172 CCNA Wireless Official Exam Certification Guide
■ Access points
■ Network unification
■ Network management
■ Network services
APs in the CUWN
Another type of device in a CUWN is a lightweight access point (AP). The lightweight AP
is controlled and monitored by the Cisco Wireless LAN Controller (WLC). The AP com-
municates using a special protocol called the Lightweight AP Protocol (LWAPP) to relay
information to the WLC about the coverage, the interference that the AP is experiencing,
and client data about associations, among other pieces of information. This is a manage-
ment type of communication, and via LWAPP it is encrypted. Client data is also sent in-
side these LWAPP frame headers. Client data travels from the wireless space to an AP, and
then through a WLC and off to the rest of the network. When client data is encapsulated
into an LWAPP header, you have not only the data, but also information about the Re-
ceived Signal Strength Indicator (RSSI) and signal-to-noise ratio (SNR). The WLC uses this
information to make decisions that can improve coverage areas.
WLCs in the CUWN
A single WLC can manage from six to 300 access points. You can create groupings of
controllers for more scalability. This type of network could easily get out of hand if you
had more than 300, 600, or 900 APs. In cases such as this, a WCS application can manage
a number of controllers as well as a location appliance that can help track where devices
are in the network.
Note: There is obviously more to the solution that what has been discussed in this sec-
tion. For more information on the Unified Wireless Solution, visit />go/wireless. This is the home page for the Cisco Unified Wireless Network. Here you can
dig into the white papers, configuration guides, and much more.
The major point to understand is that in the CUWN, the AP uses LWAPP to exchange
control message information with the controller. Client data is also encapsulated into
LWAPP between the AP and the controller. The controller then forwards the data frames
from those wireless clients to the wired network to get that traffic back and forth.
Features of the Cisco Controllers

One of the implemented designs of the Cisco Wireless LAN Controllers is the split MAC
design. This means that you split 802 protocols between the controller and the APs. On
one side, the APs handle the real-time portion and time-sensitive packets. On the other
side, the controller handles the packets that are not time-sensitive.
The AP handles the following operations:
■ Frame exchange and the handshake between clients
Key
Topi
c
12_1587202115_ch10.qxp 9/29/08 2:40 PM Page 172
Chapter 10: Cisco Wireless Networks Architecture 173
■ Transmits beacons
■ Buffers and transmits the frames for clients that are in power-save mode
■ Sends responses to probe requests from different clients on the network
■ Forwards notifications of received probe requests to the controller
■ Provides real-time quality information to the controller
■ Monitors all channels for noise and interference
The controller handles pretty much everything else. Remember that the controller handles
packets that are not considered time-sensitive. This includes the following:
■ Association
■ Reassociation when you have clients that are roaming
■ The authentication process
■ Frame translation
■ Frame bridging
Part of the control traffic that is sent back and forth via LWAPP is information that pro-
vides radio resource management (RRM). This RRM engine monitors the radio resources,
performs dynamic channel assignments, provides detection and avoidance of interference,
and provides the dynamic transmit power control (TPC) that was discussed in Chapter 1,
“Introduction to Wireless Networking Concepts.” Also, whenever coverage holes (such as
when one AP goes down) are detected by another access point, the controller can actually

adjust power settings on other APs in the area to correct the coverage hole.
LWAPP can operate in two modes:
■ Layer 2 LWAPP mode: This mode deals only with MAC addresses. This makes
sense, because this is the only type of addressing at Layer 2. In Layer 2 mode, the AP
needs to be in the same subnet as the controller and hence does not provide much
flexibility for large customer installations.
■ Layer 3 LWAPP mode: When operating in Layer 3 mode, the LWAPP can see and
use Layer 2 addresses (MAC addresses) and Layer 3 addresses (IP addresses). Layer 3
mode LWAPP allows the network administrator to place APs in different subnet
boundaries, and the protocol traverses those boundaries.
Supporting Multiple Networks
Previous chapters discussed that an AP can actually advertise multiple SSIDs, which lets
the AP offer guest access as well as corporate user access and maybe even access for wire-
less IP phones. Each Wireless LAN Controller actually can support 512 different VLAN
instances. Remember that on the connection between the AP and the Wireless LAN Con-
troller, all your wireless client data is passed via the LWAPP tunnel as it travels toward the
wired domain.
12_1587202115_ch10.qxp 9/29/08 2:40 PM Page 173
174 CCNA Wireless Official Exam Certification Guide
To review, recall that an SSID exists only in the wireless space. An SSID is then tied to a
VLAN within the controller. Each lightweight AP can support 512 different VLANs, but
you don’t very often see that many on one AP.
On the other hand, your Wireless LAN Controller can have up to 16 wireless LANs
(WLAN) tied to each AP. Each WLAN is assigned a wireless LAN identification
(WLANID) by the controller. This is a number between 1 and 16, and you don’t get to
choose which one to use.
So, now you have a WLAN that brings together the concept of an SSID on the wireless
space and a VLAN on the wired space. By having separate WLANs, you can assign differ-
ent quality-of-service (QoS) policies to the type of traffic encountered on each of them.
An example of this would be to have a WLAN for IP Phones and a different WLAN for

