Secure WLAN Management Configuration Guidelines

This section discusses the configuration commands for secure management best practices, as outlined in Chapter 10.

By default, Telnet access is enabled on the APs. It is recommended that you disable Telnet access and enable SSH access to the APs. Example 12-24 illustrates the configuration required to disable Telnet access on the AP.

Example 12-24. Commands to Disable Telnet Access to the AP
access-list 111 permit tcp any any neq telnet
line vty 0 4
 access-class 111 in
line vty 5 15
 access-class 111 in
!

Example 12-25 shows commands required to enable SSH access and disable HTTP access on the IOS-enabled APs or the bridges. By default, HTTP access is enabled on the APs for management. It is ...

Get Cisco Wireless LAN Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.