Follow

Setup and Config for Mac Filtering.

WLAN Configuration 

Create a WLAN

  1. Log in to the Cisco WLC with your admin credentials.
  2. Select the WLANs menu tab.
  3. From the WLANs page, select Create New from the drop-down list, and then click Go.
  4. Enter the WLAN profile name, the SSID (broadcast name of the WLAN), and the WLAN identifier. The WLAN ID value ranges from 1 to 512.
  5. Click Apply.
  6. Select WLANs > Edit 'Target File' > Security > Layer 2.
  7. Enter the Layer 2 security settings as None and select MAC Filtering, And then click Apply.
  8. Select WLANs > Edit 'Target File' > Security > Layer 3.
  9. Select 'On MAC Filter failure' and Web Auth as 'External' and provide URL as https://<TLD>.cmxcisco.com/visitor/login, under the Layer 3 security settings, and then click Apply.
  10. Select WLANs > Edit 'Target File' > Security > AAA Servers.
  11. Enter the AAA server security settings, and then click Apply.

For more information about creating WLANs from the Cisco WLC, see the Cisco WLC configuration guide.

Add a FreeRadius Authentication Server for the WLAN

  1. Log in to the Cisco WLC with your admin credentials.
  2. Select the Security menu tab.
  3. From the Security page, select AAA > RADIUS > Authentication.
  4. From the RADIUS Authentication Servers page, click New.
  5. Enter the IP address of the FreeRadius server.
  6. Enter a text string for the shared secret key.
  7. Click Apply.

To verify that the FreeRadius server has been added, select WLANs > select the WLAN ID > Security > AAA Servers. The newly added FreeRadius server should be listed in the Authentication Server drop-down list. 

For more information about configuring a FreeRadius server from the Cisco WLC, see the Cisco WLC configuration guide.

 Configure the FreeRadius Server in Cisco CMX Proxy

  1. Use Secure Shell (SSH) to connect to Cisco CMX Proxy.
    You must have root access credentials to configure the FreeRadius server in Cisco CMX.
  2. Login as a root user.
  3. Execute the freeradius-conf script, and then enter option 1 (Configure FreeRadius).
    This option allows you to configure Cisco CMX and Cisco WLC info at the same time. Later, if you need to change Cisco CMX info or Cisco WLC info, use options 3 or 4, respectively.
  4. Enter the Cisco CMX member host address.
    You can find this CMX Member Host Address in your welcome email from Cisco CMX Cloud. It follows this format: <tld>.cmxcisco.com. Do not include http(s) infront of the address.
  5. Enter your Cisco CMX admin UI credentials (username and password).
    You can find the credentials in your welcome email from Cisco CMX Cloud.
  6. Enter the total number of Cisco WLCs that you want to add.
  7. Enter the IP address and secret key for each Cisco WLC.
    The secret key must be the same which is configured in the "Add a RADIUS Authentication Server for the WLAN" section.
  8. Enter option 9 to restart the FreeRadius server so that the settings take effect.

0 Comments

Please sign in to leave a comment.