 Using a Switch That Does Not Suppor[...]
-
Page 6
Contents 4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Configuring Spectrum Expert Mode 5-10 Controlling Access Point Acce ss with RADIUS 5-11 Default RADIUS Configuration 5-12 Configuring RADIUS Login Authentication 5-12 Defining AAA Server Groups 5-14 Configuring RADIUS Authorization for User Privileged Ac[...]
-
Page 7
Contents 5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Defining HTTP Access 5-35 Configuring a System Name and Prompt 5-35 Default System Name and Prompt Configuration 5-35 Configuring a System Name 5-35 Understanding DNS 5-36 Default DNS Configuration 5-36 Setting Up DNS 5-37 Displaying the DNS Configuration[...]
-
Page 8
Contents 6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Confirming th at DFS is Enabled 6-20 Configuring a Channel 6-20 Blocking Chann els from DFS Selection 6-21 Setting the 802.11n Guard Interva l 6-22 Configuring Location-Based Services 6-22 Understanding L ocation-Based Se rvices 6-22 Configuring LBS on A[...]
-
Page 9
Contents 7 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Default SSID Configuration 7-4 Creating an SSID Globally 7-4 Viewing SSIDs Configured Globally 7-6 Using Spaces in SSIDs 7-6 Using a RADIUS Server to Restrict SSIDs 7-7 Configuring Multiple Basic SSIDs 7-8 Requirements for Configuring Multiple BSSIDs 7-8 [...]
-
Page 10
Contents 8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Non-Root Bridge with VLANs 8-13 Displaying Spannin g-Tree Status 8-14 CHAPTER 9 Configuring an Acc ess Poin t as a Local Authenticator 9-1 Understanding L ocal Authenticatio n 9-2 Configuring a Local Authenticator 9-2 Guidelines for Local Authenticators [...]
-
Page 11
Contents 9 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Software and Firmware Requirements for WPA, CCKM, CKIP, and WPA-TKIP 11-8 Configuring Authentication Types 11-10 Assigning Authentication Types to an SSID 11-10 Configuring WPA Migration Mode 11-13 Configuring Additional WPA Settings 11-14 Configuring MAC[...]
-
Page 12
Contents 10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 CLI Configuration Example 12-24 Support for 802.11r 12-24 Configuring Management Frame Protec tion 12-25 Management Fram e Protection 12-25 Overview 12-26 Protection of Unicast Management Frame s 12-26 Protection of Broadcast Mana gement Frames 12-26 Cl[...]
-
Page 13
Contents 11 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Understanding T ACACS+ 13-23 TACACS+ Operation 13-24 Configuring TACACS+ 13-24 Default TAC ACS+ Config uration 13-25 Identifying the TACACS+ Server Host and Setting the Authenticatio n Key 13-25 Configuring TACACS+ Login Authentication 13-26 Configuring [...]
-
Page 14
Contents 12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Rate Limiting 15-11 Adjusting Radio Access Categories 15-12 Configuring Nominal Rates 15-13 Optimized Voice Settings 15 -14 Configuring Call Admission Control 15-14 QoS Configuration Examples 15-15 Giving Priority to Voice Traffic 15-15 Giving Priority [...]
-
Page 15
Contents 13 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 SNMP Community Strings 18-4 Using SNMP to Access MIB Variables 18-4 Configuring SNMP 18-5 Default SNMP Configuration 18-5 Enabling the SNMP Agent 18 -5 Configuring Community Strings 18-6 Specifying SNMP-Server Group Names 18-7 Configuring SNMP-Server Hos[...]
-
Page 16
Contents 14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Guidelines for Using Workgroup Bridges in a Lightweig ht Environment 19-20 Sample Workgroup Bridge Configuratio n 19-22 Enabling VideoStream Sup port on Workgroup Bridges 19-23 CHAPTER 20 Managing Firmware and Configurations 20-1 Working with the Flash [...]
-
Page 17
Contents 15 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Copying Image Files by Using TFTP 20-19 Preparing to Download or Upload an Image File by Using TFTP 20-19 Downloading an Image F ile by Using TFTP 20-20 Uploading an Image File by Using TFT P 20-22 Copying Image Files by Using FTP 20-22 Preparing to Down[...]
-
Page 18
Contents 16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Indicators on 1260 Series Access Points 22-15 Indicators on 1300 Outdoor Acces s Point/Bridges 22-17 Normal Mode LED Indications 22-18 Power Injector 22-20 Checking Power 22 -21 Low Power Conditio n 22-21 Checking Basic Settings 22-22 SSID 22-22 WEP Key[...]
-
Page 19
Contents 17 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Local Authenticator Messages C-21 WDS Messages C-24 Mini IOS Messages C-25 Access Point/Bridge Messages C-26 Cisco Discovery Protocol Messages C-26 External Radius Server Error Messages C-26 LWAPP Error Messages C-27 Sensor Messages C-28 SNMP Error Messa[...]
-
Page 20
Contents 18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01[...]
-
Page 21
-xix Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Preface Audience This guide is for the n etworkin g professional who in stalls and manages Cisco Aironet Access Points. T o use this guide, you should ha ve experience w orking with the Cisco IOS softw are and be familiar with the concepts and terminology of w[...]
-
Page 22
-xx Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Organization This guide also includes an ov ervie w of the acce ss point web-based interface (APWI), wh ich contains all the functionality of th e command-line interf ace (CLI). This guide does not pr ovide f ield-le vel descriptions of the APWI wind ows nor do[...]
-
Page 23
-xxi Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Conventions Chapter 15, “Conf iguring QoS, ” describes ho w to conf igure and manage MA C address, IP , and EtherT ype filters on the access poi nt using the web-br ow ser interface. Chapter 16, “Conf iguring Filters, ” describes how to config ure and [...]
-
Page 24
-xxii Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Related Publications Caution Means reader be careful. In this situation, yo u mi ght do someth ing that coul d result equipment damage or loss of data. Ti p Means the follo wing will help you sol ve a probl em. The tips information might n ot be troubleshoot [...]
-
Page 25
-xxiii Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Obtaining Do cumentation, Obta ining Support, and Security Guidelines[...]
-
Page 26
-xxiv Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Obtaining Documentation, Obtaining Support, and Security G uidelines[...]
-
Page 27
CH A P T E R 1-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 1 Overview Cisco Aironet Access Poin ts (herea fter called ac cess points ) provide a secure, affordable, and easy-to-use wireless LAN solution that combines mobility and f lexibilit y with the enterprise-class features required b y networking prof[...]
-
Page 28
1-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Features • The 1300 series o utdoor access point/bridge uses an inte grated antenna and can be config ured to use external, dual-di v ersity antennas. • The 2600 series access point contains dual-band ra dios (2.4 GHz and 5 GHz) with int[...]
-
Page 29
1-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 1 Overview Management Options Support for 802.11w Cisco IOS Release 15.2(4)J A pro vides support for the 802.11w p rotocol. Unlik e encrypted data tr af fi c, management frames are sent in an unsecure manner while using the 802. 11 protocol for d ata tr[...]
-
Page 30
1-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Network Config uration Exam ples seamless and transparen t to the user . Figure 1-1 shows access points acting as root units on a wired LAN. Figur e 1 -1 Access P oints as Ro ot Units on a Wired LAN Repeater Access Point An access point can [...]
-
Page 31
1-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 1 Overview Network Configuration Examp les Figure 1 -2 Access P oint as Repeater Bridges The 1140, 1200, 1240, and 1250 seri es access points and the 1300 access point/b ridge can be configured as root or non-root bri dges. In this role, an access point[...]
-
Page 32
1-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Network Config uration Exam ples Figur e 1 -4 Access P oints as Root an d Non-r oot Bridg es with Clients Workgroup Bridge Y ou can configure access points as workg roup bridges. I n workgroup bridge mode, the unit asso ciates to another acc[...]
-
Page 33
1-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 1 Overview Network Configuration Examp les Central Unit in an All-Wireless Network In an all-wireless network, an access point acts as a stand-alone r oot unit. The access point is no t attached to a wired LAN; it functions as a hub linking all stations[...]
-
Page 34
1-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 1 Overvi ew Network Config uration Exam ples[...]
-
Page 35
CH A P T E R 2-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 2 Using the Web-Browser Interface This chapter describes the web-brow ser interface that you can use to conf igure the wireless de vice. This chapter contains the following sections: • Using the W eb-Browser Interface for the First T ime, page 2-[...]
-
Page 36
2-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Using the Web-Browser Inte rf ace for the First Time Using the Web-Browser Interface for the First Time Use the wireless device IP address to br owse to the management system. See t he “Logging into the Access Point?[...]
-
Page 37
2-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Using the Management Pag es in the Web-Browser Inte rface Using Action Buttons Ta b l e 2 - 1 lists the page links and b uttons that appear on most management pages. T able 2-1 Common Butt ons on Manageme nt P ages But[...]
-
Page 38
2-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Character Restrictions in Entry Fields Because the 1200 series acce ss point uses Cisco IO S software, there are certain characters that you cannot use in the entry fields on the web[...]
-
Page 39
2-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Figur e 2-2 Expr ess Setup P age Step 3 Enter a name for the access p oint in the System Name f ield and click Apply . Step 4 Brow se to the Services – DNS page. Figure 2-3 sho ws t[...]
-
Page 40
2-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Figur e 2-3 Services – DNS P a ge Step 5 Click Enable for DNS. Step 6 In the Domain Name f ield, enter your compan y domain name. Step 7 Enter at least one IP address for your DNS [...]
-
Page 41
2-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Step 10 Browse to the Services: HTTP W eb Server page. Figure 2-4 sho ws the HTTP W eb Serv er page: Figur e 2-4 Services: HTTP W eb Server P age Step 11 Select the Enable Secur e (HT[...]
-
Page 42
2-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Step 14 Another warn ing appears stating that th e access point securi ty certif icate is valid but is not from a kno wn source. Howe ver , you can accept the certificate with co nf [...]
-
Page 43
2-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Figur e 2-7 Certificat e Window Step 16 In the Certificate windo w , click Install Certif icate . The Microsoft W indows Cert if icate Import W izard appears. Figure 2-8 sho ws the Ce[...]
-
Page 44
2-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Figur e 2-8 Certificat e Import Wizar d Step 17 Click Next . The next screen asks where you want to sto r e the certificate. W e recommend that you use the default storage area on y[...]
-
Page 45
2-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Figure 2-1 0 Certificat e Completion Screen Step 19 Click Finish . Windo ws displays a final security warning. Figure 2-11 shows the security w arning. Figur e 2-1 1 Certificat e Sec[...]
-
Page 46
2-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Figure 2-12 Import Successful Scr een Step 21 Click OK . Step 22 On the Certificate windo w shown in Figure 2-7 , which is still displayed, cli ck OK . Step 23 On the Security Alert[...]
-
Page 47
2-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 2 Using the W eb-Browser Interface Using Online Help Using Online Help Click the help icon at the top of an y page in the web-bro wser interf ace to display online help . Figure 2-13 sho ws the help and print icons. Figur e 2-13 Help and Print Icons Wh[...]
-
Page 48
2-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 2 Using th e Web-Browser Interface Disabling the Web-Brow ser Interface Ta b l e 2 - 2 sho ws an e xample help location and He lp Root URL for an 1100 series access poi nt. Step 5 Click A pply . Disabling the Web-Browser Interface T o prevent all use o[...]
-
Page 49
CH A P T E R 3-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 3 Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) that you can use to configure the wireless de vice. It contains th e follo wing sections: • Cisco IOS Command Modes, page 3-2 • Getting Help, p[...]
-
Page 50
3-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Cisco IOS Command Mode s Cisco IOS Command Modes The Cisco IOS user interface is di vided into many dif f erent modes. The commands av ailable to you depend on which mode y ou are currently in. Enter a quest ion mark [...]
-
Page 51
3-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Getting Help Getting Help Y ou ca n enter a question mark (?) at the system prompt to display a list of commands a vailable for each command mo de. Y ou can also obtain a list of asso ciated keyw ords and ar guments [...]
-
Page 52
3-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Using the no and Default Forms of Com mands Using the no and Default Forms of Commands Most confi guration command s also ha ve a no form. In general, use the no form to disable a feature or function or re verse the a[...]
-
Page 53
3-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Using Comman d History Changing the Command History Buffer Size By default, the wi reless de vice records ten command lines in i ts history b uf fer . Beginning in pr iv ileged EXEC mode, enter this command to change[...]
-
Page 54
3-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Using Editing Features Using Editing Features This section descri bes the editing features that can help you manipu late the command line. It contains these sections: • Enabling and Disabling Edit ing Features, page[...]
-
Page 55
3-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Using Editing Features Editing Command Lines that Wrap Y ou can use a wraparound feature for commands th at exten d beyond a sin gle line on the screen. When the cursor reaches the right margin, the command line shif[...]
-
Page 56
3-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Searching and Filteri ng Output of show and more Commands In this e xample, the access-list global co nfigu ration command entry e xtends be yond one line. When the cursor first reaches the end of the line, the line i[...]
-
Page 57
3-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 3 Using th e Co mmand-Line Interface Accessing the CLI Accessing the CLI Y ou c an open the wire less device CLI using T elnet or Secure Shell (SSH). Opening the CLI with Telnet Follo w these steps to open the CLI with T elnet. The se steps are for a PC[...]
-
Page 58
3-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 3 Using the Comman d-Line Interface Accessing the CLI[...]
-
Page 59
CH A P T E R 4-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 4 Configuring the Access Point for the First Time This chapter describe s how to configure basic settin gs on the wireless de vice for the first time. The contents of this chapter are similar to the instru ct ions in the quick start gui de that shi[...]
-
Page 60
4-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Before You Start Before You Start Before you install the wireless de vice, make sure you are u sing a comput er connecte d to the same network as t he wireless de vice, and obtain the fo llo wing inform[...]
-
Page 61
4-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Before You Start Step 5 Click System Software and the System Software screen appears. Step 6 Click System Conf iguration and the System Conf iguration screen appears. Step 7 Click the Reset to Defaults [...]
-
Page 62
4-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Logging into the Access Point Logging into the Access Point A user can login to the access poin t using one of the follo wing methods: • graphica l user interf ace (GUI) • T elnet (if the AP is conf[...]
-
Page 63
4-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Connecting to the 1100 Series A ccess Point Locally to the 1040, 1140,1 200, 1230, 1240, 1250 , 1260, and 2600 Series Access Po ints Locally” section on page 4-6 to connect to the consol e port. – P[...]
-
Page 64
4-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Connecting to the 1130 Seri es Access Point Locally Step 2 Connect your PC to the access point using a Category 5 Ethernet cable. Y ou can use either a c rossov er cable or a straight-t hrough cable. St[...]
