Cisco Systems OL-6217-01 manual Configuring the Infrastructure Access Points

Page 28

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Implementing the Cisco SWAN Framework

This step is very important. After the Cisco SWAN topology is established, all 802.1x client authentications are forwarded through the WDS. If the client authentication group(s) is not properly configured, WLAN clients are denied access to the network.

RADIUS servers are not redefined with the first command if you are using the same AAA server for infrastructure and client authentication.

Step 8 Define the CiscoWorks WLSE:

wlsm(config)# wlccp wnm ip address <wlse ip address>

Configuring the Infrastructure Access Points

Configuring the infrastructure access points to register with the WDS on the WLSM is similar to configuring infrastructure access points when the WDS is hosted on the access point. The necessary tasks are as follows:

Define SNMP communities

Enter a host name for the access point

Define Telnet or SSH parameters

Define WLCCP credentials

Define the WLSM as the WDS Follow these steps to complete the tasks:

Step 1 Log into the access point command-line interface and enter configuration mode.

Step 2 Enter the following commands to define the SNMP communities:

infra-ap(config)# infra-ap(config)# infra-ap(config)#

snmp-server view iso iso included

snmp-server community <read-only community> view iso RO snmp-server community <read-write community> view iso RW

Step 3 Enter a host name for the access point:

infra-ap(config)#hostname <hostname>

Step 4 Enter the following to define Telnet or SSH users:

infra-ap(config)#username <username> password <password>

Step 5 Enter the following to enable SSH (optional step):

infra-ap(config)#ip domain-name <ip domain-name>

infra-ap(config)#crypto key generate rsa general-keys modulus <key size>

Step 6 Enter the following commands to turn off Telnet (optional step), define an access control list, and apply it to the Telnet lines. Obviously, many access control list definitions can accomplish this task, but the following is an example:

infra-ap(config)#access-list <access-list number> permit tcp any any neq telnet

infra-ap(config)# line 0 16

infra-ap(config-line)#access-class <access-list number>

Step 7 Enter the following command to define the WLCCP credentials for the access point:

infra-ap(config)#wlccp ap username <wlccp_username> password <password>

Step 8 Enter the following to direct the infrastructure access point to the WDS on the WLSM:

infra-ap(config)#wlccp ap wds ip address <wlsm ip address>

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

28

OL-6217-01

 

 

Page 27 Page 29
Image 28
Page 27 Page 29
Contents Corporate Headquarters Cisco Aironet 1400 Series Wireless Bridge Deployment Guide N T E N T S Contents Book Title Xxxxx-xx Audience Acroymns and Terms Cisco Swan Framework Overview Cisco Swan Layers Cisco Swan Logical View Shows the access point-based WDS solution Cisco Swan Framework Components WDS WlccpSoftware Components Hardware ComponentsImplementing the Cisco Swan Framework Common Tasks CiscoSecure ACS NAS Setup Adding Username and Password Credentials CiscoSecure ACS User Setup AAA-apconfig#radius-server local AAA-apconfig-radsrvuser username password passwordCiscoWorks Wlse Snmp Community Entry Screen CiscoWorks Wlse Telnet/SSH Credentials Entry Access Point-Based WDS Solution Configuration Configuring the WDS Access PointWds-apconfig#hostname hostname Wds-apconfig#username username password passwordWds-apconfig#wlccp wds priority priority number Configuring the Infrastructure Access PointWds-apconfig#wlccp wnm ip address wlse ip address Managing the Access Points with the CiscoWorks Wlse Infra-apconfig#hostname hostnameInfra-apconfig#username username password password Infra-apconfig-line#access-class access-list numberSwitch-Based WDS Solution Configuration Validating the ConfigurationConfiguring the Catalyst 6500 Supervisor Wds-ap#show wlccp wds apConfiguring the WDS on the Wlsm Create the Vlan between the supervisor and WlsmWlsmconfig#snmp-server view iso iso included Wlsmconfig#hostname hostnameWlsmconfig# wlccp wnm ip address wlse ip address Configuring the Infrastructure Access PointsInfra-apconfig#wlccp ap wds ip address wlsm ip address Wlsm# show wlccp wds ap Validating the SetupWlsm# show wlccp wnm status Sup720# show mobility status Mobility apFast Secure Roaming with Cckm When Using Multiple Encryption Types or VLANs Infra-apconfig#interface dot11RadioInfra-apconfig-if#encryption mode ciphers cipher-type Infra-apconfig-if-ssid#authentication network-eap eap-groupConfiguring ACU to use Cckm Click Profile ManagementCisco Swan Radio Management Features Cisco Swan Framework Radio ManagementPreparing to Use Cisco Swan Radio Management Building Tool Pop-Up WindowCisco Swan Radio Management Features Page OL-6217-01
Top Page Image Contents