Cisco Cisco Aironet 1200 Access Point 發佈版本通知
5
Better Handling of Lost Ethernet
OL-3159-01
New Features
•
User privileges are Write, SNMP, Ident, Firmware, and Admin. They are locally cached on the
access point. A time-out timer flushes the information every 5 minutes.
access point. A time-out timer flushes the information every 5 minutes.
•
Authentication server configuration:
–
RADIUS protocol: send request on port 1812 or 1615
–
TACACS protocol: send request on port 49
Better Handling of Lost Ethernet
This feature allows a number of user-configured actions to execute when an access point loses backbone
connectivity:
connectivity:
•
No action—the access point continues to maintain associations with clients and manages traffic
between them, but traffic to the backbone is not passed. When the backbone is restored, the access
point begins passing traffic to and from the wired network.
between them, but traffic to the backbone is not passed. When the backbone is restored, the access
point begins passing traffic to and from the wired network.
•
Switch to repeater mode—the access point tries to connect to a root access point using any of the
configured SSIDs. If it cannot connect, all clients are disassociated and the access point removes
itself from the wireless network until connectivity is restored.
configured SSIDs. If it cannot connect, all clients are disassociated and the access point removes
itself from the wireless network until connectivity is restored.
•
Shut the radio off—all clients are disassociated and the access point removes itself from the wireless
network until backbone connectivity is restored.
network until backbone connectivity is restored.
•
Restrict client access to a specific SSID—the access point allows association using a restricted SSID
(for administrator troubleshooting and diagnosis purposes).
(for administrator troubleshooting and diagnosis purposes).
Improved Authentication Server Management
Authentication server management functions are improved with the addition of two new features:
•
Display of active authentication servers—For each authentication type: 802.1x/EAP, MAC, or
Admin Authentication (if enabled), the active server is identified by a green color.
Admin Authentication (if enabled), the active server is identified by a green color.
•
Automatic return to primary authentication server—if the selected RADIUS server (primary) is not
reachable after a predetermined period of time-out and retries, the access point uses the next server
listed.
reachable after a predetermined period of time-out and retries, the access point uses the next server
listed.
Secure Shell Support
Secure Shell (SSH) is an alternative to or a replacement for Telnet that is considered the standard
protocol for remote logins. SSH runs in the Application Layer of the TCP/IP stack. SSH clients make
SSH relatively easy to use and are available on most computers including those that run Windows or a
type of UNIX. SSH clients are also available on some handheld devices.
protocol for remote logins. SSH runs in the Application Layer of the TCP/IP stack. SSH clients make
SSH relatively easy to use and are available on most computers including those that run Windows or a
type of UNIX. SSH clients are also available on some handheld devices.
SSH provides a secure connection over the Internet providing strong user authentication. SSH protects
the privacy of transmitted data (such as passwords, binary data, and administrative commands) by
encrypting it. The following details are pertinent:
the privacy of transmitted data (such as passwords, binary data, and administrative commands) by
encrypting it. The following details are pertinent:
•
A maximum of one Telnet connection to the access point is allowed at one time.
•
A Telnet SSH request can preempt an active serial SSH connection.
Implementing an SSH connection involves the following:
•
SSH server on the access point listens to TCP port 22 for requests.