NETWORK PROXY

https://networkproxy.wordpress.com/tag/cisco-wireless-interview-questions-and-
answers/

 #1322 (NO TITLE)

 MY BLOG
 ROUTING
 SWITCHING
 WIRELESS
 HARDWARE
 DATACENTER TECHNOLOGIES
 REAL WORLD SCENARIOS
 LIVE CONFIGURATION
 COMPANY INTERVIEWS
 STUDY MATERIAL
 LINKS
 DISCUSSIONS FORUM
 SUGGESTIONS

Search for:

CISCO WIRELESS INTERVIEW

QUESTIONS AND ANSWERS
WIRELESS: INTERVIEW
QUESTIONS: ADVANCED
 
 
 
 
 
 
4 Votes

Can access point enabled with LWAPP, join the controller enabled
with CAPWAP?

Yes, Access point enabled with LWAPP can join the controller enabled with CAPWAP.

Give an example of access point model, which can join only CAPWAP
& one example which can join either of LWAPP or CAPWAP?
Cisco Aironet 1140 only supports CAPWAP

Cisco Aironet 1130 supports both LWAPP & CAPWAP

When access point starts up, what will be the behavior in regards of
LWAPP & CAPWAP?

After 60 seconds of trying to join a controller with CAPWAP, the access point falls

back to using LWAPP. If it cannot find a controller using LWAPP within 60 seconds, it tries

again to join a controller using CAPWAP. The access point repeats this cycle of switching

from CAPWAP to LWAPP and back again every 60 seconds until it joins a controller.

Once the access point downloads the CAPWAP image from the controller, it uses only
CAPWAP to communicate with the controller.

What are the basic guidelines for implementing CAPWAP?

If your firewall is currently configured to allow traffic only from access points that

use LWAPP, you must change the rules of the firewall to allow traffic from access

points that use CAPWAP.

Make sure that the CAPWAP UDP ports 5246 and 5247 (similar to the LWAPP UDP

ports 12222 and 12223) are enabled and are not blocked by an intermediate device

that could prevent an access point from joining the controller.

If access control lists (ACLs) are in the control path between the controller and its

access points, you need to open new protocol ports to prevent access points from

being stranded.

How to use USB console port on the cisco 5500 wireless?

The USB console port on the 5500 series controllers connects directly to the USB

connector of a PC using a USB Type A to 5−pin mini Type B cable.

Note: The 4−pin mini Type B connector is easily confused with the 5−pin mini Type B
connector. They are not compatible. Only the 5−pin mini Type B connector can be used.

What is the function of service port on WLC?

In order to configure the basic settings on a 4400 controller using the GUI configuration

wizard, you must connect to the service port of the controller. Next, configure your PC to
use

the same subnet as the controller service port; the IP address on service port when
configuring

the WLC for the first time is 192.168.1.1. Start Internet Explorer 6.0 SP1 (or later) or Firefox

2.0.0.11 (or later) on your PC, and browse to http://192.168.1.1. The GUI Configuration

wizard appears.

How WLC works in terms of packet transfer or what is the

mechanism?

All the client (802.11) packets are encapsulated in a LWAPP packet by the LAP and sent

to the WLC. WLC descapsulates the LWAPP packet and acts based on the destination IP

address in the 802.11 packet. If the destination is one of the wireless clients associated to
the

WLC, it encapsulates the packet again with the LWAPP and sends it to the LAP of the client,

where it is decapsulated and sent to the wireless client. If the destination is on the wired
side

of the network, it removes the 802.11 header, adds the Ethernet header, and forwards the

packet to the connected switch, from where it is sent to the wired client. When a packet

comes from the wired side, WLC removes the Ethernet header, adds the 802.11 header,

encapsulates it with LWAPP, and sends it to the LAP, where it is decapsulated, and the

802.11 packet is delivered to the wireless client.

What is the master controller mode on WLC?

When there is a master controller enabled, all newly added access points with no primary,
secondary, or tertiary controllers assigned associate with the master controller on the same

subnet. This allows the operator to verify the access point configuration and assign primary,

secondary, and tertiary controllers to the access point using the All APs > Details page.

The master controller is normally used only when adding new access points to the Cisco

Wireless LAN solution. When no more access points are being added to the network, Cisco

WLAN solution recommends that you disable the master controller.

What is the function of WLAN on WLC?

WLAN is similar to that of SSID in the access points. It is required for a client to associate

with its wireless network. In order to configure a WLAN on a WLC, refer to the sample

configuration in the document Guest WLAN and Internal WLAN using WLCs Configuration

How does DHCP work with the WLC?

The WLC is designed to act as a DHCP relay agent to the external DHCP server and acts

like a DHCP server to the client. This is the sequence of events that occurs:

Generally, WLAN is tied to an interface which is configured with a DHCP server.

When the WLC receives a DHCP request from the client on a WLAN, it relays the

request to the DHCP server with its management IP address.

The WLC shows its Virtual IP address, which must be a non−routable address,

usually configured as 1.1.1.1, as the DHCP server to the client.

How do i change power & channels for a LAP?

Once a LAP registers to a WLC, all the configuration for a LAP is done on the WLC.

There is a built−in feature in WLC called RRM, wherein the WLC internally runs an
algorithm and automatically adjusts the channel and power settings as per the deployment
of

LAPs. RRM is turned on by default on the WLC. You need not change the channel and power

settings for a LAP, but you can override the RRM feature and statically assign power and

channel settings for a LAP.

What happens to the wireless network when I perform a software

upgrade? Do all the access points (APs) registered to a WLC go down
until they are upgraded, or are they upgraded one at a time so that
thewireless network can remain up?

Once the WLC is upgraded, it must be rebooted for the changes to take effect. Within this

time, connectivity to the WLC is lost. LAPs registered to a WLC lose their association to the

WLC, so service to the wireless clients is interrupted. When you upgrade the controller’s

software, the software on the controller’s associated access points is also automatically
upgraded.

Up to 10 access points can be concurrently upgraded from the controller. Do not power
down the controller or any access point during this process; otherwise, you might corrupt
the software image.

Can a Cisco IOS Software−based access point (AP) that has been
converted to lightweight mode register with Cisco 4100 Series WLCs?

No, Cisco IOS Software−based APs that are converted to lightweight mode cannot register
with the Cisco 40xx, 41xx, or 3500 WLCs. These lightweight APs (LAPs) can register only
with the Cisco 4400 and the 2000 series WLCs.

Is it possible to go back and make corrections in the WLC

configuration wizard at the time of the initial configuration?

Yes, this can be done with the − (hyphen) key. Use this key to re−enter the previous
parameter value.

With the “ Management via Wireless” feature enabled on WLCs in a

mobility group, I can only access one WLC from that mobility group,
but not all. Why?

This is an expected behavior. When enabled, the Management via Wireless feature allows a
wireless client to reach or manage only the WLC to which its associated access point is
registered. The client cannot manage other WLCs, even though these WLCs are in same
mobility groups. This is implemented for security, and recently was tightened down to just
the one WLC in order to limit exposure.

Is it possible to assign an integrated controller in a 3750 Switch and a

4400 wireless LAN controller within the same mobility group?

Yes, it is possible to create a mobility group between a Catalyst 3750 Switch with an
integrated controller and a 4400 WLC.

Are there any basic requirements to maintain when I use the

mobilityanchor feature in order to configure wireless LAN controllers
(WLCs) for guest access?

These are the 2 basic requirements that need to be maintained when you use mobility

anchor in order to configure WLCs for guest access.

The mobility anchor of the local WLC must point to the anchor WLC, and the

mobility anchor of the anchor WLC must point only to itself.

Note: You can configure configure redundant anchor WLCs. Local WLC uses them

in the order WLCs are configured.

Make sure you configure the same security policy for the service set identifier (SSID)

on both the local and anchor WLCs. For example, if the SSID is “guest” and you turn

on web authentication on the local WLC, make sure the same SSID and security

policy is also configured on the anchor WLC

If the WLCs in the same mobility group are separated by Network

Address Translation (NAT) boundaries, can they communicate
mobility messages with each other?

BEFORE VERSION 4.2

In controller software releases earlier than 4.2, mobility between controllers in the same
Mobility Group does not work if one of the controllers is behind a network address
translation (NAT) device.

Reason

Mobility message payloads carry IP address information about the source controller. This IP
address is validated with the source IP address of the IP header. This behavior poses a
problem when a NAT device is introduced in the network because it changes the source IP
address in the IP header.

AFTER VERSION 4.2

In controller software release 4.2 and later, the Mobility Group lookup is changed to use the

MAC address of the source controller. Because the source IP address is changed due to the

mapping in the NAT device, the Mobility Group database is searched before a reply is sent to

get the IP address of the controller that makes the request. This is done with the MAC
address

of the controller that makes the request.

Can we place the lightweight access point (LAP) under Network

Address Translation (NAT)? Does LWAPP from access point (AP) to
WLC work through NAT boundaries?

Yes, you can place the LAP under NAT. On the AP side, you can have any type of NAT
configured, but, on the WLC side, you can have only 1:1 (static NAT) configured. PAT cannot
be configured on the WLC side because LAPs cannot respond to WLCs if the ports are
translated to ports other than 12222 or 12223, which are meant for data and control
messages.

