天亮了说晚安's Blog

本文转自：https://www.cisco.com/c/zh_cn/support/docs/wireless/mobility-express/213579-understand-and-configure-eap-tls-with-mo.html Contents IntroductionPrerequisitesRequirementsComponents Used背景信息EAP-TLS流在EAP-TLS流的步骤ConfigureCisco Mobility Express与Cisco Mobility Express的ISEEAP-TLS设置移动性在ISE的Express设置在ISE的信任认证EAP-TLS的客户端在客户端机器(Windows桌面)的下载用户证书EAP-TLS的无线配置文件VerifyTroubleshoot Introduction 本文描述如何设置一个无线局域网(WLAN)以在移动性Express控制器的802.1x安全。本文特别地也解释使用可扩展的认证协议(EAP) -传输层安全(TLS)。 Prerequisites Requirements Cisco 建议您了解以下主题： 移动性Express初始建立802.1x认证过程证书 Components Used 本文档中的信息基于以下软件和硬件版本： WLC 5508版本8.5身份服务引擎(ISE)版本2.1 The information in this document was created from the devices in a specific lab environment.All of the devices used in this document started with a cleared (default) configuration.如果您的网络处......Read More

本文转自：https://www.cisco.com/c/zh_cn/support/docs/wireless/mobility-express/210531-Mobility-Express-Internal-DHCP.html Contents IntroductionPrerequisitesRequirementsComponents UsedConfigureGUI 配置配置管理网络的DHCP范围配置WLAN的DHCP范围CLI 配置配置管理网络的DHCP范围配置WLAN的DHCP范围VerifyTroubleshoot Introduction 本文如何提供指南给enable (event)内部动态主机配置协议(DHCP)服务器在移动性Express (ME)在接入点(AP) 3802以版本8.3.102.0。 Prerequisites Requirements Cisco推荐有在DHCP协议和移动性Express的基础知识。 Components Used 本文的信息根据AP 3802软件版本8.3.102.0。 The information in this document was created from the devices in a specific lab environment.All of the devices used in this document started with a cleared (default) configuration.If your network is live, make sure that you understand the potential impact of any command. Configure Note: 为了使用内部DHCP所有虚拟局域网是必须有在管理网络的一个DHCP池为了开始在ME的DHCP服务器进程。这是一......Read More

本文转自：https://www.cisco.com/c/zh_cn/support/docs/wireless/mobility-express/212484-configure-flexconnect-vlan-mappings-on-m.html 目录 简介先决条件要求使用的组件配置在Flexconnect社团级别的VLAN映射在AP级别的VLAN映射验证故障排除 简介 本文描述步骤配置flexconnect VLAN映射在接入点(AP)和flexconnect社团级别。 先决条件 要求 Cisco 建议您了解以下主题： Cisco Mobility Express部署和基本配置。在WLC的Flexconnect配置 使用的组件 本文档中的信息基于以下软件和硬件版本： 运行软件版本8.5的Cisco 2802 AP。在flexconnect模式运行的2802 AP的。 本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始（默认）配置。如果您使用的是真实网络，请确保您已经了解所有命令的潜在影响。 Note:在移动性快速无线局域网控制器(WLC)上， VLAN相关的配置可以被执行在AP或在flexconnect社团级别。推荐运用配置在flexconnect社团级别，除非一些个AP的需要有一不同的配置。 配置 在Flexconnect社团级别的VLAN映射 在快速的移动性只有呼叫默认flexgroup的一flexconnect组。默认......Read More

本文转自：https://www.cisco.com/c/zh_cn/support/docs/wireless/mobility-express-aironet-access-points/215410-convert-capwap-1852-access-point-ap-to.html 目录 简介先决条件要求使用的组件配置步骤1.下载移动性快速软件AIR-AP1850-K9-ME-8-10-112-0.zip并且解压缩文件。步骤2.确保1852有网络协议(IP)地址。第 3 步：在转换AP不提及什么关于移动性高速公路前。步骤4.运行命令和使用ap1g4作为文件名。第 5 步：在AP重启以后的少量分钟， Cisco向导配置工具将启动。步骤6.如镜像所显示10.10.1.232分配作为移动性Express的管理IP地址和用于访问图形用户界面(GUI)。验证故障排除 简介 本文描述如何转换一轻量级接入点(LWAP) 1852对移动性Express (ME)。 先决条件 要求 Cisco 建议您了解以下主题： 对AP的CLI访问使用控制台电缆。简单文件传输协议(TFTP)服务器。 使用的组件 1852I APTFTP 服务器 本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始（默认）配置。如果您的网络处于活动状态，请确保您了解所有命令的潜在影响。 配置 网络图 步骤1.下载移动性快速软件AIR-AP1850-......Read More

本文转自：https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/configuration/vpn/asa-98-vpn-config/webvpn-troubleshooting.html Chapter: Clientless SSL VPN Troubleshooting Chapter Contents Recover from Hosts File Errors When Using Application AccessWebVPN Conditional DebuggingCapture DataProtect Clientless SSL VPN Session Cookies Recover from Hosts File Errors When Using Application Access To prevent hosts file errors that can interfere with Application Access, close the Application Access window properly when you finish using Application Access. To do so, click the close icon. When Application Access terminates abnormally, the hosts file remains in a Clientless SSL VPN-customized state. Clientless SSL VPN checks the state the next time you start Application Access by searching for a hosts.webvpn file. If it finds one, a Backup HOSTS File Found error message appears, and Application Access is temporarily switched off. If Application Acces......Read More

本文转自：https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/configuration/vpn/asa-98-vpn-config/webvpn-customizing.html Chapter: Customizing Clientless SSL VPN Chapter Contents Clientless SSL VPN End User SetupCustomize Bookmark Help Clientless SSL VPN End User Setup This section is for the system administrator who sets up Clientless SSL VPN for end users. It describes how to customize the end-user interface and summarizes configuration requirements and tasks for a remote system. It specifies information to communicate to users to get them started using Clientless SSL VPN. Define the End User InterfaceCustomize Clientless SSL VPN PagesInformation About CustomizationExport a Customization TemplateEdit the Customization TemplateImport a Customization ObjectApply Customizations to Connection Profiles, Group Policies, and UsersLogin Screen Advanced CustomizationModify Your HTML File Define the End User Interface The Clientless SSL VPN end user interface c......Read More

本文转自：https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/configuration/vpn/asa-98-vpn-config/webvpn-mobile-devices.html Chapter: Clientless SSL VPN with Mobile Devices Chapter Contents Use Clientless SSL VPN with Mobile Devices Use Clientless SSL VPN with Mobile Devices You can access Clientless SSL VPN from your Pocket PC or other certified mobile device. Neither the ASA administrator nor the Clientless SSL VPN user need do anything special to use Clientless SSL VPN with a certified mobile device. Cisco has certified the following mobile device platforms: HP iPaq H4150Pocket PC 2003Windows CE 4.20.0, build 14053Pocket Internet Explorer (PIE)ROM version 1.10.03ENGROM Date: 7/16/2004 Some differences in the mobile device version of Clientless SSL VPN exist: A banner Web page replaces the popup Clientless SSL VPN window.An icon bar replaces the standard Clientless SSL VPN floating toolbar. This bar displays the Go, Home and Logout buttons.The Show......Read More

本文转自：https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/configuration/vpn/asa-98-vpn-config/webvpn-configure-users.html Chapter: Clientless SSL VPN Users Chapter Contents Manage PasswordsUse Single Sign-On with Clientless SSL VPNUsername and Password RequirementsCommunicate Security TipsConfigure Remote Systems to Use Clientless SSL VPN Features Manage Passwords Optionally, you can configure the ASA to warn end users when their passwords are about to expire. The ASA supports password management for the RADIUS and LDAP protocols. It supports the “password-expire-in-days” option for LDAP only. You can configure password management for IPsec remote access and SSL VPN tunnel-groups. When you configure password management, the ASA notifies the remote user at login that the user’s current password is about to expire or has expired. The ASA then offers the user the opportunity to change the password. If the current password has not yet expired, the us......Read More

本文转自：https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/configuration/vpn/asa-98-vpn-config/webvpn-remote-user-guide.html Chapter: Clientless SSL VPN Remote Users Chapter Contents This chapter summarizes configuration requirements and tasks for the user remote system. It also helps users get started with Clientless SSL VPN. It includes the following sections: NoteMake sure that the ASA has been configured for Clientless SSL VPN. Clientless SSL VPN Remote UsersUsernames and PasswordsCommunicate Security TipsConfigure Remote Systems to Use Clientless SSL VPN FeaturesCapture Clientless SSL VPN Data Clientless SSL VPN Remote Users This chapter summarizes configuration requirements and tasks for the user remote system. It also helps users get started with Clientless SSL VPN. It includes the following sections: NoteMake sure that the ASA has been configured for Clientless SSL VPN. Usernames and Passwords Depending on your network, during a remote ......Read More