Configuring the switch for authentication, Embedded access points – Cisco WIRELESS LAN CONTROLLER OL-17037-01 User Manual

Page 15

Advertising
background image

7-15

Cisco Wireless LAN Controller Configuration Guide

OL-17037-01

Chapter 7 Controlling Lightweight Access Points

Embedded Access Points

Configuring the Switch for Authentication

On the switch CLI, enter these commands to enable 802.1X authentication on a switch port:

Switch# configure terminal

Switch(config)# dot1x system-auth-control

Switch(config)# aaa new-model

Switch(config)# aaa authentication dot1x default group radius

Switch(config)# radius-server host ip_addr auth-port port acct-port port key key

Switch(config)# interface fastethernet2/1

Switch(config-if)# switchport mode access

Switch(config-if)# dot1x pae authenticator

Switch(config-if)# dot1x port-control auto

Switch(config-if)# end

Embedded Access Points

Controller software release 5.1 or later supports the AP801, which is the integrated access point on the
Cisco 800 Series Integrated Services Routers (ISRs). This access point uses a Cisco IOS software image
that is separate from the router Cisco IOS software image. It can operate as an autonomous access point
that is configured and managed locally, or it can operate as a centrally managed access point utilizing
the CAPWAP or LWAPP protocol. The AP801 is preloaded with both an autonomous Cisco IOS release
and a recovery image for the unified mode.

Note

Before you use an AP801 Series Lightweight Access Point with controller software release 5.2, you must
upgrade the software in the Cisco 800 Series Integrated Services Router (ISR) to Cisco IOS Release
12.4(22)T.

When you want to use the AP801 with a controller, you must enable the recovery image for the unified
mode on the access point by entering this CLI command on the router in privileged EXEC mode:
service-module wlan-ap 0 bootimage unified.

Note

If the service-module wlan-ap 0 bootimage unified command does not work successfully, make sure
that the software license is still eligible.

After enabling the recovery image, enter this CLI command on the router to shut down and reboot the
access point: service-module wlan-ap 0 reload. After the access point reboots, it discovers the
controller, downloads the full CAPWAP or LWAPP software release from the controller, and acts as a
lightweight access point.

Advertising
Popular Brands
Popular manuals