Cisco Wireless LAN Controller Configuration Guide, Release 4.0
Chapter 4 - Configuring Controller Settings
Downloads: This chapterpdf (PDF - 1.83MB) The complete bookPDF (PDF - 12.59MB) | Feedback

Configuring Controller Settings

Table Of Contents

Configuring Controller Settings

Using the Configuration Wizard

Before You Start

Resetting the Device to Default Settings

Resetting to Default Settings Using the CLI

Resetting to Default Settings Using the GUI

Running the Configuration Wizard on the CLI

Managing the System Time and Date

Configuring the Time and Date Manually

Configuring an NTP Server

Configuring a Country Code

Enabling and Disabling 802.11 Bands

Configuring Administrator Usernames and Passwords

Configuring RADIUS Settings

Configuring SNMP

Changing the Default Values of SNMP Community Strings

Using the GUI to Change the SNMP Community String Default Values

Using the CLI to Change the SNMP Community String Default Values

Changing the Default Values for SNMP v3 Users

Using the GUI to Change the SNMP v3 User Default Values

Using the CLI to Change the SNMP v3 User Default Values

Enabling 802.3x Flow Control

Enabling System Logging

Using the GUI to Enable System Logging

Using the CLI to Enable System Logging

Enabling Dynamic Transmit Power Control

Configuring Multicast Mode

Understanding Multicast Mode

Guidelines for Using Multicast Mode

Enabling Multicast Mode

Configuring Client Roaming

Intra-Controller Roaming

Inter-Controller Roaming

Inter-Subnet Roaming

Voice-over-IP Telephone Roaming

CCX Layer 2 Client Roaming

Using the GUI to Configure CCX Client Roaming Parameters

Using the CLI to Configure CCX Client Roaming Parameters

Configuring Voice and Video Parameters

Call Admission Control

U-APSD

Traffic Stream Metrics

Using the GUI to Configure Voice Parameters

Using the GUI to Configure Video Parameters

Using the GUI to View Voice and Video Settings

Using the CLI to Configure Voice Parameters

Using the CLI to Configure Video Parameters

Using the CLI to View Voice and Video Settings

Configuring the Supervisor 720 to Support the WiSM

General WiSM Guidelines

Configuring the Supervisor

Using the Wireless LAN Controller Network Module


Configuring Controller Settings


This chapter describes how to configure settings on the controllers. It contains these sections:

Using the Configuration Wizard

Managing the System Time and Date

Configuring a Country Code

Enabling and Disabling 802.11 Bands

Configuring Administrator Usernames and Passwords

Configuring RADIUS Settings

Configuring SNMP

Changing the Default Values of SNMP Community Strings

Changing the Default Values for SNMP v3 Users

Enabling 802.3x Flow Control

Enabling System Logging

Enabling Dynamic Transmit Power Control

Configuring Multicast Mode

Configuring Client Roaming

Configuring Voice and Video Parameters

Configuring the Supervisor 720 to Support the WiSM

Using the Wireless LAN Controller Network Module

Using the Configuration Wizard

This section describes how to configure basic settings on a controller for the first time or after the configuration has been reset to factory defaults. The contents of this chapter are similar to the instructions in the quick start guide that shipped with your controller.

You use the configuration wizard to configure basic settings. You can run the wizard on the CLI or the GUI. This section explains how to run the wizard on the CLI.

This section contains these sections:

Before You Start

Resetting the Device to Default Settings

Running the Configuration Wizard on the CLI

Before You Start

You should collect these basic configuration parameters before configuring the controller:

System name for the controller

802.11 protocols supported: 802.11a and/or 802.11b/g

Administrator usernames and passwords (optional)

Distribution system (network) port static IP address, netmask, and optional default gateway IP address

Service port static IP address and netmask (optional)

Distribution system physical port (1000BASE-T, 1000BASE-SX, or 10/100BASE-T)


Note Each 1000BASE-SX connector provides a 100/1000-Mbps wired connection to a network through an 850nM (SX) fiber-optic link using an LC physical connector.


Distribution system port VALN assignment (optional)

Distribution system port web and secure web mode settings: enabled or disabled

Distribution system port Spanning Tree Protocol: enabled/disabled, 802.1D/fast/off mode per port, path cost per port, priority per port, bridge priority, forward delay, hello time, maximum age

WLAN configuration: SSID, VLAN assignments, Layer 2 security settings, Layer 3 security settings, QoS assignments

Mobility Settings: Mobility Group Name (optional)

RADIUS Settings

SNMP Settings

NTP server settings (the wizard prompts you for NTP server settings only when you run the wizard on a wireless controller network module installed in a Cisco Integrated Services router)

Other port and parameter settings: service port, Radio Resource Management (RRM), third-party access points, console port, 802.3x flow control, and system logging

Resetting the Device to Default Settings


Note If you need to start over during the initial setup process, you can reset the controller to factory default settings.After resetting the configuration to defaults, you need a serial connection to the controller to use the configuration wizard.


Resetting to Default Settings Using the CLI

Follow these steps to reset the configuration to factory default settings using the CLI.


Step 1 Enter reset system. At the prompt that asks whether you need to save changes to the configuration, enter Y or N. The unit reboots.

Step 2 When you are prompted for a username, enter recover-config to restore the factory default configuration. The controller reboots and displays this message:

Welcome to the Cisco WLAN Solution Wizard Configuration Tool

Step 3 Use the configuration wizard to enter configuration settings.


Resetting to Default Settings Using the GUI

Follow these steps to return to default settings using the GUI.


Step 1 Open your Internet browser. The GUI is fully compatible with Microsoft Internet Explorer version 6.0 or later on Windows platforms.

Step 2 Enter the controller IP address in the browser address line and press Enter. An Enter Network Password windows appears.

Step 3 Enter your username in the User Name field. The default username is admin.

Step 4 Enter the wireless device password in the Password field and press Enter. The default password is admin.

Step 5 Browse to the Commands > Reset to Factory Defaults page.

Step 6 Click Reset. At the prompt, confirm the reset.

Step 7 Reboot the unit and do not save changes.

Step 8 Use the configuration wizard to enter configuration settings.


Running the Configuration Wizard on the CLI

When the controller boots at factory defaults, the bootup script runs the configuration wizard, which prompts the installer for initial configuration settings. Follow these steps to enter settings using the wizard on the CLI.


Note To configure the controller in the Catalyst 3750G Integrated Wireless LAN Controller Switch, Cisco recommends that you use the GUI configuration wizard that launches from the 3750 Device Manager. Refer to the Catalyst 3750G Integrated Wireless LAN Controller Switch Getting Started Guide for instructions.



Step 1 Connect your computer to the controller using a DB-9 null-modem serial cable.

Step 2 Open a terminal emulator session using these settings:

9600 baud

8 data bits

1 stop bit

no parity

no hardware flow control

Step 3 At the prompt, log into the CLI. The default username is admin and the default password is admin.