-
Page 65
4-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Connecting to the 1300 Series Access Point/Bridge Locally Step 1 Connect a nine-pin , female DB-9 to RJ-45 serial cable to the RJ-45 se rial port on the access point and to the COM port on a computer . [...]
-
Page 66
4-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Default Radio Settings Note When you connect your PC to the access point/bridge or reconnect yo ur PC to the wired LAN, you might need to release and renew the IP addr ess on the PC. On most PCs, you ca[...]
-
Page 67
4-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s Figure 4-1 Summary Status P age Step 5 Click Express Set up . The Express Setup screen appears. Figure 4-2 and Figure 4-3 sho ws the Express Setup page for the 1100 series acce[...]
-
Page 68
4-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings Figur e 4-2 Expr ess Setu p P age for 1 1 00 Ser ies Access P oints Figur e 4-3 Expr ess Setup P age f or 1 130, 120 0, and 1240 Ser ies Access P oints Note Figure 4-3 sho ws t[...]
-
Page 69
4-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s Figure 4-4 Expr ess Setup P age f or 1 040, 1 140, 1260 and 1260 Ser ies Access P oints[...]
-
Page 70
4-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings Figur e 4-5 Expr ess Setup P age f or the 1300 Ser ies Access P oint/Br idge Step 6 Enter the conf iguration settings you obtained from your system admini strator . The conf ig[...]
-
Page 71
4-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s • IP Address —Use th is setting to assign or chan ge the wi reless de vice IP address. If DHCP is enabled for your netw ork, lea ve thi s field blank. Note If the wireless[...]
-
Page 72
4-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings • Optimize Radio Netw ork for —Use t his setting to select either preconf igured settings for the wireless de vice radio or cu stomized se t tings for the wireless de vice [...]
-
Page 73
4-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s IP Subnet Mask Assigned by DHCP by defa ult; if DHCP is disabled, the def ault setting is 255. 255.255.224 Default Gate way Assigned by DHCP by default ; if DHCP is disabled, [...]
-
Page 74
4-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings Configuring Basic Security Settings After you assign basic settings to the wireless de vi ce, you must con figure secu rity settings to pre vent unauthorized access [...]
-
Page 75
4-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s Understanding Express Security Settings The SSIDs that you create using the Express security page appear in the SSID ta ble at the bottom of the page. Y ou can crea[...]
-
Page 76
4-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings Express Security Types Ta b l e 4 - 2 describes the four security t ypes that you can assign t o an SSID. T able 4-2 Securi ty T ypes on Expr ess Security Set up Pag[...]
-
Page 77
4-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s EAP Authentication This option en ables 802.1X authentication (such as LEA P , PEAP , EAP-TLS, EAP-F AST , EAP-TTLS, EAP-GTC, EAP-SIM, and other 802.1X/EAP based pr[...]
-
Page 78
4-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings Express Security Limitations Because the Express Security page is designed for simple configuration of basic security , the opti ons av ailable are a subset of the w[...]
-
Page 79
4-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s CLI Configuration Examples The examples in this section sho w the CLI commands that are equiv alent to creating SSIDs using each security type on the Express Securi[...]
-
Page 80
4-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 20 key 3 size 128bit 7 FFD518A21653687A4251AEE1230C transmit-key encryption vlan 20 mode we[...]
-
Page 81
4-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s Example: EAP Authentication This example sho ws part of the configurati on that re sults from using the Express Security pa ge to create an SSID called eap_ssid , e[...]
-
Page 82
4-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring Basic Security Settings ! interface Dot11Radio0/1.30 encapsulation dot1Q 30 no ip route-cache bridge-group 30 bridge-group 30 subscriber-loop-control bridge-group 30 block-unknown-source no[...]
-
Page 83
4-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring Basic Security Setting s aaa new-model ! ! aaa group server radius rad_eap server 10.91.104.92 auth-port 1645 acct-port 1646 ! aaa group server radius rad_mac ! aaa group server radius rad_[...]
-
Page 84
4-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring System Powe r Settings Access P oints bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface FastEthernet0.40 encapsulation dot1Q 40 no ip route-cache[...]
-
Page 85
4-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring System Power Settings Access Points Using a Power Injector If you use a po wer injector to pro vide po wer to the 1040, 1130, 1140, 1240, 1250, or 1260 access point, select Powe r I n je c [...]
-
Page 86
4-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning an IP A ddress Using the CLI 1. Maximum transmit power will vary by channel and accordin g to individual country regulations. Refer to the product documentation for specific details. 2. Tx—[...]
-
Page 87
4-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring the 802.1X Supplicant If T elnet is not listed in your Accessories menu, select Start > Run , type Te l n e t in the entry field, and press Enter . Step 2 When the T elnet windo w appear[...]
-
Page 88
4-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring the 802.1X Supp licant Use the no form of the dot1x credent ials command to ne gate a parameter . The follo wing example creates a credentials prof ile named test with the username Cisco an[...]
-
Page 89
4-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring the 802.1X Supplicant The follo wing e xample applies the cred entials prof ile test to the access point Fast Ethernet port: ap1240AG> enable Password: xxxxxxx ap1240AG# config terminal [...]
-
Page 90
4-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 Creating and Applying EAP Method Profiles Y ou can optionally conf igure an EAP method list to en able the supplicant to recognize a particular EAP method. See the “Creating an d App[...]
-
Page 91
4-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 The follo wing modes are supp orted • Root • Root bridge • Non Root bridge • Repeater • WGB The follo wing modes are not supp orted • Spectrum mode • Monitor mode Beginni[...]
-
Page 92
4-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 normal four-message e xchange (so licit, advertise, request, rep ly). By default, the four -message exchange is used. When the rapid-commit option is en abled by both client an d serve[...]
-
Page 93
4-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 Configuring IPv6 Access Lists IPv6 access lists (ACL) are used to fi lter traf f ic and restrict ac cess to th e router . IPv6 prefix lists are used to fi lter routing pro tocol update[...]
-
Page 94
4-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 IPv6 WDS AP registration The first acti ve IPv6 address is used to regi ster the WDS. Ta b l e 4 - 5 sho ws different scenarios in the IPv6 WDS AP regi stration process. Note 11r roami[...]
-
Page 95
4-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 RA filtering RA filterin g increases the security of the IPv6 network by dropp ing RAs coming from wireless clients. RA filt ering pre vents misconf igured or malicious IPv 6 clients f[...]
-
Page 96
4-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6[...]
-
Page 97
CH A P T E R 5-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 5 Administering the Access Point This chapter de scribes ho w to administer the wirele ss de vice. This chapter conta ins the follo wing sections: • Disabling the Mo de Button, page 5-2 • Pre venting Unauthorized Access to Y our Access Point, p[...]
-
Page 98
5-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Disabling the Mode Button Disabling the Mode Button Y ou can disable the mode b utton on access points ha ving a console port by using th e [no] boot mode-button co mmand. This command pre vents password reco very and i[...]
-
Page 99
5-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Preventing Unauthorized Acc ess to Your Access Po int Preventing Unauthorized Access to Your Access Point Y ou can prev ent unauthorized users from reconfi guring the wireless de vice and vie wing conf iguration informat[...]
-
Page 100
5-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Protecting Ac cess to Pr ivileged EXEC Commands Default Password and Privilege Level Configuration Ta b l e 5 - 1 sho ws the defa ult password and p riv ilege le vel conf iguration. Setting or Changing a Static Enable P[...]
-
Page 101
5-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Protecting A ccess to Privile ged EXEC Commands This example sho w s how to ch ange the enable password to l1u2c3k4y5 . The passwo rd is not encrypted and provides access to le vel 15 (tradi tional pri vileg ed EXEC mode[...]
-
Page 102
5-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Protecting Ac cess to Pr ivileged EXEC Commands Protecting Enable and Enable Secret Passwords with Encryption T o provide an additional layer of securi ty , particular ly for passwords that cross the netw ork or that ar[...]
-
Page 103
5-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Protecting A ccess to Privile ged EXEC Commands If both the enable and enable secret passwords are defined, users must enter the enable secret password. Use the level keyw ord to def ine a password for a specif ic pri vi[...]
-
Page 104
5-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Protecting Ac cess to Pr ivileged EXEC Commands T o disa ble username authenticatio n for a specific user , use the no username name global configurat ion command. T o dis able password checking and allo w connections w[...]
-
Page 105
5-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring Easy Setup When you set a command to a privilege le vel, all commands whose syntax is a subset of that command are also set to that le vel. For e xample, if you set the show ip route command to level 15, the [...]
-
Page 106
5-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Spectru m Expert Mode Network Configuration T o c onf igure an access point using the network config uration, enter the v alues for the following f ields: • Hostname • IP Address • Server protocol •[...]
-
Page 107
5-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Point Access with RADIUS Step 1 Choose Home > Easy Setup > Network Conf iguration . Step 2 From the Role in Radio Netw ork drop-dow n list choose Spectrum . Step 3 Click Apply . Step 4 Launch th[...]
-
Page 108
5-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with RADIUS RADIUS provid es detailed accounting in formation and fle x ible administ rati ve control o ver authentication and authorization processes. RADIUS is facilitated thr ough AAA[...]
-
Page 109
5-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Point Access with RADIUS T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1 [[...]
-
Page 110
5-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with RADIUS Defining AAA Server Groups Y ou can configure the wi reless de vice to use AAA serv er groups to group e xisting server hosts for authentication. Y o u select a subset of the[...]
-
Page 111
5-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Point Access with RADIUS Step 3 radius-server host { hostname | ip-addr ess } [ auth-port port-number ] [ acct-port port-number ] [ timeout seconds ] [ retransmit re t r i e s ] [ key string ] Specify[...]
-
Page 112
5-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with RADIUS T o remove the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess glo bal confi guration command. T o remov e a server group from t he config ura[...]
-
Page 113
5-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Poin t Access with TACACS+ T o dis able authorization, use the no aaa au thorization { network | exec } method1 global configuration command. Displaying the RADIUS Configuration T o display the RADIUS[...]
-
Page 114
5-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Controlling Access Point Access with TACACS+ authentication met hods are performed. The onl y exceptio n is the default met hod list (which, b y coincidence, is named default ). The default metho d list is automaticall[...]
-
Page 115
5-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Controlling Access Poin t Access with TACACS+ T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1[...]
-
Page 116
5-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Ethernet Sp eed and Dupl ex Settings Configuring Ethernet Speed and Duplex Settings Y ou can assign the wireless de vice Ethernet port speed and duple x settings. W e recommend th at you use auto , the defa[...]
-
Page 117
5-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configu ring the A ccess Poin t for L oca l Authentica tion and Authorization Configuring the Access Point for Local Authentication and Authorization Y ou c an configure AAA to operate without a serv er by configuring t[...]
-
Page 118
5-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring the Authen tication Cache and Profile T o disable AAA, use the no aaa new-model global confi guration command. T o disable authorizati on, use the no aaa authorization { network | ex ec } method1 global co [...]
-
Page 119
5-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring the Auth enti cation Cache and Profile ! aaa group server tacacs+ tac_admin server 192.168.133.231 cache expiry 1 cache authorization profile admin_cache cache authentication profile admin_cache ! aaa group [...]
-
Page 120
5-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring the Access Poin t to Provide DHCP Service ! ip http server ip http authentication aaa no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius sour[...]
-
Page 121
5-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring the Access Point to Pr ovide DHCP Service http://www .cisco.com/uni vercd/cc/td/doc/product/ sof tware/i os122/122cgcr/f ipr_c/ipcprt1/1cfdhcp.htm Beginning in pri vileged EXEC mode, follo w these steps to c[...]
-
Page 122
5-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring the Access Poin t to Provide DHCP Service AP(dhcp-config)# end Monitoring and Maintaining the DHCP Server Access Point These sections describe commands you can use to monitor and maintain the DHCP serv er a[...]
-
Page 123
5-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring the Ac cess Point for Secure Shell Debug Command T o enable DHCP server deb ugging, use this command in pri vileged EXEC mode: debug ip dhcp serv er { even ts | packets | linkage } Use the no form of the com[...]
-
Page 124
5-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Client ARP Caching Support for Secure Copy Protocol The Secure Copy Protocol (SCP) supports file transf ers between hosts on a network using Secure Shell (SSH) for security . Cisco IOS Release 15.2(2)JB sup[...]
-
Page 125
5-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Managing the System Time and Date Optional ARP Caching When a non-Cisco client de vice is associated to an access point and is not passing data, the wireless device might not know the client IP address. If th is situati[...]
-
Page 126
5-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Managing the System Time and Date Understanding Simple Network Time Protocol Simple Network T ime Protocol (SNTP) is a simplif ied, client-only version of NT P . SNTP can only recei ve the time from NTP ser vers; it ca[...]
-
Page 127
5-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Managing the System Time and Date • Config uring the T ime Zone, page 5-32 • Config uring Summer T ime (Daylight Savin g T ime), page 5-33 Setting the System Clock If you ha ve an outside source on the net work that[...]
-
Page 128
5-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Managing the System Time and Date Beginning in privileged EXEC mode, follow these steps to set th e system clock: This exampl e sho ws ho w to manually set the system cl ock to 1:32 p.m. on July 23, 2001: AP# clock set[...]
-
Page 129
5-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Managing the System Time and Date The minutes-offset variable in the clock timezone global conf iguration command is a vailable for tho se cases where a local time zone is a percentage of an hour dif ferent from UTC. Fo[...]
-
Page 130
5-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Managing the System Time and Date The first part of the clock summer -time global conf iguration command specifies when su mmer time begins, and t he second part specif ies when it ends. All ti mes are relati ve to the[...]
-
Page 131
5-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Defining H TTP Access Defining HTTP Access By default, 80 is used fo r HTTP access, and port 443 is used for HTTPS access. These values can be customized by the user . Follo w thes e steps to define the HTTP access. Ste[...]
-
Page 132
5-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring a System N ame and Prompt When you set the system name, it is also used as the system prompt. T o return to the default host name, use th e no hostname global conf iguration command. Understanding DNS The D[...]
-
Page 133
5-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring a System Name and Prompt Setting Up DNS Beginning in pri vile ged EXEC mode, follo w these st eps to set up the wireless device to use the DNS: If you use the wireless de vice IP address as its host name, th[...]
-
Page 134
5-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Creating a Banne r T o remove a do main name, use the no ip domain- name name global conf iguration command. T o remov e a name server address, use the no ip name-server server-addr ess global conf iguration command. T[...]
