Page 1
Cisco Wireless LAN Controller Configuration Guide Software Release 3.2 March 2006 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Text Part Number: OL-8335-02...
Page 2
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco...
Page 3
Operating System Security Cisco WLAN Solution Wired Security Layer 2 and Layer 3 LWAPP Operation Operational Requirements Configuration Requirements Cisco Wireless LAN Controllers Primary, Secondary, and Tertiary Controllers OL-8335-02 xvii xvii xvii xviii xviii xviii Cisco Wireless LAN Controller Configuration Guide...
Page 5
Using the GUI to Configure the Management, AP-Manager, Virtual, and Service-Port Interfaces Using the CLI to Configure the Management, AP-Manager, Virtual, and Service-Port Interfaces Using the CLI to Configure the Management Interface Using the CLI to Configure the AP-Manager Interface OL-8335-02 1-25 1-25 1-26...
Page 6
Configuring SNMP Settings Enabling 802.3x Flow Control Enabling System Logging Enabling Dynamic Transmit Power Control Cisco Wireless LAN Controller Configuration Guide 3-14 3-14 3-16 3-17 3-20 3-21 3-27 3-28 3-29 3-30 3-30 3-31 3-31 3-36 3-13 3-14 3-22 3-26 3-30 OL-8335-02...
Page 7
Hiding and Restoring the Cisco WLAN Solution Logo Changing the Web Authentication Login Window Title Changing the Web Message Changing the Logo Creating a Custom URL Redirect Verifying Web Authentication Changes Example: Sample Customized Web Authentication Login Window OL-8335-02 4-10 4-10 4-10 4-11 4-12 5-11...
Page 8
IKE Phase 1 Aggressive and Main Modes IKE Lifetime Timeout IPSec Passthrough Web-Based Authentication Local Netuser Configuring Quality of Service Configuring QoS Enhanced BSS (QBSS) Cisco Wireless LAN Controller Configuration Guide viii 5-16 5-16 5-17 5-17 5-17 5-18 5-18 5-19 OL-8335-02...
Page 9
Managing Controller Software and Configurations C H A P T E R Transferring Files to and from a Controller Upgrading Controller Software Saving Configurations Clearing the Controller Configuration OL-8335-02 7-10 7-11 7-12 Cisco Wireless LAN Controller Configuration Guide Contents 7-10...
Page 10
Using the GUI to Disable Dynamic Channel and Power Assignment Using the CLI to Disable Dynamic Channel and Power Assignment Viewing Additional RRM Settings Using the CLI Cisco Wireless LAN Controller Configuration Guide 9-11 9-12 9-15 9-16 9-22 9-23 9-28 9-12 9-15 9-24 9-24 9-26 9-27 9-27 9-27 OL-8335-02...
Page 11
Declaration of Conformity for RF Exposure Guidelines for Operating Cisco Aironet Access Points in Japan Administrative Rules for Cisco Aironet Access Points in Taiwan Access Points with IEEE 802.11a Radios All Access Points Declaration of Conformity Statements OL-8335-02 10-1 10-2 10-5 10-7 10-7...
Page 12
A P P E N D I X System Messages Using Client Reason and Status Codes in Trap Logs Client Reason Codes Client Status Codes Using Lightweight Access Point LEDs N D E X Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 13
Preface This preface provides an overview of the Cisco Wireless LAN Controller Configuration Guide (OL-8335-02), references related publications, and explains how to obtain other documentation and technical assistance, if necessary. It contains these sections: Audience, page xiv • Purpose, page xiv •...
Page 14
(RRM) describes mobility groups and explains how to configure describes the end user license and warranty that apply Preface describes how to upgrade and manage lists safety considerations and provides declarations of lists system messages that can appear OL-8335-02...
Page 15
(Voor vertalingen van de waarschuwingen die in deze publicatie verschijnen, kunt u het aanhangsel “Translated Safety Warnings” (Vertalingen van veiligheidsvoorschriften) raadplegen.) OL-8335-02 Cisco Wireless LAN Controller Configuration Guide Conventions...
Page 16
Innan du utför arbete på någon utrustning måste du vara medveten om farorna med elkretsar och känna till vanligt förfarande för att förebygga skador. (Se förklaringar av de varningar som förekommer i denna publikation i appendix "Translated Safety Warnings" [Översatta säkerhetsvarningar].) Cisco Wireless LAN Controller Configuration Guide Preface OL-8335-02...
Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems. Cisco.com You can access the most current Cisco documentation at this URL: http://www.cisco.com/techsupport...
Cisco.com. You can submit comments about Cisco documentation by using the response card (if present) behind the front cover of your document or by writing to the following address: Cisco Systems Attn: Customer Document Ordering 170 West Tasman Drive San Jose, CA 95134-9883 We appreciate your comments.
The link on this page has the current PGP key ID in use. If you do not have or use PGP, contact PSIRT at the aforementioned e-mail addresses or phone numbers before sending any sensitive material to find other means of encrypting the data. OL-8335-02 security-alert@cisco.com psirt@cisco.com...
(S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly. Cisco Wireless LAN Controller Configuration Guide Preface OL-8335-02...
Cisco Press publishes a wide range of general networking, training and certification titles. Both new • and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL: http://www.ciscopress.com OL-8335-02 Obtaining Additional Publications and Information Cisco Wireless LAN Controller Configuration Guide...
Page 22
You can access Packet magazine at this URL: http://www.cisco.com/packet iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies • learn how they can use technology to increase revenue, streamline their business, and expand services.
Page 23
Intrusion Detection Service (IDS), page 1-15 • • Wireless LAN Controller Platforms, page 1-15 Rogue Access Points, page 1-24 • • Web User Interface and the CLI, page 1-25 OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
Page 24
Cisco Wireless LAN Solution components, which can be simultaneously deployed across multiple floors and buildings. 1-25. “Web User Interface and the CLI” section on page Cisco Wireless LAN Controller Configuration Guide Chapter 1 Overview “Web User 1-25. OL-8335-02...
Page 25
Some controllers can connect through multiple physical ports to multiple subnets in the network. This Note feature can be helpful when Cisco WLAN Solution operators want to confine multiple VLANs to separate subnets. Figure 1-2 shows a typical single-controller deployment. OL-8335-02 Cisco Wireless LAN Solution Overview Cisco Wireless LAN Controller Configuration Guide...
Page 26
The following figure shows a typical multiple-controller deployment. The figure also shows an optional dedicated Management Network and the three physical connection types between the network and the controllers. Inter-Subnet (Layer 3) Roaming. Cisco Wireless LAN Controller Configuration Guide Chapter 1 Overview 1-20). OL-8335-02...
Temporal key integrity protocol (TKIP) + message integrity code checksum (Michael) dynamic – keys, or WEP keys, with or without Pre-Shared key Passphrase. – OL-8335-02 “Cisco WLAN Solution Wireless LANs” section on page Cisco Wireless LAN Controller Configuration Guide Operating System Software 1-11.)
Page 28
Cisco Wireless LAN Controller or Cisco 1000 series lightweight access point. “Operating System Security” section on page Chapter 1 Overview 1-5. However, for secure Cisco Wireless Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Cisco Wireless LAN Controller. This process is described in the Failover Protection” section on page OL-8335-02 Layer 2 and Layer 3 LWAPP Operation “Cisco Wireless LAN Controller 1-20.
Discover with a 0.0.0.0 client IP Address or a 169.254.*.* client auto-IP Address, or when the operator-set session timeout is exceeded. “Cisco Wireless LAN Controller Failover Protection” section on page 1-20 Chapter 1 Overview for more Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Cisco WCS database. For more information on location solutions, refer to the Cisco Wireless Control System Configuration Guide and the Cisco Location Appliance Configuration Guide at these URLs: Cisco Wireless Control System Configuration Guide: http://www.cisco.com/en/US/products/ps6305/products_installation_and_configuration_guides_list.ht Cisco Location Appliance Configuration Guide: http://www.cisco.com/en/US/products/ps6386/products_installation_and_configuration_guides_list.ht OL-8335-02 Cisco Wireless LAN Controller Configuration Guide Client Roaming...
