Cisco AIR-WLC2006-K9 - Wireless LAN Controller 2006 Guía de usuario Pagina 127
- Pagina / 260
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
5-7
Cisco Wireless LAN Solution Product Guide
OL-7955-01
Chapter 5 Configuring Wireless LANs
Configuring Wireless LANs
IKE Diffie-Hellman Group
IPSec IKE uses Diffie-Hellman groups to block easily-decrypted keys. Enter these commands to
configure the Diffie-Hellman group on a wireless LAN with IPSec enabled:
• config wlan security ipsec ike DH-Group wlan-id group-id
–
For group-id, enter group-1, group-2 (this is the default setting), or group-5.
• Enter show wlan to verify that IPSec IKE DH group is configured.
IKE Phase 1 Aggressive and Main Modes
IPSec IKE uses the Phase 1 Aggressive (faster) or Main (more secure) mode to set up encryption between
clients and the controller. Enter these commands to specify the Phase 1 encryption mode for a wireless
LAN with IPSec enabled:
• config wlan security ipsec ike phase1 {aggressive | main} wlan-id
• Enter show wlan to verify that the Phase 1 encryption mode is configured.
IKE Lifetime Timeout
IPSec IKE uses its timeout to limit the time that an IKE key is active. Enter these commands to configure
an IKE lifetime timeout:
• config wlan security ipsec ike lifetime wlan-id seconds
–
For seconds, enter a number of seconds from 1800 to 345600 seconds. The default timeout is
28800 seconds.
• Enter show wlan to verify that the key timeout is configured.
IPSec Passthrough
IPSec IKE uses IPSec Passthrough to allow IPSec-capable clients to communicate directly with other
IPSec equipment. IPSec Passthrough is also known as VPN Passthrough. Enter this command to enable
IPSec Passthrough for a wireless LAN:
• config wlan security passthru {enable | disable} wlan-id gateway
–
For gateway, enter the IP address of the IPSec (VPN) passthrough gateway.
• Enter show wlan to verify that the passthrough is enabled.
Web-Based Authentication
Wireless LANs can use web authentication if IPSec is not enabled on the controller. Web Authentication
is simple to set up and use, and can be used with SSL to improve the overall security of the wireless
LAN. Enter these commands to enable web authentication for a wireless LAN:
• config wlan security web {enable | disable} wlan-id
• Enter show wlan to verify that web authentication is enabled.
- Cisco Wireless LAN Solution 1
- Product Guide 1
- CONTENTS 3
- 3 Solutions 3-1 6
- 9 Using Cisco WCS 9-1 10
- Contents 11
- A Safety Considerations and 12
- Audience 15
- Organization 15
- Conventions 16
- Related Publications 18
- Obtaining Documentation 19
- Documentation Feedback 20
- Submitting a Service Request 22
- Overview 25
- Chapter 1 Overview 26
- Single-Controller Deployments 27
- Operating System Software 29
- Operating System Security 29
- Operational Requirements 31
- Configuration Requirements 31
- Client Roaming 33
- Client Location 34
- External DHCP Servers 35
- Access Control Lists 38
- Identity Networking 39
- Dynamic Frequency Selection 40
- File Transfers 41
- Power over Ethernet 41
- Pico Cell Functionality 42
- Distribution System Ports 46
- AP-Manager Interface 47
- Operator-Defined Interfaces 48
- Virtual Interface 48
- Service Port 49
- Service-Port Interface 49
- Startup Wizard 49
- Lightweight Access Points 56
- External Antenna Connectors 59
- Antenna Sectorization 60
- Using DHCP Option 43 64
- Lightweight Mode 65
- Rogue Access Points 67
- Web User Interface 68
- Command Line Interface 68
- Cisco Wireless Control System 69
- Cisco WCS Base 70
- Cisco WCS Location 71
- Cisco WCS User Interface 71
- Floor Plan Editor 72
- Guidelines for Using the GUI 75
