-
Cisco Wireless Control System Configuration Guide, Release 4.1
-
Preface
-
Overview
-
Getting Started
-
Configuring Security Solutions
-
Performing System Tasks
-
Adding and Using Maps
-
Monitoring Wireless Devices
-
Managing WCS User Accounts
-
Configuring Mobility Groups
-
Configuring Controllers and Access Points
-
Using Templates
-
Maintaining WCS
-
Configuring Hybrid REAP
-
Alarms and Events
-
Running Reports
-
Administrative Tasks
-
WCS and End User Licenses
-
Conversion of a WLSE Autonomous Deployment to a WCS Controller Deployment
-
Index
-
Table Of Contents
Numerics - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W -
Numerics
802.11a policy name 10-47
802.11b/g RRM interval template 10-56
802.11b/g RRM threshold templates 10-55
802.11b/g voice templates 10-52
802.11 counters report 13-9, 13-10
802.11h template
configuring 10-57
802.11 security trap 10-63
802.1X 10-12
802.3 bridging
configuring 9-10
A
AAA override 10-15
AAA servers 10-14
AAA traps 10-63
access control list template 10-36, 10-46
accessing the schedule panel 13-3
access point
configuring for hybrid REAP 12-9
access point/radio templates 10-68
access point authentication and MFP templates 10-41
access point authorization template 10-34
access point inventory report 13-7
access point load
avoiding 10-49
access point placement 5-20
access point reports 13-4
modifying 13-4
viewing 13-4
access points
adding 5-18
configuring 9-10
converting to LWAPP B-2
searching 9-14
access point security statistics
for mesh 6-30
access point templates
adding 10-67
access point traps 10-63
ACL template 10-36
configuring 10-36
active sessions
monitoring 7-4
adaptive scan threshold 10-55
add config groups 8-15
adding access points 5-18
adding access point templates 10-67
adding a license A-5
adding chokepoints 5-29
adding controllers 9-2
adding controllers from config group 8-17
adding guest user accounts 7-11
adding templates from config group 8-17
adjusted link metric 6-24
administration menu 2-14
advanced debug 5-50
advanced options 5-15
definition 5-17
Advanced tab
on WLAN template 10-17
Aironet IE 10-17
alarm 14-1
alarm emails 14-55
alarms 14-1
search filters 14-4
alarm severity
configuring 14-54
alarm trigger threshold 10-42
alternate parent
for mesh 13-8
analyzing element location accuracy 5-50
anonymous provisioning 10-29
AP list by location 13-4
AP list by location report 13-4
AP list by SSID 13-4
applying calibration models 5-46
applying config groups 8-18
applying controller templates 10-66
AP policies 3-6
AP policies template 10-38
AP profile status report 13-4
audience of document ii
auditing config groups 8-18
audit reports
configuring 9-5
authentication order
managing 9-4
authentication priority 9-5
authentication process
Hybrid REAP 12-2
automatic backups, scheduling 11-4, 15-2
automatic client exclusion 10-18
auto-synchronizing location appliances 11-10
avoid access point load 10-49
avoid Cisco AP load 10-49
avoid foreign AP interference 10-49
avoid non-802.11 noise 10-49
B
background tasks 11-12
running 15-2
backing up location appliance data 11-11
backing up the WCS database
on Windows 11-5
backup and restore license A-6
bandwidth
making expedited 10-53
bridging link information 6-36
bronze 10-16
buildings
adding to a campus map 5-3
adding to WCS database 5-4
busiest APs report 13-4
busiest clients report 13-5
C
CAC
enabling 9-5
CA certificates 4-5
calculating access point requirements 5-13
calibration models 5-46
applying 5-46
monitoring 5-49
call admission control 10-52
campus map, adding to WCS database 5-2
cascade reboot 8-19
caution, defined iii
CCA sensitivity 10-51
channels
monitoring on a floor map 5-39
checking the status of WCS
on Linux 11-2
on Windows 11-2
chokepoints 5-29
adding 5-29
removing 5-36
Cisco AP load
avoiding 10-49
Cisco Discovery Protocol 9-13
Cisco UDI 5-16
Cisco Unified Wireless Network Solution 5-50
Cisco WCS base A-2
Cisco WCS location A-2
