User guide

ManualsBrandsCisco ManualsComputer equipmentCisco Wireless LAN Controller 4100

3-4

Cisco WLAN Controller Web Interface User Guide

OL-7416-04

Chapter 3 WLANs Menu Bar Selection

WLANs

7920 Phone

Support

Select one of the following:

• Disabled—Use this setting to disable support for your Cisco 7920 phones on

the WLAN.

• Client CAC Limit—Use this setting if you want the WLAN to support the

older version of the software on your Cisco 7920 phones. In older versions,

the CAC limit is set on the client.

• AP CAC Limit—Use this setting if you want the WLAN to support the newer

version of the software on your Cisco 7920 phones. In newer versions, the

CAC limit is advertised by the access points.

• All 7920 Phones—Use this setting to enable WLAN support for all Cisco

7920 phones.

Broadcast SSID Enable or Disable the Service Set Identifier broadcasts.

Allow AAA

Override

Enable or disable AAA override for global WLAN parameters.

When AAA Override is enabled, and a client has conflicting AAA and controller

WLAN authentication parameters, client authentication is performed by the AAA

server. As part of this authentication, the Operating System will move clients from

the default Cisco WLAN Solution WLAN VLAN to a VLAN returned by the AAA

server and predefined in the controller Interface configuration (only when

configured for MAC filtering, 802.1X, and/or WPA operation). In all cases, the

Operating System also uses QoS, DSCP, 802.1p priority tag values and ACLs

provided by the AAA server, as long as they are predefined in the controller

Interface configuration. (This VLAN switching by AAA Override is also referred

to as Identity Networking.)

For instance, if the Corporate WLAN primarily uses a Management Interface

assigned to VLAN 2, and if AAA Override returns a redirect to VLAN 100, the

Operating System redirects all client transmissions to VLAN 100, regardless of

the physical port to which VLAN 100 is assigned.

When AAA Override is disabled, all client authentication defaults to the controller

authentication parameter settings, and authentication is only performed by the

AAA server if the controller WLAN do not contain any client-specific

authentication parameters.

The AAA override values may come from a RADIUS server, for example.

External Policy

Validation

External security policy validation. Enable or Disable.

Client Exclusion When automatic adding to the Exclusion List (disabling) is enabled, set the

timeout in seconds for disabled client machines. Client machines are disabled by

MAC address and their status can be observed on the Clients > Detail page. A

timeout setting of 0 indicates that administrative control is required to re-enable

the client.

Table 3-2 General Policies (continued)

Parameter Description