User Guide
Table Of Contents
- Cisco Wireless ISR and HWIC Access Point Configuration Guide
- Contents
- Preface
- Overview
- Configuring Radio Settings
- Enabling the Radio Interface
- Roles in Radio Network
- Configuring Network or Fallback Role
- Universal Client Mode
- Configuring Universal Client Mode
- Configuring Radio Data Rates
- Configuring Radio Transmit Power
- Configuring Radio Channel Settings
- Enabling and Disabling World Mode
- Enabling and Disabling Short Radio Preambles
- Configuring Transmit and Receive Antennas
- Disabling and Enabling Access Point Extensions
- Configuring the Ethernet Encapsulation Transformation Method
- Enabling and Disabling Reliable Multicast to Workgroup Bridges
- Enabling and Disabling Public Secure Packet Forwarding
- Configuring Beacon Period and DTIM
- Configuring RTS Threshold and Retries
- Configuring Maximum Data Retries
- Configuring Fragmentation Threshold
- Enabling Short Slot Time for 802.11g Radios
- Performing a Carrier Busy Test
- Configuring Multiple SSIDs
- Configuring an Access Point as a Local Authenticator
- Understand Local Authentication
- Configure a Local Authenticator
- Guidelines for Local Authenticators
- Configuration Overview
- Configuring the Local Authenticator Access Point
- Configuring Other Access Points to Use the Local Authenticator
- Configuring EAP-FAST Settings
- Limiting the Local Authenticator to One Authentication Type
- Unblocking Locked Usernames
- Viewing Local Authenticator Statistics
- Using Debug Messages
- Configuring Encryption Types
- Configuring Authentication Types
- Configuring RADIUS Servers
- Configuring and Enabling RADIUS
- Understanding RADIUS
- RADIUS Operation
- Configuring RADIUS
- Default RADIUS Configuration
- Identifying the RADIUS Server Host
- Configuring RADIUS Login Authentication
- Defining AAA Server Groups
- Configuring RADIUS Authorization for User Privileged Access and Network Services
- Starting RADIUS Accounting
- Selecting the CSID Format
- Configuring Settings for All RADIUS Servers
- Configuring the Access Point to Use Vendor-Specific RADIUS Attributes
- Configuring the Access Point for Vendor-Proprietary RADIUS Server Communication
- Configuring WISPr RADIUS Attributes
- Displaying the RADIUS Configuration
- RADIUS Attributes Sent by the Access Point
- Configuring and Enabling RADIUS
- Configuring VLANs
- Configuring QoS
- Channel Settings
- Protocol Filters
- Supported MIBs
- Error and Event Messages
- Glossary
- Index
7-18
Cisco Wireless ISR and HWIC Access Point Configuration Guide
OL-6415-04
Chapter 7 Configuring RADIUS Servers
Configuring and Enabling RADIUS
RADIUS Attributes Sent by the Access Point
Table 7-2 through Table 7-6 identify the attributes sent by an access point to a client in access-request,
access-accept, and accounting-request packets.
Note You c an c on f i gu re t he acc es s po int t o in cl ude i n it s RAD IU S ac co un tin g an d au the nt ic at io n r eq ue st s
attributes recommended by the Wi-Fi Alliance’s WISPr Best Current Practices for Wireless Internet
Service Provider (WISP) Roaming document. Refer to the
“Configuring WISPr RADIUS Attributes”
section on page 7-16 for instructions.
Ta b l e 7-2 Attributes Sent in Access-Request Packets
Attribute ID Description
1 User-Name
4 NAS-IP-Address
5 NAS-Port
12 Framed-MTU
30 Called-Station-ID (MAC address)
31 Calling-Station-ID (MAC address)
32 NAS-Identifier
1
1. The access point sends the NAS-Identifier if attribute 32 (include-in-access-req) is configured.
61 NAS-Port-Type
79 EAP-Message
80 Message-Authenticator
Ta b l e 7-3 Attributes Honored in Access-Accept Packets
Attribute ID Description
25 Class
27 Session-Timeout
64 Tunnel-Type
1
1. RFC2868; defines a VLAN override number.
65 Tunnel-Medium-Type
1
79 EAP-Message
80 Message-Authenticator
81 Tunnel-Private-Group-ID
1
VSA (attribute 26) LEAP session-key
VSA (attribute 26) Auth-Algo-Type
VSA (attribute 26) SSID