Index

Numerics

11n Mode parameter 4-34

1250 series access points

and PoE Status field 7-99

operating modes when using PoE 7-97

3DES IPSec data encryption 5-9

7920 AP CAC parameter 6-39

7920 Client CAC parameter 6-39

7920 support mode

configuring 6-38

described 6-38

7921 support mode 6-38

802.11a (or 802.11b) > Client Roaming page 4-62

802.11a (or 802.11b) > Video Parameters page 4-77

802.11a (or 802.11b) > Voice Parameters page 4-75

802.11a (or 802.11b/g) > EDCA Parameters page 4-88

802.11a (or 802.11b/g) Global Parameters > Auto RF page 11-9

802.11a (or 802.11b/g) Global Parameters page 4-29, 11-44

802.11a (or 802.11b/g) Network Status parameter 4-30, 4-38, 4-39

802.11a/n (4.9 GHz) > Configure page 8-59

802.11a/n (or 802.11b/g/n) Cisco APs > Configure page 11-29

802.11a/n (or 802.11b/g/n) Radios page 4-81, 11-28, 11-40

802.11a/n Cisco APs > Configure page 11-41

802.11a/n Radios page (from Monitor Menu) 7-13

802.11a/n Radios page (from Wireless Menu) 7-14

802.11a > Pico Cell page 11-49

802.11a > Pico Cell page with pico cell mode V2 parameters 11-49

802.11a > RRM > Coverage page 11-18

802.11a > RRM > DCA page 11-14

802.11a > RRM > Dynamic Channel Assignment (DCA) page 11-14

802.11a > RRM > General page 11-19

802.11a > RRM > Tx Power Control (TPC) page 11-11

802.11a Global Parameters page 11-40

802.11b/g/n Cisco APs > Configure page 7-86, D-49

802.11 bands

configuring using the CLI 4-31 to 4-33

configuring using the GUI 4-29 to 4-31

802.11g Support parameter 4-30

802.11h, described 4-38

802.11h Global Parameters page 4-38

802.11h parameters, configuring

using the CLI 4-39

using the GUI 4-38 to 4-39

802.11n

clients 7-102

configuring

using the CLI 4-35 to 4-38

using the GUI 4-33 to 4-35

devices 4-33

802.11n (2.4 GHz) High Throughput page 4-34

802.1Q VLAN trunk port 3-6

802.1X

configuring 6-24

described 6-25

dynamic key settings 6-24

802.1X+CCKM

configuring 6-27

described 6-26

802.1X authentication for access points

configuring

the switch 7-23

using the CLI 7-21 to 7-23

using the GUI 7-19 to 7-21

described 7-18

802.1x Authentication parameter 7-20

802.3 bridging

configuring using the CLI 4-54

configuring using the GUI 4-53 to 4-54

802.3 Bridging parameter 4-54

802.3 frames 4-53

802.3X flow control, enabling 4-52

A

AAA override

configuring

using the CLI 5-83

using the GUI 5-83

described 5-81

AC adapter warning for Japan B-7

Access Control List Name parameter 5-59

access control lists (ACLs)

applying to an interface

using the CLI 5-67

using the GUI 5-62

applying to a WLAN

using the CLI 5-67

using the GUI 5-63 to 5-64

applying to the controller CPU

using the CLI 5-67

using the GUI 5-63

configuring

using the CLI 5-65 to 5-66

using the GUI 5-58 to 5-61

configuring for the debug facility D-43 to D-44

counters

configuring using the CLI 5-65

configuring using the GUI 5-58

described 5-57

identity networking 5-79

rules 5-57, 5-59, 5-66

using with the debug facility D-42 to D-43

Access Control Lists > Edit page 5-61

Access Control Lists > New page 5-58

Access Control Lists > Rules > New page 5-59

Access Control Lists page 5-58

Access Mode parameter 4-44, 4-46

access point core dumps, uploading

using the CLI 7-45

using the GUI 7-44

access point count, approved tiers for 5500 series controllers 4-4

access point event logs, viewing D-15

access point groups

assigning access points to

using the CLI 6-59

using the GUI 6-57

creating

using the CLI 6-57 to 6-59

using the GUI 6-54 to 6-57

default group 6-54

described 6-52

illustrated 6-53

removing

using the CLI 6-58

using the GUI 6-55

viewing 6-59 to 6-60

access point monitor service, debugging D-52

access point radios, searching for 7-13 to 7-14

access points

20-MHz channelization 11-29

40-MHz channelization 11-29

assisted roaming 4-61

authorization list 7-33

authorizing

using LSCs 7-28 to 7-32

using MICs 7-27

using SSCs 7-27

using the CLI 7-33

using the GUI 7-32

configuring hybrid REAP using the CLI 13-14 to 13-15

converting to mesh access points 8-55

embedded 7-24

guidelines for operating in Japan B-6, B-7

LEDs

configuring 7-101

interpreting D-2

migrating from the -J regulatory domain to the -U regulatory domain 7-80 to 7-83

number supported per controller 3-5

priming 7-7

regulatory information B-2 to B-10

rules for operating in Taiwan B-8 to B-9

searching for 7-10 to 7-13

supported for use with hybrid REAP 13-2

supporting oversized images 7-48 to 7-49

troubleshooting

the join process 7-34 to 7-41

using Telnet or SSH D-50 to D-52

VCI strings 7-34

verifying that they join the controller 7-9

viewing join information

using the CLI 7-39 to 7-41

using the GUI 7-36 to 7-39

viewing multicast client table 4-60

Accounting Server parameters 6-65

accounting servers, disabling per WLAN 6-64

ACL. See access control lists (ACLs)

ACL Name parameter 5-62, 5-63

ACS server configuration page 6-62

Action parameter 5-61

active exploits 5-128

Add AAA Client page (on CiscoSecure ACS) 5-5, 5-21

Add AP button 13-18

Add New Rule button 5-59

Add Web Server button 10-21

AdHoc Rogue AP parameter 5-88

administrator access 4-41

administrator usernames and passwords, configuring 4-41

Admin Status parameter 3-24, 3-25

Admission Control (ACM) parameter 4-76, 4-77

AES CBS IPSec data encryption 5-9

AES-CCMP 6-25

AES parameter 6-27

Aggregated MAC Protocol Data Unit (A-MPDU) 4-36

Aggregated MAC Service Data Unit (A-MSDU) 4-36

aggregation method, specifying 4-36

aggressive load balancing 4-47

AirMagnet Enterprise Analyzer D-47

Aironet IE parameter 6-29, 6-50

Aironet IEs

configuring using the CLI 6-52

configuring using the GUI 6-50

Airopeek D-47

Alarm Trigger Threshold parameter 11-37

All APs > Access Point Name > Link Details > Neighbor Name page 8-53

All APs > Access Point Name > Mesh Neighbor Stats page 8-53

All APs > Access Point Name > Neighbor Info page 8-52

All APs > Access Point Name > Statistics page 8-47

All APs > Access Point Name > VLAN Mappings page 13-13

All APs > Details (Advanced) page

configuring CDP 4-94

All APs > Details for (Advanced) page 7-4, 7-44, D-51

configuring country codes 7-77

configuring link latency 7-94

configuring PoE 7-98

All APs > Details for (Credentials) page 7-16, 7-20, 7-53

All APs > Details for (General) page 7-47, 7-51, 13-12

All APs > Details for (High Availability) page 7-51, 7-69, 7-73

All APs > Details for (H-REAP) page 7-52, 13-12

All APs > Details for (Inventory) page 7-90

All APs > Details for page D-48, D-53

All APs > Details page 8-19, 8-35, 11-37

All APs page 7-10, 8-46, 11-36, 13-12

Allow AAA Override parameter 5-83

AnchorTime parameter 11-15

anonymous local authentication bind method 5-36, 5-39

Anonymous Provision parameter 5-46

Antenna Gain parameter 11-31

Antenna parameter 11-30

Antenna Type parameter 11-30

AP > Clients > Traffic Stream Metrics page 4-82

AP > Clients page 4-82

AP801 access point

described 7-24

using with a controller 7-24

AP Authentication Policy page 5-70, 11-37

AP Core Dump parameter 7-44

ap-count evaluation licenses, activating

using the CLI 4-19 to 4-20

using the GUI 4-17 to 4-19

ap-count license. See licenses

AP Ethernet MAC Addresses parameter 7-29

AP Failover Priority parameter 7-73

AP Group Name parameter 6-55

AP Groups > Edit (APs) page 6-57

AP Groups > Edit (General) page 6-56

AP Groups > Edit (WLANs) page 6-56, 6-71

AP Groups page 6-54, 6-70

AP Join Stats Detail page 7-39

AP Join Stats page 7-37

AP-manager interface

and dynamic interfaces 3-10

configuring

using the CLI 3-16 to 3-17

using the GUI 3-12 to 3-15

creating multiple interfaces

using the CLI 3-44

using the GUI 3-42 to 3-43

described 3-8

illustration

of four AP-manager interfaces 3-42

of three AP-manager interfaces 3-41

of two AP-manager interfaces 3-40

using multiple 3-39 to 3-44

AP Mode parameter 7-51, 11-37, 13-12, D-48

AP Name parameter 6-57

AP Policies page 7-32

AP Primary Discovery Timeout parameter 7-68

ASLEAP detection 5-128

Assignment Method parameter 11-29, 11-31

asymmetric tunneling

described 12-26

illustrated 12-26

authenticated local authentication bind method 5-36, 5-39

Authentication Protocol parameter 4-46

Auth Key Mgmt parameter 6-27

Authority ID Information parameter 5-46, 13-22, 13-23

Authority ID parameter 5-46, 13-22

Authorize LSC APs against auth-list parameter 7-32

Authorize MIC APs against auth-list or AAA parameter 7-32

authorizing access points

using the CLI 7-33

using the GUI 7-32

auto-anchor mobility

configuring

using the CLI 12-23 to 12-24

using the GUI 12-21 to 12-23

guidelines 12-21

overview 12-20 to 12-21

auto-immune feature 5-109

AutoInstall

described 2-26, 2-29

example operation 2-29

obtaining

DHCP addresses for interfaces 2-27

TFTP server information 2-27

overview 2-26

selecting configuration file 2-28

using 2-26

Average Data Rate parameter 4-67, 4-70

Average Real-Time Rate parameter 4-67, 4-71

Avoid Cisco AP Load parameter 11-15

Avoid Foreign AP Interference parameter 11-15, 12-18

Avoid Non-802.11a (802.11b) Noise parameter 11-15

B

Backhaul Client Access parameter 8-59

backup controllers

configuring

using the CLI 7-70 to 7-72

using the GUI 7-68 to 7-69

described 7-67

Back-up Primary Controller IP Address parameter 7-68

Back-up Primary Controller Name field 7-68

Back-up Secondary Controller IP Address parameter 7-69

Back-up Secondary Controller Name parameter 7-69

band selection 4-49

bandwidth-based CAC

described 4-73

enabling

using the CLI 4-83

using the GUI 4-76

for mesh networks 8-40

base license. See licenses

Base MAC Address parameter 3-30

Beacon Period parameter 4-30

beamforming

configuring

using the CLI 11-41 to 11-42

using the GUI 11-40 to 11-41

described 11-39

guidelines 11-39

Beamforming parameter 11-40, 11-41

Bind Password parameter 5-36

Bind Username parameter 5-36

Bridge Data Rate parameter 8-35

Bridge Group Name parameter 8-35

bridge protocol data units (BPDUs) 3-27

bridging parameters

configuring using the CLI 8-37 to 8-39

configuring using the GUI 8-35 to 8-37

browsers supported 2-16

Buffered Log Level parameter D-10

Burst Data Rate parameter 4-67, 4-71

Burst Real-Time Rate parameter 4-67, 4-71

C

CAC

configuring for 7920 phones 6-38

described 4-73

enabling

using the CLI 4-84

using the GUI 4-77

in mesh networks 8-39

viewing in mesh networks 8-42 to 8-44

viewing using the CLI 4-85

Canadian compliance statement B-3

CAPWAP

and mesh access points 8-8

cascading 11-6

CA Server URL parameter 7-28

Catalyst 3750G Integrated Wireless LAN Controller Switch

described 1-12

logical connectivity diagram and associated software commands E-4 to E-5

ports 3-3, 3-4, 3-5

CCA Sensitivity Threshold parameter 11-50

CCKM

configuring 6-27

described 6-25

hybrid-REAP groups 13-17

with mobility 12-7

CCX

configuring Aironet IEs

using the CLI 6-52

using the GUI 6-50

described 6-49

link test 7-90

viewing a client’s version

using the CLI 6-52

using the GUI 6-50 to 6-51

CCX Layer 2 client roaming

configuring

using the CLI 4-64

using the GUI 4-62 to 4-64

debugging using the CLI 4-64

described 4-61 to 4-62

obtaining information using the CLI 4-64

CCX radio management

configuring

using the CLI 11-45

using the GUI 11-44 to 11-45

debugging using the CLI 11-47

features 11-43

hybrid-REAP considerations 11-43

obtaining information using the CLI 11-46 to 11-47

CCXv5 clients

enabling location presence 4-110

troubleshooting D-26 to D-42

CCXv5 Req button D-33

CCX Version parameter 6-51

CDP > AP Neighbors > Detail page 4-97

CDP > AP Neighbors page 4-96

CDP > Global Configuration page 4-93

CDP > Interface Neighbors > Detail page 4-95

CDP > Interface Neighbors page 4-95

CDP > Traffic Metrics page 4-97

CDP Advertisement Version parameter 4-93

CDP AP Neighbors page 4-96

CDP Protocol Status parameter 4-93

CDP State parameter 4-94

Certificate Authority (CA) certificates

downloading

using the CLI 9-23 to 9-24

using the GUI 9-22

overview 9-22

using with local EAP 5-42, 5-47

Certificate File Name parameter 10-8

Certificate File Path parameter 10-8

Certificate Issuer parameter 5-45

Certificate Password parameter 9-20, 10-9

Certificate Type parameter 7-33

Change Filter link 7-10, 7-14, 7-37

Change Rules Priority parameter 5-93

Channel Announcement parameter 4-38

Channel Assignment Leader parameter 11-16

Channel Assignment Method parameter 11-14

channel bonding in the 5-GHz band 11-30

Channel parameter 11-28, D-49

Channel Quiet Mode parameter 4-38

channels

statically assigning using the CLI 11-32

statically assigning using the GUI 11-28 to 11-32

Channel Scan Duration parameter 11-20

Channel Width parameter 11-16, 11-29

Check Against CA Certificates parameter 5-45

Check Certificate Date Validity parameter 5-45

chokepoints for RFID tag tracking 4-101

CIDS Sensor Add page 5-107

CIDS Sensors List page 5-106

CIDS Shun List page 5-110

ciphers

configuring 6-27, 6-28

described 6-26

Cisco 2100 Series Wireless LAN Controllers

AutoInstall interfaces 2-27

described 1-8

FCC statement B-10

features not supported 1-8

network connections 1-16

ports 3-2, 3-4

Cisco 28/37/38xx Integrated Services Router

described 1-12

logical connectivity diagram and associated software commands E-3

ports 3-4, 3-5, 4-116

versions 1-12

Cisco 3200 Series Mobile Access Router (MAR)

described 8-58

operating with mesh access points

using the CLI to configure 8-60

using the GUI to configure 8-59

Cisco 3300 Series Mobility Services Engine (MSE), using with wIPS 5-123

Cisco 4400 Series Wireless LAN Controllers

AutoInstall interfaces 2-27

choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43

described 1-9

FCC statement B-10

models 3-4 to 3-5

network connections 1-16 to 1-17

ports 3-2, 3-4, 3-5

Cisco 5500 Series Wireless LAN Controllers

choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43

CPUs D-5

described 1-9

FCC statement B-10

features not supported 1-10

interface configuration example 3-45

licenses. See licenses

models 3-5

multiple AP-manager interfaces 3-44 to 3-45

network connections 1-17

ports 3-3, 3-5

using the USB console port 3-33 to 3-34

Cisco 7920 Wireless IP Phones 6-38

Cisco 7921 Wireless IP Phones 6-38

Cisco Adaptive Wireless Path Protocol (AWPP) 8-8

Cisco AV-pairs 6-60, 6-61, 6-62

Cisco Centralized Key Management (CCKM). See CCKM

Cisco Clean Access (CCA) 6-66

Cisco Client Extensions (CCX). See CCX

Cisco Discovery Protocol (CDP)

configuring

using the CLI 4-98 to 4-99

using the GUI 4-93 to 4-94

debugging using the CLI 4-100

described 4-90

enabling using the GUI 4-93 to 4-94

sample network 4-92

supported devices 4-90

viewing neighbors

using the CLI 4-99 to 4-100

using the GUI 4-94 to 4-98

viewing traffic information

using the CLI 4-99

using the GUI 4-97

Cisco Discovery Protocol parameter 4-94

Cisco high-power switches 7-99

Cisco License Manager (CLM)

and the controller license agent 4-26

using to register PAKs 4-6

Cisco Licensing website 4-21

Cisco Logo parameter 10-14

Cisco NAC Appliance 6-66

CiscoSecure Access Control Server (ACS) 5-4

Cisco Unified Wireless Network (UWN) Solution

described 1-2 to 1-4

illustrated 1-3

Cisco Wireless Control System (WCS) 1-2

Cisco WiSM

configuring the Supervisor 720 4-114 to ??

guidelines 4-114

logical connectivity diagram and associated software commands E-2 to E-3

maximum number supported by router chassis 1-11

ports 3-4, 3-5

SSC key-hash 7-26

CKIP

configuring

using the CLI 6-30

using the GUI 6-29 to 6-30

described 6-29

Clear Config button 7-58

Clear Filter link 6-8, 7-13, 7-14, 7-38

clearing the controller configuration 9-34

Clear Stats button 12-19

Clear Stats on All APs button 7-37

CLI

basic commands 2-26

enabling wireless connections 2-36

logging into 2-23 to 2-25

logging out 2-25

navigating 2-25

troubleshooting commands D-6 to D-8

using 2-23 to 2-26

Client Certificate Required parameter 5-45

client exclusion policies, configuring

using the CLI 5-76 to 5-77

using the GUI 5-75 to 5-76

Client Exclusion Policies page 5-76

ClientLink. See beamforming

client location, using WCS 1-7

client MFP 5-68

Client Protection parameter 5-72

client reporting

configuring using the CLI D-35 to D-39

configuring using the GUI D-32 to D-35

described D-26

Client Reporting page D-34

client roaming, configuring 4-60 to 4-65

clients

connecting to WLANs 13-15

viewing

using the CLI 7-105

using the GUI 7-102 to 7-105

viewing CCX version

using the CLI 6-52

using the GUI 6-50 to 6-51

Clients > AP > Traffic Stream Metrics page 4-80

Clients > AP page 4-80

Clients > Detail page

configuring client reporting D-33

viewing a client’s CCX version 6-51

viewing client details 7-65, 7-104

viewing the status of workgroup bridges 7-64

viewing voice and video settings 4-79

Clients page

performing a link test 7-92

viewing clients 7-102

viewing the status of workgroup bridges 7-64

viewing voice and video settings 4-78

Client Type parameter 7-64, 7-65

Commands > Reset to Factory Defaults page 4-116

comma-separated values (CSV) file, uploading 13-21

Community Name parameter 4-44

conditional web redirect 6-60

configuring

using the CLI 6-63

using the GUI 6-62 to 6-63

described 6-60

Conditional Web Redirect parameter 6-63

Configuration File Encryption parameter 9-30

configuration files

downloading

using the CLI 9-31 to 9-32

using the GUI 9-29 to 9-30

editing 9-33 to 9-34

uploading

using the CLI 9-28 to 9-29

using the GUI 9-27 to 9-28, ?? to 9-29, ?? to 9-30, ?? to 9-32

configuration wizard

CLI version 2-13 to 2-16

described 2-2

GUI version 2-3 to 2-13

Configuration Wizard - 802.11 Configuration page 2-11

Configuration Wizard Completed page 2-13

Configuration Wizard - Management Interface Configuration page 2-6

Configuration Wizard - Miscellaneous Configuration page 2-7

Configuration Wizard - Service Interface Configuration page 2-5

Configuration Wizard - Set Time page 2-12

Configuration Wizard - SNMP Summary page 2-4, 2-6

Configuration Wizard - System Information page 2-3

Configuration Wizard - Virtual Interface Configuration page 2-8

Configure option for RRM override 11-28

Confirm Password parameter 13-10

Console Log Level parameter D-10

console port

connecting 2-2 to 2-3

Control and Provisioning of Wireless Access Points protocol (CAPWAP) 1-6

debugging 7-6

described 7-2

guidelines 7-2

viewing MTU information 7-5

controller failure detection time, reducing 7-67

controller network module

baud rate 3-4

versions 3-5

controllers

configuration

clearing 9-34

erasing 9-34

saving 9-32

connections 1-13

discovery process 7-6

guidelines for operating in Japan B-6 to B-7

multiple-controller deployment 1-4

overview 1-7

resetting factory default settings

using the GUI 4-116

single-controller deployment 1-3 to 1-4

synchronizing with location appliance 4-106

types of memory 1-14

upgrading software

using the CLI 9-9 to 9-11

using the GUI 9-6 to 9-8

Controller Spanning Tree Configuration page 3-30

Controller Time Source Valid parameter 5-72

Control Path parameter 12-23

core dump files

described D-18

uploading automatically to an FTP server

using the CLI D-20

using the GUI D-19

uploading from a 5500 series controller to a TFTP or FTP server D-20 to D-21

Core Dump page D-19

Country Code parameter 7-77

country codes

configuring

using the CLI 7-78 to 7-80

using the GUI 7-76 to 7-77

described 7-75

Japanese 7-81

viewing using the CLI 7-79

Country page 7-76

Coverage Exception Level per AP parameter 11-18

coverage hole detection

configuring per controller

using the CLI 11-23

using the GUI 11-17 to 11-19

disabling on a WLAN

described 6-65

using the CLI 6-66

using the GUI 6-65 to 6-66

coverage hole detection and correction 11-4

Coverage Hole Detection Enabled parameter 6-65

CPU Access Control Lists page 5-63

CPU ACL Mode parameter 5-63

CPUs, 5500 series controllers D-5

crash files

uploading

using the CLI D-17 to D-18

using the GUI D-16 to D-17

Current Channel parameter 11-31

Custom Signatures page 5-115

D

data encryption

and OfficeExtend access points 7-55

configuring

using the CLI 7-4 to 7-5

using the GUI 7-3 to 7-4

described 7-3

for OfficeExtend access points 7-52

Data Encryption parameter 7-4, 7-52

Data Path parameter 12-23

Data Rates parameter 4-31

date

configuring manually 2-30

configuring through NTP server 2-30

setting

using the CLI 2-32

using the GUI 2-30

DCA Channel Sensitivity parameter 11-15

DCA Channels parameter 11-16

debug commands, sending 7-41

debug facility

configuring D-43 to D-46

described D-42 to D-43

output D-44 to D-45

default enable password 7-15

default-group access point group 6-54

Default Mobility Group parameter 12-11

Default Routers parameter 6-13

Delivery Traffic Indication Map (DTIM). See DTIM period

Deny Counters parameter 5-61

Description parameter 5-34, 8-14, 13-10

Designated Root parameter 3-30

DES IPSec data encryption 5-9

Destination parameter 5-59

Destination Port parameter 5-60

Detect and Report Ad-Hoc Networks parameter 5-88

device certificates

downloading

using the CLI 9-21

using the GUI 9-19 to 9-21

overview 9-19

using with local EAP 5-42, 5-47

DHCP

configuring using the CLI 6-11

configuring using the GUI 6-10

debugging 6-12

DHCP Addr. Assignment Required parameter 6-11

DHCP Allocated Lease page 6-14

DHCP option 43, in controller discovery process 7-7

DHCP option 82

configuring

using the CLI 5-56 to 5-57

using the GUI 5-56

described 5-55

example 5-55

DHCP Option 82 Remote ID Field Format parameter 5-56

DHCP Parameters page 4-40, 5-56

DHCP proxy

configuring

using the CLI 4-41

using the GUI 4-40

described 4-40

DHCP Scope > Edit page 6-13

DHCP scopes

configuring

using the CLI 6-14 to 6-16

using the GUI 6-12 to 6-14

described 6-12

DHCP Scopes page 6-12

DHCP server discovery 7-7

DHCP Server IP Addr parameter 6-11

DHCP Server Override parameter 6-11

DHCP servers

external 6-9 to 6-10

internal 6-9

diagnostic channel

configuring

using the CLI D-28 to D-32

using the GUI D-27

described D-26

Diagnostic Channel parameter D-27

directed roam request 4-62

Direction parameter 5-60

disabled clients, configuring a timeout 6-17

discovery request timer, configuring 7-71

distribution system ports 3-4 to 3-6

Diversity parameter 11-31

DNS Domain Name parameter 6-13

DNS IP Address parameter 7-47

DNS Servers parameter 6-14

Domain Name parameter 7-47

domain name server (DNS) discovery 7-8

Download button

downloading a CA certificate 9-23

downloading a configuration file 9-30

downloading a customized web authentication login page 10-23

downloading a device certificate 9-20

downloading a signature file 5-115

Download File to Controller page 9-17

downloading a customized web authentication login page 10-22

downloading CA certificates 9-22

downloading configuration files 9-29

downloading device certificates 9-20

downloading IDS signatures 5-114

downloading login banner file 9-16

Download SSL Certificate parameter 10-8

DSCP parameter 5-60

DTIM period, configuring for MAC filtering 6-18

DTLS data encryption. See data encryption

DTPC Support parameter 4-30

dynamic AP management

for dynamic interface 3-21

for the management interface 3-15

Dynamic AP Management parameter 3-10

for dynamic interface 3-20

for management interface 3-13

dynamic AP-manager interface 3-10

dynamic channel assignment (DCA)

20-MHz channelization 11-4, 11-16

40-MHz channelization 11-4, 11-16

configuring

using the CLI 11-22 to 11-23

using the GUI 11-13 to 11-17

described 11-3

sensitivity thresholds 11-15

dynamic frequency selection 7-84 to 7-85

dynamic interface

configuring

using the CLI 3-21 to 3-22

using the GUI 3-18 to 3-20

described 3-9

dynamic interface example 3-45

dynamic transmit power control, configuring 4-30

dynamic WEP, configuring 6-24

Dynamic WEP Key Index parameter 5-43

E

EAP-FAST Method Parameters page 5-46

EAP-FAST parameter 5-44

EAPOL-Key Max Retries parameter 5-43

EAPOL-Key Timeout parameter 5-43

EAP Profile Name parameter 5-47

EAP-TLS parameter 5-44

EDCA Profile parameter 4-88

Edit QoS Profile page 4-66

Edit QoS Role Data Rates page 4-70

Egress Interface parameter 10-32

Email Input parameter 10-33

Enable AP Local Authentication parameter 13-20

Enable Authentication for Listener parameter 4-27

Enable Check for All Standard and Custom Signatures parameter 5-116

Enable Controller Management to be accessible from Wireless Clients parameter 2-37, 5-54

Enable Counters parameter 5-58

Enable Coverage Hole Detection parameter 11-18

Enable CPU ACL parameter 5-63

Enable Default Authentication parameter 4-27

Enable DHCP Proxy parameter 4-40

Enable Dynamic AP Management parameter 3-43

Enable EAP-FAST Authentication parameter 13-22

Enable IGMP Snooping parameter 4-57

Enable LEAP Authentication parameter 13-22

Enable Least Latency Controller Join parameter 7-53

Enable Link Latency parameter 7-53, 7-94, 7-95

Enable Listener parameter 4-27

Enable Low Latency MAC parameter 4-89

Enable LSC on Controller parameter 7-28

Enable NAT Address parameter 3-13

Enable Notification parameter 4-27

Enable OfficeExtend AP parameter 7-52

Enable Password parameter 7-16

Enable Server Status parameter 5-36

Enable Tracking Optimization parameter 7-86

Encryption Key parameter 6-30

end user license agreement C-2 to C-4

end-user license agreement (EULA) 4-8, 4-9

enhanced distributed channel access (EDCA) parameters

configuring using the CLI 4-89 to 4-90

configuring using the GUI 4-88 to 4-89

enhanced neighbor list

described 4-61, 8-31

request (E2E) 4-62

Enter Saved Permission Ticket File Name parameter 4-23

EoIP port 12-23, 12-28

epings 12-23, 12-29

erasing the controller configuration 9-34

error codes, for failed VoIP calls 6-45 to 6-46

Ethernet connection, using remotely 2-24 to 2-25

Ethernet Multicast Mode parameter 4-57

European declaration of conformity B-4 to B-5

evaluation licenses

installed on 5500 series controllers 4-3

event reporting for MFP 5-69

Excessive 802.11 Association Failures parameter 5-76

Excessive 802.11 Authentication Failures parameter 5-76

Excessive 802.1X Authentication Failures parameter 5-76

Excessive Web Authentication Failures parameter 5-76

Expedited Bandwidth parameter 4-76

expedited bandwidth requests

described 4-74

enabling

using the CLI 4-84

using the GUI 4-76

Expiration Timeout for Rogue AP and Rogue Client Entries parameter 5-88

Extensible Authentication Protocol (EAP)

configuring 6-24

setting local timers 5-48

timeout and failure counters

per access point 5-51

per client 5-51

extension channel 11-31

F

factory default settings

resetting using the GUI 4-116

failover priority for access points

configuring

using the CLI 7-74

using the GUI 7-72 to 7-74

described 7-72

viewing using the CLI 7-74

failover protection 1-15

fake access point detection 5-128

Fallback Mode parameter 5-10

Fast Ethernet port 3-5

fast heartbeat timer

configuring

using the CLI 7-70

using the GUI 7-68

described 7-67

fast SSID changing

configuring using the CLI 4-52

configuring using the GUI 4-52

FCC declaration of conformity B-2 to B-3

FCC statement

2100 series controllers B-10

4400 series controllers B-10

5500 series controllers B-10

Federal Information Processing Standards (FIPS) 5-12

File Compression parameter 7-44

File Name to Save Credentials parameter 4-21

file transfers 1-14

File Type parameter

downloading a CA certificate 9-23

downloading a configuration file 9-30

downloading a customized web authentication login page 10-23

downloading a device certificate 9-20

Login Banner 9-17

upgrading controller software 9-8

uploading a configuration file 9-28

uploading packet capture files D-23

uploading PACs 9-25

filter, using to view clients 7-103

Fingerprint parameter 5-108

flashing LEDs, configuring 7-101

Forward Delay parameter 3-31, 3-32

forwarding plane architecture 4-53

Fragmentation Threshold parameter 4-30

fragmented pings 3-7

Friendly Rogue > Create page 5-93

FTP server guidelines 9-2

G

General (controller) page

configuring 802.3 bridging 4-54

configuring an RF group 11-7

enabling link aggregation 3-38

General (security) page 5-31

General page 5-43

Generate Password parameter 10-5

Generate Rehost Ticket button 4-23

gigabit Ethernet port 3-5

Global AP Failover Priority parameter 7-73

Global Configuration page

configuring authentication for access points 7-20

configuring backup controllers 7-68

configuring failover priority for access points 7-72

configuring global credentials for access points 7-16

global credentials for access points

configuring

using the CLI 7-17 to 7-18

using the GUI 7-15 to 7-17

described 7-15

overriding

using the CLI 7-17

using the GUI 7-16

Group Mode parameter 11-9, 12-17

Group Name parameter 12-12, 13-18

Group Setup page (on CiscoSecure ACS) 5-23

Guest LAN parameter 10-31

guest N+1 redundancy 12-20

guest tunneling 12-10

guest user accounts

creating 10-2 to 10-7

creating as a lobby ambassador 10-4 to 10-6

viewing

using the CLI 10-7

using the GUI 10-6

Guest User parameter 5-33, 13-10

Guest User Role parameter 5-33, 13-10

guest WLAN, creating 10-5

GUI

browsers supported 2-16

enabling wireless connections 2-36

guidelines 2-16

logging into 2-17

logging out of 2-17

using 2-16

H

Headline parameter 10-14

Hello Time parameter 3-31

help, obtaining 2-17

hex2pcap sample output D-45

high-density network

benefits 11-48

example 11-48

overview 11-47

Holdtime parameter 3-31, 4-93

Honeypot access point detection 5-128

HREAP Group Name parameter 13-13

HREAP Groups > Edit (Local Authentication > Local Users) page 13-21

HREAP Groups > Edit (Local Authentication > Protocols) page 13-22

HREAP Groups > Edit page 13-18, 13-19

HREAP Groups page 13-18

H-REAP Local Switching parameter 13-8

H-REAP Mode AP Fast Heartbeat Timeout parameter 7-68

H-REAP Mode AP Fast Heartbeat Timer State parameter 7-68

H-REAP parameter 7-51

HTTP Access parameter 2-18

HTTP Configuration page 2-18

HTTPS Access parameter 2-18

hybrid REAP

access points supported 13-2

authentication process 13-2 to 13-4

bandwidth restriction 13-2

configuring

access points using the CLI 13-14 to 13-15

access points using the GUI 13-11 to 13-14

controller using the GUI 13-6 to 13-10

guidelines 13-4

illustrated 13-2

number of access points supported 13-2

overview 13-2

hybrid-REAP

debugging 13-11, 13-15

hybrid-REAP groups

backup RADIUS server 13-16

CCKM 13-17

configuring

using the CLI 13-23

using the GUI 13-17 to 13-22

described 13-16

example 13-16

local authentication 13-17

Hysteresis parameter 4-63

I

identity networking

configuring 5-77 to 5-81

overview 5-77 to 5-78

RADIUS attributes 5-78 to 5-81

Identity Request Max Retries parameter 5-43

Identity Request Timeout parameter 5-43

IDS 5-106

IDS sensors

configuring

using the CLI 5-108 to 5-110

using the GUI 5-106 to 5-108

described 5-106

IDS signature events

viewing using the CLI 5-121 to 5-122

viewing using the GUI 5-118 to 5-119

IDS signatures

configuring

using the CLI 5-119 to 5-121

using the GUI 5-113 to 5-118

described 5-111

frequency 5-117

MAC frequency 5-117, 5-120

measurement interval 5-117

pattern 5-117

quiet time 5-117, 5-120

tracking method 5-117

uploading or downloading using the GUI 5-113 to 5-115

viewing

using the CLI 5-121 to 5-122

using the GUI 5-118 to 5-119

IGMP Timeout parameter 4-57

IKE Diffie Hellman Group parameter 5-10

IKE Phase 1 parameter 5-10

Index parameter for IDS 5-107

indoor access points

converting to mesh access points 8-55

infrastructure MFP

components 5-69

described 5-68

Infrastructure MFP Protection parameter 5-71

Infrastructure Protection parameter 5-72

Infrastructure Validation parameter 5-72

Ingress Interface parameter 10-32

Injector Switch MAC Address parameter 7-99

inline power 7-97

Install License button 4-8

intelligent power management (IPM) 7-99

inter-controller roaming

described 4-61

example 12-3

Interface Name parameter 6-56, 6-68, 6-71, 8-14

Interface parameter 6-11

interfaces

and identity networking 5-79

assigning WLANs 6-17

configuring

using the CLI 3-15 to 3-18

using the GUI 3-12 to 3-15

overview 3-6 to 3-10

Interfaces > Edit page

applying an ACL to an interface 5-62

configuring dynamic interfaces 3-19

configuring NAC out-of-band integration 6-69

creating multiple AP-manager interfaces 3-43

Interfaces > New page 3-19, 3-42

Interfaces page 3-12

interference 11-3

Interference threshold parameter 11-19

Internet Group Management Protocol (IGMP)

configuring

using the CLI 4-59

using the GUI 4-57

snooping 4-55

inter-subnet mobility 12-7

inter-subnet roaming

described 4-61

illustrated 12-3 to 12-4

Interval parameter 11-15, 11-44

intra-controller roaming

described 4-60

illustrated 12-2

Inventory page 7-89

Invoke Channel Update Now button 11-14

Invoke Power Update Now button 11-12

IP address-to-MAC address binding

configuring 4-65

described 4-65

IP Mask parameter 4-44

IPSec parameter 5-9

IP Theft or IP Reuse parameter 5-76

IPv6 bridging

configuring

using the CLI 6-49

using the GUI 6-48 to 6-49

described 6-47

guidelines 6-47

IPv6 bridging and IPv4 web authentication example 6-48

IPv6 Enable parameter 6-49

J

Japanese country codes 7-81

Japanese regulations for migrating access points from the -J to the -U regulatory domain 7-80 to 7-83

K

Keep Alive Count parameter 12-22

Keep Alive Interval parameter 12-22

Key Encryption Key (KEK) parameter 5-8

Key Format parameter 6-30

Key Index parameter 6-30

key permutation

configuring 6-30, 6-31

described 6-29

Key Permutation parameter 6-30

Key Size parameter 6-30

Key Wrap Format parameter 5-8

Key Wrap parameter 5-8

L

LAG. See link aggregation (LAG)

