10-7
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
OL-4059-01
Chapter 10 Configuring Authentication Types
Configuring Authentication Types
This example sets the authentication type for the SSID bridget to network-EAP with a static WEP key.
EAP-enabled bridges using the bridget SSID attempt EAP authentication using a server named
eve
,
and bridges using static WEP rely on the static WEP key
.
bridge#
configure terminal
bridge(config)#
configure interface dot11radio 0
bridge(config-if)#
encryption key 2 size 128 12345678901234567890123456
bridge(config-if)#
ssid bridget
bridge(config-ssid)#
authentication network-eap eve
bridge(config-ssid)#
end
The configuration on non-root bridges associated to this bridge would also contain these commands:
bridge(config)#
configure interface dot11radio 0
bridge(config-if)#
ssid bridget
bridge(config-ssid)#
authentication client username bridge11 password 99bottles
Configuring Authentication Holdoffs, Timeouts, and Intervals
Beginning in privileged EXEC mode, follow these steps to configure holdoff times, reauthentication
periods, and authentication timeouts for non-root bridges authenticating through your root bridge:
Use the no form of these commands to reset the values to default settings.
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
dot11 holdoff-time
seconds
Enter the number of seconds a non-root bridge must wait before
it can reattempt to authenticate following a failed
authentication. Enter a value from 1 to 65555 seconds.
Step 3
interface dot11radio 0
Enter interface configuration mode for the radio interface.
Step 4
dot1x client-timeout
seconds
Enter the number of seconds the bridge should wait for a reply
from a non-root bridge attempting to authenticate before the
authentication fails. Enter a value from 1 to 65555 seconds.
Step 5
dot1x reauth-period
seconds
[
server
]
Enter the interval in seconds that the bridge waits before
forcing an authenticated non-root bridge to reauthenticate.
•
(Optional) Enter the
server
keyword to configure the
bridge to use the rauthentication period specified by the
authentication server. If you use this option, configure your
authentication server with RADIUS attribute 27,
Session-Timeout. This attribute sets the maximum number
of seconds of service to be provided to the non-root bridge
before termination of the session or prompt. The server
sends this attribute to the root bridge when a non-root
bridge performs EAP authentication.
Step 6
end
Return to privileged EXEC mode.
Step 7
copy running-config startup-config
(Optional) Save your entries in the configuration file.