Step 4 If necessary, enter reset system to reboot the unit and start the wizard.

Step 5 The first wizard prompt is for the system name. Enter up to 32 printable ASCII characters.

Step 6 Enter an administrator username and password, each up to 24 printable ASCII characters.

Step 7 Enter the service-port interface IP configuration protocol: none or DHCP. If you do not want to use the service port or if you want to assign a static IP Address to the service port, enter none.

Step 8 If you entered none, enter the service-port interface IP address and netmask on the next two lines. If you do not want to use the service port, enter a fictitious IP address that is not routable anywhere on your network.

Step 9 Enter the management interface IP Address, netmask, default router IP address, and optional VLAN identifier (a valid VLAN identifier, or 0 for untagged).

Step 10 Enter the Network Interface (Distribution System) Physical Port number. For the controller, the possible ports are 1 through 4 for a front panel GigE port.

Step 11 Enter the IP address of the default DHCP Server that will supply IP Addresses to clients, the management interface, and the service port interface if you use one.

Step 12 Enter the LWAPP Transport Mode, LAYER2 or LAYER3 (refer to the Layer 2 and Layer 3 LWAPP Operation chapter for an explanation of this setting).


Note The controller in the Catalyst 3750G Integrated Wireless LAN Controller Switch operates only in Layer 3 mode.


Step 13 Enter the Virtual Gateway IP Address. This address can be any fictitious, unassigned IP address (such as 1.1.1.1) to be used by Layer 3 Security and Mobility managers.

Step 14 Enter the Cisco WLAN Solution Mobility Group (RF group) name.

Step 15 Enter the WLAN 1 SSID, or network name. This is the default SSID that lightweight access points use to associate to a controller.

Step 16 Allow or disallow Static IP Addresses for clients. Enter yes to allow clients to supply their own IP addresses. Enter no to require clients to request an IP Address from a DHCP server.

Step 17 If you need to configure a RADIUS Server, enter yes, and enter the RADIUS server IP address, the communication port, and the shared secret. If you do not need to configure a RADIUS server or you want to configure the server later, enter no.

Step 18 Enter a country code for the unit. Enter help to list the supported countries.


Note When you run the wizard on a wireless controller network module installed in a Cisco Integrated Services Router, the wizard prompts you for NTP server settings. The controller network module does not have a battery and cannot save a time setting. It must receive a time setting from an NTP server when it powers up.


Step 19 Enable and disable support for 802.11b, 802.11a, and 802.11g.

Step 20 Enable or disable radio resource management (RRM) (auto RF).

When you answer the last prompt, the controller saves the configuration, reboots with your changes, and prompts you to log in or to enter recover-config to reset to the factory default configuration and return to the wizard.


Managing the System Time and Date

You can configure the controller to obtain the time and date from a Network Time Protocol (NTP) server, or you can configure the time and date manually.

Configuring the Time and Date Manually

On the CLI, enter show time to check the system time and date. If necessary, enter config time mm/dd/yy hh:mm:ss to set the time and date.

To enable Daylight Saving Time, enter config time timezone enable.

Configuring an NTP Server

Each NTP server IP address is added to the controller database. Each controller searches for an NTP server and obtains the current time upon reboot and at each user-defined polling interval (daily to weekly).

On the CLI, enter config time ntp server-ip-address to specify the NTP server for the controller. Enter config time ntp interval to specify, in seconds, the polling interval.


Note For access points to successfully join a Cisco WLAN controller, Cisco recommends that you configure the controller to obtain the time from an NTP server.


Configuring a Country Code

Controllers are designed for use in many countries with varying regulatory requirements. You can configure a country code for the controller to ensure that it complies with your country's regulations.


Note Controllers and access points may not operate properly if they are not designed for use in your country of operation. For example, an access point with part number AIR-AP1030-A-K9 (which is included in the Americas regulatory domain) cannot be used in Australia. Always be sure to purchase controllers and access points that match your country's regulatory domain.


On the controller GUI, click Wireless > Country, enter the desired country code in the Country Code field, and click Save Configuration.

On the controller CLI, enter config country code to configure the country code. Enter show country to check the configuration.


Note For an access point to successfully join a controller, the access point's regulatory domain must match the country code of the controller.



Note Controllers running software release 4.0 or earlier do not have the ability to control access points in more than one regulatory domain.



Note The controller must be installed by a network administrator or qualified IT professional, and the proper country code must be selected. Following installation, access to the unit should be password protected by the installer to maintain compliance with regulatory requirements and to ensure proper unit functionality.


Table 4-1 lists commonly used country codes and the 802.11 bands that they allow. For a complete list of country codes supported per product, go to http://www.cisco.com/en/US/prod/collateral/wireless/ps5679/ps5861/product_data_sheet0900aecd80537b6a_ps430_Products_Data_Sheet.html.

Table 4-1 Commonly Used Country Codes 

Country Code
Country
802.11 Bands Allowed

US

United States of America

802.11b, 802.11g, and 802.11a low, medium, and high bands

USL

US Low

802.11b, 802.11g, and 802.11a low and medium bands (used for legacy 802.11a interface cards that do not support 802.11a high band)

AU

Australia

802.11b, 802.11g, and 802.11a

AT

Austria

802.11b, 802.11g, and 802.11a

BE

Belgium

802.11b, 802.11g, and 802.11a

CA

Canada

802.11b and 802.11g

DK

Denmark

802.11b, 802.11g, and 802.11a

FI

Finland

802.11b, 802.11g, and 802.11a

FR

France

802.11b, 802.11g, and 802.11a

DE

Germany

802.11b, 802.11g, and 802.11a

GR

Greece

802.11b and 802.11g

IE

Ireland

802.11b, 802.11g, and 802.11a

IN

India

802.11b and 802.11a

IT

Italy

802.11b, 802.11g, and 802.11a

JP

Japan

802.11b, 802.11g, and 802.11a

KR

Republic of Korea

802.11b, 802.11g, and 802.11a

LU

Luxembourg

802.11b, 802.11g, and 802.11a

NL

Netherlands

802.11b, 802.11g, and 802.11a

PT

Portugal

802.11b, 802.11g, and 802.11a

ES

Spain

802.11b, 802.11g, and 802.11a

SE

Sweden

802.11b, 802.11g, and 802.11a

GB

United Kingdom

802.11b, 802.11g, and 802.11a


Enabling and Disabling 802.11 Bands

You can enable or disable the 802.11b/g (2.4-GHz) and the 802.11a (5-GHz) bands for the controller to comply with the regulatory requirements in your country. By default, both 802.11b/g and 802.11a are enabled.

On the CLI, enter config 80211b disable network to disable 802.11b/g operation on the controller. Enter config 80211b enable network to re-enable 802.11b/g operation.

Enter config 80211a disable network to disable 802.11a operation on the controller. Enter config 80211a enable network to re-enable 802.11a operation.

