Filter
Top Products
7-11
Cisco Wireless LAN Controller Configuration Guide
OL-8335-02
Chapter 7 Controlling Lightweight Access Points
Autonomous Access Points Converted to Lightweight Mode
Controllers Accept SSCs from Access Points Converted to Lightweight Mode
The lightweight access point protocol (LWAPP) secures the control communication between the access
point and controller by means of a secure key distribution requiring X.509 certificates on both the access
point and controller. LWAPP relies on a priori provisioning of the X.509 certificates. Factory installed
certificates are referenced by the term MIC, which is an acronym for manufacturing-installed certificate.
Cisco Aironet access points shipped before July 18, 2005 do not have a MIC, so these access points
create a self-signed certificate (SSC) when upgraded to operate in lightweight mode. Controllers are
programmed to accept SSCs for authentication of specific access points.
Using DHCP Option 43
Cisco 1000 series access points use a string format for DHCP option 43, whereas Cisco Aironet access
points use the type-length-value (TLV) format for DHCP option 43. DHCP servers must be programmed
to return the option based on the access point’s DHCP Vendor Class Identifier (VCI) string (DHCP
Option 60). Table 7-2 lists the VCI strings for Cisco access points capable of operating in lightweight
mode.
This is the format of the TLV block:
• Type: 0xf1 (decimal 241)
• Length: Number of controller IP addresses * 4
• Value: List of the IP addresses of controller management interfaces
Refer to the product documentation for your DHCP server for instructions on configuring DHCP Option
43. The Application Note: Upgrading Autonomous Cisco Aironet Access Points To Lightweight Mode
contains example steps for configuring option 43 on a DHCP server.
Using a Controller to Send Debug Commands to Access Points Converted to
Lightweight Mode
Enter this command to enable the controller to send debug commands to an access point converted to
lightweight mode:
config ap remote-debug [enable | disable | exc_command] access-point-name
When this feature is enabled, the controller sends debug commands to the converted access point as
character strings. You can send any debug command supported by Cisco Aironet access points that run
Cisco IOS software in lightweight mode.
Table 7-2 VCI Strings For Lightweight Access Points
Access Point VCI String
Cisco 1000 Series Airespace 1200
Cisco Aironet 1130 Series Cisco AP c1130
Cisco Aironet 1200 Series Cisco AP c1200
Cisco Aironet 1240 Series Cisco AP c1240