The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco Wireless CW9178I Overview
The Cisco Wireless CW9178I is Cisco’s high end Wi-Fi 7 Access Point Platform with an hexa radio architecture providing the full capability of Wi-Fi 7 Features based on 802.11be amendment such as 4K Modulation, Multi Link Operation (MLO), 320 MHz channel width, Pre-amble puncturing, Multi Resource Units, compressed block ack enhacements of upto 512 MPDUs and Wi-Fi Protected Access 3 (WPA3) security, all while being able to leverage advanced RF visibility with Cisco CleanAir® Pro together with an artificial intelligence and machine learning (AI/ML)-driven scanning radio.
The Cisco Wireless CW9178I is a Unified Product with one SKU, that can be deployed with a Cisco Catalyst Wireless LAN Controller or Meraki Cloud based deployments. The CW9178I access can be deployed anywhere in the world just with the single SKU and avoids the need to buy a region or country specific SKU based on regulatory domain.
The Cisco Wireless CW9178I supports the entire Cisco Catalyst wireless stack functionality with Cisco Catalyst Center (Automation and Assurance), Cisco Spaces (Location and IoT), Identity Services Engine (security), and more. Throughout this guide, you will learn how the CW9178I is a wireless powerhouse that can take your network to the next level.
Table 1. Cisco® Catalyst® Wireless 9800 Series controller software support matrix
Supported IOS XE releases |
Cisco IOS XE 17.15.2 and later |
Supported Controller platforms
CW9178I APs are supported with the following Catalyst 9800 Series Controllers:
● 9800-H1
● 9800-H2
● 9800-M
● 9800-80
● 9800-40
● 9800-L
● 9800-CL
Note: Embedded wireless controller on AP (EWC) functionality is not supported on the CW9178I, both as an active EWC or a subordinate AP.
Table 2. CW9178I At a Glance
Capability |
Details |
Product ID |
CW9178I |
Scale |
1600 Clients (400 clients per radio) |
Serving Radio |
● 2.4 GHz (Slot 0), 4x4:4 spatial streams
● 5 GHz (Slot 1), 4x4:4 spatial streams
● 5 GHz (Slot 2), 4x4:4 spatial streams
● 6 GHz (Slot 3), 4x4:4 spatial streams
Note: CW9178I can operate as Tri-radio or Quad-radio, with Tri-radio as the default mode. |
IoT Capabilities |
● Dedicated 2.4 GHz IoT Radio
● Application Hosting Capabilities
|
Scanning Radio |
Yes |
Wi-Fi 7 Features |
● 4K QAM
● 320 MHz Channel Width
● Multi-Link Operation
● Preamble Puncturing
● Multi Resource Units
● Compressed Block Ack with 512 MPDUs
● UL Triggered OFDMA
|
Wi-Fi 6 Features |
● MU-MIMO
● OFDMA
● BSS Coloring
● TWT
|
LAN Port |
2xPOE-IN 10Gig mGig Ports |
Ports |
mGig0, mGig1, Console |
Antenna |
Integrated, Omnidirectional |
Dimensions |
9.9x9.9x2.0 inches 25x25x5.1 cm |
Weight |
4.1 lb (1.87 kg) |
USB |
9W Output |
SSIDs |
● 2.4 GHz: 16
● 5 GHz: 16
● 6 GHz: 16
|
MTBF |
● 25°C: 942,282 hrs
● 50°C: 332,257 hrs
|
Environment |
● Non-operating (storage) temperature: -22° to 158°F (-30° to 70°C)
● Non-operating (storage) altitude test: 25°C (77°F) at 15,000 ft (4570 m)
● Operating temperature: 32° to 122°F (0° to 50°C)
● Operating humidity: 10% to 90% (noncondensing)
● Operating altitude test: 40°C (104°F) at 9843 ft (3000 m)
|
Antenna Gain |
● 2.4 GHz: 4dBi
● 5 GHz: 5 dBi
● 6 GHz: 6dBi
|
Geo Location |
Inbuilt GPS/GNSS Module; provision to connect an external GPS/GNSS Antenna. |
Table 3. Serving Radio Specifications
Mode |
2.4 GHz Slot 0 |
Primary 5 GHz (Slot 1) |
Secondary 5 GHz (Slot 2) |
6 GHz (Slot 3) |
Tri-radio 12SS |
● 4x4:4SS
● (20 MHz)
|
● 4x4:4SS
● (20/40/80/160 MHz)
|
NA
|
● 4x4:4SS
● (20/40/80/160/320 MHz)
|
Quad-radio 12SS |
● 4x4:4SS
● (20 MHz)
|
● 4x4:4SS
● (20/40/80/160 MHz)
|
● 4x4:4SS
● (20/40/80/160 MHz)
|
● 4x4:4SS
● (20/40/80/160/320 MHz)
|
The Cisco Wireless 9178I is interoperable with the following network management and security solutions.
Table 4. Software Interoperability
Catalyst 9800 |
Cisco Catalyst Center |
Cisco Spaces |
ISE |
17.15.2 |
TBD |
TBD |
TBD |
The CW9178I has an altogether new design which is aesthetically appealing allowing you to identify it among other APs instantly.
The CW9178I Wi-Fi 7 AP is similar in size and weight to the mid-range and high-end Catalyst Wi-Fi 6 and Wi-Fi 6E APs and smaller and lighter than many of the Cisco Catalyst APs prior to Wi-Fi 6. However, it boasts a much more robust hexa-radio architecture, a dedicated scanning radio, a dedicated IoT radio, an inbuilt GPS and GNSS module, Ultra Wide Band Radio, two 10 Gig Multigigabit ports, and supports Wi-Fi 7.
The following figures depict the ports and reset button on the CW9178I:
The CW9178I is compatible with the Cisco Low Profile Mounting Bracket AIR-AP-BRACKET-1 (default option) and Cisco Universal Mounting Bracket AIR-AP-BRACKET-2 mounting brackets. This AP is also compatible with the AIR-AP-T-RAIL-R and AIR-AP-T-RAIL-F for T-rail drop ceiling. These brackets are the same AP brackets provided for all Tier 2 and 3 enterprise-class APs for the last 15+ years. This backward compatibility streamlines the day-0 process for brownfield deployments, allowing the CW9178I to be mounted on existing brackets. In addition, the CW9178I can be mounted using the AIR-CHNL-ADAPTER clip for channel-rail ceiling grid profiles.
For more details on mounting the access point, refer the following documents:
● Cisco Wireless 9178I Hardware Installation Guide
● Access Point Mounting Instructions
The following figures provide details about the AIR-AP-Bracket-1 and AIR-AP-Bracket-2 for reference:
The use of proper cable types will enhances the performance of the CW9178I. Since this AP has 5-Gbps ports, it is recommended to use either CAT6 or CAT 6a cable which support speeds of up to 10 Gbps. CAT 5e cables can still be used; however, the AP’s performance may get degraded.
The table below lists the various cable types that can be used with the CW9178I.
Table 5. Cable Types Supported
Cable Type |
Speeds |
Maximum Length |
CAT 5e |
5 Gigabit |
328 feet (100 meters) |
CAT 6 |
1/2.5/5 Gigabit |
330 feet (100 meters) |
10 Gigabit |
164 feet (50 meters) |
|
CAT 6a |
10 Gigabit |
330 feet (100 meters) |
The following table depicts the radio, port, USB performance, and maximum power draw based on the AP’s input power. For optimal performance, 803.2bt is required.
Note: It’s recommended to use Cat 6 or Cat 6A cables for the best performance.
Table 6. PoE specifications for CW9178I on Cisco IOS XE 17.15.2
Power Source |
Number of Spatial Streams |
2.4 GHz Radio (Slot 0) |
5 GHz Radio (Slot 1) |
5 GHz Radio (Slot 2) |
6 GHz Radio (Slot 3) |
10 Gig Port 0 |
10 Gig Port 1 |
USB |
IoT/GPS/UWB/Scan Radio |
802.3af (PoE) |
NA |
Disabled |
Disabled |
Disabled |
Disabled |
1G |
Disabled |
Disabled |
Y |
802.3at (PoE+) (Quad Radio) |
8** |
2x2 |
2x2(HB) |
2x2(LB) |
2x2 |
2.5G |
2.5G |
Disabled |
Y |
802.3at (PoE+) (Tri Radio) |
8** |
2x2 |
4x4(FB) |
Disabled |
2x2 |
1G |
1G |
Disabled |
Y |
802.3 bt (PoE++ /UPOE) (Class 6) |
16 |
4x4 |
4x4(LB) |
4x4(HB) |
4x4 |
10G |
10G |
Yes/9W |
Y |
802.3af (PoE) |
NA |
Disabled |
Disabled |
Disabled |
Disabled |
1G |
Disabled |
Disabled |
Y |
Note: ** Starting IOS-XE ver 17.15.3. Till then the number of spatial streams will be limited to 6.
The CW9178I comes with dual 10 Gig multigigabit (mGig) ports. These two 10-Gbps uplink ports can be used together to support a link aggregation configuration and provide uplink high availability and port PoE redundancy.
This feature allows you to plug a PoE source into both uplink ports for high availability and prevent the AP from restarting if power from a single source is lost. When both ports are plugged in, the AP will assume port 0 (left port) as primary (active) and port 1 (middle port) as secondary (standby). The AP will negotiate power in both the ports.
In Non LAG Deployment, AP will draw power only from the primary source; however, if the primary source goes down, the secondary source will immediately become the primary. Traffic is exchanged only on the Active Port using its Mac address. Standby port only exchanges CDP/LLDP messages with its own Mac address. In case of active port failure, standby becomes active and exchanges traffic using the Mac address of the initial active port with very minimal traffic loss.
The CW9178I supports both single-homed and dual-homed deployment scenarios. In a dual-homed scenario, where the ethernet ports connect to two different switches, it is recommended to connect to switches in different Intermediate Distribution Frame (IDF), wherever possible. In a single-homed scenario, where the ethernet ports connect to the same logical switch (Stack Wise, Multi Layer switch), it is recommended to connect to two different stack members of the stack or to two different line cards. In both deployment scenarios, the switchports must be configured in the same VLAN.
Note: If the switchports are connected to switch ports belonging to different VLANs, then the switchover will not be seamless.
In LAG Deployment, AP will draw power on both the ports. Traffic is load-balanced on both the ports. The AP supports static LAG (mode on) or dynamic with LACP. The CW9178I supports deployment with one single physical or logical switch.
Note:
1. The default mode of operation of the CW9178I is non-LAG mode.
2. When the AP is configured in LAG mode, dual-home deployment is not supported.
3. The maximum aggregated throughput is 10 Gbps. So, even if the speed from both ports totals more than 10 Gbps, the performance will not be higher than 10 Gbps.
To view the status of the AP’s ports on the Catalyst 9800 UI, navigate to Configuration > Wireless > Access Points > [select the CW9178I AP] > Interfaces > Ethernet Interfaces. This table allows you to view the port speeds connected to the AP for both Ethernet0 and Ethernet1.
To configure LAG support for the AP, enable it on the Cisco Catalyst 9800 controller and the individual switches.
To configure LAG at the global level in the Cisco Catalyst 9800 controller GUI, navigate to Configuration > Wireless > Wireless Global and select AP LAG mode.
To configure LAG for an AP join profile, navigate to Configuration > Tags and Profiles > AP Join > [Select the AP Join Profile that CW9178I is associated with] > General and enable LAG Mode.
Note: By default, LAG mode is disabled on an AP join profile.
To verify that link aggregation is now enabled, navigate to Configuration > Wireless > Access Points > [select the Catalyst 9178I AP] > Interfaces > Link Aggregation (LAG). Both the AP LAG Configuration Status and AP LAG Operational Status should be Enabled.
To complete the LAG configuration, configure LAG on the switch too. This can be done either via static LAG configuration or via Link Aggregation Control Protocol (LACP). For more information on configuring LAG on a Cisco Catalyst switch, go to https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-15/configuration_guide/lyr2/b_1715_lyr2_9300_cg/configuring_etherchannels.html.
Note:
1. CW9178I does not support PAgP.
2. LAG can be configured only between two ports of the same speed. If the ports have differing speeds, it will not work, and the AP will default to the primary port (port0).
Recommendations and Limitations for Dual Ethernet Deployment
● The default mode of operation is non-LAG. In a non-LAG deployment, the two ethernet ports can be connected to the same switch (single-homed) or to two different switches (dual-homed). In the single-homed deployment, it is recommended to connect to
◦ the same switch
◦ two different members of a stack in a stack deployment, or
◦ two different line cards of a modular switch.
The switch ports in both single-homed or dual-homed deployments have to be in the same VLAN. If not, then link redundancy will not work and this will result in AP rejoining but with traffic loss.
● In LAG mode, dual-homed deployment is not supported. The 9178I AP has to be connected to the same physical or logical switch.
● AP port authentication with 802.1X or MAB is currently not supported for link redundancy in both non-LAG and LAG deployments. PoE redundancy will work with AP port authentication.
● Dual Ethernet deployment is not supported in SDA deployments for link redundancy with single or dual homed deploments. PoE redundancy will work in SDA deployments.
Table 7. AP Features Supported in Non-LAG and LAG modes
Feature |
Non LAG (Single Homed) |
Non LAG |
Non LAG |
LAG |
PoE Redundancy |
Yes
|
Yes
|
Yes
|
Yes
|
Link Redundancy |
Yes
|
Yes
|
Yes
|
Yes
|
CAPWAP Control Connection to WLC |
Yes
|
Yes
|
Yes
|
Yes
|
Datapath – Local Mode |
Yes
|
Yes
|
Yes
|
Yes
|
Datapath – Flex Mode |
Yes
|
Yes
|
Yes
|
Yes
|
Datapath – Fabric Mode |
Not supported*
|
Not supported*
|
Not supported
|
Not supported
|
802.1x Port Control |
Not supported*
|
Not supported*
|
Not supported at the switch
|
Not supported at the switch
|
MAB Authentication |
Not supported*
|
Not supported*
|
Not supported at the switch
|
Not supported at the switch
|
IP connectivity (ssh, syslog) |
Yes
|
Yes
|
Yes
|
Yes
|
Connectivity to Catalyst Cetner |
Yes
|
Yes
|
Yes
|
Yes
|
Connectivity to Cisco Spaces |
Yes
|
Yes
|
Yes
|
Yes
|
Note: Not supported* - Current limitation in the software. Limitation will be removed in the future.
The CW9178I is a unified product, global use access point, that can be deployed with Cisco Catalyst 9800 Wireless LAN Controller (a.k.a Catalyst Management Mode) or cloud-based deployment with Meraki Wireless Stack (a.k.a Meraki Management Mode) anywhere in the world, where it’s certified to use without the need for a regulatory domain specific SKU. This gives customers the flexibility and investment protection, when they decide to deploy the Access Point in any of the deployment model.
The CW9178I can discover the management mode based on the customer’s intent by the presence of cloud connectivity and discovery options based on DHCP and DNS. Once the Access Point discovers the controller, it can obtain its country specific regulation through 1) GPS/GNSS based geo-location, 2) proximity based discovery or 3) through a regulatory activation file for air-gapped deployments.
Please refer to the Wi-Fi 7 Global Use AP deployment guide for a detailed explanation and configuration options to achieve the desired management mode discovery. <Link TBD >
The CW9178I has four client serving radios. It can operate in a Tri-band Tri-Radio mode (2.4/5/6 GHz) or in Tri-band Quad-Radio mode (2.4/5/5/6 GHz) with two 5 GHz radio. When in Tri-Radio mode, the 5 GHz radio serves full band, covering all the allowed 5 GHz channels. When in Quad-Radio mode, the 5 GHz radio in Slot 1, serve UNII 1 &2 (Channels 36 to 64) and the 5 GHz radio in Slot 2, serves UNII 2E & 3 (Channels 100 to 165) in a Macro-Macro architecture.
By default, out-of-box, the AP operates in Tri-Radio mode.
All the CW9178I Aps can be converted to a Quad-Radio mode in one shot using the CLI
To individually convert the APs to Quad-Radio mode, navigate to Configuration > Wireless > Access Points > 5 GHz Radios, select Slot 1 of the CW9178, that needs to be converted to a Dual 5 GHz. Set Dual Radio Mode to Enabled.
To convert back to Single 5 GHz Radio, make the Admin Status of the subordinate Radio (Slot 2) to disabled. Then change the setting of Dual Radio Mode in Slot 1 to Disabled.
The IEEE developed the 802.11be amendment (a.k.a “Extremely High Throughput”) to the 802.11 standard, which the Wi-Fi alliance adopted the draft v3.0, as the basis for Wi-Fi 7 certification. The Wi-Fi 7 alliance planned to adopt a subset of features from the 802.11be amendment as part of their Release 1 certification, that was made available in January 2024. A second release with support for an incremental set of features is planned for Release 2 certification, slated for December of 2025.
Wi-Fi 7 offers many enhancements that will benefit enterprises, as well as end users by increasing speeds up to four times compared to Wi-Fi 6. In addition, it offers super low latency, more robust connection, higher spectral efficiency, better interference mitigation, more power-saving techniques, better roaming experience, and increased security.
Wi-Fi 7 in essence, brings in the following features.
● 4096 QAM (a.k.a 4K-QAM) – encodes the number of bits in a sub-carrier to 12 bits, in contrast to 10 bits encoded in a sub-carrier for 1024 QAM in Wi-Fi 6. This introduces two new MCS rates MCS 12 and 13. 4K QAM helps upto 20% higher data transmission rates. This is an optional feature for Wi-Fi 7 certification.
● 320 MHz Channel Width (at 6 GHz) - The max channel width is doubled to 320 MHz when compared to 160 MHz in Wi-Fi 6. With 1200 MHz spectrum space available in the 6 GHz band, it’s possible to achieve 3x 320 MHz wide channels. This is an optional feature for Wi-Fi 7 certification.
● Multi-link operation (a.k.a MLO) – enables aggregation of multiple bands or channels. With MLO, the Wi-Fi 7 Access Point and Client devices can can associate and simultaneously exchange traffic on multiple bands (or multiple channels in the same band if the access point has a dual 5 GHz radio). The distribution of traffic on different bands, help achieve higher throughput, reduced latency and improves reliability. This is a mandatory feature for Wi-Fi 7 certification.
● Preamble Puncturing - allows access points to ‘carve out’ or ‘puncture’ a portion of channel width that is affected by interference, resulting in the remaining channel being used for data transmission. This ensures optimal Wi-Fi performance especially when there is interference.This is a mandatory feature for Wi-Fi 7 certification.
● Multiple Resource Unit (a.k.a MRU) – improves the OFDMA technology (that was introduced in 802.11ax amendment/Wi-Fi 6). OFDMA allows sub-carriers in a channel bandwidth to be grouped into smaller portions called “Resource Units,” (RUs). These individual RUs are assigned to different stations, which allows access points to serve them simultaneously during uplink and downlink transmissions. In Wi-Fi 6, access points assign only a single RU to each wireless client. Wi-Fi 7 allows multiple resource units (MRUs) to be assigned to each wireless client. MRUs enhance spectral efficiency and interference mitigation. This is a mandatory feature for Wi-Fi 7 certification.
The next sections details the configuration steps needed to enable 802.11be and the other features.
In the Cisco Catalyst 9800 controller GUI, navigate to Configurations > Radio Configurations > High Throughput, and choose Enable 11be for the bands where 802.11be is needed, and click Apply.
Note:
1. It is recommended to enable this for all the bands.
2. If 802.11be is enabled, MLO gets enabled too. This MLO setting is not independent and of the 802.11be configuration..
The channel width for the 6 GHz band, could be set to a maximum of 320 MHz in DBS channel width, for RRM to issue out a 320 MHz channel width, when its algorithm finds it conducive to issue a larger channel width.
