-
Cisco Wireless LAN Controller Configuration Guide, Release 7.2
-
Preface
-
Chapter 1 - Overview
-
Chapter 2 - Using the Web-Browser and CLI Interfaces
-
Chapter 3 - Configuring Ports and Interfaces
-
Chapter 4 - Configuring Controller Settings
-
Chapter 5 - Configuring Video Streams
-
Chapter 6 - Configuring Security Solutions
-
Chapter 7 - Working with WLANs
-
Chapter 8 - Controlling Lightweight Access Points
-
Chapter 9 - Controlling Mesh Access Points
-
Chapter 10 - Managing Controller Software and Configurations
-
Chapter 11- Managing User Accounts
-
Chapter 12 - Configuring Radio Resource Management
-
Chapter 13 - Configuring Cisco CleanAir
-
Chapter 14 - Configuring Mobility Groups
-
Chapter 15 - Configuring FlexConnect
-
Chapter 16 - Configuring Mobile Concierge
-
Appendix A - Troubleshooting
-
Index
-
Feedback
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W -
Index
Numerics
11n Mode parameter 4-28
1250 series access points
and PoE Status field 8-112
operating modes when using PoE 8-110
transmit power settings when using PoE 8-111
3DES IPSec data encryption 6-9
7920 AP CAC parameter 7-48
7920 Client CAC parameter 7-48
7920 support mode
configuring 7-47
described 7-47
7921 support mode 7-47
802.11a (or 802.11b) > Client Roaming page 4-60
802.11a (or 802.11b) > Voice Parameters page 4-74, 4-78, 4-84
802.11a (or 802.11b/g) > EDCA Parameters page 4-88
802.11a (or 802.11b/g) Global Parameters > Auto RF page 12-31
802.11a (or 802.11b/g) Global Parameters page 4-23, 12-45
802.11a (or 802.11b/g) Network Status parameter 4-24, 4-32, 4-33
802.11a/n (4.9 GHz) > Configure page 9-126
802.11a/n (or 802.11b/g/n) Cisco APs > Configure page 12-34
802.11a/n (or 802.11b/g/n) Radios page 4-80, 12-33
802.11a/n Radios page (from Monitor Menu) 8-14
802.11a/n Radios page (from Wireless Menu) 8-15
802.11a > RRM > Coverage page 12-15
802.11a > RRM > DCA page 12-11
802.11a > RRM > Dynamic Channel Assignment (DCA) page 12-11
802.11a > RRM > General page 12-16
802.11b/g/n Cisco APs > Configure page 8-98
802.11g Support parameter 4-24
802.11h, described 4-32
802.11h Global Parameters page 4-32
802.11n
clients 8-116
devices 4-27
802.11n (2.4 GHz) High Throughput page 4-28
802.1Q VLAN trunk port 3-4
802.1X
configuring 7-28
described 7-29
dynamic key settings 7-28
802.1X+CCKM
configuring 7-31
described 7-30
802.1X authentication for access points
configuring
the switch 8-26
described 8-21
802.1x Authentication parameter 8-23
802.3 bridging
configuring using the CLI 4-51
configuring using the GUI4-49to 4-51
802.3 Bridging parameter 4-51
802.3 frames 4-50
802.3X flow control, enabling 4-49
A
Access Control List Name parameter 6-58
access control lists (ACLs)
applying to a WLAN
using the CLI 6-65
applying to the controller CPU
using the CLI 6-65
configuring
counters
configuring using the CLI 6-64
configuring using the GUI 6-57
rules 6-56, 6-58, 6-64, 15-16, 15-17
Access Control Lists > Edit page 6-59, 15-19
Access Control Lists > New page 6-58
Access Control Lists page 6-57
Access Mode parameter 4-39, 4-41
access point
assisted roaming, described 9-89
access point count, approved tiers for 5500 series controllers 4-4
access point event logs, viewing A-16
access point groups
assigning access points to
using the CLI 7-75
using the GUI 7-74
creating
using the CLI 7-75
default group 7-72
illustrated 7-71
removing
using the CLI 7-75
using the GUI 7-73
access point monitor service, debugging A-52
access point radios, searching for8-14to 8-16
access points
20-MHz channelization 12-34
40-MHz channelization 12-34
assisted roaming 4-59
authorization list 8-36
authorizing
using MICs 8-31
using SSCs 8-30
converting to mesh access points 9-122
embedded 8-26
LEDs
configuring 8-114
interpreting A-2
migrating from the -J regulatory domain to the -U regulatory domain8-93to 8-95
number supported per controller 3-4
priming 8-8
supporting oversized images 8-51
troubleshooting
using Telnet or SSHA-50to A-52
VCI strings 8-37
verifying that they join the controller 8-8
viewing join information
Accounting Server parameters 7-85
ACL. See access control lists (ACLs)
ACS server configuration page 7-83
active exploits 6-130
Add AAA Client page (on CiscoSecure ACS) 6-5, 6-20
Add AP button 15-23
Adding Mesh APs to the Controller Filter (GUI) 9-20
Add New Rule button 6-58
Add Web Server button 11-21
AdHoc Rogue AP parameter 6-85
administrator access 4-36
Admin Status parameter 3-24
Admission Control (ACM) parameter 4-75, 4-78
AES CBS IPSec data encryption 6-9
AES-CCMP 7-29
AES parameter 7-31
Aggregated MAC Protocol Data Unit (A-MPDU) 4-30
Aggregated MAC Service Data Unit (A-MSDU) 4-30
aggregation method, specifying 4-30
AirMagnet Enterprise Analyzer A-47
Aironet IE parameter 7-68
Airopeek A-47
Alarm Trigger Threshold parameter 12-42
All APs > Access Point Name > Link Details > Neighbor Name page 9-120
All APs > Access Point Name > Mesh Neighbor Stats page 9-120
All APs > Access Point Name > Neighbor Info page 9-119
All APs > Access Point Name > Statistics page 9-114
All APs > Access Point Name > VLAN Mappings page 15-13
All APs > Details for (Advanced) page 8-5, 8-46, A-51
configuring link latency 8-106
configuring PoE 8-112
All APs > Details for (Credentials) page 8-18, 8-23
All APs > Details for (FlexConnect) page 15-12
All APs > Details for (General) page 8-49, 15-12
All APs > Details for (High Availability) page 8-79, 8-83
All APs > Details for page A-48, A-53
All APs > Details page 9-22, 9-44, 9-76, 12-42
All APs page 8-9, 9-113, 9-118, 12-41, 15-12
AnchorTime parameter 9-62, 12-12
anonymous local authentication bind method 6-33, 6-34
Anonymous Provision parameter 6-41
Antenna Gain parameter 12-36
Antenna parameter 12-36
Antenna Type parameter 12-35
AP > Clients > Traffic Stream Metrics page 4-80
AP801 access point
described 8-26
using with a controller 8-27
AP Authentication Policy page 6-68, 12-42
AP Core Dump parameter 8-46
ap-count evaluation licenses, activating
AP Ethernet MAC Addresses parameter 8-33
AP Failover Priority parameter 8-83
AP Group Name parameter 7-73
AP Groups > Edit (APs) page 7-74
AP Groups > Edit (WLANs) page 7-92
AP Join Stats page 8-40
AP local authentication
Using GUI 15-15
AP Local Authentication on a WLAN
Using the CLI 15-15
AP-manager interface
and dynamic interfaces 3-21
configuring
described 3-10
illustration
of four AP-manager interfaces 3-42
of three AP-manager interfaces 3-40
of two AP-manager interfaces 3-41
AP Mode parameter 8-62, 12-42, 15-12, A-48
AP Name parameter 7-74
Applying ACLs to a WLAN 6-61
Applying ACLs to the controller CPU 6-61
AP Policies page 8-35
AP Primary Discovery Timeout parameter 8-79, 9-25
ASLEAP detection 6-130
Assigning Channel and TPC Settings (GUI) 12-33
asymmetric tunneling
described 14-24
illustrated 14-25
authenticated local authentication bind method 6-33, 6-34
Authentication Protocol parameter 4-41
Auth Key Mgmt parameter 7-31
Authority ID Information parameter 6-41, 15-25, 15-26
Authority ID parameter 6-41, 15-24
Authorize LSC APs against auth-list parameter 8-35
Authorize MIC APs against auth-list or AAA parameter 8-35
auto-anchor mobility
configuring
auto-immune feature 6-109
AutoInstall
example operation 2-29
obtaining
DHCP addresses for interfaces 2-27
TFTP server information 2-27
selecting configuration file 2-28
using 2-26
Average Data Rate parameter 4-65, 4-69
Average Real-Time Rate parameter 4-65, 4-69
Avoid Cisco AP Load parameter 9-62, 12-12
Avoid Foreign AP Interference parameter 9-62, 12-12, 14-18
Avoid Non-802.11a (802.11b) Noise parameter 9-62, 12-12
B
Backhaul Client Access parameter 9-33, 9-125
backup controllers
configuring
using the CLI 9-28
Back-up Primary Controller IP Address parameter 8-79, 9-25
Back-up Primary Controller Name field 8-79, 9-25
Back-up Secondary Controller IP Address parameter 8-79, 9-25
Back-up Secondary Controller Name parameter 8-79, 9-25
bandwidth-based CAC
described 4-72
enabling
using the CLI 4-77
using the GUI 4-75
for mesh networks 9-91
Base MAC Address parameter 3-29
Beacon Period parameter 4-24
Bind Password parameter 6-33
Bind Username parameter 6-33
bridge protocol data units (BPDUs) 3-27
browsers supported 2-17
Buffered Log Level parameter A-11
Burst Data Rate parameter 4-65, 4-69
Burst Real-Time Rate parameter 4-65, 4-69
C
CAC
configuring for 7920 phones 7-47
described 4-72
enabling
using the CLI 4-79
using the GUI 4-78
in mesh networks 9-91
viewing in mesh networks9-98to 9-100
viewing using the CLI 4-81
capacity adder license. See licenses
CAPWAP
and mesh access points 9-11
cascading 12-27
CA Server URL parameter 8-32
Catalyst 3750G Integrated Wireless LAN Controller Switch
CCKM
configuring 7-31
described 7-29
FlexConnect groups 15-21
with mobility 14-7
CCX
configuring Aironet IEs
using the CLI 7-70
described 7-67
link test 8-103
viewing a client's version
using the CLI 7-70
CCX Layer 2 client roaming
configuring
using the CLI 4-61
debugging using the CLI 4-62
obtaining information using the CLI 4-62
CCX radio management
features 12-44
flexconnect considerations 12-44
CCX Radio Management (GUI) 12-45
CCXv5 clients
enabling location presence 4-113
CCXv5 Req button A-34
CCX Version parameter 7-69
CDP > AP Neighbors > Detail page 4-97
CDP > Global Configuration page 4-94
CDP > Interface Neighbors > Detail page 4-97
CDP > Interface Neighbors page 4-96
CDP > Traffic Metrics page 4-98
CDP Advertisement Version parameter 4-94
CDP AP Neighbors page 4-97
CDP Protocol Status parameter 4-94
CDP State parameter 4-95
Certificate Authority (CA) certificates
downloading
using the GUI 10-23
overview 10-22
using with local EAP 6-38, 6-42
Certificate File Name parameter 11-8
Certificate File Path parameter 11-8
Certificate Issuer parameter 6-41
Certificate Password parameter 10-20, 11-8
Certificate Type parameter 8-35
Change Filter link 8-10, 8-15, 8-41
Change Rules Priority parameter 6-92
Channel Announcement parameter 4-33
Channel Assignment Leader parameter 9-62, 12-13
Channel Assignment Method parameter 9-61, 12-11
channel bonding in the 5-GHz band 12-35
Channel Quiet Mode parameter 4-33
channels
statically assigning using the CLI 12-37
Channel Scan Duration parameter 12-17
Channel Width Parameter 12-12
Channel Width parameter 9-62, 12-34
Check Against CA Certificates parameter 6-41
Check Certificate Date Validity parameter 6-41
chokepoints for RFID tag tracking 4-102
CIDS Sensor Add page 6-107
CIDS Shun List page 6-108
ciphers
described 7-30
Cisco 2500 Series Controller 1-7
Cisco 28/37/38xx Integrated Services Router
using 4-114
Cisco 3200 Series Mobile Access Router (MAR)
operating with mesh access points
using the CLI to configure9-126to 9-127
using the GUI to configure9-125to 9-126
Cisco 3300 Series Mobility Services Engine (MSE), using with wIPS 6-121
Cisco 4400 Series Wireless LAN Controllers
AutoInstall interfaces 2-27
described 1-8
Cisco 5500 Series Wireless LAN Controllers
CPUs A-6
described 1-8
interface configuration example 3-45
licenses. See licenses
models 3-3
multiple AP-manager interfaces3-44to 3-45
using the USB console port3-32to 3-33
Cisco 7920 Wireless IP Phones 7-47
Cisco 7921 Wireless IP Phones 7-47
Cisco Adaptive Wireless Path Protocol (AWPP) 9-11
Cisco AV-pairs 7-81, 7-82, 7-83
Cisco Centralized Key Management (CCKM). See CCKM
Cisco Clean Access (CCA) 7-87
Cisco CleanAir 13-1
Cisco Discovery Protocol (CDP)
configuring
described 4-91
enabling using the GUI4-94to 4-95
sample network 4-93
supported devices 4-91
viewing neighbors
viewing traffic information
using the CLI 4-98
using the GUI 4-98
Cisco Discovery Protocol parameter 4-94
Cisco License Manager (CLM)
and the controller license agent 4-20
using to register PAKs 4-5
Cisco Licensing website 4-16
Cisco Logo parameter 11-13
Cisco NAC Appliance 7-87
CiscoSecure Access Control Server (ACS) 6-4
Cisco Spectrum Intelligence 13-25
Cisco Unified Wireless Network (UWN) Solution
illustrated 1-2
Cisco Wireless Control System (WCS) 1-2
Cisco WiSM
ports 3-3
SSC key-hash 8-29
CKIP
described 7-35
CleanAir Benefits 13-2
CleanAir guidelines 13-5
Clear Config button 8-69
clear configuration
AP 8-69
Clear Filter link 7-8, 8-12, 8-16, 8-41
Clear Stats button 14-18
Clear Stats on All APs button 8-41
CLI
basic commands 2-25
enabling wireless connections 2-38
logging out 2-25
navigating 2-25
troubleshooting commandsA-8to A-9
Client Certificate Required parameter 6-41
Client Exclusion Policies page 6-73
client location, using WCS 1-7
Client Protection parameter 6-70
client reporting
described A-33
Client Reporting page A-35
client roaming, configuring4-57to 4-62
clients
connecting to WLANs 15-15
viewing
using the CLI 8-119
viewing CCX version
using the CLI 7-70
Clients > AP > Traffic Stream Metrics page 4-80
Clients > Detail page
configuring client reporting A-34
viewing a client's CCX version 7-69
viewing client details 8-74, 8-118
viewing the status of workgroup bridges 8-74
Clients page
performing a link test 8-104
viewing clients 8-115
viewing the status of workgroup bridges 8-74
viewing voice and video settings 4-80
Client Type parameter 8-74