Can I place the Lightweight Access Point (LAP) under Network

Address Translation (NAT)? Does CAPWAP from access point (AP) to
WLC work through NAT boundaries?

Yes, you can place the LAP under NAT. On the AP side, you can have any type of NAT
configured. But on the WLC side, you can have only 1:1 (Static NAT) configured.

PAT cannot be configured on the WLC side because LAPs cannot respond to WLCs if the
ports are translated to ports other than 5246 or 5247, which are meant for control and data
messages.
Select the Enable NAT Address check box and enter the external NAT IP address if you want
to be able to deploy your Cisco 5500 Series Controller behind a router or other gateway
device that is using one−to−one mapping network address translation (NAT).

Can I upgrade the WLC from one major version to another directly?

You can upgrade or downgrade the WLC software only between two releases. In order to

upgrade or downgrade beyond two releases, you must first install an intermediate release.

We have finished our initial deployment of LAPs. When our clients

move from one end of the building to the other, they stay associated
with the AP to which they were closest. The clients do not appear to
be handed off to the next−closest AP until the signal strength from
the initial AP is completely depleted. why?

Coverage area of an AP is entirely controlled by the WLC. The WLC talks between its APs and
manages their signal strength on the basis of how each AP senses other APs. However the
client movement from one AP to other is entirely controlled by the client. The radio within
the client determines when the client wants to move from one AP to the other.

No setting on the WLC, AP, or the rest of your network can influence client’s decision to
roam to a different AP.

How do I prevent loops on the WLC?

You can enable STP on the WLC to prevent loops. From the WLC GUI click Controller, then
navigate to the Advanced submenu located on the left side of the application. Click the
Spanning Tree option, and choose Enable for Spanning Tree Algorithm located on the right
side of the application.

By default, STP need not be enabled to prevent loops

Is there any way to recover my password for WLC?

BEFORE VERSION 5.1

We don’t have any option.

AFTER VERSION 5.1

If you forget your password in WLC version 5.1 and later, you can use the CLI from the
controller’s serial console in order to configure a new user name and password. Complete
these steps in order to configure a new user name and password. After the controller boots
up, enter Restore−Password at the user prompt.
Note: For security reasons, the text that you enter does not appear on the controller
console.

At the Enter User Name prompt, enter a new user name.

At the Enter Password prompt, enter a new password.

At the Re−enter Password prompt, re−enter the new password.

The controller validates and stores your entries in the database.

When the User prompt reappears, enter your new username.

When the Password prompt appears, enter your new password.

The controller logs you in with your new username and password.

I have set up a guest Wireless LAN and the WLC is physically

separated from my internal LAN. I decided to use the internal DHCP
feature of this WLC but my wireless clients do not get IP addresses
from the WLC. How do the wireless guest users get IP addresses from
the WLC when they are connected on a physically separate network?

Check if the DHCP scope is enabled on the WLC. In order to check this, click the Controller
Menu and click Internal DHCP server from the left−hand side.

Generally, the DHCP server is specified on the interface, which maps to the WLAN.

Make sure that the management interface address of the WLC is specified as the

DHCP server on the interface that maps to the guest user WLAN. Alternatively, you

can enable the DHCP Server override option on the WLANs > Edit page and specify

the management interface address of the WLC in the DHCP server IP Addr field..
I have a 4400 Series WLC & LAPs registered to the WLC. I have
configured WLANs for the clients to connect on the WLC. The
problem is that the WLC does not broadcast SSIDs that I configured
for the WLANs. Why?

The Admin Status and the Broadcast SSID parameters are disabled by default. Complete
these steps in order to enable Admin Status and Broadcast SSID:

Go to the WLC GUI and choose Controller > WLANs. The WLANs page appears.

This page lists the WLANs that are configured. Select the WLAN for which you want to enable
broadcasting of the SSID and click Edit.

In the WLAN > Edit page, check Admin Staus in order to enable the WLAN. Also,

check Broadcast SSID in order to ensure that the SSID is broadcast in the beacon

messages sent by the AP.

Wireless LAN Clients associated with the lightweight access points

are not able to get IP addresses from the DHCP server. How do I
proceed?

The DHCP server for a client is usually marked on the interface, which maps to the WLAN to
which the client. Check if the interface is configured appropriately.

My 1131 lightweight access point (LAP) does not register with my

4402 wireless LAN controller (WLC). What can be the possible reason
for this?