- Opening the GUI 75
- Configuring the GUI for HTTPS 76
- TFTP server IP address 77
- Using the CLI 78
- Logging Out of the CLI 79
- Interfaces 80
- Solutions 83
- Cisco WLAN Solution Security 84
- Layer 3 Solutions 85
- Rogue Access Point Solutions 85
- Integrated Security Solutions 86
- Configuring DHCP 97
- Default Web Auth Operation 99
- OL-7955-01 100
- Chapter 3 Solutions 100
- Changing the Web Message 102
- Changing the Logo 102
- Hiding the Logo 103
- Identity Networking Overview 106
- QoS-Level 107
- ACL-Name 107
- Interface-Name 108
- VLAN-Tag 108
- Tunnel Attributes 109
- Before You Start 112
- Configuring a Country Code 115
- Configuring RADIUS Settings 117
- Configuring SNMP Settings 117
- Configuring Mobility Groups 118
- Configuring the Service Port 119
- Enabling 802.3x Flow Control 120
- Enabling System Logging 120
- Configuring Wireless LANs 121
- Wireless LAN Overview 122
- Activating Wireless LANs 123
- Configuring Layer 2 Security 124
- WEP Keys 125
- Configuring Layer 3 Security 126
- IKE Diffie-Hellman Group 127
- IKE Lifetime Timeout 127
- IPSec Passthrough 127
- Web-Based Authentication 127
- Local Netuser 128
- Configuring Auto Anchoring 129
- Managing Controller Software 131
- Upgrading Controller Software 132
- Saving Configurations 134
- Resetting the Controller 135
- Starting and Stopping WCS 143
- Using Cisco WCS 149
- Using Maps 152
- Adding a Building to a Campus 153
- Using the Map Editor 156
- Monitoring Maps 159
- Locating Clients 164
- Finding Coverage Holes 166
- Installing Cisco WCS 168
- Updating Cisco WCS for Linux 169
- Adding WCS User Accounts 172
- Changing Passwords 172
- Deleting User Accounts 173
- Operating Location Appliances 186
- Safety Considerations and 193
- Translated Safety Warnings 193
- Safety Considerations 194
- Warning Definition 194
- Varoitus 195
- Attention 195
- Avvertenza 195
- Advarsel 195
- ¡Advertencia! 196
- Varning! 196
- Class 1 Laser Product Warning 197
- Produto a laser de classe 1 198
- Klasse 1 laserprodukt 198
- Ground Conductor Warning 199
- Waarschuwing 210
- Controllers 215
- Information 219
- Statement 220
- Canadian Compliance Statement 221
- • Safety: EN 60950 222
- • Radio: EN 301.893 223
- 03-5549-6500 224
- All Access Points 225
- End User License and Warranty 229
- End User License Agreement 230
- Limited Warranty 232
- Disclaimer of Warranty 234
- Additional Open Source Terms 235
- APPENDIX 237
- Gain Pattern 246
- LED Patterns 251
- System Messages 252
- Client Reason Codes 254
- Client Status Codes 255
- Power Alarm 2.4 GHz 5 GHz 256
Relacionado con productos y manuales para Redes Cisco AIR-WLC2006-K9 - Wireless LAN Controller 2006
Redes Cisco CTX2500 Información técnica
(30 paginas)
(30 paginas)
Redes Cisco WMA11B Guía de usuario
(32 paginas)
(32 paginas)
Redes Cisco 7301 Información técnica
(40 paginas)
(40 paginas)
Redes Cisco ISE - Line Card ISE Especificaciones
(82 paginas)
(82 paginas)
Redes Cisco SPA3102 Guía de usuario
(100 paginas)
(100 paginas)
Redes Cisco 1005 - 1005 Router Guía de usuario
(24 paginas)
(24 paginas)
Redes Cisco WRT150N Guía de usuario
(90 paginas)
(90 paginas)
Redes Cisco PIX-515E Especificaciones
(78 paginas)
(78 paginas)
Redes Cisco 2525 - 2525 TR Router Guía de usuario
(18 paginas)
(18 paginas)
Redes Cisco MWR-1941-DC-2T1 - MWR 1941 Mobile Wireless Edge Router Manual de instrucciones
(66 paginas)
(66 paginas)
Redes Cisco 3631 Guía de instalación
(44 paginas)
(44 paginas)
Redes Cisco 802-IDSL - 802 Router Manual de usuario
(22 paginas)
(22 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.173 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales