Software Guide
Page 4
... the WMIC for the First Time 2-1 Before You Start 2-1 Connecting to the WMIC 2-1 Using the Console Port to Access the Privileged Exec Mode 2-2 Using a Telnet Session to Access the Privileged Exec Mode 2-2 Opening the CLI with Secure Shell 2-2 Obtaining and Assigning an IP Address 2-3 Assigning an IP Address By Using the Exec 2-3 Protecting Your Wireless LAN 2-4 Configuring Basic Security Settings 2-4 Using VLANs 2-4 Express Security Types 2-5 CLI Security Configuration Examples 2-6 Example: No Security 2-6 Example: Static WEP 2-6 Example: EAP Authentication 2-7 Example: WPA 2-8 Roles and the...
... the WMIC for the First Time 2-1 Before You Start 2-1 Connecting to the WMIC 2-1 Using the Console Port to Access the Privileged Exec Mode 2-2 Using a Telnet Session to Access the Privileged Exec Mode 2-2 Opening the CLI with Secure Shell 2-2 Obtaining and Assigning an IP Address 2-3 Assigning an IP Address By Using the Exec 2-3 Protecting Your Wireless LAN 2-4 Configuring Basic Security Settings 2-4 Using VLANs 2-4 Express Security Types 2-5 CLI Security Configuration Examples 2-6 Example: No Security 2-6 Example: Static WEP 2-6 Example: EAP Authentication 2-7 Example: WPA 2-8 Roles and the...
Software Guide
Page 6
...Associations 4-49 Configuring NTP Broadcast Service 4-50 Configuring NTP Access Restrictions 4-52 Disabling NTP Services on a Specific Interface 4-53 Configuring the Source IP Address for NTP Packets 4-54 Displaying the NTP Configuration 4-54 Radio Channel and Transmit Frequency Configuration 5-1 Understanding Radio Channels and Frequencies 5-1 Determining the Radio Type 5-2 Configuring a Channel or Frequency 5-2 Configuring the Radio Channel or Frequency 5-2 Configuring the Radio Channel Spacing 5-3 Additional Information 5-3 Cisco 3200 Series Wireless MIC Software Configuration Guide vi OL...
...Associations 4-49 Configuring NTP Broadcast Service 4-50 Configuring NTP Access Restrictions 4-52 Disabling NTP Services on a Specific Interface 4-53 Configuring the Source IP Address for NTP Packets 4-54 Displaying the NTP Configuration 4-54 Radio Channel and Transmit Frequency Configuration 5-1 Understanding Radio Channels and Frequencies 5-1 Determining the Radio Type 5-2 Configuring a Channel or Frequency 5-2 Configuring the Radio Channel or Frequency 5-2 Configuring the Radio Channel Spacing 5-3 Additional Information 5-3 Cisco 3200 Series Wireless MIC Software Configuration Guide vi OL...
Software Guide
Page 11
... Solution 7-4 Related Documents 7-7 WIMIC Troubleshooting 8-1 Checking the LED Indicators 8-1 Checking Basic Settings 8-3 SSID 8-3 WEP Keys 8-3 Security Settings 8-3 Resetting to the Default Configuration 8-3 Using the CLI 8-4 Reloading the Image 8-5 Obtaining the Image Files 8-7 Obtaining TFTP Server Software 8-7 Reloading the Bootloader Image 8-7 Error and Event Messages 8-8 Filters 9-1 Understanding Filters 9-1 Configuring Filters 9-2 Simple Network Management Protocol 10-1 Understanding SNMP 10-1 SNMP Versions 10-2 OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xi
... Solution 7-4 Related Documents 7-7 WIMIC Troubleshooting 8-1 Checking the LED Indicators 8-1 Checking Basic Settings 8-3 SSID 8-3 WEP Keys 8-3 Security Settings 8-3 Resetting to the Default Configuration 8-3 Using the CLI 8-4 Reloading the Image 8-5 Obtaining the Image Files 8-7 Obtaining TFTP Server Software 8-7 Reloading the Bootloader Image 8-7 Error and Event Messages 8-8 Filters 9-1 Understanding Filters 9-1 Configuring Filters 9-2 Simple Network Management Protocol 10-1 Understanding SNMP 10-1 SNMP Versions 10-2 OL-6415-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xi
Software Guide
Page 15
...-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xv On the Cisco Product Documentation home page, select Release 12.3 from the Help buttons on a Wireless Mobile Interface Card (WMIC) for the First Time" describes how to the device, setting the system date and time, and setting the system name and prompt. Purpose This guide provides the information you should have been created or changed for the networking professional who installs and manages Cisco 3200 Series wireless and mobile routers...
...-04 Cisco 3200 Series Wireless MIC Software Configuration Guide xv On the Cisco Product Documentation home page, select Release 12.3 from the Help buttons on a Wireless Mobile Interface Card (WMIC) for the First Time" describes how to the device, setting the system date and time, and setting the system name and prompt. Purpose This guide provides the information you should have been created or changed for the networking professional who installs and manages Cisco 3200 Series wireless and mobile routers...
Software Guide
Page 16
... the WMIC. Cisco 3200 Series Wireless MIC Software Configuration Guide xvi OL-6415-04 You can configure up on your WMIC. "Cisco Discovery Protocol" describes how to configure system message logging on your WMIC. "Authentication Types" describes how to configure the Simple Network Management Protocol (SNMP) on all Cisco network equipment. "Supported MIBs" lists the Simple Network Management Protocol (SNMP) Management Information Bases (MIBs) that runs on your wired LAN. "Filters" lists some of service (QoS) on...
... the WMIC. Cisco 3200 Series Wireless MIC Software Configuration Guide xvi OL-6415-04 You can configure up on your WMIC. "Cisco Discovery Protocol" describes how to configure system message logging on your WMIC. "Authentication Types" describes how to configure the Simple Network Management Protocol (SNMP) on all Cisco network equipment. "Supported MIBs" lists the Simple Network Management Protocol (SNMP) Management Information Bases (MIBs) that runs on your wired LAN. "Filters" lists some of service (QoS) on...
Software Guide
Page 31
... Mode with Cipher Block Chaining Message Authentication Code Protocol (AES-CCMP). Cisco 3200 Series Wireless MIC Software Configuration Guide 7 The WMIC supports required elements of client devices, and radio management through the Enhanced Distributed Channel Access (EDCA) method. • Multiple Basic SSIDs-Support up non-root bridges or workgroup bridges to authenticate to a RADIUS server on the wireless interface. Transport Layer Security (TLS) is also available. • Enhanced authentication services-Set up to 8 basic service set , it authenticates to the network using Cisco...
... Mode with Cipher Block Chaining Message Authentication Code Protocol (AES-CCMP). Cisco 3200 Series Wireless MIC Software Configuration Guide 7 The WMIC supports required elements of client devices, and radio management through the Enhanced Distributed Channel Access (EDCA) method. • Multiple Basic SSIDs-Support up non-root bridges or workgroup bridges to authenticate to a RADIUS server on the wireless interface. Transport Layer Security (TLS) is also available. • Enhanced authentication services-Set up to 8 basic service set , it authenticates to the network using Cisco...
Software Guide
Page 35
... a LAN and has an IP address, and if Telnet is allowed on a Cisco Wireless Mobile Interface Card (WMIC) for detailed instructions. Configuring the WMIC for the First Time This document describes how to the Fast Ethernet Switch Mobile Interface Card (FESMIC) Ethernet port by using an Ethernet cable, and by using the console cable. • If the WMIC has an IP address and Telnet is in a command window. Note When you can connect to configure basic settings on the device, you connect your...
... a LAN and has an IP address, and if Telnet is allowed on a Cisco Wireless Mobile Interface Card (WMIC) for detailed instructions. Configuring the WMIC for the First Time This document describes how to the Fast Ethernet Switch Mobile Interface Card (FESMIC) Ethernet port by using an Ethernet cable, and by using the console cable. • If the WMIC has an IP address and Telnet is in a command window. Note When you can connect to configure basic settings on the device, you connect your...
Software Guide
Page 36
... with Secure Shell Secure Shell (SSH) is not listed in the Accessories menu, select Start > Run, type Telnet in Windows 2000, type open followed by the WMIC IP address. The default username is Cisco. The password prompt displays. Enter the WMIC password. Using a Telnet Session to Access the Privileged Exec Mode Follow these steps to connect a PC to the WMIC console port and access the CLI: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Connect the RJ-45 end of SSH Communications Security, Ltd. Step 1 Step 2 Select...
... with Secure Shell Secure Shell (SSH) is not listed in the Accessories menu, select Start > Run, type Telnet in Windows 2000, type open followed by the WMIC IP address. The default username is Cisco. The password prompt displays. Enter the WMIC password. Using a Telnet Session to Access the Privileged Exec Mode Follow these steps to connect a PC to the WMIC console port and access the CLI: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Connect the RJ-45 end of SSH Communications Security, Ltd. Step 1 Step 2 Select...
Software Guide
Page 66
... IP commands, such as the delimiting characters. Cisco 3200 Series Wireless MIC Software Configuration Guide 2 To map domain names to IP addresses, identify the hostnames, specify the name server that holds a cache (or database) of names mapped to complete unqualified hostnames (names without a dotted-decimal domain name). At boot time, no hostname global configuration command. its location or domain. Table 1 Default DNS Configuration Feature DNS enable state DNS default domain name DNS servers Default Setting Disabled. Setting Up DNS To set...
... IP commands, such as the delimiting characters. Cisco 3200 Series Wireless MIC Software Configuration Guide 2 To map domain names to IP addresses, identify the hostnames, specify the name server that holds a cache (or database) of names mapped to complete unqualified hostnames (names without a dotted-decimal domain name). At boot time, no hostname global configuration command. its location or domain. Table 1 Default DNS Configuration Feature DNS enable state DNS default domain name DNS servers Default Setting Disabled. Setting Up DNS To set...
Software Guide
Page 75
... it is created with VLANs disabled, an additional SSID with Wi-Fi Protected Access (WPA) authentication cannot be assigned to 15. Cisco 3200 Series Wireless MIC Software Configuration Guide 11 Exits to your building. Administering the WMIC Protecting the Wireless LAN This example shows how to set identifiers (SSIDs) that can be created because of your network. If a security setting for an SSID conflicts with static WEP is a radio device, the WMIC can communicate...
... it is created with VLANs disabled, an additional SSID with Wi-Fi Protected Access (WPA) authentication cannot be assigned to 15. Cisco 3200 Series Wireless MIC Software Configuration Guide 11 Exits to your building. Administering the WMIC Protecting the Wireless LAN This example shows how to set identifiers (SSIDs) that can be created because of your network. If a security setting for an SSID conflicts with static WEP is a radio device, the WMIC can communicate...
Software Guide
Page 83
...-way authentication. Cisco 3200 Series Wireless MIC Software Configuration Guide 19 You can be sent at the start and end of services, showing the amount of services. RADIUS generally binds a user to meet special security and billing needs. RADIUS does not support AppleTalk Remote Access (ARA), NetBIOS Frame Control Protocol (NBFCP), NetWare Asynchronous Services Interface (NASI), or X.25 Packet Assembler Disassembler (PAD) connections. • Switch-to-switch or router-to configure and enable Remote Authentication Dial-In User Service (RADIUS...
...-way authentication. Cisco 3200 Series Wireless MIC Software Configuration Guide 19 You can be sent at the start and end of services, showing the amount of services. RADIUS generally binds a user to meet special security and billing needs. RADIUS does not support AppleTalk Remote Access (ARA), NetBIOS Frame Control Protocol (NBFCP), NetWare Asynchronous Services Interface (NASI), or X.25 Packet Assembler Disassembler (PAD) connections. • Switch-to-switch or router-to configure and enable Remote Authentication Dial-In User Service (RADIUS...
Software Guide
Page 87
... Enabling RADIUS Step 3 Command radius-server host {hostname | ip-address} [auth-port port-number] [acct-port port-number] [timeout seconds] [retransmit retries] [key string] Step 4 Step 5 Step 6 end show running-config copy running on the RADIUS server. This setting overrides the interval set with the radius-server timeout command is used on the RADIUS server. To configure the bridge to 1000. The range is used . • (Optional) For retransmit retries, specify the number of the remote RADIUS server host. • (Optional) For auth-port port-number...
... Enabling RADIUS Step 3 Command radius-server host {hostname | ip-address} [auth-port port-number] [acct-port port-number] [timeout seconds] [retransmit retries] [key string] Step 4 Step 5 Step 6 end show running-config copy running on the RADIUS server. This setting overrides the interval set with the radius-server timeout command is used on the RADIUS server. To configure the bridge to 1000. The range is used . • (Optional) For retransmit retries, specify the number of the remote RADIUS server host. • (Optional) For auth-port port-number...
Software Guide
Page 90
... must match the encryption key that each RADIUS server in the configuration file. To remove a server group from 1 to reply before retransmitting. Cisco 3200 Series Wireless MIC Software Configuration Guide 26 Configuring and Enabling RADIUS Administering the WMIC Step 3 Command Purpose radius-server host {hostname | ip-address} [auth-port port-number] [acct-port port-number] [timeout seconds] [retransmit retries] [key string] Specifies the IP address or hostname of a RADIUS server, use the no server ip-address command in server group configuration mode. If no retransmit value...
... must match the encryption key that each RADIUS server in the configuration file. To remove a server group from 1 to reply before retransmitting. Cisco 3200 Series Wireless MIC Software Configuration Guide 26 Configuring and Enabling RADIUS Administering the WMIC Step 3 Command Purpose radius-server host {hostname | ip-address} [auth-port port-number] [acct-port port-number] [timeout seconds] [retransmit retries] [key string] Specifies the IP address or hostname of a RADIUS server, use the no server ip-address command in server group configuration mode. If no retransmit value...
Software Guide
Page 93
... cisco-avpair. Vendor-specific attributes (VSAs) allow vendors to time out before trying the next configured server. A RADIUS server marked as "dead" any RADIUS servers that are an appropriate AV pair defined in the specification. Cisco 3200 Series Wireless MIC Software Configuration Guide 29 This allows the full set up more information about vendor IDs and VSAs, see RFC 2138, "Remote Authentication Dial-In User Service (RADIUS)." To return to privileged EXEC mode...
... cisco-avpair. Vendor-specific attributes (VSAs) allow vendors to time out before trying the next configured server. A RADIUS server marked as "dead" any RADIUS servers that are an appropriate AV pair defined in the specification. Cisco 3200 Series Wireless MIC Software Configuration Guide 29 This allows the full set up more information about vendor IDs and VSAs, see RFC 2138, "Remote Authentication Dial-In User Service (RADIUS)." To return to privileged EXEC mode...
Software Guide
Page 102
... EXEC mode. command in this configuration. Sets the login authentication to run an EXEC shell. Configures user AAA authorization for all interfaces. Enables AAA. Cisco 3200 Series Wireless MIC Software Configuration Guide 38 The WMIC then handles authentication and authorization. No accounting is allowed to use the local username database. Configuring the WMIC for Local Authentication and Authorization You can configure AAA to operate without a server by setting the WMIC to all network-related service requests. Configures user AAA authorization to check the local...
... EXEC mode. command in this configuration. Sets the login authentication to run an EXEC shell. Configures user AAA authorization for all interfaces. Enables AAA. Cisco 3200 Series Wireless MIC Software Configuration Guide 38 The WMIC then handles authentication and authorization. No accounting is allowed to use the local username database. Configuring the WMIC for Local Authentication and Authorization You can configure AAA to operate without a server by setting the WMIC to all network-related service requests. Configures user AAA authorization to check the local...
Software Guide
Page 122
... version 0.00, Software version 3.00.0 Serial number: FOC10452M68 Number of supported simultaneous BSSID on models that allow user-set the channel, follow these steps: • Determine the radio type to verify that the radio manual setting of the radio. Enters interface configuration mode for the wireless device. Determining the Radio Type Radio Channel and Transmit Frequency Configuration Determining the Radio Type Determine the radio type to establish the frequency range of the channel and to verify that the wireless device...