Configuring Administrator Usernames and Passwords


Note The controller does not have a password recovery mechanism. If you use WCS to manage the controller, you should be able to access the controller from WCS and create a new admin user without logging into the controller itself. If you have not saved the configuration on the controller after deleting the user, then rebooting (power cycling) the controller should bring it back up with the deleted user still in the system. If you do not have the default admin account or another user account with which you can log in, your only option is to default the controller to factory settings and reconfigure it from scratch or to reload the previously saved configuration.


You can configure administrator usernames and passwords to prevent unauthorized users from reconfiguring the controller and viewing configuration information.

On the CLI, enter config mgmtuser add username password read-write to create a username-password pair with read-write privileges. Enter config mgmtuser add username password read-only to create a username-password pair with read-only privileges. Usernames and passwords are case-sensitive and can contain up to 24 ASCII characters. Usernames and passwords cannot contain spaces.

To change the password for an existing username, enter config mgmtuser password username new_password

To list configured users, enter show mgmtuser.

Configuring RADIUS Settings

If you need to use a RADIUS server for accounting or authentication, follow these steps on the CLI to configure RADIUS settings for the controller:


Step 1 Enter config radius acct ip-address to configure a RADIUS server for accounting.

Step 2 Enter config radius acct port to specify the UDP port for accounting.

Step 3 Enter config radius acct secret to configure the shared secret.

Step 4 Enter config radius acct enable to enable accounting. Enter config radius acct disable to disable accounting. Accounting is disabled by default.

Step 5 Enter config radius auth ip-address to configure a RADIUS server for authentication.

Step 6 Enter config radius auth port to specify the UDP port for authentication.

Step 7 Enter config radius auth secret to configure the shared secret.

Step 8 Enter config radius auth enable to enable authentication. Enter config radius acct disable to disable authentication. Authentication is disabled by default.

Step 9 Use the show radius acct statistics, show radius auth statistics, and show radius summary commands to verify that the RADIUS settings are correctly configured.


Configuring SNMP

Cisco recommends that you use the GUI to configure SNMP settings on the controller. To use the CLI, follow these steps:


Step 1 Enter config snmp community create name to create an SNMP community name.

Step 2 Enter config snmp community delete name to delete an SNMP community name.

Step 3 Enter config snmp community accessmode ro name to configure an SNMP community name with read-only privileges. Enter config snmp community accessmode rw name to configure an SNMP community name with read-write privileges.

Step 4 Enter config snmp community ipaddr ip-address ip-mask name to configure an IP address and subnet mask for an SNMP community.


Note This command behaves like an SNMP access list. It specifies the IP address from which the device accepts SNMP packets with the associated community. The requesting entity's IP address is ANDed with the subnet mask before being compared to the IP address. If the subnet mask is set to 0.0.0.0, an IP address of 0.0.0.0 matches to all IP addresses. The default value is 0.0.0.0.



Note The controller can use only one IP address range to manage an SNMP community.


Step 5 Enter config snmp community mode enable to enable a community name. Enter config snmp community mode disable to disable a community name.

Step 6 Enter config snmp trapreceiver create name ip-address to configure a destination for a trap.

Step 7 Enter config snmp trapreceiver delete name to delete a trap.

Step 8 Enter config snmp trapreceiver ipaddr old-ip-address name new-ip-address to change the destination for a trap.

Step 9 Enter config snmp trapreceiver mode enable to enable traps. Enter config snmp trapreceiver mode disable to disable traps.

Step 10 Enter config snmp syscontact syscontact-name to configure the name of the SNMP contact. Enter up to 31 alphanumeric characters for the contact name.

Step 11 Enter config snmp syslocation syslocation-name to configure the SNMP system location. Enter up to 31 alphanumeric characters for the location.

Step 12 Use the show snmpcommunity and show snmptrap commands to verify that the SNMP traps and communities are correctly configured.

Step 13 Use the show trapflags command to see the enabled and disabled trapflags. If necessary, use the config trapflags commands to enable or disable trapflags.


Changing the Default Values of SNMP Community Strings

The controller has commonly known default values of "public" and "private" for the read-only and read-write SNMP community strings. Using these standard values presents a security risk. Therefore, Cisco strongly advises that you change these values.

Using the GUI to Change the SNMP Community String Default Values

Follow these steps to change the SNMP community string default values through the controller GUI.


Step 1 Click Management and then Communities under SNMP. The SNMP v1 / v2c Community page appears (see Figure 4-1).

Figure 4-1 SNMP v1 / v2c Community Page

Step 2 If "public" or "private" appears in the Community Name column, click Remove to delete this community.

Step 3 Click New to create a new community. The SNMP v1 / v2c Community > New page appears (see Figure 4-2).

Figure 4-2 SNMP v1 / v2c Community > New Page

Step 4 In the Community Name field, enter a unique name containing up to 16 alphanumeric characters. Do not enter "public" or "private."

Step 5 In the next two fields, enter the IP address from which this device accepts SNMP packets with the associated community and the IP mask.

Step 6 Choose Read Only or Read/Write from the Access Mode drop-down box to specify the access level for this community.

Step 7 Choose Enable or Disable from the Status drop-down box to specify the status of this community.

Step 8 Click Apply to commit your changes.

Step 9 Click Save Configuration to save your settings.

Step 10 Repeat this procedure if a "public" or "private" community still appears on the SNMP v1 / v2c Community page.


Using the CLI to Change the SNMP Community String Default Values

Follow these steps to change the SNMP community string default values through the controller CLI.


Step 1 To see the current list of SNMP communities for this controller, enter this command:

show snmp community

Step 2 If "public" or "private" appears in the SNMP Community Name column, enter this command to delete this community:

config snmp community delete name

The name parameter is the community name (in this case, "public" or "private").

Step 3 To create a new community, enter this command:

config snmp community create name

Enter up to 16 alphanumeric characters for the name parameter. Do not enter "public" or "private."

Step 4 To enter the IP address from which this device accepts SNMP packets with the associated community, enter this command:

config snmp community ipaddr ip_address ip_mask name

Step 5 To specify the access level for this community, enter this command, where ro is read-only mode and rw is read/write mode:

config snmp community accessmode {ro | rw} name

Step 6 To enable or disable this SNMP community, enter this command:

config snmp community mode {enable | disable} name

Step 7 To save your changes, enter save config.

Step 8 Repeat this procedure if you still need to change the default values for a "public" or "private" community string.


Changing the Default Values for SNMP v3 Users

The controller uses a default value of "default" for the username, authentication password, and privacy password for SNMP v3 users. Using these standard values presents a security risk. Therefore, Cisco strongly advises that you change these values.


Note SNMP v3 is time sensitive. Make sure that you have configured the correct time and timezone on your controller.


Using the GUI to Change the SNMP v3 User Default Values

Follow these steps to change the SNMP v3 user default values through the controller GUI.


Step 1 Click Management and then SNMP V3 Users under SNMP. The SNMP V3 Users page appears (see Figure 4-3).

Figure 4-3 SNMP V3 Users Page

Step 2 If "default" appears in the User Name column, click Remove to delete this SNMP v3 user.

Step 3 Click New to add a new SNMP v3 user. The SNMP V3 Users > New page appears (see Figure 4-4).

Figure 4-4 SNMP V3 Users > New Page

Step 4 In the User Profile Name field, enter a unique name. Do not enter "default."

Step 5 Choose Read Only or Read Write from the Access Mode drop-down box to specify the access level for this user.

Step 6 In the next two fields, choose the authentication and privacy protocols to be used, and enter a password for each.

Step 7 Click Apply to commit your changes.

Step 8 Click Save Configuration to save your settings.


Using the CLI to Change the SNMP v3 User Default Values

Follow these steps to change the SNMP v3 user default values through the controller CLI.


Step 1 To see the current list of SNMP v3 users for this controller, enter this command:

show snmpv3user

Step 2 If "default" appears in the SNMP v3 User Name column, enter this command to delete this user:

config snmp v3user delete username

The username parameter is the SNMP v3 username (in this case, "default").

Step 3 To create a new SNMP v3 user, enter this command:

config snmp v3user create username {ro | rw} {none | hmacmd5 | hmacsha} {none | des} auth_password privacy_password

where

username is the SNMP v3 username,

ro is read-only mode and rw is read/write mode,

none, hmacmd5, and hmacsha are the authentication protocol options,

none and des are the privacy protocol options,

auth_password is the authentication password, and

privacy_password is the privacy password.

Do not enter "default" for the username and password parameters.

Step 4 To save your changes, enter save config.


Enabling 802.3x Flow Control

802.3x Flow Control is disabled by default. To enable it, enter config switchconfig flowcontrol enable.

Enabling System Logging

System logging allows controllers to log their system events to an external syslog server. System logging is disabled by default. You can use the GUI or CLI to enable system logging.

Using the GUI to Enable System Logging

Follow these steps to enable system logging through the controller GUI.


Step 1 Click Management and then Config under Logs. The Syslog Configuration page appears (Figure 4-5).

Figure 4-5 Syslog Configuration Page

Step 2 Check the Syslog check box.

Step 3 In the Syslog Server IP Address field, enter the IP address of the server to which to send the system log.

Step 4 Choose a logging level from the Message Log Level drop-down box.

There are five logging levels from which you can choose:

Critical Failure

Software Error

Authentication or Security Errors

Unexpected Software Events

Significant System Events

When you choose a logging level, the system logs messages for that level and for the levels above it. For example, if you choose Unexpected Software Events, the system logs unexpected software events, authentication or security errors, software errors, and critical failures.

Step 5 Click Apply to commit your changes.

Step 6 Click Save Configuration to save your changes.

Step 7 To view the message logs, click Management and then Message Logs under Logs (see Figure 4-6).

Figure 4-6 Message Logs Page


Using the CLI to Enable System Logging

Follow these steps to enable system logging through the controller CLI.


Step 1 Enter config syslog ip_address to enable system logging and set the IP address of the Syslog server.

Step 2 Enter config msglog level msg_level to set the logging level.

For msg_level, you can enter one of the following five values:

critical—Critical hardware or software failure

error—Non-critical software errors

security—Authentication- or security-related errors

warning—Unexpected software events

verbose—Significant system events

Step 3 To view the current syslog status, enter show syslog. To view the message logs, enter show msglog.

Enabling Dynamic Transmit Power Control

When you enable Dynamic Transmit Power Control (DTPC), access points add channel and transmit power information to beacons. (On access points that run Cisco IOS software, this feature is called world mode.) Client devices using DTPC receive the information and adjust their settings automatically. For example, a client device used primarily in Japan could rely on DTPC to adjust its channel and power settings automatically when it travels to Italy and joins a network there. DTPC is enabled by default.

Enter this command to disable or enable DTPC:

config {802.11a | 802.11bg} dtpc {enable | disable}

Configuring Multicast Mode

If your network supports packet multicasting you can configure the multicast method that the controller uses. The controller performs multicasting in two modes:

Unicast mode—In this mode the controller unicasts every multicast packet to every access point associated to the controller. This mode is inefficient but might be required on networks that do not support multicasting.

Multicast mode—In this mode the controller sends multicast packets to an LWAPP multicast group. This method reduces overhead on the controller processor and shifts the work of packet replication to your network, which is much more efficient than the unicast method.

Understanding Multicast Mode

When you enable multicast mode, the controller does not become a member the multicast group. When the controller receives a multicast packet from the wired LAN, the controller encapsulates the packet using LWAPP and forwards the packet to the LWAPP multicast group address. The controller always uses the management interface for sending multicast packets. Access points in the multicast group receive the packet and forward it to all the BSSIDs mapped to the interface on which clients receive multicast traffic. From the access point perspective, the multicast appears to be a broadcast to all SSIDs.

When the source of the multicast is a wireless client, the multicast packet is unicast to the controller. In this case the controller makes two copies of the packet. One copy is the raw Ethernet packet that the controller sends out to the interface for the wireless LAN on which the client is associated, enabling the receivers on the wired LAN to receive the multicast traffic. The second copy of the packet is LWAPP-encapsulated and is sent to the multicast group. In this case the source of the multicast also receives the multicast packet, which helps the wireless client receive the multicast source.

Guidelines for Using Multicast Mode

Follow these guidelines when you enable multicast mode on your network:

The Cisco Unified Wireless Network solution uses some IP address ranges for specific purposes, and you should keep these ranges in mind when configuring a multicast group:

224.0.0.0 through 224.0.0.255—Reserved link local addresses

224.0.1.0 through 238.255.255.255—Globally scoped addresses

239.0.0.0 through 239.255.255.255—Limited scope addresses

When you enable multicast mode on the controller you also must configure an LWAPP multicast group address on the controller. Access points subscribe to the LWAPP multicast group using IGMP.

Cisco 1100, 1130, 1200, 1230, and 1240 access points use IGMP versions 1, 2, and 3. However, Cisco 1000 series access points use only IGMP v1 to join the multicast group.

Multicast mode works only in Layer 3 LWAPP mode.

Access points in monitor mode, sniffer mode, or rogue detector mode do not join the LWAPP multicast group address.

When using Multiple controllers on the network, make sure that the same multicast address is configured on all the controllers.

Multicast mode does not work across intersubnet mobility events such as guest tunneling, site-specific VLANs, or interface override using RADIUS. However, multicast mode does work in these subnet mobility events when you disable the Layer 2 IGMP snooping/CGMP features on the wired LAN.

The controller drops any multicast packets sent to the UDP port numbers 12222, 12223, and 12224. Make sure the multicast applications on your network do not use those port numbers.

Multicast traffic is transmitted at 6 Mbps in an 802.11a network. Therefore, if several WLANs attempt to transmit at 1.5 Mbps, packet loss occurs, which breaks the multicast session.

