Cisco WIRELESS LAN CONTROLLER OL-17037-01 User Manual
Page 37
7-37
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 7 Controlling Lightweight Access Points
Cisco Workgroup Bridges
Note
See the sample WGB access point configuration in the
•
These features are supported for use with a WGB:
–
Guest N+1 redundancy
–
Local EAP
–
Open, WEP 40, WEP 128, CKIP, WPA+TKIP, WPA2+AES, LEAP, EAP-FAST, and EAP-TLS
authentication modes
•
These features are not supported for use with a WGB:
–
Cisco Centralized Key Management (CCKM)
–
Hybrid REAP
–
Idle timeout
–
Web authentication
Note
If a WGB associates to a web-authentication WLAN, the WGB is added to the exclusion
list, and all of the WGB wired clients are deleted.
•
The WGB supports a maximum of 20 wired clients. If you have more than 20 wired clients, use a
bridge or another device.
•
Wired clients connected to the WGB are not authenticated for security. Instead, the WGB is
authenticated against the access point to which it associates. Therefore, Cisco recommends that you
physically secure the wired side of the WGB.
•
With Layer 3 roaming, if you plug a wired client into the WGB network after the WGB has roamed
to another controller (for example, to a foreign controller), the wired client’s IP address displays
only on the anchor controller, not on the foreign controller.
•
If a wired client does not send traffic for an extended period of time, the WGB removes the client
from its bridge table, even if traffic is continuously being sent to the wired client. As a result, the
traffic flow to the wired client fails. To avoid the traffic loss, prevent the wired client from being
removed from the bridge table by configuring the aging-out timer on the WGB to a large value using
the following IOS commands on the WGB:
configure terminal
bridge
bridge-group-number aging-time seconds
exit
end
where bridge-group-number is a value between 1 and 255, and seconds is a value between 10 and
1,000,000 seconds. Cisco recommends configuring the seconds parameter to a value greater than the
wired client’s idle period.
•
When you delete a WGB record from the controller, all of the WGB wired clients’ records are also
deleted.
•
Wired clients connected to a WGB inherit the WGB’s QoS and AAA override attributes.