display the Maps page. Step 5 From the Select a command drop-down list, choose New Campus, and then click OK to display the New Campus page. Step 6 On the New Campus page, enter the campus name and campus contact information. Step 7 Choose Browse to search for and select the campus graphic name. Step 8 Check the Maintain Aspect Ratio check box to prevent length and width distortion when Cisco WCS resizes the map. Step 9 Enter the horizontal span and the vertical span of the map in feet. The campus horizontal span and vertical span should be larger than any building or floor plan that may be added to the campus. Step 10 Click OK to add the campus map to the Cisco WCS database. Cisco WCS displays the Maps page, which lists maps in the database, map types, and campus status.
Content 6.4 Deploying Cisco WCS 6.4.5 Adding New Building to the Cisco WCS Database You can add buildings to the Cisco WCS database whether or not you have added maps or campuses to the database. Follow these steps to add a building to a campus in the Cisco WCS database as shown in Figure : Step 1 Choose the Monitor tab. Step 2 Choose Maps to display the Maps page. Step 3 Choose the desired campus. Cisco WCS displays the Campus page. Step 4 From the Select a command drop-down list, choose New Building, and then click Go to display the New Building page. Step 5 On the New Building page, follow these steps to create a virtual building to organize related floor plan maps:
  1. Enter the building name.
  2. Enter the building contact name.
  3. Enter the number of floors and basements.
  4. Enter an approximate building horizontal span and vertical span (width and depth on the map) in feet. These numbers should be as large as or larger than any floors that you might add later.
Tip
You can also press Ctrl-Left-Select to resize the bounding area in the upper-left corner of the campus map. As you change the size of the bounding area, the Building Horizontal Span and Vertical Span parameters vary to match your changes. Step 6 Choose Place to put the building on the campus map. Cisco WCS creates a building rectangle scaled to the size of the campus map. Step 7 Select the building rectangle and drag the rectangle to the desired position on the campus map. Step 8 Choose Save to save the building definition and campus location in the database. Cisco WCS saves the building name in the building rectangle on the campus map. Note that there will be a hyperlink associated with the building that takes you to the corresponding Maps page.
Content 6.4 Deploying Cisco WCS 6.4.6 Rogue Access Point Detection When the lightweight access points on your WLAN are powered up and associated with controllers, Cisco WCS immediately starts listening for rogue access points. When the Cisco Wireless LAN Controller detects a rogue access point, the controller immediately notifies Cisco WCS, which creates a rogue access point alarm. Figure shows that WCS located 93 rogue access points. When Cisco WCS receives a rogue access point message from a Cisco Wireless LAN Controller, an alarm indicator appears in the lower-left corner of all Cisco WCS user interface pages. Select the indicator to display the Rogue AP Alarms page. Figure shows a representative Rogue AP Alarms page that lists the severity of the alarms, the rogue access point MAC addresses, the rogue access point types, the owners (Cisco WCS operators), the date and time when the rogue access points were first detected, the channel numbers the access points are broadcasting on, and the access point service set identifiers (SSIDs). The four boxes at the bottom of the page represent the drop-down menus you can access from the Alarm panel on the left. They represent the “Severity,” “Alarm Category,” “Rogue AP State,” and “Search all APs by” menus. On this page, you can highlight one or more entries by checking the desired check boxes and choosing one of the following commands from the Select a command drop-down list to apply to all selected rogue access point alarms: Assign to Me, Unassign, Delete, Clear, or Email Notification. To see more rogue access point information, click any link in the Rogue MAC Address column to display the associated Alarms > Rogue AP MAC Address page.
Content 6.4 Deploying Cisco WCS 6.4.7 Rogue Access Point Location On the Rogue AP MAC Address page, choose Map to display the currently calculated rogue access point location on the Maps > Building Name > Floor Name page. If you are using Cisco WCS Location, Cisco WCS compares the RSSI signal strength from two or more access points to find the most probable location of the rogue access point and places a small skull-and-crossbones indicator at the most likely location. Cisco WCS Base (without the Location option) relies on RSSI signal strength from the rogue access point and places a small skull-and-crossbones indicator next to the access point receiving the strongest RSSI signal from the rogue unit. Figure shows the floor plan that Cisco WCS displays. To acknowledge known rogue access points, navigate to the Rogue AP Alarms page. Right-click the rogue access point (red, unknown) that you want to acknowledge and choose Set State to ‘Known Internal’ or Set State to ‘Known External.’ In either case, Cisco WCS removes the red rogue access point entry from the Alarms page.
Content 6.5 Configuring Encryption and Authentication on Lightweight Access Points 6.5.1 Configuring Open Authentication This lesson uses the Cisco Wireless LAN Controller GUI to configure encryption and authentication. This first topic configures open authentication. Open authentication is used when no authentication or encryption is desired. This is normal for a “guest” implementation for visitors or hot-spot applications. For existing wireless LANs (WLANs), choose WLANs, and then Edit, to navigate to this page. For new WLANs, create a new WLAN by choosing WLANs > New, and then click Apply to navigate to this page. This page allows you to edit the configurable parameters for a WLAN . The default authentication method for a new WLAN is 802.1x, which will be displayed. The reason for setting this parameter as the default is to protect against accidental open authentication. The next step is to change the value in the Layer 2 Security drop-down list under the Security Policies heading from 802.1x to None. Ensure that both the Layer 2 and Layer 3 Security fields are set to None. Note
Depending on the security policy options selected, the bottom of the page will change to reflect the appropriate security parameters.
Content 6.5 Configuring Encryption and Authentication on Lightweight Access Points 6.5.2 Configuring Static WEP Key Authentication For existing WLANs, choose WLANs, and then Edit, to navigate to this page. For new WLANs, create a new WLAN by choosing WLANs > New, and then click Apply to navigate to this page. This page allows you to edit the configurable parameters for a WLAN . Choose Static WEP from the Layer 2 Security drop-down list under the Security Policies heading. The bottom of the screen will update to show the static Wired Equivalent Privacy (WEP) options with the appropriate parameters listed. The static WEP encryption parameters are as follows: Note
One unique WEP key index can be applied to each WLAN. Because there are only four WEP key indexes, only four WLANs can be configured for static WEP Layer 2