Cisco AIR-LAP1252AG-A-K9 - Aironet 1252AG - Wireless Access Point, Aironet 1200 Series Software Configuration Manual
Page 1
Cisco Aironet
1200 Series Access Point
Software Configuration Guide
Software Release 11.50T
August, 2002
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Text Part Number: OL-2159-03
Page 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT
NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT
ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR
THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION
PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO
LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as
part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE
PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED
OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL
DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR
INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
CCIP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, Internet
Quotient, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet,
TransPath, and Voice LAN are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That’s Possible, The
Fastest Way to Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA,
CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco
Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack,
IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet , PIX, Post-Routing, Pre-Routing, RateMUX, Registrar,
SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S.
and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a
partnership relationship between Cisco and any other company. (0206R)
Cisco Aironet 1200 Series Access Point Software Configuration Guide
Copyright © 2002, Cisco Systems, Inc.
All rights reserved.
Page 3
Preface xiii
Audience and Scope xiii
Organization xiii
Conventions xiv
Related Publications xv
Obtaining Documentation xvi
World Wide Web xvi
Documentation CD-ROM xvi
Ordering Documentation xvi
CONTENTS
CHAPTER
Documentation Feedback xvii
Obtaining Technical Assistance xvii
Cisco.com xvii
Technical Assistance Center xviii
1 Overview 1-1
Key Features 1-2
Management Options 1-2
Roaming Client Devices 1-3
Network Configuration Examples 1-3
Root Unit on a Wired LAN 1-3
Repeater Unit that Extends Wireless Range 1-4
Central Unit in an All-Wireless Network 1-5
Cisco TAC Web Site xviii
Cisco TAC Escalation Center xix
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
iii
Page 4
Contents
CHAPTER
2 Using the Management Interfaces 2-1
Using the Web-Browser Interface 2-2
Using the Web-Browser Interface for the First Time 2-2
Using the Management Pages in the Web-Browser Interface 2-2
Navigating Using the Map Windows 2-4
Using the Command-Line Interface 2-5
Preparing to Use a Terminal Emulator 2-6
Connecting the Serial Cable 2-6
Setting Up the Terminal Emulator 2-7
Changing Settings with the CLI 2-7
Selecting Pages and Settings 2-9
Applying Changes to the Configuration 2-9
Using a Telnet Session 2-9
Using SNMP 2-10
Supported MIBs 2-10
CHAPTER
iv
3 Configuration 3-1
Basic Settings 3-2
Entering Basic Settings 3-3
System Name 3-3
MAC Address 3-3
Configuration Server Protocol 3-4
Default IP Address 3-4
Default IP Subnet Mask 3-4
Default Gateway 3-4
Radio Service Set ID (SSID) 3-5
Role in Radio Network 3-5
Radio Network Optimization (Optimize Radio Network For) 3-8
Radio Network Compatibility (Ensure Compatibility With) 3-8
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-03
Page 5
SNMP Admin. Community 3-8
Filter Setup 3-9
Protocol Filtering 3-9
Creating a Protocol Filter 3-10
Enabling a Protocol Filter 3-14
MAC Address Filtering 3-14
Creating a MAC Address Filter 3-15
Radio Configuration 3-19
Entering Identity Information 3-19
Settings on the AP Radio Identification Page 3-20
Entering Radio Hardware Information 3-22
Settings on the AP Radio Hardware Page 3-23
Contents
Entering Advanced Configuration Information 3-31
Settings on the AP Radio Advanced Page 3-32
Ethernet Configuration 3-41
Entering Identity Information 3-41
Settings on the Ethernet Identification Page 3-42
Entering Ethernet Hardware Information 3-43
Settings on the Ethernet Hardware Page 3-44
Entering Advanced Configuration Information 3-46
Settings on the Ethernet Advanced Page 3-46
Server Setup 3-48
Entering Time Server Settings 3-49
Settings on the Time Server Setup Page 3-49
Entering Boot Server Settings 3-51
Settings on the Boot Server Setup Page 3-51
Entering Web Server Settings and Setting Up Access Point Help 3-55
Entering Name Server Settings 3-58
OL-2159-03
Settings on the Web Server Setup Page 3-56
Settings on the Name Server Setup Page 3-58
Cisco Aironet 1200 Series Access Point Software Configuration Guide
v
Page 6
Contents
Entering FTP Settings 3-60
Settings on the FTP Setup Page 3-60
Routing Setup 3-61
Entering Routing Settings 3-62
Default Gateway 3-62
New Network Route Settings 3-63
Installed Network Routes list 3-63
Association Table Display Setup 3-64
Association Table Filters Page 3-64
Settings on the Association Table Filters Page 3-65
Association Table Advanced Page 3-68
Settings on the Association Table Advanced Page 3-69
CHAPTER
Event Notification Setup 3-71
Event Display Setup Page 3-71
Settings on the Event Display Setup Page 3-72
Event Handling Setup Page 3-74
Settings on the Event Handling Setup Page 3-76
Event Notifications Setup Page 3-78
Settings on the Event Notifications Setup Page 3-79
4 Security Setup 4-1
Security Overview 4-2
Levels of Security 4-2
Encrypting Radio Signals with WEP 4-3
Additional WEP Security Features 4-3
Network Authentication Types 4-4
Combining MAC-Based, EAP, and Open Authentication 4-8
Protecting the Access Point Configuration with User Manager 4-9
Setting Up WEP 4-9
Cisco Aironet 1200 Series Access Point Software Configuration Guide
vi
OL-2159-03
Page 7
Using SNMP to Set Up WEP 4-13
Enabling Additional WEP Security Features 4-14
Enabling Message Integrity Check (MIC) 4-14
Enabling Temporal Key Integrity Protocol (TKIP) 4-16
Enabling Broadcast WEP Key Rotation 4-18
Setting Up Open or Shared Key Authentication 4-19
Setting Up EAP Authentication 4-20
Enabling EAP on the Access Point 4-20
Enabling EAP in Cisco Secure ACS 4-25
Setting a Session-Based WEP Key Timeout 4-26
Setting up a Repeater Access Point as a LEAP Client 4-27
Setting Up MAC-Based Authentication 4-29
Contents
CHAPTER
Enabling MAC-Based Authentication on the Access Point 4-29
Authenticating Client Devices Using MAC Addresses or EAP 4-34
Enabling MAC-Based Authentication in Cisco Secure ACS 4-35
Summary of Settings for Authentication Types 4-37
Setting Up Backup Authentication Servers 4-40
Setting Up Administrator Authorization 4-41
Creating a List of Authorized Management System Users 4-42
5 Network Management 5-1
Using the Association Table 5-2
Browsing to Network Devices 5-2
Setting the Display Options 5-3
Using Station Pages 5-3
Information on Station Pages 5-5
Performing Pings and Link Tests 5-8
OL-2159-03
Clearing and Updating Statistics 5-10
Deauthenticating and Disassociating Client Devices 5-11
Cisco Aironet 1200 Series Access Point Software Configuration Guide
vii
Page 8
Contents
Using the Network Map Window 5-11
Using Cisco Discovery Protocol 5-13
Settings on the CDP Setup Page 5-14
MIB for CDP 5-14
Assigning Network Ports 5-15
Settings on the Port Assignments Page 5-16
Enabling Wireless Network Accounting 5-16
Settings on the Accounting Setup Page 5-17
Accounting Attributes 5-19
CHAPTER
6 Managing Firmware and Configurations 6-1
Updating Firmware 6-2
Updating with the Browser from a Local Drive 6-2
Full Update of the Firmware Components 6-3
Selective Update of the Firmware Components 6-4
Updating from a File Server 6-5
Full Update of the Firmware Components 6-5
Selective Update of the Firmware Components 6-7
Distributing Firmware 6-8
Distributing a Configuration 6-9
Limiting Distributions 6-11
Downloading, Uploading, and Resetting the Configuration 6-12
Downloading the Current Configuration 6-13
Uploading a Configuration 6-13
Uploading from a Local Drive 6-14
Resetting the Configuration 6-16
Restarting the Access Point 6-17
Cisco Aironet 1200 Series Access Point Software Configuration Guide
viii
Uploading from a File Server 6-14
OL-2159-03
Page 9
Contents
CHAPTER
CHAPTER
CHAPTER
7 Management System Setup 7-1
SNMP Setup 7-2
Settings on the SNMP Setup Page 7-2
Using the Database Query Page 7-3
Settings on the Database Query Page 7-4
Changing Settings with the Database Query Page 7-4
Console and Telnet Setup 7-5
Settings on the Console/Telnet Page 7-5
8 Special Configurations 8-1
Setting Up a Repeater Access Point 8-1
Using Hot Standby Mode 8-5
9 Diagnostics and Troubleshooting 9-1
Using Diagnostic Pages 9-2
Radio Diagnostics Page 9-2
Antenna Alignment Test 9-3
Carrier Test 9-5
Network Ports Page 9-7
Identifying Information and Status 9-8
Data Received 9-8
Data Transmitted 9-9
Ethernet Port Page 9-9
AP Radio Page 9-12
Event Log Page 9-17
Display Settings 9-17
Log Headings 9-18
Saving the Log 9-18
Event Log Summary Page 9-19
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
ix
Page 10
Contents
Using Command-Line Diagnostics 9-20
Entering Diagnostic Commands 9-21
Diagnostic Command Results 9-21
:eap_diag1_on 9-22
:eap_diag2_on 9-22
:vxdiag_arpshow 9-23
:vxdiag_checkstack 9-25
:vxdiag_hostshow 9-25
:vxdiag_i 9-26
:vxdiag_ipstatshow 9-27
:vxdiag_memshow 9-29
:vxdiag_muxshow 9-29
:vxdiag_routeshow 9-30
:vxdiag_tcpstatshow 9-31
:vxdiag_udpstatshow 9-32
Tracing Packets 9-33
Reserving Access Point Memory for a Packet Trace Log File 9-33
Tracing Packets for Specific Devices 9-34
Tracing Packets for Ethernet and Radio Ports 9-35
Viewing Packet Trace Data 9-36
Packets Stored in a Log File 9-36
Packets Displayed on the CLI 9-37
Checking the Top Panel Indicators 9-37
Finding an Access Point by Blinking the Top Panel Indicators 9-40
Checking Basic Settings 9-40
SSID 9-40
WEP Keys 9-40
EAP Authentication Requires Matching 802.1x Protocol Drafts 9-41
Resetting to the Default Configuration 9-43
Cisco Aironet 1200 Series Access Point Software Configuration Guide
x
OL-2159-03
Page 11
Contents
APPENDIX
APPENDIX
I
NDEX
A Channels, Power Levels, and Antenna Gains A-1
Channels A-2
Channels for IEEE 802.11a A-2
Channels for IEEE 802.11b A-3
Maximum Power Levels and Antenna Gains A-4
For IEEE 802.11a A-4
For IEEE 802.11b A-5
B Protocol Filter Lists B-1
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xi
Page 12
Contents
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xii
OL-2159-03
Page 13
Preface
The Cisco Aironet 1200 Series Access Point Software Configuration Guide
describes how to configure Cisco Aironet 1200 Series Access Points using the
web-based management system. This manual also briefly describes how to use the
console-based management system.
Audience and Scope
This guide is for the network manager responsible for configuring a wireless
network. Before using the material in this guide, you should be familiar with some
of the concepts and terminology of Ethernet and wireless local area networking.
The scope of this guide is to provide the information you need to configure an
access point, use the access point management system to browse to other devices
on a wireless network, and troubleshoot problems with the access point that might
arise.
Organization
This guide is organized into the following chapters:
Chapter 1, “Overview,” is a functional overview of the access point management
system. It describes the features of the management system and the access point’s
role in a wireless network.
Chapter 2, “Using the Management Interfaces,” describes how to use the
web-based and console-based management interfaces.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xiii
Page 14
Conventions
Preface
Chapter 3, “Configuration,” describes the how to use the web-based management
system to configure the access point.
Chapter 4, “Security Setup,” describes how to set up and enable the access point’s
security features.
Chapter 5, “Network Management,” describes how to use the web-based
management system to browse to other devices on a wireless network.
Chapter 6, “Managing Firmware and Configurations,” describes how to update
the access point’s firmware and use the management system to distribute firmware
and configurations to other access points.
Chapter 7, “Management System Setup,” describes methods of managing the
access point other than through the access point management system.
Chapter 8, “Special Configurations,” describes how to set up the access point in
network roles other than as a root unit on a wired LAN, such as in repeater or Hot
Standby mode.
Chapter 9, “Diagnostics and Troubleshooting,” describes how to identify and
resolve some of the problems that might arise when you configure an access point
running this software release.
Appendix A, “Channels, Power Levels, and Antenna Gains,” lists the channels
supported by the world’s regulatory domains.
Appendix B, “Protocol Filter Lists,” lists the protocols you can select for filtering
on the management system’s Protocol Filters pages.
