11-19
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-11350-01
Chapter11 Configuring Authentication Types
Matching Access Point and Client Device Authentication Types

Applying an EAP Profile to an Uplink SSID

This operation typically applies to repeater access points. Beginning in the privileged exec mode, follow
these steps to apply an EAP profile to the uplink SSID.
Matching Access Point and Client Device Authentication Types
To use the authentication types described in this section, the access point authentication settings must
match the authentication settings on the client adapters that associate to the access point. Refer to the
Cisco Aironet Wireless LAN Client Adapters Installation and Configuration Guide for Windows for
instructions on setting authentication types on wireless client adapters. Refer to Chapter10,
“Configuring Cipher Suites and WEP,” for instructions on configuring cipher suites and WEP on the
access point.
Table11-2 lists the client and access point settings required for each authentication type.
Note Some non-Cisco Aironet client adapters do not perform 802.1X authentication to the access point unless
you configure Open authentication with EAP. To allow both Cisco Aironet clients using LEAP and
non-Cisco Aironet clients using LEAP to associate using the same SSID, you might need to configure
the SSID for both Network EAP authentication and Open authentication with EAP.
Likewise, to allow both Cisco Aironet 802.11a/b/g client adapters (CB21AG and PI21AG) running
EAP-FAST and non-Cisco Aironet clients using EAP-FAST or LEAP to associate using the same SSID,
you might need to configure the SSID for both Network EAP authentication and Open authentication
with EAP.
Command Purpose
Step1 configure terminal Enter the global configuration mode.
Step2 interface dot11radio {0 | 1} Enter interface configuration mode for the radio interface. The
2.4-GHz radio is radio 0, and the 5-GHz radio is radio 1.
Step3 ssid ssid Assign the uplink SSID to the radio interface.
Step4 exit Return to the configure terminal mode.
Step5 eap profile profile Enter the profile preconfigured profile name.
Step6 end Return to the privileged EXEC mode.
Step7 copy running config
startup-config
(Optional) Save your entries in the configuration file.
Table11-2 Client and Access Point Security Settings
Security Feature Client Setting Access Point Setting
Static WEP with open
authentication
Create a WEP key and enable Use
Static WEP Keys and Open
Authentication
Set up and enable WEP and enable
Open Authentication for the SSID
Static WEP with shared key
authentication
Create a WEP key and enable Use
Static WEP Keys and Shared Key
Authentication
Set up and enable WEP and enable
Shared Key Authentication for the
SSID