Cisco Systems 0L-11350-01 Including an SSID in an SSIDL IE, NAC Support for MBSSID

7-13

Cisco IOS Software Configuration Guide for Cisco Aironet Access Points

OL-11350-01

Chapter7 Configuring Multiple SSIDs

Including an SSID in an SSIDL IE

Including an SSID in an SSIDL IE

The access point beacon can advertise only one broadcast SSID. However, you can use SSIDL

information elements (SSIDL IEs) in the access point beacon to alert client devices of additional SSIDs

on the access point. When you designate an SSID to be included in an SSIDL IE, client devices detect

that the SSID is available, and they also detect the security settings required to associate using that SSID.

Note When multiple BSSIDs are enabled on the access point, the SSIDL IE does not contain a list of SSIDs;

it contains only extended capabilities.

Beginning in privileged EXEC mode, follow these steps to include an SSID in an SSIDL IE:

Use the no form of the command to disable SSIDL IEs.

NAC Support for MBSSID

Networks must be protected from security threats, such as viruses, worms, and spyware. These security

threats disrupt business, causing downtime and continual patching. Endpoint visibility and control is

needed to help ensure that all wired and wireless devices attempting to access a network meet corporate

security policies. Infected or vulnerable endpoints need to be automatically detected, isolated, and

cleaned.

NAC is designed specifically to help ensure that all wired and wireless endpoint devices (such as PCs,

laptops, servers, and PDAs) accessing network resources are adequately protected from security threats.

NAC allows organizations to analyze and control all devices coming into the network. By ensuring that

every endpoint device complies with corporate security policy and is running the latest and most relevant

security protections, organizations can significantly reduce or eliminate endpoint devices as a common

source of infection or network compromise.

WLANs need to be protected from security threats such as viruses, worms, and spyware. Both the NAC

Appliance and the NAC Framework provide security threat protection for WLANs by enforcing device

security policy compliance when WLAN clients attempt to access the network. These solutions

quarantine non-compliant WLAN clients and provide remediation services to help ensure compliance.

Command Purpose

Step1 configure terminal Enter global configuration mode.

Step2 interface dot11radio { 0 | 1 } Enter interface configuration mode for the radio interface.

Step3 ssid ssid-string Enter configuration mode for a specific SSID.

Step4 information-element ssidl

[advertisement] [wps]

Include an SSIDL IE in the access point beacon that advertises

the access point’s extended capabilities, such as 802.1x and

support for Microsoft Wireless Provisioning Services (WPS).

Use the advertisement option to include the SSID name and

capabilities in the SSIDL IE. Use the wps option to set the WPS

capability flag in the SSIDL IE.