Specifications
1-3
Cisco Aironet Access Point Software Configuration Guide
OL-0657-07
Chapter 1 Overview
Key Features
–
Switch to repeater mode—the access point tries to connect to a root
access point using any of the configured SSIDs. If it cannot connect, all
clients are disassociated and the access point removes itself from the
wireless network until connectivity is restored.
–
Shut the radio off—all clients are disassociated and the access point
removes itself from the wireless network until backbone connectivity is
restored.
–
Restrict to SSID—the access point allows association using a restricted
SSID (for administrator troubleshooting and diagnosis purposes).
• Authentication server management includes two new features in this release:
–
Display of active authentication servers—for each authentication type:
802.1x/LEAP, MAC, or Admin Authentication (if enabled), the active
server is identified by a green color.
–
Automatic return to primary authentication server—if the selected
RADIUS server (primary) is not reachable after a predetermined period
of time-out and retries, the access point uses the next server listed.
• Reporting access points that fail authentication with LEAP provides a passive
method of detecting rogue access points in a LEAP enabled network. It is
passive because access points do not actively look for or detect a rogue access
point in the wireless network. Instead, the access point depends on LEAP
enabled clients to report rouge access points.
• Secure Shell (SSH) support for providing a strong user authentication and
encryption of management traffic. SSH is a software package that provides a
cryptographically secure replacement for or an alternative to Telnet. It
provides strong host-to-host and user authentication as well as secure
encrypted communications over a non secure network. The feature operates
as follows:
–
The SSH server on the access point listens to its TCP port 22 for requests.
–
When a request from a client is received, the access point sends a public
key, supported cipher specification details, and supported authentication
type (password only) to the client.
–
The client generates a double encrypted session key and sends it to the
access point along with the chosen cipher specification.
–
The access point authenticates the client based on a user ID and password
when the user manager feature is enabled.