Enabling Multicast Mode

Multicasting is disabled by default. Use the commands in Table 4-2 to configure multicast mode on the controller CLI.

Table 4-2 CLI Commands for Configuring Multicast Mode

Command
Multicast Mode

config network multicast global
{enable | disable}

Enable or disable multicasting

config network multicast mode unicast

Configure the controller to use the unicast method to send multicast packets

config network multicast mode multicast multicast-group-ip-address

Configure the controller to use the multicast method to send multicast packets to an LWAPP multicast group.


You can also enable multicast mode on the Configure > Switch IP System General page on the WCS interface.

Configuring Client Roaming

The Cisco UWN Solution supports seamless client roaming across lightweight access points managed by the same controller, between controllers in the same mobility group on the same subnet, and across controllers in the same mobility group on different subnets.


Note In controller software release 4.0.206.0 and later, client roaming with multicast is supported.


Intra-Controller Roaming

Each controller supports same-controller client roaming across access points managed by the same controller. This roaming is transparent to the client as the session is sustained, and the client continues using the same DHCP-assigned or client-assigned IP address. The controller provides DHCP functionality with a relay function. Same-controller roaming is supported in single-controller deployments and in multiple-controller deployments.

Inter-Controller Roaming

Multiple-controller deployments support client roaming across access points managed by controllers in the same mobility group and on the same subnet. This roaming is also transparent to the client because the session is sustained and a tunnel between controllers allows the client to continue using the same DHCP- or client-assigned IP address as long as the session remains active. The tunnel is torn down, and the client must reauthenticate when the client sends a DHCP Discover with a 0.0.0.0 client IP address or a 169.254.*.* client auto-IP address or when the operator-set session timeout is exceeded.


Note Cisco 1030 remote edge lightweight access points at a remote location must be on the same subnet to support roaming.


Inter-Subnet Roaming

Multiple-controller deployments support client roaming across access points managed by controllers in the same mobility group on different subnets. This roaming is transparent to the client because the session is sustained and a tunnel between the controllers allows the client to continue using the same DHCP-assigned or client-assigned IP address as long as the session remains active. The tunnel is torn down, and the client must reauthenticate when the client sends a DHCP Discover with a 0.0.0.0 client IP address or a 169.254.*.* client auto-IP address or when the operator-set user timeout is exceeded.


Note Cisco 1030 remote edge lightweight access points at a remote location must be on the same subnet to support roaming.


Voice-over-IP Telephone Roaming

802.11 voice-over-IP (VoIP) telephones actively seek out associations with the strongest RF signal to ensure the best quality of service (QoS) and the maximum throughput. The minimum VoIP telephone requirement of 20-millisecond or shorter latency time for the roaming handover is easily met by the Cisco UWN Solution, which has an average handover latency of 9 or fewer milliseconds. This short latency period is controlled by controllers rather than allowing independent access points to negotiate roaming handovers.

The Cisco UWN Solution supports 802.11 VoIP telephone roaming across lightweight access points managed by controllers on different subnets, as long as the controllers are in the same mobility group. This roaming is transparent to the VoIP telephone because the session is sustained and a tunnel between controllers allows the VoIP telephone to continue using the same DHCP-assigned IP address as long as the session remains active. The tunnel is torn down, and the VoIP client must reauthenticate when the VoIP telephone sends a DHCP Discover with a 0.0.0.0 VoIP telephone IP address or a 169.254.*.* VoIP telephone auto-IP address or when the operator-set user timeout is exceeded.

CCX Layer 2 Client Roaming

Controller software release 4.0 supports five CCX Layer 2 client roaming enhancements:

Access point assisted roaming—This feature helps clients save scanning time. Whenever a CCXv2 client associates to an access point, it sends an information packet to the new access point listing the characteristics of its previous access point. The access point uses this information to build a list of previous access points, which it sends (via unicast) to clients immediately after association to reduce roaming time. The access point list contains the channels, BSSIDs of neighbor access points that support the client's current SSID(s), and time elapsed since disassociation.

Enhanced neighbor list—This feature focuses on improving a CCXv4 client's roam experience and network edge performance, especially when servicing voice applications. The access point provides its associated client information about its neighbors using a neighbor-list update unicast message.

Enhanced neighbor list request (E2E)—The End-2-End specification is a Cisco and Intel joint program that defines new protocols and interfaces to improve the overall voice and roaming experience. It applies only to Intel clients in a CCX environment. Specifically, it enables Intel clients to request a neighbor list at will. When this occurs, the access point forwards the request to the controller. The controller receives the request and replies with the current CCX roaming sublist of neighbors for the access point to which the client is associated.


Note To see whether a particular client supports E2E, click Wireless > Clients on the controller GUI, click the Detail link for the desired client, and look at the E2E Version field under Client Properties.


Roam reason report—This feature enables CCXV4 clients to report the reason why they roamed to a new access point. It also allows network administrators to build and monitor a roam history.

The 4.0 release of controller software supports CCX versions 1 through 4. CCX support is enabled automatically for every WLAN on the controller and cannot be disabled. The controller stores the CCX version of the client in its client database and uses it to generate and respond to CCX frames appropriately. Clients must support CCX v4 (or CCXv2 for access point assisted roaming) in order to utilize these roaming enhancements. See the "Configuring Quality of Service Profiles" section on page 6-19 for more information on CCX.

The roaming enhancements mentioned above are enabled automatically, with the appropriate CCX support. However, you can fine-tune client roaming behavior by configuring several RF parameters through either the GUI or the CLI.


Note AP1030s in REAP mode and hybrid-REAP access points in standalone mode do not support CCX Layer 2 roaming.


Using the GUI to Configure CCX Client Roaming Parameters

Follow these steps to configure CCX client roaming parameters using the GUI.


Step 1 Click Wireless and then click Client Roaming under either 802.11a or 802.11b/g. The 802.11a (or 802.11b) > Client Roaming page appears (see Figure 4-7).

Figure 4-7 802.11a > Client Roaming Page

Step 2 If you want to fine-tune the RF parameters that affect client roaming, choose Custom from the Mode drop-down box and go to Step 3. If you want to leave the RF parameters at their default values, choose Default and go to Step 8.

Step 3 In the Minimum RSSI field, enter a value for the minimum received signal strength indicator (RSSI) required for the client to associate to an access point. If the client's average received signal power dips below this threshold, reliable communication is usually impossible. Therefore, clients must already have found and roamed to another access point with a stronger signal before the minimum RSSI value is reached.

Range: -80 to -90 dBm

Default: -85 dBm

Step 4 In the Hysteresis field, enter a value to indicate how strong the signal strength of a neighboring access point must be in order for the client to roam to it. This parameter is intended to reduce the amount of "ping-ponging" between access points if the client is physically located on or near the border between two access points.