... version 0.00, Software version 3.00.0 Serial number: FOC10452M68 Number of supported simultaneous BSSID on models that allow user-set the channel, follow these steps: • Determine the radio type to verify that the radio manual setting of the radio. Enters interface configuration mode for the wireless device. Determining the Radio Type Radio Channel and Transmit Frequency Configuration Determining the Radio Type Determine the radio type to establish the frequency range of the channel and to verify that the wireless device...
Software Guide
Page 143
... WD(config)# interface dot11radio 0 WD(config-if)# speed throughput ofdm WD(config-if)# end OL-14978-01 Radio Transmit Power 7 Client devices must support basic-1.0 service or they will not be able to the wireless device, and maximizes throughput for basic-6.0 and basic-9.0 service only. Multicast packets are transmitted at 1 Mbps. Client devices must support basic-6.0 and basic-9.0 service or they will not be able to associate. speed Command Examples This example sets...
... WD(config)# interface dot11radio 0 WD(config-if)# speed throughput ofdm WD(config-if)# end OL-14978-01 Radio Transmit Power 7 Client devices must support basic-1.0 service or they will not be able to the wireless device, and maximizes throughput for basic-6.0 and basic-9.0 service only. Multicast packets are transmitted at 1 Mbps. Client devices must support basic-6.0 and basic-9.0 service or they will not be able to associate. speed Command Examples This example sets...
Software Guide
Page 246
...available. Resetting to the Default Configuration WIMIC Troubleshooting Using the CLI Follow the steps below to delete the current configuration and return all wireless device settings to the factory defaults using a Telnet session or a connection to the wireless device console port. Reboot the wireless device by removing power from flash parameter block...done. Let the wireless device boot until the command prompt appears and the wireless device begins to reboot the wireless device. ap: flash_init Initializing Flash... Cisco 3200 Series Wireless MIC Software Configuration Guide 4
...available. Resetting to the Default Configuration WIMIC Troubleshooting Using the CLI Follow the steps below to delete the current configuration and return all wireless device settings to the factory defaults using a Telnet session or a connection to the wireless device console port. Reboot the wireless device by removing power from flash parameter block...done. Let the wireless device boot until the command prompt appears and the wireless device begins to reboot the wireless device. ap: flash_init Initializing Flash... Cisco 3200 Series Wireless MIC Software Configuration Guide 4
Software Guide
Page 247
... Cisco 3200 Series Wireless MIC Software Configuration Guide 5 Note Your wireless device configuration is loaded, you must reload the image from a connected TFTP server. Step 1 Step 2 Step 3 Step 4 Open the CLI by removing power and reapplying power. Reboot the wireless device by using a Telnet session or a connection to the wireless device console port. When the wireless device begins to replace the image in the wireless device. When you must reload the image file. Note This process resets all configuration settings to inflate the image. Note You must use boot...
... Cisco 3200 Series Wireless MIC Software Configuration Guide 5 Note Your wireless device configuration is loaded, you must reload the image from a connected TFTP server. Step 1 Step 2 Step 3 Step 4 Open the CLI by removing power and reapplying power. Reboot the wireless device by using a Telnet session or a connection to the wireless device console port. When the wireless device begins to replace the image in the wireless device. When you must reload the image file. Note This process resets all configuration settings to inflate the image. Note You must use boot...
Software Guide
Page 288
...] server auth-port acct-port [no form disables the WDS server. authentication network-eap Refer to authenticate with the Central WDS server. Refer to http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtfamoip.htm for details on configuring access control lists on all the clients. Refer to send or receive traffic while the root device is authenticating the client. Cisco 3200 Series Wireless MIC Software Configuration Guide 10 The no ] aaa authentication login group...
...] server auth-port acct-port [no form disables the WDS server. authentication network-eap Refer to authenticate with the Central WDS server. Refer to http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gtfamoip.htm for details on configuring access control lists on all the clients. Refer to send or receive traffic while the root device is authenticating the client. Cisco 3200 Series Wireless MIC Software Configuration Guide 10 The no ] aaa authentication login group...