-
Cisco Wireless LAN Controller Configuration Guide, Release 7.0.116.0
-
Preface
-
Chapter 1 - Overview
-
Chapter 2 - Using the Web-Browser and CLI Interfaces
-
Chapter 3 - Configuring Ports and Interfaces
-
Chapter 4 - Configuring Controller Settings
-
Chapter 5 - Configuring Video Streams
-
Chapter 6 - Configuring Security Solutions
-
Chapter 7 - Configuring WLANs
-
Chapter 8 - Controlling Lightweight Access Points
-
Chapter 9 - Controlling Mesh Access Points
-
Chapter 10 - Managing Controller Software and Configurations
-
Chapter 11- Managing User Accounts
-
Chapter 12 - Configuring Radio Resource Management
-
Chapter 13 - Configuring Cisco CleanAir
-
Chapter 14 - Configuring Mobility Groups
-
Chapter 15 - Configuring Hybrid REAP
-
Appendix A - Safety Considerations and Translated Safety Warnings
-
Appendix B - Declarations of Conformity and Regulatory Information
-
Appendix C - End User License and Warranty
-
Appendix D - Troubleshooting
-
Appendix E - Logical Connectivity Diagrams
-
Index
-
Feedback
Table Of Contents
Symbols - Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -
Index
Symbols
. D-5
Numerics
11n Mode parameter 4-31
1250 series access points
and PoE Status field 8-130
operating modes when using PoE 8-128
transmit power settings when using PoE 8-129
3DES IPSec data encryption 6-9
7920 AP CAC parameter 7-42
7920 Client CAC parameter 7-42
7920 support mode
configuring 7-40
described 7-40
7921 support mode 7-40
802.11a (or 802.11b) > Client Roaming page 4-61
802.11a (or 802.11b) > Voice Parameters page 4-75, 4-77, 4-82
802.11a (or 802.11b/g) > EDCA Parameters page 4-91
802.11a (or 802.11b/g) Global Parameters > Auto RF page 13-9
802.11a (or 802.11b/g) Global Parameters page 4-26, 13-47
802.11a (or 802.11b/g) Network Status parameter 4-27, 4-35
802.11a/n (4.9 GHz) > Configure page 9-128
802.11a/n (or 802.11b/g/n) Cisco APs > Configure page 13-33
802.11a/n (or 802.11b/g/n) Radios page 4-80, 13-32, 13-45
802.11a/n Cisco APs > Configure page 9-19
802.11a/n Radios page (from Monitor Menu) 8-31
802.11a/n Radios page (from Wireless Menu) 8-31
802.11a > RRM > Coverage page 13-21
802.11a > RRM > DCA page 13-17
802.11a > RRM > Dynamic Channel Assignment (DCA) page 13-17
802.11a > RRM > General page 13-23
802.11a Global Parameters page 13-44
802.11b/g/n Cisco APs > Configure page 8-117, D-48
802.11 bands
configuring using the CLI4-28to 4-30
configuring using the GUI4-26to 4-28
802.11g Support parameter 4-27
802.11h, described 4-35
802.11h Global Parameters page 4-35
802.11h parameters, configuring
using the CLI 4-36
802.11n
clients 8-133
configuring
devices 4-30
802.11n (2.4 GHz) High Throughput page 4-31
802.1Q VLAN trunk port 3-5
802.1X
configuring 7-24
described 7-26
dynamic key settings 7-24
802.1X+CCKM
configuring 7-28
described 7-26
802.1X authentication for access points
configuring
the switch 8-41
described 8-37
802.1x Authentication parameter 8-38
802.3 bridging
configuring using the CLI 4-53
configuring using the GUI4-52to 4-53
802.3 Bridging parameter 4-53
802.3 frames 4-52
802.3X flow control, enabling 4-51
A
AAA override
configuring
using the CLI 6-88
using the GUI 6-88
described 6-86
AC adapter warning for Japan B-2
Access Control List Name parameter 6-63
access control lists (ACLs)
applying to an interface
using the CLI 6-71
applying to a WLAN
using the CLI 6-72
applying to the controller CPU
using the CLI 6-72
configuring
counters
configuring using the CLI 6-70
configuring using the GUI 6-63
described 6-62
identity networking 6-84
using with the debug facilityD-41to D-42
Access Control Lists > Edit page 6-65
Access Control Lists > New page 6-63
Access Control Lists > Rules > New page 6-64
Access Control Lists page 6-62
Access Mode parameter 4-41, 4-43
access point
assisted roaming, described 9-92
access point core dumps, uploading
using the CLI 8-63
using the GUI 8-63
access point count, approved tiers for 5500 series controllers 4-4
access point event logs, viewing D-15
access point groups
assigning access points to
using the CLI 7-62
using the GUI 7-61
creating
default group 7-58
described 7-56
illustrated 7-57
removing
using the CLI 7-62
using the GUI 7-59
access point monitor service, debugging D-51
access point radios, searching for8-31to 8-32
access points
20-MHz channelization 13-33
40-MHz channelization 13-34
adding MAC address to controller filter list
using the GUI??to 9-25
assisted roaming 4-60
authorization list 8-51
authorizing
using MICs 8-46
using SSCs 8-45
using the CLI 8-51
using the GUI 8-50
configuring hybrid REAP using the CLI15-15to 15-16
converting to mesh access points 9-124
embedded 8-41
guidelines for operating in Japan B-1
LEDs
configuring 8-132
interpreting D-2
migrating from the -J regulatory domain to the -U regulatory domain8-111to 8-114
number supported per controller 3-5
priming 8-8
regulatory information??to B-2
supported for use with hybrid REAP 15-1
supporting oversized images8-68to 8-69
troubleshooting
using Telnet or SSHD-49to D-51
VCI strings 8-52
verifying that they join the controller 8-9
viewing join information
viewing multicast client table 4-59
Accounting Server parameters 7-68
accounting servers, disabling per WLAN 7-67
ACL. See access control lists (ACLs)
ACS server configuration page 7-65
Action parameter 6-65
active exploits 6-135
Add AAA Client page (on CiscoSecure ACS) 6-4, 6-21
Add AP button 15-21
Add New Rule button 6-63
Add Web Server button 11-19
AdHoc Rogue AP parameter 6-94
administrator access 4-38
administrator usernames and passwords, configuring 4-38
Admin Status parameter 3-25, 3-26
Admission Control (ACM) parameter 4-75, 4-77
AES CBS IPSec data encryption 6-10
AES-CCMP 7-26
AES parameter 7-28
Aggregated MAC Protocol Data Unit (A-MPDU) 4-33
Aggregated MAC Service Data Unit (A-MSDU) 4-33
aggregation method, specifying 4-32
AirMagnet Enterprise Analyzer D-45
Aironet IE parameter 7-30, 7-53
Aironet IEs
configuring using the CLI 7-56
configuring using the GUI 7-53
Airopeek D-45
Alarm Trigger Threshold parameter 13-42
All APs > Access Point Name > Link Details > Neighbor Name page 9-122
All APs > Access Point Name > Mesh Neighbor Stats page 9-123
All APs > Access Point Name > Neighbor Info page 9-122
All APs > Access Point Name > Statistics page 9-117
All APs > Access Point Name > VLAN Mappings page 15-15
All APs > Details (Advanced) page
configuring CDP 4-98
All APs > Details for (Advanced) page 8-4, 8-63, D-50
configuring country codes 8-108
configuring link latency 8-125
configuring PoE 8-130
All APs > Details for (Credentials) page 8-34, 8-38, 8-82
All APs > Details for (General) page 8-67, 8-80, 15-13
All APs > Details for (High Availability) page 8-80, 8-98, 8-102
All APs > Details for (H-REAP) page 8-81, 15-14
All APs > Details for (Inventory) page 8-121
All APs > Details for page D-47, D-52
All APs > Details page 9-26, 9-54, 9-79, 13-41
All APs page 8-10, 9-116, 9-121, 13-41, 15-13
Allow AAA Override parameter 6-88
AnchorTime parameter 9-70, 13-18
anonymous local authentication bind method 6-38, 6-40
Anonymous Provision parameter 6-48
Antenna Gain parameter 13-35
Antenna parameter 13-35
Antenna Type parameter 13-35
AP > Clients > Traffic Stream Metrics page 4-81
AP > Clients page 4-81
AP801 access point
described 8-41
using with a controller 8-41
AP Authentication Policy page 6-74, 13-42
AP Core Dump parameter 8-63
ap-count evaluation licenses, activating
AP Ethernet MAC Addresses parameter 8-48
AP Failover Priority parameter 8-102
AP Group Name parameter 7-59
AP Groups > Edit (APs) page 7-61
AP Groups > Edit (General) page 7-60
AP Groups > Edit (WLANs) page 7-60, 7-74
AP image download 8-27
AP Join Stats Detail page 8-58
AP Join Stats page 8-56
AP local authentication
Using GUI 15-17
AP Local Authentication on a WLAN
Using the CLI 15-17
AP-manager interface
and dynamic interfaces 3-9
configuring
using the CLI 3-16
creating multiple interfaces
using the CLI 3-47
described 3-7
illustration
of four AP-manager interfaces 3-45
of three AP-manager interfaces 3-44
of two AP-manager interfaces 3-43
AP Mode parameter 8-80, 13-41, 15-14, D-47
AP Name parameter 7-61
AP Policies page 8-51
AP Primary Discovery Timeout parameter 8-97, 9-29
ASLEAP detection 6-135
Assignment Method parameter 13-33, 13-36
asymmetric tunneling
described 14-26
illustrated 14-27
authenticated local authentication bind method 6-38, 6-40
Authentication Protocol parameter 4-43
Auth Key Mgmt parameter 7-28
Authority ID Information parameter 6-48, 15-24, 15-25
Authority ID parameter 6-48, 15-24
Authorize LSC APs against auth-list parameter 8-51
Authorize MIC APs against auth-list or AAA parameter 8-51
authorizing access points
using the CLI 8-51
using the GUI 8-50
auto-anchor mobility
configuring
guidelines 14-22
auto-immune feature 6-114
AutoInstall
example operation 2-29
obtaining
DHCP addresses for interfaces 2-26
TFTP server information 2-26
overview 2-26
selecting configuration file 2-28
using 2-26
Average Data Rate parameter 4-66, 4-70
Average Real-Time Rate parameter 4-66, 4-70
Avoid Cisco AP Load parameter 9-70, 13-18
Avoid Foreign AP Interference parameter 9-70, 13-18, 14-19
Avoid Non-802.11a (802.11b) Noise parameter 9-71, 13-18
B
Backhaul Client Access parameter 9-37, 9-128
backup controllers
configuring
using the CLI8-99to8-100, 9-30to 9-32
using the GUI8-96to8-98, 9-28to 9-30
Back-up Primary Controller IP Address parameter 8-97, 9-29
Back-up Primary Controller Name field 8-97, 9-29
Back-up Secondary Controller IP Address parameter 8-98, 9-29
Back-up Secondary Controller Name parameter 8-98, 9-29
bandwidth-based CAC
described 4-72
enabling
using the CLI 4-84
using the GUI 4-75
for mesh networks 9-94
Base MAC Address parameter 3-32
Beacon Period parameter 4-27
beamforming
configuring
using the CLI??to9-20, 13-45to 13-46
using the GUI??to9-19, 13-44to 13-45
guidelines 13-44
Beamforming parameter 13-44, 13-45
Bind Password parameter 6-38
Bind Username parameter 6-38
bridge protocol data units (BPDUs) 3-28
bridging parameters
configuring using the GUI??to 9-80
browsers supported 2-17
Buffered Log Level parameter D-9
Burst Data Rate parameter 4-66, 4-70
Burst Real-Time Rate parameter 4-66, 4-70
C
CAC
configuring for 7920 phones 7-40
described 4-72
enabling
using the CLI 4-85
using the GUI 4-77
in mesh networks 9-94
viewing in mesh networks9-102to 9-103
viewing using the CLI 4-86
capacity adder license. See licenses
CAPWAP
and mesh access points 9-12
cascading 13-6
CA Server URL parameter 8-47
Catalyst 3750G Integrated Wireless LAN Controller Switch
described 1-13
logical connectivity diagram and associated software commandsE-4to E-7
CCKM
configuring 7-28
described 7-26
hybrid-REAP groups 15-19
with mobility 14-7
CCX
configuring Aironet IEs
using the CLI 7-56
using the GUI 7-53
described 7-53
link test 8-121
viewing a client's version
using the CLI 7-56
CCX Layer 2 client roaming
configuring
using the CLI 4-63
debugging using the CLI 4-64
obtaining information using the CLI 4-63
CCX radio management
configuring
using the CLI 13-48
debugging using the CLI 13-50
features 13-46
hybrid-REAP considerations 13-46
obtaining information using the CLI13-49to 13-50
CCXv5 clients
enabling location presence 4-114
CCXv5 Req button D-33
CCX Version parameter 7-55
CDP > AP Neighbors > Detail page 4-101
CDP > AP Neighbors page 4-101
CDP > Global Configuration page 4-97
CDP > Interface Neighbors > Detail page 4-99
CDP > Interface Neighbors page 4-99
CDP > Traffic Metrics page 4-102
CDP Advertisement Version parameter 4-97
CDP AP Neighbors page 4-100
CDP Protocol Status parameter 4-97
CDP State parameter 4-98
Certificate Authority (CA) certificates
downloading
using the GUI 10-22
overview 10-22
using with local EAP 6-43, 6-49
Certificate File Name parameter 11-8
Certificate File Path parameter 11-8
Certificate Issuer parameter 6-47
Certificate Password parameter 10-20, 11-8
Certificate Type parameter 8-51
Change Filter link 8-10, 8-32, 8-56
Change Rules Priority parameter 6-99
Channel Announcement parameter 4-35
Channel Assignment Leader parameter 9-71, 13-19
Channel Assignment Method parameter 9-70, 13-17
channel bonding in the 5-GHz band 13-34
Channel Quiet Mode parameter 4-35
channels
statically assigning using the CLI 13-37
statically assigning using the GUI13-32to 13-36
Channel Scan Duration parameter 13-24
Channel Width Parameter 13-18
Channel Width parameter 9-71, 13-33
Check Against CA Certificates parameter 6-47
Check Certificate Date Validity parameter 6-47
chokepoints for RFID tag tracking 4-106
CIDS Sensor Add page 6-112
CIDS Sensors List page 6-112
CIDS Shun List page 6-116
ciphers
configuring 7-28
described 7-27
Cisco 2100 Series Wireless LAN Controllers
AutoInstall interfaces 2-26
described 1-7
FCC statement B-3
features not supported 1-7
network connections 1-17
Cisco 2500 Series Controller 1-8
Cisco 2500 Series Controllers
License SKUs 4-4
Cisco 28/37/38xx Integrated Services Router
described 1-12
logical connectivity diagram and associated software commands E-3
using 4-120
versions 1-12
Cisco 3200 Series Mobile Access Router (MAR)
described 9-127
operating with mesh access points
using the CLI to configure 9-129
using the GUI to configure 9-128
Cisco 3300 Series Mobility Services Engine (MSE), using with wIPS 6-128
Cisco 4400 Series Wireless LAN Controllers
AutoInstall interfaces 2-26
choosing between link aggregation and multiple AP-manager interfaces3-36to 3-46
described 1-9
FCC statement B-3
models 3-4
network connections1-17to 1-18
Cisco 5500 Series Wireless LAN Controllers
choosing between link aggregation and multiple AP-manager interfaces3-36to 3-46
CPUs D-5
described 1-9
FCC statement B-3
features not supported 1-9
interface configuration example 3-48
licenses. See licenses
models 3-4
multiple AP-manager interfaces3-47to 3-48
network connections 1-18
using the USB console port3-34to 3-35
Cisco 7920 Wireless IP Phones 7-41
Cisco 7921 Wireless IP Phones 7-41
Cisco Adaptive Wireless Path Protocol (AWPP) 9-12
Cisco AV-pairs 7-63, 7-64, 7-65
Cisco Centralized Key Management (CCKM). See CCKM
Cisco Clean Access (CCA) 7-69
Cisco CleanAir 12-1
Cisco Client Extensions (CCX). See CCX
Cisco Discovery Protocol (CDP)
configuring
debugging using the CLI 4-105
described 4-94
enabling using the GUI4-97to 4-98
sample network 4-96
supported devices 4-94
viewing neighbors
viewing traffic information
using the CLI 4-104
using the GUI 4-102
Cisco Discovery Protocol parameter 4-98
Cisco License Manager (CLM)
and the controller license agent 4-23
using to register PAKs 4-6
Cisco Licensing website 4-18
Cisco Logo parameter 11-12
Cisco NAC Appliance 7-69
CiscoSecure Access Control Server (ACS) 6-4
Cisco Spectrum Intelligence 12-24
Cisco Unified Wireless Network (UWN) Solution
illustrated 1-2
Cisco Wireless Control System (WCS) 1-2
Cisco WiSM
configuring the Supervisor 7204-118to ??
