Open In App

Cisco WLC WPA2 PSK Authentication

Last Updated : 18 Mar, 2023
Improve
Improve
Like Article
Like
Save
Share
Report

Cisco Wireless LAN Controllers (WLCs) support Wi-Fi Protected Access II (WPA2) Personal (PSK) authentication for wireless clients. WPA2-PSK provides a more secure alternative to the older WPA and WEP security protocols by using stronger encryption and authentication methods. In WPA2-PSK authentication, a shared secret or passphrase is used to authenticate the wireless client to the access point (AP) or WLC. This shared secret is used to generate a Pairwise Master Key (PMK) that creates an encryption key for encrypting data transmitted between the wireless client and the AP/WLC. WPA2-PSK uses a four-way handshake process to establish the encryption key, ensuring secure communication. WPA2-PSK is relatively secure for small-scale wireless networks, but using a shared secret is less secure than unique login credentials. In larger networks, more advanced security protocols such as 802.1X/EAP may be necessary.

We will learn how to set up a fundamental wireless network using WPA2 Pre-Shared Key (PSK) authentication in this tutorial. To employs the topology and configuration that we developed in the session on Cisco WLC fundamental configuration. The physical topology is as follows:

 

IP Addressing of Components:

There are two VLANs on this network:

  • Management VLAN is VLAN 10.
  • VLAN 20: A user-accessible wireless network.

Please refer to the table of component IP addresses to configure all devices of the topology given above.

Components

VLAN

IP Addresses

Wireless LAN Controller

10

192.168.10.100

Switch 

10

192.168.10.254

Access Points 1 and 2

10

DHCP connections

Switch

20

192.168.20.254

Configuration:

1. Wireless LAN Controller:  To configure Wireless LAN Controller, Go to the Wireless LAN Controller Icons on your Cisco Packet Tracer and do the following configurations given below in the image.

 

2. Switch at VLAN 10 and 20:  To configure the Switch, Go to the Switch Icons on your Cisco Packet Tracer and do the following configurations given below in the image.

 

Go to CLI of Switch to Assign IP at VLAN 10:

Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. 
End with CNTL/Z.
Switch(config)#interface FastEthernet0/1
Switch(config-if)#interface FastEthernet0/1
Switch(config-if)#ip address 192.168.10.254 255.255.255.0
Switch(config-if)#no shutdown

 

Go to CLI of Switch to Assign IP at VLAN 20:

Switch>enable
Switch#configure terminal
Enter configuration commands, one per line.  
End with CNTL/Z.
Switch(config)#interface FastEthernet1/1
Switch(config-if)#interface FastEthernet1/1
Switch(config-if)#ip address 
192.168.20.254 255.255.255.0
Switch(config-if)#no shutdown

3. Access Points 1 and 2:   To make your access points DHCP Enabled, do the following configurations given in the images:

For AP1: 

AP1

 

For AP2: 

AP2

 

The output of Configuration:

After the configuration of all devices, the network will be able to authenticate with Cisco WLC WPA2 PSK.

Cisco WLC WPA2 PSK Authentication

 


Like Article
Suggest improvement
Next
What is Kerberos Authentication?
Share your thoughts in the comments

Similar Reads

Configuring Local User Authentication in Cisco
Configuring Basic Password Authentication in Cisco
How to Configure User Authentication?
Connecting Multiple Computers Using Hub in Cisco Packet Tracer
Configuring RIP Default Information Originate in Cisco
Configuring RIP Route Summarization in Cisco
Implementation of VLSM in Cisco
How to Create and Delete VLAN on Cisco Catalyst Switch?
Configuring RIP Timers in Cisco
Steps Involves in Cisco Router Configuration Backups
author
ritik_shrivas
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox