EasyManua.ls Logo

Cisco 4400 Series User Manual

Cisco 4400 Series
796 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #337 background imageLoading...
Page #337 background image
6-27
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 6 Configuring WLANsWireless Device Access
Configuring WLANs
config wlan ccx aironet-ie enable wlan_id
Step 3 Enter this command to enable or disable CKIP for the WLAN:
config wlan security ckip {enable | disable} wlan_id
Step 4 Enter this command to specify a CKIP encryption key for the WLAN:
config wlan security ckip akm psk set-key wlan_id {40 | 104} {hex | ascii} key key_index
Step 5 Enter this command to enable or disable CKIP MMH MIC for the WLAN:
config wlan security ckip mmh-mic {enable | disable} wlan_id
Step 6 Enter this command to enable or disable CKIP key permutation for the WLAN:
config wlan security ckip kp {enable | disable} wlan_id
Step 7 Enter this command to enable the WLAN:
config wlan enable wlan_id
Step 8 Enter this command to save your settings:
save config
Configuring a Session Timeout
Using the controller GUI or CLI, you can configure a session timeout for wireless clients on a WLAN.
The session timeout is the maximum time for a client session to remain active before requiring
reauthorization.
Using the GUI to Configure a Session Timeout
Using the controller GUI, follow these steps to configure a session timeout for wireless clients on a
WLAN.
Step 1 Click WLANs to open the WLANs page.
Step 2 Click the ID number of the WLAN for which you want to assign a session timeout.
Step 3 When the WLANs > Edit page appears, click the Advanced tab. The WLANs > Edit (Advanced) page
appears.
Step 4 To configure a session timeout for this WLAN, check the Enable Session Timeout check box.
Otherwise, uncheck the check box. The default value is checked.
Step 5 In the Session Timeout field, enter a value between 300 and 86400 seconds to specify the duration of the
client session. The default value is 1800 seconds for the following Layer 2 security types: 802.1X; Static
WEP+802.1X; and WPA+WPA2 with 802.1X, CCKM, or 802.1X+CCKM authentication key
management and 0 seconds for all other Layer 2 security types. A value of 0 is equivalent to no timeout.
Note When using WPA1 or WPA2, if the timeout is set to infinite, the clients still reauthenticate at a
frequency of 12 hours. The workaround is to enable the AAA override and push through the
radius server a longer session timeout period. The timeout period can be longer than one day,
which is the maximum period you can manually configure.

Table of Contents

Question and Answer IconNeed help?

Do you have a question about the Cisco 4400 Series and is the answer not in the manual?

Cisco 4400 Series Specifications

General IconGeneral
Product TypeWireless LAN Controller
ManageableYes
Management PortYes
Power over Ethernet (PoE)No
Operating Temperature32 to 104°F (0 to 40°C)
SecurityWPA, WPA2, 802.1X, AES, TKIP
Power SupplyAC Power Supply
Wireless LAN StandardIEEE 802.11a/b/g/n
Form FactorRack-mountable
RedundancyYes
Operating Humidity10% to 90% non-condensing

Summary

CHAPTER 1 Overview

Cisco Unified Wireless Network Solution Overview

Operating System Software

Operating System Security

Explains the Layer 1, 2, and 3 security components and policies.

Layer 2 and Layer 3 Operation

Cisco Wireless LAN Controllers

Controller Platforms

Cisco UWN Solution WLANs

Identity Networking

Describes how to apply parameters to clients based on their profile.

Startup Wizard

Cisco Wireless LAN Controller Failover Protection

Describes how access points associate with backup controllers if the primary fails.

CHAPTER 2 Using the Web-Browser and CLI Interfaces

Using the Web-Browser Interface

Describes the GUI for configuring parameters and monitoring status.

Using the CLI

Explains how to use the text-based interface for configuration and monitoring.

Enabling Wireless Connections to the Web-Browser and CLI Interfaces

CHAPTER 3 Configuring Ports and Interfaces

Configuring the Management, AP-Manager, Virtual, and Service-Port Interfaces

Details how to configure controller interfaces.

Configuring Dynamic Interfaces

Configuring Ports

CHAPTER 4 Configuring Controller SettingsWireless Device Access

Using the Configuration Wizard

Describes configuring basic settings for the first time or after a reset.

Using the AutoInstall Feature for Controllers Without a Configuration

Configuring 802.11 Bands

Configuring 802.11n Parameters

Configuring DHCP Proxy

Explains enabling/disabling DHCP proxy globally or per WLAN.

Configuring Administrator Usernames and Passwords

Instructions for setting admin credentials to prevent unauthorized access.

Configuring Client Roaming

Configuring IP-MAC Address Binding

Enforces strict IP-to-MAC binding in client packets.

