Email Alert Status Chapter 3: Administration System Settings User Accounts Time Settings Log Settings Email Alert HTTP/HTTPS Service Management Access Control Manage Firmware Download/Backup Configuration File Configuration Files Properties Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE...
Page 3
Rogue AP Detection Networks Scheduler Scheduler Association Bandwidth Utilization MAC Filtering WDS Bridge WorkGroup Bridge Quality of Service Chapter 6: System Security RADIUS Server 802.1X Supplicant Password Complexity WPA-PSK Complexity Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE...
Page 4
Instance Configuration Instance Association Web Portal Customization Local Groups Local Users Authenticated Clients Failed Authentication Clients Chapter 10: Single Point Setup Single Point Setup Overview Access Points Sessions Channel Management Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE...
Page 5
Contents Wireless Neighborhood Chapter A: Deauthentication Message Reason Codes Deauthentication Reason Code Table Appendix B: Where to Go From Here Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE...
Explorer. Select Tools > Internet Options and then select the Security tab. Select Local Intranet and select Sites. Select Advanced and then select Add. Add the intranet address of the WAP device (http://<ip-address>) to the local intranet zone. The IP Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 7
• To find your IP address, you can use the Cisco FindIT Network Discovery Utility. This tool enables you to automatically discover all supported Cisco Small Business devices in the same local network segment as your computer. For more information, go to cisco.com and enter www.cisco.com/go/findit.
Page 8
Click Log In. The Access Point Setup Wizard page opens. STEP 3 If this is the first time that you logged on with the default user name (cisco) and the default password (cisco) or your password has expired, the Change Admin Password page opens.
If you click Cancel to bypass the Wizard, the Change Password page appears. You can then NOTE change the default password for logging in. For all other settings, the factory default configurations apply. You must log in again after changing your password. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 10
VLAN and IPv4 Address Settings. Click Next. The Single Point Setup — Set a Cluster window appears. For a description of STEP 3 Single Point Setup, see Single Point Setup. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 11
(Optional) You can enter the Cluster Management IP Address to control all the devices in cluster. Click Next. The Configure Device - Set System Date and Time window appears. STEP 5 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 12
Select your time zone, and then set the system time manually or set up the WAP device to get STEP 6 its time from an NTP server. For a description of these options, see Time Settings. Click Next. The Enable Security - Set Password window appears. STEP 7 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 13
For this window and the following two windows (Wireless Security and VLAN NOTE ID), you configure these settings for the Radio 1 interface first. Then, for WAP561 devices, the windows repeat to enable you to configure these settings for Radio 2. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 14
Enter a Network Name. This name serves as the SSID for the default wireless network. STEP 10 Click Next. The Enable Security - Secure Your Wireless Network window appears. STEP 11 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 15
Choose a security encryption type and enter a security key. For a description of these options, STEP 12 System Security. Click Next. The Wizard displays the Enable Security- Assign the VLAN ID For Your Wireless STEP 13 Network window. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 16
STEP 15 For the WAP561 device, the Network Name, Wireless Security, and VLAN ID pages show to STEP 16 enable configuring Radio 2. When finished with configuring Radio 2, click Next. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 17
Choose a security encryption type for the guest network and enter a security key. For a STEP 20 description of these options, see System Security. Click Next. The Wizard displays the Enable Captive Portal - Assign the VLAN ID window. STEP 21 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 18
Cancel, all settings are returned to the previous or default values. If they are correct, click Submit. Your WAP setup settings are saved and a confirmation STEP 27 window appears. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 19
Getting Started Using the Access Point Setup Wizard Access Point Setup Wizard—Finish Click Finish. The Getting Started window appears. STEP 28 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Setup Wizard Configure Radio Settings Radio Configure Wireless Network Settings Networks Configure LAN Settings Configure Single Point Setup Single Point Setup Device Status System Summary System Summary Wireless Status Network Interfaces Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
It provides these buttons: Buttons Button Name Description (User) The account name (Administrator or Guest) of the user logged into the WAP device. The factory default user name is cisco. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 22
WAP devices. If a main menu item is preceded by an arrow, select to expand and display the submenu of each group. You can then select on the desired submenu item to open the associated page. Navigation Pane Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Edits or modifies an existing entry. Select an entry first. Refresh Redisplays the current page with the latest data. Save Saves the settings or configuration. Update Updates the new information to the startup configuration. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
• Traffic Statistics • WorkGroup Bridge Transmit/Receive • Associated Clients • TSPEC Client Associations • TSPEC Status and Statistics • TSPEC AP Statistics • Radio Statistics • Email Alert Status • Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
To view system information, select Status and Statistics > System Summary in the navigation pane. Or, select System Summary under Device Status on the Getting Started page. System Summary 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 26
PID VID—The WAP hardware model and version. • Serial Number—The serial number of the Cisco WAP device. • Base MAC Address—The WAP MAC address. • Firmware Version (Active Image)—The firmware version number of the active image. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 27
Time Wait—The closing sequence has been initiated and the WAP is waiting for a system-defined timeout period (typically 60 seconds) before closing the connection. You can click Refresh to refresh the screen and show the most current information. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Network Interfaces The Network Interfaces page shows this information: • LAN Status—These settings apply to the internal interface. For the WAP321, the information indicates whether or not Green Ethernet mode is enabled. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
WAP was last started. If you reboot the WAP, these figures indicate transmit and receive totals since the reboot. To show the Traffic Statistics page, select Status and Statistics > Traffic Statistics in the navigation pane. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 30
