Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.3(4)JA
Index
Download this chapter
IndexIndex
Download the complete book
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.3(4)JA (Full book in PDF format)Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.3(4)JA (Full book in PDF format) (PDF - 7 MB)
 Feedback

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

Numerics

802.11d6-15

802.11e14-2

802.11g6-24

802.11i6-18

802.11 subsystem error and event messagesD-4

802.1H6-19

802.1x authentication8-2

A

abbreviating commands4-3

access point security settings, matching client devices10-17

accounting

with RADIUS12-12

with TACACS+12-21, 12-26

accounting command7-5

Address Resolution Protocol (ARP)6-19

AES-CCMP9-2

Aironet Client Utility (ACU)21-9

Aironet extensions6-9, 6-18

antenna

gainsA-5

selection6-17

antenna command6-17

Apply button3-4

ARP

caching5-21

description1-4

association management error and event messagesD-2

associations, limiting by MAC address15-5

attributes, RADIUS

sent by the access point12-18

vendor-proprietary12-15

vendor-specific12-14

authentication4-9

local mode with AAA5-17

RADIUS

key12-5

login5-8, 12-7

SSID7-2

TACACS+

defined12-21

key12-23

login5-13, 12-24

authentication client command7-4

authentication server

configuring access point as local server8-2

described1-3

EAP10-4, 12-3

authentication types

Network-EAP10-4

open10-2

shared key10-3

authenticator8-1

authorization

with RADIUS5-12, 12-11

with TACACS+5-15, 12-21, 12-25

AVVID priority mapping14-11

B

Back button3-4

backoff6-24

backup authenticator, local8-1

bandwidth6-10

banners

configuring

login5-33

message-of-the-day login5-31

default configuration5-31

when displayed5-31

basic settings

checking21-8

beacon dtim-period command6-22

beacon period command6-22

bit-flip attack6-18

blocking communication between clients6-20

bridge-group command6-21

bridge virtual interface (BVI)2-23

broadcast-key command10-15

broadcast key rotation9-1, 9-3

BSSIDs7-7

buttons

management pages3-4

web-browser3-2

C

caching MAC authentications10-15

Called-Station-ID

See CSID

Cancel button3-4

capture frames11-27

carrier busy test6-24

Catalyst 6500 Series11-1

CCKM10-6

authenticated clients10-6

described1-3

CCK modulation6-8

CDP

disabling for routing device16-4

enabling and disabling

on an interface16-4

monitoring16-4

cdp enable command16-4

cdp run command16-3

Cisco Centralized Key Management (CCKM)

