WPA Configuration Example WebUI

WPA Configuration ExampleWebUI VLAN Configuration->Network->VLANs: Add Firewall policies Configuration->Security->Access Control->Policies: Add AP system profile Configuration->All Profiles->AP-> AP System Profile: Add User role Configuration->Security->Access Control-> User Roles: Add Define Authentication Server Configuration->Security->Authentication-> Severs: <Server Type>: Add APGroup Configuration-> AP Configuration: New Server group Configuration->Security->Authentication-> Severs->Server Group: Add Assign VAP to APGroup Configuration->AP Configuration: <AP-Group-Name>: Edit 802.1x Authentication Profile Configuration->All Profiles->Wireless LAN-> 802.1x Authentication Profile: Add AAA Profile Configuration->All Profiles-> Wireless LAN->AAA Profile: Add SSID Profile Configuration->All Profiles-> Wireless LAN->SSID Profile: Add Virtual AP Profile Configuration->All Profiles-> Wireless LAN->Virtual AP profile: Add Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration

WPA Configuration ExampleCLI VLAN vlan 200 Firewall policies ip access-list session "EmployeeAccess" any any any permit queue low AP system profile ap system-profile Sunnyvale_APs lms-ip 192.168.252.1 bkup-lms-ip 192.168.250.1 User role user role Employee access-list session EmployeeAccess Define Authentication Server aaa authentication-server RADIUS01 . . . APGroup ap-group Sunnyvale_APs Server group aaa server-group EmployeeRADIUS auth-server RADIUS01 Assign VAP to APGroup ap-group Sunnyvale_APs virtual-ap Employee_VAP ap-system-profile 802.1x Authentication Profile aaa authentication dot1x EmployeeDot1x termination eap-type eap-peap AAA Profile aaa profile Employee_AAA dot1x-default-role logon authentication-dot1x EmployeeDot1x SSID Profile wlan ssid-profile Employee_SSID essid “corp” opmode wpa2-aes Virtual AP Profile wlan virtual-ap Employee_VAP aaa-profile Employee_AAA ssid-profile Employee_SSID vlan 200 forward-modetunnel Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration

Captive Portal Configuration ExampleWebUI VLAN Configuration->Network->VLANs: Add Firewall policies Configuration->Security->Access Control->Policies: Add AP system profile Configuration->All Profiles->AP-> AP System Profile: Add User role Configuration->Security->Access Control-> User Roles: Add Define Authentication Server Configuration->Security->Authentication-> Severs: <Server Type>: Add APGroup Configuration-> AP Configuration: New Server group Configuration->Security->Authentication-> Severs->Server Group: Add Assign VAP to APGroup Configuration->AP Configuration: <AP-Group-Name>: Edit Captive Portal Authentication Configuration->All Profiles->Wireless LAN-> Captive Portal Authentication Profile: Add +Server Group == <Server Group> SSID Profile Configuration->All Profiles-> Wireless LAN->SSID Profile: Add AAA Profile Configuration->All Profiles-> Wireless LAN->AAA Profile: Add Virtual AP Profile Configuration->All Profiles-> Wireless LAN->Virtual AP profile: Add Assign Captive Portal Profile Configuration->Security->Access Control-> User Roles: <Guest Role>: Edit Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration

Captive Portal Configuration ExampleCLI VLAN vlan 900 Firewall policies ip access-list session ”GuestAccess" any any any permit queue low AP system profile ap system-profile Sunnyvale_APs lms-ip 192.168.252.1 bkup-lms-ip 192.168.250.1 User role User-role guest access-list session GuestAccess Define Authentication Server aaa authentication-server GuestAuthServer . . . APGroup ap-group Sunnyvale_APs Server group aaa server-group GuestAuthServers auth-server GuestAuthServer Assign VAP to APGroup ap-group Sunnyvale_APs virtual-ap Employee_VAP ap-system-profile Captive Portal Authentication Profile aaa authentication captive-portal GuestCP server-group “internal” SSID Profile wlan ssid-profile Guest_SSID essid “guest” opmode opensystem Virtual AP Profile wlan virtual-ap Guest_VAP aaa-profile Guest_AAA ssid-profile Guest_SSID vlan 900 forward-modetunnel AAA Profile aaa profile Guest_AAA initial-role logon Assign Captive Portal Profile User-role guest captive-portal GuestCP Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration

WEP Configuration ExampleWebUI VLAN Configuration->Network->VLANs: Add Firewall policies Configuration->Security->Access Control->Policies: Add AP system profile Configuration->All Profiles->AP-> AP System Profile: Add User role Configuration->Security->Access Control-> User Roles: Add APGroup Configuration-> AP Configuration: New Assign VAP to APGroup Configuration->AP Configuration: <AP-Group-Name>: Edit SSID Profile Configuration->All Profiles-> Wireless LAN->SSID Profile: Add Virtual AP Profile Configuration->All Profiles-> Wireless LAN->Virtual AP profile: Add Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration

WEP Configuration ExampleCLI VLAN vlan 200 Firewall policies ip access-list session "EmployeeAccess" any any any permit queue low AP system profile ap system-profile Sunnyvale_APs lms-ip 192.168.252.1 bkup-lms-ip 192.168.250.1 User role user role Employee access-list session EmployeeAccess APGroup ap-group Sunnyvale_APs Assign VAP to APGroup ap-group Sunnyvale_APs virtual-ap Employee_VAP ap-system-profile SSID Profile wlan ssid-profile WEP_SSID wepkey1 deadbeef99 opmode static-wep Virtual AP Profile wlan virtual-ap WEP_VAP ssid-profile WEP_SSID vlan 210 forward-modetunnel Non-Profile Configuration Security Profile Configuration WLAN Configuration AP Configuration

WPA Configuration Example WebUI

WPA Configuration Example WebUI

Presentation Transcript

Radius WPA

WPA Posters

Example Configuration (Phase 2)

A configuration example from the field

WPA

WPA

Cisco 1941W configuration Example

Jazz WebUI Framework

Platforms, installation, configuration; accessing example collections

THE WPA

Configuration Example

The WPA

WPA, what else?

Creating Rules and Rule Sets Configuration Example

Configuring the SIP Application Filter Configuration Example

ALSMS Upgrade Configuration Example

Creating Users and user Groups Configuration Example

Source NAT Configuration Example

WPA, what else?

Configuration Example

Applying Application Filters Configuration Example

Command Line Interface Introduction Configuration Example