The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Contents
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
WLANs with the same SSID must have unique Layer 2 security policies so that clients can make a WLAN selection based on information advertised in beacon and probe responses. The available Layer 2 security policies are as follows:
The AAA Override option of a WLAN enables you to configure the WLAN for identity networking. It enables you to apply VLAN tagging, Quality of Service (QoS), and Access Control Lists (ACLs) to individual clients based on the returned RADIUS attributes from the AAA server.
How to Configure WLAN Security
You must have administrator privileges.
1.
configure terminal
2.
wlan profile-name
3.
security static-wep-key {authentication {open | sharedkey} | encryption {104 | 40} [ascii | hex] {0|8}} wep-key wep-key-index1-4
4.
end
You must have administrator privileges.
1.
configure terminal
2.
wlan profile-name
3.
security static-wep-key [authentication {open | shared} | encryption {104 | 40} {ascii | hex} [0 | 8]]
4.
end
Note | The default security policy is WPA2. |
You must have administrator privileges.
1.
configure terminal
2.
wlan profile-name
3.
security wpa
4.
security wpa wpa1
5.
security wpa wpa1 ciphers [aes | tkip]
6.
security wpa wpa2
7.
security wpa wpa2 ciphers [aes | tkip]
8.
end
You must have administrator privileges.
1.
configure terminal
2.
wlan profile-name
3.
security dot1x
4.
security [authentication-list auth-list-name | encryption {0 | 104 | 40}
5.
end
Step 1 | Click
> . The WLANs page appears. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Step 2 | Click the WLANs profile of the WLAN you want to configure. The > page appears. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Step 3 | Click the
> tab.
To configure the WPA + WPA2 parameters, provide the following details:
To configure 802.1x parameters, provide the following details:
To specify Static WEP, configure the following parameters:
To configure Static WEP + 802.1X Parameters
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Step 4 | Click Apply. |
Related Topic | Document Title |
---|---|
WLAN command reference |
WLAN Command Reference, Cisco IOS XE Release 3SE (Catalyst 3650 Switches) |
Security configuration guide |
Security Configuration Guide (Catalyst 3650 Switches) |
Description | Link |
---|---|
To help you research and resolve system error messages in this release, use the Error Message Decoder tool. |
https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi |
MIB | MIBs Link |
---|---|
All supported MIBs for this release. |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
Description | Link |
---|---|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
Feature Name | Release | Feature Information |
---|---|---|
WLAN Security functionality | Cisco IOS XE 3.3SE | This feature was introduced. |