See CCKM

Cisco Discovery Protocol (CDP)16-1

Cisco Key Integrity Protocol (CKIP)6-18

Cisco TAC21-1

CiscoWorks 200017-4

clear command4-2

CLI4-1

abbreviating commands4-3

command modes4-2

editing features

enabling and disabling4-6

keystroke editing4-6

wrapped lines4-7

error messages4-4

filtering command output4-8

getting help4-3

history4-4

changing the buffer size4-5

described4-4

disabling4-5

recalling commands4-5

no and default forms of commands4-4

Secure Shell (SSH)4-9

Telnet4-9

terminal emulator settings2-4, 2-6

client ARP caching5-21

client communication, blocking6-20

client power level, limiting6-8

command-line interface

See CLI

command modes4-2

commands

abbreviating4-3

accounting7-5

antenna6-17

authentication client7-4

beacon dtim-period6-22

beacon period6-22

bridge-group6-21

broadcast-key10-15

cdp enable16-4

cdp run16-3

clear4-2

countermeasure tkip hold-time10-17

debug20-2

default form4-4

del21-12

dot11 aaa mac-authen filter-cache10-15

dot11 extension aironet6-18

dot11 holdoff-time10-16

dot11 interface-number carrier busy6-24

dot1x client-timeout10-16

dot1x reauth-period10-16

edit4-6

encapsulation dot1q13-6

encryption9-4

fragment-threshold6-23

guest-mode7-5

help4-3

infrastructure-client6-20

infrastructure-ssid7-5

interface dot11radio1-5, 6-2

ip domain-name5-30

ip redirect7-11

no and default4-4

no shutdown4-4

packet retries6-23

payload-encapsulation6-19

permit tcp-port7-11

power client6-9

power local6-7

recall4-5

rts retries6-22

rts threshold6-22

set21-15

set BOOT21-15

setting privilege levels5-6

show4-2

show dot11 associations7-6

show ip interface2-3

slot-time-short6-24

sort4-8

speed6-6

ssid7-4, 10-10, 13-5

switchport protected6-21

terminal history4-5

terminal width4-8

tftp_init21-15

vlan7-5, 13-5

world-mode6-16

wpa-psk10-14

commands station role6-4

community strings

configuring17-6

overview17-4

Complementary Code Keying (CCK)

See CCK

configuration files

creating using a text editor19-10

deleting a stored configuration19-18

downloading

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-13

using RCP19-16

using TFTP19-11

guidelines for creating and using19-9

invalid combinations when copying19-5

system contact and location information17-10

types and location19-9

uploading

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-14

using RCP19-17

using TFTP19-11

connections, secure remote5-20

countermeasure tkip hold-time command10-17

crypto software image5-20

CSID format, selecting12-13

D

Data Beacon Rate6-22

data rate setting6-4

data retries6-23

data volume2-9

daylight saving time5-26

debug command20-2

default commands4-4

default configuration

banners5-31

DNS5-29

password and privilege level5-2

RADIUS5-8, 12-4

resetting21-9

SNMP17-5

system message logging20-3

system name and prompt5-28

TACACS+5-13, 12-23

default gateway2-9

default username2-3

del command21-12

delivery traffic indication message (DTIM)6-22

DFS6-12

DHCP server

configuring access point as5-18

receiving IP settings from2-9

directories

changing19-4

creating and removing19-4

displaying the working19-4

disable web-based management3-16

diversity6-17

DNS

default configuration5-29

displaying the configuration5-31

overview5-29

setting up5-30

domain names

DNS5-29

Domain Name System

See DNS

dot11 aaa mac-authen filter-cache command10-15

dot11 extension aironet command6-18

dot11 holdoff-time commands10-16

dot11 interface-number carrier busy command6-24

dot1x client-timeout command10-16

dot1x reauth-period command10-16

downloading

configuration files

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-13

using RCP19-16

using TFTP19-11

image files

deleting old image19-22

preparing19-20, 19-23, 19-27

reasons for19-18

using FTP19-24

using RCP19-29

using TFTP19-21

DTIM6-22

duplex, Ethernet port5-16

Dynamic Frequency Selection6-12

Dynamic Transmit Power Control6-8

E

EAP authentication, overview10-4

EAP-FAST8-1, 8-2

EAP-FAST authentication10-17

EAP-MD5 authentication

setting on client and access point10-19

EAP-SIM authentication

setting on client and access point10-20

EAP-TLS authentication

setting on client and access point10-19

edit CLI commands4-6

editing features

enabling and disabling4-6

keystrokes used4-6

wrapped lines4-7

EIRP, maximumA-5, A-6, A-7

enable password5-4

enable secret password5-4

encapsulation dot1q command13-6

encapsulation method6-19

encrypted software image5-20

encryption command9-4

encryption for passwords5-4

error and event messagesD-1

802.11D-4

error messages

CLI4-4

during command entry4-4

setting the display destination device20-5

severity levels20-7

system message format20-2

Ethernet indicator21-4

Ethernet speed and duplex settings5-16

Ethertype filter15-1

event log3-4

event messagesD-1

Express Security page2-11, 3-4

Express Setup page3-4

F

fallback role6-4

fast secure roaming11-1

files

copying19-5

deleting19-5

displaying the contents of19-8

tar

creating19-6

displaying the contents of19-6

extracting19-7

image file format19-19

file system

displaying available file systems19-2

displaying file information19-3

local file system names19-2

network file system names19-5

setting the default19-3

filtering

Ethertype filters15-11

IP filters15-8

MAC address filters15-3

show and more command output4-8

filter output (CLI commands)4-8

firmware

upgrade3-1

version3-4

Flash19-1

Flash device, number of19-2

fragmentation threshold6-23

fragment-threshold command6-23

frequenciesA-2, A-3

FTP

accessing MIB filesC-2

configuration files

downloading19-13

overview19-12

preparing the server19-13

uploading19-14

image files

deleting old image19-26

downloading19-24

preparing the server19-23

uploading19-26

G

get-bulk-request operation17-3

get-next-request operation17-3, 17-4

get-request operation17-3, 17-4

get-response operation17-3

global configuration mode4-2

group key updates10-14

guest mode7-2

guest-mode command7-5

guest SSID7-2

H

help3-14

help, for the command line4-3

history

changing the buffer size4-5

described4-4

disabling4-5

recalling commands4-5

history (CLI)4-4

history table, level and number of syslog messages20-8

Home button3-4

HTTPS3-5

I

IGMP snooping helper14-11

image, operating system21-12

indicators21-2

infrastructure-client command6-20

infrastructure device7-5

infrastructure-ssid command7-5

Inter-Access Point Protocol error and event messagesD-8

inter-client communication, blocking6-20

interface

CLI4-1

web-browser3-1

interface configuration mode4-2

interface dot11radio command1-5, 6-2

interfaces3-4

intrusion detection11-1

IP address, finding and setting2-22

ip domain-name command5-30

IP filters15-8

ip redirect command7-11

IP redirection7-9, 7-10

IPSU2-21

IP subnet mask2-9

ISO designators for protocolsB-1

J

jitter14-2

K

key features1-2

keystrokes (edit CLI commands)4-6

L

latency14-2

Layer 3 mobility11-4

LBS6-14

LEAP

described1-3

LEAP authentication

local authentication8-1

setting on client and access point10-17

LED indicators

Ethernet21-4

radio traffic21-4

status21-4

Light Extensible Authentication Protocol

See LEAP

limiting client associations by MAC address15-5

limiting client power level6-8

line configuration mode4-2

load balancing6-18

local authenticator, access point as8-1

Location-Based Services6-14

login authentication

with RADIUS5-8, 12-7

with TACACS+5-13, 12-24

login banners5-31

log messages

See system message logging

M

MAC address2-22

ACLs, blocking association with15-5

filter15-1, 15-3

troubleshooting21-9

MAC authentication caching10-15

MAC-based authentication8-1, 8-2

management

CLI4-1

map,network3-4

maximum data retries6-23

Maximum RTS Retries6-22

Media Access Control (MAC) address2-3

Message Integrity Check (MIC)1-3, 6-18, 9-1, 21-9

message-of-the-day (MOTD)5-31

messages

to users through banners5-31

MIBs

accessing files with FTPC-2

location of filesC-2

overview17-2

SNMP interaction with17-4

MIC9-1

Microsoft IAS servers10-2

migration mode, WPA10-13

mode (role)6-4

Mode button21-12

modes

global configuration4-2

interface configuration4-2

line configuration4-2

privileged EXEC4-2

user EXEC4-2

monitoring

CDP16-4

monitor mode11-27

move the cursor (CLI)4-6

multicast messages6-19

multiple basic SSIDs7-7

N

names, VLAN13-6

Network-EAP10-4

network map3-4

no commands4-4

non-root2-9

no shutdown command4-4

notification3-4

O

OFDM6-8

OK button3-4

optional ARP caching5-22

Orthogonal Frequency Division Multiplexing (OFDM)

See OFDM

P

packet retries command6-23

packet size (fragment)6-23

password reset21-9

passwords

default configuration5-2

encrypting5-4

overview5-2

setting

enable5-3

enable secret5-4

with usernames5-5

payload-encapsulation command6-19

PEAP authentication

setting on client and access point10-19

permit tcp-port command7-11

ports, protected6-21

positioning packets6-14

power client command6-9

power level

maximumA-5

on client devices6-8

radio6-18

power local command6-7

power-save client device6-22

preferential treatment of traffic

See QoS

pre-shared key10-14

preventing unauthorized access5-2

print3-14

prioritization14-2

privileged EXEC mode4-2

privilege levels

exiting5-7

logging into5-7

overview5-2, 5-6

setting a command with5-6

protected ports6-21

protocol filters15-2

Public Secure Packet Forwarding (PSPF)6-20

Q

QoS

configuration guidelines14-5

described1-3

overview14-2

quality of service

See QoS

R

radio

activity6-24

congestion6-10

indicator21-4

interface6-2

management1-4

preamble6-16

radio diagnostic error and event messagesD-9

radio management11-1

RADIUS

attributes

CSID format, selecting12-13

sent by the access point12-18

vendor-proprietary12-15

vendor-specific12-14

WISPr12-16

configuring

access point as local server8-2

accounting12-12

authentication5-8, 12-7

authorization5-12, 12-11

communication, global12-5, 12-13

communication, per-server12-5

multiple UDP ports12-5

default configuration5-8, 12-4

defining AAA server groups5-10, 12-9

displaying the configuration5-13, 12-17

identifying the server12-5

limiting the services to the user5-12, 12-11

local authentication8-2

method list, defined12-4

operation of12-3

overview12-2

SSID7-2

suggested network environments12-2

tracking services accessed by user12-12

RADIUS accounting1-3

range2-9

rate limit, logging20-9

RCP

configuration files

downloading19-16

overview19-15

preparing the server19-16

uploading19-17

image files

deleting old image19-31

downloading19-29

preparing the server19-27

uploading19-31

reauthentication requests10-2

recall commands4-5

redirection, IP7-9

regulatory

domainsA-2, A-3

reloading access point image21-12

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

repeater1-2

(non-root) device6-3

as a LEAP client18-6

as a WPA client18-7

chain of access points18-2

request to send (RTS)6-22

restricting access

overview5-2

passwords and privilege levels5-2

RADIUS5-7, 12-1

TACACS+5-13

RFC

10426-19

1157, SNMPv117-2

1901, SNMPv2C17-2

1902 to 1907, SNMPv217-2

roaming1-5

fast secure roaming using CCKM11-1

rogue access point detection1-4

role (mode)6-4

role in radio network6-3

root2-9

root device6-3

rotation, broadcast key9-1

rts retries command6-22

RTS threshold6-22

rts threshold command6-22

S

secure remote connections5-20

Secure Shell

See SSH

security3-4

troubleshooting21-9

security features1-3

synchronizing10-17

security settings, Express Security page2-11

self-healing wireless LAN1-4, 11-4

sequence numbers in log messages20-6

service set identifiers (SSIDs)

See SSID

service-type attribute10-2

set BOOT command21-15

set command21-15

set-request operation17-4

severity levels, defining in system messages20-7

shared key10-6

short slot time6-24

show cdp traffic command16-5

show command4-2

show dot11 associations command7-6

show ip interface command2-3

Simple Network Management Protocol

See SNMP

Simple Network Time Protocol

See SNTP

slot-time-short command6-24

SNMP

accessing MIB variables with17-4

agent

described17-3

disabling17-5

community name2-9

community strings

configuring17-6

overview17-4

configuration examples17-10

default configuration17-5

limiting system log messages to NMS20-8

manager functions17-3

overview17-2, 17-4

server groups17-7

shutdown mechanism17-8

snmp-server view17-10

status, displaying17-12

system contact and location17-10

trap manager, configuring17-9

traps

described17-3

enabling17-8

overview17-2, 17-4

types of17-8

versions supported17-2

SNMP, FTP MIB filesC-2

snmp-server group command17-7

SNMP versions supported17-2

snooping helper, IGMP14-11

SNTP

overview5-23

software image21-12

upload and download19-1

software images

location in Flash19-19

tar file format, described19-19

software upgrade

error and event messagesD-1

sort (CLI commands)4-8

spaces in an SSID7-6

speed, Ethernet port5-16

speed command6-6

SSH4-9

configuring5-21

crypto software image5-20

described5-20

displaying settings5-21

SSH Communications Security, Ltd.4-9

SSID7-2

default (tsunami)21-8

guest mode7-2

multiple SSIDs7-1

support1-3

troubleshooting21-8

using spaces in7-6

VLAN7-2

ssid command7-4, 10-10, 13-5

SSL3-5

standby mode1-2

static WEP

with open authentication, setting on client and access point10-17

with shared key authentication, setting on client and access point10-17

station role command6-4

statistics

CDP16-4

SNMP input and output17-12

status indicators21-4

status page3-4

summer time5-26

switchport protected command6-21

syslog

See system message logging

system clock

configuring

daylight saving time5-26

manually5-24

summer time5-26

time zones5-25

displaying the time and date5-24

system management page3-2

system message logging

default configuration20-3

defining error message severity levels20-7

disabling20-4

displaying the configuration20-12

enabling20-4

facility keywords, described20-11

level keywords, described20-8

limiting messages20-8

message format20-2

overview20-2

rate limit20-9

sequence numbers, enabling and disabling20-6

setting the display destination device20-5

timestamps, enabling and disabling20-6

UNIX syslog servers

configuring the daemon20-10

configuring the logging facility20-10

facilities supported20-11

system name

default configuration5-28

manual configuration5-28

See also DNS

system prompt

default setting5-28

T

TAC21-1

TACACS+

accounting, defined12-21

authentication, defined12-21

authorization, defined12-21

configuring

accounting12-26

authentication key12-23

authorization5-15, 12-25

login authentication5-13, 12-24

default configuration5-13, 12-23

described1-3

displaying the configuration5-15, 12-27

identifying the server12-23

limiting the services to the user5-15, 12-25

operation of12-22

overview12-21

tracking services accessed by user12-26

tar files

creating19-6

displaying the contents of19-6

extracting19-7

image file format19-19

Telnet2-23, 4-9

Temporal Key Integrity Protocol (TKIP)9-1

See TKIP

Terminal Access Controller Access Control System Plus

See TACACS+

terminal emulator2-4

terminal history command4-5

terminal width command4-8

TFTP21-15

configuration files

downloading19-11

preparing the server19-10

uploading19-11

image files

deleting19-22

downloading19-21

preparing the server19-20

uploading19-22

password5-4

tftp_init command21-15

TFTP server21-12

throughput2-9

time

See SNTP and system clock

timestamps in log messages20-6

time zones5-25

TKIP1-3, 6-18, 9-1, 9-2

traps3-4

configuring managers17-8

defined17-3

enabling17-8

notification types17-8

overview17-2, 17-4

Trivial File Transfer Protocol (TFTP)

See TFTP

troubleshooting21-1

error messages (CLI)4-4

system message logging20-2

with CiscoWorks17-4

U

unauthorized access5-2

UNIX syslog servers

daemon configuration20-10

facilities supported20-11

message logging configuration20-10

unzip error and event messagesD-3

upgrading software images

See downloading

uploading

configuration files

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-14

using RCP19-17

using TFTP19-11

image files

preparing19-20, 19-23, 19-27

reasons for19-18

using FTP19-26

using RCP19-31

using TFTP19-22

user EXEC mode4-2

username, default2-3

username-based authentication5-5

V

VLAN

local authentication8-2

names13-6

SSID1-3, 7-2

vlan command7-5, 13-5

voice1-4

W

WDS11-1, 11-8

Web-based interface

common buttons3-4

compatible browsers3-1

web-browser buttons3-2

web-browser interface1-5, 3-1

web site

Cisco Software Center21-16

WEP

key example9-5

key hashing1-3

with EAP10-4

WEP key21-9

troubleshooting21-9

WIDS11-6

Wi-Fi Multimedia14-4

Wi-Fi Protected Access

See WPA

Wi-Fi Protected Access (WPA)1-3, 2-13

wireless domain services (WDS)1-3

Wireless Internet Service Provider (WISP)1-4

wireless intrusion detection services11-1

Wireless LAN Services Module11-2

wireless repeater1-2

WISPr1-4

WISPr RADIUS attributes12-16

WMM14-4

workgroup bridge6-19

world mode1-2, 6-15, 6-18

world-mode command6-16

WPA10-7

WPA migration mode10-13

wpa-psk command10-14

wraparound (CLI commands)4-7