242 CCNA Wireless Official Exam Certification Guide
Figure 13-8 WLAN Configuration Tabs
Step 7. Choose not to broadcast the SSID by deselecting the Broadcast SSID check
box. This adds a little security, but, as you will learn in Chapter 17, “Securing
the Wireless Network,” it is not a high degree of security. The default value is
to broadcast the SSID.
Step 8. Do not click Apply yet.
Modifying the Security Settings
Before you apply the configuration, you need to modify the security settings. Follow
these steps:
Step 1. Click the Security tab within the WLAN configuration window.
You are presented with three additional tabs:
■ Layer 2
■ Layer 3
■ AAA Servers
For now, you should only be concerned with the Layer 2 policy, because the
Layer 3 policy defaults to None.
Step 2. Choose None as the Layer 2 security method.
Step 3. Click Apply.
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 242
Chapter 13: Simple Network Configuration and Monitoring with the Cisco Controller 243
Figure 13-9 Listing WLAN Profiles
Success! You now have a functional WLAN, as Figure 13-9 illustrates. That is, it is func-
tional as long as the wired network behind it is good to go.
Naming Access Points
Still, you might want to do some tweaks to the network. For example, suppose that you
have two APs. One AP is in the lobby, and the other is in the research lab. You do not want
anyone to access the AP in the research lab using the GUESTNET. What do you do? You
just control the APs that allow GUESTNET access. To begin, though, you should identify
which AP is in the lobby and which is in the research lab. Figure 13-10 shows that the two
APs are identified by a MAC address as the AP name.

This can be confusing. I recommend changing the name of the AP to something that
makes sense. Here is how to do it:
Step 1. Find the MAC address of the AP in the lobby. It is printed on the bottom of
the AP.
Step 2. After you have the MAC of the lobby AP, go to the WLC interface and browse
to WIRELESS > Access Points > All APs.
Step 3. Select the AP that matches the MAC address. The AP name begins with “AP”
followed by the MAC address.
Step 4. Change the Name in the General tab to Lobby-AP.
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 243
244 CCNA Wireless Official Exam Certification Guide
Figure 13-10 Listing All APs
Note: This name follows the AP when you move it within your network, so it is important
to update the name on the controller if you ever move the AP or swap it out. Also, it is
good practice to label the Cisco PoE switch port with the same name. This helps when you
are troubleshooting any issues and might need to remotely power cycle the AP by shutting
its switch port.
Step 5. Optionally add a location. These steps are seen in Figure 13-11.
Step 6. Click Apply.
Step 7. Next, select the other AP.
Note: You might have more than two APs in your own deployment. The term other AP in
this case simply refers to the only other AP used in the example.
Step 8. Repeat Steps 5 through 7 to assign a different name and location for the Re-
search_Lab AP.
When completed, you should see two APs that are easy to identify based on
their name.
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 244
Chapter 13: Simple Network Configuration and Monitoring with the Cisco Controller 245
Figure 13-11 Naming the AP
Restricting Access to Access Points

Now is where the control part comes in. Remember that you do not want the GUESTNET
access going through the Research_Lab-AP. Following is how to prevent it:
Step 1. Start by selecting WIRELESS > Access Points > Radios > 802.11a/n.
Step 2. Find the Research_Lab-AP seen in Figure 13-12.
Step 3. To the right of the entry, hover your mouse over the arrow seen in Figure 13-
13, and select Configure.
Step 4. Select the WLAN Override by selecting enable,asseeninFigure13-14.Anew
list of WLANS appears.
Step 5. Select the WLAN that you want this AP to support.
In this case, leaving the GUESTNET WLAN unchecked removes that access
through this AP.
Step 6. Click Apply.
Step 7. Repeat these steps for the 802.11b/g/n radio.
After you have done this for the Research_Lab-AP, you probably want to do the same for
the Lobby_AP, but only allow GUESTNET access though it, removing any other net-
works.
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 245
246 CCNA Wireless Official Exam Certification Guide
Figure 13-12 802.11a/n Radios
Figure 13-13 802.11a/n Radio Options Menu
Key
Topi
c
Key
Topi
c
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 246
Chapter 13: Simple Network Configuration and Monitoring with the Cisco Controller 247
Figure 13-14 Enabling WLAN Override
Summary of Controller Configuration Using the Web Interface

