-
Cisco Wireless LAN Controller Configuration Guide, Release 5.2
-
Preface
-
Chapter 1 - Overview
-
Chapter 2 - Using the Web-Browser and CLI Interfaces
-
Chapter 3 - Configuring Ports and Interfaces
-
Chapter 4 - Configuring Controller Settings
-
Chapter 5 - Configuring Security Solutions
-
Chapter 6 - Configuring WLANs
-
Chapter 7 - Controlling Lightweight Access Points
-
Chapter 8 - Controlling Mesh Access Points
-
Chapter 9 - Managing Controller Software and Configurations
-
Chapter 10 - Managing User Accounts
-
Chapter 11 - Configuring Radio Resource Management
-
Chapter 12 - Configuring Mobility Groups
-
Chapter 13 - Configuring Hybrid REAP
-
Appendix A - Safety Considerations and Translated Safety Warnings
-
Appendix B - Declarations of Conformity and Regulatory Information
-
Appendix C - End User License and Warranty
-
Appendix D - Troubleshooting
-
Appendix E - Logical Connectivity Diagrams
-
Index
-
Feedback
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -
Index
Numerics
11n Mode parameter 4-18
1250 series access points
and PoE Status field 7-73
operating modes when using PoE 7-71
transmit power settings when using PoE 7-72
3DES IPSec data encryption 5-9
7920 AP CAC parameter 6-37
7920 Client CAC parameter 6-37
7920 support mode
configuring 6-34
described 6-34
7921 support mode 6-36
802.11a (or 802.11b) > Client Roaming page 4-42
802.11a (or 802.11b) > Video Parameters page 4-56
802.11a (or 802.11b) > Voice Parameters page 4-54
802.11a (or 802.11b/g) > EDCA Parameters page 4-67
802.11a (or 802.11b/g) Global Parameters > Auto RF page 11-8
802.11a (or 802.11b/g) Global Parameters page 4-14, 11-38
802.11a (or 802.11b/g) Network Status parameter 4-14
802.11a/n (4.9 GHz) > Configure page 8-53
802.11a/n (or 802.11b/g/n) Cisco APs > Configure page 11-28
802.11a/n (or 802.11b/g/n) Radios page 4-60, 11-27
802.11a > Pico Cell page 11-43
802.11a > Pico Cell page with pico cell mode V2 parameters 11-44
802.11a > RRM > Coverage page 11-17
802.11a > RRM > DCA page 11-13
802.11a > RRM > Dynamic Channel Assignment (DCA) page 11-13
802.11a > RRM > General page 11-19
802.11a > RRM > Tx Power Control (TPC) page 11-10
802.11b/g/n Cisco APs > Configure page 7-61, D-41
802.11 bands
configuring using the CLI4-15to 4-17
configuring using the GUI4-14to 4-15
802.11g Support parameter 4-14
802.11n
clients 7-76
configuring
devices 4-17
802.11n (2.4 GHz) High Throughput page 4-18
802.1Q VLAN trunk port 3-5
802.1X
configuring 6-22
described 6-23
dynamic key settings 6-22
802.1X+CCKM
configuring 6-25
described 6-24
802.1X authentication for access points
configuring
the switch 7-15
described 7-10
802.1x Authentication parameter 7-11
802.3 bridging
configuring using the CLI 4-33
configuring using the GUI4-32to 4-33
802.3 Bridging parameter 4-33
802.3 frames 4-32
802.3X flow control, enabling 4-31
A
AAA override
configuring
using the CLI 5-80
described 5-78
AC adapter warning for Japan B-7
Access Control List Name parameter 5-56
access control lists (ACLs)
applying to an interface
using the CLI 5-65
applying to a WLAN
using the CLI 5-65
applying to the controller CPU
using the CLI 5-65
configuring
counters
configuring using the CLI 5-63
configuring using the GUI 5-55
described 5-54
identity networking 5-75
using with the debug facilityD-35to D-36
Access Control Lists > Edit page 5-58
Access Control Lists > New page 5-55
Access Control Lists > Rules > New page 5-56
Access Control Lists page 5-55
Access Mode parameter 4-26, 4-28
access point core dumps, uploading
using the CLI 7-33
using the GUI 7-32
access point event logs, viewing D-13
access point groups
assigning access points to
creating
default group 6-46
described 6-44
illustrated 6-45
number supported 6-46
removing
using the CLI 6-49
using the GUI 6-47
access point manager interface, configuring using the configuration wizard 4-5
access point monitor service, debugging D-44
access points
20-MHz channelization 11-28
40-MHz channelization 11-28
adding MAC address to controller filter list
assisted roaming 4-41
authorization list 7-24
authorizing
using MICs 7-19
using SSCs 7-19
using the CLI 7-24
using the GUI 7-23
configuring hybrid REAP using the CLI 13-14
converting to mesh access points 8-49
embedded 7-15
guidelines for operating in Japan B-6, B-7
LEDs
configuring 7-75
interpreting D-2
migrating from the -J regulatory domain to the -U regulatory domain7-56to ??
number supported per controller 3-4
priming 7-3
regulatory informationB-2to B-10
rules for operating in TaiwanB-8to B-9
supported for use with hybrid REAP 13-2
supporting oversized images7-34to 7-35
troubleshooting
using Telnet or SSH D-43
VCI strings 7-25
verifying that they join the controller 7-4
viewing multicast client table 4-39
Accounting Server parameters 6-57
accounting servers, disabling per WLAN 6-56
ACL. See access control lists (ACLs)
ACS server configuration page 6-54
Action parameter 5-58
active exploits 5-124
Add AAA Client page (on CiscoSecure ACS) 5-5, 5-20
Add AP button 13-18
Add New Rule button 5-56
Add Web Server button 10-17
AdHoc Rogue AP parameter 5-85
administrator access 4-23
administrator usernames and passwords, configuring 4-23
Admin Status parameter 3-21
Admission Control (ACM) parameter 4-55, 4-56
AES CBS IPSec data encryption 5-9
AES-CCMP 6-23
AES parameter 6-25
Aggregated MAC Protocol Data Unit (A-MPDU) 4-20
Aggregated MAC Service Data Unit (A-MSDU) 4-20
aggregation method, specifying 4-20
AirMagnet Enterprise Analyzer D-40
Aironet IE parameter 6-27, 6-42
Aironet IEs
configuring using the CLI 6-44
configuring using the GUI 6-42
Airopeek D-40
Alarm Trigger Threshold parameter 11-36
All APs > Access Point Name > Link Details > Neighbor Name page 8-47
All APs > Access Point Name > Mesh Neighbor Stats page 8-47
All APs > Access Point Name > Neighbor Info page 8-46
All APs > Access Point Name > Statistics page 8-41
All APs > Access Point Name > VLAN Mappings page 13-13
All APs > Details (Advanced) page
configuring CDP 4-73
All APs > Details for (Advanced) page 7-32
configuring country codes 7-52
configuring link latency 7-69
configuring PoE 7-72
All APs > Details for (Credentials) page 7-8, 7-12
All APs > Details for (General) page 13-12
All APs > Details for (High Availability) page 7-44, 7-48
All APs > Details for (H-REAP) page 13-12
All APs > Details for (Inventory) page 7-65
All APs > Details for page D-41
All APs > Details page 8-28, 11-35
All APs page 8-40, 11-35, 13-12
Allow AAA Override parameter 5-80
anchor controller in inter-subnet roaming 12-4
AnchorTime parameter 11-14
