Manual
5-21
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-30644-01
Chapter 5 Administering the Access Point
Configuring the Access Point for Local Authentication and Authorization
AP(config)# wlccp wnm ip address ip-address
Enter this command to check the authentication status between the WDS access point and the WNM:
AP# show wlccp wnm status
Possible statuses are not authenticated, authentication in progress, authentication fail, authenticated,
and security keys setup.
Configuring the Access Point for Local Authentication and
Authorization
You can configure AAA to operate without a server by configuring the wireless device to implement
AAA in local mode. The wireless device then handles authentication and authorization. No accounting
is available in this configuration.
Note You can configure the wireless device as a local authenticator for 802.1x-enabled client devices to
provide a backup for your main server or to provide authentication service on a network without a
RADIUS server. See
Chapter 9, “Configuring an Access Point as a Local Authenticator,” for detailed
instructions on configuring the wireless device as a local authenticator.
Beginning in privileged EXEC mode, follow these steps to configure the wireless device for local AAA:
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
aaa new-model Enable AAA.
Step 3
aaa authentication login default local Set the login authentication to use the local username database. The
default keyword applies the local user database authentication to all
interfaces.
Step 4
aaa authorization exec local Configure user AAA authorization to determine if the user is allowed to
run an EXEC shell by checking the local database.
Step 5
aaa authorization network local Configure user AAA authorization for all network-related service
requests.