From Configuration > Tags & Profiles > RF/Radio, edit the 6 GHz RF Profile to include 320 MHz as the max channel width.
A specific AP could be statically configured for 320 MHz on the access point configuration page.
Navigate to Configuration > Wireless > Access Points > 6 GHz Radios, select the AP, change the RF channel assignment to Custom and select 320 MHz as the channel width.
Preamble puncturing is supported for 80 MHz or higher channel widths. For an 80 MHz, only 20 MHz is allowed to the punctured. The following table lists the allowed preamble puncturing options.
Table 8. Software Interoperability
Channel Width |
Allowed Puncturing |
20 and 40 MHz |
Puncturing not allowed |
80 MHz |
20 MHz |
160 MHz |
20 or 40 MHz |
320 MHz |
40, 80 or 40 + 80 MHz |
To enable Preamble Puncturing, navigate to Configuration > Tags & Profiles > RF/Radio > edit the RF Profile of the 5 GHz and 6 GHz bands and enable Preamble Puncturing under the 802.11be tab.
Wi-Fi 7 mandates the support for WPA3 and Enhanced Open (based on OWE) along with Protected Management Frame (PMF) for the clients to operate in 802.11be data rates and features like MLO. There are new AKMs (AKM 24 and 25) added for WPA3-Personal. Additionally, Wi-Fi 7 requires beacon protection for both the AP and the Wireless Clients. With MLO, security needs to be established across all the links of a multi-link association. The security requirements is to mainly make the Wi-Fi networks more secure and protect against cyberattacks.
The following table lists the security requirements for Wi-Fi 7 and comparison with previous Wi-Fi generations.
The security requirements for Wi-Fi 7 may necessitate a design change of the WLANs in the current deployment. There are a few options that the customer can consider, while implementing Wi-Fi 7.
Option 1 – Reconfigure the existing WLANs to WPA3/Enhanced Open, along with the required AKMs and Ciphers – i.e. one SSID for all radio policies. While this makes the WLAN most secure, there are practical difficulties in implementation, as many existing clients may not support WPA3 and PMF.
Option 2 – Add new SSIDs with the new security requirement for Wi-Fi 7 and have the newer clients associate to this SSID. This is an easy and flexible approach. The downside to this is maintaining additional SSIDs.
Option 3 – Migrate the SSIDs to Transition Mode – OWE Transition and WPA3 Transition. This is a conservative approach, taking one step to make the WLANs more secure and allowing newer clients with WPA3 security and older clients with WPA2 security to co-exist.
In the below section, you can find the configuration details for Option 3.
Requirements for Wi-Fi 7: OWE, AKM 18, Cipher CCMP128 or GCMP 256.
Recommendation: Configure OWE Transition.
Configure two SSIDs.
SSID #1 with OWE, Broadcast disabled. Select WPA3 as the security, with AKM as OWE and Cipher as CCMP128 and GCMP256. Attach to all radio policies.
SSID #2 with Open, Broadcast enabled. Select Open as the security and map this WLAN to the OWE WLAN created above (SSID #1). Attach the radio policy to 2.4 and 5 GHz.
Older clients connect with “open” security on 2.4 or 5 GHz bands. Newer Wi-Fi 7 clients connect with “OWE” security on 2.4/5/6 GHz and can perform Multi-link operation (MLO).
Note: Very old clients with outdated drivers may have difficulty in associating to OWE Transition Mode. It’s highly recommended to update the drivers and test the clients in the environment.
Requirements for Wi-Fi 7: AKM 24 or 25, Cipher CCMP128 or GCMP 256.
Recommendation: Configure WPA3 Transition (WPA2 + WPA3 Mixed Mode).
Configure the SSID to be WPA2 + WPA3 security type. Select AKM as PSK, SAE and SAE-EXT-KEY. Cipher as CCM128 and GCMP256. PMF as Optional. Use the same password.
Note: If FT is enabled, select FT+PSK, FT+SAE and FT+SAE-EXT-KEY.