IP Address. Note that these wireless LANs do not support management over wireless connections. 1-10 “Cisco WLAN Solution Wireless LANs” section on page for instructions on configuring management over for information on configuring the controller’s interfaces. Chapter 1 Overview 1-11. the“Using Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Solution operator can manage the System across the enabled wireless LAN using CLI and Telnet, http/https, and SNMP. To configure the Cisco WLAN Solution wireless LANs, refer to OL-8335-02 Cisco WLAN Solution Wired Connections Chapter 6, “Configuring WLANs.” Cisco Wireless LAN Controller Configuration Guide...
LAN VLAN to a different VLAN when configured for MAC filtering, 802.1X, and/or WPA Layer 2 authentication. To configure the Cisco WLAN Solution wireless LANs, refer to the section on page 1-12 “Security Overview” section on page 6-2. Chapter 1 Overview 5-2. “Configuring Wireless LANs” Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
To use Cisco WCS to upgrade software, refer to the Cisco Wireless Control System Configuration • Guide. Click this URL to browse to this document: http://www.cisco.com/en/US/products/ps6305/products_installation_and_configuration_guides_lis t.html OL-8335-02 “Transferring Files to and from a Controller” section on Cisco Wireless LAN Controller Configuration Guide File Transfers 1-13...
A beacon/probe response that allows a Cisco 1000 Series lightweight access point to indicate which • Cisco Wireless LAN Controller it is attached to so that reauthorization events only occur when needed, minimizing inter-Cisco Wireless LAN Controller handoffs and thus reducing CPU usage. 1-14 Chapter 1 Overview Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
802.11 RF environment. The controllers are built around high-performance network and security hardware, resulting in highly-reliable 802.11 enterprise networks with unparalleled security. OL-8335-02 Intrusion Detection Service (IDS) Cisco Wireless LAN Controller Configuration Guide...
850nM (SX) fiber-optic links using LC physical connectors. The two redundant Gigabit Ethernet connections on the Cisco 4100 Series Wireless LAN Controller allow the Cisco 4100 Series Wireless LAN Controller to bypass single network failures. 1-16 Chapter 1 Overview Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
AIR-WLC2006-K9 — The Cisco 2000 Series Wireless LAN Controller communicates with up to six Cisco 1000 series lightweight access points. Note Cisco 2000 Series Wireless LAN Controllers come from the factory with tabletop mounting feet. OL-8335-02 Wireless LAN Controller Platforms Cisco Wireless LAN Controller Configuration Guide 1-17...
Ethernet connections to bypass one or two single network failures, and communicates with up to 100 Cisco 1000 series lightweight access points. Cisco 4400 Series Wireless LAN Controller models come from the factory with integral 19-inch EIA Note equipment rack flush-mount ears. 1-18 Chapter 1 Overview Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
If you want to configure a RADIUS server from the Startup Wizard, the RADIUS server IP address, • communication port, and Secret. Collects the Country Code. • OL-8335-02 1-7. Cisco Wireless LAN Controller Configuration Guide Wireless LAN Controller Platforms “Layer 2 and Layer 3 LWAPP Operation”...
If the access point has no primary, secondary, or tertiary controllers assigned or if its primary, • secondary, or tertiary controllers are unavailable, it attempts to associate with a master controller on the same subnet. 1-20 “Using the Configuration Wizard” section on page Cisco Wireless LAN Controller Configuration Guide Chapter 1 Overview 4-2. OL-8335-02...
Cisco 4100 Series Wireless LAN Controllers, page 1-16 • Cisco 4400 Series Wireless LAN Controllers, page 1-17 • Chapter 3 provides information on configuring the controller’s ports and assigning interfaces to them. Note OL-8335-02 Wireless LAN Controller Platforms Cisco Wireless LAN Controller Configuration Guide 1-21...
The 1000BASE-SX circuits provide 100/1000 Mbps wired connections to the network through 850nM Note (SX) fiber-optic links using LC physical connectors. 1-22 Chapter 1 Overview Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Because this real-time detection is automated, it saves labor costs used for detecting and monitoring rogue access point while vastly improving LAN security. Note that peer-to-peer, or ad-hoc, clients can also be considered rogue access points. 1-24 Chapter 1 Overview Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
LAN Controller and its associated Access Points. Cisco recommends that you enable the https: and disable the http: interfaces to ensure more robust Note security for your Cisco WLAN Solution. OL-8335-02 Web User Interface and the CLI Cisco Wireless LAN Controller Configuration Guide 1-25...
Cisco Wireless LAN Controller and associated Cisco 1000 series lightweight access points. Refer to “Using the CLI” section on page 2-5 and the Cisco Wireless LAN Solution CLI Reference for more information. Cisco Wireless LAN Controller Configuration Guide 1-26 OL-8335-02...
Page 49
Enabling Web and Secure Web Modes, page 2-2 • Using the CLI, page 2-5 • • Enabling Wireless Connections to the Web-Browser and CLI Interfaces, page 2-8 OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
You can also load an externally generated certificate. Follow the instructions in the Externally Generated HTTPS Certificate” section on page 2-3 generated certificate. Chapter 2 Using the Web-Browser and CLI Interfaces for instructions on setting up HTTPS. “Loading an for instructions on loading an externally Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
When you obtain a new certificate from a Certificate Authority, make sure the RSA key embedded in the certificate is at least 768 bits long. OL-8335-02 Enabling Web and Secure Web Modes Cisco Wireless LAN Controller Configuration Guide...
Page 52
Save the SSL certificate, key, and secure web password to NVRAM (non-volatile RAM) so your changes Step 8 are retained across reboots: >save config Are you sure you want to save? (y/n) y Configuration Saved! Chapter 2 Using the Web-Browser and CLI Interfaces Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
A remote console session over Ethernet through the pre-configured Service Port or through • Distribution System Ports Before you log into the CLI, configure your connectivity and environment variables based on the type of connection you use. OL-8335-02 Cisco Wireless LAN Controller Configuration Guide Using the CLI...
Use the controller IP address to Telnet to the CLI. Step 2 At the prompt, log into the CLI. The default username is admin and the default password is admin. Step 3 Chapter 2 Using the Web-Browser and CLI Interfaces Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Command help command ? exit Ctrl-Z save config reset system OL-8335-02 Table 2-1 lists commands you use to navigate the Action At the root level, view systemwide navigation commands View commands available at the current level View parameters for a specific command...
To use the controller GUI to enable wireless connections, browse to the Management Via Wireless page and select the Enable Controller Management to be accessible from Wireless Clients check box. Chapter 2 Using the Web-Browser and CLI Interfaces Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 57
• Configuring Ports, page 3-17 Enabling Link Aggregation, page 3-27 • • Configuring a 4400 Series Controller to Support More Than 48 Access Points, page 3-30 OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
1000Base-X Activity In Use Alarm Console Distribution system Serial ports 1-2 LINK STATUS LINK ALARM UTILITY Distribution system Chapter 3 Configuring Ports and Interfaces Distribution system port 4 In Use Link LINK ports 1-4 Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
1300nM (LX/LH) fiber-optic link using an LC physical connector - 1000BASE-T SFP modules, which provide a 1000-Mbps wired connection to a network through a copper link using an RJ-45 physical connector OL-8335-02 Distribution System Service Ports Ethernet Ports...
The service port is not auto-sensing. You must use the correct straight-through or crossover Ethernet Note cable to communicate with the service port. Chapter 3 Configuring Ports and Interfaces for more information. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
AP-manager interface to control all controller-to-access point communications, regardless of the number of ports. OL-8335-02 Overview of Ports and Interfaces if you want to configure the controller...
Therefore, the virtual interface must be configured with an unassigned and Chapter 5 for additional information on web authentication. Chapter 3 Configuring Ports and Interfaces for information on creating Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
If the port is untagged, all dynamic interfaces must be on a different IP subnet from any other interface configured on the port. Tagged VLANs must be used for dynamic interfaces. Note OL-8335-02 Overview of Ports and Interfaces Cisco Wireless LAN Controller Configuration Guide...
On Cisco switches, the native VLAN of an 802.1Q trunk is an untagged VLAN. Therefore, if you configure an interface to use the native VLAN on a neighboring Cisco switch, make sure you configure the interface on the controller to be untagged. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Follow these steps to display and configure the management, AP-manager, virtual, and service-port interface parameters using the GUI. Click Controller > Interfaces to access the Interfaces page (see Step 1 OL-8335-02 Configuring the Management, AP-Manager, Virtual, and Service-Port Interfaces Figure 3-5).
