2.8 Describe AP and WLC management access connections (Telnet, SSH, HTTP, HTTPS, console, and TACACS+/RADIUS)

How do we access the configuration of a Cisco WAP?

  • Connect to its Console port via a console cable
  • Use SSH or Telnet
  • Access its GUI (Graphical User Interface) via a web browser
  • Configure it through the controller (if it is a LAP)

We can’t make many configuration changes to a Cisco LAP because it obtains its configuration from the WLC.  For example, we can tell the LAP the IP address of the WLC that it should connect to.

How do we access the configuration of a Cisco WLC?

  • We can its web-based GUI via HTTP or HTTPS.  We simply type the WLC’s IP address into a web browser.
  • We can use SSH. 
  • We can connect to it with a console cable.  The first time we configure the WLC, we must set up a management IP address so that we can access it through a web-based GUI or through SSH.  We might need to do this through a console cable.

The WLC supports the use of RADIUS or TACAS+ to authenticate users.

In an enterprise environment, when a user connects to a Wi-Fi connection, he enters a username and password (this might be the same username and password that is assigned to the user for other purposes such as e-mail, computer systems, etc.).  The WLC takes these login credentials to an enterprise RADIUS or TACAS+ server and confirms that they are accurate and that the user is permitted to access the network.

We can also authenticate users with a set of local usernames and passwords.

We can also allow an administrator to log in to the controller using his enterprise username and password.  The controller authenticates the user in the same manner.