WPA Configuration Example Web UI VLAN ConfigurationNetworkVLANs Add
WPA Configuration Example Web. UI VLAN Configuration->Network->VLANs: Add Firewall policies Configuration->Security->Access Control->Policies: Add User role AP system profile Configuration->Security->Access Control-> User Roles: Add Configuration->All Profiles->AP-> AP System Profile: Add Define Authentication Server AP Group Configuration->Security->Authentication-> Severs: <Server Type>: Add Configuration-> AP Configuration: New Server group Configuration->Security->Authentication-> Severs->Server Group: Add Assign VAP to AP Group Configuration->AP Configuration: <AP-Group-Name>: Edit 802. 1 x Authentication Configuration->All Profiles->Wireless LAN-> 802. 1 x Authentication Profile: Add AAA Configuration->All Profiles-> Wireless LAN->AAA Profile: Add SSID Configuration->All Profiles-> Wireless LAN->SSID Profile: Add Virtual AP Configuration->All Profiles-> Wireless LAN->Virtual AP profile: Add Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration
WPA Configuration Example CLI VLAN vlan 200 Firewall policies ip access-list session "Employee. Access" any any permit queue low AP system profile User role ap system-profile Sunnyvale_APs lms-ip 192. 168. 252. 1 bkup-lms-ip 192. 168. 250. 1 user role Employee access-list session Employee. Access Define Authentication Server AP Group aaa authentication-server RADIUS 01. . . ap-group Sunnyvale_APs Server group Assign VAP to AP Group aaa server-group Employee. RADIUS auth-server RADIUS 01 ap-group Sunnyvale_APs virtual-ap Employee_VAP ap-system-profile 802. 1 x Authentication aaa authentication dot 1 x Employee. Dot 1 x termination eap-type eap-peap AAA aaa profile Employee_AAA dot 1 x-default-role logon authentication-dot 1 x Employee. Dot 1 x SSID wlan ssid-profile Employee_SSID essid “corp” opmode wpa 2 -aes Virtual AP wlan virtual-ap Employee_VAP aaa-profile Employee_AAA ssid-profile Employee_SSID vlan 200 forward-mode tunnel Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration
Captive Portal Configuration Example Web. UI VLAN Configuration->Network->VLANs: Add Firewall policies Configuration->Security->Access Control->Policies: Add User role AP system profile Configuration->Security->Access Control-> User Roles: Add Configuration->All Profiles->AP-> AP System Profile: Add Define Authentication Server AP Group Configuration->Security->Authentication-> Severs: <Server Type>: Add Configuration-> AP Configuration: New Server group Configuration->Security->Authentication-> Severs->Server Group: Add Assign VAP to AP Group Configuration->AP Configuration: <AP-Group-Name>: Edit Captive Portal Authentication Configuration->All Profiles->Wireless LAN-> Captive Portal Authentication Profile: Add +Server Group == <Server Group> SSID Configuration->All Profiles-> Wireless LAN->SSID Profile: Add AAA Configuration->All Profiles-> Wireless LAN->AAA Profile: Add Virtual AP Configuration->All Profiles-> Wireless LAN->Virtual AP profile: Add Assign Captive Portal Profile Configuration->Security->Access Control-> User Roles: <Guest Role>: Edit Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration
VLAN vlan 900 Captive Portal Configuration Example CLI Firewall policies ip access-list session ”Guest. Access" any any permit queue low AP system profile User role ap system-profile Sunnyvale_APs lms-ip 192. 168. 252. 1 bkup-lms-ip 192. 168. 250. 1 User-role guest access-list session Guest. Access Define Authentication Server AP Group aaa authentication-server Guest. Auth. Server. . . ap-group Sunnyvale_APs Server group Assign VAP to AP Group aaa server-group Guest. Auth. Servers auth-server Guest. Auth. Server Captive Portal Authentication aaa authentication captive-portal Guest. CP server-group “internal” AAA aaa profile Guest_AAA initial-role logon ap-group Sunnyvale_APs virtual-ap Employee_VAP ap-system-profile SSID wlan ssid-profile Guest_SSID essid “guest” opmode opensystem Virtual AP wlan virtual-ap Guest_VAP aaa-profile Guest_AAA ssid-profile Guest_SSID vlan 900 forward-mode tunnel Assign Captive Portal Profile User-role guest captive-portal Guest. CP Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration
VLAN Configuration->Network->VLANs: Add WEP Configuration Example Web. UI Firewall policies Configuration->Security->Access Control->Policies: Add User role AP system profile Configuration->Security->Access Control-> User Roles: Add Configuration->All Profiles->AP-> AP System Profile: Add AP Group Configuration-> AP Configuration: New Assign VAP to AP Group Configuration->AP Configuration: <AP-Group-Name>: Edit SSID Configuration->All Profiles-> Wireless LAN->SSID Profile: Add Virtual AP Configuration->All Profiles-> Wireless LAN->Virtual AP profile: Add Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration
VLAN vlan 200 WEP Configuration Example CLI Firewall policies ip access-list session "Employee. Access" any any permit queue low AP system profile User role ap system-profile Sunnyvale_APs lms-ip 192. 168. 252. 1 bkup-lms-ip 192. 168. 250. 1 user role Employee access-list session Employee. Access AP Group ap-group Sunnyvale_APs Assign VAP to AP Group ap-group Sunnyvale_APs virtual-ap Employee_VAP ap-system-profile SSID wlan ssid-profile WEP_SSID wepkey 1 deadbeef 99 opmode static-wep Virtual AP wlan virtual-ap WEP_VAP ssid-profile WEP_SSID vlan 210 forward-mode tunnel Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration
- Slides: 6