Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Registering AP 3500 in a Controller 5508

Hello

Could somebody explain to me how an AP 3500 get to be registered in a controller 5508??, so, i have seen a lot of information of wireles deployment guide but i haven't understood yet how the process or flow is for getting the AP to be registered in a controller 5508, what exactly basic configuration must be done in a controller for doing it?

I would appreciate the help.

Thanks,

AM

6 REPLIES
Hall of Fame Super Silver

Re: Registering AP 3500 in a Controller 5508

Here is a good doc on the ap join process. All you need on the wlc 5508 (minimum) is an ip address for the management and set the time correctly.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
New Member

Registering AP 3500 in a Controller 5508

Hello Scott

It's such an excellent document and also very useful, besides, thank you indeed for your soon answer.

So, i have a question to add:

The only way to validate the LAP to the WLC is through the digitally signed X.509 certificate?...or is there another method to authenticate the LAP to the WLC?

I am looking forward to hearing you soon.

AM

Hall of Fame Super Silver

Re: Registering AP 3500 in a Controller 5508

First off there is a manufacture installed certificate and that's why it is important to make sure the wlc has the correct time. Now you can create a Mac list that only allows APs with Mac address on your list to join the wlc (this is painful when you have a lot of APs). You can also use a radius server to authenticate against. Is there a reason you want to go this route?

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
New Member

Registering AP 3500 in a Controller 5508

Hello Scott

No, there is not reason, is just to know what methods i can use for registering LAPs. In this order i understand that the most common method to register the LAP is with the digital certificate, is this right?.

By the way, how can i do the authentication using a radius server??

Thanks,

AM

Hall of Fame Super Silver

Re: Registering AP 3500 in a Controller 5508

For a lap to register, the link describes the various process in the link I posted. You can take any lap and register it to any wlc. Don't get to fancy or else you will run into issues. I never see a need to do this.

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808c7234.shtml

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
Silver

Re: Registering AP 3500 in a Controller 5508

Just to add a little to Scott's comments:

The AAA authentication side I believe is a MAC Authentication. 

If you don't want to use the Mfg Installed Certificate (MIC), you could actually try out Locally Signficant Certificates (LSC) if you have a CA. I think its documented here: http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a99e23.shtml

With LSCs, you'd basically pre-stage your APs with the MIC, and then have them auto-provision the LSC through SCEP to your CA.    After that, I suppose you'd just tell your WLC to not accept MIC APs and the end result would be all APs joined only with a validated LSC.

575
Views
0
Helpful
6
Replies