Cisco 2100 Series Configuration Manual

30

Chapter 1 Overview

• 31

  Single-Controller Deployments
• 32

  Multiple-Controller Deployments
• 33

  Operating System Security
• 34

  Layer 2 and Layer 3 Operation
  • 35

    Client Location
  • 36

    Cisco 2100 Series Controllers
  • 37

    Catalyst 6500 Series Wireless Services Module
  • 38

    Cisco 7600 Series Router Wireless Services Module
  • 39

    Cisco 28/37/38Xx Series Integrated Services Router
• 40

  Cisco UWN Solution Wired Connections
  • 41

    Identity Networking
• 42

  Power Over Ethernet
• 42

  File Transfers
• 43

  Startup Wizard
• 43

  Cisco Wireless LAN Controller Memory
• 44

  Cisco Wireless LAN Controller Failover Protection
• 45

  Network Connections to Cisco Wireless LAN Controllers
  • 45

    Cisco 2100 Series Wireless LAN Controllers
  • 46

    Cisco 4400 Series Wireless LAN Controllers

47

Chapter 2 Using the Web-Browser and CLI Interfaces

• 48

  Using the Web-Browser Interface
  • 48

    Guidelines for Using the GUI
  • 48

    Opening the GUI
  • 48

    Enabling Web and Secure Web Modes
    • 49

      Using the GUI to Enable Web and Secure Web Modes
    • 50

      Using the CLI to Enable Web and Secure Web Modes
    • 51

      Loading an Externally Generated SSL Certificate
• 53

  Using the CLI
  • 53

    Logging Into the CLI
    • 54

      Using a Local Serial Connection
    • 54

      Using a Remote Ethernet Connection
  • 55

    Logging Out of the CLI
  • 55

    Navigating the CLI
• 55

  Enabling Wireless Connections to the Web-Browser and CLI Interfaces
• 58

  Overview of Ports and Interfaces
  • 58

    Ports
    • 60

      Distribution System Ports
    • 61

      Service Port
  • 62

    Interfaces
    • 62

      Management Interface
    • 62

      Ap-Manager Interface
    • 63

      Virtual Interface
    • 64

      Service-Port Interface
    • 64

      Dynamic Interface
  • 65

    Wlans
• 66

  Configuring the Management, Ap-Manager, Virtual, and Service-Port Interfaces
  • 67

    Using the GUI to Configure the Management, Ap-Manager, Virtual, and Service-Port Interfaces
    • 69

      Using the CLI to Configure the Management, Ap-Manager, Virtual, and Service-Port Interfaces
      • 69

        Using the CLI to Configure the Management Interface
      • 70

        Using the CLI to Configure the Ap-Manager Interface
      • 70

        Using the CLI to Configure the Virtual Interface
      • 71

        Using the CLI to Configure the Service-Port Interface
  • 72

    Configuring Dynamic Interfaces
    • 72

      Using the GUI to Configure Dynamic Interfaces
    • 74

      Using the CLI to Configure Dynamic Interfaces
  • 75

    Configuring Ports
    • 78

      Configuring Port Mirroring
    • 79

      Configuring Spanning Tree Protocol
      • 80

        Using the GUI to Configure Spanning Tree Protocol
      • 84

        Using the CLI to Configure Spanning Tree Protocol
  • 85

    Enabling Link Aggregation
    • 88

      Link Aggregation Guidelines
    • 89

      Using the GUI to Enable Link Aggregation
    • 90

      Using the CLI to Enable Link Aggregation
    • 90

      Using the CLI to Verify Link Aggregation Settings
    • 90

      Configuring Neighbor Devices to Support LAG
  • 90

    Configuring a 4400 Series Controller to Support More Than 48 Access Points
    • 91

      Using Link Aggregation
    • 91

      Using Multiple Ap-Manager Interfaces
• 98

  Configuring Controller Settingswireless Device Access
  • 98

    Using the Configuration Wizard
    • 98

      Before You Start
    • 99

      Resetting the Device to Default Settings
      • 99

        Resetting to Default Settings Using the CLI
      • 99

        Resetting to Default Settings Using the GUI
    • 100

      Running the Configuration Wizard On the CLI
  • 102

    Using the Autoinstall Feature for Controllers Without a Configuration
    • 102

      Overview of Autoinstall
    • 103

      Server
    • 103

      Obtaining an IP Address Through DHCP and Downloading a Configuration File From a TFTP Server
    • 104

