IPSec Authentication
IPSec uses
•Use the show wlan command to view the current IPSec authentication protocol.
•Use the following command to configure the IPSec IP authentication:
>config wlan security ipsec authentication
where <WLAN id> = 1 through 16.
•Use the show wlan command to verify that you have correctly set the IPSec authentication.
IPSec EncryptionI
IPSec uses 3DES encryption as the default for encrypting WLAN data, but can also use AES, DES, or no encryption.
•Use the show wlan command to view the current IPSec encryption.
•Use the following command to configure the IPSec encryption:
>config wlan security ipsec encryption [3des/aes/des/none] <WLAN id> where aes=
•Use the show wlan command to verify that you have correctly set the IPSec encryption.
IKE Authentication
IPSec IKE (Internet Key Exchange) uses
•Use the show wlan command to see if IPSec IKE is enabled.
•Use the following commands to configure IKE authentication on a WLAN with IPSec enabled:
>config wlan security ipsec ike authentication certificates <wlan id>
>config wlan security ipsec ike authentication
>config wlan security ipsec ike authentication
where <wlan id> = 1 through 16, certificates = RSA signatures,
•Use the show wlan command to verify that you have IPSec IKE enabled.
IKE Diffie-Hellman Group
IPSec IKE uses
•Use the show wlan command to verify whether or not the Cisco Wireless LAN Controller has IPSec IKE DH Groups properly set.
•Use the following command to configure the IKE
>config wlan security ipsec ike DH-Group <WLAN id> <group-id>
where <WLAN id> = 1 through 16;
•Use the show wlan command to verify that the Cisco Wireless LAN Controller has IPSec IKE DH Groups properly set.
5/26/05 | Local MAC Filter |
|