Page 66
Physical port assignment • Primary and secondary DHCP servers • Access control list (ACL) setting, if required • To create ACLs, follow the instructions in Note 3-10 Chapter 3 Configuring Ports and Interfaces Chapter Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 67
Click Save Configuration to save your changes. Step 4 If you made any changes to the virtual interface, reboot the controller so your changes take effect. Step 5 OL-8335-02 Configuring the Management, AP-Manager, Virtual, and Service-Port Interfaces Chapter Cisco Wireless LAN Controller Configuration Guide...
If the system is operating in Layer 2 mode, the AP-manager interface is not listed. Step 2 Enter show interface detailed ap-manager to view the current AP-manager interface settings. 3-12 Chapter 3 Configuring Ports and Interfaces Chapter Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Enter reset system. At the confirmation prompt, enter Y to save your configuration changes to NVRAM. Step 4 The controller reboots. Enter show interface detailed virtual to verify that your changes have been saved. Step 5 OL-8335-02 Configuring the Management, AP-Manager, Virtual, and Service-Port Interfaces Chapter Cisco Wireless LAN Controller Configuration Guide 3-13...
Interfaces > Edit page for that interface appears (see • To delete an existing dynamic interface, click the interface’s Remove link. 3-14 Chapter 3 Configuring Ports and Interfaces Figure 3-5). Figure Figure 3-7). Go to Step Cisco Wireless LAN Controller Configuration Guide OL-8335-02 3-6).
Page 71
Enter a non-zero value for the VLAN identifier. Tagged VLANs must be used for dynamic Note interfaces. Click Apply to commit your changes. The Interfaces > Edit page appears (see Step 4 Figure 3-7 Interfaces > Edit Page OL-8335-02 Configuring Dynamic Interfaces Figure 3-6. Figure Cisco Wireless LAN Controller Configuration Guide 3-7).
Note type. For instance, Cisco 2000 series controllers and the controller in a Cisco Integrated Services Router have fewer configurable parameters than a Cisco 4400 series controller, which is shown Figure OL-8335-02 Figure 3-9). 3-9. Cisco Wireless LAN Controller Configuration Guide...
Page 74
10 or 100 Mbps, half or full duplex WiSM 1000 Mbps full duplex Integrated 100 Mbps full duplex Services Routers The port’s link status. Values: Link Up or Link Down Cisco Wireless LAN Controller Configuration Guide Configuring Ports and Interfaces OL-8335-02...
Page 75
Parameter Admin Status Physical Mode Link Trap Multicast Appliance Mode OL-8335-02 Description Determines if the connecting device is equipped to receive power through the Ethernet cable and if so provides -48 VDC. Values: Enable or Disable Some older Cisco access points do not draw PoE even if it is Note enabled on the controller port.
Follow these steps if you want to choose an access point that will mirror its traffic to the port you selected on the controller: Click Wireless > All APs to access the All APs page. 3-20 page 3-21 Figure 3-9). Chapter 3 Configuring Ports and Interfaces 3-8). Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
VLAN. STP is disabled for the controller’s distribution system ports by default. The following sections provide instructions for configuring STP for your controller using either the GUI or CLI. OL-8335-02 Configuring Ports Cisco Wireless LAN Controller Configuration Guide...
The port identifier on the designated bridge for this port. The number of times that the port has transitioned from the learning state to the forwarding state. Chapter 3 Configuring Ports and Interfaces Figure 3-8). Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 79
Step 6 Click Controller > Spanning Tree to access the Controller Spanning Tree Configuration page (see Step 7 Figure 3-10). OL-8335-02 Port Spanning Tree Parameters Description The STP administrative mode associated with this port. Options: Off, 802.1D, or Fast Default: Off STP Mode 802.1D...
Page 80
The number of the port that offers the lowest cost path from this bridge to the root bridge. The cost of the path to the root as seen from this bridge. Chapter 3 Configuring Ports and Interfaces Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 81
Table 3-7 Parameter Spanning Tree Algorithm Priority Maximum Age (seconds) OL-8335-02 Controller Spanning Tree Status (continued) Description The maximum age of STP information learned from the network on any port before it is discarded. The amount of time between the transmission of configuration BPDUs by this node on any port when it is the root of the spanning tree or trying to become so.
Default: 2 seconds The length of time that each of the listening and learning states lasts before the port begins forwarding. Options: 4 to 30 seconds Default: 15 seconds Chapter 3 Configuring Ports and Interfaces Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
As long as at least one controller port is functioning, the system continues to operate, access points remain connected to the network, and wireless clients continue to send and receive data. OL-8335-02 Enabling Link Aggregation Cisco Wireless LAN Controller Configuration Guide...
When you disable LAG, you must assign an AP-manager interface to each port on the controller. • 3-28 Figure 3-12 illustrates a scenario where a 4402-50 controller is connected Cisco Wireless LAN Controller Configuration Guide Chapter 3 Configuring Ports and Interfaces OL-8335-02...
Set the LAG Mode on Next Reboot parameter to Enabled. Step 2 Note Choose Disabled if you want to disable LAG. Click Save Configuration to save your changes. Step 3 Step 4 Reboot the controller. OL-8335-02 Enabling Link Aggregation Figure 3-13). Cisco Wireless LAN Controller Configuration Guide 3-29...
Connecting additional ports (for controllers in Layer 2 mode), • Follow the instructions on the page indicated for the method you want to use. 3-30 Chapter 3 Configuring Ports and Interfaces page 3-31 page 3-31 page 3-36 Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Access points may not be distributed completely evenly across all of the AP-manager interfaces, but a certain level of load balancing occurs. OL-8335-02 Configuring a 4400 Series Controller to Support More Than 48 Access Points section below) when port redundancy is a concern.
Page 88
AP-manager interfaces. 3-32 illustrates three AP-manager interfaces, each with a unique primary port and Cisco Wireless LAN Controller Configuration Guide Chapter 3 Configuring Ports and Interfaces Figure 3-14, the static OL-8335-02...
Page 89
AP-manager interfaces to support 100 access points. Each has a unique primary port, but each port is also a secondary port for one of the AP-manager interfaces. Cisco Wireless LAN Controller Configuration Guide 3-33 OL-8335-02...
Page 90
Follow these steps to create multiple AP-manager interfaces. Click Controller > Interfaces to access the Interfaces page. Step 1 Click New. The Interfaces > New page appears (see Step 2 3-34 Chapter 3 Configuring Ports and Interfaces Figure 3-18). Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 91
Click Apply to commit your changes. The Interfaces > Edit page appears (see Step 4 Figure 3-18 Interfaces > Edit Page OL-8335-02 Configuring a 4400 Series Controller to Support More Than 48 Access Points Cisco Wireless LAN Controller Configuration Guide Figure 3-18).
3-36 access access VLAN 992 VLAN 993 port 2 port 3 Cisco Wireless LAN Controller Configuration Guide Chapter 3 Configuring Ports and Interfaces Table 3-8 provides access VLAN 994 port 4 OL-8335-02...
Page 93
Configuring Multicast Mode, page 4-9 • Configuring the Supervisor 720 to Support the WiSM, page 4-10 • Using the Wireless LAN Controller Network Module, page 4-12 • OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
Cisco Integrated Services router) Other port and parameter settings: service port, Radio Resource Management (RRM), third-party • access points, console port, 802.3x flow control, and system logging Cisco Wireless LAN Controller Configuration Guide Chapter 4 Configuring Controller Settings OL-8335-02...
Click Reset. At the prompt, confirm the reset. Step 6 Reboot the unit and do not save changes. Step 7 Use the configuration wizard to enter configuration settings. Step 8 OL-8335-02 Using the Configuration Wizard Cisco Wireless LAN Controller Configuration Guide...
If you need to configure a RADIUS Server, enter yes, and enter the RADIUS server IP address, the communication port, and the shared secret. If you do not need to configure a RADIUS server or you want to configure the server later, enter no. Cisco Wireless LAN Controller Configuration Guide Chapter 4 Configuring Controller Settings OL-8335-02...