LAG Mode on Next Reboot parameter 3-38

Last Auto Channel Assignment parameter 11-16

Last Power Level Assignment parameter 11-12

Layer 1 security 5-2

Layer 2

operation 1-6

security

configuring 6-23 to 6-31

described 5-2

Layer 2 Security parameter 6-27, 6-30, 6-62

Layer 3

operation 1-6

security

configuring 6-32 to 6-34

described 5-3

Layer 3 Security parameter

for VPN passthrough 6-33

for web authentication 6-34

for web redirect 6-63

for wired guest access 10-32

LDAP

choosing server priority order 5-37

configuring

using the CLI 5-38 to 5-40

using the GUI 5-35 to 5-38

local EAP methods supported 5-35, 5-41

LDAP server

assigning to WLANs 5-37 to 5-38

choosing local authentication bind method

using the CLI 5-39

using the GUI 5-36

LDAP Servers > New page 5-35

LDAP Servers page 5-35

LDAP Servers parameter 5-47

LEAP parameter 5-44

Learn Client IP Address parameter 13-9

Lease Time parameter 6-13

LEDs

configuring 7-101

interpreting D-2

license agent

configuring

using the CLI 4-28 to 4-29

using the GUI 4-26 to 4-28

described 4-26

License Agent Configuration page 4-27

license agreement C-2 to C-4

License Commands (Rehost) page 4-21

License Commands page 4-7

License Detail page 4-10, 4-18

license level, changing

using the CLI 4-16

using the GUI 4-15

License Level page 4-14

licenses

activating ap-count evaluation licenses

using the CLI 4-19 to 4-20

using the GUI 4-17 to 4-19

choosing feature set

using the CLI 4-16

using the GUI 4-14 to 4-15

installing

using the CLI 4-8 to 4-9

using the GUI 4-7 to 4-8

messages in controller trap log 4-3

obtaining 4-4 to 4-6

rehosting

described 4-20

using the CLI 4-24 to 4-25

using the GUI 4-21 to 4-23

removing

using the CLI 4-8

using the GUI 4-10

required for OfficeExtend access points 7-50

saving

using the CLI 4-9

using the GUI 4-8

SKUs 4-4

transferring to a replacement controller after an RMA 4-25 to 4-26

types 4-2

viewing

using the CLI 4-11 to 4-13

using the GUI 4-9 to 4-10

Licenses page 4-9, 4-15, 4-17

licensing portal, using to register PAKs 4-6

Lifetime parameter 5-33, 10-5, 13-10

Lightweight Access Point Protocol (LWAPP) 1-6, 7-2

lightweight mode, reverting to autonomous mode 7-26

limited warranty C-4 to C-6

link aggregation (LAG)

configuring neighboring devices 3-39

described 3-35 to 3-36

enabling

using the CLI 3-39

using the GUI 3-38

example 3-35

guidelines 3-37

illustrated 3-36

verifying settings using the CLI 3-39

link latency

and OfficeExtend access points 7-53, 7-55

configuring

using the CLI 7-95 to 7-96

using the GUI 7-94 to 7-95

described 7-93

Link Status parameter 3-24

Link Test

button 7-92

option 7-92, 8-52

page 7-92

link test

described 7-90

performing

using the CLI 7-93

using the GUI 7-91 to 7-92, 8-52 to 8-53

types of packets 7-90

Link Trap parameter 3-24, 3-25

Listener Message Processing URL parameter 4-27

load balancing 4-47

Load-based AC parameter 4-76

load-based CAC

described 4-73 to 4-74

enabling

using the CLI 4-83

using the GUI 4-76

lobby ambassador account

creating using the CLI 10-3

creating using the GUI 10-2 to 10-3

Lobby Ambassador Guest Management > Guest Users List > New page 10-4

Lobby Ambassador Guest Management > Guest Users List page 10-4, 10-6

Local Auth Active Timeout parameter 5-43

local EAP

configuring

using the CLI 5-47 to 5-52

using the GUI 5-42 to 5-47

debugging 5-52

described 5-40 to 5-42

example 5-41

viewing information using the CLI 5-50

Local EAP Authentication parameter 5-47

Local EAP Profiles > Edit page 5-44

Local EAP Profiles page 5-44

Local Management Users > New page 10-3

Local Management Users page 10-2

Local Mode AP Fast Heartbeat Timeout parameter 7-68

Local Mode AP Fast Heartbeat Timer parameter 7-68

Local Net Users > New page 5-33, 13-9

Local Net Users page 5-32, 10-6

local network users

configuring using the CLI 5-34

configuring using the GUI 5-32 to 5-34

local significant certificate (LSC)

configuring

using the CLI 7-30 to 7-32

using the GUI 7-28 to 7-30

described 7-28

Local Significant Certificates (LSC) - AP Provisioning page 7-29

Local Significant Certificates (LSC) - General page 7-28

local user database, capacity 10-2

location

calibration 11-44

configuring settings using the CLI 4-106 to 4-108

viewing settings using the CLI 4-108 to 4-110

location appliance

installing certificate 4-105 to 4-106

synchronizing with controller 4-106

location-based services 11-43

location presence 4-110

logical connectivity diagram

Catalyst 3750G Integrated Wireless LAN Controller Switch E-4

Cisco 28/37/38xx Integrated Services Router E-3

Cisco WiSM E-2

login banner file

clearing 9-19

described 9-15

downloading

using the CLI 9-17 to 9-18

using the GUI 9-16 to 9-17

Login Banner page 9-19

logs

roaming D-26, D-39 to D-40

RSNA D-26, D-39 to D-41

syslog D-27, D-39 to D-41

uploading

using the CLI D-17 to D-18

using the GUI D-16 to D-17

long preambles

described 5-52

enabling on SpectraLink NetLink phones

using the CLI 5-53

using the GUI 5-52

LWAPP-enabled access points

debug commands 7-41

disabling the reset button 7-46

MAC addresses displayed on controller GUI 7-45

radio core dumps

described 7-41

receiving debug commands from controller 7-41

retrieving radio core dumps 7-42

reverting to autonomous mode 7-26 to 7-27

sending crash information to controller 7-41

uploading

access point core dumps 7-44 to 7-45

radio core dumps 7-42 to 7-43

M

MAC address of access point

adding to controller filter list

using the GUI 8-39

displayed on controller GUI 7-45

MAC Address parameter 8-14

MAC filtering

configuring on WLANs 6-16 to 6-17

DTIM period 6-18

MAC filtering, for mesh access points 8-13 to 8-14

MAC Filtering page 8-13

MAC Filters > New page 8-13

management frame protection (MFP)

configuring

using the CLI 5-72 to 5-73

using the GUI 5-70 to 5-71

debugging 5-75

described 5-68 to 5-69

guidelines 5-69

types 5-68

viewing settings 5-73 to 5-75

Management Frame Protection parameter 5-72

Management Frame Protection Settings page 5-72

management frame validation 5-69

management interface

configuring

using the CLI 3-15

using the GUI 3-12 to 3-15

described 3-7

Management IP Address parameter 7-51

management over wireless

described 5-54

enabling

using the CLI 5-54

using the GUI 5-54

Master Controller Configuration page 7-9

Master Controller Mode parameter 7-9

Max Age parameter 3-30

Max HTTP Message Size parameter 4-27

Maximum Age parameter 3-31

maximum local database entries

configuring using the CLI 5-31

configuring using the GUI 5-31

Maximum Local Database Entries parameter 5-31

Maximum Number of Sessions parameter 4-27

Maximum RF Usage Per AP parameter 4-67

Max-Login Ignore Identity Response parameter 5-43

Max RF Bandwidth parameter 4-76, 4-77

MCS data rates 4-34

Member MAC Address parameter 12-12

memory

types 1-14

memory leaks, monitoring D-24 to D-25

mesh

network example 8-42

parameters

configuring using the CLI 8-27, 8-30

configuring using the GUI 8-23 to 8-27

statistics

viewing for an access point using the CLI 8-42 to 8-45, 8-50 to 8-51

viewing for an access point using the GUI 8-46 to 8-50

Mesh > LinkTest Results page 8-52

mesh access points

adding MAC address to controller filter list

using the CLI 8-14

using the GUI 8-13 to 8-14

adding to mesh networks 8-12

and CAPWAP 8-8

converting to non-mesh access points 8-57

deployment modes 8-5

license requirements 8-2

models 8-2

network access 8-5

operating with Cisco 3200 Series Mobile Access Routers

configuration guidelines 8-58

described 8-58

using the CLI to configure 8-60

using the GUI to configure 8-59

roles 8-3

selecting 8-35

supported by controller model 8-11

mesh backhaul data rates 8-10

mesh backhaul deployment example 8-6

mesh constraints 8-9

mesh deployment example 8-6

mesh minimum required LinkSNR 8-10

mesh neighbors, parents, and children 8-8

mesh node security statistics 8-49 to 8-50

mesh node statistics 8-48

mesh point-to-multipoint wireless bridging example 8-7

mesh point-to-point wireless bridging example 8-6

mesh routing 8-8

Message Authentication Code Key (MACK) parameter 5-8, 5-12

message logs

configuring

using the CLI D-11 to D-14

using the GUI D-8

viewing

using the CLI D-14

using the GUI D-10 to D-11

See also system logging

Message Logs page D-11

Message parameter for web authentication 10-15

Metrics Collection parameter 4-76

MFP Client Protection parameter 5-71

MFP Frame Validation parameter 5-71

MIC 6-25, 6-29

migrating access points from the -J to the -U regulatory domain 7-80 to 7-83

Min Failed Client Count per AP parameter 11-18

Minimum RSSI parameter 4-63

mirror mode. See port mirroring, configuring

MMH MIC

configuring 6-30, 6-31

described 6-29

MMH Mode parameter 6-30

Mobile Announce messages 12-7

mobility

failover 12-20

overview 12-2

Mobility Anchor Config page 12-22, 12-27

Mobility Anchor Create button 12-23

mobility anchors. See auto-anchor mobility

Mobility Anchors option 12-22

Mobility Anchors page 12-22

Mobility Group Member > New page 12-11

Mobility Group Members > Edit All page 12-13

mobility groups

configuring

using the CLI 12-14

using the GUI 12-11 to 12-13

with one NAT device 12-8

with two NAT devices 12-9

determining when to include controllers 12-7

difference from RF groups 11-5

examples 12-7

illustrated 12-5

messaging among 12-7

number of access points supported 12-5, 12-6

number of controllers supported 12-5

prerequisites 12-9 to 12-10

using with NAT devices 12-8 to 12-9

mobility group statistics

types 12-16

viewing

using the CLI 12-19

using the GUI 12-16 to 12-19

mobility list

described 12-6

detecting failed members 12-20

number of controllers supported 12-7

ping requests to members 12-20

Mobility Multicast Messaging > Edit page 12-14

Mobility Multicast Messaging page 12-13

mobility ping tests, running 12-28

Mobility Statistics page 12-17

MODE access point button 7-26, 7-46

Mode parameter 4-63, 11-44

monitor intervals, configuring using the GUI 11-20

mpings 12-23, 12-28

Multicast Appliance Mode parameter 3-25

multicast client table, viewing 4-60

multicast groups

viewing using the CLI 4-59

viewing using the GUI 4-58

Multicast Groups page 4-58

multicast mode

configuring

using the CLI 4-58

using the GUI 4-57 to 4-58

described 4-55 to 4-56

guidelines 4-56 to 4-57, 7-61

Multicast page 4-57

multiple AP-manager interfaces

5500 series controller example 3-44 to 3-45

multiple country codes

configuration guidelines 7-75

configuring

using the CLI 7-78

using the GUI 7-76 to 7-77

N

NAC in-band mode 6-66

NAC out-of-band integration

and hybrid REAP 13-5

configuring

using the CLI 6-71 to 6-72

using the GUI 6-68 to 6-71

described 6-66 to 6-67

diagram 6-67

guidelines 6-67 to 6-68

NAC out-of-band support

configuring for a specific access point group

using the CLI 6-72

using the GUI 6-70

NAC State parameter 6-56, 6-70, 6-71

NAT address

for dynamic interface 3-20, 3-21

for management interface 3-13, 3-16

NAT devices in mobility groups 12-8 to 12-9

Native VLAN ID parameter 13-13

neighbor information

viewing for an access point using the CLI 8-54

viewing for an access point using the GUI 8-51 to 8-54

Neighbor Information option 8-51

Neighbor Packet Frequency parameter 11-20

neighbor statistics

viewing for an access point using the CLI 8-54

viewing for an access point using the GUI 8-51 to 8-54

Netbios Name Servers parameter 6-14

Netmask parameter 6-13

network analyzer supported software

AirMagnet D-47

Airopeek D-47

Omnipeek D-47

Wireshark D-47

Network Mobility Services Protocol (NMSP) 4-101

debugging 4-113 to 4-114

modifying the notification interval for clients, RFID tags, and rogues 4-110 to 4-111

viewing settings 4-111 to 4-113

Network parameter 6-13

NTP server

configuring to obtain time and date 2-30

Number of Attempts to LSC parameter 7-29

Number of Hits parameter 5-61

O

OfficeExtend Access Point Configuration page 7-57

OfficeExtend Access Point Home page 7-56

OfficeExtend Access Points

LEDs D-53

positioning D-53

troubleshooting D-53 to D-54

OfficeExtend access points

and NAT 7-50

configuring

a personal SSID 7-56 to 7-58

using the CLI 7-54 to 7-56

using the GUI 7-51 to 7-53

described 7-49

firewall requirements 7-50

implementing security for 7-50

licensing requirements 7-50

supported access point models 7-50

trap logs 7-50

typical setup 7-49

viewing statistics 7-58 to 7-60

OfficeExtend AP parameter 7-53

online help, using 2-17

open source terms C-8

OpenSSL license issues C-7 to C-8

operating system

security 1-5

software 1-4

Order Used for Authentication parameter 5-11, 5-26

Override Global Config parameter 10-26, 10-33

Over-ride Global Credentials parameter 7-17, 7-21, 7-53

Override Interface ACL parameter 5-64

oversized access point images 7-49

over-the-air provisioning (OTAP) 7-7

P

P2P Blocking parameter 6-22

packet capture files

described D-21

sample output in Wireshark D-22

uploading

using the CLI D-23 to D-24

using the GUI D-23

Params parameter 7-29

password

restoring 4-42

password guidelines 7-20

Password parameter

for access point authentication 7-20

for access points 7-16

for local net users 5-33, 13-10

for PACs 9-25

passwords

viewing in clear text D-7

path loss measurement (S60), CLI command 4-106

PEAP parameter 5-44

peer-to-peer blocking

configuring

using the CLI 6-23

using the GUI 6-21 to 6-23

described 6-20

examples 6-21

guidelines 6-21, 6-67

permanent licenses, installed on 5500 series controllers 4-3

Personal SSID parameter 7-57

Physical Mode parameter 3-24, 3-25

Physical Status parameter 3-24

pico cell mode

configuring

using the CLI 11-50 to 11-51

using the GUI 11-49 to 11-50

debugging using the CLI 11-51

guidelines 11-48

overview 11-47 to 11-48

versions 11-49

Pico Cell Mode parameter 11-49

ping link test 7-90

ping tests 12-28

pinning 11-6

PMK cache lifetime timer 6-28

PMKID caching 6-28

PoE Status parameter 7-99

Pool End Address parameter 6-13

Pool Start Address parameter 6-13

Port > Configure page 3-23

port mirroring, configuring 3-26 to 3-27

Port Number parameter

for controller 3-24

for LDAP server 5-36

for RADIUS server 5-8

for TACACS+ server 5-25

for wired guest access 10-31

Port parameter for IDS 5-107

ports

configuring 3-22 to 3-33

on 2100 series controllers 3-2, 3-4

on 4400 series controllers 3-2, 3-4

on 5500 series controllers 3-3, 3-5

on Catalyst 3750G Integrated Wireless LAN Controller Switch 3-3, 3-4, 3-5

on Cisco 28/37/38xx Series Integrated Services Router 3-4 to 3-5, 4-116, 7-35

on Cisco WiSM 3-4, 3-5

overview 3-2 to 3-6

Ports page 3-22

Power Assignment Leader parameter 11-12

power cable warning for Japan B-7

Power Injector Selection parameter 7-99

Power Injector State parameter 7-99

Power Neighbor Count parameter 11-12

Power over Ethernet (PoE)

configuring

using the CLI 7-100

using the GUI 7-98 to 7-100

described 1-14, 7-97

Power Over Ethernet (PoE) parameter 3-24

Power Threshold parameter 11-12

preauthentication access control list (ACL)

applying to a WLAN

using the CLI 5-67

using the GUI 5-64 to 5-65

for external web server 10-20, 13-9

Preauthentication ACL parameter 5-65, 6-63

Pre-Standard State parameter 7-99

Primary Controller Name parameter 7-51

Primary Controller parameters 7-51, 7-69

Primary RADIUS Server parameter 13-18

priming access points 7-7

Priority Order > Local-Auth page 5-37, 5-42

Priority Order > Management User page 5-11, 5-26

Priority parameter 3-31

Privacy Protocol parameter 4-46

probe request forwarding, configuring 7-88

probe requests, described 7-88

product authorization key (PAK)

obtaining for license upgrade 4-4

registering 4-6

product ID for controller, finding 4-24

product ID of controller, finding 4-22

Product License Registration page 4-22

Profile Details page D-35

Profile Name parameter 6-5, 8-14, 10-31, 13-7

protected access credentials (PACs)

overview 9-24

uploading

using the CLI 9-26 to 9-27

using the GUI 9-25

using with local EAP 5-42, 13-22

Protection Type parameter 5-70, 11-37

Protocol parameter 5-60

Protocol Type parameter 4-68

PSK

configuring 6-27

described 6-25

with mesh 8-25

PSK Format parameter 6-27

public key cryptography (PKC), with mobility 12-7

Q

QBSS

configuring

using the CLI 6-41

using the GUI 6-39 to 6-40

described 6-37

guidelines 6-38

QoS

identity networking 5-78

levels 4-66, 6-35

translation values 6-36

with CAC 4-73

QoS profiles

assigning to a WLAN

using the CLI 6-37

using the GUI 6-36 to 6-37

configuring

using the CLI 4-68 to 4-69

using the GUI 4-66 to 4-68

QoS roles

assigning for use with hybrid REAP 13-10

configuring

using the CLI 4-71 to 4-72

using the GUI 4-69 to 4-71

QoS Roles for Guest Users page 4-70

Quality of Service (QoS) parameter 6-36

quarantined VLAN

configuring 3-13, 3-19

using 13-8

with hybrid REAP 13-4

with NAC out-of-band integration 6-69

Quarantine parameter

for dynamic interface 3-19

NAC out-of-band integration 6-69

Query Interval parameter 5-108

Queue Depth parameter 4-67

queue statistics 8-48

R

Radio > Statistics page 6-43

radio core dumps

described 7-41

retrieving 7-42

uploading

using the CLI 7-43

using the GUI 7-42 to 7-43

radio measurement requests

configuring

on the CLI 11-45

on the GUI 11-44

overview 11-43

viewing status using the CLI 11-46

radio preamble 5-52

radio resource management (RRM)

benefits 11-5

CCX features. See CCX radio management

configuring

monitor intervals using the GUI 11-20

using the CLI 11-21 to 11-24

using the GUI 11-10 to 11-21

coverage hole detection

configuring per controller using the CLI 11-23

configuring per controller using the GUI 11-17 to 11-19

described 11-4

debugging 11-26

disabling dynamic channel and power assignment

using the CLI 11-35 to 11-36

using the GUI 11-35

overriding RRM 11-27 to 11-36

overview 11-2

specifying channels 11-13 to 11-16

statically assigning channel and transmit power settings

using the CLI 11-32

using the GUI 11-28 to 11-32

update interval 11-7, 11-10

Wireless > 802.11a/n (or 802.11b/g/n) > RRM > TPC parameter 11-11

radio resource management (RRM) settings

viewing using the CLI 11-24 to 11-26

radio resource monitoring 11-2

RADIUS

accounting 5-3

authentication 5-3

choosing authentication priority order 5-11

configuring

using the CLI 5-11 to 5-15

using the GUI 5-6 to 5-11

configuring on ACS 5-4

described 5-3

FIPS standard 5-12

KEK parameter 5-12

MACK parameter 5-12

server fallback behavior 5-10, 5-13

using with hybrid REAP 13-16

RADIUS > Fallback Parameters page 5-10

RADIUS accounting attributes 5-18 to 5-19

RADIUS authentication attributes 5-16 to 5-18

Range (RootAP to MeshAP) parameter 8-24

Redirect URL After Login parameter 10-14

Refresh-time Interval parameter 4-93

Regenerate Certificate button 10-8

regulatory information

for 2100 series controllers B-10

for 4400 series controllers B-10

for lightweight access points B-2 to B-10

rehosting a license. See licenses

Rehost Ticket File Name parameter 4-23

Remote Authentication Dial-In User Service. See RADIUS

Request Max Retries parameter 5-43

Request Timeout parameter 5-43

Reserved Roaming Bandwidth parameter 4-76, 4-77

Reset Link Latency button 7-95

Reset Personal SSID parameter 7-52

resetting the controller 9-34

restoring passwords 4-42

Re-sync button 5-110

reverse path filtering (RPF) 12-26

RF Channel Assignment parameter 11-35

RF domain. See RF groups

RF exposure declaration of conformity B-5

RF group leader

described 11-6

viewing 11-9

RF group name

described 11-7

entering 11-8

RF groups

cascading 11-6

configuring

using the CLI 11-8

using the GUI 11-7

difference from mobility groups 11-5

overview 11-5 to 11-7

pinning 11-6

viewing status

using the CLI 11-10

using the GUI 11-9

RFID tags

described 4-100

formats supported 4-100

number supported per controller 4-101

tracking

configuring using the CLI 4-102

debugging using the CLI 4-104

viewing information using the CLI 4-103 to 4-104

RFID tracking on access points, optimizing

using the CLI 7-87

using the GUI 7-85 to 7-86

RF-Network Name parameter 11-8

RLDP. See Rogue Location Discovery Protocol (RLDP)

