Cisco Systems OL-6217-01 manual When Using Multiple Encryption Types or VLANs

Page 32

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Implementing the Cisco SWAN Framework

When Not Using Multiple Authentication Types, Encryption Types, or VLANs

If you are not using multiple authentication or encryption types or VLANs on the access points, follow these steps to configure the access points to use CCKM:

Step 1 Gain control of the access point command line interface and enter configuration mode.

Step 2 Enter the interface configuration mode for the appropriate radio. Interface dot11Radio 0 corresponds to the 802.11b/g radio, and Interface dot11Radio 1 corresponds to the 802.11a radio.

infra-ap(config)#interface dot11Radio <0-1>

Step 3 Set the cipher type for the interface:

infra-ap(config-if)#encryption mode ciphers <cipher-type>

Consult the product documentation for specific details on the cipher types that are compatible with CCKM.

Step 4 Enter the SSID sub-configuration mode:

infra-ap(config-if)#ssid <ssid_name>

Step 5 Set the authentication:

infra-ap(config-if-ssid)#authentication network-eap <eap-group>

Step 6 Set the authentication key management:

infra-ap(config-if-ssid)#authentication key-management {[wpa] [cckm]} [optional]

Use the wpa keyword only if you are using WPA. If this is the case, the wpa keyword must precede the cckm keyword. The optional keyword tells the access point to allow legacy clients that do not support CCKM onto the network. Without the optional keyword, only client devices that support CCKM are allowed onto the network.

When Using Multiple Encryption Types or VLANs

If you are using multiple encryption types or VLANs on the access points, follow these steps to configure the access points to use CCKM:

Step 1 Gain control of the access point command line interface and enter configuration mode.

Step 2 Enter the interface configuration mode for the appropriate radio. Interface dot11Radio 0 corresponds to the 802.11b/g radio, and Interface dot11Radio 1 corresponds to the 802.11a radio.

infra-ap(config)#interface dot11Radio <0-1>

Step 3 Set the cipher type for the VLAN interface:

infra-ap(config-if)#encryption vlan <vlan number> mode ciphers <cipher-type>

Consult the product documentation for specific details on the cipher types that are compatible with CCKM.

Step 4 Enter the SSID sub-configuration mode:

infra-ap(config-if)#ssid <ssid_name>

Step 5 Set the VLAN for the SSID:

infra-ap(config-if-ssid)#vlan <vlan number>

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

32

OL-6217-01

 

 

Page 31 Page 33
Image 32
Page 31 Page 33
Contents Corporate Headquarters Cisco Aironet 1400 Series Wireless Bridge Deployment Guide N T E N T S Contents Book Title Xxxxx-xx Audience Acroymns and Terms Cisco Swan Framework Overview Cisco Swan Layers Cisco Swan Logical View Shows the access point-based WDS solution Cisco Swan Framework Components WDS WlccpSoftware Components Hardware ComponentsImplementing the Cisco Swan Framework Common Tasks CiscoSecure ACS NAS Setup Adding Username and Password Credentials CiscoSecure ACS User Setup AAA-apconfig#radius-server local AAA-apconfig-radsrvuser username password passwordCiscoWorks Wlse Snmp Community Entry Screen CiscoWorks Wlse Telnet/SSH Credentials Entry Access Point-Based WDS Solution Configuration Configuring the WDS Access PointWds-apconfig#hostname hostname Wds-apconfig#username username password passwordWds-apconfig#wlccp wnm ip address wlse ip address Configuring the Infrastructure Access PointWds-apconfig#wlccp wds priority priority number Managing the Access Points with the CiscoWorks Wlse Infra-apconfig#hostname hostnameInfra-apconfig#username username password password Infra-apconfig-line#access-class access-list numberSwitch-Based WDS Solution Configuration Validating the ConfigurationConfiguring the Catalyst 6500 Supervisor Wds-ap#show wlccp wds apConfiguring the WDS on the Wlsm Create the Vlan between the supervisor and WlsmWlsmconfig#snmp-server view iso iso included Wlsmconfig#hostname hostnameInfra-apconfig#wlccp ap wds ip address wlsm ip address Configuring the Infrastructure Access PointsWlsmconfig# wlccp wnm ip address wlse ip address Wlsm# show wlccp wnm status Validating the SetupWlsm# show wlccp wds ap Sup720# show mobility status Mobility apFast Secure Roaming with Cckm When Using Multiple Encryption Types or VLANs Infra-apconfig#interface dot11RadioInfra-apconfig-if#encryption mode ciphers cipher-type Infra-apconfig-if-ssid#authentication network-eap eap-groupConfiguring ACU to use Cckm Click Profile ManagementCisco Swan Radio Management Features Cisco Swan Framework Radio ManagementPreparing to Use Cisco Swan Radio Management Building Tool Pop-Up WindowCisco Swan Radio Management Features Page OL-6217-01
Top Page Image Contents