      Selecting a Configuration File
    • 105

      Example of Autoinstall Operation
  • 106

    Managing the System Date and Time
    • 106

      Configuring an NTP Server to Obtain the Date and Time
    • 106

      Configuring the Date and Time Manually
    • 106

      Using the GUI to Configure the Date and Time
    • 107

      Using the CLI to Configure the Date and Time
• 110

  Configuring 802.11 Bands
  • 110

    Using the GUI to Configure 802.11 Bands
  • 111

    Using the CLI to Configure 802.11 Bands

• 113

  Using the GUI to Configure 802.11N Parameters
• 115

  Using the CLI to Configure 802.11N Parameters

116

Chapter 4 Configuring Controller Settingswireless Device Access

• 116

  Step 10 to Save Your Changes, Enter This Command
  • 116

    Save Config
• 116

  Step 4
  • 116

    Show {802.11A | 802.11B
  • 116

    Information Similar to the Following Appears
  • 116

    Network
• 118

  Configuring DHCP Proxy
  • 118

    Using the GUI to Configure DHCP Proxy
  • 119

    Using the CLI to Configure DHCP Proxy
• 119

  Configuring Administrator Usernames and Passwords
  • 119

    Configuring Usernames and Passwords
  • 120

    Restoring Passwords
• 120

  Configuring SNMP
• 121

  Changing the Default Values of SNMP Community Strings
  • 121

    Using the GUI to Change the SNMP Community String Default Values
  • 123

    Using the CLI to Change the SNMP Community String Default Values
• 123

  Changing the Default Values for SNMP V3 Users
  • 123

    Using the GUI to Change the SNMP V3 User Default Values
  • 125

    Using the CLI to Change the SNMP V3 User Default Values
• 125

  Configuring Aggressive Load Balancing
  • 126

    Using the GUI to Configure Aggressive Load Balancing
  • 126

    Using the CLI to Configure Aggressive Load Balancing
• 127

  Configuring Fast SSID Changing
  • 127

    Using the GUI to Configure Fast SSID Changing
  • 127

    Using the CLI to Configure Fast SSID Changing
• 127

  Enabling 802.3X Flow Control
• 128

  Configuring 802.3 Bridging
  • 128

    Using the GUI to Configure 802.3 Bridging
  • 129

    Using the CLI to Configure 802.3 Bridging
• 130

  Configuring Multicast Mode
  • 130

    Understanding Multicast Mode
  • 131

    Guidelines for Using Multicast Mode
  • 132

    Using the GUI to Enable Multicast Mode
  • 133

    Using the GUI to View Multicast Groups
  • 134

    Using the CLI to Enable Multicast Mode
  • 135

    Using the CLI to View Multicast Groups
  • 135

    Using the CLI to View an Access Point's Multicast Client Table
• 136

  Configuring Client Roaming
  • 136

    Intra-Controller Roaming
  • 136

    Inter-Controller Roaming
  • 136

    Inter-Subnet Roaming
  • 136

    Voice-Over-Ip Telephone Roaming
  • 137

    CCX Layer 2 Client Roaming
    • 138

      Using the GUI to Configure CCX Client Roaming Parameters
    • 139

      Using the CLI to Configure CCX Client Roaming Parameters
    • 139

      Using the CLI to Obtain CCX Client Roaming Information
    • 140

      Using the CLI to Debug CCX Client Roaming Issues
• 140

  Configuring IP-MAC Address Binding
• 141

  Configuring Quality of Service
  • 141

    Configuring Quality of Service Profiles
    • 141

      Using the GUI to Configure Qos Profiles
    • 143

      Using the CLI to Configure Qos Profiles
  • 144

    Configuring Quality of Service Roles
    • 144

      Using the GUI to Configure Qos Roles
    • 146

      Using the CLI to Configure Qos Roles
• 148

  Configuring Voice and Video Parameters
  • 148

    Call Admission Control
    • 148

      Bandwidth-Based CAC
    • 148

      Load-Based CAC
  • 149

    Expedited Bandwidth Requests
  • 150

    U-Apsd
  • 150

    Traffic Stream Metrics
  • 150

    Using the GUI to Configure Voice Parameters
  • 152

    Using the GUI to Configure Video Parameters
  • 153

    Using the GUI to View Voice and Video Settings
  • 158

    Using the CLI to Configure Voice Parameters
  • 159

    Using the CLI to Configure Video Parameters
  • 160

    Using the CLI to View Voice and Video Settings
• 163

  Configuring EDCA Parameters
  • 163

    Using the GUI to Configure EDCA Parameters
  • 164

    Using the CLI to Configure EDCA Parameters
• 165

  Configuring Cisco Discovery Protocol
  • 168

    Using the GUI to Configure Cisco Discovery Protocol
  • 169

    Using the GUI to View Cisco Discovery Protocol Information
  • 173

    Using the CLI to Configure Cisco Discovery Protocol
  • 174

    Using the CLI to View Cisco Discovery Protocol Information
• 175

  Configuring RFID Tag Tracking
  • 177

    Using the CLI to Configure RFID Tag Tracking
  • 178

    Using the CLI to View RFID Tag Tracking Information
  • 179

    Using the CLI to Debug RFID Tag Tracking Issues
• 180

  Configuring and Viewing Location Settings
  • 180

    Installing the Location Appliance Certificate
  • 181

    Modifying the NMSP Notification Interval for Clients, RFID Tags, and Rogues
  • 182

