Cisco Systems CGR1120K9 manual WiMAX Interface Security, WiMAX X.509 Certificates

Page 18

Configuring the Module

When a WiMAX module operates in a network with an Airspan base station that has a MAC profile definition based on non-authentication, some of its base station models might require the privacy key management (PKM) to be configured on the WiMAX interface. Updating the base station with the latest firmware generally eliminates the need to change the configuration of the WiMAX module.

WiMAX Interface Security

The WiMAX module supports the following security methods:

IEEE 802.16—WiMAX interface Privacy Key Management v2 authentication.

EAP-TLS—Extensible Authentication Protocol Transport Layer Security (RFC 5216), 802.1x.

EAP TTLS—Tunneled Transport Layer Security (RFC 3748).

MS-CHAPv2—Challenge-Handshake Authentication Protocol Version 2 (RFC 2759).

Note You must complete WiMAX scanlist configuration before attempting the WIMAX interface configuration. Without associating the WIMAX interface with a configured WIMAX scanlist, you cannot issue a security command on the WIMAX interface since the interface needs to be associated with a WiMAX scanlist first.

To configure security on the WiMAX module, complete the following in this order:

Step 1 Configure the WiMAX scanlist. See Step 1–WiMAXScan-list Configuration, page 20.

Step 2 Associate the WiMAX scanlist to the WiMAX interface. See Step 2–WiMAX Interface Configuration, page 20.

Step 3 Configure the IP address (static or DHCP) for the WiMAX interface. See Step 2–WiMAX Interface Configuration, page 20.

Step 4 If you want to configure EAP-TLS or EAL-TTLS as your WiMAX authentication method, then you must configure the certificate trustpoints. See Step 3–Enable Security Parameters, page 20.

Step 5 Configure EAP TLS or EAP-TTLS. See Step 3–Enable Security Parameters, page 20.

Note The command pkm crypto algorithm aes does not need to be configured since it was included as the default configuration for the WIMAX interface.

WiMAX X.509 Certificates

Learn more about WiMAX Forum X.509 certificates, see http://www.wimaxforum.org.

Cisco Connected Grid Modules for CGR 1000 Series—WiMAX Installation and Configuration Guide

18

OL-26236-03

 

 

Image 18
Contents Cisco Connected Grid Modules for Parts List Cisco Part Number DescriptionParts List Features Feature DescriptionHardware Overview FECQMAf connector Front PanelSupported Cisco WiMAX Antennas ANT-WM-INT-OUT-MMechanical Specifications WiMAX InterfaceModule States State DescriptionModule Power States DC Power ConsumptionTemperature Monitoring State Machine Radio Frequency InterfaceInstalling and Removing the WiMAX Module Before You Begin InstallationInstallation Warning Statements Installing the WiMAX Module Removing the WiMAX ModuleSoftware Overview StandardsRegulatory and Compliance Information WiMAX OverviewQoS Output WiMAX Link QoSQoS Support 8091 1026 DataCID QoS Parameters Prerequisites Configuring the ModuleAdditional QoS Commands Guidelines and LimitationsWiMAX Interface Security WiMAX X.509 CertificatesEAP-TLS and EAP-TTLS Authentication Methods Routerconfig-if#pkm auth-method eap-ttlsWiMAX Scan-list Configuration WiMAX Interface ConfigurationEnable Security Parameters Enabling an Interface Additional WiMAX Configuration CommandsWiMAX show Command Examples Show spromRouter # show interface wimax 3/1 association Show interfaces wimax interfacename associationShow controllers wimax interfacename Router # show controllers wimax 6/1Show interface wimax interfacename scanning Troubleshooting and DiagnosticsShow interfaces wimax interfacename statistics Router # show interface wimax 3/1 scanningWiMAX Debug Commands Checking Signal StrengthRetrieving the Electronic Serial Number Converting Hexadecimal ESN to Decimal Notation VIDAdditional References Lightning Arrestor for the Cisco 1240 Connected Grid RouterRegulatory, Compliance, and Safety Information Feature HistoryCisco System Software Commands Documents Release Feature InformationTechnical Assistance Tell Us What You Think Connected Grid Documentation Feedback Form

CGR1120K9 specifications

Cisco Systems CGR1120K9 is a robust networking device designed specifically for the Internet of Things (IoT) and industrial applications. As a part of the Cisco Connected Grid Router series, the CGR1120K9 delivers reliable connectivity and supports various networking functionalities to enhance operational efficiency in challenging environments.

One of the prominent features of the CGR1120K9 is its rugged design, built to withstand harsh conditions typical in industrial settings. With an operating temperature range of -40 to +85 degrees Celsius, it is ideal for use in outdoor and remote locations, making it suitable for utilities, transportation, and critical infrastructure industries. Its compact form factor allows for flexible installation options, which is crucial in space-constrained environments.

The CGR1120K9 comes equipped with a range of interfaces, including Ethernet ports and serial interfaces, providing versatility in integrating with different devices and systems. It supports both wired and wireless connections, enabling seamless communication across the IoT landscape. Additionally, the router features a dedicated management interface for simplified configuration and monitoring, ensuring that network administrators can efficiently manage their deployments.

In terms of performance, the CGR1120K9 features advanced routing and security capabilities, including support for IPv6, virtual private networks (VPNs), and firewall functionalities. This ensures secure data transmission over the network while maintaining high-performance levels essential for real-time applications. The device is powered by Cisco's IOS XE software, which offers enhanced operational capabilities through advanced features such as software-defined networking (SDN) and automation.

Another key characteristic of the CGR1120K9 is its scalability. Organizations can easily expand their networks as their needs evolve, ensuring an investment that grows with them. The router is designed to work cost-effectively in both small and large-scale deployments, making it a flexible choice for various business environments.

The CGR1120K9 also supports a range of protocols and standards, ensuring compatibility with existing infrastructure and devices. This is crucial for organizations seeking to modernize their networks while leveraging existing investments in hardware and software.

In conclusion, the Cisco Systems CGR1120K9 stands out as a high-performance, rugged router tailored for the demands of IoT and industrial applications. With its robust features, advanced technologies, and characteristics, it empowers organizations to enhance connectivity and streamline operations in even the most challenging environments.