Cisco Cisco Aironet 350 Wireless Bridge 기술 매뉴얼
section is only to give you an understanding on how to enable WPA−PSK and is not the focus of this
document. This document explains how to configure WPA.
document. This document explains how to configure WPA.
Conventions
Refer to the Cisco Technical Tips Conventions for more information on document conventions.
Configure
WPA builds on the current EAP/802.1x methods. This document assumes that you have a Light EAP (LEAP),
EAP, or Protected EAP (PEAP) configuration that works before you add the configuration in order to engage
WPA.
EAP, or Protected EAP (PEAP) configuration that works before you add the configuration in order to engage
WPA.
This section presents the information to configure the features described in this document.
Note: Use the Command Lookup Tool (registered customers only) to obtain more information on the
commands used in this section.
commands used in this section.
Network EAP or Open Authentication with EAP
In any EAP/802.1x−based authentication method, you may question what the differences are between
Network−EAP and Open authentication with EAP. These items refer to values in the Authentication
Algorithm field in the headers of management and association packets. Most manufacturers of wireless clients
set this field at the value 0 (Open authentication), and then signal their desire to do EAP authentication later in
the association process. Cisco sets the value differently, from the start of association with the Network EAP
flag.
Network−EAP and Open authentication with EAP. These items refer to values in the Authentication
Algorithm field in the headers of management and association packets. Most manufacturers of wireless clients
set this field at the value 0 (Open authentication), and then signal their desire to do EAP authentication later in
the association process. Cisco sets the value differently, from the start of association with the Network EAP
flag.
Use the authentication method that this list indicates if your network has clients that are:
Cisco clientsUse Network−EAP.
•
Third−party clients (which include Cisco Compatible Extensions [CCX]−compliant products)Use
Open authentication with EAP.
Open authentication with EAP.
•
A combination of both Cisco and third−party clientsChoose both Network−EAP and Open
authentication with EAP.
authentication with EAP.
•
CLI Configuration
This document uses these configurations:
A LEAP configuration that exists and works
•
Cisco IOS Software Release 12.2(15)JA for the Cisco IOS Software−based APs
•
AP
ap1#show running−config
Building configuration...
.
.
.
aaa new−model
!
aaa group server radius rad_eap
server 192.168.2.100 auth−port 1645 acct−port 1646
.
.