Cisco Systems OL-29225-01 Film Camera User Manual

Open as PDF

of 514

9-9

Cisco IOS Software Configuration Guide for Cisco Aironet Access Points

OL-30644-01

Chapter 9 Configuring an Access Point as a Local Authenticator

Configuring a Local Authenticator

If your local authenticator does not receive its time setting from an NTP server and it reboots frequently,

PACs generated by the local authenticator might not expire when they should. The access point clock is

reset when the access point reboots, so the elapsed time on the clock would not reach the PAC expiration

time.

Limiting the Local Authenticator to One Authentication Type

By default, a local authenticator access point performs LEAP, EAP-FAST, and MAC-based

authentication for client devices. However, you can limit the local authenticator to perform only one or

two authentication types. Use the no form of the authentication command to restrict the authenticator to

an authentication type:

AP(config-radsrv)# [no] authentication [eapfast] [leap] [mac]

Because all authentication types are enabled by default, you enter the no form of the command to disable

authentication types. For example, if you want the authenticator to perform only LEAP authentication,

you enter these commands:

AP(config-radsrv)# no authentication eapfast

AP(config-radsrv)# no authentication mac

Unblocking Locked Usernames

You can unblock usernames before the lockout time expires, or when the lockout time is set to infinite.

In Privileged Exec mode on the local authenticator, enter this command to unblock a locked username:

AP# clear radius local-server user username

Viewing Local Authenticator Statistics

In privileged exec mode, enter this command to view statistics collected by the local authenticator:

AP# show radius local-server statistics

This example shows local authenticator statistics:

Successes : 0 Unknown usernames : 0

Client blocks : 0 Invalid passwords : 0

Unknown NAS : 0 Invalid packet from NAS: 0

NAS : 10.91.6.158

Successes : 0 Unknown usernames : 0

Client blocks : 0 Invalid passwords : 0

Corrupted packet : 0 Unknown RADIUS message : 0

No username attribute : 0 Missing auth attribute : 0

Shared key mismatch : 0 Invalid state attribute: 0

Unknown EAP message : 0 Unknown EAP auth type : 0

Auto provision success : 0 Auto provision failure : 0

PAC refresh : 0 Invalid PAC received : 0

Username Successes Failures Blocks

nicky 0 0 0

jones 0 0 0

jsmith 0 0 0

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-29225-01 Film Camera User Manual