SSID Broadcast

Unanswered Question
Sep 16th, 2007
User Badges:

I'm looking for the command to turn off SSID broadcast on a 1811w router. I would also like to perform MAC address authentication. So far the documentation I've found has been spotty.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Rob Huffman Mon, 09/17/2007 - 04:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 IP Telephony, Unified Communications

Hi William,


The command that controls the "Broadcast" of the SSID is "guest mode". Have a look;


guest-mode (SSID configuration mode)


Use the guest-mode SSID configuration mode command to configure the radio interface (for the specified SSID) to support guest mode. Use the no form of the command to disable the guest mode.


[no] guest-mode


The access point can have one guest-mode SSID or none at all. The guest-mode SSID is used in beacon frames and response frames to probe requests that specify the empty or wildcard SSID. If no guest-mode SSID exists, the beacon contains no SSID and probe requests with the wildcard SSID are ignored. Disabling the guest mode makes the networks slightly more secure. Enabling the guest mode helps clients that passively scan (do not transmit) associate with the access point. It also allows clients configured without a SSID to associate.


Examples


This example shows how to set the wireless LAN for the specified SSID into guest mode:


(config-if-ssid)# guest-mode



This example shows how to reset the guest-mode parameter to default values (no broadcast SSID):


(config-if-ssid)# no guest-mode


From this IOS Command doc;


http://www.cisco.com/en/US/products/hw/routers/ps272/products_technical_reference_chapter09186a008022e0e3.html#wp2641711



Configure Open with MAC Authentication


In this type of authentication, the wireless client will be allowed to access the WLAN network only if the client's MAC address is under the list of allowed MAC addresses in the authentication server. The AP relays the wireless client device's MAC address to a RADIUS authentication server on your network, and the server checks the address against a list of allowed MAC addresses. MAC-based authentication provides an alternate authentication method for client devices that do not have EAP capability.


http://www.cisco.com/en/US/products/hw/routers/ps380/products_configuration_example09186a00808acf2f.shtml#mac


http://www.cisco.com/en/US/docs/wireless/access_point/12.2_13_JA/configuration/guide/s13auth.html#wp1034875


Hope this helps!

Rob


noahsark Mon, 09/17/2007 - 13:47
User Badges:

Yes, your email was very helpful. Thanks.


Quick question: is it possible to combine mac-address authentication with WPA-psk?

salehin71 Sat, 01/12/2008 - 22:58
User Badges:

Hello Rob,


Thank you so much. I have been looking for this command for last two day.


Abu

Rob Huffman Tue, 09/18/2007 - 05:23
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 IP Telephony, Unified Communications

Hi William,


Good stuff!


In Cisco IOS releases 12.3(4)JA and later, you cannot enable both MAC-address authentication and WPA-PSK.


From this doc;


http://www.cisco.com/en/US/products/ps5853/products_configuration_guide_chapter09186a008067bb9d.html#wp1034875


Hope this helps!

Rob

brmmt1 Fri, 01/11/2008 - 03:03
User Badges:

Hi is it possible on a 1231 with 12.3(8)JEB?


Thanks

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode