Configuring Remote LANs (CLI)
Creating an RLAN Profile (CLI)
SUMMARY STEPS
- enable
- configure terminal
- ap remote-lan profile-name remote-lan-profile-name rlan-id
- end
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode.
|
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
ap remote-lan profile-name remote-lan-profile-name rlan-id Example:
|
Configures remote LAN profile and enters RLAN configuration mode.
|
||
Step 4 |
end Example:
|
Exits RLAN configuration mode and returns to privileged EXEC mode. |
Configuring RLAN Profile Parameters (CLI)
Before you begin
Note |
The configurations in this section are not mandatory for an RLAN profile. In case of central switching mode, you need to configure both central switching and central DHCP. |
SUMMARY STEPS
- enable
- configure terminal
- ap remote-lan profile-name remote-lan-profile-name rlan-id
- client association limit client-connections
- ip access-group web IPv4-acl-name
- ipv6 traffic-filter web IPv6-acl-name
- local-auth profile name
- mac-filtering mac-filter-name
- mdns-sd-interface {drop | gateway}
- security dot1x authentication-list list-name
- security web-auth authentication-list list-name
- no shutdown
- end
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode.
|
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
ap remote-lan profile-name remote-lan-profile-name rlan-id Example:
|
Configures remote LAN profile and enters RLAN configuration mode. |
||
Step 4 |
client association limit client-connections Example:
|
Configures client connections per RLAN. client-connections: The maximum client connections per RLAN. Range is from 0 to 10000. 0 refers to unlimited client connections. |
||
Step 5 |
ip access-group web IPv4-acl-name Example:
|
Configures RLAN IP configuration commands. IPv4-acl-name: The IPv4 ACL name or ID. |
||
Step 6 |
ipv6 traffic-filter web IPv6-acl-name Example:
|
Configures RLAN IP configuration commands. IPv6-acl-name: The IPv6 ACL name or ID. |
||
Step 7 |
local-auth profile name Example:
|
Sets EAP profile on an RLAN. |
||
Step 8 |
mac-filtering mac-filter-name Example:
|
Sets MAC filtering support on an RLAN. |
||
Step 9 |
mdns-sd-interface {drop | gateway} Example:
|
Enables MDNS gateway for the RLAN. |
||
Step 10 |
security dot1x authentication-list list-name Example:
|
Configures 802.1X for an RLAN. |
||
Step 11 |
security web-auth authentication-list list-name Example:
|
Configures web authentication for an RLAN.
|
||
Step 12 |
no shutdown Example:
|
Enables RLAN profile. |
||
Step 13 |
end Example:
|
Exits RLAN configuration mode and returns to privileged EXEC mode. |
Creating an RLAN Policy Profile (CLI)
SUMMARY STEPS
- enable
- configure terminal
- ap remote-lan-policy policy-name profile name
- end
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode.
|
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
Step 3 |
ap remote-lan-policy policy-name profile name Example:
|
Configures RLAN policy profile and enters RLAN policy configuration mode. |
Step 4 |
end Example:
|
Exits RLAN policy configuration mode and returns to privileged EXEC mode. |
Configuring RLAN Policy Profile Parameters (CLI)
SUMMARY STEPS
- enable
- configure terminal
- ap remote-lan-policy policy-name profile name
- central switching
- central dhcp
- exclusionlist timeout timeout
- ipv4 {acl ipv6_acl | dhcp {required | server ip-address}}
- ipv6 acl ipv6-acl
- aaa-policy policy-name
- aaa-override
- accounting-list list-name
- mdns-sd service-policy service-policy-name
- session-timeout timeout in seconds
- host-mode {multidomain voice domain | multihost |singlehost}
- violation-mode {protect | replace | shutdown}
- poe
- power-level level
- pre-auth
- user-defined-network [drop-unicast]
- shutdown
- end
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode.
|
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
Step 3 |
ap remote-lan-policy policy-name profile name Example:
|
Configures RLAN policy profile and enters RLAN policy configuration mode. |
Step 4 |
central switching Example:
|
Configures central switching. |
Step 5 |
central dhcp Example:
|
Configures central DHCP. |
Step 6 |
exclusionlist timeout timeout Example:
|
Sets exclusion-listing on RLAN. timeout: Sets the time, up to which the client will be in excluded state. Range is from 0 to 2147483647 seconds. 0 refers to no timeout. |
Step 7 |
ipv4 {acl ipv6_acl | dhcp {required | server ip-address}} Example:
|
|
Step 8 |
ipv6 acl ipv6-acl Example:
|
|
Step 9 |
aaa-policy policy-name Example:
|
Configures AAA policy. |
Step 10 |
aaa-override Example:
|
Configures AAA policy override. |
Step 11 |
accounting-list list-name Example:
|
Sets the accounting list for IEEE 802.1x. |
Step 12 |
mdns-sd service-policy service-policy-name Example:
|
Configures an MDNS service policy. |
Step 13 |
session-timeout timeout in seconds Example:
|
Configures client session timeout. timeout in seconds: Defines the duration of a session. Range is from 20 to 86400 seconds. |
Step 14 |
host-mode {multidomain voice domain | multihost |singlehost} Example:
|
Configures host mode for remote-LAN 802.1x. voice domain: The RLAN voice domain VLAN ID. Range is from 0 to 65535. You can configure the following IEEE 802.1X authentication modes:
|
Step 15 |
violation-mode {protect | replace | shutdown} Example:
|
Configures violation mode for Remote-LAN 802.1x. When a security violation occurs, a port is protected based on the following configured violation actions:
|
Step 16 |
poe Example:
|
Enables Power over Ethernet (PoE). |
Step 17 |
power-level level Example:
|
Configures the power level to be supported on the LAN port. |
Step 18 |
pre-auth Example:
|
Configures pre-authentication for the RLAN. |
Step 19 |
user-defined-network [drop-unicast] Example:
|
Configures an user-defined network. |
Step 20 |
shutdown Example:
|
Enables RLAN policy profile. |
Step 21 |
end Example:
|
Exits RLAN policy configuration mode and returns to privileged EXEC mode. |
Configuring a Policy Tag and Mapping an RLAN Policy Profile to an RLAN Profile (CLI)
SUMMARY STEPS
- enable
- configure terminal
- wireless tag policy policy-tag-name
- remote-lan remote-lan-profile-name policy rlan-policy-profile-name port-id port-id
- end
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode.
|
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
Step 3 |
wireless tag policy policy-tag-name Example:
|
Configures policy tag and enters policy tag configuration mode. |
Step 4 |
remote-lan remote-lan-profile-name policy rlan-policy-profile-name port-id port-id Example:
|
Maps an RLAN policy profile to an RLAN profile. |
Step 5 |
end Example:
|
Exit policy tag configuration mode and returns to privileged EXEC mode. |
Attaching an RLAN Policy Tag to an Access Point (CLI)
SUMMARY STEPS
- enable
- configure terminal
- ap ap-ethernet-mac
- policy-tag policy-tag-name
- end
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode.
|
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
Step 3 |
ap ap-ethernet-mac Example:
|
Configures MAP address for an AP and enters AP configuration mode. |
Step 4 |
policy-tag policy-tag-name Example:
|
Attaches a policy tag to the access point. policy-tag-name: Name of the policy tag defined earlier. |
Step 5 |
end Example:
|
Exits AP configuration mode and returns to privileged EXEC mode. |