WLAN Security

Information About AAA Override

The AAA Override option of a WLAN enables you to configure the WLAN for identity networking. It enables you to apply VLAN tagging, Quality of Service (QoS), and Access Control Lists (ACLs) to individual clients based on the returned RADIUS attributes from the AAA server.

Prerequisites for Layer 2 Security

WLANs with the same SSID must have unique Layer 2 security policies so that clients can make a WLAN selection based on the information advertised in beacon and probe responses. The available Layer 2 security policies are as follows:

None (open WLAN)

WPA+WPA2

Note

Although WPA and WPA2 cannot be used by multiple WLANs with the same SSID, you can configure two WLANs with the same SSID with WPA/TKIP with PSK and Wi-Fi Protected Access (WPA)/Temporal Key Integrity Protocol (TKIP) with 802.1X, or with WPA/TKIP with 802.1X or WPA/AES with 802.1X.
A WLAN configured with TKIP support will not be enabled on an RM3000AC module.

Static WEP (not supported on Wave 2 APs)

How to Configure WLAN Security

Configuring Static WEP Layer 2 Security Parameters (CLI)

Before you begin

You must have administrator privileges.

Procedure

Command or Action Purpose

Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

end

Example:

Device(config)# end

Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Configuring WPA + WPA2 Layer 2 Security Parameters (CLI)

Before you begin

You must have administrator privileges.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	security wpa Example: `Device(config-wlan)# security wpa`
Step 3	security wpa wpa1 Example: `Device(config-wlan)# security wpa wpa1`	Enables .
Step 4	security wpa wpa1 ciphers `[` aes `\|` tkip`]` Example: `Device(config-wlan)# security wpa wpa1 ciphers aes`	Specifies the WPA1 cipher. Choose one of the following encryption types: aes —Specifies WPA/AES support. tkip —Specifies WPA/TKIP support.
Step 5	security wpa wpa2 Example: `Device(config-wlan)# security wpa wpa2`	Enables WPA2.
Step 6	security wpa wpa2 ciphers aes Example: `Device(config-wlan)# security wpa wpa2` Example:	Configure WPA2 cipher.

Cisco Embedded Wireless Controller on Catalyst Access Points Configuration Guide, IOS XE Cupertino 17.9.x

Bias-Free Language

Book Title

Cisco Embedded Wireless Controller on Catalyst Access Points Configuration Guide, IOS XE Cupertino 17.9.x

Chapter Title

WLAN Security

Results

Chapter: WLAN Security

WLAN Security

Information About AAA Override

Prerequisites for Layer 2 Security

Configuring Static WEP Layer 2 Security Parameters (CLI)

Before you begin

Procedure

Example:

Example:

Configuring WPA + WPA2 Layer 2 Security Parameters (CLI)

Before you begin

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Was this Document Helpful?

Contact Cisco