Cisco Wireless LAN Solution
overview 1-2
CKIP 10-13
clear config 9-14
client association report 13-5
client authentication provision 10-29
client count report 13-5
client devices
connecting to WLANs 12-12
client exclusion 10-18
happening automatically 10-18
client exclusion policies template 10-39
client properties 6-9
client related traps 10-62
client report
creating new 13-6
modifying 13-6
viewing 13-6
clients
finding 6-16
map 6-18
monitoring on a floor map 5-41
parameters 5-41
clients, monitoring on floor map 5-41
client statistics 6-18
client troubleshooting 6-5
combined inventory report 13-7
command buttons 2-15
config group
adding controllers 8-17
adding templates 8-17
applying 8-18
auditing 8-18
configuring 8-16
creating 8-15
downloading customized webauth 8-21
downloading IDS signatures 8-20
downloading sw to controllers 8-19
rebooting 8-19
removing controllers 8-17
removing templates 8-17
configure menu 2-14
configuring 802.3 bridging 9-10
configuring access control lists 10-46
configuring access points 9-10
configuring a client exclusion policy template 10-39
configuring a CPU ACL template 10-36
configuring alarm severity 14-54
configuring audit reports 9-5
configuring config group 8-15
configuring the controller for hybrid REAP 12-6
configuring firewall for WCS 3-5
configuring general templates 10-3
configuring global email parameters 15-12
configuring high density templates 10-50
configuring Hybrid REAP 12-1
Configuring IDS 3-8
Configuring IDS signatures 3-9
configuring IDS signatures 3-9
configuring intrusion detection systems 3-8
configuring a LDAP server template 10-23
configuring a local EAP general template 10-26
configuring a local EAP profile template 10-27
configuring a manually disabled client template 10-35
configuring a mesh template 10-58
configuring an 802.11h template 10-57
configuring an access point for hybrid REAP 12-9
configuring an EAP-FAST template 10-28
configuring multiple country codes 8-12
configuring a network access control template 10-25
configuring RADIUS servers 15-6
configuring an RRM interval template 10-56
configuring an RRM threshold template 10-55
configuring a policy name template 10-47
configuring a roaming parameters template 10-54
configuring a rogue policies template 10-37
configuring the switch
for hybrid REAP 12-4
configuring a TACACS+ server template 10-24
configuring a trusted AP policies template 10-38
configuring a user authentication priority template 10-66
configuring a user login policies template 10-33
configuring a video parameter template 10-53
configuring a voice parameter template 10-52
configuring templates
802.11a policy name 10-46
802.11b/g RRM interval 10-56
802.11b/g RRM threshold 10-53
802.11b/g voice 10-52
access point/radio 10-68
access point authentication and MFP 10-38
access point authorization 10-34
ACL 10-35
file encryption 10-18
guest users 10-32
known rogue access point 10-57
local management user 10-65
local net users 10-23
MAC filter 10-33
QoS 10-6
RADIUS accounting 10-22
RADIUS authentication 10-20
syslog 10-64
Telnet SSH 10-63
traffic stream metrics QoS 10-7
trap control 10-61
trap receiver 10-61
web authentication 10-42
WLAN 10-9
connecting client devices
to WLANs 12-12
connecting to the Guest WLAN 3-18
controller inventory report 13-7
controllers
adding 9-2
adding to WCS database 4-2
configuring for hybrid REAP 12-6
pinging network devices 6-20
searching 9-4
specified 1-2
viewing status and configurations 6-21
controller templates
applying 10-67
controller utilization report 13-9
conventions of document iii
converting WLSE autonomous to WCS controller B-1
counters report
for 802.11 13-9
country codes
setting 9-3
coverage holes
finding 6-20
monitoring on a floor map5-40to 5-41
coverage hole summary report 13-10
cranite 10-12
creating guest user accounts 7-9
creating a lobby ambassador account 7-9
creating a network design 5-23
creating a new access point report 13-5