Network Interface—Name of the Ethernet interface and each VAP and WDS interface. On WAP561 devices, WLAN0 and WLAN1 precede the VAP interface name to indicate the radio interface (WLAN0 represents radio 1 and WLAN1 represents radio Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Network Interface—Name of the Ethernet or VAP interface. On WAP561 devices, WLAN0 represents radio 1 and WLAN1 represents radio 2. • Status and Statistics—Whether the interface is disconnected or is administratively configured as up or down. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Network Interface—The VAP the client is associated with. On WAP561 devices, WLAN0 and WLAN1 precede the VAP interface name to indicate the radio interface (WLAN0 represents radio 1 and WLAN1 represents radio 2). Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 33
STA has not been admitted. • Up Time—The amount of time the client has been associated with the WAP device. You can click Refresh to refresh the screen and show the most current information. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
• TS Identifier—TSPEC Traffic Session Identifier (range 0 to 7). • Access Category—TS Access Category (voice or video). • Direction—Traffic direction for this TS. Direction can be one of these options: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 35
WAP device. • To Station—The number of packets and bytes transmitted from the WAP device to the wireless client and the number of packets and bytes that were dropped upon transmission. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
If you reboot the WAP device, these figures indicate transmit and receive totals since the reboot. To view TSPEC status and statistics, select Status and Statistics > TSPEC Status and Statistics in the navigation pane. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 37
• Status—Whether the TSPEC session is enabled (up) or not (down) for the corresponding Access Category. Status is a configuration status (it does not necessarily represent the current NOTE session activity). Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The TSPEC AP Statistics page provides information on the voice and video Traffic Streams accepted and rejected by the WAP device. To view the TSPEC AP Statistics page, select Status and Statistics > TSPEC AP Statistics in the navigation pane. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
You can use the Radio Statistics page to show packet-level and byte-level statistics for theeach wireless radio interface. To view the Radio Statistics page, select Status and Statistics > Radio Statistics in the navigation pane. Radio Statistics 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 40
Multicast Frames Received—Count of MSDU frames received with the multicast bit set in the destination MAC address. • Multicast Frames Transmitted—Count of successfully transmitted MSDU frames where the multicast bit was set in the destination MAC address. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The Email Alert Status page provides information about the email alerts sent based on the syslog messages generated in the WAP device. To view the Email Alert Status page, select Status and Statistics > Email Alert Status in the navigation pane. Email Alert Status Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Up to 512 events can be shown. Older entries are removed from the list as needed to make room for new events. To view the Log page, select Status and Statistics > Log in the navigation pane. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 43
Description—A description of the event. You can click Refresh to refresh the screen and show the most current information. You can click Clear All to clear all entries from the log. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Click Save. The changes are saved to the Startup Configuration. STEP 3 User Accounts One management user is configured on the WAP device by default: • User Name: cisco • Password: cisco Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Select Administration > User Accounts in the navigation pane. STEP 1 User Accounts The User Account Table shows the currently configured users. The user cisco is preconfigured in the system to have Read/Write privileges. All other users can have Read Only Access, but not Read/Write access.
User Accounts The User Account Table shows the currently configured users. The user cisco is preconfigured in the system to have Read/Write privileges. The password for the user cisco can be changed. Select the user to configure and click Edit.
Time Zone—Select the time zone for your location. Select Adjust Time for Daylight Savings if daylight savings time is applicable to your time STEP 3 zone. When selected, configure these fields: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 49
When selected, configure these fields: • Daylight Savings Start—Select the week, day, month, and time when daylight savings time starts. • Daylight Savings End—Select the week, day, month, and time when daylight savings time ends. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Enabling persistent logging can wear out the flash (nonvolatile) memory and degrade network CAUTION performance. Only enable persistent logging to debug a problem. Make sure that you disable persistent logging after you finish debugging the problem. To configure persistent logging: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Click Save. The changes are saved to the Startup Configuration. STEP 3 Remote Log Server Remote Log Server The Kernel Log is a comprehensive list of system events (shown in the System Log) and kernel messages such as error conditions. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 52
After new settings are saved, the corresponding processes may be stopped and restarted. When NOTE this happens, the WAP device may lose connectivity. We recommend that you change WAP device settings when a loss of connectivity will least affect your wireless clients. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
To configure the WAP device to send email alerts: Select Administration > Email Alert in the navigation pane. STEP 1 Email Alert In the Global Configuration area, configure these parameters: STEP 2 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 54
The username can be from 1 to 64 alphanumeric characters. • Password—Enter the password for the email account that will be used to send these emails. The password can be from 1 to 64 characters. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Username: Your email address, without the domain name such as myName (without @yahoo.com) Password: Your Yahoo account password The following example shows a sample format of a general log email: From: AP-192.168.2.10@mailserver.com Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
If HTTPS is used for secure management sessions, you also use the HTTP/ HTTPS Service page to manage the required SSL certificates. Configuring HTTP and HTTPS Services Configuring HTTP and HTTPS Services To configure HTTP and HTTP services: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 57
1 to 10 sessions. The default is 5. If the maximum number of sessions is reached, the next user who attempts to log on to the configuration utility receives an error message about the session limit. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
