Manuals
/
Brands
/
Computer Equipment
/
Network Router
/
Cisco Systems
/
Computer Equipment
/
Network Router
Cisco Systems
OL-6415-04 manual
1
1
188
188
Download
188 pages, 2.87 Mb
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408
526-4000
800 553-NETS (6387)
Fax: 408
526-4100
Cisco Wireless ISR and
HWIC Access Point
Configuration Guide
December 2006
Text Part Number: 0L-6415-04
Contents
Main
Page
CONTENTS
Page
Page
Page
Page
Page
Preface
Audience
Purpose
Organization
Conventions
Page
Related Publications
Obtaining Documentation
Cisco.com
Product Documentation DVD
Ordering Documentation
Documentation Feedback
Cisco Product Security Overview
Reporting Security Problems in Cisco Products
Obtaining Technical Assistance
Cisco Technical Support & Documentation Website
Submitting a Service Request
Definitions of Service Request Severity
Obtaining Additional Publications and Information
Page
Overview
Wireless Device Management
Network Configuration Example
Root Unit on a Wired LAN
Features
Page
Page
Page
Configuring Radio Settings
Enabling the Radio Interface
Roles in Radio Network
Configuring Network or Fallback Role
2-4
Bridge Features Not Supported
Sample Bridging Configuration
The following is a sample of a Root Bridge Configuration:
2-5
The following is a sample of Non-Root Bridge Configuration:
2-6
Universal Client Mode
Configuring Universal Client Mode
Page
2-9
Configuring Radio Data Rates
Page
Configuring Radio Transmit Power
Limiting the Power Level for Associated Client Devices
Configuring Radio Channel Settings
Page
Page
Page
Page
DFS Automatically Enabled on Some 5-GHz Radio Channels
Confirming that DFS is Enabled
Blocking Channels from DFS Selection
Enabling and Disabling World Mode
Enabling and Disabling Short Radio Preambles
Configuring Transmit and Receive Antennas
Disabling and Enabling Access Point Extensions
Configuring the Ethernet Encapsulation Transformation Method
Enabling and Disabling Reliable Multicast to Workgroup Bridges
Enabling and Disabling Public Secure Packet Forwarding
Configuring Protected Ports
Configuring Beacon Period and DTIM
Configuring RTS Threshold and Retries
Configuring Maximum Data Retries
Configuring Fragmentation Threshold
Enabling Short Slot Time for 802.11g Radios
Performing a Carrier Busy Test
Page
Configuring Multiple SSIDs
Understanding Multiple SSIDs
SSID Configuration Methods Supported by Cisco IOS Releases
Configuring Multiple SSIDs
Creating an SSID Globally
Page
Viewing SSIDs Configured Globally
Using Spaces in SSIDs
Using a RADIUS Server to Restrict SSIDs
Configuring Multiple Basic SSIDs
Requirements for Configuring Multiple BSSIDs
Guidelines for Using Multiple BSSIDs
CLI Configuration Example
Displaying Configured BSSIDs
Enabling MBSSID and SSIDL at the same time
3-8
Use the no form of the command to disable SSIDL IEs.
Sample Configuration for Enabling MBSSID and SSIDL
Below is a sample configuration for enabling MBSSID:
Below is a sample configuration for enabling SSIDL:
3-9
Page
Configuring an Access Point as a Local Authenticator
Understand Local Authentication
Configure a Local Authenticator
Guidelines for Local Authenticators
Configuration Overview
Configuring the Local Authenticator Access Point
Page
Page
4-6
This example shows how to set up EAP-FAST authentication:
4-7
Configuring Other Access Points to Use the Local Authenticator
Configuring EAP-FAST Settings
Configuring PAC Settings
PAC Expiration Times
Generating PACs Manually
Configuring an Authority ID
Configuring Server Keys
Possible PAC Failures Caused by Access Point Clock
Limiting the Local Authenticator to One Authentication Type
Unblocking Locked Usernames
Viewing Local Authenticator Statistics
Using Debug Messages
Configuring Encryption Types
Understand Encryption Types
Configure Encryption Types
Creating WEP Keys
WEP Key Restrictions
Example WEP Key Setup
Creating Cipher Suites
Cipher Suites Compatible with WPA
Enabling and Disabling Broadcast Key Rotation
Security Type in Universal Client Mode
Universal client configuration
Page
5-11
Page
Configuring Authentication Types
Understand Authentication Types
Open Authentication to Access Point
Shared Key Authentication to Access Point
EAP Authentication to Network
MAC Address Authentication to the Network
Combining MAC-Based, EAP, and Open Authentication
Using WPA Key Management
Page
Software and Firmware Requirements for WPA and WPA-TKIP
Configure Authentication Types
Assigning Authentication Types to an SSID
Page
Page
Configuring WPA Migration Mode
Configuring Additional WPA Settings
Setting a Pre-Shared Key
Configuring Group Key Updates
Configuring MAC Authentication Caching
Configuring Authentication Holdoffs, Timeouts, and Intervals
Matching Access Point and Client Device Authentication Types
Page
Page
Configuring RADIUS Servers
Configuring and Enabling RADIUS
Understanding RADIUS
RADIUS Operation
Configuring RADIUS
Default RADIUS Configuration
Identifying the RADIUS Server Host
Page
Configuring RADIUS Login Authentication
Page
Defining AAA Server Groups
Page
Configuring RADIUS Authorization for User Privileged Access and Network Services
Starting RADIUS Accounting
Selecting the CSID Format
Configuring Settings for All RADIUS Servers
Configuring the Access Point to Use Vendor-Specific RADIUS Attributes
Configuring the Access Point for Vendor-Proprietary RADIUS Server Communication
Configuring WISPr RADIUS Attributes
Displaying the RADIUS Configuration
RADIUS Attributes Sent by the Access Point
Page
Page
Configuring VLANs
Understanding VLANs
Related Documents
Incorporating Wireless Devices into VLANs
Configuring VLANs
Configuring a VLAN
Page
Assigning Names to VLANs
Guidelines for Using VLAN Names
Creating a VLAN Name
Using a RADIUS Server to Assign Users to VLANs
Viewing VLANs Configured on the Access Point
VLAN Configuration Example
8-10
Table 8-2 shows the commands needed to configure the three VLANs in this example.
Tab l e 8-2 Configuration Commands for VLAN Example
Configuring VLAN 1 Configuring VLAN 2 Configuring VLAN 3
Tab l e 8-3 Results of Example Configuration Commands
Page
Page
Configuring QoS
Understanding QoS for Wireless LANs
QoS for Wireless LANs Versus QoS on Wired LANs
Impact of QoS on a Wireless LAN
Precedence of QoS Settings
Using Wi-Fi Multimedia Mode
Configuring QoS
Configuration Guidelines
Adjusting Radio Access Categories
Disabling IGMP Snooping Helper
Sample Configuration Using the CLI
A
Channel Settings
IEEE 802.11b (2.4-GHz Band)
IEEE 802.11g (2.4-GHz Band)
IEEE 802.11a (5-GHz Band)
Page
Page
B
Protocol Filters
Page
Page
Page
Page
Page
C
Supported MIBs
MIB List
Using FTP to Access the MIB Files
D
Error and Event Messages
How to Read System Messages
Message Traceback Reports
Association Management Messages
802.11 Subsystem Messages
Page
Page
Page
Page
Page
Page
Page
Page
Local Authenticator Messages
GLOSSARY
A
B
C
D
E
F
G
I
M
O
P
Q
S
T
U
W
Page
INDEX
Numerics
A
B
C
D
E
F
G
I
J
N
O
P
Q
S
T
V
W