roaming and real-time diagnostics

configuring using the CLI D-39 to D-42

described D-26

logs

described D-26

viewing D-39 to D-40

roam reason report 4-62

roam reason report, described 8-32

rogue access points

alarm 11-37

automatically containing

using the CLI 5-89

using the GUI 5-88

classification mapping table 5-85

classifying 5-84

configuring RLDP 5-87 to 5-90

detecting

using the CLI 11-38

using the GUI 11-36 to 11-38

managing 5-83

rule-based classification support 5-84

tagging, location, and containment 5-84

viewing and classifying

using the CLI 5-101 to 5-106

using the GUI 5-96 to 5-101

WCS support for rule-based classification 5-87

Rogue AP Detail page 5-97

Rogue AP Ignore-List page 5-101

rogue classification rules

configuring using the CLI 5-94 to 5-96

configuring using the GUI 5-90 to 5-94

Rogue Client Detail page 5-99

rogue detection 5-87, 5-88

and OfficeExtend access points 7-52, 7-55

Rogue Detection parameter 5-87, 7-52

Rogue Location Discovery Protocol (RLDP)

configuring

using the CLI 5-88 to 5-90

using the GUI 5-87 to 5-88

defined 5-84

Rogue Location Discovery Protocol parameter 5-88

Rogue on Wire parameter 5-88

Rogue Policies page 5-87

Rogue Rule > Edit page 5-92

Rogue Rules > Priority page 5-93

rogue states 5-85, 5-86

Role Name parameter 4-70

Role parameter 5-33, 13-10

root access points (RAPs)

selecting 8-35

root bridge 3-27

Root Cost parameter 3-30

Root Port parameter 3-30

RRM. See radio resource management (RRM)

RSNA logs

configuring D-39 to D-41

described D-26

Rx Sensitivity Threshold parameter 11-50

S

Save and Reboot button 9-21, 9-23

Save Licenses button 4-8

saving configuration settings 9-32

Scan Threshold parameter 4-63

Scope Name parameter 6-13

Search AP window 7-11, 7-14, 7-37

Search Clients page 7-103

Search WLANs window 6-8, 7-10, 7-14

Secondary Controller parameters 7-69

Secondary RADIUS Server parameter 13-18

secure web mode

described 2-18

enabling

using the CLI 2-19

using the GUI 2-18

security

overview 5-2

solutions 5-2 to 5-3

Security Policy Completed parameter 6-48

security settings

local and external authentication 8-23

Select APs from Current Controller parameter 13-20

self-signed certificate (SSC)

used to authorize access points 7-27

Sequence parameter 5-59

serial number for controller, finding 4-24

serial number of controller, finding 4-22

serial port

baud rate setting 2-24

timeout 2-24

Server Address parameter 5-107

Server Index (Priority) parameter 5-8, 5-25, 5-36

Server IP Address parameter

for LDAP server 5-36

for RADIUS server 5-8

for TACACS+ server 5-25

for wireless sniffer D-49

Server Key parameter 5-46, 13-22

Server Status parameter 5-9, 5-25

Server Timeout parameter 5-9, 5-26, 5-37

service port 3-6

service-port interface

configuring

using the CLI 3-18

using the GUI 3-12 to 3-15

described 3-9

session timeout

configuring

using the CLI 6-32

using the GUI 6-31

described 6-31

Set Priority button 4-18

Set to Factory Default button 11-21

Severity Level Filtering parameter D-9

Shared Secret Format parameter 5-8, 5-25

Shared Secret parameter 5-8, 5-25

Short Preamble Enabled parameter 5-52

short preambles 5-52

Show Wired Clients option 7-64

shunned clients

described 5-110

viewing

using the CLI 5-111

using the GUI 5-110

Signature Events Detail page 5-118

Signature Events Summary page 5-118

Signature Events Track Detail page 5-119

Simple Bind parameter 5-36

sniffing. See wireless sniffing D-47

Sniff parameter D-49

SNMP, configuring 4-42 to 4-43

SNMP community string

changing default values using the CLI 4-44 to 4-45

changing default values using the GUI 4-43 to 4-44

SNMP v1 / v2c Community > New page 4-44

SNMP v1 / v2c Community page 4-43

SNMP v3 users

changing default values using the CLI 4-46

changing default values using the GUI 4-45 to 4-46

SNMP V3 Users > New page 4-46

SNMP V3 Users page 4-45

software, upgrading

guidelines 9-2 to 9-4

using the CLI 9-9 to 9-11

using the GUI 9-6 to 9-8

software, upgrading in mesh networks

guidelines 9-4 to 9-6

Source parameter for ACLs 5-59

Source Port parameter 5-60

Spanning Tree Algorithm parameter 3-31

Spanning Tree Protocol (STP)

configuring

using the CLI 3-32 to 3-33

using the GUI 3-28 to 3-32

described 3-27

spanning-tree root 3-27

Spanning Tree Specification parameter 3-30

SpectraLink NetLink phones

enabling long preambles

using the CLI 5-53

using the GUI 5-52

overview 5-52

Spectralink Voice Priority parameter 4-88

splash page web redirect 6-61

Splash Page Web Redirect parameter 6-63

SSC key-hash on Cisco WiSM 7-26

SSH

and OfficeExtend access points 7-53, 7-55

configuring

using the CLI 2-35 to 2-36

using the GUI 2-34 to 2-35

troubleshooting access points

using the CLI D-51 to D-52

using the GUI D-50 to D-51

SSH parameter D-51

SSID

configuring

using the CLI 6-6

using the GUI 6-5

described 6-3

SSL certificate

loading

using the CLI 2-21 to 2-22

using the GUI ?? to 2-21

SSLv2, configuring for web administration 2-19

SSLv2 for web authentication, disabling 10-13

Standard Signature > Detail page 5-117

Standard Signatures page 5-115

stateful DHCPv6 IP addressing 6-47

State parameter 5-108, 5-118

static IP address

configuring

using the CLI 7-47 to 7-48

using the GUI 7-46 to 7-47

described 7-46

Static IP parameter 7-47

Static Mobility Group Members page 12-11

Statistics option 8-47

Status parameter

for DHCP scopes 6-14

for guest LANs 10-32

for SNMP community 4-44

for WLANs 6-6

STP Mode parameter 3-29

STP Port Designated Bridge parameter 3-28

STP Port Designated Cost parameter 3-28

STP Port Designated Port parameter 3-28

STP Port Designated Root parameter 3-28

STP Port Forward Transitions Count parameter 3-28

STP Port ID parameter 3-28

STP Port Path Cost Mode parameter 3-29

STP Port Path Cost parameter 3-29

STP Port Priority parameter 3-29

STP State parameter 3-28

strong passwords 7-20

Summary page 2-35

Supervisor 720

configuring 4-114 to ??

described 4-114

switch, configuring at the remote site 13-5 to 13-6

Switch IP Address (Anchor) parameter 12-23

SX/LC/T small form-factor plug-in (SFP) modules 3-5

symmetric mobility tunneling

illustrated 12-27

overview 12-26 to 12-27

verifying status

using the CLI 12-28

using the GUI 12-27

Symmetric Mobility Tunneling Mode parameter 12-27

syslog

described D-27

levels D-10

logs D-39 to D-41

Syslog Configuration page D-8

Syslog Facility parameter D-9

syslog server

number supported by controller D-8

removing from controller D-8

severity level filtering D-9

Syslog Server IP Address parameter D-8

system logging

configuring

using the CLI D-11 to D-14

using the GUI D-8 to D-10

setting severity level D-10

system logs, viewing using the CLI D-14

system messages D-2 to D-5

System Resource Information page D-5

system resources

viewing using the CLI D-6

viewing using the GUI D-5

T

TACACS+

accounting 5-20

authentication 5-19

authorization 5-19

choosing authentication priority order 5-26

configuring

using the CLI 5-27 to 5-29

using the GUI 5-24 to 5-26

configuring on ACS 5-20 to 5-24

described 5-19 to 5-20

roles 5-19, 5-23

viewing administration server logs 5-29 to 5-30

TACACS+ (Authentication, Authorization, or Accounting) Servers > New page 5-25

TACACS+ (Authentication, Authorization, or Accounting) Servers page 5-24

TACACS+ (Cisco) page (on CiscoSecure ACS) 5-22

TACACS+ Administration.csv page (on CiscoSecure ACS) 5-29, 5-30

TCP MSS

configuring 7-96 to 7-97

described 7-96

telemetry 4-100

Telnet

and OfficeExtend access points 7-53, 7-55

troubleshooting access points

using the CLI D-51 to D-52

using the GUI D-50 to D-51

Telnet parameter D-51

Telnet sessions

configuring

using the CLI 2-35 to 2-36

using the GUI 2-34 to 2-35

Telnet-SSH Configuration page 2-34

Tertiary Controller parameters 7-69

text2pcap sample output D-45

TFTP server guidelines 9-2

time, configuring

using the CLI 2-32

using the GUI 2-30

using the NTP server 2-30

time-length-values (TLVs), supported for CDP 4-90 to 4-92

timeout, configuring for disabled clients 6-17

Time Since Topology Changed parameter 3-30

timestamps, enabling or disabling in log and debug messages D-14

Time to Live for the PAC parameter 5-46, 13-22

time zone

configuring using the CLI 2-32

configuring using the GUI 2-31

TKIP

configuring 6-27, 6-28

described 6-25

parameter 6-27

Topology Change Count parameter 3-30

traffic specifications (TSPEC) request

described 4-74

examples 4-74

traffic stream metrics (TSM)

configuring

using the CLI 4-84

using the GUI 4-76

described 4-75

viewing statistics

using the CLI 4-86 to 4-87

using the GUI 4-80 to 4-83

Transfer Mode parameter

downloading a CA certificate 9-23

downloading a configuration file 9-30

downloading a customized web authentication login page 10-23

downloading a device certificate 9-20

upgrading controller software 9-8

uploading a configuration file 9-28

uploading a PAC 9-25

uploading packet capture files D-23

Transition Time parameter 4-63

transmit power

statically assigning using the CLI 11-32

statically assigning using the GUI 11-28 to 11-32

transmit power levels 11-31

Transmit Power parameter 11-50

transmit power threshold, decreasing 11-21

trap logs

for OfficeExtend access points 7-50

Trap Logs page 4-3, 6-43

troubleshooting

access point join process 7-34 to 7-41

CCXv5 clients D-26 to D-42

problems D-6 to D-8

tunnel attributes and identity networking 5-80 to 5-81

Tx Power Level Assignment parameter 11-35

Type parameter 6-5, 10-31, 13-7

U

U-APSD

described 4-75

viewing status

using the CLI 4-86

using the GUI 4-79

UDP, use in RADIUS 5-4

UDP port 12-23, 12-28

unicast mode 4-55

unique device identifier (UDI)

described 7-89

retrieving

using the CLI 7-90

using the GUI 7-89 to 7-90

Upload button 5-115, 7-43, 9-26, D-17, D-23

Upload CSV File parameter 13-21

Upload File from Controller page 7-42, 9-25, 9-27, D-17, D-23

URL parameter 10-21

URL to Send the Notifications parameter 4-27

USB console port, using on a 5500 series controller 3-33 to 3-34

Use AES Key Wrap parameter 5-7

User Access Mode parameter 10-3

user accounts, managing 10-1 to 10-25

User Attribute parameter 5-36

User Base DN parameter 5-36

User Credentials parameter 5-37

User Name parameter 5-33, 13-10

Username parameter 7-16, 7-20, 7-21

User Object Type parameter 5-36

User parameter 9-25

User Profile Name parameter 4-46

Using Our SSID parameter 5-88

V

Validate Rogue Clients Against AAA parameter 5-88

Valid Client on Rogue AP parameter 5-88

Validity parameter 9-25

VCCI warnings for controllers B-7

VCI strings 7-34

Verify Certificate CN Identity parameter 5-45

video information, viewing for mesh networks using the CLI 8-42 to 8-44

video settings

configuring

using the CLI 4-84

using the GUI 4-76 to 4-78

viewing

using the CLI 4-85 to 4-87

using the GUI 4-78 to 4-83

virtual interface

configuring

using the CLI 3-17

using the GUI 3-12 to 3-15

described 3-9

VLAN Identifier parameter

for AP-manager interface 3-14

for dynamic interface 3-19, 3-20

VLAN ID parameter 6-68, 13-14

VLAN interface. See dynamic interface

VLAN Mappings

button 13-13

page 13-13

VLANs

described 3-9

guidelines 3-12

VLAN Support parameter 13-13

VLAN tag, and identity networking 5-79

Voice & Video Optimized parameter 4-88

voice information, viewing for mesh networks using the CLI 8-42 to 8-44

Voice Optimized parameter 4-88

voice-over-IP (VoIP) telephone roaming 4-61

Voice RSSI parameter 11-18

voice settings

configuring

using the CLI 4-83 to 4-84

using the GUI 4-75 to 4-76

viewing

using the CLI 4-85 to 4-87

using the GUI 4-78 to 4-83

VoIP calls, error codes 6-45 to 6-46

VoIP snooping

configuring

using the CLI 6-44 to 6-47

using the GUI 6-42 to 6-43

described 6-41 to 6-42

VoIP Snooping and Reporting parameter 6-42

VPN Gateway Address parameter 6-33

VPN passthrough

configuring using the CLI 6-33

configuring using the GUI 6-33

described 6-32

W

warranty C-4 to C-6

webauth.tar files 10-26

webauth bundle 10-22

web authentication

certificate

obtaining using the CLI 10-9 to 10-10

obtaining using the GUI 10-7 to 10-9

configuring a WLAN for

using the CLI 6-34

using the GUI 6-33

described 10-10

process 10-10 to 10-13

successful login page 10-13

Web Authentication Certificate page 10-8

web authentication login page

assigning per WLAN

using the CLI 10-27

using the GUI 10-26

choosing the default

using the CLI 10-15 to 10-16

using the GUI 10-14 to 10-15

customized example 10-25

customizing from an external web server

using the CLI 10-21

using the GUI 10-20 to 10-21

default 10-12

downloading a customized login page

guidelines 10-22

using the CLI 10-24

using the GUI 10-22 to 10-23

modified default example 10-17

previewing 10-15, 10-23

verifying settings using the CLI 10-25

Web Authentication option 10-32

Web Authentication Type parameter 10-14, 10-21, 10-23

Web Auth Type parameter 10-26, 10-33

web-browser security alert 10-11

Web Login page 10-14, 10-20

web mode

configuring

using the CLI 2-19

using the GUI 2-18

described 2-18

Web Passthrough option 10-32

Web Policy parameter 5-65, 6-34, 6-63

web redirect 6-60

Web Server IP Address parameter 10-21

Web Session Timeout parameter 2-18

WEP keys, configuring 6-23

WGB parameter 7-64

WGB Wired Clients page 7-64

wired guest access

configuration overview 10-30

configuring

using the CLI 10-33 to 10-39

using the GUI 10-31 to 10-33

described 10-28 to 10-30

guidelines 10-30

one-controller example 10-29

two-controller example 10-30

wireless intrusion prevention system (wIPS)

configuring on an access point 5-125 to 5-126

described 5-123

viewing information 5-126 to 5-127

wireless sniffing

configuring

using the CLI D-49

using the GUI D-48 to D-49

prerequisites D-47

supported software D-47

WLAN ID parameter 6-5

WLAN mobility security values 12-25

WLAN override 9-2

WLAN Profile parameter 5-34, 13-10

WLANs

assigning web login, login failure, and logout pages

using the CLI 10-27

using the GUI 10-26

checking security settings 6-24

configuring

conditional web redirect 6-61 to 6-64

static and dynamic WEP 6-24

connecting clients to 13-15

creating

using the CLI 6-6

using the GUI 6-4 to 6-6

deleting

using the CLI 6-8

using the GUI 6-5

described 1-13, 3-10 to 3-12, 6-3 to 6-4

enabling or disabling

using the CLI 6-7

using the GUI 6-6

searching 6-8

session timeout

configuring 6-31

described 6-31

splash page web redirect 6-61

wired security solution 1-5

WLANs > Edit (Advanced) page 6-42, 6-65

applying an ACL to a WLAN 5-64

configuring AAA override 5-83

configuring infrastructure MFP for a WLAN 5-71

configuring IPv6 bridging 6-49

configuring NAC out-of-band integration 6-70

configuring the diagnostic channel D-27

WLANs > Edit (QoS) page 6-39

WLANs > Edit (Security > AAA Servers) page

assigning LDAP servers to a WLAN 5-38

choosing RADIUS or LDAP servers for external authentication 10-26

disabling accounting servers on a WLAN 6-64

enabling local EAP on a WLAN 5-47

WLANs > Edit (Security > Layer 2) page 6-27, 6-30

WLANs > Edit (Security > Layer 3) page

applying a preauthentication ACL to a WLAN 5-64

configuring a WLAN for VPN Passthrough 6-33

configuring web redirect 6-63

configuring wired guest access 10-32

WLANs > Edit page 6-5, 10-31, 13-7

WLANs > New page 6-5, 8-32, 8-33, 8-53, 8-54, 10-31, 13-7

WLANs page 6-4, 12-22

WLAN SSID parameter

configuring for guest user 10-5

creating a centrally switched WLAN 13-7

creating WLANs 6-5

identifying the guest LAN 10-31

mapping an access point group to a WLAN 6-56, 6-71

WMM

configuring 4-35, 6-39, 6-41

described 6-38

with CAC 4-73

WMM parameter 4-88, 4-89

WMM Policy parameter 6-39

workgroup bridges (WGBs)

debugging 7-66

described 7-60

guidelines 7-61

illustrated 7-49, 7-52, 7-57, 7-60

sample configuration 7-63

viewing status

using the CLI 7-66

using the GUI 7-63 to 7-65

world mode 4-30, 4-32

WPA1+WPA2

configuring

using the CLI 6-28

using the GUI 6-27

described 6-25

WPA2 Policy parameter 6-27

WPA Policy parameter 6-27

wplus license. See licenses

wplus software set, included features 4-2

Index

Numerics

11n Mode parameter 4-34

1250 series access points

and PoE Status field 7-99

operating modes when using PoE 7-97

3DES IPSec data encryption 5-9

7920 AP CAC parameter 6-39

7920 Client CAC parameter 6-39

7920 support mode

configuring 6-38

described 6-38

7921 support mode 6-38

802.11a (or 802.11b) > Client Roaming page 4-62

802.11a (or 802.11b) > Video Parameters page 4-77

802.11a (or 802.11b) > Voice Parameters page 4-75

802.11a (or 802.11b/g) > EDCA Parameters page 4-88

802.11a (or 802.11b/g) Global Parameters > Auto RF page 11-9

802.11a (or 802.11b/g) Global Parameters page 4-29, 11-44

802.11a (or 802.11b/g) Network Status parameter 4-30, 4-38, 4-39

802.11a/n (4.9 GHz) > Configure page 8-59

802.11a/n (or 802.11b/g/n) Cisco APs > Configure page 11-29

802.11a/n (or 802.11b/g/n) Radios page 4-81, 11-28, 11-40

802.11a/n Cisco APs > Configure page 11-41

802.11a/n Radios page (from Monitor Menu) 7-13

802.11a/n Radios page (from Wireless Menu) 7-14

802.11a > Pico Cell page 11-49

802.11a > Pico Cell page with pico cell mode V2 parameters 11-49

802.11a > RRM > Coverage page 11-18

802.11a > RRM > DCA page 11-14

802.11a > RRM > Dynamic Channel Assignment (DCA) page 11-14

802.11a > RRM > General page 11-19

802.11a > RRM > Tx Power Control (TPC) page 11-11

802.11a Global Parameters page 11-40

802.11b/g/n Cisco APs > Configure page 7-86, D-49

802.11 bands

configuring using the CLI 4-31 to 4-33

configuring using the GUI 4-29 to 4-31

802.11g Support parameter 4-30

802.11h, described 4-38

802.11h Global Parameters page 4-38

802.11h parameters, configuring

using the CLI 4-39

using the GUI 4-38 to 4-39

802.11n

clients 7-102

configuring

using the CLI 4-35 to 4-38

using the GUI 4-33 to 4-35

devices 4-33

802.11n (2.4 GHz) High Throughput page 4-34

802.1Q VLAN trunk port 3-6

802.1X

configuring 6-24

described 6-25

dynamic key settings 6-24

802.1X+CCKM

configuring 6-27

described 6-26

802.1X authentication for access points

configuring

the switch 7-23

using the CLI 7-21 to 7-23

using the GUI 7-19 to 7-21

described 7-18

802.1x Authentication parameter 7-20

802.3 bridging

configuring using the CLI 4-54

configuring using the GUI 4-53 to 4-54

802.3 Bridging parameter 4-54

802.3 frames 4-53

802.3X flow control, enabling 4-52

A

AAA override

configuring

using the CLI 5-83

using the GUI 5-83

described 5-81

AC adapter warning for Japan B-7

Access Control List Name parameter 5-59

access control lists (ACLs)

applying to an interface

using the CLI 5-67

using the GUI 5-62

applying to a WLAN

using the CLI 5-67

using the GUI 5-63 to 5-64

applying to the controller CPU

using the CLI 5-67

using the GUI 5-63

configuring

using the CLI 5-65 to 5-66

using the GUI 5-58 to 5-61

configuring for the debug facility D-43 to D-44

counters

configuring using the CLI 5-65

configuring using the GUI 5-58

described 5-57

identity networking 5-79

rules 5-57, 5-59, 5-66

using with the debug facility D-42 to D-43

Access Control Lists > Edit page 5-61

Access Control Lists > New page 5-58

Access Control Lists > Rules > New page 5-59

Access Control Lists page 5-58

Access Mode parameter 4-44, 4-46

access point core dumps, uploading

using the CLI 7-45

using the GUI 7-44

access point count, approved tiers for 5500 series controllers 4-4

access point event logs, viewing D-15

access point groups

assigning access points to

using the CLI 6-59

using the GUI 6-57

creating

using the CLI 6-57 to 6-59

using the GUI 6-54 to 6-57

default group 6-54

described 6-52

illustrated 6-53

removing

using the CLI 6-58

using the GUI 6-55

viewing 6-59 to 6-60

access point monitor service, debugging D-52

access point radios, searching for 7-13 to 7-14

access points

20-MHz channelization 11-29

40-MHz channelization 11-29

assisted roaming 4-61

authorization list 7-33

authorizing

using LSCs 7-28 to 7-32

using MICs 7-27

using SSCs 7-27

using the CLI 7-33

using the GUI 7-32

configuring hybrid REAP using the CLI 13-14 to 13-15

converting to mesh access points 8-55

embedded 7-24

guidelines for operating in Japan B-6, B-7

LEDs

configuring 7-101

interpreting D-2

migrating from the -J regulatory domain to the -U regulatory domain 7-80 to 7-83

number supported per controller 3-5

priming 7-7

regulatory information B-2 to B-10

rules for operating in Taiwan B-8 to B-9

searching for 7-10 to 7-13

supported for use with hybrid REAP 13-2

supporting oversized images 7-48 to 7-49

troubleshooting

the join process 7-34 to 7-41

using Telnet or SSH D-50 to D-52

VCI strings 7-34

verifying that they join the controller 7-9

viewing join information

using the CLI 7-39 to 7-41

using the GUI 7-36 to 7-39

viewing multicast client table 4-60

Accounting Server parameters 6-65

accounting servers, disabling per WLAN 6-64

ACL. See access control lists (ACLs)

ACL Name parameter 5-62, 5-63

ACS server configuration page 6-62

Action parameter 5-61

active exploits 5-128

Add AAA Client page (on CiscoSecure ACS) 5-5, 5-21

Add AP button 13-18

Add New Rule button 5-59

Add Web Server button 10-21

AdHoc Rogue AP parameter 5-88

administrator access 4-41

administrator usernames and passwords, configuring 4-41

Admin Status parameter 3-24, 3-25

Admission Control (ACM) parameter 4-76, 4-77

AES CBS IPSec data encryption 5-9

AES-CCMP 6-25

AES parameter 6-27

Aggregated MAC Protocol Data Unit (A-MPDU) 4-36

Aggregated MAC Service Data Unit (A-MSDU) 4-36

aggregation method, specifying 4-36

aggressive load balancing 4-47

AirMagnet Enterprise Analyzer D-47

Aironet IE parameter 6-29, 6-50

Aironet IEs

configuring using the CLI 6-52

configuring using the GUI 6-50

Airopeek D-47

Alarm Trigger Threshold parameter 11-37

All APs > Access Point Name > Link Details > Neighbor Name page 8-53

All APs > Access Point Name > Mesh Neighbor Stats page 8-53

All APs > Access Point Name > Neighbor Info page 8-52

All APs > Access Point Name > Statistics page 8-47

All APs > Access Point Name > VLAN Mappings page 13-13

All APs > Details (Advanced) page

configuring CDP 4-94

All APs > Details for (Advanced) page 7-4, 7-44, D-51

configuring country codes 7-77

configuring link latency 7-94

configuring PoE 7-98

All APs > Details for (Credentials) page 7-16, 7-20, 7-53

All APs > Details for (General) page 7-47, 7-51, 13-12

All APs > Details for (High Availability) page 7-51, 7-69, 7-73

All APs > Details for (H-REAP) page 7-52, 13-12

All APs > Details for (Inventory) page 7-90

All APs > Details for page D-48, D-53

All APs > Details page 8-19, 8-35, 11-37

All APs page 7-10, 8-46, 11-36, 13-12

Allow AAA Override parameter 5-83

AnchorTime parameter 11-15

anonymous local authentication bind method 5-36, 5-39

Anonymous Provision parameter 5-46

Antenna Gain parameter 11-31

Antenna parameter 11-30

Antenna Type parameter 11-30

AP > Clients > Traffic Stream Metrics page 4-82

AP > Clients page 4-82

AP801 access point

described 7-24

using with a controller 7-24

AP Authentication Policy page 5-70, 11-37

AP Core Dump parameter 7-44

ap-count evaluation licenses, activating

using the CLI 4-19 to 4-20

using the GUI 4-17 to 4-19

ap-count license. See licenses

AP Ethernet MAC Addresses parameter 7-29

AP Failover Priority parameter 7-73

AP Group Name parameter 6-55

AP Groups > Edit (APs) page 6-57

AP Groups > Edit (General) page 6-56

AP Groups > Edit (WLANs) page 6-56, 6-71

AP Groups page 6-54, 6-70

AP Join Stats Detail page 7-39

AP Join Stats page 7-37

AP-manager interface

and dynamic interfaces 3-10

configuring

using the CLI 3-16 to 3-17

using the GUI 3-12 to 3-15

creating multiple interfaces

using the CLI 3-44

using the GUI 3-42 to 3-43

described 3-8

illustration

of four AP-manager interfaces 3-42

of three AP-manager interfaces 3-41

of two AP-manager interfaces 3-40

using multiple 3-39 to 3-44

AP Mode parameter 7-51, 11-37, 13-12, D-48

AP Name parameter 6-57

AP Policies page 7-32

AP Primary Discovery Timeout parameter 7-68

ASLEAP detection 5-128

Assignment Method parameter 11-29, 11-31

asymmetric tunneling

described 12-26

illustrated 12-26

authenticated local authentication bind method 5-36, 5-39

Authentication Protocol parameter 4-46

Auth Key Mgmt parameter 6-27

Authority ID Information parameter 5-46, 13-22, 13-23

Authority ID parameter 5-46, 13-22

Authorize LSC APs against auth-list parameter 7-32

Authorize MIC APs against auth-list or AAA parameter 7-32

authorizing access points

using the CLI 7-33

using the GUI 7-32

auto-anchor mobility

configuring

using the CLI 12-23 to 12-24

using the GUI 12-21 to 12-23

guidelines 12-21

overview 12-20 to 12-21

auto-immune feature 5-109

AutoInstall

described 2-26, 2-29

example operation 2-29

obtaining

DHCP addresses for interfaces 2-27

TFTP server information 2-27

overview 2-26

selecting configuration file 2-28

using 2-26

Average Data Rate parameter 4-67, 4-70

Average Real-Time Rate parameter 4-67, 4-71

Avoid Cisco AP Load parameter 11-15

Avoid Foreign AP Interference parameter 11-15, 12-18

Avoid Non-802.11a (802.11b) Noise parameter 11-15

B

Backhaul Client Access parameter 8-59

backup controllers

configuring

using the CLI 7-70 to 7-72

using the GUI 7-68 to 7-69

described 7-67

Back-up Primary Controller IP Address parameter 7-68

Back-up Primary Controller Name field 7-68

Back-up Secondary Controller IP Address parameter 7-69

Back-up Secondary Controller Name parameter 7-69

band selection 4-49

bandwidth-based CAC

described 4-73

enabling

using the CLI 4-83

using the GUI 4-76

for mesh networks 8-40

base license. See licenses

Base MAC Address parameter 3-30

Beacon Period parameter 4-30

beamforming

configuring

using the CLI 11-41 to 11-42

using the GUI 11-40 to 11-41

described 11-39

guidelines 11-39

Beamforming parameter 11-40, 11-41

Bind Password parameter 5-36

Bind Username parameter 5-36

Bridge Data Rate parameter 8-35

Bridge Group Name parameter 8-35

bridge protocol data units (BPDUs) 3-27

bridging parameters

configuring using the CLI 8-37 to 8-39

configuring using the GUI 8-35 to 8-37

browsers supported 2-16

Buffered Log Level parameter D-10

Burst Data Rate parameter 4-67, 4-71

Burst Real-Time Rate parameter 4-67, 4-71

C

CAC

configuring for 7920 phones 6-38

described 4-73

enabling

using the CLI 4-84

using the GUI 4-77

in mesh networks 8-39

viewing in mesh networks 8-42 to 8-44

viewing using the CLI 4-85

Canadian compliance statement B-3

CAPWAP

and mesh access points 8-8

cascading 11-6

CA Server URL parameter 7-28

Catalyst 3750G Integrated Wireless LAN Controller Switch

described 1-12

logical connectivity diagram and associated software commands E-4 to E-5

ports 3-3, 3-4, 3-5

CCA Sensitivity Threshold parameter 11-50

CCKM

configuring 6-27

described 6-25

hybrid-REAP groups 13-17

with mobility 12-7

CCX

configuring Aironet IEs

using the CLI 6-52

using the GUI 6-50

described 6-49

link test 7-90

viewing a client’s version

using the CLI 6-52

using the GUI 6-50 to 6-51

CCX Layer 2 client roaming

configuring

using the CLI 4-64

using the GUI 4-62 to 4-64

debugging using the CLI 4-64

described 4-61 to 4-62

obtaining information using the CLI 4-64

CCX radio management

configuring

using the CLI 11-45

using the GUI 11-44 to 11-45

debugging using the CLI 11-47

features 11-43

hybrid-REAP considerations 11-43

obtaining information using the CLI 11-46 to 11-47

CCXv5 clients

enabling location presence 4-110

troubleshooting D-26 to D-42

CCXv5 Req button D-33

CCX Version parameter 6-51

CDP > AP Neighbors > Detail page 4-97

CDP > AP Neighbors page 4-96

CDP > Global Configuration page 4-93

CDP > Interface Neighbors > Detail page 4-95

CDP > Interface Neighbors page 4-95

CDP > Traffic Metrics page 4-97

CDP Advertisement Version parameter 4-93

CDP AP Neighbors page 4-96

CDP Protocol Status parameter 4-93

CDP State parameter 4-94

Certificate Authority (CA) certificates

downloading

using the CLI 9-23 to 9-24

using the GUI 9-22

overview 9-22

using with local EAP 5-42, 5-47

Certificate File Name parameter 10-8

Certificate File Path parameter 10-8

Certificate Issuer parameter 5-45

Certificate Password parameter 9-20, 10-9

Certificate Type parameter 7-33

Change Filter link 7-10, 7-14, 7-37

Change Rules Priority parameter 5-93

Channel Announcement parameter 4-38

Channel Assignment Leader parameter 11-16

Channel Assignment Method parameter 11-14

channel bonding in the 5-GHz band 11-30

Channel parameter 11-28, D-49

Channel Quiet Mode parameter 4-38

channels

statically assigning using the CLI 11-32

statically assigning using the GUI 11-28 to 11-32

Channel Scan Duration parameter 11-20

Channel Width parameter 11-16, 11-29

Check Against CA Certificates parameter 5-45

Check Certificate Date Validity parameter 5-45

chokepoints for RFID tag tracking 4-101

CIDS Sensor Add page 5-107

CIDS Sensors List page 5-106

CIDS Shun List page 5-110

ciphers

configuring 6-27, 6-28

described 6-26

Cisco 2100 Series Wireless LAN Controllers

AutoInstall interfaces 2-27

described 1-8

FCC statement B-10

features not supported 1-8

network connections 1-16

ports 3-2, 3-4

Cisco 28/37/38xx Integrated Services Router

described 1-12

logical connectivity diagram and associated software commands E-3

ports 3-4, 3-5, 4-116

versions 1-12

Cisco 3200 Series Mobile Access Router (MAR)

described 8-58

operating with mesh access points

using the CLI to configure 8-60

using the GUI to configure 8-59

Cisco 3300 Series Mobility Services Engine (MSE), using with wIPS 5-123

Cisco 4400 Series Wireless LAN Controllers

AutoInstall interfaces 2-27

choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43

described 1-9

FCC statement B-10

models 3-4 to 3-5

network connections 1-16 to 1-17

ports 3-2, 3-4, 3-5

Cisco 5500 Series Wireless LAN Controllers

choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43

CPUs D-5

described 1-9

FCC statement B-10

features not supported 1-10

interface configuration example 3-45

licenses. See licenses

models 3-5

multiple AP-manager interfaces 3-44 to 3-45

network connections 1-17

ports 3-3, 3-5

using the USB console port 3-33 to 3-34

Cisco 7920 Wireless IP Phones 6-38

Cisco 7921 Wireless IP Phones 6-38

Cisco Adaptive Wireless Path Protocol (AWPP) 8-8

Cisco AV-pairs 6-60, 6-61, 6-62

Cisco Centralized Key Management (CCKM). See CCKM

Cisco Clean Access (CCA) 6-66

Cisco Client Extensions (CCX). See CCX

Cisco Discovery Protocol (CDP)

configuring

using the CLI 4-98 to 4-99

using the GUI 4-93 to 4-94

debugging using the CLI 4-100

described 4-90

enabling using the GUI 4-93 to 4-94

sample network 4-92

supported devices 4-90

viewing neighbors

using the CLI 4-99 to 4-100

using the GUI 4-94 to 4-98

viewing traffic information

using the CLI 4-99

using the GUI 4-97

Cisco Discovery Protocol parameter 4-94

Cisco high-power switches 7-99

Cisco License Manager (CLM)

and the controller license agent 4-26

using to register PAKs 4-6

Cisco Licensing website 4-21

Cisco Logo parameter 10-14

Cisco NAC Appliance 6-66

CiscoSecure Access Control Server (ACS) 5-4

Cisco Unified Wireless Network (UWN) Solution

described 1-2 to 1-4

illustrated 1-3

Cisco Wireless Control System (WCS) 1-2

Cisco WiSM

configuring the Supervisor 720 4-114 to ??

guidelines 4-114

logical connectivity diagram and associated software commands E-2 to E-3

maximum number supported by router chassis 1-11

ports 3-4, 3-5

SSC key-hash 7-26

CKIP

configuring

using the CLI 6-30

using the GUI 6-29 to 6-30

described 6-29

Clear Config button 7-58

Clear Filter link 6-8, 7-13, 7-14, 7-38

clearing the controller configuration 9-34

Clear Stats button 12-19

Clear Stats on All APs button 7-37

CLI

basic commands 2-26

enabling wireless connections 2-36

logging into 2-23 to 2-25

logging out 2-25

navigating 2-25

troubleshooting commands D-6 to D-8

using 2-23 to 2-26

Client Certificate Required parameter 5-45

client exclusion policies, configuring

using the CLI 5-76 to 5-77

using the GUI 5-75 to 5-76

Client Exclusion Policies page 5-76

ClientLink. See beamforming

client location, using WCS 1-7

client MFP 5-68

Client Protection parameter 5-72

client reporting

configuring using the CLI D-35 to D-39

configuring using the GUI D-32 to D-35

described D-26

Client Reporting page D-34

client roaming, configuring 4-60 to 4-65

clients

connecting to WLANs 13-15

viewing

using the CLI 7-105

using the GUI 7-102 to 7-105

viewing CCX version

using the CLI 6-52

using the GUI 6-50 to 6-51

Clients > AP > Traffic Stream Metrics page 4-80

Clients > AP page 4-80

Clients > Detail page

configuring client reporting D-33

viewing a client’s CCX version 6-51

viewing client details 7-65, 7-104

viewing the status of workgroup bridges 7-64

viewing voice and video settings 4-79

Clients page

performing a link test 7-92

viewing clients 7-102

viewing the status of workgroup bridges 7-64

viewing voice and video settings 4-78

Client Type parameter 7-64, 7-65

Commands > Reset to Factory Defaults page 4-116

comma-separated values (CSV) file, uploading 13-21

Community Name parameter 4-44

conditional web redirect 6-60

configuring

using the CLI 6-63

using the GUI 6-62 to 6-63

described 6-60

Conditional Web Redirect parameter 6-63

Configuration File Encryption parameter 9-30

configuration files

downloading

using the CLI 9-31 to 9-32

using the GUI 9-29 to 9-30

editing 9-33 to 9-34

uploading

using the CLI 9-28 to 9-29

using the GUI 9-27 to 9-28, ?? to 9-29, ?? to 9-30, ?? to 9-32

configuration wizard

CLI version 2-13 to 2-16

described 2-2

GUI version 2-3 to 2-13

Configuration Wizard - 802.11 Configuration page 2-11

Configuration Wizard Completed page 2-13

Configuration Wizard - Management Interface Configuration page 2-6

Configuration Wizard - Miscellaneous Configuration page 2-7

Configuration Wizard - Service Interface Configuration page 2-5

Configuration Wizard - Set Time page 2-12

Configuration Wizard - SNMP Summary page 2-4, 2-6

Configuration Wizard - System Information page 2-3

Configuration Wizard - Virtual Interface Configuration page 2-8

Configure option for RRM override 11-28

Confirm Password parameter 13-10

Console Log Level parameter D-10

console port

connecting 2-2 to 2-3

Control and Provisioning of Wireless Access Points protocol (CAPWAP) 1-6

debugging 7-6

described 7-2

guidelines 7-2

viewing MTU information 7-5

controller failure detection time, reducing 7-67

controller network module

baud rate 3-4

versions 3-5

controllers

configuration

clearing 9-34

erasing 9-34

saving 9-32

connections 1-13

discovery process 7-6

guidelines for operating in Japan B-6 to B-7

multiple-controller deployment 1-4

overview 1-7

resetting factory default settings

using the GUI 4-116

single-controller deployment 1-3 to 1-4

synchronizing with location appliance 4-106

types of memory 1-14

upgrading software

using the CLI 9-9 to 9-11

using the GUI 9-6 to 9-8

Controller Spanning Tree Configuration page 3-30

Controller Time Source Valid parameter 5-72

Control Path parameter 12-23

core dump files

described D-18

uploading automatically to an FTP server

using the CLI D-20

using the GUI D-19

uploading from a 5500 series controller to a TFTP or FTP server D-20 to D-21

Core Dump page D-19

Country Code parameter 7-77

country codes

configuring

using the CLI 7-78 to 7-80

using the GUI 7-76 to 7-77

described 7-75

Japanese 7-81

viewing using the CLI 7-79

Country page 7-76

Coverage Exception Level per AP parameter 11-18

coverage hole detection

configuring per controller

using the CLI 11-23

using the GUI 11-17 to 11-19

disabling on a WLAN

described 6-65

using the CLI 6-66

using the GUI 6-65 to 6-66

coverage hole detection and correction 11-4

Coverage Hole Detection Enabled parameter 6-65

CPU Access Control Lists page 5-63

CPU ACL Mode parameter 5-63

CPUs, 5500 series controllers D-5

crash files

uploading

using the CLI D-17 to D-18

using the GUI D-16 to D-17

Current Channel parameter 11-31

Custom Signatures page 5-115

D

data encryption

and OfficeExtend access points 7-55

configuring

using the CLI 7-4 to 7-5

using the GUI 7-3 to 7-4

described 7-3

for OfficeExtend access points 7-52

Data Encryption parameter 7-4, 7-52

Data Path parameter 12-23

Data Rates parameter 4-31

date

configuring manually 2-30

configuring through NTP server 2-30

setting

using the CLI 2-32

using the GUI 2-30

DCA Channel Sensitivity parameter 11-15

DCA Channels parameter 11-16

debug commands, sending 7-41

debug facility

configuring D-43 to D-46

described D-42 to D-43

output D-44 to D-45

default enable password 7-15

default-group access point group 6-54

Default Mobility Group parameter 12-11

Default Routers parameter 6-13

Delivery Traffic Indication Map (DTIM). See DTIM period

Deny Counters parameter 5-61

Description parameter 5-34, 8-14, 13-10

Designated Root parameter 3-30

DES IPSec data encryption 5-9

Destination parameter 5-59

Destination Port parameter 5-60

Detect and Report Ad-Hoc Networks parameter 5-88

device certificates

downloading

using the CLI 9-21

using the GUI 9-19 to 9-21

overview 9-19

using with local EAP 5-42, 5-47

DHCP

configuring using the CLI 6-11

configuring using the GUI 6-10

debugging 6-12

DHCP Addr. Assignment Required parameter 6-11

DHCP Allocated Lease page 6-14

DHCP option 43, in controller discovery process 7-7

DHCP option 82

configuring

using the CLI 5-56 to 5-57

using the GUI 5-56

described 5-55

example 5-55

DHCP Option 82 Remote ID Field Format parameter 5-56

DHCP Parameters page 4-40, 5-56

DHCP proxy

configuring

using the CLI 4-41

using the GUI 4-40

described 4-40

DHCP Scope > Edit page 6-13

DHCP scopes

configuring

using the CLI 6-14 to 6-16

using the GUI 6-12 to 6-14

described 6-12

DHCP Scopes page 6-12

DHCP server discovery 7-7

DHCP Server IP Addr parameter 6-11

DHCP Server Override parameter 6-11

DHCP servers

external 6-9 to 6-10

internal 6-9

diagnostic channel

configuring

using the CLI D-28 to D-32

using the GUI D-27

described D-26

Diagnostic Channel parameter D-27

directed roam request 4-62

Direction parameter 5-60

disabled clients, configuring a timeout 6-17

discovery request timer, configuring 7-71

distribution system ports 3-4 to 3-6

Diversity parameter 11-31

DNS Domain Name parameter 6-13

DNS IP Address parameter 7-47

DNS Servers parameter 6-14

Domain Name parameter 7-47

domain name server (DNS) discovery 7-8

Download button

downloading a CA certificate 9-23

downloading a configuration file 9-30

downloading a customized web authentication login page 10-23

downloading a device certificate 9-20

downloading a signature file 5-115

Download File to Controller page 9-17

downloading a customized web authentication login page 10-22

downloading CA certificates 9-22

downloading configuration files 9-29

downloading device certificates 9-20

downloading IDS signatures 5-114

downloading login banner file 9-16

Download SSL Certificate parameter 10-8

DSCP parameter 5-60

DTIM period, configuring for MAC filtering 6-18

DTLS data encryption. See data encryption

DTPC Support parameter 4-30

dynamic AP management

for dynamic interface 3-21

for the management interface 3-15

Dynamic AP Management parameter 3-10

for dynamic interface 3-20

for management interface 3-13

dynamic AP-manager interface 3-10

dynamic channel assignment (DCA)

20-MHz channelization 11-4, 11-16

40-MHz channelization 11-4, 11-16

configuring

using the CLI 11-22 to 11-23

using the GUI 11-13 to 11-17

described 11-3

sensitivity thresholds 11-15

dynamic frequency selection 7-84 to 7-85

dynamic interface

configuring

using the CLI 3-21 to 3-22

using the GUI 3-18 to 3-20

described 3-9

dynamic interface example 3-45

dynamic transmit power control, configuring 4-30

dynamic WEP, configuring 6-24

Dynamic WEP Key Index parameter 5-43

E

EAP-FAST Method Parameters page 5-46

EAP-FAST parameter 5-44

EAPOL-Key Max Retries parameter 5-43

EAPOL-Key Timeout parameter 5-43

EAP Profile Name parameter 5-47

EAP-TLS parameter 5-44

EDCA Profile parameter 4-88

Edit QoS Profile page 4-66

Edit QoS Role Data Rates page 4-70

Egress Interface parameter 10-32

Email Input parameter 10-33

Enable AP Local Authentication parameter 13-20

Enable Authentication for Listener parameter 4-27

Enable Check for All Standard and Custom Signatures parameter 5-116

Enable Controller Management to be accessible from Wireless Clients parameter 2-37, 5-54

Enable Counters parameter 5-58

Enable Coverage Hole Detection parameter 11-18

Enable CPU ACL parameter 5-63

Enable Default Authentication parameter 4-27

Enable DHCP Proxy parameter 4-40

Enable Dynamic AP Management parameter 3-43

Enable EAP-FAST Authentication parameter 13-22

Enable IGMP Snooping parameter 4-57

Enable LEAP Authentication parameter 13-22

Enable Least Latency Controller Join parameter 7-53

Enable Link Latency parameter 7-53, 7-94, 7-95

Enable Listener parameter 4-27

Enable Low Latency MAC parameter 4-89

Enable LSC on Controller parameter 7-28

Enable NAT Address parameter 3-13

Enable Notification parameter 4-27

Enable OfficeExtend AP parameter 7-52

Enable Password parameter 7-16

Enable Server Status parameter 5-36

Enable Tracking Optimization parameter 7-86

Encryption Key parameter 6-30

end user license agreement C-2 to C-4

end-user license agreement (EULA) 4-8, 4-9

enhanced distributed channel access (EDCA) parameters

configuring using the CLI 4-89 to 4-90

configuring using the GUI 4-88 to 4-89

enhanced neighbor list

described 4-61, 8-31

request (E2E) 4-62

Enter Saved Permission Ticket File Name parameter 4-23

EoIP port 12-23, 12-28

epings 12-23, 12-29

erasing the controller configuration 9-34

error codes, for failed VoIP calls 6-45 to 6-46

Ethernet connection, using remotely 2-24 to 2-25

Ethernet Multicast Mode parameter 4-57

European declaration of conformity B-4 to B-5

evaluation licenses

installed on 5500 series controllers 4-3

event reporting for MFP 5-69

Excessive 802.11 Association Failures parameter 5-76

Excessive 802.11 Authentication Failures parameter 5-76

Excessive 802.1X Authentication Failures parameter 5-76

Excessive Web Authentication Failures parameter 5-76

Expedited Bandwidth parameter 4-76

expedited bandwidth requests

described 4-74

enabling

using the CLI 4-84

using the GUI 4-76

Expiration Timeout for Rogue AP and Rogue Client Entries parameter 5-88

Extensible Authentication Protocol (EAP)

configuring 6-24

setting local timers 5-48

timeout and failure counters

per access point 5-51

per client 5-51

extension channel 11-31

F

factory default settings

resetting using the GUI 4-116

failover priority for access points

configuring

using the CLI 7-74

using the GUI 7-72 to 7-74

described 7-72

viewing using the CLI 7-74

failover protection 1-15

fake access point detection 5-128

Fallback Mode parameter 5-10

Fast Ethernet port 3-5

fast heartbeat timer

configuring

using the CLI 7-70

using the GUI 7-68

described 7-67

fast SSID changing

configuring using the CLI 4-52

configuring using the GUI 4-52

FCC declaration of conformity B-2 to B-3

FCC statement

2100 series controllers B-10

4400 series controllers B-10

5500 series controllers B-10

Federal Information Processing Standards (FIPS) 5-12

File Compression parameter 7-44

File Name to Save Credentials parameter 4-21

file transfers 1-14

File Type parameter

downloading a CA certificate 9-23

downloading a configuration file 9-30

downloading a customized web authentication login page 10-23

downloading a device certificate 9-20

Login Banner 9-17

upgrading controller software 9-8

uploading a configuration file 9-28

uploading packet capture files D-23

uploading PACs 9-25

filter, using to view clients 7-103

Fingerprint parameter 5-108

flashing LEDs, configuring 7-101

Forward Delay parameter 3-31, 3-32

forwarding plane architecture 4-53

Fragmentation Threshold parameter 4-30

fragmented pings 3-7

Friendly Rogue > Create page 5-93

FTP server guidelines 9-2

G

General (controller) page

configuring 802.3 bridging 4-54

configuring an RF group 11-7

enabling link aggregation 3-38

General (security) page 5-31

General page 5-43

Generate Password parameter 10-5

Generate Rehost Ticket button 4-23

gigabit Ethernet port 3-5

Global AP Failover Priority parameter 7-73

Global Configuration page

configuring authentication for access points 7-20

configuring backup controllers 7-68

configuring failover priority for access points 7-72

configuring global credentials for access points 7-16

global credentials for access points

configuring

using the CLI 7-17 to 7-18

using the GUI 7-15 to 7-17

described 7-15

overriding

using the CLI 7-17

using the GUI 7-16

Group Mode parameter 11-9, 12-17

Group Name parameter 12-12, 13-18

Group Setup page (on CiscoSecure ACS) 5-23

Guest LAN parameter 10-31

guest N+1 redundancy 12-20

guest tunneling 12-10

guest user accounts

creating 10-2 to 10-7

creating as a lobby ambassador 10-4 to 10-6

viewing

using the CLI 10-7

using the GUI 10-6

Guest User parameter 5-33, 13-10

Guest User Role parameter 5-33, 13-10

guest WLAN, creating 10-5

GUI

browsers supported 2-16

enabling wireless connections 2-36

guidelines 2-16

logging into 2-17

logging out of 2-17

using 2-16

H

Headline parameter 10-14

Hello Time parameter 3-31

help, obtaining 2-17

hex2pcap sample output D-45

high-density network

benefits 11-48

example 11-48

overview 11-47

Holdtime parameter 3-31, 4-93

Honeypot access point detection 5-128

HREAP Group Name parameter 13-13

HREAP Groups > Edit (Local Authentication > Local Users) page 13-21

HREAP Groups > Edit (Local Authentication > Protocols) page 13-22

HREAP Groups > Edit page 13-18, 13-19

HREAP Groups page 13-18

H-REAP Local Switching parameter 13-8

H-REAP Mode AP Fast Heartbeat Timeout parameter 7-68

H-REAP Mode AP Fast Heartbeat Timer State parameter 7-68

H-REAP parameter 7-51

HTTP Access parameter 2-18

HTTP Configuration page 2-18

HTTPS Access parameter 2-18

hybrid REAP

access points supported 13-2

authentication process 13-2 to 13-4

bandwidth restriction 13-2

configuring

access points using the CLI 13-14 to 13-15

access points using the GUI 13-11 to 13-14

controller using the GUI 13-6 to 13-10

guidelines 13-4

illustrated 13-2

number of access points supported 13-2

overview 13-2

hybrid-REAP

debugging 13-11, 13-15

hybrid-REAP groups

backup RADIUS server 13-16

CCKM 13-17

configuring

using the CLI 13-23

using the GUI 13-17 to 13-22

described 13-16

example 13-16

local authentication 13-17

Hysteresis parameter 4-63

I

identity networking

configuring 5-77 to 5-81

overview 5-77 to 5-78

RADIUS attributes 5-78 to 5-81

Identity Request Max Retries parameter 5-43

Identity Request Timeout parameter 5-43

IDS 5-106

IDS sensors

configuring

using the CLI 5-108 to 5-110

using the GUI 5-106 to 5-108

described 5-106

IDS signature events

viewing using the CLI 5-121 to 5-122

viewing using the GUI 5-118 to 5-119

IDS signatures

configuring

using the CLI 5-119 to 5-121

using the GUI 5-113 to 5-118

described 5-111

frequency 5-117

MAC frequency 5-117, 5-120

measurement interval 5-117

pattern 5-117

quiet time 5-117, 5-120

tracking method 5-117

uploading or downloading using the GUI 5-113 to 5-115

viewing

using the CLI 5-121 to 5-122

using the GUI 5-118 to 5-119

IGMP Timeout parameter 4-57

IKE Diffie Hellman Group parameter 5-10

IKE Phase 1 parameter 5-10

Index parameter for IDS 5-107

indoor access points

converting to mesh access points 8-55

infrastructure MFP

components 5-69

described 5-68

Infrastructure MFP Protection parameter 5-71

Infrastructure Protection parameter 5-72

Infrastructure Validation parameter 5-72

Ingress Interface parameter 10-32

Injector Switch MAC Address parameter 7-99

inline power 7-97

Install License button 4-8

intelligent power management (IPM) 7-99

inter-controller roaming

described 4-61

example 12-3

Interface Name parameter 6-56, 6-68, 6-71, 8-14

Interface parameter 6-11

interfaces

and identity networking 5-79

assigning WLANs 6-17

configuring

using the CLI 3-15 to 3-18

using the GUI 3-12 to 3-15

overview 3-6 to 3-10

Interfaces > Edit page

applying an ACL to an interface 5-62

configuring dynamic interfaces 3-19

configuring NAC out-of-band integration 6-69

creating multiple AP-manager interfaces 3-43

Interfaces > New page 3-19, 3-42

Interfaces page 3-12

interference 11-3

Interference threshold parameter 11-19

Internet Group Management Protocol (IGMP)

configuring

using the CLI 4-59

using the GUI 4-57

snooping 4-55

inter-subnet mobility 12-7

inter-subnet roaming

described 4-61

illustrated 12-3 to 12-4

Interval parameter 11-15, 11-44

intra-controller roaming

described 4-60

illustrated 12-2

Inventory page 7-89

Invoke Channel Update Now button 11-14

Invoke Power Update Now button 11-12

IP address-to-MAC address binding

configuring 4-65

described 4-65

IP Mask parameter 4-44

IPSec parameter 5-9

IP Theft or IP Reuse parameter 5-76

IPv6 bridging

configuring

using the CLI 6-49

using the GUI 6-48 to 6-49

described 6-47

guidelines 6-47

IPv6 bridging and IPv4 web authentication example 6-48

IPv6 Enable parameter 6-49

J

Japanese country codes 7-81

Japanese regulations for migrating access points from the -J to the -U regulatory domain 7-80 to 7-83

K

Keep Alive Count parameter 12-22

Keep Alive Interval parameter 12-22

Key Encryption Key (KEK) parameter 5-8

Key Format parameter 6-30

Key Index parameter 6-30

key permutation

configuring 6-30, 6-31

described 6-29

Key Permutation parameter 6-30

Key Size parameter 6-30

Key Wrap Format parameter 5-8

Key Wrap parameter 5-8

L

LAG. See link aggregation (LAG)

