1-2
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-05
Chapter1 Overview
Key Features
Key FeaturesThis section describes the key features of the access point firmware. The following are the key features
of this firmware version:
•Multiple IEEE 802.11 service set identifiers (SSIDs) allow you to create different levels of network
access and to access virtual LANs (VLANs).You can configure up to 16 separate SSIDs to support
up to 16 VLANs for each access point radio. Each VLAN can have a different wireless security
configuration so that the devices that support the latest Cisco security enhancements can exist
alongside legacy devices. This additional access point functionality enables a variety of users having
different security levels to access different parts of the network.
•Quality of service (QoS), which allows various devices on the network to communicate more
effectively. The access point now supports QoS for wireless Voice over IP (VoIP) telephones and
downlink prioritized channel access for streaming audio and video traffic. Filters can also be set to
prioritize traffic based on VLAN, VoIP address-based filters, protocol, or port.
•Proxy Mobile IP provides a method for seamless inter-subnet roam ing. When you enable proxy
Mobile IP on your access points, client devices that roam from one subnet to the next ma intain their
IP address and session. The access point acts as a Mobile IP proxy for client devices that do not have
mobile IP software installed. The access informs the foreign agent router that the client has roamed
to another subnet, while the foreign agent directs the home agent to reroute packets to it.
•Centralized administrator authentication uses an AAA server to authenticate users if the user
administration feature is enabled on the access point. When a login is attempted, the AAA server
verifies the user login and passes back the appropriate privileges for the user or an administrator.
•Better handling of lost Ethernet links causes a number of actions to be executed when an access point
loses backbone connectivity:
–
No action—the access point continues to maintain associations with clients and manages traffic
between them, but traffic to the backbone is not passed. When the backbone is restored, the
access point begins passing traffic to and from the wired network.
–
Switch to repeater mode—the access point tries to connect to a root access point using any of
the configured SSIDs. If it cannot connect, all clients are disassociated and the access point
removes itself from the wireless network until connectivity is restored.
–
Shut the radio off—all clients are disassociated and the access point removes itself from the
wireless network until backbone connectivity is restored.
–
Restrict to SSID—the access point allows association using a restricted SSID (for administrator
troubleshooting and diagnosis purposes).
•Authentication server management includes two new features in release 12.01T1:
–
Display of active authentication servers—for each authentication type: 802.1x/LEAP, MAC, or
Admin Authentication (if enabled), the active server is identified by a green color.
–
Automatic return to primary authentication server—if the selected RADIUS server (primary) is
not reachable after a predetermined period of time-out and retries, the access point uses th e next
server listed.
•Reporting access points that fail authentication with LEAP provides a passive method of detecting
rogue access points in a LEAP enabled network. It is passive because access points do not actively
look for or detect a rogue access point in the wireless network. Instead, the access point depends on
LEAP enabled clients to report rouge access points.