Following installation, access to the unit should be password protected by the installer to maintain compliance with regulatory requirements and to ensure proper unit functionality. OL-8335-02 Managing the System Time and Date Cisco Wireless LAN Controller Configuration Guide...
802.11b, 802.11g, and 802.11a Luxembourg 802.11b, 802.11g, and 802.11a Netherlands 802.11b, 802.11g, and 802.11a Portugal 802.11b, 802.11g, and 802.11a Spain 802.11b, 802.11g, and 802.11a Sweden 802.11b, 802.11g, and 802.11a United Kingdom 802.11b, 802.11g, and 802.11a Chapter 4 Configuring Controller Settings OL-8335-02...
Step 1 Enter config snmp community create name to create an SNMP community name. Step 2 Enter config snmp community delete name to delete an SNMP community name. OL-8335-02 Configuring Administrator Usernames and Passwords Cisco Wireless LAN Controller Configuration Guide...
Italy and joins a network there. DTPC is enabled by default. Enter this command to disable or enable DTPC: config {802.11a | 802.11bg} dtpc {enable | disable} Cisco Wireless LAN Controller Configuration Guide Chapter 4 Configuring Controller Settings OL-8335-02...
• Multicast mode works only in Layer 3 LWAPP mode. • Access points in monitor mode, sniffer mode, or rogue detector mode do not join the LWAPP multicast group address. OL-8335-02 Configuring Multicast Mode Cisco Wireless LAN Controller Configuration Guide...
Multicast Mode Enable or disable multicasting Configure the controller to use the unicast method to send multicast packets Configure the controller to use the multicast method to send multicast packets to an LWAPP multicast group. OL-8335-02...
OL-8335-02 for information on configuring the WiSM’s ports and interfaces. Purpose Enter global configuration mode. Create a VLAN to communicate with the data ports on the WiSM and enter interface config mode.
Page 104
Assign an IP address and gateway to the VLAN. Return to global config mode. Configure the VLAN that you created in step 10 to communicate with the WiSM service ports. Return to global config mode. Verify that the WiSM is operational. Configuring Controller Settings OL-8335-02...
CNM boots up. To reset the CNM from the router, enter this command on the router CLI: service-module wlan-controller 1/0 reset OL-8335-02 Using the Wireless LAN Controller Network Module Cisco Wireless LAN Controller Configuration Guide 4-13...
Page 106
Chapter 4 Configuring Controller Settings Using the Wireless LAN Controller Network Module Cisco Wireless LAN Controller Configuration Guide 4-14 OL-8335-02...
Page 107
Using Management over Wireless, page 5-6 Configuring DHCP, page 5-7 • • Customizing the Web Authentication Login Screen, page 5-8 Configuring Identity Networking, page 5-16 • OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
Regardless of the wireless security solution selected, all Layer 2 wired communications between Cisco Wireless LAN Controllers and Cisco 1000 Series lightweight access points are secured by passing data through LWAPP tunnels. Cisco Wireless LAN Controller Configuration Guide Chapter 5 Configuring Security Solutions OL-8335-02...
MAC address. The operator then has the option of marking them as Known or Acknowledged rogue access points (no further action), marking them as Alert rogue access points (watch OL-8335-02 “Tagging and Containing Rogue Access Points” section on page...
Use one of these methods to enable long preambles: Using the GUI to Enable Long Preambles, page 5-5 • Using the CLI to Enable Long Preambles, page 5-5 • Cisco Wireless LAN Controller Configuration Guide Chapter 5 Configuring Security Solutions OL-8335-02...
SpectraLink NetLink phones and you do not need to continue this procedure. This example shows that short preambles are disabled: Short Preamble mandatory... Disabled OL-8335-02 Configuring the System for SpectraLink NetLink Telephones Cisco Wireless LAN Controller Configuration Guide...
Use a wireless client web browser to connect to the Cisco Wireless LAN Controller Management Port Step 5 or DS Port IP Address, and log into the Web User Interface to verify that you can manage the WLAN using a wireless client. Cisco Wireless LAN Controller Configuration Guide Chapter 5 Configuring Security Solutions OL-8335-02...
WLANs page. In the upper-right corner of the WLANs page, click Ping and enter the DHCP server IP Address to verify Step 9 that the WLAN can communicate with the DHCP server. OL-8335-02 Configuring DHCP Cisco Wireless LAN Controller Configuration Guide...
After the client user clicks Yes to proceed (or if the client’s browser does not display a security alert) the web authentication system redirects the client to a login window. Figure 5-2 shows a typical default Web Authentication Login window. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 116
URL. a typical successful login window. Cisco Wireless LAN Controller Configuration Guide 5-10 Typical Web Authentication Login Window section explains how to customize the Cisco WLAN Chapter 5 Configuring Security Solutions Figure 5-3 shows OL-8335-02...
Use this command to change the Web Authentication Login window title: config custom-web webtitle title Use this command to reset the Web Authentication Login window title back to the default setting: clear webtitle OL-8335-02 Typical Successful Login Window Cisco Wireless LAN Controller Configuration Guide Customizing the Web Authentication Login Screen...
180 pixels wide and 360 pixels high. Make sure the image filename does not contain spaces. Step 2 Copy the image file to the default directory on your TFTP server. Step 3 Cisco Wireless LAN Controller Configuration Guide 5-12 Chapter 5 Configuring Security Solutions OL-8335-02...
Page 119
Are you sure you want to start? (y/n) y TFTP Image transfer starting. Image installed. Hiding the Logo To remove the logo from the Web Authentication Login window, enter clear webimage. OL-8335-02 Customizing the Web Authentication Login Screen Cisco Wireless LAN Controller Configuration Guide 5-13...
Custom Title... Welcome to the AcompanyBC Wireless LAN! Custom Message... Contact the System Administrator for a Username and Password. Custom Redirect URL... http://www.AcompanyBC.com External Web Authentication Mode... Disabled External Web Authentication URL... Disabled Cisco Wireless LAN Controller Configuration Guide 5-14 Chapter 5 Configuring Security Solutions OL-8335-02...
Custom Title... Welcome to the AcompanyBC Wireless LAN! Custom Message... Contact the System Administrator for a Username and Password. Custom Redirect URL... http://www.AcompanyBC.com External Web Authentication Mode... Disabled External Web Authentication URL... Disabled Cisco Wireless LAN Controller Configuration Guide 5-15 OL-8335-02...
Cisco Wireless LAN Controller Configuration Guide 5-16 to the client station after it authenticates. This overrides any ACLs that are assigned to Interface-Name VLAN-Tag Chapter 5 Configuring Security Solutions QoS-Level value overrides the is present in a RADIUS Access Accept, the OL-8335-02...
• • Vendor type – 6 Vendor length – >0 • Value – A string that includes the name of the ACL to use for the client • OL-8335-02 Length Vendor-Id | Vendor type QoS Level Length Vendor-Id | Vendor type...
VLANID, the tag field should be set to zero (0x00) in all tunnel attributes. Where alternative tunnel types are to be provided, tag values between 0x01 and 0x1F should be chosen. OL-8335-02 Configuring Identity Networking Cisco Wireless LAN Controller Configuration Guide...
This chapter describes how to configure up to 16 wireless LANs for your Cisco Wireless LAN Solution. This chapter contains these sections: Wireless LAN Overview, page 6-2 • Configuring Wireless LANs, page 6-2 • OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
Leave wireless LANs in disabled mode until you finish configuring them. • Enter config wlan enable wlan-id to enable a wireless LAN. • Enter config wlan delete wlan-id to delete a wireless LAN. Cisco Wireless LAN Controller Configuration Guide Chapter 6 Configuring WLANs OL-8335-02...
Enter config macfilter add mac-addr wlan-id to assign a MAC address to a wireless LAN MAC • filter. Enter show macfilter to verify that MAC addresses are assigned to the wireless LAN. • OL-8335-02 Configuring Wireless LANs Cisco Wireless LAN Controller Configuration Guide...
LANs is 802.1X with dynamic keys enabled. To maintain robust Layer 2 security, leave 802.1X configured on your wireless LANs. To disable or enable the 802.1X configuration, use this command: • config wlan security 802.1X {enable | disable} wlan-id Cisco Wireless LAN Controller Configuration Guide Chapter 6 Configuring WLANs OL-8335-02...
– – config wlan security wpa encryption wep wlan-id {40 | 104 | 128} • Enter show wlan to verify that you have WPA enabled. OL-8335-02 Configuring Wireless LANs Cisco Wireless LAN Controller Configuration Guide...
DES, or no encryption. Enter this command to configure the IPSec encryption method: config wlan security ipsec encryption {3des | aes | des | none} wlan-id • Enter show wlan to verify that the IPSec encryption method is configured. • Cisco Wireless LAN Controller Configuration Guide Chapter 6 Configuring WLANs OL-8335-02...
For seconds, enter a number of seconds from 1800 to 345600 seconds. The default timeout is – 28800 seconds. Enter show wlan to verify that the key timeout is configured. • OL-8335-02 Configuring Wireless LANs Cisco Wireless LAN Controller Configuration Guide...
WMM traffic with various levels of priorities. The access point uses this QoS-profile-specific UP in accordance with the values in value that is visible on the wired LAN. Cisco Wireless LAN Controller Configuration Guide Chapter 6 Configuring WLANs Table 6-1 to derive the IP DSCP OL-8335-02...
The required option requires client devices to use WMM; devices that do not support WMM cannot • join the wireless LAN. Do not enable WMM mode if Cisco 7920 phones are used on your network. Note OL-8335-02 AVVID IP DSCP AVVID 802.1p UP – 46 (EF)
Page 136
7920-support client-cac-limit enable wlan-id The CLIENT-CAC-LIMIT QBSS IE is the only QBSS IE that should be used in networks containing both 1000 series access points and 7920 wireless phones. Cisco Wireless LAN Controller Configuration Guide 6-10 Chapter 6 Configuring WLANs OL-8335-02...
• Using the DNS for Controller Discovery, page 7-7 • Dynamic Frequency Selection, page 7-8 • • Autonomous Access Points Converted to Lightweight Mode, page 7-9 OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
In the Cisco Wireless LAN Solution, most of the processing responsibility is removed from traditional SOHO (small office, home office) access points and resides in the Cisco Wireless LAN Controller. Chapter 7 Controlling Lightweight Access Points Figure 7-1 shows the two types of Cisco 1000 Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Wireless LAN Controller, it supports only one wireless LAN on its local subnet. Figure 7-2 shows a typical Cisco 1030 remote edge lightweight access point configuration: Figure 7-2 Typical 1030 Lightweight Access Point Configuration Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Cisco 1000 Series lightweight access points must use the factory-supplied internal or external antennas to avoid violating FCC requirements and voiding the user’s authority to operate the equipment. Chapter 7 Controlling Lightweight Access Points for information on supported regulatory domains. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
This LED display allows the wireless LAN manager to quickly monitor the Cisco 1000 series lightweight access point status. For more detailed troubleshooting instructions, refer to the Error Messages and Access Point LEDs appendix. OL-8335-02 Lightweight Access Point Overview for antenna patterns.
Cisco 1000 series lightweight access points can receive power from the external power supply (which draws power from a 110-220 VAC electrical outlet) plugged into the side of the access point case, or from Power over Ethernet. Chapter 7 Controlling Lightweight Access Points Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
IP address and DNS information from a DHCP server, it contacts the DNS to resolve CISCO-LWAPP-CONTROLLER.localdomain. When the DNS sends a list of controller IP addresses, the access point sends discovery requests to the controllers. OL-8335-02 Using the DNS for Controller Discovery Cisco Wireless LAN Controller Configuration Guide...
Cisco IOS release using TFTP. In either method, the access point must be able to access a TFTP server that contains the Cisco IOS release to be loaded. OL-8335-02 Autonomous Access Points Converted to Lightweight Mode...
Wait until the access point reboots as indicated by all LEDs turning green followed by the Status LED blinking green. Step 9 After the access point reboots, reconfigure the access point using the GUI or the CLI. 7-10 Chapter 7 Controlling Lightweight Access Points “Disabling the to check Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
You can send any debug command supported by Cisco Aironet access points that run Cisco IOS software in lightweight mode. OL-8335-02 Autonomous Access Points Converted to Lightweight Mode lists the VCI strings for Cisco access points capable of operating in lightweight...
On the AP Detail page, the controller lists the BSS MAC addresses and Ethernet MAC addresses of • converted access points. On the Radio Summary page, the controller lists converted access points by radio MAC address. • 7-12 Chapter 7 Controlling Lightweight Access Points Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
After an access point converted to lightweight mode associates to a controller, enter this command to configure a static IP address on the access point: config ap static-ip enable ap-name ip-address mask gateway OL-8335-02 Autonomous Access Points Converted to Lightweight Mode Cisco Wireless LAN Controller Configuration Guide...
Page 151
• • Saving Configurations, page 8-4 Clearing the Controller Configuration, page 8-4 • • Erasing the Controller Configuration, page 8-4 Resetting the Controller, page 8-5 • OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
TFTP server. Step 3 Log into the controller CLI. Step 4 Enter ping server-ip-address to verify that the controller can contact the TFTP server. Cisco Wireless LAN Controller Configuration Guide Chapter 8 Managing Controller Software and Configurations OL-8335-02...
Page 153
Writing new RTOS to flash. Making backup copy of Code. Writing new Code to flash. TFTP File transfer operation completed successfully. Please restart the switch (reset system) for update to complete. OL-8335-02 Upgrading Controller Software AS_4100_3_0_x_x.aes --OR-- AS_4400_3_0_x_x.aes AS_4100_3_0_x_x.aes --OR-- AS_4400_3_0_x_x.aes...
When you are prompted for a username, enter recover-config to restore the factory default Step 2 configuration. The controller reboots and the configuration wizard starts automatically. Cisco Wireless LAN Controller Configuration Guide Chapter 8 Managing Controller Software and Configurations “Using the Configuration Wizard” section on page 4-2 to complete the OL-8335-02...
• Verifying the Operating System software load. • Initializing with its stored configurations. • • Displaying the login prompt. OL-8335-02 “Using the Configuration Wizard” section on page 4-2 Cisco Wireless LAN Controller Configuration Guide Resetting the Controller to complete the...
Page 156
Chapter 8 Managing Controller Software and Configurations Resetting the Controller Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 157
Enabling Rogue Access Point Detection, page 9-12 • • Configuring Dynamic RRM, page 9-15 Overriding Dynamic RRM, page 9-23 • • Viewing Additional RRM Settings Using the CLI, page 9-28 OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide...
LAN performance. In this way, administrators gain the perspective of every access point, thereby increasing network visibility. Cisco Wireless LAN Controller Configuration Guide Chapter 9 Configuring Radio Resource Management OL-8335-02...
LAN. This metric keeps track of every access point’s transmitted and received packet counts to determine how busy the access points are. New clients avoid an overloaded access point and associate to a new access point. OL-8335-02 Overview of Radio Resource Management Cisco Wireless LAN Controller Configuration Guide...
Client load balancing works only for a single controller. It is not operate in a multi-controller Note environment. Cisco Wireless LAN Controller Configuration Guide Chapter 9 for an explanation of the transmit power levels. Configuring Radio Resource Management OL-8335-02...
The RF group leader is dynamically chosen and cannot be selected by the user. In addition, the RF group leader can change at any time, depending on the RRM algorithm calculations. OL-8335-02 Overview of RF Groups Chapter 10...
You can also configure RF groups using the Cisco Wireless Control System (WCS). Refer to the Cisco Note Wireless Control System Configuration Guide for instructions. Cisco Wireless LAN Controller Configuration Guide Chapter 9 Configuring Radio Resource Management Table 9-1 for details. OL-8335-02...
Click Save Configuration to save your changes. Step 3 Repeat this procedure for each controller that you want to include in the RF group. Step 4 OL-8335-02 Configuring an RF Group Figure 9-1). Cisco Wireless LAN Controller Configuration Guide...
Follow these steps to view the status of the RF group using the GUI. Step 1 Click Wireless to access the All APs page (see Figure 9-2 All APs Page Cisco Wireless LAN Controller Configuration Guide Chapter 9 Configuring Radio Resource Management Figure 9-2). OL-8335-02...
Page 165
Under Global RF, click either 802.11a Network or 802.11b/g Network to access the Global Parameters Step 2 page (see Figure Figure 9-3 Global Parameters Page Click Auto RF to access the Global Parameters > Auto RF page (see Step 3 OL-8335-02 9-3). Cisco Wireless LAN Controller Configuration Guide Viewing RF Group Status Figure 9-4).
Page 166
Chapter 9 Configuring Radio Resource Management Viewing RF Group Status Figure 9-4 Global Parameters > Auto RF Page Cisco Wireless LAN Controller Configuration Guide 9-10 OL-8335-02...
Enter show advanced 802.11b group to see which controller is the RF group leader for the 802.11b/g Step 2 RF network. OL-8335-02 for more information on this parameter. Cisco Wireless LAN Controller Configuration Guide Viewing RF Group Status...
All APs Page Click the Detail link for an access point to access the All APs > Details page (see Step 3 Cisco Wireless LAN Controller Configuration Guide 9-12 Chapter 9 Configuring Radio Resource Management Figure 9-5). Figure 9-6). OL-8335-02...
Page 169
Step 5 Step 6 Click Security > AP Authentication (under Wireless Protection Policies) to access the AP Authentication Policy page (see OL-8335-02 Step 4 for every access point connected to the controller. Figure 9-7). Cisco Wireless LAN Controller Configuration Guide...
Page 170
If rogue access point detection is not enabled on every controller in the RF group, the access Note points on the controllers with this feature disabled are reported as rogues. Cisco Wireless LAN Controller Configuration Guide 9-14 Chapter 9 Step 9 on every controller in the RF group. Configuring Radio Resource Management OL-8335-02...
Note leader can change at any time. If the RRM parameters are not identical for all RF group members, varying results can occur when the group leader changes. OL-8335-02 for every access point connected to the controller. Step 5 on every controller in the RF group.
However, you can disable this feature if necessary by unchecking the check box. Note also, however, that you override dynamic RRM settings without disabling automatic RF group participation. See the section on page 9-23 for instructions. Configuring Radio Resource Management “Overriding Dynamic RRM” OL-8335-02...
Page 173
Configuring Radio Resource Management Table 9-1 RRM Parameters (continued) Parameter RF Channel Assignment Channel Assignment Method Avoid Foreign AP Interference OL-8335-02 Description The controller’s dynamic channel assignment mode. Options: Automatic, On Demand, or Off Default: Automatic Channel Assignment Method Description...
Page 174
For example, RRM may have access points avoid channels with significant interference from non-access point sources, such as microwave ovens. Options: Enabled or Disabled Default: Enabled Configuring Radio Resource Management OL-8335-02...
Page 175
Chapter 9 Configuring Radio Resource Management Table 9-1 RRM Parameters (continued) Parameter Tx Power Level Assignment Power Level Assignment Method OL-8335-02 Description The controller’s dynamic power assignment mode. Options: Automatic, On Demand, or Fixed Default: Automatic Power Level Assignment Method...
Page 176
This value is based on the Coverage threshold and the Client Min Exception Level threshold. Default: 25% The rate at which a single access point transmits or receives data packets. Default: 1000 Kbps Configuring Radio Resource Management OL-8335-02...
Page 177
Noise/Interference/Rogue Monitoring Channels Channel List Monitor Intervals Noise Measurement Load Measurement OL-8335-02 Description The minimum number of clients on an access point with a signal-to-noise ratio (SNR) below the Coverage threshold. This threshold works in conjunction with the Coverage and Coverage Exception Level thresholds.
Range: 60 to 3600 seconds Default: 60 seconds How frequently the access point measures the coverage area and passes this information to the controller. Range: 60 to 3600 seconds Default: 180 seconds Configuring Radio Resource Management OL-8335-02...
You can also override dynamic RRM using the Cisco Wireless Control System (WCS). Refer to the Cisco Note Wireless Control System Configuration Guide for instructions. OL-8335-02 Overriding Dynamic RRM Cisco Wireless LAN Controller Configuration Guide 9-23...
Click Configure for the access point for which you want to modify the radio configuration. The Cisco Step 3 APs > Configure page appears (see Cisco Wireless LAN Controller Configuration Guide 9-24 Chapter 9 Configuring Radio Resource Management Figure 9-2). Figure 9-9). OL-8335-02...
Page 181
Click Save Configuration to save the changes to the access point radio. Step 6 Step 7 Repeat this procedure for each access point radio for which you want to assign a static channel and power level. OL-8335-02 Overriding Dynamic RRM Cisco Wireless LAN Controller Configuration Guide 9-25...
802.11b enable (To enable the 802.11g network, enter config 802.11b 11gSupport enable • after the config 802.11b enable command.) Cisco Wireless LAN Controller Configuration Guide 9-26 Step 3 for each access point radio for which you want to assign a static channel and Chapter 9 Configuring Radio Resource Management OL-8335-02...
802.11a enable • config 802.11b enable (To enable the 802.11g network, enter config 802.11b 11gSupport enable • after the config 802.11b enable command.) OL-8335-02 Figure 9-3). for information on transmit power levels. Cisco Wireless LAN Controller Configuration Guide Overriding Dynamic RRM 9-2).
To troubleshoot RRM-related issues, refer to the Cisco Wireless LAN Controller Command Reference, Note Release 3.2 for RRM (airewave-director) debug commands. Cisco Wireless LAN Controller Configuration Guide 9-28 Chapter 9 Configuring Radio Resource Management OL-8335-02...
Overview of Mobility, page 10-2 • Overview of Mobility Groups, page 10-5 • Configuring Mobility Groups, page 10-7 • • Configuring Auto-Anchor Mobility, page 10-11 OL-8335-02 C H A P T E R Cisco Wireless LAN Controller Configuration Guide 10-1...
When the wireless client moves its association from one access point to another, the controller simply updates the client database with the newly associated access point. If necessary, new security context and associations are established as well. Cisco Wireless LAN Controller Configuration Guide 10-2 OL-8335-02...
Page 187
All clients configured with 802.1x/Wi-Fi Protected Access (WPA) security complete a full authentication in order to comply with the IEEE standard. Figure 10-3 illustrates inter-subnet roaming, which occurs when the controllers’ wireless LAN interfaces are on different IP subnets. Cisco Wireless LAN Controller Configuration Guide 10-3 OL-8335-02...
Page 188
Currently, multicast traffic cannot be passed during inter-subnet roaming. With this in mind, you would Note not want to design an inter-subnet network for Spectralink phones that need to send multicast traffic while using push to talk. Cisco Wireless LAN Controller Configuration Guide 10-4 OL-8335-02...
With this information, the network can support inter-controller wireless LAN roaming and controller redundancy. Clients do not roam across mobility groups. Note Figure 10-4 shows an example of a mobility group. Figure 10-4 A Single Mobility Group OL-8335-02 Overview of Mobility Groups Cisco Wireless LAN Controller Configuration Guide 10-5...
Page 190
XYZ mobility group do not recognize or communicate with the controllers in the ABC mobility group. This feature ensures mobility group isolation across the network. Cisco Wireless LAN Controller Configuration Guide 10-6 Figure 10-5 shows the results of creating distinct mobility group names for two groups Chapter 10 Configuring Mobility Groups OL-8335-02...
Controller > General page. The mobility group name is case sensitive. For the Cisco WiSM, both controllers should be configured with the same mobility group Note name for seamless routing among 300 access points. OL-8335-02 Configuring Mobility Groups Cisco Wireless LAN Controller Configuration Guide 10-7...
Click Controller > Mobility Groups to access the Static Mobility Group Members page (see Step 1 Figure 10-6). Figure 10-6 Static Mobility Group Members Page Cisco Wireless LAN Controller Configuration Guide 10-8 Chapter 10 Configuring Mobility Groups Chapter 3 for more information on the if you would prefer to OL-8335-02...
Page 193
The mobility group name is case sensitive. Note Click Save Configuration to save your changes. The new controller is added to the list of mobility group members on the Static Mobility Group Members page. OL-8335-02 Configuring Mobility Groups Figure 10-7).
Page 194
Figure Step b for each additional controller that you want to add to the mobility group. Chapter 10 Configuring Mobility Groups 10-8) lists the MAC address, IP address, and OL-8335-02...
If the announcement is not answered, the controller contacts one of the anchor controllers configured for the OL-8335-02 Configuring Auto-Anchor Mobility Cisco Wireless LAN Controller Configuration Guide...