anonymous local authentication bind method 5-34, 5-37
Anonymous Provision parameter 5-44
Antenna Gain parameter 11-29
Antenna parameter 11-29
Antenna Type parameter 11-29
AP > Clients > Traffic Stream Metrics page 4-61
AP > Clients page 4-61
AP801 access point
described 7-15
using with a controller 7-15
AP Authentication Policy page 5-68, 11-36
AP Core Dump parameter 7-32
AP Ethernet MAC Addresses parameter 7-21
AP Failover Priority parameter 7-48
AP Group Name parameter 6-47
AP Groups > Edit (APs) page 6-48
AP Groups > Edit (General) page 6-47
AP Groups > Edit (WLANs) page 6-48, 6-63
AP-manager interface
configuring
using the CLI 3-14
creating multiple interfaces3-39to 3-40
described 3-6
illustration
of four AP-manager interfaces 3-39
of three AP-manager interfaces 3-38
of two AP-manager interfaces 3-37
AP Mode parameter 11-36, 13-12, D-41
AP Name parameter 6-49
AP Policies page 7-23
AP Primary Discovery Timeout parameter 7-43
ASLEAP detection 5-124
Assignment Method parameter 11-28, 11-30
asymmetric tunneling
described 12-26
illustrated 12-26
authenticated local authentication bind method 5-34, 5-37
Authentication Priority parameter 5-11, 5-25
Authentication Protocol parameter 4-28
Auth Key Mgmt parameter 6-25
Authority ID Information parameter 5-44, 13-21, 13-22
Authority ID parameter 5-44, 13-21
Authorize LSC APs against auth-list parameter 7-23
Authorize MIC APs against auth-list or AAA parameter 7-23
authorizing access points
using the CLI 7-24
using the GUI 7-23
auto-anchor mobility
configuring
guidelines 12-21
AutoInstall
example operation 4-9
obtaining
DHCP addresses for interfaces 4-7
TFTP server information 4-7
overview 4-6
selecting configuration file 4-8
using 4-6
auto RF, configuring using the configuration wizard 4-6
Average Data Rate parameter 4-46, 4-49
Average Real-Time Rate parameter 4-46, 4-50
Avoid Cisco AP Load parameter 11-14
Avoid Foreign AP Interference parameter 11-14, 12-18
Avoid Non-802.11a (802.11b) Noise parameter 11-14
B
Backhaul Client Access parameter 8-17, 8-53
backup controllers
configuring
described 7-42
Back-up Primary Controller IP Address parameter 7-44
Back-up Primary Controller Name field 7-44
Back-up Secondary Controller IP Address parameter 7-44
Back-up Secondary Controller Name parameter 7-44
bandwidth-based CAC
described 4-52
enabling
using the CLI 4-62
using the GUI 4-55
for mesh networks 8-33
Base MAC Address parameter 3-27
Beacon Period parameter 4-14
Bind Password parameter 5-34
Bind Username parameter 5-34
bootup script for configuration wizard 4-4
Bridge Data Rate parameter 8-30
bridge protocol data units (BPDUs) 3-24
bridging parameters
configuring using the CLI 8-32
configuring using the GUI8-28to 8-30
browsers supported 2-2
Buffered Log Level parameter D-8
Burst Data Rate parameter 4-46, 4-50
Burst Real-Time Rate parameter 4-46, 4-50
C
CAC
configuring for 7920 phones 6-34
described 4-52
enabling
using the CLI 4-63
using the GUI 4-56
in mesh networks 8-33
viewing in mesh networks8-36to 8-38
viewing using the CLI 4-64
Canadian compliance statement B-3
CA Server URL parameter 7-20
Catalyst 3750G Integrated Wireless LAN Controller Switch
described 1-10
logical connectivity diagram and associated software commandsE-4to E-5
CCA Sensitivity Threshold parameter 11-45
CCKM
configuring 6-25
described 6-23
hybrid-REAP groups 13-16
with mobility 12-7
CCX
configuring Aironet IEs
using the CLI 6-44
using the GUI 6-42
described 6-41
link test 7-65
viewing a client's version
using the CLI 6-44
CCX Layer 2 client roaming
configuring
using the CLI 4-43
debugging using the CLI 4-44
described 4-41
obtaining information using the CLI 4-43
CCX radio management
configuring
using the CLI 11-40
debugging using the CLI 11-42
features 11-37
hybrid-REAP considerations 11-37
obtaining information using the CLI11-40to 11-41
CCXv5 clients
enabling location presence 4-87
CCXv5 Req button D-26
CCX Version parameter 6-43
CDP > AP Neighbors > Detail page 4-76
CDP > AP Neighbors page 4-75
CDP > Global Configuration page 4-72
CDP > Interface Neighbors > Detail page 4-74
CDP > Interface Neighbors page 4-74
CDP > Traffic Metrics page 4-76
CDP Advertisement Version parameter 4-72
CDP AP Neighbors page 4-75
CDP Protocol Status parameter 4-72
CDP State parameter 4-73
Certificate Authority (CA) certificates
downloading
using the GUI 9-16
overview 9-16
using with local EAP 5-40, 5-45
Certificate Issuer parameter 5-43
Certificate Password parameter 9-14
Certificate Type parameter 7-24
Change Rules Priority parameter 5-90
Channel Assignment Leader parameter 11-15
Channel Assignment Method parameter 11-14
channel bonding in the 5-GHz band 11-29
channels
statically assigning using the CLI 11-31
statically assigning using the GUI11-27to 11-31
Channel Scan Duration parameter 11-20
Channel Width parameter 11-15, 11-28
Check Against CA Certificates parameter 5-43
Check Certificate Date Validity parameter 5-43
chokepoints for RFID tag tracking 4-80
CIDS Sensor Add page 5-103
CIDS Sensors List page 5-103
CIDS Shun List page 5-106
ciphers
described 6-24
Cisco 2100 Series Wireless LAN Controllers
AutoInstall interfaces 4-7
described 1-8
FCC statement B-10
features not supported 1-8
network connections 1-16
Cisco 28/37/38xx Integrated Services Router
described 1-10
logical connectivity diagram and associated software commands E-3
versions 1-10
Cisco 3200 Series Mobile Access Router (MAR)
described 8-52
operating with mesh access points
using the CLI to configure 8-54
using the GUI to configure 8-53
Cisco 3300 Series Mobility Services Engine (MSE), using with wIPS 5-119
Cisco 4400 Series Wireless LAN Controllers
AutoInstall interfaces 4-7
described 1-8
FCC statement B-10
models 3-4
network connections 1-17
supporting more than 48 access points3-35to 3-40
Cisco 7920 Wireless IP Phones 6-36
Cisco 7921 Wireless IP Phones 6-36
Cisco AV-pairs 6-52, 6-53, 6-54
Cisco Centralized Key Management (CCKM). See CCKM
Cisco Clean Access (CCA) 6-58
Cisco Client Extensions (CCX). See CCX
Cisco Discovery Protocol (CDP)
configuring
debugging using the CLI 4-79
described 4-69
enabling using the GUI4-72to 4-73
sample network 4-71
supported devices 4-69
viewing neighbors
viewing traffic information
using the CLI 4-78
using the GUI 4-76
Cisco Discovery Protocol parameter 4-73
Cisco high-power switches 7-73
Cisco Logo parameter 10-10
Cisco NAC Appliance 6-58
CiscoSecure Access Control Server (ACS) 5-4
Cisco Unified Wireless Network (UWN) Solution
illustrated 1-3
Cisco Wireless Control System (WCS) 1-2
Cisco WiSM
configuring the Supervisor 7204-89to ??
guidelines 4-90
logical connectivity diagram and associated software commandsE-2to E-3
maximum number supported by router chassis 1-9
SSC key-hash 7-17
CKIP
configuring
using the CLI 6-28
described 6-26
Clear Filter link 6-8
clearing the controller configuration 9-28
Clear Stats button 12-19
CLI
basic commands 2-9
enabling wireless connections 2-9
logging out 2-9
navigating 2-9
troubleshooting commandsD-5to D-6
Client Certificate Required parameter 5-43
client location, using WCS 1-7
client MFP 5-66
Client Protection parameter 5-70
client reporting
configuring using the CLID-28to D-32
configuring using the GUID-25to D-28
described D-19
Client Reporting page D-27
client roaming, configuring4-40to 4-44
clients
connecting to WLANs 13-15
viewing
viewing CCX version
using the CLI 6-44
Clients > AP > Traffic Stream Metrics page 4-59
Clients > AP page 4-59
Clients > Detail page
configuring client reporting D-26
viewing a client's CCX version 6-43
viewing client details 7-40, 7-78
viewing the status of workgroup bridges 7-39
viewing voice and video settings 4-58
Clients page
performing a link test 7-67
viewing clients 7-76
viewing the status of workgroup bridges 7-39
viewing voice and video settings 4-57
Client Type parameter 7-39, 7-40
Commands > Reset to Factory Defaults page 4-3
comma-separated values (CSV) file, uploading 13-20
Community Name parameter 4-26
conditional web redirect 6-52
configuring
using the CLI 6-55
described 6-52
Conditional Web Redirect parameter 6-55
Configuration File Encryption parameter 9-24
configuration files
downloading
uploading
configuration wizard
described 4-2
Configure option for RRM override 11-27
Confirm Password parameter 13-10
Console Log Level parameter D-8
Control and Provisioning of Wireless Access Points protocol (CAPWAP) 1-6
debugging 7-6
described 7-2
guidelines 7-2
viewing MTU information 7-6
controller failure detection time, reducing 7-42
controller network module
baud rate 3-3
versions 3-4
controllers
configuration
clearing 9-28
erasing 9-28
saving 9-26
connections 1-11
discovery process 7-2
guidelines for operating in JapanB-6to B-7
multiple-controller deployment 1-4
resetting factory default settings
using the CLI 4-3
using the GUI 4-3
single-controller deployment1-3to 1-4
synchronizing with location appliance 4-86
types of memory 1-14
upgrading software
uploading core dump files from D-17
Controller Spanning Tree Configuration page 3-27
Controller Time Source Valid parameter 5-70
Control Path parameter 12-23
core dump files, uploading from the controller D-17
Country Code parameter 7-52
country codes
commonly used 7-50
configuring
using the configuration wizard 4-5
described 7-50
Japanese 7-56
viewing using the CLI 7-54
Country page 7-51
Coverage Exception Level per AP parameter 11-17
coverage hole detection
configuring per controller
using the CLI 11-22
disabling on a WLAN
described 6-57
using the CLI 6-58
coverage hole detection and correction 11-4
Coverage Hole Detection Enabled parameter 6-57
CPU Access Control Lists page 5-61
CPU ACL Mode parameter 5-61
crash files
uploading
Current Channel parameter 11-30
Custom Signatures page 5-111
D
Data Path parameter 12-23
Data Rates parameter 4-15
date
configuring manually 4-10
configuring through NTP server 4-10
setting
using the CLI 4-11
using the GUI 4-10
DCA Channel Sensitivity parameter 11-14
DCA Channels parameter 11-15
debug commands, sending 7-29
debug facility
default enable password 7-6
default-group access point group 6-46
Default Mobility Group parameter 12-11
Default Routers parameter 6-13
Delivery Traffic Indication Map (DTIM). See DTIM period
Deny Counters parameter 5-58
Description parameter 5-31, 8-13, 13-10
Designated Root parameter 3-27
DES IPSec data encryption 5-9
Destination parameter 5-57
Destination Port parameter 5-57
Detect and Report Ad-Hoc Networks parameter 5-85
device certificates
downloading
overview 9-13
using with local EAP 5-40, 5-45
DHCP
configuring using the CLI 6-11
configuring using the GUI 6-10
debugging 6-12
DHCP Addr. Assignment Required parameter 6-11
DHCP Allocated Lease page 6-14
DHCP option 43, in controller discovery process 7-4
DHCP option 82
described 5-53
example 5-53
DHCP Parameters page 4-22
DHCP proxy
configuring
using the CLI 4-23
described 4-22
DHCP Scope > Edit page 6-13
DHCP scopes
configuring
described 6-12
DHCP Scopes page 6-12
DHCP server discovery 7-4
DHCP Server IP Addr parameter 6-11
DHCP Server Override parameter 6-11
DHCP servers
configuring using the configuration wizard 4-5
internal 6-9
diagnostic channel
configuring
described D-19
Diagnostic Channel parameter D-21
directed roam request 4-41
Direction parameter 5-57
disabled clients, configuring a timeout 6-16
discovery request timer, configuring 7-46
distribution system ports3-4to 3-5
Diversity parameter 11-30
DNS Domain Name parameter 6-13
DNS Servers parameter 6-13
domain name server (DNS) discovery 7-4
Download button
downloading a CA certificate 9-17
downloading a configuration file 9-24
downloading a customized web authentication login page 10-19
downloading a device certificate 9-14
downloading a signature file 5-111
Download File to Controller page
downloading a customized web authentication login page 10-18
downloading CA certificates 9-16
downloading configuration files 9-23
downloading device certificates 9-14
downloading IDS signatures 5-110
DSCP parameter 5-57
DTIM period, configuring for MAC filtering 6-17
DTPC Support parameter 4-15
dynamic channel assignment (DCA)
20-MHz channelization 11-4, 11-15
40-MHz channelization 11-4, 11-15
configuring
described 11-3
sensitivity thresholds 11-15
dynamic frequency selection7-59to 7-60
dynamic interface
configuring
using the CLI 3-18
described 3-8
dynamic transmit power control, configuring 4-15
dynamic WEP, configuring 6-22
Dynamic WEP Key Index parameter 5-41
E
EAP-FAST Method Parameters page 5-44
EAP-FAST parameter 5-42
EAPOL-Key Max Retries parameter 5-41
EAPOL-Key Timeout parameter 5-41
EAP Profile Name parameter 5-45
EAP-TLS parameter 5-42
EDCA Profile parameter 4-67
Edit QoS Profile page 4-45
Edit QoS Role Data Rates page 4-49
Egress Interface parameter 10-27
Email Input parameter 10-28
Enable AP Local Authentication parameter 13-19
Enable AP Provisioning parameter 7-21
Enable Check for All Standard and Custom Signatures parameter 5-112
Enable Controller Management to be accessible from Wireless Clients parameter 2-10, 5-52
Enable Counters parameter 5-55
Enable Coverage Hole Detection parameter 11-17
Enable CPU ACL parameter 5-61
Enable DHCP Proxy parameter 4-23
Enable Dynamic AP Management parameter 3-40
Enable EAP-FAST Authentication parameter 13-21
Enable IGMP Snooping parameter 4-37
Enable LEAP Authentication parameter 13-21
