EasyManua.ls Logo

Cisco 4400 Series User Manual

Cisco 4400 Series
796 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #220 background imageLoading...
Page #220 background image
5-32
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 5 Configuring Security Solutions
Configuring Local Network Users
Step 12 Click Apply to commit your changes.
Step 13 Click Save Configuration to save your changes.
Using the CLI to Configure Local Network Users
Use the commands in this section to configure local network users using the controller CLI.
Note Refer to the “Using the GUI to Configure Local Network Users” section on page 5-30 for the valid
ranges and default values of the parameters used in the CLI commands.
1. Use these commands to configure a local network user:
config netuser add username password wlan wlan_id userType permanent description
description—Adds a permanent user to the local user database on the controller.
config netuser add username password {wlan | guestlan} {wlan_id | guest_lan_id} userType
guest lifetime seconds description description—Adds a guest user on a WLAN or wired guest
LAN to the local user database on the controller.
Note Instead of adding a permanent user or a guest user to the local user database from the
controller, you can choose to create an entry on the RADIUS server for the user and enable
RADIUS authentication for the WLAN on which web authentication is performed.
config netuser delete username—Deletes a user from the local user database on the controller.
Note Local network usernames must be unique because they are all stored in the same database.
2. Use these commands to see information related to the local network users configured on the
controller.
show netuser detail username—Shows the configuration of a particular user in the local user
database.
show netuser summary—Lists all the users in the local user database.
For example, information similar to the following appears for the show netuser detail username
command:
User Name............................... abc
WLAN Id................................. Any
Lifetime................................ Permanent
Description........................... test user
3. To save your changes, enter this command:
save config

Table of Contents

Question and Answer IconNeed help?

Do you have a question about the Cisco 4400 Series and is the answer not in the manual?

Cisco 4400 Series Specifications

General IconGeneral
Product TypeWireless LAN Controller
ManageableYes
Management PortYes
Power over Ethernet (PoE)No
Operating Temperature32 to 104°F (0 to 40°C)
SecurityWPA, WPA2, 802.1X, AES, TKIP
Power SupplyAC Power Supply
Wireless LAN StandardIEEE 802.11a/b/g/n
Form FactorRack-mountable
RedundancyYes
Operating Humidity10% to 90% non-condensing

Summary

CHAPTER 1 Overview

Cisco Unified Wireless Network Solution Overview

Operating System Software

Operating System Security

Explains the Layer 1, 2, and 3 security components and policies.

Layer 2 and Layer 3 Operation

Cisco Wireless LAN Controllers

Controller Platforms

Cisco UWN Solution WLANs

Identity Networking

Describes how to apply parameters to clients based on their profile.

Startup Wizard

Cisco Wireless LAN Controller Failover Protection

Describes how access points associate with backup controllers if the primary fails.

CHAPTER 2 Using the Web-Browser and CLI Interfaces

Using the Web-Browser Interface

Describes the GUI for configuring parameters and monitoring status.

Using the CLI

Explains how to use the text-based interface for configuration and monitoring.

Enabling Wireless Connections to the Web-Browser and CLI Interfaces

CHAPTER 3 Configuring Ports and Interfaces

Configuring the Management, AP-Manager, Virtual, and Service-Port Interfaces

Details how to configure controller interfaces.

Configuring Dynamic Interfaces

Configuring Ports

CHAPTER 4 Configuring Controller SettingsWireless Device Access

Using the Configuration Wizard

Describes configuring basic settings for the first time or after a reset.

Using the AutoInstall Feature for Controllers Without a Configuration

Configuring 802.11 Bands

Configuring 802.11n Parameters

Configuring DHCP Proxy

Explains enabling/disabling DHCP proxy globally or per WLAN.

Configuring Administrator Usernames and Passwords

Instructions for setting admin credentials to prevent unauthorized access.

Configuring Client Roaming

Configuring IP-MAC Address Binding

Enforces strict IP-to-MAC binding in client packets.

Configuring Quality of Service

Explains providing better service for selected network traffic.

Configuring Voice and Video Parameters

CHAPTER 5 Configuring Security Solutions

Cisco UWN Solution Security

Includes overview, Layer 1, 2, 3, and integrated security solutions.

Configuring RADIUS

Explains RADIUS as a client/server protocol for centralized security.

Configuring TACACS+

Details TACACS+ as a protocol for centralized security.

Configuring Local Network Users

Explains adding local users to the controller database.

Configuring LDAP

Describes configuring LDAP server as a backend database.

Configuring Local EAP

Explains local EAP authentication for users and clients.

Configuring and Applying Access Control Lists

Explains rules to limit interface access.

Configuring Management Frame Protection

Provides security for unprotected 802.11 management messages.

Configuring Client Exclusion Policies

Configuring Identity Networking

Describes how to apply policies based on user profiles.

Managing Rogue Devices

Describes security solutions for rogue devices.

Configuring IDS

Explains configuring intrusion detection system sensors and signatures.

Configuring wIPS

Details the adaptive wireless intrusion prevention system.

Detecting Active Exploits

CHAPTER 6 Configuring WLANsWireless Device Access

WLAN Overview

Describes controlling up to 512 WLANs and AP groups.

Configuring WLANs

Lists sections on creating WLANs, DHCP, security, QoS, etc.

CHAPTER 7 Controlling Lightweight Access Points

Access Point Communication Protocols

Configuring Global Credentials for Access Points

Details setting global username/password for APs.

Configuring Authentication for Access Points

Explains 802.1X authentication between AP and switch.

Autonomous Access Points Converted to Lightweight Mode

Configuring Backup Controllers

Details configuring primary, secondary, tertiary controllers for APs.

Configuring Failover Priority for Access Points

Explains assigning priorities for AP failover.

Dynamic Frequency Selection

CHAPTER 8 Controlling Mesh Access Points

Cisco Aironet Mesh Access Points

Architecture Overview

Adding Mesh Access Points to the Mesh Network

Details connecting APs to the controller and managing settings.

Configuring Advanced Features

Converting Indoor Access Points to Mesh Access Points (1130AG, 1240AG)

CHAPTER 9 Managing Controller Software and Configurations

Upgrading Controller Software

Details the process and guidelines for upgrading controller software.

Transferring Files to and from a Controller

Explains uploading/downloading device certificates, CA certificates, PACs, and config files.

Saving Configurations

Editing Configuration Files

Clearing the Controller Configuration

Steps to clear the active configuration in NVRAM.

Erasing the Controller Configuration

Steps to reset the controller configuration to default settings.

Resetting the Controller

Describes methods to reset the controller via CLI or console.

CHAPTER 10 Managing User Accounts

Creating Guest User Accounts

Explains creating lobby administrator and guest user accounts.

Web Authentication Process

Describes the web authentication process and security alerts.

Choosing the Web Authentication Login Page

Provides instructions for specifying the content and appearance of the login page.

Configuring Wired Guest Access

Details configuring wired guest access on a network.

CHAPTER 11 Configuring Radio Resource ManagementWireless Device Access

Overview of Radio Resource Management

Explains RRM software's role in RF management.

Overview of RF Groups

Configuring an RF Group

Instructions for configuring RF groups via GUI or CLI.

Configuring RRM

Details how to modify RRM configuration parameters.

Overriding RRM

Enabling Rogue Access Point Detection in RF Groups

Configures APs to detect rogue APs within RF groups.

CHAPTER 12 Configuring Mobility GroupsWireless Device Access

Overview of Mobility Groups

Configuring Mobility Groups

Provides instructions for configuring mobility groups via GUI or CLI.

Configuring Auto-Anchor Mobility

CHAPTER 13 Configuring Hybrid REAPWireless Device Access

Overview of Hybrid REAP

Configuring Hybrid REAP

Provides instructions for configuring Hybrid REAP on controllers and APs.

Configuring Hybrid-REAP Groups

APPENDIX A Safety Considerations and Translated Safety Warnings

Safety Considerations

General guidelines for installing Cisco UWN Solution products.

Warning Definition

Explains the meaning of warning symbols and safety instructions.

Ground Conductor Warning

Chassis Warning for Rack-Mounting and Servicing

Battery Handling Warning for 4400 Series Controllers

Equipment Installation Warning

APPENDIX D Troubleshooting

Interpreting LEDs

System Messages

Using the CLI to Troubleshoot Problems

Provides CLI commands for gathering information and debugging.

Configuring System and Message Logging

Uploading Logs and Crash Files

Uploading Core Dumps from the Controller

Monitoring Memory Leaks

Troubleshooting CCXv5 Client Devices

Using the Debug Facility

Related product manuals