Wi-Fi 7 clients connect with WPA3/SAE-EXT-KEY or WPA3/FT-SAE-EXT-KEY with PMF
Wi-Fi 6E clients connect with WPA3/SAE or WPA3/FT-SAE with PMF
Wi-Fi 6 clients that support WPA3 connect with WPA3/SAE or WPA3/FT-SAE with PMF in 2.4 /5 GHz bands.
Note:
1. Wi-Fi 7 needs AKM 24 or 25 as per specification. The initial clients in the market seem to negotiate 11be rates/MLO even with AKM 8 & 9. This may change in the future, when client driver implementation gets stricter.
2. If very old clients that still use WPA1 are present in the network, then the recommendation is to have those clients in a separate SSID.
Requirements for Wi-Fi 7 : AKM 3 or 5, Cipher CCMP128 (For most common deployments)
Recommendation : Configure WPA3 Transition (WPA2 + WPA3 Mixed Mode).
Configure the SSID to be WPA2 + WPA3 security type. Select AKM as 802.1x-SHA256 and 802.1x.
Note: If FT is enabled, select AKM as FT+802.1x.
On the client side that support WPA3, configure WPA3 Enterprise. Wi-Fi 7 clients will use the settings to connect to any band with MLO. For Wi-Fi 6E clients, they will prefer connecting to 6 GHz band and Wi-Fi 6 clients will connect to 5 or 2.4 GHz band. For clients that don’t support WPA3, configure a WPA2 profile.
Note: Very old clients with outdated drivers may have difficulty in associating to WPA3 Transition Mode. It’s highly recommended to update the drivers and test the clients in the environment.
The Cisco Catalyst 9800 GUI now displays the MLO capability and client statistics. From the main dashboard or Monitoring > Clients, select a client listed in the Protocol column as “11be (MLO)”.
In the 360 View, the client’s MLO capability is indicated along with the number of radio slots it is associated to. In the example below, the client is associated to 2 radio slots.
Click on the link to view the details, client propertis, security information and client statistics.
Migration between Management Modes
The Cisco Wireless CW9178I is a Global Use, Unified Product and can convert from the Cisco Catalyst management mode to the Meraki management mode and vice versa. This Unified Product gives you the flexibility of being deployed in a Catalyst 9800 WLC based deployment or cloud based Meraki deployment. It also provides investment protection for the future in case you want to switch between the two management options anytime from Day 1 to Day N.
Starting with Wi-Fi 7 Access Points, the Meraki Serial Number has been renamed to “Cloud ID”. There is no functional change to how this was used in the previous generation product.
The CW9178I can be converted from Catalyst Management Mode to Meraki Management Mode through a simple work flow in C9800 WLC UI.
The following are the step to perform the conversion process.
1. Start the conversion workflow from Configuration à Wireless à Migrate to Meraki Management Mode.
2. Select the APs you want to convert and click Migrate to Meraki Management Mode.
3. The controller will then validate the APs. Select Next.
4. Confirm the change on the selected Access Points.
5. Export or download the data to be copied to Meraki Dashboard. The data can be exported in multiple formats – Serial Number, JSON or Export to Meraki Dashboard.
6. Add devices in Meraki Dashboard. Follow the Meraki Claim process.
7. Once devices and claimed, the AP will appear in the dashboard in few minutes.
8. To convert an AP from Meraki Management Mode to Catalyst Management Mode, select the AP that you want to migrate and click on “Migrate to WLC”.
Wi-Fi 6E added 6 GHz spectrum for unlicensed use of Wi-Fi, and with it came new challenges for RF visibility and much more spectrum to monitor. In the past, the Catalyst 9100 APs relied on Cisco CleanAir® (software) and the RF-ASIC (hardware) for features such as packet capture, spectrum analysis, interference detection, and rogue and wireless intrusion prevention system (WIPS) detection. CleanAir and the RF-ASIC were great for RF visibility for the 2.4- and 5-GHz bands; however, with 6 GHz, Cisco CleanAir Pro and the AI/ML-driven scanning radio are being introduced to increase the performance and granularity required to manage this new spectrum (all 1200 MHz of it).