In the Certificate File Status area, you can view whether a certificate currently exists on the WAP device, and view this information about it: • Certificate File Present • Certificate Expiration Date Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 59
To enable Telnet or SSH: Select Administration > Telnet/SSH Service in the navigation window. STEP 1 SSH/Telnet Service Select Enable for Telnet or SSH. STEP 2 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Administrative computer, you will lose access to the configuration interface. It is highly recommend to give the Administrative computer a static IP address, so the address does not change over time. To create an access list: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 61
After you upload new firmware and the system reboots, the newly added firmware becomes the primary image. If the upgrade fails, the original firmware remains as the primary image. When you upgrade the firmware, the access point retains the existing configuration NOTE information. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
TFTP Upgrade TFTP Upgrade To upgrade the firmware on an access point using TFTP: Select Administration > Manage Firmware in the navigation pane. STEP 1 Manage Firmware Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
To verify that the firmware upgrade completed successfully, log into the user interface and STEP 5 display the Upgrade Firmware page and view the active firmware version. HTTP Upgrade HTTP Upgrade To upgrade using HTTP: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
An HTTP server starts and listens for client connections on port 80. The Firmware Recovery page is shown in the web-based configuration utility only when an NOTE image needs to be restored. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 65
The CRC of the file is good. • The STK file is built for this platform. • The STK file size is within the partition limits (4.5 MB is reserved for this file). Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
WAP device. See Copy/Save Configuration. Backing Up a Configuration File Backing Up a Configuration File To back up (upload) the configuration file to a network host or TFTP server: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 67
The filename cannot contain the following characters: spaces, <, >, |, \, : , (, ), &, ; , #, ? , *, and two or more successive periods. For a TFTP backup only, enter the TFTP Server IPv4 Address. STEP 5 Select which configuration file you want to back up: STEP 6 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Click Save to begin the upgrade or backup. For HTTP downloads, a window appears to enable STEP 6 you to browse to select the file to download. When the download is finished, a window indicates success. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
For example, you can copy the Backup Configuration file to the Startup Configuration file type, so that it is used the next time you boot up the WAP device. To copy a file to another file type: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 70
For the Destination File Name, select the file type to be replaced with the file you are copying. STEP 3 Click Save to begin the copy process. STEP 4 When complete, a window shows the message, Copy Operation Successful. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The WAP device advertises these service types: • Cisco-specific device description (csco-sb)—This service enables clients to discover Cisco WAP devices and other products deployed in small business networks. • Management user interfaces—This service identifies the management interfaces available on the WAP device (HTTP, Telnet, SSH, and SNMP).
The WAP device can capture these types of packets: • 802.11 packets received and transmitted on radio interfaces. Packets captured on radio interfaces include the 802.11 header. • 802.3 packets received and transmitted on the Ethernet interface. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 73
View the current packet capture status. • Download a packet capture file. Packet Capture Configuration Packet Capture Configuration The Packet Capture Configuration area enables you to configure parameters and initiate a packet capture. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 74
As soon as the capture is completed, the radio reverts to nonpromiscuous mode operation. • Radio Client Filter—Enables or disables the WLAN client filter to capture only frames that are transmitted to, or received from, a WLAN client with a specified MAC address. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
WLAN1:VAP0—VAP0 traffic on Radio 2 (for WAP561 devices only). VAP1 to VAP15, if configured—Traffic on the specified VAP. For WAP561, the interface names are preceded by WLAN0: or WLAN1:, where WLAN0 represents Radio 1 and WLAN1 represents Radio 2. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
A Microsoft Windows computer running the Wireshark tool allows you to display, log, and analyze captured traffic. The remote packet capture facility is a standard feature of the Wireshark tool for Windows. Linux version does not work with the WAP device. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 77
IP address, there is a pull-down list for you to select the interfaces. The interface can be one of the following: Linux bridge interface in the wap device --rpcap://[192.168.1.220]:2002/brtrunk Wired LAN interface -- rpcap://[192.168.1.220]:2002/eth0 VAP0 traffic on radio 1 -- rpcap://[192.168.1.220]:2002/wlan0 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 78
WAP device automatically installs a capture filter to filter out all packets destined to the Wireshark application. For example, if the Wireshark IP port is configured to be 58000, then this capture filter is automatically installed on the WAP device: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
/tmp/apcapture.pcap on the WAP device. Specify a TFTP Server IPv4 Address in the field provided. STEP 3 Click Download. STEP 4 To download a packet capture file using HTTP: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Support Information Click Download to generate the file based on current system settings. After a short pause, a window appears to enable you to save the file to your computer. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The Port Settings page enables you to view and configure settings for the port that physically connects the WAP device to a local area network. To view and configure LAN settings: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 82
When Green Ethernet Mode is enabled, the WAP device automatically enters a low- power mode when energy on the line is lost, and it resumes normal operation when energy is detected. Click Save. The changes are saved to the Startup Configuration. STEP 6 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Untagged VLAN ID—Specifies a number between 1 and 4094 for the untagged VLAN ID. The default is 1. Traffic on the VLAN that you specify in this field is not be tagged with a VLAN ID when forwarded to the network. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
STEP 3 • Connection Type—By default, the DHCP client on the Cisco WAP551 and WAP561 Access Point automatically broadcasts requests for network information. If you want to use a static IP address, you must disable the DHCP client and manually configure the IP address and other network information.
