Cisco 2901 - Preventing Unauthorized Access to Your Access Point; Protecting Access to Privileged EXEC Commands

To Next Page

To Previous Page

297

Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide

Chapter Administering the Wireless Device

Preventing Unauthorized Access to Your Access Point

You can prevent unauthorized users from reconfiguring the wireless device and viewing configuration

information. Typically, the network administrators must have access to the wireless device while

restricting access to users who connect through a terminal or workstation from within the local network.

To prevent unauthorized access to the wireless device, configure one of these security features:

• Username and password pairs, which are locally stored on the wireless device. These pairs

authenticate each user before the user can access the wireless device. You can also assign a specific

privilege level (read only or read/write) to each username and password pair. For more information,

see the “Configuring Username and Password Pairs” section on page 301. The default username is

Cisco, and the default password is Cisco. Usernames and passwords are case sensitive.

Note The characters TAB, ?, $, +, and [ are invalid characters for passwords.

• Username and password pairs are stored centrally in a database on a security server. For more

information, see the “Controlling Access Point Access with RADIUS” section on page 305.

Protecting Access to Privileged EXEC Commands

A simple way of providing terminal access control in your network is to use passwords and assign

privilege levels. Password protection restricts access to a network or network device. Privilege levels

define what commands users can issue after they have logged in to a network device.

Note For complete syntax and usage information for the commands used in this section, see Cisco IOS

Security Command Reference for Release 12.4.

This section describes how to control access to the configuration file and privileged EXEC commands.

It contains this configuration information:

• Configuring Default Password and Privilege Level, page 298

• Setting or Changing a Static Enable Password, page 298

• Protecting Enable and Enable Secret Passwords with Encryption, page 299

• Configuring Username and Password Pairs, page 301

• Configuring Multiple Privilege Levels, page 302

Related product manuals