Enable Link Latency parameter 7-69
Enable Low Latency MAC parameter 4-68
Enable LSC on Controller parameter 7-20
Enable Password parameter 7-8
Enable Server Status parameter 5-34
Enable Tracking Optimization parameter 7-61
Encryption Key parameter 6-28
end user license agreementC-2to C-4
enhanced distributed channel access (EDCA) parameters
configuring using the CLI4-68to 4-69
configuring using the GUI4-67to 4-68
enhanced neighbor list
request (E2E) 4-41
erasing the controller configuration 9-28
Ethernet connection, using remotely 2-8
Ethernet Multicast Mode parameter 4-36
European declaration of conformityB-4to B-5
event reporting for MFP 5-67
Expedited Bandwidth parameter 4-55
expedited bandwidth requests
described 4-53
enabling
using the CLI 4-63
using the GUI 4-55
Expiration Timeout for Rogue AP and Rogue Client Entries parameter 5-85
Extensible Authentication Protocol (EAP)
configuring 6-22
setting local timers 5-46
timeout and failure counters
per access point 5-49
per client 5-49
extension channel 11-30
F
factory default settings
resetting using the CLI 4-3
resetting using the GUI 4-3
failover priority for access points
configuring
using the CLI 7-49
described 7-47
viewing using the CLI 7-49
failover protection 1-15
fake access point detection 5-124
Fast Ethernet port 3-4
fast heartbeat timer
configuring
using the CLI 7-45
using the GUI 7-43
described 7-42
fast SSID changing
configuring using the CLI 4-31
configuring using the GUI 4-31
FCC declaration of conformityB-2to B-3
FCC statement
2100 series controllers B-10
4400 series controllers B-10
Federal Information Processing Standards (FIPS) 5-11
File Compression parameter 7-32
file transfers 1-13
File Type parameter
downloading a CA certificate 9-17
downloading a configuration file 9-24
downloading a customized web authentication login page 10-18
downloading a device certificate 9-14
upgrading controller software 9-9
uploading a configuration file 9-22
uploading PACs 9-19
filter, using to view clients7-76to 7-77
Fingerprint parameter 5-104
flashing LEDs, configuring 7-75
foreign controller in inter-subnet roaming 12-4
Forward Delay parameter 3-28, 3-29
forwarding plane architecture 4-32
Fragmentation Threshold parameter 4-14
Friendly Rogue > Create page 5-90
FTP server guidelines 9-2
G
General (controller) page
configuring 802.3 bridging 4-33
configuring an RF group 11-7
enabling link aggregation 3-33
enabling multicast mode 4-36
General (security) page 5-30, 5-124
General page 5-41
Generate Password parameter 10-5
gigabit Ethernet port 3-4
Global AP Failover Priority parameter 7-48
Global Configuration page
configuring authentication for access points 7-11
configuring backup controllers 7-43
configuring failover priority for access points 7-47
configuring global credentials for access points 7-7
global credentials for access points
configuring
described 7-6
overriding
using the CLI 7-9
using the GUI 7-8
Group Mode parameter 11-8, 12-17
Group Name parameter 12-12, 13-17
Group Setup page (on CiscoSecure ACS) 5-22
Guest LAN parameter 10-26
guest N+1 redundancy 12-20
guest user accounts
creating as a lobby ambassador10-4to 10-6
viewing
using the CLI 10-7
using the GUI 10-6
Guest User parameter 5-31, 13-10
Guest User Role parameter 5-31, 13-10
guest WLAN, creating 10-5
GUI
browsers supported 2-2
enabling wireless connections 2-9
guidelines 2-2
opening 2-2
using 2-2
H
Headline parameter 10-10
Hello Time parameter 3-28
help, obtaining 2-2
hex2pcap sample output D-38
high-density network
benefits 11-42
example 11-42
overview 11-42
Honeypot access point detection 5-124
HREAP Group Name parameter 13-13
HREAP Groups > Edit (Local Authentication > Local Users) page 13-20
HREAP Groups > Edit (Local Authentication > Protocols) page 13-21
HREAP Groups > Edit page 13-18
HREAP Groups page 13-17
H-REAP Local Switching parameter 13-8
H-REAP Mode AP Fast Heartbeat Timeout parameter 7-43
H-REAP Mode AP Fast Heartbeat Timer State parameter 7-43
HTTP Access parameter 2-3
HTTP Configuration page 2-3
HTTPS Access parameter 2-3
hybrid REAP
access points supported 13-2
authentication process13-2to 13-4
bandwidth restriction 13-2
configuring
access points using the CLI 13-14
access points using the GUI13-11to 13-13
controller using the GUI13-6to 13-10
guidelines 13-4
illustrated 13-2
number of access points supported 13-2
overview 13-2
hybrid-REAP
hybrid-REAP groups
backup RADIUS server 13-16
CCKM 13-16
configuring
using the CLI 13-22
described 13-15
example 13-16
local authentication 13-17
Hysteresis parameter 4-42
I
identity networking
overview 5-74
Identity Request Max Retries parameter 5-41
Identity Request Timeout parameter 5-41
IDS 5-103
IDS sensors
configuring
described 5-103
IDS signature events
viewing using the CLI5-117to 5-118
viewing using the GUI5-114to 5-115
IDS signatures
configuring
described 5-107
frequency 5-113
measurement interval 5-113
pattern 5-113
tracking method 5-113
uploading or downloading using the GUI5-110to 5-111
viewing
IGMP Timeout parameter 4-37
IKE Diffie Hellman Group parameter 5-10
IKE Phase 1 parameter 5-10
Index parameter for IDS 5-104
indoor access points
converting to mesh access points 8-49
infrastructure MFP
components 5-67
described 5-66
Infrastructure MFP Protection parameter 5-69
Infrastructure Protection parameter 5-70
Infrastructure Validation parameter 5-70
Ingress Interface parameter 10-27
Injector Switch MAC Address parameter 7-73
inline power 7-71
intelligent power management (IPM) 7-73
inter-controller roaming
described 4-40
example 12-3
Interface Name parameter 6-48, 6-60, 6-63, 8-13
Interface parameter 6-11
interfaces
and identity networking 5-76
assigning WLANs 6-16
configuring
Interfaces > Edit page
applying an ACL to an interface 5-60
configuring dynamic interfaces 3-17
configuring NAC out-of-band integration 6-61
creating multiple AP-manager interfaces 3-39
Interfaces > New page 3-16, 3-39
Interfaces page 3-11
interference 11-3
Interference threshold parameter 11-19
Internet Group Management Protocol (IGMP)
configuring
using the CLI 4-38
using the GUI 4-37
snooping 4-34
inter-subnet mobility 12-7
inter-subnet roaming
described 4-40
Interval parameter 11-14, 11-39
intra-controller roaming
described 4-40
illustrated 12-2
Inventory page 7-64
Invoke Channel Update Now button 11-14
Invoke Power Update Now button 11-11
IP address-to-MAC address binding
described 4-44
IP Mask parameter 4-26
IPSec parameter 5-9
IPv6 bridging
configuring
using the CLI 6-41
described 6-38
guidelines 6-39
IPv6 bridging and IPv4 web authentication example 6-40
IPv6 Enable parameter 6-41
J
Japanese country codes 7-56
Japanese regulations for migrating access points from the -J to the -U regulatory domain7-56to ??
K
Keep Alive Count parameter 12-22
Keep Alive Interval parameter 12-22
Key Encryption Key (KEK) parameter 5-8
Key Format parameter 6-28
Key Index parameter 6-28
key permutation
configuring 6-28
described 6-27
Key Permutation parameter 6-28
Key Size parameter 6-27
Key Wrap Format parameter 5-8
Key Wrap parameter 5-8
L
LAG. See link aggregation (LAG)
LAG Mode on Next Reboot parameter 3-34
Last Auto Channel Assignment parameter 11-15
Last Power Level Assignment parameter 11-11
Layer 1 security 5-2
Layer 2
operation 1-6
security
described 5-2
Layer 2 Security parameter 6-25, 6-27, 6-54
Layer 3
operation 1-6
security
described 5-3
Layer 3 Security parameter
for VPN passthrough 6-31
for web authentication 6-32
for web redirect 6-55
for wired guest access 10-27
LDAP
choosing server priority order 5-35
configuring
local EAP methods supported 5-33, 5-39
LDAP server
choosing local authentication bind method
using the CLI 5-37
using the GUI 5-34
LDAP Servers > New page 5-33
LDAP Servers page 5-33
LDAP Servers parameter 5-45
LEAP parameter 5-42
Learn Client IP Address parameter 13-9
Lease Time parameter 6-13
LEDs
configuring 7-75
interpreting D-2
Lifetime parameter 5-31, 10-5, 13-10
Lightweight Access Point Protocol (LWAPP) 1-6, 7-2
lightweight mode, reverting to autonomous mode 7-18
link aggregation (LAG)
configuring neighboring devices 3-35
enabling
using the CLI 3-34
example 3-31
illustrated 3-32
verifying settings using the CLI 3-35
link latency
configuring
described 7-68
Link Status parameter 3-21
Link Test
button 7-67
page 7-67
link test
described 7-65
performing
using the CLI 7-68
using the GUI7-66to7-67, 8-46to 8-47
types of packets 7-65
Link Trap parameter 3-22
Load-based AC parameter 4-55
load-based CAC
enabling
using the CLI 4-62
using the GUI 4-55
lobby ambassador account
creating using the CLI 10-3
creating using the GUI10-2to 10-3
Lobby Ambassador Guest Management > Guest Users List > New page 10-4
Lobby Ambassador Guest Management > Guest Users List page 10-4, 10-6
Local Auth Active Timeout parameter 5-41
local EAP
configuring
debugging 5-50
example 5-39
viewing information using the CLI 5-48
Local EAP Authentication parameter 5-45
Local EAP Profiles > Edit page 5-42
Local EAP Profiles page 5-42
Local Management Users > New page 10-3
Local Management Users page 10-2
Local Mode AP Fast Heartbeat Timeout parameter 7-43
Local Mode AP Fast Heartbeat Timer parameter 7-43
Local Net Users > New page 5-31, 13-9
Local Net Users page 5-30, 10-6
local network users
configuring using the CLI 5-32
configuring using the GUI5-29to 5-32
local significant certificate (LSC)
configuring
described 7-20
Local Significant Certificates (LSC) page 7-20
local user database, capacity 10-2
location
calibration 11-38
viewing settings using the CLI4-86to 4-89
location appliance
installing certificate4-84to 4-85
synchronizing with controller 4-86
location-based services 11-38
location presence 4-87
logical connectivity diagram
Catalyst 3750G Integrated Wireless LAN Controller Switch E-4
Cisco 28/37/38xx Integrated Services Router E-3
Cisco WiSM E-2
logs
uploading
long preambles
described 5-50
enabling on SpectraLink NetLink phones
using the CLI 5-51
using the GUI 5-50
LWAPP-enabled access points
configuring a static IP address 7-34
debug commands 7-29
disabling the reset button 7-34
guidelines 7-17
MAC addresses displayed on controller GUI 7-33
radio core dumps
described 7-29
receiving debug commands from controller 7-29
retrieving radio core dumps 7-30
reverting to autonomous mode7-18to 7-19
sending crash information to controller 7-29
uploading
access point core dumps7-32to 7-33
M
MAC address of access point
adding to controller filter list
using the GUI8-12to 8-13, 8-32
displayed on controller GUI 7-33
MAC Address parameter 8-12
MAC filtering
configuring on WLANs6-15to 6-16
DTIM period 6-17
MAC Filtering page 8-12
MAC Filters > New page 8-12
management frame protection (MFP)
configuring
debugging 5-73
guidelines 5-67
types 5-66
Management Frame Protection parameter 5-70
Management Frame Protection Settings page 5-70
management frame validation 5-67
management interface
configuring
using the CLI 3-13
described 3-6
management over wireless
described 5-52
enabling
using the CLI 5-52
using the GUI 5-52
Master Controller Configuration page 7-4
Master Controller Mode parameter 7-4
Max Age parameter 3-27
Maximum Age parameter 3-28
maximum local database entries
configuring using the CLI 5-124
configuring using the GUI 5-124
Maximum Local Database Entries parameter 5-30, 5-124
Maximum RF Usage Per AP parameter 4-46
Max-Login Ignore Identity Response parameter 5-41
Max RF Bandwidth parameter 4-55, 4-56
MCS data rates 4-18
Member MAC Address parameter 12-12
memory
types 1-14
memory leaks, monitoringD-17to D-19
mesh
network example 8-35
parameters
configuring using the CLI 8-20, 8-24
configuring using the GUI8-16to 8-20
statistics
viewing for an access point using the CLI8-35to8-38, 8-44to 8-45
viewing for an access point using the GUI8-40to 8-44
Mesh > LinkTest Results page 8-46
mesh access points
converting to non-mesh access points 8-51
operating with Cisco 3200 Series Mobile Access Routers
configuration guidelines 8-52
described 8-52
using the CLI to configure 8-54
using the GUI to configure 8-53
mesh network hierarchy 8-3
mesh node security statistics8-43to 8-44
mesh node statistics 8-42
Message Authentication Code Key (MACK) parameter 5-8, 5-12
message logs
configuring
using the GUI D-6
viewing
using the CLI D-12
See also system logging
Message Logs page D-9
Message parameter for web authentication 10-11
Metrics Collection parameter 4-55
MFP Client Protection parameter 5-69
MFP Frame Validation parameter 5-69
migrating access points from the -J to the -U regulatory domain7-56to ??
