- Preface
- Chapter 1 - Overview
- Chapter 2 - Using the Web-Browser and CLI Interfaces
- Chapter 3 - Configuring Ports and Interfaces
- Chapter 4 - Configuring Controller Settings
- Chapter 5 - Configuring Security Solutions
- Chapter 6 - Configuring WLANs
- Chapter 7 - Controlling Lightweight Access Points
- Chapter 8 - Controlling Mesh Access Points
- Chapter 9 - Managing Controller Software and Configurations
- Chapter 10 - Managing User Accounts
- Chapter 11 - Configuring Radio Resource Management
- Chapter 12 - Configuring Mobility Groups
- Chapter 13 - Configuring Hybrid REAP
- Appendix A - Safety Considerations and Translated Safety Warnings
- Appendix B - Declarations of Conformity and Regulatory Information
- Appendix C - End User License and Warranty
- Appendix D - Troubleshooting
- Appendix E - Logical Connectivity Diagrams
- Index
Index
11n Mode parameter 4-34
and PoE Status field 7-99
operating modes when using PoE 7-97
3DES IPSec data encryption 5-9
7920 AP CAC parameter 6-39
7920 Client CAC parameter 6-39
configuring 6-38
described 6-38
7921 support mode 6-38
802.11a (or 802.11b) > Client Roaming page 4-62
802.11a (or 802.11b) > Video Parameters page 4-77
802.11a (or 802.11b) > Voice Parameters page 4-75
802.11a (or 802.11b/g) > EDCA Parameters page 4-88
802.11a (or 802.11b/g) Global Parameters > Auto RF page 11-9
802.11a (or 802.11b/g) Global Parameters page 4-29, 11-44
802.11a (or 802.11b/g) Network Status parameter 4-30, 4-38, 4-39
802.11a/n (4.9 GHz) > Configure page 8-59
802.11a/n (or 802.11b/g/n) Cisco APs > Configure page 11-29
802.11a/n (or 802.11b/g/n) Radios page 4-81, 11-28, 11-40
802.11a/n Cisco APs > Configure page 11-41
802.11a/n Radios page (from Monitor Menu) 7-13
802.11a/n Radios page (from Wireless Menu) 7-14
802.11a > Pico Cell page 11-49
802.11a > Pico Cell page with pico cell mode V2 parameters 11-49
802.11a > RRM > Coverage page 11-18
802.11a > RRM > DCA page 11-14
802.11a > RRM > Dynamic Channel Assignment (DCA) page 11-14
802.11a > RRM > General page 11-19
802.11a > RRM > Tx Power Control (TPC) page 11-11
802.11a Global Parameters page 11-40
802.11b/g/n Cisco APs > Configure page 7-86, D-49
configuring using the CLI 4-31 to 4-33
configuring using the GUI 4-29 to 4-31
802.11g Support parameter 4-30
802.11h, described 4-38
802.11h Global Parameters page 4-38
802.11h parameters, configuring
using the CLI 4-39
using the GUI 4-38 to 4-39
clients 7-102
using the CLI 4-35 to 4-38
using the GUI 4-33 to 4-35
devices 4-33
802.11n (2.4 GHz) High Throughput page 4-34
802.1Q VLAN trunk port 3-6
configuring 6-24
described 6-25
dynamic key settings 6-24
configuring 6-27
described 6-26
802.1X authentication for access points
the switch 7-23
using the CLI 7-21 to 7-23
using the GUI 7-19 to 7-21
described 7-18
802.1x Authentication parameter 7-20
configuring using the CLI 4-54
configuring using the GUI 4-53 to 4-54
802.3 Bridging parameter 4-54
802.3 frames 4-53
802.3X flow control, enabling 4-52
using the CLI 5-83
using the GUI 5-83
described 5-81
AC adapter warning for Japan B-7
Access Control List Name parameter 5-59
using the CLI 5-67
using the GUI 5-62
using the CLI 5-67
using the GUI 5-63 to 5-64
applying to the controller CPU
using the CLI 5-67
using the GUI 5-63
using the CLI 5-65 to 5-66
using the GUI 5-58 to 5-61
configuring for the debug facility D-43 to D-44
configuring using the CLI 5-65
configuring using the GUI 5-58
described 5-57
identity networking 5-79
rules 5-57, 5-59, 5-66
using with the debug facility D-42 to D-43
Access Control Lists > Edit page 5-61
Access Control Lists > New page 5-58
Access Control Lists > Rules > New page 5-59
Access Control Lists page 5-58
Access Mode parameter 4-44, 4-46
access point core dumps, uploading
using the CLI 7-45
using the GUI 7-44
access point count, approved tiers for 5500 series controllers 4-4
access point event logs, viewing D-15
using the CLI 6-59
using the GUI 6-57
using the CLI 6-57 to 6-59
using the GUI 6-54 to 6-57
default group 6-54
described 6-52
illustrated 6-53
using the CLI 6-58
using the GUI 6-55
viewing 6-59 to 6-60
access point monitor service, debugging D-52
access point radios, searching for 7-13 to 7-14
20-MHz channelization 11-29
40-MHz channelization 11-29
assisted roaming 4-61
authorization list 7-33
using LSCs 7-28 to 7-32
using MICs 7-27
using SSCs 7-27
using the CLI 7-33
using the GUI 7-32
configuring hybrid REAP using the CLI 13-14 to 13-15
converting to mesh access points 8-55
embedded 7-24
guidelines for operating in Japan B-6, B-7
configuring 7-101
interpreting D-2
migrating from the -J regulatory domain to the -U regulatory domain 7-80 to 7-83
number supported per controller 3-5
priming 7-7
regulatory information B-2 to B-10
rules for operating in Taiwan B-8 to B-9
searching for 7-10 to 7-13
supported for use with hybrid REAP 13-2
supporting oversized images 7-48 to 7-49
the join process 7-34 to 7-41
using Telnet or SSH D-50 to D-52
VCI strings 7-34
verifying that they join the controller 7-9
using the CLI 7-39 to 7-41
using the GUI 7-36 to 7-39
viewing multicast client table 4-60
Accounting Server parameters 6-65
accounting servers, disabling per WLAN 6-64
ACL. See access control lists (ACLs)
ACL Name parameter 5-62, 5-63
ACS server configuration page 6-62
Action parameter 5-61
active exploits 5-128
Add AAA Client page (on CiscoSecure ACS) 5-5, 5-21
Add AP button 13-18
Add New Rule button 5-59
Add Web Server button 10-21
AdHoc Rogue AP parameter 5-88
administrator access 4-41
administrator usernames and passwords, configuring 4-41
Admin Status parameter 3-24, 3-25
Admission Control (ACM) parameter 4-76, 4-77
AES CBS IPSec data encryption 5-9
AES-CCMP 6-25
AES parameter 6-27
Aggregated MAC Protocol Data Unit (A-MPDU) 4-36
Aggregated MAC Service Data Unit (A-MSDU) 4-36
aggregation method, specifying 4-36
aggressive load balancing 4-47
AirMagnet Enterprise Analyzer D-47
Aironet IE parameter 6-29, 6-50
configuring using the CLI 6-52
configuring using the GUI 6-50
Airopeek D-47
Alarm Trigger Threshold parameter 11-37
All APs > Access Point Name > Link Details > Neighbor Name page 8-53
All APs > Access Point Name > Mesh Neighbor Stats page 8-53
All APs > Access Point Name > Neighbor Info page 8-52
All APs > Access Point Name > Statistics page 8-47
All APs > Access Point Name > VLAN Mappings page 13-13
All APs > Details (Advanced) page
configuring CDP 4-94
All APs > Details for (Advanced) page 7-4, 7-44, D-51
configuring country codes 7-77
configuring link latency 7-94
configuring PoE 7-98
All APs > Details for (Credentials) page 7-16, 7-20, 7-53
All APs > Details for (General) page 7-47, 7-51, 13-12
All APs > Details for (High Availability) page 7-51, 7-69, 7-73
All APs > Details for (H-REAP) page 7-52, 13-12
All APs > Details for (Inventory) page 7-90
All APs > Details for page D-48, D-53
All APs > Details page 8-19, 8-35, 11-37
All APs page 7-10, 8-46, 11-36, 13-12
Allow AAA Override parameter 5-83
AnchorTime parameter 11-15
anonymous local authentication bind method 5-36, 5-39
Anonymous Provision parameter 5-46
Antenna Gain parameter 11-31
Antenna parameter 11-30
Antenna Type parameter 11-30
AP > Clients > Traffic Stream Metrics page 4-82
AP > Clients page 4-82
described 7-24
using with a controller 7-24
AP Authentication Policy page 5-70, 11-37
AP Core Dump parameter 7-44
ap-count evaluation licenses, activating
using the CLI 4-19 to 4-20
using the GUI 4-17 to 4-19
ap-count license. See licenses
AP Ethernet MAC Addresses parameter 7-29
AP Failover Priority parameter 7-73
AP Group Name parameter 6-55
AP Groups > Edit (APs) page 6-57
AP Groups > Edit (General) page 6-56
AP Groups > Edit (WLANs) page 6-56, 6-71
AP Groups page 6-54, 6-70
AP Join Stats Detail page 7-39
AP Join Stats page 7-37
and dynamic interfaces 3-10
using the CLI 3-16 to 3-17
using the GUI 3-12 to 3-15
using the CLI 3-44
using the GUI 3-42 to 3-43
described 3-8
of four AP-manager interfaces 3-42
of three AP-manager interfaces 3-41
of two AP-manager interfaces 3-40
using multiple 3-39 to 3-44
AP Mode parameter 7-51, 11-37, 13-12, D-48
AP Name parameter 6-57
AP Policies page 7-32
AP Primary Discovery Timeout parameter 7-68
ASLEAP detection 5-128
Assignment Method parameter 11-29, 11-31
described 12-26
illustrated 12-26
authenticated local authentication bind method 5-36, 5-39
Authentication Protocol parameter 4-46
Auth Key Mgmt parameter 6-27
Authority ID Information parameter 5-46, 13-22, 13-23
Authority ID parameter 5-46, 13-22
Authorize LSC APs against auth-list parameter 7-32
Authorize MIC APs against auth-list or AAA parameter 7-32
using the CLI 7-33
using the GUI 7-32
using the CLI 12-23 to 12-24
using the GUI 12-21 to 12-23
guidelines 12-21
overview 12-20 to 12-21
auto-immune feature 5-109
described 2-26, 2-29
example operation 2-29
DHCP addresses for interfaces 2-27
TFTP server information 2-27
overview 2-26
selecting configuration file 2-28
using 2-26
Average Data Rate parameter 4-67, 4-70
Average Real-Time Rate parameter 4-67, 4-71
Avoid Cisco AP Load parameter 11-15
Avoid Foreign AP Interference parameter 11-15, 12-18
Avoid Non-802.11a (802.11b) Noise parameter 11-15
Backhaul Client Access parameter 8-59
using the CLI 7-70 to 7-72
using the GUI 7-68 to 7-69
described 7-67
Back-up Primary Controller IP Address parameter 7-68
Back-up Primary Controller Name field 7-68
Back-up Secondary Controller IP Address parameter 7-69
Back-up Secondary Controller Name parameter 7-69
band selection 4-49
described 4-73
using the CLI 4-83
using the GUI 4-76
for mesh networks 8-40
base license. See licenses
Base MAC Address parameter 3-30
Beacon Period parameter 4-30
using the CLI 11-41 to 11-42
using the GUI 11-40 to 11-41
described 11-39
guidelines 11-39
Beamforming parameter 11-40, 11-41
Bind Password parameter 5-36
Bind Username parameter 5-36
Bridge Data Rate parameter 8-35
Bridge Group Name parameter 8-35
bridge protocol data units (BPDUs) 3-27
configuring using the CLI 8-37 to 8-39
configuring using the GUI 8-35 to 8-37
browsers supported 2-16
Buffered Log Level parameter D-10
Burst Data Rate parameter 4-67, 4-71
Burst Real-Time Rate parameter 4-67, 4-71
configuring for 7920 phones 6-38
described 4-73
using the CLI 4-84
using the GUI 4-77
in mesh networks 8-39
viewing in mesh networks 8-42 to 8-44
viewing using the CLI 4-85
Canadian compliance statement B-3
and mesh access points 8-8
cascading 11-6
CA Server URL parameter 7-28
Catalyst 3750G Integrated Wireless LAN Controller Switch
described 1-12
logical connectivity diagram and associated software commands E-4 to E-5
ports 3-3, 3-4, 3-5
CCA Sensitivity Threshold parameter 11-50
configuring 6-27
described 6-25
hybrid-REAP groups 13-17
with mobility 12-7
using the CLI 6-52
using the GUI 6-50
described 6-49
link test 7-90
using the CLI 6-52
using the GUI 6-50 to 6-51
using the CLI 4-64
using the GUI 4-62 to 4-64
debugging using the CLI 4-64
described 4-61 to 4-62
obtaining information using the CLI 4-64
using the CLI 11-45
using the GUI 11-44 to 11-45
debugging using the CLI 11-47
features 11-43
hybrid-REAP considerations 11-43
obtaining information using the CLI 11-46 to 11-47
enabling location presence 4-110
troubleshooting D-26 to D-42
CCXv5 Req button D-33
CCX Version parameter 6-51
CDP > AP Neighbors > Detail page 4-97
CDP > AP Neighbors page 4-96
CDP > Global Configuration page 4-93
CDP > Interface Neighbors > Detail page 4-95
CDP > Interface Neighbors page 4-95
CDP > Traffic Metrics page 4-97
CDP Advertisement Version parameter 4-93
CDP AP Neighbors page 4-96
CDP Protocol Status parameter 4-93
CDP State parameter 4-94
Certificate Authority (CA) certificates
using the CLI 9-23 to 9-24
using the GUI 9-22
overview 9-22
using with local EAP 5-42, 5-47
Certificate File Name parameter 10-8
Certificate File Path parameter 10-8
Certificate Issuer parameter 5-45
Certificate Password parameter 9-20, 10-9
Certificate Type parameter 7-33
Change Filter link 7-10, 7-14, 7-37
Change Rules Priority parameter 5-93
Channel Announcement parameter 4-38
Channel Assignment Leader parameter 11-16
Channel Assignment Method parameter 11-14
channel bonding in the 5-GHz band 11-30
Channel parameter 11-28, D-49
Channel Quiet Mode parameter 4-38
statically assigning using the CLI 11-32
statically assigning using the GUI 11-28 to 11-32
Channel Scan Duration parameter 11-20
Channel Width parameter 11-16, 11-29
Check Against CA Certificates parameter 5-45
Check Certificate Date Validity parameter 5-45
chokepoints for RFID tag tracking 4-101
CIDS Sensor Add page 5-107
CIDS Sensors List page 5-106
CIDS Shun List page 5-110
configuring 6-27, 6-28
described 6-26
Cisco 2100 Series Wireless LAN Controllers
AutoInstall interfaces 2-27
described 1-8
FCC statement B-10
features not supported 1-8
network connections 1-16
ports 3-2, 3-4
Cisco 28/37/38xx Integrated Services Router
described 1-12
logical connectivity diagram and associated software commands E-3
ports 3-4, 3-5, 4-116
versions 1-12
Cisco 3200 Series Mobile Access Router (MAR)
described 8-58
operating with mesh access points
using the CLI to configure 8-60
using the GUI to configure 8-59
Cisco 3300 Series Mobility Services Engine (MSE), using with wIPS 5-123
Cisco 4400 Series Wireless LAN Controllers
AutoInstall interfaces 2-27
choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43
described 1-9
FCC statement B-10
models 3-4 to 3-5
network connections 1-16 to 1-17
ports 3-2, 3-4, 3-5
Cisco 5500 Series Wireless LAN Controllers
choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43
CPUs D-5
described 1-9
FCC statement B-10
features not supported 1-10
interface configuration example 3-45
licenses. See licenses
models 3-5
multiple AP-manager interfaces 3-44 to 3-45
network connections 1-17
ports 3-3, 3-5
using the USB console port 3-33 to 3-34
Cisco 7920 Wireless IP Phones 6-38
Cisco 7921 Wireless IP Phones 6-38
Cisco Adaptive Wireless Path Protocol (AWPP) 8-8
Cisco AV-pairs 6-60, 6-61, 6-62
Cisco Centralized Key Management (CCKM). See CCKM
Cisco Clean Access (CCA) 6-66
Cisco Client Extensions (CCX). See CCX
Cisco Discovery Protocol (CDP)
using the CLI 4-98 to 4-99
using the GUI 4-93 to 4-94
debugging using the CLI 4-100
described 4-90
enabling using the GUI 4-93 to 4-94
sample network 4-92
supported devices 4-90
using the CLI 4-99 to 4-100
using the GUI 4-94 to 4-98
using the CLI 4-99
using the GUI 4-97
Cisco Discovery Protocol parameter 4-94
Cisco high-power switches 7-99
and the controller license agent 4-26
using to register PAKs 4-6
Cisco Licensing website 4-21
Cisco Logo parameter 10-14
Cisco NAC Appliance 6-66
CiscoSecure Access Control Server (ACS) 5-4
Cisco Unified Wireless Network (UWN) Solution
described 1-2 to 1-4
illustrated 1-3
Cisco Wireless Control System (WCS) 1-2
configuring the Supervisor 720 4-114 to ??
