Cisco Systems OL-6415-04 Network Router User Manual

Open as PDF

of 188

3-5

Cisco Wireless ISR and HWIC Access Point Configuration Guide

OL-6415-04

Chapter 3 Configuring Multiple SSIDs

Configuring Multiple SSIDs

Viewing SSIDs Configured Globally

Use this command to view configuration details for SSIDs that are configured globally:

router# show running-config ssid ssid-string

Using Spaces in SSIDs

In Cisco IOS Release 12.4(15)T, you can include spaces in an SSID, but trailing spaces (spaces at the

end of an SSID) are invalid. However, any SSIDs created in previous versions having trailing spaces are

recognized. Trailing spaces make it appear that you have identical SSIDs configured on the same access

point. If you think identical SSIDs are on the access point, use the show dot11 associations privileged

EXEC command to check any SSIDs created in a previous release for trailing spaces.

For example, this sample output from a show configuration privileged EXEC command does not show

spaces in SSIDs:

ssid buffalo

vlan 77

authentication open

ssid buffalo

vlan 17

authentication open

ssid buffalo

vlan 7

authentication open

However, this sample output from a show dot11 associations privileged EXEC command shows the

spaces in the SSIDs:

SSID [buffalo] :

SSID [buffalo ] :

Using a RADIUS Server to Restrict SSIDs

To prevent client devices from associating to the access point using an unauthorized SSID, you can

create a list of authorized SSIDs that clients must use on your RADIUS authentication server.

The SSID authorization process consists of these steps:

1. A client device associates to the access point using any SSID configured on the access point.

2. The client begins RADIUS authentication.

3. The RADIUS server returns a list of SSIDs that the client is allowed to use. The access point checks

the list for a match of the SSID used by the client. There are three possible outcomes:

a. If the SSID that the client used to associate to the access point matches an entry in the allowed

list returned by the RADIUS server, the client is allowed network access after completing all

authentication requirements.

b. If the access point does not find a match for the client in the allowed list of SSIDs, the access

point disassociates the client.

c. If the RADIUS server does not return any SSIDs (no list) for the client, then the administrator

has not configured the list, and the client is allowed to associate and attempt to authenticate.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-6415-04 Network Router User Manual