Step 1 |
enable
|
Enters privileged EXEC mode.
|
Step 2 |
configure terminal
Device# configure terminal
|
Enters global configuration mode.
|
Step 3 |
ap dot1x username user_name_value password 0 password_value
Device(config)# ap dot1x username AP3 password 0
password
|
Configures the global authentication username and password for all access points that are currently joined to the device and any access points that join the device in the future. This command contains the following keywords and arguments:
-
username—Specifies an 802.1X username for all access points.
-
user-id—Username.
-
password—Specifies an 802.1X password for all access points.
-
0—Specifies an unencrypted password.
-
8—Specifies an AES encrypted password.
-
passwd—Password.
Note
|
You must enter a strong password for the password parameter. Strong passwords are at least eight characters long, contain
a combination of uppercase and lowercase letters, numbers, and symbols, and are not a word in any language.
|
|
Step 4 |
end
|
Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.
|
Step 5 |
ap name Cisco_AP dot1x-user username username_value password password_value
Device# ap name AP03 dot1x-user
username apuser1 password appass
|
Overrides the global authentication settings and assigns a unique username and password to a specific access point. This command
contains the following keywords and arguments:
-
username—Specifies to add a username.
-
user-id—Username.
-
password—Specifies to add a password.
-
0—Specifies an unencrypted password.
-
8—Specifies an AES encrypted password.
-
passwd—Password.
Note
|
You must enter a strong password for the password parameter. See the note in Step 2 for the characteristics of strong passwords.
|
The authentication settings that you enter in this command are retained across device and access point reboots and whenever the access point joins a new device.
|
Step 6 |
configure terminal
Device# configure terminal
|
Enters global configuration mode.
|
Step 7 |
no ap dot1x username user_name_value password 0 password_value
Device(config)# no ap dot1x username
dot1xusr password 0 dot1xpass
|
Disables 802.1X authentication for all access points or for a specific access point.
The following message appears after you execute this command: “AP reverted to global username configuration.”
Note
|
You can disable 802.1X authentication for a specific access point only if global 802.1X authentication is not enabled. If
global 802.1X authentication is enabled, you can disable 802.1X for all access points only.
|
|
Step 8 |
end
|
Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.
|
Step 9 |
show ap summary
|
Displays the authentication settings for all access points that join the device.
Note
|
If global authentication settings are not configured, the Global AP Dot1x User Name text box shows “Not Configured.”
|
|
Step 10 |
show ap name Cisco_AP config general
Device# show ap name AP02 config general
|
Displays the authentication settings for a specific access point.
Note
|
If this access point is configured for global authentication, the AP Dot1x User Mode text boxes shows “Automatic.” If the
global authentication settings have been overwritten for this access point, the AP Dot1x User Mode text box shows “Customized.”
|
|