-
Page 135
5-39 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Creating a Banner Beginni ng in pri vile ged EXEC mode, follo w these steps to configure a MO TD login banner: T o delete the MOTD b anner , use the no banner motd global config uration command. This exampl e sho ws ho [...]
-
Page 136
5-40 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Upgrading Autonomous Cisco Aironet Access Points to Lightweight Mode Configuring a Login Banner Y ou can configure a login banner to ap pear on all c onnected termin als. This banner appears after the MO TD banner and [...]
-
Page 137
5-41 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Migrating to Japan W52 Domain Migrating to Japan W52 Domain This utility is used to migrate 802.11a radios fr om the J52 to W52 domains. The utility operates on the 1130, 1200 (with RM2 0, RM21, and RM22A radios), an d [...]
-
Page 138
5-42 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Migrating to Japan W52 Domain[...]
-
Page 139
5-43 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 5 Administering the Access Point Configuring Multiple VLAN and Rate Li miting for Point-to-Multipoint Bridging Verifying the Migration Use the show controllers command to conf irm the migration as sho wn in this typical e xample: ap# show controllers d[...]
-
Page 140
5-44 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 5 Admin istering the Access Point Configuring Multiple VLAN and Rate Limiting for Poin t-to-Multipoint Bridging In a typical scenario, multiple VLAN support perm its users to set u p point-to-mu ltipoint bri dge links with remote sites, with each remot[...]
-
Page 141
CH A P T E R 6-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 6 Configuring Radio Settings This chapter describes h ow to config ure radio settings for the wireless device. Th is chapter includes the follo wing sections: • Enabling the Radio Inter face, page 6-2 • Config uring the Role in Radi o Network, [...]
-
Page 142
6-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling the Radio Interface Enabling the Radio Interface The wireless de vice radios are disabled by def ault. Note Beginning wit h Cisco IOS Release 12.3(8)J A there is no SSID. Y ou must create an SSID before you can enab[...]
-
Page 143
6-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Y ou can also configure a fallback role for root access points. The wi reless de vice automatically assumes the fallback role when it s Ethernet port is disabled or disconnected from [...]
-
Page 144
6-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring the Role in Radio Network Step 3 station-role non-root {bridge | wir eless-clients} rep e a te r root {access-point | ap-only | [bridge | wireless- clients] | [fallback | repeater | shutdo wn]} scanner workgr oup[...]
-
Page 145
6-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Note When you enable the role in the radio network as a Bridge/w orkg roup bridge and enable the interface using the no shut command, the physical status and t he software status of t[...]
-
Page 146
6-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring the Role in Radio Network Note In point-to-multip oint bridging, WGB i s not recommended wit h the root bridge. WGB sh ould be associated to the root AP i n point-to-multi point bridging setup. Configuring Dual-R[...]
-
Page 147
6-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Radio Tracking Y ou can configure the access point to track or monitor the status of on e of its radios. It the tracked radio goes down or is disabl ed , the access point shuts do wn [...]
-
Page 148
6-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Data Rates Bridge Features Not Supported The follo wing features are not supported when a 1200 or 1240 series access point is configured as a bridge: • Clear Channel Assessment (CCA) • Interoperability [...]
-
Page 149
6-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuri ng Radio Data Rates to be made based on reso urces av ailable to the wireless project, typ e of traf f ic the users will be passing , service lev el desired, and as always, the qu ality of the RF en vironment.When[...]
-
Page 150
6-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Data Rates Step 3 speed 802.11b, 2.4-GHz radio: {[ 1.0 ] [ 11.0 ] [ 2.0 ] [ 5.5 ] [ basic-1.0 ] [ basic-11.0 ] [ basic- 2.0 ] [ basic-5.5 ] | range | thro ughput } 802.11g, 2.4-GHz radio: {[ 1.0 ] [ 2.0 ] [...]
-
Page 151
6-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring MCS Rates Use the no form of the speed command to remov e one or more data rates from the conf iguration. This example sho ws how t o remov e data rates basic-2.0 and basic-5.5 fr om the conf iguration: ap1200#[...]
-
Page 152
6-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Transmit Powe r MCS rates are confi gured using the speed command. The follo wing example sho ws a speed setting for an 802.11n 5-GHz radio: interface Dot11Radio0 no ip address no ip route-cache ! ssid 125[...]
-
Page 153
6-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radi o Transmit Power Step 2 Click T echnical Support & Documentation . A small window appears contai ning a list o f technical support links. Step 3 Click T echnical Support & Documentati on . The T ec[...]
-
Page 154
6-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radio Transmit Powe r Use the no form of the po wer command to return the po wer setting to maximum , the defa ult setting. Step 3 power local These option s are a v ailable for the 802.11b, 2.4-GHz radio (in mW[...]
-
Page 155
6-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radi o Transmit Power Limiting the Power Level for Associated Client Devices Y ou can also limit the po wer le vel on client de vices that associate to the wirel ess dev ice. When a client dev ice associates to[...]
-
Page 156
6-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Use the no form of the client power command to disabl e the maximum po wer level for associat ed clients. Note Aironet extensions must be enabled to limit the po wer lev el on associated [...]
-
Page 157
6-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s Because they change frequent ly , channel settings are not in cluded in this document. F or up-to-date information on channel settings for your access point or bridge, see the Channels a[...]
-
Page 158
6-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Dynamic Frequency Selection Access points with 5-GHz radios configured at th e factory for use in the United States, Europe, Singapore, K orea, Japan, Israel, and T aiwan no w comp ly wi [...]
-
Page 159
6-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s If radar is detected on a manually con figur ed DFS channel, the channel will be cha nged automatically and will not return to the configured channel. Prior to transmitt ing on an y chan[...]
-
Page 160
6-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Confirming that DFS is Enabled Use the show controllers dot11radio1 command to conf irm that DFS is enabled. The command also includes indicat ions that uniform spreading is requ ired and[...]
-
Page 161
6-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s The follo wing e xample selects channel 36 and conf igures it to use DFS on a frequency band 1: ap#configure terminal ap(config)interface dot11radio1 ap(config-if) channel 36 ap(config-i[...]
-
Page 162
6-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Loca tion-Based Services This exampl e sho ws ho w to unb lock all frequencies for DFS: ap(config-if)# no dfs band block Setting the 802.11n Guard Interval The 802.11n guard interv al is the period in nanosecond[...]
-
Page 163
6-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring Location-Base d Services Figure 6-2 Basic LBS Networ k Configuration The access points that you conf igure for LBS should be in the same vicinity . If only one or two access points report messages from a tag, t[...]
-
Page 164
6-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling and Disabling World Mode In this e xample, the prof ile southside is enabled on th e access poi nt 802.11g radi o: ap# configure terminal ap(config)# dot11 lbs southside ap(dot11-lbs)# server-address 10.91.105.90 p[...]
-
Page 165
6-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Disabling and Enabling Short Rad io Preambles Use the no form of the command to disable world mode. Disabling and Enabling Short Radio Preambles The radio preamb le (s ometimes called a header ) is a section of data at the[...]
-
Page 166
6-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring Transmit and Receive Antenna s Short preambles are enab led by default. Use the pr eamble-short command to enable short preambles if they are disa bled. Configuring Transmit and Receive Antennas Y ou ca n select[...]
-
Page 167
6-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Enabling and Disab ling Gratuitous Probe Response Enabling and Disabling Gratuitous Probe Response Gratuitous Probe Response (GPR) aids in conservi ng battery po wer in dual mode phones that support cellular and WLAN modes[...]
-
Page 168
6-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Disabling and Enabling Aironet Extens ions (config-if)# probe-response gratuitous speed 12.0 (config-if)# probe-response gratuitous period 30 speed 12.0 Use the no form of the command to disable the GPR feature. Disabling a[...]
-
Page 169
6-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuring the Ethernet Encaps ulation Transformation Method Configuring the Ethernet Encapsulation Transformation Method When the wireless device receiv es data packets that are not 802.3 packets, the wireless de vice mu[...]
-
Page 170
6-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling and Disabling Public Secure Pa cket Forwarding Note This feature is best sui ted for use with stati onary workgroup bridges. Mobile w orkgroup bridges mig ht encounter spots in the wireless device's co verage [...]
-
Page 171
6-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Enabling and Disabling Pu bl ic Secure Packet Forwa rding PSPF is disabled by default. Be ginning in pri v ileged EXEC mode, follo w these steps to enable PSPF: Use the no form of the command to disable PSPF . Configuring [...]
-
Page 172
6-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring the Beaco n Period and the DTIM Configuring the Beacon Period and the DTIM The beacon period is the amount of time between acc ess po int beacons in Kilomicroseconds. One Kµsec equals 1,024 m icroseconds. The D[...]
-
Page 173
6-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Configuri ng the Maxi mum Data Retries Use the no form of the command to reset the R TS settings to def aults. Configuring the Maximum Data Retries The maximum data retries setting determines the nu mber of attempts the wi[...]
-
Page 174
6-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Enabling Short Slot Tim e for 802.11g Radios Use the no form of the command to reset the setting t o defaults. Enabling Short Slot Time for 802.11g Radios Y ou can increase throughput on the 802.11g, 2 .4-GHz radio by enabl[...]
-
Page 175
6-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics The Stream page appears. Step 4 Click the tab for the radio to co nfigu re. Step 5 For both CoS 5 (V ideo) and CoS 6 (V oice) user priorities, ch oose Lo w Latenc y from the P acket Handlin g drop-do[...]
-
Page 176
6-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Viewing VoWLAN Metrics Viewing Voice Reports Y ou ca n use a browser to access voice reports listing V oWL AN metrics stored on a WLSE. Y o u can view reports for access point groups and for indi vidual access p oints. T o [...]
-
Page 177
6-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics • T o view a graph of v oice bandwidth in use during the last hour , choose Bandwidth In Use (% Allowed) from the Report Name drop-do wn list. • T o view graphs of v oice streams in progress, cho[...]
-
Page 178
6-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Viewing VoWLAN Metrics Figur e 6-6 V oice Streaming Pr ogr ess Viewing Wireless Client Reports In addition to vie wing voice reports from an access point perspective, you can vie w them from a client perspective. F or e ver[...]
-
Page 179
6-39 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics Figure 6-7 Wir eless Client Metr ics Viewing Voice Fault Summary The Faults > V oice Summary page in WLSE displays a summary of the faults detected with the follo wing voice fault types: • Exces[...]
-
Page 180
6-40 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Viewing VoWLAN Metrics Figur e 6-8 V oice Fault Summary Configuring Voice QoS Settings Y ou can use WLSE Faults > V oice QoS Settings scre en to define the v oice QoS thresholds for the follo wing parameter s: • Down s[...]
-
Page 181
6-41 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Viewing VoWLAN Metrics Figure 6-9 V oice QoS Settings Configuring Voice Fault Settings Y ou can use WLSE Faults > Manage F ault Settings sc reen to enab le fault generation and specify the priority of th e faults genera[...]
-
Page 182
6-42 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Configuring ClientLink Configuring ClientLink Cisco ClientLink (referred to as Beam Fo rming) is an intelligent beamformin g technology that directs the RF signal to 802.11a/g de vices to improv e performance by 65%, impro [...]
-
Page 183
6-43 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 6 Configuring Radio Settin gs Debugging Radio Functions This exampl e sho ws ho w to beg in debu gging of all radio-related e vents: AP# debug dot11 events This exampl e sho ws how to begin d ebuggi ng of radio packets: AP# debug dot11 packets This exa[...]
-
Page 184
6-44 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 6 Configuring Radio Settings Debugging Radi o Functions[...]
-
Page 185
CH A P T E R 7-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 7 Configuring Multiple SSIDs This chapter describe s how to configure and manage multiple Service Set Identif iers (SSIDs) on the access point. This chapter contains the following sections: • Understanding Multiple SSIDs, page 7-2 • Config urin[...]
-
Page 186
7-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Understanding Multiple SSIDs Understanding Multiple SSIDs The SSID is a unique identif ier that wireless networki ng devices use to esta blish and m aintain wi reless connectivity . Multiple access points on a network or s[...]
-
Page 187
7-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Understanding Multiple SSIDs Cisco IOS Release 12.3(10b)J A supports conf iguration of SSID parameters at the interface le vel on th e CLI, but t he SSIDs are stored in global mode. Storing all SSI Ds in global mode ensures [...]
-
Page 188
7-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple SSIDs Configuring Multiple SSIDs These sections contain conf iguration information for multip le SSIDs: • Default SSID Confi guration, page 7-4 • Creating an SSID Globally , page 7-4 • Using a RA[...]
-
Page 189
7-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple SSIDs Step 3 authentication client username username password passwor d (Optional) Set an authen tication username and password that the access point uses to authenti cate to the network when in repeater[...]
-
Page 190
7-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple SSIDs Note Y o u use the ssid command authenticatio n options to configure an authen tication type for each SSID. See Chapter 9, “Configuring an Access Point as a Local Authenticator, ” for in stru[...]
-
Page 191
7-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple SSIDs ssid buffalo vlan 7 authentication open Howe ver , this sample output from a show dot11 associations pri vileged EXEC command sho ws the spaces in the SSIDs: SSID [buffalo] : SSID [buffalo ] : SSID[...]
-
Page 192
7-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple Basic SSIDs Configuring Multiple Basic SSIDs Access point 802.1 1a, 802.11g, 802.11n radios support up to 8 basic SSIDs (BSSIDs), which are similar to MA C addresses. Y ou use multiple BSSIDs to a ssig[...]
-
Page 193
7-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple Basic SSIDs Figure 7 -1 Global SSID Manager P age Step 2 Enter the SSID name in the SSID fie l d . Step 3 Use the VLAN drop-do wn list to select the VLAN to which the SSID is assign ed. Step 4 Select the[...]
-
Page 194
7-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple Basic SSIDs Step 7 (Optiona l) In the Mul tiple BSSI D B eacon Settings section, select the Set SSID as Guest Mode check box to include the SSID in beacons. Step 8 (Optional) T o increase the battery [...]
-
Page 195
7-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Assigning IP Redirection for an SSID Assigning IP Redirection for an SSID When you conf igure IP redirection for an SSID, the access point redire cts all packets sent from c lient devices associated to that SSID to a specif[...]
-
Page 196
7-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs Assigning IP Redirection for an SSID Guidelines for Using IP Redirection K eep these guidelines in mind when using IP redirection: • The access point does not redire ct broadcast, unicas t, or multicast BOOTP/DHCP packe[...]
-
Page 197
7-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs Including an SSID in an SSIDL IE This example sho w s ho w to configure IP redirection only for packets sent to the sp ecific TCP and UDP ports specif ied in an A CL applied to the BVI1 inte rface. When the access point rec[...]