Commands > Reset to Factory Defaults page 4-115
comma-separated values (CSV) file, uploading 15-24
Community Name parameter 4-39
conditional web redirect 7-81
described 7-81
Conditional Web Redirect parameter 7-84
Configuration File Encryption parameter 10-31
configuration files
downloading
using the GUI 10-32
editing 10-34
uploading
using the CLI 10-31
configuration wizard
described 2-1
Configuration Wizard - 802.11 Configuration page 2-11
Configuration Wizard Completed page 2-13
Configuration Wizard - Management Interface Configuration page 2-6
Configuration Wizard - Miscellaneous Configuration page 2-7
Configuration Wizard - Service Interface Configuration page 2-5
Configuration Wizard - Set Time page 2-12
Configuration Wizard - SNMP Summary page 2-4, 2-6
Configuration Wizard - System Information page 2-3
Configuration Wizard - Virtual Interface Configuration page 2-8
Configure 13-1
Configure Dynamic Anchoring of Static IP Clients
Using the CLI 14-30
Configure option for RRM override 12-33
Configure RF Group
Using CLI 12-7
Configure RF Group Mode
Using GUI 12-6
Configuring ACLs - GUI 6-57
Configuring a Spectrum Expert 13-24
Configuring CCX Client Roaming (GUI) 4-60
Configuring Cisco CleanAir
Using the GUI 13-5
Configuring Cisco Cleanair
Using the CLI 13-8
Configuring Client Exclusion Policies (CLI) 6-73
Configuring Client Exclusion Policies (GUI) 6-73
configuring ClientLink (CLI) 9-16
Configuring Client Reporting (CLI) A-36
Configuring Client Reporting (GUI) A-33
Configuring Controller (GUI) 2-2
Configuring Country Codes (CLI) 8-90
Configuring Country Codes (GUI) 8-88
Configuring Coverage Hole Detection on a WLAN (GUI) 7-86
Configuring Debut Facility A-43
Configuring Dynamic Anchoring of Static IP Clients
Using the GUI 14-30
Configuring Ethernet VLAN Tagging (GUI) 9-75
Configuring FlexConnect APs using the CLI. 15-14
Configuring Sniffing on an Access Point
Using the GUI A-48
Configuring Web Redirect (GUI) 7-84
Console Log Level parameter A-11
Control and Provisioning of Wireless Access Points protocol (CAPWAP) 1-5
debugging 8-7
described 8-2
guidelines 8-2
viewing MTU information 8-6
controller failure detection time, reducing 8-77
controller network module
baud rate 3-2
versions 3-3
controllers
configuration
saving 10-34
connections 1-11
discovery process 8-7
multiple-controller deployment1-3to 1-4
platforms1-7to ??
single-controller deployment 1-3
synchronizing with location appliance 4-110
types of memory 1-12
upgrading software
using the CLI 10-10
using the GUI 10-7
Controller Spanning Tree Configuration page 3-29
Controller Time Source Valid parameter 6-70
Controlling backup controllers (cli) 8-79
Control Path parameter 14-21
core dump files
described A-20
Core Dump page A-20
Core Dump TFTP Upload A-22
Country Code parameter 8-89
country codes
described 8-87
Japanese 8-93
viewing using the CLI 8-91
Country page 8-88
Coverage Exception Level per AP parameter 12-15
coverage hole detection
configuring per controller
using the CLI 12-20
disabling on a WLAN
described 7-86
coverage hole detection and correction 12-4
Coverage Hole Detection Enabled parameter 7-86
CPU Access Control Lists page 6-61
CPUs, 5500 series controllers A-6
crash files
uploading
Creating AP Groups- GUI 7-73
Creating Multiple AP-Manager Interfaces (GUI) 3-42
Creating Multiple AP Manager Interfaces - CLI 3-44
Current Channel parameter 12-35
Custom Signatures page 6-115
D
data encryption
and OfficeExtend access points 8-66
configuring
using the CLI 8-6
for OfficeExtend access points 8-63
data encryption (GUI) 8-5
Data Encryption parameter 8-5, 8-63
Data Path parameter 14-21
Data Rates parameter 4-25
date
configuring through NTP server 2-30
DCA Channel Sensitivity parameter 9-62, 12-12
DCA Channels parameter 9-63, 12-13
debug commands, sending 8-43
default enable password 8-16
default-group access point group 7-72
Default Mobility Group parameter 14-12
Default Routers parameter 7-17
Delivery Traffic Indication Map (DTIM). See DTIM period
Deny Counters parameter 6-59
Description parameter 6-29, 9-20
Designated Root parameter 3-30
DES IPSec data encryption 6-9
Destination parameter 6-58, 15-18
Destination Port parameter 6-59, 15-18
Detect and Report Ad-Hoc Networks parameter 6-84
device certificates
downloading
overview 10-19
using with local EAP 6-38, 6-42
DHCP Addr. Assignment Required parameter 7-15
DHCP Allocated Lease page 7-18
DHCP option 43, in controller discovery process 8-8
DHCP option 82
configuring
using the GUI 6-55
described 6-53
example 6-54
DHCP Option 82 Remote ID Field Format parameter 6-54
DHCP Parameters page 4-35, 6-54
DHCP proxy
configuring
using the CLI 4-35
described 4-34
DHCP Scope > Edit page 7-17
DHCP scopes
described 7-16
DHCP Scopes page 7-16
DHCP server discovery 8-8
DHCP Server IP Addr parameter 7-14
DHCP Server Override parameter 7-14
DHCP servers
internal 7-12
DHCP Timeout
configurie using GUI 4-35
diagnostic channel
described A-28
Diagnostic Channel parameter A-29
directed roam request 4-59
Direction parameter 6-59
disabled clients, configuring a timeout 7-20
discovery request timer, configuring 8-80, 9-27
distribution system ports3-3to 3-4
Diversity parameter 12-36
DNS Domain Name parameter 7-17
DNS IP Address parameter 8-49
DNS Servers parameter 7-17
Domain Name parameter 8-50
domain name server (DNS) discovery 8-8
Download button
downloading a CA certificate 10-24
downloading a configuration file 10-32
downloading a customized web authentication login page 11-23
downloading a device certificate 10-21
downloading a signature file 6-114
Download File to Controller page 10-17
downloading a customized web authentication login page 11-23
downloading CA certificates 10-23
downloading configuration files 10-31
downloading device certificates 10-20
downloading IDS signatures 6-114
downloading login banner file 10-16
Download SSL Certificate parameter 11-7
DTIM 7-21
DTLS 4-2
DTLS data encryption. See data encryption
DTPC Support parameter 4-24
Dynamic Anchoring for Clients with Static IP Addresses
Configuring 14-28
dynamic AP management
for dynamic interface 3-20
for the management interface 3-9
Dynamic AP Management parameter 3-21
for dynamic interface 3-18
for management interface 3-8
dynamic AP-manager interface 3-21
dynamic channel assignment (DCA)
20-MHz channelization 12-4, 12-12
40-MHz channelization 12-4, 12-12
configuring
using the GUI9-60to9-63, 12-10to 12-14
described 12-3
sensitivity thresholds 9-62
dynamic frequency selection8-96to 8-97
dynamic interface
described 3-17
dynamic interface example 3-45
