Cisco Aironet Access Points

This link leads to the Admin Access window where you can add users to and remove them from the system and assign user capabilities.

Displays the username of the active user.

Specifies whether the user has read-only capabilities.

Specifies whether the user has read/write capabilities.

This link leads to the SSID Manager window where you can specify authentication methods and define VLANs.

Specifies the unique identifier the client devices use to associate with the access point.

Specifies the VLANs that are currently assigned.

Specifies which radio is being used.

Specifies the BSSID/Guest mode attached to this SSID.

Specifies the method of authentication being used. Open enables any device to authenticate and then attempt to communicate with the access point. Shared sends an unencrypted challenge string to any device attempting to communicate with the access point. Network EAP uses EAP to interact with an EAP-compatible server on your network to provide authentication for wireless client devices.

Click Radio0-802.11b Encryption Settings, Radio1-802.11a Encryption Settings, or Radio0-802.11g Encryption Settings to go to the WEP Key Manager/Encryption Manager window.

Indicates whether clients should use data encryption when communicating with the device. The options are none, WEP encryption, or cipher. The remaining columns that do not apply based on your encryption mode choice are unavailable.

Specifies whether MIC is enabled. WEP encryption must be set to Mandatory for MIC to be enabled.

Specifies whether per packet keying is enabled. With WEP key rotation enabled, the access point provides a dynamic broadcast WEP key and changes it at the interval you specify.

Specifies whether Cipher-TKIP is enabled.

Specifies whether Cipher-WEP40BIT is enabled.

Specifies whether Cipher-WEP128BIT is enabled.

Specifies whether Cipher-CKIP is enabled.

Specifies whether Cipher-CMIC is enabled.

Displays the frequency at which the broadcast key is changed.

This link leads to the Server Manager page where you identify the remote servers to be used for authentication.

Specifies the name or IP address of the server.

Specifies the type of server.

Specifies what the server will be used for.

Management frames can be protected in order to detect adversaries who are invoking denial of service attacks, flooding the network with associations and probes, interjecting as rogue access points, and affecting the network performance by attacking the QoS and radio measurement frames.

This link leads to the Intrusion Detection window.

This box is checked if the access point is configured to perform MFP generation (protection). An MFP generator adds a Message Integrity Check Information Element (MIC IE) to the management frame it emits, which allows detectors to identify frames that have been tampered with, fabricated, or replayed.

This box is checked if the access point is configured to perform MFP detection (validation). An MFP detector validates management frames purportedly originating from access points that generate MFP frames and reports discrepancies to the infrastructure.

This column is not present if the access point cannot be configured as a WDS.

This box is checked if the access point is configured as an MFP distributor. At least one WDS must be configured to distribute signature keys to the MFP generators (protectors) and MFP detectors (validators) in the network. These signature keys are required by the generators to create MIC IEs and by the detectors to validate MIC IEs. A device that is configured to distribute keys also creates error reports from data received by the detecting access points and forwards them to the WLSE.