Protecting access to privileged exec commands – Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

201

Administering the WAP Access

Chapter 6

Preventing Unauthorized
Access to Your Access Point

You can prevent unauthorized users from reconfiguring the wireless device and
viewing configuration information. Typically, you want network administrators
to have access to the wireless device while you restrict access to users who connect
through a terminal or workstation from within the local network.

To prevent unauthorized access to the wireless device, configure one of these
security features:

• Username and password pairs, that are locally stored on the wireless device.

These pairs authenticate each user before that user can access the wireless
device. You can also assign a specific privilege level (read-only or read/
write) to each username and password pair.

• The default username is blank, and the default password is

wirelessap

.

Usernames and passwords are case-sensitive.

• For more information in CLI, see the

Configuring Username and

Password Pairs on page 205

.

• Username and password pairs stored centrally in a database on a security

server.

For more information, see the

Controlling Access Point Access with

RADIUS on page 208

.

For more information, see the

Configuring Security on page 64

.

Protecting Access to
Privileged EXEC Commands

A simple way of providing terminal access control in your network is to use
passwords and assign privilege levels. Password protection restricts access to a
network or network device. Privilege levels define what commands users can issue
after they have logged into a network device.

For complete syntax and usage information for the commands used in this
chapter, see the

Cisco IOS Security Command Reference for Release 12.3

.

TIP

Characters TAB, ?, $, +, and [ are invalid characters for passwords.