Example: Configuring a Virtual Access Point for WPA Enterprise and MAC Filtering (CLI)

This example shows how to configure virtual access point vap-2 on radio 1 for access point ap-1 with the following settings:

SSID: employee-only
VLAN ID: 217
Client security: WPA2 Enterprise, with both TKIP and CCMP ciphers, and pre-authentication.
RADIUS server IP address 192.211.1.254 and RADIUS shared secret sandia#978
MAC filtering for denied MAC addresses 00:08:C7:1B:8C:02 and 01:23:45:67:89:ab

Before you configure an access point, you must specify the MAC address of the access point being configured. See AX411 Access Point Configuration Overview.

user@host# set wlan access-point ap-1 radio 1 virtual-access-point vap–2 ssid employee-only vlan 217 security wpa-enterprise wpa-version 2 cipher-suite both preauthentication radius radius-server 192.211.1.254 radius-key sandia#978user@host# set wlan access-point ap-1 radio 1 virtual-access-point vap–2 security mac-authentication-type localuser@host# set wlan access-point ap-1 access-point-options station-mac-filter deny-list mac-address 00:08:C7:1B:8C:02 01:23:45:67:89:ab