“Using the CLI to Configure Auto-Anchor Mobility” section on page 10-14 Note to configure auto-anchor mobility using the CLI. Step 1 Click Controller > WLANs to access the WLANs page (see Cisco Wireless LAN Controller Configuration Guide 10-12 Chapter 10 Configuring Mobility Groups if you would prefer Figure 10-9). OL-8335-02...
Page 197
Repeat Step 3 Step 5 Configure the same set of anchor controllers on every controller in the mobility group. Step 6 OL-8335-02 Figure 10-10). Step 4 to set any other controllers as mobility anchors for this WLAN. Cisco Wireless LAN Controller Configuration Guide...
The wlan-id is optional and constrains the list to the anchors in a particular WLAN. To see Note all of the mobility anchors on your system, enter show mobility anchor. Cisco Wireless LAN Controller Configuration Guide 10-14 Chapter 10 Configuring Mobility Groups OL-8335-02...
Battery Handling Warning for 4400 Series Controllers, page A-18 Equipment Installation Warning, page A-20 • • More Than One Power Supply Warning for 4400 Series Controllers, page A-23 OL-8335-02 A P P E N D I X Cisco Wireless LAN Controller Configuration Guide...
Gebruik het nummer van de verklaring onderaan de waarschuwing als u een vertaling van de waarschuwing die bij het apparaat wordt geleverd, wilt raadplegen. BEWAAR DEZE INSTRUCTIES Cisco Wireless LAN Controller Configuration Guide Appendix A Safety Considerations and Translated Safety Warnings OL-8335-02...
Page 201
å forhindre ulykker. Bruk nummeret i slutten av hver advarsel for å finne oversettelsen i de oversatte sikkerhetsadvarslene som fulgte med denne enheten. TA VARE PÅ DISSE INSTRUKSJONENE OL-8335-02 Warning Definition Cisco Wireless LAN Controller Configuration Guide...
Page 202
Använd det nummer som finns i slutet av varje varning för att hitta dess översättning i de översatta säkerhetsvarningar som medföljer denna anordning. SPARA DESSA ANVISNINGAR Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Laserprodukt der Klasse 1. Avvertenza Prodotto laser di Classe 1. Advarsel Laserprodukt av klasse 1. Aviso Produto laser de classe 1. ¡Advertencia! Producto láser Clase I. Varning! Laserprodukt av klass 1. OL-8335-02 Class 1 Laser Product Warning Cisco Wireless LAN Controller Configuration Guide...
Appendix A Safety Considerations and Translated Safety Warnings Class 1 Laser Product Warning Aviso Produto a laser de classe 1. Advarsel Klasse 1 laserprodukt. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
En cas de doute sur la mise à la masse appropriée disponible, s'adresser à l'organisme responsable de la sécurité électrique ou à un électricien. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Page 206
Denna utrustning måste jordas. Koppla aldrig från jordledningen och använd aldrig utrustningen utan en på lämpligt sätt installerad jordledning. Om det föreligger osäkerhet huruvida lämplig jordning finns skall elektrisk besiktningsauktoritet eller elektriker kontaktas. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Als het rek voorzien is van stabiliseringshulpmiddelen, dient u de stabilisatoren te monteren voordat u het toestel in het rek monteert of het daar een servicebeurt geeft. OL-8335-02 Chassis Warning for Rack-Mounting and Servicing Cisco Wireless LAN Controller Configuration Guide...
Page 208
• Hvis kabinettet er utstyrt med stabiliseringsutstyr, skal stabilisatorene installeres før montering eller utføring av reparasjonsarbeid på enheten i kabinettet. Cisco Wireless LAN Controller Configuration Guide A-10 Appendix A Safety Considerations and Translated Safety Warnings OL-8335-02...
Page 209
• Om ställningen är försedd med stabiliseringsdon skall dessa monteras fast innan enheten installeras eller underhålls på ställningen. • • • • • • OL-8335-02 Chassis Warning for Rack-Mounting and Servicing Cisco Wireless LAN Controller Configuration Guide A-11...
Page 210
Ved montering af denne enhed i et delvist fyldt rack, skal enhederne installeres fra bunden og opad med den tungeste enhed nederst. • Hvis racket leveres med stabiliseringsenheder, skal disse installeres for enheden monteres eller serviceres i racket. Cisco Wireless LAN Controller Configuration Guide A-12 Appendix A Safety Considerations and Translated Safety Warnings OL-8335-02...
Page 211
Appendix A Safety Considerations and Translated Safety Warnings Chassis Warning for Rack-Mounting and Servicing Cisco Wireless LAN Controller Configuration Guide A-13 OL-8335-02...
Page 212
Appendix A Safety Considerations and Translated Safety Warnings Chassis Warning for Rack-Mounting and Servicing Cisco Wireless LAN Controller Configuration Guide A-14 OL-8335-02...
Page 213
Appendix A Safety Considerations and Translated Safety Warnings • • • • • • • • • OL-8335-02 Chassis Warning for Rack-Mounting and Servicing Cisco Wireless LAN Controller Configuration Guide A-15...
Page 214
Appendix A Safety Considerations and Translated Safety Warnings Chassis Warning for Rack-Mounting and Servicing Cisco Wireless LAN Controller Configuration Guide A-16 OL-8335-02...
Page 215
Appendix A Safety Considerations and Translated Safety Warnings Chassis Warning for Rack-Mounting and Servicing Cisco Wireless LAN Controller Configuration Guide A-17 OL-8335-02...
Danger d'explosion si la pile n'est pas remplacée correctement. Ne la remplacer que par une pile de type semblable ou équivalent, recommandée par le fabricant. Jeter les piles usagées conformément aux instructions du fabricant. Cisco Wireless LAN Controller Configuration Guide A-18 OL-8335-02...
Varning! Explosionsfara vid felaktigt batteribyte. Ersätt endast batteriet med samma batterityp som rekommenderas av tillverkaren eller motsvarande. Följ tillverkarens anvisningar vid kassering av använda batterier. Cisco Wireless LAN Controller Configuration Guide A-19 OL-8335-02...
Bare opplært og kvalifisert personell skal foreta installasjoner, utskiftninger eller service på dette utstyret. Aviso Apenas pessoal treinado e qualificado deve ser autorizado a instalar, substituir ou fazer a revisão deste equipamento. Cisco Wireless LAN Controller Configuration Guide A-20 Appendix A Safety Considerations and Translated Safety Warnings OL-8335-02...
Aviso Somente uma equipe treinada e qualificada tem permissão para instalar, substituir ou dar manutenção a este equipamento. Advarsel Kun uddannede personer må installere, udskifte komponenter i eller servicere dette udstyr. Cisco Wireless LAN Controller Configuration Guide A-21 OL-8335-02...
Page 220
Appendix A Safety Considerations and Translated Safety Warnings Equipment Installation Warning Cisco Wireless LAN Controller Configuration Guide A-22 OL-8335-02...
Varning! Denna enhet har eventuellt mer än en strömförsörjningsanslutning. Alla anslutningar måste tas bort för att göra enheten strömlös. OL-8335-02 More Than One Power Supply Warning for 4400 Series Controllers Cisco Wireless LAN Controller Configuration Guide A-23...
Page 222
Esta unidade pode ter mais de uma conexão de fonte de alimentação. Todas as conexões devem ser removidas para interromper a alimentação da unidade. Advarsel Denne enhed har muligvis mere end en strømforsyningstilslutning. Alle tilslutninger skal fjernes for at aflade strømmen fra enheden. Cisco Wireless LAN Controller Configuration Guide A-24 OL-8335-02...
Page 223
Appendix A Safety Considerations and Translated Safety Warnings More Than One Power Supply Warning for 4400 Series Controllers Cisco Wireless LAN Controller Configuration Guide A-25 OL-8335-02...
Page 224
Appendix A Safety Considerations and Translated Safety Warnings More Than One Power Supply Warning for 4400 Series Controllers Cisco Wireless LAN Controller Configuration Guide A-26 OL-8335-02...
FCC Statements for Cisco 2000 Series Wireless LAN Controllers, page B-8 FCC Statements for Cisco 4100 Series Wireless LAN Controllers and Cisco 4400 Series Wireless • LAN Controllers, page B-9 OL-8335-02 A P P E N D I X Cisco Wireless LAN Controller Configuration Guide...