Configuring Quality of Service

Explains providing better service for selected network traffic.

Configuring Voice and Video Parameters

CHAPTER 5 Configuring Security Solutions

Cisco UWN Solution Security

Includes overview, Layer 1, 2, 3, and integrated security solutions.

Configuring RADIUS

Explains RADIUS as a client/server protocol for centralized security.

Configuring TACACS+

Details TACACS+ as a protocol for centralized security.

Configuring Local Network Users

Explains adding local users to the controller database.

Configuring LDAP

Describes configuring LDAP server as a backend database.

Configuring Local EAP

Explains local EAP authentication for users and clients.

Configuring and Applying Access Control Lists

Explains rules to limit interface access.

Configuring Management Frame Protection

Provides security for unprotected 802.11 management messages.

Configuring Client Exclusion Policies

Configuring Identity Networking

Describes how to apply policies based on user profiles.

Managing Rogue Devices

Describes security solutions for rogue devices.

Configuring IDS

Explains configuring intrusion detection system sensors and signatures.

Configuring wIPS

Details the adaptive wireless intrusion prevention system.

Detecting Active Exploits

CHAPTER 6 Configuring WLANsWireless Device Access

WLAN Overview

Describes controlling up to 512 WLANs and AP groups.

Configuring WLANs

Lists sections on creating WLANs, DHCP, security, QoS, etc.

CHAPTER 7 Controlling Lightweight Access Points

Access Point Communication Protocols

Configuring Global Credentials for Access Points

Details setting global username/password for APs.

Configuring Authentication for Access Points

Explains 802.1X authentication between AP and switch.

Autonomous Access Points Converted to Lightweight Mode

Configuring Backup Controllers

Details configuring primary, secondary, tertiary controllers for APs.

Configuring Failover Priority for Access Points

Explains assigning priorities for AP failover.

Dynamic Frequency Selection

CHAPTER 8 Controlling Mesh Access Points

Cisco Aironet Mesh Access Points

Architecture Overview

Adding Mesh Access Points to the Mesh Network

Details connecting APs to the controller and managing settings.

Configuring Advanced Features

Converting Indoor Access Points to Mesh Access Points (1130AG, 1240AG)

CHAPTER 9 Managing Controller Software and Configurations

Upgrading Controller Software

Details the process and guidelines for upgrading controller software.

Transferring Files to and from a Controller

Explains uploading/downloading device certificates, CA certificates, PACs, and config files.

Saving Configurations

Editing Configuration Files

Clearing the Controller Configuration

Steps to clear the active configuration in NVRAM.

Erasing the Controller Configuration

Steps to reset the controller configuration to default settings.

Resetting the Controller

Describes methods to reset the controller via CLI or console.

CHAPTER 10 Managing User Accounts

Creating Guest User Accounts

Explains creating lobby administrator and guest user accounts.

Web Authentication Process

Describes the web authentication process and security alerts.

Choosing the Web Authentication Login Page

Provides instructions for specifying the content and appearance of the login page.

Configuring Wired Guest Access

Details configuring wired guest access on a network.

CHAPTER 11 Configuring Radio Resource ManagementWireless Device Access

Overview of Radio Resource Management

Explains RRM software's role in RF management.

Overview of RF Groups

Configuring an RF Group

Instructions for configuring RF groups via GUI or CLI.

Configuring RRM

Details how to modify RRM configuration parameters.

Overriding RRM

Enabling Rogue Access Point Detection in RF Groups

Configures APs to detect rogue APs within RF groups.

CHAPTER 12 Configuring Mobility GroupsWireless Device Access

Overview of Mobility Groups

Configuring Mobility Groups

Provides instructions for configuring mobility groups via GUI or CLI.

Configuring Auto-Anchor Mobility

CHAPTER 13 Configuring Hybrid REAPWireless Device Access

Overview of Hybrid REAP

Configuring Hybrid REAP

Provides instructions for configuring Hybrid REAP on controllers and APs.

Configuring Hybrid-REAP Groups

APPENDIX A Safety Considerations and Translated Safety Warnings

Safety Considerations

General guidelines for installing Cisco UWN Solution products.

Warning Definition

Explains the meaning of warning symbols and safety instructions.

Ground Conductor Warning

Chassis Warning for Rack-Mounting and Servicing

Battery Handling Warning for 4400 Series Controllers

Equipment Installation Warning

APPENDIX D Troubleshooting

Interpreting LEDs

System Messages

Using the CLI to Troubleshoot Problems

Provides CLI commands for gathering information and debugging.

Configuring System and Message Logging

Uploading Logs and Crash Files

Uploading Core Dumps from the Controller

Monitoring Memory Leaks

Troubleshooting CCXv5 Client Devices

Using the Debug Facility

Related product manuals