User's Manual

ManualsBrandsCisco Systems ManualsWelding SystemCisco Systems IOS Software 0L-11350-01

241

242

243

244

245

246

247

248

249

250

11-19

Cisco IOS Software Configuration Guide for Cisco Aironet Access Points

OL-11350-01

Chapter 11 Configuring Authentication Types

Matching Access Point and Client Device Authentication Types

Applying an EAP Profile to an Uplink SSID

This operation typically applies to repeater access points. Beginning in the privileged exec mode, follow

these steps to apply an EAP profile to the uplink SSID.

Matching Access Point and Client Device Authentication Types

To use the authentication types described in this section, the access point authentication settings must

match the authentication settings on the client adapters that associate to the access point. Refer to the

Cisco Aironet Wireless LAN Client Adapters Installation and Configuration Guide for Windows for

instructions on setting authentication types on wireless client adapters. Refer to Chapter 10,

“Configuring Cipher Suites and WEP,” for instructions on configuring cipher suites and WEP on the

access point.

Table 11-2 lists the client and access point settings required for each authentication type.

Note Some non-Cisco Aironet client adapters do not perform 802.1X authentication to the access point unless

you configure Open authentication with EAP. To allow both Cisco Aironet clients using LEAP and

non-Cisco Aironet clients using LEAP to associate using the same SSID, you might need to configure

the SSID for both Network EAP authentication and Open authentication with EAP.

Likewise, to allow both Cisco Aironet 802.11a/b/g client adapters (CB21AG and PI21AG) running

EAP-FAST and non-Cisco Aironet clients using EAP-FAST or LEAP to associate using the same SSID,

you might need to configure the SSID for both Network EAP authentication and Open authentication

with EAP.

Command Purpose

Step 1

configure terminal Enter the global configuration mode.

Step 2

interface dot11radio {0 | 1} Enter interface configuration mode for the radio interface. The

2.4-GHz radio is radio 0, and the 5-GHz radio is radio 1.

Step 3

ssid ssid Assign the uplink SSID to the radio interface.

Step 4

exit Return to the configure terminal mode.

Step 5

eap profile profile Enter the profile preconfigured profile name.

Step 6

end Return to the privileged EXEC mode.

Step 7

copy running config

startup-config

(Optional) Save your entries in the configuration file.

Table 11-2 Client and Access Point Security Settings

Security Feature Client Setting Access Point Setting

Static WEP with open

authentication

Create a WEP key and enable Use

Static WEP Keys and Open

Authentication

Set up and enable WEP and enable

Open Authentication for the SSID

Static WEP with shared key

authentication

Create a WEP key and enable Use

Static WEP Keys and Shared Key

Authentication

Set up and enable WEP and enable

Shared Key Authentication for the

SSID