Integration Guide. Trakker Antares 2400 Family and Cisco Aironet 123X

Similar documents
Integration Guide. CK30/CK31 and Cisco Aironet 1231/1242

Configuring the WMIC for the First Time

Quick Start Guide. EasyLAN Wireless

Configuring the Access Point/Bridge for the First Time

Trakker Antares 242X Handheld Terminal

TACACS+ on an Aironet Access Point for Login Authentication Configuration Example

User's Manual Addendum. CK30 Handheld Computer

Approved APs: AP 1121, 1131, 1231, 1232, 1242, BR 1310

Quick Start Guide. Oracle -Ready CK31 Handheld Computer

Console Server. Con. Cisco Aironet Port Figure 1: Aironet configuration

Quick Start Guide. Oracle-Ready CK30 Handheld Computer

Configuring a Wireless LAN Connection

EAP FAST with the Internal RADIUS Server on the Autonomous Access Point Configuration Example

Instructions. Upgrading the Server Applications Software v1.2

Field Verified. Configuration Guide. Cisco. 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM)

Quick Start Guide. IF5 Fixed Reader

Installation Instructions. IEEE 1284 Parallel Interface Kit (for EasyCoder PF2i, PF4i, PF4ci, PM4i, PX4i, and PX6i)

Addendum. 751G NI Handheld Computer

Spare Parts Catalog. EasyCoder PD4 Bar Code Label Printer

LEAP Authentication on a Local RADIUS Server

Information Assurance Software for Windows Mobile 6.1. Instructions

SmartSystems Foundation. Installation Guide

Printer Radio Interface Kit PD41, PD42, PF2i, PF4i, PM4i, PX4i, PX6i. Installation Instructions

Installation Instructions. RFID Kit for the EasyCoder PM4i Printer

IF61. IBM Data Capture and Delivery Platform. User s Guide

Numerics INDEX. 2.4-GHz WMIC, contrasted with 4.9-GHz WMIC g 3-6, x authentication 4-13

Getting Started Guide P/N EZBuilder

FlexDock DX1, DX2, DX4. User Guide

Securing a Wireless LAN

Configuring a Basic Wireless LAN Connection

IV7. Vehicle-Mount Reader. Instructions

Configuring Cipher Suites and WEP

Quick Start Guide. 700 Color CDMA Radio Setup

CK70 CK71 Back Accessory Interface (BAI)

accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through

Cisco Unified Communications Manager Express 7921 Push-to-talk

Configuring Multiple SSIDs

accounting (SSID configuration mode) through encryption mode wep

Configuring Repeater and Standby Access Points and Workgroup Bridge Mode

Configuring VLANs CHAPTER

Configuring Repeater and Standby Access Points and Workgroup Bridge Mode

C H A P T E R Overview Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide OL

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

User s Guide. MicroBar 9745 Base Station

Configuring VLANs CHAPTER

PD41 PD42. Commercial Printer. Spare Parts Catalog

CONFIGURATION DU SWITCH

User's Guide. Intermec Gateway

Cisco Aironet 350 (DS) AP IOS Software

User s Manual. EasyCoder 4420 and 4440 Printer Self-Strip/Batch Takeup

Configuring Repeater and Standby Access Points and Workgroup Bridge Mode

Quick Start Guide. EasyCoder PL3 Printer

Using Cisco Workgroup Bridges

VIEW Configuration Guide. Cisco. 1131, 1232 and 1242 Autonomous APs. June 2010 Edition Version D

Configuring WEP and WEP Features

Configuring Authentication Types

Lab 8.5.2: Troubleshooting Enterprise Networks 2

PX4i PX6i. Print Kit. Integration Guide

Configuring RADIUS Servers

Configuring Repeater and Standby Access Points

Installation Instructions

Instruction Sheet P/N Centronics Parallel I/O Card

Protected EAP (PEAP) Application Note

Workgroup Bridges. Cisco WGBs. Information About Cisco Workgroup Bridges. Cisco WGBs, page 1 Third-Party WGBs and Client VMs, page 9

Configuring Spanning Tree Protocol

Wireless Filtering and Firewalling

Lab Configuring LEAP/EAP using Cisco Secure ACS (OPTIONAL)