creating a new client report 13-6
creating a new inventory report 13-7
creating a new mesh report 13-9
creating a new performance report 13-10
creating a new security report 13-11
creating calibration models 5-41
CSV file format 10-31
customized webauth
downloading 8-21
Customized Web authentication 3-15
customized web authentication
downloading 10-43
Custom signature 3-12
D
data management tasks
performing 15-9
deleting a guest user 3-18
deleting a license A-6
deleting a report 13-3
deleting guest user templates 7-13
designing a network 5-23
detecting a suspicious client 3-8
device certificates 4-4
DHCP server
overriding 10-18
disable report schedule 13-2
disabling IDS signatures 3-11
document
audience ii
conventions iii
organization ii
purpose ii
documentation
obtainingiii
downloading a customized web authentication page 10-43
downloading customized webauth3-15, 8-21
downloading IDS signatures 3-10
from your config group 8-20
downloading sw to controllers
after adding config group 8-19
downloading vendor CA certificates 4-5
downloading vendor device certificates 4-4
downstream delay 10-8
downstream packet loss rate 10-8
drawing polygon areas
using map editor 5-10
DTIM 10-48
E
EAP-FAST template 10-28
editing guest users 7-12
Editing signature parameters 3-13
edit link 5-5
configuring parameters 15-11
email notification
alarms 14-55
enable report schedule 13-2
enabling high density 9-7
enabling IDS signatures 3-11
enabling load-based CAC 9-5
enabling Web login 3-14
end user license agreementA-6
establishing logging options 15-8
event history 6-7
event notification 1-5
events 14-1
expedited 10-53
expedited bandwidth 10-53
exporting WLSE map data 5-42
F
file encryption template 10-18
filtering
using to modify maps 6-34
filtering options 6-35
finding clients 6-16
firewall, configuring for WCS 3-5
floor maps
modifying appearance 5-49
floor plans
adding to a campus building5-6to 5-8
adding to a standalone building5-8to 5-9
enhancing with map editor 5-9
foreign access point interference
avoiding 10-49
foreign AP interference
avoiding 10-49
fortress 10-12
Frame type 3-12
G
general tab
client properties 6-9
RF properties 6-11
security 6-12
general templates
configuring 10-3
generate password 10-32
global settings
for standard and custom signatures 3-13
gold 10-16
guest user
deleting 3-18
guest user account
adding 7-11
creating 7-9
managing 7-11
scheduling 7-14
guest user details
emailing 7-15
print 7-15
guest users
viewing and editing 7-12
guest user templates 10-32
deleting 7-13
Guest WLAN
connecting 3-18
guidelines for using the map editor 5-9
H
heat map
described 5-19
Heatmap cutoff 5-50
help menu 2-14
hierarchy
of mesh network 6-32
hierarchy of mesh parent to child 6-35
high density
enabling 9-7
requirements 9-7
templates 10-50
historical report type 13-1
Hybrid REAP
Hybrid REAP local switching 10-17
hysteresis 10-55
I
IDS 3-8
configuring 3-8
IDS event correlation 14-57
IDS sensors 3-8
IDS signature attacks
viewing 14-56
IDS signature events
viewing 3-14
IDS signatures 3-9
disabling 3-11
downloading 3-10
downloading from config group 8-20
enabling 3-11
uploading 3-9
importing the location appliance
into WCS 11-7
importing WLSE map data 5-42
indicator of alarms 2-15
information elements
Aironet 10-17
installing a license A-4
installing WCS
for WLSE conversion B-3
inter-subnet roaming 8-4
intrusion detection systems 3-8
inventory reports 13-7
creating 13-7
modifying 13-7
viewing 13-7
K
KEK
key encryption key 10-20
key wrap 10-20
known rogue access point templates 10-60
L
laptop icon 6-18
Layer 1 security solutions 3-2
Layer 2 10-11
Layer 2 security solutions 3-2
Layer 3 10-13
Layer 3 security solutions 3-2
Layer 3 to Layer 2 mode, converting Cisco Wireless LAN Solution 3-4
LDAP server
configuring a template for 10-23
LEAP authentication
requirements 8-8
license
adding A-5
backup and restore A-6
deleting A-6
license agreementA-6to ??
