Greetings, we have a need to deploy an autonomous wireless network which will support 7921G handsets and various client data devices, there will be 5 AP's in total, 4 x 1130AG's and 1 x 1240AG.
As we don't have the budget for Cisco ACS i would like the use the 1240AG as the radius server so that we can configure WDS and fast secure roaming, however looking at both the design guide for UC over Wireless and the 1240AG configuration guide i am having trouble defining what is best practise in terms of authentication and encryption required to support 7921G handsets and fast secure roaming in this scenario.
Would i be correct in assuming that i need to use WEP+LEAP in addition to configuring local accounts on the 1240AG AP for authenticating Infrastructure AP's and Client devices?
Thank you for your reply, ive got a 1240AG in the lab and configured WDS without issue, unfortunately i am unable to select CCKM under the SSID manager, i have followed through the "Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services" guide but am unsure where im going wrong.
1. Clear AP Config
2. Set Cipher for A/G Radios to CKIP-CMIC
3. Naigate to SSID Manager
4. Create new SSID specifying Network EAP for authentication
5. Define Key Management as Mandatory and use CCKM
6. Click Apply
7. Error message "Error Key Management WPA is required for "WPA Pre-Shared Key"
Hello exonetinf1nity, I also had similar issues. CKIP-CMIC is as far as I know not recommended with WPA. Try with WPA & CCKM and Cipher TKIP (if your client support TKIP/WPA). Try to tonfigure the option in CLI instead of GUI. Finally, check with on CLI "show dot11 associations all-client" if the client which should have CCKM have CCKM for Key-Management
Thank you for your replies, finally got it working, configured the ciphers as TKIP and configured wpa cckm for key management under the ssid.
Problem was i missed the basic rate settings for both the A and G radios, ive now changed the basic rates to the following and it has fixed the issue, much thanks to Cisco TAC, i then found the 7921G deployment guide which states that these settings should exist in order for the handsets to operate properly, my mistake!
It should be noted though that the final configuration couldnt be applied via the web interface and only worked through the CLI, interesting :)
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...