One common reason is that the Lightweight Access Point Protocol (LWAPP) Transport Mode
is configured on the WLC. A 4402 WLC can operate in both Layer 2 and Layer 3 LWAPP
mode. Whereas, an 1131 LAP can only operate in Layer 3 mode. Layer 2 mode is not
supported on the 1131 LAP. So, if the WLC is configured with the LWAPP Transport Mode of
Layer 2, then your LAP does not join the WLC. In order to overcome this problem, change
the LWAPP Transport Mode of the WLC from Layer 2 to Layer 3. In order to change the
LWAPP Transport Mode using the GUI, go to the WLC page and locate the second selection in
the main field which is LWAPP Transport Mode. Change this to Layer 3 and reboot the WLC.
Now, your LAP is able to register with the WLC.

Why are our access points (APs) that are registered to other WLCs
that are in the same RF group shown as rogues?
This can be due to Cisco bug ID CSCse87066 ( registered customers only) . LWAPP APs in
the same RF group are seen as rogue APs by another WLC for one of these reasons:

The AP sees more than 24 neighbors. The neighbor list size is 24, so the 25th AP is
reported as a rogue.

AP1 can hear the client that communicates to AP2, but AP2 cannot be heard. Therefore, it
cannot be validated as a neighbor.

The workaround is to manually set the APs to known internal on the WLC and/or WCS.

Complete these steps on the WLC in order to manually set the APs to known internal:

1. Go to the WLC GUI and choose Wireless.

2. Click Rogue Aps in the left side menu.
3. From the Rogue−AP list, choose the specific access point and clickEdit.
4. From the Update Status menu, choose Known internal.
5. Click Apply. This bug is fixed in version 4.0.179.11.

we  have a couple of Access Control Servers (ACS) that authenticate

the wireless clients associated to wireless LAN controllers (WLCs).
One ACS acts as a primary authenticating server and the other as a
failover server. If the primary server fails, the WLC falls back to
secondary for authenticating the wireless clients. Once the primary
server comes back up, the WLC does not fallback to the primary
server. Why?

This is an expected behavior. These steps occur when a client is authenticated through the
WLC in multiple ACS deployments:

Upon boot up, the WLC determines the active ACS. When this active ACS does not respond
to the RADIUS request from the WLC, the WLC searches and makes a failover to the
secondary ACS.

Even when the primary ACS comes back up, the WLC does not fall back to it until the ACS to
which the WLC is currently authenticating fails.

In such cases, reboot the WLC in order for the WLC to identify the primary ACS again and
fallback to it. This fallback does not occur immediately after reboot. It might take some
time.

Share :
  Print


 Email
 Print and PDF
 SHARE



Loading...
Posted in WIRELESS, WIRELESS ASSESSMENT and tagged cisco wireless interview questions
and answers on December 3, 2014. 2 Comments

WIRELESS: INTERVIEW
QUESTIONS: BASIC
 
 
 
 
 
 
5 Votes

(more…)

Share :

 Print


 Email
 Print and PDF
 SHARE



Loading...
Posted in WIRELESS, WIRELESS ASSESSMENT and tagged cisco wireless interview questions
and answers, wireless questions on September 6, 2014. Leave a comment

BLOG STATS
 423,495 + VISITORS,2728+ MEMBERS,140+ POSTS, 112 COMMENTS

CATEGORIES

Categories                                                                                                 

MOST VIEWED RECENTLY

 OSPF: 21 TRICKY QUESTIONS

 VLAN, TRUNKING, VTP: INTERVIEW QUESTIONS
 TCS INTERVIEW: NOC ENGINEER, L2
 HSRP: INTERVIEW QUESTIONS
 SWITCHING SCENARIOS

RECENT POSTS

 FB DISCUSSIONS: CONGESTION ON LINK: CHECK, TROUBLESHOOT

& SOLUTION December 30, 2014
 OSPF NEIGHBORSHIP FLAPPING December 28, 2014
 LAYER 2 vs LAYER 3 BROADCAST December 23, 2014
 OSPF DISCARD ROUTE December 23, 2014
 WLC: UNDERSTANDING GUI: LIVE CONFIGURATION December 22, 2014

RECENT COMMENTS

vidya on BGP
CONCEPTS

sumit sharma on …

sumit sharma on …

vinay kumar on …

khurshid anwar
on VLAN, TRUNKING,
VTP: INTERVIEW…
Advertisements
REPORT THIS AD

” CALENDAR “

NOVEMBER 2021
M T W T F
1 2 3 4 5
 NOVEMBER 2021
M T W T F
8 9 10 11 12
15 16 17 18 19
22 23 24 25 26
29 30  
« Dec   
BLOG AT WORDPRESS.COM.
 Follow
 

Close and accept
Privacy & Cookies: This site uses cookies. By continuing to use this website, you
agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy