CiscoメーカーAironet 2700iの使用説明書/サービス説明書
ページ先へ移動 of 511
Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco we bsite at www.cisco.com/go/ offices. Cisco IOS Conf iguration Guide for A utonomous Cisco Air onet A ccess P oints Cisco IOS Release 15 .
THE SPECIFICATION S AND INFORMAT ION REGARDING THE PRODUCTS IN THIS MA NUAL ARE SUBJ ECT TO CHANGE WITHOUT NOT ICE. ALL STATEMENTS , INFORMATION , AND RECOMMEN DATIONS I N THIS MANUA L ARE BELIEVE D TO BE ACCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED.
1 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 CONTENTS 1 Preface xix Audience i-xix Purpose i-xix Configuration Procedures and Examples i-xx Organization i-xx C.
Contents 2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Using the Management Pages in the Web-Browser Interfac e 2-2 Using Action Buttons 2-3 Character Restrict.
Contents 3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Connecting to the 155 0 Series Access Point Locally 4-5 Default Radio Settings 4-6 Assigning Basic Settin.
Contents 4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Prepare a Configuration Information File 4-34 Enable environmental variab les 4-35 Schedule the Configur.
Contents 5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Monitoring and Maintaining the DHCP Server Access Point 5-26 Show Commands 5-26 Clear Commands 5-26 Debug.
Contents 6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Configuring Dual-Radio Fallback 6-7 Radio Tracking 6-8 Fast Ethernet Tracking 6-8 MAC-Address Tracking 6.
Contents 7 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 802.11r Config uration 6-39 CHAPTER 7 Configuring Mu ltiple SSIDs 7-1 Understanding Multiple SSIDs 7-2 Co.
Contents 8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Non-Root Bridge Without VLANs 8-11 Root Bridge with VLANs 8-12 Non-Root Bridge with VLANs 8-14 Displayin.
Contents 9 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Combining MAC-Based, EAP, and Open Authentication 11-6 Using CCKM for Authenticated Clients 11-6 Using WP.
Contents 10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Configuring Access Points to Support Fa st Secure Roaming 12-18 CLI Configuration Example 12 -20 Support for 802.
Contents 11 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 TACACS+ Operation 13-24 Configuring TACACS+ 13-24 Default TAC ACS+ Config uration 13-25 Identifying the .
Contents 12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Optimized Voice Settings 15 -14 CHAPTER 16 Configuring Filters 16-1 Understanding F ilters 16-2 Configu.
Contents 13 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Enabling the SNMP Agent 18-6 Configuring Community Strings 18-6 Specifying SNMP-Server Group Names 18-8 .
Contents 14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 CHAPTER 20 Managing Firmware and Configurations 20-1 Working with the Flash File System 20-1 Displaying.
Contents 15 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 Copying Image Files by Using FTP 20-22 Preparing to Download or Upload an Image File by Using FTP 20 -23.
Contents 16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 CHAPTER 23 Troubleshooting 23-1 Checking the LED Indicators 23-2 Checking Power 23-2 Low Power Conditio.
Contents 17 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-29225-01 WDS Messages C-24 Mini IOS Messages C-25 Access Point/Bridge Messages C-26 Cisco Discovery Protocol Mess.
Contents 18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01.
-xix Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Preface Audience This guide i s for the ne tworking profe ssional who i nstalls an d manage s Cisco Aironet Access Point s in Autonomous mode.
-xx Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Configuration Procedur es and Examples P oints an d Bridges for this release. F or inform ation about the standard Ci sco IOS software commands, refer to the Cisco IOS software documentation set a v ailable from the Cisco.
-xxi Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Organization Chapter 9, “Configuring an Access Point as a Local Authenticator, ” describes how to conf igure the access point to act as a local RADIUS server for your wireless LAN.
-xxii Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Conventions Conventions This publica tion uses the se con ventions to co n v ey in structions an d informatio n: Command descriptions use these co n v entions: • Commands and ke yword s are in boldface text .
-xxiii Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Obtaining Do cumentation, Obta ining Support, and Security Guidelines Obtaining Documentation, Obtaining Sup.
-xxiv Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Obtaining Documentation, Obtaining Support, and Security G uidelines.
CH A P T E R 1-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 1 Overview of Access Point Features Cisco Aironet Access Poin ts (herea fter called ac cess points.
1-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 1 Overvi ew of Acce ss Point Feature s New Features and Platforms in this Release New Features and Plat.
1-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 1 Overview of Access Point Features New Features and Platforms in this Release – Non Root Bridge – .
1-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 1 Overvi ew of Acce ss Point Feature s New Features and Platforms in this Release Automatic Configuring.
1-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 1 Overview of Access Point Features Management Options Management Options Y ou can use the wireless de .
1-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 1 Overvi ew of Acce ss Point Feature s Network Config uration Exam ples Figur e 1 -1 Access P oints as .
1-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 1 Overview of Access Point Features Network Configuration Examp les Bridges Access points can be conf igured as root or non-root bridges. In th is role, an acc ess point esta blishes a wireless link with a non-root brid ge.
1-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 1 Overvi ew of Acce ss Point Feature s Network Config uration Exam ples you can connect th e printers to a h ub or to a switch, conn ect the hub o r switch to the access point Ethernet port, and configure the access point as a workgroup bridge.
CH A P T E R 2-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 2 Using the Web-Browser Interface This chapter describes the web-brow ser interface that you can use to conf igure the wireless de vice.
2-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 2 Using th e Web-Browser Interface Using the Web-Browser Inte rf ace for the First Time Using the Web-Browser Interface for the First Time Use the wireless device IP address to br owse to the management system.
.
2-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 2 Using th e Web-Browser Interface Using the Management Pages in the Web-Browser Interface Character Restrictions in Entry Fields Y ou canno t use the fo llowing characte rs in the entry fi elds on the web-bro wser interf ace.
2-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 2 Using the W eb-Browser Interface Enabling HTTPS for Secure Browsing Enabling HTTPS for Secure Browsing Y ou can protect the communicatio n with the access point web-b row ser interf ace by enabling HTTPS.
2-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 2 Using th e Web-Browser Interface Enabling HTTPS for Sec ure Browsing Step 12 In the Domain Name field, enter a domain name, and then click Appl y . Note Enabling HTTPS automatically disables HTTP .
2-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 2 Using the W eb-Browser Interface Using Online User Guides AP(config)# end In this example, the access point system name is ap3600 , the domain name is company .
2-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 2 Using th e Web-Browser Interface Disabling the Web-Brow ser Interface ap(config)# ip http server.
CH A P T E R 3-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 3 Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) that you can use to configure the wireless de vice.
3-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 3 Using the Comman d-Line Interface Cisco IOS Command Mode s Cisco IOS Command Modes The Cisco IOS user interface is di vided i nto many dif ferent modes.
3-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 3 Using th e Co mmand-Line Interface Getting Help Getting Help Y ou can enter a ques tion mark (?) at the system prompt to display a list of commands a v ailable for each command mo de.
3-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 3 Using the Comman d-Line Interface Using the no and Default Forms of Com mands Using the no and Default Forms of Commands Most confi guration command s also ha ve a no form.
3-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 3 Using th e Co mmand-Line Interface Using Comman d History Changing the Command History Buffer Size By default, the wi reless de vice records ten command lines in i ts history b uf fer .
3-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 3 Using the Comman d-Line Interface Using Editing Features Using Editing Features This section descri bes the editing features that can help you manipu late the command line.
3-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 3 Using th e Co mmand-Line Interface Using Editing Features Editing Command Lines that Wrap Y ou can use a wraparound featu re for commands that e xtend be yond a single line on the screen .
3-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 3 Using the Comman d-Line Interface Searching and Filteri ng Output of show and more Commands In this e xample, the access-list global co nfigu ration command entry e xtends be yond one line.
3-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 3 Using th e Co mmand-Line Interface Accessing the CLI Accessing the CLI Y ou can open th e wireless device CLI using T elne t or Secure Shell (SSH). Opening the CLI with Telnet Follo w these steps to op en the CLI with T elnet.
3-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 3 Using the Comman d-Line Interface Accessing the CLI.
CH A P T E R 4-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 4 Configuring the Access Point for the First Time This chapter describe s how to configure basic settin gs on the wireless de vice for the f irst time.
4-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Before You Start • The case-sensitiv e wireless se.
4-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Logging into the Access Point Step 6 Click System Conf iguration and the System Conf iguration screen appears.
4-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Obtaining and Assign ing an IP Address • graphica .
4-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Connecting to the 1040, 1140, 1240, 1250, 1260, and .
4-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Default Radio Settings Note Y ou do not need a special crosso ver ca ble to connec t your PC to the po wer injector; yo u can use either a straight-through cable or a crossov er cable.
4-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s Step 2 Ente r the wireless device IP address in the bro wser address line and press Enter .
4-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings • IPv6 Address —En ter the IPv6 address • Username —Enter the username r equired to access the netw ork.
4-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s ciphers tkip, open authentication + EAP , n etwork EAP authenti cation, ke y management WP A mandatory , and RADIUS server authentication port 1645.
4-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings • Channel —The default.
4-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s Understanding the Security Settings Y ou can conf igure basic securi ty settings in the Easy Setup > Radio Conf iguration section.
4-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings Using VLANs If you use VLA.
4-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Assigning Basic Setting s EAP Authentication This option en ables 802.1X authentication (such as LEA P , PEAP , EAP-TLS, EAP-F AST , EAP-TTLS, EAP-GTC, EAP-SIM, and other 802.
4-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Assigning Basic Settings Limitations of Security Settings The security settings i n the Easy Setup Radio Conf iguration section are designed for simple confi guration of basic security .
4-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time CLI Configuration Examples CLI Configuration Examples The examples in this section sho w the CLI commands that are equi v alent to creating SSIDs using each security type.
4-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time CLI Configuration Examples no bridge-group 1 unicast-flooding ! Example: Static WEP for Radio 2.
4-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time CLI Configuration Examples no ip route-cache bridge.
4-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time CLI Configuration Examples ! antenna gain 0 station.
4-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time CLI Configuration Examples ipv6 address autoconfig ipv6 enable ! ip forward-protocol nd ip http server no ip http secure-server ip http help-path http://www.
4-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time CLI Configuration Examples ! antenna gain 0 station.
4-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Configuring System Power Settings Access Points ipv6 address autoconfig ipv6 enable ! ip forward-protocol nd ip http server no ip http secure-server ip http help-path http://www.
4-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Support for 802.11n Performance on 1250 Series Access Points with Standard 802.3af PoE Using a Switch That D oes Not Support IEEE 80 2.
4-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Support for 802.11ac 1. Maximum transmit power will vary by channel and accordin g to individual country regulations.
4-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Support for 802.11ac Of f channel scanning or transmissions ar e not suppor ted. The 802.11 ac radio depend s on 802.
4-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Assigning an IP Address Using th e CLI 802.11n and 802.11ac u se the po wer le ve ls config ured on 802.
4-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring the 802.
4-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Configuring the 802.1X Supplicant ap1240AG> enable Password: xxxxxxx ap1240AG# config terminal Enter configuration commands, one per line.
4-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 The follo wing example applys the credentials profile test to the ssid testap1 on a repeater access point.
4-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 Link-Local Addressses are auto matically configured on inte rf ace using link-local pref ix FE80::/10 (1111 111 0 10).
4-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 Beginni ng in pri vileged EXEC mod.
4-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 Command Purpose ipv6 nd ? Config ures neighbor disco ve ry protocol. ipv6 nd ns-interval va lue This command is a v ailable only on bridg e group virtual interf ace (BVI).
4-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Configuring IPv6 Configuring IPv6 Access Lists IPv6 access lists (ACL) are used to fi lter traf f ic and restrict ac cess to th e router .
4-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Configuring IPv6 IPv6 WDS AP registration The first acti ve IPv6 address is used to register the WDS. Ta b l e 4 - 8 sho ws dif ferent scenarios in the IPv6 WDS AP regi stration process.
4-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Automatic Configuring of the Access Point RA filtering RA filterin g increases the security of the IPv6 network by dropping RAs coming from wireless clients.
4-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Automatic Configuring of the Access Poin t </l2tp_cfg> The xml tags used in the conf iguration i nformation f ile are described belo w .
4-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Automatic Configuring of the Access Point Step 2 Y .
4-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 4 Configuring th e Access Point for the First Time Automatic Configuring of the Access Poin t Debuggin.
4-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 4 Configuring the Access Point fo r the First Time Automatic Configuring of the Access Point.
CH A P T E R 5-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 5 Administrating the Access Point This chapter describes ho w to administrate th e wireless de vice.
5-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Disabling the Mode Button Disabling the Mode Button Y ou can disable the mode bu tton on access points ha ving a console port by using the global conf iguration [no] boot mode-button co mmand.
5-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Preventing Unauthorized Acc ess to Your Access Po int Preventing Unau.
5-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Protecting Ac cess to Pr ivileged EXEC Commands Default Password and Privilege Level Configuration Ta b l e 5 - 1 show s the default passw ord and pri vile ge le v el conf iguration.
5-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Protecting A ccess to Privile ged EXEC Commands This example sho ws how to ch ange the enable password to l1u2c3k4y5 .
5-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Protecting Ac cess to Pr ivileged EXEC Commands Protecting Enable an.
5-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Protecting A ccess to Privile ged EXEC Commands If both the enable and enable secret passwords are defined, users must enter the enable secret password.
5-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Protecting Ac cess to Pr ivileged EXEC Commands T o disable username authenticatio n for a specific user , use the no username na me global configuratio n command.
5-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Protecting A ccess to Privile ged EXEC Commands Setting the Privilege.
5-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Configuring Easy Setup Configuring Easy Setup Y ou can no w conf igure a network and radio in a single screen using the Easy Set up.
5-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Configuring Spectrum Expert Mode – Spectrum—See Conf iguring Spectrum Expert Mode .
5-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Controlling Access Point Access with RADIUS Your current security s ettings put c omputer at risk .
5-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Controlling Access Point Access with RADIUS authentication method or until all def ined methods are exhausted.
5-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Controlling Access Point Access with RADIUS Defining AAA Server Groups Y ou can conf igure the wireless de vice to use AAA server groups to group e xisting serv er hosts for authentication.
5-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Controlling Access Point Access with RADIUS Step 3 radius-server hos.
5-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Controlling Access Point Access with RADIUS T o remov e the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess global confi guration command.
5-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Controlling Access Poin t Access with TACACS+ T o disable authorization, use the no aaa author ization { network | exec } method1 global configuration command.
5-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Controlling Access Point Access with TACACS+ authentication met hods are performed. The onl y exceptio n is the default met hod list (which, b y coincidence, is named default ).
5-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Controlling Access Poin t Access with TACACS+ T o disable AAA , use the no aaa new-model global confi guration command.
5-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Configuring Ethernet Sp eed and Dupl ex Settings Configuring Ethernet Speed and Duplex Settings Y ou can assign the wir eless de vice Ethernet port speed and duple x settings.
5-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Configu ring the A ccess Poin t for L oca l Authentica tion and Auth.
5-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Configuring the Authen tication Cache and Profile T o disable AAA , use the no aaa new-model global conf iguration command.
5-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Configuring the Auth enti cation Cache and Profile ! aaa group server tacacs+ tac_admin server 192.
5-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Configuring the Access Poin t to Provide DHCP Service ! ip http server ip http authentication aaa no ip http secure-server ip http help-path http://www.
5-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Configuring the Access Point to Pr ovide DHCP Service http://www .cisco.com/uni vercd/cc/ td/doc/product/so f tware/ios12 2/122cgcr/f ipr_c/ip cprt1/1cfdhcp.
5-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Configuring the Access Poin t to Provide DHCP Service AP(dhcp-confi.
5-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Configuring the Ac cess Point for Secure Shell Debug Command T o ena.
5-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Configuring Client ARP Caching Support for Secure Copy Protocol The Secure Copy Protocol (SCP) supports file transf ers between hosts on a network using Secure Shell (SSH) for security .
5-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Managing the System Time and Date Optional ARP Caching When a non-Cisco client de vice is associated to an access point and is not passing data, the wireless device might not know the client IP address.
5-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Managing the System Time and Date Understanding Simple Network Time Protocol Simple Network T ime Protocol (SNTP) is a simplif ied, client-only v ersion of NTP .
5-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Managing the System Time and Date • Config uring the T ime Zone, p.
5-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Managing the System Time and Date Beginning in privileged EXEC mode, follow these steps to set th e system clock: This exampl e sho ws ho w to manually set the system cl ock to 1:32 p.
5-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Managing the System Time and Date The minutes-offset variable in the clock timezone global conf iguration command is a v ailable for those cases where a local time zone is a percentage of an hour dif ferent from UTC.
5-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Managing the System Time and Date The first part of the clock summer -time global conf iguration command specif ies when summer time begins, and t he second part specif ies when it ends.
5-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Defining H TTP Access Defining HTTP Access By default, 80 is used fo r HTTP access, and port 443 is used for HTTPS access.
5-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Configuring a System N ame and Prompt Configuring a System Name Beg.
5-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Configuring a System Name and Prompt Default DNS Configuration Ta b l e 5 - 5 show s the default DN S conf iguration.
5-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Creating a Banne r default domain name is the v alue set by the ip domain -name global configuration command. If there is a period (.
5-39 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Creating a Banner Beginni ng in pri vile ged EXEC mode, follo w these steps to conf igure a MO TD login b anner: T o delete the MO TD banner , use the no banner motd global conf igurati on command.
5-40 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Creating a Banne r Configuring a Login Banner Y ou can conf igure a logi n banner to appear on al l c onnected terminals.
5-41 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 5 Administrating the Access Point Upgrading Autonomous Cisc o Aironet Access Points to Lightweig ht Mo.
5-42 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 5 Administrating th e Access Point Upgrading Autonomous Cisco Aironet Access Points to Lightweight Mod.
CH A P T E R 6-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 6 Configuring Radio Settings This chapter describes h ow to config ure radio settings for the wireless device.
6-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Enabling the Radio Interface Enabling the Radio Interface The wireless de vice radios are disabled by def ault. Note Beginni ng with Cisco IOS Release 12.
6-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Configuring the Role in Radio Network Ta b l e 6 - 1 show s the role in the radio netwo rk for each de vice.
6-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring the Role in Radio Network Y ou can conf igure the role of an access point or bridge in a radio netw ork. Y ou can also conf igure a fallback role for root access points.
6-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Step 3 station-role non-root {bri.
6-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring the Role in Radio Network Note When you enable the role in the.
6-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring the Ro le in Radio Netw ork Note In point-to-mul tipoint bridgin g, WGB is not recommended w ith the root bri dge.
6-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring the Role in Radio Network Radio Tracking Y ou can conf igure the access point to track or monitor the status of one of its radios.
6-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuri ng Radio Data Rates Configuring Radio Data Rates Y ou use the data rate settings to choose the data ra tes the wireless device uses for data transmi ssion.
6-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring Radio Data Rates Since multicast frames are no t retransmitted at the MA C layer , stations at the edge of the cell may f ail to recei ve t hem successfully .
6-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuri ng Radio Data Rates Step 3 speed 802.11g, 2.4-GHz radio: {[ 1.0 ] [ 2.0 ] [ 5.5 ] [ 6.0 ] [ 9.0 ] [ 11.0 ] [ 12.0 ] [ 18.
6-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring MCS Rates Use the no form of the speed command to remov e one or more data rates from the conf iguration. This example sho ws how to remo ve data rates basic-2.
6-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring Radi o Transmit Power Enabling 11ac MCS rates MCS rates are configured using the speed command. T o enable 11ac rates, it is mandatory to ha v e at least one basic rate and one 11n rate enabled.
6-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring Radio Transmit Powe r Beginni ng in priv ileged EXEC mode, fo.
6-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s Limiting the Power Level for Associated Client Devices Y ou can also limit the po wer le vel on client de vices that associate to the wirel ess de vice.
6-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Note In places where RF interfe rence.
6-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s Dynamic Frequency Selection Access p.
6-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings The full list of channels that r equire DFS is sho wn in Ta b l e 6 - 3 . For autonomou s operation, DFS requires random channel selecti on among the channels listed in Ta b l e 6 - 3 .
6-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s Note W e recommend that you use the world-mode dot 11d co untry-code conf iguration interf ace command to configure a country code on DFS- enabled radios.
6-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring Radi o Channel Settings Listen Frequencies: 5180( 36) 5200( 4.
6-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring Radio Channel Setting s Blocking Channels from DFS Selection.
6-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Enabling and Disabling World Mode Enabling and Disabling World Mode Y ou can conf igure the wireless d e vice to support 802.
6-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Disabling and Enabling Short Rad io Preambles Disabling and Enabling Short Radio Preambles The radio preamble is a section of data at the h ead of a frame that helps the APs and clients to synchronize their co mmunication.
6-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring Transmit and Receive Antenna s • Left—If the wireless de .
6-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Enabling and Disab ling Gratuitous Probe Response Enabling and Disabling.
6-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring the Ethern et Encapsulation Transfo rmation Method • Cisco K ey Inte grity Protocol (CKIP)—Cisco's WE P ke y permutation t echnique based on an early algorithm presented by the IEEE 802.
6-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Enabling and Disabling Re liable Multicast to Workg roup Bridges Beginni.
6-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Enabling and Disabling Reliable Multicast to Workgro up Bridges Beginni n.
6-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Enabling and Disabling Pu bl ic Secure Packet Forwa rding Enabling and D.
6-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Enabling and Disabling Public Secure Pa cket Forwarding Configuring Prote.
6-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring the Beacon Period an d the DTIM Configuring the Beacon Period and the DTIM The beacon period is the amount of time between acc ess po int beacons in Kilomicroseconds.
6-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring the Maximum Data Packe t Retries Use the no form of the command to reset the R TS settings to defaul ts.
6-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring the Fragmen tation Threshold Configuring the Fragmentation Threshold The fragmentation thresh old determin es the size at which packets are fra gmented (sent as se v eral pieces instead of as one block).
6-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Performing a Ca rrier Busy Test Performing a Carrier Busy Test Y ou can perform a carrier busy test to check the radi o activity on wireless channels.
6-35 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring VoIP Packet H andling The Stream page appears.
6-36 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Configuring VoIP Packet Hand ling In the pre vious command: • Number 1.
6-37 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs Configuring ClientLink ap(config-if)#packet max-retries 3 0 fail-thresho.
6-38 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings Debugging Radi o Functions Note ClientLink is not supported on the 1040, 7 02 series access points.
6-39 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 6 Configuring Radio Settin gs 802.11r Configuration This exampl e sho ws ho w to be gin deb ugging of .
6-40 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 6 Configuring Radio Settings 802.11r Configuration.
CH A P T E R 7-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 7 Configuring Multiple SSIDs This chapter describe s how to configure and manage multiple Service Set Identif iers (SSIDs) on th e access point.
7-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 7 Config uring Multi ple SSIDs Understanding Multiple SSIDs Understanding Multiple SSIDs The SSID is an ASCII string that wireless networki ng devices use to estab lish and main tain wireless connectivity .
7-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple SSIDs Configuring Multiple SSIDs These sections conta.
7-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple SSIDs Note Y ou use the ssid command authenticatio n options to configure an authen tication type for each SSID.
7-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple SSIDs Note When you enable guest SSID mode for the 802 .11g radio it applies to t he 802.11b radio as well since 802.
7-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 7 Config uring Multi ple SSIDs Configuring Multiple Basic SSIDs (attrib ute 26). V endor -specif ic attrib utes (VSAs) allo w v endors to support their o wn e xtended attrib utes not suitable for general use.
7-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 7 Configuring Multiple SSIDs Configuring Multiple Basic SSIDs • Any W i-Fi certif ied client device can associat e to an access point using multiple BSSI Ds.
7-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 7 Config uring Multi ple SSIDs Assigning IP Redirection for an SSID When client de vices r eceiv e a beacon that contains a DTIM, the y normally w ake up to check for pending packets.
7-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 7 Configuring Multiple SSIDs Assigning IP Redirection for an SSID Y ou can redirect all packets from client devices associat ed using an SSID or redirect only packets directed to specific TCP or UD P ports (as defined in an access control list).
