Cisco Systems OL-6217-01 manual Configuring the Infrastructure Access Point

Page 23

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Implementing the Cisco SWAN Framework

Step 8 Enter the following to define AAA parameters for client authentication:

wds-ap(config)#radius-server host <ip address> auth-port <auth-port> acct-port <acct-port> key <shared secret>

wds-ap(config)#aaa group server radius client_group wds-ap(config-sg-radius)#server <ip address> auth-port <1812> acct-port <1813> wds-ap(config)#aaa authentication login client-group group client_group wds-ap(config)#wlccp authentication-server client any client-group

This step is very important. After the Cisco SWAN topology is established, all 802.1x client authentications are forwarded through the WDS. If the client authentication group(s) is not properly configured, WLAN clients are denied network access.

RADIUS servers redefined with the first command are using the same AAA server for infrastructure and client authentication.

Step 9 Enter the following commands to enable WDS service on the access point:

wds-ap(config)#wlccp wds priority <priority number>

Valid priority values are between 1 and 255 inclusive. The WDS priority field is used to elect a WDS master access point when more than one access point on the subnet is configured. When multiple access points are configured to run WDS, an election is held. The access point with the highest WDS priority value becomes the active WDS and the other access point(s) go into WDS-standby mode. If two or more access points have the same WDS priority, the tie-breaker is the highest value FastEthernet MAC address of the competing access points. The active WDS should always be configured with priority value 255.

Step 10 Enter the following command to define the WLCCP credentials for the access point:

wds-ap(config)#wlccp ap username <wlccp_username> password <password>

The WDS-host access point is now registered with the WDS service and serves as an infrastructure access point.

Step 11 Define the CiscoWorks WLSE on the WDS access point:

wds-ap(config)#wlccp wnm ip address <wlse ip address>

Subsequent to these steps, customers can configure additional parameters like VLANs, SSIDs, and encryption settings. Customers may choose to use the CiscoWorks WLSE to do these configurations in bulk after the CiscoWorks WLSE has discovered the WDS-host and the infrastructure access points.

Configuring the Infrastructure Access Point

Configuring the infrastructure access point is much simpler than configuring the WDS access point. The necessary tasks are as follows:

Define SNMP communities

Enter a host name for the access point

Define Telnet/SSH parameters

Define WLCCP credentials

Follow these steps to complete the tasks:

Step 1 Log into the access point command-line interface and enter configuration mode.

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

 

OL-6217-01

23

 

 

 

Page 22 Page 24
Image 23
Page 22 Page 24
Contents Corporate Headquarters Cisco Aironet 1400 Series Wireless Bridge Deployment Guide N T E N T S Contents Book Title Xxxxx-xx Audience Acroymns and Terms Cisco Swan Framework Overview Cisco Swan Layers Cisco Swan Logical View Shows the access point-based WDS solution WDS Wlccp Cisco Swan Framework ComponentsHardware Components Software ComponentsImplementing the Cisco Swan Framework Common Tasks CiscoSecure ACS NAS Setup Adding Username and Password Credentials CiscoSecure ACS User Setup AAA-apconfig-radsrvuser username password password AAA-apconfig#radius-server localCiscoWorks Wlse Snmp Community Entry Screen CiscoWorks Wlse Telnet/SSH Credentials Entry Configuring the WDS Access Point Access Point-Based WDS Solution ConfigurationWds-apconfig#username username password password Wds-apconfig#hostname hostnameWds-apconfig#wlccp wnm ip address wlse ip address Configuring the Infrastructure Access PointWds-apconfig#wlccp wds priority priority number Infra-apconfig-line#access-class access-list number Managing the Access Points with the CiscoWorks WlseInfra-apconfig#hostname hostname Infra-apconfig#username username password passwordWds-ap#show wlccp wds ap Switch-Based WDS Solution ConfigurationValidating the Configuration Configuring the Catalyst 6500 SupervisorCreate the Vlan between the supervisor and Wlsm Configuring the WDS on the WlsmWlsmconfig#hostname hostname Wlsmconfig#snmp-server view iso iso includedInfra-apconfig#wlccp ap wds ip address wlsm ip address Configuring the Infrastructure Access PointsWlsmconfig# wlccp wnm ip address wlse ip address Wlsm# show wlccp wnm status Validating the SetupWlsm# show wlccp wds ap Mobility ap Sup720# show mobility statusFast Secure Roaming with Cckm Infra-apconfig-if-ssid#authentication network-eap eap-group When Using Multiple Encryption Types or VLANsInfra-apconfig#interface dot11Radio Infra-apconfig-if#encryption mode ciphers cipher-typeClick Profile Management Configuring ACU to use CckmCisco Swan Framework Radio Management Cisco Swan Radio Management FeaturesBuilding Tool Pop-Up Window Preparing to Use Cisco Swan Radio ManagementCisco Swan Radio Management Features Page OL-6217-01
Top Page Image Contents