Manualshelf

User guide

ManualsBrandsCisco ManualsComputer equipmentCisco Wireless LAN Controller 4100
121122123124125126127128129130
5-31
Cisco WLAN Controller Web Interface User Guide
OL-7416-04
Chapter 5 Wireless Menu Bar Selection
Bridging
Zero Touch Configuration
When Zero Touch Configuration is enabled on the controller, Cisco WRAP performs the following
actions to accomplish a secure zero touch.
Step 1 When a WRAP is first installed, it tries to find its role automatically. If it has a wired connection to a
Cisco WLAN controller, then it assumes the role of RAP, otherwise it becomes a PAP.
Step 2 Next it determines the backhaul interface and channel.
If it is a RAP, it already has a secure LWAPP connection to the controller and will use the
configured RAP backhaul interface (Default: 802.11a).
Note The RAP offers service in one band for the clients, and uses the another band for backhaul, that
is - communication between the APs.
If it is a PAP, it will scan the backhaul interfaces and channels for neighbor APs. When it finds
a neighbor AP with the same bridge group name with a path back to the
controller, it will make that AP its parent. If the PAP finds more than one neighbor AP, it will
use a least-cost algorithm to determine the parent that has the best path back to the controller.
All the APs will use the configured data rate (Default: 18 Mbps).
Step 3 To set up a secure LWAPP connection with the controller, the PAP will send its default shared secret key
and MAC address to set up a temporary secured connection. The controller validates the MAC address
against the allowed devices list and if found, it will send the shared secret key to the PAP and disconnect.
The PAP will store the shared secret key and use it to set up a secure LWAPP connection.
Step 4 If a PAP loses connection to the controller, it will look for valid neighbors using the bridge group name
and scan the backhaul interfaces and channels. When it finds a neighbor, it will make that AP its parent.
If it already has a shared secret key it will use that key and try to set up a secure LWAPP connection to
the controller. If the shared secret key does not work, it will use the shared default secret key and attempt
to get a new shared secret key.
Note The access points must be connected in Layer 2 mode for Zero Touch Configuration to work.
Note Zero Touch Configuration may not work if the RAP is an indoor WRAP, and the PAP is an outdoor
WRAP. Indoor WRAP defaults to channel 52 and outdoor WRAP can not operate on that channel.