WIRELESS: INTERVIEW QUESTIONS: BASIC


 

QUESTIONS & ANSWERS

What are Autonomous & Lightweight Access Point ?

Ans.

Autonomous means AP’s will be managed through associated Switch. we can enter into AP’s configuration mode & do the required configuration.

Lightweight means AP’s will be managed through associated Wireless Controller. we cannot enter into the AP’s configuration mode. All the required configuration on AP’s will be done through associated Wireless Controller.

What is LWAPP & CAPWAP?

To communicate between controller & access point, there are two protocols available:

Older one: LWAPP

New one: CAPWAP (available in version 5.2 or later)

LWAPP & CAPWAP are similar, exception is for Layer 2 deployments, which are not supported by CAPWAP.

Scenario

In Wireless, we got one new Aironet model AP (Access Point).
In this device, Lightweight image is already present.
Lightweight image is used, when AP has to be managed by WLC (Wireless Controller).
In Lightweight image, we don’t get the option of entering into configuration mode.
But, in our case, we need to manage AP by Switch, not WLC.
How to enter into the configuration mode of AP.

How to get Configuration mode in Lightweight Access Point?

Generally, Lightweight AP’s are managed & controlled by Wireless Controller.

So, by default there is no configuration mode option in Lightweight AP.

In case, if we want to configure Lightweight AP through console, then we need to enter into configuration mode.

To enable configuration mode, we need to disable protocol running in case of Lightweight AP’s.

Example

AP#debug capwap console cli    /  without this line LWAP not accepting the conf t /

Reference Link, To convert Lightweight to Autonomous

http://mrncciew.com/2012/10/20/lightweight-to-autonomous-conversion/

How to configure Guest SSID on AP, explain the complete configuration scenario with required changes on AP, connected Layer 2 & Layer 3 device ?

Complete configuration given at below link,

https://networkproxy.wordpress.com/2014/08/27/access-point-guest-ssid-configuration/

What all are the possible reasons, if Lightweight Access Point is not joining or associating with Wireless Controller ?

Reference link

What is flex mode, used between WLC & LAP?

FlexConnect is also known as H-REAP or, Hybrid Remote Edge Access Point.

Single WLC at Head office, managing number of access point at branch offices.

Tunnel is formed from branch office to Head office.

It basically causes the AP to behave like an autonomous AP, but even then managed by the WLC.

In this mode, the AP can still function even if it looses connection with the controller.

Benefit: Flex Connect allows data traffic to be switched locally and not go back to the controller.

Two Types of configuration:

central authentication, central switching

The controller at Head office handles client authentication, and all client data is tunneled back to the controller.

central authentication, local switching

The controller handles client authentication, and the FlexConnect access point switches data packets locally.

Reference Link

https://learningnetwork.cisco.com/thread/51502

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html#wp1224744

What is the difference between certificate types used for authentication ?

SSC: Self Signed Certificate
MIC: manufacturing installed certificates
LSC: Locally Significant Certificate 

Ans.

” SSC “
About Self-Signed Certificates
ACS supports TLS/SSL-related protocols, including PEAP, EAP-FAST, and HTTPS,that require the use of digital certificates. Employing self-signed certificates is a way for administrators to meet this requirement without having to interact with a CA to obtain and install the certificate for the ACS.
The administrator uses the self-signed certificate feature in ACS
to generate the self-signed digital certificate, and use it for the
PEAP and EAP-FAST authentication protocols or for HTTPS support in web administration service.

Reference Link

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/sau.html#wp327462

Q. What is Mobility group ?

Ans.

A Mobility Group is a group of Wireless LAN Controllers (WLCs) in a network with the same Mobility Group name. These WLCs can dynamically share context and state of client devices, WLC loading information, and can also forward data traffic among them, which enables inter-controller wireless LAN roaming and controller redundancy.

Reference Link

http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/107188-mobility-groups-faq.html

Q. What is difference between below mentioned terms:

central authentication, central switching

central authentication, local switching

local authentication, local switching

Ans.

central authentication, central switching

Authentication: Authentication part & switching of data packets both are done at controller end.

Data Switching: switching of data packets is done at controller end.

Applicable: This is applicable in only Flex or connect mode.

central authentication, local switching

Authentication: Authentication part is done at the controller.

Data Switching: After the client authenticates successfully, the controller sends a configuration command with a new payload to instruct the access point to perform switching of data packets locally.

Applicable: This is applicable in only Flex or connect mode.

local authentication, local switching

Authentication: Authentication part is done locally at access point.

Data Switching: switching of data packets is done locally at access point.

Applicable: This state is valid in both, (standalone mode) and  (Flex or connected mode).

Reference Link

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html#wp1224744

Q. What is LWAPP & CAPWAP?

To communicate between controller & access point, there are two protocols available:

Older one: LWAPP

New one: CAPWAP (available in version 5.2 or later)

LWAPP & CAPWAP are similar, exception is for Layer 2 deployments, which are not supported by CAPWAP.

What are benefits of CAPWAP?

CAPWAP enables controllers to interoperate with third-party access points.

Can we enter into the configuration mode in Lightweight Access Point ?

Ans.

By default, No. But, workaround can be done to enter into configuration mode.

Can I push configurations from one WLC directly to other WLCs?

No. You cannot push configurations from one WLC directly to other WLCs. In order to transfer the file to other WLCs, you must upload the configuration file from a WLC to the TFTP server, and then download the file from the TFTP server to the desired WLC.

How to check version of WLC?

GUI: Monitor — Summary —- software version

CLI: (Cisco Controller) >show run−config

Product Version……………………………. 4.0.217.0

Check active boot image: (Cisco Controller) >show boot

Primary Boot Image…………………………. 4.0.217.0 (active)

Backup Boot Image………………………….. 4.0.155.5

How does roaming occur in a WLC environment?

Roaming is a process where the client can retain uninterrupted application sessions on its move.

When a wireless client associates and authenticates to a WLC, it places an entry for that client in its client database. This entry includes the MAC and IP addresses of the client, security context and associations, quality of service (QoS) contexts, the WLAN, and the associated LAP.

When a client roams to another LAP associated to the same WLC, it just updates the client database with the new LAP information so that the data can be forwarded appropriately to the client.

When a client roams to a LAP associated with a different WLC, either in same or different subnets, it sends the information in the client database to the new WLC.

This helps client to retain its IP address across roams and maintain uninterrupted TCP Sessions.

What is a Rogue AP? Can the rogue APs in my wireless network be automatically blocked?

APs that are not part of your wireless deployment are called rogue APs. It can be either an

autonomous AP or Lightweight AP that happens to be in the range of authorized APs. Rogue APs cannot be automatically blocked. This must be done manually.

The physical ports on the WLC are currently set to operate at 1000 mbps speed. Is it possible to change this port speed to 100 mbps?

No, the port speed on the WLC cannot be changed. These are set at 1000 mbps, full duplex speed only.

What is preferred in case of access point, Static ip or ip from DHCP server?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s