-
Page 198
7-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID NAC Support for MBSSID Networks must be protected fr om security threats, su ch as viruses, worms, and spyw are. These security threats disrupt b usiness, causing do wntime and continual patching. E[...]
-
Page 199
7-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs NAC Support for MBSSID When a client associates and the RADIUS server dete rmines that it is unh ealthy , the server returns one of the quarantine N A C VLANs in its RADIUS auth entication response for dot1x auth entication[...]
-
Page 200
7-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID Configuring NAC for MBSSID Note This feature supports only Layer 2 mobility within VLANs. Layer 3 mob ility using netwo rk ID is not supported in this feature. Note Before you attempt to enable NA C[...]
-
Page 201
7-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 7 Configuring Multiple SSIDs NAC Support for MBSSID authentication open authentication network-eap eap_methods ! dot11 ssid mktg vlan mktg-normal backup mktg-infected1, mktg-infected2, mktg-infected3 authentication open authentication network-eap eap_m[...]
-
Page 202
7-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID[...]
-
Page 203
CH A P T E R 8-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 8 Configuring Spanning Tree Protocol This chapter descibes ho w to configure Spanning T r ee Protocol (STP) on your access point/bridge. This chapter contains the following sections: • Understanding Spanning Tree Protocol, page 8-2 • Config uri[...]
-
Page 204
8-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol Understanding Spanning Tree Protocol This section describes ho w spanning-tree features work. It includes this information: • STP Overvie w , page 8-2 • Access Point/Bridge [...]
-
Page 205
8-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol The access point/bridge maintain s a separate spanning -tree instance for each ac tiv e VLAN configu red on it. A bridge ID, con sisting of the brid ge priority and the access po[...]
-
Page 206
8-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol When a access point/bridge receiv es a configuration BPDU that contains superior information (lower access point/bridge ID, lower path cost , and so forth), it st ores the infor[...]
-
Page 207
8-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol BPDUs contain information about the sending acce ss point/bridge and its po rts, including access point/bridge and MA C addresses, access point/bridge pr iority , port pr iority [...]
-
Page 208
8-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol Spanning-Tree Interface States Propagation dela ys can occur when p rotocol informa tion passes throug h a wireless LAN. As a re sult, topology changes can take pl ace at dif fe[...]
-
Page 209
8-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol When the spanning-tree algorithm pl aces a Laye r 2 interface in the forwarding state, this process occ urs: 1. The interface is in the listening st ate while spanning tree wa it[...]
-
Page 210
8-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features • Receiv es BPDUs Forwarding State An interface in the forwar ding state forwards frames . The interface enters the fo rwarding sta te from the learning state. An interface in the forw ard[...]
-
Page 211
8-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features The radio and Ethernet interfaces and the nati ve VLAN on the access point/bridge are as signed t o bridge group 1 by def ault. When you enable STP and assign a priori ty on bridge grou p 1,[...]
-
Page 212
8-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features STP Configuration Examples These configuration e x amples sho w how to enable STP on root and non-root acc ess point/bridges w ith and without VL ANs: • Root Bridge W ithout VLANs, page 8[...]
-
Page 213
8-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features Non-Root Bridge Without VLANs This exampl e sho ws the conf iguration of a non-root bridge with no VLANs conf igured with STP enabled: hostname client-bridge-north ip subnet-zero ! bridge i[...]
-
Page 214
8-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features ! interface Dot11Radio0 no ip address no ip route-cache ! ssid vlan1 vlan 1 infrastructure-ssid authentication open ! speed basic-6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 rts threshold 2312 st[...]
-
Page 215
8-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features bridge 2 priority 10000 bridge 3 protocol ieee bridge 3 priority 3100 ! line con 0 exec-timeout 0 0 line vty 5 15 ! end Non-Root Bridge with VLANs This exampl e sho ws the conf iguration of[...]
-
Page 216
8-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 8 Configur ing Spanning Tree Protocol Displaying Spanning-T ree Status encapsulation dot1Q 1 native no ip route-cache bridge-group 1 ! interface FastEthernet0.2 encapsulation dot1Q 2 no ip route-cache bridge-group 2 ! interface FastEthernet0.3 encapsul[...]
-
Page 217
CH A P T E R 9-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 9 Configuring an Access Point as a Local Authenticator This chapter describes ho w to conf igure the access poin t as a local authentica tor to serve as a stand-alone authenticator for a small wireless LAN or to pro v ide backup authentication serv[...]
-
Page 218
9-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Understanding Local Authentication Understanding Local Authentication Many smal l wireless LANs that could be made more secure w ith 802.1x authenticatio n do not ha ve access to a RADIUS server .[...]
-
Page 219
9-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Guidelines for Local Authenticators Follo w these guidelines w hen configuring an access point as a local authenticator: • Use an access point that does not se[...]
-
Page 220
9-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r Step 3 radius-server local Enable the access point as a local authenticator and enter conf iguration mode for the auth enticator . Step 4 nas ip-addr ess key sha[...]
-
Page 221
9-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator This exampl e sho ws ho w to set up a lo cal authenticator used by three access points with three user groups and sev eral users: AP# configure terminal AP(confi[...]
-
Page 222
9-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r AP(config-radsrv)# user 00095125d02b password 00095125d02b group cashiers AP(config-radsrv)# user 00079431f04a password 00079431f04a group cashiers AP(config-rad[...]
-
Page 223
9-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Each time the access point t ries to use the main serv ers while they are do wn, th e client device trying to authenticate might repor t an authentication timeou[...]
-
Page 224
9-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r In this example, the local authenticat or generates a P A C for the username joe , password-protects the file with the password bingo , sets the P AC to e xpire [...]
-
Page 225
9-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Limiting the Local Authenticator to One Authentication Type By default, a local authenticator access poi nt performs LEAP , EAP-F AST , and MA C-based authentica[...]
-
Page 226
9-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r The second section lists stats for each acces s point (N A S) authorized to use th e local authenticator . The EAP-F A ST statistics in th is section include th[...]
-
Page 227
CH A P T E R 10-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 10 Configuring Cipher Suites and WEP This chapter describes ho w to configure th e cipher suites required to use W i-Fi Protected Access (WP A) and Cisco Cen tralized Key Management (CCKM) aut henticated key manageme nt, W ired Equiv ale nt Pri va[...]
-
Page 228
10-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Understanding Cipher Suites and WEP Understanding Cipher Suites and WEP This section descri bes ho w WEP and cipher suit es protect traf fic on your wireless LAN. Just as anyone with in range of a radio station can[...]
-
Page 229
10-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP • TKIP (T emporal K ey Integrit y Protocol)—TKIP is a suite of algorithms sur rounding WEP that is designed to ac hiev e the best possible se curity on legacy hardware built t[...]
-
Page 230
10-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP Beginni ng in pri vileged EXEC mode, foll ow these st eps to create a WEP ke y and set the key properties: This example sh ow s how to create a 128-bit WEP k ey in slot 3 f or VLA[...]
-
Page 231
10-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP WEP Key Restrictions T able 10-1 lists WEP key restrictions based o n your securit y configuration. Example WEP Key Setup T able 10-2 shows an e xample WEP key setup that would wo[...]
-
Page 232
10-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP Note If you enable MIC but you use static WEP (you do not enable an y type of EAP authentication), both the access point and any devices with whic h it co mmunicates must use the [...]
-
Page 233
10-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP Use the no form of the encryption command to disable a cipher suite. Matching Cipher Suites with WPA or CCKM If you conf igure your access point to use WP A or CCKM authenticated [...]
-
Page 234
10-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP Note If using WP A and CCKM as ke y ma nagement, only tkip and aes ciphers are supported . If using only CCKM as key management, ckip, cmic, ckip-cmic, tkip, wep, and aes ciphers [...]
-
Page 235
10-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 10 Configuring Cipher Suites a nd WEP Configuring Cipher Suites an d WEP Beginni ng in pri vile ged EXEC mode, follo w th ese steps to enable broadcast k ey rotati on: Use the no form of the encryption command to disable b roadcast key rotation. This e[...]
-
Page 236
10-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 10 Configurin g Cipher Suites and WEP Configuring Ci pher Suites and WEP[...]
-
Page 237
CH A P T E R 11-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 11 Configuring Authentication Types This chapter describes how to conf igure authenticati on types on the access point. This chapter contains the following sections: • Understanding Authen tication T ypes, page 11-2 • Config uring Authenticati[...]
-
Page 238
11-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Understanding Authentication Types This section describes the authentication types that you can co nfigure on the access point. The authentication types are ti ed to the SSIDs tha[...]
-
Page 239
11-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types Figur e 1 1 -1 Sequence for Open A uthentication Shared Key Authentication to the Access Point Cisco provides shared k ey authenti cation to comply with the IEEE 8 02.11b standard.[...]
-
Page 240
11-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types EAP Authentication to the Network This authentication t ype provides t he highest le vel o f security for your wireless network. By using t he Extensible A uthentica tion Protoco [...]
-
Page 241
11-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types There is more than one typ e of EAP authentication, b ut the access point behav es the same way for each type: it re lays authen tication m ess ages from the wireless client de vic[...]
-
Page 242
11-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Figur e 1 1 -4 Sequence for MAC-Based A uthentication Combining MAC-Based, EAP, and Open Authentication Y ou can set up the access point to authenticate c lient devices using a co[...]
-
Page 243
11-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types Figure 11-5 sho ws the reassociation proce ss using CCKM. Figur e 1 1 -5 Client R eassociation Using CCKM Using WPA Key Management W i-Fi Protected Acces s (WP A) is a st anda rds-[...]
-
Page 244
11-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Figure 11-6 sh ows the WP A key management process. Figure 1 1 -6 WP A Key Management Pr ocess Software and Firmware Requirements for WPA, CCKM, CKIP, and WPA-TKIP T able 11-1 lis[...]
-
Page 245
11-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types T o support the security combi nations in T able 11-1 , your Ci sco Aironet access p oints and Cisco Airon et client de vices must run the follo wing software and f irmware v ersio[...]
-
Page 246
11-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Note When you configure TKIP -only cipher encryp tion (not TKIP + WE P 128 or TKIP + WEP 40 ) on any radio interface o r VLAN, e ver y SSID on that radio or VLAN must be set to use[...]
-
Page 247
11-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Step 3 authentication open [ mac-address list -name [ alter nate ]] [[ optional ] eap list-name ] (Optional) Set the authenticati on type to open for this SSID. Open authenticati [...]
-
Page 248
11-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Step 5 authentication network-eap list-name [ mac-address list -name ] (Optional) Set the authenticati on type for the SSID to Network-EAP . Using the Extensible Authenti cation Pr[...]
-
Page 249
11-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Use the no form of the SSID commands to disable th e SSID or to disable SSID features. This exampl e sets the authenticati on type for the SSID batman to Network-EAP wi th CCKM au[...]
-
Page 250
11-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Configuring Additional WPA Settings Use two optional sett ings to conf igure a preshar ed key o n the access point and adjust the frequ ency of group k ey upd ates. Setting a presh[...]
-
Page 251
11-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types This exampl e sho ws ho w to conf igure a preshared ke y for clients using WP A and static WEP , with group ke y update options: ap# configure terminal ap(config-if)# ssid batman [...]
-
Page 252
11-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types This exampl e sho ws how to enable MA C authentication caching with a one-hour timeout: ap# configure terminal ap(config)# dot11 aaa mac-authen filter-cache timeout 3600 ap(config)[...]
-
Page 253
11-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Use the no form of these commands to reset the v alues to default settings. Creating and Applying EAP Method Pr ofiles for the 802.1X Supplicant This section descri bes the option[...]
-
Page 254
11-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Creating an EAP Method Profile Beginni ng in pri vile ged ex ec mode, follo w these steps to define a ne w EAP profile: Use the no command to negate a command or set it s defaults.[...]
-
Page 255
11-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Matching Access Point and Client Device Authentication Type s Applying an EAP Prof ile to an Uplink SSID This operation typical ly applies to repeater access points. Be ginning in the pri vileged e xec mode, fol lo[...]
-
Page 256
11-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Matching Access Point and Client Device Au thentication Types T able 1 1 -2 Client and Access P oint Security Set tings Security Feature Client Setting Access Point Setting Static WEP with open authentication Creat[...]
-
Page 257
11-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Matching Access Point and Client Device Authentication Type s 802.1X authen tication and CCKM Enable LEAP Select a ciph er suite and enable Network-EAP an d CCKM for the SSID Note T o allow both 80 2.1X clients and[...]
-
Page 258
11-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement Guest Access Management Guest Access allows a guest to gain access to the Internet, and the guest’ s o wn enterprise wit hout compromising the security o f the host enterprise. EAP-MD5 au[...]
-
Page 259
11-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Guest Access Management Guest access is allowed through these method s: • W eb Authentication (secured) • W eb Pass-through Web Authentication (secured ) W eb authentication is a Layer 3 security feature that e[...]
-
Page 260
11-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement Beginni ng in pri vile ged EXEC mode, use these commands to enable W eb Pass-through : – ap(config)# ip admission name W eb_passthrough consent – ap(config)# interface dot11Radio 0 – [...]
-
Page 261
11-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 11 Configuring Authen tication Types Guest Access Management Guest access is allo wed for a maximum of twent-four days and a mini mum of fi ve minutes. Beginni ng in pri vile ged EXEC mode, use this command to delete a gu est user: ap# clear dot11 gue[...]
-
Page 262
11-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement – ap(config-ext-nacl)# permit tcp any host 40.40.5.10 eq 443 – ap(config-ext-nacl)# exit Note acl-in and acl-out are the names of the Access-list. These acl's allo w you to downloa[...]
-
Page 263
CH A P T E R 12-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 12 Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services This chapter describes how to configure your access points for wireless domain services (WDS), fast, secure roaming of cli ent devices, radio mana[...]
-
Page 264
12-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Understanding WDS Understanding WDS When you conf igure W ireless Domain Services on your netw ork, access points on your wi reless LAN use the WDS device ([...]
-
Page 265
12-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Understanding Fast Secure Roaming Role of Access Points Using the WDS Device The access points on your wir eless LAN intera ct with the WDS device in[...]
-
Page 266
12-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Understanding Fast Secure Roaming Figur e 12-1 Client Au thentication Using a RADIUS Server When you conf igure your wireless LAN for fast, secure roaming, [...]
-
Page 267
12-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Understanding Radio Mana gement device. The WDS de vice forwards the client’ s cred entials to the new access point, and the ne w access point send[...]
-
Page 268
12-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Understanding Wireless Intr usion Detection Services Figur e 12-3 Require d Components for Lay er 3 Mobility Click this link to bro wse to the information p[...]
