Cisco WAP581 Administration Manual page 107

Access Control
• Maximum Bandwidth Down (Mbps)— Enter the maximum download speed, in megabits per second,
that a client can receive traffic when using the Captive Portal. This setting limits the bandwidth used to
receive data from the network. The range is from 0 to 1733Mbps. The default value is 0.
• Total Guest Users— Total number of guest users.
• Radius Authentication — The WAP device uses a database on a remote RADIUS server to authenticate the
users. Configure the following if using the Radius Authentication setting.
• RADIUS IP Network — Select the Radius IP network from the drop down list (IPv4 or IPv6).
• Global RADIUS— Check Enable to enable global RADIUS. If you want the CP feature to use a different
set of RADIUS servers, uncheck the box and configure the servers in the fields on this page.
• RADIUS Accounting — Check Enable to track and measure the resources that a particular user has
consumed, such as the system time and the amount of data transmitted and received.
If you enable RADIUS accounting, it is enabled for the primary RADIUS server, all backup servers, and
all configured servers.
• Server IP Address-1 or Server IPv6 Address-1— Enter the IPv4 or IPv6 address for the primary RADIUS
server for this VAP. The IPv4 address should be in a form similar to xxx.xxx.xxx.xxx (192.0.2.10). The
IPv6 address should be in a form similar to xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
(2001:DB8:CAD5:7D91).
When the first wireless client tries to authenticate with a VAP, the WAP device sends an authentication
request to the primary server. If the primary server responds to the authentication request, the WAP device
continues to use this RADIUS server as the primary server, and the authentication requests are sent to the
specified address.
Server IP Address-2 or Server IPv6 Address-2 —Enter up to three IPv4 or IPv6 backup RADIUS server
addresses. If the authentication fails with the primary server, each configured backup server is tried in
sequence.
• Key-1— Enter the shared secret key that the WAP device uses to authenticate to the primary RADIUS
server. You can use up to 63 standard alphanumeric and special characters. The key is case sensitive and
must match the key configured on the RADIUS server. The text that you enter is shown as asterisks.
Key-2—Enter the RADIUS key associated with the configured backup RADIUS servers. The server at
Server IP Address-1 uses Key-1, Server IP Address-2 uses Key-2, and so on.
• No Authentication — The users do not need to be authenticated by a database.
• 3rd Party Credentials — The WAP device uses the credentials on the social media to authenticate the users.
Configure the following if using 3rd Party Credentials authentication setting.
• Accepted credentials — Select Facebook or Google or both of them to be the credentials authentication.
• Walled Garden — The relevant default configuration will be set automatically while Accepted credentials
are selected.
Note
• Active Directory Service — The WAP device uses a database on a remote ADS server to authenticate the
users. Configure the following if using the Active Directory Service authentication setting.
Cisco integrates data protection, privacy, and security requirements into product design and
development methodologies from ideation through launch. For more information, see
https://www.cisco.com/c/en/us/about/trust-center/gdpr.html.
Cisco WAP581 Wireless-AC/N Dual Radio Access Point with 2.5GbE LAN Administration Guide
Guest Access Instance Table
97