Chapter 27: Analyzing Cisco Wireless Architecture

Question 1

What is the name of a Cisco wireless access point that operates in standalone, independent manner?

Answer 1

Autonomous AP

Question 2

How do you describe the Cisco Meraki cloud-based APs?

Answer 2

Autonomous APs centrally managed.

Question 3

In what architecture does A lightweight access point participate in?

Answer 3

Split-MAC

Question 4

How does a lightweight access point communicate with a wireless LAN controller?

Answer 4

Through a CAPWAP tunnel

Question 5

If we have a lightweight AP in default local mode, do we need a trunk link carrying three VLANs in order to be able to support therr SSIDs that are bound to three VLANs?

Answer 5

No

Question 6

What is the best WLC deployment model for a large enterprise with around 3000 lightweight APs?

Answer 6

Unified

Question 7

If a lightweight AP provides at least one BSS for wireless clients, which mode is it using?

Answer 7

Local

Question 8

What is the default mode for a lightweight AP?

Answer 8

The Local mode

Question 9

In a wireless cloud-based architecture, do the Data transmission between the wireless devices need to be passed to the cloud?

Answer 9

No, the cloud central console is only used to bring management functions into the data plane.

Question 10

What is a control plane in wireless networks?

Answer 10

It is the Traffic used to control, configure, manage and monitor the AP itself

Question 11

What is a data plane in wireless networks?

Answer 11

It is End-user traffic passing through the AP

Question 12

What is a lightweight AP?

Answer 12

It is an AP that only handles the real-time 802.11 operation. All the management, control, QoS. monitor and security functions are now centrally administrated

Question 13

Why does the Split-MAC architecture need CAPWAP?

Answer 13

The Control and Provisioning of Wireless Access Points (CAPWAP) tunneling protocol encapsulates the data between the LAP and WLC within new IP packets. The tunneled data can then be switched or routed across the campus network.

Question 14

CAPWAP consists of two separate tunnels, What are they?

Answer 14

• CAPWAP control messages: used to configure the AP and manage its operation. (encrypted)
• CAPWAP data: Used for packets traveling to and from wireless clients that are associated with the AP.
  (not encrypted by default)

Question 15

Which port do CAPWAP control and data use respectively?

Answer 15

CAPWAP control : UDP 5246

CAPWAP data : UDP 5247

Question 16

How can we assure that no one can add an unauthorized AP to the Wireless network managed by WLC?

Answer 16

Every AP and WLC must authenticate each other with digital certificates. An X.509 certificate is preinstalled in each device when it is purchased.

Question 17

How many APs can a WLC support in different deployment scenarios?

Answer 17

• In a centralized (Unified) WLC 6000 APs
• In a Cloud-based (VM) WLC 3000 APs
• In an Embedded WLC 200 APs
• In Cisco Mobility Express WLC 100 APs

Question 18

What is an Embedded WLC?

Answer 18

It is a WLC that share the same hardware with another device as a switch for example.

Question 19

What is a Cisco Mobility Express WLC?

Answer 19

It is an AP that also operates as a WLC.

Question 20

Name the modes a lightweight cisco AP can operate with.

Answer 20

a. Local
b. Monitor
c. FlexConnect
d. Sniffer
e. Rogue detector
f. Bridge
g. Flex+Bridge
h. SE-Connect

Question 21

What does an AP with Monitor mode active do?

Answer 21

The AP does not transmit at all, but its receiver is enabled to act as a dedicated sensor.

Question 22

What does an AP with FlexConnect mode active do?

Answer 22

An AP at a remote site can locally switch traffic between an SSID and a VLAN if its CAPWAP tunnel to the WLC is down and if it is configured to do so.

Question 23

What does an AP with Sniffer mode active do?

Answer 23

An AP dedicates its radios to receiving 802.11 traffic from other sources, much like a sniffer or packet capture device. The captured traffic is then forwarded to a PC running network analyzer software such as Wildpackets OmniPeek or WireShark, where it
can be analyzed further.

Question 24

What does an AP with Rogue detector mode active do?

Answer 24

An AP dedicates itself to detecting rogue devices by correlating MAC addresses heard on the wired network with those heard over the air. Rogue devices are those that appear on both networks.

Question 25

What does an AP with Bridge mode active do?

Answer 25

An AP becomes a dedicated bridge (point-to-point or point-to-multipoint) between two networks. Two APs in bridge mode can be used to link two locations separated by a distance. Multiple APs in bridge mode can form an indoor or outdoor mesh network.

Question 26

What does an AP with Flex+Bridge mode active do?

Answer 26

FlexConnect operation is enabled on a mesh AP.

Question 27

What does an AP with SE-Connect mode active do?

Answer 27

The AP dedicates its radios to spectrum analysis on all wireless channels. You can remotely connect a PC running software such as MetaGeek Chanalyzer or Cisco Spectrum Expert to the AP to collect and analyze the spectrum analysis data to discover sources of interference.