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

Configuring VLANs. Understanding VLANs

Installation Guide. MobileLAN secure 802.1x Security Solution

FAQs for the Cisco Aironet Conversion Tool Version 2.1 for Cisco IOS Software

Cisco IOS Wireless LAN Command Reference

Securing Wireless Networks by By Joe Klemencic Mon. Apr

EAP Authentication with RADIUS Server

Securing Wireless LAN Controllers (WLCs)

PePWave Mesh Connector User Manual

Device Interface IP Address Subnet Mask Default Gateway. Ports Assignment Network

Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1

Security Setup CHAPTER

Summary. Deployment Guide: Configuring the Cisco Wireless Security Suite 1 OL

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Configuring RADIUS and TACACS+ Servers

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

SSG Configuration Example

Cisco Systems, Inc , 1200, 1300 Series AP (Autonomous mode) Product sw version 12.3(11)JA4 I75 Handset sw version 1.4.

Network Admission Control

Wireless LAN Overview

Network security session 9-2 Router Security. Network II

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

7 Filtering and Firewalling

FAQ on Cisco Aironet Wireless Security

Configuring Funk RADIUS to Authenticate Cisco Wireless Clients With LEAP

ISR Wireless Configuration Example

Examples of Cisco APE Scenarios

Contents. Introduction

Configuring OfficeExtend Access Points

Wireless LAN Example Scenario

Wireless technology Principles of Security

Chapter 10 Lab 10-2, Securing VLANs INSTRUCTOR VERSION

Transcription:

Integration Guide Trakker Antares 2400 Family and Cisco Aironet 123X

Intermec Technologies Corporation Corporate Headquarters 6001 36th Ave. W. Everett, WA 98203 U.S.A. www.intermec.com The information contained herein is proprietary and is provided solely for the purpose of allowing customers to operate and service Intermec-manufactured equipment and is not to be released, reproduced, or used for any other purpose without written permission of Intermec. Information and specifications contained in this document are subject to change without prior notice and do not represent a commitment on the part of Intermec Technologies Corporation. 2005 Intermec Technologies Corporation. All rights reserved. The word Intermec, the Intermec logo, Norand, ArciTech, CrossBar, Data Collection Browser, dcbrowser, Duratherm, EasyADC, EasyCoder, EasyLAN, Enterprise Wireless LAN, EZBuilder, Fingerprint, i-gistics, INCA (under license), Intellitag, InterDriver, Intermec Printer Network Manager, IRL, JANUS, LabelShop, Mobile Framework, MobileLAN, Nor*Ware, Pen*Key, Precision Print, PrintSet, RoutePower, SmartSystems, TE 2000, Trakker Antares, and Virtual Wedge are either trademarks or registered trademarks of Intermec Technologies Corporation. Throughout this manual, trademarked names may be used. Rather than put a trademark ( or ) symbol in every occurrence of a trademarked name, we state that we are using the names only in an editorial fashion, and to the benefit of the trademark owner, with no intention of infringement. There are U.S. and foreign patents pending. ii Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Contents About This Guide... 5 Scenario... 5 Recommended Firmware and Software Versions... 5 Quick Configuration Tables... 6 Configuring the 1230 and 1231... 8 Configuring the Trakker Antares Terminals... 8 About the 1230 and 1231 Settings... 9 ARP Caching... 9 Radio Data Rates... 9 Radio Transmit Power... 10 Radio Channel Settings... 10 Short Radio Preamble... 11 Aironet Extensions... 11 Public Secure Packet Forwarding (PSPF)... 11 Delivery Traffic Indication Message (DTIM)... 12 Multiple SSIDs Guest Mode... 12 Cipher Suites Encryption... 13 Authentication Types... 13 802.1x Authentication... 14 Sample of 1230 and 1231 Configuration Files... 14 Sample 1230 Access Point Configuration File... 15 Sample 1231 Access Point Configuration File... 19 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide iii