-
Page 269
12-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS access points. The WLSE examines the BRIDG E MIB of each CDP-discovered switch to determine if they contain an y of the target MA C a[...]
-
Page 270
12-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS • Config uring the Authenticatio n Server to Supp ort WDS, page 12-15 • Config uring WDS Only Mode, page 1 2-19 • V ie wing WDS Inform[...]
-
Page 271
12-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Figure 12-4 sho ws the required configuration for each de vice that pa rticipates in WDS. Figure 12-4 Config urations on Devices Par [...]
-
Page 272
12-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS On the access point that you want to conf igure as your primary WDS access point, follo w these steps to configure the access point as the [...]
-
Page 273
12-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 5 In the W ireless Domain Services Priority f ield, enter a priority number f rom 1 to 255 to set the prio rity of this WDS ca [...]
-
Page 274
12-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Figur e 12-7 WDS Server Gr oups P age Step 10 Create a group of serv ers to be used for 802.1x authenticati on for the infrastructure de vi[...]
-
Page 275
12-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 14 Config ure the list of serv ers to be us ed for 802.1x authenticat ion for client de vices. Y ou can specify a separate list[...]
-
Page 276
12-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Configuring Access Points to use the WDS Device Follo w these steps to configure an access point to authenti cate through the WDS de vice a[...]
-
Page 277
12-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS The access points that you configur e to interact with the WDS auto matically perform these steps: • Discov er and track the curre[...]
-
Page 278
12-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Figur e 12-9 Networ k Configuration P age Step 2 Click Add Entry unde r the AAA C lients tabl e. The Add AA A Client page appears. Figure 1[...]
-
Page 279
12-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Figure 12-1 0 Add AAA Client P age Step 3 In the AAA Client Hostname f ield, enter the name of the WDS de vice. Step 4 In the AAA Cl[...]
-
Page 280
12-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Step 9 Click User Setup to bro wse to the User Setup page. Y ou must use th e User Setup page to crea te entries for the access points that[...]
-
Page 281
12-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 13 Select CiscoSecure Database from the P assword Aut hentication drop-d own li st. Step 14 In the Passw ord and Conf irm Passw[...]
-
Page 282
12-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Viewing WDS Information On the web-b rowser interface, browse to the W irele ss Services Summary page to vie w a summary of WDS status. On [...]
-
Page 283
12-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Fast Secure Roaming Using Debug Messages In pri vileg ed ex ec mode, use these deb ug commands to control the display of deb ug messages[...]
-
Page 284
12-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Fa st Secure Roaming Configuring Access Points to Support Fast Secure Roaming T o support fast, secure roaming, the access poi nts on your wir [...]
-
Page 285
12-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Fast Secure Roaming Figure 12-15 Global SSID Ma nager P age Step 6 On the SSID that suppor ts CCKM, select these settings: a. If your ac[...]
-
Page 286
12-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Fa st Secure Roaming c. Select Mandatory or Optional under Authenticate d Ke y Managemen t. If you select Mandatory , only clients that support[...]
-
Page 287
12-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Management Frame Protection Step 4 Click the over-air or ove r -ds radio butt on. Step 5 Enter the reassociation time. The v alues range[...]
-
Page 288
12-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Management Frame Pro tection Management Frame Protection operation requires a WDS and is av ailable on 32 Mb platforms only (1130, 1140, 1240, [...]
-
Page 289
12-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Management Frame Protection rejected. If you attempt to change the ke y management with Client MFP conf igured as required and ke y mana[...]
-
Page 290
12-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Management Frame Pro tection Beginni ng in pri vile ged EXEC mode, follo w these steps to conf igure the WDS: Management Frame Protection with [...]
-
Page 291
12-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Management Frame Protection This CLI command is us ed to en able 802.11w on the access point: ap(config-ssid)# 11w-pmf client r equired/[...]
-
Page 292
12-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Radio Manage ment Configuring Radio Management When you conf igure access points on y our wireless LAN to use WDS, the access points automatica[...]
-
Page 293
12-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Radio Mana gement Figure 12-1 7 WDS/WNM General Setup P age Step 4 Check the Configure W ireless Network Manager check box. Step 5 In th[...]
-
Page 294
12-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Access Points to Participate in WIDS Configuring Access Points to Participate in WIDS T o partic ipate in WIDS, access points must be configure[...]
-
Page 295
12-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Access Points to Participate in WIDS Beginning in pri vile ged EXEC mode, follo w these st eps to configure the access point to capture [...]
-
Page 296
12-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Access Points to Participate in WIDS Configuring Monitor Mode Limits Y ou c an configure threshold v a lues that the access po int uses in moni[...]
-
Page 297
CH A P T E R 13-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 13 Configuring RADIUS and TACACS+ Servers This chapter describes ho w to enable and configur e the Remote Authen ticati on Dial-In Use r Service (RADIUS) and T erminal Access Cont roller Access Control System Plus (T A CA CS+), that provides detai[...]
-
Page 298
13-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Understanding RADIUS RADIUS is a distributed client/server system th at secures networks against unauthorized access. RADIUS clien ts run on suppo rted Cisco devices and send a[...]
-
Page 299
13-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Figur e 13-1 Sequence fo r EAP A uthentication In Steps 1 through 9 in Fi gure 13-1 , a wireless client devi ce and a RADIUS serv er on the wired LAN use 802.1x and EAP to perf[...]
-
Page 300
13-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS A method list def ines the sequence and methods to be used to au thenticate, to author ize, or to keep accounts on a user. Y ou can use method lists to designate one or more se[...]
-
Page 301
13-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Y ou identify R ADIUS security server s by their host name or IP address, host name and specif ic UDP port numbers, or t heir IP address and specif ic UDP po rt numbers. The co[...]
-
Page 302
13-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Step 3 radius server {hostname | ip-address}[ auth-port port-numb er ] [ acct-port port-number ] [ timeout seconds ] [ retransmit re t r i e s ] [ key string ] Note This comman[...]
-
Page 303
13-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T o remove the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess glo bal confi guration command. This example shows ho w to configure one RADIUS s[...]
-
Page 304
13-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1 [ [...]
-
Page 305
13-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Defining AAA Server Groups Y ou can configure the access point t o use AAA server gr oups to group e xisting serv er hosts for authentication. Y o u select a subset of the conf[...]
-
Page 306
13-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Step 3 radius-server host { hostname | ip-addr ess } [ auth-port port-number ] [ acct-port port-number ] [ timeout seconds ] [ retransmit re t r i e s ] [ key string ] Specify[...]
-
Page 307
13-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T o remove the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess glo bal confi guration command. T o remov e a server group from t he config urat[...]
-
Page 308
13-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Beginni ng in pri vileged EXEC mode, fol lo w these steps to specify RADIUS authorizatio n for pri vile ged EXEC access and network services: T o dis able authorization, use t[...]
-
Page 309
13-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Note When WDS is configured, PoD requ ests should be directed to the WDS. The WDS forwards the disassociation request to the parent access point and th en purges the sessi on [...]
-
Page 310
13-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o disable accounting, use the no aaa accounting { network | exec } { start-stop } method1... global confi guration command. Selecting the CSID Format Y ou c an select the fo[...]
-
Page 311
13-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Configuring Settings fo r All RADIUS Servers Beginni ng in pri vile ged EXEC mode, follo w these steps to configure global com munication settin gs between the acc ess point a[...]
-
Page 312
13-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS This ex ample sho ws how to set up two main serv ers and a local authenticator with a serv er deadtime of 10 minutes: AP(config)# aaa new-model AP(config)# radius-server host [...]
-
Page 313
13-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS For a complete list of RADIUS attribut es or more information about VSA 26, refer to the “RADIUS Attrib utes” appendix in th e Cisco IOS Security Conf iguration Guide f or[...]
-
Page 314
13-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o delete the vendor -proprietary RADIUS host, use the no radius-server host { hostna me | ip-addr ess } non-standard global conf iguration command. T o disable the key , use[...]
-
Page 315
13-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Beginning in pri vile ged EXEC mode, follo w these st eps to specify WISPr RADIUS attributes on the access point: This exampl e sho ws ho w to conf igur e the WISPr location-n[...]
-
Page 316
13-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS RADIUS Attributes Sent by the Access Point T able 13-2 through Ta b l e 1 3 - 6 identify the at trib utes sent by an a ccess point to a client in access-request, access-accept[...]
-
Page 317
13-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T able 1 3-4 At tr ibutes Sent in Ac counting-Request (start) P ack ets Attribute ID Description 1U s e r - N a m e 4 N AS-IP-Addres s 5N A S - P o r t 6 Service-T ype 25 Clas[...]
-
Page 318
13-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Note By default, the access point sends reauthenticati on requests to the authenticat ion server with the service-type attrib ute set to authenticat e-only . Ho wever , some M[...]
-
Page 319
13-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ Configuring and Enabling TACACS+ This section contains this conf iguration information: • Understanding T A CACS+, p age 13-23 • T A CACS+ Operation, p age 13-24 • Confi[...]
-
Page 320
13-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ TACACS+ Operation When an administrator attempts a simple ASCII login by authenticating to an access po int using T A CA CS+, this process occurs: 1. When the connection i s [...]
-
Page 321
13-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ This section contains this conf iguration information: • Default T ACA CS+ Conf iguration, page 13-25 • Identifying t he T A CA CS+ Server Host and Setting the A uthentica[...]
-
Page 322
13-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ T o remove the specified T A CA CS+ server name or address, use the no tacacs-server host hostname global conf iguration command. T o remove a ser ver group fro m the conf ig[...]
-
Page 323
13-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ T o disable AAA, use the no aaa new-model global confi guration command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } method1 [[...]
-
Page 324
13-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ The aaa authoriza tion exec ta cacs+ local command set s these authorization pa rameters: • Use T A CA CS+ for privile ged EXEC access authorization if authent ication was [...]
-
Page 325
13-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ T o disable accounting, use the no aaa accounting { network | exec } { start-stop } method1... global confi guration command. Displaying the TACACS+ Configuration T o display [...]
-
Page 326
13-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+[...]
-
Page 327
CH A P T E R 14-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 14 Configuring VLANs This chapter describes how to configure your access point to operate with the VLANs set up on your wired LAN. This chapter contains th e follo wing sections : • Understanding VLANs, page 14-2 • Conf iguring VLANs, p age 14[...]
-
Page 328
14-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Understanding VLANs Understanding VLANs A VLAN is a switched network that is logically segmen ted, by functions, project teams, or applications rather than on a physical or geographical basis. For e xample, all w orkstations and s[...]
-
Page 329
14-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Understanding VLANs Figur e 14-1 LAN and VLAN Segmentation with Wireless Devices Related Documents These documents prov ide more detailed informati on pertaining to V LAN design an d conf iguration: • Cisco IOS Switchi ng Service[...]
-
Page 330
14-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Configuring VLANs Incorporating Wireless Devices into VLANs The basic wireless componen ts of a VLAN consist of an access point and a client associated to it using wireless technology . The access point is physically connected th [...]
-
Page 331
14-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Configuri ng VLANs Configuring a VLAN Note When you confi gure VLANs on access points, the nati ve VLAN must be VLAN1. In a sin gle architecture, client traff ic rece i ved by the access poi nt is tunneled through an IP-GRE tunnel,[...]
-
Page 332
14-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Configuring VLANs Step 3 ssid ssid-string Create an SSID and enter SSID configuration mode for the new SSID. The SSID can consist of up t o 32 alphanumeric characters. SSI Ds are cas e sensiti ve. The SSID can consist of up to 32 [...]
-
Page 333
14-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Configuri ng VLANs This example sho ws how to: • Name an SSID • Assign the SSID to a V LAN • Enable the VLAN on the radio and Ethernet ports as the na tiv e VLAN ap1200# configure terminal ap1200(config)# interface dot11radio[...]
-
Page 334
14-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns Configuring VLANs Creating a VLAN Name Beginning in pri vileged EXEC mod e, follo w these steps to assign a name to a VLAN: Use the no form of the command to remov e the name from the VLAN. Use the show dot11 vlan-name priv ileged[...]
-
Page 335
14-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs Configuri ng VLANs Using a RADIUS Server for Dynamic Mobility Group Assignment Y ou can configure a RADIUS server to dynamically assi gn mobility groups to users or user g roups. This eliminates the need to conf igure multiple SSID[...]
-
Page 336
14-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns VLAN Configuration Ex ample Virtual-Dot11Radio0 Protocols Configured: Address: Received: Transmitted: Bridging Bridge Group 1 201688 0 Bridging Bridge Group 1 201688 0 Bridging Bridge Group 1 201688 0 Virtual LAN ID: 2 (IEEE 802.[...]
-
Page 337
14-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 14 Configuring VLANs VLAN Configuration Example 4. Configure VLAN 1, the Management VLAN, on both the fastEthernet and do t11radio interfaces on the access point. Y ou should make th is VLAN the nati ve VLAN. 5. Config ure VLANs 2 and 3 on both the f [...]
-
Page 338
14-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 14 Configuring VLA Ns VLAN Configuration Ex ample T able 14-3 shows th e results of the conf iguration commands in T able 14-2 . Use the sho w running command to display th e running conf igurati on on the access point. Notice that when yo u config ur[...]
-
Page 339
CH A P T E R 15-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 15 Configuring QoS This chapter describes how to conf igure quality of se rvice (QoS) on your access point. W ith this feature, you can provide preferential treatment to certain traff i c at the expense of others. W ithout QoS, the access point of[...]
-
Page 340
15-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Understanding QoS for Wireless LANs T ypically , networks operate on a best-ef fort deliv ery ba sis, which means that all traf fic has equal priority and an equal chance of being deli vered in a t[...]
-
Page 341
15-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs QoS on the wireless LAN focuses on do wnstream prioritization from the access point. Fi gure 15-1 sho ws the upstream and downstream traf f ic flow . Figur e 15-1 Upstream and Downstr eam T raf fic[...]
-
Page 342
15-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Note This release continues to support e xisting 7920 wireless phone f irmwa re. Do not attempt to u se the ne w standard (IEEE 802.11e dr aft 13) QBSS Load IE with the 7 920 W ireless Phone until [...]
-
Page 343
15-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Using Band Select Band Select allo ws you to mo ve to the less cong ested radios if your W i-Fi radios are capable of dual band operati on. This feat ure improves the ov erall performance of the ne[...]
-
Page 344
15-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS - ap (conf ig)# dot11 ssid abcd - ap(conf ig-ssid)# band-select Configuring QoS QoS is disabled by default (ho wever , the radio interf ace al ways honors tagged 802. 1P packets e ven when you have not configured a Qo[...]
-
Page 345
15-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS Figur e 15-2 QoS Policies P age Step 3 Wi t h <NEW> selected in the Create/Edit Polic y f ield, type a name for the QoS polic y in the Policy Name entry fi eld. The name can contain up to 25 alphanumer ic chara[...]
-
Page 346
15-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS Step 4 If the packets that you need to pr ioritize contain IP preced ence information in the IP header TOS field, select an IP precedence classifica tion from the IP Precede nce drop-do w n list. Menu selections i ncl[...]
-
Page 347
15-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS • Class Selector 1 • Class Selector 2 • Class Selector 3 • Class Selector 4 • Class Selector 5 • Class Selector 6 • Class Selector 7 • Expedited Forwarding Step 8 Use the Apply Class of Service drop-d[...]
-
Page 348
15-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS Step 19 Click the A pply bu tton at the bottom of the page to apply the policies t o the access point ports. The QoS Policies Advanced Page The QoS Policies Advanced page ( Fi gure 15-3 ) Figur e 15-3 QoS Policies - [...]
-
Page 349
15-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS IGMP Snooping When Internet Group Membership Protocol (IG MP) snooping is enabled on a switch and a client roams from one access point to another, the clients’ multicast session is dropped. When the ac cess points[...]
-
Page 350
15-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS Adjusting Radio Access Categories The access point uses the radio access categories to calculate backoff times for each packet. As a rule, high-priority packets hav e short backoff times. The default v alues in the M[...]
-
Page 351
15-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS Configuri ng QoS Figur e 15-4 Radio Access Categ or i es P a ge Note In this release, clients are blocked from using an access category when you select Enable for Admission Control. Configuring Nominal Rates When an access point rec[...]
-
Page 352
15-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS Configuring QoS http://cisco. com/en/US/docs/wireless/access_poin t/12.4_10b_J A/command/reference/cr12410b-chap2 . html#wp325708 0 Note The abov e rates work f ine for Cisco phones. Third parties wireless phones may ha ve a dif fer[...]
-
Page 353
15-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Examples Troubleshooting Admissio n Control Y ou can use two CLI commands to d isplay information to h elp you troubleshoot adm ission control problems: • T o display current admission control sett ings on radio [...]
-
Page 354
15-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Example s Figure 15-5 QoS Policies P age f or V oice Example The network admin istrat or also enables the QoS element for wir eless phones setting on the QoS Policies - Adv anced page. This setting gi ves priority [...]
-
Page 355
15-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Examples Figure 15-6 QoS Policies P age for Video Example[...]
-
Page 356
15-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 15 Configuring QoS QoS Configuration Example s[...]
-
Page 357
CH A P T E R 16-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 16 Configuring Filters This chapter describe s how to configure and manage MA C address, IP , and EtherT ype filters on the access point using the we b-bro wser interface. Th is chapter contains the follo wing sections: • Understanding Filters, [...]
-
Page 358
16-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Understanding Filters Understanding Filters Protocol filters (IP protocol , IP port, and EtherT ype) pr ev en t or allow the use of specific protocols through the acc ess point’ s Ethernet and rad io ports. Y ou can se t up ind[...]
-
Page 359
16-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Configuring Filters Using the Web-Browser Interface This section descri bes ho w to conf igure and enab le f ilters using the web-bro wser interface. Y ou complete two steps to [...]
-
Page 360
16-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Figure 16-1 MAC Addr ess Filters P age Follo w this link path to reach the Address Filters page: 1. Click Services in the page na vigation bar . 2. In the Services page list, [...]
-
Page 361
16-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Step 5 Use the Mask entry field to indicate ho w many bits, from left to right, the f ilter checks against the MA C address. For e xample, to require an exact matc h with the MA[...]
-
Page 362
16-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface If clients are not f iltered immediately , click Reload on the System Confi guration page to restart t he access point. T o reach the Syst em Conf iguration page, click System[...]
-
Page 363
16-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Step 3 Click Advanced Security to bro wse to the Adv anced Security: MA C Address Authentication page. Figure 16-4 sho ws the MAC Address Authentication page. Figur e 16-4 Adv a[...]
-
Page 364
16-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Step 6 Click A pply . Creating a Time-Based ACL T ime-ba sed A CLs are ACLs that can be enabled or disabled for a specific period of time. This cap ability provid es robust ne[...]
-
Page 365
16-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface ACL Logging A CL logging is not supported on the br idging interfaces of A P platforms. When applied on bridgin g interface, it wi ll work as if conf igured without “log” op[...]
-
Page 366
16-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Figure 16-6 I P Filters P age Follo w this link path to reach the IP Filters page: 1. Click Services in the page na vigation bar . 2. In the Services page list, click Filters[...]
-
Page 367
16-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Creating an IP Filter Follo w these steps to create an IP filter: Step 1 Follo w the link path to the IP Filters page. Step 2 If you are creating a new f ilter, mak e sure <[...]
-
Page 368
16-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Step 15 When the f ilter is complete, click A pply . The f ilter is sav ed on the access point, but it i s not enabled unti l you apply it on the Appl y Filters pa ge. Step 1[...]
-
Page 369
16-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Figur e 16-8 Ethe rT ype Filters P age Follo w this link path to reach the EtherT ype Filters page: 1. Click Services in the page na vigation bar . 2. In the Services page list[...]
-
Page 370
16-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Step 7 Click Add . The EtherT ype appears in the Filters Classes fi eld. T o remove the EtherT ype from the Filters Classes list, select it and click Delete Class . Repeat St[...]
-
Page 371
CH A P T E R 17-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 17 Configuring CDP This chapter describes ho w to configure Cisco Disco very Protocol (CDP) on your access point . Note For complete syntax and usage in formation for the co mmands used in this chapter, refer to the Cisco Air onet IOS Command Refe[...]
-
Page 372
17-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Understanding CDP Understanding CDP Cisco Discov ery Protocol (CDP) is a de vice-disco v ery protocol that runs on all Ci sco network equipment. Each de vice sends identifying messages to a multicast address, and e ach device monito[...]
-
Page 373
17-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 17 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This exampl e sho ws ho w to conf igur e and verify CDP characteristics: AP# configure terminal AP(config)# cdp holdtime 120 AP(config)# cdp time[...]
-
Page 374
17-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Monitoring and Maintaining CDP This e xample sho ws how to enable CDP . AP# configure terminal AP(config)# cdp run AP(config)# end Disabling and Enabling CDP on an Interface CDP is enabled by def ault on all supported in terfaces to[...]
-
Page 375
17-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 17 Configuring CDP Monitori ng and Maintaining CDP Belo w are si x exampl es of output from t he CDP show pri vileged EXEC commands: AP# show cdp Global CDP information: Sending CDP packets every 50 seconds Sending a holdtime value of 120 seconds AP# s[...]
-
Page 376
17-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Monitoring and Maintaining CDP Device ID: idf2-1-lab-l3.cisco.com Entry address(es): IP address: 10.1.1.10 Platform: cisco WS-C3524-XL, Capabilities: Trans-Bridge Switch Interface: GigabitEthernet0/1, Port ID (outgoing port): FastEt[...]
-
Page 377
17-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 17 Configuring CDP Monitori ng and Maintaining CDP AP# show cdp neighbor Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device IDLocal InterfaceHoldtmeCapabilityPlatformPort ID Perdi[...]
-
Page 378
17-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 17 Configur ing CDP Monitoring and Maintaining CDP[...]
-
Page 379
CH A P T E R 18-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 18 Configuring SNMP This chapter describe s how to configure the Simple Network Managemen t Protocol (SNM P) on your access point. Note For complete syntax and usage info rmation for th e commands used i n this chapter , refer to the Cisco IOS Com[...]
-
Page 380
18-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Understanding SNMP Understanding SNMP SNMP is an appli cation-layer protocol that p r ovides a message format for communication between SNMP manage rs and agents. The SN MP manager ca n be part of a net work management system (NMS)[...]
-
Page 381
18-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Understanding SNMP T able 18-1 lists the SNMP versio ns and security le vels supported on access points. For detailed infor mation on SN MPv3, click th is link to browse to the Ne w F eature Do cumentation for Cisco IOS Release 12.0[...]
-
Page 382
18-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Understanding SNMP SNMP Agent Functions The SNMP agent responds to SNMP manager request s as follo ws: • Get a MIB variable—The SNM P agent b egins this func tion in r esponse to a request f rom the NMS. The agent retriev e s t[...]
-
Page 383
18-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP Configuring SNMP This section descri bes ho w to conf igure SNMP on your access point. I t contains this conf iguration inform ation: • Default SNMP Conf iguration, page 18-5 • Enabling the SNMP Agent, page 18-5[...]
-
Page 384
18-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Configuring SNMP Configuring Community Strings Y ou use the SNMP community string to def ine th e relationship between the SNMP manager and the agent. The community stri ng acts like a passw ord to permit access to the agent on the[...]
-
Page 385
18-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP T o disable access for an SNMP community , set the communi ty string for that community to the null string (do not enter a v alue for th e community string). T o remov e a specif ic community string , use the no snm[...]
-
Page 386
18-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Configuring SNMP Configuring SNMP-Server Hosts T o configure the recip ient of an SNMP trap oper ation, use the follo wing command in global confi guration mode: Configuring SNMP-Server Users T o configure a ne w user to an SNMP gr[...]
-
Page 387
18-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP Some notif ication types cannot be contro lled with the snmp-server enable global conf iguration command, such as udp-port . These notification types are always enabled. Y ou can use the snmp-server host global conf[...]
-
Page 388
18-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Configuring SNMP T o remov e the specified hos t from receiving traps , use the no snmp-server host host global confi guration command. T o disable a specif ic trap type, use the no snmp-server enable traps notif ication-t ypes gl[...]
-
Page 389
18-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 18 Configuring SNMP Configuring SNMP This example sho ws how to assign the strings open and ieee to SNMP , to allow read-write access for both, and to specify that open is the community string for quer ies on non-IEEE80 2dot11-MIB objects and ieee is [...]
-
Page 390
18-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 18 Configu ring SNMP Displaying SNMP Status AP(config)# snmp-server group admin v3 priv read iso write iso AP(config)# snmp-server user joe admin v3 auth md5 xyz123 priv des56 key007 AP(config)# snmp-server user fred admin v3 encrypted auth md5 abc789[...]
-
Page 391
CH A P T E R 19-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 19 Configuring Repeater and Standby Access Points and Workgroup Bridge Mode This chapter describes how to conf ig ure your a ccess point as a repeater , as a hot standby unit, or as a workgroup bridge. This chapter co ntains the following sections[...]
-
Page 392
19-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Repeater Ac cess Points Understanding Repeater Access Points A repeater access point is not connected to the wired LAN ; it is placed within radio range of an [...]
-
Page 393
19-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Repeater Access Point Figur e 19-1 Access P o int as a Repeater Configuring a Repeater Access Point This section pro vides instruct ions for setting u p an acc[...]
-
Page 394
19-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Re peater Access Point Default Configuration Access points are configured as root units by default. T able 19-1 sho ws the default v alues for settings that co[...]
-
Page 395
19-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Repeater Access Point Setting Up a Repeater Beginning in Pri vileged Exec mode, fol low th ese steps to conf igure an access point as a repeater: Command Purpo[...]
-
Page 396
19-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Aligning Antennas The follo wing example sho ws how to set up a repeat er access point with three potential parents, designated 1 t o 3: AP# configure terminal AP(config)# i[...]
-
Page 397
19-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Aligning Antennas Use the show dot11 antenna-alignment command to list the MA C addresses and signal level for the last 10 de vices that responded to the probe. Verifying Re[...]
-
Page 398
19-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Aligning Antennas Setting Up a Repeater As a WPA Client WP A key management uses a combination of encr yption methods to protect communi cation between client devices and th[...]
-
Page 399
19-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Hot Standby Understanding Hot Standby Hot Standby mode designates an access point as a backup for another acces s point. The standby access point is placed nea[...]
-
Page 400
19-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Hot Standby Access Point Configuring a Hot Standby Access Point When you set up the standby access po int, you must enter the MA C addr ess of the access poin[...]
-
Page 401
19-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Hot Standby Access Po int Beginni ng in Pri vileg ed Exec mode , follow these st eps to enable hot standby mode on an access point: Command Purpose Step 1 con[...]
-
Page 402
19-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Hot Standby Access Point After you enable standby mode, conf igure the settings that you recorded from the monitored access p oint to match on the standby acc[...]
-
Page 403
19-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Workgroup Bridge Mode Use this command to check the stand by confi guration: show iapp standby-parms This command di splays the MAC address of the st andby ac[...]
-
Page 404
19-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Wo rkgroup Brid ge Mode Caution An access point in workgroup bridge mode can introd uce a bridge loop if you co nnect its Ethernet port to your wired LAN. T o[...]
-
Page 405
19-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Workgroup Bridge Mode Figure 19-2 sho ws an a ccess point in workgroup br idge mode. Figur e 1 9-2 Access P oint in W ork group Br idg e Mode Treating Workgro[...]
-
Page 406
19-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Wo rkgroup Brid ge Mode bridges, t hat can as sociat e to an access point or bridge. T o increase beyond 20 the number of w orkgroup bridges that can associat[...]
-
Page 407
19-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Workgroup Bridge VLAN Tagging The follo wing e xample sho ws ho w the command is used . In the example, channels 1, 6, and 11 are specified to scan: ap# ap#confure terminal[...]
-
Page 408
19-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring Work group Bridge Mode In the upstream direction, WGB remo ves the 802 .1q he ader from the pack et while sending to the WLC. In the downst ream direction while[...]
-
Page 409
19-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring Workgroup Bridge Mode This exampl e sho ws how to conf igure an 1100 series access point as a workgroup bri dge. In this exam ple, the workgrou p bridge uses th[...]
-
Page 410
19-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge s in a Lightweight Environment This example sho w s how to set up a w orkgroup bridge with the parent access points, designated 1 and 2: AP(config-if[...]
-
Page 411
19-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Using Workgroup Bridges in a Lightweight Environment • The workgroup bridge can be any autonomous acce ss point that supports the workgroup bridge mode and is running Cis[...]
-
Page 412
19-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge s in a Lightweight Environment • When you delete a workgroup bridg e record from the controller , all of the workgroup bridg e wired clients’ rec[...]
-
Page 413
19-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Using Workgroup Bridges in a Lightweight Environment Enabling VideoStream Suppo rt on Workgroup Bridges V ideoStream impro ves the reliabi lity of an IP multicast stream by[...]
-
Page 414
19-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge s in a Lightweight Environment[...]