guidelines 4-119
logical connectivity diagram and associated software commandsE-1to E-3
SSC key-hash 8-44
CKIP
configuring
using the CLI 7-31
described 7-29
CleanAir Benefits 12-2
CleanAir guidelines 12-4
Clear Config button 8-87
Clear Filter link 7-8, 8-13, 8-32, 8-57
clearing the controller configuration 10-34
Clear Stats button 14-20
Clear Stats on All APs button 8-56
CLI
basic commands 2-25
enabling wireless connections 2-37
logging out 2-25
navigating 2-25
troubleshooting commandsD-6to D-7
Client Certificate Required parameter 6-47
client exclusion policies, configuring
Client Exclusion Policies page 6-80
client location, using WCS 1-7
client MFP 6-73
Client Protection parameter 6-77
client reporting
configuring using the CLID-35to D-38
configuring using the GUID-32to D-35
described D-26
Client Reporting page D-34
client roaming, configuring4-59to 4-64
clients
connecting to WLANs 15-18
viewing
using the CLI 8-137
viewing CCX version
using the CLI 7-56
Clients > AP > Traffic Stream Metrics page 4-80
Clients > Detail page
configuring client reporting D-33
viewing a client's CCX version 7-55
viewing client details 8-92, 8-136
viewing the status of workgroup bridges 8-91
viewing voice and video settings 4-79
Clients page
performing a link test 8-123
viewing clients 8-133
viewing the status of workgroup bridges 8-91
viewing voice and video settings 4-78
Client Type parameter 8-92, 8-93
Commands > Reset to Factory Defaults page 4-121
comma-separated values (CSV) file, uploading 15-23
Community Name parameter 4-41
conditional web redirect 7-63
configuring
using the CLI 7-66
described 7-64
Conditional Web Redirect parameter 7-66
Configuration File Encryption parameter 10-30
configuration files
downloading
uploading
configuration wizard
described 2-1
Configuration Wizard - 802.11 Configuration page 2-11
Configuration Wizard Completed page 2-13
Configuration Wizard - Management Interface Configuration page 2-6
Configuration Wizard - Miscellaneous Configuration page 2-7
Configuration Wizard - Service Interface Configuration page 2-5
Configuration Wizard - Set Time page 2-12
Configuration Wizard - SNMP Summary page 2-4, 2-6
Configuration Wizard - System Information page 2-3
Configuration Wizard - Virtual Interface Configuration page 2-8
Configure 12-1
Configure Dynamic Anchoring of Static IP Clients
Using the CLI 14-31
Configure option for RRM override 13-33
Configure RF Group
Using CLI 13-12
Configure RF Group Mode
Using GUI 13-11
Configuring a Spectrum Expert 12-23
Configuring Cisco CleanAir
Using the GUI 12-5
Configuring Cisco Cleanair
Using the CLI 12-8
Configuring Dynamic Anchoring of Static IP Clients
Using the GUI 14-31
Configuring Sniffing on an Access Point
Using the GUI D-46
Confirm Password parameter 15-11
Console Log Level parameter D-9
console port
Control and Provisioning of Wireless Access Points protocol (CAPWAP) 1-5
debugging 8-7
described 8-2
guidelines 8-2
viewing MTU information 8-6
controller failure detection time, reducing 8-95
controller network module
baud rate 3-3
versions 3-5
controllers
configuration
clearing 10-34
erasing 10-34
saving 10-33
connections 1-14
discovery process 8-7
guidelines for operating in JapanB-1to B-2
multiple-controller deployment1-3to 1-4
resetting factory default settings
using the GUI 4-121
single-controller deployment1-2to 1-3
synchronizing with location appliance 4-111
types of memory 1-15
upgrading software
using the GUI 10-6
Controller Spanning Tree Configuration page 3-31
Controller Time Source Valid parameter 6-77
Control Path parameter 14-23
core dump files
described D-18
uploading automatically to an FTP server
using the CLI D-19
using the GUI D-18
uploading from a 5500 series controller to a TFTP or FTP serverD-20to D-21
Core Dump page D-18
Country Code parameter 8-108
country codes
configuring
described 8-106
Japanese 8-112
viewing using the CLI 8-110
Country page 8-107
Coverage Exception Level per AP parameter 13-21
coverage hole detection
configuring per controller
using the CLI 13-27
disabling on a WLAN
described 7-68
using the CLI 7-69
coverage hole detection and correction 13-4
Coverage Hole Detection Enabled parameter 7-68
CPU Access Control Lists page 6-68
CPUs, 5500 series controllers D-5
crash files
uploading
create 3-50
create interface group
using GUI 3-50
Create Interface Groups
using CLI 3-51
Creating Interface Groups
CLI 3-51
GUI 3-50
Current Channel parameter 13-36
Custom Signatures page 6-121
D
data encryption
and OfficeExtend access points 8-84
configuring
for OfficeExtend access points 8-82
Data Encryption parameter 8-5, 8-82
Datagram Transport Layer Security 8-26
Data Path parameter 14-23
Data Rates parameter 4-28
date
configuring manually 2-31
configuring through NTP server 2-29
setting
using the CLI 2-33
DCA Channel Sensitivity parameter 9-71, 13-18
DCA Channels parameter 9-71, 13-19
debug commands, sending 8-60
debug facility
default enable password 8-33
default-group access point group 7-58
Default Mobility Group parameter 14-12
Default Routers parameter 7-15
Delivery Traffic Indication Map (DTIM). See DTIM period
Deny Counters parameter 6-66
Description parameter 6-34, 9-25, 15-12
Designated Root parameter 3-32
DES IPSec data encryption 6-9
Destination parameter 6-64
Destination Port parameter 6-65
Detect and Report Ad-Hoc Networks parameter 6-93
device certificates
downloading
using the CLI 10-21
overview 10-19
using with local EAP 6-43, 6-49
DHCP
configuring using the CLI 7-13
configuring using the GUI 7-12
debugging 7-14
DHCP Addr. Assignment Required parameter 7-13
DHCP Allocated Lease page 7-16
DHCP option 43, in controller discovery process 8-8
DHCP option 82
configuring
using the GUI 6-61
described 6-59
example 6-60
DHCP Option 82 Remote ID Field Format parameter 6-61
DHCP Parameters page 4-37, 4-38, 6-60
DHCP proxy
configuring
using the CLI 4-38
using the GUI4-36to4-37, ??to4-38, ??to 4-91
described 4-36
DHCP Scope > Edit page 7-15
DHCP scopes
configuring
described 7-14
DHCP Scopes page 7-14
DHCP server discovery 8-8
DHCP Server IP Addr parameter 7-12
DHCP Server Override parameter 7-12
DHCP servers
internal 7-10
DHCP Timeout
configurie using GUI 4-38
diagnostic channel
configuring
using the GUI D-27
described D-26
Diagnostic Channel parameter D-27
directed roam request 4-61
Direction parameter 6-65
disabled clients, configuring a timeout 7-18
discovery request timer, configuring 8-99, 9-31
distribution system ports3-3to 3-5
Diversity parameter 13-35
DNS Domain Name parameter 7-15
DNS IP Address parameter 8-67
DNS Servers parameter 7-16
Domain Name parameter 8-67
domain name server (DNS) discovery 8-8
Download button
downloading a CA certificate 10-23
downloading a configuration file 10-31
downloading a customized web authentication login page 11-22
downloading a device certificate 10-20
downloading a signature file 6-120
Download File to Controller page 10-17
downloading a customized web authentication login page 11-21
downloading CA certificates 10-23
downloading configuration files 10-30
downloading device certificates 10-20
downloading IDS signatures 6-120