7-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 7 Config uring Multi ple SSIDs Including SSIDL IE in an SSID Beacon Configuring IP Redirection Beginni.
7-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 7 Configuring Multiple SSIDs NAC Support for MBSSID Beginning in pri vile ged EXEC mode, follo w these steps to include an SSIDL IE in an SSID beacon: Use the no form of the command to disable SSIDL IEs.
7-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID When an infected client associates with an access point and sends it s state to the RADIUS server , the RADIUS server puts it i nto one of the quarantine V LAN s based on its health.
7-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 7 Configuring Multiple SSIDs NAC Support for MBSSID Configuring NAC for MBSSID Note This feature supports on ly Layer 2 mobility with in VLANs. Layer 3 mobility using netw ork ID is not supported in this feature.
7-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 7 Config uring Multi ple SSIDs NAC Support for MBSSID authentication open authentication network-eap e.
CH A P T E R 8-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 8 Configuring Spanning Tree Protocol This chapter descibes ho w to configure Spanning T r ee Protocol (STP) on your acce ss point/bridge.
8-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol Understanding Spanning Tree Protocol This section describes ho w spanning-tree features work.
8-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol The access point/bridge maintain s a separate spanning -tree instance for each ac tiv e VLAN co nf igured on it.
8-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol • Interfaces incl uded in the spanning -tree instance are selected. Root ports and desi gnated ports ar e put in the forwarding state.
8-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol Creating the Spanning-Tree T.
8-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Understanding Spannin g Tree Protocol • From blocking to listen.
8-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 8 Configuring Spannin g Tree Protocol Understanding Spanning Tree Protocol • Discards frames re ceiv .
8-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features • Does not receiv e BPDUs Configuring STP Features Y ou comp lete three m ajor steps t o co nfigure STP on the acce ss point/bridge: 1.
8-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features Configuring STP Settings Beginni ng in p.
8-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features STP Configuration Examples These config.
8-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features interface GigabitEthernet0 no ip addres.
8-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features antenna gain 0 peakdetect stbc station-.
8-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio0.
8-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Configuring STP Features no ip route-cache duplex auto speed auto ! interface GigabitEthernet0.
8-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 8 Configuring Spannin g Tree Protocol Configuring STP Features no ip address no ip route-cache ! ssid vlan1 ! antenna gain 0 stbc station-role non-root ! interface Dot11Radio0.
8-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 8 Configur ing Spanning Tree Protocol Displaying Spanning-T ree Status encapsulation dot1Q 3 no ip rou.
CH A P T E R 9-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 9 Configuring an Access Point as a Local Authenticator This chapter describes ho w to conf igure t.
9-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Understanding Local Authentication Understanding Local Authentication Many smal l wireless LANs that could be made more secure w ith 802.
9-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Guidelines .
9-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r Step 3 radius-server local Enable the access point as a local authenticator and enter conf iguration mode for the auth enticator .
9-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator This exampl.
9-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r AP(config-r.
9-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator Each time t.
9-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r In this exa.
9-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 9 Configuring an Acce ss Point as a Local Auth enticator Configuring a Local Au thenticator If your loc.
9-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 9 Co nfiguring an Ac cess Point as a Local Authenticator Configuring a Local Authenticato r The first sectio n of statistics lists cumulati v e statistics from t he local authenticator .
CH A P T E R 10-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 10 Configuring WLAN Authentication and Encryption This chapter descr ibes how to co nf igure auth entication an d encryptio n schemes to protect your WLANs.
10-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 10 Configuring WL AN Authentication and Encryption Understanding Authe ntication and Encryption Mechan.
10-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 10 Configuring WLAN Authe ntication and Encryptio n Understanding Auth entication and Encryption Mechanisms will change to WEP if a WEP cl ient joins the cell).
10-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 10 Configuring WL AN Authentication and Encryption Understanding Authe ntication and Encryption Mechan.
10-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 10 Configuring WLAN Authe ntication and Encryptio n Understanding Auth entication and Encryption Mecha.
10-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 10 Configuring WL AN Authentication and Encryption Understanding Encr yption Modes Understanding Encry.
10-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 10 Configuring WLAN Authe ntication and Encryptio n Configuring Encryption Modes • WEP (W ired Equi valent Pri v acy)—WEP is an 802.
10-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 10 Configuring WL AN Authentication and Encryption Configuring Encryp tion Modes Creating Static WEP Keys Note Y ou need to configure static WEP keys only if your access point needs to support client de vices that use static WEP .
10-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 10 Configuring WLAN Authe ntication and Encryptio n Configuring Encryption Modes This example sh ow s .
10-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 10 Configuring WL AN Authentication and Encryption Configuring Encryp tion Modes Because the access point’ s WEP ke y 1 is selected as the transmit ke y , WEP ke y 1 on the other de vice must ha ve t he same contents.
10-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 10 Configuring WLAN Authe ntication and Encryptio n Configuring Encryption Modes Use the no form of the encryption command to disable a cipher suite.
10-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 10 Configuring WL AN Authentication and Encryption Configuring Encryp tion Modes Note If using WP A and CCKM as ke y ma nagement, only tk ip and aes ciphers are supported .
10-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 10 Configuring WLAN Authe ntication and Encryptio n Configuring Encryption Modes Enabling and Disabling Broadcast Key Rotation Broadcast key rotation is disabled by def ault.
10-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 10 Configuring WL AN Authentication and Encryption Configuring Encryp tion Modes Use the no form of the encryption command to disable b roadcast key rotation.
CH A P T E R 11-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 11 Configuring Authentication Types This chapter describes how to conf igure authenticati on types on the access point.
11-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Understanding Authentication Types This section describes in detail the authentication types that you can configure on the access point.
11-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types In a scenario where you use Open authentication and WEP encryption, authentication will be successful e ven if the client and the AP WEP are mismatched.
11-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types EAP Authentication to the Network This authentication t ype provides t he highest le vel o f security for your wireless network.
11-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types When mutual auth entication is.
11-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Figur e 1 1 -4 Sequence for M.
11-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Understanding Authentication Types Figure 11-5 sho ws the reassociation process using CCKM.
11-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Understanding Authe ntication Types Note Unicast and multicast cipher suites adv ertised in WP A information element (and negotiated during 802.
11-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Configuring Authentication Types This section descri bes ho w to conf igure authen ticat ion types.
11-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Step 3 authentication open [ mac-address list-name [ al ternate ]] [[ optional ] eap list-name ] (Optional) Set the authenticati on type to open for this SSID.
11-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Step 5 authentication network-eap list-name [ mac-address list-name ] (Optional) set the authenticati on type for the SSID t o Network-EAP .
11-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Step 6 authentication key-management {[ wpa [version versionnum ber ]] | [ cc km ] } [ optional ] (Optional) Set the authenticati on type for the SSID to WP A, CCKM, or both .
11-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Use the no form of the SSID commands to disable th e SSID or to disable SSID features.
11-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Configuring Additional WPA Settings Use two opti onal settings to conf ig ure a pre-shared ke y on the access point and adjust the frequenc y of group k ey upd ates.
11-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types This exampl e sho ws ho w to .
11-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types This exampl e sho ws how to en.
11-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Use the no form of these commands to reset the v alues to def ault settings. Creating and Applying EAP Method Pr ofiles for the 802.
11-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Configuring Authen tication Types Creating an EAP Method Profile.
11-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Configuring Authen tica tion Types Command Purpose Step 1 configur e terminal Enter the global co nfiguration m ode.
11-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Matching Access Point and Client Device Au thentication Types Ap.
11-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Matching Access Point and Client Device Authentication Type s T .
11-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Matching Access Point and Client Device Au thentication Types 802.1X authen tication and CCKM Enable LEAP Select a ciph er suite and enable Open with EAP and/o r Network EAP , and CCKM for the SSID.
11-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Guest Access Management Guest Access Management Guest Access allows a guest to gain access to the Internet, and the guest’ s own enterpr ise without compromising the security of the host enterprise.
11-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement – ap(config-ssid)# authentication ope.
11-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Guest Access Management Step 4 T o let the system automatically generate a r andom string as a password , check the Generate Passw ord check box.
11-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement Step 4 Save the customized pages to the web server . Step 5 In the access point GUI, browse to the Management > Guest Management Services page.
11-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 11 Configuring Authen tication Types Guest Access Management Note In the pre vious commands acl-in and acl-out are the names of the Acces s-list.
11-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 11 Configurin g Authentication Types Guest Access Man agement.
CH A P T E R 12-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 12 Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Servi.
12-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Unders.
12-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services.
12-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Unders.
12-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services.
12-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Config.
12-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Figure 12-3 sho ws the required conf iguration for each de vice that pa rticipates in WDS.
12-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring WDS Figure 12-4 General Setup Hostname ap pa ge Step 3 Check the Use this AP as W ireless Domain Services check box.
12-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 12 Configure the list of servers to be use d for 802.
12-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
12-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 5 In the Password field, enter a password for the access point, and enter the password again in the Confirm Passwo rd f ield.
12-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
12-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring WDS Step 6 Check the A uthentication Settings check box.
12-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
12-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Service.
12-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
12-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Service.
12-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
12-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Service.
12-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
12-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Management Frame Protection Step 7 Click Appl y .
12-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Management Frame Pro tection associated). Client MFP lev erages the security me chanisms def ined by IEEE 802.
12-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Service.
12-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Configuring Management Frame Pro tection Protection of Management Frames with 802.
12-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Services Configuring Radio Mana gement These commands are optional.
12-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
12-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 12 Configuring WDS, Fast Secure Roaming, Radio Management, an d Wireless Intrusion Dete ction Service.
12-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 12 Configuring WD S, Fast Secure Roam ing, Radio Management, and Wi reless Intrusio n Detection Confi.
CH A P T E R 13-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 13 Configuring RADIUS and TACACS+ Servers This chapter describes ho w to enable and con figur e t.
13-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Understanding RADIUS RADIUS is a distributed client/server system th at secures networks against unauthorized access.
13-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Figur e 13-1 Sequence fo r EAP A uthentication As s h own i n Figure 13-1 , at the start, a wireless client device and a RADIUS server on the wired LAN use 802.
13-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Configuring RADIUS This section descri bes ho w to conf igure your access point to support RADIUS.
13-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Identifying the RADIUS Ser.
13-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Command Purpose Step 1 configur e terminal Enter global conf iguration mo de.
13-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T o remov e the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess global confi guration command.
13-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o disable AAA , use the no aaa new-model global conf iguration command.
13-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Defining AAA Server Groups Y ou can confi gure the access point to use AAA serv er groups to g roup existi ng server hosts for authentication.
13-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Step 3 radius-server host.
13-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T o remov e the specified RADIUS server , use the no radius-server host hostna me | ip-addr ess global confi guration command.
13-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Beginni ng in pri vileged.
13-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Note When WDS is configured, PoD requ ests should be directed to the WDS.
13-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o return to the d efault CSID format, use t he no form of the dot11 aa a csid command, or enter dot11 aaa csid default .
13-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Configuring Settings fo r.
13-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS This example sh ow s how .
13-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS For a complete list of RADIUS attribut es or more information about VSA 26, see t he RADIUS guides at the follo wing URL: http://www .
13-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS T o delete the v endor -proprietary RADIUS host, use the no radius-server host { hostnam e | ip-addr ess } non-standard global conf iguration command.
13-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS Beginning in pri vile ged.
13-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS RADIUS Attributes Sent by.
13-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enab ling RADIUS T a ble 13-4 Attr ibut es.
13-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling RADIUS Note By default, th e access point sends reauthenti cation requests to the aut hentication serv er with the service-type attrib ute set to authenticat e-only .
13-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ Configuring and Enabling .
13-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ TACACS+ Operation When an administrator attempts a simple ASCII login by authenticating to an access po int using T ACA CS+, this process occurs: 1.
13-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ This section contains thi.
13-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ T o remov e the specified T ACA CS+ server name or address, use the no tacacs -server host hostname global conf iguratio n command.
13-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ T o disable AAA , use the no aaa new-model global confi guration command.
13-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+ The aaa authoriza tion e.
13-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 13 Configuring RADIUS and TACACS+ Server s Configuring and Enabling TACACS+ T o disable accoun ting, use the no aaa accounting { network | exec } { start-stop } method 1.
13-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 13 Config uring RADIUS and TACACS+ Servers Configuring and Enab ling TACACS+.
CH A P T E R 14-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 14 Configuring VLANs This chapter describes how to configure your access point to operate with the VLANs set up on your wired LAN.
14-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 14 Configuring VLA Ns Understanding VLANs Understanding VLANs A VLAN is a switched network that is logically segmen ted, by functions, project teams, or applications rather than on a physical or geographical basis.
14-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 14 Configuring VLANs Understanding VLANs Figur e 14-1 LAN and VLAN Segmentation with Wire less Devices.
14-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 14 Configuring VLA Ns Configuring VLANs Y ou can assign more than one SSID to a given VLAN. Howe ver , a given SSID can be mapped to only one VLAN. Also, th e SSID to VLAN mappi ng must be unique pe r interface.
14-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 14 Configuring VLANs Configuri ng VLANs Configuring a VLAN Configuring your access point to sup port VLANs is a three-step process: 1. Enable the VLAN on the radio and Ethernet ports.
14-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 14 Configuring VLA Ns Configuring VLANs Step 2 - Creating an SSID and assigning it to a VLAN Beginni ng in pri vile ged EXEC mode, follo w these steps to assign an SSID to a VLAN.
14-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 14 Configuring VLANs Configuri ng VLANs • Assign an SSID to a VLAN • Assign an AES-CCMP encryption method t o a VLAN • Assign an SSID to a radio inte rface ap# configure terminal ap(config)# interface dot11Radio 0.
14-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 14 Configuring VLA Ns Configuring VLANs Use the no form of the command to remov e the name from the VLAN. Use the show dot11 vlan-name priv ileged EXEC command to list all the VLAN na me and ID pairs configured on the access point.
14-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 14 Configuring VLANs Configuri ng VLANs Other 0 995 0 packets, 0 bytes input 0 packets, 0 bytes output.
14-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 14 Configuring VLA Ns VLAN Configuration Ex ample VLAN Configuration Example This example sh ow s how to use VLANs to manage wireless de vices on a colle ge campus.
14-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 14 Configuring VLANs VLAN Configuration Example T able 14-2 sho ws the commands needed to config ure the three VLANs in this example. T able 14-3 sho ws the results of the con figur ation commands i n T able 14-2 .
14-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 14 Configuring VLA Ns VLAN Configuration Ex ample Notice that when yo u config ure a bridge group on .
CH A P T E R 15-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 15 Configuring QoS This chapter describes how to conf igure quality of se rvice (QoS) on your access point. W ith this feature, you can provide preferential treatment to certain traff i c at the expense of others.
15-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Understanding QoS for Wireless LANs T ypically .
15-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs Regardless of the client support (or lack of su.
15-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs 2.
15-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 15 Configuring QoS Understanding QoS for Wireless LANs The access point uses WMM enhancements in packets sent to client devices that support WMM. The access point applies basic Q oS policies to pack ets sent to clients that do not support WMM.
15-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Configuring QoS Step 3 Enter the values for the follo wing: • Client-Rssi—Minimum Recei v e Signal Strength Indicator (RSSI) requi red for the client to be eligible for band select.
15-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 15 Configuring QoS Configuri ng QoS • QoS does not create additional band width for your wireless LAN ; it helps control the allocat ion of bandwidth. If y ou ha ve plenty o f bandwidth on your wireless LAN, you mi ght not need to conf igure QoS.
15-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Configuring QoS Note Y ou can also select tw o preconf igured QoS polic ies: WMM and Spectralink. When you select either of these, a set of default classifications are automatically populated in the Classification fie l d .
15-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 15 Configuring QoS Configuri ng QoS • Assured Forw arding — Class 3 Medium • Assured Forw arding.
15-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Configuring QoS Step 16 Use the Apply Policies to Interface/VLANs drop-down lis ts to apply po licies to the access point Ethernet and radio ports.
15-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 15 Configuring QoS Configuri ng QoS IGMP Snooping When Internet Group Membership Prot ocol (IGMP ) sn.