Conventions
This publication uses the following conventions to convey instructions and
information:
Command descriptions use these conventions:
Notes, tips, and cautions use the following conventions and symbols:
• Commands and keywords are in boldface text.
Note Means reader take note. Notes contain helpful suggestions or references to
materials not contained in this manual.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xiv
OL-2159-03
Page 15
Preface
Tip Means the following are useful tips.
Caution Means reader be careful. In this situation, you might do something that could
result in equipment damage or loss of data.
Related Publications
The following documents provide more information about access points and
related products:
• Quick Start Guide: Cisco Aironet 1200 Series Access Points describes how to
attach cables, power on, and assign an IP address and default gateway for the
access point.
Related Publications
• Cisco Aironet 1200 Series Access Point Hardware Installation Guide
describes the access point’s hardware features, its physical and performance
characteristics, and how to mount the access point on a wall, ceiling, or
desktop. The Cisco Aironet 1200 Series Access Point Hardware Installation
Guide also contains regulatory information for the device.
• Cisco Secure Access Control Server for Windows 2000/NT Servers Version
2.6 User Guide provides complete instructions for using Cisco Secure ACS,
including steps for configuring Cisco Secure ACS to support access points.
• Quick Start Guide: Cisco Aironet Wireless LAN Adapters describes how to
install and configure PC and PCI client adapter cards for use in a wireless
LAN.
• Cisco Aironet Wireless LAN Adapter Installation and Configuration Guide
provides hardware features, physical and performance characteristics, and
installation instructions for PC and PCI Card client adapters. It also provides
instructions for installing and using the wireless client adapter utilities.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xv
Page 16
Obtaining Documentation
Obtaining Documentation
These sections explain how to obtain documentation from Cisco Systems.
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at
this URL:
http://www.cisco.com
Translated documentation is available at this URL:
http://www.cisco.com/public/countries_languages.shtml
Preface
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco
Documentation CD-ROM package, which is shipped with your product. The
Documentation CD-ROM is updated monthly and may be more current than
printed documentation. The CD-ROM package is available as a single unit or
through an annual subscription.
Ordering Documentation
You can order Cisco documentation in these ways:
• Registered Cisco.com users (Cisco direct customers) can order Cisco product
documentation from the Networking Products MarketPlace:
http://www.cisco.com/cgi-bin/order/order_root.pl
• Registered Cisco.com users can order the Documentation CD-ROM through
the online Subscription Store:
http://www.cisco.com/go/subscription
• Nonregistered Cisco.com users can order documentation through a local
account representative by calling Cisco Systems Corporate Headquarters
(California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by
calling 800 553-NETS (6387).
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xvi
OL-2159-03
Page 17
Preface
Documentation Feedback
You can submit comments electronically on Cisco.com. In the Cisco
Documentation home page, click the Fax or Email option in the “Leave
Feedback” section at the bottom of the page.
You can e-mail your comments to bug-doc@cisco.com.
You can submit your comments by mail by using the response card behind the
front cover of your document or by writing to the following address:
Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Obtaining Technical Assistance
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance.
Customers and partners can obtain online documentation, troubleshooting tips,
and sample configurations from online tools by using the Cisco Technical
Assistance Center (TAC) Web Site. Cisco.com registered users have complete
access to the technical support resources on the Cisco TAC Web Site.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that
provides immediate, open access to Cisco information, networking solutions,
services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use
tool that provides a broad range of features and services to help you with these
tasks:
• Streamline business processes and improve productivity
• Resolve technical issues with online support
• Download and test software packages
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xvii
Page 18
Obtaining Technical Assistance
• Order Cisco learning materials and merchandise
• Register for online skill assessment, training, and certification programs
If you want to obtain customized information and service, you can self-register on
Cisco.com. To access Cisco.com, go to this URL:
http://www.cisco.com
Technical Assistance Center
The Cisco Technical Assistance Center (TAC) is available to all customers who
need technical assistance with a Cisco product, technology, or solution. Two
levels of support are available: the Cisco TAC Web Site and the Cisco TAC
Escalation Center.
Cisco TAC inquiries are categorized according to the urgency of the issue:
Preface
• Priority level 4 (P4)—You need information or assistance concerning Cisco
• Priority level 3 (P3)—Your network performance is degraded. Network
• Priority level 2 (P2)—Your production network is severely degraded,
• Priority level 1 (P1)—Your production network is down, and a critical impact
The Cisco TAC resource that you choose is based on the priority of the problem
and the conditions of service contracts, when applicable.
Cisco TAC Web Site
You can use the Cisco TAC Web Site to resolve P3 and P4 issues yourself, saving
both cost and time. The site provides around-the-clock access to online tools,
knowledge bases, and software. To access the Cisco TAC Web Site, go to this
URL:
product capabilities, product installation, or basic product configuration.
functionality is noticeably impaired, but most business operations continue.
affecting significant aspects of business operations. No workaround is
available.
to business operations will occur if service is not restored quickly. No
workaround is available.
http://www.cisco.com/tac
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xviii
OL-2159-03
Page 19
Preface
All customers, partners, and resellers who have a valid Cisco service contract have
complete access to the technical support resources on the Cisco TAC Web Site.
The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have
a valid service contract but do not have a login ID or password, go to this URL to
register:
http://www.cisco.com/register/
If you are a Cisco.com registered user, and you cannot resolve your technical
issues by using the Cisco TAC Web Site, you can open a case online by using the
TAC Case Open tool at this URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, we recommend that you open P3 and P4 cases through
the Cisco TAC Web Site.
Cisco TAC Escalation Center
Obtaining Technical Assistance
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2
issues. These classifications are assigned when severe network degradation
significantly impacts business operations. When you contact the TAC Escalation
Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country,
go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the
level of Cisco support services to which your company is entitled: for example,
SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When
you call the center, please have available your service agreement number and your
product serial number.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xix
Page 20
Obtaining Technical Assistance
Preface
Cisco Aironet 1200 Series Access Point Software Configuration Guide
xx
OL-2159-03
Page 21
CHAPTER
1
Overview
Cisco Aironet access points are wireless LAN transceivers that serve as the center
point of a stand-alone wireless network or as the connection point between
wireless and wired networks. In large installations, wireless users within radio
range of an access point can roam throughout a facility while maintaining
seamless, uninterrupted access to the network.
Your access point can contain two radios: a 2.4-GHz radio in an internal mini-PCI
slot and a 5-GHz radio module in an external, modified cardbus slot. The access
point supports one radio of each type, but it does not support two 2.4-GHz or two
5-GHz radios. You can configure the radios separately, using different settings on
each radio.
OL-2159-03
The access point uses a browser-based management system, but you can also
configure the access point using a terminal emulator, a Telnet session, or Simple
Network Management Protocol (SNMP).
This chapter provides information on the following topics:
• Key Features, page 1-2
• Management Options, page 1-2
• Roaming Client Devices, page 1-3
• Network Configuration Examples, page 1-3
Cisco Aironet 1200 Series Access Point Software Configuration Guide
1-1
Page 22
Key Features
Key Features
This section describes the key features of the access point firmware. The
following are the key features of this firmware version:
• Use accounting to collect data on wireless devices—You can enable
• Enable additional protection for WEP keys—You can enable three advanced
Chapter 1 Overview
accounting on the access point to send accounting data about wireless client
devices to a RADIUS server on your network. See the “Enabling Wireless
Network Accounting” section on page 5-16 for instructions on enabling
accounting.
security features to protect against sophisticated attacks on your wireless
network’s WEP keys: Message Integrity Check (MIC), WEP key hashing, and
broadcast WEP key rotation. See the “Additional WEP Security Features”
section on page 4-3 for more information on additional WEP protection.
• Use EAP to Authenticate Repeater Access Points—Set up repeater access
points to authenticate to your network like other wireless client devices. After
you provide a network username and password for the repeater, it
authenticates to your network using LEAP, Cisco’s wireless authentication
method, and receives and uses dynamic WEP keys. See the “Setting up a
Repeater Access Point as a LEAP Client” section on page 4-27 for
instructions on setting up a repeater access point.
Management Options
You can use the access point management system through the following
interfaces:
• A web-browser interface
• A command-line interface (CLI)
• Simple Network Management Protocol (SNMP)
The access point’s management system pages are organized the same way for the
web- browser interface and the CLI. The examples in this manual are all taken
from the browser interface. Chapter 2, “Using the Management Interfaces”
provides a detailed description of each management option.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
1-2
OL-2159-03
Page 23
Chapter 1 Overview
Roaming Client Devices
If you have more than one access point in your wireless LAN, wireless client
devices can roam seamlessly from one access point to another. The roaming
functionality is based on signal quality, not proximity. When a client’s signal
quality drops, it roams to another access point.
Wireless LAN users are sometimes concerned when a client device stays
associated to a distant access point instead of roaming to a closer access point.
However, if a client’s signal to a distant access point remains strong, the client will
not roam to a closer access point. If client devices checked constantly for closer
access points, the extra radio traffic would slow throughput on the wireless LAN.
Network Configuration Examples
Roaming Client Devices
This section describes the access point’s role in three common wireless network
configurations. The access point’s default configuration is as a root unit connected
to a wired LAN or as the central unit in an all-wireless network. The repeater role
requires a specific configuration.
Root Unit on a Wired LAN
An access point connected directly to a wired LAN provides a connection point
for wireless users. If more than one access point is connected to the LAN, users
can roam from one area of a facility to another without losing their connection to
the network. As users move out of range of one access point, they automatically
connect to the network (associate) through another access point. The roaming
process is seamless and transparent to the user. Figure 1-1 shows access points
acting as root units on a wired LAN.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
1-3
Page 24
Network Configuration Examples
Figure 1-1 Access Points as Root Units on a Wired LAN
Access Point
(Root Unit)
Wired LAN
Chapter 1 Overview
Access Point
(Root Unit)
65999
Repeater Unit that Extends Wireless Range
An access point can be configured as a stand-alone repeater to extend the range of
your infrastructure or to overcome an obstacle that blocks radio communication.
The repeater forwards traffic between wireless users and the wired LAN by
sending packets to either another repeater or to an access point connected to the
wired LAN. The data is sent through the route that provides the best performance
for the client. You can set up either of the radios in your access point as a repeater,
but one radio must be set up as a root unit.
Figure 1-2 shows an access point acting as a repeater. Consult the “Setting Up a
Repeater Access Point” section on page 8-1 for instructions on setting up the
access point as a repeater.
Note Non-Cisco client devices might have difficulty communicating with repeater
access points.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
1-4
OL-2159-03
Page 25
Chapter 1 Overview
Network Configuration Examples
Figure 1-2 Access Point as Repeater
Access Point
(Root Unit)
Wired LAN
Access Point
(Repeater)
Central Unit in an All-Wireless Network
In an all-wireless network, an access point acts as a stand-alone root unit. The
access point is not attached to a wired LAN; it functions as a hub linking all
stations together. The access point serves as the focal point for communications,
increasing the communication range of wireless users. Figure 1-3 shows an access
point in an all-wireless network.
66000
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
1-5
Page 26
Network Configuration Examples
Figure 1-3 Access Point as Central Unit in All-Wireless Network
Chapter 1 Overview
Access Point
(Root Unit)
65998
Cisco Aironet 1200 Series Access Point Software Configuration Guide
1-6
OL-2159-03
Page 27
CHAPTER
2
Using the Management Interfaces
This chapter describes the interfaces you can use to configure the access point.
You can use a web-browser interface, a command-line interface through a
terminal emulator or a Telnet session, or a Simple Network Management Protocol
(SNMP) application. The access point’s management system web pages are
organized the same way for the web browser and command-line interfaces. The
examples in this manual show the web-browser interface.
This chapter contains the following sections:
• Using the Web-Browser Interface, page 2-2
• Using the Command-Line Interface, page 2-5
OL-2159-03
• Using SNMP, page 2-10
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-1
Page 28
Chapter 2 Using the Management Interfaces
Using the Web-Browser Interface
Using the Web-Browser Interface
The web-browser interface contains management pages that you use to change
access point settings, upgrade and distribute firmware, and monitor and configure
other wireless devices on the network.
Note The access point management system is fully compatible with Microsoft Internet
Explorer versions 4.0 or later and Netscape Communicator versions 4.0 or later.
Earlier versions of these browsers cannot use all features of the management
system.
Using the Web-Browser Interface for the First Time
Use the access point’s IP address to browse to the management system. See the
Quick Start Guide: Cisco Aironet 1200 Series Access Points for instructions on
assigning an IP address to the access point.
Follow these steps to begin using the web-browser interface:
Step 1 Start the browser.
Step 2 Enter the access point’s IP address in the browser Location field (Netscape
Communicator) or Address field (Internet Explorer) and press Enter.
If the access point has not been configured, the Express Setup page appears. If the
access point has been configured, the Summary Status page appears.