regular network users.
Each AP supports up to 16 SSIDs; generally, one SSID is mapped to one VLAN. With that
said, even though a Wireless LAN Controller can support up to 512 VLANs per AP, you
see a maximum of only 16 VLANs in most situations.
The CUWN Architecture
The Cisco Unified Wireless Network defines a total of five functional areas or intercon-
nected elements, as shown in Figure 10-2.
The five elements or components all work together. It’s no longer about point products, where
you can buy a standalone AP and deploy it and then later get management software to handle
it. Today it is all about everything working together to create a smarter, more functional net-
work. To illustrate how it all comes together, consider a Cisco wireless network. This type of
network includes the following wireless clients (the first component of the CUWN):
■ Cisco Aironet client devices
■ Cisco-compatible client devices (not necessarily Cisco products, but still compatible)
■ Cisco Secure Services Client (SSC)
The client devices get a user connected.
The second component, the access point, is dynamically managed by your controllers,
and they use LWAPP to communicate. The AP bridges the client device to the wired net-
work. A number of APs that could be discussed here are as follows:
■ The 1130AG
■ The 1240AG
■ The 1250AG
■ The 1300 series bridge
■ The 1400 series bridge
■ The 1500 series outdoor mesh
12_1587202115_ch10.qxp 9/29/08 2:40 PM Page 174
Chapter 10: Cisco Wireless Networks Architecture 175
Cisco WCS
Supporting
Devices

(ASA, PIX,
Routers,
Switches, IDS)
44xx Series
WLC
1130AG
Covered in
Chapter 16
WCS Navigator
3750G WLAN
Controller Switch
1240AG
Location
Appliance
Cisco
WiSM
1250AG
Cisco 2106
WLC
1300 Series
Bridge
Cisco
WLCM
1400 Series
Bridge
1500 Series
Outdoor Mesh
Network
Management
Network

Services
Network
Unification
CUWN Functional Areas
Access
Points
Wireless
Clients
Figure 10-2 CUWN Architecture
Each of these access points is discussed in further detail in the section “Access Points.”
The next functional area of the CUWN architecture—network unification—is the module
that includes your controllers, including the following:
■ The 6500 series Catalyst switch Wireless Services Module (WiSM)
■ Cisco Wireless LAN Controller module (WLCM)
■ Cisco Catalyst 3750 series integrated WLC
■ Cisco 4400 series WLC
■ Cisco 2000 series WLC
Key
Topi
c
12_1587202115_ch10.qxp 9/29/08 2:40 PM Page 175
176 CCNA Wireless Official Exam Certification Guide
The next functional area of the CUWN architecture—network management—is provided
by the Cisco wireless control module.
The final functional area of the CUWN architecture—network services—includes every-
thing else: the self-defending network, enhanced network support, such as location serv-
ices, intrusion detection and prevention, firewalls, network admission control, and all
those other services.
Those are the five functional areas of the CUWN. The following sections highlight the
topics that you will want to be the most familiar with for the CCNA Wireless exam.