LAG Mode on Next Reboot parameter 3-38

Last Auto Channel Assignment parameter 11-16

Last Power Level Assignment parameter 11-12

Layer 1 security 5-2

Layer 2

operation 1-6

security

configuring 6-23 to 6-31

described 5-2

Layer 2 Security parameter 6-27, 6-30, 6-62

Layer 3

operation 1-6

security

configuring 6-32 to 6-34

described 5-3

Layer 3 Security parameter

for VPN passthrough 6-33

for web authentication 6-34

for web redirect 6-63

for wired guest access 10-32

LDAP

choosing server priority order 5-37

configuring

using the CLI 5-38 to 5-40

using the GUI 5-35 to 5-38

local EAP methods supported 5-35, 5-41

LDAP server

assigning to WLANs 5-37 to 5-38

choosing local authentication bind method

using the CLI 5-39

using the GUI 5-36

LDAP Servers > New page 5-35

LDAP Servers page 5-35

LDAP Servers parameter 5-47

LEAP parameter 5-44

Learn Client IP Address parameter 13-9

Lease Time parameter 6-13

LEDs

configuring 7-101

interpreting D-2

license agent

configuring

using the CLI 4-28 to 4-29

using the GUI 4-26 to 4-28

described 4-26

License Agent Configuration page 4-27

license agreement C-2 to C-4

License Commands (Rehost) page 4-21

License Commands page 4-7

License Detail page 4-10, 4-18

license level, changing

using the CLI 4-16

using the GUI 4-15

License Level page 4-14

licenses

activating ap-count evaluation licenses

using the CLI 4-19 to 4-20

using the GUI 4-17 to 4-19

choosing feature set

using the CLI 4-16

using the GUI 4-14 to 4-15

installing

using the CLI 4-8 to 4-9

using the GUI 4-7 to 4-8

messages in controller trap log 4-3

obtaining 4-4 to 4-6

rehosting

described 4-20

using the CLI 4-24 to 4-25

using the GUI 4-21 to 4-23

removing

using the CLI 4-8

using the GUI 4-10

required for OfficeExtend access points 7-50

saving

using the CLI 4-9

using the GUI 4-8

SKUs 4-4

transferring to a replacement controller after an RMA 4-25 to 4-26

types 4-2

viewing

using the CLI 4-11 to 4-13

using the GUI 4-9 to 4-10

Licenses page 4-9, 4-15, 4-17

licensing portal, using to register PAKs 4-6

Lifetime parameter 5-33, 10-5, 13-10

Lightweight Access Point Protocol (LWAPP) 1-6, 7-2

lightweight mode, reverting to autonomous mode 7-26

limited warranty C-4 to C-6

link aggregation (LAG)

configuring neighboring devices 3-39

described 3-35 to 3-36

enabling

using the CLI 3-39

using the GUI 3-38

example 3-35

guidelines 3-37

illustrated 3-36

verifying settings using the CLI 3-39

link latency

and OfficeExtend access points 7-53, 7-55

configuring

using the CLI 7-95 to 7-96

using the GUI 7-94 to 7-95

described 7-93

Link Status parameter 3-24

Link Test

button 7-92

option 7-92, 8-52

page 7-92

link test

described 7-90

performing

using the CLI 7-93

using the GUI 7-91 to 7-92, 8-52 to 8-53

types of packets 7-90

Link Trap parameter 3-24, 3-25

Listener Message Processing URL parameter 4-27

load balancing 4-47

Load-based AC parameter 4-76

load-based CAC

described 4-73 to 4-74

enabling

using the CLI 4-83

using the GUI 4-76

lobby ambassador account

creating using the CLI 10-3

creating using the GUI 10-2 to 10-3

Lobby Ambassador Guest Management > Guest Users List > New page 10-4

Lobby Ambassador Guest Management > Guest Users List page 10-4, 10-6

Local Auth Active Timeout parameter 5-43

local EAP

configuring

using the CLI 5-47 to 5-52

using the GUI 5-42 to 5-47

debugging 5-52

described 5-40 to 5-42

example 5-41

viewing information using the CLI 5-50

Local EAP Authentication parameter 5-47

Local EAP Profiles > Edit page 5-44

Local EAP Profiles page 5-44

Local Management Users > New page 10-3

Local Management Users page 10-2

Local Mode AP Fast Heartbeat Timeout parameter 7-68

Local Mode AP Fast Heartbeat Timer parameter 7-68

Local Net Users > New page 5-33, 13-9

Local Net Users page 5-32, 10-6

local network users

configuring using the CLI 5-34

configuring using the GUI 5-32 to 5-34

local significant certificate (LSC)

configuring

using the CLI 7-30 to 7-32

using the GUI 7-28 to 7-30

described 7-28

Local Significant Certificates (LSC) - AP Provisioning page 7-29

Local Significant Certificates (LSC) - General page 7-28

local user database, capacity 10-2

location

calibration 11-44

configuring settings using the CLI 4-106 to 4-108

viewing settings using the CLI 4-108 to 4-110

location appliance

installing certificate 4-105 to 4-106

synchronizing with controller 4-106

location-based services 11-43

location presence 4-110

logical connectivity diagram

Catalyst 3750G Integrated Wireless LAN Controller Switch E-4

Cisco 28/37/38xx Integrated Services Router E-3

Cisco WiSM E-2

login banner file

clearing 9-19

described 9-15

downloading

using the CLI 9-17 to 9-18

using the GUI 9-16 to 9-17

Login Banner page 9-19

logs

roaming D-26, D-39 to D-40

RSNA D-26, D-39 to D-41

syslog D-27, D-39 to D-41

uploading

using the CLI D-17 to D-18

using the GUI D-16 to D-17

long preambles

described 5-52

enabling on SpectraLink NetLink phones

using the CLI 5-53

using the GUI 5-52

LWAPP-enabled access points

debug commands 7-41

disabling the reset button 7-46

MAC addresses displayed on controller GUI 7-45

radio core dumps

described 7-41

receiving debug commands from controller 7-41

retrieving radio core dumps 7-42

reverting to autonomous mode 7-26 to 7-27

sending crash information to controller 7-41

uploading

access point core dumps 7-44 to 7-45

radio core dumps 7-42 to 7-43

M

MAC address of access point

adding to controller filter list

using the GUI 8-39

displayed on controller GUI 7-45

MAC Address parameter 8-14

MAC filtering

configuring on WLANs 6-16 to 6-17

DTIM period 6-18

MAC filtering, for mesh access points 8-13 to 8-14

MAC Filtering page 8-13

MAC Filters > New page 8-13

management frame protection (MFP)

configuring

using the CLI 5-72 to 5-73

using the GUI 5-70 to 5-71

debugging 5-75

described 5-68 to 5-69

guidelines 5-69

types 5-68

viewing settings 5-73 to 5-75

Management Frame Protection parameter 5-72

Management Frame Protection Settings page 5-72

management frame validation 5-69

management interface

configuring

using the CLI 3-15

using the GUI 3-12 to 3-15

described 3-7

Management IP Address parameter 7-51

management over wireless

described 5-54

enabling

using the CLI 5-54

using the GUI 5-54

Master Controller Configuration page 7-9

Master Controller Mode parameter 7-9

Max Age parameter 3-30

Max HTTP Message Size parameter 4-27

Maximum Age parameter 3-31

maximum local database entries

configuring using the CLI 5-31

configuring using the GUI 5-31

Maximum Local Database Entries parameter 5-31

Maximum Number of Sessions parameter 4-27

Maximum RF Usage Per AP parameter 4-67

Max-Login Ignore Identity Response parameter 5-43

Max RF Bandwidth parameter 4-76, 4-77

MCS data rates 4-34

Member MAC Address parameter 12-12

memory

types 1-14

memory leaks, monitoring D-24 to D-25

mesh

network example 8-42

parameters

configuring using the CLI 8-27, 8-30

configuring using the GUI 8-23 to 8-27

statistics

viewing for an access point using the CLI 8-42 to 8-45, 8-50 to 8-51

viewing for an access point using the GUI 8-46 to 8-50

Mesh > LinkTest Results page 8-52

mesh access points

adding MAC address to controller filter list

using the CLI 8-14

using the GUI 8-13 to 8-14

adding to mesh networks 8-12

and CAPWAP 8-8

converting to non-mesh access points 8-57

deployment modes 8-5

license requirements 8-2

models 8-2

network access 8-5

operating with Cisco 3200 Series Mobile Access Routers

configuration guidelines 8-58

described 8-58

using the CLI to configure 8-60

using the GUI to configure 8-59

roles 8-3

selecting 8-35

supported by controller model 8-11

mesh backhaul data rates 8-10

mesh backhaul deployment example 8-6

mesh constraints 8-9

mesh deployment example 8-6

mesh minimum required LinkSNR 8-10

mesh neighbors, parents, and children 8-8

mesh node security statistics 8-49 to 8-50

mesh node statistics 8-48

mesh point-to-multipoint wireless bridging example 8-7

mesh point-to-point wireless bridging example 8-6

mesh routing 8-8

Message Authentication Code Key (MACK) parameter 5-8, 5-12

message logs

configuring

using the CLI D-11 to D-14

using the GUI D-8

viewing

using the CLI D-14

using the GUI D-10 to D-11

See also system logging

Message Logs page D-11

Message parameter for web authentication 10-15

Metrics Collection parameter 4-76

MFP Client Protection parameter 5-71

MFP Frame Validation parameter 5-71

MIC 6-25, 6-29

migrating access points from the -J to the -U regulatory domain 7-80 to 7-83

Min Failed Client Count per AP parameter 11-18

Minimum RSSI parameter 4-63

mirror mode. See port mirroring, configuring

MMH MIC

configuring 6-30, 6-31

described 6-29

MMH Mode parameter 6-30

Mobile Announce messages 12-7

mobility

failover 12-20

overview 12-2

Mobility Anchor Config page 12-22, 12-27

Mobility Anchor Create button 12-23

mobility anchors. See auto-anchor mobility

Mobility Anchors option 12-22

Mobility Anchors page 12-22

Mobility Group Member > New page 12-11

Mobility Group Members > Edit All page 12-13

mobility groups

configuring

using the CLI 12-14

using the GUI 12-11 to 12-13

with one NAT device 12-8

with two NAT devices 12-9

determining when to include controllers 12-7

difference from RF groups 11-5

examples 12-7

illustrated 12-5

messaging among 12-7

number of access points supported 12-5, 12-6

number of controllers supported 12-5

prerequisites 12-9 to 12-10

using with NAT devices 12-8 to 12-9

mobility group statistics

types 12-16

viewing

using the CLI 12-19

using the GUI 12-16 to 12-19

mobility list

described 12-6

detecting failed members 12-20

number of controllers supported 12-7

ping requests to members 12-20

Mobility Multicast Messaging > Edit page 12-14

Mobility Multicast Messaging page 12-13

mobility ping tests, running 12-28

Mobility Statistics page 12-17

MODE access point button 7-26, 7-46

Mode parameter 4-63, 11-44

monitor intervals, configuring using the GUI 11-20

mpings 12-23, 12-28

Multicast Appliance Mode parameter 3-25

multicast client table, viewing 4-60

multicast groups

viewing using the CLI 4-59

viewing using the GUI 4-58

Multicast Groups page 4-58

multicast mode

configuring

using the CLI 4-58

using the GUI 4-57 to 4-58

described 4-55 to 4-56

guidelines 4-56 to 4-57, 7-61

Multicast page 4-57

multiple AP-manager interfaces

5500 series controller example 3-44 to 3-45

multiple country codes

configuration guidelines 7-75

configuring

using the CLI 7-78

using the GUI 7-76 to 7-77

N

NAC in-band mode 6-66

NAC out-of-band integration

and hybrid REAP 13-5

configuring

using the CLI 6-71 to 6-72

using the GUI 6-68 to 6-71

described 6-66 to 6-67

diagram 6-67

guidelines 6-67 to 6-68

NAC out-of-band support

configuring for a specific access point group

using the CLI 6-72

using the GUI 6-70

NAC State parameter 6-56, 6-70, 6-71

NAT address

for dynamic interface 3-20, 3-21

for management interface 3-13, 3-16

NAT devices in mobility groups 12-8 to 12-9

Native VLAN ID parameter 13-13

neighbor information

viewing for an access point using the CLI 8-54

viewing for an access point using the GUI 8-51 to 8-54

Neighbor Information option 8-51

Neighbor Packet Frequency parameter 11-20

neighbor statistics

viewing for an access point using the CLI 8-54

viewing for an access point using the GUI 8-51 to 8-54

Netbios Name Servers parameter 6-14

Netmask parameter 6-13

network analyzer supported software

AirMagnet D-47

Airopeek D-47

Omnipeek D-47

Wireshark D-47

Network Mobility Services Protocol (NMSP) 4-101

debugging 4-113 to 4-114

modifying the notification interval for clients, RFID tags, and rogues 4-110 to 4-111

viewing settings 4-111 to 4-113

Network parameter 6-13

NTP server

configuring to obtain time and date 2-30

Number of Attempts to LSC parameter 7-29

Number of Hits parameter 5-61

O

OfficeExtend Access Point Configuration page 7-57

OfficeExtend Access Point Home page 7-56

OfficeExtend Access Points

LEDs D-53

positioning D-53

troubleshooting D-53 to D-54

OfficeExtend access points

and NAT 7-50

configuring

a personal SSID 7-56 to 7-58

using the CLI 7-54 to 7-56

using the GUI 7-51 to 7-53

described 7-49

firewall requirements 7-50

implementing security for 7-50

licensing requirements 7-50

supported access point models 7-50

trap logs 7-50

typical setup 7-49

viewing statistics 7-58 to 7-60

OfficeExtend AP parameter 7-53

online help, using 2-17

open source terms C-8

OpenSSL license issues C-7 to C-8

operating system

security 1-5

software 1-4

Order Used for Authentication parameter 5-11, 5-26

Override Global Config parameter 10-26, 10-33

Over-ride Global Credentials parameter 7-17, 7-21, 7-53

Override Interface ACL parameter 5-64

oversized access point images 7-49

over-the-air provisioning (OTAP) 7-7

P

P2P Blocking parameter 6-22

packet capture files

described D-21

sample output in Wireshark D-22

uploading

using the CLI D-23 to D-24

using the GUI D-23

Params parameter 7-29

password

restoring 4-42

password guidelines 7-20

Password parameter

for access point authentication 7-20

for access points 7-16

for local net users 5-33, 13-10

for PACs 9-25

passwords

viewing in clear text D-7

path loss measurement (S60), CLI command 4-106

PEAP parameter 5-44

peer-to-peer blocking

configuring

using the CLI 6-23

using the GUI 6-21 to 6-23

described 6-20

examples 6-21

guidelines 6-21, 6-67

permanent licenses, installed on 5500 series controllers 4-3

Personal SSID parameter 7-57

Physical Mode parameter 3-24, 3-25

Physical Status parameter 3-24

pico cell mode

configuring

using the CLI 11-50 to 11-51

using the GUI 11-49 to 11-50

debugging using the CLI 11-51

guidelines 11-48

overview 11-47 to 11-48

versions 11-49

Pico Cell Mode parameter 11-49

ping link test 7-90

ping tests 12-28

pinning 11-6

PMK cache lifetime timer 6-28

PMKID caching 6-28

PoE Status parameter 7-99

Pool End Address parameter 6-13

Pool Start Address parameter 6-13

Port > Configure page 3-23

port mirroring, configuring 3-26 to 3-27

Port Number parameter

for controller 3-24

for LDAP server 5-36

for RADIUS server 5-8

for TACACS+ server 5-25

for wired guest access 10-31

Port parameter for IDS 5-107

ports

configuring 3-22 to 3-33

on 2100 series controllers 3-2, 3-4

on 4400 series controllers 3-2, 3-4

on 5500 series controllers 3-3, 3-5

on Catalyst 3750G Integrated Wireless LAN Controller Switch 3-3, 3-4, 3-5

on Cisco 28/37/38xx Series Integrated Services Router 3-4 to 3-5, 4-116, 7-35

on Cisco WiSM 3-4, 3-5

overview 3-2 to 3-6

Ports page 3-22

Power Assignment Leader parameter 11-12

power cable warning for Japan B-7

Power Injector Selection parameter 7-99

Power Injector State parameter 7-99

Power Neighbor Count parameter 11-12

Power over Ethernet (PoE)

configuring

using the CLI 7-100

using the GUI 7-98 to 7-100

described 1-14, 7-97

Power Over Ethernet (PoE) parameter 3-24

Power Threshold parameter 11-12

preauthentication access control list (ACL)

applying to a WLAN

using the CLI 5-67

using the GUI 5-64 to 5-65

for external web server 10-20, 13-9

Preauthentication ACL parameter 5-65, 6-63

Pre-Standard State parameter 7-99

Primary Controller Name parameter 7-51

Primary Controller parameters 7-51, 7-69

Primary RADIUS Server parameter 13-18

priming access points 7-7

Priority Order > Local-Auth page 5-37, 5-42

Priority Order > Management User page 5-11, 5-26

Priority parameter 3-31

Privacy Protocol parameter 4-46

probe request forwarding, configuring 7-88

probe requests, described 7-88

product authorization key (PAK)

obtaining for license upgrade 4-4

registering 4-6

product ID for controller, finding 4-24

product ID of controller, finding 4-22

Product License Registration page 4-22

Profile Details page D-35

Profile Name parameter 6-5, 8-14, 10-31, 13-7

protected access credentials (PACs)

overview 9-24

uploading

using the CLI 9-26 to 9-27

using the GUI 9-25

using with local EAP 5-42, 13-22

Protection Type parameter 5-70, 11-37

Protocol parameter 5-60

Protocol Type parameter 4-68

PSK

configuring 6-27

described 6-25

with mesh 8-25

PSK Format parameter 6-27

public key cryptography (PKC), with mobility 12-7

Q

QBSS

configuring

using the CLI 6-41

using the GUI 6-39 to 6-40

described 6-37

guidelines 6-38

QoS

identity networking 5-78

levels 4-66, 6-35

translation values 6-36

with CAC 4-73

QoS profiles

assigning to a WLAN

using the CLI 6-37

using the GUI 6-36 to 6-37

configuring

using the CLI 4-68 to 4-69

using the GUI 4-66 to 4-68

QoS roles

assigning for use with hybrid REAP 13-10

configuring

using the CLI 4-71 to 4-72

using the GUI 4-69 to 4-71

QoS Roles for Guest Users page 4-70

Quality of Service (QoS) parameter 6-36

quarantined VLAN

configuring 3-13, 3-19

using 13-8

with hybrid REAP 13-4

with NAC out-of-band integration 6-69

Quarantine parameter

for dynamic interface 3-19

NAC out-of-band integration 6-69

Query Interval parameter 5-108

Queue Depth parameter 4-67

queue statistics 8-48

R

Radio > Statistics page 6-43

radio core dumps

described 7-41

retrieving 7-42

uploading

using the CLI 7-43

using the GUI 7-42 to 7-43

radio measurement requests

configuring

on the CLI 11-45

on the GUI 11-44

overview 11-43

viewing status using the CLI 11-46

radio preamble 5-52

radio resource management (RRM)

benefits 11-5

CCX features. See CCX radio management

configuring

monitor intervals using the GUI 11-20

using the CLI 11-21 to 11-24

using the GUI 11-10 to 11-21

coverage hole detection

configuring per controller using the CLI 11-23

configuring per controller using the GUI 11-17 to 11-19

described 11-4

debugging 11-26

disabling dynamic channel and power assignment

using the CLI 11-35 to 11-36

using the GUI 11-35

overriding RRM 11-27 to 11-36

overview 11-2

specifying channels 11-13 to 11-16

statically assigning channel and transmit power settings

using the CLI 11-32

using the GUI 11-28 to 11-32

update interval 11-7, 11-10

Wireless > 802.11a/n (or 802.11b/g/n) > RRM > TPC parameter 11-11

radio resource management (RRM) settings

viewing using the CLI 11-24 to 11-26

radio resource monitoring 11-2

RADIUS

accounting 5-3

authentication 5-3

choosing authentication priority order 5-11

configuring

using the CLI 5-11 to 5-15

using the GUI 5-6 to 5-11

configuring on ACS 5-4

described 5-3

FIPS standard 5-12

KEK parameter 5-12

MACK parameter 5-12

server fallback behavior 5-10, 5-13

using with hybrid REAP 13-16

RADIUS > Fallback Parameters page 5-10

RADIUS accounting attributes 5-18 to 5-19

RADIUS authentication attributes 5-16 to 5-18

Range (RootAP to MeshAP) parameter 8-24

Redirect URL After Login parameter 10-14

Refresh-time Interval parameter 4-93

Regenerate Certificate button 10-8

regulatory information

for 2100 series controllers B-10

for 4400 series controllers B-10

for lightweight access points B-2 to B-10

rehosting a license. See licenses

Rehost Ticket File Name parameter 4-23

Remote Authentication Dial-In User Service. See RADIUS

Request Max Retries parameter 5-43

Request Timeout parameter 5-43

Reserved Roaming Bandwidth parameter 4-76, 4-77

Reset Link Latency button 7-95

Reset Personal SSID parameter 7-52

resetting the controller 9-34

restoring passwords 4-42

Re-sync button 5-110

reverse path filtering (RPF) 12-26

RF Channel Assignment parameter 11-35

RF domain. See RF groups

RF exposure declaration of conformity B-5

RF group leader

described 11-6

viewing 11-9

RF group name

described 11-7

entering 11-8

RF groups

cascading 11-6

configuring

using the CLI 11-8

using the GUI 11-7

difference from mobility groups 11-5

overview 11-5 to 11-7

pinning 11-6

viewing status

using the CLI 11-10

using the GUI 11-9

RFID tags

described 4-100

formats supported 4-100

number supported per controller 4-101

tracking

configuring using the CLI 4-102

debugging using the CLI 4-104

viewing information using the CLI 4-103 to 4-104

RFID tracking on access points, optimizing

using the CLI 7-87

using the GUI 7-85 to 7-86

RF-Network Name parameter 11-8

RLDP. See Rogue Location Discovery Protocol (RLDP)

