Manualshelf

user manual

ManualsBrandsCisco Systems ManualsNetwork RouterNetwork Router DL-2159-05
181182183184185186187188189190
8-19
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-05
Chapter 8 Security Setup
Setting Up EAP Authentication
Note Restarting the service clears the Logged-in User Report, refreshes the Max Sessions counter, and
temporarily interrupts all Cisco Secure ACS services.
Setting a Session-Based WEP Key Timeout
You can set a timeout value for the session-based WEP key. When the timeout value elapses, the server
issues a new dynamic WEP key for authenticated client devices.
Note If you enable TKIP on the access point, you do not need to set up a session-based WEP key timeout. You
can use both TKIP and a session key timeout, but these features provide redundant protection.
You should consider several factors when determining the best session key timeout value for your
wireless network. Consult Product Bulletin 1515: Cisco Wireless LAN Security Bulletin for guidelines
on selecting timeout values. Use this URL to browse to Product Bulletin 1515:
http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/1515_pp.htm
Follow these steps to set a timeout value for session-based WEP keys:
Step 1 On the ACS main menu, click Group Setup.
Step 2 In the Group drop-down menu, select the group for which you want to modify the WEP key/session
timeout. The Default group is usually the group you need to modify.
Step 3 Click Edit Settings.
Step 4 Scroll down to the IETF RADIUS Attributes settings.
Step 5 Select the check box for [027] Session-Timeout and enter the number of seconds for your timeout value
in the [027] Session-Timeout entry field.
Step 6 Click Submit + Restart. The timeout value is enabled.
Setting Up a Repeater Access Point As a LEAP Client
If you configure one or both of your access point radios as a repeater (an access point not connected to
the wired LAN), you can set up the repeater radio to authenticate to your network like other wireless
client devices. After you provide a network username and password for the repeater radio, it
authenticates to your network using LEAP, Ciscos wireless authentication method, and receives and
uses dynamic WEP keys.
See the Chapter 12, Setting Up a Repeater Access Point, for instructions on setting up a repeater
access point.
Follow these steps to enable LEAP authentication on a repeater radio:
Step 1 Set up a username and password on your network just as you would for a new user. The repeater radio
will use this username and password to authenticate.