guidelines 4-114
logical connectivity diagram and associated software commands E-2 to E-3
maximum number supported by router chassis 1-11
ports 3-4, 3-5
SSC key-hash 7-26
using the CLI 6-30
using the GUI 6-29 to 6-30
described 6-29
Clear Config button 7-58
Clear Filter link 6-8, 7-13, 7-14, 7-38
clearing the controller configuration 9-34
Clear Stats button 12-19
Clear Stats on All APs button 7-37
basic commands 2-26
enabling wireless connections 2-36
logging into 2-23 to 2-25
logging out 2-25
navigating 2-25
troubleshooting commands D-6 to D-8
using 2-23 to 2-26
Client Certificate Required parameter 5-45
client exclusion policies, configuring
using the CLI 5-76 to 5-77
using the GUI 5-75 to 5-76
Client Exclusion Policies page 5-76
ClientLink. See beamforming
client location, using WCS 1-7
client MFP 5-68
Client Protection parameter 5-72
configuring using the CLI D-35 to D-39
configuring using the GUI D-32 to D-35
described D-26
Client Reporting page D-34
client roaming, configuring 4-60 to 4-65
connecting to WLANs 13-15
using the CLI 7-105
using the GUI 7-102 to 7-105
using the CLI 6-52
using the GUI 6-50 to 6-51
Clients > AP > Traffic Stream Metrics page 4-80
Clients > AP page 4-80
configuring client reporting D-33
viewing a client’s CCX version 6-51
viewing client details 7-65, 7-104
viewing the status of workgroup bridges 7-64
viewing voice and video settings 4-79
performing a link test 7-92
viewing clients 7-102
viewing the status of workgroup bridges 7-64
viewing voice and video settings 4-78
Client Type parameter 7-64, 7-65
Commands > Reset to Factory Defaults page 4-116
comma-separated values (CSV) file, uploading 13-21
Community Name parameter 4-44
conditional web redirect 6-60
using the CLI 6-63
using the GUI 6-62 to 6-63
described 6-60
Conditional Web Redirect parameter 6-63
Configuration File Encryption parameter 9-30
using the CLI 9-31 to 9-32
using the GUI 9-29 to 9-30
editing 9-33 to 9-34
using the CLI 9-28 to 9-29
using the GUI 9-27 to 9-28, ?? to 9-29, ?? to 9-30, ?? to 9-32
CLI version 2-13 to 2-16
described 2-2
GUI version 2-3 to 2-13
Configuration Wizard - 802.11 Configuration page 2-11
Configuration Wizard Completed page 2-13
Configuration Wizard - Management Interface Configuration page 2-6
Configuration Wizard - Miscellaneous Configuration page 2-7
Configuration Wizard - Service Interface Configuration page 2-5
Configuration Wizard - Set Time page 2-12
Configuration Wizard - SNMP Summary page 2-4, 2-6
Configuration Wizard - System Information page 2-3
Configuration Wizard - Virtual Interface Configuration page 2-8
Configure option for RRM override 11-28
Confirm Password parameter 13-10
Console Log Level parameter D-10
connecting 2-2 to 2-3
Control and Provisioning of Wireless Access Points protocol (CAPWAP) 1-6
debugging 7-6
described 7-2
guidelines 7-2
viewing MTU information 7-5
controller failure detection time, reducing 7-67
baud rate 3-4
versions 3-5
clearing 9-34
erasing 9-34
saving 9-32
connections 1-13
discovery process 7-6
guidelines for operating in Japan B-6 to B-7
multiple-controller deployment 1-4
overview 1-7
resetting factory default settings
using the GUI 4-116
single-controller deployment 1-3 to 1-4
synchronizing with location appliance 4-106
types of memory 1-14
using the CLI 9-9 to 9-11
using the GUI 9-6 to 9-8
Controller Spanning Tree Configuration page 3-30
Controller Time Source Valid parameter 5-72
Control Path parameter 12-23
described D-18
uploading automatically to an FTP server
using the CLI D-20
using the GUI D-19
uploading from a 5500 series controller to a TFTP or FTP server D-20 to D-21
Core Dump page D-19
Country Code parameter 7-77
using the CLI 7-78 to 7-80
using the GUI 7-76 to 7-77
described 7-75
Japanese 7-81
viewing using the CLI 7-79
Country page 7-76
Coverage Exception Level per AP parameter 11-18
using the CLI 11-23
using the GUI 11-17 to 11-19
described 6-65
using the CLI 6-66
using the GUI 6-65 to 6-66
coverage hole detection and correction 11-4
Coverage Hole Detection Enabled parameter 6-65
CPU Access Control Lists page 5-63
CPU ACL Mode parameter 5-63
CPUs, 5500 series controllers D-5
using the CLI D-17 to D-18
using the GUI D-16 to D-17
Current Channel parameter 11-31
Custom Signatures page 5-115
and OfficeExtend access points 7-55
using the CLI 7-4 to 7-5
using the GUI 7-3 to 7-4
described 7-3
for OfficeExtend access points 7-52
Data Encryption parameter 7-4, 7-52
Data Path parameter 12-23
Data Rates parameter 4-31
configuring manually 2-30
configuring through NTP server 2-30
using the CLI 2-32
using the GUI 2-30
DCA Channel Sensitivity parameter 11-15
DCA Channels parameter 11-16
debug commands, sending 7-41
configuring D-43 to D-46
described D-42 to D-43
output D-44 to D-45
default enable password 7-15
default-group access point group 6-54
Default Mobility Group parameter 12-11
Default Routers parameter 6-13
Delivery Traffic Indication Map (DTIM). See DTIM period
Deny Counters parameter 5-61
Description parameter 5-34, 8-14, 13-10
Designated Root parameter 3-30
DES IPSec data encryption 5-9
Destination parameter 5-59
Destination Port parameter 5-60
Detect and Report Ad-Hoc Networks parameter 5-88
using the CLI 9-21
using the GUI 9-19 to 9-21
overview 9-19
using with local EAP 5-42, 5-47
configuring using the CLI 6-11
configuring using the GUI 6-10
debugging 6-12
DHCP Addr. Assignment Required parameter 6-11
DHCP Allocated Lease page 6-14
DHCP option 43, in controller discovery process 7-7
using the CLI 5-56 to 5-57
using the GUI 5-56
described 5-55
example 5-55
DHCP Option 82 Remote ID Field Format parameter 5-56
DHCP Parameters page 4-40, 5-56
using the CLI 4-41
using the GUI 4-40
described 4-40
DHCP Scope > Edit page 6-13
using the CLI 6-14 to 6-16
using the GUI 6-12 to 6-14
described 6-12
DHCP Scopes page 6-12
DHCP server discovery 7-7
DHCP Server IP Addr parameter 6-11
DHCP Server Override parameter 6-11
external 6-9 to 6-10
internal 6-9
using the CLI D-28 to D-32
using the GUI D-27
described D-26
Diagnostic Channel parameter D-27
directed roam request 4-62
Direction parameter 5-60
disabled clients, configuring a timeout 6-17
discovery request timer, configuring 7-71
distribution system ports 3-4 to 3-6
Diversity parameter 11-31
DNS Domain Name parameter 6-13
DNS IP Address parameter 7-47
DNS Servers parameter 6-14
Domain Name parameter 7-47
domain name server (DNS) discovery 7-8
downloading a CA certificate 9-23
downloading a configuration file 9-30
downloading a customized web authentication login page 10-23
downloading a device certificate 9-20
downloading a signature file 5-115
Download File to Controller page 9-17
downloading a customized web authentication login page 10-22
downloading CA certificates 9-22
downloading configuration files 9-29
downloading device certificates 9-20
downloading IDS signatures 5-114
downloading login banner file 9-16
Download SSL Certificate parameter 10-8
DSCP parameter 5-60
DTIM period, configuring for MAC filtering 6-18
DTLS data encryption. See data encryption
DTPC Support parameter 4-30
for dynamic interface 3-21
for the management interface 3-15
Dynamic AP Management parameter 3-10
for dynamic interface 3-20
for management interface 3-13
dynamic AP-manager interface 3-10
dynamic channel assignment (DCA)
20-MHz channelization 11-4, 11-16
40-MHz channelization 11-4, 11-16
using the CLI 11-22 to 11-23
using the GUI 11-13 to 11-17
described 11-3
sensitivity thresholds 11-15
dynamic frequency selection 7-84 to 7-85
using the CLI 3-21 to 3-22
using the GUI 3-18 to 3-20
described 3-9
dynamic interface example 3-45
dynamic transmit power control, configuring 4-30
dynamic WEP, configuring 6-24
Dynamic WEP Key Index parameter 5-43
EAP-FAST Method Parameters page 5-46
EAP-FAST parameter 5-44
EAPOL-Key Max Retries parameter 5-43
EAPOL-Key Timeout parameter 5-43
EAP Profile Name parameter 5-47
EAP-TLS parameter 5-44
EDCA Profile parameter 4-88
Edit QoS Profile page 4-66
Edit QoS Role Data Rates page 4-70
Egress Interface parameter 10-32
Email Input parameter 10-33
Enable AP Local Authentication parameter 13-20
Enable Authentication for Listener parameter 4-27
Enable Check for All Standard and Custom Signatures parameter 5-116
Enable Controller Management to be accessible from Wireless Clients parameter 2-37, 5-54
Enable Counters parameter 5-58
Enable Coverage Hole Detection parameter 11-18
Enable CPU ACL parameter 5-63
Enable Default Authentication parameter 4-27
Enable DHCP Proxy parameter 4-40
Enable Dynamic AP Management parameter 3-43
Enable EAP-FAST Authentication parameter 13-22
Enable IGMP Snooping parameter 4-57
Enable LEAP Authentication parameter 13-22
Enable Least Latency Controller Join parameter 7-53
Enable Link Latency parameter 7-53, 7-94, 7-95
Enable Listener parameter 4-27
Enable Low Latency MAC parameter 4-89
Enable LSC on Controller parameter 7-28
Enable NAT Address parameter 3-13
Enable Notification parameter 4-27
Enable OfficeExtend AP parameter 7-52
Enable Password parameter 7-16
Enable Server Status parameter 5-36
Enable Tracking Optimization parameter 7-86
Encryption Key parameter 6-30
end user license agreement C-2 to C-4
end-user license agreement (EULA) 4-8, 4-9
enhanced distributed channel access (EDCA) parameters
configuring using the CLI 4-89 to 4-90
configuring using the GUI 4-88 to 4-89
described 4-61, 8-31
request (E2E) 4-62
Enter Saved Permission Ticket File Name parameter 4-23
EoIP port 12-23, 12-28
epings 12-23, 12-29
erasing the controller configuration 9-34
error codes, for failed VoIP calls 6-45 to 6-46
Ethernet connection, using remotely 2-24 to 2-25
Ethernet Multicast Mode parameter 4-57
European declaration of conformity B-4 to B-5
installed on 5500 series controllers 4-3
event reporting for MFP 5-69
Excessive 802.11 Association Failures parameter 5-76
Excessive 802.11 Authentication Failures parameter 5-76
Excessive 802.1X Authentication Failures parameter 5-76
Excessive Web Authentication Failures parameter 5-76
Expedited Bandwidth parameter 4-76
described 4-74
using the CLI 4-84
using the GUI 4-76
Expiration Timeout for Rogue AP and Rogue Client Entries parameter 5-88
Extensible Authentication Protocol (EAP)
configuring 6-24
setting local timers 5-48
per access point 5-51
per client 5-51
extension channel 11-31
resetting using the GUI 4-116
failover priority for access points
using the CLI 7-74
using the GUI 7-72 to 7-74
described 7-72
viewing using the CLI 7-74
failover protection 1-15
fake access point detection 5-128
Fallback Mode parameter 5-10
Fast Ethernet port 3-5
using the CLI 7-70
using the GUI 7-68
described 7-67
configuring using the CLI 4-52
configuring using the GUI 4-52
FCC declaration of conformity B-2 to B-3
2100 series controllers B-10
4400 series controllers B-10
5500 series controllers B-10
Federal Information Processing Standards (FIPS) 5-12
File Compression parameter 7-44
File Name to Save Credentials parameter 4-21
file transfers 1-14
downloading a CA certificate 9-23
downloading a configuration file 9-30
downloading a customized web authentication login page 10-23
downloading a device certificate 9-20
Login Banner 9-17
upgrading controller software 9-8
uploading a configuration file 9-28
uploading packet capture files D-23
uploading PACs 9-25
filter, using to view clients 7-103
Fingerprint parameter 5-108
flashing LEDs, configuring 7-101
Forward Delay parameter 3-31, 3-32
forwarding plane architecture 4-53
Fragmentation Threshold parameter 4-30
fragmented pings 3-7
Friendly Rogue > Create page 5-93
FTP server guidelines 9-2
configuring 802.3 bridging 4-54
configuring an RF group 11-7
enabling link aggregation 3-38
General (security) page 5-31
General page 5-43
Generate Password parameter 10-5
Generate Rehost Ticket button 4-23
gigabit Ethernet port 3-5
Global AP Failover Priority parameter 7-73
configuring authentication for access points 7-20
configuring backup controllers 7-68
configuring failover priority for access points 7-72
configuring global credentials for access points 7-16
global credentials for access points
using the CLI 7-17 to 7-18
using the GUI 7-15 to 7-17
described 7-15
using the CLI 7-17
using the GUI 7-16
Group Mode parameter 11-9, 12-17
Group Name parameter 12-12, 13-18
Group Setup page (on CiscoSecure ACS) 5-23
Guest LAN parameter 10-31
guest N+1 redundancy 12-20
guest tunneling 12-10
creating 10-2 to 10-7
creating as a lobby ambassador 10-4 to 10-6
using the CLI 10-7
using the GUI 10-6
Guest User parameter 5-33, 13-10
Guest User Role parameter 5-33, 13-10
guest WLAN, creating 10-5
browsers supported 2-16
enabling wireless connections 2-36
guidelines 2-16
logging into 2-17
logging out of 2-17
using 2-16
Headline parameter 10-14
Hello Time parameter 3-31
help, obtaining 2-17
hex2pcap sample output D-45
benefits 11-48
example 11-48
overview 11-47
Holdtime parameter 3-31, 4-93
Honeypot access point detection 5-128
HREAP Group Name parameter 13-13
HREAP Groups > Edit (Local Authentication > Local Users) page 13-21
HREAP Groups > Edit (Local Authentication > Protocols) page 13-22
HREAP Groups > Edit page 13-18, 13-19
HREAP Groups page 13-18
H-REAP Local Switching parameter 13-8
H-REAP Mode AP Fast Heartbeat Timeout parameter 7-68
H-REAP Mode AP Fast Heartbeat Timer State parameter 7-68
H-REAP parameter 7-51
HTTP Access parameter 2-18
HTTP Configuration page 2-18
HTTPS Access parameter 2-18
access points supported 13-2
authentication process 13-2 to 13-4
bandwidth restriction 13-2
access points using the CLI 13-14 to 13-15
access points using the GUI 13-11 to 13-14
controller using the GUI 13-6 to 13-10
guidelines 13-4
illustrated 13-2
number of access points supported 13-2
overview 13-2
debugging 13-11, 13-15
backup RADIUS server 13-16
CCKM 13-17
using the CLI 13-23
using the GUI 13-17 to 13-22
described 13-16
example 13-16
local authentication 13-17
Hysteresis parameter 4-63
configuring 5-77 to 5-81
overview 5-77 to 5-78
RADIUS attributes 5-78 to 5-81
Identity Request Max Retries parameter 5-43
Identity Request Timeout parameter 5-43
IDS 5-106
using the CLI 5-108 to 5-110
using the GUI 5-106 to 5-108
described 5-106
viewing using the CLI 5-121 to 5-122
viewing using the GUI 5-118 to 5-119
using the CLI 5-119 to 5-121
using the GUI 5-113 to 5-118
described 5-111
frequency 5-117
MAC frequency 5-117, 5-120
measurement interval 5-117
pattern 5-117
quiet time 5-117, 5-120
tracking method 5-117
uploading or downloading using the GUI 5-113 to 5-115
using the CLI 5-121 to 5-122
using the GUI 5-118 to 5-119
IGMP Timeout parameter 4-57
IKE Diffie Hellman Group parameter 5-10
IKE Phase 1 parameter 5-10
Index parameter for IDS 5-107
converting to mesh access points 8-55
components 5-69
described 5-68
Infrastructure MFP Protection parameter 5-71
Infrastructure Protection parameter 5-72
Infrastructure Validation parameter 5-72
Ingress Interface parameter 10-32
Injector Switch MAC Address parameter 7-99
inline power 7-97
Install License button 4-8
intelligent power management (IPM) 7-99
described 4-61
example 12-3
Interface Name parameter 6-56, 6-68, 6-71, 8-14
Interface parameter 6-11
and identity networking 5-79
assigning WLANs 6-17
using the CLI 3-15 to 3-18
using the GUI 3-12 to 3-15
overview 3-6 to 3-10
applying an ACL to an interface 5-62
configuring dynamic interfaces 3-19
configuring NAC out-of-band integration 6-69
creating multiple AP-manager interfaces 3-43
Interfaces > New page 3-19, 3-42
Interfaces page 3-12
interference 11-3
Interference threshold parameter 11-19
Internet Group Management Protocol (IGMP)
using the CLI 4-59
using the GUI 4-57
snooping 4-55
inter-subnet mobility 12-7
described 4-61
illustrated 12-3 to 12-4