Min Failed Client Count per AP parameter 11-17
Minimum RSSI parameter 4-42
mirror mode. See port mirroring, configuring
MMH MIC
configuring 6-28
described 6-27
MMH Mode parameter 6-28
Mobile Announce messages 12-7
mobility
failover 12-20
overview 12-2
Mobility Anchor Config page 12-22, 12-27
Mobility Anchor Create button 12-23
mobility anchors. See auto-anchor mobility
Mobility Anchors option 12-22
Mobility Anchors page 12-22
Mobility Group Member > New page 12-11
Mobility Group Members > Edit All page 12-13
mobility groups
configuring
using the CLI 12-14
using the configuration wizard 4-5
with one NAT device 12-8
with two NAT devices 12-9
determining when to include controllers 12-7
difference from RF groups 11-5
examples 12-7
illustrated 12-5
messaging among 12-7
number of access points supported 12-5, 12-6
number of controllers supported 12-5
using with NAT devices12-8to 12-9
mobility group statistics
types 12-16
viewing
using the CLI 12-19
mobility list
described 12-6
detecting failed members 12-20
number of controllers supported 12-7
ping requests to members 12-20
Mobility Multicast Messaging > Edit page 12-14
Mobility Multicast Messaging page 12-13
mobility ping tests, running 12-28
mobility services information, viewing 4-89
Mobility Statistics page 12-17
MODE access point button 7-18, 7-34
monitor intervals, configuring using the GUI 11-20
Multicast Appliance Mode parameter 3-22
multicast client table, viewing 4-39
multicast groups
viewing using the CLI 4-39
viewing using the GUI 4-37
Multicast Groups page 4-37
multicast mode
configuring
using the CLI 4-38
Multicast page 4-37
multiple country codes
configuration guidelines 7-50
configuring
using the CLI 7-53
using the GUI 7-52
multiple country support, using the configuration wizard 4-5
N
NAC in-band mode 6-58
NAC out-of-band integration
and hybrid REAP 13-5
configuring
diagram 6-59
NAC out-of-band support
configuring for a specific access point group
using the CLI 6-64
using the GUI 6-62
NAC State parameter 6-48, 6-62, 6-63
NAT devices in mobility groups12-8to 12-9
Native VLAN ID parameter 13-13
neighbor information
viewing for an access point using the CLI 8-48
viewing for an access point using the GUI8-45to 8-48
Neighbor Information option 8-45
Neighbor Packet Frequency parameter 11-20
neighbor statistics
viewing for an access point using the CLI 8-48
viewing for an access point using the GUI8-45to 8-48
Netbios Name Servers parameter 6-13
Netmask parameter 6-13
network analyzer supported software
AirMagnet D-40
Airopeek D-40
Omnipeek D-40
Wireshark D-40
Network Mobility Services Protocol (NMSP) 4-80
active connections 4-88
modifying the notification interval for clients, RFID tags, and rogues 4-85
viewing counters 4-88
Network parameter 6-13
NTP server
configuring to obtain time and date 4-10
setting in the configuration wizard 4-6
Number of Hits parameter 5-58
O
online help, using 2-2
open source terms C-8
OpenSSL license issuesC-6to C-8
operating system
security 1-5
software 1-4
Override Global Config parameter 10-21, 10-28
Over-ride Global Credentials parameter 7-8, 7-12, 7-13
Override Interface ACL parameter 5-62
oversized access point images 7-34
over-the-air provisioning (OTAP) 7-3
P
P2P Blocking parameter 6-20
Params parameter 7-20
password
restoring 4-24
password guidelines 7-12
Password parameter
for access point authentication 7-12
for access points 7-8
for local net users 5-31, 13-10
for PACs 9-19
passwords
viewing in clear text D-6
PEAP parameter 5-42
peer-to-peer blocking
configuring
using the CLI 6-21
described 6-19
examples 6-19
Physical Mode parameter 3-22
Physical Status parameter 3-20
pico cell mode
configuring
debugging using the CLI 11-46
guidelines 11-43
versions 11-44
Pico Cell Mode parameter 11-44
ping link test 7-65
ping tests 12-28
PMK cache lifetime timer 6-26
PMKID caching 6-26
PoE Status parameter 7-73
Pool End Address parameter 6-13
Pool Start Address parameter 6-13
Port > Configure page 3-20
port mirroring, configuring 3-23
Port Number parameter
for controller 3-20
for LDAP server 5-34
for RADIUS server 5-8
for TACACS+ server 5-24
for wired guest access 10-26
Port parameter for IDS 5-104
ports
on 2100 series controllers 3-2, 3-3, 3-4
on 4400 series controllers 3-2, 3-3, 3-4
on Catalyst 3750G Integrated Wireless LAN Controller Switch 3-3, 3-5
on Cisco 28/37/38xx Series Integrated Services Router3-3to 3-4, 4-91, 7-26
Ports page 3-19
Power Assignment Leader parameter 11-11
power cable warning for Japan B-7
Power Injector Selection parameter 7-73
Power Injector State parameter 7-73
Power Neighbor Count parameter 11-11
Power over Ethernet (PoE)
configuring
using the CLI 7-74
Power Over Ethernet (PoE) parameter 3-21
Power Threshold parameter 11-11
preauthentication access control list (ACL)
applying to a WLAN
using the CLI 5-65
for external web server 10-16, 13-9
Preauthentication ACL parameter 5-63, 6-55
Pre-Standard State parameter 7-73
Primary Controller parameters 7-44
Primary RADIUS Server parameter 13-18
priming access points 7-3
Priority Order > Local-Auth page 5-35, 5-40
Priority Order > Management User page 5-11, 5-25
Priority parameter 3-28
Privacy Protocol parameter 4-28
probe request forwarding, configuring 7-63
probe requests, described 7-63
Profile Details page D-28
Profile Name parameter 6-5, 8-12, 10-26, 13-7
protected access credentials (PACs)
overview 9-19
uploading
using the GUI 9-19
using with local EAP 5-40, 13-21
Protection Type parameter 5-68, 11-36
Protocol parameter 5-57
Protocol Type parameter 4-47
PSK
configuring 6-25
described 6-23
with mesh 8-18
PSK Format parameter 6-25
public key cryptography (PKC), with mobility 12-7
Q
QBSS
configuring
using the CLI 6-38
using the GUI 6-37
described 6-34
guidelines 6-36
QoS
identity networking 5-75
translation values 6-32
with CAC 4-52
QoS profiles
assigning to a WLAN
using the CLI 6-34
using the GUI 6-33
configuring
QoS roles
assigning for use with hybrid REAP 13-10
configuring
QoS Roles for Guest Users page 4-49
Quality of Service (QoS) parameter 6-33
quarantined VLAN
using 13-8
with hybrid REAP 13-4
with NAC out-of-band integration 6-61
Quarantine parameter
for dynamic interface 3-17
for management interface 3-11
NAC out-of-band integration 6-61
Query Interval parameter 5-104
Queue Depth parameter 4-46
queue statistics 8-42
R
radio core dumps
described 7-29
retrieving 7-30
uploading
using the CLI 7-31
radio measurement requests
configuring
on the CLI 11-40
on the GUI 11-39
overview 11-38
viewing status using the CLI 11-41
radio preamble 5-50
radio resource management (RRM)
benefits 11-5
CCX features. SeeCCX radio management
configuring
monitor intervals using the GUI 11-20
using the configuration wizard 4-6
coverage hole detection
configuring per controller using the CLI 11-22
configuring per controller using the GUI11-16to 11-18
described 11-4
debugging 11-26
disabling dynamic channel and power assignment
using the CLI 11-34
using the GUI 11-34
overview 11-2
specifying channels11-12to 11-15
statically assigning channel and transmit power settings
using the CLI 11-31
viewing using the CLI11-24to 11-25
Wireless > 802.11a/n (or 802.11b/g/n) > RRM > TPC parameter 11-10
radio resource monitoring 11-2
RADIUS
accounting 5-3
authentication 5-3
configuring
configuring on ACS 5-4
described 5-3
FIPS standard 5-11
KEK parameter 5-12
MACK parameter 5-12
server fallback behavior 5-10
using with hybrid REAP 13-16
RADIUS accounting attributes5-17to 5-18
Range (RootAP to MeshAP) parameter 8-17
Redirect URL After Login parameter 10-10
Refresh-time Interval parameter 4-72
regulatory information
for 2100 series controllers B-10
for 4400 series controllers B-10
for lightweight access pointsB-2to B-10
Remote Authentication Dial-In User Service. See RADIUS
Request Max Retries parameter 5-41
Request Timeout parameter 5-41
Reserved Roaming Bandwidth parameter 4-55, 4-56
Reset Link Latency button 7-70
resetting the controller 9-28
restoring passwords 4-24
Re-sync button 5-106
reverse path filtering (RPF) 12-26
RF Channel Assignment parameter 11-34
RF domain. See RF groups
RF exposure declaration of conformity B-5
RF group leader
described 11-6
viewing 11-8
RF group name
described 11-6
entering 11-7
RF groups
configuring
using the CLI 11-7
using the configuration wizard 4-5
using the GUI 11-7
difference from mobility groups 11-5
viewing status
using the CLI 11-9
using the GUI 11-8
RFID tags
described 4-79
formats supported 4-79
number supported per controller 4-80
tracking
configuring using the CLI 4-81
debugging using the CLI 4-83
viewing information using the CLI4-82to 4-83
RFID tracking on access points, optimizing
RF-Network Name parameter 11-7
RLDP. See Rogue Location Discovery Protocol (RLDP)
roaming and real-time diagnostics
configuring using the CLID-32to D-35
described D-20
logs
described D-20
roam reason report 4-41
roam reason report, described 8-25
rogue access points
alarm 11-36
automatically containing
using the CLI 5-86
using the GUI 5-85
classification mapping table 5-82
classifying 5-81
detecting
using the CLI 11-37
managing 5-80
rule-based classification support 5-81
tagging, location, and containment 5-81
viewing and classifying
WCS support for rule-based classification 5-84
Rogue AP Detail page 5-94
Rogue AP Ignore-List page 5-97
rogue classification rules
configuring using the CLI5-90to 5-93
configuring using the GUI5-87to 5-90
Rogue Client Detail page 5-95
Rogue Location Discovery Protocol (RLDP)
configuring
defined 5-81
Rogue Location Discovery Protocol parameter 5-84
Rogue on Wire parameter 5-85
Rogue Policies page 5-84
Rogue Rule > Edit page 5-89
Rogue Rules > Priority page 5-90
Role Name parameter 4-49
root bridge 3-24
Root Cost parameter 3-27
Root Port parameter 3-27
RRM. See radio resource management (RRM)
RSNA logs
described D-20
Rx Sensitivity Threshold parameter 11-45
S
safety warningsA-1to ??
Save and Reboot button 9-14, 9-17
saving configuration settings 9-26
Scan Threshold parameter 4-42
Scope Name parameter 6-12
Search Clients page 7-77
Search WLANs window 6-7
Secondary Controller parameters 7-44
Secondary RADIUS Server parameter 13-18
secure web mode
described 2-2
enabling
using the CLI 2-4
using the GUI 2-2
security
overview 5-2
Security Mode parameter 8-18
Security Policy Completed parameter 6-40
security settings
local and external authentication 8-16
Select APs from Current Controller parameter 13-19
self-signed certificate (SSC)
used to authorize access points 7-19
Sequence parameter 5-56
serial port
baud rate setting 2-8
connecting 2-8
timeout 2-8
Server Address parameter 5-104
Server Index (Priority) parameter 5-8, 5-24, 5-34
Server IP Address parameter
for LDAP server 5-34
for RADIUS server 5-8
for TACACS+ server 5-24
for wireless sniffer D-42
Server Key parameter 5-44, 13-21
Server Status parameter 5-9, 5-24
Server Timeout parameter 5-9, 5-25, 5-35
service port 3-5
service-port interface
configuring
using the CLI 3-15
using the configuration wizard 4-4
described 3-8
session timeout
configuring
using the CLI 6-29
using the GUI 6-29
described 6-29
Set to Factory Default button 11-20
Severity Level Filtering parameter D-7
Shared Secret Format parameter 5-8, 5-24
Shared Secret parameter 5-8, 5-24
Short Preamble Enabled parameter 5-50
short preambles 5-50
Show Wired Clients option 7-39
shunned clients
described 5-106
viewing
using the CLI 5-107
using the GUI 5-106
Signature Events Detail page 5-114
Signature Events Summary page 5-114
Signature Events Track Detail page 5-115
Simple Bind parameter 5-34
sniffing. See wireless sniffing D-40
Sniff parameter D-42
SNMP community string
changing default values using the CLI 4-27
changing default values using the GUI4-25to 4-26
SNMP v1 / v2c Community > New page 4-26
SNMP v1 / v2c Community page 4-25
SNMP v3 users
changing default values using the CLI 4-29
changing default values using the GUI4-27to 4-29
SNMP V3 Users > New page 4-28
SNMP V3 Users page 4-27
software, upgrading
Source parameter for ACLs 5-56
Source Port parameter 5-57
Spanning Tree Algorithm parameter 3-28
Spanning Tree Protocol (STP)
configuring
described 3-24
spanning-tree root 3-24
Spanning Tree Specification parameter 3-27
SpectraLink NetLink phones
enabling long preambles
using the CLI 5-51
using the GUI 5-50
overview 5-50
Spectralink Voice Priority parameter 4-67
splash page web redirect 6-53
Splash Page Web Redirect parameter 6-55
SSC key-hash on Cisco WiSM 7-17
SSH, troubleshooting access points D-43
SSID
configuring
using the CLI 6-6
using the GUI 6-5
described 6-3
SSL certificate
loading
using the GUI??to 2-6
SSLv2, configuring for web administration 2-4
SSLv2 for web authentication, disabling 10-9
Standard Signature > Detail page 5-113
Standard Signatures page 5-111
Static Mobility Group Members page 12-11
Statistics option 8-41
Status parameter
for DHCP scopes 6-13
for guest LANs 10-27
for SNMP community 4-26
for WLANs 6-5
STP Mode parameter 3-26
STP Port Designated Bridge parameter 3-25
STP Port Designated Cost parameter 3-25
STP Port Designated Port parameter 3-25
STP Port Designated Root parameter 3-25
STP Port Forward Transitions Count parameter 3-25
STP Port ID parameter 3-25
STP Port Path Cost Mode parameter 3-26
STP Port Path Cost parameter 3-26
STP Port Priority parameter 3-26
STP State parameter 3-25
strong passwords 7-12
Supervisor 720
configuring4-89to ??
