Appendix E Priming Lightweight Access Points Prior to Deployment

Before deploying your lightweight access points to their final locations, follow these steps to prime your access points:

Step 1 In a Layer 3 environment, ensure a DHCP server (typically on your switch) is enabled on the same subnet as your lightweight access points. The access points receives its IP address and controller information using DHCP Option 43.

The lightweight access point must be able to find the IP address of the controller. This can be accomplished using DHCP, DNS, OTAP, or IP subnet broadcast. This guide describes the DHCP method to convey the controller IP address. For other methods, refer to the product documentation. See also the “Using DHCP Option 43” section on page 6-2for more information.

Note For a Layer 3 access point on a different subnet than the controller, ensure the route to the controller has destination UDP ports 12222 and 12223 open for LWAPP communications. Ensure that the routes to the primary, secondary, and tertiary controllers allow IP packet fragments.

Step 2 Ensure that your controller is connected to a switch trunk port.

Step 3 Configure the controller in LWAPP Layer 3 mode and ensure its DS Port is connected to the switch. Use the CLI, web-browser interface, or Cisco WCS procedures as described in the appropriate controller guide.

a.In multi-controller environments, You can set one controller’s DS port to Master (you can use the config network master-base disable CLI command or you can use the controller GUI) so that new lightweight access points always associate with it. You can use the show network config CLI command to determine if the controller DS port is the master.

All lightweight access points associate to the master controller. From one location, you can configure lightweight access point settings such as primary, secondary, and tertiary controllers. This allows you to redistribute your lightweight access points to other controllers on the network.

You can also use a Cisco WCS server to control, configure, and redistribute all your lightweight access points from a single location.

Step 4 Apply power to the access points:

a.Connect your lightweight access points to untagged access ports on your POE capable switch. You can optionally use power modules or power injectors to power your access points.

b.After you power up the lightweight access point, it begins a power-up sequence that you can check by observing the access point LEDs. All LEDs blink sequentially back and forth, indicating that the access point is trying to find a controller.

Note If the access point remains in this mode for more than 5 minutes, the access point is unable to find the master controller. Check the connection between the access point and the controller and ensure they are on the same subnet.

c.If the lightweight access point shuts down (all LEDs off), check to ensure that sufficient power is available.

d.When the lightweight access point associates with the controller, if the access point code version differs from the controller code version, the access point downloads the operating system code from the controller. All the access point LEDs blink simultaneously during the download.

Cisco Aironet 1100 Series Access Point Hardware Installation Guide

 

E-2

OL-4309-07

 

 

 

Page 101 Page 103
Page 102
Image 102
Cisco Systems CSACS1121K9 manual OL-4309-07
Page 101 Page 103

CSACS1121K9 specifications

Cisco Systems CSACS1121K9 is a part of Cisco's comprehensive suite of security solutions tailored for identity and access management. This device, recognized for its reliability and functionality, plays a crucial role in ensuring that organizations can efficiently manage user access across their networks.

One of the main features of the CSACS1121K9 is its centralized user authentication capabilities. This device simplifies the process of validating user identities, allowing administrators to manage credentials for a variety of access methods, including web-based authentication, RADIUS, and TACACS+. This flexibility plays a significant role in diverse environments where different protocols may be required for various devices or applications.

The CSACS1121K9 is built on the robust Cisco Secure Access Control Server (ACS) platform. This platform supports a wide range of security policies, making it versatile enough for different organizational needs. With its capability to integrate seamlessly with other Cisco solutions and third-party platforms, the device enhances the overall security posture of an organization.

In terms of scalability, the CSACS1121K9 can support a substantial number of users and devices. This scalability ensures that as organizations grow, their access management system can scale proportionately without performance degradation. The ability to handle thousands of simultaneous authentication requests makes it suitable for both small companies and large enterprises.

Another significant characteristic of the CSACS1121K9 is its support for advanced visibility and reporting. Administrators can track authentication attempts, policy enforcement, and other critical events in real time. This level of monitoring is essential for compliance audits and helps organizations quickly react to potential security threats.

Moreover, the CSACS1121K9 includes capabilities for implementing role-based access control (RBAC). This feature allows organizations to define specific access rights based on user roles, which enhances security while facilitating efficient operations.

In conclusion, the Cisco Systems CSACS1121K9 is a powerful tool for organizations seeking to enhance their identity and access management frameworks. With its centralized user authentication, scalability, advanced reporting capabilities, and support for RBAC, it provides a robust solution that can adapt to the evolving security demands of modern networks. Whether deployed in a small business environment or within large enterprises, the CSACS1121K9 stands out for its comprehensive feature set and ability to integrate into existing security infrastructures.
Top Page Image Contents