    Synchronizing the Controller and Location Appliance
    • 182

      Using the CLI to View Location Settings
• 185

  Configuring the Supervisor 720 to Support the Wism
  • 186

    General Wism Guidelines
  • 186

    Configuring the Supervisor
• 187

  Using the Wireless LAN Controller Network Module
• 190

  Cisco UWN Solution Security
  • 190

    Security Overview
  • 190

    Layer 1 Solutions
  • 190

    Layer 2 Solutions
  • 190

    C H a P T E R 5 Configuring Security Solutions
  • 191

    Layer 3 Solutions
  • 191

    Integrated Security Solutions
• 191

  Configuring RADIUS
  • 192

    Configuring RADIUS On the ACS
  • 194

    Using the GUI to Configure RADIUS
  • 199

    Using the CLI to Configure RADIUS
  • 203

    RADIUS Authentication Attributes Sent By the Access Point
  • 205

    RADIUS Accounting Attributes
• 206

  Configuring TACACS
  • 207

    Configuring TACACS+ On the ACS
  • 211

    Using the GUI to Configure TACACS
  • 213

    Using the CLI to Configure TACACS
  • 215

    Viewing the TACACS+ Administration Server Logs
• 217

  Configuring Local Network Users
  • 218

    Using the GUI to Configure Local Network Users
  • 220

    Using the CLI to Configure Local Network Users
• 221

  Configuring LDAP
  • 221

    Using the GUI to Configure LDAP
  • 224

    Using the CLI to Configure LDAP
• 226

  Configuring Local EAP
  • 228

    Using the GUI to Configure Local EAP
  • 233

    Using the CLI to Configure Local EAP
• 238

  Configuring the System for Spectralink Netlink Telephones
  • 238

    Using the GUI to Enable Long Preambles
  • 239

    Using the CLI to Enable Long Preambles
  • 240

    Using the CLI to Configure Enhanced Distributed Channel Access
• 240

  Using Management Over Wireless
  • 240

    Using the GUI to Enable Management Over Wireless
  • 240

    Using the CLI to Enable Management Over Wireless
• 241

  Configuring DHCP Option 82
• 242

  Configuring and Applying Access Control Lists
  • 243

    Using the GUI to Configure Access Control Lists
  • 247

    Using the GUI to Apply Access Control Lists
    • 247

      Applying an Access Control List to an Interface
    • 247

      Applying an Access Control List to the Controller CPU
    • 247

      Applying an Access Control List to a WLAN
    • 247

      Applying a Preauthentication Access Control List to a WLAN
  • 251

    Using the CLI to Configure Access Control Lists
  • 253

    Using the CLI to Apply Access Control Lists
• 254

  Configuring Management Frame Protection
  • 255

    Guidelines for Using MFP
  • 256

    Using the GUI to Configure MFP
  • 257

    Using the GUI to View MFP Settings
  • 258

    Using the CLI to Configure MFP
  • 259

    Using the CLI to View MFP Settings
  • 261

    Using the CLI to Debug MFP Issues
• 261

  Configuring Client Exclusion Policies
• 262

  Configuring Identity Networking
  • 262

    Identity Networking Overview
  • 263

    RADIUS Attributes Used in Identity Networking
    • 263

      Qos-Level
    • 263

      Acl-Name
    • 264

      Interface-Name
    • 264

      Vlan-Tag
    • 265

      Tunnel Attributes
  • 266

    Configuring AAA Override
    • 266

      Updating the RADIUS Server Dictionary File for Proper Qos Values
    • 267

      Using the GUI to Configure AAA Override
    • 268

      Using the CLI to Configure AAA Override
• 268

  Managing Rogue Devices
  • 268

    Challenges
  • 269

    Detecting Rogue Devices
  • 269

    Classifying Rogue Access Points
    • 272

      WCS Interaction
  • 272

    Configuring RLDP
    • 272

      Using the GUI to Configure RLDP
    • 273

      Using the CLI to Configure RLDP
  • 275

    Configuring Rogue Classification Rules
    • 275

      Using the GUI to Configure Rogue Classification Rules
    • 278

      Using the CLI to Configure Rogue Classification Rules
  • 281

    Viewing and Classifying Rogue Devices
    • 281

      Using the GUI to View and Classify Rogue Devices
    • 286

      Using the CLI to View and Classify Rogue Devices
• 291

  Configuring IDS
  • 291

    Configuring IDS Sensors
    • 291

      Using the GUI to Configure IDS Sensors
    • 293

      Using the CLI to Configure IDS Sensors
    • 294

      Viewing Shunned Clients
  • 295

    Configuring IDS Signatures
    • 297

      Using the GUI to Configure IDS Signatures