Interval parameter 11-15, 11-44
described 4-60
illustrated 12-2
Inventory page 7-89
Invoke Channel Update Now button 11-14
Invoke Power Update Now button 11-12
IP address-to-MAC address binding
configuring 4-65
described 4-65
IP Mask parameter 4-44
IPSec parameter 5-9
IP Theft or IP Reuse parameter 5-76
using the CLI 6-49
using the GUI 6-48 to 6-49
described 6-47
guidelines 6-47
IPv6 bridging and IPv4 web authentication example 6-48
IPv6 Enable parameter 6-49
Japanese country codes 7-81
Japanese regulations for migrating access points from the -J to the -U regulatory domain 7-80 to 7-83
Keep Alive Count parameter 12-22
Keep Alive Interval parameter 12-22
Key Encryption Key (KEK) parameter 5-8
Key Format parameter 6-30
Key Index parameter 6-30
configuring 6-30, 6-31
described 6-29
Key Permutation parameter 6-30
Key Size parameter 6-30
Key Wrap Format parameter 5-8
Key Wrap parameter 5-8
LAG. See link aggregation (LAG)
LAG Mode on Next Reboot parameter 3-38
Last Auto Channel Assignment parameter 11-16
Last Power Level Assignment parameter 11-12
Layer 1 security 5-2
operation 1-6
configuring 6-23 to 6-31
described 5-2
Layer 2 Security parameter 6-27, 6-30, 6-62
operation 1-6
configuring 6-32 to 6-34
described 5-3
for VPN passthrough 6-33
for web authentication 6-34
for web redirect 6-63
for wired guest access 10-32
choosing server priority order 5-37
using the CLI 5-38 to 5-40
using the GUI 5-35 to 5-38
local EAP methods supported 5-35, 5-41
assigning to WLANs 5-37 to 5-38
choosing local authentication bind method
using the CLI 5-39
using the GUI 5-36
LDAP Servers > New page 5-35
LDAP Servers page 5-35
LDAP Servers parameter 5-47
LEAP parameter 5-44
Learn Client IP Address parameter 13-9
Lease Time parameter 6-13
configuring 7-101
interpreting D-2
using the CLI 4-28 to 4-29
using the GUI 4-26 to 4-28
described 4-26
License Agent Configuration page 4-27
license agreement C-2 to C-4
License Commands (Rehost) page 4-21
License Commands page 4-7
License Detail page 4-10, 4-18
using the CLI 4-16
using the GUI 4-15
License Level page 4-14
activating ap-count evaluation licenses
using the CLI 4-19 to 4-20
using the GUI 4-17 to 4-19
using the CLI 4-16
using the GUI 4-14 to 4-15
using the CLI 4-8 to 4-9
using the GUI 4-7 to 4-8
messages in controller trap log 4-3
obtaining 4-4 to 4-6
described 4-20
using the CLI 4-24 to 4-25
using the GUI 4-21 to 4-23
using the CLI 4-8
using the GUI 4-10
required for OfficeExtend access points 7-50
using the CLI 4-9
using the GUI 4-8
SKUs 4-4
transferring to a replacement controller after an RMA 4-25 to 4-26
types 4-2
using the CLI 4-11 to 4-13
using the GUI 4-9 to 4-10
Licenses page 4-9, 4-15, 4-17
licensing portal, using to register PAKs 4-6
Lifetime parameter 5-33, 10-5, 13-10
Lightweight Access Point Protocol (LWAPP) 1-6, 7-2
lightweight mode, reverting to autonomous mode 7-26
limited warranty C-4 to C-6
configuring neighboring devices 3-39
described 3-35 to 3-36
using the CLI 3-39
using the GUI 3-38
example 3-35
guidelines 3-37
illustrated 3-36
verifying settings using the CLI 3-39
and OfficeExtend access points 7-53, 7-55
using the CLI 7-95 to 7-96
using the GUI 7-94 to 7-95
described 7-93
Link Status parameter 3-24
button 7-92
option 7-92, 8-52
page 7-92
described 7-90
using the CLI 7-93
using the GUI 7-91 to 7-92, 8-52 to 8-53
types of packets 7-90
Link Trap parameter 3-24, 3-25
Listener Message Processing URL parameter 4-27
load balancing 4-47
Load-based AC parameter 4-76
described 4-73 to 4-74
using the CLI 4-83
using the GUI 4-76
creating using the CLI 10-3
creating using the GUI 10-2 to 10-3
Lobby Ambassador Guest Management > Guest Users List > New page 10-4
Lobby Ambassador Guest Management > Guest Users List page 10-4, 10-6
Local Auth Active Timeout parameter 5-43
using the CLI 5-47 to 5-52
using the GUI 5-42 to 5-47
debugging 5-52
described 5-40 to 5-42
example 5-41
viewing information using the CLI 5-50
Local EAP Authentication parameter 5-47
Local EAP Profiles > Edit page 5-44
Local EAP Profiles page 5-44
Local Management Users > New page 10-3
Local Management Users page 10-2
Local Mode AP Fast Heartbeat Timeout parameter 7-68
Local Mode AP Fast Heartbeat Timer parameter 7-68
Local Net Users > New page 5-33, 13-9
Local Net Users page 5-32, 10-6
configuring using the CLI 5-34
configuring using the GUI 5-32 to 5-34
local significant certificate (LSC)
using the CLI 7-30 to 7-32
using the GUI 7-28 to 7-30
described 7-28
Local Significant Certificates (LSC) - AP Provisioning page 7-29
Local Significant Certificates (LSC) - General page 7-28
local user database, capacity 10-2
calibration 11-44
configuring settings using the CLI 4-106 to 4-108
viewing settings using the CLI 4-108 to 4-110
installing certificate 4-105 to 4-106
synchronizing with controller 4-106
location-based services 11-43
location presence 4-110
Catalyst 3750G Integrated Wireless LAN Controller Switch E-4
Cisco 28/37/38xx Integrated Services Router E-3
Cisco WiSM E-2
clearing 9-19
described 9-15
using the CLI 9-17 to 9-18
using the GUI 9-16 to 9-17
Login Banner page 9-19
roaming D-26, D-39 to D-40
RSNA D-26, D-39 to D-41
syslog D-27, D-39 to D-41
using the CLI D-17 to D-18
using the GUI D-16 to D-17
described 5-52
enabling on SpectraLink NetLink phones
using the CLI 5-53
using the GUI 5-52
debug commands 7-41
disabling the reset button 7-46
MAC addresses displayed on controller GUI 7-45
described 7-41
receiving debug commands from controller 7-41
retrieving radio core dumps 7-42
reverting to autonomous mode 7-26 to 7-27
sending crash information to controller 7-41
access point core dumps 7-44 to 7-45
radio core dumps 7-42 to 7-43
adding to controller filter list
using the GUI 8-39
displayed on controller GUI 7-45
MAC Address parameter 8-14
configuring on WLANs 6-16 to 6-17
DTIM period 6-18
MAC filtering, for mesh access points 8-13 to 8-14
MAC Filtering page 8-13
MAC Filters > New page 8-13
management frame protection (MFP)
using the CLI 5-72 to 5-73
using the GUI 5-70 to 5-71
debugging 5-75
described 5-68 to 5-69
guidelines 5-69
types 5-68
viewing settings 5-73 to 5-75
Management Frame Protection parameter 5-72
Management Frame Protection Settings page 5-72
management frame validation 5-69
using the CLI 3-15
using the GUI 3-12 to 3-15
described 3-7
Management IP Address parameter 7-51
described 5-54
using the CLI 5-54
using the GUI 5-54
Master Controller Configuration page 7-9
Master Controller Mode parameter 7-9
Max Age parameter 3-30
Max HTTP Message Size parameter 4-27
Maximum Age parameter 3-31
maximum local database entries
configuring using the CLI 5-31
configuring using the GUI 5-31
Maximum Local Database Entries parameter 5-31
Maximum Number of Sessions parameter 4-27
Maximum RF Usage Per AP parameter 4-67
Max-Login Ignore Identity Response parameter 5-43
Max RF Bandwidth parameter 4-76, 4-77
MCS data rates 4-34
Member MAC Address parameter 12-12
types 1-14
memory leaks, monitoring D-24 to D-25
network example 8-42
configuring using the CLI 8-27, 8-30
configuring using the GUI 8-23 to 8-27
viewing for an access point using the CLI 8-42 to 8-45, 8-50 to 8-51
viewing for an access point using the GUI 8-46 to 8-50
Mesh > LinkTest Results page 8-52
adding MAC address to controller filter list
using the CLI 8-14
using the GUI 8-13 to 8-14
adding to mesh networks 8-12
and CAPWAP 8-8
converting to non-mesh access points 8-57
deployment modes 8-5
license requirements 8-2
models 8-2
network access 8-5
operating with Cisco 3200 Series Mobile Access Routers
configuration guidelines 8-58
described 8-58
using the CLI to configure 8-60
using the GUI to configure 8-59
roles 8-3
selecting 8-35
supported by controller model 8-11
mesh backhaul data rates 8-10
mesh backhaul deployment example 8-6
mesh constraints 8-9
mesh deployment example 8-6
mesh minimum required LinkSNR 8-10
mesh neighbors, parents, and children 8-8
mesh node security statistics 8-49 to 8-50
mesh node statistics 8-48
mesh point-to-multipoint wireless bridging example 8-7
mesh point-to-point wireless bridging example 8-6
mesh routing 8-8
Message Authentication Code Key (MACK) parameter 5-8, 5-12
using the CLI D-11 to D-14
using the GUI D-8
using the CLI D-14
using the GUI D-10 to D-11
See also system logging
Message Logs page D-11
Message parameter for web authentication 10-15
Metrics Collection parameter 4-76
MFP Client Protection parameter 5-71
MFP Frame Validation parameter 5-71
MIC 6-25, 6-29
migrating access points from the -J to the -U regulatory domain 7-80 to 7-83
Min Failed Client Count per AP parameter 11-18
Minimum RSSI parameter 4-63
mirror mode. See port mirroring, configuring
configuring 6-30, 6-31
described 6-29
MMH Mode parameter 6-30
Mobile Announce messages 12-7
failover 12-20
overview 12-2
Mobility Anchor Config page 12-22, 12-27
Mobility Anchor Create button 12-23
mobility anchors. See auto-anchor mobility
Mobility Anchors option 12-22
Mobility Anchors page 12-22
Mobility Group Member > New page 12-11
Mobility Group Members > Edit All page 12-13
using the CLI 12-14
using the GUI 12-11 to 12-13
with one NAT device 12-8
with two NAT devices 12-9
determining when to include controllers 12-7
difference from RF groups 11-5
examples 12-7
illustrated 12-5
messaging among 12-7
number of access points supported 12-5, 12-6
number of controllers supported 12-5
prerequisites 12-9 to 12-10
using with NAT devices 12-8 to 12-9
types 12-16
using the CLI 12-19
using the GUI 12-16 to 12-19
described 12-6
detecting failed members 12-20
number of controllers supported 12-7
ping requests to members 12-20
Mobility Multicast Messaging > Edit page 12-14
Mobility Multicast Messaging page 12-13
mobility ping tests, running 12-28
Mobility Statistics page 12-17
MODE access point button 7-26, 7-46
Mode parameter 4-63, 11-44
monitor intervals, configuring using the GUI 11-20
mpings 12-23, 12-28
Multicast Appliance Mode parameter 3-25
multicast client table, viewing 4-60
viewing using the CLI 4-59
viewing using the GUI 4-58
Multicast Groups page 4-58
using the CLI 4-58
using the GUI 4-57 to 4-58
described 4-55 to 4-56
guidelines 4-56 to 4-57, 7-61
Multicast page 4-57
multiple AP-manager interfaces
5500 series controller example 3-44 to 3-45
configuration guidelines 7-75
using the CLI 7-78
using the GUI 7-76 to 7-77
NAC in-band mode 6-66
and hybrid REAP 13-5
using the CLI 6-71 to 6-72
using the GUI 6-68 to 6-71
described 6-66 to 6-67
diagram 6-67
guidelines 6-67 to 6-68
configuring for a specific access point group
using the CLI 6-72
using the GUI 6-70
NAC State parameter 6-56, 6-70, 6-71
for dynamic interface 3-20, 3-21
for management interface 3-13, 3-16
NAT devices in mobility groups 12-8 to 12-9
Native VLAN ID parameter 13-13
viewing for an access point using the CLI 8-54
viewing for an access point using the GUI 8-51 to 8-54
Neighbor Information option 8-51
Neighbor Packet Frequency parameter 11-20
viewing for an access point using the CLI 8-54
viewing for an access point using the GUI 8-51 to 8-54
Netbios Name Servers parameter 6-14
Netmask parameter 6-13
network analyzer supported software
AirMagnet D-47
Airopeek D-47
Omnipeek D-47
Wireshark D-47
Network Mobility Services Protocol (NMSP) 4-101
debugging 4-113 to 4-114
modifying the notification interval for clients, RFID tags, and rogues 4-110 to 4-111
viewing settings 4-111 to 4-113
Network parameter 6-13
configuring to obtain time and date 2-30
Number of Attempts to LSC parameter 7-29
Number of Hits parameter 5-61
OfficeExtend Access Point Configuration page 7-57
OfficeExtend Access Point Home page 7-56
LEDs D-53
positioning D-53
troubleshooting D-53 to D-54
and NAT 7-50
a personal SSID 7-56 to 7-58
using the CLI 7-54 to 7-56
using the GUI 7-51 to 7-53
described 7-49
firewall requirements 7-50
implementing security for 7-50
licensing requirements 7-50
supported access point models 7-50
trap logs 7-50
typical setup 7-49
viewing statistics 7-58 to 7-60
OfficeExtend AP parameter 7-53
online help, using 2-17
open source terms C-8
OpenSSL license issues C-7 to C-8
security 1-5
software 1-4
Order Used for Authentication parameter 5-11, 5-26
Override Global Config parameter 10-26, 10-33
Over-ride Global Credentials parameter 7-17, 7-21, 7-53
Override Interface ACL parameter 5-64
oversized access point images 7-49
over-the-air provisioning (OTAP) 7-7
P2P Blocking parameter 6-22
described D-21
sample output in Wireshark D-22
using the CLI D-23 to D-24
using the GUI D-23
Params parameter 7-29
restoring 4-42
password guidelines 7-20
for access point authentication 7-20
for access points 7-16
for local net users 5-33, 13-10
for PACs 9-25
viewing in clear text D-7
path loss measurement (S60), CLI command 4-106
PEAP parameter 5-44
using the CLI 6-23
using the GUI 6-21 to 6-23
described 6-20
examples 6-21
guidelines 6-21, 6-67
permanent licenses, installed on 5500 series controllers 4-3
Personal SSID parameter 7-57
Physical Mode parameter 3-24, 3-25
Physical Status parameter 3-24
using the CLI 11-50 to 11-51
using the GUI 11-49 to 11-50
debugging using the CLI 11-51
guidelines 11-48
overview 11-47 to 11-48
versions 11-49
Pico Cell Mode parameter 11-49
ping link test 7-90
ping tests 12-28
pinning 11-6
PMK cache lifetime timer 6-28
PMKID caching 6-28
PoE Status parameter 7-99
Pool End Address parameter 6-13
Pool Start Address parameter 6-13
Port > Configure page 3-23
port mirroring, configuring 3-26 to 3-27
for controller 3-24
for LDAP server 5-36
for RADIUS server 5-8
for TACACS+ server 5-25
for wired guest access 10-31
Port parameter for IDS 5-107
configuring 3-22 to 3-33
on 2100 series controllers 3-2, 3-4
on 4400 series controllers 3-2, 3-4
on 5500 series controllers 3-3, 3-5
on Catalyst 3750G Integrated Wireless LAN Controller Switch 3-3, 3-4, 3-5
on Cisco 28/37/38xx Series Integrated Services Router 3-4 to 3-5, 4-116, 7-35
on Cisco WiSM 3-4, 3-5
overview 3-2 to 3-6
Ports page 3-22
Power Assignment Leader parameter 11-12
power cable warning for Japan B-7
Power Injector Selection parameter 7-99
Power Injector State parameter 7-99
Power Neighbor Count parameter 11-12
using the CLI 7-100
using the GUI 7-98 to 7-100
described 1-14, 7-97
Power Over Ethernet (PoE) parameter 3-24
Power Threshold parameter 11-12
preauthentication access control list (ACL)
using the CLI 5-67
using the GUI 5-64 to 5-65
for external web server 10-20, 13-9
Preauthentication ACL parameter 5-65, 6-63
Pre-Standard State parameter 7-99
Primary Controller Name parameter 7-51
Primary Controller parameters 7-51, 7-69
Primary RADIUS Server parameter 13-18
priming access points 7-7
Priority Order > Local-Auth page 5-37, 5-42
Priority Order > Management User page 5-11, 5-26
Priority parameter 3-31
Privacy Protocol parameter 4-46
probe request forwarding, configuring 7-88
probe requests, described 7-88
product authorization key (PAK)
obtaining for license upgrade 4-4
registering 4-6
product ID for controller, finding 4-24
product ID of controller, finding 4-22
Product License Registration page 4-22
Profile Details page D-35
Profile Name parameter 6-5, 8-14, 10-31, 13-7
protected access credentials (PACs)
overview 9-24
using the CLI 9-26 to 9-27
using the GUI 9-25
using with local EAP 5-42, 13-22
Protection Type parameter 5-70, 11-37
Protocol parameter 5-60
Protocol Type parameter 4-68
configuring 6-27
described 6-25
with mesh 8-25
PSK Format parameter 6-27
public key cryptography (PKC), with mobility 12-7
using the CLI 6-41
using the GUI 6-39 to 6-40
described 6-37
guidelines 6-38
identity networking 5-78
levels 4-66, 6-35
translation values 6-36
with CAC 4-73
using the CLI 6-37
using the GUI 6-36 to 6-37
using the CLI 4-68 to 4-69
using the GUI 4-66 to 4-68
assigning for use with hybrid REAP 13-10
using the CLI 4-71 to 4-72
using the GUI 4-69 to 4-71
QoS Roles for Guest Users page 4-70
Quality of Service (QoS) parameter 6-36
configuring 3-13, 3-19
using 13-8
with hybrid REAP 13-4
with NAC out-of-band integration 6-69
for dynamic interface 3-19
NAC out-of-band integration 6-69
Query Interval parameter 5-108
Queue Depth parameter 4-67
queue statistics 8-48
Radio > Statistics page 6-43
described 7-41
retrieving 7-42
using the CLI 7-43
using the GUI 7-42 to 7-43
on the CLI 11-45
on the GUI 11-44
overview 11-43
viewing status using the CLI 11-46
radio preamble 5-52
radio resource management (RRM)
benefits 11-5
CCX features. See CCX radio management
monitor intervals using the GUI 11-20
using the CLI 11-21 to 11-24
using the GUI 11-10 to 11-21
configuring per controller using the CLI 11-23
configuring per controller using the GUI 11-17 to 11-19
described 11-4
debugging 11-26
disabling dynamic channel and power assignment
using the CLI 11-35 to 11-36
using the GUI 11-35
overriding RRM 11-27 to 11-36
overview 11-2
specifying channels 11-13 to 11-16
statically assigning channel and transmit power settings
using the CLI 11-32
using the GUI 11-28 to 11-32
update interval 11-7, 11-10
Wireless > 802.11a/n (or 802.11b/g/n) > RRM > TPC parameter 11-11
radio resource management (RRM) settings
viewing using the CLI 11-24 to 11-26
radio resource monitoring 11-2
accounting 5-3
authentication 5-3
choosing authentication priority order 5-11
using the CLI 5-11 to 5-15
using the GUI 5-6 to 5-11
configuring on ACS 5-4
described 5-3
FIPS standard 5-12
KEK parameter 5-12
MACK parameter 5-12
server fallback behavior 5-10, 5-13
using with hybrid REAP 13-16
RADIUS > Fallback Parameters page 5-10
RADIUS accounting attributes 5-18 to 5-19
RADIUS authentication attributes 5-16 to 5-18
Range (RootAP to MeshAP) parameter 8-24
Redirect URL After Login parameter 10-14
Refresh-time Interval parameter 4-93
Regenerate Certificate button 10-8
for 2100 series controllers B-10
for 4400 series controllers B-10
for lightweight access points B-2 to B-10
rehosting a license. See licenses
Rehost Ticket File Name parameter 4-23
Remote Authentication Dial-In User Service. See RADIUS
Request Max Retries parameter 5-43
Request Timeout parameter 5-43
Reserved Roaming Bandwidth parameter 4-76, 4-77
Reset Link Latency button 7-95
Reset Personal SSID parameter 7-52
resetting the controller 9-34
restoring passwords 4-42
Re-sync button 5-110
reverse path filtering (RPF) 12-26
RF Channel Assignment parameter 11-35
RF domain. See RF groups
RF exposure declaration of conformity B-5
described 11-6
viewing 11-9
described 11-7
entering 11-8
cascading 11-6
using the CLI 11-8
using the GUI 11-7
difference from mobility groups 11-5
overview 11-5 to 11-7
pinning 11-6
using the CLI 11-10
using the GUI 11-9
described 4-100
formats supported 4-100
number supported per controller 4-101
configuring using the CLI 4-102
debugging using the CLI 4-104
viewing information using the CLI 4-103 to 4-104
RFID tracking on access points, optimizing
using the CLI 7-87
using the GUI 7-85 to 7-86
RF-Network Name parameter 11-8
RLDP. See Rogue Location Discovery Protocol (RLDP)
roaming and real-time diagnostics
configuring using the CLI D-39 to D-42
described D-26
described D-26
viewing D-39 to D-40
roam reason report 4-62
roam reason report, described 8-32
alarm 11-37
using the CLI 5-89
using the GUI 5-88
classification mapping table 5-85
classifying 5-84
configuring RLDP 5-87 to 5-90
using the CLI 11-38
using the GUI 11-36 to 11-38
managing 5-83
rule-based classification support 5-84
tagging, location, and containment 5-84
using the CLI 5-101 to 5-106
using the GUI 5-96 to 5-101
WCS support for rule-based classification 5-87
Rogue AP Detail page 5-97
Rogue AP Ignore-List page 5-101
configuring using the CLI 5-94 to 5-96
configuring using the GUI 5-90 to 5-94
Rogue Client Detail page 5-99
rogue detection 5-87, 5-88
and OfficeExtend access points 7-52, 7-55
Rogue Detection parameter 5-87, 7-52
Rogue Location Discovery Protocol (RLDP)
using the CLI 5-88 to 5-90
using the GUI 5-87 to 5-88
defined 5-84
Rogue Location Discovery Protocol parameter 5-88
Rogue on Wire parameter 5-88
Rogue Policies page 5-87
Rogue Rule > Edit page 5-92
Rogue Rules > Priority page 5-93
rogue states 5-85, 5-86
Role Name parameter 4-70
Role parameter 5-33, 13-10
selecting 8-35
root bridge 3-27
Root Cost parameter 3-30
Root Port parameter 3-30
RRM. See radio resource management (RRM)
configuring D-39 to D-41
described D-26
Rx Sensitivity Threshold parameter 11-50
Save and Reboot button 9-21, 9-23
Save Licenses button 4-8
saving configuration settings 9-32
Scan Threshold parameter 4-63
Scope Name parameter 6-13
Search AP window 7-11, 7-14, 7-37
Search Clients page 7-103
Search WLANs window 6-8, 7-10, 7-14
Secondary Controller parameters 7-69
Secondary RADIUS Server parameter 13-18
described 2-18
using the CLI 2-19
using the GUI 2-18
overview 5-2
solutions 5-2 to 5-3
Security Policy Completed parameter 6-48
local and external authentication 8-23
Select APs from Current Controller parameter 13-20
used to authorize access points 7-27
Sequence parameter 5-59
serial number for controller, finding 4-24
serial number of controller, finding 4-22
baud rate setting 2-24
timeout 2-24
Server Address parameter 5-107
Server Index (Priority) parameter 5-8, 5-25, 5-36
for LDAP server 5-36
for RADIUS server 5-8
for TACACS+ server 5-25
for wireless sniffer D-49
Server Key parameter 5-46, 13-22
Server Status parameter 5-9, 5-25
Server Timeout parameter 5-9, 5-26, 5-37
service port 3-6
using the CLI 3-18
using the GUI 3-12 to 3-15
described 3-9
using the CLI 6-32
using the GUI 6-31
described 6-31
Set Priority button 4-18
Set to Factory Default button 11-21
Severity Level Filtering parameter D-9
Shared Secret Format parameter 5-8, 5-25
Shared Secret parameter 5-8, 5-25
Short Preamble Enabled parameter 5-52
short preambles 5-52
Show Wired Clients option 7-64
described 5-110
using the CLI 5-111
using the GUI 5-110
Signature Events Detail page 5-118
Signature Events Summary page 5-118
Signature Events Track Detail page 5-119
Simple Bind parameter 5-36
sniffing. See wireless sniffing D-47
Sniff parameter D-49
SNMP, configuring 4-42 to 4-43
changing default values using the CLI 4-44 to 4-45
changing default values using the GUI 4-43 to 4-44
SNMP v1 / v2c Community > New page 4-44
SNMP v1 / v2c Community page 4-43
changing default values using the CLI 4-46
changing default values using the GUI 4-45 to 4-46
SNMP V3 Users > New page 4-46
SNMP V3 Users page 4-45
guidelines 9-2 to 9-4
using the CLI 9-9 to 9-11
using the GUI 9-6 to 9-8
software, upgrading in mesh networks
guidelines 9-4 to 9-6
Source parameter for ACLs 5-59
Source Port parameter 5-60
Spanning Tree Algorithm parameter 3-31
using the CLI 3-32 to 3-33
using the GUI 3-28 to 3-32
described 3-27
spanning-tree root 3-27
Spanning Tree Specification parameter 3-30
using the CLI 5-53
using the GUI 5-52
overview 5-52
Spectralink Voice Priority parameter 4-88
splash page web redirect 6-61
Splash Page Web Redirect parameter 6-63
SSC key-hash on Cisco WiSM 7-26
and OfficeExtend access points 7-53, 7-55
using the CLI 2-35 to 2-36
using the GUI 2-34 to 2-35
using the CLI D-51 to D-52
using the GUI D-50 to D-51
SSH parameter D-51
using the CLI 6-6
using the GUI 6-5
described 6-3
using the CLI 2-21 to 2-22
using the GUI ?? to 2-21
SSLv2, configuring for web administration 2-19
SSLv2 for web authentication, disabling 10-13
Standard Signature > Detail page 5-117
Standard Signatures page 5-115
stateful DHCPv6 IP addressing 6-47
State parameter 5-108, 5-118
using the CLI 7-47 to 7-48
using the GUI 7-46 to 7-47
described 7-46
Static IP parameter 7-47
Static Mobility Group Members page 12-11
Statistics option 8-47
for DHCP scopes 6-14
for guest LANs 10-32
for SNMP community 4-44
for WLANs 6-6
STP Mode parameter 3-29
STP Port Designated Bridge parameter 3-28
STP Port Designated Cost parameter 3-28
STP Port Designated Port parameter 3-28
STP Port Designated Root parameter 3-28
STP Port Forward Transitions Count parameter 3-28
STP Port ID parameter 3-28
STP Port Path Cost Mode parameter 3-29
STP Port Path Cost parameter 3-29
STP Port Priority parameter 3-29
STP State parameter 3-28
strong passwords 7-20
Summary page 2-35
configuring 4-114 to ??
described 4-114
switch, configuring at the remote site 13-5 to 13-6
Switch IP Address (Anchor) parameter 12-23
SX/LC/T small form-factor plug-in (SFP) modules 3-5
illustrated 12-27
overview 12-26 to 12-27
using the CLI 12-28
using the GUI 12-27
Symmetric Mobility Tunneling Mode parameter 12-27
described D-27
levels D-10
logs D-39 to D-41
Syslog Configuration page D-8
Syslog Facility parameter D-9
number supported by controller D-8
removing from controller D-8
severity level filtering D-9
Syslog Server IP Address parameter D-8
using the CLI D-11 to D-14
using the GUI D-8 to D-10
setting severity level D-10
system logs, viewing using the CLI D-14
system messages D-2 to D-5
System Resource Information page D-5
viewing using the CLI D-6
viewing using the GUI D-5
accounting 5-20
authentication 5-19
authorization 5-19
choosing authentication priority order 5-26
using the CLI 5-27 to 5-29
using the GUI 5-24 to 5-26
configuring on ACS 5-20 to 5-24
described 5-19 to 5-20
roles 5-19, 5-23
viewing administration server logs 5-29 to 5-30
TACACS+ (Authentication, Authorization, or Accounting) Servers > New page 5-25
TACACS+ (Authentication, Authorization, or Accounting) Servers page 5-24
TACACS+ (Cisco) page (on CiscoSecure ACS) 5-22
TACACS+ Administration.csv page (on CiscoSecure ACS) 5-29, 5-30
configuring 7-96 to 7-97
described 7-96
telemetry 4-100
and OfficeExtend access points 7-53, 7-55
using the CLI D-51 to D-52
using the GUI D-50 to D-51
Telnet parameter D-51
using the CLI 2-35 to 2-36
using the GUI 2-34 to 2-35
Telnet-SSH Configuration page 2-34
Tertiary Controller parameters 7-69
text2pcap sample output D-45
TFTP server guidelines 9-2
using the CLI 2-32
using the GUI 2-30
using the NTP server 2-30
time-length-values (TLVs), supported for CDP 4-90 to 4-92
timeout, configuring for disabled clients 6-17
Time Since Topology Changed parameter 3-30
timestamps, enabling or disabling in log and debug messages D-14
Time to Live for the PAC parameter 5-46, 13-22
configuring using the CLI 2-32
configuring using the GUI 2-31
configuring 6-27, 6-28
described 6-25
parameter 6-27
Topology Change Count parameter 3-30
traffic specifications (TSPEC) request
described 4-74
examples 4-74
using the CLI 4-84
using the GUI 4-76
described 4-75
using the CLI 4-86 to 4-87
using the GUI 4-80 to 4-83
downloading a CA certificate 9-23
downloading a configuration file 9-30
downloading a customized web authentication login page 10-23
downloading a device certificate 9-20
upgrading controller software 9-8
uploading a configuration file 9-28
uploading a PAC 9-25
uploading packet capture files D-23
Transition Time parameter 4-63
statically assigning using the CLI 11-32
statically assigning using the GUI 11-28 to 11-32
transmit power levels 11-31
Transmit Power parameter 11-50
transmit power threshold, decreasing 11-21
for OfficeExtend access points 7-50
Trap Logs page 4-3, 6-43
access point join process 7-34 to 7-41
CCXv5 clients D-26 to D-42
problems D-6 to D-8
tunnel attributes and identity networking 5-80 to 5-81
Tx Power Level Assignment parameter 11-35
Type parameter 6-5, 10-31, 13-7
described 4-75
using the CLI 4-86
using the GUI 4-79
UDP, use in RADIUS 5-4
UDP port 12-23, 12-28
unicast mode 4-55
unique device identifier (UDI)
described 7-89
using the CLI 7-90
using the GUI 7-89 to 7-90
Upload button 5-115, 7-43, 9-26, D-17, D-23
Upload CSV File parameter 13-21
Upload File from Controller page 7-42, 9-25, 9-27, D-17, D-23
URL parameter 10-21
URL to Send the Notifications parameter 4-27
USB console port, using on a 5500 series controller 3-33 to 3-34
Use AES Key Wrap parameter 5-7
User Access Mode parameter 10-3
user accounts, managing 10-1 to 10-25
User Attribute parameter 5-36
User Base DN parameter 5-36
User Credentials parameter 5-37
User Name parameter 5-33, 13-10
Username parameter 7-16, 7-20, 7-21
User Object Type parameter 5-36
User parameter 9-25
User Profile Name parameter 4-46
Using Our SSID parameter 5-88
Validate Rogue Clients Against AAA parameter 5-88
Valid Client on Rogue AP parameter 5-88
Validity parameter 9-25
VCCI warnings for controllers B-7
VCI strings 7-34
Verify Certificate CN Identity parameter 5-45
video information, viewing for mesh networks using the CLI 8-42 to 8-44
using the CLI 4-84
using the GUI 4-76 to 4-78
using the CLI 4-85 to 4-87
using the GUI 4-78 to 4-83
using the CLI 3-17
using the GUI 3-12 to 3-15
described 3-9
for AP-manager interface 3-14
for dynamic interface 3-19, 3-20
VLAN ID parameter 6-68, 13-14
VLAN interface. See dynamic interface
button 13-13
page 13-13
described 3-9
guidelines 3-12
VLAN Support parameter 13-13
VLAN tag, and identity networking 5-79
Voice & Video Optimized parameter 4-88
voice information, viewing for mesh networks using the CLI 8-42 to 8-44
Voice Optimized parameter 4-88
voice-over-IP (VoIP) telephone roaming 4-61
Voice RSSI parameter 11-18
using the CLI 4-83 to 4-84
using the GUI 4-75 to 4-76
using the CLI 4-85 to 4-87
using the GUI 4-78 to 4-83
VoIP calls, error codes 6-45 to 6-46
using the CLI 6-44 to 6-47
using the GUI 6-42 to 6-43
described 6-41 to 6-42
VoIP Snooping and Reporting parameter 6-42
VPN Gateway Address parameter 6-33
configuring using the CLI 6-33
configuring using the GUI 6-33
described 6-32
warranty C-4 to C-6
webauth.tar files 10-26
webauth bundle 10-22
obtaining using the CLI 10-9 to 10-10
obtaining using the GUI 10-7 to 10-9
using the CLI 6-34
using the GUI 6-33
described 10-10
process 10-10 to 10-13
successful login page 10-13
Web Authentication Certificate page 10-8
using the CLI 10-27
using the GUI 10-26
using the CLI 10-15 to 10-16
using the GUI 10-14 to 10-15
customized example 10-25
customizing from an external web server
using the CLI 10-21
using the GUI 10-20 to 10-21
default 10-12
downloading a customized login page
guidelines 10-22
using the CLI 10-24
using the GUI 10-22 to 10-23
modified default example 10-17
previewing 10-15, 10-23
verifying settings using the CLI 10-25
Web Authentication option 10-32
Web Authentication Type parameter 10-14, 10-21, 10-23
Web Auth Type parameter 10-26, 10-33
web-browser security alert 10-11
Web Login page 10-14, 10-20
using the CLI 2-19
using the GUI 2-18
described 2-18
Web Passthrough option 10-32
Web Policy parameter 5-65, 6-34, 6-63
web redirect 6-60
Web Server IP Address parameter 10-21
Web Session Timeout parameter 2-18
WEP keys, configuring 6-23
WGB parameter 7-64
WGB Wired Clients page 7-64
configuration overview 10-30
using the CLI 10-33 to 10-39
using the GUI 10-31 to 10-33
described 10-28 to 10-30
guidelines 10-30
one-controller example 10-29
two-controller example 10-30
wireless intrusion prevention system (wIPS)
configuring on an access point 5-125 to 5-126
described 5-123
viewing information 5-126 to 5-127
using the CLI D-49
using the GUI D-48 to D-49
prerequisites D-47
supported software D-47
WLAN ID parameter 6-5
WLAN mobility security values 12-25
WLAN override 9-2
WLAN Profile parameter 5-34, 13-10
assigning web login, login failure, and logout pages
using the CLI 10-27
using the GUI 10-26
checking security settings 6-24
conditional web redirect 6-61 to 6-64
static and dynamic WEP 6-24
connecting clients to 13-15
using the CLI 6-6
using the GUI 6-4 to 6-6
using the CLI 6-8
using the GUI 6-5
described 1-13, 3-10 to 3-12, 6-3 to 6-4
using the CLI 6-7
using the GUI 6-6
searching 6-8
configuring 6-31
described 6-31
splash page web redirect 6-61
wired security solution 1-5
WLANs > Edit (Advanced) page 6-42, 6-65
applying an ACL to a WLAN 5-64
configuring AAA override 5-83
configuring infrastructure MFP for a WLAN 5-71
configuring IPv6 bridging 6-49
configuring NAC out-of-band integration 6-70
configuring the diagnostic channel D-27
WLANs > Edit (QoS) page 6-39
WLANs > Edit (Security > AAA Servers) page
assigning LDAP servers to a WLAN 5-38
choosing RADIUS or LDAP servers for external authentication 10-26
disabling accounting servers on a WLAN 6-64
enabling local EAP on a WLAN 5-47
WLANs > Edit (Security > Layer 2) page 6-27, 6-30
WLANs > Edit (Security > Layer 3) page
applying a preauthentication ACL to a WLAN 5-64
configuring a WLAN for VPN Passthrough 6-33
configuring web redirect 6-63
configuring wired guest access 10-32
WLANs > Edit page 6-5, 10-31, 13-7
WLANs > New page 6-5, 8-32, 8-33, 8-53, 8-54, 10-31, 13-7
WLANs page 6-4, 12-22
configuring for guest user 10-5
creating a centrally switched WLAN 13-7
creating WLANs 6-5
identifying the guest LAN 10-31
mapping an access point group to a WLAN 6-56, 6-71
configuring 4-35, 6-39, 6-41
described 6-38
with CAC 4-73
WMM parameter 4-88, 4-89
WMM Policy parameter 6-39
debugging 7-66
described 7-60
guidelines 7-61
illustrated 7-49, 7-52, 7-57, 7-60
sample configuration 7-63
using the CLI 7-66
using the GUI 7-63 to 7-65
world mode 4-30, 4-32
using the CLI 6-28
using the GUI 6-27
described 6-25
WPA2 Policy parameter 6-27
WPA Policy parameter 6-27
wplus license. See licenses
wplus software set, included features 4-2
Index
11n Mode parameter 4-34
and PoE Status field 7-99
operating modes when using PoE 7-97
3DES IPSec data encryption 5-9
7920 AP CAC parameter 6-39
7920 Client CAC parameter 6-39
configuring 6-38
described 6-38
7921 support mode 6-38
802.11a (or 802.11b) > Client Roaming page 4-62
802.11a (or 802.11b) > Video Parameters page 4-77
802.11a (or 802.11b) > Voice Parameters page 4-75
802.11a (or 802.11b/g) > EDCA Parameters page 4-88
802.11a (or 802.11b/g) Global Parameters > Auto RF page 11-9
802.11a (or 802.11b/g) Global Parameters page 4-29, 11-44
802.11a (or 802.11b/g) Network Status parameter 4-30, 4-38, 4-39
802.11a/n (4.9 GHz) > Configure page 8-59
802.11a/n (or 802.11b/g/n) Cisco APs > Configure page 11-29
802.11a/n (or 802.11b/g/n) Radios page 4-81, 11-28, 11-40
802.11a/n Cisco APs > Configure page 11-41
802.11a/n Radios page (from Monitor Menu) 7-13
802.11a/n Radios page (from Wireless Menu) 7-14
802.11a > Pico Cell page 11-49
802.11a > Pico Cell page with pico cell mode V2 parameters 11-49
802.11a > RRM > Coverage page 11-18
802.11a > RRM > DCA page 11-14
802.11a > RRM > Dynamic Channel Assignment (DCA) page 11-14
802.11a > RRM > General page 11-19
802.11a > RRM > Tx Power Control (TPC) page 11-11
802.11a Global Parameters page 11-40
802.11b/g/n Cisco APs > Configure page 7-86, D-49
configuring using the CLI 4-31 to 4-33
configuring using the GUI 4-29 to 4-31
802.11g Support parameter 4-30
802.11h, described 4-38
802.11h Global Parameters page 4-38
802.11h parameters, configuring
using the CLI 4-39
using the GUI 4-38 to 4-39
clients 7-102
using the CLI 4-35 to 4-38
using the GUI 4-33 to 4-35
devices 4-33
802.11n (2.4 GHz) High Throughput page 4-34
802.1Q VLAN trunk port 3-6
configuring 6-24
described 6-25
dynamic key settings 6-24
configuring 6-27
described 6-26
802.1X authentication for access points
the switch 7-23
using the CLI 7-21 to 7-23
using the GUI 7-19 to 7-21
described 7-18
802.1x Authentication parameter 7-20
configuring using the CLI 4-54
configuring using the GUI 4-53 to 4-54
802.3 Bridging parameter 4-54
802.3 frames 4-53
802.3X flow control, enabling 4-52
using the CLI 5-83
using the GUI 5-83
described 5-81
AC adapter warning for Japan B-7
Access Control List Name parameter 5-59
using the CLI 5-67
using the GUI 5-62
using the CLI 5-67
using the GUI 5-63 to 5-64
applying to the controller CPU
using the CLI 5-67
using the GUI 5-63
using the CLI 5-65 to 5-66
using the GUI 5-58 to 5-61
configuring for the debug facility D-43 to D-44
configuring using the CLI 5-65
configuring using the GUI 5-58
described 5-57
identity networking 5-79
rules 5-57, 5-59, 5-66
using with the debug facility D-42 to D-43
Access Control Lists > Edit page 5-61
Access Control Lists > New page 5-58
Access Control Lists > Rules > New page 5-59
Access Control Lists page 5-58
Access Mode parameter 4-44, 4-46
access point core dumps, uploading
using the CLI 7-45
using the GUI 7-44
access point count, approved tiers for 5500 series controllers 4-4
access point event logs, viewing D-15
using the CLI 6-59
using the GUI 6-57
using the CLI 6-57 to 6-59
using the GUI 6-54 to 6-57
default group 6-54
described 6-52
illustrated 6-53
using the CLI 6-58
using the GUI 6-55
viewing 6-59 to 6-60
access point monitor service, debugging D-52
access point radios, searching for 7-13 to 7-14
20-MHz channelization 11-29
40-MHz channelization 11-29
assisted roaming 4-61
authorization list 7-33
using LSCs 7-28 to 7-32
using MICs 7-27
using SSCs 7-27
using the CLI 7-33
using the GUI 7-32
configuring hybrid REAP using the CLI 13-14 to 13-15
converting to mesh access points 8-55
embedded 7-24
guidelines for operating in Japan B-6, B-7
configuring 7-101
interpreting D-2
migrating from the -J regulatory domain to the -U regulatory domain 7-80 to 7-83
number supported per controller 3-5
priming 7-7
regulatory information B-2 to B-10
rules for operating in Taiwan B-8 to B-9
searching for 7-10 to 7-13
supported for use with hybrid REAP 13-2
supporting oversized images 7-48 to 7-49
the join process 7-34 to 7-41
using Telnet or SSH D-50 to D-52
VCI strings 7-34
verifying that they join the controller 7-9
using the CLI 7-39 to 7-41
using the GUI 7-36 to 7-39
viewing multicast client table 4-60
Accounting Server parameters 6-65
accounting servers, disabling per WLAN 6-64
ACL. See access control lists (ACLs)
ACL Name parameter 5-62, 5-63
ACS server configuration page 6-62
Action parameter 5-61
active exploits 5-128
Add AAA Client page (on CiscoSecure ACS) 5-5, 5-21
Add AP button 13-18
Add New Rule button 5-59
Add Web Server button 10-21
AdHoc Rogue AP parameter 5-88
administrator access 4-41
administrator usernames and passwords, configuring 4-41
Admin Status parameter 3-24, 3-25
Admission Control (ACM) parameter 4-76, 4-77
AES CBS IPSec data encryption 5-9
AES-CCMP 6-25
AES parameter 6-27
Aggregated MAC Protocol Data Unit (A-MPDU) 4-36
Aggregated MAC Service Data Unit (A-MSDU) 4-36
aggregation method, specifying 4-36
aggressive load balancing 4-47
AirMagnet Enterprise Analyzer D-47
Aironet IE parameter 6-29, 6-50
configuring using the CLI 6-52
configuring using the GUI 6-50
Airopeek D-47
Alarm Trigger Threshold parameter 11-37
All APs > Access Point Name > Link Details > Neighbor Name page 8-53
All APs > Access Point Name > Mesh Neighbor Stats page 8-53
All APs > Access Point Name > Neighbor Info page 8-52
All APs > Access Point Name > Statistics page 8-47
All APs > Access Point Name > VLAN Mappings page 13-13
All APs > Details (Advanced) page
configuring CDP 4-94
All APs > Details for (Advanced) page 7-4, 7-44, D-51
configuring country codes 7-77
configuring link latency 7-94
configuring PoE 7-98
All APs > Details for (Credentials) page 7-16, 7-20, 7-53
All APs > Details for (General) page 7-47, 7-51, 13-12
All APs > Details for (High Availability) page 7-51, 7-69, 7-73
All APs > Details for (H-REAP) page 7-52, 13-12
All APs > Details for (Inventory) page 7-90
All APs > Details for page D-48, D-53
All APs > Details page 8-19, 8-35, 11-37
All APs page 7-10, 8-46, 11-36, 13-12
Allow AAA Override parameter 5-83
AnchorTime parameter 11-15
anonymous local authentication bind method 5-36, 5-39
Anonymous Provision parameter 5-46
Antenna Gain parameter 11-31
Antenna parameter 11-30
Antenna Type parameter 11-30
AP > Clients > Traffic Stream Metrics page 4-82
AP > Clients page 4-82
described 7-24
using with a controller 7-24
AP Authentication Policy page 5-70, 11-37
AP Core Dump parameter 7-44
ap-count evaluation licenses, activating
using the CLI 4-19 to 4-20
using the GUI 4-17 to 4-19
ap-count license. See licenses
AP Ethernet MAC Addresses parameter 7-29
AP Failover Priority parameter 7-73
AP Group Name parameter 6-55
AP Groups > Edit (APs) page 6-57
AP Groups > Edit (General) page 6-56
AP Groups > Edit (WLANs) page 6-56, 6-71
AP Groups page 6-54, 6-70
AP Join Stats Detail page 7-39
AP Join Stats page 7-37
and dynamic interfaces 3-10
using the CLI 3-16 to 3-17
using the GUI 3-12 to 3-15
using the CLI 3-44
using the GUI 3-42 to 3-43
described 3-8
of four AP-manager interfaces 3-42
of three AP-manager interfaces 3-41
of two AP-manager interfaces 3-40
using multiple 3-39 to 3-44
AP Mode parameter 7-51, 11-37, 13-12, D-48
AP Name parameter 6-57
AP Policies page 7-32
AP Primary Discovery Timeout parameter 7-68
ASLEAP detection 5-128
Assignment Method parameter 11-29, 11-31
described 12-26
illustrated 12-26
authenticated local authentication bind method 5-36, 5-39
Authentication Protocol parameter 4-46
Auth Key Mgmt parameter 6-27
Authority ID Information parameter 5-46, 13-22, 13-23
Authority ID parameter 5-46, 13-22
Authorize LSC APs against auth-list parameter 7-32
Authorize MIC APs against auth-list or AAA parameter 7-32
using the CLI 7-33
using the GUI 7-32
using the CLI 12-23 to 12-24
using the GUI 12-21 to 12-23
guidelines 12-21
overview 12-20 to 12-21
auto-immune feature 5-109
described 2-26, 2-29
example operation 2-29
DHCP addresses for interfaces 2-27
TFTP server information 2-27
overview 2-26
selecting configuration file 2-28
using 2-26
Average Data Rate parameter 4-67, 4-70
Average Real-Time Rate parameter 4-67, 4-71
Avoid Cisco AP Load parameter 11-15
Avoid Foreign AP Interference parameter 11-15, 12-18
Avoid Non-802.11a (802.11b) Noise parameter 11-15
Backhaul Client Access parameter 8-59
using the CLI 7-70 to 7-72
using the GUI 7-68 to 7-69
described 7-67
Back-up Primary Controller IP Address parameter 7-68
Back-up Primary Controller Name field 7-68
Back-up Secondary Controller IP Address parameter 7-69
Back-up Secondary Controller Name parameter 7-69
band selection 4-49
described 4-73
using the CLI 4-83
using the GUI 4-76
for mesh networks 8-40
base license. See licenses
Base MAC Address parameter 3-30
Beacon Period parameter 4-30
using the CLI 11-41 to 11-42
using the GUI 11-40 to 11-41
described 11-39
guidelines 11-39
Beamforming parameter 11-40, 11-41
Bind Password parameter 5-36
Bind Username parameter 5-36
Bridge Data Rate parameter 8-35
Bridge Group Name parameter 8-35
bridge protocol data units (BPDUs) 3-27
configuring using the CLI 8-37 to 8-39
configuring using the GUI 8-35 to 8-37
browsers supported 2-16
Buffered Log Level parameter D-10
Burst Data Rate parameter 4-67, 4-71
Burst Real-Time Rate parameter 4-67, 4-71
configuring for 7920 phones 6-38
described 4-73
using the CLI 4-84
using the GUI 4-77
in mesh networks 8-39
viewing in mesh networks 8-42 to 8-44
viewing using the CLI 4-85
Canadian compliance statement B-3
and mesh access points 8-8
cascading 11-6
CA Server URL parameter 7-28
Catalyst 3750G Integrated Wireless LAN Controller Switch
described 1-12
logical connectivity diagram and associated software commands E-4 to E-5
ports 3-3, 3-4, 3-5
CCA Sensitivity Threshold parameter 11-50
configuring 6-27
described 6-25
hybrid-REAP groups 13-17
with mobility 12-7
using the CLI 6-52
using the GUI 6-50
described 6-49
link test 7-90
using the CLI 6-52
using the GUI 6-50 to 6-51
using the CLI 4-64
using the GUI 4-62 to 4-64
debugging using the CLI 4-64
described 4-61 to 4-62
obtaining information using the CLI 4-64
using the CLI 11-45
using the GUI 11-44 to 11-45
debugging using the CLI 11-47
features 11-43
hybrid-REAP considerations 11-43
obtaining information using the CLI 11-46 to 11-47
enabling location presence 4-110
troubleshooting D-26 to D-42
CCXv5 Req button D-33
CCX Version parameter 6-51
CDP > AP Neighbors > Detail page 4-97
CDP > AP Neighbors page 4-96
CDP > Global Configuration page 4-93
CDP > Interface Neighbors > Detail page 4-95
CDP > Interface Neighbors page 4-95
CDP > Traffic Metrics page 4-97
CDP Advertisement Version parameter 4-93
CDP AP Neighbors page 4-96
CDP Protocol Status parameter 4-93
CDP State parameter 4-94
Certificate Authority (CA) certificates
using the CLI 9-23 to 9-24
using the GUI 9-22
overview 9-22
using with local EAP 5-42, 5-47
Certificate File Name parameter 10-8
Certificate File Path parameter 10-8
Certificate Issuer parameter 5-45
Certificate Password parameter 9-20, 10-9
Certificate Type parameter 7-33
Change Filter link 7-10, 7-14, 7-37
Change Rules Priority parameter 5-93
Channel Announcement parameter 4-38
Channel Assignment Leader parameter 11-16
Channel Assignment Method parameter 11-14
channel bonding in the 5-GHz band 11-30
Channel parameter 11-28, D-49
Channel Quiet Mode parameter 4-38
statically assigning using the CLI 11-32
statically assigning using the GUI 11-28 to 11-32
Channel Scan Duration parameter 11-20
Channel Width parameter 11-16, 11-29
Check Against CA Certificates parameter 5-45
Check Certificate Date Validity parameter 5-45
chokepoints for RFID tag tracking 4-101
CIDS Sensor Add page 5-107
CIDS Sensors List page 5-106
CIDS Shun List page 5-110
configuring 6-27, 6-28
described 6-26
Cisco 2100 Series Wireless LAN Controllers
AutoInstall interfaces 2-27
described 1-8
FCC statement B-10
features not supported 1-8
network connections 1-16
ports 3-2, 3-4
Cisco 28/37/38xx Integrated Services Router
described 1-12
logical connectivity diagram and associated software commands E-3
ports 3-4, 3-5, 4-116
versions 1-12
Cisco 3200 Series Mobile Access Router (MAR)
described 8-58
operating with mesh access points
using the CLI to configure 8-60
using the GUI to configure 8-59
Cisco 3300 Series Mobility Services Engine (MSE), using with wIPS 5-123
Cisco 4400 Series Wireless LAN Controllers
AutoInstall interfaces 2-27
choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43
described 1-9
FCC statement B-10
models 3-4 to 3-5
network connections 1-16 to 1-17
ports 3-2, 3-4, 3-5
Cisco 5500 Series Wireless LAN Controllers
choosing between link aggregation and multiple AP-manager interfaces 3-34 to 3-43
CPUs D-5
described 1-9
FCC statement B-10
features not supported 1-10
interface configuration example 3-45
licenses. See licenses
models 3-5
multiple AP-manager interfaces 3-44 to 3-45
network connections 1-17
ports 3-3, 3-5
using the USB console port 3-33 to 3-34
Cisco 7920 Wireless IP Phones 6-38
Cisco 7921 Wireless IP Phones 6-38
Cisco Adaptive Wireless Path Protocol (AWPP) 8-8
Cisco AV-pairs 6-60, 6-61, 6-62
Cisco Centralized Key Management (CCKM). See CCKM
Cisco Clean Access (CCA) 6-66
Cisco Client Extensions (CCX). See CCX
Cisco Discovery Protocol (CDP)
using the CLI 4-98 to 4-99
using the GUI 4-93 to 4-94
debugging using the CLI 4-100
described 4-90
enabling using the GUI 4-93 to 4-94
sample network 4-92
supported devices 4-90
using the CLI 4-99 to 4-100
using the GUI 4-94 to 4-98
using the CLI 4-99
using the GUI 4-97
Cisco Discovery Protocol parameter 4-94
Cisco high-power switches 7-99
and the controller license agent 4-26
using to register PAKs 4-6
Cisco Licensing website 4-21
Cisco Logo parameter 10-14
Cisco NAC Appliance 6-66
CiscoSecure Access Control Server (ACS) 5-4
Cisco Unified Wireless Network (UWN) Solution
described 1-2 to 1-4
illustrated 1-3
Cisco Wireless Control System (WCS) 1-2
configuring the Supervisor 720 4-114 to ??