Page 85
Router Advertisements received on the LAN port. The WAP device can have multiple autoconfigured IPv6 addresses. • Static IPv6 Address—The static IPv6 address. The WAP device can have a static IPv6 address even if addresses have already been configured automatically. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
IPv6 Tunnel The WAP551 and WAP561 devices support the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP). ISATAP enables the WAP device to transmit IPv6 packets encapsulated within IPv4 packets over the LAN. The protocol enables the WAP device to communicate with remote IPv6-capable hosts even when the LAN that connects them does not support IPv6.
Page 87
ISATAP router(s) it learns about through the DNS query messages. The WAP sends router solicitation messages only when there is no active ISATAP router. The valid range is 120 to 3600 seconds. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 88
When the tunnel is established, the ISATAP IPv6 Link Local Address and ISATAP IPv6 Global Address show on the page. These are the virtual IPv6 interface addresses to the IPv4 network. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Radio settings directly control the behavior of the radio in the WAP device and its interaction with the physical medium; that is, how and what type of signal the WAP device emits. To configure radio settings: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 90
MAC Address—The Media Access Control (MAC) address for the interface. The MAC address is assigned by the manufacturer and cannot be changed. • Mode—The IEEE 802.11 standard and frequency the radio uses. one of the available modes: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 91
The range of available channels is determined by the mode of the radio interface and the country code setting. If you select Auto for the channel setting, the WAP device scans available channels and selects a channel where the least amount of traffic is detected. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 92
Enter an integer from 20 to 2000 milliseconds. The default is 100 milliseconds. • DTIM Period—The Delivery Traffic Information Map (DTIM) period. Enter an integer from 1 to 255 beacons. The default is 2 beacons. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 93
However, sending more RTS packets can help the network recover from interference or collisions that might occur on a busy network, or on a network experiencing electromagnetic interference. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 94
It is generally more efficient to have a WAP device broadcast a subset of its supported rate sets. • MCS (Data Rate) Settings—The Modulation and Coding Scheme (MCS) index values that the WAP device advertises. MCS can enhance throughput for 802.11n wireless clients. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 95
TSPEC was admitted. Off—A station can send and receive voice priority traffic without requiring an admitted TSPEC; the WAP device ignores voice TSPEC requests from client stations. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 96
After new settings are saved, the corresponding processes may be stopped and restarted. When CAUTION this happens, the WAP device may lose connectivity. We recommend that you change WAP device settings when a loss of connectivity will least affect your wireless clients. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
APs detected through the RF scan. To view more information about rogue APs, select Wireless > Rogue AP Detection in the main navigation pane. Rogue AP Detection 121/32 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 98
WAP device does not have any control over the APs on the list and cannot apply any security policies to APs detected through the RF scan. • MAC Address—The MAC address of the rogue AP. • Beacon Interval—The beacon interval used by the rogue AP. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 99
The channel defines the portion of the radio spectrum that the radio uses for transmitting and receiving. You can use the Radio page to set the channel. NOTE • Rate—The rate in megabits per second at which the rogue AP is currently transmitting. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 100
AP or created from a text file. If the MAC address of an AP appears in the Trusted AP List, it is not detected as a rogue. To import an AP list from a file, use these steps: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
SSID Naming Conventions SSID Naming Conventions The default SSID for VAP0 is ciscosb. Every additional VAP created has a blank SSID name. The SSIDs for all VAPs can be configured to other values. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
WLAN clients associated with this specific VAP can administer the WAP device. If needed, an access control list (ACL) can be created to disable administration from WLAN clients. Networks 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
VLAN and IPv4 Address Settings. • SSID Name—A name for the wireless network. The SSID is an alphanumeric string of up to 32 characters. Choose a unique SSID for each VAP. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 104
MAC Filtering—Specifies whether the stations that can access this VAP are restricted to a configured global list of MAC addresses. You can select one of these types of MAC filtering: Disabled—Do not use MAC filtering. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
This security mode can be useful during initial network configuration or for problem solving, but it is not recommended for regular use on the internal network because it is not secure. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 106
Required field. These are the RC4 WEP keys shared with the stations using the WAP device. Each client station must be configured to use one of these same WEP keys in the same slot as specified on the WAP device. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 107
WEP keys specified on the WAP device in order to decode AP-to-station data transmissions. • The WAP device must have all keys used by clients for station-to-AP transmit so that it can decode the station transmissions. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 108
To use the global RADIUS server settings, ensure that the check box is selected. To use a separate RADIUS server for the VAP, uncheck the check box and enter the RADIUS server IP address and key in these fields: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 109
• Active Server—Enables administratively selecting the active RADIUS server, rather than having the WAP device attempt to contact each configured server in sequence and choose the first server that is up. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 110
This WPA configuration allows more interoperability in place of some security. WPA clients must have one of these keys to be able to associate with the WAP device: A valid TKIP key A valid AES-CCMP key Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 111