    • 303

      Using the CLI to Configure IDS Signatures
    • 305

      Using the CLI to View IDS Signature Events
• 307

  Configuring Wips
  • 307

    Configuring Wips On an Access Point
  • 308

    Viewing Wips Information
• 310

  Configuring Maximum Local Database Entries
  • 310

    Using the GUI to Configure Maximum Local Database Entries
  • 310

    Using the CLI to Specify the Maximum Number of Local Database Entries
• 310

  Detecting Active Exploits

311

Chapter 6 Configuring Wlanswireless Device Access

• 311

  Configuring Wlans
  • 313

    Creating Wlans
    • 313

      Using the GUI to Create Wlans
    • 315

      Using the CLI to Create Wlans
  • 317

    Searching Wlans
• 311

  WLAN Overview
• 318

  Configuring DHCP
  • 318

    Internal DHCP Server
  • 318

    External DHCP Servers
  • 318

    DHCP Assignment
  • 319

    Security Considerations
  • 319

    Using the GUI to Configure DHCP
  • 320

    Using the CLI to Configure DHCP
  • 321

    Using the CLI to Debug DHCP
  • 321

    Configuring DHCP Scopes
• 324

  Configuring MAC Filtering for Wlans
  • 325

    Enabling MAC Filtering
  • 325

    Creating a Local MAC Filter
  • 325

    Configuring a Timeout for Disabled Clients
• 325

  Assigning Wlans to Interfaces
• 326

  Configuring the DTIM Period
  • 326

    Using the GUI to Configure the DTIM Period
  • 327

    Using the CLI to Configure the DTIM Period
• 328

  Configuring Peer-To-Peer Blocking
  • 329

    Guidelines for Using Peer-To-Peer Blocking
  • 329

    Using the GUI to Configure Peer-To-Peer Blocking
  • 330

    Using the CLI to Configure Peer-To-Peer Blocking
• 330

  Configuring Layer 2 Security
  • 331

    Static WEP Keys
  • 331

    Dynamic 802.1X Keys and Authorization
  • 332

    Configuring a WLAN for Both Static and Dynamic WEP
  • 332

    WPA1 and WPA2
  • 335

    Ckip
• 337

  Configuring a Session Timeout
  • 337

    Using the GUI to Configure a Session Timeout
  • 338

    Using the CLI to Configure a Session Timeout
  • 339

    VPN Passthrough
  • 339

    Web Authentication
• 340

  Assigning a Qos Profile to a WLAN
  • 341

    Using the GUI to Assign a Qos Profile to a WLAN
  • 342

    Using the CLI to Assign a Qos Profile to a WLAN
• 342

  Configuring Qos Enhanced BSS
  • 344

    Guidelines for Configuring QBSS
  • 344

    Additional Guidelines for Using 7921 and 7920 Wireless IP Phones
  • 345

    Using the GUI to Configure QBSS
    • 346

      Using the CLI to Configure QBSS
    • 346

      Configuring Ipv6 Bridging
      • 347

        Guidelines for Using Ipv6 Bridging
      • 348

        Using the GUI to Configure Ipv6 Bridging
      • 349

        Using the CLI to Configure Ipv6 Bridging
    • 349

      Configuring Cisco Client Extensions
      • 350

        Using the GUI to Configure CCX Aironet Ies
      • 350

        Using the GUI to View a Client's CCX Version
      • 352

        Using the CLI to Configure CCX Aironet Ies
      • 352

        Using the CLI to View a Client's CCX Version
    • 352

      Configuring Access Point Groups
      • 354

        Creating Access Point Groups
    • 359

      Configuring Web Redirect With 802.1X Authentication
      • 359

        Conditional Web Redirect
      • 360

        Splash Page Web Redirect
      • 360

        Configuring the RADIUS Server
      • 361

        Using the GUI to Configure Web Redirect
      • 362

        Using the CLI to Configure Web Redirect
    • 363

      Disabling Accounting Servers Per WLAN
    • 364

      Disabling Coverage Hole Detection Per WLAN
      • 364

        Using the GUI to Disable Coverage Hole Detection On a WLAN
      • 365

        Using the CLI to Disable Coverage Hole Detection On a WLAN
    • 365

      Configuring NAC Out-Of-Band Integration
      • 366

        Guidelines for Using NAC Out-Of-Band Integration
      • 367

        Using the GUI to Configure NAC Out-Of-Band Integration
      • 370

        Using the CLI to Configure NAC Out-Of-Band Integration
• 373

  Controlling Lightweight Access Points
  • 374

    Access Point Communication Protocols
    • 374

      Guidelines for Using CAPWAP
    • 374

      The Controller Discovery Process
    • 374

      C H a P T E R 7 Controlling Lightweight Access Points
    • 376

