Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.3(4)JA
Index
Downloads: This chapterpdf (PDF - 576.0KB) The complete bookPDF (PDF - 5.31MB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

Numerics

802.11d6-15

802.11e14-2

802.11g6-24

802.11i6-18

802.11 subsystem error and event messagesD-4

802.1H6-19

802.1x authentication8-2

A

abbreviating commands4-3

access point security settings, matching client devices10-17

accounting

with RADIUS12-12

with TACACS+12-21, 12-26

accounting command7-5

Address Resolution Protocol (ARP)6-19

AES-CCMP9-2

Aironet Client Utility (ACU)21-9

Aironet extensions6-9, 6-18

antenna

gainsA-5

selection6-17

antenna command6-17

Apply button3-4

ARP

caching5-21

description1-4

association management error and event messagesD-2

associations, limiting by MAC address15-5

attributes, RADIUS

sent by the access point12-18

vendor-proprietary12-15

vendor-specific12-14

authentication4-9

local mode with AAA5-17

RADIUS

key12-5

login5-8, 12-7

SSID7-2

TACACS+

defined12-21

key12-23

login5-13, 12-24

authentication client command7-4

authentication server

configuring access point as local server8-2

described1-3

EAP10-4, 12-3

authentication types

Network-EAP10-4

open10-2

shared key10-3

authenticator8-1

authorization

with RADIUS5-12, 12-11

with TACACS+5-15, 12-21, 12-25

AVVID priority mapping14-11

B

Back button3-4

backoff6-24

backup authenticator, local8-1

bandwidth6-10

banners

configuring

login5-33

message-of-the-day login5-31

default configuration5-31

when displayed5-31

basic settings

checking21-8

beacon dtim-period command6-22

beacon period command6-22

bit-flip attack6-18

blocking communication between clients6-20

bridge-group command6-21

bridge virtual interface (BVI)2-23

broadcast-key command10-15

broadcast key rotation9-1, 9-3

BSSIDs7-7

buttons

management pages3-4

web-browser3-2

C

caching MAC authentications10-15

Called-Station-ID

See CSID

Cancel button3-4

capture frames11-27

carrier busy test6-24

Catalyst 6500 Series11-1

CCKM10-6

authenticated clients10-6

described1-3

CCK modulation6-8

CDP

disabling for routing device16-4

enabling and disabling

on an interface16-4

monitoring16-4

cdp enable command16-4

cdp run command16-3

Cisco Centralized Key Management (CCKM)