iv Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

About This Guide Scenario Configuring your wireless network to work in an optimal way can be a difficult task. Your company s needs for application performance, data throughput, battery life, network security, and radio range must all be balanced so that the system will meet the needs of everyone who must work with it. This integration guide recommends a configuration based on testing that Intermec has performed between Cisco Aironet access points and Intermec terminals. Intermec performed testing using these devices: Cisco Aironet 1230 Access Points (802.11b radio) and Cisco Aironet 1231 Access Points (802.11g radio) Intermec Trakker Antares 2400 Family of terminals running the TE 2000 terminal emulation application. The terminals must also have the LEAP security option. The testing involved using the Intermec terminals to perform eight radio transactions per minute over TCP/IP during normal use while the terminals frequently roamed between access points. If your anticipated usage is different from this scenario or if your location has unusual environmental characteristics, these recommendations may not be applicable. Recommended Firmware and Software Versions This table identifies the firmware and software versions that were current at the time the scenario was tested. Intermec recommends that you use these versions or later. Recommended Versions Product Version 1230 and 1231 access point firmware 12.3(4)JA Trakker Antares terminals operating software (OS) 8.01.08 with LEAP security option TE 2000 terminal emulation application 6.75 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 5

Quick Configuration Tables Intermec recommends that you use these settings when configuring the access points to communicate with the Intermec terminals. For more details on the access point settings, see About the 1230 and 1231 Settings on page 9. Recommended Settings Summary for 1230 and 1231 Setting 1230 Access Point 1231 Access Point ARP Caching Enable ARP Caching Enable ARP Caching Radio Settings Radio Data Rates Speed - Throughput optimized Speed - Default settings Radio Transmit Power 30 mw CCK - 30mW, maximum Radio Channel Settings Short Radio Preamble Select channels carefully to avoid overlap Disable short radio preamble Select channels carefully to avoid overlap Disable short radio preamble Aironet Extensions Disable Aironet extensions Disable Aironet extensions Public Secure Packet Enable PSPF Enable PSPF Forwarding (PSPF) DTIM 1 1 Multiple SSIDs SSID Enable Guest mode on the SSID that you use the most. Use the multiple BSSID feature to enable Guest mode on several SSIDs. Even if you use only one SSID, you should enable Guest mode. Cipher Suites Encryption WEP128 WEP128 Broadcast Key Rotation Enable broadcast key rotation Enable broadcast key rotation 6 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Recommended Settings Summary for 1230 and 1231 (continued) Setting 1230 Access Point 1231 Access Point Authentication Types Authentication Open Authentication Network-EAP 802.1x Authentication Open with EAP authentication Enabled LEAP authentication with strong passwords Open with EAP authentication Enabled LEAP authentication with strong passwords Recommended Settings Summary for Trakker Antares Terminals Setting Network Name (SSID) User Name User Password Trakker Antares Terminals Enter the SSID that matches the appropriate access point SSID. Enter the user name and user password that the computer will use to authenticate to the access point. Note: Before you configure the 802.11 radio settings, you should configure DHCP settings or TCP/IP communications settings. Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 7

Configuring the 1230 and 1231 To configure the access point, you can use the web-browser interface or the command line interface (CLI). For help, see the documentation that shipped with the access point or the Cisco IOS Software Configuration Guide for Cisco Aironet Access Points. Configuring the Trakker Antares Terminals To configure the Trakker Antares terminals, you use the Trakker Antares 2400 Menu System. For help, see your terminal s user s manual. To configure the Trakker Antares terminal 1 Press ) y 2 4 8, or scan this bar code: TRAKKER Antares 2400 Menu System *..-.* *..-.* The Main Menu appears, displaying four menu options. MAIN MENU Configuration Menu Diagnostics Menu System Menu About TRAKKER 2400 _` Select item [Enter] Next screen [F1] Help [Esc] Exit 242XU001.eps 2 Choose Configuration Menu > Communications Menu > Radio. 3 Use the arrow keys to scroll to the LEAP screen. 4 Set the LEAP user name/user password. 5 Exit the menu system and save all changes. 8 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