-
Page 415
CH A P T E R 20-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 20 Managing Firmware and Configurations This chapter describ es how to manipulate the Flash fi le system, ho w to copy configuration f iles, a nd ho w to archiv e (upload and download) software images. Note For complete syntax and usage info rmati[...]
-
Page 416
20-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System Displaying Available File Systems T o display the av ailable file systems on your access point, use the sho w f ile systems privile ged EXEC command as sho wn in this e xample:[...]
-
Page 417
20-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with the Flash File System Setting the Default File System Y ou can specify the file system or direct ory that the system uses as the default file system by usi ng the cd filesyst em: pri vile ged EXEC co[...]
-
Page 418
20-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System Creating and Removing Directories Beginning in pri vile ged EXEC mode, follo w these steps to create and remo ve a directory: T o delete a directory with all its files and subd[...]
-
Page 419
20-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with the Flash File System • From a startup conf iguration to a startup configuration • From a de vice to the same de vice (for example, the copy flash: flash: command is in v alid) For specific e xam[...]
-
Page 420
20-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System • For the T rivial Fil e T ransfer Protocol (TFTP), the syntax i s tftp: [[ // location ] / dir ectory ] / tar- fil ename .tar The tar-filename .tar is the tar file to be cre[...]
-
Page 421
20-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s Extracting a tar File T o e xtract a ta r file into a directory o n the Flash file system, use this pr i vileged EXEC comm and: archiv e tar /xtract sour c e-url flash:/ fi le - [...]
-
Page 422
20-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Yo u c a n c o p y ( download ) configuration f iles from a TFTP , FTP , or RCP server to the running configuration of the access point for v arious reasons: • T o restore a ba[...]
-
Page 423
20-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s config uration is used. Ho wever , some commands in the e xisting conf iguration might not be replaced or nega ted. In this case, the resulting conf iguration f ile is a mixture [...]
-
Page 424
20-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Preparing to Download or Upload a Configuration File by Using TFTP Before you be gin do wnloading or uploading a conf iguratio n file by using TFTP , perform these tasks: • En[...]
-
Page 425
20-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s The configuration f ile do w nloads, and the commands are executed as th e f ile is parsed line-by-line. This example sho w s ho w to conf igure the software from the f ile toky[...]
-
Page 426
20-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files • The access point forms a password named username@apn ame. domain . The v ariable username is the username associated with the current session, apname is the configured host [...]
-
Page 427
20-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s This example sho ws how to cop y a config uration f ile named host1-confg from the netadmin1 directory on the remo te server with an IP address of 172.16.101.101 and to lo ad an[...]
-
Page 428
20-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files This exampl e sho ws how to copy the run ning conf iguration f ile named ap2-confg to the netadmin1 directory on the remote host with an IP address of 172.16.101.101: ap# copy s[...]
-
Page 429
20-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s access to a server that supports the remote shell (rsh). (Most UNIX systems support rsh.) Because you are copying a f ile from one place to another , you must hav e read permiss[...]
-
Page 430
20-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files ap1.company.com ap1 For more information, r efer to th e documentation for yo ur RCP server . Downloading a Configuration File by Using RCP Beginni ng in pri vileged EXEC mode, [...]
-
Page 431
20-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s %SYS-5-CONFIG_NV:Non-volatile store configured from host2-config by rcp from 172.16.101.101 Uploading a Configuration File by Using RCP Beginni ng in pri vile ged EXEC mode, fol[...]
-
Page 432
20-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Deleting a Stored Configuration File Caution Y ou cannot restore a file af ter it has been deleted. T o delete a saved conf iguration from Flash memory , use the d elete flash: fi [...]
-
Page 433
20-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images tar File Format of Images on a Server or Cisco.com Software images located on a server or d ownload ed from Cisco .com are pro vided in a tar f ile format, which contains these files[...]
-
Page 434
20-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Note Y ou must restart the inetd daemon after modify ing the /etc/inetd.conf and / etc/services f iles. T o restart the daem on, either stop the inetd process and restart it, or en[...]
-
Page 435
20-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note T o a void an unsuccessful do wnload, use the archi ve dow nload-sw /safe command, whi ch do wnloads the image fi rst and does not delete the current runnin g version un til the[...]
-
Page 436
20-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s The algorithm installs the do wnloaded image on the system board Flash de vice (flash:). The image is placed into a ne w directory named with the softw are version string , and the[...]
-
Page 437
20-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images • Downloading an Image File by Using FTP , page 20-24 • Uploading an Im age File by Using FTP , pa ge 20-26 Preparing to Download or Upload an Image File by Using FTP Y ou can co[...]
-
Page 438
20-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s For more information, r efer to th e documentation for yo ur FTP server . Downloading an Image File by Using FTP Y ou can dow nload a ne w image fi le and o ve rwrite the cur rent [...]
-
Page 439
20-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note T o a void an unsuccessful do wnload, use the archi ve dow nload-sw /safe command, whi ch do wnloads the image fi rst and does not delete the current runnin g version un til the[...]
-
Page 440
20-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s If you specify the /lea ve-old-sw , the e xisting f iles are not remo ved. If there is no t enough space to install the ne w image and k eep the r unning image, the do wn load proc[...]
-
Page 441
20-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images The archiv e upload-sw command b uilds an image f ile on the serv er by uploading th ese fi les in order: info, the Cisco IOS image, th e HTML files, and i nfo.ver . After these file[...]
-
Page 442
20-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s RCP requires a client to send a remote usern ame on each RCP request to a server . When you copy an image from the access point to a server by using RCP , the Cisco IOS software se[...]
-
Page 443
20-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Downloading an Image File by Using RCP Y ou c an download a ne w image file an d replace or keep the current image. Caution For the do wn load and upload algo rithms to operat e prop[...]
-
Page 444
20-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Note T o a void an unsuccessful do wnload, use the archi ve dow nload-sw /safe command, whi ch do wnloads the image fi rst and does not delete the current runnin g version un til t[...]
-
Page 445
20-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note If the Flash de vice has suff icient space to hold two images and you want to ov erwrite one of these images with the same versi on, you must specify the /ov erwrite optio n. If[...]
-
Page 446
20-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s The archive upload-sw pri vile ged EXEC command buil ds an image f ile on the serv er by uploading these files in order: info, the Cisco IOS i mage, the HTML files, and info.ver . [...]
-
Page 447
20-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Step 7 Click the Upgrade b utton. For additi onal information, cl ick the Help icon on the Software Upgrade screen. Browser TFTP Interface The TFTP interface allo ws you to use a TFT[...]
-
Page 448
20-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s[...]
-
Page 449
CH A P T E R 21-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 21 Configuring System Message Logging This chapter describes how to conf igure sy stem message logging on your acces s point. Note For complete syntax and usage info rmation for th e commands used i n this chapter , refer to the Cisco IOS Confi gu[...]
-
Page 450
21-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Understanding System Message Lo gging Understanding System Message Logging By default, access points send the outpu t from system messages and deb ug privile ged EXEC commands to a logging process. The l ogging [...]
-
Page 451
21-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging T able 21-1 describes the elements of syslog messages. This example show s a partial access point system message : 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed stat[...]
-
Page 452
21-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging Disabling and Enabling Message Logging Message logging is enabled by default. It must be en abled to send messages to any d estination other than the console. When enabled, log[...]
-
Page 453
21-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging Setting the Message Display Destination Device If message logging is en abled, you ca n send messages to specific locati ons in addition to the cons ole. Beginni ng in pri vile g[...]
-
Page 454
21-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging Enabling and Disabling Timestamps on Log Messages By default, log messag es are not timestamped. Beginni ng in pri vile ged EXEC mode, follo w these steps to enable ti mestampi[...]
-
Page 455
21-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging This example sh ow s part of a logging display with sequenc e numbers enabled: 000019: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) Defining the Message Severi[...]
-
Page 456
21-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging T able 21-3 describes the level ke yword s. It also lists the corresponding UNIX syslo g defini tions from the most se vere le vel to the least se vere le vel. The software gen[...]
-
Page 457
21-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging Beginni ng in pri vile ged EXEC mode, follo w these steps to change the lev el and history table size defaults: When the history table is fu ll (it contains the maximum number of[...]
-
Page 458
21-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Configuring System Message Logging Configuring UNIX Syslog Servers The next sections describe how to configure the 4.3 BSD U NIX server syslog daemon and de fine the UNIX system logging f acility . Logging Mess[...]
-
Page 459
21-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring System Message Logging Configuring System Message Lo gging T o remove a syslog server , use the no logg ing host global conf iguration comman d, and specify the syslog server IP address. T o disable logg ing to syslog servers, enter the[...]
-
Page 460
21-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uri ng System Message Logg ing Displaying the Logging Configuration Displaying the Logging Configuration T o display the current logging con figur ation and the co ntents of the log b uffer , use the show lo gging pri vileged EXEC co mmand. [...]
-
Page 461
CH A P T E R 22-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 22 Troubleshooting This chapter pro vides troubleshooting procedures for basic p roblems with the wireless de vice. For the most up-to-date, detail ed troubleshooting i nformation, refer to the Cisco T A C website at the follow ing URL (select T o[...]
-
Page 462
22-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Checking the Top Panel Indicators If your wireless de vice is not communicating, check the three LED indicators on the top panel to quickly assess the device ’s status. Figure 22-1 sho ws the indi[...]
-
Page 463
22-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Figur e 22-2 Indicators on the 1 1 00 Series A ccess Point Figur e 22-3 Indicators on the 350 Ser ies Access P oint (Plastic Case) Ethernet Status Radio 81597 S CISCO AIRONET 350 SERIES WIRELESS ACC[...]
-
Page 464
22-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Figur e 22-4 Indicators on the 350 Ser ies Access P oint (Metal Case) The indicator sign als on the wi reless de vice hav e the follo wing meanings (for additional d etails refer to T able 22-1 ): ?[...]
-
Page 465
22-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note Regarding LED status colors, it is expected that there will be small v ariations in color intensity and hue from unit to unit. This is within the normal range of the LED manufa cturer’ s spec[...]
-
Page 466
22-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators The LED signals are listed in Ta b l e 2 2 - 2 . T able 22-2 LED Signals Message type Cable Bay Area T op of Unit Meaning Ethernet LED Radio LED Status LED Boot loader st atus Green Green Green DRAM[...]
-
Page 467
22-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note Regarding LED status colors, it is expected that there will be small v ariations in color intensity and hue from unit to unit. This is within the normal range of the LED manufa cturer’ s spec[...]
-
Page 468
22-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Indicators on 1040 or 1140 Series Access Point If your access point i s not workin g properly , check the Eth ernet and Status LEDs of the uni t. Y ou can use the LED indications to quickly assess t[...]
-
Page 469
22-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators 48VD C MO D E CO NSOL E E T HE RNE T 207523 2 3 4 1 1 Reset Button 3 Ethernet LED 2 Console LED 4 DC Po wer T able 2 2-3 1 040 or 1 140 Ser ies Access P oint LED Signals Message type Ethernet LED St[...]
-
Page 470
22-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Note It is expected that there will be small va riations in LED color intensity and hue from unit to unit. This is within the normal range of th e LED manufact urer’ s specifications and is not a[...]
-
Page 471
22-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Indicators on 1240 Series Access Points If your access point is not w orking properly , check the Status, Ethernet, and Radio LEDs on the 2.4 GHz end of the unit. Y ou can use the LED indicati ons [...]
-
Page 472
22-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Note It is expected that there will be small va riations in LED color intensity and hue from unit to unit. This is within the normal range of th e LED manufact urer’ s specifications and is not a[...]
-
Page 473
22-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Indicators on 1250 Access Points If your access point is not w orking properly , check the Ethernet, Status, and Radio LEDs on the 2.4 GHz end of the unit. Y ou can use the LED indicatio ns to quic[...]
-
Page 474
22-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators T able 2 2-5 1250 Ser ies Access P oint LED Signals Message type Ethernet LED Status LED Radio LED Meaning Boot loader status G reen Off Amber DR AM test in progress. Green Green Green DRAM memory [...]
-
Page 475
22-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note It is expect ed that there will be small v ariations in LED color intensity and hue from unit to un it. This is within the normal range of th e LED manufact urer’ s specifications and is not[...]
-
Page 476
22-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Figur e 22-8 126 0 Ser i es Access P oint LED T able 22-6 shows th e 1260 access point LED indicators for v arious conditions. T able 2 2-6 1260 A ccess Point LED Status Indicat ors 1 207522 1 Stat[...]
-
Page 477
22-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Indicators on 1300 Outdoor Access Point/Bridges If your access point/bridge is no t associating with a remot e bridge or access point, check the four LEDs on the back panel. Y ou can use them to qu[...]
-
Page 478
22-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Figur e 22-9 LEDs Normal Mode LE D Indications During access poi nt/bridge op eration the LEDs provide status information as sho w n in T a ble 22-7 . R Radio LED E Ethernet LED S Status LED I Inst[...]
-
Page 479
22-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking the Top Pan el Indicators Note It is expect ed that there will be small v ariations in LED color intensity and hue from unit to un it. This is within the normal range of th e LED manufact urer’ s specifications and is not[...]
-
Page 480
22-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking the Top Panel Indicators Power Injector When the po wer injector is po wered up, it applie s 48-VDC to the dual-coax cables to the access point/bridge. When po wer is applied to the access point/bridge , th e unit acti vat[...]
-
Page 481
22-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Checking Power • Cisco Aironet Power Injector LR2— standard (inclu ded with the b ridge) – 48-VDC inpu t power – Uses the 48-VDC po wer module (included with the bridge) • Cisco Aironet Po wer Injector LR2T—optional tran[...]
-
Page 482
22-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Checking Basic Settings access point remains in lo w power mode wi th the radios disabled to pre vent a possible o ve r-cu rrent condition. In lo w power mode, the access point acti vates the S tatus LED lo w po wer error indicatio[...]
-
Page 483
22-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Resetting to the Default Configuration Note The wireless de vice MAC address th at appears on the Status page in the Air onet Client Utility (A CU) is the MA C address for the wireless device radio. The MA C address for the acces s [...]
-
Page 484
22-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Resetting to th e Default Configuration Using the Web Browser Interface Follo w these steps to delete the current conf iguration and return all wireless de vice settings to the fact ory defaults usin g the web bro wser interface: S[...]
-
Page 485
22-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Reloading the Access Point Image flashfs[0]: flashfs fsck took 0 seconds. ...done initializing Flash. Step 5 Use the dir flash: command to display the contents of Flash and f ind the config.txt conf iguration file. ap: dir flash: Di[...]