downloading login banner file 10-16
Download SSL Certificate parameter 11-7
DSCP parameter 6-65
DTIM period, configuring for MAC filtering 7-19
DTLS data encryption. See data encryption
DTPC Support parameter 4-27
Dynamic Anchoring for Clients with Static IP Addresses
Configuring 14-30
dynamic AP management
for dynamic interface 3-21
for the management interface 3-15
Dynamic AP Management parameter 3-9
for dynamic interface 3-20
for management interface 3-13
dynamic AP-manager interface 3-10
dynamic channel assignment (DCA)
20-MHz channelization 13-4, 13-19
40-MHz channelization 13-4, 13-19
configuring
using the GUI9-69to9-72, 13-16to 13-20
described 13-3
sensitivity thresholds 9-71
dynamic frequency selection8-115to 8-116
dynamic interface
configuring
described 3-9
dynamic interface example 3-48
dynamic transmit power control, configuring 4-27
dynamic WEP, configuring 7-24
Dynamic WEP Key Index parameter 6-45
E
EAP-FAST Method Parameters page 6-48
EAP-FAST parameter 6-46
EAPOL-Key Max Retries parameter 6-45
EAPOL-Key Timeout parameter 6-45
EAP Profile Name parameter 6-49
EAP-TLS parameter 6-46
EDCA Profile parameter 4-92
Edit QoS Profile page 4-65
Edit QoS Role Data Rates page 4-69
Egress Interface parameter 11-30
Email Input parameter 11-31
Enable AP Local Authentication parameter 15-22
Enable Authentication for Listener parameter 4-24
Enable Check for All Standard and Custom Signatures parameter 6-122
Enable Controller Management to be accessible from Wireless Clients parameter 2-38, 6-59
Enable Counters parameter 6-63
Enable Coverage Hole Detection parameter 13-21
Enable CPU ACL parameter 6-68
Enable Default Authentication parameter 4-24
Enable DHCP Proxy parameter 4-37
Enable Dynamic AP Management parameter 3-46
Enable EAP-FAST Authentication parameter 15-24
Enable IGMP Snooping parameter 4-56
Enable LEAP Authentication parameter 15-24
Enable Least Latency Controller Join parameter 8-82
Enable Link Latency parameter 8-82, 8-125, 8-126
Enable Listener parameter 4-24
Enable Low Latency MAC parameter 4-92
Enable LSC on Controller parameter 8-47
Enable NAT Address parameter 3-12
Enable Notification parameter 4-24
Enable OfficeExtend AP parameter 8-81
Enable passive client 7-78
Enable Password parameter 8-34
Enable Server Status parameter 6-38
Enable Tracking Optimization parameter 8-117
Encryption Key parameter 7-30
end user license agreementC-1to C-4
end-user license agreement (EULA) 4-8
enhanced distributed channel access (EDCA) parameters
configuring using the CLI 4-93
enhanced neighbor list
request (E2E) 4-60
Enter Saved Permission Ticket File Name parameter 4-20
erasing the controller configuration 10-34
error codes, for failed VoIP calls7-46to 7-48
Ethernet connection, using remotely2-24to 2-25
Event reporting for MFP 6-73
Excessive 802.11 Association Failures parameter 6-81
Excessive 802.11 Authentication Failures parameter 6-81
Excessive 802.1X Authentication Failures parameter 6-81
Excessive Web Authentication Failures parameter 6-81
Expedited Bandwidth parameter 4-76
expedited bandwidth requests
described 4-73
enabling
using the GUI 4-76
Expiration Timeout for Rogue AP and Rogue Client Entries parameter 6-93
Extensible Authentication Protocol (EAP)
configuring 7-24
setting local timers6-50to 6-51
timeout and failure counters
per access point 6-53
per client 6-53
extension channel 13-36
F
factory default settings
resetting using the GUI 4-121
failover priority for access points
configuring
using the CLI 8-102
described 8-101
viewing using the CLI 8-103
failover protection 1-16
fake access point detection 6-135
Fallback Mode parameter 6-10
Fast Ethernet port 3-5
fast heartbeat timer
configuring
using the CLI 8-99
using the GUI 8-97
described 8-96
fast SSID changing
configuring using the CLI 4-51
configuring using the GUI 4-51
fault tolerance 15-5
FCC statement
2100 series controllers B-3
4400 series controllers B-3
5500 series controllers B-3
Federal Information Processing Standards (FIPS) 6-12
File Compression parameter 8-63
File Name to Save Credentials parameter 4-18
file transfers 1-15
File Type parameter
downloading a CA certificate 10-23
downloading a configuration file 10-30
downloading a customized web authentication login page 11-21
downloading a device certificate 10-20
Login Banner 10-17
uploading a configuration file 10-28
uploading packet capture files D-23
uploading PACs 10-25
filter, using to view clients8-134to 8-135
Fingerprint parameter 6-113
flashing LEDs, configuring 8-132
Forward Delay parameter 3-32, 3-33
forwarding plane architecture 4-52
Fragmentation Threshold parameter 4-27
fragmented pings 3-6
Friendly Rogue > Create page 6-99
FTP server guidelines 10-2
G
General (controller) page
configuring 802.3 bridging 4-53
configuring an RF group 13-8
enabling link aggregation 3-40
General (security) page 6-31
General page 6-44
Generate Password parameter 11-4
Generate Rehost Ticket button 4-20
gigabit Ethernet port 3-5
Global AP Failover Priority parameter 8-102
Global Configuration page
configuring backup controllers 8-96, 9-28
configuring failover priority for access points 8-101
configuring global credentials for access points 8-34
global credentials for access points
configuring
described 8-33
overriding
using the CLI 8-35
using the GUI 8-34
Global multicast mode 7-77
Group Mode parameter 13-10, 14-18
Group Name parameter 14-13, 15-21
Group Setup page (on CiscoSecure ACS) 6-23
Guest LAN parameter 11-29
guest N+1 redundancy 14-21
guest user accounts
creating as a lobby ambassador11-3to 11-5
viewing
using the CLI 11-6
Guest User parameter 6-33, 15-11
Guest User Role parameter 6-33, 15-12
guest WLAN, creating 11-5
GUI
browsers supported 2-17
enabling wireless connections 2-37
guidelines 2-17
logging into 2-17
logging out of 2-17
using 2-16
Guidelines and Limitations for Predownloading 10-12
GUI to configure passive client 7-76
H
Headline parameter 11-13
Hello Time parameter 3-32, 3-33
help, obtaining 2-17
hex2pcap sample output D-44
Honeypot access point detection 6-135
HREAP Groups > Edit (Local Authentication > Local Users) page 15-23
HREAP Groups > Edit (Local Authentication > Protocols) page 15-24
HREAP Groups > Edit page 15-21
HREAP Groups page 15-21
HREAP Group Support 15-20
H-REAP Local Switching parameter 15-10
H-REAP Mode AP Fast Heartbeat Timeout parameter 8-97
H-REAP Mode AP Fast Heartbeat Timer State parameter 8-97
H-REAP parameter 8-80
HTTP Access parameter 2-18
HTTP Configuration page 2-18
HTTPS Access parameter 2-19
hybrid REAP
access points supported 15-1
authentication process15-2to 15-5
bandwidth restriction 15-2, 15-3
configuring
access points using the CLI15-15to 15-16
access points using the GUI15-13to 15-15
controller using the GUI15-8to 15-12
guidelines 15-6
illustrated 15-2
number of access points supported 15-2
overview 15-1
hybrid-REAP
hybrid-REAP groups
backup RADIUS server 15-19
CCKM 15-19
configuring
using the CLI 15-25
described 15-18
example 15-19
local authentication 15-20
Hybrid-REAP Groups and OKC 15-19
Hysteresis parameter 4-62
I
identity networking
Identity Request Max Retries parameter 6-45