Range: 2 to 4 dB

Default: 2 dB

Step 5 In the Scan Threshold field, enter the RSSI value, from a client's associated access point, below which the client must be able to roam to a neighboring access point within the specified transition time. This parameter also provides a power-save method to minimize the time that the client spends in active or passive scanning. For example, the client can scan slowly when the RSSI is above the threshold and scan more rapidly when below the threshold.

Range: -70 to -72 dBm

Default: -72 dBm

Step 6 In the Transition Time field, enter the maximum time allowed for the client to detect a suitable neighboring access point to roam to and to complete the roam, whenever the RSSI from the client's associated access point is below the scan threshold.

The Scan Threshold and Transition Time parameters guarantee a minimum level of client roaming performance. Together with the highest expected client speed and roaming hysteresis, these parameters make it possible to design a wireless LAN network that supports roaming simply by ensuring a certain minimum overlap distance between access points.

Range: 1 to 10 seconds

Default: 5 seconds

Step 7 Click Apply to commit your changes.

Step 8 Click Save Configuration to save your changes.

Step 9 Repeat this procedure if you want to configure client roaming for another radio band (802.11a or 802.11b/g).


Using the CLI to Configure CCX Client Roaming Parameters

To configure CCX Layer 2 client roaming parameters, enter this command:

config {802.11a | 802.11bg} l2roam rf-params min-rssi rssi_value roam-hyst hyst_value scan-thres thres_value trans-time time_value


Note See the description, range, and default value of each RF parameter in the "Using the GUI to Configure CCX Client Roaming Parameters" section.


Use these commands to view information about CCX Layer 2 client roaming.

1. To view the current RF parameters configured for client roaming for the 802.11a or 802.11b/g network, enter this command:

show {802.11a | 802.11bg} l2roam rf-params

2. To view the CCX Layer 2 client roaming statistics for a particular access point, enter this command:

show {802.11a | 802.11bg} l2roam statistics ap_mac

This command provides the following information:

The number of roam reason reports received

The number of neighbor list requests received

The number of neighbor list reports sent

The number of broadcast neighbor updates sent

3. To view the roaming history for a particular client, enter this command:

show client roam-history client_mac

This command provides the following information:

The time when the report was received

The MAC address of the access point to which the client is currently associated

The MAC address of the access point to which the client was previously associated

The channel of the access point to which the client was previously associated

The SSID of the access point to which the client was previously associated

The time when the client disassociated from the previous access point

The reason for the client roam

To obtain debug information for CCX Layer 2 client roaming, enter this command:

debug l2roam {detail | error | packet | all} enable

Configuring Voice and Video Parameters

You can configure two parameters on the controller that affect voice and/or video quality:

Call admission control

Unscheduled automatic power save delivery

You can also configure the traffic stream metrics parameter to monitor voice and video quality.

Each of these parameters is supported in Cisco Compatible Extensions (CCX) v4. See the "Configuring Cisco Client Extensions" section on page 6-22 for more information on CCX.


Note CCX is not supported on the AP1030.


Call Admission Control

Call admission control (CAC) enables an access point to maintain controlled quality of service (QoS) when the wireless LAN is experiencing congestion. The Wi-Fi Multimedia (WMM) protocol deployed in CCX v3 ensures sufficient QoS as long as the wireless LAN is not congested. However, in order to maintain QoS under differing network loads, CAC in CCX v4 is required.

CAC enables the client to specify how much bandwidth or shared medium time would be required to accept a new call and in turn enables the access point to determine whether it is capable of accommodating this particular call. The access point rejects the call if necessary in order to maintain the maximum allowed number of calls with acceptable quality.

The QoS setting for a WLAN determines the level of CAC support. To use CAC with voice applications, the WLAN must be configured for Platinum QoS. To use CAC with video applications, the WLAN must be configured for Gold QoS. Also, make sure that WMM is enabled for the WLAN. See the "Configuring Quality of Service" section on page 6-17 for QoS and WMM configuration instructions.


Note You must enable admission control (ACM) for CCXv4 clients that have WMM enabled. Otherwise, CAC does not operate properly.


U-APSD

Unscheduled automatic power save delivery (U-APSD) is a QoS facility defined in IEEE 802.11e that extends the battery life of mobile clients. In addition to extending battery life, this feature reduces the latency of traffic flow delivered over the wireless media. Because U-APSD does not require the client to poll each individual packet buffered at the access point, it allows delivery of multiple downlink packets by sending a single uplink trigger packet. U-APSD is enabled automatically when WMM is enabled.

Traffic Stream Metrics

In a voice-over-wireless LAN (VoWLAN) deployment, four variables can affect audio quality: packet latency, packet jitter, packet loss, and roaming time. These variables are referred to as traffic stream metrics (TSM). An administrator can isolate poor voice quality issues by studying these variables.

The metrics consist of a collection of uplink (client side) and downlink (access point side) statistics between an access point and a client device that supports CCX v4. If the client is not CCX v4 compliant, only downlink statistics are captured. The client and access point measure these metrics. The access point also collects the measurements every 5 seconds, prepares 90-second reports, and then sends the reports to the controller. The controller organizes the uplink measurements on a client basis and the downlink measurements on an access point basis and maintains an hour's worth of historical data. To store this data, the controller requires 32 MB of additional memory for uplink metrics and 4.8 MB for downlink metrics.

TSM can be configured through either the GUI or the CLI on a per radio-band basis (for example, all 802.11a radios). The controller saves the configuration in flash memory so that it persists across reboots. After an access point receives the configuration from the controller, it enables TSM on the specified radio band.


Note Access points support TSM in both local and hybrid-REAP modes.


Using the GUI to Configure Voice Parameters

Follow these steps to configure voice parameters using the GUI.


Step 1 Make sure that the WLAN is configured for WMM and the Platinum QoS level.

Step 2 To disable the radio network, click Wireless and then Network under 802.11a or 802.11b/g, uncheck the 802.11a (or 802.11b/g) Network Status check box, and click Apply.

Step 3 Click Voice under 802.11a or 802.11b/g. The 802.11a (or 802.11b) > Voice Parameters page appears (see Figure 4-8).

Figure 4-8 802.11a > Voice Parameters Page

Step 4 To enable voice CAC for this radio band, check the Admission Control (ACM) check box. The default value is disabled.


Note For WMM clients that do not support traffic specifications (TSPEC), disable ACM to allow for proper QoS mapping.


Step 5 In the Max RF Bandwidth field, enter the percentage of the maximum bandwidth allocated to clients for voice applications on this radio band. Once the client reaches the value specified, the access point rejects new calls on this radio band.

Range: 40 to 85%

Default: 75%

Step 6 In the Reserved Roaming Bandwidth field, enter the percentage of maximum allocated bandwidth reserved for roaming voice clients. The controller reserves this much bandwidth from the maximum allocated bandwidth for roaming voice clients.

Range: 0 to 25%

Default: 6%

Step 7 To enable TSM, check the Metrics Collection check box.

Step 8 Click Apply to commit your changes.