-
Page 486
22-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Reloading the A ccess Point Image Using the MODE button Y ou can use the MODE but ton on 1040, 1100 and 1200 series access point s to reload the access point image file from an acti ve Tri vial File T ransfer Pr otocol (TFTP) serve[...]
-
Page 487
22-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Reloading the Access Point Image Browser HTTP Interface The HTTP interface enables you to bro w se to the wireless de vice image file on your PC and do wnload the image to the wireless de vice. Follo w the instructions belo w to use[...]
-
Page 488
22-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Reloading the A ccess Point Image Using the CLI Follo w the steps belo w to reload the wirel ess de vice image using the CLI. When the wireless device begin s to boot, you interru pt the boot process and use bo ot loader commands t[...]
-
Page 489
22-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Reloading the Access Point Image extracting c350-k9w7-mx.122-13.JA1/html/level1/appsui.js (558 bytes) extracting c350-k9w7-mx.122-13.JA1/html/level1/back.htm (205 bytes) extracting c350-k9w7-mx.122-13.JA1/html/level1/cookies.js (502[...]
-
Page 490
22-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Image Recovery on the 1520 Access Point Step 6 Click IOS . A list of av ailable C isco IOS versions appears. Step 7 Choose the v ersion you wish to do wnload. The do wnload page for the v ersion you chose appears. Step 8 Click WIRE[...]
-
Page 491
22-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Image Recovery on the 1520 Access Point T o perform image recovery on the 15 20 access point, follo w these steps: Step 1 W ith the ac cess point powered of f, connect an RJ45 console cable t o the console port (). The console port [...]
-
Page 492
22-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Image Recovery on the 1520 Access Point Note If the ENABLE_BREAK=no envir onmental variab le is set, you will not be able to escape to the bootloader . Step 5 Cable the 1520 access point’ s LAN port (“PoE In”) to a TFTP serve[...]
-
Page 493
22-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 22 Troubleshooting Image Recovery on the 1520 Access Point MAC_ADDR=00:1F:27:75:DB:00 MAC_ADDR_BLOCK_SIZE=01 00 NETMASK=255.255.255.0 NEW_IMAGE=yes PCA_ASSY_NUM_800=03 20 00 70 ed 03 PCA_PART_NUM_73=49 2a a6 03 PCA_REVISION_NUM=B0 PCA_REVISION_NUM_800[...]
-
Page 494
22-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 22 Troublesho oting Image Recovery on the 1520 Access Point[...]
-
Page 495
A-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-29225-01 APPENDIX A Protocol Filters The tables in this appendix list some of the prot ocol s that you can f ilter on th e access point. The tables include: • T able A-1, EtherT ype Pr otocols • T able A-2, IP Protocols • T able A-3, IP Port Protocols In each table,[...]
-
Page 496
A-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix A Protocol Filters T able A -1 Ether T ype Prot ocols Protocol Additional Identifier ISO Designator ARP — 0x0806 RARP — 0x8035 IP — 0x0800 Berkele y T railer Negotiation — 0x1000 LAN T est — 0x0708 X.25 Le vel3 X.25 0x0805 Ban yan — 0x0B AD[...]
-
Page 497
A-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix A Protocol Filters T able A -2 IP Protocols Protocol Additional Identifier ISO Designator dummy — 0 Internet Control Message Protocol ICMP 1 Internet Group Management Prot ocol IGMP 2 T ransmission Control Protocol TCP 6 Exterior Gate way Protocol EGP[...]
-
Page 498
A-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix A Protocol Filters T able A -3 IP P or t Pr ot ocols Protocol Additional Identifier ISO Designator TCP port service multiple xer tcpmux 1 echo — 7 discard (9) — 9 systat (11) — 11 daytime (13) — 13 netstat (15) — 15 Quote of the Day qot d quo[...]
-
Page 499
A-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix A Protocol Filters TSAP iso-tsap 102 CSO Name Serv er cso-ns csnet-ns 105 Remote T elnet rtelnet 107 Postoff ice v2 POP2 POP v2 109 Postoff ice v3 POP3 POP v3 110 Sun RPC sunrpc 111 tap ident authentication auth 113 sftp — 115 uucp-path — 117 Networ[...]
-
Page 500
A-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix A Protocol Filters SNMP Unix Multiple xer smux 199 AppleT alk Routing at-rtmp 201 AppleT alk name binding at-nbp 202 AppleT alk echo at-e cho 204 AppleT alk Zone Information at-zis 206 NISO Z39.50 da tabase z395 0 210 IPX — 213 Interactiv e Mail Acce[...]
-
Page 501
B-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-29225-01 APPENDIX B Supported MIBs This appendi x lists the Simple Network Manag ement Protocol (SNMP) Management Information Bases (MIBs) that the access point su pports for this soft w are release. The Cisco IOS SNMP agent supports SNMPv1, SNMPv2, and SNMPv3. This ap pe[...]
-
Page 502
B-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix B Supported MIBs Using FTP to Acce ss the MIB Files • CISCO-MEMOR Y -POOL-MIB • CISCO-PR OCESS-MIB • CISCO-PR ODUCTS-MIB • CISCO-SMI-MIB • CISCO-TC-MIB • CISCO-SYSLOG-MIB • CISCO-WDS-INFO-MIB • ENTITY -MIB • IF-MIB • OLD-CISCO-CHASS[...]
-
Page 503
C-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-29225-01 APPENDIX C Error and Event Messages This appendix lists t he CLI error and e vent message s. The appendix contains the follo wing sections: • Con ventions, page C-2 • Software Auto Upgrade Message s, page C-3 • Association Man agement Messages, page C-5 •[...]
-
Page 504
C-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Conventions Conventions System error messages are displa yed in the fo rmat shown in Ta b l e C - 1 . T able C-1 System Er ror Message F ormat Message Component Description Example Error identif ier A string categorizing the[...]
-
Page 505
C-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Software Auto Upgrade Message s Software Auto Upgrade Messages Error Message SW-AUTO-UPGRADE-2-FATAL_FAILURE: “At tempt to upgrade softw are failed, software on flash may be deleted. Pl ease copy software into flash. Explana[...]
-
Page 506
C-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Software Auto Upgrade Messages Error Message AUTO-INSTALL-4-IP_ADDRESS_DH CP: “The radio is operating in automati c install mode and has set ip address dhcp.” Explanation The radio is oper ating in au tomatic inst all m [...]
-
Page 507
C-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Association Management Message s Association Management Messages Error Message DOT11-3-BADSTATE: “%s %s -> %s.” Explanation 802 .11 associatio n and managem ent uses a ta ble-dri ven stat e machin e to k eep track and t[...]
-
Page 508
C-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Unzip Mess ages Error Message DOT11-4-DIVER_USED: Interf ace $s, Mcs rates 8-15 disabled due to only one transmit or recieve antenna enab led Explanation These rates require that at lea st 2 rece iv e and transmit antennas b[...]
-
Page 509
C-7 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages System Log Messages System Log Messages Error Message %DOT11-4-LOADING_RADIO: Interface [ chars], loading the radio firmware ([chars]) Explanation The radio has been stopped to load ne w firmware. Recommended Action None. Erro[...]
-
Page 510
C-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages 802.11 Subsystem Messages Error Message DOT11-6-FREQ_USED: “Interfa ce %s, frequency %d selected.” Explanation After scanning for an unused frequency , th e indicated interface selected the disp[...]
-
Page 511
C-9 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-3-TX_PWR_OUT_OF_RANGE : “Interface %s Radio transmit power out of range.” Explanation The transmitter po wer le vel is o utside the normal range on the indicated radio interf a[...]
-
Page 512
C-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-6-DFS_SCAN_START: “DF S: Scanning frequency %d MHz for %d seconds.” Explanation The device has be gun its DFS scanning process. Recommended Action None. Error Message DOT11-[...]
-
Page 513
C-11 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT114-NO_MBSSID_BACKUP_VLA N: “Backup VLANs cannot be configured if MBSSID is not enabled. %s not starte d. Explanation T o enable a backup VLAN, MBSSID mode should be con figured . [...]
-
Page 514
C-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-2-UPLINK_FAILED: “Upl ink to parent failed: %s.” Explanation The connection to the parent access point f ailed for the di splayed reason. The uplink will stop its connection[...]
-
Page 515
C-13 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-MAXRETRIES: “Packet to client %e reached max retries, removing the client.” Explanation The maximum packet send retry limit has been reached and th e client is being re mov [...]
-
Page 516
C-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-RADIO_NO_FREQ: “Int erface &s, all frequencies have been blocked, interface not started.” Explanation The frequencies set for operatio n are in valid an d a channel sc[...]
-
Page 517
C-15 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-FLASHING_RADIO: “Interfa ce %s, flashing radio firmware (%s).” Explanation The indic ated interface radio has been stop ped to loa d the indicated new f irmware. Recommended[...]
-
Page 518
C-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-UPLINK_LINK_DOWN: “ Interface %s, parent lost: %s.” Explanation The connection to the parent access point on the indicated interf ace was lost for the reason indicated. Th[...]
-
Page 519
C-17 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-6-ANTENNA_GAIN: “Inte rface %s, antenna position/gain changed, adjusting transmitter power.” Explanation The antenna gain has changed so the list of allo wed power le vels mus[...]
-
Page 520
C-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-CKIP_MIC_FAILURE: “CKIP MIC failure was detect ed on a packet (Digest 0x%x) received from %e).” Explanation CKIP MIC failure was detected on a frame. A failure of the CKIP[...]
-
Page 521
C-19 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-TKIP_REPLAY: “TKIP TSC replay was detected on a packet (TSC 0x%ssx received from %e).” Explanation TKIP TSC re play was detected on a frame. A replay of the TKIP TSC in a re[...]
-
Page 522
C-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message SOAP_FIPS-2-INIT_FAILURE: “ SOAP FIPS initialization failure: %s.” Explanation SOAP FIPS i nitialization fa ilure. Recommended Action None. Error Message SOAP_FIPS-4-PROC_FAILURE:[...]
-
Page 523
C-21 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Inter-Access Point Protocol Messages Error Message DOT11-6-MCAST_DISCARD: “%s mode multicast packets are discarded in %s multicast mode.” Explanation The access point conf igured as a workgrou p bridge and drops i nfrastr[...]
-
Page 524
C-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Local Authenticator Messages Error Message RADSRV-4-NAS_KEYMIS: NAS sh ared key mismatch. Explanation The local RADIU S server recei ved an authen tication request but the message signature indicates that th e shared ke y t[...]
-
Page 525
C-23 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Local Authenticator Message s Error Message DPT1X-SHIM-4-PLUMB_KEY_ERR: “Unable to plumb keys - %s.” Explanation An unexpected error occu rred when the shim layer t ried to plumb the k eys. Recommended Action None. Error [...]
-
Page 526
C-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es WDS Messages WDS Messages Error Message WLCCP-WDS-6-REPEATER_STOP: WLCCP WDS on Repe ater unsupported, WDS is disabled. Explanation Repeater access points do not support WD S. Recommended Action None. Error Message WLCCP-WD[...]
-
Page 527
C-25 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages Mini IOS Messages Error Message WLCCP-NM-6-WNM_LINK_UP: Lin k to WNM is up Explanation The network manager is no w responding to k eep-acti ve messages. Recommended Action None. Error Message WLCCP-NM-6-RESET: Resetting WLCCP[...]
-
Page 528
C-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Access Point/Bridge Messages Access Point/Bridge Messages Error Message APBR-4-SEND_PCKT_FAILED: Failed to Send Packet on port ifDescr (error= errornum)errornum: status er ror number HASH(0x2096974) Explanation The access p[...]
-
Page 529
C-27 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages LWAPP Error Messages LWAPP Error Messages Error Message LWAPP-3-CDP: Failure sendin g CDP Update to Controller. Reason “s” Explanation Could not send access point CDP update to controller Recommended Action None. Error Me[...]
-
Page 530
C-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es Sensor Messages Sensor Messages Error Message SENSOR-3-TEMP_CRITICAL: Sys tem sensor “d” has exceeded CRITCAL temperature thresholds Explanation One of the measured en vironmental test poin ts exceeds the e xtreme thres[...]
-
Page 531
C-29 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages SNMP Error Messages Error Message SENSOR-3-VOLT_NORMAL: Syste m sensor “d”(“d”) is now operating under NORMAL voltage Explanation One of the measured en vironmental test points is u nder normal operating voltage. Reco[...]
-
Page 532
C-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es SSH Error Mess ages Error Message SNMP-4-NOENGINEIDV6: Remote snmpEngineID f or Unrecognized format ‘ %P’ not found when creating user: “s” Explanation An attempt to create a user failed.This is lik ely because the [...]
-
Page 533
C-31 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Appendix C Error and Event Messages SSH Error Messages Error Message SSH-5-SSH_CLOSE: SSH Sessio n from “%s”(tty = “%d”) for user ’”%s”’ using crypto cipher ’”%s”’ closed Explanation The SSH Session closure information Recommended Action[...]
-
Page 534
C-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Appendix C Error and Event Messag es SSH Error Mess ages[...]
-
Page 535
GL-1 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 GLOSSARY 802.11 The IEEE standard that specifies carrier sense media access control and physical layer specif ications for 1- and 2- megabi t-per -second (Mbps) wireless LANs operating in the 2. 4-GHz band. 802.11a The IEEE standard that specifies carrier sense[...]
-
Page 536
Glossary GL-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 beacon A wireless LAN pa cket that signals the a v ailability and presence of the wireless de vice. Beacon packets are sent by access points and base stations; howe ver , client radio ca rds send beaco ns when op erating in computer to computer (Ad Ho[...]
-
Page 537
Glossar y GL-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 dipole A ty pe of low-gain (2.2-dBi ) antenna consisting of tw o (often internal) elements. domain n ame The text name that refers to a groupi ng of networks or network resources based on org anization-type or geography; for e xample: name.com—comme[...]
-
Page 538
Glossary GL-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 IP subnet mask The number used to identi fy the IP subnetwork, i ndicating whether the IP address can be recognized on the LAN or if it must be reached through a gate way . This number is expressed in a f orm similar to an IP address; for example: 255[...]
-
Page 539
Glossar y GL-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 roaming A feature of some Access Points that a llows users to mo ve through a f acility while maintaining an unbrok en connection t o the LAN. RP-TNC A connector type unique to Cisco Aironet rad ios and antennas. P art 15.203 of the FCC rules co veri [...]
-
Page 540
Glossary GL-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 W WDS W ireless Domain Services (WDS). An access point providing WDS on your wireless LAN maintains a cache of credenti als for CCKM-capable client de vices on your wireless LAN. When a CCKM- capable client roam s from one a ccess point to another , t[...]