guidelines 4-114
logical connectivity diagram and associated software commands E-2 to E-3
maximum number supported by router chassis 1-11
ports 3-4, 3-5
SSC key-hash 7-26
using the CLI 6-30
using the GUI 6-29 to 6-30
described 6-29
Clear Config button 7-58
Clear Filter link 6-8, 7-13, 7-14, 7-38
clearing the controller configuration 9-34
Clear Stats button 12-19
Clear Stats on All APs button 7-37
basic commands 2-26
enabling wireless connections 2-36
logging into 2-23 to 2-25
logging out 2-25
navigating 2-25
troubleshooting commands D-6 to D-8
using 2-23 to 2-26
Client Certificate Required parameter 5-45
client exclusion policies, configuring
using the CLI 5-76 to 5-77
using the GUI 5-75 to 5-76
Client Exclusion Policies page 5-76
ClientLink. See beamforming
client location, using WCS 1-7
client MFP 5-68
Client Protection parameter 5-72
configuring using the CLI D-35 to D-39
configuring using the GUI D-32 to D-35
described D-26
Client Reporting page D-34
client roaming, configuring 4-60 to 4-65
connecting to WLANs 13-15
using the CLI 7-105
using the GUI 7-102 to 7-105
using the CLI 6-52
using the GUI 6-50 to 6-51
Clients > AP > Traffic Stream Metrics page 4-80
Clients > AP page 4-80
configuring client reporting D-33
viewing a client’s CCX version 6-51
viewing client details 7-65, 7-104
viewing the status of workgroup bridges 7-64
viewing voice and video settings 4-79
performing a link test 7-92
viewing clients 7-102
viewing the status of workgroup bridges 7-64
viewing voice and video settings 4-78
Client Type parameter 7-64, 7-65
Commands > Reset to Factory Defaults page 4-116
comma-separated values (CSV) file, uploading 13-21
Community Name parameter 4-44
conditional web redirect 6-60
using the CLI 6-63
using the GUI 6-62 to 6-63
described 6-60
Conditional Web Redirect parameter 6-63
Configuration File Encryption parameter 9-30
using the CLI 9-31 to 9-32
using the GUI 9-29 to 9-30
editing 9-33 to 9-34
using the CLI 9-28 to 9-29
using the GUI 9-27 to 9-28, ?? to 9-29, ?? to 9-30, ?? to 9-32
CLI version 2-13 to 2-16
described 2-2
GUI version 2-3 to 2-13
Configuration Wizard - 802.11 Configuration page 2-11
Configuration Wizard Completed page 2-13
Configuration Wizard - Management Interface Configuration page 2-6
Configuration Wizard - Miscellaneous Configuration page 2-7
Configuration Wizard - Service Interface Configuration page 2-5
Configuration Wizard - Set Time page 2-12
Configuration Wizard - SNMP Summary page 2-4, 2-6
Configuration Wizard - System Information page 2-3
Configuration Wizard - Virtual Interface Configuration page 2-8
Configure option for RRM override 11-28
Confirm Password parameter 13-10
Console Log Level parameter D-10
connecting 2-2 to 2-3
Control and Provisioning of Wireless Access Points protocol (CAPWAP) 1-6
debugging 7-6
described 7-2
guidelines 7-2
viewing MTU information 7-5
controller failure detection time, reducing 7-67
baud rate 3-4
versions 3-5
clearing 9-34
erasing 9-34
saving 9-32
connections 1-13
discovery process 7-6
guidelines for operating in Japan B-6 to B-7
multiple-controller deployment 1-4
overview 1-7
resetting factory default settings
using the GUI 4-116
single-controller deployment 1-3 to 1-4
synchronizing with location appliance 4-106
types of memory 1-14
using the CLI 9-9 to 9-11
using the GUI 9-6 to 9-8
Controller Spanning Tree Configuration page 3-30
Controller Time Source Valid parameter 5-72
Control Path parameter 12-23
described D-18
uploading automatically to an FTP server
using the CLI D-20
using the GUI D-19
uploading from a 5500 series controller to a TFTP or FTP server D-20 to D-21
Core Dump page D-19
Country Code parameter 7-77
using the CLI 7-78 to 7-80
using the GUI 7-76 to 7-77
described 7-75
Japanese 7-81
viewing using the CLI 7-79
Country page 7-76
Coverage Exception Level per AP parameter 11-18
using the CLI 11-23
using the GUI 11-17 to 11-19
described 6-65
using the CLI 6-66
using the GUI 6-65 to 6-66
coverage hole detection and correction 11-4
Coverage Hole Detection Enabled parameter 6-65
CPU Access Control Lists page 5-63
CPU ACL Mode parameter 5-63
CPUs, 5500 series controllers D-5
using the CLI D-17 to D-18
using the GUI D-16 to D-17
Current Channel parameter 11-31
Custom Signatures page 5-115
and OfficeExtend access points 7-55
using the CLI 7-4 to 7-5
using the GUI 7-3 to 7-4
described 7-3
for OfficeExtend access points 7-52
Data Encryption parameter 7-4, 7-52
Data Path parameter 12-23
Data Rates parameter 4-31
configuring manually 2-30
configuring through NTP server 2-30
using the CLI 2-32
using the GUI 2-30
DCA Channel Sensitivity parameter 11-15
DCA Channels parameter 11-16
debug commands, sending 7-41
configuring D-43 to D-46
described D-42 to D-43
output D-44 to D-45
default enable password 7-15
default-group access point group 6-54
Default Mobility Group parameter 12-11
Default Routers parameter 6-13
Delivery Traffic Indication Map (DTIM). See DTIM period
Deny Counters parameter 5-61
Description parameter 5-34, 8-14, 13-10
Designated Root parameter 3-30
DES IPSec data encryption 5-9
Destination parameter 5-59
Destination Port parameter 5-60
Detect and Report Ad-Hoc Networks parameter 5-88
using the CLI 9-21
using the GUI 9-19 to 9-21
overview 9-19
using with local EAP 5-42, 5-47
configuring using the CLI 6-11
configuring using the GUI 6-10
debugging 6-12
DHCP Addr. Assignment Required parameter 6-11
DHCP Allocated Lease page 6-14
DHCP option 43, in controller discovery process 7-7
using the CLI 5-56 to 5-57
using the GUI 5-56
described 5-55
example 5-55
DHCP Option 82 Remote ID Field Format parameter 5-56
DHCP Parameters page 4-40, 5-56
using the CLI 4-41
using the GUI 4-40
described 4-40
DHCP Scope > Edit page 6-13
using the CLI 6-14 to 6-16
using the GUI 6-12 to 6-14
described 6-12
DHCP Scopes page 6-12
DHCP server discovery 7-7
DHCP Server IP Addr parameter 6-11
DHCP Server Override parameter 6-11
external 6-9 to 6-10
internal 6-9
using the CLI D-28 to D-32
using the GUI D-27
described D-26
Diagnostic Channel parameter D-27
directed roam request 4-62
Direction parameter 5-60
disabled clients, configuring a timeout 6-17
discovery request timer, configuring 7-71
distribution system ports 3-4 to 3-6
Diversity parameter 11-31
DNS Domain Name parameter 6-13
DNS IP Address parameter 7-47
DNS Servers parameter 6-14
Domain Name parameter 7-47
domain name server (DNS) discovery 7-8
downloading a CA certificate 9-23
downloading a configuration file 9-30
downloading a customized web authentication login page 10-23
downloading a device certificate 9-20
downloading a signature file 5-115
Download File to Controller page 9-17
downloading a customized web authentication login page 10-22
downloading CA certificates 9-22
downloading configuration files 9-29
downloading device certificates 9-20
downloading IDS signatures 5-114
downloading login banner file 9-16
Download SSL Certificate parameter 10-8
DSCP parameter 5-60
DTIM period, configuring for MAC filtering 6-18
DTLS data encryption. See data encryption
DTPC Support parameter 4-30
for dynamic interface 3-21
for the management interface 3-15
Dynamic AP Management parameter 3-10
for dynamic interface 3-20
for management interface 3-13
dynamic AP-manager interface 3-10
dynamic channel assignment (DCA)
20-MHz channelization 11-4, 11-16
40-MHz channelization 11-4, 11-16
using the CLI 11-22 to 11-23
using the GUI 11-13 to 11-17
described 11-3
sensitivity thresholds 11-15
dynamic frequency selection 7-84 to 7-85
using the CLI 3-21 to 3-22
using the GUI 3-18 to 3-20
described 3-9
dynamic interface example 3-45
dynamic transmit power control, configuring 4-30
dynamic WEP, configuring 6-24
Dynamic WEP Key Index parameter 5-43
EAP-FAST Method Parameters page 5-46
EAP-FAST parameter 5-44
EAPOL-Key Max Retries parameter 5-43
EAPOL-Key Timeout parameter 5-43
EAP Profile Name parameter 5-47
EAP-TLS parameter 5-44
EDCA Profile parameter 4-88
Edit QoS Profile page 4-66
Edit QoS Role Data Rates page 4-70
Egress Interface parameter 10-32
Email Input parameter 10-33
Enable AP Local Authentication parameter 13-20
Enable Authentication for Listener parameter 4-27
Enable Check for All Standard and Custom Signatures parameter 5-116
Enable Controller Management to be accessible from Wireless Clients parameter 2-37, 5-54
Enable Counters parameter 5-58
Enable Coverage Hole Detection parameter 11-18
Enable CPU ACL parameter 5-63
Enable Default Authentication parameter 4-27
Enable DHCP Proxy parameter 4-40
Enable Dynamic AP Management parameter 3-43
Enable EAP-FAST Authentication parameter 13-22
Enable IGMP Snooping parameter 4-57
Enable LEAP Authentication parameter 13-22
Enable Least Latency Controller Join parameter 7-53
Enable Link Latency parameter 7-53, 7-94, 7-95
Enable Listener parameter 4-27
Enable Low Latency MAC parameter 4-89
Enable LSC on Controller parameter 7-28
Enable NAT Address parameter 3-13
Enable Notification parameter 4-27
Enable OfficeExtend AP parameter 7-52
Enable Password parameter 7-16
Enable Server Status parameter 5-36
Enable Tracking Optimization parameter 7-86
Encryption Key parameter 6-30
end user license agreement C-2 to C-4
end-user license agreement (EULA) 4-8, 4-9
enhanced distributed channel access (EDCA) parameters
configuring using the CLI 4-89 to 4-90
configuring using the GUI 4-88 to 4-89
described 4-61, 8-31
request (E2E) 4-62
Enter Saved Permission Ticket File Name parameter 4-23
EoIP port 12-23, 12-28
epings 12-23, 12-29
erasing the controller configuration 9-34
error codes, for failed VoIP calls 6-45 to 6-46
Ethernet connection, using remotely 2-24 to 2-25
Ethernet Multicast Mode parameter 4-57
European declaration of conformity B-4 to B-5
installed on 5500 series controllers 4-3
event reporting for MFP 5-69
Excessive 802.11 Association Failures parameter 5-76
Excessive 802.11 Authentication Failures parameter 5-76
Excessive 802.1X Authentication Failures parameter 5-76
Excessive Web Authentication Failures parameter 5-76
Expedited Bandwidth parameter 4-76
described 4-74
using the CLI 4-84
using the GUI 4-76
Expiration Timeout for Rogue AP and Rogue Client Entries parameter 5-88
Extensible Authentication Protocol (EAP)
configuring 6-24
setting local timers 5-48
per access point 5-51
per client 5-51
extension channel 11-31
resetting using the GUI 4-116
failover priority for access points
using the CLI 7-74
using the GUI 7-72 to 7-74
described 7-72
viewing using the CLI 7-74
failover protection 1-15
fake access point detection 5-128
Fallback Mode parameter 5-10
Fast Ethernet port 3-5
using the CLI 7-70
using the GUI 7-68
described 7-67
configuring using the CLI 4-52
configuring using the GUI 4-52
FCC declaration of conformity B-2 to B-3
2100 series controllers B-10
4400 series controllers B-10
5500 series controllers B-10
Federal Information Processing Standards (FIPS) 5-12
File Compression parameter 7-44
File Name to Save Credentials parameter 4-21
file transfers 1-14
downloading a CA certificate 9-23
downloading a configuration file 9-30
downloading a customized web authentication login page 10-23
downloading a device certificate 9-20
Login Banner 9-17
upgrading controller software 9-8
uploading a configuration file 9-28
uploading packet capture files D-23
uploading PACs 9-25
filter, using to view clients 7-103
Fingerprint parameter 5-108
flashing LEDs, configuring 7-101
Forward Delay parameter 3-31, 3-32
forwarding plane architecture 4-53
Fragmentation Threshold parameter 4-30
fragmented pings 3-7
Friendly Rogue > Create page 5-93
FTP server guidelines 9-2
configuring 802.3 bridging 4-54
configuring an RF group 11-7
enabling link aggregation 3-38
General (security) page 5-31
General page 5-43
Generate Password parameter 10-5
Generate Rehost Ticket button 4-23
gigabit Ethernet port 3-5
Global AP Failover Priority parameter 7-73
configuring authentication for access points 7-20
configuring backup controllers 7-68
configuring failover priority for access points 7-72
configuring global credentials for access points 7-16
global credentials for access points
using the CLI 7-17 to 7-18
using the GUI 7-15 to 7-17
described 7-15
using the CLI 7-17
using the GUI 7-16
Group Mode parameter 11-9, 12-17
Group Name parameter 12-12, 13-18
Group Setup page (on CiscoSecure ACS) 5-23
Guest LAN parameter 10-31
guest N+1 redundancy 12-20
guest tunneling 12-10
creating 10-2 to 10-7
creating as a lobby ambassador 10-4 to 10-6
using the CLI 10-7
using the GUI 10-6
Guest User parameter 5-33, 13-10
Guest User Role parameter 5-33, 13-10
guest WLAN, creating 10-5
browsers supported 2-16
enabling wireless connections 2-36
guidelines 2-16
logging into 2-17
logging out of 2-17
using 2-16
Headline parameter 10-14
Hello Time parameter 3-31
help, obtaining 2-17
hex2pcap sample output D-45
benefits 11-48
example 11-48
overview 11-47
Holdtime parameter 3-31, 4-93
Honeypot access point detection 5-128
HREAP Group Name parameter 13-13
HREAP Groups > Edit (Local Authentication > Local Users) page 13-21
HREAP Groups > Edit (Local Authentication > Protocols) page 13-22
HREAP Groups > Edit page 13-18, 13-19
HREAP Groups page 13-18
H-REAP Local Switching parameter 13-8
H-REAP Mode AP Fast Heartbeat Timeout parameter 7-68
H-REAP Mode AP Fast Heartbeat Timer State parameter 7-68
H-REAP parameter 7-51
HTTP Access parameter 2-18
HTTP Configuration page 2-18
HTTPS Access parameter 2-18
access points supported 13-2
authentication process 13-2 to 13-4
bandwidth restriction 13-2
access points using the CLI 13-14 to 13-15
access points using the GUI 13-11 to 13-14
controller using the GUI 13-6 to 13-10
guidelines 13-4
illustrated 13-2
number of access points supported 13-2
overview 13-2
debugging 13-11, 13-15
backup RADIUS server 13-16
CCKM 13-17
using the CLI 13-23
using the GUI 13-17 to 13-22
described 13-16
example 13-16
local authentication 13-17
Hysteresis parameter 4-63
configuring 5-77 to 5-81
overview 5-77 to 5-78
RADIUS attributes 5-78 to 5-81
Identity Request Max Retries parameter 5-43
Identity Request Timeout parameter 5-43
IDS 5-106
using the CLI 5-108 to 5-110
using the GUI 5-106 to 5-108
described 5-106
viewing using the CLI 5-121 to 5-122
viewing using the GUI 5-118 to 5-119
using the CLI 5-119 to 5-121
using the GUI 5-113 to 5-118
described 5-111
frequency 5-117
MAC frequency 5-117, 5-120
measurement interval 5-117
pattern 5-117
quiet time 5-117, 5-120
tracking method 5-117
uploading or downloading using the GUI 5-113 to 5-115
using the CLI 5-121 to 5-122
using the GUI 5-118 to 5-119
IGMP Timeout parameter 4-57
IKE Diffie Hellman Group parameter 5-10
IKE Phase 1 parameter 5-10
Index parameter for IDS 5-107
converting to mesh access points 8-55
components 5-69
described 5-68
Infrastructure MFP Protection parameter 5-71
Infrastructure Protection parameter 5-72
Infrastructure Validation parameter 5-72
Ingress Interface parameter 10-32
Injector Switch MAC Address parameter 7-99
inline power 7-97
Install License button 4-8
intelligent power management (IPM) 7-99
described 4-61
example 12-3
Interface Name parameter 6-56, 6-68, 6-71, 8-14
Interface parameter 6-11
and identity networking 5-79
assigning WLANs 6-17
using the CLI 3-15 to 3-18
using the GUI 3-12 to 3-15
overview 3-6 to 3-10
applying an ACL to an interface 5-62
configuring dynamic interfaces 3-19
configuring NAC out-of-band integration 6-69
creating multiple AP-manager interfaces 3-43
Interfaces > New page 3-19, 3-42
Interfaces page 3-12
interference 11-3
Interference threshold parameter 11-19
Internet Group Management Protocol (IGMP)
using the CLI 4-59
using the GUI 4-57
snooping 4-55
inter-subnet mobility 12-7
described 4-61
illustrated 12-3 to 12-4
Interval parameter 11-15, 11-44
described 4-60
illustrated 12-2
Inventory page 7-89
Invoke Channel Update Now button 11-14
Invoke Power Update Now button 11-12
IP address-to-MAC address binding
configuring 4-65
described 4-65
IP Mask parameter 4-44
IPSec parameter 5-9
IP Theft or IP Reuse parameter 5-76
using the CLI 6-49
using the GUI 6-48 to 6-49
described 6-47
guidelines 6-47
IPv6 bridging and IPv4 web authentication example 6-48
IPv6 Enable parameter 6-49
Japanese country codes 7-81
Japanese regulations for migrating access points from the -J to the -U regulatory domain 7-80 to 7-83
