User's Manual
3-53
Cisco 3200 Series Wireless MIC Software Configuration Guide
OL-7734-02
Chapter 3 Administering the WMIC
Managing Aironet Extensions
Configuring SSH
Before configuring SSH, download the crypto software image from Cisco.com. For information about
configuring SSH and displaying SSH settings, refer to the “Configuring Secure Shell” section in the
Cisco IOS Security Configuration Guide for Release 12.2.
Managing Aironet Extensions
The WMIC uses Cisco Aironet 802.11 extensions to detect the capabilities of Cisco client devices and
to support features that require specific interaction between the WMIC and associated client devices.
The Aironet Extensions can only be deactivated in the Root Access Point mode. Since workgroup
bridge, root bridge, and non-root bridge are Cisco-specific modes, they always use the Aironet
extensions.
Aironet extensions must be enabled to support these features:
• Load balancing—The WMIC uses Aironet extensions to direct client devices to an access point that
provides the best connection to the network based on factors such as number of users, bit error rates,
and signal strength.
• Message Integrity Check (MIC)—MIC is an additional WEP security feature that prevents attacks
on encrypted packets called bit-flip attacks. The MIC, implemented on both the WMIC and all
associated client devices, adds a few bytes to each packet to make the packets tamper-proof.
• Temporal Key Integrity Protocol (TKIP)—TKIP, also known as WEP key hashing, is an additional
WEP security feature that defends against an attack on WEP in which the intruder uses an
unencrypted segment called the initialization vector (IV) in encrypted packets to calculate the WEP
key.
• Limiting the power level on associated client devices—When a client device associates to the
WMIC, the WMIC sends the maximum allowed power level setting to the client.
Beginning in privileged EXEC mode, follow these steps to disable the Aironet extensions:
If you change the radio to a role that requires Aironet extensions, the Aironet extensions are enabled
automatically:
wmic1(config)#int dot 0
wmic1(config-if)#station-role root
Selected role requires Cisco Aironet Extension enabled.
Enabled Cisco Aironet Extension.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface dot11radio 0 Enter interface configuration mode for the radio interface.
Step 3
station-role root ap-only Enter the station role. Root enables the access point mode.
Step 4
no dot11 extension aironet Enter the extension aironet command to disable extensions.
Step 5
end Return to privileged EXEC mode.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.