1. On theConfigure > Access Points > Global AP > General page, to set the LED state of all access points connected to the device to blink so that the access points are easily located, check the LED State check box.
2. Each device has a defined number of communication ports for access points. When multiple devices with unused access point ports are deployed on the same network and one device fails, the dropped access points automatically poll for unused device ports and associate with them. To enable failover for access points connected to your device, check the Global AP Failover Priority check box.
3. Check the CDP State check box to enable Cisco Discovery ProtocolThe Cisco Discovery Protocol (CDP) is used between the network devices to discover properties of the other end of an interface and the device. When CDP is enabled on an interface, the device sends its properties and interface information to the device at the other end of the interface. The device has an option to enable or disable CDP on all or a specific access point. This configuration is applied to the global CDP state on the access point. (CDP) on all access points. To enable CDP on ethernet interfaces and radio slots on access points, check the CDP State check box against each interface port or radio slot.
4. Click Apply.

Cisco access points are shipped from the factory with “Cisco” as the default enable password. This password allows users to log in to the unprivileged mode and execute show and debug commands, which poses a security threat. The default enable password must be changed to prevent unauthorized access and to enable users to execute configuration commands from the access point’s console port.

1. On the Configure > Access Points > Global AP > Credentials page, in the Login Credentials section, enter a global username and password for all the access points that connect to the device. Confirm the password. The password should contain characters from at least three of the following classes: lowercase letters, uppercase letters, digits, and special characters. No character in the password can be repeated more than three times consecutively. The password should not contain the management username or the reverse of the username. The password should not contain words like Cisco, oscic, admin, nimda or any variant obtained by changing the capitalization of letters by substituting 1, |, or ! or substituting 0 for o or substituting $ for s.
2. Enter and confirm the secret password.
3. Click Apply.

You can configure 8021.1X authentication between lightweight access points and the switch. The access point acts as an 802.1X supplicant and is authenticated by the switch using EAP-FAST with anonymous PAC provisioning. You can set global authentication settings that all access points inherit as they join the controller, which includes all access points that are currently joined to the controller and any that join in the future. If desired, you can override the global authentication settings and assign unique authentication settings for a specific access point.

1. On the Configure > Access Points > Global AP > Credentials page, in the 802.1x Supplicant Credentials section.
2. Check the Credentials Required check box.
3. Enter the username and password. Ensure that the password is at least 8 characters long; a combination of upper case and lower letters, numbers and symbols; and that is not a word in any language.
4. Click Apply.

You can configure primary and secondary backup controllers for all access points (which are used if primary, secondary, or tertiary controllers are not responsive) in this order: primary, secondary, tertiary, primary backup, and secondary backup. In addition, you can configure various timers, including heartbeat timers and discovery request timers. To reduce the controller failure detection time, you can configure the fast heartbeat interval (between the controller and the access point) with a smaller timeout value. When the fast heartbeat timer expires (at every heartbeat interval), the access point determines if any data packets have been received from the controller within the last interval. If no packets have been received, the access point sends a fast echo request to the controller.

1. On the Configure > Access Points > Global AP > High Availability page, enter the time (in seconds) in the AP Heartbeat Timeout field, to configure the heartbeat timer for all access points. Specifying a small heartbeat interval reduces the amount of time it takes to detect device failure.
2. In the AP Discovery Timeout field, enter a value between 30 and 3600 seconds (inclusive) to configure the access point primary discovery request timer.
3. Click Apply.

When a device goes out of service, the access point associated with it falls back to the next available controller. Before associating itself to a new device, the access point first tries to establish a connection with the existing device that it is associated with. It sends a request (known as a retransmission) at regular intervals to the device and for a specified number of times (retry count). If the access point does not get an acknowledgment from the device, it tries to associate itself to the next available device.

You can configure the retransmission intervals and retry counts both at a global as well as a specific access point level.

1. On the Configure > Access Points > Global AP > Advanced page, in the AP Retransmit Count field, enter the number of times that you want the access point to retransmit the request to the device and vice-versa. Valid range is between 3 and 8.
2. In the AP Retransmit Interval field, enter the time duration between retransmission of requests. Valid range is between 2 and 5.
3. Check the Global TCP Adjust MSS check box to set the MSS for all access points that are associated with the device.
4. Click Apply.

1. Choose Configure > Access Points > Global AP. Click the Hyperlocation tab.
2. To enable Hyperlocation on all the APs that have the Cisco Hyperlocation module and are associated with the device, select the Hyperlocation Enable check box. Cisco Hyperlocation is a location solution that allows to track the location of wireless clients with the accuracy of one meter.
3. Enter the Detection Threshold (dBm) value to filter out packets with low RSSI.
4. Enter the Trigger Threshold (cycles) value to set the number of scan cycles before sending a BAR to clients. The valid range is 0 to 99.
5. Enter the Reset Threshold (cycles) value to reset value in scan cycles after trigger.

Note: Ensure that the Reset Threshold value is always less than the Trigger Threshold value.

6. Enter the IPv4 address of the NTP server.
7. To enable Hyperlocation on all the APs that have the Cisco Hyperlocation module and are associated with the device, check the Hyperlocation Enable check box.
8. Click Apply.

If your access points are Bluetooth Low Energy (BLE) enabled, they can transmit beacon messages or small packets of data or attributes transmitted over a low energy link. These BLE beacons are frequently used for health monitoring, proximity detection, asset tracking, and in-store navigation.

1. Choose Configure > Access Points > Global AP. Click the BLE tab.
2. In the Interval field, select a value to indicate how often you want your access points to send out beacon advertisements to nearby devices.
3. To edit a beacon, click the edit button for the beacon.
4. To enable the beacon to send advertisements, choose Enable in the Status field. By default, all beacon advertisements are disabled.
5. In the UUID field, enter a unique alphanumeric value to identify the beacon.
6. In the Tx Power field, choose a value between -52 and 0 Decibel-milliwatts (dBM) to determine how powerful the signal transmitted by your beacon should be.
7. Click Apply.