EasyManuals Logo

Cisco PenTeleData 8800 Series Deployment Guide

Cisco PenTeleData 8800 Series
207 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #71 background imageLoading...
Page #71 background image
Cisco IP Phone 8861 and 8865 Wireless LAN Deployment Guide
71
EAPOL-Key Max Retries............................ 4
EAP-Broadcast Key Interval....................... 3600
If using 802.1x or WPA/WPA2, the EAP-Request Timeout on the Cisco Wireless LAN Controller should be set to at least 20
seconds.
In later versions of Cisco Wireless LAN Controller software, the default EAP-Request Timeout was changed from 2 to 30
seconds.
For deployments where EAP failures occur frequently, the EAP-Request Timeout should be reduced below 30 seconds.
To change the EAP-Request Timeout on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter the
following command.
(Cisco Controller) >config advanced eap request-timeout 30
If using WPA/WPA2 PSK then it is recommended to reduce the EAPOL-Key Timeout to 400 milliseconds from the default of
1000 milliseconds with EAPOL-Key Max Retries set to 4 from the default of 2.
If using WPA/WPA2, then using the default values where the EAPOL-Key Timeout is set to 1000 milliseconds and EAPOL-
Key Max Retries are set to 2 should work fine, but is still recommended to set those values to 400 and 4 respectively.
The EAPOL-Key Timeout should not exceed 1000 milliseconds (1 second).
To change the EAPOL-Key Timeout on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter the
following command.
(Cisco Controller) >config advanced eap eapol-key-timeout 400
To change the EAPOL-Key Max Retries Timeout on the Cisco Wireless LAN Controller, telnet or SSH to the controller and
enter the following command.
(Cisco Controller) >config advanced eap eapol-key-retries 4
Ensure EAP-Broadcast Key Interval is set to a minimum of 3600 seconds (1 hour).
To change the EAP-Broadcast Key Interval on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter
the following command.
(Cisco Controller) >config advanced eap bcast-key-interval 3600
Auto-Immune
The Auto-Immune feature can optionally be enabled for protection against denial of service (DoS) attacks.
Although when this feature is enabled there can be interruptions introduced with voice over wireless LAN, therefore it is
recommended to disable the Auto-Immune feature on the Cisco Wireless LAN Controller.
To view the Auto-Immune configuration on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter the
following command.
(Cisco Controller) >show wps summary

Table of Contents

Other manuals for Cisco PenTeleData 8800 Series

Preview: User Guide
User Guide170 pages
Preview: Administration Guide
Administration Guide406 pages
Preview: Guide
Guide544 pages
Preview: Installation Guide
Installation Guide39 pages
Preview: Firmware Migration Master Guide
Firmware Migration Master Guide30 pages
Preview: Reconfiguration Guide
Reconfiguration Guide2 pages
Preview: Features
Features15 pages
Preview: Manual
Manual48 pages
Preview: Quick Start Guide
Quick Start Guide2 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco PenTeleData 8800 Series and is the answer not in the manual?

Cisco PenTeleData 8800 Series Specifications

General IconGeneral
BrandCisco
ModelPenTeleData 8800 Series
CategoryIP Phone
LanguageEnglish

Related product manuals