Table of Contents
Advertisement
reassociates with an Access Point or a Bridge. 1400 Bridge can behave as a LEAP client in slave
mode (Non Root) or LEAP authenticator in Master mode (Root) as shown in the figure below.
Leap in a bridge link
Figure 13.
LEAP requires a LEAP compliant Remote Authentication Dial-In User Service (RADIUS) server
such as Cisco Secure ACS 2.6 (or later) to operate. LEAP is a mutual authentication scheme (of
Client and Radius Server). The challenge-response mechanism uses the user's password as the
shared secret. In a Microsoft Network environment, a user's Domain id and password can be
used. Leap can be used with wide variety of platforms. No native EAP support is currently
available on Legacy operating systems.
The main steps to set up the bridge link with Leap are:
1) Configure the ACS server with a unique IP address. Make sure that you can ping ACS
server from the Root Bridge.
2) Configure the ACS server with an AAA client with the Root Bridge's IP address and the
appropriate shared secret password. Please refer to the LEAP configuration Guide for
setting up the ACS. The Link is:
http://www.cisco.com/warp/public/cc/pd/witc/ao1200ap/prodlit/wrsec_an.htm
3) Add a user account (user-id and password) on RADIUS server (ACS) for Non Root
authentication. Example: user-id = non-root, password=non-root.
4) Enter the parameters for RADIUS server in the Root Bridge. Use the GUI interface and go
to Server Manager in the security section to do this.
Copyright © 2004 Cisco Systems, Inc. All rights reserved.
Page 18 of 53
- Quick Links:
- Installation Guide
Hide quick links:
Advertisement
Table of Contents