      Verifying That Access Points Join the Controller
      • 376

        Using the GUI to Verify That Access Points Join the Controller
      • 376

        Using the CLI to Verify That Access Points Join the Controller
    • 377

      Viewing CAPWAP MTU Information
    • 377

      Debugging CAPWAP
  • 377

    Configuring Global Credentials for Access Points
    • 378

      Using the GUI to Configure Global Credentials for Access Points
    • 380

      Using the CLI to Configure Global Credentials for Access Points
• 381

  Configuring Authentication for Access Points
  • 382

    Using the GUI to Configure Authentication for Access Points
  • 384

    Using the CLI to Configure Authentication for Access Points
  • 386

    Configuring the Switch for Authentication
• 386

  Embedded Access Points
• 388

  Autonomous Access Points Converted to Lightweight Mode
  • 388

    Guidelines for Using Access Points Converted to Lightweight Mode
  • 389

    Reverting From Lightweight Mode to Autonomous Mode
    • 389

      Using a Controller to Return to a Previous Release
    • 389

      Using the MODE Button and a TFTP Server to Return to a Previous Release
  • 390

    Authorizing Access Points
    • 390

      Authorizing Access Points Using Sscs
    • 390

      Authorizing Access Points Using Mics
    • 391

      Authorizing Access Points Using Lscs
    • 394

      Using the GUI to Authorize Access Points
    • 395

      Using the CLI to Authorize Access Points
  • 396

    Using DHCP Option 43 and DHCP Option 60
  • 396

    Troubleshooting the Access Point Join Process
    • 398

      Configuring the Syslog Server for Access Points
    • 398

      Viewing Access Point Join Information
  • 400

    Using a Controller to Send Debug Commands to Access Points Converted to Lightweight Mode
  • 400

    Converted Access Points Send Crash Information to Controller
  • 400

    Converted Access Points Send Radio Core Dumps to Controller
    • 401

      Using the CLI to Retrieve Radio Core Dumps
    • 401

      Using the GUI to Upload Radio Core Dumps
    • 402

      Using the CLI to Upload Radio Core Dumps
  • 403

    Uploading Memory Core Dumps From Converted Access Points
    • 403

      Using the GUI to Upload Access Point Core Dumps
    • 404

      Using the CLI to Upload Access Point Core Dumps
  • 404

    Display of MAC Addresses for Converted Access Points
  • 405

    Disabling the Reset Button On Access Points Converted to Lightweight Mode
  • 405

    Configuring a Static IP Address On an Access Point Converted to Lightweight Mode
  • 405

    Supporting Oversized Access Point Images
• 406

  Cisco Workgroup Bridges
  • 407

    Guidelines for Using Wgbs
  • 409

    Sample WGB Configuration
  • 409

    Using the GUI to View the Status of Workgroup Bridges
  • 412

    Using the CLI to View the Status of Workgroup Bridges
  • 412

    Using the CLI to Debug WGB Issues
• 413

  Configuring Backup Controllers
  • 414

    Using the GUI to Configure Backup Controllers
  • 416

    Using the CLI to Configure Backup Controllers
• 418

  Configuring Failover Priority for Access Points
  • 418

    Using the GUI to Configure Failover Priority for Access Points
  • 420

    Using the CLI to Configure Failover Priority for Access Points
  • 420

    Using the CLI to View Failover Priority Settings
• 421

  Configuring Country Codes
  • 421

    Guidelines for Configuring Multiple Country Codes
  • 422

    Using the GUI to Configure Country Codes
  • 424

    Using the CLI to Configure Country Codes
• 427

  Migrating Access Points From the -J Regulatory Domain to the -U Regulatory Domain
  • 428

    Guidelines for Migration
  • 428

    Migrating Access Points to the -U Regulatory Domain
• 430

  Dynamic Frequency Selection
• 430

  Using the W56 Band in Japan
• 431

  Optimizing RFID Tracking On Access Points
  • 431

    Using the GUI to Optimize RFID Tracking On Access Points
  • 433

    Using the CLI to Optimize RFID Tracking On Access Points
• 434

  Configuring Probe Request Forwarding
• 435

  Retrieving the Unique Device Identifier On Controllers and Access Points
  • 435

    Using the GUI to Retrieve the Unique Device Identifier On Controllers and Access Points
  • 436

    Using the CLI to Retrieve the Unique Device Identifier On Controllers and Access Points
• 436

