With the introduction of wireless communication, Cisco Cius can
provide voice and video communication within the corporate WLAN. Cisco Cius
depends on and interacts with wireless access points (APs) and key Cisco IP
telephony components, including Cisco Unified Communications Manager, to
provide wireless voice communication. Cisco APs can run in standalone or
unified mode. Unified mode requires the Cisco Unified Wireless LAN Controller.
Cisco Cius exhibits Wi-Fi capabilities that can use 802.11a,
802.11b, 802.11g, and 802.11n Wi-Fi.
The following illustration shows a typical WLAN topology that
enables the wireless transmission of voice for wireless IP telephony.
Figure 1. WLAN with
Cisco Cius powers up, it
attempts to associate with remembered networks if it is in range of those
networks. If remembered networks are not within range, you can select a
broadcasted network or manually add a network. For more information, see
Configuring Wireless LAN.
The AP uses its connection to the wired network to transmit
data and voice packets to and from the switches and routers. Voice signaling is
transmitted to the
Cisco Unified Communications Manager server for call processing and routing.
APs are critical components in a WLAN because they provide the
wireless links or hot spots to the network. Cisco requires that APs supporting
voice communications use Cisco IOS Release 12.4(21a)JY. For more information
about APs, see the
Cisco Cius Wireless LAN Deployment Guide.
Each AP has a wired connection to an Ethernet switch, such as a
Cisco 3750 Series, that is configured on a LAN. The switch provides access to
gateways and the Cisco Unified Communications Manager server to support
wireless IP telephony.
Some networks have wired components that support wireless
components. The wired components can comprise switches, routers, and bridges
with special modules to enable wireless capability.
Wireless LANs must follow the Institute of Electrical and
Electronics Engineers (IEEE) 802.11 standards that define the protocols that
govern all Ethernet-based wireless traffic.
Cisco Cius supports the
802.11a - Uses the 5 GHz band that provides more channels and
improved data rates by using Orthogonal Frequency Division Multiplexing (OFDM)
technology. Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC)
support this standard.
802.11b - Specifies the radio frequency (RF) of 2.4 GHz for both
transmitting and receiving data at lower data rates (1,2,5.5, 11 Mbps).
802.11d - Enables access points to advertise their currently
supported radio channels and transmit power levels. The 802.11d-enabled client
then uses that information to determine which channels and power levels to use.
Cisco Cius requires World
Mode (802.11d) to determine which channels are legally allowed for any given
country. For supported channels, see Table 1. Make sure that 802.11d is
properly configured on the Cisco IOS Access Points or Cisco Unified Wireless
LAN Controller. For more information, see the
World Mode (802.11.d) and theCisco Cius Wireless LAN Deployment Guide.
802.11e - Defines a set of Quality of Service (QoS) enhancements
for Wireless LAN applications.
802.11g - Uses the same unlicensed 2.4 GHz band as 802.11b, but
extends the data rates to provide greater performance by using OFDM technology.
OFDM is a physical-layer encoding technology for transmitting signals by using
802.11h - Provides DFS and TPC to the 802.11a Media Access Control
802.11i - Specifies security mechanisms for wireless networks.
802.11n - Uses the radio frequency of 2.4 GHz or 5 GHz for both
transmitting and receiving data, and enhances data transfer through the use of
multiple input, multiple output (MIMO) technology, channel bonding, and payload
Cisco Cius has a single
antenna and uses the Single Input Single Output (SISO) system, which supports
MCS 0 to MCS 7 data rates only (72 Mbps with 20 MHz channels and 150 Mbps
40 MHz channels). MCS 8 to MCS 15 can optionally be enabled if there are
802.11n clients utilizing MIMO technology which can take advantage of those
higher data rates.
The following table lists the supported channels for Cisco
Table 1 Supported Channels for
2.412 - 2.472 GHz
1 - 13
5.180 - 5.240 GHz
36, 40, 44, 48
5.260 - 5.320 GHz
52, 56, 60, 64
5. 500 - 5.700 GHz
100 - 140
5.745 - 5.825 GHz
149, 153, 157, 161, 165
802.11j (channels 34, 38, 42, 46) are not supported.
World Mode (802.11.d)
List of Countries and their 802.11d codes
Cisco Cius uses 802.11d to determine which channels and
transmit power levels to use and inherits its client configuration from the
associated AP. Enable World Mode (802.11d) on the AP to use Cisco Cius in World
The following table lists countries and their 802.11d codes
that Cisco Cius supports. For more information, see the
Cisco Cius Wireless LAN Deployment Guide.
