Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
647
Views
0
Helpful
5
Replies

WLC 5508 MESH AP Policies

Bradley Fox
Level 1
Level 1

‎11-05-2021 09:32 AM

I recently purchased some 1532 outdoor APs and could not for the life of me figure out how to get them registered with the WLC until I read a post that said I needed to add the AP's MAC address under Security, AAA, AP Policies.  Sure enough, this resolved my problem, but I'm now left wondering why I needed to add these APs and not any of the other hundreds of 2702 APs in my environment.

 

I suppose it's inconsequential, but I'd really like to know why this is required on the 1532 and not the 2702.  I understand it has something to do with the AP having a MESH image and being in bridge mode but do not understand this additional requirement.  Explanations would be greatly appreciated!  

0 Helpful
5 Replies 5

marce1000
VIP
VIP

‎11-05-2021 09:44 AM

 

 - Convert them to local and or capwap-mode first :

            https://community.cisco.com/t5/wireless-mobility-documents/converting-mesh-ap-to-local-mode-and-vice-versa-using-ap-cli/ta-p/3155865

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Bradley Fox
Level 1
Level 1
In response to marce1000

‎11-05-2021 09:47 AM

Thank you for this, however, I'm not looking for a solution on how to get them to join the WLC.  They are already all set and converted back to local mode.  I'm trying to understand the purpose behind adding their MAC to AP Policies when they are in bridge mode.

0 Helpful

marce1000
VIP
VIP
In response to Bradley Fox

‎11-05-2021 10:17 AM

 

 - FYI : https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ap_connectivity_to_cisco_wlc.html#ID1181

 >...

   A bridge mode (mesh) AP, must be authorized against AAA, in addition to its MIC or LSC authentication. For more information, see AAA Administration.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Bradley Fox
Level 1
Level 1
In response to marce1000

‎11-05-2021 10:22 AM

This still doesn't explain WHY they need additional authentication...

0 Helpful

marce1000
VIP
VIP
In response to Bradley Fox

‎11-06-2021 12:01 AM

 

 - I presume this is a security-must and or necessity  , for bridging ap's and or to prevent roque-bridging

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card