Administering the WMIC
Controlling WMIC Access with
33
Cisco 3200 Series Wireless MIC Software Configuration Guide
Operation
When an administrator attempts a simple ASCII login by authenticating to a WMIC using ,
this process occurs:
1.
When the connection is established, the WMIC contacts the daemon to obtain a username
prompt, which is then displayed to the administrator. The administrator enters a username; the
WMIC then contacts the daemon to obtain a password prompt. The WMIC displays the
password prompt to the administrator, the administrator enters a password, and the password is then
sent to the daemon.
allows a conversation between the daemon and the administrator until the daemon
receives enough information to authenticate the administrator. The daemon prompts for a username
and password combination, but can include other items, such as the user’s mother’s maiden name.
2.
The WMIC eventually receives one of these responses from the daemon:
–
ACCEPT—The administrator is authenticated, and service can begin. If the WMIC is
configured to require authorization, authorization begins at this time.
–
REJECT—The administrator is not authenticated. The administrator can be denied access or is
prompted to retry the login sequence, depending on the daemon.
–
ERROR—An error occurred at some time during authentication with the daemon or in the
network connection between the daemon and the WMIC. If an ERROR response is received, the
WMIC typically tries to use an alternative method for authenticating the administrator.
–
CONTINUE—The administrator is prompted for additional authentication information.
After authentication, the administrator attempts authorization if authorization has been enabled on
the WMIC. Administrators must successfully complete authentication before proceeding
to authorization.
3.
If authorization is required, the daemon is again contacted, and it returns an
ACCEPT or REJECT authorization response. If an ACCEPT response is returned, the response
contains data in the form of attributes that direct the EXEC or NETWORK session for that
administrator, determining the services that the administrator can access:
–
Telnet, rlogin, or privileged EXEC services
–
Connection parameters, including the host or client IP address, access list, and administrator
timeouts
Default Configuration
and AAA are disabled by default.
To prevent a lapse in security, you cannot configure through a network management
application.When enabled, can authenticate administrators accessing the WMIC through the
CLI.