Technical Tip: Cisco 702W Access Point support for wired port management
Description
This article describes Cisco 702W Access Point support for wired port management.
Scope
FortiNAC.
Solution
Version: All
Support to manage the built-in LAN interfaces/ports on Cisco 702W access points is currently not doable with Network Sentry as the access point does not provide the management capabilities required.
Evaluation of the AP's LAN Port management capabilities:
What is Supported:
Discovering Interfaces and Reading VLANs:
Support to manage the built-in LAN interfaces/ports on Cisco 702W access points is currently not doable with Network Sentry as the access point does not provide the management capabilities required.
Evaluation of the AP's LAN Port management capabilities:
What is Supported:
Discovering Interfaces and Reading VLANs:
(Cisco Controller) >show ap lan port-summary APf09e.6314.2070
Changing a VLAN on a LAN Port:
(Cisco Controller)>config ap lan enable access vlan 100 3 APf09e.6314.2070
Enable/Disable of admin status on a LAN Port:
(Cisco Controller)>config ap lan port-id 3 disable APf09e.6314.2070
What is Not Supported:
Reading the currently connected clients: There appears to be no way to get data for clients connected to the LAN Ports. No method to collect the MAC Addresses of clients connected to the ports for L2 polling purposes.
Notification of clients connecting to the LAN Ports: There does not appear to be any way to be notified of a client connecting to the LAN Port. No SNMP traps (link or mac notification).
Authentication: On some similar APs, management is handled for the wired ports through RADIUS authentication just as a wireless client. That does not seem to be the case here. There is no way to enable MAC Authentication or 802.1x on a LAN Port.
Without being notified when something connects, and without being able to see what is connected, or being able to obtain that information from Authentication (RADIUS) info, there is currently no way to manage clients connecting to the AP's LAN Ports.
Solution: Manage the built-in LAN interfaces/ports with Access Point Management.
Reading the currently connected clients: There appears to be no way to get data for clients connected to the LAN Ports. No method to collect the MAC Addresses of clients connected to the ports for L2 polling purposes.
Notification of clients connecting to the LAN Ports: There does not appear to be any way to be notified of a client connecting to the LAN Port. No SNMP traps (link or mac notification).
Authentication: On some similar APs, management is handled for the wired ports through RADIUS authentication just as a wireless client. That does not seem to be the case here. There is no way to enable MAC Authentication or 802.1x on a LAN Port.
Without being notified when something connects, and without being able to see what is connected, or being able to obtain that information from Authentication (RADIUS) info, there is currently no way to manage clients connecting to the AP's LAN Ports.
Solution: Manage the built-in LAN interfaces/ports with Access Point Management.