dynamic transmit power control, configuring 4-24
dynamic WEP, configuring 7-28
Dynamic WEP Key Index parameter 6-39
E
EAP-FAST parameter 6-40
EAPOL-Key Max Retries parameter 6-40
EAPOL-Key Timeout parameter 6-39
EAP Profile Name parameter 6-42
EAP-TLS parameter 6-40
EDCA Profile parameter 4-89
Edit QoS Profile page 4-64
Edit QoS Role Data Rates page 4-69
Egress Interface parameter 11-32
Email Input parameter 11-33
Enable AP Local Authentication parameter 15-24
Enable Authentication for Listener parameter 4-21
Enable Check for All Standard and Custom Signatures parameter 6-115
Enable Controller Management to be accessible from Wireless Clients parameter 6-52
Enable Counters parameter 6-57
Enable Coverage Hole Detection parameter 12-15
Enable CPU ACL parameter 6-61
Enable Default Authentication parameter 4-21
Enable DHCP Proxy parameter 4-35
Enable Dynamic AP Management parameter 3-43
Enable EAP-FAST Authentication parameter 15-24
Enable IGMP Snooping parameter 4-54
Enable LEAP Authentication parameter 15-24
Enable Least Latency Controller Join parameter 8-64
Enable Link Latency parameter 8-64, 8-107
Enable Listener parameter 4-21
Enable Low Latency MAC parameter 4-89
Enable LSC on Controller parameter 8-32
Enable NAT Address parameter 3-7
Enable Notification parameter 4-21
Enable OfficeExtend AP parameter 8-63
Enable passive client 7-96
Enable Password parameter 8-18
Enable Server Status parameter 6-33
Enable Tracking Optimization parameter 8-98
Encryption Key parameter 7-36
end-user license agreement (EULA) 4-6, 4-7
enhanced distributed channel access (EDCA) parameters
configuring using the CLI 4-90
enhanced neighbor list
request (E2E) 4-59
Enter Saved Permission Ticket File Name parameter 4-17
error codes, for failed VoIP calls7-53to 7-55
Ethernet connection, using remotely2-24to 2-25
evaluation licenses
installed on 5500 series controllers 4-3
event reporting for MFP 6-67
Excessive 802.11 Association Failures parameter 6-73
Excessive 802.11 Authentication Failures parameter 6-73
Excessive 802.1X Authentication Failures parameter 6-73
Excessive Web Authentication Failures parameter 6-73
Expedited Bandwidth parameter 4-75
expedited bandwidth requests
described 4-72
enabling
using the GUI 4-75
Expiration Timeout for Rogue AP and Rogue Client Entries parameter 6-83
Extensible Authentication Protocol (EAP)
configuring 7-28
setting local timers6-42to 6-43
timeout and failure counters
per access point 6-46
per client 6-46
F
factory default settings
resetting using the GUI 4-115
failover priority for access points
configuring
using the CLI 8-83
viewing using the CLI 8-84
failover protection 1-13
fake access point detection 6-130
Fallback Mode parameter 6-9
Fast Ethernet port 3-3
fast heartbeat timer
configuring
using the CLI 8-80
using the GUI 8-78
described 8-77
fast SSID changing
configuring using the GUI 4-49
fault tolerance 15-5
Federal Information Processing Standards (FIPS) 6-11
File Compression parameter 8-46
File Name to Save Credentials parameter 4-16
file transfers 1-12
File Type parameter
downloading a CA certificate 10-23
downloading a configuration file 10-31
downloading a customized web authentication login page 11-23
downloading a device certificate 10-20
Login Banner 10-17
upgrading controller software 10-6
uploading a configuration file 10-29
uploading packet capture files A-25
uploading PACs 10-26
filter, using to view clients8-116to 8-117
Fingerprint parameter 6-108
flashing LEDs, configuring 8-114
FlexConnect
authentication process15-2to 15-5
bandwidth restriction 15-3
illustrated 15-2
FlexConnect groups
backup RADIUS server 15-21
CCKM 15-21
described 15-20
example 15-20
local authentication 15-22
FlexConnect Groups page 15-23
FlexConnect Group Support 15-22
FlexConnect Mode AP Fast Heartbeat Timeout parameter 8-78
FlexConnect parameter 8-62
Forward Delay parameter 3-30
forwarding plane architecture 4-50
Fragmentation Threshold parameter 4-24
fragmented pings 3-5
FTP server guidelines 10-2
G
General (controller) page
configuring 802.3 bridging 4-51
configuring an RF group 12-29
enabling link aggregation 3-37
General (security) page 6-26
General page 6-39
Generate Rehost Ticket button 4-17
gigabit Ethernet port 3-4
Global AP Failover Priority parameter 8-83
Global Configuration page
configuring backup controllers 8-78, 9-24
configuring failover priority for access points 8-82
configuring global credentials for access points 8-18, 8-23, 8-78
global credentials for access points
described 8-16
overriding
using the CLI 8-19
using the GUI 8-18
Global multicast mode 7-95
Group Mode parameter 12-31, 14-17
Group Name parameter 14-12, 15-23
Guest LAN parameter 11-31
guest N+1 redundancy 14-20
guest user accounts
viewing
using the CLI 11-6
using the GUI 11-5
Guest User parameter 6-29
Guest User Role parameter 6-29
guest WLAN, creating 11-5
GUI
browsers supported 2-17
enabling wireless connections 2-38
guidelines 2-17
using 2-16
Guidelines and Limitations for Predownloading 10-12
H
Headline parameter 11-13
Hello Time parameter 3-30
help, obtaining 2-17
hex2pcap sample output A-45
Honeypot access point detection 6-130
HTTP Access parameter 2-18
HTTP Configuration page 2-18
HTTPS Access parameter 2-18
Hysteresis parameter 4-61
I
Identity Request Max Retries parameter 6-39
Identity Request Timeout parameter 6-39
IDS sensors
described 6-106
IDS signatures
described 6-111
frequency 6-116
measurement interval 6-116
pattern 6-116
tracking method 6-116
IGMP Snooping 7-96
IGMP Timeout parameter 4-54
IKE Diffie Hellman Group parameter 6-9
IKE Phase 1 parameter 6-9
Index parameter for IDS 6-107
indoor access points
converting to mesh access points 9-122
infrastructure MFP
components 6-67
described 6-66
Infrastructure Protection parameter 6-70
Ingress Interface parameter 11-32
Injector Switch MAC Address parameter 8-112
inline power 8-110
installing a license (GUI) 4-6
Install License button 4-6
inter-controller roaming
described 4-58
example 14-2
Interface groups 3-47
Interface Name parameter 7-74, 7-89, 7-92, 9-21
Interface parameter 7-14
interfaces
Interfaces > Edit page
applying an ACL to an interface 6-60
configuring NAC out-of-band integration 7-90
creating multiple AP-manager interfaces 3-43
Interfaces > New page 3-17, 3-42
Interfaces page 3-7, 3-11, 3-14, 3-15
interference 12-3
Interferences 13-2
Interference threshold parameter 12-16
Internet Group Management Protocol (IGMP)
configuring
using the CLI 4-55
using the GUI 4-54
snooping 4-52
inter-release mobility 14-10
inter-subnet mobility 14-7
