Cisco Vwlc

TRANSCRIPT

Loading status checks. 'description': 'The Virtual Wireless Controller can cost-effectively manage, secure, and optimize the performance of local and branch wireless networks. Ideal for small and medium-sized businesses, the Virtual Wireless Controller facilitates server consolidation and improves business continuity in the face of outages.' Before attempting to deploy the Cisco vWLC on HYPER-V, the following prerequisites apply: You must have Hyper-V running on Microsoft 2012 Servers or higher, with a virtual switch already created. An SSH client (for example, Putty on Windows or Terminal on Macintosh) is required to access the Cisco vWLC console.

Configuration
  • 1. Cisco 18/11/2013
Cisco VwlcVwlcCisco

2. WLAN: WIPS rogue APs, . feedback . . , : - 802.11 - wireless security mistakes - - . - - Cisco - ' ' 3. WLAN (, ) , Mesh 4. Outdoor-mesh outdoor : - / 5. vs : WLAN. ( ). . . . . Site Survey. standalone 6. : : - , , 7. : AP500, 100, 300, 600, 700, 1040, 1130, 1140, 1200, 1240, 1250, 1260, 1600, 2600, 3500, 3600, 3700, 1300, 1400, 1500, 1520, 1530(1310), 1550 : WSSI Wireless security, 3G Small Cell 16 LTE ( ) 802.11 (3.5Gb, MU-MIMO)37003600 35001260114010406001550, Mb1.3/450450+300300300300300300CleanAir ClientLink3.02.0Rougue DetectionWIPS Office ExtendFlexConnectMesh 7.2 8. : (500-800$) (150$ per AP/Year). , - Cisco )) / WEB. FlexConnect??? 9. : Enterprise, Campus Branch Mobile HREAP 5700SO-Medium Office5500 SeriesWiSM22500(4GEth) WLCM2 AP 5/15/25/50 , 500 User- 300 7.3,4,5 8.0 ?AP 12 500 7000 10000 User- 8 10 GEth Switch/controller: 3650 38501000 60gb 12000usersFlex 7500 8500AP 500 6000 64000 User- 2*10Ge FlexConnect (. HREAP) Local mode AP is not supported Inter Controller mobility is not supported LAG is not supported on WLC 7500 Data DTLS is not supported Client and RFID Tag location is not supported Voice CAC is not supported Reliable multicast (Media Stream feature) is not supported WGB is not supported WLC 7500 platform will not be certified with FIPS 10. , FlexConnect: Branch Mobile HREAP 128K, 300ms (100ms ) 11. , Virtual 7: vWLC / . VMWare : Hardware: Cisco UCS, UCS Express, HP and IBM servers VMware OS: ESX/ESXi 4.x/5.x FlexConnect Mode: central and local switching Maximum APs: 200 Maximum : 3000 Throughput performance up to 500 Mbps per virtual controller Management with Cisco Prime Infrastructure 1.2 and above All 802.11n APs with required software version 7.3 are supported. APs will be operating in FlexConnect mode only. AP autoconvert to FlexConnect is supported on controller. New APs ordered will ship with 7.3 software from manufacturing. Existing APs must be upgraded to 7.3 software before joining a virtual controller. : Data DTLS, OEAP (no data DTLS),Rate Limiting,Internal DHCP server, Mobility/Guest Anchor, Multicast-Unicast mode, PIMIPv6, Outdoor Mesh Access Points( an Outdoor AP with FlexConnect mode will work) 12. ():WCSCisco Secure ACSCisco Prime NCSMobility Service Engine 3355 (Loc.App+wIPS) 13. (): Cisco Prime Infrastucture: WCS, NCS(+LMS) MSE wIPS, CleanAir.. . Cisco Identity Service Engine, Cisco Secure ACS NAC ( ) MDM..Cisco Prime Infrastructure 2.0 09/2013 (4.5Gb)WCS 7.0.240 (01/2013) . 14. 802.11 N 2 ! : Site Survey , Wi MeshPCI DSS, : Welcome to the IAUWS Course )) 15. WLAN. , : AES vs WEP(TKIP): AES 128 , WEP(TKIP) PSK vs 802.1x: 802.1 - PEAP, EAP-TLS, EAP-FAST.Hole 196 MadWiFi driver Peer-to-Peer Blocking Mode 16. WLAN : ? 17. WLAN AP CAPWAP, WiFi (RFC5415) CAPWAP Tunnel (UDP 5246, 5247) - DTLS DTLS ( 6.0)CAPWAP L3 X.509 18. WLAN NAC in-band , .NAC Appliance 19. WLANNAC Framework ClientAccess PointRADIUS Server ACS 4.x : - NAC Server Vendor X 20. WLAN : //CCVT.. 21. WLAN : //CCVT.. : wifi 5MHz, . 125 KHz .. 22. WLAN : //CCVT.. ? 1. CleanAir 2. 7. [3.] WCS/Prime [4.] MSE AQIWCS/Prime , , , MSE , PMAC, , .. 23. WLAN : ! 24. WLAN Spoof Unicast DeauthenticationSpoof Unicast DeauthenticationAccess Point2 AP ContainmentRogue AP Controller 25. WLAN RLDPDHCP Access pointIP AddressConnect (port 6352)ControllerRogue AP 26. WLAN : beacon . . switch-, . . . ( ) 27. WLAN : (Local), (monitor) . :Rogue Rule: SSID: tmobile RSSI: -80dBm Detected as RogueMarked as FriendlyRogue Rule: SSID: Corporate RSSI: -70dBmMarked as MaliciousRogues Matching No RuleMarked as Unclassified 28. WLAN : : 29. WLAN : : 30. WLAN : : 31. WLAN : :Rogue AP Broadcast Deauth framesRogue AP Broadcast and Unicast Deauth 32. WLAN IDS wIPS: 33. WLAN IDS wIPS: IDS . IPS MSE ! : - MSE WCS. - . - - - 34. WLAN IDS wIPS:APAttack Detection24x7 Scanning Over-the-Air DetectionWLCConfiguration wIPS AP ManagementMSEAlarm ArchivalWCSCentralized MonitoringCapture Storage Complex Attack Analysis, Forensics, EventsHistoric Reporting Monitoring, Reporting 35. WLAN IDS wIPS:1130 1040 1140 1260 3500 3600 3700 36. : InternetVirtual Anchor Controller SSID: GUEST Rate Limit = 500KbpsInternet RoutersExternal Services External DNS server WEB ServerWLCTunnel to Virtual Anchor External FirewallGGExternal DMZSSID Client Default GatewayG 2 WANRemote Office1SSID: Internal SSID: GUESTRemote Office2SSID: Internal= GUEST1= Internal 1= Internal 2 37. , Clean Air 38. : , Redcenter, ! , , . .TC-MENTOR.RU 39. ! : CCIE, CCSI, CQS, ENS, ENA,- sm@arccn.ru http://tc-mentor.ru .: +7 (495) 984-2764 , , - , TC MENTOR/ARCCN

Cisco Vwlc Eol

Configuring Cisco vWLC This guide applies to all WiFi Cisco controllers. The configuration procedure has been performed and tested for version 8.8.100.0 and shows only a basic configuration. VWLC management ip: 172.16.10.5, vlan identifier 10 When I set the vlan id (controller interfaces vlan id) to 10, the vWLC cannot ping the router subinterface. When I remove the vlan id, the ping is successful.