user manual

ManualsBrandsCisco Systems ManualsNetwork RouterNetwork Router DL-2159-05

191

192

193

194

195

196

197

198

199

200

8-31

Cisco Aironet 1200 Series Access Point Software Configuration Guide

OL-2159-05

Chapter 8 Security Setup

Setting Up Backup Authentication Servers

You can configure up to four servers for authentication services on the Authenticator Configuration

page, so you can set up backup authenticators. If you set up more than one server for the same service,

the server first in the list is the primary server for that service, and the other servers are used in list order

when the previous server times out. If a backup server responds after the primary server fails, the access

point continues to use the backup server for new transactions.

Follow these steps to set up a backup authentication server:

Step 1 Complete the steps in the “Setting Up EAP Authentication” section on page 8-15 or the “Setting Up

MAC-Based Authentication” section on page 8-21 to set up your primary authentication server.

Step 2 On the Authenticator Configuration page, enter information about your backup server in one of the entry

field groups under the completed entry fields for your primary server:

a. Enter the name or IP address of the backup server in the Server Name/IP entry field.

b. Enter the port number the server uses for authentication. The default setting, 1812, is the port setting

for Cisco’s RADIUS server, the Cisco Secure Access Control Server (ACS), and for many other

RADIUS servers. Check your server’s product documentation to find the correct port setting.

c. Enter the shared secret used by the server in the Shared Secret entry field. The shared secret on the

bridge must match the shared secret on the server.

d. Enter the number of seconds the the access point should wait before authentication fails.

e. Enter the number of times the access point should attempt to contact the server before giving up.

f. Select the same authentication methods as those selected on the primary server.

Step 3 Click OK. You return automatically to the Setup page. Figure 8-13 shows a primary authentication

server and a backup server configured on the Authenticator Configuration page.

Table 8-10 Attributes Sent in Accounting-Request (stop) Packets

Attribute ID Description

1User-Name

4 NAS-IP-Address

5NAS-Port

41 Acct-Delay-Time

42 Acct-Input-Octets

43 Acct-Output-Octets

44 Acct-Session-Id

45 Acct-Authentic

46 Acct-Session-Time

47 Acct-Input-Packets

48 Acct-Output-Packets

49 Acct-Terminate-Cause