List of Countries and 802.11d Codes
Puerto Rico (PR)
Russian Federation (RU)
Saudi Arabia (SA)
Korea (KR / KP)
Costa Rica (CR)
South Africa (ZA)
Czech Republic (CZ)
New Zealand (NZ)
United Arab Emirates (AE)
United Kingdom (GB)
Hong Kong (HK)
United States (US)
For the Cisco Unified Wireless LAN Controller, World Mode is
enabled automatically when a country code is entered. See the
802.11d section in
Cisco Cius Wireless LAN Deployment Guide
for the proper country code. For Cisco Autonomous Access Points, World Mode
must be enabled manually. Use the following commands:
Interface dot11radio X
world-mode dot11d countryUS both
For 2.4 GHz radio, enter
0 for X in the
field. For 5 GHz radio, enter
1 for X.
WLAN communications use the following radio frequency
2.4 GHz - Many devices that use 2.4 GHz can potentially interfere
with the 802.11b/g connection. An interferer can produce a Denial of Service
(DoS) scenario, possibly preventing successful 802.11 transmissions.
5 GHz - The 5 GHz frequency provides more channels and has less
interferers than the 2.4 GHz frequency. It is divided into several sections
called Unlicensed National Information Infrastructure (UNII) bands, each with
four channels. The channels are spaced at 20 MHz.
802.11 Data Rates Transmit Power Ranges and Decibel Tolerances
Radio Characteristics section in the
Cisco Cius Wireless LAN Deployment Guide
for Transmit (Tx) power capacities, data rates, ranges in feet and meters, and
decibels tolerated by the receiver by 801.11 standard.
Wireless Modulation Technologies
Wireless communications use the following modulation
technologies for signaling:
Direct-Sequence Spread Spectrum (DSSS) - Prevents interference by
spreading the signal over the frequency range or bandwidth. DSSS technology
multiplexes chunks of data over several frequencies so that multiple devices
can communicate without interference. Each device has a special code that
identifies its data packets and all others are ignored. Cisco wireless
802.11b/g products use DSSS technology to support multiple devices on the WLAN.
Orthogonal Frequency Division Multiplexing (OFDM) - Transmits
signals by using RF. OFDM is a physical-layer encoding technology that breaks
one high-speed data carrier into several lower-speed carriers to transmit in
parallel across the RF spectrum. OFDM, when used with 802.11g and 802.11a, can
support data rates as high as 54 Mbps.
The following table provides a comparison of data rates,
number of channels, and modulation technologies by IEEE standard.
Table 2 Data Rates, Number of Channels, and Modulation Technologies by
1, 2, 5.5, 11 Mbps
6, 9, 12, 18, 24, 36, 48, 54 Mbps
6, 9, 12, 18, 24, 36, 48, 54 Mbps
20 MHz Channels: 7
- 72 Mbps
40 MHz Channels:
15 - 150 Mbps
13 or 24
AP Channel and Domain Relationships
APs transmit and receive RF signals over channels within the
2.4 GHz or 5 GHz frequency band. To provide a stable wireless environment and
reduce channel interference, you must specify nonoverlapping channels for each
AP. The recommended channels for 802.11b and 802.11g in North America are 1, 6,
In a noncontroller-based wireless network, Cisco recommends that you
statically configure channels for each AP. Some channels may need to be
statically configured if there is an intermittent interferer to avoid
disruptions in that area. If your wireless network uses a controller, use the
Auto-RF feature with minimal voice disruption.
Bluetooth enables low-bandwidth wireless connections within a
range of 30 feet (10 meters). The best performance is in the 3-to 6-foot (1- to
2-meter) range. Bluetooth wireless technology operates in the 2.4 GHz band
which is the same as the 802.11b/g/n band. There can be a potential
interference issues with Bluetooth devices, microwave ovens, cordless phones,
and large metal objects; therefore, Cisco recommends that you use 802.11a or
802.11.n that operates in the 5 GHz band.
Cisco Cius uses the
same APs as wireless data devices. However, voice traffic over a WLAN requires
different equipment configurations and layouts than a WLAN that is used
exclusively for data traffic. Data transmission can tolerate a higher level of
RF noise, packet loss, and channel contention than voice transmission. Packet
loss during voice transmission can cause choppy or broken audio and make the
phone call inaudible. Packet errors can also cause blocky or frozen video.
Cisco Cius users move from
location to location, RF coverage needs to include stairwells, elevators, quiet
corners, outside conference rooms, and passageways. To ensure good voice
quality and optimal RF signal coverage, you must perform a site survey. The
site survey determines what AP platform, antenna type, AP placement, Tx power
levels, channel, and data rates are best for this environment. Ensure that all
required areas are surveyed so adequate coverage is provided.
After deploying and using wireless voice, continue to perform
postinstallation site surveys. When you add a group of new users, install more
equipment, or stack large amounts of inventory, you are changing the wireless
environment. A postinstallation survey verifies that the AP coverage is still
adequate for optimal voice communications.