described 4-89
switch, configuring at the remote site13-5to 13-6
Switch IP Address (Anchor) parameter 12-23
SX/LC/T small form-factor plug-in (SFP) modules 3-4
symmetric mobility tunneling
configuring
using the configuration wizard 4-5
illustrated 12-27
verifying status
using the CLI 12-28
using the GUI 12-27
Symmetric Mobility Tunneling Mode parameter 12-27
syslog
described D-20
levels D-8
Syslog Facility parameter D-8
syslog server
number supported by controller D-7
removing from controller D-7
severity level filtering D-7
Syslog Server IP Address parameter D-7
system logging
configuring
setting severity level D-8
system logs, viewing using the CLI D-12
T
TACACS+
accounting 5-19
authentication 5-18
authorization 5-18
choosing authentication priority order 5-11, 5-25
configuring
viewing administration server logs5-27to 5-29
TACACS+ (Authentication, Authorization, or Accounting) Servers > New page 5-24
TACACS+ (Authentication, Authorization, or Accounting) Servers page 5-23
TACACS+ (Cisco) page (on CiscoSecure ACS) 5-21
TACACS+ Administration .csv page (on CiscoSecure ACS) 5-28, 5-29
telemetry 4-79
Telnet, troubleshooting access points D-43
terminal emulator settings 2-8
Tertiary Controller parameters 7-45
text2pcap sample output D-38
TFTP server guidelines 9-2
time, configuring
using the CLI 4-11
using the GUI 4-10
using the NTP server 4-10
time-length-values (TLVs), supported for CDP4-69to 4-71
timeout, configuring for disabled clients 6-16
Time Since Topology Changed parameter 3-27
timestamps, enabling or disabling in log and debug messages D-12
Time to Live for the PAC parameter 5-44, 13-21
time zone
configuring using the CLI 4-12
configuring using the GUI 4-11
TKIP
described 6-23
parameter 6-25
Topology Change Count parameter 3-27
traffic specifications (TSPEC) request
described 4-53
examples 4-53
traffic stream metrics (TSM)
configuring
using the CLI 4-63
using the GUI 4-55
described 4-54
viewing statistics
Transfer Mode parameter
downloading a CA certificate 9-17
downloading a configuration file 9-24
downloading a customized web authentication login page 10-18
downloading a device certificate 9-14
upgrading controller software 9-9
uploading a configuration file 9-22
uploading a PAC 9-20
Transition Time parameter 4-43
transmit power
statically assigning using the CLI 11-31
statically assigning using the GUI11-27to 11-31
transmit power levels 11-30
Transmit Power parameter 11-45
transmit power threshold, decreasing 11-21
troubleshooting
access point join process7-25to 7-29
using Telnet or SSH D-43
tunnel attributes and identity networking 5-77
Tx Power Level Assignment parameter 11-34
Type parameter 6-5, 10-26, 13-7
U
U-APSD
described 4-54
viewing status
using the CLI 4-65
using the GUI 4-58
UDP, use in RADIUS 5-4
unicast mode 4-34
unique device identifier (UDI)
described 7-64
retrieving
using the CLI 7-65
Upload button 5-111, 7-31, 9-20, D-15
Upload CSV File parameter 13-20
Upload File from Controller page 7-30, 9-19, 9-21, D-15
URL parameter 10-17
Use AES Key Wrap parameter 5-7
User Access Mode parameter 10-3
user accounts, managing10-1to 10-20
User Attribute parameter 5-34
User Base DN parameter 5-34
User Credentials parameter 5-35
User Name parameter 5-31, 13-10
Username parameter 7-8, 7-11, 7-12
User Object Type parameter 5-34
User parameter 9-19
User Profile Name parameter 4-28
Using Our SSID parameter 5-85
V
Validate Rogue Clients Against AAA parameter 5-85
Valid Client on Rogue AP parameter 5-85
Validity parameter 9-19
VCCI warnings for controllers B-7
VCI strings 7-25
Verify Certificate CN Identity parameter 5-43
video information, viewing for mesh networks using the CLI8-35to 8-38
video settings
configuring
using the CLI 4-63
viewing
virtual interface
configuring
using the CLI 3-14
using the configuration wizard 4-5
VLAN Identifier parameter
for AP-manager interface 3-12
for dynamic interface 3-16, 3-17
for management interface 3-11
VLAN interface. See dynamic interface
VLAN Mappings
button 13-13
page 13-13
VLANs
described 3-8
guidelines 3-10
VLAN Support parameter 13-13
VLAN tag, and identity networking 5-76
Voice & Video Optimized parameter 4-67
voice information, viewing for mesh networks using the CLI8-35to 8-38
Voice Optimized parameter 4-67
voice-over-IP (VoIP) telephone roaming 4-40
Voice RSSI parameter 11-17
voice settings
configuring
viewing
VPN Gateway Address parameter 6-31
VPN passthrough
configuring using the CLI 6-31
configuring using the GUI6-30to 6-31
W
warnings
translatedA-1to ??
webauth.tar files 10-21
webauth bundle 10-17
web authentication
configuring a WLAN for
using the CLI 6-32
using the GUI 6-31
described 10-7
successful login page 10-9
web authentication login page
assigning per WLAN
using the CLI 10-22
using the GUI 10-21
choosing the default
customized example 10-20
customizing from an external web server
using the CLI 10-17
default 10-8
downloading a customized login page
guidelines 10-17
using the CLI 10-19
modified default example 10-13
verifying settings using the CLI 10-20
Web Authentication option 10-27
Web Authentication Type parameter 10-10, 10-17, 10-19
Web Auth Type parameter 10-21, 10-28
web-browser security alert 10-7
web mode
configuring
using the CLI 2-4
using the GUI 2-2
described 2-2
Web Passthrough option 10-27
Web Policy parameter 5-63, 6-55
web redirect 6-52
Web Server IP Address parameter 10-17
Web Session Timeout parameter 2-3
WEP keys, configuring 6-22
WGB parameter 7-39
WGB Wired Clients page 7-39
wired guest access
configuration overview 10-25
configuring
guidelines 10-25
one-controller example 10-24
two-controller example 10-25
wireless intrusion prevention system (wIPS)
configuring on an access point5-121to 5-122
described 5-119
viewing information5-122to 5-123
wireless sniffing
configuring
prerequisites D-40
supported software D-40
WLAN ID parameter 6-5
WLAN Profile parameter 5-31, 13-10
WLANs
assigning web login, login failure, and logout pages
using the CLI 10-22
using the GUI 10-21
checking security settings 6-22
configuring
conditional web redirect6-53to 6-56
static and dynamic WEP 6-23
connecting clients to 13-15
creating
using the CLI 6-6
deleting
using the CLI 6-7
using the GUI 6-4
described1-11, 3-8to 3-10, 6-3
enabling or disabling
using the CLI 6-6
using the GUI 6-6
number supported 6-2
searching 6-7
session timeout
configuring 6-29
described 6-29
splash page web redirect 6-53
wired security solution 1-5
WLANs > Edit (Advanced) page 6-57
applying an ACL to a WLAN 5-62
configuring AAA override 5-80
configuring infrastructure MFP for a WLAN 5-69
configuring IPv6 bridging 6-41
configuring NAC out-of-band integration 6-62
configuring the diagnostic channel D-20
WLANs > Edit (QoS) page 6-37
WLANs > Edit (Security > AAA Servers) page
assigning LDAP servers to a WLAN 5-36
choosing RADIUS or LDAP servers for external authentication 10-21
disabling accounting servers on a WLAN 6-56
enabling local EAP on a WLAN 5-45
WLANs > Edit (Security > Layer 2) page 6-25, 6-27
WLANs > Edit (Security > Layer 3) page
applying a preauthentication ACL to a WLAN 5-62
configuring a WLAN for VPN Passthrough 6-31
configuring web redirect 6-55
configuring wired guest access 10-27
WLANs > Edit page 6-5, 10-26, 13-7
WLANs > New page 6-5, 8-25, 8-26, 8-47, 8-48, 10-26, 13-7
WLAN SSID parameter
configuring for guest user 10-5
creating a centrally switched WLAN 13-7
creating WLANs 6-5
identifying the guest LAN 10-26
mapping an access point group to a WLAN 6-48, 6-63
WMM
described 6-34
with CAC 4-52
WMM parameter 4-67
WMM Policy parameter 6-37
workgroup bridges (WGBs)
debugging 7-41
described 7-35
guidelines 7-36
illustrated 7-35
sample configuration 7-38
viewing status
using the CLI 7-41
WPA1+WPA2
configuring
using the CLI 6-25
described 6-23
WPA2 Policy parameter 6-25
WPA Policy parameter 6-25