CleanAir Pro is software designed specifically for 6 GHz and the all-new challenges that have come with the introduction of 1200 MHz of spectrum. While many features work in conjunction with the AI/ML-driven scanning radio, CleanAir Pro also works with the Catalyst 9178I APs’ serving radios. Unlike previous generations of APs, CleanAir Pro can even decode extremely high throughput (EHT, 802.11be) frames, which is crucial since Wi-Fi 7 EHT frames. In the future, there will even be an ML-based interferer classification built directly into the AP software for more efficient interferer analysis, rather than loading the WLC or Cisco Catalyst Center.
Internet of Things Integration
IoT Services with Cisco Spaces
The Catalyst CW9178I have a built-in IoT radio that can be used in conjunction with the IoT Services platform service in Cisco Spaces. IoT Services is designed to enable management of Internet of Things (IoT) devices across vendors, form factors, and technology protocols.
Within IoT Services, you can enable a CW9178I to be in Scan mode or Transmit mode. In Transmit mode, the AP can broadcast iBeacon, Eddystone URL, and Eddystone UID profiles. While in Scan mode, the AP can scan the vicinity for other BLE devices and receive telemetry data from floor beacons, which can be decoded in Cisco Spaces.
The CW9178I can manage and configure wireless IoT devices if you enable the Advanced AP Gateway feature, which installs a Cisco IOx application on the access point. This saves the user the trouble of having several gateways across different vendors.
The figure below depicts the telemetry data received from a BLE device that is decoded in Cisco Spaces.
The figure below depicts how BLE data is sent from the Cisco Wireless CW9178I to Cisco Spaces.
The built-in IoT radio require Cisco Spaces and IoT Services to be configured. Please use the following guides for configuring Cisco Spaces and IoT Services.
https://www.cisco.com/c/en/us/td/docs/wireless/cisco-dna-spaces/iot-services/b_iot_services.html
To enable the IoT radio or environmental sensors in Cisco Spaces, go to the specific access point in IoT Services in Cisco Spaces and select the feature to turn on or bulk-enable each feature in the AP Beacons page.
The figures below depict how to enable or disable the IoT radio or environmental sensors on Cisco Spaces through a specific access point.
To learn more about Smart Workspaces or to request a demo, visit https://dnaspaces.cisco.com/smart-workspaces/
The Cisco Wireless CW9178I supports Site Survey mode. The purpose of this mode is to allow users to conduct wireless site survey testing using a single access point, including understanding RF propagation, client join metrics, and so on, without the need for a controller. This mode converts the AP into a limited standalone mode, enabling it to broadcast 2.4-, 5-, and 6-GHz SSIDs and allowing wireless clients to join via an internal Dynamic Host Configuration Protocol (DHCP) pool. Site Survey mode provides all the control needed to configure and conduct a site survey. It lets users bring the AP into any environment with either a power source or battery backup and conduct a site survey test.
When the CW9178I is in Site Survey mode, you will be able to access the AP’s WebUI for each configuration and view various RF metrics for RF coverage and planning. These configurations include channel number, channel width, Tx power, SSID, and data rates.
The steps below describe how to convert a CW9178I AP into Site Survey mode:
1. Change the AP to Site Survey mode. Enter command “ap site-survey”
2. After booting up, the AP is automatically assigned a static IP of 10.0.23.1.
3. The AP will start broadcasting the C9178_site_survey SSID with open/OWE security.
4. Connect your wireless client with the C9178_site_survey SSID and it will receive an IP from 10.0.23.0/24.
5. Access the AP’s Site Survey WebUI via 10.0.23.1.
6. The first time, the default username and password are admin/admin. You will be directed to reset that insecure password on the first login.
7. When done, convert your AP back to CAPWAP mode to join the controller again. Enter command “ap capwap”
Note:
1. If an AP is converted to Site Survey mode while connected to a WLC, it will disjoin and go into standalone mode.
2. For the above mentioned Site Survey functionality, the AP should have joined a Catalyst 9800 WLC atleast once. When the AP is in Day 0 mode, the CLI to convert the AP to Site Survey mode is not present.
3. The AP carries over the country code configured, while it was connected to the Catalyst 9800 WLC.