AIR-AP1010-A-K9, AIR-AP1020-A-K9, AIR-AP1030-A-K9 FCC Certification number: LDK102057 Manufacturer: Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 This device complies with Part 15 rules. Operation is subject to the following two conditions: This device may not cause harmful interference, and This device must accept any interference received, including interference that may cause undesired operation.
Canadian regulations. For further information, contact your local Industry Canada office. OL-8335-02 Regulatory Information for 1000 Series Access Points Cisco Wireless LAN Controller Configuration Guide...
Tämä laite täyttää direktiivin 1999/5/EY oleelliset vaatimukset ja on siinä asetettujen muidenkin ehtojen mukainen. Denna utrustning är i överensstämmelse med de väsentliga kraven och andra relevanta bestämmelser i Direktiv 1999/5/EC. EN 300.328-1, EN 300.328-2 EN 301.489-1, EN 301.489-17 EN 60950 Declarations of Conformity and Regulatory Information OL-8335-02...
8 cm (3.2 in.) and are compliant with the applicable FCC RF exposure limit when transmitting simultaneously. Dual antennas used for diversity operation are not considered co-located. Note OL-8335-02 EN 301.893 EN 301.489-1, EN 301.489-17 EN 60950 Cisco Wireless LAN Controller Configuration Guide...
If this equipment causes RF interference to a specified low-power radio station of RF-ID, contact the number below. Contact Number: 03-5549-6500 Cisco Wireless LAN Controller Configuration Guide Appendix B 03-5549-6500 Declarations of Conformity and Regulatory Information OL-8335-02...
Chinese and English. Access Points with IEEE 802.11a Radios Chinese Translation English Translation This equipment is limited for indoor use. All Access Points Chinese Translation OL-8335-02 Regulatory Information for 1000 Series Access Points Cisco Wireless LAN Controller Configuration Guide...
Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. • Consult the dealer or an experienced radio/TV technician for help. [cfr reference 15.105] Cisco Wireless LAN Controller Configuration Guide Appendix B Declarations of Conformity and Regulatory Information OL-8335-02...
Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense. OL-8335-02 Cisco Wireless LAN Controller Configuration Guide...
Page 234
Appendix B Declarations of Conformity and Regulatory Information FCC Statements for Cisco 4100 Series Wireless LAN Controllers and Cisco 4400 Series Wireless LAN Controllers Cisco Wireless LAN Controller Configuration Guide B-10 OL-8335-02...
Limited Warranty, page C-4 • General Terms Applicable to the Limited Warranty Statement and End User License Agreement, • page C-6 • Additional Open Source Terms, page C-7 OL-8335-02 A P P E N D I X Cisco Wireless LAN Controller Configuration Guide...
License. Conditioned upon compliance with the terms and conditions of this Agreement, Cisco Systems, Inc. or its subsidiary licensing the Software instead of Cisco Systems, Inc. (“Cisco”), grants to Customer a nonexclusive and nontransferable license to use for Customer’s internal business purposes the Software and the Documentation for which Customer has paid the required license fees.
Page 237
750 University Avenue, Los Gatos, California and (b) Wind River Systems, Inc., and its suppliers. Additional suppliers may be provided in subsequent updates of Documentation supplied to Customer. Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
Limited Warranty Limited Warranty Hardware for 1000 Series Access Points. Cisco Systems, Inc., or the Cisco Systems, Inc. subsidiary selling the Product (“Cisco”) warrants that commencing from the date of shipment to Customer (and in case of resale by a Cisco reseller, commencing not more than ninety (90) days after original shipment by Cisco), and continuing for a period of one (1) year, the Hardware will be free from defects in material and workmanship under normal use.
Page 239
Cisco 4100 Series Wireless LAN Controllers, Cisco 4400 Series Wireless LAN Controllers, and Cisco Wireless Services Modules. Cisco Systems, Inc., or the Cisco Systems, Inc. subsidiary selling the Product (“Cisco”) warrants that commencing from the date of shipment to Customer (and in case of...
Agreement shall remain in full force and effect. Except as expressly provided herein, this Agreement constitutes the entire agreement between Cisco Wireless LAN Controller Configuration Guide Appendix C End User License and Warranty OL-8335-02...
Components of the software are provided under a standard 2-term BSD license with the following names as copyright holders: • Markus Friedl Theo de Raadt • Niels Provos • Dug Song • Aaron Campbell • Damien Miller • Kevin Steves • OL-8335-02 Additional Open Source Terms Cisco Wireless LAN Controller Configuration Guide...
Page 242
Appendix C End User License and Warranty Additional Open Source Terms Cisco Wireless LAN Controller Configuration Guide OL-8335-02...
• System Messages, page D-2 Using Client Reason and Status Codes in Trap Logs, page D-4 • • Using Lightweight Access Point LEDs, page D-6 OL-8335-02 A P P E N D I X Cisco Wireless LAN Controller Configuration Guide...
- add Cisco 1000 Series lightweight access points if necessary. Load is now within threshold limits. Detected noise is now less than threshold. Number of clients receiving poor signal are within threshold. Informational message. System Messages and Access Point LED Patterns OL-8335-02...
Page 245
STP_TOPOLOGY_CHANGE IPSEC_ESP_AUTH_FAILURE IPSEC_ESP_REPLAY_FAILURE IPSEC_ESP_POLICY_FAILURE IPSEC_ESP_INVALID_SPI IPSEC_OTHER_POLICY_FAILURE IPSEC_IKE_NEG_FAILURE IPSEC_SUITE_NEG_FAILURE IPSEC_INVALID_COOKIE RADIOS_EXCEEDED SENSED_TEMPERATURE_HIGH OL-8335-02 System Messages and Descriptions (continued) Description Informational message. Informational message. Informational message. Informational message. Informational message. Informational message. May be a security issue.Use maps and trends to investigate.
Cisco Wireless LAN Controller may have been rebooted. Table D-2 lists client reason codes and descriptions. Table y lists client status Client Reason Code Descriptions and Meanings System Messages and Access Point LED Patterns Meaning Normal operation. Client associated but no longer authorized. OL-8335-02...
OL-8335-02 Client Reason Code Descriptions and Meanings (continued) Client Status Code Descriptions and Meanings Cisco Wireless LAN Controller Configuration Guide Using Client Reason and Status Codes in Trap Logs Meaning Client associated but not authorized.
Controller found, code OK, normal status. 802.11b/g activity. 802.11a activity. Lightweight access point starting up. Lightweight access point searching for controller. Stops when controller and DHCP server are found. Controller found, code upgrade in process. Duplicate lightweight access point IP address. OL-8335-02...
AP-manager interfaces illustration of two AP-manager interfaces using multiple 3-31 to 3-36 AP Mode parameter 9-13 Assignment Method parameter 9-25 OL-8335-02 authentication information element (IE) auto-anchor mobility configuring using the CLI configuring using the GUI guidelines overview autonomous access points...
Page 252
CLI configuring using the GUI described 10-3 to 10-4 10-2 9-17 9-19 3-27 3-29 9-18 9-20 xiv, D-1 3-30 3-27 to 3-28 3-30 3-29 3-28 to 3-29 3-27, 3-28 3-18 3-19 9-21 3-12 3-9 to 3-11 3-5 to 3-6 OL-8335-02...
Page 253
Physical Mode parameter 3-19 Physical Status parameter 3-18 Port > Configure page 3-18 port mirroring configuring 3-20 to 3-21 OL-8335-02 Port Number parameter ports 2000 series controllers 4100 series controllers 4400 series controllers Cisco WiSM comparison table configuring connecting additional ports to support more than 48...
Page 255
4-10 SX/LC/T small form-factor plug-in (SFP) modules system logging system logging, enabling system messages time and date settings timeout, disabled clients OL-8335-02 Time Since Topology Changed parameter 10-14 Topology Change Count parameter transmit power 9-18 statically assigning using the CLI...
Page 256
Index wireless LANs, configuring both static and dynamic WiSM guidelines 4-10 wizard, startup WLANs, described 3-8 to 3-9 WLANs page 10-12 world mode Cisco Wireless LAN Controller Configuration Guide IN-8 OL-8335-02...