Manualshelf

Release Notes

ManualsBrandsCisco ManualsWLAN access pointsCisco 2106 Wireless LAN Controller
11121314151617181920
16
Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 4.2.176.0
OL-31336-01
Important Notes
From the controller console (after system bootup), enter Recover-Config from the User Name
prompt.
Caution Do not attempt to reset the controller’s configuration by choosing Option 5, Clear Config, from the boot
menu.
Rate-Limiting on the Controller
Rate-limiting is applicable to all traffic destined to the CPU from either direction (wireless or wired).
Cisco recommends that you always run the controller with the default config advanced rate enable
command in effect in order to rate-limit traffic to the controller and protect against denial-of-service
(DoS) attacks. You can use the config advanced rate disable command to stop rate-limiting of Internet
Control Message Protocol (ICMP) echo responses for testing purposes. However, Cisco recommends
that you reapply the config advanced rate enable command after testing is complete.
Pings Supported to the Management Interface of the Controller
Controller software release 4.1.185.0 or later is designed to support ICMP pings to the management
interface either from a wireless client or a wired host. ICMP pings to other interfaces configured on the
controller are not supported.
Pinging from a Network Device to a Controller Dynamic Interface
Pinging from a network device to a controller dynamic interface may not work in some configurations.
When pinging does operate successfully, the controller places Internet Control Message Protocol
(ICMP) traffic in a low-priority queue, and the reply to ping is on best effort. Pinging does not pose a
security threat to the network. The controller rate limits any traffic to the CPU, and flooding the
controller is prevented. Clients on the WLAN associated with the interface pass traffic normally.
GLBP Not Supported
Controller software release 4.2 or later is not compatible with the Gateway Load Balancing Protocol
(GLBP). Make sure to configure the controller’s default gateway to a fixed address and not to the GLBP
virtual address.
IPSec Not Supported
Software release 4.2.176.0 does not allow you to choose IPSec as a Layer 3 security option. None and VPN
Passthrough are the only available options. If you upgrade to this release from a previous release that
supported IPSec as a Layer 3 security option, any WLANs that are configured for this feature become
disabled. If you want to configure IPSec, you must use a version of controller software prior to 4.0.