EasyManuals Logo

Cisco 2100 Series Configuration Guide

Cisco 2100 Series
796 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #199 background imageLoading...
Page #199 background image
5-11
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 5 Configuring Security Solutions
Configuring RADIUS
d. If you enabled Active fallback mode in Step b, enter the probe interval value (in seconds) in the
Interval in Sec field. The interval serves as inactive time in passive mode and probe interval in active
mode. The valid range is 180 to 3600 seconds, and the default value is 300 seconds.
Step 24 To specify the order of authentication when multiple databases are configured, click Security > Priority
Order > Management User. The Priority Order > Management User page appears (see Figure 5-5).
Figure 5-5 Priority Order > Management User Page
Step 25
For Authentication Priority, choose either Radius or TACACS+ to specify which server has priority over
the other when the controller attempts to authenticate management users. By default, the local database
is always queried first. If the username is not found, the controller switches to the TACACS+ server if
configured for TACACS+ or to the RADIUS server if configured for Radius. The default setting is local
and then Radius.
Step 26 Click Apply to commit your changes.
Step 27 Click Save Configuration to save your changes.
Using the CLI to Configure RADIUS
Using the controller CLI, follow these steps to configure RADIUS.
Note Refer to the “Using the GUI to Configure RADIUS” section on page 5-6 for the valid ranges and default
values of the parameters used in the CLI commands.
Step 1 To specify whether the IP address, system MAC address, or AP MAC address of the originator will be
sent to the RADIUS server in the Access-Request message, enter this command:
config radius callStationIdType {ip_address, mac_address, ap_mac_address, ap_macaddr_ssid}
Step 2 Use these commands to configure a RADIUS authentication server:
config radius auth add index server_ip_address port# {ascii | hex} shared_secret—Adds a
RADIUS authentication server.
config radius auth keywrap {enable | disable}—Enables AES key wrap, which makes the shared
secret between the controller and the RADIUS server more secure. AES key wrap is designed for
Federal Information Processing Standards (FIPS) customers and requires a key-wrap compliant
RADIUS authentication server.

Table of Contents

Other manuals for Cisco 2100 Series

Preview: Quick Start Guide
Quick Start Guide12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 2100 Series and is the answer not in the manual?

Cisco 2100 Series Specifications

General IconGeneral
Power over Ethernet (PoE)No
Form FactorDesktop
EncryptionAES, TKIP
Maximum Access Points6
SecurityWPA, WPA2, 802.1X
Dimensions1.75 x 8.0 x 8.5 in. (4.4 x 20.3 x 21.6 cm)

Related product manuals