Using the Management Pages in the Web-Browser Interface
The system management pages use consistent techniques to present and save
configuration information. Navigation buttons appear at the top of the page, and
configuration action buttons appear at the bottom. You use the navigation buttons
to display other management pages, and you use the configuration action buttons
to save or cancel changes to the configuration.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-2
OL-2159-03
Page 29
Chapter 2 Using the Management Interfaces
Note It’s important to remember that clicking your browser’s Back button is the same
as clicking Cancel: if you make changes on a management page, your changes are
not applied when you click Back. Changes are only applied when you click Apply
or OK.
Table 2-1 lists the page links and buttons that appear on most management pages.
Table 2-1 Common Buttons on Management Pages
Button/Link Description
Navigation Links
Home Displays the Summary Status page.
Map Opens the Map window, which contains links to every
Using the Web-Browser Interface
management page.
Network Displays the Network Ports page.
Associations Displays the Association Table page, which provides a list of
all devices on the wireless network and links to the devices.
Setup Displays the Setup page, which contains links to the
management pages with configuration settings.
Logs Displays the Event Log page, which lists system events and
their severity levels.
Help Displays the online help for the current window and the
online help table of contents.
Login Logs you into the access point’s management system for
access to all pages and features appropriate for your user
level.
Configuration Action Buttons
Apply Saves changes made on the page and remain on the page.
OK Saves changes made on the page and return to the previous
page.
Cancel Discards changes to the page and return to the previous page.
Restore Defaults Returns all settings on the page to their default values.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-3
Page 30
Using the Web-Browser Interface
Navigating Using the Map Windows
The Map window appears when you click Map at the top of any management
page. You can use the Map window to jump quickly to any system management
page, or to a map of your entire wireless network.
Note Your Internet browser must have Java enabled to use the map windows.
To display the sub-pages for each main page, click the bullet next to a main page
link (Microsoft Internet Explorer), or click expand next to a main page link
(Netscape Communicator). In Figure 2-1, the sub-pages for the Network Ports
page are expanded.
Figure 2-1 Map Window with Network Ports Pages Expanded
Chapter 2 Using the Management Interfaces
The Network Map window appears when you click Network Map in the Map
window. You use the Network Map window to open a new browser window
displaying information for any device on your wireless network. Figure 2-2 shows
the Network Map window.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-4
OL-2159-03
Page 31
Chapter 2 Using the Management Interfaces
Figure 2-2 The Network Map Window
Using the Command-Line Interface
Click the name of a wireless device to open a new browser window displaying a
Station page listing the access point’s local information for that device. Click Go
beside the device name to open a new browser window displaying that device’s
home page, if available. Some devices, such as PC Card clients, might not have
home pages.
Click show clients to display all the wireless client devices on your network. The
client names appear under the access point or bridge with which they are
associated. If clients are displayed, click hide clients to display only non-client
devices.
Using the Command-Line Interface
You can use a command-line interface (CLI) to configure your access point
through a terminal emulation program or a Telnet session instead of through your
browser. This section provides instructions for Microsoft’s HyperTerminal and for
Telnet; other programs are similar.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-5
Page 32
Using the Command-Line Interface
Preparing to Use a Terminal Emulator
To use a terminal emulator to open the CLI, you need to:
1. Connect a nine-pin, female DB-9 to RJ-45 serial cable to the RJ-45 serial port
on the access point and to the COM port on a computer.
2. Set up a terminal emulator to communicate with the access point. Use the
following settings for the terminal emulator connection: 9600 baud, 8 data
bits, no parity, 1 stop bit, and no flow control.
Use the Console/Telnet Setup page to adjust the console and Telnet
connection settings. See the “Console and Telnet Setup” section on page 7-5
for details on the Console/Telnet Setup page.
Connecting the Serial Cable
Chapter 2 Using the Management Interfaces
Connect a DB-9 to RJ-45 serial cable to the COM port on a computer and to the
RJ-45 serial port on the access point. Figure 2-3 shows the serial port connection.
Figure 2-3 Connecting the Serial Cable
DB-9 to RJ-45
serial cable
Note The Cisco part number for the DB-9 to RJ-45 serial cable is AIR-CONCAB1200.
RJ-45 serial
connector
Browse to http://www.cisco.com/go/marketplace to order a serial cable.
74005
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-6
OL-2159-03
Page 33
Chapter 2 Using the Management Interfaces
Setting Up the Terminal Emulator
Follow these steps to set up the terminal emulator:
Step 1 Open a terminal emulator.
Step 2 Enter these settings for the connection:
• Bits per second (baud rate): 9600
• Data bits: 8
• Parity: none
• Stop bits: 1
• Flow control: none
Step 3 Press = to display the home page of the access point. If the access point has not
been configured before, the Express Setup page appears as the home page. If the
access point is already configured, the Summary Status page appears as the home
page.
Using the Command-Line Interface
Changing Settings with the CLI
The CLI pages use consistent techniques to present and save configuration
information. Tabl e 2- 2 lists the functions that appear on most CLI pages.
Table 2-2 Common Functions on CLI Pages
Function Description
Press Enter
three times
Ctrl-R Refreshes the page and cancel changes to settings.
= Returns to the home page without applying changes.
:back Moves back one page without applying changes.
OL-2159-03
Refreshes the page and cancel changes to settings.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-7
Page 34
Using the Command-Line Interface
Table 2-2 Common Functions on CLI Pages (continued)
Function Description
:bottom Jumps to the bottom of a long page, such as Event Log. When
:down Moves down one page length (24 lines) on a long page, such
You can also enter diagnostic commands in the CLI. See the “Using
Command-Line Diagnostics” section on page 9-20 for information on the CLI
diagnostic commands.
Figure 2-4 shows a CLI page example.
Chapter 2 Using the Management Interfaces
you are at the bottom of a page, this function becomes :top.
as Event Log. When you are at the bottom of a long page, this
function becomes :up.
Figure 2-4 CLI Page Example
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-8
OL-2159-03
Page 35
Chapter 2 Using the Management Interfaces
Selecting Pages and Settings
When you type names and settings that appear in brackets you jump to that page
or setting. HyperTerminal jumps to the page or setting as soon as it recognizes a
unique name, so you only need to type the first few characters in the page or
setting name. To jump from the home page to the Setup page, for example, you
only need to type se.
Applying Changes to the Configuration
The CLI’s auto-apply feature is on by default, so changes you make to any page
are applied automatically when you move to another management page. To apply
changes and stay on the current page, type apply and press Enter.
Using the Command-Line Interface
Using a Telnet Session
Follow these steps to browse to the CLI pages with Telnet:
Step 1 On your computer’s Start menu, select Programs > Accessories > Telnet.
If Telnet is not listed in your Accessories menu, select Start > Run, type Tel ne t
in the entry field, and press Enter.
Step 2 When the Telnet window appears, click Connect and select Remote System.
Note In Windows 2000, the Telnet window does not contain pull-down menus.
To start the Telnet session in Windows 2000, type open followed by the
access point’s IP address.
Step 3 In the Host Name field, type the access point’s IP address and click Connect.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-9
Page 36
Using SNMP
Using SNMP
You use an SNMP management application to configure the access point with
SNMP. Follow these steps to configure the access point with SNMP:
Step 1 Compile the MIB you need to use in your SNMP management application. MIBs
supported by the access point are listed in Supported MIBs.
Step 2 Use a web browser, a Telnet session, or the console interface to open the Express
Setup page in the access point management system.
Step 3 Enter an SNMP community name in the SNMP Admin. Community field and
click OK or Apply.
Step 4 Follow this link path to reach the SNMP Setup page:
a. On the Summary Status page, click Setup.
Chapter 2 Using the Management Interfaces
b. On the Setup page, click SNMP in the Services section of the page.
Use the SNMP Setup page to enter detailed SNMP settings, such as the SNMP
trap destination. See the “SNMP Setup” section on page 7-2 for details on the
SNMP Setup page.
Supported MIBs
The access point supports the following MIBs:
• Standard MIB-II (RFC1213-MIB.my)
Supported branches:
–
system (1.3.6.1.2.1.1)
–
interfaces (1.3.6.1.2.1.2)
–
ip (1.3.6.1.2.1.4)
–
tcp (1.3.6.1.2.1.6)
–
udp (1.3.6.1.2.1.7)
–
snmp (1.3.6.1.2.1.11)
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-10
OL-2159-03
Page 37
Chapter 2 Using the Management Interfaces
To download this MIB, browse to
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml and click
SNMP v1 MIBs. Scroll down the list of files and select RFC1213-MIB.my.
• Cisco Discovery Protocol MIB (CISCO-CDP-MIB-V1SMI.my)
–
Supported branch: ciscoCdpMIB (1.3.6.1.4.1.9.23)
To download this MIB, browse to
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml and click
SNMP v1 MIBs. Scroll down the list of files and select
CISCO-CDP-MIB-V1SMI.my.
• Cisco Aironet Access Point MIB (AWCVX-MIB.my)
–
Supported branch: awcVx (1.3.6.1.4.1.522.3)
You can download the latest release of the access point MIB at the following
URL:
Using SNMP
http://www.cisco.com/public/sw-center/sw-wireless.shtml
• IEEE802dot11-MIB.my:
–
Supported branch: ieee802dot11 (1.2.840.10036)
To download this MIB, browse to
ftp://ftp.cisco.com/pub/mibs/v1/IEEE802dot11-MIB-V1SMI.my.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-11
Page 38
Using SNMP
Chapter 2 Using the Management Interfaces
Cisco Aironet 1200 Series Access Point Software Configuration Guide
2-12
OL-2159-03
Page 39
CHAPTER
3
Configuration
This chapter describes how to use the pages in the access point management
system to configure the access point. The main Setup page provides links to all
the pages containing access point settings.
This chapter contains the following sections:
• Basic Settings, page 3-2
• Filter Setup, page 3-9
• Radio Configuration, page 3-19
• Ethernet Configuration, page 3-41
OL-2159-03
• Server Setup, page 3-48
• Routing Setup, page 3-61
• Association Table Display Setup, page 3-64
• Event Notification Setup, page 3-71
Note See Chapter 4, “Security Setup” for information on setting up the access point’s
security features.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-1
Page 40
Basic Settings
Basic Settings
This section describes the basic settings on the Express Setup page. If you need
to set up an access point quickly with a simple configuration, or change or update
a basic setting, you can enter all the access point’s essential settings for basic
operation on the Express Setup page.
The page contains radio settings for both the 2.4-GHz internal radio and the
5-GHz external radio module. You can configure the radios separately, using
different settings on each radio. Figure 3-1 shows the Express Setup page.
Figure 3-1 Express Setup Page
Chapter 3 Configuration
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-2
OL-2159-03
Page 41
Chapter 3 Configuration
Follow this link path to reach the Express Setup page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Express Setup.
Entering Basic Settings
The Express Setup page contains the following settings:
• System Name
• MAC Address
• Configuration Server Protocol
• Default IP Address
• Default IP Subnet Mask
Basic Settings
System Name
MAC Address
• Default Gateway
• Radio Service Set ID (SSID)
• Role in Radio Network
• Radio Network Optimization (Optimize Radio Network For)
• Radio Network Compatibility (Ensure Compatibility With)
• SNMP Admin. Community
The system name appears in the titles of the management system pages and in the
access point’s Association Table page. The system name is not an essential
setting, but it helps identify the access point on your network.
The access point’s Media Access Control (MAC) address appears under the
system name. The MAC address is a unique serial number permanently assigned
to the access point’s Ethernet controller. You cannot change the access point’s
MAC address.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-3
Page 42
Basic Settings
Configuration Server Protocol
Set the Configuration Server Protocol to match the network's method of IP
address assignment. Click the Configuration Server link to jump to the Boot
Server Setup page, which contains detailed settings for configuring the access
point to work with your network’s BOOTP or DHCP servers for automatic
assignment of IP addresses.
The Configuration Server Protocol pull-down menu contains the following
options:
• None—Your network does not have an automatic system for IP address
assignment.
• BOOTP—With Bootstrap Protocol, IP addresses are hard-coded based on
MAC addresses.
• DHCP—With Dynamic Host Configuration Protocol, IP addresses are
“leased” for predetermined periods of time.
Chapter 3 Configuration
Default IP Address
Use this setting to assign or change the access point’s IP address. If DHCP or
BOOTP is not enabled for your network, the IP address you enter in this field is
the access point’s IP address. If DHCP or BOOTP is enabled, this field provides
the IP address only if no server responds with an IP address for the access point.
Default IP Subnet Mask
Enter an IP subnet mask to identify the subnetwork so the IP address can be
recognized on the LAN. If DHCP or BOOTP is not enabled, this field is the subnet
mask. If DHCP or BOOTP is enabled, this field provides the subnet mask only if
no server responds to the access point’s DHCP or BOOTP request.
Default Gateway
Enter the IP address of your default internet gateway here. The entry
255.255.255.255 indicates no gateway. Clicking the Gateway link takes you to the
Routing Setup page, which contains detailed settings for configuring the access
point to communicate with the IP network routing system.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-4
OL-2159-03
Page 43
Chapter 3 Configuration
Radio Service Set ID (SSID)
The SSID is a unique identifier that client devices use to associate with the access
point. The SSID helps client devices distinguish between multiple wireless
networks in the same vicinity. Several access points on a network or sub-network
can share an SSID. The SSID can be any alphanumeric, case-sensitive entry from
two to 32 characters long.
This setting appears twice on the page, once for the internal radio and once for the
external radio module. You can use the same setting or different settings for each
radio.
Role in Radio Network
Use this pull-down menu to select the role of the access point on your network.
This setting appears twice on the page, once for the internal radio and once for the
external radio module. You can use the same setting or different settings for each
radio.
Basic Settings
The menu contains the following options:
• Root Access Point—A wireless LAN transceiver that connects an Ethernet
network with wireless client stations. Use this setting if the access point is
connected to the wired LAN. Figure 3-2 shows an access point operating as a
root unit in a network.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-5
Page 44
Basic Settings
Chapter 3 Configuration
Figure 3-2 Root-Unit Access Points
Access Point
(Root Unit)
Wired LAN
Access Point
(Root Unit)
65999
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-6
OL-2159-03
Page 45
Chapter 3 Configuration
Basic Settings
• Repeater Access Point—An access point that transfers data between a client
and another access point or repeater. One or both access point radios can be
set up as repeaters. Figure 3-3 shows an access point operating as a repeater
in a network.
Note Non-Cisco client devices might have difficulty communicating with
repeater access points.
Figure 3-3 Repeater Access Point
Access Point
(Root Unit)
Wired LAN
OL-2159-03
Access Point
(Repeater)
66000
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-7
Page 46
Basic Settings
• Site Survey Client—A wireless device that depends on an access point for its
connection to the network. Use this setting when performing a site survey for
a repeater access point. When you select this setting, clients are not allowed
to associate.
Radio Network Optimization (Optimize Radio Network For)
You use this setting to select either preconfigured settings for the access point
radio or customized settings for the access point radio. This setting appears twice
on the page, once for the internal radio and once for the external radio module.
You can use the same setting or different settings for each radio.
• Default—Strikes a compromise between range and throughput, providing
good range and good throughput.
• Throughput—Maximizes the data volume handled by the access point but
might reduce the access point’s range.
Chapter 3 Configuration
• Range—Maximizes the access point’s range but might reduce throughput.
• Custom—The access point uses the settings you enter on the AP Radio
Hardware page. Click Custom to go to the AP Radio Hardware page.
Radio Network Compatibility (Ensure Compatibility With)
You use this setting to automatically configure the access point to be compatible
with other devices on your wireless LAN. This setting appears twice on the page,
once for the internal radio and once for the external radio module. You can use the
same setting or different settings for each radio.
• 2Mb/sec clients—Select this setting if your network contains Cisco Aironet
devices that operate at a maximum speed of 2 Mbps.
• non-Aironet 802.11—Select this setting if there are non-Cisco Aironet
devices on your wireless LAN.
SNMP Admin. Community
To use Simplified Network Management Protocol (SNMP), enter a community
name here. This name automatically appears in the list of users authorized to view
and make changes to the access point’s management system, and SNMP is
enabled.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-8
OL-2159-03
Page 47
Chapter 3 Configuration
Filter Setup
Filter Setup
Click the SNMP link to go to the SNMP Setup page, where you can edit other
SNMP settings.
You can define other SNMP communities on the Administrator Authorization
pages. See the “Setting Up Administrator Authorization” section on page 4-41 for
instructions on using the Administrator Authorization pages.
This section describes how to set up filtering to control the flow of data through
the access point. You can filter data based on protocols and MAC addresses. Each
type of filtering is explained in the following sections:
• Protocol Filtering, page 3-9
• MAC Address Filtering, page 3-14
Protocol Filtering
Protocol filters prevent or allow the use of specific protocols through the access
point. You can set up individual protocol filters or sets of filters. You can filter
protocols for wireless client devices, users on the wired LAN, or both. For
example, an SNMP filter on the access point’s radio port prevents wireless client
devices from using SNMP with the access point but does not block SNMP access
from the wired LAN.
Use the Ethernet Protocol Filters page to create and enable protocol filters for the
access point’s Ethernet port, and use the AP Radio Protocol Filters page to create
and enable protocol filters for the access point’s radio port. The pages are
identical except for the page title. Figure 3-4 shows the main body for the pages.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-9
Page 48
Filter Setup
Chapter 3 Configuration
Figure 3-4 Main Body for Protocol Filters Pages
Follow this link path to reach the Ethernet Protocol Filters page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Filters in the Ethernet row under Network Ports.
Follow this link path to reach the AP Radio Protocol Filters page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Filters in the AP Radio row under Network Ports.
The left side of the Protocol Filters page contains links to the Ethertype Filters,
the IP Protocol Filters, and the IP Port Filters pages. These links also appear on
the main Setup page under Associations. Use the Protocol Filters pages to assign
protocols to a filter set. Tabl e B- 1, Tab le B- 2, and Ta ble B-3 in Appendix B list
the protocols available on each page.
Creating a Protocol Filter
Follow these steps to create a protocol filter:
Step 1 Follow the link path to the Ethernet or AP Radio Protocol Filters page.
Step 2 Click Ethertype, IP Protocol, or IP Port to display the Filters page that contains
the protocols you want to filter. Figure 3-5 shows the Filters page.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-10
OL-2159-03
Page 49
Chapter 3 Configuration
Step 3 Enter a descriptive filter set name in the Set Name field.
Step 4 Enter an identification number in the Set ID entry field if you want to assign a
Filter Setup
Figure 3-5 Filters Page
specific SNMP identifier to the filter set. If you don’t enter an ID, an SNMP
identifier will be assigned to the set automatically, starting with 1 for the first
filter set and incrementing by one for each additional set.
Step 5 Click Add New. The Filter Set page appears. Figure 3-6 shows the Filter Set page.
Figure 3-6 Filter Set Page
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-11
Page 50
Filter Setup
Chapter 3 Configuration
Step 6 Select forward or block from the Default Disposition pull-down menu. This
setting is the default action for the protocols you include in the filter set. You can
override this setting for specific protocols.
Step 7 In the Default Time to Live fields, enter the number of milliseconds unicast and
multicast packets should stay in the access point’s buffer before they are
discarded. These settings will be the default time-to-live values for the protocols
you include in the filter set, but you can override the settings for specific
protocols. If you leave these settings at 0, the time-to-live settings default to 3
seconds for multicast packets and 5 seconds for unicast packets.
Step 8 Type the name or the ISO numeric designator for the protocol you want to add in
the Special Cases entry field and click Add New. For example, to add Telnet to an
IP port filter set, type telnet or 23.
The Protocol Filter Set page appears. Figure 3-7 shows the Protocol Filter Set
page.
Figure 3-7 Protocol Filter Set Page
Step 9
Select forward or block from the Disposition pull-down menu to forward or
block the protocol traffic, or leave this setting at default to use the default
disposition that you selected for the filter set in Step 6.
Step 10 Select a priority for the protocol from the Priority pull-down menu. The menu
includes the following options:
• background—Use this setting for bulk transfers and other activities that are
allowed on the network but should not impact network use by other users and
applications.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-12
OL-2159-03
Page 51
Chapter 3 Configuration
Step 11 Enter milliseconds in the Time-to-Live entry fields. If you leave these settings at
Filter Setup
• default—This setting is the same as best effort, which applies to normal LAN
traffic.
• excellentEffort—Use this setting for a network’s most important users.
• controlledLoad—Use this setting for important business applications that are
subject to some form of admission control.
• interactiveVideo—Use this setting for traffic with less than 100 ms delay.
• interactiveVoice—Use this setting for traffic with less than 10 ms delay.
• networkControl—Use this setting for traffic that must get through to maintain
and support the network infrastructure.
0, the protocol adopts the default time-to-live values you entered in Step 7.
Note The time-to-live values you enter should be compatible with the priority
you select for the protocol. For example, if you select interactiveVoice as
the priority and enter high time-to-live values, voice packets will stay in
the access point buffer longer than necessary, causing delivery of stale,
useless packets.
Step 12 Select Alert? yes to send an alert to the event log when a user transmits or receives
the protocol through the access point.
Step 13 Click OK. The Filter Set page appears with the protocol listed at the bottom of
the page.
To edit the protocol entry, type the protocol name in the Special Cases entry field
or click the select button beside the entry and click Edit. To delete the protocol,
type the protocol name in the Special Cases entry field or click the select button
beside the entry and click Remove.
Step 14 To add another protocol to the filter set, repeat Step 8 through Step 13. When you
have included all the protocols you need in the filter set, click OK. The EtherType
Filters, IP Protocol Filters, or IP Port Filters page appears, and the filter sets you
defined appear in the filter set list at the bottom of the page.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-13
Page 52
Filter Setup
Note After defining the protocol filter set, follow the steps in the Enabling a
Protocol Filter section to activate the filter.
Enabling a Protocol Filter
Follow these steps to enable a protocol filter:
Step 1 Complete the steps listed in the “Creating a Protocol Filter” section on page 3-10
to define a protocol filter.
Step 2 Follow the link path to the Ethernet Protocol Filters page or the AP Radio Protocol
Filters page.
Chapter 3 Configuration
Step 3 Select the protocol filter set that you want to enable from the Ethertype, IP
Protocol, or IP Port pull-down menu.
Step 4 Click OK. The filter set is enabled.
MAC Address Filtering
MAC address filters allow or disallow the forwarding of unicast and multicast
packets either sent from or addressed to specific MAC addresses. You can create
a filter that passes traffic to all MAC addresses except those you specify, or you
can create a filter that blocks traffic to all MAC addresses except those you
specify.
Note MAC address filters are powerful, and you can lock yourself out of the access
point if you make a mistake setting up the filters. If you accidentally lock yourself
out of your access point, follow the instructions in the “Using the Command-Line
Interface” section on page 2-5 to use the CLI to disable the filters.
Use the Address Filters page to create MAC address filters for the access point.
Figure 3-8 shows the Address Filters page.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-14
OL-2159-03
Page 53
Chapter 3 Configuration
Filter Setup
Figure 3-8 Address Filters Page
Follow this link path to reach the Address Filters page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Address Filters under Associations.
Creating a MAC Address Filter
Follow these steps to create a MAC address filter:
Step 1 Follow the link path to the Address Filters page.
Step 2 Type a destination MAC address in the New MAC Address Filter: Dest MAC
Address field. You can type the address with colons separating the character pairs
(00:40:96:12:34:56, for example) or without any intervening characters
(004096123456, for example).
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-15
Page 54
Filter Setup
Chapter 3 Configuration
Note If you plan to disallow traffic to all MAC addresses except those you
specify as allowed, put your own MAC address in the list of allowed MAC
addresses. If you plan to disallow multicast traffic, add the broadcast
MAC address (ffffffffffff) to the list of allowed addresses.
Step 3 Click Allowed to pass traffic to the MAC address or click Disallowed to discard
traffic to the MAC address.
Step 4 Click Add. The MAC address appears in the Existing MAC Address Filters list.
To remove the MAC address from the list, select it and click Remove.
Tip You can create a list of allowed MAC addresses on an authentication server on
your network. Consult the “Setting Up MAC-Based Authentication” section on
page 4-29 for instructions on using MAC-based authentication.
If you intend to list allowed MAC addresses on an authentication server, select yes
for the Look up MAC Address on Authentication Server if not in Existing Filter
List option.
Step 5 Click OK. You return automatically to the Setup page.
Step 6 To enable MAC address filtering on the internal radio, click Advanced in the AP
Radio: Internal row of the Network Ports section at the bottom of the Setup page.
To enable MAC address filtering on the external module radio, click Advanced in
the AP Radio: Module row. The AP Radio Advanced page appears. Figure 3-9
shows the AP Radio Advanced page for the internal radio.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-16
OL-2159-03
Page 55
Chapter 3 Configuration
Filter Setup
Figure 3-9 AP Radio Advanced Page for Internal Radio
Step 7
Select Disallowed from the pull-down menu for Default Unicast Address Filter.
The access point discards all unicast traffic except packets sent to the MAC
addresses listed as allowed on the Address Filters page.
Select Allowed from the pull-down menu for Default Unicast Address Filter if
you want to allow traffic to all MAC addresses except those listed as disallowed
on the Address Filters page.
Unicast packets are addressed to just one device on the network. Multicast packets
are addressed to multiple devices on the network.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-17
Page 56
Filter Setup
Chapter 3 Configuration
Select Disallowed or Allowed from the pull-down menu for Default Multicast
Address Filter. The access point discards all multicast traffic except packets sent
to the MAC addresses listed as allowed on the Address Filters page.
Step 8 Click OK. You return automatically to the Setup page.
If clients are not filtered immediately, click WARM RESTART SYSTEM NOW
on the Manage System Configuration page to restart the access point. To reach the
Manage System Configuration page, Click Cisco Services on the main Setup page
and click Manage System Configuration on the Cisco Services Setup page.
Note The Ethernet Advanced page contains the Default Unicast and Multicast Address
Filter settings for the Ethernet port. These settings work as described above, but
you should use extra caution changing the settings on the Ethernet Advanced page
because they can lock you out of your access point. To reach the Ethernet
Advanced page, click Advanced in the Ethernet row of the Network Ports section
at the bottom of the Setup page.
Note Client devices with blocked MAC addresses cannot send or receive data through
the access point, but they might remain in the Association Table as
unauthenticated client devices. Client devices with blocked MAC addresses
disappear from the Association Table when the access point stops monitoring
them or they associate with another access point. See the “Association Table
Advanced Page” section on page 3-68 for information on setting a monitoring
timeout for each device class.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-18
OL-2159-03
Page 57
Chapter 3 Configuration
Radio Configuration
This section describes how to configure the access point radios. You use the AP
Radio pages in the management system to set the configuration for each radio.
The radio pages include:
• AP Radio Identification pages—Contain the basic locating and identity
information for the access point internal and module radio ports. See the
“Entering Identity Information” section on page 3-19 for instructions on
using the AP Radio Identification pages.
• AP Radio Hardware pages—Contain settings for the access point’s SSID,
data rates, transmit power, antennas, radio channel, and operating thresholds
for the access point internal and module radio ports. See the “Entering Radio
Hardware Information” section on page 3-22 for instructions on using the AP
Radio Hardware pages.
Radio Configuration
• AP Radio Advanced pages—Contain settings for the operational status of the
access point’s internal and module radio ports. You can also use these pages
to make temporary changes in port status to help with troubleshooting
network problems. See the “Entering Advanced Configuration Information”
section on page 3-31 for instructions on using the AP Radio Advanced pages.
• AP Radio Ports pages—List key information on the access point’s radio ports.
Entering Identity Information
Use the AP Radio Identification pages to enter basic locating and identity
information for the access point radios. The internal radio and the radio module
both have an AP Radio Identity page. Both pages contain the same settings.
Figure 3-10 shows the AP Radio Identification page for the internal radio.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-19
Page 58
Radio Configuration
Chapter 3 Configuration
Figure 3-10 The AP Radio Identification Page for the Internal Radio
Follow this link path to reach the AP Radio Identification page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Identification in on eof the AP Radio rows under
Network Ports.
Settings on the AP Radio Identification Page
The AP Radio Identification pages contain the following settings:
• Primary Port Settings
• Default IP Address
• Default IP Subnet Mask
• Service Set ID (SSID)
• LEAP User Name
• LEAP Password
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-20
OL-2159-03
Page 59
Chapter 3 Configuration
Primary Port Settings
Radio Configuration
The page also displays the access point’s MAC address, the radio serial number,
the radio’s current IP address, the radio’s current IP subnet mask, the maximum
packet length that the radio can send and receive, the radio firmware version, and
the radio boot block version.
Two options allow you to designate the radio port as the Primary Port and select
whether the radio port adopts or assumes the identity of the primary port.
• Primary Port?—The primary port determines the access point’s MAC and IP
addresses. Ordinarily, the access point’s primary port is the Ethernet port,
which is connected to the wired LAN, so this setting is usually set to no.
Select no to set the Ethernet port as the primary port. Select yes to set the
radio port as the primary port.
• Adopt Primary Port Identity?—Select yes to adopt the primary port settings
(MAC and IP addresses) for the radio port. Select no to use different MAC
and IP addresses for the radio port.
Default IP Address
Default IP Subnet Mask
Access points acting as root units adopt the primary port settings for the radio
port. When you put an access point in standby mode, however, you select no
for this setting. Some advanced wireless bridge configurations also require
different identity settings for the radio port.
Use this setting to assign an IP address for the radio port that is different from the
access point’s Ethernet IP address. During normal operation the radio port adopts
the identity of the Ethernet port. When you put an access point in standby mode,
however, you assign a different IP address to the radio port. Some advanced
wireless bridge configurations also require a different IP address for the radio
port.
Enter an IP subnet mask to identify the subnetwork so that the IP address can be
recognized on the LAN. If DHCP or BOOTP is not enabled, this field is the subnet
mask. If DHCP or BOOTP is enabled, this field provides the subnet mask only if
no server responds to the access point’s request.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-21
Page 60
Radio Configuration
Service Set ID (SSID)
LEAP User Name
Chapter 3 Configuration
The current IP subnet mask displayed under the setting shows the IP subnet mask
currently assigned to the access point. This is the same subnet mask as the default
subnet mask unless DHCP or BOOTP is enabled. If DHCP or BOOTP is enabled,
this is the subnet mask used by the DHCP or BOOTP server.
You can also enter this setting on the Express Setup page.
The SSID is a unique identifier that client devices use to associate with the access
point radio. The SSID helps client devices distinguish between multiple wireless
networks in the same vicinity. The SSID can be any alphanumeric entry from two
to 32 characters long.
You can also enter this setting on the Express Setup page.
Use this field if the radio is set up as a repeater and authenticates to the network
using LEAP. When the radio authenticates using LEAP, the access point sends this
user name to the authentication server.
Follow the steps in the “Setting up a Repeater Access Point as a LEAP Client”
section on page 4-27 to set up the radio as a LEAP client.
LEAP Password
Use this field if the radio is set up as a repeater and authenticates to the network
using LEAP. When the radio authenticates using LEAP, the access point uses this
password for authentication.
Follow the steps in the “Setting up a Repeater Access Point as a LEAP Client”
section on page 4-27 to set up the radio as a LEAP client.
Entering Radio Hardware Information
You use the AP Radio Hardware pages to assign settings related to the access
point’s radio hardware. The internal radio and the radio module both have an AP
Radio Hardware page. Both pages contain similar settings. Figure 3-11 shows the
AP Radio Hardware page for the radio module.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-22
OL-2159-03
Page 61
Chapter 3 Configuration
Radio Configuration
Figure 3-11 The AP Radio Hardware Page for the Radio Module
Follow this link path to reach the AP Radio Hardware pages:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Hardware in one of the AP Radio rows under
Network Ports.
Settings on the AP Radio Hardware Page
The AP Radio Hardware page contains the following settings:
• Service Set ID (SSID)
• Allow Broadcast SSID to Associate?
• Enable World Mode
• Data Rates
• Transmit Power
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-03
3-23
Page 62
Radio Configuration
Chapter 3 Configuration
• Frag. Threshold
• RTS Threshold
• Max. RTS Retries
• Max. Data Retries
• Beacon Period
• Data Beacon Rate (DTIM)
• Default Radio Channel
• Search for Less-Congested Radio Channel
• Restrict Searched Channels
• Receive Antenna and Transmit Antenna
The AP Radio Hardware page also contains a link to the AP Radio Data
Encryption page, which you use to enter Wired Equivalent Privacy (WEP)
settings.
Service Set ID (SSID)
The SSID is a unique identifier that client devices use to associate with the access
point radio. The SSID helps client devices distinguish between multiple wireless
networks in the same vicinity. The SSID can be any alphanumeric entry up to 32
characters long.
You can also enter this setting on the Express Setup and AP Radio Identification
pages.
Allow Broadcast SSID to Associate?
You use this setting to choose whether devices that do not specify an SSID
(devices that are “broadcasting” in search of an access point to associate with) are
allowed to associate to this radio.
• Yes —This is the default setting; it allows devices that do not specify an SSID
(devices that are “broadcasting” in search of an access point to associate with)
to associate to this radio.
• No—Devices that do not specify an SSID (devices that are “broadcasting” in
search of an access point to associate with) are not allowed to associate to this
radio. With no selected, the SSID used by the client device must match
exactly the radio’s SSID.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-24
OL-2159-03
Page 63
Chapter 3 Configuration
Enable World Mode
Data Rates
Radio Configuration
When you select yes from the world-mode pull-down menu, the access point adds
channel carrier set information to its beacon. Client devices with world-mode
enabled receive the carrier set information and adjust their settings automatically.
You use the data rate settings to choose the data rates the radio uses for data
transmission. The rates are expressed in megabits per second.
The access point always attempts to transmit at the highest data rate set to Basic.
If there are obstacles or interference, the access point steps down to the highest
rate that allows data transmission. For each data rate, a drop-down menu lists
three options:
• Basic—Allows transmission at this rate for all packets, both unicast and
multicast. At least one of the access point’s data rates must be set to Basic.
• Yes —The access point transmits only unicast packets at this rate; multicast
packets are sent at one of the data rates set to Basic.
• No—The access point does not transmit data at this rate.
You can use the Data Rate settings to set up an access point to serve client devices
operating at specific data rates. For example, to set up the internal radio for 11
megabits per second (Mbps) service only, select Basic for 11 and select Ye s for
the other data rates. Figure 3-12 shows the Data Rates set up for 11-Mbps service
only.
Figure 3-12 Data Rate Settings for 11 Mbps Service Only
To set up the access point to serve only client devices operating at 1 and 2 Mbps,
for example, select Basic for 1 and 2 and set the rest of the data rates to Ye s.
Figure 3-13 shows the Data Rates set up for 1- and 2-Mbps service only.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-25
Page 64
Radio Configuration
Chapter 3 Configuration
Figure 3-13 Data Rate Settings for 1- and 2-Mbps Service Only
The Optimize Radio Network For setting on the Express Setup page selects the
data rate settings automatically. When you select Optimize Radio Network For
Throughput on the Express Setup page, all data rates are set to basic. When you
select Optimize Radio Network For Range on the Express Setup page, the
lowest data rate (1.0 on the internal radio and 6.0 on the radio module) is set to
basic, and the other data rates are set to yes. If you leave the setting at Default for
the internal radio, the 1.0 and 5.5 data rates are set to basic and the 2.0 and 11.0
data rates are set to yes (on the radio module, 6.0, 12.0, and 24.0 are set to basic
and 9.0, 18.0, 36.0, 48.0, and 54.0 are set to yes).
Transmit Power
Note Government regulations define the highest allowable power level for radio
Note The power settings available on your access point depend on the regulatory
This setting determines the power level of radio transmission. The default power
setting is the highest transmit power allowed in your regulatory domain.
devices. This setting must conform to established standards for the country in
which you use the access point.
To reduce interference or to conserve power, select a lower power setting. The
settings in the drop-down menu for the internal radio include 1, 5, 20, 50, and 100
milliwatts. The settings in the drop-down menu for the radio module include 5, 8,
11, and 14 milliwatts.
domain for which the access point is configured. Your power settings might be
different from the settings listed here.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-26
OL-2159-03
Page 65
Chapter 3 Configuration
Frag. Threshold
RTS Threshold
Max. RTS Retries
Radio Configuration
This setting determines the size at which packets are fragmented (sent as several
pieces instead of as one block). Enter a setting ranging from 256 to 2338 bytes.
Use a low setting in areas where communication is poor or where there is a great
deal of radio interference.
This setting determines the packet size at which the access point issues a request
to send (RTS) before sending the packet. A low RTS Threshold setting can be
useful in areas where many client devices are associating with the access point, or
in areas where the clients are far apart and can detect only the access point and
not each other. Enter a setting ranging from 0 to 2339 bytes.
The maximum number of times the access point issues an RTS before stopping
the attempt to send the packet through the radio. Enter a value from 1 to 128.
Max. Data Retries
The maximum number of attempts the access point makes to send a packet before
giving up and dropping the packet.
Beacon Period
The amount of time between beacons in Kilomicroseconds. One Kµsec equals
1,024 microseconds.
Data Beacon Rate (DTIM)
This setting, always a multiple of the beacon period, determines how often the
beacon contains a delivery traffic indication message (DTIM). The DTIM tells
power-save client devices that a packet is waiting for them.
If the beacon period is set at 100, its default setting, and the data beacon rate is
set at 1, its default setting, then the access point sends a beacon containing a
DTIM every 100 Kµsecs. One Kµsec equals 1,024 microseconds.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-27
Page 66
Radio Configuration
Note If client devices using power-save mode wake up too often when associated to the
Default Radio Channel
Chapter 3 Configuration
access point, increase the data beacon rate setting.
The default channel settings on the radios are the lowest channel numbers for your
regulatory domain. In North America, the default setting for the internal radio is
channel 1 transmitting at 2412 MHz, and the default setting for the radio module
is channel 36 transmitting at 5180 MHz. To overcome interference problems,
other channel settings are available from the radio channel pull-down menus.
The internal radio operates on 11 channels from 2412 to 2462 MHz. Each channel
covers 22 MHz. The bandwidth for channels 1, 6, and 11 does not overlap, so you
can set up multiple access points in the same vicinity without causing
interference.
The radio module operates on eight channels from 5180 to 5320 MHz. Each
channel on the radio module covers 20 MHz, and the bandwidth for the channels
overlaps slightly. For best performance, use channels that are not adjacent (44 and
46, for example) for radios that are close to each other.
Note Too many access points in the same vicinity creates radio congestion that can
reduce throughput. A careful site survey can determine the best placement of
access points for maximum radio coverage and throughput.
Search for Less-Congested Radio Channel
When you select yes from the Search for less-congested radio channel pull-down
menu, the access point scans for the radio channel that is least busy and selects
that channel for use. The access point scans at power-up and when the radio
settings are changed.
Note If you need to keep the access point assigned to a specific channel to keep from
interfering with other access points, you should leave this setting at no.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-28
OL-2159-03
Page 67
Chapter 3 Configuration
Restrict Searched Channels
Click Restrict Searched Channels to limit the channels that the access point
scans when Search for less-congested radio channel is enabled. The AP Radio
Restrict Searched Channels page appears when you click Restrict Searched
Channels. Figure 3-14 shows the AP Radio Restrict Searched Channels page for
the internal radio.
Figure 3-14 AP Radio Restrict Searched Channels Page for the Internal Radio
Radio Configuration
The page lists all the channels in the access point’s regulatory domain. Click the
Search check boxes beside the channels to include channels in the scan for
less-congested channels. All the channels are included in the scan by default.
Receive Antenna and Transmit Antenna
Pull-down menus for the receive and transmit antennas offer three options:
• Diversity—This default setting tells the access point to use the antenna that
receives the best signal. If your access point has two fixed (non-removeable)
antennas, you should use this setting for both receive and transmit.
• Right—If your access point has removeable antennas and you install a
high-gain antenna on the access point’s right connector, you should use this
setting for both receive and transmit. When you look at the access point’s
back panel, the right antenna is on the right.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-03
3-29
Page 68
Radio Configuration
Note The access point receives and transmits using one antenna at a time, so you cannot
Chapter 3 Configuration
• Left—If your access point has removeable antennas and you install a
high-gain antenna on the access point’s left connector, you should use this
setting for both receive and transmit. When you look at the access point’s
back panel, the left antenna is on the left.
increase range by installing high-gain antennas on both connectors and pointing
one north and one south. When the access point used the north-pointing antenna,
it would ignore client devices to the south.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-30
OL-2159-03
Page 69
Chapter 3 Configuration
Entering Advanced Configuration Information
Use the AP Radio Advanced pages to assign special configuration settings for the
access point radios. The internal radio and the radio module both have an AP
Radio Advanced page. Both pages contain the same settings, but the Advanced
page for the external radio module does not contain the Radio Modulation and
Radio Preamble settings. Figure 3-15 shows the AP Radio Advanced page for the
internal radio.
Figure 3-15 AP Radio Advanced Page for Internal Radio
Radio Configuration
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-31
Page 70
Radio Configuration
Follow this link path to reach the AP Radio Advanced pages:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Advanced in one of the AP Radio rows under
Network Ports.
Settings on the AP Radio Advanced Page
The AP Radio Advanced pages contain the following settings:
• Requested Status
• Packet Forwarding
• Default Multicast Address Filters
• Maximum Multicast Packets/Second
Chapter 3 Configuration
• Radio Cell Role
• Maximum Number of Associations
• Use Aironet Extensions
• Classify Workgroup Bridges as Network Infrastructure
• Require Use of Radio Firmware x.xx
• Ethernet Encapsulation Transform
• Enhanced MIC verification for WEP
• Temporal Key Integrity Protocol
• Broadcast WEP Key rotation interval (sec)
• Accept Authentication Types
• Require EAP
• Default Unicast Address Filter
• Specified Access Points
• Radio Modulation
• Radio Preamble
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-32
OL-2159-03
Page 71
Chapter 3 Configuration
Requested Status
Packet Forwarding
Radio Configuration
This setting is useful for troubleshooting problems on your network. Up, the
default setting, turns the radio on for normal operation. Down turns the radio off.
The Current Status line under the setting displays the current status of the radio
port. This field can also display Error, meaning the port is operating but is in an
error condition.
This setting is always set to Enabled for normal operation. For troubleshooting,
you might want to set packet forwarding to Disabled, which prevents data from
moving between the Ethernet and the radio.
The Forwarding State line under the setting displays the current forwarding state.
For normal access point operation, the forwarding state is Forwarding. Four other
states are possible:
• Unknown—The state cannot be determined.
• Disabled—Forwarding capabilities are disabled.
• Blocking—The port is blocking transmission. This is the state when no
stations are associated.
• Broken—This state reports radio failure.
Default Multicast Address Filters
MAC address filters allow or disallow the forwarding of multicast packets sent to
specific MAC addresses. You can create a filter that passes traffic to all MAC
addresses except those you specify, or you can create a filter that blocks traffic to
all MAC addresses except those you specify. Read the “Creating a MAC Address
Filter” section on page 3-15 for complete instructions on setting up MAC address
filters.
The pull-down menus for multicast address filters contain two options:
• Allowed—The access point forwards all traffic except packets sent to the
MAC addresses listed as disallowed on the Address Filters page.
• Disallowed—The access point discards all traffic except packets sent to the
MAC addresses listed as allowed on the Address Filters page.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-33
Page 72
Radio Configuration
Note If you plan to discard traffic to all MAC addresses except those you specify (the
Disallowed setting), be sure to enter your own MAC address as allowed on the
Address Filters page to prevent being locked out of the access point.
Maximum Multicast Packets/Second
Use this setting to control the number of multicast packets that can pass through
the radio port each second. If you enter 0, the access point passes an unlimited
number of multicast packets. If you enter a number other than 0, the device passes
only that number of multicast packets per second.
Radio Cell Role
Use this pull-down menu to select the function of the radio within its radio
coverage area (cell). This setting determines how the radio interacts with other
wireless devices. The menu contains the following options:
Chapter 3 Configuration
• Root—A wireless LAN transceiver that connects an Ethernet network with
wireless client stations or with another Ethernet network. Use this setting if
the access point is connected to the wired LAN.
• Repeater/Non-Root—A wireless LAN transceiver that transfers data between
a client and another access point. Use this setting for access points not
connected to the wired LAN.
• Client/Non-root—A station with a wireless connection to an access point.
Use this setting for diagnostics or site surveys, such as when you need to test
the radio by having it communicate with another access point or bridge
without accepting associations from client devices.
Maximum Number of Associations
Use this entry field to specify the maximum number of wireless networking
devices that are allowed to associate to the radio. The default setting, 0, means that
the maximum possible number of associations is allowed.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-34
OL-2159-03
Page 73
Chapter 3 Configuration
Use Aironet Extensions
Radio Configuration
Select yes or no to use Cisco Aironet 802.11 extensions. This setting must be set
to yes (the default setting) to enable these features:
• Load balancing—The access point uses Aironet extensions to direct client
devices to an access point that provides the best connection to the network
based on factors such as number of users, bit error rates, and signal strength.
• Message Integrity Check (MIC)—MIC is an additional WEP security feature
that prevents attacks on encrypted packets called bit-flip attacks. The MIC,
implemented on both the access point and all associated client devices, adds
a few bytes to each packet to make the packets tamper-proof.
• Temporal Key Integrity Protocol (TKIP)—TKIP, also known as WEP key
hashing, is an additional WEP security feature that defends against an attack
on WEP in which the intruder uses an unencrypted segment called the
initialization vector (IV) in encrypted packets to calculate the WEP key.
• Repeater mode—You must set Use Aironet Extensions to yes if the access
point is set up as a repeater or if it communicates with a repeater.
The extensions also improve the access point’s ability to understand the
capabilities of Cisco Aironet client devices associated with the access point.
Classify Workgroup Bridges as Network Infrastructure
Select no to allow more than 20 Cisco Aironet Workgroup Bridges to associate to
the access point. The default setting, yes, limits the number of workgroup bridges
that can associate to the access point to 20 or less.
Access points and bridges normally treat workgroup bridges not as client devices
but as infrastructure devices, like access points or bridges. Treating a workgroup
bridge as an infrastructure device means that the access point reliably delivers
multicast packets, including Address Resolution Protocol (ARP) packets, to the
workgroup bridge.
The performance cost of reliable multicast delivery—duplication of each
multicast packet sent to each workgroup bridge—limits the number of
infrastructure devices, including workgroup bridges, that can associate to the
access point. To increase beyond 20 the number of workgroup bridges that can
associate to the access point, the access point must reduce the delivery reliability
of multicast packets to workgroup bridges. With reduced reliability, the access
point cannot confirm whether multicast packets reach the intended workgroup
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-35
Page 74
Radio Configuration
bridge, so workgroup bridges at the edge of the access point’s coverage area might
lose IP connectivity. When you treat workgroup bridges as client devices, you
increase performance but reduce reliability.
Note This feature is best suited for use with stationary workgroup bridges. Mobile
workgroup bridges might encounter spots in the access point’s coverage area
where they do not receive multicast packets and lose communication with the
access point even though they are still associated to it.
A Cisco Aironet Workgroup Bridge provides a wireless LAN connection for up to
eight Ethernet-enabled devices. Refer to the “Overview” section on page 1-2 of
the Cisco Aironet Workgroup Bridge Software Configuration Guide for a
description of workgroup bridges.
Require Use of Radio Firmware x.xx
Chapter 3 Configuration
This setting affects the firmware upgrade process when you load new firmware for
the access point. Select yes to force the radio firmware to be upgraded to a
firmware version compatible with the current version of the management system.
Select no to exempt the current radio firmware from firmware upgrades.
Ethernet Encapsulation Transform
Choose 802.1H or RFC1042 to set the Ethernet encapsulation type. Data packets
that are not 802.2 packets must be formatted to 802.2 via 802.1H or RFC1042.
Cisco Aironet equipment uses 802.1H because it provides optimum
interoperability.
• 802.1H—This default setting provides optimum performance for Cisco
Aironet wireless products.
• RFC1042—Use this setting to ensure interoperability with non-Cisco Aironet
wireless equipment. RFC1042 does not provide the interoperability
advantages of 802.1H but is used by other manufacturers of wireless
equipment.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-36
OL-2159-03
Page 75
Chapter 3 Configuration
Enhanced MIC verification for WEP
This setting enables Message Integrity Check (MIC), a security feature that
protects your WEP keys by preventing attacks on encrypted packets called bit-flip
attacks. During a bit-flip attack, an intruder intercepts an encrypted message,
alters it slightly, and retransmits it, and the receiver accepts the retransmitted
message as legitimate. The MIC, implemented on both the access point and all
associated client devices, adds a few bytes to each packet to make the packets
tamper-proof. Select MMH from the pull-down menu and click Apply to enable
MIC.
Note MIC takes effect only when the Use Aironet Extensions setting on the AP Radio
Advanced page is set to yes and WEP is enabled and set to full encryption.
Radio Configuration
Note When you enable MIC, only MIC-capable client devices can communicate with
the access point.
Temporal Key Integrity Protocol
This setting enables the temporal key integrity protocol (TKIP, also known as
WEP key hashing), which defends against an attack on WEP in which the intruder
uses the unencrypted initialization vector (IV) in encrypted packets to calculate
the WEP key. WEP key hashing removes the predictability that an intruder relies
on to determine the WEP key by exploiting IVs. Select Cisco from the pull-down
menu and click Apply to enable WEP key hashing.
Note To use TKI P, the Use Aironet Extensions setting on the AP Radio Advanced page
must be set to yes (the default setting).
Note When you enable TKIP, all WEP-enabled client devices associated to the access
point must support WEP key hashing. WEP-enabled devices that do not support
TKIP cannot communicate with the access point.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-37
Page 76
Radio Configuration
Broadcast WEP Key rotation interval (sec)
This option enables broadcast key rotation by setting a key rotation interval. With
broadcast, or multicast, WEP key rotation enabled, the access point provides a
dynamic broadcast WEP key and changes it at the interval you select. Broadcast
key rotation is an excellent alternative to TKIP if your wireless LAN supports
wireless client devices that are not Cisco devices or that cannot be upgraded to the
latest firmware for Cisco client devices.
To enable broadcast key rotation, enter the rotation interval in seconds in the
Broadcast WEP Key rotation interval entry field. If you enter 900, for example,
the access point sends a new broadcast WEP key to all associated client devices
every 15 minutes. To disable broadcast WEP key rotation, enter 0.
Note When you enable broadcast key rotation, only wireless client devices using LEAP
or EAP-TLS authentication can use the access point. Client devices using static
WEP (with open, shared key, or EAP-MD5 authentication) cannot use the access
point when you enable broadcast key rotation.
