Cisco Cisco Cius 4G Guide De Conception
Cisco Cius Wireless Deployment Guide
85
CCKM Timestamp Tolerance
As of the 7.0.98.218 release, the CCKM timestamp tolerance is configurable.
In previous releases, the CCKM timestamp tolerance was set to 1000 ms and non-configurable.
The default CCKM timestamp tolerance is still set to 1000 ms in the later releases.
In previous releases, the CCKM timestamp tolerance was set to 1000 ms and non-configurable.
The default CCKM timestamp tolerance is still set to 1000 ms in the later releases.
It is recommended to adjust the CCKM timestamp tolerance to 5000 ms to optimize the Cisco Cius roaming experience.
(Cisco Controller) >config wlan security wpa akm cckm timestamp-tolerance ?
<tolerance> Allow CCKM IE time-stamp tolerance <1000 to 5000> milliseconds; Default tolerance 1000 msecs
Use the following command to configure the CCKM timestamp tolerance per Cisco recommendations.
Use the following command to configure the CCKM timestamp tolerance per Cisco recommendations.
(Cisco Controller) >config wlan security wpa akm cckm timestamp-tolerance 5000 <WLAN id >
To confirm the change, enter show wlan <WLAN id>, where the following will be displayed.
CCKM tsf Tolerance...............................
5000
Auto-Immune
The Auto-Immune feature can optionally be enabled for protection against denial of service (DoS) attacks.
Although when this feature is enabled there can be interruptions introduced with voice over wireless LAN, therefore it is
recommended to disable the Auto-Immune feature on the Cisco Unified Wireless LAN Controller.
To view the Auto-Immune configuration on the Cisco Unified Wireless LAN Controller, telnet or SSH to the controller and
enter the following command.
Although when this feature is enabled there can be interruptions introduced with voice over wireless LAN, therefore it is
recommended to disable the Auto-Immune feature on the Cisco Unified Wireless LAN Controller.
To view the Auto-Immune configuration on the Cisco Unified Wireless LAN Controller, telnet or SSH to the controller and
enter the following command.
(Cisco Controller) >show wps summary
Auto-Immune
Auto-Immune
Auto-Immune....................................
Disabled
Client Exclusion Policy
Excessive 802.11-association failures.......... Enabled
Excessive 802.11-authentication failures....... Enabled
Excessive 802.1x-authentication................ Enabled
IP-theft....................................... Enabled
Excessive Web authentication failure........... Enabled
Signature Policy
Signature Processing........................... Enabled