Chapter 9 Wireless LAN Profiles

Table 34 Input Values for General Security Profile Commands (continued)

LABEL

DESCRIPTION

wpa_key

Sets the WPA/WPA2 pre-shared key in ASCII. You may use 8~63

 

alphanumeric characters. This value is case-sensitive.

 

 

wpa_key_64

Sets the WPA/WPA2 pre-shared key in HEX. You muse use 64

 

alphanumeric characters.

 

 

secret

Sets the shared secret used by your network’s RADIUS server.

 

 

auth_method

The authentication method used by the security profile.

 

 

The following table describes the commands available for security profile management. You must use the configure terminal command to enter the configuration mode before you can use these commands.

Table 35 Command Summary: Security Profile

COMMAND

DESCRIPTION

show wlan-security-profile {all

Displays the security profile(s).

security_profile_name}

all: Displays all profiles for the selected operating mode.

 

security_profile_name: Displays the specified

 

profile for the selected operating mode.

 

 

wlan-security-profile rename

Gives existing security profile

security_profile_name1

(security_profile_name1) a new name,

security_profile_name2

(security_profile_name2).

 

 

[no] wlan-security-profile

Enters configuration mode for the specified security

security_profile_name

profile. Use the no parameter to remove the specified

 

profile.

 

 

[no] mac-auth activate

MAC authentication has the AP use an external server to

 

authenticate wireless clients by their MAC addresses.

 

Users cannot get an IP address if the MAC authentication

 

fails. The no parameter turns it off.

 

RADIUS servers can require the MAC address in the

 

wireless client’s account (username/password) or Calling

 

Station ID RADIUS attribute. See Section 24.2.4.1 on

 

page 173 for a MAC authentication example.

 

 

mac-auth auth-method auth_method

Sets the authentication method for MAC authentication.

mac-auth case account {upper lower}

Sets the case (upper or lower) the external server

 

requires for using MAC addresses as the account

 

username and password.

 

For example, use mac-auth case account upper

 

and mac-auth delimiter account dash if you

 

need to use a MAC address formatted like 00-11-AC-01-

 

A0-11 as the username and password.

 

 

mac-auth case calling-station-id

Sets the case (upper or lower) the external server

{upper lower}

requires for letters in MAC addresses in the Calling

 

Station ID RADIUS attribute.

mac-auth delimiter account {colon

Specify the separator the external server uses for the

dash none}

two-character pairs within MAC addresses used as the

 

account username and password.

 

For example, use mac-auth case account upper

 

and mac-auth delimiter account dash if you

 

need to use a MAC address formatted like 00-11-AC-01-

 

A0-11 as the username and password.

 

 

 

85

NXC CLI Reference Guide