Client Devices
The Cisco wireless clients are covered in Chapter 16, “Wireless Clients,” in greater detail.
However, it is still good to understand what is available. When you are on a Cisco wireless
network, you can actually use most vendors’ wireless clients. Cisco provides wireless soft-
ware called the Aironet Desktop Utility (ADU). The ADU is specifically used to manage
and configure the Cisco wireless cards. Those wireless cards are discussed in more detail
in Chapter 16. There is a cardbus version as well as a PCI version. In addition to the ADU,
another client called the Secure Services Client (SSC) can help you configure security pro-
files for wired and wireless use on a Cisco network.
Access Points
As previously mentioned, there are two types of access points:
■ Autonomous APs
■ Lightweight APs
Some APs are built into modules and deployed in ISR routers at branch sites; other APs
are deployed as just standalone devices. Cisco APs are known to offer the best range and
throughput in the industry, as well as a number of security features that you do not find
with other vendors.
Cisco APs offer multiple configuration options. Some of them support external antennas,
some support internal antennas, and some are to be deployed outdoors. Still others are de-
signed to be deployed indoors. Some APs are designed to be implemented for wide-area
networking and bridging purposes and, while operating as a bridge, may also allow client
connections. The point is that Cisco APs can serve a number of purposes.
The benefit of the CUWN APs is that they are zero-touch management, assuming that
Layer 2 connectivity is already in place. As soon as they are plugged in and powered on,
you don’t have to do anything else at the AP level. The models that you need to be familiar
with for the CCNA Wireless exam include the 1130AG, 1240AG, 1250AG, 1300, and
1400 series wireless bridges.
Note: Currently, the 1400 series bridge cannot be managed by the controller and is not
considered an AP.
Key

Topi
c
12_1587202115_ch10.qxp 9/29/08 2:40 PM Page 176
Chapter 10: Cisco Wireless Networks Architecture 177
Courtesy of Cisco Systems, Inc. Unauthorized use not permitted.
Figure 10-3 Cisco 1130AG Series AP
The 1130, 1240, and 1250 can be both autonomous and lightweight APs. Whereas the
1300 and 1400 series are designed to operate as bridges, the 1300 series can also sup-
port wireless clients. In turn, the 1400 series supports bridging only. Another model is
the outdoor mesh 1500 series, which supports only LWAPP, so that would be designed
for a lightweight scenario only.
Cisco is known for being ahead of the curve. That’s where the special functionality of the
1250AG comes in. The 1250AG is one of the first access points to support the 802.11n
draft version 2.0 standard and is the basis for all 802.11 Wi-Fi interoperability testing. For
a client vendor to get the v2.0 stamp of approval, it must be validated against the 1250,
and the 1250 is the only AP used during this validation.
The 1130AG
The 1130AG, shown in Figure 10-3, is a dual-band 802.11 a/b or g AP that has integrated
antennas.
The 1130AG can operate as a standalone device or in lightweight AP mode. It also can op-
erate as a Hybrid Remote Edge AP (H-REAP) device. An H-REAP device operates on the
far side of a WAN, and its controller is back at the core site.
The 1130AG is 802.11i/WPA2-compliant, and it has 32 MB of RAM and 16 MB of flash
memory. The 1130 AP typically is deployed in office or hospital environments. Naturally,
the internal antennas do not offer the same coverage and distance as APs that are designed
12_1587202115_ch10.qxp 9/29/08 2:41 PM Page 177
178 CCNA Wireless Official Exam Certification Guide
Courtesy of Cisco Systems, Inc. Unauthorized use not permitted.
Figure 10-4 Cisco 1240AG Series AP
for external antennas. Consider the 1130s. They have 3 dB gain and 4.5 dB gain for the

2.4- and 5-GHz frequencies, respectively. If you were to compare the 1131 to the 1242
with the 2.2 dipole antennas, you would see a larger coverage area than with the 1242.
The 1240AG
The 1240AG series AP, shown in Figure 10-4, is also a dual-band 802.11 a/b or g device,
similar to the 1130AG; however, it supports only external antennas.
Those external antennas would connect using the RP-TNC connectors. The 1240AG can
operate as an autonomous AP and in lightweight AP mode. Like the 1130AG, it also can
operate in H-REAP mode. It too is 802.11i/WPA2-compliant.
The 1250 Series AP
Shown in Figure 10-5, the 1250 series AP is one of the first enterprise APs to support the
802.11n draft version 2.0.
Because it supports the 802.11n draft standard, you can get data rates of about 300 Mbps
on each radio and the 2-by-3 multiple input and multiple output technology. The 2-by-3 is
discussed in Chapter 6, “Overview of the 802.11 WLAN Protocols.” Also, because the
1250 is modular, it can easily be upgraded in the field. It operates in controller-based and
standalone mode and is also 802.11i/WPA2-compliant.
The 1250 is designed for a more rugged type of indoor environment. You might see this at
more hazardous locations such as packaging plants, or in situations where you might need
12_1587202115_ch10.qxp 9/29/08 2:41 PM Page 178
Chapter 10: Cisco Wireless Networks Architecture 179
Courtesy of Cisco Systems, Inc. Unauthorized use not permitted.
Figure 10-5 Cisco 1250 Series AP
to place an antenna in a hazardous location and the AP elsewhere. You might see this type
of AP in factories and hospitals. It has 64 MB of DRAM and 32 MB of flash memory. It
has 2.4-GHz and 5-GHz radios.
The 1300 Series AP/Bridge
The Cisco Aironet 1300 series outdoor access point/bridge, shown in Figure 10-6, is de-
signed to act as an AP for clients as well as act as a bridge.
The 1300 operates in only 802.11b or g modes because it does not have a 5-GHz radio. It
has a NEMA-4-compliant enclosure, so you can deploy it in an outdoor environment and

