282 CCNA Wireless Official Exam Certification Guide
multiaccess point management. On top of the basic transport layer, the controller sup-
ports Cisco Secure Guest Access and Voice-over-WLAN advanced mobility services. As
part of the Smart Business Communications System, this controller is managed by the
Cisco Configuration Assistant, easing deployment and decreasing the cost of ongoing
maintenance. A single Cisco 526 controller supports up to six Cisco 521 access points,
and up to two controllers can be deployed per network, delivering the capacity, simplicity,
and price point that is appropriate for the SMB.
1
The Cisco 526 Wireless Express controller supports the following features:
■ Secure network access for guest users
■ Support for Cisco voice-over-WLAN optimization
■ Easy management with CCA
■ Support for Cisco LWAPP
■ Support for up to six access points per controller and up to 2 controllers per network,
for a total of 12 access points
■ Multiaccess point RRM
■ Support for a wide range of authentication mechanisms to enable scalable security ar-
chitectures and minimize security interoperability issues (WEP, MAC filtering, WPA,
WPA2, WebAuth, 802.1X, and EAP)
■ Wired/wireless network virtualization
Comparing the Cisco Mobility Express Architecture to the CUWN
When you compare the Cisco Mobility Express Architecture to the Cisco Unified Wire-
less Network, you will find that the model is similar; however, the protocols are different.
The Mobility Express solution does not use the full enterprise class version of LWAPP;
rather, it uses a subset of LWAPP. In addition, the Cisco 521 AP cannot communicate with
CUWN wireless LAN controllers. Likewise, the Cisco 526 cannot communicate with APs
from the 1100 series or higher. The 526 supports control of up to 12 APs in a small net-
work.
Configuring the 521 AP and 526 Controller
In general, you can configure the Mobility Express solution in three ways, none of which

are performed on the AP. You do not even need to directly access the AP. Instead, on the
controller itself, use either the CLI, which is normally used for basic setup and initializa-
tion, or the web interface. After a basic setup on the controller, you can use the Configu-
ration Assistant management tool. Each of these methods is discussed in the following
sections.
Using the CLI to Configure the Controller
To configure the Cisco Mobility Express solution, you need a console connection to the
Cisco 526. You do not need to do anything on the AP because the controller takes care of
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 282
Chapter 15: Cisco Mobility Express 283
it. After you have a console connection, you can power on the device and view the boot
process. In Example 15-1, notice that if you press the Esc key, you are presented with
multiple boot options. The normal selection is to run the primary image.
Example 15-1 Booting the Cisco 526 Controller
Booting Primary Image
Press <ESC> now for additional boot options
Boot Options
Please choose an option from below:
1. Run primary image (Version 4.2.61.8) (active)
2. Run backup image (Version 4.1.154.22)
3. Manually upgrade primary image
4. Change active boot image
5. Clear Configuration
Please enter your choice:
Continuing with the boot process, Example 15-2 shows the tests that are performed as the
device initializes.
Example 15-2 Tests During the Boot Process
CISCO SYSTEMS
Embedded BIOS Version 1.0(12)6 08/21/06 17:26:53.43
Low Memory: 632 KB

High Memory: 251 MB
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 01 00 1022 2080 Host Bridge
00 01 02 1022 2082 Chipset En/Decrypt 11
00 0C 00 1148 4320 Ethernet 11
00 0D 00 177D 0003 Network En/Decrypt 10
00 0F 00 1022 2090 ISA Bridge
00 0F 02 1022 2092 IDE Controller
00 0F 03 1022 2093 Audio 10
00 0F 04 1022 2094 Serial Bus 9
00 0F 05 1022 2095 Serial Bus 9
Evaluating BIOS Options
Launch BIOS Extension to setup ROMMON
Cisco Systems ROMMON Version (1.0(12)7) #2: Fri Oct 13 10:52:36 MDT 2006
continues
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 283
284 CCNA Wireless Official Exam Certification Guide
Platform AIR-WLC526-K9
Launching BootLoader
Cisco Bootloader (Version 4.0.191.0)
.o88b. d888888b .d8888. .o88b. .d88b.
d8P Y8 `88’ 88’ YP d8P Y8 .8P Y8.
8P 88 `8bo. 8P 88 88
8b 88 `Y8b. 8b 88 88
Y8b d8 .88. db 8D Y8b d8 `8b d8’
`Y88P’ Y888888P `8888Y’ `Y88P’ `Y88P’
Booting Primary Image
Press <ESC> now for additional boot options
Detecting hardware . . . .

Generating Secure Shell DSA Host Key
Generating Secure Shell RSA Host Key
Generating Secure Shell version 1.5 RSA Host Key
XML config selected
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Cisco AireOS Version 4.2.61.8
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting FIPS Features: Not enabled
Starting Fast Path Hardware Acceleration: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Client Troubleshooting Service: ok
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 284
Chapter 15: Cisco Mobility Express 285
Starting Management Frame Protection: ok
Starting LWAPP: ok
Starting Certificate Database: ok
Starting VPN Services: ok
Starting Security Services: ok

Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Power Over Ethernet Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting Mesh Services: ok
Starting TSM: ok
Starting LOCP: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting Management Services:
Web Server: ok
CLI: ok
Secure Web: Web Authentication Certificate not found (error).
dhcp pool 192.168.1.100(0xc0a80164) — 192.168.1.102(0xc0a80166), network
192.168.1.0(0xc0a80100) netmask 255.255.255.0(0xffffff00), default gateway 0xc0
internal dhcp server is config successfully
(Cisco Controller)
Upon completing the boot sequence, a controller with no configuration prompts you to
perform the setup using the Cisco Wizard Configuration tool, as demonstrated in
Example 15-3. Be prepared to provide the following information:
■ Hostname of the device

■ Username of the administrator
■ Password for the administrator
■ Management interface information
■ AP-Manager interface information
■ Virtual gateway IP address
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 285
286 CCNA Wireless Official Exam Certification Guide
Example 15-3 Cisco Wizard Configuration
Welcome to the Cisco Wizard Configuration Tool
Use the ‘-’ character to backup
System Name [Cisco_be:7a:e0]: 526-3
Enter Administrative User Name (24 characters max): admin3
Enter Administrative Password (24 characters max): *****
Re-enter Administrative Password : *****
Management Interface IP Address: 10.30.1.100
Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 10.30.1.254
Management Interface VLAN Identifier (0 = untagged): 0
Management Interface Port Num [1 to 2]: 1
Management Interface DHCP Server IP Address: 10.30.1.253
AP Manager Interface IP Address: 10.30.1.101
AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.30.1.253):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: CP-POD3
Enable Symmetric Mobility Tunneling [yes][NO]: NO
Network Name (SSID): IUWNE-301
Allow Static IP Addresses [YES][no]: YES
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.

Please see documentation for more details.
Enter Country Code list (enter ‘help’ for a list of countries) [US]: US
Enable 802.11b Network [YES][no]: yes
Enable 802.11g Network [YES][no]: yes
Enable Auto-RF [YES][no]: yes
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: no
Warning! No AP will come up unless the time is set.
Please see documentation for more details.
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
Key
Topi
c
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 286
Chapter 15: Cisco Mobility Express 287
Figure 15-3 Login Screen to the 526 Controllers
After you have completed the configuration from the CLI, you can browse to the IP ad-
dress of the management interface.
Using the Web Browser to Configure the Controller
To access the controller via a web browser, enter the IP address of the management inter-
face of the controller preceded by https://. This is either the IP address you configured in
the CLI Wizard or the default address of 192.168.1.1. In Figure 15-3, you can see the login
page for the controller that will appear.
Notice that the connection is secure via HTTPS. Click the Login button and enter a user-
name and password before performing any configuration. After you are logged in, you are
presented with a Summary page, as seen in Figure 15-4.
The Summary page gives you a look at the controller status, the AP status, and the top
WLANs. Changes are logged as you make them, and you can see them on the Summary
page.
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 287

288 CCNA Wireless Official Exam Certification Guide
Figure 15-4 Summary Page
Note: The Wireless Express controller web interface is quite similar to the WLC web in-
terface used in the CUWN architecture.
When it comes to the controllers, you do not need to do much work. The AP and con-
trollers will find each other. You can see in Figure 15-5 that the All APs option from the
WIRELESS menu is showing an AP that has been discovered.
When you select the AP name, you are taken to a page that allows you to enter details spe-
cific to that AP, such as its name and its primary controller, as shown in Figure 15-6. You
can also enable or disable the AP from this menu. Other options include resetting the AP
and clearing the AP configuration.
Using the Cisco Configuration Assistant
With the configuration as is, you can access the Configuration Assistant. The Cisco Con-
figuration Assistant (CCA) is a management tool that installs on a Windows computer and
is based on an application called Cisco Network Assistant, which has been modified to
support the Cisco Mobility solution. After you have installed the CCA, you can access it
via a desktop shortcut. When the application launches, you need to connect to or create a
community. When you log in for the first time, you create a community. A community is
a group name for your Mobility Express network. Figure 15-7 shows the configuration
page that you see when creating a community.
Key
Topi
c
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 288
Chapter 15: Cisco Mobility Express 289
Figure 15-5 The All APs List
Figure 15-6 Details Page for AP Configuration
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 289
290 CCNA Wireless Official Exam Certification Guide
Figure 15-7 Creating a Community

CCA will discover the standalone APs. The APs will appear in the CCA interface. If you
are running CCA 1.5 or later, you can migrate the standalone APs to lightweight APs.
CCA will also discover WLCs using IP discovery and the Cisco Discovery Protocol (CDP).
CDP is a Cisco proprietary protocol that can gain information about directly connected
Cisco devices. CCA has a topology view shown in Figure 15-8; by right-clicking on a de-
vice in the topology, you can access the device and configure it, as seen in Figure 15-9.
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 290
Chapter 15: Cisco Mobility Express 291
Figure 15-8 CCA Topology View
Figure 15-9 Configuration Menu in Topology View
17_1587202115_ch15.qxp 9/29/08 2:40 PM Page 291