See CCKM

Cisco Discovery Protocol (CDP)16-1

Cisco Key Integrity Protocol (CKIP)6-18

Cisco TAC21-1

CiscoWorks 200017-4

clear command4-2

CLI4-1

abbreviating commands4-3

command modes4-2

editing features

enabling and disabling4-6

keystroke editing4-6

wrapped lines4-7

error messages4-4

filtering command output4-8

getting help4-3

history4-4

changing the buffer size4-5

described4-4

disabling4-5

recalling commands4-5

no and default forms of commands4-4

Secure Shell (SSH)4-9

Telnet4-9

terminal emulator settings2-4, 2-6

client ARP caching5-21

client communication, blocking6-20

client power level, limiting6-8

command-line interface

See CLI

command modes4-2

commands

abbreviating4-3

accounting7-5

antenna6-17

authentication client7-4

beacon dtim-period6-22

beacon period6-22

bridge-group6-21

broadcast-key10-15

cdp enable16-4

cdp run16-3

clear4-2

countermeasure tkip hold-time10-17

debug20-2

default form4-4

del21-12

dot11 aaa mac-authen filter-cache10-15

dot11 extension aironet6-18

dot11 holdoff-time10-16

dot11 interface-number carrier busy6-24

dot1x client-timeout10-16

dot1x reauth-period10-16

edit4-6

encapsulation dot1q13-6

encryption9-4

fragment-threshold6-23

guest-mode7-5

help4-3

infrastructure-client6-20

infrastructure-ssid7-5

interface dot11radio1-5, 6-2

ip domain-name5-30

ip redirect7-11

no and default4-4

no shutdown4-4

packet retries6-23

payload-encapsulation6-19

permit tcp-port7-11

power client6-9

power local6-7

recall4-5

rts retries6-22

rts threshold6-22

set21-15

set BOOT21-15

setting privilege levels5-6

show4-2

show dot11 associations7-6

show ip interface2-3

slot-time-short6-24

sort4-8

speed6-6

ssid7-4, 10-10, 13-5

switchport protected6-21

terminal history4-5

terminal width4-8

tftp_init21-15

vlan7-5, 13-5

world-mode6-16

wpa-psk10-14

commands station role6-4

community strings

configuring17-6

overview17-4

Complementary Code Keying (CCK)

See CCK

configuration files

creating using a text editor19-10

deleting a stored configuration19-18

downloading

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-13

using RCP19-16

using TFTP19-11

guidelines for creating and using19-9

invalid combinations when copying19-5

system contact and location information17-10

types and location19-9

uploading

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-14

using RCP19-17

using TFTP19-11

connections, secure remote5-20

countermeasure tkip hold-time command10-17

crypto software image5-20

CSID format, selecting12-13

D

Data Beacon Rate6-22

data rate setting6-4

data retries6-23

data volume2-9

daylight saving time5-26

debug command20-2

default commands4-4

default configuration

banners5-31

DNS5-29

password and privilege level5-2

RADIUS5-8, 12-4

resetting21-9

SNMP17-5

system message logging20-3

system name and prompt5-28

TACACS+5-13, 12-23

default gateway2-9

default username2-3

del command21-12

delivery traffic indication message (DTIM)6-22

DFS6-12

DHCP server

configuring access point as5-18

receiving IP settings from2-9

directories

changing19-4

creating and removing19-4

displaying the working19-4

disable web-based management3-16

diversity6-17

DNS

default configuration5-29

displaying the configuration5-31

overview5-29

setting up5-30

domain names

DNS5-29

Domain Name System

See DNS

dot11 aaa mac-authen filter-cache command10-15

dot11 extension aironet command6-18

dot11 holdoff-time commands10-16

dot11 interface-number carrier busy command6-24

dot1x client-timeout command10-16

dot1x reauth-period command10-16

downloading

configuration files

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-13

using RCP19-16

using TFTP19-11

image files

deleting old image19-22

preparing19-20, 19-23, 19-27

reasons for19-18

using FTP19-24

using RCP19-29

using TFTP19-21

DTIM6-22

duplex, Ethernet port5-16

Dynamic Frequency Selection6-12

Dynamic Transmit Power Control6-8

E

EAP authentication, overview10-4

EAP-FAST8-1, 8-2

EAP-FAST authentication10-17

EAP-MD5 authentication

setting on client and access point10-19

EAP-SIM authentication

setting on client and access point10-20

EAP-TLS authentication

setting on client and access point10-19

edit CLI commands4-6

editing features

enabling and disabling4-6

keystrokes used4-6

wrapped lines4-7

EIRP, maximumA-5, A-6, A-7

enable password5-4

enable secret password5-4

encapsulation dot1q command13-6

encapsulation method6-19

encrypted software image5-20

encryption command9-4

encryption for passwords5-4

error and event messagesD-1

802.11D-4

error messages

CLI4-4

during command entry4-4

setting the display destination device20-5

severity levels20-7

system message format20-2

Ethernet indicator21-4

Ethernet speed and duplex settings5-16

Ethertype filter15-1

event log3-4

event messagesD-1

Express Security page2-11, 3-4

Express Setup page3-4

F

fallback role6-4

fast secure roaming11-1

files

copying19-5

deleting19-5

displaying the contents of19-8

tar

creating19-6

displaying the contents of19-6

extracting19-7

image file format19-19

file system

displaying available file systems19-2

displaying file information19-3

local file system names19-2

network file system names19-5

setting the default19-3

filtering

Ethertype filters15-11

IP filters15-8

MAC address filters15-3

show and more command output4-8

filter output (CLI commands)4-8

firmware

upgrade3-1

version3-4

Flash19-1

Flash device, number of19-2

fragmentation threshold6-23

fragment-threshold command6-23

frequenciesA-2, A-3

FTP

accessing MIB filesC-2

configuration files

downloading19-13

overview19-12

preparing the server19-13

uploading19-14

image files

deleting old image19-26

downloading19-24

preparing the server19-23

uploading19-26

G

get-bulk-request operation17-3

get-next-request operation17-3, 17-4

get-request operation17-3, 17-4

get-response operation17-3

global configuration mode4-2

group key updates10-14

guest mode7-2

guest-mode command7-5

guest SSID7-2

H

help3-14

help, for the command line4-3

history

changing the buffer size4-5

described4-4

disabling4-5

recalling commands4-5

history (CLI)4-4

history table, level and number of syslog messages20-8

Home button3-4

HTTPS3-5

I

IGMP snooping helper14-11

image, operating system21-12

indicators21-2

infrastructure-client command6-20

infrastructure device7-5

infrastructure-ssid command7-5

Inter-Access Point Protocol error and event messagesD-8

inter-client communication, blocking6-20

interface

CLI4-1

web-browser3-1

interface configuration mode4-2

interface dot11radio command1-5, 6-2

interfaces3-4

intrusion detection11-1

IP address, finding and setting2-22

ip domain-name command5-30

IP filters15-8

ip redirect command7-11

IP redirection7-9, 7-10

IPSU2-21

IP subnet mask2-9

ISO designators for protocolsB-1

J

jitter14-2

K

key features1-2

keystrokes (edit CLI commands)4-6

L

latency14-2

Layer 3 mobility11-4

LBS6-14

LEAP

described1-3

LEAP authentication

local authentication8-1

setting on client and access point10-17

LED indicators

Ethernet21-4

radio traffic21-4

status21-4

Light Extensible Authentication Protocol

See LEAP

limiting client associations by MAC address15-5

limiting client power level6-8

line configuration mode4-2

load balancing6-18

local authenticator, access point as8-1

Location-Based Services6-14

login authentication

with RADIUS5-8, 12-7

with TACACS+5-13, 12-24

login banners5-31

log messages

See system message logging

M

MAC address2-22

ACLs, blocking association with15-5

filter15-1, 15-3

troubleshooting21-9

MAC authentication caching10-15

MAC-based authentication8-1, 8-2

management

CLI4-1

map,network3-4

maximum data retries6-23

Maximum RTS Retries6-22

Media Access Control (MAC) address2-3

Message Integrity Check (MIC)1-3, 6-18, 9-1, 21-9

message-of-the-day (MOTD)5-31

messages

to users through banners5-31

MIBs

accessing files with FTPC-2

location of filesC-2

overview17-2

SNMP interaction with17-4

MIC9-1

Microsoft IAS servers10-2

migration mode, WPA10-13

mode (role)6-4

Mode button21-12

modes

global configuration4-2

interface configuration4-2

line configuration4-2

privileged EXEC4-2

user EXEC4-2

monitoring

CDP16-4

monitor mode11-27

move the cursor (CLI)4-6

multicast messages6-19

multiple basic SSIDs7-7

N

names, VLAN13-6

Network-EAP10-4

network map3-4

no commands4-4

non-root2-9

no shutdown command4-4

notification3-4

O

OFDM6-8

OK button3-4

optional ARP caching5-22

Orthogonal Frequency Division Multiplexing (OFDM)

