Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Implementing the Cisco SWAN Framework

These are the basic configuration tasks:

Entering a host name for the access point

Defining SNMP communities

Defining Telnet or SSH parameters

Defining AAA parameters for infrastructure authentication

Defining AAA parameters for WLAN client authentication

Defining WLCCP credentials

Enabling WDS services

Defining the CiscoWorks WLSE

Follow these steps to complete the tasks:

Step 1 Log into the access point command-line interface and enter the configuration mode.

Step 2 Enter a host name for the access point:

wds-ap(config)#hostname <hostname>

Step 3 Enter the following commands to define the SNMP communities:

wds-ap(config)#snmp-server view iso iso included wds-ap(config)#snmp-server community <read-only community> view iso RO wds-ap(config)#snmp-server community <read-write community> view iso RW

Step 4 Enter the following to define Telnet or SSH users:

wds-ap(config)#username <username> password <password>

Step 5 Enter the following to enable SSH (optional step):

wds-ap(config)#ip domain-name <ip domain-name>

wds-ap(config)#crypto key generate rsa general-keys modulus <key size>

Step 6 Enter the following to turn off Telnet (optional step), define an access control list, and apply it to the Telnet lines. Obviously, several access control list definitions can accomplish this task, but the following is an example:

wds-ap(config)#access-list <access-list number> permit tcp any any neq telnet wds-ap(config)#line 0 16

wds-ap(config-line)#access-class <access-list number>

Step 7 Enter the following to define AAA parameters for infrastructure authentication:

wds-ap(config)# aaa new-model

wds-ap(config)#radius-server host <ip address> auth-port <auth-port> acct-port <acct-port> key <shared secret>

wds-ap(config)#aaa group server radius wlccp_infra

wds-ap(config-sg-radius)#server <ip address> auth-port <1812> acct-port <1813> wds-ap(config)#aaa authentication login infrastructure-authentication group radius wds-ap(config)# aaa authentication login client-authentication group radius

If using a local RADIUS server on an access point, the authentication port is always 1812, and the accounting port is always 1813.

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

22

OL-6217-01

 

 

Page 21 Page 23
Page 22
Image 22
Cisco Systems OL-6217-01 manual Wds-apconfig#hostname hostname, Wds-apconfig#username username password password
Page 21 Page 23
Top Page Image Contents