Keep Alive Count parameter 12-22
Keep Alive Interval parameter 12-22
Key Encryption Key (KEK) parameter 5-8
Key Format parameter 6-30
Key Index parameter 6-30
configuring 6-30, 6-31
described 6-29
Key Permutation parameter 6-30
Key Size parameter 6-30
Key Wrap Format parameter 5-8
Key Wrap parameter 5-8
LAG. See link aggregation (LAG)
LAG Mode on Next Reboot parameter 3-38
Last Auto Channel Assignment parameter 11-16
Last Power Level Assignment parameter 11-12
Layer 1 security 5-2
operation 1-6
configuring 6-23 to 6-31
described 5-2
Layer 2 Security parameter 6-27, 6-30, 6-62
operation 1-6
configuring 6-32 to 6-34
described 5-3
for VPN passthrough 6-33
for web authentication 6-34
for web redirect 6-63
for wired guest access 10-32
choosing server priority order 5-37
using the CLI 5-38 to 5-40
using the GUI 5-35 to 5-38
local EAP methods supported 5-35, 5-41
assigning to WLANs 5-37 to 5-38
choosing local authentication bind method
using the CLI 5-39
using the GUI 5-36
LDAP Servers > New page 5-35
LDAP Servers page 5-35
LDAP Servers parameter 5-47
LEAP parameter 5-44
Learn Client IP Address parameter 13-9
Lease Time parameter 6-13
configuring 7-101
interpreting D-2
using the CLI 4-28 to 4-29
using the GUI 4-26 to 4-28
described 4-26
License Agent Configuration page 4-27
license agreement C-2 to C-4
License Commands (Rehost) page 4-21
License Commands page 4-7
License Detail page 4-10, 4-18
using the CLI 4-16
using the GUI 4-15
License Level page 4-14
activating ap-count evaluation licenses
using the CLI 4-19 to 4-20
using the GUI 4-17 to 4-19
using the CLI 4-16
using the GUI 4-14 to 4-15
using the CLI 4-8 to 4-9
using the GUI 4-7 to 4-8
messages in controller trap log 4-3
obtaining 4-4 to 4-6
described 4-20
using the CLI 4-24 to 4-25
using the GUI 4-21 to 4-23
using the CLI 4-8
using the GUI 4-10
required for OfficeExtend access points 7-50
using the CLI 4-9
using the GUI 4-8
SKUs 4-4
transferring to a replacement controller after an RMA 4-25 to 4-26
types 4-2
using the CLI 4-11 to 4-13
using the GUI 4-9 to 4-10
Licenses page 4-9, 4-15, 4-17
licensing portal, using to register PAKs 4-6
Lifetime parameter 5-33, 10-5, 13-10
Lightweight Access Point Protocol (LWAPP) 1-6, 7-2
lightweight mode, reverting to autonomous mode 7-26
limited warranty C-4 to C-6
configuring neighboring devices 3-39
described 3-35 to 3-36
using the CLI 3-39
using the GUI 3-38
example 3-35
guidelines 3-37
illustrated 3-36
verifying settings using the CLI 3-39
and OfficeExtend access points 7-53, 7-55
using the CLI 7-95 to 7-96
using the GUI 7-94 to 7-95
described 7-93
Link Status parameter 3-24
button 7-92
option 7-92, 8-52
page 7-92
described 7-90
using the CLI 7-93
using the GUI 7-91 to 7-92, 8-52 to 8-53
types of packets 7-90
Link Trap parameter 3-24, 3-25
Listener Message Processing URL parameter 4-27
load balancing 4-47
Load-based AC parameter 4-76
described 4-73 to 4-74
using the CLI 4-83
using the GUI 4-76
creating using the CLI 10-3
creating using the GUI 10-2 to 10-3
Lobby Ambassador Guest Management > Guest Users List > New page 10-4
Lobby Ambassador Guest Management > Guest Users List page 10-4, 10-6
Local Auth Active Timeout parameter 5-43
using the CLI 5-47 to 5-52
using the GUI 5-42 to 5-47
debugging 5-52
described 5-40 to 5-42
example 5-41
viewing information using the CLI 5-50
Local EAP Authentication parameter 5-47
Local EAP Profiles > Edit page 5-44
Local EAP Profiles page 5-44
Local Management Users > New page 10-3
Local Management Users page 10-2
Local Mode AP Fast Heartbeat Timeout parameter 7-68
Local Mode AP Fast Heartbeat Timer parameter 7-68
Local Net Users > New page 5-33, 13-9
Local Net Users page 5-32, 10-6
configuring using the CLI 5-34
configuring using the GUI 5-32 to 5-34
local significant certificate (LSC)
using the CLI 7-30 to 7-32
using the GUI 7-28 to 7-30
described 7-28
Local Significant Certificates (LSC) - AP Provisioning page 7-29
Local Significant Certificates (LSC) - General page 7-28
local user database, capacity 10-2
calibration 11-44
configuring settings using the CLI 4-106 to 4-108
viewing settings using the CLI 4-108 to 4-110
installing certificate 4-105 to 4-106
synchronizing with controller 4-106
location-based services 11-43
location presence 4-110
Catalyst 3750G Integrated Wireless LAN Controller Switch E-4
Cisco 28/37/38xx Integrated Services Router E-3
Cisco WiSM E-2
clearing 9-19
described 9-15
using the CLI 9-17 to 9-18
using the GUI 9-16 to 9-17
Login Banner page 9-19
roaming D-26, D-39 to D-40
RSNA D-26, D-39 to D-41
syslog D-27, D-39 to D-41
using the CLI D-17 to D-18
using the GUI D-16 to D-17
described 5-52
enabling on SpectraLink NetLink phones
using the CLI 5-53
using the GUI 5-52
debug commands 7-41
disabling the reset button 7-46
MAC addresses displayed on controller GUI 7-45
described 7-41
receiving debug commands from controller 7-41
retrieving radio core dumps 7-42
reverting to autonomous mode 7-26 to 7-27
sending crash information to controller 7-41
access point core dumps 7-44 to 7-45
radio core dumps 7-42 to 7-43
adding to controller filter list
using the GUI 8-39
displayed on controller GUI 7-45
MAC Address parameter 8-14
configuring on WLANs 6-16 to 6-17
DTIM period 6-18
MAC filtering, for mesh access points 8-13 to 8-14
MAC Filtering page 8-13
MAC Filters > New page 8-13
management frame protection (MFP)
using the CLI 5-72 to 5-73
using the GUI 5-70 to 5-71
debugging 5-75
described 5-68 to 5-69
guidelines 5-69
types 5-68
viewing settings 5-73 to 5-75
Management Frame Protection parameter 5-72
Management Frame Protection Settings page 5-72
management frame validation 5-69
using the CLI 3-15
using the GUI 3-12 to 3-15
described 3-7
Management IP Address parameter 7-51
described 5-54
using the CLI 5-54
using the GUI 5-54
Master Controller Configuration page 7-9
Master Controller Mode parameter 7-9
Max Age parameter 3-30
Max HTTP Message Size parameter 4-27
Maximum Age parameter 3-31
maximum local database entries
configuring using the CLI 5-31
configuring using the GUI 5-31
Maximum Local Database Entries parameter 5-31
Maximum Number of Sessions parameter 4-27
Maximum RF Usage Per AP parameter 4-67
Max-Login Ignore Identity Response parameter 5-43
Max RF Bandwidth parameter 4-76, 4-77
MCS data rates 4-34
Member MAC Address parameter 12-12
types 1-14
memory leaks, monitoring D-24 to D-25
network example 8-42
configuring using the CLI 8-27, 8-30
configuring using the GUI 8-23 to 8-27
viewing for an access point using the CLI 8-42 to 8-45, 8-50 to 8-51
viewing for an access point using the GUI 8-46 to 8-50
Mesh > LinkTest Results page 8-52
adding MAC address to controller filter list
using the CLI 8-14
using the GUI 8-13 to 8-14
adding to mesh networks 8-12
and CAPWAP 8-8
converting to non-mesh access points 8-57
deployment modes 8-5
license requirements 8-2
models 8-2
network access 8-5
operating with Cisco 3200 Series Mobile Access Routers
configuration guidelines 8-58
described 8-58
using the CLI to configure 8-60
using the GUI to configure 8-59
roles 8-3
selecting 8-35
supported by controller model 8-11
mesh backhaul data rates 8-10
mesh backhaul deployment example 8-6
mesh constraints 8-9
mesh deployment example 8-6
mesh minimum required LinkSNR 8-10
mesh neighbors, parents, and children 8-8
mesh node security statistics 8-49 to 8-50
mesh node statistics 8-48
mesh point-to-multipoint wireless bridging example 8-7
mesh point-to-point wireless bridging example 8-6
mesh routing 8-8
Message Authentication Code Key (MACK) parameter 5-8, 5-12
using the CLI D-11 to D-14
using the GUI D-8
using the CLI D-14
using the GUI D-10 to D-11
See also system logging
Message Logs page D-11
Message parameter for web authentication 10-15
Metrics Collection parameter 4-76
MFP Client Protection parameter 5-71
MFP Frame Validation parameter 5-71
MIC 6-25, 6-29
migrating access points from the -J to the -U regulatory domain 7-80 to 7-83
Min Failed Client Count per AP parameter 11-18
Minimum RSSI parameter 4-63
mirror mode. See port mirroring, configuring
configuring 6-30, 6-31
described 6-29
MMH Mode parameter 6-30
Mobile Announce messages 12-7
failover 12-20
overview 12-2
Mobility Anchor Config page 12-22, 12-27
Mobility Anchor Create button 12-23
mobility anchors. See auto-anchor mobility
Mobility Anchors option 12-22
Mobility Anchors page 12-22
Mobility Group Member > New page 12-11
Mobility Group Members > Edit All page 12-13
using the CLI 12-14
using the GUI 12-11 to 12-13
with one NAT device 12-8
with two NAT devices 12-9
determining when to include controllers 12-7
difference from RF groups 11-5
examples 12-7
illustrated 12-5
messaging among 12-7
number of access points supported 12-5, 12-6
number of controllers supported 12-5
prerequisites 12-9 to 12-10
using with NAT devices 12-8 to 12-9
types 12-16
using the CLI 12-19
using the GUI 12-16 to 12-19
described 12-6
detecting failed members 12-20
number of controllers supported 12-7
ping requests to members 12-20
Mobility Multicast Messaging > Edit page 12-14
Mobility Multicast Messaging page 12-13
mobility ping tests, running 12-28
Mobility Statistics page 12-17
MODE access point button 7-26, 7-46
Mode parameter 4-63, 11-44
monitor intervals, configuring using the GUI 11-20
mpings 12-23, 12-28
Multicast Appliance Mode parameter 3-25
multicast client table, viewing 4-60
viewing using the CLI 4-59
viewing using the GUI 4-58
Multicast Groups page 4-58
using the CLI 4-58
using the GUI 4-57 to 4-58
described 4-55 to 4-56
guidelines 4-56 to 4-57, 7-61
Multicast page 4-57
multiple AP-manager interfaces
5500 series controller example 3-44 to 3-45
configuration guidelines 7-75
using the CLI 7-78
using the GUI 7-76 to 7-77
NAC in-band mode 6-66
and hybrid REAP 13-5
using the CLI 6-71 to 6-72
using the GUI 6-68 to 6-71
described 6-66 to 6-67
diagram 6-67
guidelines 6-67 to 6-68
configuring for a specific access point group
using the CLI 6-72
using the GUI 6-70
NAC State parameter 6-56, 6-70, 6-71
for dynamic interface 3-20, 3-21
for management interface 3-13, 3-16
NAT devices in mobility groups 12-8 to 12-9
Native VLAN ID parameter 13-13
viewing for an access point using the CLI 8-54
viewing for an access point using the GUI 8-51 to 8-54
Neighbor Information option 8-51
Neighbor Packet Frequency parameter 11-20
viewing for an access point using the CLI 8-54
viewing for an access point using the GUI 8-51 to 8-54
Netbios Name Servers parameter 6-14
Netmask parameter 6-13
network analyzer supported software
AirMagnet D-47
Airopeek D-47
Omnipeek D-47
Wireshark D-47
Network Mobility Services Protocol (NMSP) 4-101
debugging 4-113 to 4-114
modifying the notification interval for clients, RFID tags, and rogues 4-110 to 4-111
viewing settings 4-111 to 4-113
Network parameter 6-13
configuring to obtain time and date 2-30
Number of Attempts to LSC parameter 7-29
Number of Hits parameter 5-61
OfficeExtend Access Point Configuration page 7-57
OfficeExtend Access Point Home page 7-56
LEDs D-53
positioning D-53
troubleshooting D-53 to D-54
and NAT 7-50
a personal SSID 7-56 to 7-58
using the CLI 7-54 to 7-56
using the GUI 7-51 to 7-53
described 7-49
firewall requirements 7-50
implementing security for 7-50
licensing requirements 7-50
supported access point models 7-50
trap logs 7-50
typical setup 7-49
viewing statistics 7-58 to 7-60
OfficeExtend AP parameter 7-53
online help, using 2-17
open source terms C-8
OpenSSL license issues C-7 to C-8
security 1-5
software 1-4
Order Used for Authentication parameter 5-11, 5-26
Override Global Config parameter 10-26, 10-33
Over-ride Global Credentials parameter 7-17, 7-21, 7-53
Override Interface ACL parameter 5-64
oversized access point images 7-49
over-the-air provisioning (OTAP) 7-7
P2P Blocking parameter 6-22
described D-21
sample output in Wireshark D-22
using the CLI D-23 to D-24
using the GUI D-23
Params parameter 7-29
restoring 4-42
password guidelines 7-20
for access point authentication 7-20
for access points 7-16
for local net users 5-33, 13-10
for PACs 9-25
viewing in clear text D-7
path loss measurement (S60), CLI command 4-106
PEAP parameter 5-44
using the CLI 6-23
using the GUI 6-21 to 6-23
described 6-20
examples 6-21
guidelines 6-21, 6-67
permanent licenses, installed on 5500 series controllers 4-3
Personal SSID parameter 7-57
Physical Mode parameter 3-24, 3-25
Physical Status parameter 3-24
using the CLI 11-50 to 11-51
using the GUI 11-49 to 11-50
debugging using the CLI 11-51
guidelines 11-48
overview 11-47 to 11-48
versions 11-49
Pico Cell Mode parameter 11-49
ping link test 7-90
ping tests 12-28
pinning 11-6
PMK cache lifetime timer 6-28
PMKID caching 6-28
PoE Status parameter 7-99
Pool End Address parameter 6-13
Pool Start Address parameter 6-13
Port > Configure page 3-23
port mirroring, configuring 3-26 to 3-27
for controller 3-24
for LDAP server 5-36
for RADIUS server 5-8
for TACACS+ server 5-25
for wired guest access 10-31
Port parameter for IDS 5-107
configuring 3-22 to 3-33
on 2100 series controllers 3-2, 3-4
on 4400 series controllers 3-2, 3-4
on 5500 series controllers 3-3, 3-5
on Catalyst 3750G Integrated Wireless LAN Controller Switch 3-3, 3-4, 3-5
on Cisco 28/37/38xx Series Integrated Services Router 3-4 to 3-5, 4-116, 7-35
on Cisco WiSM 3-4, 3-5
overview 3-2 to 3-6
Ports page 3-22
Power Assignment Leader parameter 11-12
power cable warning for Japan B-7
Power Injector Selection parameter 7-99
Power Injector State parameter 7-99
Power Neighbor Count parameter 11-12
using the CLI 7-100
using the GUI 7-98 to 7-100
described 1-14, 7-97
Power Over Ethernet (PoE) parameter 3-24
Power Threshold parameter 11-12
preauthentication access control list (ACL)
using the CLI 5-67
using the GUI 5-64 to 5-65
for external web server 10-20, 13-9
Preauthentication ACL parameter 5-65, 6-63
Pre-Standard State parameter 7-99
Primary Controller Name parameter 7-51
Primary Controller parameters 7-51, 7-69
Primary RADIUS Server parameter 13-18
priming access points 7-7
Priority Order > Local-Auth page 5-37, 5-42
Priority Order > Management User page 5-11, 5-26
Priority parameter 3-31
Privacy Protocol parameter 4-46
probe request forwarding, configuring 7-88
probe requests, described 7-88
product authorization key (PAK)
obtaining for license upgrade 4-4
registering 4-6
product ID for controller, finding 4-24
product ID of controller, finding 4-22
Product License Registration page 4-22
Profile Details page D-35
Profile Name parameter 6-5, 8-14, 10-31, 13-7
protected access credentials (PACs)
overview 9-24
using the CLI 9-26 to 9-27
using the GUI 9-25
using with local EAP 5-42, 13-22
Protection Type parameter 5-70, 11-37
Protocol parameter 5-60
Protocol Type parameter 4-68
configuring 6-27
described 6-25
with mesh 8-25
PSK Format parameter 6-27
public key cryptography (PKC), with mobility 12-7
using the CLI 6-41
using the GUI 6-39 to 6-40
described 6-37
guidelines 6-38
identity networking 5-78
levels 4-66, 6-35
translation values 6-36
with CAC 4-73
using the CLI 6-37
using the GUI 6-36 to 6-37
using the CLI 4-68 to 4-69
using the GUI 4-66 to 4-68
assigning for use with hybrid REAP 13-10
using the CLI 4-71 to 4-72
using the GUI 4-69 to 4-71
QoS Roles for Guest Users page 4-70
Quality of Service (QoS) parameter 6-36
configuring 3-13, 3-19
using 13-8
with hybrid REAP 13-4
with NAC out-of-band integration 6-69
for dynamic interface 3-19
NAC out-of-band integration 6-69
Query Interval parameter 5-108
Queue Depth parameter 4-67
queue statistics 8-48
Radio > Statistics page 6-43
described 7-41
retrieving 7-42
using the CLI 7-43
using the GUI 7-42 to 7-43
on the CLI 11-45
on the GUI 11-44
overview 11-43
viewing status using the CLI 11-46
radio preamble 5-52
radio resource management (RRM)
benefits 11-5
CCX features. See CCX radio management
monitor intervals using the GUI 11-20
using the CLI 11-21 to 11-24
using the GUI 11-10 to 11-21
configuring per controller using the CLI 11-23
configuring per controller using the GUI 11-17 to 11-19
described 11-4
debugging 11-26
disabling dynamic channel and power assignment
using the CLI 11-35 to 11-36
using the GUI 11-35
overriding RRM 11-27 to 11-36
overview 11-2
specifying channels 11-13 to 11-16