license installation A-4
license management A-5
licenses A-2
license types A-2
licensing
on WLSE network management B-4
lifetime 7-13
link aggregation 10-5
link aggregation (LAG)
guidelines12-4to ??
link metric
adjusted 6-24
unadjusted 6-24
link SNR 6-24
link stats
for mesh 13-8
link test
running 6-36
link test result 6-38
load-based CAC 10-53
enabling 9-5
lobby ambassador 7-9
creating 7-9
logging activites 7-15
Local EAP check box 10-15
local EAP general template 10-26
local EAP profile template 10-27
local management user template 10-65, 10-66
local net users template 10-30
local password policy 15-5
local switching
Hybrid REAP 10-17
location accuracy
analyzing 5-50
using testpoints 5-50
location appliance
importing 11-7
location appliance data
backing up 11-11
location appliance functionality 4-3
location appliances
adding to WCS database 4-2
auto-synchronizing 11-10
relationship with WCS Location 1-5
location menu 2-14
location server inventory report 13-7
location server utilization 13-10
location tab 6-15
location upgrade A-3
log analysis 6-6
logging 15-4
logging in
to the WCS user interface 7-10
logging into the WCS user interface2-11to 2-13
logging options 15-8
logging the lobby ambassador activities 7-15
login.html 3-15
long preambles, enabling for SpectraLink NetLink phones 4-6
M
MAC filtering 10-13
MAC filter template 10-33
MAC frequency 3-12
MAC information 3-12
MACK
message authenticator code keys 10-20
maintain image aspect ratio 5-42
management frame protection 3-6, 10-41
managing guest user accounts 7-11
managing licenses A-5
managing multiple WCSs 1-7
managing user authentication order 9-4
manually disabled client
template for 10-35
map
adding chokepoints 5-29
removing chokepoints 5-36
map editor
general notes 5-9
guidelines for using 5-9
using to draw polygon areas 5-10
map editor, enhancing floor plans 5-9
maps
searching 5-5
using to monitor link stats 6-22
using to monitor mesh AP neighbors 6-27
using to monitor mesh APs 6-25
map view
updating 6-35
menu bar 2-13
mesh access point neighbors
monitoring 6-27
mesh access points
monitoring 6-25
mesh alternate parent 13-8
mesh health 6-28
monitoring 6-28
mesh link statistics 6-22
mesh link stats 13-8
mesh network
monitoring using maps 6-22
mesh network hierarchy 6-32
mesh node hops 13-8
mesh packet error statistics 13-8
mesh packet statistics 13-8
mesh report
creating 13-9
modifying 13-8
viewing 13-8
mesh security statistics
for an AP 6-28
mesh template
configuring 10-58
mesh tree
viewing 6-32
mesh worst node hops 13-8
mesh worst SNR links 13-8
message integrity check information element 10-41
metrics
in QoS 10-8
MFP 3-6
MFP alarms
viewing 14-55
MFP client protection 10-18
MFP events
viewing 14-55
MFP signature generation 10-18
MFP templates 10-41
MIC IE 10-41
minimum RSSI 10-55
mirror mode 9-13
mobility 8-2
mobility anchors 8-10
mobility groups
configuring 8-7
prerequisites12-4
modifying access point reports 13-4
modifying client reports 13-6
modifying inventory reports 13-7
modifying map displays
using filters 6-34
modifying mesh reports 13-8
modifying performance reports 13-10
modifying security reports 13-11
modifying the appearance of floor maps 5-49
monitoring active sessions 7-5
monitoring calibration models 5-49
monitoring channels on a floor map 5-39
monitoring clients on a floor map 5-41
monitoring coverage holes 5-40
monitoring mesh access point neighbors 6-27
monitoring mesh access points
using maps 6-25
monitoring mesh health 6-23, 6-28
monitoring mesh link statistics
using maps 6-22
monitoring mesh networks
using maps 6-22
monitoring outdoor areas 5-41
monitoring predicted coverage 5-37
monitoring transmit power levels 5-40
monitor menu 2-14
multiple country codes
configuring 8-12
