Cisco Systems OL-17037-01 manual Config certificate lsc ap-provision auth-list add APmacaddr

Page 21

Chapter 7 Controlling Lightweight Access Points

Autonomous Access Points Converted to Lightweight Mode

Step 6 To add access points to the provision list, enter this command:

config certificate lsc ap-provision auth-list add AP_mac_addr

Note To remove access points from the provision list, enter this command: config certificate lsc ap-provisionauth-list delete AP_mac_addr.

Note If you configure an access point provision list, only the access points in the provision list are provisioned when you enable AP provisioning (in Step 8). If you do not configure an access point provision list, all access points with a MIC or SSC certificate that join the controller are LSC provisioned.

Step 7 To configure the number of times that the access point attempts to join the controller using an LSC before the access point reverts to the default certificate (MIC or SSC), enter this command:

config certificate lsc ap-provision revert-cert retries

where retries is a value from 0 to 255, and the default value is 3.

If you set the number of retries to a non-zero value and the access point fails to join the controller using an LSC after the configured number of retries, the access point reverts to the default certificate.

If you set the number of retries to 0 and the access point fails to join the controller using an LSC, the access point does not attempt to join the controller using the default certificate.

Note If you are configuring LSC for the first time, Cisco recommends that you configure a non-zero value.

Step 8 To provision the LSC on the access point, enter this command: config certificate lsc ap-provision{enable disable}

Step 9 To view the LSC summary, enter this command:

show certificate lsc summary

 

Information similar to the following appears:

 

LSC Enabled

Yes

LSC CA-Server

http://10.0.0.1:8080/caserver

LSC AP-Provisioning

Yes

Provision-List

Not Configured

LSC Revert Count in AP reboots

3

LSC Params:

 

Country

4

State

ca

City

ss

Orgn

org

Dept

dep

Email

dep@co.com

KeySize

390

LSC Certs:

 

CA Cert

Not Configured

RA Cert

Not Configured

 

Cisco Wireless LAN Controller Configuration Guide

OL-17037-01

7-21

Page 20 Page 22
Image 21
Page 20 Page 22
Contents Controlling Lightweight Access Points Access Point Communication Protocols Guidelines for Using CapwapController Discovery Process Page Verifying that Access Points Join the Controller Config network master-base enableConfig network master-base disable Configuring Global Credentials for Access Points Viewing Capwap MTU InformationDebugging Capwap Global Configuration All APs Details for Credentials Save config Show ap config general CiscoAPShow ap summary Lwapp ap dot1x username username password password Configuring Authentication for Access PointsController Using the GUI to Configure Authentication for Access PointsCisco Wireless LAN Controller Configuration Guide Config ap dot1xuser add username user password password all Using the CLI to Configure Authentication for Access PointsAP Dot1x User Mode field shows Customized Config ap dot1xuser disable all CiscoAPConfiguring the Switch for Authentication Embedded Access PointsIp dhcp pool poolname Dns-server ipaddress Default-router ipaddressAutonomous Access Points Converted to Lightweight Mode Using a Controller to Return to a Previous Release Reverting from Lightweight Mode to Autonomous ModeAuthorizing Access Points Authorizing Access Points Using SSCsAuthorizing Access Points Using MICs Using the GUI to Configure LSC Authorizing Access Points Using LSCsConfig certificate lsc ca-server http//urlport/path Config certificate lsc enable disableConfig certificate lsc ca-cert add delete Config certificate lsc other-params keysizeConfig certificate lsc ap-provision auth-list add APmacaddr Config certificate lsc ap-provision revert-cert retriesShow certificate lsc summary Show certificate lsc ap-provision Using the GUI to Authorize Access PointsConfig auth-list ap-policy mic ssc lsc enable disable Using the CLI to Authorize Access PointsConfig auth-list add mic ssc lsc apmac apkey Show auth-listTroubleshooting the Access Point Join Process Using Dhcp Option 43 and Dhcp OptionControlling Lightweight Access Points Viewing Access Point Join Information Configuring the Syslog Server for Access PointsShow ap config global Show ap join stats summary allJoined Debug ap enable disable command cmd CiscoAP Converted Access Points Send Radio Core Dumps to ControllerUsing the CLI to Retrieve Radio Core Dumps Using the GUI to Upload Radio Core DumpsShow ap crash-file Transfer upload start Using the CLI to Upload Radio Core DumpsUsing the GUI to Upload Access Point Core Dumps Uploading Memory Core Dumps from Converted Access PointsUsing the CLI to Upload Access Point Core Dumps Display of MAC Addresses for Converted Access PointsConfig ap reset-button enable disable ap-nameall Supporting Oversized Access Point ImagesWGB Example Cisco Workgroup BridgesGuidelines for Using WGBs Configure terminal Sample WGB Configuration Using the GUI to View the Status of Workgroup BridgesShow dot11 association 11 Clients Detail 12 WGB Wired Clients Using the CLI to Debug WGB Issues Using the CLI to View the Status of Workgroup BridgesDebug dhcp message enable Debug dhcp packet enable Debug dot11 mobile enable Debug dot11 state enableConfiguring Backup Controllers 14 Global Configuration Using the GUI to Configure Backup Controllers15 All APs Details for High Availability Using the CLI to Configure Backup Controllers Config advanced timers auth-timeout interval Config advanced timers ap-discovery-timeout interval1300 Configuring Failover Priority for Access Points16 Global Configuration Enabled Using the CLI to View Failover Priority SettingsGuidelines for Configuring Multiple Country Codes Configuring Country CodesUsing the GUI to Configure Country Codes 19 All APs Details for Advanced Using the CLI to Configure Country Codes Show country supportedShow country Show country channels Config 802.11a enable network config 802.11b enable network Controlling Lightweight Access Points Config country J3 Migrating Access Points to the -U Regulatory DomainGuidelines for Migration Show ap migrateConfig ap migrate j52w52 all apname Dynamic Frequency Selection Using the W56 Band in JapanUsing the GUI to Optimize Rfid Tracking on Access Points Optimizing Rfid Tracking on Access Points20 802.11b/g/n Cisco APs Configure Using the CLI to Optimize Rfid Tracking on Access Points Config ap monitor-mode tracking-opt CiscoAPConfig 802.11b enable CiscoAP Config advanced probe filter enable disable Configuring Probe Request ForwardingConfig advanced probe limit numprobes interval Show ap monitor-mode summaryInventory 22 All APs Details for Inventory Performing a Link TestUsing the GUI to Perform a Link Test Link Test Using the CLI to Perform a Link Test Configuring Link Latency25 All APs Details for Advanced Using the GUI to Configure Link LatencyConfig ap link-latency enable disable CiscoAP all Using the CLI to Configure Link LatencyConfig ap link-latency reset CiscoAP Configuring Power over EthernetEPoE Power EPoE Mode 15.4 W Optimized 20 W Using the GUI to Configure Power over EthernetCisco Wireless LAN Controller Configuration Guide Using the CLI to Configure Power over Ethernet Config ap power injector enable CiscoAP all installedConfig ap power injector enable CiscoAP all override Using the GUI to View Clients Configuring Flashing LEDsDebug ap command led flash seconds CiscoAP Viewing ClientsControlling Lightweight Access Points Viewing Clients 28 Search Clients 29 Clients Detail AP MAC Using the CLI to View ClientsS69 OL-17037-01
Top Page Image Contents