Identity Request Timeout parameter 6-45
IDS 6-112
IDS sensors
configuring
described 6-112
IDS signature events
viewing using the CLI6-126to 6-128
viewing using the GUI6-123to 6-124
IDS signatures
configuring
described 6-117
frequency 6-123
measurement interval 6-122
pattern 6-122
tracking method 6-122
uploading or downloading using the GUI6-119to 6-120
viewing
IGMP Snooping 7-78
IGMP Timeout parameter 4-56
IKE Diffie Hellman Group parameter 6-10
IKE Phase 1 parameter 6-10
Image pre-download 8-27
Index parameter for IDS 6-113
indoor access points
converting to mesh access points 9-124
infrastructure MFP
components 6-73
described 6-73
Infrastructure Protection parameter 6-77
Infrastructure Validation parameter 6-77
Ingress Interface parameter 11-30
Injector Switch MAC Address parameter 8-130
inline power 8-128
Install License button 4-8
inter-controller roaming
described 4-59
example 14-2
Interface Groups 3-50
using GUI 3-50
Interface groups 3-50
Interface Name parameter 7-60, 7-71, 7-74, 9-25
Interface parameter 7-12
interfaces
and identity networking 6-84
assigning WLANs 7-18
configuring
Interfaces > Edit page
applying an ACL to an interface 6-67
configuring dynamic interfaces 3-19
configuring NAC out-of-band integration 7-72
creating multiple AP-manager interfaces 3-45
Interfaces > New page 3-18, 3-45
Interfaces page 3-12
interference 13-3
Interferences 12-2
Interference threshold parameter 13-23
Internet Group Management Protocol (IGMP)
configuring
using the CLI 4-58
snooping 4-54
inter-release mobility 14-10
inter-subnet mobility 14-7
inter-subnet roaming
described 4-60
Interval parameter 9-70, 13-18, 13-48
intra-controller roaming
described 4-59
illustrated 14-1
Inventory page 8-120
Invoke Channel Update Now button 9-70, 13-17
Invoke Power Update Now button 13-13
IP address-to-MAC address binding
configuring 4-64
described 4-64
IP Mask parameter 4-41
IPSec parameter 6-9
IP Theft or IP Reuse parameter 6-81
IPv6 bridging
configuring
using the CLI 7-52
using the GUI 7-52
described 7-50
guidelines 7-50
IPv6 bridging and IPv4 web authentication example 7-51
IPv6 Enable parameter 7-52
J
Japanese country codes 8-112
Japanese regulations for migrating access points from the -J to the -U regulatory domain8-111to 8-114
K
Keep Alive Count parameter 14-22
Keep Alive Interval parameter 14-22
Key Encryption Key (KEK) parameter 6-8
Key Format parameter 7-30
Key Index parameter 7-30
key permutation
configuring 7-31
described 7-29
Key Permutation parameter 7-31
Key Size parameter 7-30
Key Wrap Format parameter 6-8
Key Wrap parameter 6-8
L
LAG. See link aggregation (LAG)
LAG Mode on Next Reboot parameter 3-40
Last Auto Channel Assignment parameter 9-71, 13-19
Last Power Level Assignment parameter 13-14
Layer 1 security 6-2
Layer 2
operation 1-5
security
described 6-2
Layer 2 Security parameter 7-27, 7-30, 7-66
Layer 3
operation 1-5
security
described 6-2
Layer 3 Security parameter
for VPN passthrough 7-33, 7-37
for web authentication 7-35
for web redirect 7-66
for wired guest access 11-30
LDAP
choosing server priority order 6-38
configuring
LDAP server
assigning to WLANs 6-39
choosing local authentication bind method
using the CLI 6-40
using the GUI 6-38
LDAP Servers > New page 6-37
LDAP Servers page 6-37
LDAP Servers parameter 6-49
LEAP parameter 6-46
Learn Client IP Address parameter 15-10
Lease Time parameter 7-15
LEDs
configuring 8-132
interpreting D-1
license agent
configuring
described 4-23
License Agent Configuration page 4-24
License Commands (Rehost) page 4-18
License Commands page 4-7
License Detail page 4-10, 4-15
licenses
activating ap-count evaluation licenses
installing
rehosting
described 4-17
removing
using the CLI 4-8
using the GUI 4-10
required for OfficeExtend access points 8-80
saving
using the CLI 4-9
using the GUI 4-8
transferring to a replacement controller after an RMA4-22to 4-23
viewing
licensing portal, using to register PAKs 4-6
Lifetime parameter 6-33, 11-4, 15-11
Lightweight Access Point Protocol (LWAPP) 1-5, 8-2
lightweight mode, reverting to autonomous mode 8-44
link aggregation (LAG)
configuring neighboring devices 3-41
enabling
using the CLI 3-41
example 3-37
illustrated 3-39
verifying settings using the CLI 3-41
link latency
and OfficeExtend access points 8-82, 8-84
configuring
described 8-124
Link Status parameter 3-25
Link Test
button 8-123
page 8-123
window 9-122
link test
described 8-121
performing
using the CLI 8-124
using the GUI8-122to 8-123, 9-122
types of packets 8-121
Link Trap parameter 3-25, 3-26
Listener Message Processing URL parameter 4-24
Load-based AC parameter 4-76
load-based CAC
enabling
using the GUI 4-76
lobby ambassador account
creating using the CLI 11-3
creating using the GUI11-1to 11-3
Lobby Ambassador Guest Management > Guest Users List > New page 11-4
Lobby Ambassador Guest Management > Guest Users List page 11-3, 11-5
Local Auth Active Timeout parameter 6-45
local authentication, local switching 15-3
Local Authentication on a WLAN
using the GUI 15-16
local EAP
configuring
debugging 6-54
example 6-43
viewing information using the CLI 6-52
Local EAP Authentication parameter 6-49
Local EAP Profiles > Edit page 6-46
Local EAP Profiles page 6-45
Local Management Users > New page 11-2
Local Management Users page 11-1
Local Mode AP Fast Heartbeat Timeout parameter 8-97
Local Mode AP Fast Heartbeat Timer parameter 8-97
Local Net Users > New page 6-33, 15-11
Local Net Users page 6-32, 11-6
local network users
configuring using the CLI6-34to 6-35
configuring using the GUI6-32to 6-34
local significant certificate (LSC)
configuring
described 8-46
Local Significant Certificates (LSC) - AP Provisioning page 8-47
Local Significant Certificates (LSC) - General page 8-46
local user database, capacity 11-1
location
calibration 13-47
configuring settings using the CLI4-111to 4-113
viewing settings using the CLI4-113to 4-115
location appliance
installing certificate4-110to 4-111
synchronizing with controller 4-111
location-based services 13-47
location presence 4-114
logical connectivity diagram
Catalyst 3750G Integrated Wireless LAN Controller Switch E-4
Cisco 28/37/38xx Integrated Services Router E-3
Cisco WiSM E-1
login banner file
described 10-16
downloading
Login Banner page 10-19
logs
uploading
long preambles
described 6-54
enabling on SpectraLink NetLink phones
using the CLI 6-55
using the GUI 6-54
LWAPP-enabled access points
debug commands 8-60
disabling the reset button 8-66
guidelines 8-44
MAC addresses displayed on controller GUI 8-65
radio core dumps
described 8-60
receiving debug commands from controller 8-60
retrieving radio core dumps 8-61
reverting to autonomous mode8-44to 8-45
sending crash information to controller 8-60
uploading
access point core dumps8-63to 8-64
M
MAC address of access point
adding to controller filter list
using the GUI??to 9-25
displayed on controller GUI 8-65
MAC Address parameter 9-25
MAC filtering
configuring on WLANs7-17to 7-18
DTIM period 7-19
MAC Filtering page 9-24
MAC Filters > New page 9-24
management frame protection (MFP)
configuring
using the CLI 6-77
debugging 6-80
described6-72to ??
