Cisco Systems DL-2159-05 manual Key Features

Chapter 1 Overview

Key Features

Key Features

This section describes the key features of the access point firmware. The following are the key features of this firmware version:

•Multiple IEEE 802.11 service set identifiers (SSIDs) allow you to create different levels of network access and to access virtual LANs (VLANs).You can configure up to 16 separate SSIDs to support up to 16 VLANs for each access point radio. Each VLAN can have a different wireless security configuration so that the devices that support the latest Cisco security enhancements can exist alongside legacy devices. This additional access point functionality enables a variety of users having different security levels to access different parts of the network.

•Quality of service (QoS), which allows various devices on the network to communicate more effectively. The access point now supports QoS for wireless Voice over IP (VoIP) telephones and downlink prioritized channel access for streaming audio and video traffic. Filters can also be set to prioritize traffic based on VLAN, VoIP address-based filters, protocol, or port.

•Proxy Mobile IP provides a method for seamless inter-subnet roaming. When you enable proxy Mobile IP on your access points, client devices that roam from one subnet to the next maintain their IP address and session. The access point acts as a Mobile IP proxy for client devices that do not have mobile IP software installed. The access informs the foreign agent router that the client has roamed to another subnet, while the foreign agent directs the home agent to reroute packets to it.

•Centralized administrator authentication uses an AAA server to authenticate users if the user administration feature is enabled on the access point. When a login is attempted, the AAA server verifies the user login and passes back the appropriate privileges for the user or an administrator.

•Better handling of lost Ethernet links causes a number of actions to be executed when an access point loses backbone connectivity:

–No action—the access point continues to maintain associations with clients and manages traffic between them, but traffic to the backbone is not passed. When the backbone is restored, the access point begins passing traffic to and from the wired network.

–Switch to repeater mode—the access point tries to connect to a root access point using any of the configured SSIDs. If it cannot connect, all clients are disassociated and the access point removes itself from the wireless network until connectivity is restored.

–Shut the radio off—all clients are disassociated and the access point removes itself from the wireless network until backbone connectivity is restored.

–Restrict to SSID—the access point allows association using a restricted SSID (for administrator troubleshooting and diagnosis purposes).

•Authentication server management includes two new features in release 12.01T1:

–Display of active authentication servers—for each authentication type: 802.1x/LEAP, MAC, or Admin Authentication (if enabled), the active server is identified by a green color.

–Automatic return to primary authentication server—if the selected RADIUS server (primary) is not reachable after a predetermined period of time-out and retries, the access point uses the next server listed.

•Reporting access points that fail authentication with LEAP provides a passive method of detecting rogue access points in a LEAP enabled network. It is passive because access points do not actively look for or detect a rogue access point in the wireless network. Instead, the access point depends on LEAP enabled clients to report rouge access points.

Cisco Aironet 1200 Series Access Point Software Configuration Guide