IEEE 802.11i standard. As per the latest WiFi Alliance requirement, the AP has to support this mode all the time. • Enable pre-authentication—If for WPA Versions you select only WPA2 or both WPA and WPA2, you can enable pre-authentication for WPA2 clients. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 112
WAP device and on your RADIUS server. The text you enter is shown as asterisks to prevent others from seeing the RADIUS key as you type. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The WAP device supports up to 16 profiles. Only valid rules are added to the profile. Up to 16 rules are grouped together to form a scheduling profile. Periodic time entries belonging to the same profile cannot overlap. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
To add a profile, enter a profile name in the Scheduler Profile Configuration text box and click STEP 3 Add. The profile name can be up to 32 alphanumeric characters. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 115
A Scheduler profile must be associated with a radio interface or a VAP interface to be in effect. NOTE See the Scheduler Association page. To delete a rule, select the profile from the Profile Name column and click Delete. NOTE Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Only one Scheduler profile can be associated with the WLAN interface or each VAP. A single profile can be associated with multiple VAPs. If the Scheduler profile associated with a VAP or the WLAN interface is deleted, then the association is removed. Scheduler Association 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Use the Bandwidth Utilization page to configure how much of the radio bandwidth can be used before the WAP device stops allowing new client associations. This feature is enabled by default. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Depending on how the VAP is configured, the WAP device may refer to a MAC filter list stored on an external RADlUS server, or may refer a MAC filter list stored locally on the WAP device. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Continue entering MAC addresses until the list is complete, and then click Save. The changes STEP 4 are saved to the Startup Configuration. To remove a MAC address from the Stations List, select it and then click Remove. NOTE Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
In this mode, the central WAP device accepts client associations and communicates with the clients and other repeaters. All other access points associate only with the central WAP device that forwards the packets to the appropriate wireless bridge for routing purposes. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 121
WAP device that is operating as a repeater. Before you configure WDS on the WAP device, note these guidelines: • All Cisco WAP devices participating in a WDS link must have the following identical settings: Radio IEEE 802.11 Mode...
Page 122
Wireless WDS Bridge Select Wireless > WDS Bridge in the navigation pane. STEP 1 WDS Bridge 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 123
WPA2-PSK with CCMP (AES) encryption over the WDS link. See WEP on WDS Links or WPA/PSK on WDS Links following this procedure for more information about encryption options. Repeat these steps for up to three additional WDS interfaces. STEP 5 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
WDS ID is also entered at the other end of the WDS link. If this WDS ID is not the same for both WAP devices on the WDS link, they will not be able to communicate and exchange data. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
To allow the bridging of packets, the VLAN configuration for the access point interface and wired interface should match that of the infrastructure client interface. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 126
It is not recommended to associate another AP to the downstream interface of the WAP device operating in WorkGroup Bridge mode; that is, the chaining or cascading of APs is not supported. To configure WorkGroup Bridge mode: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 127
Wireless WorkGroup Bridge Select Wireless > WorkGroup Bridge in the navigation pane. STEP 1 WorkGroup Bridge 121/321 551/561 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 128
SSID Broadcast—Select if you want the downstream SSID to be broadcast. SSID Broadcast is enabled by default. • Security—The type of security to use for authenticating. Choices are: None Static WEP Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
In normal use, the default values for the WAP device and station EDCA should not need to be changed. Changing these values affects the QoS provided. To configure WAP device and Station EDCA parameters: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 130
Wireless Quality of Service Select Wireless > QoS in the navigation pane.QoS 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 131
Data 0 (Voice)—High priority queue, minimum delay. Time-sensitive data such as VoIP and streaming media are automatically sent to this queue. • Data 1 (Video)—High priority queue, minimum delay. Time-sensitive video data is automatically sent to this queue. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 132
Valid values are 1, 3, 7, 15, 31, 63, 127, 255, 511, or 1023. This value must be higher than the value for the Minimum Contention Window. • Maximum Burst (WAP only)—A WAP EDCA parameter that applies only to traffic flowing from the WAP to the client station. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 133
After new settings are saved, the corresponding processes may be stopped and restarted. When CAUTION this happens, the WAP device may lose connectivity. We recommend that you change WAP device settings when a loss of connectivity will least affect your wireless clients. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 134
Wireless Quality of Service Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 135
Wireless Quality of Service Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
In addition to using the global RADIUS servers, you can also configure each VAP to use a NOTE specific set of RADIUS servers. See the Networks page. To configure global RADIUS servers: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 137
If authentication fails with the primary server, each configured backup server is tried in sequence. • Key 1—The shared secret key that the WAP device uses to authenticate to the primary RADIUS server. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
802.1X authenticator grants access. If your network uses 802.1X, you must configure 802.1X authentication information on the WAP device, so that it can supply it to the authenticator. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 139
PEAP—Protected Extensible Authentication Protocol, which provides a higher level of security than MD5 by encapsulating it within a TLS tunnel. TLS—Transport Layer Security, as defined in RFC 5216, an open standard that provides a high level of security. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 140
<, >, |, \, : , (, ), &, ; , #, ? , *, and two or more successive periods. Click Upload. STEP 3 A confirmation window appears, followed by a progress bar to indicate the status of the upload. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Minimum Password Length—The minimum password character length is a range from 0 to 32. The default is 8. • Password Aging Support—Select to have passwords expire after a configured time period. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Three is the default. • WPA-PSK Different From Current—Select one of these options: Enable—Users must configure a different key after their current key expires. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 143
8 to 16. The default is 8. Check the box to make the field editable and to activate this requirement. Click Save. The changes are saved to the Startup Configuration. STEP 4 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
ACLs and DiffServ policies to use as default values for clients associated with the VAP when the client does not have their own attributes defined by a RADIUS server. To configure VAP QoS parameters: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 145
• Bandwidth Limit Up—The maximum allowed client transmission rate to the AP in bits per second. The valid range is 0 – 4294967295 bps. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 146
DiffServ Policy Up—The name of the DiffServ policy applied to traffic sent to the AP in the inbound (up) direction. Click Save. The changes are saved to the Running Configuration and to the Startup STEP 5 Configuration. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
There is an implicit deny at the end of every rule created. To avoid deny all, it is strongly NOTE recommended to add a permit rule within the ACL to allow traffic. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Configure the match criteria for the rules. STEP 6 Use the Client QoS Association page to apply the ACL to one or more VAPs. STEP 7 These steps give a detailed description of how to configure ACLs: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 149
IPv4 and IPv6 ACLs control access to network resources based on Layer 3 and Layer 4 criteria. MAC ACLs control access based on Layer 2 criteria. Click Add ACL. STEP 3 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 150
When you select Permit, the rule allows all traffic that meets the rule criteria to enter or exit the WAP device (depending on the ACL direction you select). Traffic that does not meet the criteria is dropped. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 151
If you select Source Port, choose the port name or enter the port number. Select From List—The keyword associated with the source port to match: ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 152
1024 to 49151—Registered Ports 49152 to 65535—Dynamic and/or Private Ports • IP DSCP—Matches packets based on their IP DSCP value. If you select IP DSCP, choose one of these options as the match criteria: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 153
• Destination IPv6 Address—Select this field to require a packet's destination IPv6 address to match the address listed here. Enter an IPv6 address in the appropriate field to apply this criteria. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 154
MAC address, a MAC mask of 00:00:00:00:ff:ff is used. A MAC mask of 00:00:00:00:00:00 checks all address bits and is used to match a single MAC address. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
You can use the Class Map page to define classes of traffic. Use the Policy Map page to define policies and associate class maps to them. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Select a value from the Match Layer 3 Protocol list: STEP 3 • IPv4—The class map applies only to IPv4 traffic on the WAP device. • IPv6—The class map applies only to IPv6 traffic on the WAP device. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The match criteria fields that are available depend on whether the class map is an IPv4 or IPv6 class map. Defining a Class Map Defining a Class Map To configure a class map: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 158
Destination IP Mask (IPv4 only)—The destination IP address mask. The mask for DiffServ is a network-style bit mask in IP dotted decimal format indicating which part(s) of the destination IP address to use for matching against packet content. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 159
Match to Port—Matches the destination port in the datagram header with an IANA port number that you specify. The port range is from 0 to 65535 and includes three different types of ports: 0 to 1023—Well Known Ports Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 160
VLAN ID—A VLAN ID to be matched for packets. The VLAN ID range is from 0 to 4095. The following Service Type fields show for IPv4 only. You can specify one type of service to use in matching packets to class criteria. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The WAP device supports up to 50 policy maps. A policy map can contain up to 10 class maps. To add and configure a policy map: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 162
Committed Rate—The committed rate, in Kbps, to which traffic must conform. The range is from 1 to 1000000 Kbps. Committed Burst—The committed burst size, in bytes, to which traffic must conform. The range is from 1 to 204800000 bytes. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
To control general categories of traffic, such as HTTP traffic or traffic from a specific subnet, you can configure ACLs and assign them to one or more VAPs. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 164
To configure client QoS association parameters: Select Client QoS > Client QoS Association in the navigation pane. STEP 1 Client QoS Association 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 165
IPv6—The ACL examines IPv6 packets for matches to ACL rules. MAC—The ACL examines Layer 2 frames for matches to ACL rules. • ACL Name Down—The name of the ACL applied to traffic in the outbound direction. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The Client QoS Status page shows the client QoS settings that are applied to each client currently associated with the WAP device. To show the Client QoS Status page, select Client QoS > Client QoS Status in the navigation pane. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 167
The packet or frame is processed if it is permitted and discarded if it is denied. • ACL Type Down—The type of ACL to apply to traffic in the outbound (WAP-to- client) direction, which can be one of these options: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 168
DiffServ Policy Up—The name of the DiffServ policy applied to traffic sent to the WAP device in the inbound (client-to-WAP) direction. • DiffServ Policy Down—The name of the DiffServ policy applied to traffic from the WAP device in the outbound (WAP-to-client) direction. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
SNMP manager when requested. Managed devices can be network nodes such as WAP devices, routers, switches, bridges, hubs, servers, or printers. The WAP device can function as an SNMP managed device for seamless integration into network management systems. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The community name acts as a simple authentication feature to restrict the machines on the network that can request data to the SNMP agent. The name functions as a password, and the request is assumed to be authentic if the sender knows the password. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 171
10.10.1.129 through 10.10.1.254 can execute SNMP requests on managed devices. In this example, 10.10.1.128 is the network address and 10.10.1.255 is the broadcast address. A total of 126 addresses would be designated. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Each MIB view is defined by two sets of view subtrees, included in or excluded from the MIB view. You can create MIB views to control the OID range that SNMPv3 users can access. The WAP device supports a maximum of 16 views. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 173
A family mask is used to define a family of view subtrees. The family mask indicates which subidentifiers of the associated family OID string are significant to the family's definition. A family of view subtrees enables efficient control access to one row in a table. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
MIB view. The default groups RO and RW cannot be deleted. NOTE The WAP device supports a maximum of eight groups. NOTE Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 175
Write Views—The write access to MIBs for the group, which can be one of these options: view-all—The group can create, alter, and delete MIBs. view-none—The group cannot create, alter, or delete MIBs. • Read Views—The read access to MIBs for the group: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
User Name—A name that identifies the SNMPv3 user. User names can contain up to 32 alphanumeric characters. • Group—The group that the user is mapped to. The default groups are RWAuth, RWPriv, and RO. You can define additional groups on the SNMP Groups page. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Each target is defined with a target IP address, UDP port, and SNMPv3 user name. SNMPv3 user configuration (see the Users page) should be completed before configuring NOTE SNMPv3 targets. The WAP device supports a maximum of eight targets. NOTE Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 178
Click Save. The user is added to the SNMPv3 Targets list and your changes are saved to the STEP 5 Startup Configuration. To remove an SMMP target, select the user in the list and click Delete. NOTE Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The Captive Portal feature is available only on the Cisco WAP321 device. NOTE The Captive Portal feature is available on the WAP5xx devices and the Cisco WAP321 device. NOTE Authenticated users must be validated against a database of authorized Captive Portal groups or users before access is granted.
443 by default. You can configure an additional port for HTTPS traffic. Enter port number between 1025 and 65535, or 443. The HTTP and HTTPs ports cannot be the same. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Enter an Instance Name and click Save. The instance name can include from 1 to 32 STEP 3 alphanumeric characters and the underscore. Select the instance name from the Captive Port Instances list. STEP 4 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 182
The certificate is presented to the user at connection time. • Verification—The authentication method for CP to use to verify clients: Guest—The user does not need to be authenticated by a database. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 183
IPv4 and IPv6 RADIUS address settings, but the WAP device contacts only the RADIUS server or servers of the address type you select in this field. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 184
CP instance from the Web Customization page. • Delete Instance—Deletes the current instance. Click Save. Your changes are saved to the Startup Configuration. STEP 6 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
VAP. The associated CP instance settings applies to users who attempt to authenticate on the VAP. To associate an instance to a VAP: Select Captive Portal > Instance Association in the navigation pane. STEP 1 Instance Association 121/321 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
You use the Web Portal Customization page to create unique pages for different locales on your network, and to customize the text and images on the pages. To create and customize a CP authentication page: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 187
The user can select a link to switch to that locale. Click Save. The changes are saved to the Startup Configuration. STEP 5 From the Captive Portal Web Locale list, select the locale you created. STEP 6 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 188
Captive Portal Web Portal Customization The page shows additional fields for modifying the locale. The Locale ID and Instance Name fields cannot be edited. The editable fields are populated with default values. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 189
STEP 7 • Background Image Name—The image to show as the page background. You can click Upload/Delete Custom Image to upload images for Captive Portal instances. See Uploading and Deleting Images. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 190
Browser Content—The text that shows in the page header, to the right of the logo. The range is from 1 to 128 characters. The default is Welcome to the Wireless Network. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 191
You can click Preview to show the text and images that have already been saved to the Startup NOTE Configuration. If you make a change, click Save before clicking Preview to see your changes. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 192
Background Image Name, Logo Image Name, or Account Image fields. The Web Portal Custom Image page appears. Web Portal Custom Image Browse to select the image. STEP 2 Click Upload. STEP 3 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Enter a Group Name and click Save. The changes are saved to the Startup Configuration. STEP 2 To delete a group, select it in the Captive Portal Groups list, select the Delete Group check box, NOTE and click Save. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
You can use the Local Users page to configure up to 128 authorized users in the local database. To add and configure a local user: Select Captive Portal > Local Users in the navigation pane. STEP 1 Local Users Enter a User Name and click Save. STEP 2 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 195
This setting limits the bandwidth used to send data into the network. The range is from 0 to 300 Mbps. The default is 0. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Local—The WAP device uses a local database to authenticated users. RADIUS—The WAP device uses a database on a remote RADIUS server to authenticate users. • VAP ID—The VAP that the user is associated with. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Radio ID—The ID of the radio. Because the WAP321 has a single radio, this field always shows Radio1.For the single-radio WAP551 device, this field shows Radio 1. For the dual radio WAP561 device, this field shows Radio 1 or Radio 2.
