Table Of Contents
Release Notes for Cisco Aironet 1200 Series Access Points
April 18, 2002
These release notes describe features and caveats for Cisco Aironet 1200 Series Access Points running firmware version 11.40T. These release notes also contain important information about the device.
Cisco Aironet Access Points are wireless LAN transceivers that can act as the connection point between wireless and wired networks or as the center point of a stand-alone wireless network. In large installations, the roaming functionality provided by multiple access points allows wireless users to move freely throughout the facility while maintaining uninterrupted access to the network. The 1200 series access point allows you to add a 5-GHz radio module for dual-radio operation, and the internal radio is accessible and can be upgraded as new radios become available.
The access point uses a browser-based management system. The system settings are contained on web pages in the access point's firmware. You use your internet browser, a command-line interface, or SNMP commands to adjust the access point's system settings.
You can find the latest release of access point and bridge firmware at the following URL:
Installation in Environmental Air Space
Cisco Aironet 1200 Series Access Points are suitable for use in environmental air space in accordance with Section 300-22(c) of the National Electrical Code.
Note If you plan to mount the access point in an area subject to environmental air space with the intention of upgrading to a 5-GHz radio, Cisco recommends that you mount the access point horizontally so that its antennas point down. Doing so will result in the access point complying with regulatory requirements for environmental air space after the 5-GHz radio is installed.
Caution The Cisco Aironet power injector has a smaller operating temperature range (32 to 104 oF; 0 to 40 oC) than the 1200 series access point. The power injector is not intended for use in extremely high or low temperatures or in environmental air spaces, such as above suspended ceilings.
For instructions on the proper installation and grounding of external antennas, refer to the National Fire Protection Association's NFPA 70, National Electrical Code, Article 810, and the Canadian Standards Association's Canadian Electrical Code, Section 54.
Warning Do not locate the antenna near overhead power lines or other electric light or power circuits, or where it can come into contact with such circuits. When installing the antenna, take extreme care not to come into contact with such circuits, as they may cause serious injury or death.
This section describes issues you should consider before applying power to the access point.
Caution The nominal voltage for 1200 series access points is 48VDC, and the access point is operational up to 60VDC. Voltage higher than 60VDC can damage the equipment.
Caution Cisco Aironet 1200 Series Power Injectors are designed for use with 1200 series access points only. Do not use the power injector with any other Ethernet-ready device. Using the power injector with other Ethernet-ready devices can damage the equipment.
Use Only One Power Option
You cannot provide redundant power to the access point with both DC power to its power port and inline power from a patch panel or powered switch to the access point's Ethernet port. If you apply power to the access point from both sources, the switch or power patch panel might shut down the port to which the access point is connected. Figure 1 shows the power configuration that can shut down the port on the patch panel or powered switch.
Figure 1 Improper Power Configuration Using Two Power Sources
Access Point Requires 1200 Series Universal Power Supply and Power Injector
You must use a 1200 series universal power supply to power the access point. If you need to use a power injector to inject power into the access point's Ethernet port, you must use a 1200 series power injector. The 350 series universal power supply and power injector are not compatible with the 1200 series access point.
Limitations and Restrictions
This section describes limitations and restrictions for the access point.
Removing Power During Firmware Update Can Corrupt Radio Firmware
When you update the firmware on an access point or bridge, allow the unit to finish its start-up sequence before removing power. If you update the firmware and remove power before the unit finishes the start-up sequence, the radio firmware might be corrupted, making the unit inoperable. If the radio firmware is corrupted, the radio indicator (the bottom of the three indicators on top of the access point or bridge) lights solid red, and the following error message appears when the access point or bridge starts up:
If the radio firmware is corrupted, you should try to reset the unit to factory defaults using the :resetall command in the CLI; see the "Resetting to the Default Configuration" section on page 9-42 of the Cisco Aironet 1200 Series Access Point Software Configuration Guide for instructions on resetting the access point. If the unit cannot be reset to defaults, you must return the unit to Cisco for service.
You can safely remove power after a firmware update when the configuration management pages reappear in the command-line or web-browser interfaces, or when the three status indicators on top of the unit complete the following pattern:
1. All three indicators are steady green, meaning that the access point is beginning to update the firmware.
2. The middle indicator is steady green and the top and bottom indicators are off, indicating that the access point or bridge is updating the radio firmware.
