Home Cisco Unified Wireless Network

Cisco Unified Wireless Network

Here you will find answers to Cisco Unified Wireless Network Questions


The Cisco Unified Wireless Network is composed of five interconnected elements that work together to deliver a unified enterprise-class wireless solution. They are client devices, APs, network unification, network management, and mobility services.

There is no upgrade path between the Mobility Express solution and the Cisco Unified Wireless Network solution, though they offer features close to each other.

Question 1

Which three Cisco Unified Wireless Network capabilities use information that is provided by Radio Resource Management neighbor messages? (Choose three)

A. Aggressive Load Balancing
B. Dynamic Channel Assignment
C. Hybrid Remote Edge Access Point
D. Inter-controller Mobility (that is, Mobility Groups)
E. Over-the-Air Provisioning
F. Rogue AP Classification


Answer: B E F


First we should learn how the RRM works:

1) Controllers (whose APs need to have RF configuration computed as a single group) are provisioned with the same RF Group Name. An RF Group Name is an ASCII string each AP will use to determine if the other APs they hear are a part of the same system.

(RF groups are groups of controllers that share the same RF group name and whose APs can hear the neighbor messages of each other)

2) APs periodically send out Neighbor Messages, sharing information about themselves, their controllers, and their RF Group Name. These neighbor messages can then be authenticated by other APs sharing the same RF Group Name.

3) APs that can hear these Neighbor Messages and authenticate them based on the shared RF Group Name, pass this information (consisting primarily of controller IP address and information on the AP transmitting the neighbor message) up to the controllers to which they are connected.

4) The controllers, now understanding which other controllers are to be a part of the RF Group, then form a logical group to share this RF information and subsequently elect a group leader.

5) Equipped with information detailing the RF environment for every AP in the RF Group, a series of RRM algorithms are used to optimize AP configurations.

Information from Radio Resource Management (RRM) monitors the radio resources, performs dynamic channel assignments, provides detection and avoidance of interference, and provides the dynamic transmit power control (TPC).

The RRM neighbor message contains the following information:

* Radio Identifier: If the AP had multiple radios, this field identifies the radio used to transmit the message.
* Group ID: The 16-bit value and controller MAC address. This information is used to detect rogue access points. The access points will then check the beacon/probe-response frames in neighboring access point messages to see if they contain an authentication information element (IE) that matches that of the RF group. If the check is successful, the frames are authenticated. Otherwise, the authorized access point reports the neighboring access point as a rogue, records its BSSID in a rogue table, and sends the table to the controller.

* WLC IP Address: RF group leader’s management IP address. This address is discovered through Over-the-Air Provisioning (OTAP)
* AP Channel: The native channel that the AP uses to service clients.
* Neighbor Message Channel: The channel the message is sent on.
* Power: The power level at which the message is transmitted.
* Antenna Pattern: The antenna pattern currently in use


Dynamic channel assignment is used to dynamically allocate access point channel assignments to avoid conflict and to increase capacity and performance. For example, two overlapping channels in the 802.11g band, such as 1 and 2, cannot both simultaneously use 54 Mbps. By effectively reassigning channels, the controller keeps adjacent channels separated, thereby avoiding this problem.

Over-the-Air Provisioning (OTAP) is a method for APs to discover the management IP of a controller over the air.

A rogue AP is an AP that is unknown to the controller.


Question 2

Which roaming situation using controllers in a Cisco Unified Wireless Network requires a client using WPA2 with PKC to reauthenticate to the network?

A. A wireless client roams to another AP on a different controller in the same mobility domain.
B. A wireless client roams to another AP on the same controller.
C. A wireless client roams to another AP after being out of range of the network for 2 minutes.
D. A wireless client roams to another AP on a controller in a different mobility domain.


Answer: D


PKC is a feature enabled in Cisco 2006/410x/440x Series Controllers which permits properly equipped wireless clients to roam without full re-authentication with an AAA server. In order to understand PKC, you first need to understand Key Caching.

Key Caching is a feature that was added to WPA2. This allows a mobile station to cache the master keys (Pairwise Master Key [PMK]) it gains through a successful authentication with an access point (AP), and re-use it in a future association with the same AP. This means that a given mobile device needs to authenticate once with a specific AP, and cache the key for future use. Key Caching is handled via a mechanism known as the PMK Identifier (PMKID), which is a hash of the PMK, a string, the station and the MAC addresses of the AP. The PMKID uniquely identifies the PMK.

(Reference: http://www.cisco.com/en/US/products/ps6366/products_qanda_item09186a00808b4c61.shtml)

Question 3

To seamlessly roam between two wireless cells in a Cisco Unified Wireless Network using controllers, which condition must exist?

A. The next cell should be on the same channel as the client’s current cell.
B. The wireless client must use an EAP authentication method with the infrastructure authenticator.
C. The client’s password must be the same on both APs.
D. The next cell should provide the same SSID as the client’s current cell.
E. The clients need static IP addresses.


Answer: D

Question 4

On a Cisco Unified Wireless Controller, which three Access Point modes allow for client connectivity? (Choose three)

A. Bridge Mode
B. H-REAP Mode
C. Local Mode
D. Monitor Mode
E. Rogue Detector Mode
F. Sniffer Mode


Answer: A B C


Bridge mode allows administrators to connect LAN networks together across a wireless link or to provide wireless
access to clients where wired connections are not directly available. It can be used as a point-to-point or point-to-multipoint link.

Hybrid Remote Edge Access Point (H-REAP) lets you configure access points (AP) in a branch or remote office from the corporate office through a wide-area network (WAN) link without the need to deploy a controller in each office. An H-REAP device operates on the far side of a WAN, and its controller is back at the core site. H-REAP APs may not be registered to a controller, it can service wireless clients.

Local mode (or normal mode) is the default mode of an AP. When operating in this mode, an AP will allow both client data services and monitoring of all channels simultaneously.


In Monitor mode , APs do not allow for client connectivity; they only monitor the IEEE 802.11 spectrum seeking rogue APs or clients and  reporting to the controller that acts as a wireless intrusion detection system (IDS). This mode is used for troubleshooting or site surveys.

In Rogue Detector mode, the AP radio is turned off, and the AP listens to wired traffic only. The controllers keep track of the rogue APs detected in the wireless space. The controllers send all the rogue AP and client MAC address lists to the rogue detector, and the rogue detector AP forwards this information to the other Cisco Wireless LAN Controllers (WLCs).

Sniffer mode is used to capture all data traveling on a given 802.11 channel. Sniffer mode is only used for the remote analysis of frames, for troubleshooting or baseline purposes.

(Reference: IUWNE Student Guide)

Comments (3) Comments
  1. Efren
    December 21st, 2011

    Many thanx for all the explanations

  2. Archana
    March 23rd, 2015

    This being really good article to know about cisco wireless network, very well written and explain.

  3. red hat training
    January 6th, 2017

    Nice stuff , thanks for sharing

Reload Image