it can withstand the elements.
The 1300 series is available in two versions—one with integrated antennas and one with
antenna connectors so that you can add your own antennas to it. The connectors would be
2.4-GHz antennas, because the 1300 series does not support 802.11a.
You would expect to find the 1300 series on a college campus in a quad-type area with
outdoor users or mobile clients. You might also see it in public settings, such as a park, or
as a temporary type of network access for a trade show. The 1300 requires a special power
supply, provided and shipped by Cisco when the product is purchased. The power supply
provides power to the 1300 via coaxial. You should place it indoors or at least in an enclo-
sure to protect it, because it is not NEM-4-compliant. The 1300 is a very good point-to-
point and point-to-multipoint bridge that can be used to interconnect buildings and to
connect buildings that do not have a wired infrastructure in place.
12_1587202115_ch10.qxp 9/29/08 2:41 PM Page 179
180 CCNA Wireless Official Exam Certification Guide
Courtesy of Cisco Systems, Inc. Unauthorized use not permitted.
Figure 10-6 Cisco 1300 Series AP
The 1400 Series Wireless Bridge
The Cisco Aironet 1400 series wireless bridge, shown in Figure 10-7, is designed for
outdoor environments.
It has a rugged enclosure that can withstand the elements. It is designed for point-to-point
or point-to-multipoint networks. It can be mounted on poles, walls, or even roofs. You can
also change the polarization, which, depending on how the wireless bridge is mounted,
could be a very important aspect of deploying this wireless bridge. As far as the antennas
go, it has a high-gain internal radio, and you can also get a version of this hardware that al-
lows you to do a professional installation of radios with N-type connectors. This means
that you can actually connect a high-gain dish. The 1400 series does not support LWAPP
and operates only in standalone mode.
Note: Currently the 1400 series bridge cannot be managed by the controller and is not
considered an AP.
Cisco Access Point Summary

Table 10-2 summarizes the Cisco APs.
12_1587202115_ch10.qxp 9/29/08 2:41 PM Page 180
Chapter 10: Cisco Wireless Networks Architecture 181
Courtesy of Cisco Systems, Inc. Unauthorized use not permitted.
Figure 10-7 Cisco 1400 Series AP
Table 10-2 Summary of Cisco APs
AP
Modes
Supported
Environment
Antennas
Supported
802.11
Protocols
Supported
Max Data
Rates
Supported
1130AG Autonomous/
lightweight
AP.HREAP
Indoor Integrated a/b/g 54 Mbps
1240AG Autonomous/
lightweight
AP.HREAP
Rugged
Indoor
External a/b/g 54 Mbps
1250 AP Autonomous/
lightweight AP

Rugged
Indoor
External a/b/g/n 300 Mbps
1300
AP/bridge
Autonomous/
lightweight
AP, bridge
Outdoor Internal or
External
b/g 54 Mbps
1400 Bridge only
(not an AP)
Outdoor Internal or
External
a/b/g N/A
Wireless LAN Controllers
The entire design of the Wireless LAN Controllers is for scalability. The communication
between a lightweight AP can happen over any type of Layer 2 or Layer 3 infrastructure
using LWAPP. There are integrated controller platforms designed for installation in
switches. The 3750-G actually comes as an integrated 2RU switch with either a 25 or 50
AP controller, as well as the WiSM and the WLCM. These are both modular controllers
12_1587202115_ch10.qxp 9/29/08 2:41 PM Page 181