When the middle indicator blinks or the top and bottom indicators blink, you can remove power.
EAP Authentication Requires Matching IEEE 802.1x Protocol Drafts
Note This section applies to wireless networks set up to use LEAP. If you do not use LEAP on your wireless network, you can skip this section.
Wireless client devices use Extensible Authentication Protocol (EAP) to log onto a network and generate a dynamic, client-specific WEP key for the current logon session. If your wireless network uses WEP without EAP, client devices use the static WEP keys entered in the Aironet Client Utilities.
If you use Network-EAP authentication on your wireless network, your client devices and access points must use the same IEEE 802.1x protocol draft. For example, if the radio firmware on the client devices that will associate with an access point is 4.16, then the access point should be configured to use Draft 8 of the IEEE 802.1x protocol. Table 1 lists firmware versions for Cisco Aironet products and the draft with which they comply.
Table 1 IEEE 802.1x Protocol Drafts and Compliant Client Firmware
Firmware Version Draft 7 Draft 8 Draft 10 1
PC/PCI cards 4.13
PC/PCI cards 4.16
PC/PCI cards 4.23
PC/PCI cards 4.25 and later
WGB34x/352 8.61 or later
AP34x/35x 11.05 and earlier
AP34x/35x 11.06 and later2
AP34x/35x 11.07 and later
AP34x/35x and BR35x 11.10T
AP12xx 11.40T and later
1 The functionality in Draft 10 is equivalent to the functionality in Draft 11, the ratified draft of the IEEE 802.1x standard.
2 The default draft setting in access point and bridge firmware version 11.06 and later is Draft 10.
Use the Authenticator Configuration page to select the draft of the IEEE 802.1x protocol the access point should use. Follow these steps to set the draft for your access point:
Step 1 Browse to the Authenticator Configuration page in the access point management system.
a. On the Summary Status page, click Setup.
b. On the Setup page, click Security.
c. On the Security Setup page, click Authentication Server.
Step 2 Use the 802.1x Protocol Version (for EAP authentication) pull-down menu to select the draft of the 802.1x protocol the access point radio should use. Menu options include:
•Draft 7—No radio firmware versions compliant with Draft 7 have LEAP capability, so you should not need to select this setting.
•Draft 8—Select this option if LEAP-enabled client devices that associate with this access point use radio firmware versions 4.13, 4.16, or 4.23.
•Draft 10—This is the default setting in firmware versions 11.06 and later. Select this option if client devices that associate with this access point use Microsoft Windows XP EAP authentication or if LEAP-enabled client devices that associate with this access point use radio firmware version 4.25 or later. The functionality in Draft 10 is equivalent to the functionality in Draft 11, the ratified draft of the IEEE 802.1x standard.
Step 3 Click Apply or OK to apply the setting. The access point reboots.
Select WEP Key 1 as Transmit Key for EAP Authentication
If you use Network-EAP as the authentication type on your wireless network, you must select key 1 as the transmit key on the access point AP Radio Data Encryption page. The access point uses the WEP key you enter in key slot 1 to encrypt multicast and broadcast data signals that it sends to EAP-enabled client devices. Because the access point transmits the WEP key used for multicast messages to the EAP-enabled client device during the EAP authentication process, that key does not have to appear in the EAP-enabled device's WEP key list. The access point uses a dynamic WEP key to encrypt unicast messages to EAP-enabled clients. When you set up a repeater access point to authenticate as a LEAP client, the repeater derives a dynamic WEP key and uses it to communicate with the root access point. Repeaters not set up for LEAP authentication use static WEP keys when communicating with other access points.
Note If you do not use EAP authentication on your wireless network, you can select any WEP key as the transmit key. If you use EAP authentication and you enable broadcast key rotation, you can enable WEP without entering WEP keys.
This section lists important information about access points running firmware version 11.40T.
Set Flow Control to None or Xon/Xoff When Using Terminal Emulator
The terminal emulator flow control setting for 1200 series access points (none or Xon/Xoff) differs from the flow control setting for 340 and 350 series access points and 350 series bridges (none, Xon/Xoff, or Hardware).
To use a terminal emulator to open the 1200 series access point's command-line interface (CLI), use these settings for the terminal emulator connection:
•8 data bits
•1 stop bit
•No flow control or Xon/Xoff
Cisco Discovery Protocol Re-Enabled for Individual Interfaces on Reboot
The Cisco Discovery Protocol (CDP) feature is enabled by default, and CDP is enabled for each of the access point's individual interfaces by default. However, if you disable CDP for one of the individual interfaces, the access point re-enables CDP for that interface when it reboots. If you disable CDP completely, the access point does not re-enable CDP on reboot.
This section lists open and resolved software issues in firmware version 11.40T.
Getting Bug Information on Cisco.com
If you are a registered Cisco user, you can use the Cisco TAC Software Bug Toolkit, which consists of three tools (Bug Navigator, Bug Watcher, and Search by Bug ID Number) that help you identify existing bugs (or caveats) in Cisco software products. Access the TAC Software Bug Toolkit at http://www.cisco.com/support/bugtools/.
The following caveats have not been resolved for firmware version 11.40T:
•CSCdx32469—When you set up a standby access point with LEAP enabled, the radio on the monitored access point shuts down approximately one minute after you enable hot standby. When the radio on the monitored access point shuts down, the standby access point takes over as the primary access point. Workaround: Enable static WEP or no WEP on the standby access point.
•CSCdx32480—When you set up a repeater access point for LEAP authentication, you must enter the authentication server's IP address, not its DNS name, in the Server Name/IP entry field on the Authenticator Configuration page. If you use the server's DNS name, client devices cannot authenticate.
•CSCdx32506—Association Table pages on 340 and 350 series access points do not display a device type for 1200 series access points. However, the Association Table pages do include entries for 1200 series access points in the Name, IP Addr/Name, Mac Addr and State fields.
•CSCdw36550—With all data rates enabled, the access point's Linktest feature sends all test packets at the highest available data rate. As attenuation increases (signal strength decreases), the access point does not send test packets at lower data rates as it should.
•CSCdw41286—Navigating from one screen to another in the CLI might reboot the access point. Workaround: If the access point reboots unexpectedly, use the web-browser interface to configure the unit.
•CSCdw42125—The access point might attempt to send MAC authentication requests to the server before the network is ready. The access points and associated client devices authenticate after a delay.
•CSCdw53237—When you change the access point's role in radio network from repeater to root, the link from the access point to the previous root device remains active. Workaround: Reboot the access point after changing its role from repeater to root.
•CSCdw64319—When you enter the SNMP command sysObjectID, the access point is identified as ciscoCAP350 rather than ciscoAIRAP1200.
•CSCdw81244—The AP Radio Advanced page contains a setting called Use Symbol Extensions. This setting has no function; access point behavior does not change when you enable it.
•CSCdw83703—The access point sometimes reports this error when LEAP-enabled workgroup bridges are associated:Could not allocate mBlk from netPool 0x00d0a5a8!
You can ignore these messages.
For the most up-to-date, detailed troubleshooting information, refer to the Cisco TAC website at http://www.cisco.com/tac. Select Wireless LAN under Top Issues.
Use the following documents with this document:
•Quick Start Guide: Cisco Aironet 1200 Series Access Points
•Quick Start Guide: 1200 Series Access Point 2.4-GHz Radio Installation Instructions
•Cisco Aironet 1200 Series Access Point Hardware Installation Guide
•Cisco Aironet 1200 Series Access Point Software Configuration Guide
The following sections explain how to obtain documentation from Cisco Systems.
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at the following URL:
Translated documentation is available at the following URL:
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription. Click this URL for more information on the Documentation CD-ROM:
Cisco documentation is available in the following ways:
•Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:
•Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Leave Feedback at the bottom of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.
You can e-mail your comments to firstname.lastname@example.org.
To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to
•Streamline business processes and improve productivity
•Resolve technical issues with online support
•Download and test software packages
•Order Cisco learning materials and merchandise
•Register for online skill assessment, training, and certification programs
You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:
Technical Assistance Center
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.
Inquiries to Cisco TAC are categorized according to the urgency of the issue:
•Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.
•Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.
•Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.
•Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.
Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
Cisco TAC Web Site
The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:
All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:
If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:
If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
Copyright © 2002, Cisco Systems, Inc.
All rights reserved.