Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter Guia Do Desenho

Before you can enable CCKM or WPA, you must set the encryption mode to a cipher suite that 
includes TKIP/AES-CCMP. To enable both CCKM and WPA, you must set the encryption mode 
to a cipher suite that includes TKIP. 

If you enable WPA for an SSID without a pre-shared key, the key management type is WPA. If 
you enable WPA with a pre-shared key, the key management type is WPA-PSK. 

To support CCKM, your root device must interact with the WDS device on your network. 

Use the no form of the SSID commands to disable the SSID or to disable SSID features. This example 
sets the authentication type for the SSID bridgeman to open with EAP authentication. Bridges using the 
SSID bridgeman attempt EAP authentication using the EAP method name adam. This example sets the 
authentication type for the SSID bridgeman to perform EAP-TLS authentication with AES encryption. 
Bridges using this SSID attempt EAP authentication using a server ID named adam.

!

dot11 ssid bridgeman

authentication open eap eap_adam

authentication network-eap eap_adam

authentication key-management wpa

infrastructure-ssid

!

!

interface dot11radio 0

encryption mode ciphers aes-ccm

ssid bridgeman

!

The configuration on workgroup bridges, non-root bridges, and repeater bridges associated to this bridge 
would also contain the following commands:

!

eap profile authProfile

method tls

exit

!

dot1x credentials authCredentials

username adam

password adam

!

dot11 ssid bridgeman

authentication open eap eap_adam

authentication network-eap eap_adam

authentication key-management wpa

dot1x eap_profile authProfile

dot1x credentials authCredentials

infrastructure-ssid

!

interface dot11radio 0

encryption mode ciphers aes-ccm

ssid bridgeman