Step 9 To enable the radio network, click Network under 802.11a or 802.11b/g, check the 802.11a (or 802.11b/g) Network Status check box, and click Apply.

Step 10 Click Save Configuration to save your changes.

Step 11 Repeat this procedure if you want to configure voice parameters for another radio band (802.11a or 802.11b/g).


Using the GUI to Configure Video Parameters

Follow these steps to configure video parameters using the GUI.


Step 1 Make sure that the WLAN is configured for WMM and the Gold QoS level.

Step 2 To disable the radio network, click Wireless and then Network under 802.11a or 802.11b/g, uncheck the 802.11a (or 802.11b/g) Network Status check box, and click Apply.

Step 3 Click Video under 802.11a or 802.11b/g. The 802.11a (or 802.11b) > Video Parameters page appears (see Figure 4-8).

Figure 4-9 802.11a > Video Parameters Page

Step 4 To enable video CAC for this radio band, check the Admission Control (ACM) check box. The default value is disabled.

Step 5 In the Max RF Bandwidth field, enter the percentage of the maximum bandwidth allocated to clients for video applications on this radio band. Once the client reaches the value specified, the access point rejects new requests on this radio band.

Range: 0 to 100% (However, the maximum RF bandwidth cannot exceed 100% for voice + video.)

Default: 0%


Note If this parameter is set to zero (0), the controller assumes that the operator does not want to do any bandwidth allocation and, therefore, allows all bandwidth requests.


Step 6 In the Reserved Roaming Bandwidth field, enter the percentage of maximum allocated bandwidth reserved for roaming video clients. The controller reserves this much bandwidth from the maximum allocated bandwidth for roaming video clients.

Range: 0 to 25%

Default: 0%

Step 7 Click Apply to commit your changes.

Step 8 To enable the radio network, click Network under 802.11a or 802.11b/g, check the 802.11a (or 802.11b/g) Network Status check box, and click Apply.

Step 9 Click Save Configuration to save your changes.

Step 10 Repeat this procedure if you want to configure video parameters for another radio band (802.11a or 802.11b/g).


Using the GUI to View Voice and Video Settings

Follow these steps to view voice and video settings using the GUI.


Step 1 Click Wireless > Clients to access the Clients page (see Figure 4-10).

Figure 4-10 Clients Page

Step 2 Click the Detail link for the desired client to access the Clients > Detail page (see Figure 4-11).

Figure 4-11 Clients > Detail Page

This page shows the U-APSD status for this client under Quality of Service Properties.

Step 3 Click Back to return to the Clients page.

Step 4 Follow these steps to see the TSM statistics for a particular client and the access point to which this client is associated:

a. Click the 802.11aTSM or 802.11b/gTSM link for the desired client. The Clients > AP page appears (see Figure 4-12).

Figure 4-12 Clients > AP Page

b. Click the Detail link for the desired access point to access the Clients > AP > Traffic Stream Metrics page (see Figure 4-13).

Figure 4-13 Clients > AP > Traffic Stream Metrics Page

This page shows the TSM statistics for this client and the access point to which it is associated. The statistics are shown in 90-second intervals. The timestamp field shows the specific interval when the statistics were collected.

Step 5 Follow these steps to see the TSM statistics for a particular access point and a particular client associated to this access point:

a. Click Wireless and then click 802.11a Radios or 802.11b/g Radios under Access Points. The 802.11a Radios or 802.11b/g Radios page appears (see Figure 4-14).

Figure 4-14 802.11a Radios Page

b. Click the 802.11aTSM or 802.11b/gTSM link for the desired access point. The AP > Clients page appears (see Figure 4-15).

Figure 4-15 AP > Clients Page

c. Click the Detail link for the desired client to access the AP > Clients > Traffic Stream Metrics page (see Figure 4-16).

Figure 4-16 AP > Clients > Traffic Stream Metrics Page

This page shows the TSM statistics for this access point and a client associated to it. The statistics are shown in 90-second intervals. The timestamp field shows the specific interval when the statistics were collected.


Using the CLI to Configure Voice Parameters

Follow these steps to configure voice parameters using the CLI.


Step 1 Make sure that the WLAN is configured for WMM and the QoS level is set to Platinum. See "Configuring Quality of Service" section on page 6-17 for instructions.

Step 2 To disable the radio network, enter this command:

config {802.11a | 802.11b} disable network

Step 3 To save your settings, enter this command:

save config

Step 4 To enable or disable voice CAC for the 802.11a or 802.11b/g network, enter this command:

config {802.11a | 802.11b} cac voice acm {enable | disable}

Step 5 To set the percentage of maximum bandwidth allocated to clients for voice applications on the 802.11a or 802.11b/g network, enter this command:

config {802.11a | 802.11b} cac voice max-bandwidth bandwidth

The bandwidth range is 40 to 85%, and the default value is 75%. Once the client reaches the value specified, the access point rejects new calls on this network.

Step 6 To set the percentage of maximum allocated bandwidth reserved for roaming voice clients, enter this command:

config {802.11a | 802.11b} cac voice roam-bandwidth bandwidth

The bandwidth range is 0 to 25%, and the default value is 6%. The controller reserves this much bandwidth from the maximum allocated bandwidth for roaming voice clients.

Step 7 To enable or disable TSM for the 802.11a or 802.11b/g network, enter this command:

config {802.11a | 802.11b} tsm {enable | disable}

Step 8 To enable the radio network, enter this command:

config {802.11a | 802.11b} enable network

Step 9 To save your settings, enter this command:

save config


Using the CLI to Configure Video Parameters

Follow these steps to configure video parameters using the CLI.


Step 1 Make sure that the WLAN is configured for WMM and the QoS level is set to Gold. See "Configuring Quality of Service" section on page 6-17 for instructions.

Step 2 To disable the radio network, enter this command:

config {802.11a | 802.11b} disable network

Step 3 To save your settings, enter this command:

save config

Step 4 To enable or disable video CAC for the 802.11 or 802.11b/g network, enter this command:

config {802.11a | 802.11b} cac video acm {enable | disable}

Step 5 To set the percentage of maximum bandwidth allocated to clients for video applications on the 802.11a or 802.11b/g network, enter this command:

config {802.11a | 802.11b} cac video max-bandwidth bandwidth

The bandwidth range is 0 to 100%, and the default value is 0%. However, the maximum RF bandwidth cannot exceed 100% for voice + video. Once the client reaches the value specified, the access point rejects new calls on this network.


Note If this parameter is set to zero (0), the controller assumes that the operator does not want to do any bandwidth allocation and, therefore, allows all bandwidth requests.


Step 6 To set the percentage of maximum allocated bandwidth reserved for roaming video clients, enter this command:

config {802.11a | 802.11b} cac video roam-bandwidth bandwidth

The bandwidth range is 0 to 25%, and the default value is 0%. The controller reserves this much bandwidth from the maximum allocated bandwidth for roaming video clients.

