Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems OL-7426-03 quick start VLANs, Config wlan mac-filtering enable Wlan id

Models: OL-7426-03

1 276
Download 276 pages 58.9 Kb
Page 140
Image 140

If necessary, use the following command:

>config wlan mac-filtering enable <WLAN id>

where <WLAN id> = 1 through 16.

Use the show wlan command to verify that you have MAC filtering enabled or disabled for each WLAN.

Local MAC Filter

Cisco Wireless LAN Controllers have built-in MAC filtering capability, similar to that provided by a RADIUS authorization server.

Use the show macfilter command to verify that you have MAC addresses assigned to WLANs.

If required, use the following commands to assign local MAC addresses to WLANs, and to configure a WLAN to filter a local client:

>config macfilter add <MAC addr> <WLAN id>

>config macfilter wlan-id <MAC addr> <WLAN id>

where <MAC addr> = client MAC address and <WLAN id> = 1 through 16.

Use the show macfilter command to verify that you have MAC addresses assigned to WLANs.

Disable Timeout

Each WLAN can have a variable timeout for excluded, or disabled clients. Clients who fail to authenti- cate three times when attempting to associate are automatically excluded, or disabled, from further association attempts. After the exclusion timeout period expires, the client is allowed to retry authenti- cation until it associates or fails authentication and is excluded again.

Use the show wlan command to check the current WLAN Disable (Excluded) Timeout.

If necessary, use the following command to change the Disable (Excluded) Timeout:

>config wlan blacklist <WLAN id> <timeout>

where <WLAN id> = 1 through 16, and <timeout> = 1 to 65535 seconds, 0 to add to the Exclusion List (formerly blacklist) permanently until the operator manually removes the exclusion.

Use the show wlan command to verify the current WLAN Disable (Excluded) Timeout.

VLANs

Note: WLANs are created in disabled mode; leave them disabled until you have finished configuring them.

Use the show wlan command to verify VLAN assignment status.

To assign a VLAN to a WLAN, use the following command:

>config wlan vlan <wlan id> [<default>/<untagged>/<VLAN ID> <IP Address> <VLAN Netmask> <VLAN Gateway>]

where <WLAN id> = 1 through 16, <default> = use the VLAN configured on the network port, <untagged> = use VLAN 0, <VLAN id> = 1 through 4095, <IP Address> = the VLAN IP Address on the Cisco Wireless LAN Controller, <VLAN Netmask> = VLAN local IP netmask, and <VLAN Gateway> = VLAN local IP gateway.

5/26/05

Local MAC Filter

OL-7426-03

 

Page 139 Page 141
Page 140
Image 140
Cisco Systems OL-7426-03 quick start VLANs, Config wlan mac-filtering enable Wlan id, Config wlan blacklist Wlan id timeout
Page 139 Page 141