inter-subnet roaming
described 4-58
Interval parameter 9-61, 12-11, 12-46
intra-controller roaming
described 4-58
illustrated 14-1
Inventory page 8-101
Invoke Channel Update Now button 9-61, 12-11
Invoke Power Update Now button 12-8
IP address-to-MAC address binding
described 4-63
IP Mask parameter 4-39
IPSec parameter 6-9
IP Theft or IP Reuse parameter 6-73
J
Japanese country codes 8-93
Japanese regulations for migrating access points from the -J to the -U regulatory domain8-93to 8-95
K
Keep Alive Count parameter 14-21
Keep Alive Interval parameter 14-21
Key Encryption Key (KEK) parameter 6-8
Key Format parameter 7-36
Key Index parameter 7-36
key permutation
described 7-35
Key Permutation parameter 7-36
Key Size parameter 7-36
Key Wrap Format parameter 6-8
Key Wrap parameter 6-8
L
LAG. See link aggregation (LAG)
LAG Mode on Next Reboot parameter 3-38
Last Auto Channel Assignment parameter 9-62, 12-13
Last Power Level Assignment parameter 12-8
Layer 2
operation 1-5
Layer 2 Security parameter 7-31, 7-36, 7-84
Layer 3
operation 1-5
security
described 6-3
Layer 3 Security parameter
for web authentication 7-40
for web redirect 7-84
for wired guest access 11-32
LDAP
choosing server priority order 6-33
configuring
LDAP server
assigning to WLANs 6-34
choosing local authentication bind method
using the CLI 6-34
using the GUI 6-33
LDAP Servers > New page 6-33
LDAP Servers page 6-32
LDAP Servers parameter 6-42
LEAP parameter 6-40
Lease Time parameter 7-17
LEDs
configuring 8-114
interpreting A-2
license agent
described 4-20
License Agent Configuration page 4-21
License Commands (Rehost) page 4-16
License Commands page 4-6
licenses
activating ap-count evaluation licenses
installing
using the CLI 4-7
rehosting
described 4-15
removing
using the CLI 4-7
using the GUI 4-8
required for OfficeExtend access points 8-62
saving
using the CLI 4-7
using the GUI 4-6
transferring to a replacement controller after an RMA4-19to ??
viewing
licensing portal, using to register PAKs 4-5
Lightweight Access Point Protocol (LWAPP) 1-5
lightweight mode, reverting to autonomous mode 8-29
link aggregation (LAG)
example 3-34
illustrated 3-36
link latency
and OfficeExtend access points 8-64, 8-66
described 8-106
Link Status parameter 3-24
Link Test
button 8-104
page 8-104
window 9-119
link test
described 8-103
performing
using the CLI 8-105
using the GUI8-104to8-105, 9-119to 9-120
types of packets 8-103
Link Trap parameter 3-24, 3-25
Listener Message Processing URL parameter 4-21
Load-based AC parameter 4-75
load-based CAC
described 4-72
enabling
using the GUI 4-75
Lobby Ambassador Guest Management > Guest Users List page 11-3
Local Auth Active Timeout parameter 6-39
local authentication, local switching 15-3
Local Authentication on a WLAN
using the GUI 15-14
local EAP
debugging 6-46
example 6-38
viewing information using the CLI 6-45
Local EAP Authentication parameter 6-42
Local Management Users > New page 11-2
Local Management Users page 11-2
Local Mode AP Fast Heartbeat Timeout parameter 8-78
Local Mode AP Fast Heartbeat Timer parameter 8-78
Local Net Users > New page 6-28
Local Net Users page 6-28, 11-5
local significant certificate (LSC)
configuring
described 8-31
Local Significant Certificates (LSC) - AP Provisioning page 8-32
Local Significant Certificates (LSC) - General page 8-31
local user database, capacity 11-2
location
calibration 12-45
configuring settings using the CLI4-110to 4-112
viewing settings using the CLI4-112to 4-114
location appliance
installing certificate4-109to 4-110
synchronizing with controller 4-110
location-based services 12-45
location presence 4-113
login banner file
described 10-16
downloading
Login Banner page 10-19
logs
uploading
long preambles
described 6-47
LWAPP-enabled access points
debug commands 8-43
disabling the reset button 8-48
MAC addresses displayed on controller GUI 8-48
radio core dumps
described 8-43
receiving debug commands from controller 8-43
retrieving radio core dumps 8-43
reverting to autonomous mode8-29to 8-30
sending crash information to controller 8-43
uploading
access point core dumps8-45to 8-47
M
MAC address of access point
displayed on controller GUI 8-48
MAC Address parameter 9-20
MAC filtering
configuring on WLANs7-19to 7-20
MAC Filtering page 9-20
MAC Filters > New page 9-20
management frame protection (MFP)
types 6-66
Management Frame Protection parameter 6-70
Management Frame Protection Settings page 6-70
management frame validation 6-67
management interface
described 3-6
Management IP Address parameter 8-62
management over wireless
described 6-52
Master Controller Configuration page 8-8
Master Controller Mode parameter 8-9
Max Age parameter 3-30
Max HTTP Message Size parameter 4-21
Maximum Age parameter 3-30
maximum local database entries
configuring using the GUI 6-26
Maximum Local Database Entries parameter 6-27
Maximum Number of Sessions parameter 4-21
Max-Login Ignore Identity Response parameter 6-39
Max RF Bandwidth parameter 4-75, 4-78
MCS data rates 4-28
Member MAC Address parameter 14-12
memory
types 1-12
memory leaks, monitoringA-26to A-27
mesh
network example 9-98
parameters
configuring using the CLI 9-55
configuring using the GUI9-31to 9-36
statistics
viewing for an access point using the CLI9-117to 9-118
viewing for an access point using the GUI9-113to 9-117
Mesh > LinkTest Results page 9-119
mesh access points
and CAPWAP 9-11
converting to non-mesh access points 9-123
models 9-1
network access 9-3
operating with Cisco 3200 Series Mobile Access Routers
configuration guidelines 9-125
using the CLI to configure 9-126
roles 9-2
mesh neighbors, parents, and children 9-11
mesh network hierarchy 9-3
mesh node security statistics9-116to 9-117
mesh node statistics 9-115
mesh routing 9-11
Message Authentication Code Key (MACK) parameter 6-8, 6-11
message logs
configuring
using the GUI A-9
viewing
using the CLI A-15
using the GUI A-12
See also system logging
Message Logs page A-12
Message parameter for web authentication 11-14
Metrics Collection parameter 4-76
MFP Client Protection parameter 6-69
migrating access points from the -J to the -U regulatory domain8-93to 8-95
Min Failed Client Count per AP parameter 12-15
Minimum RSSI parameter 4-61
mirror mode. See port mirroring, configuring
MMH MIC
described 7-35
MMH Mode parameter 7-36
Mobile Announce messages 14-7
mobility
failover 14-20
overview 14-1
Mobility Anchor Config page 14-26
Mobility Anchor Create button 14-21
mobility anchors. See auto-anchor mobility
Mobility Anchors option 14-21
