Configuring Layer 2 Security; Static Wep Keys; Dynamic 802.1X Keys And Authorization - Cisco SD2008T-NA Configuration Manual
4400 series wireless lan controller
Hide thumbs
Also See for SD2008T-NA:
- Configuration manual (46 pages) ,
- Installation manual (160 pages)
Table of Contents
Advertisement
Chapter 6
Configuring WLANsWireless Device Access
•
Cisco recommends that you assign one set of VLANs for WLANs and a different set of VLANs for
Note
management interfaces to ensure that controllers properly route VLAN traffic.
•
Configuring Layer 2 Security
This section explains how to assign Layer 2 security settings to WLANs.
Clients using the Microsoft Wireless Configuration Manager and 802.1X must use WLANs configured
Note
for 40- or 104-bit key length. Configuring for 128-bit key length results in clients that can associate but
cannot authenticate.
Static WEP Keys
Controllers can control static WEP keys across access points. Use these commands to configure static
WEP for WLANs:
•
•
Dynamic 802.1X Keys and Authorization
Controllers can control 802.1X dynamic WEP keys using Extensible Authentication Protocol (EAP)
across access points and support 802.1X dynamic key settings for WLANs.
To use LEAP with lightweight access points and wireless clients, make sure to choose Cisco-Aironet as
Note
the RADIUS server type when configuring the CiscoSecure Access Control Server (ACS).
•
OL-1926-06OL-9141-03
Enter show wlan to verify VLAN assignment status.
To remove a VLAN assignment from a WLAN, use this command:
config wlan vlan wlan-id untagged
Enter this command to disable 802.1X encryption:
config wlan security 802.1X disable wlan-id
Enter this command to configure 40/64, 104/128, or 128/152-bit WEP keys:
config wlan security static-wep-key encryption wlan-id {40 | 104 | 128} {hex | ascii} key
key-index
Use the 40, 104, or 128 options to specify 40/64-bit, 104/128-bit, or 128/152-bit encryption.
–
The default setting is 104/128.
Use the hex or ascii option to specify the character format for the WEP key.
–
Enter 10 hexadecimal digits (any combination of 0-9, a-f, or A-F) or five printable ASCII
–
characters for 40-bit/64-bit WEP keys; enter 26 hexadecimal or 13 ASCII characters for
104-bit/128-bit keys; enter 32 hexadecimal or 16 ASCII characters for 128-bit/152-bit keys.
Enter a key index (sometimes called a key slot) of 1 through 4.
–
Enter show wlan wlan-id to check the security settings of each WLAN. The default security setting
for new WLANs is 802.1X with dynamic keys enabled. To maintain robust Layer 2 security, leave
802.1X configured on your WLANs.
Cisco Wireless LAN Controller Configuration Guide
Configuring WLANs
6-7
Hide quick links:
Advertisement
Table of Contents
