Cisco Cisco Aironet 1000 Series Lightweight Access Point Installationsanleitung
5
mode (as opposed to autonomous mode). The access points associate to a controller. The controller
manages the configuration, firmware, and control transactions such as 802.1x authentication. In
addition, all wireless traffic is tunneled through the controller.
manages the configuration, firmware, and control transactions such as 802.1x authentication. In
addition, all wireless traffic is tunneled through the controller.
LWAPP is an Internet Engineering Task Force (IETF) draft protocol that defines the control messaging
for setup and path authentication and run-time operations. LWAPP also defines the tunneling
mechanism for data traffic. In an LWAPP environment, a lightweight access point discovers a
controller by using LWAPP discovery mechanisms and then sends it an LWAPP join request. The
controller sends the access point an LWAPP join response allowing the access point to join the
controller. When the access point joins the controller, it attempts to download a new operating system
software if the versions on the access point and controller do not match. After an access point joins a
controller, you can reassign it to any controller on your network.
for setup and path authentication and run-time operations. LWAPP also defines the tunneling
mechanism for data traffic. In an LWAPP environment, a lightweight access point discovers a
controller by using LWAPP discovery mechanisms and then sends it an LWAPP join request. The
controller sends the access point an LWAPP join response allowing the access point to join the
controller. When the access point joins the controller, it attempts to download a new operating system
software if the versions on the access point and controller do not match. After an access point joins a
controller, you can reassign it to any controller on your network.
LWAPP secures the control communication between the access point and controller by means of a
secure key distribution, utilizing X.509 certificates on both the access point and controller.
secure key distribution, utilizing X.509 certificates on both the access point and controller.
The Controller Discovery Process
Lightweight access points must be discovered by a wireless LAN controller before they can become an
active part of the network. Once an access point is discovered, the controller manages its
configuration, firmware, control transactions, and data transactions. When you connect a 1000 series
access point to your network and apply power, the following discovery process occurs:
active part of the network. Once an access point is discovered, the controller manages its
configuration, firmware, control transactions, and data transactions. When you connect a 1000 series
access point to your network and apply power, the following discovery process occurs:
1.
The access point sends an LWAPP discovery request message.
2.
Wireless LAN controllers receiving the request respond with an LWAPP discovery response.
3.
The access point selects a controller to join from the discovery responses it receives.
4.
The access point sends an LWAPP join request message to the selected controller, expecting an
LWAPP join response.
LWAPP join response.
5.
The controller receives the join request and responds with an LWAPP join response. The join
process includes mutual authentication and encryption key derivation which is used to secure the
join process and future LWAPP control messages.
process includes mutual authentication and encryption key derivation which is used to secure the
join process and future LWAPP control messages.
6.
The access point joins the controller and begins exchanging LWAPP messages. The access point
compares its firmware with that residing on the controller. If a version mismatch is detected, the
access point downloads the controller’s firmware.
compares its firmware with that residing on the controller. If a version mismatch is detected, the
access point downloads the controller’s firmware.
7.
After the controller and access point synchronize firmware versions, the controller provisions the
access point with the appropriate configuration settings, which include SSIDs, security
parameters, and 802.11 parameters such as data rates, supported PHY types, radio channels, and
power levels.
access point with the appropriate configuration settings, which include SSIDs, security
parameters, and 802.11 parameters such as data rates, supported PHY types, radio channels, and
power levels.
8.
When provisioning is completed, the access point and controller enter the LWAPP run-time state
and begin servicing data traffic.
and begin servicing data traffic.