Mobility Group Members > Edit All page 14-13
mobility groups
configuring
with one NAT device 14-8
with two NAT devices 14-9
determining when to include controllers 14-7
difference from RF groups 12-26
examples 14-7
illustrated 14-5
messaging among 14-7
number of access points supported 14-5
number of controllers supported 14-5
using with NAT devices14-7to 14-9
mobility group statistics
types 14-16
mobility list
detecting failed members 14-20
number of controllers supported 14-7
ping requests to members 14-20
Mobility Multicast Messaging > Edit page 14-14
Mobility Multicast Messaging page 14-14
mobility ping tests, running 14-27
Mobility Statistics page 14-17
MODE access point button 8-48
Monitoring 13-19
monitor intervals, configuring using the GUI 12-17
multicast 4-54
Multicast Appliance Mode parameter 3-25
Multicast Groups page 4-56
multicast mode
Multicast-Multicast mode 7-94
Multicast Optimization 3-49
Multicast page 4-54
Multicast VLAN
using the GUI 3-50
multiple country codes
configuring
using the CLI 8-90
N
NAC in-band mode 7-88
NAC out-of-band integration
and FlexConnect 15-6
guidelines 7-89
NAC out-of-band support
configuring for a specific access point group
using the CLI 7-93
using the GUI 7-91
NAC State parameter 7-74, 7-91, 7-92
NAT address
for dynamic interface 3-18, 3-20
for management interface 3-7, 3-9
NAT devices in mobility groups14-7to 14-9
Native VLAN ID parameter 15-12
Neighbor Discovery Packet 12-25
neighbor information
viewing for an access point using the CLI 9-121
viewing for an access point using the GUI9-118to 9-121
Neighbor Information option 9-118
Neighbor Packet Frequency parameter 12-17
neighbor statistics
viewing for an access point using the CLI 9-121
viewing for an access point using the GUI9-118to 9-121
Netbios Name Servers parameter 7-17
Netmask parameter 7-17
Network Mobility Services Protocol (NMSP) 4-101
debugging 4-108
modifying the notification interval for clients, RFID tags, and rogues 4-105
Network parameter 7-17
NTP server
configuring to obtain time and date 2-30
Number of Attempts to LSC parameter 8-32
Number of Hits parameter 6-59
O
OfficeExtend Access Point Configuration page 8-68
OfficeExtend Access Point Home page 8-67
OfficeExtend Access Points
LEDs A-53
positioning A-53
OfficeExtend access points
and NAT 8-52
configuring
described 8-52
firewall requirements 8-61
licensing requirements 8-62
supported access point models 8-52
trap logs 8-62
typical setup 8-52
OfficeExtend AP parameter 8-64
online help, using 2-17
operating system
software 1-4
Order Used for Authentication parameter 6-10, 6-23
Override Global Config parameter 11-26, 11-33
Over-ride Global Credentials parameter 8-19, 8-24, 8-64
Override Interface ACL parameter 6-62
oversized access point images 8-51
Overview of CleanAir 13-1
P
P2P Blocking parameter 7-26
packet capture files
described A-23
sample output in Wireshark A-24
uploading
Params parameter 8-32
Passive clients 7-93
password guidelines 8-23
Password parameter
for access point authentication 8-23
for access points 8-18
for local net users 6-29
for PACs 10-26
passwords
viewing in clear text A-9
path loss measurement (S60), CLI command 4-110
PEAP parameter 6-40
peer-to-peer blocking
described 7-24
examples 7-25
permanent licenses, installed on 5500 series controllers 4-3
Personal SSID parameter 8-68
Physical Mode parameter 3-24, 3-25
Physical Status parameter 3-24
ping link test 8-103
ping tests 14-27
pinning 12-27
PMK cache lifetime timer 7-32
PMKID caching 7-32
PoE Status parameter 8-112
Pool End Address parameter 7-17
Pool Start Address parameter 7-17
port mirroring, configuring3-25to 3-26
Port Number parameter
for controller 3-24
for LDAP server 6-33
for RADIUS server 6-8
for TACACS+ server 6-22
for wired guest access 11-31
Port parameter for IDS 6-107
ports
on 5500 series controllers 3-2, 3-3
on Catalyst 3750G Integrated Wireless LAN Controller Switch 3-2, 3-4
on Cisco 28/37/38xx Series Integrated Services Router3-2to 3-3, 4-114, 8-38
on Cisco WiSM 3-3
Ports page 3-23
Power Assignment Leader parameter 12-8
Power Injector Selection parameter 8-112
Power Injector State parameter 8-112
Power Neighbor Count parameter 12-8
Power over Ethernet (PoE)
configuring
using the CLI 8-113
Power Over Ethernet (PoE) parameter 3-24
Power Threshold parameter 12-8
preauthentication access control list (ACL)
applying to a WLAN
using the CLI 6-65
for external web server 11-20, 15-11
Preauthentication ACL parameter 6-63, 7-84
Predownloading an image 10-10
Primary Controller Name parameter 8-62
Primary Controller parameters 8-62, 8-79, 9-26
Primary RADIUS Server parameter 15-23
priming access points 8-8
Priority Order > Local-Auth page 6-39
Priority Order > Management User page 6-10, 6-23
Priority parameter 3-30
Privacy Protocol parameter 4-41
probe request forwarding, configuring 8-100
probe requests, described 8-100
product authorization key (PAK)
obtaining for license upgrade 4-4
registering 4-5
product ID for controller, finding 4-18
product ID of controller, finding 4-16
Profile Details page A-36
Profile Name parameter 7-5, 7-102, 9-20, 11-31
protected access credentials (PACs)
overview 10-25
uploading
using the GUI 10-26
using with local EAP 6-38, 15-24
Protection Type parameter 6-68, 12-42
Protocol parameter 6-58, 15-18
Protocol Type parameter 4-66
PSK
configuring 7-31
described 7-29
PSK Format parameter 7-31
public key cryptography (PKC), with mobility 14-7
Q
QBSS 7-46
QoS
translation values 7-44
with CAC 4-72
QoS profiles
configuring
QoS roles
configuring
QoS Roles for Guest Users page 4-68
Quality of Service (QoS) parameter 7-45
quarantined VLAN
using 15-9
with FlexConnect 15-5
with NAC out-of-band integration 7-90
Quarantine parameter
for dynamic interface 3-18
for management interface 3-7
NAC out-of-band integration 7-90
Query Interval parameter 6-107
queue statistics 9-115
R
Radio > Statistics page 7-52
radio core dumps
described 8-43
uploading
using the GUI 8-45
radio measurement requests
configuring
on the CLI 12-47
on the GUI 12-46
overview 12-44
viewing status using the CLI 12-47
radio preamble 6-47
radio resource management (RRM)
CCX features. See CCX radio management
configuring
monitor intervals using the GUI 12-17
coverage hole detection
configuring per controller using the CLI 12-20
configuring per controller using the GUI 12-16
described 12-4
debugging 12-25
disabling dynamic channel and power assignment
using the CLI 12-40
overview 12-1
specifying channels9-60to9-63, 12-10to 12-13
statically assigning channel and transmit power settings
