IOS AP : Authentication methods


There are a lot of methods to authenticate a client to the wireless network.

Here are some examples :

Open WEP :
dot11 ssid openwep4
vlan 23
authentication open
interface Dot11Radio0
encryption vlan 23 key 2 size 128bit 7 873B0AA56FCA7F123C7FCA702050 transmit-key
encryption vlan 23 mode wep mandatory
ssid openwep4

Open with MAC Authentication :
aaa group server radius rad_mac5
server 192.168.22.61 auth-port 1812 acct-port 1813
aaa authentication login mac_methods5 group rad_mac5

dot11 ssid openmac4
vlan 24
authentication open mac-address mac_methods5
interface Dot11Radio0
ssid openmac4

LEAP :
aaa group server radius rad_eap4
server 192.168.22.61 auth-port 1812 acct-port 1813
aaa authentication login eap_methods4 group rad_eap4

dot11 ssid leap4
vlan 25
authentication open eap eap_methods4
authentication network-eap eap_methods4

interface Dot11Radio0
encryption vlan 25 mode wep mandatory
ssid leap4

Network-EAP is used when there are Cisco clients at your wireless network. Authentication Open with EAP is used for third party clients.

WPA :
aaa group server radius rad_eap2
server 192.168.22.61 auth-port 1812 acct-port 1813
aaa authentication login eap_methods2 group rad_eap2

dot11 ssid wpa4
vlan 26
authentication open eap eap_methods2
authentication network-eap eap_methods2
authentication key-management wpa
interface Dot11Radio0
encryption vlan 26 mode ciphers tkip
ssid wpa4

WPA-PSK:

dot11 ssid wpapsk4
vlan 27
authentication open
authentication key-management wpa
wpa-psk ascii 7 1511021F0725282D3B303A

interface Dot11Radio0
encryption vlan 27 mode ciphers tkip
ssid wpapsk4

Tags: , ,

About Joost van der Made

Me

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: