DescriptionParameter
AAA override for global WLAN parameters that you can enable or disable.
When AAA Override is enabled, and a client has conflicting AAA and switches WLAN
authentication parameters, client authentication is performed by the AAA server. As part of
this authentication, the operating system moves clients from the default Cisco WLAN Solution
WLAN VLAN to a VLAN returned by the AAA server and predefined in the switches interface
configuration. In all cases, the operating system also uses QoS, DSCP, 802.1p priority tag
values, and ACLs provided by the AAA server, if they are predefined in the switches interface
configuration. (This VLAN switching by AAA Override is also referred to as Identity
Networking.)
If the Corporate WLAN primarily uses a Management Interface assigned to VLAN 2, and if
AAA Override returns a redirect to VLAN 100, the operating system redirects all client
transmissions to VLAN 100, regardless of the physical port to which VLAN 100 is assigned.
When AAA Override is disabled, all client authentication defaults to the switches authentication
parameter settings, and authentication is performed only by the AAA server if the switches
WLAN does not contain any client-specific authentication parameters.
The AAA override values might come from a RADIUS server, for example.
Allow AAA Override
Coverage hole detection (CHD) on this WLAN that you can enable or disable.
By default, CHD is enabled on all WLANs on the switches. You can disable CHD on a WLAN.
When you disable CHD on a WLAN, a coverage hole alert is still sent to the Switch, but no
other processing is done to mitigate the coverage hole. This feature is useful for guest WLANs
where guests are connected to your network for short periods of time and are likely to be highly
mobile.
Coverage Hole
Detection
Configure a WLAN with a session timeout in seconds. The session timeout is the maximum
time for a client session to remain active before requiring reauthorization. The minimum session
timeout allowed is 1 second and the maximum timeout allowed is 65535 seconds.
Entering zero denotes the session will never
expire.
Note
Session Timeout
Support of Aironet IEs per WLAN that you can enable or disable. The default is disabled.Aironet IE
Diagnostic channel support on the WLAN that you can enable or disable. The default is disabled.Diagnostic Channel
Peer-to-peer blocking settings that you can choose from the following:
• Disabled—(Default) Disables peer-to-peer blocking and bridges traffic locally within the
switch whenever possible.
• Drop—Causes the switches to discard the packets.
• Forward-UpStream—Causes the packets to be forwarded on the upstream VLAN. The
device above the switches decides what action to take regarding the packets.
P2P Blocking Action
WLAN Configuration Guide, Cisco IOS XE Release 3E (Catalyst 3650 Switches)
40 OL-32353-01
Configuring WLANs
Configuring Advanced WLAN Properties (GUI)
To Next Page
Loading...
Need help?
General
