Table of Contents
Advertisement
Configuring Authentication Types
Command
Step 14
authentication key-management
{[wpa] [cckm]} [optional]
Step 15
end
Step 16
copy running-config startup-config (Optional) Saves your entries in the configuration file.
Use the no form of the SSID commands to disable the SSID or to disable SSID features.
The following example sets authentication type for the SSID bridgeman to perform EAP authentication
with AES encryption on the root device. The root device using this SSID attempts authentication using
the EAP method name eap_adam. The example also shows the related RADIUS/AAA configuration on
the root side.
bridge# configure terminal
bridge(config)# dot11 ssid bridgeman
bridge(config-ssid)# authentication network-eap eap_adam
bridge(config-ssid)# authentication key-management wpa
bridge(config-ssid)# infrastructure-ssid
bridge(config-ssid)# exit
bridge(config)# interface dot11radio 0
bridge(config-if)# encryption mode ciphers aes-ccm
bridge(config-if)# ssid bridgeman
bridge(config-if)# end
Cisco 3200 Series Wireless MIC Software Configuration Guide
20
Purpose
(Optional) Sets the key-management type for the SSID to WPA,
CCKM, or both. If you use the optional keyword, client
devices not configured for WPA or CCKM can use this SSID.
If you do not use the optional keyword, only WPA or CCKM
client devices are allowed to use the SSID.
To enable CCKM for an SSID, you must also enable
Network-EAP authentication. To enable WPA for an SSID, you
must also enable Open authentication or Network-EAP or both.
Note
Only 802.11b and 802.11g radios support WPA and
CCKM simultaneously.
Before you can enable CCKM or WPA, you must set
Note
the encryption mode to a cipher suite that includes
TKIP/AES-CCMP. To enable both CCKM and WPA,
you must set the encryption mode to a cipher suite that
includes TKIP. See the
instructions on configuring the VLAN encryption
mode.
If you enable WPA for an SSID without a pre-shared
Note
key, the key management type is WPA. If you enable
WPA with a pre-shared key, the key management type
is WPA-PSK. See the
Settings" section on page 23
configuring a pre-shared key.
To support CCKM, your root device must interact with
Note
the WDS device on your network. See the
the Root Device to Interact with the WDS Device"
section on page 23
root device to interact with your WDS device.
Returns to privileged EXEC mode.
Authentication Types
"Cipher Suites and WEP"
"Configuring Additional WPA
for instructions on
"Configuring
for instructions on configuring your
for
Hide quick links:
Advertisement
Table of Contents