Chapter 3 Configuration
Note If you enable Broadcast Key Rotation on one of the radios in a dual-radio access
point, Broadcast Key Rotation is automatically enabled on the other radio, also.
Accept Authentication Types
Select Open, Shared Key, or Network-EAP to set the authentications the access
point recognizes. See the “Security Overview” section on page 4-2 for a
description of authentication types.
Require EAP
If you use open or shared authentication as well as EAP authentication, select
Require EAP under Open or Shared to block client devices that are not using
EAP from authenticating through the access point.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-38
OL-2159-03
Page 77
Chapter 3 Configuration
Default Unicast Address Filter
Unicast MAC address filters allow or disallow the forwarding of unicast packets
sent to specific MAC addresses. You can create a filter that passes traffic to all
MAC addresses except those you specify, or you can create a filter that blocks
traffic to all MAC addresses except those you specify.
Read the “Setting Up MAC-Based Authentication” section on page 4-29 for
complete instructions on using MAC-based authentication on an authentication
server. Read the “Creating a MAC Address Filter” section on page 3-15 for
complete instructions on setting up MAC address filters.
The pull-down menus for unicast address filters contain two options:
• Allowed—The access point forwards all traffic except packets sent to the
MAC addresses listed as disallowed on the Address Filters page.
• Disallowed—The access point discards all traffic except packets sent to the
MAC addresses listed as allowed on the Address Filters page or on your
authentication server.
Radio Configuration
Select Disallowed for each authentication type that also uses MAC-based
authentication.
Note If you plan to discard traffic to all MAC addresses except those you specify (the
Disallowed setting), be sure to enter your own MAC address as allowed on the
Address Filters page or on your authentication server.
Specified Access Points
Use these fields to set up a chain of repeater access points (access points without
an Ethernet connection; see Figure 3-3). Repeater access points function best
when they associate with specific access points connected to the wired LAN. You
use these fields to specify the access points that provide the most efficient data
transmission link for the repeater.
If this access point is a repeater, type the MAC address of one or more root-unit
access points with which you want this access point to associate. With MAC
addresses in these fields, the repeater access point always tries to associate with
the specified access points instead of with other less-efficient access points.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-39
Page 78
Radio Configuration
Radio Modulation
Chapter 3 Configuration
If the Adopt Primary Port Identity setting on the specified access point’s Radio
Identification page is set to no, you should enter the radio’s MAC address as it
appears on the Radio Identification page. Usually, however, the Adopt Primary
Port Identity setting is set to yes, and you can enter the specified access point’s
primary MAC address, which appears on the Express Setup page.
For complete instructions on setting up repeater access points, see the “Setting Up
a Repeater Access Point” section on page 8-1.
Select Standard or MOK for the radio modulation the access point uses.
• Standard—This default setting is the modulation type specified in IEEE
802.11, the wireless standard published by the Institute of Electrical and
Electronics Engineers (IEEE) Standards Association.
• MOK—This modulation was used before the IEEE finished the high-speed
802.11 standard and may still be in use in older wireless networks.
Note This setting does not appear on the AP Radio Advanced page for the radio
Radio Preamble
Note This setting does not appear on the AP Radio Advanced page for the radio
module.
The radio preamble is a section of data at the head of a packet that contains
information the access point and client devices need when sending and receiving
packets. The pull-down menu allows you to select a long or short radio preamble:
• Long—A long preamble ensures compatibility between the access point and
all early models of Cisco Aironet Wireless LAN Adapters (PC4800 and
PC4800A).
• Short—A short preamble improves throughput performance. Cisco Aironet's
Wireless LAN Adapter supports short preambles. Early models of Cisco
Aironet's Wireless LAN Adapter (PC4800 and PC4800A) require long
preambles.
module.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-40
OL-2159-03
Page 79
Chapter 3 Configuration
Ethernet Configuration
This section describes how to configure the access point’s Ethernet port. You use
the Ethernet pages in the management system to set the Ethernet port
configuration. The Ethernet pages include:
• Ethernet Identification—Contains the basic locating and identity information
for the Ethernet port.
• Ethernet Hardware—Contains the setting for the access point’s Ethernet port
connection speed.
• Ethernet Advanced—Contains settings for the operational status of the access
point’s Ethernet port. You can also use this page to make temporary changes
in port status to help with troubleshooting network problems.
• Ethernet Port—Lists key information on the access point’s Ethernet port.
Ethernet Configuration
Entering Identity Information
You use the Ethernet Identification page to enter basic locating and identity
information for the access point’s Ethernet port. Figure 3-16 shows the Ethernet
Identification page.
Figure 3-16 The Ethernet Identification Page
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-41
Page 80
Ethernet Configuration
Follow this link path to reach the Ethernet Identification page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Identification in the Ethernet row under Network
Ports.
Settings on the Ethernet Identification Page
The Ethernet Identification page contains the following settings:
• Primary Port Settings
• Default IP Address
• Default IP Subnet Mask
The page also displays the access point’s MAC address, the system serial number,
its current IP address, and its current IP subnet mask.
Chapter 3 Configuration
Primary Port Settings
Default IP Address
Two options allow you to designate the access point’s Ethernet port as the Primary
Port and select whether the Ethernet port adopts or assumes the identity of the
primary port.
• Primary Port?—The primary port determines the access point’s MAC and IP
addresses. Ordinarily, the access point’s primary port is the Ethernet port, so
this setting is usually set to yes. Select yes to set the Ethernet port as the
primary port. Select no to set the radio port as the primary port.
• Adopt Primary Port Identity?—Select yes to adopt the primary port settings
(MAC and IP addresses) for the Ethernet port. Select no to use different MAC
and IP addresses for the Ethernet port.
Some advanced bridge configurations require different settings for the Ethernet
and radio ports.
Use this setting to assign or change the access point’s IP address. If DHCP or
BOOTP is not enabled for your network, the IP address you enter in this field is
the access point’s IP address. If DHCP or BOOTP is enabled, this field provides
the IP address only if no server responds with an IP address for the access point.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-42
OL-2159-03
Page 81
Chapter 3 Configuration
Default IP Subnet Mask
Ethernet Configuration
The current IP address displayed under the Default IP Address setting shows the
IP address currently assigned to the access point. This is the same address as the
default IP address unless DHCP or BOOTP is enabled. If DHCP or BOOTP is
enabled, this field displays the IP address that has been dynamically assigned to
the device for the duration of its session on the network, and it might be different
than the default IP address.
You can also enter this setting on the Express Setup and AP Radio Identification
pages.
Enter an IP subnet mask to identify the subnetwork so the IP address can be
recognized on the LAN. If DHCP or BOOTP is not enabled, this field is the subnet
mask. If DHCP or BOOTP is enabled, this field provides the subnet mask only if
no server responds to the access point’s request.
The current IP subnet mask displayed under the setting shows the IP subnet mask
currently assigned to the access point. This is the same subnet mask as the default
subnet mask unless DHCP or BOOTP is enabled. If DHCP or BOOTP is enabled,
this is the subnet mask used by the server.
You can also enter this setting on the Express Setup and AP Radio Identification
pages.
Entering Ethernet Hardware Information
You use the Ethernet Hardware page to select the connector type, connection
speed, and duplex setting used by the access point’s Ethernet port. Figure 3-17
shows the Ethernet Hardware page.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-43
Page 82
Ethernet Configuration
Chapter 3 Configuration
Figure 3-17 The Ethernet Hardware Page
Follow this link path to reach the Ethernet Hardware page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Hardware in the Ethernet row under Network Ports.
Settings on the Ethernet Hardware Page
The Ethernet Hardware page contains one setting:
Speed
The Speed drop-down menu lists five options for the type of connector,
connection speed, and duplex setting used by the port. The option you select must
match the actual connector type, speed, and duplex settings used to link the port
with the wired network.
The default setting, Auto, is best for most networks because the best connection
speed and duplex setting are automatically negotiated between the wired LAN and
the access point. If you use a setting other than Auto, make sure the hub, switch,
or router to which the access point is connected supports your selection.
• Auto—This is the default and the recommended setting. The connection
speed and duplex setting are automatically negotiated between the access
point and the hub, switch, or router to which the access point is connected.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-44
OL-2159-03
Page 83
Chapter 3 Configuration
Ethernet Configuration
Note Some switches with inline power do not fully support Ethernet speed
auto-negotiation. If your access point is powered by a switch with
inline power, the Auto speed setting is applied only after you reboot
the access point.
• 10-Base-T / Half Duplex—Ethernet network connector for 10-Mbps
transmission speed over twisted-pair wire and operating in half-duplex mode.
• 10-Base-T / Full Duplex—Ethernet network connector for 10-Mbps
transmission speed over twisted-pair wire and operating in full-duplex mode.
• 100-Base-T / Half Duplex—Ethernet network connector for 100-Mbps
transmission speed over twisted-pair wire and operating in half-duplex mode.
• 100-Base-T / Full Duplex—Ethernet network connector for 100-Mbps
transmission speed over twisted-pair wire and operating in full-duplex mode.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-45
Page 84
Ethernet Configuration
Entering Advanced Configuration Information
You use the Ethernet Advanced page to assign special configuration settings for
the access point’s Ethernet port. Figure 3-18 shows the Ethernet Advanced page.
Figure 3-18 The Ethernet Advanced Page
Chapter 3 Configuration
Follow this link path to reach the Ethernet Advanced page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Advanced in the Ethernet row under Network Ports.
Settings on the Ethernet Advanced Page
The Ethernet Advanced page contains the following settings:
• Requested Status
• Packet Forwarding
• Default Unicast and Multicast Address Filters
• Maximum Multicast Packets/Second
Requested Status
This setting is useful for troubleshooting problems on your network. Up, the
default setting, enables the Ethernet port for normal operation. Down disables the
access point’s Ethernet port.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-46
OL-2159-03
Page 85
Chapter 3 Configuration
Packet Forwarding
Ethernet Configuration
The Current Status line under the setting displays the current status of the Ethernet
port. This field can also display Error, meaning the port is in an error condition.
This setting is always set to Enabled for normal operation. For troubleshooting,
you might want to set packet forwarding to Disabled, which prevents data from
moving between the Ethernet and the radio.
The Forwarding State line under the setting displays the current forwarding state.
The state for normal operation is Forwarding. Four other settings are possible:
• Unknown—The state cannot be determined.
• Disabled—Forwarding capabilities are disabled.
• Blocking—The port is blocking transmission.
• Broken—This state reports an Ethernet port failure.
Default Unicast and Multicast Address Filters
MAC address filters allow or disallow the forwarding of unicast and multicast
packets sent to specific MAC addresses. You can create a filter that passes traffic
to all MAC addresses except those you specify, or you can create a filter that
blocks traffic to all MAC addresses except those you specify. Read the “Creating
a MAC Address Filter” section on page 3-15 for complete instructions on setting
up MAC address filters.
Unicast packets are addressed to just one device on the network. Multicast packets
are addressed to multiple devices on the network.
The pull-down menus for unicast and multicast address filters contain two
options:
• Allowed—The access point forwards all traffic except packets sent to the
MAC addresses listed as disallowed on the Address Filters page.
• Disallowed—The access point discards all traffic except packets sent to the
MAC addresses listed as allowed on the Address Filters page.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-47
Page 86
Server Setup
Note For most configurations, you should leave Default Multicast Address Filter set to
Allowed. If you intend to set it to Disallowed, add the broadcast MAC address
(ffffffffffff) to the list of allowed addresses on the Address Filters page before
changing the setting to prevent being locked out of the access point.
Note If you plan to discard traffic to all MAC addresses except those you specify (the
Disallowed setting), be sure to enter your own MAC address as allowed on the
Address Filters page to prevent being locked out of the access point.
Maximum Multicast Packets/Second
Use this setting to control the number of multicast packets that can pass through
the Ethernet port each second. If you enter 0, the access point passes an unlimited
number of multicast packets. If you enter a number other than 0, the device passes
only that number of multicast packets per second.
Chapter 3 Configuration
Server Setup
This section describes how to configure the server to support access point
features. You use separate management system pages to enter server settings. The
server setup pages are described in the following sections:
• Entering Time Server Settings, page 3-49
• Entering Boot Server Settings, page 3-51
• Entering Web Server Settings and Setting Up Access Point Help, page 3-55
• Entering Name Server Settings, page 3-58
• Entering FTP Settings, page 3-60
Note See the “Enabling EAP on the Access Point” section on page 4-20 for instructions
on setting up the authentication server.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-48
OL-2159-03
Page 87
Chapter 3 Configuration
Entering Time Server Settings
You use the Time Server Setup page to enter time server settings. Figure 3-19
shows the Time Server Setup page:
Figure 3-19 Time Server Setup Page
Server Setup
Follow this link path to reach the Time Server Setup page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Time Server under Services.
Settings on the Time Server Setup Page
The Time Server Setup page contains the following settings:
• Simple Network Time Protocol
• Default Time Server
• GMT Offset (hr)
• Use Daylight Savings Time
• Manually Set Date and Time
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-03
3-49
Page 88
Server Setup
Simple Network Time Protocol
Select Enabled or Disabled to turn Simple Network Time Protocol (SNTP) on or
off. If your network uses SNTP, select Enabled.
Default Time Server
If your network has a default time server, enter the server’s IP address in the
Default Time Server entry field.
The Current Time Server line under the entry field reports the time server the
access point is currently using.
Note The DHCP or BOOTP server can override the default time server.
Chapter 3 Configuration
GMT Offset (hr)
The GMT Offset pull-down menu lists the world’s time zones relative to
Greenwich Mean Time (GMT). Select the time zone in which the access point
operates.
Use Daylight Savings Time
Select yes or no to have the access point automatically adjust to Daylight Savings
Time.
Manually Set Date and Time
Enter the current date and time in the entry fields to override the time server or to
set the date and time if no server is available.
When entering the date and time, use forward-slashes to separate the year, month,
and day, and use colons to separate the hours, minutes, and seconds. For example,
you would enter 2001/02/17 for February 17, 2001, and 18:25:00 for 6:25 pm.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-50
OL-2159-03
Page 89
Chapter 3 Configuration
Entering Boot Server Settings
You use the Boot Server Setup page to configure the access point for your
network's BOOTP or DHCP servers for automatic assignment of IP addresses.
Figure 3-20 shows the Boot Server Setup page:
Figure 3-20 Boot Server Setup Page
Server Setup
Follow this link path to reach the Boot Server Setup page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Boot Server under Services.
Settings on the Boot Server Setup Page
The Boot Server Setup page contains the following settings:
• Configuration Server Protocol
• Use Previous Configuration Server Settings
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-51
Page 90
Server Setup
• Read .ini File from File Server
• BOOTP Server Timeout (sec)
• DHCP Multiple-Offer Timeout (sec)
• DHCP Requested Lease Duration (min)
• DHCP Minimum Lease Duration (min)
• DHCP Client Identifier Type
• DHCP Client Identifier Value
• DHCP Class Identifier
Configuration Server Protocol
Use the Configuration Server Protocol pull-down menu to select your network’s
method of IP address assignment. The menu contains the following options:
Chapter 3 Configuration
• None—Your network does not have an automatic system for IP address
assignment.
• BOOTP—Your network uses Boot Protocol, in which IP addresses are
hard-coded based on MAC addresses.
• DHCP—With Dynamic Host Configuration Protocol, IP addresses are leased
for a period of time. You can set the lease duration with the settings on this
page.
Use Previous Configuration Server Settings
Select yes to have the access point save the boot server’s most recent response.
The access point uses the most recent settings if the boot server is unavailable.
Read .ini File from File Server
Use this setting to have the access point use configuration settings in an .ini file
on the BOOTP or DHCP server or the default file server. Files with .ini extensions
usually contain configuration information used during system start-up. The
pull-down menu contains the following options:
• Always—The access point always loads configuration settings from an .ini
file on the server.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-52
OL-2159-03
Page 91
Chapter 3 Configuration
Server Setup
• Never—The access point never loads configuration settings from an .ini file
on the server.
• If specified by server—The access point loads configuration settings from an
.ini file on the server if the server’s DHCP or BOOTP response specifies that
an .ini file is available. This is the default setting.
The Load Now button under the pull-down menu tells the access point to read an
.ini file immediately.
The Current Boot Server line under the pull-down menu lists the server that
responded to the access point’s boot request. If all zeros appear, it means that the
access point is not using BOOTP/DHCP or that no server responded to the
BOOTP/DHCP request. The Specified “.ini” File Server line lists the IP address
of the server where the .ini file is stored. If all zeroes appear, it means that no file
server is set up to provide an .ini file.
BOOTP Server Timeout (sec)
This setting specifies the length of time the access point waits to receive a
response from a single BOOTP server. Enter the number of seconds the access
point should wait. This setting applies only when you select BOOTP from the
Configuration Server Protocol pull-down menu.
DHCP Multiple-Offer Timeout (sec)
This setting specifies the length of time the access point waits to receive a
response when there are multiple DHCP servers. Enter the number of seconds the
access point should wait.
DHCP Requested Lease Duration (min)
This setting specifies the length of time the access point requests for an IP address
lease from your DHCP server. Enter the number of minutes the access point
should request.
DHCP Minimum Lease Duration (min)
This setting specifies the shortest amount of time the access point accepts for an
IP address lease. The access point ignores leases shorter than this period. Enter
the minimum number of minutes the access point should accept for a lease period.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-53
Page 92
Server Setup
DHCP Client Identifier Type
Use this optional setting to include a class identifier type in the DHCP request
packets the access point sends to your DHCP server. Your DHCP server can be set
up to send responses according to class identifier type. If most of the client
devices using the access point are the same device type, you can select that device
type to be included in the DHCP request packet.
Use Ethernet (10Mb), the default setting, if you do not intend to set up your
DHCP server to send responses according to class identifier type.
If you want to include a unique value in the DHCP Client Identifier Value field
(the setting under DHCP Client Identifier Type on the Boot Server Setup page),
select Other - Non Hardware.
Table 3-1 lists the options in the DHCP Client Identifier Type pull-down menu.
Table 3-1 Options in the DHCP Client Identifier Type Menu
Chapter 3 Configuration
Option Definition
Ethernet (10Mb) This is the default setting. Use this setting if you do
not need your DHCP server to send responses based
on the class identifier in the access point’s DHCP
request packets.
Experimental Ethernet Select one of these specific device types if most of
Amateur Radio AX.25
the client devices using the access point are the same
device type. The access point includes the device
Proteon ProNET Token
Ring
type in the DHCP request packets it sends to the
DHCP server.
Chaos
IEEE 802 Networks
ARCNET
Hyperchannel
Lanstar
Autonet Short Address
LocalTalk
LocalNet
Other - Non Hardware Select this option to include a unique value in the
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-54
DHCP Client Identifier Value field.
OL-2159-03
Page 93
Chapter 3 Configuration
DHCP Client Identifier Value
Use this setting to include a unique identifier in the access point’s DHCP request
packet. This field contains the access point’s MAC address by default. If you
select Other - Non Hardware from the DHCP Client Identifier Type pull-down
menu, you can enter up to 255 alphanumeric characters. If you select any other
option from the DHCP Client Identifier Type pull-down menu, you can enter up
to 12 hexadecimal characters. Hexadecimal characters include the numbers 0
through 9 and the letters A through F.
DHCP Class Identifier
Your DHCP server can be set up to send responses according to the group to which
a device belongs. Use this field to enter the access point’s group name. The DHCP
server uses the group name to determine the response to send to the access point.
The access point’s DHCP class identifier is a vendor class identifier.
Server Setup
Entering Web Server Settings and Setting Up Access Point Help
You use the Web Server Setup page to enable browsing to the web-based
management system, specify the location of the access point Help files, and enter
settings for a custom-tailored web system for access point management.
Figure 3-21 shows the Web Server Setup page:
Figure 3-21 Web Server Setup Page
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-55
Page 94
Server Setup
Follow this link path to reach the Web Server Setup page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Web Server under Services.
Settings on the Web Server Setup Page
The Web Server Setup page contains the following settings:
• Allow Non-Console Browsing
• HTTP Port
• Default Help Root URL
• Extra Web Page File
• Default Web Root URL
Chapter 3 Configuration
Allow Non-Console Browsing
Select yes to allow browsing to the management system. If you select no, the
management system is accessible only through the console and Telnet interfaces.
HTTP Port
This setting determines the port through which your access point provides web
access. Your System Administrator should be able to recommend a port setting.
Default Help Root URL
This entry tells the access point where to look for the Help files. The Help button
on each management system page opens a new browser window displaying help
for that page. You can point to the help files in one of three possible locations:
• Internet—Cisco maintains up-to-date help for access points on the Cisco
website. While this location requires online access for every occasion of
needing online help, it offers the most up-to-date information. If you use this
help location, which is the default setting, you don’t need to copy the files
from the access point and bridge CD.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-56
OL-2159-03
Page 95
Chapter 3 Configuration
Extra Web Page File
Server Setup
• File Server—On multi-user networks, the help files can be placed on the
network file server. For this location, enter the full directory URL in the
Default Help Root URL entry field. Your entry might look like this:
[system name]\[directory]\wireless\help
• Hard Drive—you can copy the help files to the hard drive of the computer you
use to manage the wireless LAN. If you use this location, enter the full
directory URL. Your entry might look like this:
file:///[drive letter]:\[folder or subdirectory]\wireless\help
If you need to create an alternative to the access point’s management system, you
can create HTML pages and load them into the access point. You use this entry
field to specify the filename for your HTML page stored on the file server.
Default Web Root URL
Click Load Now to load the HTML page.
This setting points to the access point management system’s HTML pages. If you
create alternative HTML pages, you should change this setting to point to the
alternative pages. The default setting is:
mfs0:/StdUI/
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-57
Page 96
Server Setup
Entering Name Server Settings
You use the Name Server Setup page to configure the access point to work with
your network’s Domain Name System (DNS) server. Figure 3-22 shows the Name
Server Setup page:
Figure 3-22 The Name Server Setup Page
Chapter 3 Configuration
Follow this link path to reach the Name Server Setup page:
• On the Summary Status page, click Setup
• On the Setup page, click Name Server under Services.
Settings on the Name Server Setup Page
The Name Server Setup page contains the following settings:
• Domain Name System
• Default Domain
• Domain Name Servers
• Domain Suffix
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-58
OL-2159-03
Page 97
Chapter 3 Configuration
Domain Name System
Default Domain
Server Setup
If your network uses a Domain Name System (DNS), select Enabled to direct the
access point to use the system. If your network does not use DNS, select
Disabled.
Enter the name of your network's IP domain in the entry field. Your entry might
look like this:
mycompany.com
The Current Domain line under the entry field lists the domain that is serving the
access point. The current domain might be different from the domain in the entry
field if, on the Boot Server Setup page, you have DHCP or BOOTP set as the
Configuration Server Protocol, but you selected No for the setting “Use previous
Configuration Server settings when no server responds?”
Domain Name Servers
Domain Suffix
Enter the IP addresses of up to three domain name servers on your network. The
Current lines to the right of the entry fields list the servers the access point is
currently using, which may be specified by the DHCP or BOOTP server.
In this entry field, enter the portion of the full domain name that you would like
omitted from access point displays. For example, in the domain
“mycompany.com” the full name of a computer might be
“mycomputer.mycompany.com.” With domain suffix set to “mycompany.com,”
the computer's name would be displayed on management system pages as simply
“mycomputer.”
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-59
Page 98
Server Setup
Entering FTP Settings
You use the FTP Setup page to assign File Transfer Protocol settings for the access
point. All non-browser file transfers are governed by the settings on this page.
Figure 3-23 shows the FTP Setup page:
Figure 3-23 The FTP Setup Page
Chapter 3 Configuration
Follow this link path to reach the FTP Setup page:
• On the Summary Status page, click Setup
• On the Setup page, click FTP under Services.
Settings on the FTP Setup Page
The FTP Setup page contains the following settings:
• File Transfer Protocol
• Default File Server
• FTP Directory
• FTP User Name
• FTP User Password
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-60
OL-2159-03
Page 99
Chapter 3 Configuration
File Transfer Protocol
Default File Server
FTP Directory
FTP User Name
Routing Setup
Use the pull-down menu to select FTP or TFTP (Trivial File Transfer Protocol).
TFTP is a relatively slow, low-security protocol that requires no username or
password.
Enter the IP address or DNS name of the file server where the access point should
look for FTP files.
Enter the file server directory that contains the firmware image files.
Enter the username assigned to your FTP server. You don’t need to enter a name
in this field if you select TFTP as the file transfer protocol.
FTP User Password
Enter the password associated with the file server’s username. You don’t need to
enter a password in this field if you select TFTP as the file transfer protocol.
Routing Setup
You use the Routing Setup page to configure the access point to communicate
with the IP network routing system. You use the page settings to specify the
default gateway and to build a list of installed network route settings. Figure 3-24
shows the Routing Setup page.
OL-2159-03
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-61
Page 100
Routing Setup
Chapter 3 Configuration
Figure 3-24 Routing Setup Page
Follow this link path to reach the Routing Setup page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Routing under Services.
Entering Routing Settings
The Routing Setup page contains the following settings:
• Default Gateway
• New Network Route Settings
• Installed Network Routes list
Default Gateway
Enter the IP address of your network’s default gateway in this entry field. The
entry 255.255.255.255 indicates no gateway.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
3-62
OL-2159-03
Loading...