Configuring Devices for Management, 2.9 - Configuring AAA Servers for Monitoring [CiscoWorks Wireless LAN Solution Engine (WLSE)]

Table Of Contents

Configuring AAA Servers

Setting Up an ACS Server

Configuring AAA Servers

The WLSE can monitor the performance of AAA (Authentication, Authorization, and Accounting) services provided by CiscoSecure ACS. The services supported are LEAP, RADIUS, EAP-MD5, PEAP (EAP-GTC only), and EAP-FAST.

This chapter covers setting up an ACS server:

•To set up a CAR server, see the CAR documentation on Cisco.com.

•To set up an access point as an AAA server, see the access point documentation on Cisco.com.

Setting Up an ACS Server

Note For PEAP, besides the procedure in this section, you must set up a certificate and private key on the ACS server and then enable PEAP. For more information, see the CiscoSecure ACS documentation.

To enable monitoring of an ACS server, you must:

•Configure CiscoSecure ACS server to recognize the WLSE as a client. Follow the procedure in this section on each server.

•Configure the WLSE to add information about servers. For more information, see the online help or the User Guide for the CiscoWorks Wireless LAN Solution Engine, Release 2.9.

In addition, you can use an AAA server to authenticate to Wireless Domain Services (WDS) devices. To enable this authentication, make sure an AAA server is configured as described in this section.

Procedure

Step 1 Log into the CiscoSecure ACS Server that will provide authentication services to the wireless network.

Note You will need the IP address or name of the system on which CiscoSecure ACS Server is running when you configure the WLSE.

Step 2 Click User Setup on the left side of the initial page.

Step 3 Enter a username for the user the WLSE will use for synthetic transactions and click Add/Edit.

Step 4 Enter a password in the first set of Password and Confirm Password fields. Click Submit.

Note You will need this name and password when configuring the WLSE.

Step 5 Click Network Configuration on the left side of the page.

Step 6 Click Add Entry. In the Add AAA Client area, enter the WLSE information in the following text boxes:

•Client Hostname—enter the WLSE hostname (or IP address)

•Client IP—enter the WLSE IP address

•Key—enter a secret key

Note You will need this key when configuring the WLSE.

Step 7 Select RADIUS (Cisco Aironet) from the Authenticate Using list.

Step 8 If you are using this server for Wireless Domain Services (WDS) authentication, configure the server for simultaneous login sessions. See the ACS documentation for details.

Step 9 Click Submit or Submit+Restart. A restart is required for the changes to take effect.

	Configuring Devices for Management, 2.9
	Configuring AAA Servers for Monitoring
Configuring Devices for Management, 2.9 Index Introduction Configuring Non-IOS APs Configuring IOS APs for Network Management Configuring IOS APs for Radio Management Configuring Routers and Switches Configuring AAA Servers for Monitoring	Download this chapter Configuring AAA Servers for Monitoring Download the complete book PDF of the Entire Configuration Guide (PDF - 800 KB) Table Of Contents Configuring AAA Servers Setting Up an ACS Server Configuring AAA Servers The WLSE can monitor the performance of AAA (Authentication, Authorization, and Accounting) services provided by CiscoSecure ACS. The services supported are LEAP, RADIUS, EAP-MD5, PEAP (EAP-GTC only), and EAP-FAST. This chapter covers setting up an ACS server: •To set up a CAR server, see the CAR documentation on Cisco.com. •To set up an access point as an AAA server, see the access point documentation on Cisco.com. Setting Up an ACS Server Note For PEAP, besides the procedure in this section, you must set up a certificate and private key on the ACS server and then enable PEAP. For more information, see the CiscoSecure ACS documentation. To enable monitoring of an ACS server, you must: •Configure CiscoSecure ACS server to recognize the WLSE as a client. Follow the procedure in this section on each server. •Configure the WLSE to add information about servers. For more information, see the online help or the User Guide for the CiscoWorks Wireless LAN Solution Engine, Release 2.9. In addition, you can use an AAA server to authenticate to Wireless Domain Services (WDS) devices. To enable this authentication, make sure an AAA server is configured as described in this section. Procedure Step 1 Log into the CiscoSecure ACS Server that will provide authentication services to the wireless network. Note You will need the IP address or name of the system on which CiscoSecure ACS Server is running when you configure the WLSE. Step 2 Click User Setup on the left side of the initial page. Step 3 Enter a username for the user the WLSE will use for synthetic transactions and click Add/Edit. Step 4 Enter a password in the first set of Password and Confirm Password fields. Click Submit. Note You will need this name and password when configuring the WLSE. Step 5 Click Network Configuration on the left side of the page. Step 6 Click Add Entry. In the Add AAA Client area, enter the WLSE information in the following text boxes: •Client Hostname—enter the WLSE hostname (or IP address) •Client IP—enter the WLSE IP address •Key—enter a secret key Note You will need this key when configuring the WLSE. Step 7 Select RADIUS (Cisco Aironet) from the Authenticate Using list. Step 8 If you are using this server for Wireless Domain Services (WDS) authentication, configure the server for simultaneous login sessions. See the ACS documentation for details. Step 9 Click Submit or Submit+Restart. A restart is required for the changes to take effect.
	© 1992-2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.