using the CLI 12-37
Wireless > 802.11a/n (or 802.11b/g/n) > RRM > TPC parameter 12-7
radio resource management (RRM) settings
viewing using the CLI12-22to 12-24
radio resource monitoring 12-2
RADIUS
accounting 6-4
authentication 6-3
choosing authentication priority order 6-10
FIPS standard 6-11
KEK parameter 6-11
MACK parameter 6-11
server fallback behavior 6-9, 6-12
using FlexConnect 15-21
RADIUS > Fallback Parameters page 6-9
RADIUS authentication attributes6-13to 6-16
Range (RootAP to MeshAP) parameter 9-32
Redirect URL After Login parameter 11-13
Refresh-time Interval parameter 4-94
Regenerate Certificate button 11-7
rehosting a license. See licenses
Rehost Ticket File Name parameter 4-17
Remote Authentication Dial-In User Service. See RADIUS
Request Max Retries parameter 6-39
Request Timeout parameter 6-39
Reserved Roaming Bandwidth parameter 4-75
Reset Link Latency button 8-107
Reset Personal SSID parameter 8-63
resetting the controller 10-36
Re-sync button 6-108
reverse path filtering (RPF) 14-25
RF Channel Assignment parameter 12-40
RF Group Leader
Auto mode, Static Mode 12-27
RF group leader
described 12-27
RF group name
described 12-28
entering 12-29
RF groups
cascading 12-27
configuring
using the GUI 12-29
difference from mobility groups 12-26
pinning 12-27
viewing status
using the CLI 12-31
RF Group support 12-28
RFID tags
described 4-101
number supported per controller 4-102
tracking
debugging using the CLI 4-104
RFID tracking on access points, optimizing
RF-Network Name parameter 12-29
RLDP. See Rogue Location Discovery Protocol (RLDP)
roaming and real-time diagnostics
configuring using the CLI A-42
described A-39
logs
described A-39
viewing A-40
roam reason report 4-59
roam reason report, described 9-89
rogue access points
alarm 12-42
automatically containing
using the CLI 6-86
using the GUI 6-84
classification mapping table 6-89
and OfficeExtend access points 8-63, 8-66
Rogue Detection parameter 6-83, 8-63
Rogue Location Discovery Protocol (RLDP)
defined 6-82
Rogue Location Discovery Protocol parameter 6-83
Rogue on Wire parameter 6-84
Rogue Policies page 6-83
rogue states 6-89
Role Name parameter 4-69
Role of the Controller 13-2
Role parameter 6-29
root bridge 3-27
Root Cost parameter 3-30
Root Port parameter 3-30
RRM. See radio resource management (RRM)
RSNA logs
described A-39
S
Save and Reboot button 10-21, 10-24
Save Licenses button 4-7
saving configuration settings 10-33
Scan Threshold parameter 4-61
Scope Name parameter 7-16
Search Clients page 8-116
Search WLANs window 7-8, 8-10, 8-15
Secondary Controller parameters 8-79, 9-26
Secondary RADIUS Server parameter 15-23
secure web mode
described 2-18
security
overview 6-2
Security Mode parameter 9-34
security settings
local and external authentication 9-31
Select APs from Current Controller parameter 15-23
self-signed certificate (SSC)
used to authorize access points 8-30
Sequence parameter 6-58, 15-17
serial number for controller, finding 4-18
serial number of controller, finding 4-16
serial port
baud rate setting 2-24
timeout 2-24
Server Address parameter 6-107
Server Index (Priority) parameter 6-7, 6-22, 6-33
Server IP Address parameter
for LDAP server 6-33
for RADIUS server 6-7
for TACACS+ server 6-22
for wireless sniffer A-48
Server Key parameter 6-41, 15-24
Server Status parameter 6-8, 6-22
Server Timeout parameter 6-8, 6-22, 6-33
service port 3-4
service-port interface
configuring
using the GUI3-6to3-8, 3-10to 3-14
Set Priority button 4-13
Set reboot time 10-14
Set to Factory Default button 12-18
Severity Level Filtering parameter A-10
Shared Secret Format parameter 6-7, 6-22
Shared Secret parameter 6-8, 6-22
Short Preamble Enabled parameter 6-47
short preambles 6-47
Show Wired Clients option 8-74
shunned clients
described 6-106
Signature Events Summary page 6-116
Signature Events Track Detail page 6-117
Simple Bind parameter 6-33
sniffing. See wireless sniffing A-47
Sniff parameter A-48
SNMP engine Id 4-38
SNMP v1 / v2c Community page 4-39
SNMP v3 users
changing default values using the GUI4-40to 4-41
SNMP V3 Users page 4-41
software, upgrading
software, upgrading in mesh networks
guidelines 10-5
Source parameter for ACLs 6-58, 15-18
Source Port parameter 6-59, 15-18
Spanning Tree Algorithm parameter 3-30
spanning tree protocol 3-31
spanning tree protocol (GUI) 3-28
Spanning Tree Protocol (STP)
described 3-27
spanning-tree root 3-27
Spanning Tree Specification parameter 3-29
SpectraLink NetLink phones
overview 6-47
Spectralink Voice Priority parameter 4-89
Spectrum Expert 13-24
splash page web redirect 7-82
Splash Page Web Redirect parameter 7-84
SRE 1-10
SSC key-hash on Cisco WiSM 8-29
SSH
and OfficeExtend access points 8-64, 8-66
configuring
troubleshooting access points
SSH parameter A-51
SSID
configuring
using the CLI 7-6
using the GUI 7-5
described 7-1
SSL certificate
generating
using the CLI 2-19
loading
SSLv2, configuring for web administration 2-19
SSLv2 for web authentication, disabling 11-13
Standard Signatures page 6-115
stateful DHCPv6 IP addressing 7-61
static IP address
configuring
using the CLI 8-51
using the GUI 8-50
described 8-48
Static IP parameter 8-49
Static Mobility Group Members page 14-12
Statistics option 9-114
Status parameter
for DHCP scopes 7-17
for guest LANs 11-32
for SNMP community 4-39
Sticky PMKID Caching 7-33
STP Mode parameter 3-28
STP Port Designated Bridge parameter 3-28
STP Port Designated Cost parameter 3-28
STP Port Designated Port parameter 3-28
STP Port Designated Root parameter 3-28
STP Port Forward Transitions Count parameter 3-28
STP Port Path Cost Mode parameter 3-28
STP Port Path Cost parameter 3-29
STP Port Priority parameter 3-28
STP State parameter 3-28
strong passwords 8-23
Summary page 2-36
switch, configuring at the remote site 15-8
Switch IP Address (Anchor) parameter 14-21
SX/LC/T small form-factor plug-in (SFP) modules 3-3
symmetric mobility tunneling
illustrated 14-25
verifying status
using the CLI 14-26
Symmetric Mobility Tunneling Mode parameter 14-26
syslog
described A-39
levels A-11
Syslog Configuration page A-10
syslog server
number supported by controller A-10
removing from controller A-10
severity level filtering A-10
Syslog Server IP Address parameter A-10
system logging
configuring
setting severity level A-11
system logs, viewing using the CLI A-15
system messages A-3
System Resource Information page A-7
system resources
viewing using the CLI A-7
viewing using the GUI A-6
T
TACACS+
accounting 6-18
authentication 6-17
authorization 6-18