Packet loss can occur during roaming; however, the security mode and
the presence of fast roaming depicts how much packet loss occurs during
transmission. Cisco recommends implementing Cisco Centralized Key Management
(CCKM) to enable fast roaming.
Cisco Cius scans the channels
for remembered profiles.
Cisco Cius performs active scans
(for remembered profiles) and passive scans (for broadcasted WLANs).
Cisco Cius uses the Received
Signal Strength Indicator (RSSI) variable to determine the best AP. RSSI
measures the signal strength of available APs within the RF coverage area.
Cisco Cius attempts
authentication to a frequency band based on the 802.11 mode configuration for
the discovered WLAN:
Cisco Cius connects to the
AP with the highest RSSI value
5 GHz -
Cisco Cius associates with 5
2.4 GHz -
Cisco Cius associates with
Cisco Cius associates
with the AP with the highest RSSI that has matching SSID and encryption types.
To ensure that voice traffic is handled properly, you must configure the
correct QoS in the AP.
Voice and video traffic on the Wireless LAN, like data
traffic, is susceptible to delay, jitter, and packet loss. These issues do not
impact the data user, but have serious implications for a voice call. To ensure
that voice traffic receives timely and reliable treatment with low delay and
low jitter, you must implement QoS and use separate virtual LANs (VLANs) for
voice/video and data. By isolating the voice and video traffic onto a separate
VLAN, you can use QoS to provide priority treatment for voice and video packets
when they travel across the network. Also, use a separate VLAN for data
traffic, not the default native VLAN, which is typically used for all network
Cisco recommends the following VLANs on the network switches
and the APs that support voice and video connections on the WLAN:
Voice/Video VLAN - Voice traffic to and from
Data VLAN - Data traffic to and from other wireless devices
Native VLAN - AP management
Assign separate SSIDs to the voice/video and to the data
VLANs. If you configure a separate management VLAN in the WLAN, do not
associate an SSID with the management VLAN.
Cisco Cius devices into a voice
VLAN and marking voice packets with higher QoS, you can ensure that voice
traffic gets priority treatment over data traffic, resulting in lower packet
delay and fewer lost packets.
Unlike wired networks with dedicated bandwidths, traffic
direction is important for wireless LANs when implementing QoS. Traffic is
classified as upstream or downstream from the AP as shown in the following
Figure 2. Voice traffic in a wireless network
Beginning with Cisco IOS release 12.2(11)JA, Cisco Aironet APs
support the contention-based channel access mechanism called Enhanced
Distributed Coordination Function (EDCF). The EDCF type of QoS has up to eight
queues for downstream (toward the 802.11b/g clients) QoS. You can allocate the
queues based on these options:
Differentiated Services Code Point (DSCP) settings for the packets
Layer 2 or Layer 3 access lists
VLANs for specific traffic
Dynamic registration of devices
Although you can have up to eight queues on the AP, Cisco
recommends that you use only two queues for voice traffic to ensure the best
possible voice QoS. Place voice (RTP) and signaling (SIP) traffic in the
highest-priority queue, and place data traffic in a best-effort queue. Although
802.11b/g EDCF does not guarantee that voice traffic is protected from data
traffic, you get the best statistical results by using this queuing model. The
Best Effort (BE) - 0, 3
Background (BK) - 1, 2
Video (VI) - 4, 5
Voice (VO) - 6, 7
Call Control (SIP) is sent as UP4 (VI). Video is sent as UP5 (VI) when
Admission Control Mandatory (ACM) is disabled for video (Traffic Specification
[TSpec] disabled). Voice is sent as UP6 (VO) when ACM is disabled for voice
The following table provides a QoS profile on the AP giving
priority to voice, video, and call control (SIP) traffic.
Table 3 QoS Profile and Interface Settings
To improve reliability of voice transmissions,
Cisco Cius supports the IEEE
802.11e industry standard and is Wi-Fi Multimedia (WMM) capable. WMM enables
differentiated services for voice, video, best-effort data, and other traffic.
However, in order for these differentiated services to provide sufficient QoS
for voice packets, only a certain amount of voice bandwidth can be serviced or
admitted on a channel at one time. If the network can handle N voice calls with
reserved bandwidth, when the amount of voice traffic is increased beyond this
limit (to N+1 calls), the quality of all calls suffers.
To help address the problems of VoIP stability and roaming, an
initial Call Admission Control (CAC) scheme is required. With SIP CAC enabled
on the WLAN, QoS is maintained in a network overload scenario by ensuring that
the number of active voice calls does not exceed the configured limits on the
AP. During times of network congestion, the system maintains a small bandwidth
reserve so wireless phone clients can roam into a neighboring AP, even when the
AP is at
"full capacity." After reaching the voice bandwidth limit, the next
call is load-balanced to a neighboring AP without affecting the quality of the
existing calls on the channel.
