--> AP Authentication allows only authorized access points to register with Cisco WLC.
--> By default, any Cisco wireless access point can register with Cisco WLC.
--> AP Authentication restricts which access points can register with Cisco WLC.
1) MIC
--> Each and every AP contains MIC (Manufactured Installed certificate) which is developed after July 2005.
--> Used to authenticate with Wireless LAN Controller.
--> Any Access Point with valid MIC certificate can join the Wireless LAN Controller.
--> Very Less Security.
2) Authorize MIC AP's against auth-list or AAA
--> Every MIC AP can authenticate to WLC by using AP BVI MAC address.
--> We can find out BVI MAC address using show interface bvi1
--> MAC address can be present either in WLC local database or AAA server.
--> High level of security.
--> AAA server is recommended when we have more than one Wireless LAN Controller running on the network.
3) LSC
--> AP authenticate to WLC using Local significate Certificate from Certificate Authority.
--> AP and WLC can communicate to CA Server using SCEP Protocol.
--> Good level of security.
4) SSC
--> AP authenticate to WLC using Self Signed Certificate.
--> Basic level of security.
Note: We can configure AP authentication under AP Policies in Cisco WLC.
Ref: Cisco.com
Md.Kareemoddin
CCIE # 54759
Freelance Network Engineer
--> By default, any Cisco wireless access point can register with Cisco WLC.
--> AP Authentication restricts which access points can register with Cisco WLC.
1) MIC
--> Each and every AP contains MIC (Manufactured Installed certificate) which is developed after July 2005.
--> Used to authenticate with Wireless LAN Controller.
--> Any Access Point with valid MIC certificate can join the Wireless LAN Controller.
--> Very Less Security.
2) Authorize MIC AP's against auth-list or AAA
--> Every MIC AP can authenticate to WLC by using AP BVI MAC address.
--> We can find out BVI MAC address using show interface bvi1
--> MAC address can be present either in WLC local database or AAA server.
--> High level of security.
--> AAA server is recommended when we have more than one Wireless LAN Controller running on the network.
3) LSC
--> AP authenticate to WLC using Local significate Certificate from Certificate Authority.
--> AP and WLC can communicate to CA Server using SCEP Protocol.
--> Good level of security.
4) SSC
--> AP authenticate to WLC using Self Signed Certificate.
--> Basic level of security.
Ref: Cisco.com
Md.Kareemoddin
CCIE # 54759
Freelance Network Engineer
0 Comments