Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentAironet 1040 Series
201202203204205206207208209210
2-197
Cisco IOS Command Reference for Cisco Aironet Access Points and Bridges
0L-24115-01
Chapter 2 Cisco IOS Commands for Access Points and Bridges
radius local-server pac-generate
radius local-server pac-generate
Use the radius local-server pac-generate global configuration command to generate a Protected Access
Credential (PAC) for a client device on a local authenticator access point. The local authenticator
automatically generates PACs for EAP-FAST clients that request them. However, you might need to
generate a PAC manually for some client devices. When you enter the command, the local authenticator
generates a PAC file and writes it to the network location that you specify. The user imports the PAC file
into the client profile.
radius local-server pac-generate username filename [password password] [expire days]
Syntax Description
Defaults This default password for a PAC file is test, and the default expiration time is 1 day.
Command Modes Global configuration
Command History
Examples In this example, the local authenticator generates a PAC for the username joe, password-protects the file
with the password bingo, sets the PAC to expire in 10 days, and writes the PAC file to the TFTP server
at 10.0.0.5:
AP# radius local-server pac-generate joe tftp://10.0.0.5/joe.pac password bingo expiry 10
Related Commands
username Specifies the client username for which the PAC is generated.
filename Specifies the name for the PAC file. When you enter the PAC file name,
enter the full path to which the local authenticator writes the PAC file.
password password Specifies a password used in password protection for the PAC file.
expire days Specifies the number of days until the PAC file expires and is no longer
valid.
Release Modification
12.3(2)JA This command was introduced.
Command Description
radius-server local Configures an access point as a local or backup authenticator
show running-config Displays the current access point operating configuration
user (local server configuration
mode)
Adds a user to the list of users allowed to authenticate to the
local authenticator