Cisco Systems OL-6217-01 manual Wlsmconfig#snmp-server view iso iso included

Page 27

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Implementing the Cisco SWAN Framework

Define AAA parameters for WLAN client authentication

Define the CiscoWorks WLSE

Follow these steps to complete the tasks:

Step 1 Access the WLSM command-line interface.

Step 2 Define the WLAN VLAN:

wlsm(config)wlan vlan <VLAN number>

wlsm(config-wlan)ipaddr <ip address> <network mask>

wlsm(config-wlan)gateway <gateway ip address>

wlsm(config-wlan)admin

wlsm(config-wlan)exit

The VLAN number corresponds to the VLAN number created in Step 2 of the supervisor configuration. The gateway IP address is configured as the IP address of this VLAN interface on the supervisor. The admin command instructs the WLSM to use this VLAN for controlling messaging to and from the supervisor.

Step 3 Define a default route to the supervisor:

wlsm(config)ip route 0.0.0.0 0.0.0.0 <gateway ip address>

The <gateway IP address> is the address of the WLAN VLAN interface created in Step 2 of the supervisor configuration.

Step 4 Define the SNMP communities:

wlsm(config)#snmp-server view iso iso included

wlsm(config)#snmp-server community <read-only community> view iso RO wlsm(config)#snmp-server community <read-write community> view iso RW

Step 5 Enter a host name for the WLSM:

wlsm(config)#hostname <hostname>

Step 6 Define the AAA parameters for infrastructure authentication:

wlsm(config)# aaa new-model

wlsm(config)# radius-server host <ip address> auth-port <auth-port> acct-port <acct-port> key <shared secret>

wlsm(config)# aaa group server radius wlccp_infra wlsm(config-sg-radius)#server <ip address> auth-port <1812> acct-port <1813> wlsm(config)# aaa authentication login wlccp-infra group wlccp_infra wlsm(config)# wlccp authentication-server infrastructure wlccp-infra

The RADIUS server IP address should be that of the AAA server for infrastructure authentication. If this is the local RADIUS server on an access point, the authentication port is always 1812, and the accounting port is always 1813.

Step 7 Define the AAA parameters for client authentication:

wlsm(config)# radius-server host <ip address> auth-port <auth-port> acct-port <acct-port> key <shared secret>

wlsm(config)# aaa group server radius client_group wlsm(config-sg-radius)#server <ip address> auth-port <1812> acct-port <1813> wlsm(config)# aaa authentication login client-group group client_group wlsm(config)# wlccp authentication-server client any client-group

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

 

OL-6217-01

27

 

 

 

Image 27
Contents Corporate Headquarters Cisco Aironet 1400 Series Wireless Bridge Deployment Guide N T E N T S Contents Book Title Xxxxx-xx Audience Acroymns and Terms Cisco Swan Framework Overview Cisco Swan Layers Cisco Swan Logical View Shows the access point-based WDS solution WDS Wlccp Cisco Swan Framework ComponentsHardware Components Software ComponentsImplementing the Cisco Swan Framework Common Tasks CiscoSecure ACS NAS Setup Adding Username and Password Credentials CiscoSecure ACS User Setup AAA-apconfig-radsrvuser username password password AAA-apconfig#radius-server localCiscoWorks Wlse Snmp Community Entry Screen CiscoWorks Wlse Telnet/SSH Credentials Entry Configuring the WDS Access Point Access Point-Based WDS Solution ConfigurationWds-apconfig#username username password password Wds-apconfig#hostname hostnameConfiguring the Infrastructure Access Point Wds-apconfig#wlccp wds priority priority numberWds-apconfig#wlccp wnm ip address wlse ip address Infra-apconfig-line#access-class access-list number Managing the Access Points with the CiscoWorks WlseInfra-apconfig#hostname hostname Infra-apconfig#username username password passwordWds-ap#show wlccp wds ap Switch-Based WDS Solution ConfigurationValidating the Configuration Configuring the Catalyst 6500 SupervisorCreate the Vlan between the supervisor and Wlsm Configuring the WDS on the WlsmWlsmconfig#hostname hostname Wlsmconfig#snmp-server view iso iso includedConfiguring the Infrastructure Access Points Wlsmconfig# wlccp wnm ip address wlse ip addressInfra-apconfig#wlccp ap wds ip address wlsm ip address Validating the Setup Wlsm# show wlccp wds apWlsm# show wlccp wnm status Mobility ap Sup720# show mobility statusFast Secure Roaming with Cckm Infra-apconfig-if-ssid#authentication network-eap eap-group When Using Multiple Encryption Types or VLANsInfra-apconfig#interface dot11Radio Infra-apconfig-if#encryption mode ciphers cipher-typeClick Profile Management Configuring ACU to use CckmCisco Swan Framework Radio Management Cisco Swan Radio Management FeaturesBuilding Tool Pop-Up Window Preparing to Use Cisco Swan Radio ManagementCisco Swan Radio Management Features Page OL-6217-01