setting 9-3
N
N+1 redundancy 8-5
Navigator 1-7
network access control
configuring template 10-25
network design 5-23
network protection 3-8
Network Summary page 2-12, 6-22
new search 5-5
node hops
for mesh 13-8
noise
avoiding non-802.11 types 10-49
avoid non-802.11 10-49
non-802.11 noise
avoiding 10-49
note, defined iii
NTP server template 10-3
O
optimizing the controller for high density 9-7
organization of document ii
Outdoor areas
adding to a campus map5-4to 5-5
monitoring 5-42
overview
Cisco Wireless LAN Solution1-2
WCS 1-3
P
packet error statistics
for mesh 13-8
packet jitter 10-8
packet latency 10-8
packet loss 10-8
packet loss rate 10-8
packet statistics
for mesh 13-8
password rules
turning on or off 15-5
performance reports 13-9
creating 13-10
modifying 13-10
viewing 13-10
performing data management tasks 15-9
pico cell mode 10-48
pinging network devices from a controller 6-20
placement of access points 5-20
planning mode 5-14
to calculate access point requirements 5-13
platinum 10-16
PLR 10-8
policy manager solutions 3-3
policy name template
configuring 10-47
polygon areas
drawing with map editor 5-10
predicted coverage, monitoring5-37to 5-39
prerequisites 2-2
present map 6-18
print guest user details 7-15
protection type 10-41
purpose of document ii
Q
QoS 10-16
QoS templates 10-6
quiet time 3-12
R
radio measurements
receiving 6-19
radio resource management 10-49
radio utilization report 13-10
RADIUS accounting template 10-22
RADIUS authentication template 10-20
RADIUS servers
configuring 15-6
rebooting config groups 8-19
receiving radio measurements 6-19
recent map 6-17
related publications iii
removing chokepoints 5-36
removing controllers from config group 8-17
removing templates from config group 8-17
report
802.11 counters 13-9
access point inventory 13-7
access point type 13-4
busiest APs 13-4
busiest clients 13-5
client association 13-5
client count 13-5
combined inventory 13-7
controller inventory 13-7
controller utilization 13-9
coverage hole summary 13-10
deleting 13-3
disable schedule 13-2
enable schedule 13-2
location server inventory 13-7
location server utilization 13-10
mesh alternate parent 13-8
mesh link stats 13-8
mesh node hops 13-8
mesh packet error statistics 13-8
mesh packet statistics 13-8
mesh worst node hops 13-8
mesh worst SNR links 13-8
radio utilization 13-10
RF interference summary 13-10
rogues detected by APs 13-11
running 13-1
security summary 13-11
traffics stream metrics 13-4
traffic stream metrics 13-5
Tx power level and channel 13-10
unique client 13-6
voice statistics 13-10
reporting tag location 5-29
reset AP now 9-14
restoring WCS database on Linux 11-7
retrieving UDI 6-38
RF calibration model, creating 4-7
RF calibration tool 1-7
RF interference summary report 13-10
RF prediction heat map 5-20, 5-39
RF profile traps 10-63
RF properties 6-11
RF update traps 10-63
roaming 8-2
roaming parameters template
configuring 10-54
roaming time 10-8
rogue access points
acknowledging 6-5
alarm monitor 6-3
detecting and locating6-3to 6-4
map 6-5
solutions for 3-3
rogue access point templates 10-60
rogue detector 9-12
rogue policies
template for 10-37
rogues detected by APs 13-11
RRM 10-49
RRM interval template
configuring 10-56
RRM thresholds 10-55
RRM threshold template
configuring 10-55r
running a link test 6-36
running background tasks 15-2
running report 13-1
Rx sensitivity 10-51
S
saved searches 5-5
scan threshold 10-55
schedule panel
accessing 13-3
scheduling guest user account 7-14
search clients 6-17
search filters for alarms 14-4
searching access points 9-14
searching controllers 9-4
searching maps 5-5
security reports 13-11
creating 13-11
modifying 13-11
viewing 13-11
security statistics
for mesh 6-30
security summary report 13-11
