1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Wireless Access Point
  5. ISR
  6. Configuration manual

Security Type In Universal Client Mode - Cisco ISR Configuration Manual

Wireless isr and hwic access point
Hide thumbs
Table of Contents

Advertisement

Configure Encryption Types
Command
Step 3
broadcast-key
change seconds
[ vlan vlan-id ]
[ membership-termination ]
[ capability-change ]
Step 4
end
Step 5
copy running-config startup-config (Optional) Save your entries in the configuration file.
Use the no form of the encryption command to disable broadcast key rotation.
This example enables broadcast key rotation on VLAN 22 and sets the rotation interval to 300 seconds:
router# configure terminal
router(config)# interface dot11radio 0
routerrouter(config-if)# broadcast-key vlan 22 change 300
router(config-ssid)# end

Security Type in Universal Client Mode

Security
In universal client mode, the security type must be configured exactly as that of the access point it is
associating to. For example, if the access point is configured with AES and TKIP encryption, the
universal client must also have AES+TKIP in order for the devices to associate properly.
Cisco Wireless ISR and HWIC Access Point Configuration Guide
5-8
Purpose
Enable broadcast key rotation.
Enter the number of seconds between each rotation of the
broadcast key.
(Optional) Enter a VLAN for which you want to enable
broadcast key rotation.
(Optional) If you enable WPA authenticated key
management, you can enable additional circumstances
under which the access point changes and distributes the
WPA group key.
Membership termination—the access point generates
and distributes a new group key when any
authenticated client device disassociates from the
access point. This feature protects the privacy of the
group key for associated clients. However, it might
generate some overhead if clients on your network
roam frequently.
Capability change—the access point generates and
distributes a dynamic group key when the last non-key
management (static WEP) client disassociates, and it
distributes the statically configured WEP key when the
first non-key management (static WEP) client
authenticates. In WPA migration mode, this feature
significantly improves the security of
key-management capable clients when there are no
static-WEP clients associated to the access point.
See
Chapter 6, "Configuring Authentication Types,"
detailed instructions on enabling authenticated key
management.
Return to privileged EXEC mode.
Chapter 5
Configuring Encryption Types
OL-6415-04
for

Advertisement

Table of Contents
loading

Related Manuals for Cisco ISR

Related Content for Cisco ISR

This manual is also suitable for:

Hwic

Table of Contents