At this point you have accomplished much by way of your controller. Through one inter-
face, you can see how much power in configuration you have. What did you do? Here is
the list:
■ You set up multiple APs at the same time.
■ You easily configured a WLAN connection to provide GUESTNET access.
■ You controlled which APs allows GUESTNET access.
Of course, more options are available that you might want to understand, and many relate
to security. First, however, it is beneficial to understand how to monitor the network from
the interface of the controller, view your APs, and simply get a better picture of what is
going on in the network. The following sections discuss these aspects.
Monitoring with the Controller
As far as the management and monitoring of the network go, you have much power by
way of the controller. The controller is a central point of intelligence that can give you
valuable information regarding the network overall as well as specifics related to APs,
clients, rogues, and more. The main login page of the controller provides an excellent
starting point.
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 247
248 CCNA Wireless Official Exam Certification Guide
General Monitoring
The Controller Summary page is the first thing you see when you log in. At first glance, it
might seem like a simple overview, but it has much more than that. Examine Figure 13-15,
where you will notice the following functional areas of the Summary page:
■ Controller Summary
■ Access Point Summary
■ Client Summary
■ Rogue Summary
■ Top WLANs
■ Most Recent Traps
Each area provides a wealth of information, as described in the sections that follow.
Controller Summary

Controller Summary provides the management IP address and the service port address.
You can also see the software version. In Figure 13-15, you can see that the version is
4.1.192.17M (Mesh). Eventually you will learn to upgrade it to version 5.x. For now, this
version is acceptable.
Figure 13-15 Monitor Summary
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 248
Chapter 13: Simple Network Configuration and Monitoring with the Cisco Controller 249
Figure 13-16 Radio Details
You can also gather the name of the controller and its uptime. Next, you can see the up
time and system time on the controller, as well as the internal temperature. In addition,
you can see that the 802.11a and 802.11b/g networks are enabled.
Access Point Summary
The next functional area is Access Point Summary, which shows the total number of
802.11a.n and 802.11b/g/n radios that are present, how many are up, and how many are
down. You can click Detail for more information. 802.11b/g/n Radios details have been se-
lected, and you are presented with a list of APs, as seen in Figure 13-16.
This list provides valuable information regarding the administrative status of the APs as
well as the channel they are operating on and their power level. A power level of 1 indi-
cates the highest level of power legal in the country you are in. You can change these lev-
els by hovering your mouse over the blue arrow on the right and selecting the Configure
link, as seen in Figure 13-17.
After you select Configure, you are taken to the page shown in Figure 13-18 that allows
you to set General parameters, including enabling and disabling the radios, 11n parameters
if available, and antenna type and diversity.
You can also gather information about management frame protection and perform a
WLAN override. A WLAN override lets you control which SSIDs are made available by
this AP. You saw this in the section “Configuring the Controller Using the Web Interface.”
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 249
250 CCNA Wireless Official Exam Certification Guide
Figure 13-18 802.11b/g/n Cisco APs > Configure Screen

Figure 13-17 Access the Configure Options of the Radios
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 250
Chapter 13: Simple Network Configuration and Monitoring with the Cisco Controller 251
Figure 13-19 Viewing 802.11a/n Radios
On the right side of the page, you can change the RF channel assignment and the TX
(transmit) power level assignment. The higher the number of the power setting, the lower
the power level is. For example, changing the level from 1 to 2 decreases the power by 50
percent. Changing it to 3 decreases it by 25 percent, and 4 decreases it by 12.5 percent.
Each level halves the one before it.
You can also change and edit a performance profile. The Performance Profile link takes
you to a page that lets you define RF values and thresholds. Additionally, from the Moni-
tor page, you can select the Wireless link on the left side of the page, as shown in Figure
13-19.
In the figure, you can see a list containing the following links:
■ Rogue APs: Selecting Rogue APs takes you to a page that lists the rogue APs.
■ Known Rogue APs: Selecting Known Rogue APs takes you to a page of known
rogue APs.
■ Rogue Clients: The Rogue Clients link takes you to a list of rogue clients.
■ Adhoc Rogues: Adhoc Rogues takes you to a list of clients that are creating ad-hoc
networks. This can pose a serious security risk, because it can enable access to the
wired infrastructure.
Key
Topi
c
15_1587202115_ch13.qxp 9/29/08 2:41 PM Page 251