roaming and real-time diagnostics

configuring using the CLI D-39 to D-42

described D-26

logs

described D-26

viewing D-39 to D-40

roam reason report 4-62

roam reason report, described 8-32

rogue access points

alarm 11-37

automatically containing

using the CLI 5-89

using the GUI 5-88

classification mapping table 5-85

classifying 5-84

configuring RLDP 5-87 to 5-90

detecting

using the CLI 11-38

using the GUI 11-36 to 11-38

managing 5-83

rule-based classification support 5-84

tagging, location, and containment 5-84

viewing and classifying

using the CLI 5-101 to 5-106

using the GUI 5-96 to 5-101

WCS support for rule-based classification 5-87

Rogue AP Detail page 5-97

Rogue AP Ignore-List page 5-101

rogue classification rules

configuring using the CLI 5-94 to 5-96

configuring using the GUI 5-90 to 5-94

Rogue Client Detail page 5-99

rogue detection 5-87, 5-88

and OfficeExtend access points 7-52, 7-55

Rogue Detection parameter 5-87, 7-52

Rogue Location Discovery Protocol (RLDP)

configuring

using the CLI 5-88 to 5-90

using the GUI 5-87 to 5-88

defined 5-84

Rogue Location Discovery Protocol parameter 5-88

Rogue on Wire parameter 5-88

Rogue Policies page 5-87

Rogue Rule > Edit page 5-92

Rogue Rules > Priority page 5-93

rogue states 5-85, 5-86

Role Name parameter 4-70

Role parameter 5-33, 13-10

root access points (RAPs)

selecting 8-35

root bridge 3-27

Root Cost parameter 3-30

Root Port parameter 3-30

RRM. See radio resource management (RRM)

RSNA logs

configuring D-39 to D-41

described D-26

Rx Sensitivity Threshold parameter 11-50

S

Save and Reboot button 9-21, 9-23

Save Licenses button 4-8

saving configuration settings 9-32

Scan Threshold parameter 4-63

Scope Name parameter 6-13

Search AP window 7-11, 7-14, 7-37

Search Clients page 7-103

Search WLANs window 6-8, 7-10, 7-14

Secondary Controller parameters 7-69

Secondary RADIUS Server parameter 13-18

secure web mode

described 2-18

enabling

using the CLI 2-19

using the GUI 2-18

security

overview 5-2

solutions 5-2 to 5-3

Security Policy Completed parameter 6-48

security settings

local and external authentication 8-23

Select APs from Current Controller parameter 13-20

self-signed certificate (SSC)

used to authorize access points 7-27

Sequence parameter 5-59

serial number for controller, finding 4-24

serial number of controller, finding 4-22

serial port

baud rate setting 2-24

timeout 2-24

Server Address parameter 5-107

Server Index (Priority) parameter 5-8, 5-25, 5-36

Server IP Address parameter

for LDAP server 5-36

for RADIUS server 5-8

for TACACS+ server 5-25

for wireless sniffer D-49

Server Key parameter 5-46, 13-22

Server Status parameter 5-9, 5-25

Server Timeout parameter 5-9, 5-26, 5-37

service port 3-6

service-port interface

configuring

using the CLI 3-18

using the GUI 3-12 to 3-15

described 3-9

session timeout

configuring

using the CLI 6-32

using the GUI 6-31

described 6-31

Set Priority button 4-18

Set to Factory Default button 11-21

Severity Level Filtering parameter D-9

Shared Secret Format parameter 5-8, 5-25

Shared Secret parameter 5-8, 5-25

Short Preamble Enabled parameter 5-52

short preambles 5-52

Show Wired Clients option 7-64

shunned clients

described 5-110

viewing

using the CLI 5-111

using the GUI 5-110

Signature Events Detail page 5-118

Signature Events Summary page 5-118

Signature Events Track Detail page 5-119

Simple Bind parameter 5-36

sniffing. See wireless sniffing D-47

Sniff parameter D-49

SNMP, configuring 4-42 to 4-43

SNMP community string

changing default values using the CLI 4-44 to 4-45

changing default values using the GUI 4-43 to 4-44

SNMP v1 / v2c Community > New page 4-44

SNMP v1 / v2c Community page 4-43

SNMP v3 users

changing default values using the CLI 4-46

changing default values using the GUI 4-45 to 4-46

SNMP V3 Users > New page 4-46

SNMP V3 Users page 4-45

software, upgrading

guidelines 9-2 to 9-4

using the CLI 9-9 to 9-11

using the GUI 9-6 to 9-8

software, upgrading in mesh networks

guidelines 9-4 to 9-6

Source parameter for ACLs 5-59

Source Port parameter 5-60

Spanning Tree Algorithm parameter 3-31

Spanning Tree Protocol (STP)

configuring

using the CLI 3-32 to 3-33

using the GUI 3-28 to 3-32

described 3-27

spanning-tree root 3-27

Spanning Tree Specification parameter 3-30

SpectraLink NetLink phones

enabling long preambles

using the CLI 5-53

using the GUI 5-52

overview 5-52

Spectralink Voice Priority parameter 4-88

splash page web redirect 6-61

Splash Page Web Redirect parameter 6-63

SSC key-hash on Cisco WiSM 7-26

SSH

and OfficeExtend access points 7-53, 7-55

configuring

using the CLI 2-35 to 2-36

using the GUI 2-34 to 2-35

troubleshooting access points

using the CLI D-51 to D-52

using the GUI D-50 to D-51

SSH parameter D-51

SSID

configuring

using the CLI 6-6

using the GUI 6-5

described 6-3

SSL certificate

loading

using the CLI 2-21 to 2-22

using the GUI ?? to 2-21

SSLv2, configuring for web administration 2-19

SSLv2 for web authentication, disabling 10-13

Standard Signature > Detail page 5-117

Standard Signatures page 5-115

stateful DHCPv6 IP addressing 6-47

State parameter 5-108, 5-118

static IP address

configuring

using the CLI 7-47 to 7-48

using the GUI 7-46 to 7-47

described 7-46

Static IP parameter 7-47

Static Mobility Group Members page 12-11

Statistics option 8-47

Status parameter

for DHCP scopes 6-14

for guest LANs 10-32

for SNMP community 4-44

for WLANs 6-6

STP Mode parameter 3-29

STP Port Designated Bridge parameter 3-28

STP Port Designated Cost parameter 3-28

STP Port Designated Port parameter 3-28

STP Port Designated Root parameter 3-28

STP Port Forward Transitions Count parameter 3-28

STP Port ID parameter 3-28

STP Port Path Cost Mode parameter 3-29

STP Port Path Cost parameter 3-29

STP Port Priority parameter 3-29

STP State parameter 3-28

strong passwords 7-20

Summary page 2-35

Supervisor 720

configuring 4-114 to ??

described 4-114

switch, configuring at the remote site 13-5 to 13-6

Switch IP Address (Anchor) parameter 12-23

SX/LC/T small form-factor plug-in (SFP) modules 3-5

symmetric mobility tunneling

illustrated 12-27

overview 12-26 to 12-27

verifying status

using the CLI 12-28

using the GUI 12-27

Symmetric Mobility Tunneling Mode parameter 12-27

syslog

described D-27

levels D-10

logs D-39 to D-41

Syslog Configuration page D-8

Syslog Facility parameter D-9

syslog server

number supported by controller D-8

removing from controller D-8

severity level filtering D-9

Syslog Server IP Address parameter D-8

system logging

configuring

using the CLI D-11 to D-14

using the GUI D-8 to D-10

setting severity level D-10

system logs, viewing using the CLI D-14

system messages D-2 to D-5

System Resource Information page D-5

system resources

viewing using the CLI D-6

viewing using the GUI D-5

T

TACACS+

accounting 5-20

authentication 5-19

authorization 5-19

choosing authentication priority order 5-26

configuring

using the CLI 5-27 to 5-29

using the GUI 5-24 to 5-26

configuring on ACS 5-20 to 5-24

described 5-19 to 5-20

roles 5-19, 5-23

viewing administration server logs 5-29 to 5-30

TACACS+ (Authentication, Authorization, or Accounting) Servers > New page 5-25

TACACS+ (Authentication, Authorization, or Accounting) Servers page 5-24

TACACS+ (Cisco) page (on CiscoSecure ACS) 5-22

TACACS+ Administration.csv page (on CiscoSecure ACS) 5-29, 5-30

TCP MSS

configuring 7-96 to 7-97

described 7-96

telemetry 4-100

Telnet

and OfficeExtend access points 7-53, 7-55

troubleshooting access points

using the CLI D-51 to D-52

using the GUI D-50 to D-51

Telnet parameter D-51

Telnet sessions

configuring

using the CLI 2-35 to 2-36

using the GUI 2-34 to 2-35

Telnet-SSH Configuration page 2-34

Tertiary Controller parameters 7-69

text2pcap sample output D-45

TFTP server guidelines 9-2

time, configuring

using the CLI 2-32

using the GUI 2-30

using the NTP server 2-30

time-length-values (TLVs), supported for CDP 4-90 to 4-92

timeout, configuring for disabled clients 6-17

Time Since Topology Changed parameter 3-30

timestamps, enabling or disabling in log and debug messages D-14

Time to Live for the PAC parameter 5-46, 13-22

time zone

configuring using the CLI 2-32

configuring using the GUI 2-31

TKIP

configuring 6-27, 6-28

described 6-25

parameter 6-27

Topology Change Count parameter 3-30

traffic specifications (TSPEC) request

described 4-74

examples 4-74

traffic stream metrics (TSM)

configuring

using the CLI 4-84

using the GUI 4-76

described 4-75

viewing statistics

using the CLI 4-86 to 4-87

using the GUI 4-80 to 4-83

Transfer Mode parameter

downloading a CA certificate 9-23

downloading a configuration file 9-30

downloading a customized web authentication login page 10-23

downloading a device certificate 9-20

upgrading controller software 9-8

uploading a configuration file 9-28

uploading a PAC 9-25

uploading packet capture files D-23

Transition Time parameter 4-63

transmit power

statically assigning using the CLI 11-32

statically assigning using the GUI 11-28 to 11-32

transmit power levels 11-31

Transmit Power parameter 11-50

transmit power threshold, decreasing 11-21

trap logs

for OfficeExtend access points 7-50

Trap Logs page 4-3, 6-43

troubleshooting

access point join process 7-34 to 7-41

CCXv5 clients D-26 to D-42

problems D-6 to D-8

tunnel attributes and identity networking 5-80 to 5-81

Tx Power Level Assignment parameter 11-35

Type parameter 6-5, 10-31, 13-7

U

U-APSD

described 4-75

viewing status

using the CLI 4-86

using the GUI 4-79

UDP, use in RADIUS 5-4

UDP port 12-23, 12-28

unicast mode 4-55

unique device identifier (UDI)

described 7-89

retrieving

using the CLI 7-90

using the GUI 7-89 to 7-90

Upload button 5-115, 7-43, 9-26, D-17, D-23

Upload CSV File parameter 13-21

Upload File from Controller page 7-42, 9-25, 9-27, D-17, D-23

URL parameter 10-21

URL to Send the Notifications parameter 4-27

USB console port, using on a 5500 series controller 3-33 to 3-34

Use AES Key Wrap parameter 5-7

User Access Mode parameter 10-3

user accounts, managing 10-1 to 10-25

User Attribute parameter 5-36

User Base DN parameter 5-36

User Credentials parameter 5-37

User Name parameter 5-33, 13-10

Username parameter 7-16, 7-20, 7-21

User Object Type parameter 5-36

User parameter 9-25

User Profile Name parameter 4-46

Using Our SSID parameter 5-88

V

Validate Rogue Clients Against AAA parameter 5-88

Valid Client on Rogue AP parameter 5-88

Validity parameter 9-25

VCCI warnings for controllers B-7

VCI strings 7-34

Verify Certificate CN Identity parameter 5-45

video information, viewing for mesh networks using the CLI 8-42 to 8-44

video settings

configuring

using the CLI 4-84

using the GUI 4-76 to 4-78

viewing

using the CLI 4-85 to 4-87

using the GUI 4-78 to 4-83

virtual interface

configuring

using the CLI 3-17

using the GUI 3-12 to 3-15

described 3-9

VLAN Identifier parameter

for AP-manager interface 3-14

for dynamic interface 3-19, 3-20

VLAN ID parameter 6-68, 13-14

VLAN interface. See dynamic interface

VLAN Mappings

button 13-13

page 13-13

VLANs

described 3-9

guidelines 3-12

VLAN Support parameter 13-13

VLAN tag, and identity networking 5-79

Voice & Video Optimized parameter 4-88

voice information, viewing for mesh networks using the CLI 8-42 to 8-44

Voice Optimized parameter 4-88

voice-over-IP (VoIP) telephone roaming 4-61

Voice RSSI parameter 11-18

voice settings

configuring

using the CLI 4-83 to 4-84

using the GUI 4-75 to 4-76

viewing

using the CLI 4-85 to 4-87

using the GUI 4-78 to 4-83

VoIP calls, error codes 6-45 to 6-46

VoIP snooping

configuring

using the CLI 6-44 to 6-47

using the GUI 6-42 to 6-43

described 6-41 to 6-42

VoIP Snooping and Reporting parameter 6-42

VPN Gateway Address parameter 6-33

VPN passthrough

configuring using the CLI 6-33

configuring using the GUI 6-33

described 6-32

W

warranty C-4 to C-6

webauth.tar files 10-26

webauth bundle 10-22

web authentication

certificate

obtaining using the CLI 10-9 to 10-10

obtaining using the GUI 10-7 to 10-9

configuring a WLAN for

using the CLI 6-34

using the GUI 6-33

described 10-10

process 10-10 to 10-13

successful login page 10-13

Web Authentication Certificate page 10-8

web authentication login page

assigning per WLAN

using the CLI 10-27

using the GUI 10-26

choosing the default

using the CLI 10-15 to 10-16

using the GUI 10-14 to 10-15

customized example 10-25

customizing from an external web server

using the CLI 10-21

using the GUI 10-20 to 10-21

default 10-12

downloading a customized login page

guidelines 10-22

using the CLI 10-24

using the GUI 10-22 to 10-23

modified default example 10-17

previewing 10-15, 10-23

verifying settings using the CLI 10-25

Web Authentication option 10-32

Web Authentication Type parameter 10-14, 10-21, 10-23

Web Auth Type parameter 10-26, 10-33

web-browser security alert 10-11

Web Login page 10-14, 10-20

web mode

configuring

using the CLI 2-19

using the GUI 2-18

described 2-18

Web Passthrough option 10-32

Web Policy parameter 5-65, 6-34, 6-63

web redirect 6-60

Web Server IP Address parameter 10-21

Web Session Timeout parameter 2-18

WEP keys, configuring 6-23

WGB parameter 7-64

WGB Wired Clients page 7-64

wired guest access

configuration overview 10-30

configuring

using the CLI 10-33 to 10-39

using the GUI 10-31 to 10-33

described 10-28 to 10-30

guidelines 10-30

one-controller example 10-29

two-controller example 10-30

wireless intrusion prevention system (wIPS)

configuring on an access point 5-125 to 5-126

described 5-123

viewing information 5-126 to 5-127

wireless sniffing

configuring

using the CLI D-49

using the GUI D-48 to D-49

prerequisites D-47

supported software D-47

WLAN ID parameter 6-5

WLAN mobility security values 12-25

WLAN override 9-2

WLAN Profile parameter 5-34, 13-10

WLANs

assigning web login, login failure, and logout pages

using the CLI 10-27

using the GUI 10-26

checking security settings 6-24

configuring

conditional web redirect 6-61 to 6-64

static and dynamic WEP 6-24

connecting clients to 13-15

creating

using the CLI 6-6

using the GUI 6-4 to 6-6

deleting

using the CLI 6-8

using the GUI 6-5

described 1-13, 3-10 to 3-12, 6-3 to 6-4

enabling or disabling

using the CLI 6-7

using the GUI 6-6

searching 6-8

session timeout

configuring 6-31

described 6-31

splash page web redirect 6-61

wired security solution 1-5

WLANs > Edit (Advanced) page 6-42, 6-65

applying an ACL to a WLAN 5-64

configuring AAA override 5-83

configuring infrastructure MFP for a WLAN 5-71

configuring IPv6 bridging 6-49

configuring NAC out-of-band integration 6-70

configuring the diagnostic channel D-27

WLANs > Edit (QoS) page 6-39

WLANs > Edit (Security > AAA Servers) page

assigning LDAP servers to a WLAN 5-38

choosing RADIUS or LDAP servers for external authentication 10-26

disabling accounting servers on a WLAN 6-64

enabling local EAP on a WLAN 5-47

WLANs > Edit (Security > Layer 2) page 6-27, 6-30

WLANs > Edit (Security > Layer 3) page

applying a preauthentication ACL to a WLAN 5-64

configuring a WLAN for VPN Passthrough 6-33

configuring web redirect 6-63

configuring wired guest access 10-32

WLANs > Edit page 6-5, 10-31, 13-7

WLANs > New page 6-5, 8-32, 8-33, 8-53, 8-54, 10-31, 13-7

WLANs page 6-4, 12-22

WLAN SSID parameter

configuring for guest user 10-5

creating a centrally switched WLAN 13-7

creating WLANs 6-5

identifying the guest LAN 10-31

mapping an access point group to a WLAN 6-56, 6-71

WMM

configuring 4-35, 6-39, 6-41

described 6-38

with CAC 4-73

WMM parameter 4-88, 4-89

WMM Policy parameter 6-39

workgroup bridges (WGBs)

debugging 7-66

described 7-60

guidelines 7-61

illustrated 7-49, 7-52, 7-57, 7-60

sample configuration 7-63

viewing status

using the CLI 7-66

using the GUI 7-63 to 7-65

world mode 4-30, 4-32

WPA1+WPA2

configuring

using the CLI 6-28

using the GUI 6-27

described 6-25

WPA2 Policy parameter 6-27

WPA Policy parameter 6-27

wplus license. See licenses

wplus software set, included features 4-2