See OFDM

P

packet retries command6-23

packet size (fragment)6-23

password reset21-9

passwords

default configuration5-2

encrypting5-4

overview5-2

setting

enable5-3

enable secret5-4

with usernames5-5

payload-encapsulation command6-19

PEAP authentication

setting on client and access point10-19

permit tcp-port command7-11

ports, protected6-21

positioning packets6-14

power client command6-9

power level

maximumA-5

on client devices6-8

radio6-18

power local command6-7

power-save client device6-22

preferential treatment of traffic

See QoS

pre-shared key10-14

preventing unauthorized access5-2

print3-14

prioritization14-2

privileged EXEC mode4-2

privilege levels

exiting5-7

logging into5-7

overview5-2, 5-6

setting a command with5-6

protected ports6-21

protocol filters15-2

Public Secure Packet Forwarding (PSPF)6-20

Q

QoS

configuration guidelines14-5

described1-3

overview14-2

quality of service

See QoS

R

radio

activity6-24

congestion6-10

indicator21-4

interface6-2

management1-4

preamble6-16

radio diagnostic error and event messagesD-9

radio management11-1

RADIUS

attributes

CSID format, selecting12-13

sent by the access point12-18

vendor-proprietary12-15

vendor-specific12-14

WISPr12-16

configuring

access point as local server8-2

accounting12-12

authentication5-8, 12-7

authorization5-12, 12-11

communication, global12-5, 12-13

communication, per-server12-5

multiple UDP ports12-5

default configuration5-8, 12-4

defining AAA server groups5-10, 12-9

displaying the configuration5-13, 12-17

identifying the server12-5

limiting the services to the user5-12, 12-11

local authentication8-2

method list, defined12-4

operation of12-3

overview12-2

SSID7-2

suggested network environments12-2

tracking services accessed by user12-12

RADIUS accounting1-3

range2-9

rate limit, logging20-9

RCP

configuration files

downloading19-16

overview19-15

preparing the server19-16

uploading19-17

image files

deleting old image19-31

downloading19-29

preparing the server19-27

uploading19-31

reauthentication requests10-2

recall commands4-5

redirection, IP7-9

regulatory

domainsA-2, A-3

reloading access point image21-12

Remote Authentication Dial-In User Service

See RADIUS

Remote Copy Protocol

See RCP

repeater1-2

(non-root) device6-3

as a LEAP client18-6

as a WPA client18-7

chain of access points18-2

request to send (RTS)6-22

restricting access

overview5-2

passwords and privilege levels5-2

RADIUS5-7, 12-1

TACACS+5-13

RFC

10426-19

1157, SNMPv117-2

1901, SNMPv2C17-2

1902 to 1907, SNMPv217-2

roaming1-5

fast secure roaming using CCKM11-1

rogue access point detection1-4

role (mode)6-4

role in radio network6-3

root2-9

root device6-3

rotation, broadcast key9-1

rts retries command6-22

RTS threshold6-22

rts threshold command6-22

S

secure remote connections5-20

Secure Shell

See SSH

security3-4

troubleshooting21-9

security features1-3

synchronizing10-17

security settings, Express Security page2-11

self-healing wireless LAN1-4, 11-4

sequence numbers in log messages20-6

service set identifiers (SSIDs)