Step 7 To enable the radio network, enter this command:

config {802.11a | 802.11b} enable network

Step 8 To save your settings, enter this command:

save config


Using the CLI to View Voice and Video Settings

Use these commands to view voice and video settings using the CLI.

1. To see the CAC configuration for the 802.11a or 802.11b/g network, enter this command:

show {802.11a | show 802.11b}

2. To see the CAC statistics for a particular access point, enter this command:

show ap stats {802.11a | 802.11b} ap_name

Information similar to the following appears:

Call Admission Control (CAC) Stats
  Voice Bandwidth in use(% of config bw)......... 0
  Video Bandwidth in use(% of config bw)......... 0
  Total num of voice calls in progress........... 0
  Num of roaming voice calls in progress......... 0
  Total Num of voice calls since AP joined....... 0
  Total Num of roaming calls since AP joined..... 0
  Num of voice calls rejected since AP joined.... 0
  Num of roam calls rejected since AP joined..... 0
  Num of calls rejected due to insufficient bw.... 0
  Num of calls rejected due to invalid params.... 0
  Num of calls rejected due to PHY rate.......... 0
  Num of calls rejected due to QoS policy........ 0

3. To see the U-APSD status for a particular client, enter this command:

show client detail client_mac

4. To see the TSM statistics for a particular client and the access point to which this client is associated, enter this command:

show client tsm {802.11a | 802.11b} client_mac [ap_mac | all]

The optional all command shows all access points to which this client has associated. Information similar to the following appears:

AP Interface Mac:                   00:0b:85:01:02:03
Client Interface Mac:               00:01:02:03:04:05
Measurement Duration:               90 seconds

  Timestamp                           1st Jan 2006, 06:35:80 
    UpLink Stats
    ================
       Average Delay (5sec intervals)............................35
       Delay less than 10 ms.....................................20
       Delay bet 10 - 20 ms......................................20
       Delay bet 20 - 40 ms......................................20
       Delay greater than 40 ms..................................20
      Total packet Count.........................................80
      Total packet lost count (5sec).............................10
      Maximum Lost Packet count(5sec)............................5
      Average Lost Packet count(5secs)...........................2
    DownLink Stats
    ================
       Average Delay (5sec intervals)............................35
       Delay less than 10 ms.....................................20
       Delay bet 10 - 20 ms......................................20
       Delay bet 20 - 40 ms......................................20
       Delay greater than 40 ms..................................20
      Total packet Count.........................................80
      Total packet lost count (5sec).............................10
      Maximum Lost Packet count(5sec)............................5
      Average Lost Packet count(5secs)...........................2


Note The statistics are shown in 90-second intervals. The timestamp field shows the specific interval when the statistics were collected.


5. To see the TSM statistics for a particular access point and a particular client associated to this access point, enter this command:

show ap stats {802.11a | 802.11b} ap_name tsm [client_mac | all]

The optional all command shows all clients associated to this access point. Information similar to the following appears:

AP Interface Mac:                   00:0b:85:01:02:03
Client Interface Mac:               00:01:02:03:04:05
Measurement Duration:               90 seconds

  Timestamp                           1st Jan 2006, 06:35:80 
    UpLink Stats
    ================
       Average Delay (5sec intervals)............................35
       Delay less than 10 ms.....................................20
       Delay bet 10 - 20 ms......................................20
       Delay bet 20 - 40 ms......................................20
       Delay greater than 40 ms..................................20
      Total packet Count.........................................80
      Total packet lost count (5sec).............................10
      Maximum Lost Packet count(5sec)............................5
      Average Lost Packet count(5secs)...........................2
    DownLink Stats
    ================
       Average Delay (5sec intervals)............................35
       Delay less than 10 ms.....................................20
       Delay bet 10 - 20 ms......................................20
       Delay bet 20 - 40 ms......................................20
       Delay greater than 40 ms..................................20
      Total packet Count.........................................80
      Total packet lost count (5sec).............................10
      Maximum Lost Packet count(5sec)............................5
      Average Lost Packet count(5secs)...........................2


Note The statistics are shown in 90-second intervals. The timestamp field shows the specific interval when the statistics were collected.


Configuring the Supervisor 720 to Support the WiSM

When you install a WiSM in a Cisco Catalyst 6500 switch, you must configure the Supervisor 720 to support the WiSM. When the supervisor detects the WiSM, the supervisor creates 10 GigabitEthernet interfaces, ranging from Gigslot/1 to Gigslot/8. For example, if the WiSM is in slot 9, the supervisor creates interfaces Gig9/1 through Gig9/8. The first eight GigabitEthernet interfaces must be organized into two etherchannel bundles of four interfaces each. The remaining two GigabitEthernet interfaces are used as service-port interfaces, one for each controller on the WiSM. You must manually create VLANs to communicate with the ports on the WiSM.


Note The WiSM is also supported on Cisco 7600 Series Routers running only Cisco IOS Release 12.2(18)SXF5.


General WiSM Guidelines

Keep these general guidelines in mind when you add a WiSM to your network:

The switch ports leading to the controller service port are automatically configured and cannot be manually configured.

The switch ports leading to the controller data ports should be configured as edge ports to avoid sending unnecessary BPDUs.

The switch ports leading to the controller data ports should not be configured with any additional settings (such as port channel or SPAN destination) other than settings necessary for carrying data traffic to and from the controllers.

The WiSM controllers support Layer 3 LWAPP mode, but they do not support Layer 2 LWAPP mode.


Note Refer to Chapter 3 for information on configuring the WiSM's ports and interfaces.


Configuring the Supervisor

Log into the switch CLI and, beginning in Privileged Exec mode, follow these steps to configure the supervisor to support the WiSM:

Using the Wireless LAN Controller Network Module

Keep these guidelines in mind when using a wireless LAN controller network module (CNM) installed in a Cisco Integrated Services Router:

The controller network module does not support IPSec. To use IPSec with the CNM, configure IPSec on the router in which the CNM is installed. Click this link to browse to IPSec configuration instructions for routers:

http://www.cisco.com/en/US/tech/tk583/tk372/tech_configuration_guides_list.html

The controller network module does not have a battery and cannot save a time setting. It must receive a time setting from an NTP server when it powers up. When you install the module the configuration wizard prompts you for NTP server information.

To access the CNM bootloader, Cisco recommends that you reset the CNM from the router. If you reset the CNM from a CNM user interface the router might reset the CNM while you are using the bootloader.

When you reset the CNM from a CNM interface you have 17 minutes to use the bootloader before the router automatically resets the CNM. The CNM bootloader does not run the Router Blade Configuration Protocol (RBCP), so the RBCP heartbeat running on the router times out after 17 minutes, triggering a reset of the CNM.

If you reset the CNM from the router, the router stops the RBCP heartbeat exchange and does not restart it until the CNM boots up. To reset the CNM from the router, enter this command on the router CLI:

service-module wlan-controller 1/0 reset