guidelines 6-74
types 6-72
Management Frame Protection parameter 6-77
Management Frame Protection Settings page 6-77
management frame validation 6-73
management interface
configuring
using the CLI 3-14
described 3-7
Management IP Address parameter 8-80
management over wireless
described 6-58
enabling
using the CLI 6-59
using the GUI 6-58
Master Controller Configuration page 8-9
Master Controller Mode parameter 8-9
Max Age parameter 3-32
Max HTTP Message Size parameter 4-24
Maximum Age parameter 3-33
maximum local database entries
configuring using the CLI 6-31
configuring using the GUI 6-31
Maximum Local Database Entries parameter 6-31
Maximum Number of Sessions parameter 4-24
Max-Login Ignore Identity Response parameter 6-45
Max RF Bandwidth parameter 4-76, 4-77
MCS data rates 4-31
Member MAC Address parameter 14-13
memory
types 1-15
memory leaks, monitoringD-24to D-25
mesh
network example 9-101
parameters
configuring using the CLI 9-40, 9-64
configuring using the GUI9-35to 9-40
statistics
viewing for an access point using the CLI??to9-104, 9-120to 9-121
viewing for an access point using the GUI9-116to 9-120
Mesh > LinkTest Results page 9-122
mesh access points
and CAPWAP 9-12
converting to non-mesh access points 9-126
models 9-1
network access 9-3
operating with Cisco 3200 Series Mobile Access Routers
configuration guidelines 9-127
described 9-127
using the CLI to configure 9-129
using the GUI to configure 9-128
roles 9-2
mesh neighbors, parents, and children 9-12
mesh network hierarchy 9-3
mesh node security statistics9-119to 9-120
mesh node statistics 9-118
mesh routing 9-12
Message Authentication Code Key (MACK) parameter 6-8, 6-12
message logs
configuring
using the GUI D-8
viewing
using the CLI D-14
See also system logging
Message Logs page D-10
Message parameter for web authentication 11-13
Metrics Collection parameter 4-76
MFP Client Protection parameter 6-76
MFP Frame Validation parameter 6-76
migrating access points from the -J to the -U regulatory domain8-111to 8-114
Min Failed Client Count per AP parameter 13-21
Minimum RSSI parameter 4-62
mirror mode. See port mirroring, configuring
MMH MIC
configuring 7-31
described 7-29
MMH Mode parameter 7-31
Mobile Announce messages 14-7
mobility
failover 14-21
overview 14-1
Mobility Anchor Config page 14-28
Mobility Anchor Create button 14-23
mobility anchors. See auto-anchor mobility
Mobility Anchors option 14-23
Mobility Anchors page 14-23
Mobility Group Member > New page 14-12
Mobility Group Members > Edit All page 14-14
mobility groups
configuring
using the CLI 14-15
with one NAT device 14-8
with two NAT devices 14-9
determining when to include controllers 14-7
difference from RF groups 13-5
examples 14-7
illustrated 14-4
messaging among 14-7
number of access points supported 14-5
number of controllers supported 14-5
using with NAT devices14-7to 14-9
mobility group statistics
types 14-17
viewing
using the CLI 14-20
mobility list
detecting failed members 14-21
number of controllers supported 14-7
ping requests to members 14-21
Mobility Multicast Messaging > Edit page 14-15
Mobility Multicast Messaging page 14-14
mobility ping tests, running 14-29
Mobility Statistics page 14-18
MODE access point button 8-45, 8-66
Monitoring 12-18
monitor intervals, configuring using the GUI 13-24
Multicast Appliance Mode parameter 3-26
multicast client table, viewing 4-59
multicast groups
viewing using the CLI 4-58
viewing using the GUI 4-57
Multicast Groups page 4-57
multicast mode
configuring
using the CLI 4-57
using the GUI 4-56
multicast-multicast 7-76
Multicast-Multicast mode 7-76
Multicast Optimization 3-52
Multicast VLAN
Using the CLI 3-53
multiple AP-manager interfaces
5500 series controller example3-47to 3-48
multiple country codes
configuration guidelines 8-106
configuring
using the CLI 8-109
N
NAC in-band mode 7-69
NAC out-of-band integration
and hybrid REAP 15-6
configuring
diagram 7-70
NAC out-of-band support
configuring for a specific access point group
using the CLI 7-75
using the GUI 7-73
NAC State parameter 7-60, 7-73, 7-74
NAT address
for dynamic interface 3-19, 3-22
for management interface 3-12, 3-15
NAT devices in mobility groups14-7to 14-9
Native VLAN ID parameter 15-14
Neighbor Discovery Packet 13-31
neighbor information
viewing for an access point using the CLI 9-123
viewing for an access point using the GUI9-121to 9-123
Neighbor Information option 9-121
Neighbor Packet Frequency parameter 13-24
neighbor statistics
viewing for an access point using the CLI 9-123
viewing for an access point using the GUI9-121to 9-123
Netbios Name Servers parameter 7-16
Netmask parameter 7-15
Network Mobility Services Protocol (NMSP) 4-106
debugging 4-118
modifying the notification interval for clients, RFID tags, and rogues 4-115
Network parameter 7-15
NTP server
configuring to obtain time and date 2-30
Number of Attempts to LSC parameter 8-48
Number of Hits parameter 6-66
O
OfficeExtend Access Point Configuration page 8-86
OfficeExtend Access Point Home page 8-85
OfficeExtend Access Points
LEDs D-52
positioning D-52
OfficeExtend access points
and NAT 8-69
configuring
described 8-69
firewall requirements 8-79
implementing security for 8-79
licensing requirements 8-80
supported access point models 8-69
trap logs 8-80
typical setup 8-69
OfficeExtend AP
enabling 8-24
OfficeExtend AP parameter 8-82
online help, using 2-17
open source terms C-8
OpenSSL license issuesC-6to C-8
operating system
software 1-4
Order Used for Authentication parameter 6-11, 6-26
Override Global Config parameter 11-24, 11-31
Over-ride Global Credentials parameter 8-35, 8-39, 8-82, 8-83
Override Interface ACL parameter 6-69
oversized access point images 8-68
Overview of CleanAir 12-1
P
P2P Blocking parameter 7-23
packet capture files
described D-21
sample output in Wireshark D-22
uploading
using the GUI D-22
Params parameter 8-47
Passive clients 7-76
password
restoring 4-39
password guidelines 8-38
Password parameter
for access point authentication 8-38
for access points 8-34
for local net users 6-33, 15-11
for PACs 10-26
passwords
viewing in clear text D-7
path loss measurement (S60), CLI command 4-111
PEAP parameter 6-46
peer-to-peer blocking
configuring
described 7-21
examples 7-22
permanent licenses, installed on 5500 series controllers 4-3
Personal SSID parameter 8-86
Physical Mode parameter 3-25, 3-26
Physical Status parameter 3-25
ping link test 8-121
ping tests 14-29
pinning 13-6
PMK cache lifetime timer 7-29
PMKID caching 7-29
PoE Status parameter 8-130
Pool End Address parameter 7-15
Pool Start Address parameter 7-15
Port > Configure page 3-24
port mirroring, configuring3-27to 3-28
Port Number parameter
for controller 3-25
for LDAP server 6-37
for RADIUS server 6-9
for TACACS+ server 6-25
for wired guest access 11-29
Port parameter for IDS 6-113
ports
on 2100 series controllers 3-2, 3-3
on 4400 series controllers 3-2, 3-3, 3-4
on 5500 series controllers 3-2, 3-4
on Catalyst 3750G Integrated Wireless LAN Controller Switch 3-3, 3-5
on Cisco 28/37/38xx Series Integrated Services Router3-3to 3-5, 4-120, 8-54
Ports page 3-23
Power Assignment Leader parameter 13-14
power cable warning for Japan B-2
Power Injector Selection parameter 8-130
Power Injector State parameter 8-130
Power Neighbor Count parameter 13-14
Power over Ethernet (PoE)
configuring
using the CLI 8-131
Power Over Ethernet (PoE) parameter 3-25
Power Threshold parameter 13-13
preauthentication access control list (ACL)
applying to a WLAN
using the CLI 6-72
for external web server 11-19, 15-11
Preauthentication ACL parameter 6-70, 7-66
pre-download 8-27
Predownloading an image 10-11
Primary Controller Name parameter 8-80
Primary Controller parameters 8-80, 8-98, 9-30
primary image pre-download 8-27
Primary RADIUS Server parameter 15-21
priming access points 8-8
Priority Order > Local-Auth page 6-38, 6-44
Priority Order > Management User page 6-11, 6-26
Priority parameter 3-33
Privacy Protocol parameter 4-43
probe request forwarding, configuring 8-119
probe requests, described 8-119
product authorization key (PAK)
obtaining for license upgrade 4-3
registering 4-6
product ID for controller, finding 4-21
product ID of controller, finding 4-19
Product License Registration page 4-19
Profile Details page D-35
Profile Name parameter 7-5, 7-84, 9-25, 11-29, 15-9
protected access credentials (PACs)
overview 10-25
uploading
using the GUI 10-25
using with local EAP 6-43, 15-24
Protection Type parameter 6-75, 13-42
Protocol parameter 6-64
Protocol Type parameter 4-67
PSK
configuring 7-28
described 7-26
PSK Format parameter 7-28
public key cryptography (PKC), with mobility 14-7
Q
QBSS
configuring
using the CLI 7-42
described 7-40
guidelines 7-40
QoS
identity networking 6-83
translation values 7-38
with CAC 4-72
QoS profiles
assigning to a WLAN
using the CLI 7-39
configuring
QoS roles
assigning for use with hybrid REAP 15-12
configuring
QoS Roles for Guest Users page 4-69
Quality of Service (QoS) parameter 7-39
quarantined VLAN
using 15-10
with hybrid REAP 15-5
with NAC out-of-band integration 7-72
Quarantine parameter
for dynamic interface 3-19
for management interface 3-12
NAC out-of-band integration 7-72
Query Interval parameter 6-113
Queue Depth parameter 4-66
queue statistics 9-118
R
Radio > Statistics page 7-44
radio core dumps
described 8-60
retrieving 8-61
uploading
using the CLI 8-62
radio measurement requests
configuring
on the CLI 13-49
on the GUI 13-48
overview 13-47
viewing status using the CLI 13-49
radio preamble 6-54
radio resource management (RRM)
benefits 13-5
CCX features. See CCX radio management
configuring
monitor intervals using the GUI 13-24
coverage hole detection
configuring per controller using the CLI 13-27
configuring per controller using the GUI13-20to 13-22
described 13-4
debugging 13-30
disabling dynamic channel and power assignment
using the CLI 13-40
using the GUI 13-39
overview 13-1
specifying channels9-69to9-71, 13-16to 13-19
statically assigning channel and transmit power settings
using the CLI 13-37
Wireless > 802.11a/n (or 802.11b/g/n) > RRM > TPC parameter 13-13
radio resource management (RRM) settings
viewing using the CLI13-28to 13-30
radio resource monitoring 13-2
RADIUS
accounting 6-3
authentication 6-3
choosing authentication priority order 6-11
configuring
configuring on ACS 6-4
described 6-3
FIPS standard 6-12
KEK parameter 6-12
MACK parameter 6-12
server fallback behavior 6-10, 6-13
using with hybrid REAP 15-19
RADIUS > Fallback Parameters page 6-10
RADIUS accounting attributes6-18to 6-19
RADIUS authentication attributes6-15to 6-18
Range (RootAP to MeshAP) parameter 9-36
Redirect URL After Login parameter 11-12
Refresh-time Interval parameter 4-97
Regenerate Certificate button 11-7
regulatory information
for 2100 series controllers B-3
for 4400 series controllers B-3
for lightweight access points??to B-2
rehosting a license. See licenses
Rehost Ticket File Name parameter 4-20
Remote Authentication Dial-In User Service. See RADIUS
Request Max Retries parameter 6-45
Request Timeout parameter 6-45
Reserved Roaming Bandwidth parameter 4-76
Reset Link Latency button 8-126
Reset Personal SSID parameter 8-81
resetting the controller 10-35
restoring passwords 4-39
Re-sync button 6-116
reverse path filtering (RPF) 14-27
RF Channel Assignment parameter 13-39
RF Group Leader
Auto mode, Static Mode 13-6
RF group leader
described 13-6
RF group name
described 13-7
entering 13-8
RF groups
cascading 13-6
configuring
using the CLI 13-8
using the GUI 13-8
difference from mobility groups 13-5
pinning 13-6
viewing status
using the CLI 13-10
RF Group support 13-5
RFID tags
described 4-106
number supported per controller 4-107
tracking
configuring using the CLI 4-107
debugging using the CLI 4-109
viewing information using the CLI4-108to 4-109
RFID tracking on access points, optimizing
using the CLI 8-118
RF-Network Name parameter 13-8
RLDP. See Rogue Location Discovery Protocol (RLDP)
roaming and real-time diagnostics
configuring using the CLID-38to D-40
described D-26
logs
described D-26
viewing D-38
roam reason report 4-61
roam reason report, described 9-92
rogue access points
alarm 13-42
automatically containing
using the CLI 6-95
using the GUI 6-93
classification mapping table 6-91
classifying 6-90
detecting
managing 6-89
rule-based classification support 6-90
tagging, location, and containment 6-89
viewing and classifying
WCS support for rule-based classification 6-92
Rogue AP Detail page 6-103
Rogue AP Ignore-List page 6-107
rogue classification rules
configuring using the CLI6-100to 6-102
configuring using the GUI6-96to 6-100
Rogue Client Detail page 6-105
and OfficeExtend access points 8-81, 8-84
Rogue Detection parameter 6-93, 8-81
Rogue Location Discovery Protocol (RLDP)
configuring
using the GUI??to 6-94
defined 6-89
Rogue Location Discovery Protocol parameter 6-93
Rogue on Wire parameter 6-94
Rogue Policies page 6-93
Rogue Rule > Edit page 6-98
Rogue Rules > Priority page 6-99
Role Name parameter 4-69
Role of the Controller 12-1
root bridge 3-28
Root Cost parameter 3-32
Root Port parameter 3-32
RRM. See radio resource management (RRM)
RSNA logs
described D-26
S
Save and Reboot button 10-20, 10-23
Save Licenses button 4-8
saving configuration settings 10-33
Scan Threshold parameter 4-62
Scope Name parameter 7-15
Search AP window 8-11, 8-32, 8-56
Search Clients page 8-134
Search WLANs window 7-8, 8-10, 8-32
Secondary Controller parameters 8-98, 9-30
Secondary RADIUS Server parameter 15-21
secure web mode
described 2-18
enabling
using the CLI 2-19
using the GUI 2-18
security
overview 6-2
Security Mode parameter 9-38
Security Policy Completed parameter 7-52
security settings
local and external authentication 9-35
Select APs from Current Controller parameter 15-22
self-signed certificate (SSC)
used to authorize access points 8-45
Sequence parameter 6-64
serial number for controller, finding 4-21
serial number of controller, finding 4-19
serial port
baud rate setting 2-24
timeout 2-24
Server Address parameter 6-113
Server Index (Priority) parameter 6-8, 6-25, 6-37
Server IP Address parameter
for LDAP server 6-37
for RADIUS server 6-8
for TACACS+ server 6-25
for wireless sniffer D-48
Server Key parameter 6-48, 15-24
Server Status parameter 6-9, 6-25
Server Timeout parameter 6-9, 6-26, 6-38
service port 3-5
service-port interface
configuring
using the CLI 3-17
described 3-9
session timeout
configuring
using the CLI 7-32
using the GUI 7-32
described 7-31
Set Priority button 4-15
Set reboot time 10-15
Set to Factory Default button 13-24
Severity Level Filtering parameter D-8
Shared Secret Format parameter 6-8, 6-25
Shared Secret parameter 6-8, 6-25
Short Preamble Enabled parameter 6-55
short preambles 6-54
Show Wired Clients option 8-92
shunned clients
described 6-115
viewing
using the CLI 6-116
using the GUI 6-116
Signature Events Detail page 6-124
Signature Events Summary page 6-123
Signature Events Track Detail page 6-124
Simple Bind parameter 6-38
sniffing. See wireless sniffing D-45
Sniff parameter D-48
SNMP community string
changing default values using the CLI4-41to 4-42
changing default values using the GUI4-40to 4-41
SNMP engine Id 4-40
SNMP v1 / v2c Community > New page 4-41
SNMP v1 / v2c Community page 4-40
SNMP v3 users
changing default values using the CLI 4-44
changing default values using the GUI4-42to 4-44
SNMP V3 Users > New page 4-43
SNMP V3 Users page 4-42
software, upgrading
software, upgrading in mesh networks
Source parameter for ACLs 6-64
Source Port parameter 6-65
Spanning Tree Algorithm parameter 3-33
Spanning Tree Protocol (STP)
configuring
described 3-28
spanning-tree root 3-28
Spanning Tree Specification parameter 3-32
SpectraLink NetLink phones
enabling long preambles
using the CLI 6-55
using the GUI 6-54
overview 6-54
Spectralink Voice Priority parameter 4-92
Spectrum Expert 12-23
splash page web redirect 7-64
Splash Page Web Redirect parameter 7-66
SSC key-hash on Cisco WiSM 8-44
SSH
and OfficeExtend access points 8-82, 8-84
configuring
troubleshooting access points
SSH parameter D-50
SSID
configuring
using the CLI 7-6
using the GUI 7-5
described 7-2
SSL certificate
generating
using the CLI 2-20
loading
SSLv2, configuring for web administration 2-19
SSLv2 for web authentication, disabling 11-12
Standard Signature > Detail page 6-122
Standard Signatures page 6-121
stateful DHCPv6 IP addressing 7-50
static IP address
configuring
described 8-66
Static IP parameter 8-67
Static Mobility Group Members page 14-12
Statistics option 9-117
Status parameter
for DHCP scopes 7-16
for guest LANs 11-30
for SNMP community 4-41
STP Mode parameter 3-30
STP Port Designated Bridge parameter 3-30
STP Port Designated Cost parameter 3-29
STP Port Designated Port parameter 3-30
STP Port Designated Root parameter 3-29
STP Port Forward Transitions Count parameter 3-30
STP Port ID parameter 3-29
STP Port Path Cost Mode parameter 3-30
STP Port Path Cost parameter 3-31
STP Port Priority parameter 3-30
STP State parameter 3-29
strong passwords 8-38
Summary page 2-36
Supervisor 720
configuring4-118to ??
described 4-118
switch, configuring at the remote site15-7to 15-8
Switch IP Address (Anchor) parameter 14-23
SX/LC/T small form-factor plug-in (SFP) modules 3-4
symmetric mobility tunneling
illustrated 14-27
verifying status
using the CLI 14-28
using the GUI 14-28
Symmetric Mobility Tunneling Mode parameter 14-28
syslog
described D-27
levels D-9
Syslog Configuration page D-8
Syslog Facility parameter D-9
syslog server
number supported by controller D-8
removing from controller D-8
severity level filtering D-8
Syslog Server IP Address parameter D-8
system logging
configuring
setting severity level D-9
system logs, viewing using the CLI D-14
System Resource Information page D-5
system resources
viewing using the CLI D-5
viewing using the GUI D-5
T
TACACS+
accounting 6-20
authentication 6-19
authorization 6-19
choosing authentication priority order 6-26
configuring
viewing administration server logs6-29to 6-30
TACACS+ (Authentication, Authorization, or Accounting) Servers > New page 6-25
TACACS+ (Authentication, Authorization, or Accounting) Servers page 6-24
TACACS+ (Cisco) page (on CiscoSecure ACS) 6-22
TACACS+ Administration .csv page (on CiscoSecure ACS) 6-29, 6-30
TCP MSS
described 8-127
Telnet
and OfficeExtend access points 8-82, 8-84
troubleshooting access points
Telnet parameter D-50
Telnet sessions
configuring
Telnet-SSH Configuration page 2-35
Tertiary Controller parameters 8-98, 9-30
text2pcap sample output D-44
TFTP server guidelines 10-2
time, configuring
using the CLI 2-33
using the NTP server 2-29
time-length-values (TLVs), supported for CDP4-94to 4-95
timeout, configuring for disabled clients 7-18
Time Since Topology Changed parameter 3-32
timestamps, enabling or disabling in log and debug messages D-13
Time to Live for the PAC parameter 6-48, 15-24
time zone
configuring using the CLI 2-33
configuring using the GUI 2-32
TKIP
configuring 7-28
described 7-25
parameter 7-28
To 6-67
Topology Change Count parameter 3-32
traffic specifications (TSPEC) request
described 4-73
examples 4-73
traffic stream metrics (TSM)
configuring
using the GUI 4-76
described 4-74
viewing statistics
Transfer Mode parameter
downloading a CA certificate 10-23
downloading a configuration file 10-30
downloading a customized web authentication login page 11-21
downloading a device certificate 10-20
uploading a configuration file 10-28
uploading a PAC 10-26
uploading packet capture files D-23
Transition Time parameter 4-62
transmit power
statically assigning using the CLI 13-37
statically assigning using the GUI13-32to 13-36
transmit power levels 13-36
transmit power threshold, decreasing 13-25
trap logs
for OfficeExtend access points 8-80
troubleshooting
access point join process8-53to 8-60
Troubleshooting OEAPs D-52
tunnel attributes and identity networking6-85to 6-86
Tx Power Level Assignment parameter 13-40
Type parameter 7-5, 7-84, 11-29, 15-9
U
U-APSD
described 4-74
viewing status
using the CLI 4-87
using the GUI 4-79
UDP, use in RADIUS 6-3
unicast mode 4-54
unique device identifier (UDI)
described 8-120
retrieving
using the CLI 8-121
upgrade controller software 10-5
Upload button 6-120, 8-62, 10-26, D-17, D-23
Upload CSV File parameter 15-23
Upload File from Controller page 8-61, 10-25, 10-28, D-16, D-22
URL parameter 11-19
URL to Send the Notifications parameter 4-24
USB console port, using on a 5500 series controller3-34to 3-35
Use AES Key Wrap parameter 6-7
User Access Mode parameter 11-3
User Attribute parameter 6-38
User Base DN parameter 6-38
User Credentials parameter 6-38
User Name parameter 6-33, 15-11
Username parameter 8-34, 8-38, 8-39
User Object Type parameter 6-38
User parameter 10-26
User Profile Name parameter 4-43
Using CLI to monitor the Air quality 12-19
Using CLI to predownload 10-13
Using GUI to monitor air quality 12-18
Using GUI to predownload 10-13
Using Our SSID parameter 6-94
using the GUI 6-67
V
Validate Rogue Clients Against AAA parameter 6-93
Valid Client on Rogue AP parameter 6-94
Validity parameter 10-26
VCCI warnings for controllers B-2
VCI strings 8-52
Verify Certificate CN Identity parameter 6-47
video information, viewing for mesh networks using the CLI9-101to 9-103
video settings
configuring
using the CLI 4-85
viewing
virtual interface
configuring
using the CLI 3-16
described 3-8
VLAN Identifier parameter
for AP-manager interface 3-13
for dynamic interface 3-18, 3-20
VLAN interface. See dynamic interface
VLAN Mappings
button 15-15
page 15-15
VLAN Pooling 3-49
VLANs
described 3-9
guidelines 3-11
VLAN Select 3-49
VLAN Support parameter 15-14
VLAN tag, and identity networking 6-84
Voice & Video Optimized parameter 4-92
voice information, viewing for mesh networks using the CLI9-101to 9-103
Voice Optimized parameter 4-92
voice-over-IP (VoIP) telephone roaming 4-60
Voice RSSI parameter 13-21
voice settings
configuring
viewing
VoIP calls, error codes7-46to 7-48
VoIP snooping
configuring
described 7-43
VoIP Snooping and Reporting parameter 7-44
VPN Gateway Address parameter 7-33
VPN passthrough
configuring using the CLI 7-33
configuring using the GUI7-33, ??to 7-37
described 7-33
W
warnings
webauth.tar files 11-25
webauth bundle 11-20
web authentication
certificate
obtaining using the CLI11-8to 11-9
obtaining using the GUI11-6to 11-8
configuring a WLAN for
using the CLI 7-35
using the GUI 7-34
described 11-9
successful login page 11-11
Web Authentication Certificate page 11-7
web authentication login page
assigning per WLAN
using the CLI 11-25
using the GUI 11-24
choosing the default
customized example 11-23
customizing from an external web server
using the CLI 11-20
default 11-10
downloading a customized login page
guidelines 11-20
using the CLI 11-22
modified default example 11-15
verifying settings using the CLI 11-23
Web Authentication option 11-30
Web Authentication Type parameter 11-12, 11-19, 11-22
Web Auth Type parameter 11-24, 11-31
web-browser security alert 11-9
web mode
configuring
using the CLI 2-19
using the GUI 2-18
described 2-18
Web Passthrough option 11-30
Web Policy parameter 6-69, 7-35, 7-66
web redirect 7-63
Web Server IP Address parameter 11-19
Web Session Timeout parameter 2-19
WEP keys, configuring 7-24
WGB parameter 8-91
WGB Wired Clients page 8-92
wired guest access
configuration overview 11-28
configuring
guidelines 11-28
one-controller example 11-27
two-controller example 11-28
wireless intrusion prevention system (wIPS)
configuring on an access point6-131to 6-132
described 6-128
viewing information6-132to 6-133
wireless sniffing
configuring
prerequisites D-46
supported software D-45
WLAN mobility security values 14-26
WLAN override 10-1
WLAN Profile parameter 6-34, 15-12
WLANs
assigning web login, login failure, and logout pages
using the CLI 11-25
using the GUI 11-24
checking security settings 7-24
configuring
conditional web redirect7-64to 7-67
static and dynamic WEP 7-25
connecting clients to 15-18
creating
using the CLI 7-6
using the GUI7-4to7-6, ??to 7-84
deleting
using the CLI 7-7
using the GUI 7-4
enabling or disabling
using the CLI 7-7
using the GUI 7-6
searching 7-7
session timeout
configuring 7-32
described 7-31
splash page web redirect 7-64
wired security solution 1-5
WLANs > Edit (Advanced) page 7-44, 7-49, 7-68
applying an ACL to a WLAN 6-69
configuring AAA override 6-88
configuring infrastructure MFP for a WLAN 6-76
configuring IPv6 bridging 7-52
configuring NAC out-of-band integration 7-73
configuring the diagnostic channel D-27
WLANs > Edit (QoS) page 7-41
WLANs > Edit (Security > AAA Servers) page
assigning LDAP servers to a WLAN 6-39
choosing RADIUS or LDAP servers for external authentication 11-25
disabling accounting servers on a WLAN 7-67
enabling local EAP on a WLAN 6-49
WLANs > Edit (Security > Layer 2) page 7-27, 7-30
WLANs > Edit (Security > Layer 3) page
applying a preauthentication ACL to a WLAN 6-69
configuring a WLAN for VPN Passthrough 7-37
configuring web redirect 7-66
configuring wired guest access 11-30
WLANs > Edit page 7-5, 7-84, 11-29, 15-9
WLANs > New page 7-5, 11-29, 15-9
WLANs page 7-4, 7-9, 7-84, 14-22
WLAN SSID parameter
configuring for guest user 11-4
creating a centrally switched WLAN 15-9
creating WLANs 7-5
mapping an access point group to a WLAN 7-60, 7-74
WMM
described 7-40
with CAC 4-72
WMM Policy parameter 7-41
workgroup bridges (WGBs)
debugging 8-94
described 8-88
guidelines 8-88
illustrated 8-69, 8-81, 8-85, 8-86, 8-88
sample configuration 8-90
viewing status
using the CLI 8-93
WPA1+WPA2
configuring
using the CLI 7-28
described 7-25
WPA2 Policy parameter 7-27
WPA Policy parameter 7-27
wplus license. See licenses