About the 1230 and 1231 Settings ARP Caching Radio Data Rates This section provides a brief description of the access point settings and Intermec s recommendation. For more information, see the Cisco IOS Software Configuration Guide for Cisco Aironet Access Points. Intermec Recommends: Enable ARP Caching Intermec recommends that you configure the access point to reply to ARP queries on behalf of any associated client devices whose IP address it knows. This feature helps to reduce the amount of broadcast traffic sent to all client devices, thereby improving battery life and reducing congestion on the wireless network. Intermec Recommends: 1230 Speed - Throughput optimized 1231 Speed - Default settings The radio data rates determine the rates at which data can be transmitted between the access point and the client device. In general, range is better at lower data rates and total throughput is higher at higher data rates. Depending on the client radio design, there may also be some battery life benefits to transmitting at a higher data rate since the radio is operated for shorter periods of time; however, this is not true for all devices. Cisco provides preconfigured selections that automatically optimizes throughput or sets default settings. When you enter throughput, the client device sets all data rates to basic. For the 1230 and the 1231, the possible data rates for CCK modulation (802.11b compatible) are 1, 2, 5.5 and 11 megabits. If any 802.11b devices will need to operate in your network, make sure that at least one of these data rates is set to basic or required. Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 9

Radio Transmit Power Radio Channel Settings 1231 only: The default settings sets the data rates 1, 2, 5.5, and 11 megabits to basic, and sets the data rates 6, 9, 12, 18, 24, 36, 48 and 54 megabits to enabled. These rate settings allow both 802.11b devices and 802.11g devices to associate to the access point. Intermec Recommends: 1230 30 mw 1231 CCK - 30 mw, maximum You should not set the radio transmit power of the access point higher than the maximum radio transmit power of the client device. The effective range between the access point and the client device is limited by the weaker of the two transmitters. If you set the access point radio transmit power too high, it can cause unintended areas to be covered, which may present security and interference issues. You may even want to set the radio transmit power to lower power settings in particular areas of your facility in order to provide uniform coverage with minimum interference. 1231 only: There are two different power settings. The CCK power setting is for 802.11b data rates, and the OFDM power setting is for 802.11g data rates. However, the Trakker Antares terminal cannot use OFDM modulation. Intermec Recommends: Select channels carefully to avoid overlap. The number of radio channels that are available to set will depend on local regulations and the number of access points installed at your location. When choosing a radio channel for the access point, you should consider the radio channels that are being used by surrounding access points. Intermec recommends that you separate the channels of these access points by as large an amount as possible. 10 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Short Radio Preamble Aironet Extensions Intermec Recommends: Disable short radio preamble The radio preamble (sometimes called a header) is a section of data at the head of a packet that contains information that the access point and client devices need when sending and receiving packets. Since the Trakker Antares terminals are older terminals, Intermec recommends disabling the short radio preamble to improve their radio performance in high traffic areas or while roaming. Intermec Recommends: Disable Aironet extensions Aironet extensions add fields to the radio management packets that allow the access point and client devices to exchange information beyond what is specified in the 802.11 standards. Since the Trakker Antares terminals are older terminals, they do not support Aironet extensions. Intermec recommends disabling this feature so it will not cause interference. Public Secure Packet Forwarding (PSPF) Intermec Recommends: Enable PSPF Public Secure Packet Forwarding (PSPF) prevents broadcast frames from being rebroadcast from the access point when the access point receives a broadcast frame from a client device. This feature improves security and battery life by decreasing the amount of broadcast traffic on the wireless network. Intermec recommends that you enable this setting if the client devices communicate only with hosts on the wired network. You must disable this setting if client devices need to communicate directly (peer-to-peer) with other wireless devices. For example, you must disable PSPF for a wireless terminal to communicate directly with a wireless printer. Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 11