15-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Configuring QoS Rate Limiting Rate limiting pro vides control o v er the data traf f ic transmitted or recei ved on an interf ace.
15-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 15 Configuring QoS Configuri ng QoS Figur e 15-4 Radio Access Categ or ies Pag e W irel ess clients u.
15-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Configuring QoS Optimized Voice Settings Using the Admi ssion Control check bo xes, you can cont rol client use of the acc ess categories.
15-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 15 Configuring QoS Configuri ng QoS Follo w these steps to enable admission control on an SSID: Step 1 Open the SSID Manager page. Step 2 Select an SSID.
15-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 15 Configuring QoS Configuring QoS – If Low Latency is selected, you can configure the amou nt of retries that the A P should u se before discarding the current pack et and sending the nex t one.
CH A P T E R 16-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 16 Configuring Filters This chapter describe s how to configure and manage MA C address, IP , and EtherT ype filters on the access point using the we b-bro wser interface.
16-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Understanding Filters Understanding Filters Protocol filters (IP protocol , IP port, and EtherT ype ) prev ent or allow the use of specific protocol s through the acc ess point’ s Ethernet and rad io ports.
16-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Configuring Filters Using the Web-Browser Interface This section descri bes ho w to conf igure and enab le f ilters using the web-bro wser interface.
16-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Follo w this lin k path to reach the Address Filters page: 1. Click Services in the page na vigat ion bar .
16-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Figur e 16-2 Apply Filters P ag e Step 12 Select the f ilter number from one of the MA C drop-down lists.
16-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface The follo wing example applies the MA C address access li st 701 created above to the Radio 0 interface, in the inbound direct ion.
16-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Step 3 Click Advanced Security to bro wse to the Adv anced Security: MA C Address Authentication page.
16-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Step 1 Crea ting a MA C address access-list using the command access -list number-700-799.
16-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Determining the source of M.
16-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Using the AP internal RA.
16-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface In the Corporate Servers secti on, you can add a ne w serv er for your AP .
16-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Creating a Time-Based ACL T ime-based A C Ls are A CLs that can be enabled or disabled for a specific period of time.
16-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface ACL Logging A CL logging i s not supported on the bridging interf aces of AP platforms.
16-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Creating an IP Filter Follo w these steps to create an IP f ilter: Step 1 Follow th e link path to the IP Filters page.
16-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Step 15 When the filter is comp lete, click A pply . The f ilter is sa v ed on the access point, b ut it is not en abled until you apply it on the Appl y Filters pa ge.
16-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface Figur e 16-8 EtherT ype Filt ers P ag e Follo w th is link path to reach the EtherT ype Filters page: 1.
16-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Browser Interface Step 8 Select Fo r w a r d A ll or Block All from the Defa ult Action menu.
16-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 16 Configuring Filters Configuring Filters Using the Web-Br owse r Interface.
CH A P T E R 17-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 17 Configuring CDP This chapter describes ho w to conf igure Cisco D iscov ery Protocol (CDP) on you r access point.
17-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 17 Configur ing CDP Understanding CDP Understanding CDP Cisco Discov ery Protoc ol (CDP) is a de vice-disco v ery pro tocol that runs on all Cisco networ k equipment.
17-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 17 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings.
17-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 17 Configur ing CDP Configuring CDP This e xample sho ws how to enable CD P .
17-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 17 Configuring CDP Monitori ng and Maintaining CDP Monitoring and Maintaining CDP T o monitor and mai ntain CDP on your de vice, perform o ne or more of these tasks, be ginning in pri vile ged EXEC mode.
17-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 17 Configur ing CDP Monitoring and Maintaining CDP Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; p.
17-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 17 Configuring CDP Enabling CDP Logging GigabitEthernet0/8 is up, line protocol is down Encapsulation .
17-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 17 Configur ing CDP Enabling CDP Logging.
CH A P T E R 18-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 18 Configuring SNMP This chapter describe s how to configure the Simple Network Managemen t Protocol (SNM P) on your access point.
18-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 18 Configu ring SNMP Understanding SNMP Understanding SNMP SNMP is an appli cation-layer protocol that p r ovides a message format for communication between SNMP manage rs and agents.
18-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 18 Configuring SNMP Understanding SNMP T able 18-1 lists the SNMP v ersions and security le vels supported on access points. SNMP Manager Functions The SNMP manager uses information in the MIB to perform the oper ations described in T able 18-2 .
18-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 18 Configu ring SNMP Understanding SNMP SNMP Agent Functions The SNMP agent responds to SNMP manager request s as follo ws: • Get a MIB variable—The SNM P agent b egins this func tion in r esponse to a request f rom the NMS.
18-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 18 Configuring SNMP Configuring SNMP Figur e 18-1 SNMP Networ k For information on supported MIBs and ho w to access them, see Appendix B, “Supported MIBs.
18-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 18 Configu ring SNMP Configuring SNMP Enabling the SNMP Agent No specif ic CLI command exists to enable SNMP . The f irst snmp-server glo bal conf iguration command that you enter enab les the supported v ersions of SNMP .
18-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 18 Configuring SNMP Configuring SNMP Beginni ng in pri vile ged EXEC mode, follo w these steps t o config ure a community string on th e access point: Command Purpose Step 1 configur e terminal Enter global co nfiguration mode.
18-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 18 Configu ring SNMP Configuring SNMP T o disable access fo r an SNMP community , set the community st ring for that commun ity to the null string (do not enter a v alue for th e community string).
18-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 18 Configuring SNMP Configuring SNMP Access points running this Cisco IOS release can have an unli mited number of trap managers. Community strings can be an y length.
18-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 18 Configu ring SNMP Configuring SNMP T o remove the specified host from re ceiving traps, use th e no snmp-server host host global confi guration command.
18-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 18 Configuring SNMP Configuring SNMP Using the snmp-server view Command In global conf iguration mod e, use the snmp-server view command to access Stan dard IEEE 802.
18-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 18 Configu ring SNMP Displaying SNMP Status This example sho ws how to allo w read-only access for all objects to members of access list 4 that use the comacces s community string.
CH A P T E R 19-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 19 Configuring Repeater and Standby Access Points and Workgroup Bridge Mode This chapter describes how to conf ig ure your a ccess point as a repeater , as a hot standby unit, or as a workgroup bridge.
19-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Repeater .
19-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Repeater .
19-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Re peater Access Point Default Configuration Access points are configured as root units by default.
19-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Repeater .
19-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Aligning Antennas The f.
19-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Aligning Antennas Use the show dot11 antenna-alignment command to list the MA C addre sses and signal lev el for the last 10 de vices that responded to the probe.
19-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Aligning Antennas Setting Up a Repeater As a EAP-FAST Client Y ou can set up a repeater access point to authenticat e to your network l ike other wire less client devices.
19-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Hot Standby Understanding Hot Standby Hot Standby mode designates an access point as a backup for another acces s point.
19-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Hot Standby Access Point Note The MA C address of th e monitored access point might ch ange if a BSSID on the monitored unit is added or deleted.
19-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring a Hot Stan.
19-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring a Hot Stan.
19-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Workgrou.
19-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Wo rkgroup Brid ge Mode Figure 19-2 sho ws an access point in workgroup br idge mode.
19-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Understanding Workgroup Bridge Mode bridges, t hat can as sociat e to an access point or bridge.
19-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Understanding Wo rkgroup Brid ge Mode Y ou can also conf igure the per iodicity of scans.
19-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Workgroup Bridge VLAN .
19-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring Work group Bridge Mode Step 3 station-ro le workgr oup-bridge [universal m ac-addr ess ] Set the radio role to w orkgroup bridge.
19-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Configuring Workgroup Bridge Mode Step 6 infrastructure-ssid Designate the SSID as an infrastruc ture SSID.
19-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Configuring Work group Bridge Mode This e xample sho ws ho w to configur e an access poin t as a w orkgroup bridge.
19-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Using Workgroup Bridge.
19-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge.
19-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 19 Configuring Repeater a nd Standby Access Po ints and Workgro up Bridge Mode Using Workgroup Bridge.
19-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 19 Configurin g Repeater and Stan dby Access Points and Workgroup Br idge Mode Using Workgroup Bridge.
