Support User Manuals

Cisco Systems OL-6217-01 Network Router User Manual

Open as PDF

of 38

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Implementing the Cisco SWAN Framework

22

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

OL-6217-01

These are the basic configuration tasks:

• Entering a host name for the access point

• Defining SNMP communities

• Defining Telnet or SSH parameters

• Defining AAA parameters for infrastructure authentication

• Defining AAA parameters for WLAN client authentication

• Defining WLCCP credentials

• Enabling WDS services

• Defining the CiscoWorks WLSE

Follow these steps to complete the tasks:

Step 1 Log into the access point command-line interface and enter the configuration mode.

Step 2 Enter a host name for the access point:

wds-ap(config)#hostname <hostname>

Step 3 Enter the following commands to define the SNMP communities:

wds-ap(config)#snmp-server view iso iso included

wds-ap(config)#snmp-server community <read-only community> view iso RO

wds-ap(config)#snmp-server community <read-write community> view iso RW

Step 4 Enter the following to define Telnet or SSH users:

wds-ap(config)# username <username> password <password>

Step 5 Enter the following to enable SSH (optional step):

wds-ap(config)# ip domain-name <ip domain-name>

wds-ap(config)# crypto key generate rsa general-keys modulus <key size>

Step 6 Enter the following to turn off Telnet (optional step), define an access control list, and apply it to the

Telnet lines. Obviously, several access control list definitions can accomplish this task, but the following

is an example:

wds-ap(config)# access-list <access-list number> permit tcp any any neq telnet

wds-ap(config)# line 0 16

wds-ap(config-line)# access-class <access-list number>

Step 7 Enter the following to define AAA parameters for infrastructure authentication:

wds-ap(config)# aaa new-model

wds-ap(config)# radius-server host <ip address> auth-port <auth-port> acct-port

<acct-port> key <shared secret>

wds-ap(config)# aaa group server radius wlccp_infra

wds-ap(config-sg-radius)# server <ip address> auth-port <1812> acct-port <1813>

wds-ap(config)# aaa authentication login infrastructure-authentication group radius

wds-ap(config)# aaa authentication login client-authentication group radius

If using a local RADIUS server on an access point, the authentication port is always 1812, and the

accounting port is always 1813.

previous next