Contents
Foreword
Introduction
Chapter 1 Planning and Designing WLAN Technologies
Describe WLAN Organizations and Regulations
802.11 Standards and Protocols
802.11 Amendments for Faster Speed
802.11 Amendments for Cell Efficiency
Plan and Design Wireless Solutions Requirements
RF Planning, Design, and Validation
RF Design and Site Survey
Using a Planning Tool
Onsite Surveys
Deployment Models
RF Operational Models
Deployment Validation
Summary
Chapter 2 Network Infrastructure
Introduction
Switching Technologies
VLANs
Private VLANs
VLAN Trunking Protocol
Spanning Tree Protocol
STP Tuning Commands
Multiple Spanning Tree
Spanning Tree and Wireless
EtherChannel
CDP and LLDP
Power over Ethernet for Access Points
IP Layer Refresher
IPv4
IPv6
Multicast
Infrastructure Security for Access Points
MAC Authentication Bypass
802.1X
Configuring the Access Point for Authenticating
Configuring the Switch
Configuring ISE
Advanced Settings and Special Cases
Securing FlexConnect APs
Other Protocols Supporting Wireless
SNMP
DHCPv4
DHCPv6
DNS
SYSLOG
NTP
Summary
Chapter 3 Autonomous Deployments
The Role in the Deployment
Root and Non-Root Bridges
Workgroup Bridge
Mobile WGB
Workgroup Bridges for High-Speed Roaming
Cisco IOS Autonomous Security
Layer 2 Wireless Security
802.1X Supplicant at the Non-Root/WGB
Local RADIUS Server at the Root
Filters
Radio Settings
Channels
Parents
Transmitter Power
Antennas
Data Rates
Multicast on Autonomous
QoS for Bridging
Summary
Chapter 4 AireOS Appliance, Virtual, and Mobility Express Controllers
Mobility Express
Securing Management Access and Control Plane
Admin User Authentication and Authorization
CPU Access Control Lists
Management via Wireless and via Dynamic Interface
Working with WLC Interfaces
Management and AP-Manager Interfaces
Service Port
Virtual Interface
Dynamic Interfaces
LAG: Link Aggregation
Deploying Lightweight Access Points
Authenticating and Authorizing APs on the Network
AP Modes of Operations
Accessing Configuration Settings and Logging Options for APs
High Availability and Redundancy
N+1 and N+N High Availability
AP and Client Stateful Switch Over
Segmenting Your Wireless Network
RF Profiles
AP Groups
FlexConnect Groups
Wireless Security Policies
To Layer 2 or To Layer 3?
WLAN Security Options
Rogue Policies
Local EAP, Local Profiling, and Local Policies
ACLs and Certificates
FlexConnect Deployments
What Problem Are We Trying to Solve?
FlexConnect Modes and States
FlexConnect Specific Features
FlexConnect Group Specific Features
OfficeExtend
Configuring and Troubleshooting Mesh
AWPP and Mesh Formation
Mesh Topologies
AWPP and Mesh Formation
Mesh Configuration
Mesh Basic Configuration
Mesh Page Optional Configurations
Mesh Security Configurations
Mesh Local Bridging Configurations
Troubleshooting Mesh
Radio Frequency Management
What Problem Are We Trying to Solve?
Static Assignment
Global Assignment (RRM)
Off-Channel Scanning
RF Grouping
Flexible Radio Assignment
Dynamic Channel Assignment
Coverage Hole Detection and Mitigation (CHDM)
CleanAir
Transmit Power Control
RF Profiles
Data Rates
RX-SoP
AirTime Fairness
Configuring and Troubleshooting Mobility
Layer 2 and Layer 3 Roaming
Mobility Lists and Groups
Mobility Messaging
Mobility Anchors
Troubleshooting Mobility
Wireless Client Roaming Optimization
Band Select
Load Balancing
Optimized Roaming
802.11k and 802.11v
Fast-Secure Roaming
CCKM
802.11r/FT
Summary
Chapter 5 Wireless Security and Identity Management with ISE
Identity Management Building Blocks
802.1X
802.1X Components
EAP
EAP Methods
RADIUS
RADIUS Attributes
CoA
AAA Sequence
Identity Services Engine Deployment and Configuration
ISE Certificates
Network Access Policies
Authentication Policy
Authorization Policy
Profiling Policy
Guest Access
Guest Services
Sponsor Services
ISE Integration with Active Directory
Device Administration Policies
Policy Sets
Authentication Policy
Authorization Policy
Configuring ISE for Wireless
Common Configuration
Wireless RADIUS Attributes
802.1X
MAC Filtering and MAC Authentication Bypass (MAB)
Local Web Authentication
Central Web Authentication
Profiling
Wireless Device Administration via ISE
Summary
Chapter 6 Prime Infrastructure and MSE/CMX
Managing the Management
Basic Operations
Working with Devices, Templates, and Audits
Operating Maps
High Availability
Monitoring Tools: Troubleshooting Clients and Working with Reports, Alarms and Events, and Notifications
Configuring Jobs
Security Operations
Mobility Services Engine and Connected Mobile Experiences
Location Technologies and Techniques
Cell of Origin and Presence
Trilateration with Probe RSSI or FastLocate
802.11 Active RFID Tags
Angle of Arrival (AoA) and Hyperlocation
Bluetooth Low Energy
Management Access
Network Services
Location
Analytics
Connect and Engage
CleanAir
Wireless Intrusion Prevention System
NMSP
Summary
Chapter 7 WLAN Media and Application Services
Introduction
QoS Survival Concepts for Wireless Experts
The Notion of Differentiated Treatment
QoS Design
Application Visibility and Identification
Layer 3, Layer 2 QoS
IPv4 QoS Marking
Per Hop Behavior
IPv6 Layer 3 Marking
Layer 2 802.1 QoS Marking
802.11 QoS Marking
DSCP to UP and UP to DSCP Marking
Downstream
Upstream
Trust Boundary and Congestion Mechanisms
Trust Boundary
Congestion Management
802.11 Congestion Avoidance
TXOP
CAC
BW Contracts
Configurations
AireOS
QoS Profiles and Bandwidth Contracts
Default QoS Mapping
DSCP Trust and 802.11u QoS Maps
EDCA Parameters
WLAN and WMM Configurations
CAC Configuration
Data Rate Configuration
AVC Configuration
FastLane Configuration and Client Behavior
Enhanced Roaming
Managing Video Flows
Bonjour/mDNS
Bonjour/mDNS Principles
Bonjour/mDNS Configuration
mDNS Gateway
mDNS Profiles
mDNS AP
mDNS Filtering Options: Priority MAC, Origin, and LSS
LSS
mDNS Policies
AireOS Configuration Summary
Autonomous APs
DSCP to UP Mapping
Retry Options
EDCA Parameters
Advanced Features
Autonomous Application Service Configuration Summary
Wired Configuration
Trusting DSCP or CoS
QoS Policies
Class Maps
Policy Maps
Service Policy
Summary