CH A P T E R 20-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 20 Managing Firmware and Configurations This chapter describ es how to manipulate the Flash fi le system, ho w to copy configuration f iles, and ho w to archiv e (upload and do wnload) software images.
20-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System Displaying Available File .
20-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with the Flash File System Setting the Default File Sy.
20-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System Displaying Information About Files on a File System Y ou can vie w a list of the co ntents of a f ile system before mani pulating its contents.
20-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with the Flash File System T o delete a directory with all i ts files and subdi rectories, use the delete /force /r ecursive filesystem :/ file - ur l privileged EXEC command.
20-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with the Flash File System Deleting Files When you no longer need a file on a Flash memory de vice, you can perman ently delete it.
20-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with the Flash File System Displaying the Contents of .
20-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Extracting a tar File T o ex.
20-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s Yo u c a n c o p y ( dow nlo.
20-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files config uration is used. Ho we ver , some commands in the existin g conf iguration migh t not be replaced or nega ted.
20-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s Preparing to Download or Up.
20-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Use one of these privile ge.
20-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s Preparing to Download or Up.
20-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Connected to 172.16.101.101 Loading 1112 byte file host1-confg:![OK] ap# %SYS-5-CONFIG: Configured from host1-config by ftp from 172.
20-15 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s Building configuration.
20-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Configuration Files Preparing to Download or Up.
20-17 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Configuration File s This example sho ws ho w to cop y a conf iguration f ile named host1-confg from the netadmin1 directory on the remote se rver with an IP address of 172 .
20-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s This exampl e sho ws how to copy the run ning conf iguration f ile named ap2-confg to the netadmin1 directory on the remote host with an IP address of 172.
20-19 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images The protocol you use d epends on which type of serv er you are using. Th e FTP and RCP transport mechanisms provide faster performance and more reliable deli very of data than TFTP .
20-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s The info.ver f ile is always at the end of the tar file and contains the same informatio n as the info f ile.
20-21 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note T o a v oid an unsuccessful.
20-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Note If the Flash de vice has .
20-23 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Y ou download an access point image f ile from a se rver to upgrade the access point software.
20-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s config uration command. This ne w name wil l be used during all archi v e operations.
20-25 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note T o a v oid an unsuccessful.
20-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s If you specify the /lea ve-old-sw , the existing f iles are not remo v ed.
20-27 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images The archiv e upload-sw command b uilds an image f ile on the serv er by uploading th ese fi les in order: info, the Cisco IOS image, th e HTML files, and i nfo.
20-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s RCP requires a client to send a remote usern ame on each RCP request to a server .
20-29 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Downloading an Image File by Using RCP Y ou can download a ne w image fi le an d replace or keep the current image.
20-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s Note T o a v oid an unsuccessf.
20-31 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Note If the Flash de vice has suf f icient space to hold tw o images and you w ant to o verwrite one of these images with the same versi on, you must specify the /ov erwrite optio n.
20-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s The archi ve upload-sw pri vile ged EXEC command buil ds an image f ile on the serv er by uploading these files in order: info, the Cisco IOS i mage, the HTML files, and info.
20-33 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 20 Managing Firmware and Configurations Working with Software Images Browser TFTP Interface The TFTP interface allo ws you to use a TFTP se rver on a network de vice to load the access point image file.
20-34 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 20 Mana ging Firmware and Configurations Working with Software Image s.
CH A P T E R 21-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 21 Configuring L2TPv3 Over UDP/IP Layer 2 T unneling Protocol (L2TPv3), is a tunneling protocol that enables tunnel ing of Layer 2 packets ov er IP core networks.
21-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uring L2T Pv3 Over UDP/IP Configuring L2TP Class Note The bridge id on interf aces with same vlan id must be the same.
21-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring L2TPv3 Over UDP/IP Configuring Pseudow ire Class Note Multiple l2tp classes can be configured.
21-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uring L2T Pv3 Over UDP/IP Relationship betwee n L2TP Class and Pseudowire Cla ss Relationship between L2TP Class and Pseudowire Class Multiple pseudo wire classes can be conf igured.
21-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-29225-01 Chapter 21 Configuring L2TPv3 Over UDP/IP Mapping SSID to the T unnel/Xconnect This interface allo ws access to an AP through the tunnel. This interface is associated with a VDT interface with same inde x.
21-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-29225-01 Chapter 21 Config uring L2T Pv3 Over UDP/IP Configuring TCP mss adjust Configuring TCP mss adjust T o conf igure TCP mss adjust fo r tunnel clients u se the dot11 l2tp tcp mss tcp mss value command in the conf iguration mode.
CH A P T E R 22-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 22 Configuring System Message Logging This chapter describes how to conf igure sy stem message logging on your acces s point.
22-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 22 Config uri ng System Message Logg ing Understanding System Message Lo gging Understanding System Message Logging By default, access points send the outpu t from system messages and deb ug pri vile ged EXEC commands to a logging process.
22-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 22 Configuring System Message Logging Configuring System Message Lo gging This example show s a partial access point system message : *Mar 1 00:00:29.219: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up *Mar 1 00:00:29.
22-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 22 Config uri ng System Message Logg ing Configuring System Message Logging Disabling and Enabling Message Logging Message logging is enabled by default.
22-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 22 Configuring System Message Logging Configuring System Message Lo gging Setting the Message Display Destination Device If message logging is en abled, you ca n send messages to specific locati ons in addition to the cons ole.
22-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 22 Config uri ng System Message Logg ing Configuring System Message Logging Enabling and Disabling Timestamps on Log Messages By default, log messag es are not timestamped.
22-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 22 Configuring System Message Logging Configuring System Message Lo gging T o disable sequence numbers, use the no service sequence-numbers global confi guration command.
22-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 22 Config uri ng System Message Logg ing Configuring System Message Logging T able 22-3 describes the level keyw ords. It also lists the co rresponding sy slog definitions from the most sev ere lev el to the leas t sev ere level.
22-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 22 Configuring System Message Logging Configuring System Message Lo gging Beginni ng in pri vile ged E.
22-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 22 Config uri ng System Message Logg ing Configuring System Message Logging Configuring the System Lo.
.
22-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 22 Config uri ng System Message Logg ing Displaying the Logging Configuration.
CH A P T E R 23-1 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 23 Troubleshooting This chapter pro vides trou bleshooting procedures for b asic problems with the wirel ess dev ice.
23-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 23 Troublesho oting Checking the LED Indica tors Checking the LED Indicators If your wireless de vice is not communicating, fir st check the LED indicators on th e de vice to quickly assess the device’ s status.
23-3 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 23 Troubleshooting Checking Basic Setting s Note An 802.3af compliant switch (Cisco o r non-Cisco) is capable of sup plying suf f icient po wer for full operation.
23-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 23 Troublesho oting Resetting to the Defa ult Conf iguration SSID CONFIG W ARNING: [SSID]: If radio client s are using EAP-F AST , A UTH OPEN with EAP should also be configured.
23-5 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 23 Troubleshooting Resetting to the Default Configuration Using the Web Browser Interface Follo w th e.
23-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 23 Troublesho oting Reloading the A ccess Point Image ...done initializing Flash. Step 5 Us e the dir flash: command to display the contents of Flash and f ind the conf ig.
23-7 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 23 Troubleshooting Reloading the Access Point Image Using the MODE button Y ou can use the MODE b utto.
23-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 23 Troublesho oting Reloading the A ccess Point Image Browser HTTP Interface The HTTP interface enables you to bro wse to the wireless de vice image f ile on your PC an d do wnload the image to the wireless de vice.
23-9 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 23 Troubleshooting Reloading the Access Point Image Using the CLI Follo w the steps b elo w to reload the wireless d e vice image using the CLI.
23-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 23 Troublesho oting Reloading the A ccess Point Image Step 7 When the display becomes full, t he CLI pauses and d isplays --MORE-- . Press the spacebar to continue.
23-11 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 23 Troubleshooting Image Recovery on the 1520 Access Point IP_ADDR=192.168.133.160 NETMASK=255.255.255.0 Step 10 Enter the boot command to reboot the wireless device.
