
Chapter 6 Configuring WLANs
Configuring Wireless LANs
Configuring a Timeout for Disabled Clients
You can configure a timeout for disabled clients. Clients who fail to authenticate three times when attempting to associate are automatically disabled from further association attempts. After the timeout period expires, the client is allowed to retry authentication until it associates or fails authentication and is excluded again. Use these commands to configure a timeout for disabled clients:
•Enter config wlan blacklist
•Use the show wlan command to verify the current timeout.
Assigning Wireless LANs to VLANs
Use these commands to assign a wireless LAN to a VLAN:
•Enter this command to assign a wireless LAN to a VLAN:
config wlan vlan
–Use the default option to assign the wireless LAN to the VLAN configured on the network port.
–Use the untagged option to assign the wireless LAN to VLAN 0.
–Use the
•Enter show wlan to verify VLAN assignment status.
Note Cisco recommends that you assign one set of VLANs for wireless LANs and a different set of VLANs for management interfaces to ensure that controllers properly route VLAN traffic.
•To remove a VLAN assignment from a wireless LAN, use this command: config wlan vlan
Configuring Layer 2 Security
This section explains how to assign Layer 2 security settings to wireless LANs.
Dynamic 802.1X Keys and Authorization
Cisco Wireless LAN Controllers can control 802.1X dynamic WEP keys using EAP (extensible authentication protocol) across access points, and support 802.1X dynamic key settings for wireless LANs.
•Enter show wlan
•To disable or enable the 802.1X configuration, use this command: config wlan security 802.1X {enable disable}
Cisco Wireless LAN Controller Configuration Guide
|
| |
|