See SSID

service-type attribute10-2

set BOOT command21-15

set command21-15

set-request operation17-4

severity levels, defining in system messages20-7

shared key10-6

short slot time6-24

show cdp traffic command16-5

show command4-2

show dot11 associations command7-6

show ip interface command2-3

Simple Network Management Protocol

See SNMP

Simple Network Time Protocol

See SNTP

slot-time-short command6-24

SNMP

accessing MIB variables with17-4

agent

described17-3

disabling17-5

community name2-9

community strings

configuring17-6

overview17-4

configuration examples17-10

default configuration17-5

limiting system log messages to NMS20-8

manager functions17-3

overview17-2, 17-4

server groups17-7

shutdown mechanism17-8

snmp-server view17-10

status, displaying17-12

system contact and location17-10

trap manager, configuring17-9

traps

described17-3

enabling17-8

overview17-2, 17-4

types of17-8

versions supported17-2

SNMP, FTP MIB filesC-2

snmp-server group command17-7

SNMP versions supported17-2

snooping helper, IGMP14-11

SNTP

overview5-23

software image21-12

upload and download19-1

software images

location in Flash19-19

tar file format, described19-19

software upgrade

error and event messagesD-1

sort (CLI commands)4-8

spaces in an SSID7-6

speed, Ethernet port5-16

speed command6-6

SSH4-9

configuring5-21

crypto software image5-20

described5-20

displaying settings5-21

SSH Communications Security, Ltd.4-9

SSID7-2

default (tsunami)21-8

guest mode7-2

multiple SSIDs7-1

support1-3

troubleshooting21-8

using spaces in7-6

VLAN7-2

ssid command7-4, 10-10, 13-5

SSL3-5

standby mode1-2

static WEP

with open authentication, setting on client and access point10-17

with shared key authentication, setting on client and access point10-17

station role command6-4

statistics

CDP16-4

SNMP input and output17-12

status indicators21-4

status page3-4

summer time5-26

switchport protected command6-21

syslog

See system message logging

system clock

configuring

daylight saving time5-26

manually5-24

summer time5-26

time zones5-25

displaying the time and date5-24

system management page3-2

system message logging

default configuration20-3

defining error message severity levels20-7

disabling20-4

displaying the configuration20-12

enabling20-4

facility keywords, described20-11

level keywords, described20-8

limiting messages20-8

message format20-2

overview20-2

rate limit20-9

sequence numbers, enabling and disabling20-6

setting the display destination device20-5

timestamps, enabling and disabling20-6

UNIX syslog servers

configuring the daemon20-10

configuring the logging facility20-10

facilities supported20-11

system name

default configuration5-28

manual configuration5-28

See also DNS

system prompt

default setting5-28

T

TAC21-1

TACACS+

accounting, defined12-21

authentication, defined12-21

authorization, defined12-21

configuring

accounting12-26

authentication key12-23

authorization5-15, 12-25

login authentication5-13, 12-24

default configuration5-13, 12-23

described1-3

displaying the configuration5-15, 12-27

identifying the server12-23

limiting the services to the user5-15, 12-25

operation of12-22

overview12-21

tracking services accessed by user12-26

tar files

creating19-6

displaying the contents of19-6

extracting19-7

image file format19-19

Telnet2-23, 4-9

Temporal Key Integrity Protocol (TKIP)9-1

See TKIP

Terminal Access Controller Access Control System Plus

See TACACS+

terminal emulator2-4

terminal history command4-5

terminal width command4-8

TFTP21-15

configuration files

downloading19-11

preparing the server19-10

uploading19-11

image files

deleting19-22

downloading19-21

preparing the server19-20

uploading19-22

password5-4

tftp_init command21-15

TFTP server21-12

throughput2-9

time

See SNTP and system clock

timestamps in log messages20-6

time zones5-25

TKIP1-3, 6-18, 9-1, 9-2

traps3-4

configuring managers17-8

defined17-3

enabling17-8

notification types17-8

overview17-2, 17-4

Trivial File Transfer Protocol (TFTP)

See TFTP

troubleshooting21-1

error messages (CLI)4-4

system message logging20-2

with CiscoWorks17-4

U

unauthorized access5-2

UNIX syslog servers

daemon configuration20-10

facilities supported20-11

message logging configuration20-10

unzip error and event messagesD-3

upgrading software images

See downloading

uploading

configuration files

preparing19-10, 19-13, 19-16

reasons for19-8

using FTP19-14

using RCP19-17

using TFTP19-11

image files

preparing19-20, 19-23, 19-27

reasons for19-18

using FTP19-26

using RCP19-31

using TFTP19-22

user EXEC mode4-2

username, default2-3

username-based authentication5-5

V

VLAN

local authentication8-2

names13-6

SSID1-3, 7-2

vlan command7-5, 13-5

voice1-4

W

WDS11-1, 11-8

Web-based interface

common buttons3-4

compatible browsers3-1

web-browser buttons3-2

web-browser interface1-5, 3-1

web site

Cisco Software Center21-16

WEP

key example9-5

key hashing1-3

with EAP10-4

WEP key21-9

troubleshooting21-9

WIDS11-6

Wi-Fi Multimedia14-4

Wi-Fi Protected Access

See WPA

Wi-Fi Protected Access (WPA)1-3, 2-13

wireless domain services (WDS)1-3

Wireless Internet Service Provider (WISP)1-4

wireless intrusion detection services11-1

Wireless LAN Services Module11-2

wireless repeater1-2

WISPr1-4

WISPr RADIUS attributes12-16

WMM14-4

workgroup bridge6-19

world mode1-2, 6-15, 6-18

world-mode command6-16

WPA10-7

WPA migration mode10-13

wpa-psk command10-14

wraparound (CLI commands)4-7