Page 198
Radio ID—The ID of the radio. Because the WAP321 has a single radio, this field shows Radio1.For the single-radio WAP551 device, this field shows Radio 1. For the dual radio WAP561 device, this field shows Radio 1 or Radio 2.
When you first set up your WAP device, you can use the Setup Wizard to configure Single Point Setup or join an existing Single Point Setup. If you prefer not to use the Setup Wizard, you can use the web-based configuration utility. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 200
Single Point Setup creates a dynamic, configuration-aware cluster, or group, of WAP devices in the same subnet of a network. A cluster supports a group of up to 16 configured WAP551 and WAP561 devices, but no other models in the same cluster.
Page 201
In other words, loss of contact with the cluster does not necessarily prevent wireless clients associated with that WAP device from continued access to network resources. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 202
Management Access Control SNMP General and SNMPv3 Networks WPA-PSK Complexity Time Settings Radio Configuration Settings and Parameters that are Propagated in Single Point Setup Mode Fragmentation Threshold RTS Threshold Rate Sets Primary Channel Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 203
Other Configuration Settings and Parameters That Are Not Propagated in Single Point Setup Bandwidth Utilization Port Settings Bonjour VLAN and IPv4 IPv6 Address WDS Bridge IPv6 Tunnel Packet Capture WorkGroup Bridge Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Location—Enter a description of where the access point is physically located, for example, Reception. The location field is optional. • Cluster Name—Enter the name of the cluster for the WAP device to join, for example Reception_Cluster. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 205
Single Point Setup works only with devices using the same type of IP addressing. It does not work with a group of WAP devices where some have IPv4 addresses and some have IPv6 addresses. Click Enable Single Point Setup. STEP 3 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 206
Adding a New Access Point to a Single Point Setup Cluster Adding an Access Point to a Single Point Setup To add a new access point that is currently in standalone mode into a Single Point Setup cluster: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 207
Select Single Point Setup > Access Points in the navigation pane. STEP 2 Click Disable Single Point Setup. STEP 3 The Single Point Setup status field for that access point will now show Disabled. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 208
ARPs on the management VLAN so that the mapping between the new IP address and the MAC-address is established in the subnet. The Cluster IP address configuration is shared among all the clustered APs. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
AP Location—The location of the access point. The location is derived from the location specified on the Administration > System Settings page. • User MAC—The MAC address of the wireless client. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Wi-Fi bandwidth to help maintain efficient communication over the wireless network. The automatic channel assignment feature is disabled by default. The state of channel management (enabled or disabled) is propagated to the other devices in the Single Point Setup cluster. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 211
To start automatic channel assignment, click Start. STEP 2 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 212
Band—The band on which the access point is broadcasting. • Channel—The radio channel on which this access point is currently broadcasting. • Locked—Forces the access point to remain on the current channel. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
The default is 75 percent. Use the drop-down menu to choose percentages ranging from 5 percent to 75 percent. Using this setting lets you set a threshold gain in efficiency for channel Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
To view neighboring devices, select Single Point Setup > Wireless Neighborhood in the navigation pane. To see all the devices detected on a given Single Point Setup, navigate to the Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 215
If there is only one WAP device in the cluster, only a single IP address column shows, indicating that the WAP device is grouped with itself. You can click on an IP address to view more details on a particular WAP device. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
• SSID—The Service Set Identifier for the neighboring access point. • MAC Address—The MAC address of the neighboring access point. • Channel—The channel on which the access point is currently broadcasting. Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 217
Select Single Point Setup > Cluster Firmware Upgrade in the navigation pane. STEP 1 Select the checkbox of the AP to be upgraded. STEP 2 Click Save. STEP 3 To get the latest cluster firmware upgrade status: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 218
Click Start-Upgrade to apply the new firmware image. STEP 3 Overall upgrade status shows the combined upgrade status (Not Initialized/In Progress/ NOTE Completed/Fail/Abort_admin/ None) of all the cluster members. To stop the cluster member upgrade from Dominant AP: Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 219
Single Point Setup Cluster Firmware Upgrade Click Stop-Upgrade. STEP 1 Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 220
Single Point Setup Cluster Firmware Upgrade Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Deauthenticated because sending station (STA) is leaving or has left Independent Basic Service Set (IBSS) or ESS Disassociated due to inactivity Disassociated because WAP device is unable to handle all currently associated STAs Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 222
Element in 4-Way Handshake different from (Re)Association Request/ Probe Response/Beacon frame Invalid group cipher Invalid pairwise cipher Invalid AKMP Unsupported RSNE version Invalid RSNE capabilities IEEE 802.1X authentication failed Cipher suite rejected because of the security policy Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Where to Go From Here Cisco provides a wide range of resources to help you and your customer obtain the full benefits of the Cisco WAP551 and WAP561 Access Point. Support Cisco Small Business Support www.cisco.com/go/smallbizsupport Community Cisco Small Business Support www.cisco.com/go/smallbizhelp...
Page 224
Where to Go From Here Cisco Small Business WAP551 and WAP561 Wireless-N Access Point...
Page 225
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.