4-19
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-30644-01
Chapter4 Configuring the Access Point for the First Time
CLI Configuration Examples
ipv6 address autoconfig
ipv6 enable
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
!
!
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
radius server 10.10.11.100
address ipv4 10.10.11.100 auth-port 1645 acct-port 1646
key 7 00271A150754
!
bridge 1 route ip

Example: WPA2 for Radio 2.4GHz

This example shows a part of the configuration that results from creating an SSID called wpa_ssid, excluding the SSID from the beacon, and assigning the SSID to VLAN 40:
aaa new-model
!
aaa group server radius rad_eap
server name 10.10.11.100
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
!
dot11 ssid wpa_ssid
vlan 40
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa version 2
!
interface Dot11Radio0
no ip address
no ip route-cache
shutdown
!
encryption vlan 40 mode ciphers aes-ccm
!
ssid wpa_ssid