23-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 23 Troublesho oting Image Recovery on the 1520 Access Point T o perform image reco very on the 1520 access point, follo w these st eps: Step 1 With the access point po wered off, connect an RJ45 co nsole cable to the console port ().
23-13 Cisco IOS Software Configuratio n Guide for Cisco Aironet Ac cess Points OL-30644-01 Chapter 23 Troubleshooting Image Recovery on the 1520 Access Point Note If the ENABLE_BREAK=no envir onmental variable is set, yo u will not be able to escape to the bootloader .
23-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Chapter 23 Troublesho oting Image Recovery on the 1520 Access Point.
A-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-30644-01 APPENDIX A Protocol Filters The tables in this appendix list some of the prot ocol s that you can f ilter on th e access point.
A-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix A Protocol Filters T able A -1 EtherT ype Prot ocols Protocol Additional Identifier ISO Designator ARP — 0x0806 RARP — 0x8035 IP — 0x0800 Berkele y T railer Ne gotiation — 0x1000 LAN T est — 0x0708 X.
A-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix A Protocol Filters T able A -2 IP Protocols Protocol Additional Identifier ISO Designator dummy — 0 I.
A-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix A Protocol Filters T able A -3 IP P or t Pr ot ocols Protocol Additional Identifier ISO Designator TCP.
A-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix A Protocol Filters TSAP iso-t sap 102 CSO Name Serv er cso-ns csnet-ns 105 Remote T elnet rtelnet 107 P.
A-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix A Protocol Filters SNMP Unix Multiple xer s mux 199 AppleT alk Routi ng at-rtmp 201 AppleT alk name bindin g at- nbp 202 AppleT alk echo at-echo 204 AppleT alk Zone Inform ation at-zis 206 NISO Z39.
B-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-30644-01 APPENDIX B Supported MIBs This appendi x lists the Simple Network Manag ement Protocol (SNMP) Management Information Bases (MIBs) that the access point su pports for this soft w are release.
B-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix B Supported MIBs Using FTP to Acce ss the MIB Files • CISCO-MEMOR Y -POOL-MIB • CISCO-PR OCESS-MIB.
C-1 Cisco IOS Software Configuration Guide for Cisco Aironet Access Points OL-30644-01 APPENDIX C Error and Event Messages This appendix lists t he CLI error and e vent message s.
C-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es Conventions Conventions System error messages are displa yed in the fo rmat shown in Ta b l e C - 1 .
C-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages Software Auto Upgrade Message s Software Auto Upgrade Messages Error Message SW-AUTO-UPGRADE-2-FATAL_FAILURE: “At tempt to upgrade softw are failed, software on flash may be deleted.
C-4 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es Software Auto Upgrade Messages Error Message AUTO-INSTALL-4-IP_ADDRESS_DH CP: “The radio is operating in automati c install mode and has set ip address dhcp.
C-5 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages Association Management Message s Association Management Messages Error Message DOT11-3-BADSTATE: “%s %s -> %s.” Explanation 802.
C-6 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es Unzip Mess ages Error Message DOT11-4-DIVER_USED: Interf ace $s, Mcs rates.
C-7 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages System Log Messages System Log Messages Error Message %DOT11-4-LOADING_RADIO: Interface [ chars], loading the radio firmware ([chars]) Explanation The radio has been stopped to load ne w firmw are.
C-8 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages 802.11 Subsystem Messages Error Message DOT11-6-FREQ_USED: “Interfa ce %s, frequency %d selected.
C-9 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-3-TX_PWR_OUT_OF_RANGE : “Interface %s Radio transmit power out of range.
C-10 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-6-DFS_SCAN_START: “DF S: Scanning frequency %d MHz for %d seconds.” Explanation The de vice has beg un its DFS scanning process.
C-11 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT114-NO_MBSSID_BACKUP_VLA N: “Backup VLANs cannot be configured if MBSSID is not enabled.
C-12 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-2-UPLINK_FAILED: “Upl ink to parent failed: %s.” Explanation The connection to the p arent access point fail ed for the displayed reason .
C-13 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-MAXRETRIES: “Packet to client %e reached max retries, removing the client.
C-14 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-RADIO_NO_FREQ: “Int erface &s, all frequencies have been blocked, interface not started.
C-15 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-FLASHING_RADIO: “Interfa ce %s, flashing radio firmware (%s).” Explanation The indicated interface radio has bee n stop ped to load the indicated new firmw are.
C-16 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-UPLINK_LINK_DOWN: “ Interface %s, parent lost: %s.” Explanation The connection to the parent ac cess point on the indicated interf ace was lost for the reason indicated.
C-17 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-6-ANTENNA_GAIN: “Inte rface %s, antenna position/gain changed, adjusting transmitter power.
C-18 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message DOT11-4-CKIP_MIC_FAILURE: “CKIP MIC failure was detect ed on a packet (Digest 0x%x) received from %e).
C-19 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages 802.11 Subsystem Messages Error Message DOT11-4-TKIP_REPLAY: “TKIP TSC replay was detected on a packet (TSC 0x%ssx received from %e).
C-20 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es 802.11 Subsystem Messages Error Message SOAP_FIPS-2-INIT_FAILURE: “ SOAP FIPS initialization failure: %s.” Explanation SO AP FIPS initiali zation failure.
C-21 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages Inter-Access Point Protocol Messages Error Message DOT11-6-MCAST_DISCARD: “%s mode multicast packets are discarded in %s multicast mode.
C-22 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es Local Authenticator Messages Error Message RADSRV-4-NAS_KEYMIS: NAS sh ared key mismatch.
.
C-24 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es WDS Messages WDS Messages Error Message WLCCP-WDS-6-REPEATER_STOP: WLCCP WDS on Repe ater unsupported, WDS is disabled. Explanation Repeater access points do not support WDS.
C-25 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages Mini IOS Messages Error Message WLCCP-NM-6-WNM_LINK_UP: Lin k to WNM is up Explanation The network manager is n ow r esponding to k eep-acti ve messages.
C-26 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es Access Point/Bridge Messages Access Point/Bridge Messages Error Message A.
C-27 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages LWAPP Error Messages LWAPP Error Messages Error Message LWAPP-3-CDP: Failure sendin g CDP Update to Controller. Reason “s” Explanation Could not send access point CDP updat e to controller Recommended Action None.
C-28 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es Sensor Messages Sensor Messages Error Message SENSOR-3-TEMP_CRITICAL: Sys.
C-29 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages SNMP Error Messages Error Message SENSOR-3-VOLT_NORMAL: Syste m sensor “d”(“d”) is now operating under NORMAL voltage Explanation One of the measured en vironmental test points is under normal operating voltage.
C-30 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es SSH Error Mess ages Error Message SNMP-4-NOENGINEIDV6: Remote snmpEngineID f or Unrecognized format ‘ %P’ not found when creating user: “s” Explanation An attempt to create a user f ailed.
C-31 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 Appendix C Error and Event Messages SSH Error Messages Error Message SSH-5-SSH_CLOSE: SSH Sessio n from “%s.
C-32 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 Appendix C Error and Event Messag es SSH Error Mess ages.
GL-1 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 GLOSSARY 802.11 The IEEE standard that specifies carrier sense media access control and physical layer specif ications for 1- and 2- megabi t-per -second (Mbps) wireless LANs operating in the 2.
Glossary GL-2 Cisco IOS Software Configuration Gu ide for Cisco Airo net Access Points OL-30644-01 beacon A wireless LAN packet that signals the av ailability and presence of the wireless de vice.
Glossar y GL-3 Cisco IOS Software Configuration Gu ide for Cisco Aironet Access Points OL-30644-01 dipole A type of low-gain (2.2-dBi ) antenna consisting of two (often i nternal) elements. domain n ame The text name th at refers to a grouping o f networks or netw ork resources based on org anization-type or geography; for e xample: name.
デバイスCisco Aironet 2700iの購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
Cisco Aironet 2700iをまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはCisco Aironet 2700iの技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。Cisco Aironet 2700iの取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。Cisco Aironet 2700iで得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
Cisco Aironet 2700iを既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はCisco Aironet 2700iの不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、Cisco Aironet 2700iに関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちCisco Aironet 2700iデバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。