statically assigning channel and transmit power settings
using the CLI 11-32
using the GUI 11-28 to 11-32
update interval 11-7, 11-10
Wireless > 802.11a/n (or 802.11b/g/n) > RRM > TPC parameter 11-11
radio resource management (RRM) settings
viewing using the CLI 11-24 to 11-26
radio resource monitoring 11-2
accounting 5-3
authentication 5-3
choosing authentication priority order 5-11
using the CLI 5-11 to 5-15
using the GUI 5-6 to 5-11
configuring on ACS 5-4
described 5-3
FIPS standard 5-12
KEK parameter 5-12
MACK parameter 5-12
server fallback behavior 5-10, 5-13
using with hybrid REAP 13-16
RADIUS > Fallback Parameters page 5-10
RADIUS accounting attributes 5-18 to 5-19
RADIUS authentication attributes 5-16 to 5-18
Range (RootAP to MeshAP) parameter 8-24
Redirect URL After Login parameter 10-14
Refresh-time Interval parameter 4-93
Regenerate Certificate button 10-8
for 2100 series controllers B-10
for 4400 series controllers B-10
for lightweight access points B-2 to B-10
rehosting a license. See licenses
Rehost Ticket File Name parameter 4-23
Remote Authentication Dial-In User Service. See RADIUS
Request Max Retries parameter 5-43
Request Timeout parameter 5-43
Reserved Roaming Bandwidth parameter 4-76, 4-77
Reset Link Latency button 7-95
Reset Personal SSID parameter 7-52
resetting the controller 9-34
restoring passwords 4-42
Re-sync button 5-110
reverse path filtering (RPF) 12-26
RF Channel Assignment parameter 11-35
RF domain. See RF groups
RF exposure declaration of conformity B-5
described 11-6
viewing 11-9
described 11-7
entering 11-8
cascading 11-6
using the CLI 11-8
using the GUI 11-7
difference from mobility groups 11-5
overview 11-5 to 11-7
pinning 11-6
using the CLI 11-10
using the GUI 11-9
described 4-100
formats supported 4-100
number supported per controller 4-101
configuring using the CLI 4-102
debugging using the CLI 4-104
viewing information using the CLI 4-103 to 4-104
RFID tracking on access points, optimizing
using the CLI 7-87
using the GUI 7-85 to 7-86
RF-Network Name parameter 11-8
RLDP. See Rogue Location Discovery Protocol (RLDP)
roaming and real-time diagnostics
configuring using the CLI D-39 to D-42
described D-26
described D-26
viewing D-39 to D-40
roam reason report 4-62
roam reason report, described 8-32
alarm 11-37
using the CLI 5-89
using the GUI 5-88
classification mapping table 5-85
classifying 5-84
configuring RLDP 5-87 to 5-90
using the CLI 11-38
using the GUI 11-36 to 11-38
managing 5-83
rule-based classification support 5-84
tagging, location, and containment 5-84
using the CLI 5-101 to 5-106
using the GUI 5-96 to 5-101
WCS support for rule-based classification 5-87
Rogue AP Detail page 5-97
Rogue AP Ignore-List page 5-101
configuring using the CLI 5-94 to 5-96
configuring using the GUI 5-90 to 5-94
Rogue Client Detail page 5-99
rogue detection 5-87, 5-88
and OfficeExtend access points 7-52, 7-55
Rogue Detection parameter 5-87, 7-52
Rogue Location Discovery Protocol (RLDP)
using the CLI 5-88 to 5-90
using the GUI 5-87 to 5-88
defined 5-84
Rogue Location Discovery Protocol parameter 5-88
Rogue on Wire parameter 5-88
Rogue Policies page 5-87
Rogue Rule > Edit page 5-92
Rogue Rules > Priority page 5-93
rogue states 5-85, 5-86
Role Name parameter 4-70
Role parameter 5-33, 13-10
selecting 8-35
root bridge 3-27
Root Cost parameter 3-30
Root Port parameter 3-30
RRM. See radio resource management (RRM)
configuring D-39 to D-41
described D-26
Rx Sensitivity Threshold parameter 11-50
Save and Reboot button 9-21, 9-23
Save Licenses button 4-8
saving configuration settings 9-32
Scan Threshold parameter 4-63
Scope Name parameter 6-13
Search AP window 7-11, 7-14, 7-37
Search Clients page 7-103
Search WLANs window 6-8, 7-10, 7-14
Secondary Controller parameters 7-69
Secondary RADIUS Server parameter 13-18
described 2-18
using the CLI 2-19
using the GUI 2-18
overview 5-2
solutions 5-2 to 5-3
Security Policy Completed parameter 6-48
local and external authentication 8-23
Select APs from Current Controller parameter 13-20
used to authorize access points 7-27
Sequence parameter 5-59
serial number for controller, finding 4-24
serial number of controller, finding 4-22
baud rate setting 2-24
timeout 2-24
Server Address parameter 5-107
Server Index (Priority) parameter 5-8, 5-25, 5-36
for LDAP server 5-36
for RADIUS server 5-8
for TACACS+ server 5-25
for wireless sniffer D-49
Server Key parameter 5-46, 13-22
Server Status parameter 5-9, 5-25
Server Timeout parameter 5-9, 5-26, 5-37
service port 3-6
using the CLI 3-18
using the GUI 3-12 to 3-15
described 3-9
using the CLI 6-32
using the GUI 6-31
described 6-31
Set Priority button 4-18
Set to Factory Default button 11-21
Severity Level Filtering parameter D-9
Shared Secret Format parameter 5-8, 5-25
Shared Secret parameter 5-8, 5-25
Short Preamble Enabled parameter 5-52
short preambles 5-52
Show Wired Clients option 7-64
described 5-110
using the CLI 5-111
using the GUI 5-110
Signature Events Detail page 5-118
Signature Events Summary page 5-118
Signature Events Track Detail page 5-119
Simple Bind parameter 5-36
sniffing. See wireless sniffing D-47
Sniff parameter D-49
SNMP, configuring 4-42 to 4-43
changing default values using the CLI 4-44 to 4-45
changing default values using the GUI 4-43 to 4-44
SNMP v1 / v2c Community > New page 4-44
SNMP v1 / v2c Community page 4-43
changing default values using the CLI 4-46
changing default values using the GUI 4-45 to 4-46
SNMP V3 Users > New page 4-46
SNMP V3 Users page 4-45
guidelines 9-2 to 9-4
using the CLI 9-9 to 9-11
using the GUI 9-6 to 9-8
software, upgrading in mesh networks
guidelines 9-4 to 9-6
Source parameter for ACLs 5-59
Source Port parameter 5-60
Spanning Tree Algorithm parameter 3-31
using the CLI 3-32 to 3-33
using the GUI 3-28 to 3-32
described 3-27
spanning-tree root 3-27
Spanning Tree Specification parameter 3-30
using the CLI 5-53
using the GUI 5-52
overview 5-52
Spectralink Voice Priority parameter 4-88
splash page web redirect 6-61
Splash Page Web Redirect parameter 6-63
SSC key-hash on Cisco WiSM 7-26
and OfficeExtend access points 7-53, 7-55
using the CLI 2-35 to 2-36
using the GUI 2-34 to 2-35
using the CLI D-51 to D-52
using the GUI D-50 to D-51
SSH parameter D-51
using the CLI 6-6
using the GUI 6-5
described 6-3
using the CLI 2-21 to 2-22
using the GUI ?? to 2-21
SSLv2, configuring for web administration 2-19
SSLv2 for web authentication, disabling 10-13
Standard Signature > Detail page 5-117
Standard Signatures page 5-115
stateful DHCPv6 IP addressing 6-47
State parameter 5-108, 5-118
using the CLI 7-47 to 7-48
using the GUI 7-46 to 7-47
described 7-46
Static IP parameter 7-47
Static Mobility Group Members page 12-11
Statistics option 8-47
for DHCP scopes 6-14
for guest LANs 10-32
for SNMP community 4-44
for WLANs 6-6
STP Mode parameter 3-29
STP Port Designated Bridge parameter 3-28
STP Port Designated Cost parameter 3-28
STP Port Designated Port parameter 3-28
STP Port Designated Root parameter 3-28
STP Port Forward Transitions Count parameter 3-28
STP Port ID parameter 3-28
STP Port Path Cost Mode parameter 3-29
STP Port Path Cost parameter 3-29
STP Port Priority parameter 3-29
STP State parameter 3-28
strong passwords 7-20
Summary page 2-35
configuring 4-114 to ??
described 4-114
switch, configuring at the remote site 13-5 to 13-6
Switch IP Address (Anchor) parameter 12-23
SX/LC/T small form-factor plug-in (SFP) modules 3-5
illustrated 12-27
overview 12-26 to 12-27
using the CLI 12-28
using the GUI 12-27
Symmetric Mobility Tunneling Mode parameter 12-27
described D-27
levels D-10
logs D-39 to D-41
Syslog Configuration page D-8
Syslog Facility parameter D-9
number supported by controller D-8
removing from controller D-8
severity level filtering D-9
Syslog Server IP Address parameter D-8
using the CLI D-11 to D-14
using the GUI D-8 to D-10
setting severity level D-10
system logs, viewing using the CLI D-14
system messages D-2 to D-5
System Resource Information page D-5
viewing using the CLI D-6
viewing using the GUI D-5
accounting 5-20
authentication 5-19
authorization 5-19
choosing authentication priority order 5-26
using the CLI 5-27 to 5-29
using the GUI 5-24 to 5-26
configuring on ACS 5-20 to 5-24
described 5-19 to 5-20
roles 5-19, 5-23
viewing administration server logs 5-29 to 5-30
TACACS+ (Authentication, Authorization, or Accounting) Servers > New page 5-25
TACACS+ (Authentication, Authorization, or Accounting) Servers page 5-24
TACACS+ (Cisco) page (on CiscoSecure ACS) 5-22
TACACS+ Administration.csv page (on CiscoSecure ACS) 5-29, 5-30
configuring 7-96 to 7-97
described 7-96
telemetry 4-100
and OfficeExtend access points 7-53, 7-55
using the CLI D-51 to D-52
using the GUI D-50 to D-51
Telnet parameter D-51
using the CLI 2-35 to 2-36
using the GUI 2-34 to 2-35
Telnet-SSH Configuration page 2-34
Tertiary Controller parameters 7-69
text2pcap sample output D-45
TFTP server guidelines 9-2
using the CLI 2-32
using the GUI 2-30
using the NTP server 2-30
time-length-values (TLVs), supported for CDP 4-90 to 4-92
timeout, configuring for disabled clients 6-17
Time Since Topology Changed parameter 3-30
timestamps, enabling or disabling in log and debug messages D-14
Time to Live for the PAC parameter 5-46, 13-22
configuring using the CLI 2-32
configuring using the GUI 2-31
configuring 6-27, 6-28
described 6-25
parameter 6-27
Topology Change Count parameter 3-30
traffic specifications (TSPEC) request
described 4-74
examples 4-74
using the CLI 4-84
using the GUI 4-76
described 4-75
using the CLI 4-86 to 4-87
using the GUI 4-80 to 4-83
downloading a CA certificate 9-23
downloading a configuration file 9-30
downloading a customized web authentication login page 10-23
downloading a device certificate 9-20
upgrading controller software 9-8
uploading a configuration file 9-28
uploading a PAC 9-25
uploading packet capture files D-23
Transition Time parameter 4-63
statically assigning using the CLI 11-32
statically assigning using the GUI 11-28 to 11-32
transmit power levels 11-31
Transmit Power parameter 11-50
transmit power threshold, decreasing 11-21
for OfficeExtend access points 7-50
Trap Logs page 4-3, 6-43
access point join process 7-34 to 7-41
CCXv5 clients D-26 to D-42
problems D-6 to D-8
tunnel attributes and identity networking 5-80 to 5-81
Tx Power Level Assignment parameter 11-35
Type parameter 6-5, 10-31, 13-7
described 4-75
using the CLI 4-86
using the GUI 4-79
UDP, use in RADIUS 5-4
UDP port 12-23, 12-28
unicast mode 4-55
unique device identifier (UDI)
described 7-89
using the CLI 7-90
using the GUI 7-89 to 7-90
Upload button 5-115, 7-43, 9-26, D-17, D-23
Upload CSV File parameter 13-21
Upload File from Controller page 7-42, 9-25, 9-27, D-17, D-23
URL parameter 10-21
URL to Send the Notifications parameter 4-27
USB console port, using on a 5500 series controller 3-33 to 3-34
Use AES Key Wrap parameter 5-7
User Access Mode parameter 10-3
user accounts, managing 10-1 to 10-25
User Attribute parameter 5-36
User Base DN parameter 5-36
User Credentials parameter 5-37
User Name parameter 5-33, 13-10
Username parameter 7-16, 7-20, 7-21
User Object Type parameter 5-36
User parameter 9-25
User Profile Name parameter 4-46
Using Our SSID parameter 5-88
Validate Rogue Clients Against AAA parameter 5-88
Valid Client on Rogue AP parameter 5-88
Validity parameter 9-25
VCCI warnings for controllers B-7
VCI strings 7-34
Verify Certificate CN Identity parameter 5-45
video information, viewing for mesh networks using the CLI 8-42 to 8-44
using the CLI 4-84
using the GUI 4-76 to 4-78
using the CLI 4-85 to 4-87
using the GUI 4-78 to 4-83
using the CLI 3-17
using the GUI 3-12 to 3-15
described 3-9
for AP-manager interface 3-14
for dynamic interface 3-19, 3-20
VLAN ID parameter 6-68, 13-14
VLAN interface. See dynamic interface
button 13-13
page 13-13
described 3-9
guidelines 3-12
VLAN Support parameter 13-13
VLAN tag, and identity networking 5-79
Voice & Video Optimized parameter 4-88
voice information, viewing for mesh networks using the CLI 8-42 to 8-44
Voice Optimized parameter 4-88
voice-over-IP (VoIP) telephone roaming 4-61
Voice RSSI parameter 11-18
using the CLI 4-83 to 4-84
using the GUI 4-75 to 4-76
using the CLI 4-85 to 4-87
using the GUI 4-78 to 4-83
VoIP calls, error codes 6-45 to 6-46
using the CLI 6-44 to 6-47
using the GUI 6-42 to 6-43
described 6-41 to 6-42
VoIP Snooping and Reporting parameter 6-42
VPN Gateway Address parameter 6-33
configuring using the CLI 6-33
configuring using the GUI 6-33
described 6-32
warranty C-4 to C-6
webauth.tar files 10-26
webauth bundle 10-22
obtaining using the CLI 10-9 to 10-10
obtaining using the GUI 10-7 to 10-9
using the CLI 6-34
using the GUI 6-33
described 10-10
process 10-10 to 10-13
successful login page 10-13
Web Authentication Certificate page 10-8
using the CLI 10-27
using the GUI 10-26
using the CLI 10-15 to 10-16
using the GUI 10-14 to 10-15
customized example 10-25
customizing from an external web server
using the CLI 10-21
using the GUI 10-20 to 10-21
default 10-12
downloading a customized login page
guidelines 10-22
using the CLI 10-24
using the GUI 10-22 to 10-23
modified default example 10-17
previewing 10-15, 10-23
verifying settings using the CLI 10-25
Web Authentication option 10-32
Web Authentication Type parameter 10-14, 10-21, 10-23
Web Auth Type parameter 10-26, 10-33
web-browser security alert 10-11
Web Login page 10-14, 10-20
using the CLI 2-19
using the GUI 2-18
described 2-18
Web Passthrough option 10-32
Web Policy parameter 5-65, 6-34, 6-63
web redirect 6-60
Web Server IP Address parameter 10-21
Web Session Timeout parameter 2-18
WEP keys, configuring 6-23
WGB parameter 7-64
WGB Wired Clients page 7-64
configuration overview 10-30
using the CLI 10-33 to 10-39
using the GUI 10-31 to 10-33
described 10-28 to 10-30
guidelines 10-30
one-controller example 10-29
two-controller example 10-30
wireless intrusion prevention system (wIPS)
configuring on an access point 5-125 to 5-126
described 5-123
viewing information 5-126 to 5-127
using the CLI D-49
using the GUI D-48 to D-49
prerequisites D-47
supported software D-47
WLAN ID parameter 6-5
WLAN mobility security values 12-25
WLAN override 9-2
WLAN Profile parameter 5-34, 13-10
assigning web login, login failure, and logout pages
using the CLI 10-27
using the GUI 10-26
checking security settings 6-24
conditional web redirect 6-61 to 6-64
static and dynamic WEP 6-24
connecting clients to 13-15
using the CLI 6-6
using the GUI 6-4 to 6-6
using the CLI 6-8
using the GUI 6-5
described 1-13, 3-10 to 3-12, 6-3 to 6-4
using the CLI 6-7
using the GUI 6-6
searching 6-8
configuring 6-31
described 6-31
splash page web redirect 6-61
wired security solution 1-5
WLANs > Edit (Advanced) page 6-42, 6-65
applying an ACL to a WLAN 5-64
configuring AAA override 5-83
configuring infrastructure MFP for a WLAN 5-71
configuring IPv6 bridging 6-49
configuring NAC out-of-band integration 6-70
configuring the diagnostic channel D-27
WLANs > Edit (QoS) page 6-39
WLANs > Edit (Security > AAA Servers) page
assigning LDAP servers to a WLAN 5-38
choosing RADIUS or LDAP servers for external authentication 10-26
disabling accounting servers on a WLAN 6-64
enabling local EAP on a WLAN 5-47
WLANs > Edit (Security > Layer 2) page 6-27, 6-30
WLANs > Edit (Security > Layer 3) page
applying a preauthentication ACL to a WLAN 5-64
configuring a WLAN for VPN Passthrough 6-33
configuring web redirect 6-63
configuring wired guest access 10-32
WLANs > Edit page 6-5, 10-31, 13-7
WLANs > New page 6-5, 8-32, 8-33, 8-53, 8-54, 10-31, 13-7
WLANs page 6-4, 12-22
configuring for guest user 10-5
creating a centrally switched WLAN 13-7
creating WLANs 6-5
identifying the guest LAN 10-31
mapping an access point group to a WLAN 6-56, 6-71
configuring 4-35, 6-39, 6-41
described 6-38
with CAC 4-73
WMM parameter 4-88, 4-89
WMM Policy parameter 6-39
debugging 7-66
described 7-60
guidelines 7-61
illustrated 7-49, 7-52, 7-57, 7-60
sample configuration 7-63
using the CLI 7-66
using the GUI 7-63 to 7-65
world mode 4-30, 4-32
using the CLI 6-28
using the GUI 6-27
described 6-25
WPA2 Policy parameter 6-27
WPA Policy parameter 6-27
wplus license. See licenses
wplus software set, included features 4-2