  Performing a Link Test
  • 437

    Using the GUI to Perform a Link Test
  • 439

    Using the CLI to Perform a Link Test
• 439

  Configuring Link Latency
  • 440

    Using the GUI to Configure Link Latency
  • 441

    Using the CLI to Configure Link Latency
• 442

  Configuring Power Over Ethernet
  • 443

    Using the GUI to Configure Power Over Ethernet
  • 445

    Using the CLI to Configure Power Over Ethernet
• 446

  Configuring Flashing Leds
• 446

  Viewing Clients
  • 446

    Using the GUI to View Clients
  • 450

    Using the CLI to View Clients

453

Chapter 8 Controlling Mesh Access Points

• 454

  Cisco Aironet Mesh Access Points
  • 454

    Access Point Roles
  • 454

    Chapter 8 Controlling Mesh Acces Point
  • 455

    Network Access
  • 456

    Deployment Modes
    • 456

      Cisco Wireless Mesh Network
    • 456

      Wireless Backhaul
    • 457

      Point-To-Point Wireless Bridging
    • 457

      Point-To-Multipoint Wireless Bridging
• 458

  Architecture Overview
  • 458

    Capwap
  • 458

    Cisco Adaptive Wireless Path Protocol Wireless Mesh Routing
    • 459

      Mesh Neighbors, Parents, and Children
    • 459

      Wireless Mesh Constraints
• 462

  Adding Mesh Access Points to the Mesh Network
  • 462

    Adding MAC Addresses of Mesh Access Points to the Controller Filter List
  • 465

    Configuring External Authentication and Authorization Using a RADIUS Server
  • 468

    Defining the Mesh Access Point Role
  • 468

    Configuring Global Mesh Parameters
  • 474

    Configuring Local Mesh Parameters
  • 476

    Client Roaming
  • 477

    Configuring Ethernet Bridging and Ethernet VLAN Tagging
• 484

  Configuring Advanced Features
  • 484

    Configuring Voice Parameters in Mesh Networks
    • 484

      Cac
    • 484

      Qos and DSCP Marking
    • 485

      Guidelines for Using Voice On the Mesh Network
    • 486

      Voice Call Support in a Mesh Network
    • 486

      Using the CLI to View Voice Details for Mesh Networks
  • 489

    Enabling Mesh Multicast Containment for Video
    • 491

      Backhaul Client Access (Universal Access) for Indoor and Outdoor Mesh Access Points
• 491

  Viewing Mesh Statistics and Reports
  • 491

    Viewing Mesh Statistics for an Access Point
    • 491

      Using the GUI to View Mesh Statistics for an Access Point
    • 495

      Using the CLI to View Mesh Statistics for an Access Point
  • 496

    Viewing Neighbor Statistics for an Access Point
    • 496

      Using the GUI to View Neighbor Statistics for an Access Point
    • 499

      Using the CLI to View Neighbor Statistics for an Access Point
• 500

  Converting Indoor Access Points to Mesh Access Points (1130AG, 1240AG)
• 501

  Changing MAP and RAP Roles for Indoor Mesh Access Points (1130AG, 1240AG)
  • 501

    Using the GUI to Change MAP and RAP Roles for Indoor Mesh Access Points
  • 501

    Using the CLI to Change MAP and RAP Roles for Indoor Mesh Access Points
• 502

  Converting Indoor Mesh Access Points to Non-Mesh Lightweight Access Points (1130AG, 1240AG)
• 503

  Configuring Mesh Access Points to Operate With Cisco 3200 Series Mobile Access Routers
  • 503

    Configuration Guidelines
  • 504

    Using the GUI to Enable Mesh Access Points to Operate With Cisco 3200 Series Mobile Access Routers
  • 505

    Using the CLI to Enable Mesh Access Points to Operate With Cisco 3200 Series Mobile Access Routers

507

Chapter 9 Managing Controller Software and Configurations

• 508

  Upgrading Controller Software
  • 508

    Guidelines for Upgrading Controller Software
  • 509

    Guidelines for Upgrading to Controller Software 5.2 in Mesh Networks
    • 510

      Mandatory Boot Variable Update for Networks With 1522 Access Points
    • 512

      Upgrade Compatibility Matrix
  • 514

    Using the GUI to Upgrade Controller Software
  • 516

    Using the CLI to Upgrade Controller Software
• 519

  Transferring Files to and From a Controller
  • 519

    Downloading Device Certificates
    • 520

      Using the GUI to Download Device Certificates
    • 521

      Using the CLI to Download Device Certificates
  • 522

    Downloading CA Certificates
    • 522

      Using the GUI to Download CA Certificates
    • 523

      Using the CLI to Download CA Certificates
  • 525

    Uploading Pacs
    • 525

      Using the GUI to Upload Pacs
    • 526

      Using the CLI to Upload Pacs
  • 527

    Uploading and Downloading Configuration Files
    • 527

      Uploading Configuration Files
    • 529

      Downloading Configuration Files
• 532

  Saving Configurations
• 533

  Editing Configuration Files
• 534

  Clearing the Controller Configuration
• 534

  Erasing the Controller Configuration
• 534

  Resetting the Controller

537

Chapter 10 Managing User Accounts

• 538

  Creating Guest User Accounts
  • 538

    Creating a Lobby Ambassador Account
    • 538

      Using the GUI to Create a Lobby Ambassador Account
    • 539

      Using the CLI to Create a Lobby Ambassador Account
  • 540

    Creating Guest User Accounts As a Lobby Ambassador
  • 542

    Viewing Guest User Accounts
    • 542

      Using the GUI to View Guest Accounts
    • 543

      Using the CLI to View Guest Accounts
• 543

  Web Authentication Process
• 545

  Choosing the Web Authentication Login Page
  • 546

    Choosing the Default Web Authentication Login Page
    • 546

      Using the GUI to Choose the Default Web Authentication Login Page
    • 547

      Using the CLI to Choose the Default Web Authentication Login Page
    • 549

      Modified Default Web Authentication Login Page Example
  • 550

    Creating a Customized Web Authentication Login Page
  • 552

    Using a Customized Web Authentication Login Page From an External Web Server
  • 553

    Downloading a Customized Web Authentication Login Page
    • 553

      Using the CLI to Choose a Customized Web Authentication Login Page From an External Web Server
    • 554

      Using the GUI to Download a Customized Web Authentication Login Page
    • 555

      Using the CLI to Download a Customized Web Authentication Login Page
    • 556

      Customized Web Authentication Login Page Example
    • 556

      Using the CLI to Verify the Web Authentication Login Page Settings
  • 557

    Assigning Login, Login Failure, and Logout Pages Per WLAN
    • 557

      Using the GUI to Assign Login, Login Failure, and Logout Pages Per WLAN
    • 558

      Using the CLI to Assign Login, Login Failure, and Logout Pages Per WLAN
• 559

  Configuring Wired Guest Access
  • 561

    Configuration Overview
  • 561

    Configuration Guidelines
  • 561

    Using the GUI to Configure Wired Guest Access
  • 565

    Using the CLI to Configure Wired Guest Access

571

Chapter 11 Configuring Radio Resource Managementwireless Device Access

• 572

  Overview of Radio Resource Management
  • 572

    Radio Resource Monitoring
  • 572

    Transmit Power Control
  • 573

    Dynamic Channel Assignment
  • 574

    Coverage Hole Detection and Correction
  • 575

    RRM Benefits
• 575

  Overview of RF Groups
  • 576

    RF Group Leader
  • 576

    RF Group Name
• 576

  Configuring an RF Group
  • 577

    Using the GUI to Configure an RF Group
  • 577

    Using the CLI to Configure RF Groups
• 578

  Viewing RF Group Status
  • 578

    Using the GUI to View RF Group Status
  • 579

    Using the CLI to View RF Group Status
• 579

  Configuring RRM
  • 579

    Using the GUI to Configure RRM
    • 580

      Using the GUI to Configure RF Group Mode
    • 580

      Using the GUI to Configure Transmit Power Control
    • 582

      Using the GUI to Configure Dynamic Channel Assignment
    • 585

      Using the GUI to Configure Coverage Hole Detection
    • 587

      Using the GUI to Configure RRM Profile Thresholds, Monitoring Channels, and Monitor Intervals
  • 589

    Using the CLI to Configure RRM
  • 593

    Using the CLI to View RRM Settings
  • 595

    Using the CLI to Debug RRM Issues
• 595

  Overriding RRM
  • 596

    Statically Assigning Channel and Transmit Power Settings to Access Point Radios
    • 596

      Using the GUI to Statically Assign Channel and Transmit Power Settings
    • 600

      Using the CLI to Statically Assign Channel and Transmit Power Settings
  • 603

    Disabling Dynamic Channel and Power Assignment Globally for a Controller
    • 603

