Support User Manuals

Cisco Systems OL-6217-01 Network Router User Manual

Open as PDF

of 38

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Implementing the Cisco SWAN Framework

27

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

OL-6217-01

• Define AAA parameters for WLAN client authentication

• Define the CiscoWorks WLSE

Follow these steps to complete the tasks:

Step 1 Access the WLSM command-line interface.

Step 2 Define the WLAN VLAN:

wlsm(config)wlan vlan <VLAN number>

wlsm(config-wlan)ipaddr <ip address> <network mask>

wlsm(config-wlan)gateway <gateway ip address>

wlsm(config-wlan)admin

wlsm(config-wlan)exit

The VLAN number corresponds to the VLAN number created in Step 2 of the supervisor configuration.

The gateway IP address is configured as the IP address of this VLAN interface on the supervisor. The

admin command instructs the WLSM to use this VLAN for controlling messaging to and from the

supervisor.

Step 3 Define a default route to the supervisor:

wlsm(config)ip route 0.0.0.0 0.0.0.0 <gateway ip address>

The <gateway IP address> is the address of the WLAN VLAN interface created in Step 2 of the

supervisor configuration.

Step 4 Define the SNMP communities:

wlsm(config)#snmp-server view iso iso included

wlsm(config)#snmp-server community <read-only community> view iso RO

wlsm(config)#snmp-server community <read-write community> view iso RW

Step 5 Enter a host name for the WLSM:

wlsm(config)#hostname <hostname>

Step 6 Define the AAA parameters for infrastructure authentication:

wlsm(config)# aaa new-model

wlsm(config)# radius-server host <ip address> auth-port <auth-port> acct-port <acct-port>

key <shared secret>

wlsm(config)# aaa group server radius wlccp_infra

wlsm(config-sg-radius)# server <ip address> auth-port <1812> acct-port <1813>

wlsm(config)# aaa authentication login wlccp-infra group wlccp_infra

wlsm(config)# wlccp authentication-server infrastructure wlccp-infra

The RADIUS server IP address should be that of the AAA server for infrastructure authentication. If this

is the local RADIUS server on an access point, the authentication port is always 1812, and the accounting

port is always 1813.

Step 7 Define the AAA parameters for client authentication:

wlsm(config)# radius-server host <ip address> auth-port <auth-port> acct-port <acct-port>

key <shared secret>

wlsm(config)# aaa group server radius client_group

wlsm(config-sg-radius)# server <ip address> auth-port <1812> acct-port <1813>

wlsm(config)# aaa authentication login client-group group client_group

wlsm(config)# wlccp authentication-server client any client-group

previous next