Delivery Traffic Indication Message (DTIM) Multiple SSIDs Guest Mode Intermec Recommends: 1 The delivery traffic indication message (DTIM) setting determines how often client devices in Power-Save mode should activate their radio in order to receive messages from the access point. Lower settings cause the client device to check for waiting messages more often. In general, lower settings give better throughput and roaming performance, and higher settings provide longer battery life. Intermec Recommends: 1230 Enable Guest mode on the SSID that you use the most. 1231 Use the multiple BSSID feature to enable Guest mode on several SSIDs. If you enable Guest mode on an SSID, the access point allows associations from client devices that do not specify an SSID in their configuration. The access point includes a guest SSID in its beacon message. Intermec recommends that you always enable Guest mode. Some experts recommend that you disable the SSID broadcast as a way to improve security. However, the security afforded by disabling Guest mode is minimal at best and may cause problems for some client devices. Also, it increases the amount of traffic that is required for roaming and therefore will have an adverse impact on roaming performance. 1230 only: If your installation uses more than one SSID, Intermec recommends that you enable Guest mode on the SSID used by the most mobile client population. 1231 only: If your installation uses more than one SSID, use the multiple BSSID feature, which lets you enable Guest mode on several SSIDs. Enabling Guest mode on several SSIDs will improve roaming performance and help client devices correctly determine the security level in use. 12 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Cipher Suites Encryption Authentication Types Intermec Recommends: Encryption WEP128 Broadcast Key Rotation Enabled Intermec recommends that you always use encryption in wireless networks to prevent unauthorized network access and to prevent transmitted data from being seen by unauthorized users. Wired Equivalent Privacy (WEP) encryption has been part of the 802.11 standard since the standard was initially developed. It is widely supported and well tested in both client devices and access points. Weaknesses in WEP encryption can be largely mitigated with proper WEP key rotation. Intermec Recommends: Open Open with EAP authentication Network-EAP Enabled Before a client device can communicate on your network through the access point, it must authenticate to the access point using open or shared-key authentication. Shared key authentication is less secure than open authentication. Open with EAP authentication and Network-EAP authentication both allow any client device to associate with the access point and then immediately require 802.1x authentications to begin. There is no difference in functionality or security between Open with EAP authentication and Network-EAP authentication. Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 13

802.1x Authentication Intermec Recommends: LEAP authentication with strong passwords The use of an 802.1x-based authentication protocol ensures that only authorized users are able to access your wireless network. The 802.1x protocol also produces the random keying material that is necessary to securely distribute WEP keys to client devices. The Light Extensible Authentication protocol (LEAP) is easy to configure and requires a minimum amount of processor usage on the client device and authentication server. The LEAP protocol also has the advantage of not requiring certificates for either the client or the server. However, LEAP is vulnerable to some forms of password-cracking attacks, and passwords shorter than 10 characters may not be secure. When using LEAP, Intermec recommends that you choose strong passwords. Note: Intermec does not recommend you configure your terminals to use TTLS authentication with 123X access points. If you use TTLS, it may take a long time for the terminals to authenticate and they will not be able to roam between access points without doing a full authentication. Sample of 1230 and 1231 Configuration Files Here is a sample configuration file for a 1230 and a 1231 that use the recommended settings of this integration guide. For each installation, you will need to change some settings such as IP information and configuration passwords. Note: Intermec recommends that you use the sample configuration files as guides to help you identify differences between your access point s configuration file and the recommended configuration. You should not use the Cisco IOS command line interface (CLI) to copy them directly to your access points. 14 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Sample 1230 Access Point Configuration File version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption hostname ap enable secret 5 $1$fevZ$g4oCqCic.Aywl7qMDCn5c0 username Cisco password 7 05280F1C2243 ip subnet-zero aaa new-model aaa group server radius rad_eap server 192.168.200.1 auth-port 1812 acct-port 1813 aaa group server radius rad_mac aaa group server radius rad_acct aaa group server radius rad_admin aaa group server tacacs+ tac_admin aaa group server radius rad_pmip aaa group server radius dummy aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct aaa session-id common dot11 vlan-name SSID1 vlan 1 dot11 vlan-name SSID2 vlan 2 dot11 ssid SSID1b vlan 1 authentication open eap eap_methods authentication network-eap eap_methods guest-mode Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 15

Sample 1230 Access Point Configuration File (continued) dot11 ssid SSID2b vlan 2 authentication open dot11 arp-cache optional bridge irb interface Dot11Radio0 no ip address encryption mode ciphers tkip encryption vlan 1 mode wep mandatory broadcast-key vlan 1 change 300 ssid SSID1b ssid SSID2b speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 power local 30 power client 30 no preamble-short channel 2412 station-role root beacon dtim-period 1 no dot11 extension aironet no cdp enable interface Dot11Radio0.1 encapsulation dot1q 1 native bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 port-protected bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled 16 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Sample 1230 Access Point Configuration File (continued) interface Dot11Radio0.2 encapsulation dot1q 2 bridge-group 2 bridge-group 2 subscriber-loop-control bridge-group 2 port-protected bridge-group 2 block-unknown-source no bridge-group 2 source-learning no bridge-group 2 unicast-flooding bridge-group 2 spanning-disabled interface FastEthernet0 no ip address duplex auto speed auto interface FastEthernet0.1 encapsulation dot1q 1 native bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled interface FastEthernet0.2 encapsulation dot1q 2 bridge-group 2 no bridge-group 2 source-learning bridge-group 2 spanning-disabled interface BVI1 ip address dhcp client-id FastEthernet0 ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 logging snmp-trap emergencies logging snmp-trap alerts logging snmp-trap critical logging snmp-trap errors logging snmp-trap warnings access-list 111 permit tcp any any neq telnet Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 17

