Cisco Cisco Aironet 1200 Access Point Referencia técnica
Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide
Implementing the Cisco SWAN Framework
14
Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide
OL-6217-01
When the encryption key negotiations are complete, the WDS reports all its registered infrastructure
access points to the CiscoWorks WLSE for management. After the infrastructure access points are
managed on the CiscoWorks WLSE, the CiscoWorks WLSE interrogates the infrastructure access points
with SNMP to complete its internal inventory tables.
access points to the CiscoWorks WLSE for management. After the infrastructure access points are
managed on the CiscoWorks WLSE, the CiscoWorks WLSE interrogates the infrastructure access points
with SNMP to complete its internal inventory tables.
After the interrogation is complete, the Cisco SWAN framework is totally constructed and other
advanced features are used.
advanced features are used.
The following is a check list for implementing the Cisco SWAN framework for the access
point-basednWDS solution:
point-basednWDS solution:
•
Configure the AAA server for infrastructure authentication
•
Configure the AAA server for WLAN client authentication
•
Prepare the CiscoWorks WLSE for managing the WLAN devices
•
Configure the WDS access point(s)
•
Configure the infrastructure access points
The following is a check list for implementing the Cisco SWAN framework for the switch-based WDS
solution:
solution:
•
Configure the AAA server for infrastructure authentication
•
Configure the AAA server for WLAN client authentication
•
Prepare the CiscoWorks WLSE for managing the WLAN devices
•
Configure the WLSM
•
Configure the infrastructure access points
The following three subsections provide the details for each of these tasks. The first subsection focuses
on the tasks common to both the access point-based WDS architecture and the switch-based WDS
architecture. The second subsection covers in detail the tasks required with the access point-based WDS
solution. The third subsection covers in detail the tasks required with the switch-based WDS solution.
on the tasks common to both the access point-based WDS architecture and the switch-based WDS
architecture. The second subsection covers in detail the tasks required with the access point-based WDS
solution. The third subsection covers in detail the tasks required with the switch-based WDS solution.
Common Tasks
The required tasks common to both the switch-based and access point-based WDS solutions are:
•
Configuring the AAA server to support infrastructure authentication
•
Configuring the AAA server to support WLAN client authentication
•
Preparing the CiscoWorks WLSE for managing WLAN devices
Infrastructure authentication currently requires Cisco LEAP. Typically customers use CiscoSecure ACS
for LEAP authentication. Both infrastructure and client authentication can use ACS. In many customer
environments, AAA support for Cisco LEAP is not available for infrastructure authentication. As an
alternative for infrastructure authentication, the local RADIUS server embedded in the access point IOS
is used. This document reviews the steps to configure the ACS and the local RADIUS servers on the
access point for infrastructure authentication. Other third-party AAA products support Cisco LEAP and
may be used for infrastructure authentication. Configuration of third-party AAA products is beyond the
scope of this document.
for LEAP authentication. Both infrastructure and client authentication can use ACS. In many customer
environments, AAA support for Cisco LEAP is not available for infrastructure authentication. As an
alternative for infrastructure authentication, the local RADIUS server embedded in the access point IOS
is used. This document reviews the steps to configure the ACS and the local RADIUS servers on the
access point for infrastructure authentication. Other third-party AAA products support Cisco LEAP and
may be used for infrastructure authentication. Configuration of third-party AAA products is beyond the
scope of this document.
Configuring the CiscoSecure ACS Server for Infrastructure Authentication
To use the CiscoSecure ACS server for infrastructure authentication, you must complete the following
tasks:
tasks: