Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter Guia Do Desenho
11-13
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 11 Mobile Access Router, Universal Bridge Client, and Cisco Unified Wireless
Security
!
!
This example shows the RADIUS/AAA configuration on the root side for EAP authentication.
!
aaa new-model
aaa group server radius rad_eap
server 13.1.1.99 auth-port 1645 acct-port 1646
!
aaa authentication login eap_adam group rad_eap
aaa session-id common
radius-server host 13.1.1.99 auth-port 1645 acct-port 1646 key 7 141B1309
radius-server authorization permit missing Service-Type
ip radius source-interface BVI1
!
Configuring the Root Device Interaction with WDS
To support non-root bridges using CCKM, your root device must interact with the WDS device on your
network, and your authentication server must be configured with a username and password for the root
device. For detailed instructions on configuring WDS and CCKM on your wireless LAN, see Chapter 11
in the Cisco IOS Software Configuration Guide for Cisco Access Points at the following URL:
network, and your authentication server must be configured with a username and password for the root
device. For detailed instructions on configuring WDS and CCKM on your wireless LAN, see Chapter 11
in the Cisco IOS Software Configuration Guide for Cisco Access Points at the following URL:
.
On your root device, enter the following command in global configuration mode:
bridge(config)# wlccp ap username username password password
Note
You must configure the same username and password pair when you set up the root device as a client on
your authentication server.
your authentication server.
In this WDS/CCKM configuration, the client and APs interact as follows:
•
AP1 and AP2 authenticate with WDS
•
WDS caches the client security credentials
•
At association, AP1 gets the key materials to derive dynamic keys for session
•
At re-association, AP2 gets the key materials to derive dynamic keys for session
•
Client authenticates with RADIUS server only once
shows the client, AP, and WDS relations.
Figure 11-5
WDS/CCKM Interactions
221958
802.11
AP1
WDS
AAA
AP2