Announcing WLCCA 4.0 beta, we are still working on several new features, but we would benefit from your feedback  to improve code quality for the final release

New Features:

* New RF Stats and RF Health navigation sections, grouped per functional unit (site, per WLC, per AP group, RF group and band)

* RF health feature  (still under development)

* Search Function

* Have the "Compensated Heard Power" in the TX Neighbors reflect the selected APs Transmit Power.

* Nearby  AP list per functional level (All Aps, per AP group, per Flex group)

* Add GUI support to report information if hotspot 2.0 is in use

* Controllers—> RF profiles.    Adding what the rx-sop and cca setting is for each profile

* 15 New Checks per AP

* 16 New General Checks

* 1 Modified check for Voice

* List of SSID per slot

* 8.1 MR1 support

* BYOD Checks (still under development, subject to change)

*Copy to Clipboard support on all tables

*Moved most table load operations to tree selection time

Fixes:

* Parsing of radius server list on some versions

* Support for nearby channel information on IOS-XE 3.6/3.7

* Controller Time Source Valid................... True -> this is not present on 7.0, so tool is falsing on the check    

* Some customers reported “all channels” false positive for monitoring

* Provide better message if password length can't be checked in 7.4

* possible error with msg_general_TPCMissmatch and {}, fixed

* Add WLCCA workaround for CSCuq34950 Monitor mode AP channel incorrectly displayed in sh run-config

* if no clients in RF summary for SNR/RSSI, display something (lab 7.6MR3 shows this for RF summary)

* Fix vWLC recommendation of AVC (not supported upto 8.0)

* Error parsing  allowed channel list in 5.0/2.4 in some conditions

* WLC RF summary: AP count incorrect when multiple controllers are loaded

* Error parsing flex source guard line in wlans

* Message 30081 changes to  "Enterprise: Load Balancing is a recommended best practice for enterprise environments with proper AP density"

* Bug on comparison across controllers, checks were not done due to loop error

* Exception  error if AP lacked current power

* Wrong slot used for in channel compensated calculation ID: 60011

* Error parsing mobility section if a switch peer group is present

** Additional Information **

Search function

The search function allows searching controllers, Aps and AP groups by their names or, in case of the Aps, by their IP address and MAC address.

The main search box is placed at the tool strip; the search starts after pressing enter. The results of the search will appear in a new window, displayed in a tree view.

Double clicking a result will show its information in the general information window and mark it in its tree view.

New Checks per AP

* if flex + LS, the vlan in use by AP should be tagged , ID: 20031

* Config error: warn if IDS legacy and WIPs submode are enabled at same time

* Warn on 11ac/11n radio + TKIP or WEP only ssid

* Warn if AP using channel not on DCA list

* TCP-MSS feature should be enabled. Suggest value 1300

* Add check for invalid IP address on AP prim/sec/ter

*Warn on 11ac/11n radio + TKIP or WEP only ssid, ID: 20026

* If 11n/11ac is disabled, and 40/80 MHz channel width is in use, generate warning, ID: 20027

* Warn if AP using channel is not on DCA list,  20028

*TCP-MSS feature should be enabled, ID: 20029

* AP: It is recommended to set the MSS size at 1300, ID 20040

*Config error: warn if IDS legacy and WIPs submode are enabled at same time, ID: 30110

* Check AP Containment for non-Monitor mode APs, 20032

* Check for invalid IP address on AP prim/sec/ter, ID: 20034

* Check for different VLANs on Flex group Aps, ID: 20035

New Checks  General

* Warn if  for mpdu aggregation is disabled, and version is 7.6 or 7.4.130 and higher (performance loss due to workaround for all bugs in aggregation scheduler) , , ID: 30105

* Detect 802.11v: Apple client not sending DMS delete after waking. Recommend to disable MFP infrastructure if 11v is enabled on wlan , ID: 30113

* There should NOT be a dynamic interface, on WLC1, which is in the same subnet as the mgmt. interface of WLC2 & vice-versa. Else control path will consistently never come up. Interface, ID: 30114

* Check RAID drive status in 8500/7500 , ID: 30115

* Check SN on WLC for certificate expiration, ID: 30117

* Best practices, NTP Servers, ID: 30119

* Warn if 11ac/11n disable and 40/80MHz, ID: 30104

* Warn if MPDU aggregation is disabled, ID: 30105

* Warn for Versions lower than 7.4.120 or 7.6.130, ID: 30106

*If DHCP proxy enabled on the interface but DHCP IP not configured then warn to have DHCP server IPs configured on that interface.,ID: 30107

* 2.4/5ghz Networks are disabled, ID: 30108

*Check if mDNS is configured, but snooping is disabled, ID: 30109

* DHCP proxy enabled for android DHCP issues, ID: 30111

* IPv6 AP Multicast/Broadcast Mode Unicast, ID: 30112

* Check if mobility multicast for routing dependencies, informational, ID: 30116

* Different Serial Number format. Certification Expiration Date cannot be calculated, ID: 30118

New checks Voice

* 801.p=5 is also valid  per new deployment guide

New checks Security

* If customer has any WLAN with WEP, (static or dynamic), it will be marked as not compliant, ID: 120017

* If customer has any EAP local policy with LEAP, it will marked as not compliant. ID: 120018

New Checks BYOD

(still under development, subject to change)

* SSID has Radius NAC enabled/disabled - this is used to allow Radius CoA between ISE and WLC, ID: 110001

* SSID has MAC filtering enabled/disabled - this is used e.g on CWA to do MAB for the client, ID: 110002

* SSID has AAA override enabled/disabled - this is needed e.g for dACL or VLAN assignment, ID: 110003

* SSID has 802.11r configured enabled/disabled - this is needed for client fast transition, , ID: 110003

* SSID has Session Timeout > 7200sec - Longer is better for AAA load up to a value of 86400 seconds for 802.1x SSIDs or 65535 seconds for open/CWA SSIDs, shorter is better from security point of view.  Do not leave the session timeout unset as ISE will remove "inactive sessions" after 5 days leading to a possible session miss-match between ISE and the WLC for long lasting connections.. , ID: 110005

* Check if Interim Accounting enabled/disabled - should be disabled to prevent unneeded accounting load on ISE Exception is for ISPs, which provide tracking on byte based services , ID: 110006

* SSID has Idle Timeout > 300 sec, , ID: 110007

* SSID has Client Exclusion < 180 sec - recommended value with ISE is 180 sec, to prevent misconfigured clients cause intensive radius traffic for ISE

* Verify Aggressive failover is enabled/disabled - it should be disabled to prevent WLC from pre-maturely mark ISE dead. However is based on customer needs and maybe still needs to be enabled. , ID: 110009

* Verify EAPOL Identity Request Retries < 10 retries, ID: 11010

* Verify EAPOL Request timeout < 3 sec , ID: 11011

* Config advanced EAP request-retries 10, ID: 11012

8.1MR1 Support

* NTP/Time Section Parsing

* TCP last run, parameters

* Mesh Parameters

* NeighborTimeoutFactor11a/11b as integer

* NeighborReportInterval11a/11b as integer

* Radius Extended SourcePorts Support , Radius Auth Framed MTU as integer

* Rogue Validate AP Against AAA, interval

* Clean Air Rogue Contribution11a/11b

* Clean Air Duty Cycle Threshold11a/11b

* Per port SFP type

* WLAN Tunnel Profile , Mu-Mimo, Lync State, ATF QoS support, Mobility Anchor list, BSS support, Flex AVC

* AP, mesh Daisy Chain, Strict BGN, ATF, Rogue detection, VLan Trunking, Antenna mode, LAG, Native Vlan

New GUI features

*AP Groups – WLANs Radio Policy

New Radio Policy column added in the grid AP Groups – WLANs. This column will show us the radio policy from the AP Groups. In case that the radio policy is “None”, the radio policy of the WLAN is added in brackets.

* Messages Activation List

The general check setting and audit settings have been migrated to the Message Activation List, where we have all the messages from the data base. In this new setting, is now possible to enable or disable any message.

Also, the data base is now saved in an XML file.

* Best Practices messages control

In the different types of best practices message grids it’s now possible to ignore the messages doing double click in the desired messages.

* TCP-MSS information

The TCP-MSS information it’s now displayed in the APs configuration grid.

* mDNS information

If the controller uses mDNS, the information will be displayed on the controller information tree.

*RAID Volume Status

RAID drives statuses are added in the general controller information grid.

*8.1 parsing in GUI

New information added to the general controller information grid:

               * Time

               * SSH Cipher-Option High

               * Network Profile

               * Mesh BH RRM

               * Mesh Aggressive DCA

               * Mesh Auto RF

               * Mesh Backhaul RRM

               * 802.11a/802.11b Neighbor Timeout Factor

               * 802.11a/802.11b Neighbor Report Interval

               * Rogue Contribution

               * Rogue Duty-Cycle Threshold

New columns added to the WLAN information grid:

               * Mu-Mimo

               * Tunnel Profile

               * ATF Policy

               * Lync State

               * Audio QoS Policy

               * Video QoS Policy

               * App Share QoS Policy

               * File Transfer QoS Policy

*Added GUI support to report information if NTP Servers are in use.

* New column added to the ports information grid: SFPType

* New columns added to the AP configuration grid:

               * Daisy Chaining

               * Strict-Matching BNG

               * ATF Mode

               * Rogue Detection

               * Vlan Trunking

               * Antenna Band Mode

               * LAG Configuration Status

               * LAG Support

               * Native Vlan Inheritance