1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Wireless Access Point
  5. ISR
  6. Configuration manual

Configuring Mac Authentication Caching - Cisco ISR Configuration Manual

Wireless isr and hwic access point
Hide thumbs
Table of Contents

Advertisement

Configure Authentication Types
Command
Step 6
broadcast-key [ vlan vlan-id ]
{ change seconds }
[ membership-termination ]
[ capability-change ]
Step 7
copy running-config startup-config (Optional) Save your entries in the configuration file.
This example shows how to configure a pre-shared key for clients using WPA and static WEP, with group
key update options:
ap# configure terminal
ap(config)# interface dot11radio 0
ap(config-if)# ssid batman
ap(config-ssid)# wpa-psk ascii batmobile65
ap(config-ssid)# exit
ap(config-if)# exit
ap(config)# broadcast-key vlan 87 membership-termination capability-change

Configuring MAC Authentication Caching

If MAC-authenticated clients on your wireless LAN roam frequently, you can enable a MAC
authentication cache on your access points. MAC authentication caching reduces overhead because the
access point authenticates devices in its MAC-address cache without sending the request to your
authentication server. When a client device completes MAC authentication to your authentication server,
the access point adds the client's MAC address to the cache.
Beginning in privileged EXEC mode, follow these steps to enable MAC authentication caching:
Command
Step 1
configure terminal
Step 2
dot11 aaa authentication
mac-authen filter-cache [timeout
seconds]
Step 3
exit
Step 4
show dot11 aaa authentication
mac-authen filter-cache [address]
Step 5
clear dot11 aaa authentication
mac-authen filter-cache [address]
Step 6
end
Step 7
copy running-config startup-config (Optional) Save your entries in the configuration file.
Cisco Wireless ISR and HWIC Access Point Configuration Guide
6-14
Chapter 6
Purpose
Use the broadcast key rotation command to configure
additional updates of the WPA group key.
Purpose
Enter global configuration mode.
Enable MAC authentication caching on the access point.
Use the timeout option to configure a timeout value for MAC
addresses in the cache. Enter a value from 30 to 65555 seconds.
The default value is 1800 (30 minutes). When you enter a
timeout value, MAC-authentication caching is enabled
automatically.
Return to privileged EXEC mode.
Show entries in the MAC-authentication cache. Include client
MAC addresses to show entries for specific clients.
Clear all entries in the cache. Include client MAC addresses to
clear specific clients from the cache.
Return to privileged EXEC mode.
Configuring Authentication Types
OL-6415-04

Advertisement

Table of Contents
loading

Related Manuals for Cisco ISR

Related Content for Cisco ISR

This manual is also suitable for:

Hwic

Table of Contents