Sample 1230 Access Point Configuration File (continued) radius-server attribute 32 include-in-access-req format %h radius-server host 192.168.200.1 auth-port 1812 acct-port 1813 key 7 02070959 radius-server vsa send accounting control-plane bridge 1 route ip line con 0 access-class 111 in transport preferred all transport output all line vty 0 4 access-class 111 in transport preferred all transport input all transport output all line vty 5 15 access-class 111 in transport preferred all transport input all transport output all end 18 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Sample 1231 Access Point Configuration File version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption hostname ap enable secret 5 $1$9Wi9$oxODCr3mrSdvxhGb1j9uO1 username Cisco password 7 00271A150754 ip subnet-zero aaa new-model aaa group server radius rad_eap server 192.168.200.1 auth-port 1812 acct-port 1813 aaa group server radius rad_mac aaa group server radius rad_acct aaa group server radius rad_admin aaa group server tacacs+ tac_admin aaa group server radius rad_pmip aaa group server radius dummy aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct aaa session-id common dot11 vlan-name SSID1 vlan 1 dot11 vlan-name SSID2 vlan 2 dot11 ssid SSID1g vlan 1 authentication open eap eap_methods authentication network-eap eap_methods mbssid guest-mode Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 19

Sample 1231 Access Point Configuration File (continued) dot11 ssid SSID2g vlan 2 authentication open mbssid guest-mode dot11 network-map bridge irb interface Dot11Radio0 no ip address encryption mode wep mandatory encryption vlan 1 mode wep mandatory broadcast-key vlan 1 change 300 ssid SSID1g ssid SSID2g mbssid short-slot-time speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 power local cck 30 power local ofdm 30 no preamble-short channel 2412 station-role root beacon dtim-period 1 no dot11 extension aironet no cdp enable interface Dot11Radio0.1 encapsulation dot1q 1 native bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 port-protected bridge-group 1 block-unknown-source 20 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Sample 1231 Access Point Configuration File (continued) no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled interface Dot11Radio0.2 encapsulation dot1q 2 bridge-group 2 bridge-group 2 subscriber-loop-control bridge-group 2 port-protected bridge-group 2 block-unknown-source no bridge-group 2 source-learning no bridge-group 2 unicast-flooding bridge-group 2 spanning-disabled interface FastEthernet0 no ip address duplex auto speed auto interface FastEthernet0.1 encapsulation dot1q 1 native bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled interface FastEthernet0.2 encapsulation dot1q 2 bridge-group 2 no bridge-group 2 source-learning bridge-group 2 spanning-disabled interface BVI1 ip address dhcp client-id FastEthernet0 ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 logging snmp-trap emergencies logging snmp-trap alerts logging snmp-trap critical logging snmp-trap errors Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide 21

Sample 1231 Access Point Configuration File (continued) logging snmp-trap warnings radius-server attribute 32 include-in-access-req format %h radius-server host 192.168.200.1 auth-port 1812 acct-port 1813 key 7 00051E04 radius-server vsa send accounting control-plane bridge 1 route ip line con 0 transport preferred all transport output all line vty 0 4 transport preferred all transport input all transport output all line vty 5 15 transport preferred all transport input all transport output all end 22 Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide

Corporate Headquarters 6001 36th Avenue West Everett, Washington 98203 U.S.A. tel 425.348.2600 fax 425.355.9551 www.intermec.com Trakker Antares 2400 Family and Cisco Aironet 123X Integration Guide *944-618-001* P/N 944-618-001 Rev A

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback