Cisco Cisco IP Phone 8841 Design Guide
Cisco IP Phone 8861 and 8865 Wireless LAN Deployment Guide
97
Advanced Settings
TKIP Countermeasure Holdoff Time
TKIP countermeasure mode can occur if the access point receives two Message Integrity Check (MIC) errors within a 60
second period. When this occurs, the access point will de-authenticate all TKIP clients associated to that 802.11 radio and
holdoff any clients for the countermeasure holdoff time (default = 60 seconds).
To change the TKIP countermeasure holdoff time on the Cisco Autonomous Access Point, telnet or SSH to the access point and
enter the following command specifying the number of seconds and WLAN ID.
second period. When this occurs, the access point will de-authenticate all TKIP clients associated to that 802.11 radio and
holdoff any clients for the countermeasure holdoff time (default = 60 seconds).
To change the TKIP countermeasure holdoff time on the Cisco Autonomous Access Point, telnet or SSH to the access point and
enter the following command specifying the number of seconds and WLAN ID.
Interface dot11radio X
countermeasure tkip hold-time <nseconds>
Cisco Autonomous Access Point Sample Configuration
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap-1
!
logging rate-limit console 9
!
aaa new-model
!
aaa group server radius rad_eap
server name 10.0.0.20
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
server name 10.0.0.20
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius WDS
server name 10.9.0.9
!
aaa group server radius Clients
server name 10.0.0.20
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login method_WDS group WDS
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap-1
!
logging rate-limit console 9
!
aaa new-model
!
aaa group server radius rad_eap
server name 10.0.0.20
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
server name 10.0.0.20
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius WDS
server name 10.9.0.9
!
aaa group server radius Clients
server name 10.0.0.20
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login method_WDS group WDS