Implementing QoS in the connected Ethernet switch is highly
desirable to maintain good voice quality. The Class of Service (COS) and DSCP
Cisco Cius sets do not need to be
The DSCP, COS and WMM UP markings correctly display for the optimum
transmission of video frames.
Cisco Cius does not support
Voice and Video CAC; Cisco recommends that you implement SOP CAC.
Interacting with Cisco Unified Communications Manager
Cisco Unified Communications Manager is the call control component in the network
that handles and routes calls for the wireless IP phones, including
Cisco Unified Communications Manager manages the components of the IP telephony system -
Cisco Cius devices, access
gateways, and the resources - for such features as call conferencing and route
planning. When deploying
Cisco Cius on a wireless LAN,
you must use
Cisco Unified Communications Manager Release 8.5 or later and the SIP protocol.
You can find more information about configuring
Cisco Unified Communications Manager to work with
Cisco Cius and IP devices in the
Cisco Unified Communications Manager Administration Guide,
Cisco Unified Communications Manager System Guide, and
Cisco Cius Wireless LAN Deployment Guide.
Security for Voice Communications in WLANs
Because all WLAN devices that are within range can receive all
other WLAN traffic, securing voice communications is critical in WLANs. To
ensure that voice traffic is not manipulated or intercepted by intruders,
Cisco Cius and Cisco Aironet APs
are supported in the Cisco SAFE Security architecture. For more information
about security in networks, See
Cisco Secure Access Control Server Certificate Setup
Cisco Secure Access Control Server (ACS) is an authentication server that uses EAP-TLS and PEAP authentication protocols and digital certification to ensure the protection and validity of authentication information. For each EAP authentication method, certificate(s) must be installed and correctly configured.
ACS Certificates are configured in the ACS Certificate Setup page below.
The server certificate installation must adhere to the following guidelines:
Installation is performed using the Install ACS Certificate configuration page.
The certificate usually contains two files: server.pem and server_privatekey.crt with a private key password.
The root certificate authority (CA) must be configured using the ACS Certification Authority Setup configuration page.
The root CA must be a trusted CA in the Edit Certificate Trust List configuration page.
If the server certificate is created using an intermediate CA, the root CA must be configured for every CA in the chain between the root CA and the server certificate. This also applies to a user certificate created using an intermediate CA. The following are examples of using intermediate CAs:
Wi-Fi-Root-CA is the root CA.
Wi-Fi-Intermediate-CA-srv is the intermediate CA (signed by Wi-Fi-Root-CA) that signed the server certificate to be installed on ACS.
Wi-Fi-Intermediate-CA-sta is the CA certificate that signed the user certificate to be installed on the client (Cius).
In addition to the certificate setup, a user account that matches the common name of the user certificate must be created.
All the CA certificates in the certificate chain need to be installed and trusted as shown below.
Figure 3. Installed and Trusted CA Certificates
PEAP-GTC and PEAP-MSCHAPV2 Setup
All CA certificates in the certificate chain need to be installed and trusted. A user account must be created , which can have the same user ID as in the AD.
An example of EAP-TLS, PEAP-GTC and PEAP-MSCHAPV2 setup in System Configuration -> Global Authentication Setup is shown below.
To ensure that voice traffic is secure,
Cisco Cius supports the
following encryption methods:
AES (Advanced Encryption Scheme)
TKIP/MIC (Temporal Key Integral Protocol/Message Integrity Check)
WEP (Wired Equivalent Protocol) 40/64 and 104/128 bit
Voice over the Wireless LAN (VoWLAN) via Outdoor MESH technology
(Cisco 1500 Series) is not supported.
Third-party access points are not fully supported or certified
because no testing is performed to guarantee interoperability. However, if the
access point is Wi-Fi compliant, basic interoperability should be available.
Some features, such as CCX, and other key features, such as WMM, Unscheduled
Auto Power Save Delivery (U-APSD), Dynamic Transmit Power Control (DTPC), proxy
ARP, 802.11d, 802.11e, 802.11i, 802.11h, and CCKM may not be available.
Ensure that the Wi-Fi coverage in the location where the
wireless is deployed is suitable for transmitting video and voice packets. See
Cisco Cius Wireless LAN Deployment Guide,
which includes the following configuration sections:
Configuring Cisco Unified Communications Manager
Configuring the Cisco Wireless LAN Controller and Access
Configuring Cisco Cius
Cisco Cius can connect to the
WLAN, you must configure the network profile for
Cisco Cius with the appropriate
WLAN settings. You can use the Network Setup menu on
Cisco Cius to access the WLAN
Setup submenu and set up the WLAN configuration. For instructions, see the
Wireless and Network Settings Menu.