4-8
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-30644-01
Chapter4 Configuring the Access Point for the First Time
Assigning Basic Settings
•IPv6 Address—Enter the IPv6 address
•Username—Enter the username required to access the network.
•Password—Enter the password corresponding to the username required to access the network.
•SNMP Community—If your network is using SNMP, enter the SNMP Community name provided
by your network administrator and select the attributes of the SNMP data (also provided by your
network administrator).
•Current SSID List (Read Only)
Step8 Enter the following Radio Configuration settings for the radio bands supported by the access point.
Both the 2.4 GHz and 5 GHz radios have the following options:
•SSID—Type the SSID in the SSID entry field. The SSID can contain up to 32 alphanumeric
characters.
–
Broadcast SSID in Beacon—To allow devices without a specified SSID to associate with the
access point, select this check box. If this check box is selected, the access point will respond
to Broadcast SSID probe requests and also broadcast its own SSID with its Beacons.
When you broadcast the SSID, devices that do not specify an SSID can associate to the wireless
device. This is a useful option for an SSID used by guests or by client devices in a public space.
If you do not broadcast the SSID, client devices cannot associate to the wireless device unless
their SSID matches this SSID. Only one SSID can be included in the wireless device beacon.
��VLAN—To enableVLAN for the radio, click the Enable VLAN ID radio button and then enter a
VLAN identifier ranging from 1- 4095. To specify this as the native VLAN, check the Native VLAN
check box. To disable VLAN, click the No VLAN radio button.
•Security—Select the security setting for the SSID. The settings are listed in order of robustness,
from No Security to WPA, which is the most secure setting. If you select EAP Authentication or
WPA, enter the IP address (the RADIUS Server IP address) and shared secret (RADIUS Server
Secret) for the authentication server on your network.
Note If you do not use VLANs on your wireless LAN, the security options that you can assign to
multiple SSIDs are limited. See the “Using VLANs” section on page 4-12 for details.
–
No Security—This security setting does not use an encryption key or key management, and
uses open authentication.
–
WEP Key—This security setting uses mandatory WEP encryption, no key management and
open authentication. You can specify up to four WEP keys, i.e. Key 1, 2, 3, and 4. Enter each
key value, and specify whether it is 128 bit or 40 bit.
–
EAP Authentication—The Extensible Authentication Protocols (EAP) Authentication permits
wireless access to users authenticated against a database through the services of an
authentication server then encrypts the authenticated and authorized traffic. Use this setting for
LEAP, PEAP, EAP-TLS, EAP-TTLS, EAP-GTC, EAP-SIM, and other 802.1x/EAP based
protocols. This setting uses mandatory encryption WEP, open authentication + EAP, network
EAP authentication, no key management, RADIUS server authentication port 1645. Specify the
RADIUS Server and the RADIUS Server Secret.
–
WPA—The Wi-Fi Protected Access (WPA) security setting permits wireless access to users
authenticated against a database through the services of an authentication server, then encrypts
their authenticated and authorized IP traffic with stronger algorithms than those used in WEP.
Make sure clients are WPA certified before selecting this option. This setting uses encryption