      Using the GUI to Disable Dynamic Channel and Power Assignment
    • 603

      Using the CLI to Disable Dynamic Channel and Power Assignment
• 604

  Enabling Rogue Access Point Detection in RF Groups
  • 604

    Using the GUI to Enable Rogue Access Point Detection in RF Groups
  • 606

    Using the CLI to Enable Rogue Access Point Detection in RF Groups
• 606

  Configuring CCX Radio Management Features
  • 607

    Radio Measurement Requests
  • 607

    Location Calibration
  • 607

    Using the GUI to Configure CCX Radio Management
  • 609

    Using the CLI to Configure CCX Radio Management
  • 609

    Using the CLI to Obtain CCX Radio Management Information
  • 611

    Using the CLI to Debug CCX Radio Management Issues
• 611

  Configuring Pico Cell Mode
  • 612

    Guidelines for Using Pico Cell Mode
  • 612

    Using the GUI to Configure Pico Cell Mode
  • 614

    Using the CLI to Configure Pico Cell Mode
  • 615

    Using the CLI to Debug Pico Cell Mode Issues

619

Chapter 12 Configuring Mobility Groupswireless Device Access

• 620

  Overview of Mobility
• 623

  Overview of Mobility Groups
  • 625

    Determining When to Include Controllers in a Mobility Group
  • 625

    Messaging Among Mobility Groups
  • 626

    Using Mobility Groups With NAT Devices
• 627

  Configuring Mobility Groups
  • 627

    Prerequisites
  • 629

    Using the GUI to Configure Mobility Groups
  • 632

    Using the CLI to Configure Mobility Groups
• 634

  Viewing Mobility Group Statistics
  • 634

    Using the GUI to View Mobility Group Statistics
  • 637

    Using the CLI to View Mobility Group Statistics
• 638

  Configuring Auto-Anchor Mobility
  • 639

    Guidelines for Using Auto-Anchor Mobility
  • 639

    Using the GUI to Configure Auto-Anchor Mobility
  • 641

    Using the CLI to Configure Auto-Anchor Mobility
• 643

  WLAN Mobility Security Values
• 644

  Using Symmetric Mobility Tunneling
• 646

  Running Mobility Ping Tests

649

Chapter 13 Configuring Hybrid Reapwireless Device Access

• 650

  Overview of Hybrid REAP
  • 650

    Hybrid-Reap Authentication Process
  • 652

    Hybrid REAP Guidelines
• 653

  Configuring Hybrid REAP
  • 653

    Configuring the Switch at the Remote Site
  • 654

    Configuring the Controller for Hybrid REAP
    • 655

      Using the GUI to Configure the Controller for Hybrid REAP
    • 659

      Using the CLI to Configure the Controller for Hybrid REAP
  • 659

    Configuring an Access Point for Hybrid REAP
    • 659

      Using the GUI to Configure an Access Point for Hybrid REAP
    • 662

      Using the CLI to Configure an Access Point for Hybrid REAP
    • 663

      Connecting Client Devices to the Wlans
  • 663

    Configuring Hybrid-Reap Groups
    • 664

      Hybrid-Reap Groups and Backup RADIUS Servers
    • 664

      Hybrid-Reap Groups and CCKM
    • 665

      Hybrid-Reap Groups and Local Authentication
    • 665

      Using the GUI to Configure Hybrid-Reap Groups
    • 670

      Using the CLI to Configure Hybrid-Reap Groups

673

Appendix

• 673

  Safety Considerations and Translated Safety Warnings
  • 674

    Safety Considerations
  • 674

    Warning Definition
  • 677

    Class 1 Laser Product Warning
  • 679

    Ground Conductor Warning
  • 681

    Chassis Warning for Rack-Mounting and Servicing
  • 690

    Battery Handling Warning for 4400 Series Controllers
  • 692

    Equipment Installation Warning
  • 695

    More Than One Power Supply Warning for 4400 Series Controllers

699

Appendix

• 699

  Declarations of Conformity and Regulatory Information
  • 700

    Regulatory Information for Lightweight Access Points
    • 700

      Manufacturers Federal Communication Commission Declaration of Conformity Statement
    • 700

      A P P E N D I X B Declarations of Conformity and Regulatory Information
    • 701

      Department of Communications-Canada
      • 701

        Canadian Compliance Statement
    • 702

      European Community, Switzerland, Norway, Iceland, and Liechtenstein
      • 702

        Declaration of Conformity With Regard to the R&TTE Directive 1999/5/EC
    • 703

      Declaration of Conformity for RF Exposure
    • 704

      Guidelines for Operating Controllers in Japan
      • 704

        VCCI Class a Warning for 4400 Series Controllers in Japan
      • 704

        VCCI Class B Warning for 2100 Series Controllers in Japan
      • 705

        Power Cable and AC Adapter Warning for Japan
    • 705

      Guidelines for Operating Controllers and Access Points in Japan
    • 706

      Administrative Rules for Cisco Aironet Access Points in Taiwan
      • 706

        Access Points With IEEE 802.11A Radios
      • 707

        All Access Points
    • 708

      Declaration of Conformity Statements
  • 708

    FCC Statement for Cisco 2100 Series Wireless LAN Controllers
  • 708

    FCC Statement for 4400 Series Wireless LAN Controllers
• 709

  End User License and Warranty
  • 710

    End User License Agreement

710

Appendix C End User License and Warranty

• 712

  Limited Warranty
  • 713

    Disclaimer of Warranty
• 714

  General Terms Applicable to the Limited Warranty Statement and End User License Agreement
• 714

  Notices
  • 714

    Openssl/Open SSL Project
    • 715

      License Issues

717

Appendix

• 717

  Troubleshooting
  • 717

    Interpreting Leds
    • 718

      Interpreting Controller Leds
    • 718

      Interpreting Lightweight Access Point Leds
  • 718

    System Messages

719

Appendix D Troubleshooting

• 721

  Using the CLI to Troubleshoot Problems
• 722

  Configuring System and Message Logging
  • 723

    Using the GUI to Configure System and Message Logging
  • 725

    Using the GUI to View Message Logs
  • 726

    Using the CLI to Configure System and Message Logging
  • 728

    Using the CLI to View System and Message Logs
• 729

  Viewing Access Point Event Logs
• 730

  Uploading Logs and Crash Files
  • 730

    Using the GUI to Upload Logs and Crash Files
  • 731

    Using the CLI to Upload Logs and Crash Files
• 733

  Monitoring Memory Leaks
• 733

  Uploading Core Dumps From the Controller
  • 733

    Using the CLI to Upload Controller Core Dumps