Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1533
Views
0
Helpful
6
Replies

How to check OTAP is disabled or not.

kkonuru123
Level 1
Level 1

‎08-03-2016 04:55 PM - edited ‎07-05-2021 05:33 AM

Dear Tech Gurus,

Could you let me know how to check whether OTAP is disabled or not in WLC 5508.

If not disabled, how to disable it.

Regards,

KK

Labels:
0 Helpful
6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

‎08-03-2016 05:20 PM

Depends on the version of the firmware.  In 6.X, OTAP can be disabled using the command "config network otap disable".

If I remembered correctly, OTAP is no longer available in 7.X and later.

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to Leo Laohoo

‎08-05-2016 05:57 AM

Yea you shouldn't be using OTAP and if you're on code that supports it its time. Time to upgrade that is :)

Funny thing happen. I found a way to use OTAP to get the controller IP and then you could join the WLC to WCS. 

http://www.networkworld.com/article/2231987/cisco-subnet/are-you-vulnerable-.html

******************************************************************************

HTH

Please rate helpful post! 

www.my80211.com - Blog by a WiFi engineer for WiFi engineers

www.wifitraining.com/about-wifi/ - WiFi Training by hands on WiFi Engineers, Experts and Cisco Wireless VIPs 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

mohanak
Cisco Employee
Cisco Employee

‎08-03-2016 06:45 PM

The OTAP feature is enabled on the controller GUI from the controller General page or through the CLI with the config network otap-mode {enable | disable} command.

Note: This feature is disabled by default and should remain disabled when all access points are installed.

OTAP is no longer supported on the controllers with 6.0.196 code and above.

http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/100516-ustnd-otap.html

0 Helpful

kkonuru123
Level 1
Level 1

‎08-04-2016 08:37 AM

Thanks for replying. Auditor is asking to show whether the OTAP is disabled or not. 

How to check whether it is disabled or not.

Auditors need proof, so how ?

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to kkonuru123

‎08-04-2016 07:32 PM

Thanks for replying. Auditor is asking to show whether the OTAP is disabled or not. 

How to check whether it is disabled or not.

Auditors need proof, so how ?

What firmware is the controller running on?

0 Helpful

sbhadrav@cisco.com
Level 5
Level 5

‎06-04-2018 12:58 AM

The traffic MAY be encrypted as the APs have a factory cert installed. It has been a while and I cannot find any info to support the above statement, but I believe it is encrypted.

On the other hand, OTAP should be turned off in an established production environment per:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml

"You should have OTAP enabled only during AP provisioning intervals. After APs are deployed, disable OTAP as a deployment best practice. Also, Cisco Aironet LAPs (1130 AG, 1200, and 1240 AG series) ship from the factory with a stripped-down version of lightweight Cisco IOS® Software that is called the LWAPP Recovery Cisco IOS image. OTAP is not supported on those APs out-of-the-box that run LWAPP Cisco IOS Software. When you upgrade Cisco Aironet APs from autonomous Cisco IOS Software to lightweight mode, the LWAPP Recovery Cisco IOS image is the software that is loaded. The LWAPP Recovery Cisco IOS image does not support OTAP. In order to support OTAP, Aironet LAPs must first join a WLC in order to download a full LWAPP Cisco IOS image."

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card