Cisco Cisco 2000 Series Wireless LAN Controller
11
Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 3.2.116.21
OL-9542-01
Important Notes
Rekeys Not Supported with Cisco VPN Client
If a rekey occurs, clients must reauthenticate. To mitigate this problem, navigate to the WLANs > Edit
page in the controller GUI, choose IPsec from the Layer 3 Security drop-down box, and change the
Lifetime setting at the bottom of the page to a large value, such as 28800 seconds (this is the default
value), depending upon your security requirements.
page in the controller GUI, choose IPsec from the Layer 3 Security drop-down box, and change the
Lifetime setting at the bottom of the page to a large value, such as 28800 seconds (this is the default
value), depending upon your security requirements.
RADIUS Servers
This product has been tested with the following RADIUS servers:
•
CiscoSecure ACS v3.2
•
Funk Odyssey Client v1.1 and 2.0
•
Funk Steel-Belted RADIUS release 4.71.739 and 5.03 Enterprise Edition
•
Microsoft Internet Authentication Service (IAS) release 5.2.3790.1830 on Windows 2003 server
Management Usernames and Local Netuser Names
Management usernames and local netuser names must be unique because they are stored in the same
database. That is, you cannot assign the same name to a management user and a local netuser.
database. That is, you cannot assign the same name to a management user and a local netuser.
802.1x and Microsoft Wireless Configuration Manager
Clients using the Microsoft Wireless Configuration Manager and 802.1x must use WLANs configured
for 40- or 104-bit key length. Configuring for 128-bit key length results in clients that can associate but
not authenticate.
for 40- or 104-bit key length. Configuring for 128-bit key length results in clients that can associate but
not authenticate.
Cisco Aironet 1030 Remote Edge Lightweight Access Point Default Operation
When a controller reboots, dropped Cisco Aironet 1030 Remote Edge Lightweight Access Points
attempt to associate to any available controller. If the access points cannot contact a controller, they
continue to offer 802.11a/b/g service on WLAN 1 only.
attempt to associate to any available controller. If the access points cannot contact a controller, they
continue to offer 802.11a/b/g service on WLAN 1 only.
WEP Keys
This release supports four separate WEP index keys. These keys cannot be duplicated between WLANs.
At most, four WEP WLANs can be configured on a controller. Each of these WLANs must use a different
key index.
At most, four WEP WLANs can be configured on a controller. Each of these WLANs must use a different
key index.
Using the Backup Image
The controller bootloader (ppcboot) stores a copy of the active primary image and the backup image. If
the primary image becomes corrupted, you can use the bootloader to boot with the backup image.
the primary image becomes corrupted, you can use the bootloader to boot with the backup image.