choosing authentication priority order 6-23
configuring
using the CLI 6-24
using the GUI 6-23
described 6-17
TACACS+ (Authentication, Authorization, or Accounting) Servers > New page 6-22
TACACS+ (Authentication, Authorization, or Accounting) Servers page 6-22
TACACS+ Administration .csv page (on CiscoSecure ACS) 6-24, 6-26
TCP MSS
configuring 8-110
described 8-108
Telnet
and OfficeExtend access points 8-64, 8-66
troubleshooting access points
Telnet parameter A-51
Telnet sessions
configuring
Telnet-SSH Configuration page 2-35
Tertiary Controller parameters 8-79, 9-26
text2pcap sample output A-45
TFTP server guidelines 10-2
time, configuring
using the NTP server 2-30
time-length-values (TLVs), supported for CDP4-91to 4-92
Time Since Topology Changed parameter 3-29
timestamps, enabling or disabling in log and debug messages A-15
Time to Live for the PAC parameter 6-41, 15-25
time zone
configuring using the CLI 2-33
configuring using the GUI 2-32
TKIP
described 7-29
parameter 7-31
Topology Change Count parameter 3-29
traffic specifications (TSPEC) request
described 4-72
examples 4-72
traffic stream metrics (TSM)
configuring
using the GUI 4-76
described 4-73
viewing statistics
Transfer Mode parameter
downloading a CA certificate 10-23
downloading a configuration file 10-31
downloading a customized web authentication login page 11-23
downloading a device certificate 10-20
upgrading controller software 10-6
uploading a configuration file 10-29
uploading a PAC 10-26
uploading packet capture files A-25
Transition Time parameter 4-61
transmit power
statically assigning using the CLI 12-37
statically assigning using the GUI 12-37
transmit power levels 12-36
transmit power threshold, decreasing 12-18
trap logs
for OfficeExtend access points 8-62
troubleshooting
access point join process8-38to 8-43
Troubleshooting OEAPs A-53
tunnel attributes and identity networking 6-78
Tx Power Level Assignment parameter 12-40
Type parameter 7-4, 7-102, 11-31
U
U-APSD
described 4-73
viewing status
using the CLI 4-81
using the GUI 4-80
UDP, use in RADIUS 6-4
unicast mode 4-52
unique device identifier (UDI)
described 8-101
retrieving
using the CLI 8-102
Upload button 6-114, 8-45, 10-27, A-19, A-25
Upload CSV File parameter 15-24
Upload File from Controller page 8-44, 10-26, 10-29, A-18, A-24
URL parameter 11-21
URL to Send the Notifications parameter 4-21
USB console port, using on a 5500 series controller3-32to 3-33
Use AES Key Wrap parameter 6-7
User Access Mode parameter 11-3
user accounts, managing11-1to 11-25
User Attribute parameter 6-33
User Base DN parameter 6-33
User Credentials parameter 6-33
User Name parameter 6-29
Username parameter 8-18, 8-23, 8-24
User Object Type parameter 6-33
User parameter 10-26
User Profile Name parameter 4-41
Using CLI to monitor the Air quality 13-20
Using GUI to monitor air quality 13-19
Using Our SSID parameter 6-85
using the GUI 6-60
V
Validate Rogue Clients Against AAA parameter 6-83
Valid Client on Rogue AP parameter 6-85
Validity parameter 10-26
VCI strings 8-37
Verify Certificate CN Identity parameter 6-41
video information, viewing for mesh networks using the CLI9-98to 9-100
virtual interface
configuring
using the GUI3-6to3-8, 3-10to 3-14
described 3-13
VLAN Identifier parameter
for AP-manager interface 3-11
for dynamic interface 3-18, 3-19
VLAN interface. See dynamic interface
VLAN Mappings
button 15-13
page 15-13
VLANs
described 3-17
guidelines 3-23
VLAN Select 3-46
VLAN Support parameter 15-12
Voice & Video Optimized parameter 4-89
voice information, viewing for mesh networks using the CLI9-98to 9-100
Voice Optimized parameter 4-89
voice-over-IP (VoIP) telephone roaming 4-58
Voice RSSI parameter 12-15
voice settings
configuring
using the GUI 4-76
viewing
using the GUI 4-81
VoIP calls, error codes7-53to 7-55
VoIP snooping
described 7-50
VoIP Snooping and Reporting parameter 7-51
VPN passthrough
configuring using the GUI 7-43
W
webauth.tar files 11-26
webauth bundle 11-22
web authentication
certificate
obtaining using the CLI 11-9
obtaining using the GUI11-6to 11-8
configuring a WLAN for
using the GUI 7-39
described 11-9
successful login page 11-12
Web Authentication Certificate page 11-7
web authentication login page
choosing the default
customizing from an external web server
default 11-11
modified default example 11-16
Web Authentication option 11-32
Web Authentication Type parameter 11-13, 11-20, 11-23
Web Auth Type parameter 11-26, 11-33
web-browser security alert 11-10
web mode
described 2-18
Web Passthrough option 11-32
Web Policy parameter 6-63, 7-40, 7-84
Web Server IP Address parameter 11-21
Web Session Timeout parameter 2-18
WEP keys, configuring 7-28
WGB parameter 8-74
WGB Wired Clients page 8-74
wired guest access
configuration overview 11-30
one-controller example 11-29
two-controller example 11-30
wireless intrusion prevention system (wIPS)
described 6-121
viewing information 6-127
wireless sniffing
configuring
using the GUI A-48
prerequisites A-47
WLAN mobility security values 14-23
WLAN override 10-2
WLAN Profile parameter 6-29
WLANs
checking security settings 7-28
configuring
conditional web redirect7-84to 7-85
connecting clients to 15-15
creating
using the GUI 7-102
deleting
using the CLI 7-7
using the GUI 7-4
enabling or disabling
using the CLI 7-7
using the GUI 7-6
session timeout
described 7-37
splash page web redirect 7-82
wired security solution 1-5
WLANs > Edit (Advanced) page 7-51, 7-59, 7-86
applying an ACL to a WLAN 6-62
configuring infrastructure MFP for a WLAN 6-69
configuring NAC out-of-band integration 7-91
configuring the diagnostic channel A-29
WLANs > Edit (QoS) page 7-48
WLANs > Edit (Security > AAA Servers) page
choosing RADIUS or LDAP servers for external authentication 11-26
disabling accounting servers on a WLAN 7-85
WLANs > Edit (Security > Layer 2) page 7-31, 7-36
WLANs > Edit (Security > Layer 3) page
applying a preauthentication ACL to a WLAN 6-63
configuring a WLAN for VPN Passthrough 7-43
configuring web redirect 7-84
configuring wired guest access 11-32
WLANs > Edit page 7-5, 7-102, 11-32
WLANs page 7-3, 7-6, 7-9, 7-10, 7-102, 14-21
WLAN SSID parameter
configuring for guest user 11-4
creating WLANs 7-5
mapping an access point group to a WLAN 7-74, 7-92
WMM
described 7-46
with CAC 4-72
WMM Policy parameter 7-48
workgroup bridges (WGBs)
debugging 8-75
described 8-70
illustrated 8-52, 8-63, 8-68, 8-71
sample configuration 8-73
viewing status
using the CLI 8-74
WPA2 Policy parameter 7-31
WPA Policy parameter 7-31
wplus license. See licenses