© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 70
Contents
Overview ................................................................................................................................................................... 3
Cisco Catalyst 3850 Security Policy....................................................................................................................... 3
Configuring 802.1X in Converged Access ............................................................................................................. 3
802.1X Configuration for Wired Users .................................................................................................................. 5
802.1X Configuration for Wireless Users .............................................................................................................. 6
Downloadable Access Control List ........................................................................................................................ 8
Access Control List Deployment Considerations .................................................................................................. 9
Cisco Catalyst 3850 Quality of Service ................................................................................................................ 10
Wired Quality of Service...................................................................................................................................... 10
Cisco Catalyst 3850 Trust Behavior ............................................................................................................... 10
Configuring Ingress Quality of Service ........................................................................................................... 11
Egress Quality of Service ............................................................................................................................... 14
Wireless Quality of Service ................................................................................................................................. 15
Wireless Targets ................................................................................................................................................. 15
Wireless: Ingress Quality of Service ................................................................................................................... 16
Ingress Marking and Policing on Wireless Client............................................................................................ 16
Ingress Policies on WLAN/SSID..................................................................................................................... 18
Wireless: Egress Quality of Service .................................................................................................................... 19
Policy on Access Point/Port ........................................................................................................................... 19
Policy on Radio .............................................................................................................................................. 21
Policy on Service Set Identification ................................................................................................................ 22
Client .............................................................................................................................................................. 23
Flexible NetFlow .................................................................................................................................................... 23
Cisco Catalyst 3850 NetFlow Architecture (Wired and Wireless) ........................................................................ 24
NetFlow Cisco Catalyst 3850 Overview .............................................................................................................. 24
NetFlow Configuration on Cisco Catalyst 3850 Switch ....................................................................................... 24
Flow Record ................................................................................................................................................... 24
Exporter/Collector Information ........................................................................................................................ 25
Flow Monitor ................................................................................................................................................... 25
Attaching a Flow Monitor to Supported Port Types ............................................................................................. 26
Flexible NetFlow Outputs .................................................................................................................................... 27
Multicast Overview (Traditional and Converged Multicast) ................................................................................. 30
Restrictions of IP Multicast Routing Configuration .............................................................................................. 30
Configuring Wireless IP Multicast on Cisco Catalyst 3850 .................................................................................. 30
Multicast Mode Configuration .............................................................................................................................. 31
Multicast Show Commands................................................................................................................................. 32
Converged Access with the Cisco Catalyst 3850 ............................................................................................... 37
Distributed Functions Enabling Converged Access ........................................................................................ 37
Logical Hierarchical Groupings of Roles ........................................................................................................ 38
Converged Access Network Design with Cisco Catalyst 3850 .......................................................................... 39
Configuring Converged Access with Cisco Catalyst 3850 ................................................................................. 42
Roaming in Cisco Unified Wireless Network ....................................................................................................... 49
Understanding Roams in Converged Access ..................................................................................................... 52
Traffic Paths in Converged Access ...................................................................................................................... 54
Relevant Outputs for Tracking Client Roams in Converged Access ................................................................ 55
Nontunneled Roam in Converged Access ........................................................................................................... 64
Tunnel Roles in Converged Access ..................................................................................................................... 67
Appendix A: Detailed FnF Field Support ............................................................................................................. 68