Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
931
Views
3
Helpful
7
Replies

To Enable Monitor Radio in CW9166 AP

madhurimuppalla
Level 1
Level 1

‎02-08-2024 09:26 PM - edited ‎02-08-2024 10:26 PM

Hi,

How to enable the Monitor Radio on the C9800-CL Wireless LAN Controller CLI or GUI, or the CW9166 Access Point CLI?

Labels:
0 Helpful
7 Replies 7

JPavonM
VIP
VIP

‎02-08-2024 11:39 PM

The monitoring radio is alway up and running collecting statistics.

But if you pretend to use it for monitoring wIPS alerts and perform Rogue management functions ONLY, you need to turn all the AP into Monitor mode.

madhurimuppalla
Level 1
Level 1
In response to JPavonM

‎02-09-2024 12:04 AM

Where can we verify whether the monitor radio is currently enabled on the C9800-CL Wireless LAN Controller or the CW9166 Access Point? and what steps are necessary to operate the Monitor Radio effectively?

0 Helpful

Rich R
VIP
VIP

‎02-11-2024 04:08 PM

The scanning radio is used for CleanAir Pro and Spectrum Analysis which you can check on the WLC and Catalyst Centre.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful

madhurimuppalla
Level 1
Level 1
In response to Rich R

‎02-12-2024 04:06 AM

@Rich R @JPavonM 

According to the Cisco 9166 Access point Deployment guide, we understand  that the scanning radio will check for rogue and wireless intrusion prevention system (WIPS) detection, packet capture, spectrum analysis, interference detection, Clean Air Pro, and other features.
Are there any CLI commands available to verify whether such functionalities are activated or not on the C9800 WLC or CW9166AP?

How can I activate them using the GUI or CLI commands if they aren't activated?

0 Helpful

JPavonM
VIP
VIP

‎02-12-2024 04:16 AM - edited ‎02-12-2024 04:17 AM

This is how to enable such features under Configuration>Profiles>AP Join>Security

JPavonM_1-1707739809291.png

And to check whether this is enabled or not on a especific AP, look for any rogue device (any neighbour AP) in the GUI under Monitoring>Wireless>Rogues (then click on one of them to get the AP that detects it and details):

JPavonM_2-1707739970853.png

JPavonM_3-1707740045116.png

Or through CLI:

sh wireless wps rogue ap summary
sh awips alarm detailed (and filter by your AP's radio MAC address)

 NOTE: aWIPS alerts are not seen in WLC GUI but on DNA-C.

madhurimuppalla
Level 1
Level 1
In response to JPavonM

‎05-19-2025 10:11 PM - edited ‎05-19-2025 10:25 PM

Hi @JPavonM @Rich R 
1. I’m currently observing multiple rogue AP entries under the Monitor > Rogues section in the C9800-CL GUI (running IOS-XE 17.15.1), many of which are marked as “Unclassified”.
-> Could you please clarify the operational significance of the rogue information within the controller?
-> Additionally, are there any automated actions taken by the WLC or AP based on this detection?
2. In case of a failure of the triband monitor radio antenna on a CW9166 AP (covering 2.4GHz, 5GHz, and 6GHz scanning).
-> How is this failure detected and reported? Is it identified by the AP or the controller, and is it visible through the GUI, CLI, or SNMP?

0 Helpful

JPavonM
VIP
VIP

‎05-19-2025 10:49 PM

1. Cisco WLC classify all neighbour wirelewss networks as rogue Unclassified, so no risk at all with them, and no actions are taken agains any external networks unless especifically configured by the admin, what is not recommended.

2. The 3rd radio in the AP allows to scan and apply countermeasures that you can configure under the WIPS section, but if it fails, the AP will continue scanning for neighbour networks with the radio interfaces used to manage rtraffic to/from clients if this is configured in the ap profile, like legacy APs like AP3800 do (unless Cisco would have modified the software on these APs with a dedicated monitor antenna to not to do that)

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card