sensors
viewing IDS types 3-8
sequence parameter 10-47
servers
synchronizing WCS and location servers 11-8
service options 5-16
setting multiple country codes 9-3
shunned clients 3-8
sidebar area 2-15
silver 10-16
skull-and-crossbones indicator 6-4
sniffer 10-69
sniffer mode 9-12
SNMP authentication 10-62
SNR down 6-24
SNR UP 6-24
software
downloading config groups to controllers 8-19
updating 4-3
SpectraLink NetLink phones, enabling long preambles 4-6
standard signature 3-12
starting WCS
on Linux 2-11
on Windows 2-10
static WEP 10-12
static WEP 802.1X 10-12
statistics 13-8
statistics tab 6-13
status, checking 11-2
status report
AP profile 13-4
stopping WCS
on Linux 11-3
on Windows 11-3
supported Cisco WLSE management stations B-2
sweep client power for location 5-49
switch
configuring for hybrid REAP 12-4
symmetric mobility tunneling 10-5
symmetric tunneling 8-5
synchronize servers 11-8
syslog templates 10-64
System requirements 2-2
T
TACACS+ server
configuring 15-5
configuring a template for 10-24
tag location reporting 5-29
Telnet SSH templates 10-63
template for configuring network user credentials 10-29
templates
using 10-1
testpoints 5-50
TFTP server 3-9
traffic indicator message 10-48
traffic stream metrics 10-53
traffic stream metrics QoS status 10-8
traffic stream metrics QoS template 10-7
traffic stream metrics report 13-4, 13-5
graphical 13-4
transition time 10-55
transmit power level 10-48
monitoring on a floor map 5-40
values 5-40
trap
802.11 security 10-63
trap control templates 10-61
trap receiver template 10-61
traps
AAA 10-63
access point 10-63
client related 10-62
RF profile 10-63
RF update 10-63
unsupported 14-53
WPS 10-63
traps added in 2.1 14-28
traps added in 2.2 14-31
traps added in 3.0 14-34
traps added in 3.1 14-36
traps added in 3.2 14-39
traps added in 4.0 14-40
traps added in 4.0.96.0 14-44
traps added in 4.1 14-46
trend report type 13-1
troubleshooting a client 6-5
trusted AP policies
template for 10-38
tunneling 8-5
turning password rules on or off 15-5
Tx channel report 13-10
Tx power level report 13-10
U
UDI
retrieving on controllers and access points 6-38
unadjusted link metric 6-24
uninstalling WCS
on Linux 11-13
on Windows 11-13
unique client report 13-6
unique device identifier 6-38
unsupported traps 14-53
update map view 6-35
updating system software 4-3
upgrading to Linux 4
during WLSE conversion B-4
upgrading WCS
on Linux 11-15
on Windows 11-14
uploading IDS signatures 3-9
upstream delay 10-8
upstream packet loss rate 10-8
user accounts
for guest 7-9
user authentication order
managing 9-4
user authentication priority template
configuring 10-66
user credential retrieval priority 10-29
user details
emailing 7-15
printing 7-15
user groups 7-3
user interface 2-13
user login policies
configuring a template 10-33
user preferences 15-13
using chokepoints 5-29
using filtering 6-34
using maps
to monitor mesh access points 6-25
to monitor mesh AP neighbors 6-27
to monitor mesh link statistics 6-22
using maps to monitor mesh networks 6-22
using planning mode 5-10
using template
ACL 10-36
using templates 10-1
802.11a policy name 10-47
802.11b/g RRM interval 10-56
802.11b/g RRM threshold 10-55
802.11b/g voice 10-52
access point/radio 10-68
access point authentication & MFP 10-41
access point authorization 10-34
file encryption 10-18
guest users 10-32
known rogue access point 10-60
local management user 10-65, 10-66
local net users 10-30
MAC filter 10-33
NTP server 10-3
QoS 10-6
RADIUS accounting 10-22
RADIUS authentication 10-20
syslog 10-64
Telnet SSH 10-63
traffic stream metrics QoS 10-7
trap control 10-61
trap receiver 10-61
web authentication 10-42
WLAN 10-9
using testpoints
to analyze element location accuracy 5-50
utilization repo