Wired Stuff
WiFi Tablet Corner
My80211 White Papers (Coming Soon!)

Cisco Wireless Compatibility Matrix (Nov. 2011)

Consulting Services

Podcasts / Videos

My80211 Videos

Bruce Frederick Antennas (1/2)


Bruce Frederick dB,dBi,dBd (2/2)

Cisco AP Group Nugget

Social Links
Revolution WiFi Capacity Planner

Anchor / Office Extends Ports


Peek Inside Cisco's Gear

See inside Cisco's latest wireless gear!

2.4 GHz Channel Overlap




Interference Types


Microwave Oven

Cordless Phone


  • CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    by David D. Coleman, David A. Westcott, Bryan E. Harkins, Shawn M. Jackman

    Shawn Jackman (Jack) CWNE#54 is a personal friend and has been a mentor to me for many years.  I've had the pleasure and opportunity to work with Jack for 4 years. Jack is a great teacher who takes complex 802.11 standards and breaks them down so almost anyone can understand the concept at hand. I'm excited for you brother. Great job and job well done! Put another notch in the belt!

IEEE 802.11a/g/n Reference Sheet


LWAPP QoS Packet Tagging





More Power More Problems! When Excessive RF Power Degrades your WiFi Performance!

In the wireless world we often think more power is good. The louder the signal surely higher the performance gain. I’m sorry to say that’s not  true in most cases. RF power is like a delicate flower and should be treated with respect. Simply choosing a higher power output and not properly tuning your radios could cause you more pain than you really know. In this quick blog post, I share a pair of static bridges being bench tested 70 feet apart. The only difference in configuration is simply changing the RF power. While I only share the capacity values, the throughput values have been excluded to keep the focus on power.

Example #1 - (HOTTEST)

In this example we pump up the power @ 30 dBm.

(1) Link @ -17 dBm
(2) Modulation at 16 / 64 QAM
(3) TX Power 30 dBm
(4) Capacity Link TX 205, RX 200


Example #2 - (HOT)

In this example we power down to @ 24 dBm.

(1) Link @ -22 dBm
(2) Modulation at 256 / 256 QAM
(3) TX Power 24 dBm
(4) Capacity Link TX 396, RX 391


Example #3 - (PEACHY)

In this example we power down to @ 18 dBm.

(1) Link @ -27 dBm
(2) Modulation at 1024 / 1024 QAM
(3) TX Power 18 dBm
(4) Capacity Link TX 482, RX 469


Modulate Gain: 16 vs 1024 and 64 vs 1024
Capacity Link Gain: TX 205 vs 481, RX 200 vs 469

Why excessive power gain is bad is because it increases noise and distortion at the receivers radio. In Example #1, both radios can hear each other at -17 dBm! Think of it this way, imagine having someone in your ear with a megaphone yelling today’s lunch specials at you. You can’t hear so well, can you ? Take away the megaphone and step back a few feet and all is peachy.

My quick less-techy blog post for today! 





Which antenna gets deactivated when you provide less than full power to a Cisco 3700 ?

A question was asked on Cisco Support Community (CSC) enquiring about what antenna is deactivated when a Cisco 3700 access point doesn't receive a full 16.1 Watts. 

We have purchased 3702e and some of these access points can only get PoE (802.3af). Which antenna will be activated in this case?

802.3at                 4x4:3 on 2.4/5 GHz                         16,1W
802.3af                 3x3:3 on 2.4/5 GHz                         15,4W

Thats a good question and it had me thinking. So I tapped my Cisco CSE, Carlos. BTW Carlos is one of the best CSE’s you’ll find. I’m very fortunate to have him as our CSE. The guy has memory recall with such precision it’s scary. Not to mention he is a CCIE R/S and W. 

When an access point isn't provided full power it can deactivate some combination of radio chains and spatial streams. Manufactures can dial back the access points performance while still providing reliable WiFi communications. This allows flexibility with power at the switch power level (PoE).

We’ll focus on the Cisco 3700. The data sheet shows 802.3at and 802.3af power combinations. Less power, less chains and streams. More power, more chains and streams.



From a Cisco 3700 access point do:  show controllers dot11Radio X.



In this example you will see the access point is fully powered. We can tell this because of the the number of antennas used for RX and TX. A,B,C and D.

Antenna:                        Rx[a b c d ]
                                    Tx[a b c d  ofdm all]



In this example you will see the access point is not fully powered. The access point was provided .af power. We can tell this because of the the number of antennas used for RX and TX. A,B, and C and the mention “Radio on Low Power Mode due to PoE, restricted to 3 antennas”

Antenna:                        Rx[a b c ]
                                     Tx[a b c  ofdm all]



A,B,C, and D

You might be wondering which antenna port is D. On a Cisco 3700E look closely at the antenna bulk head. Each one is identified with A,B,C, and D. In this case the D antenna, it is located in the lower left of the 3700 access point. 





Field Notice: FN - 63697 - Protective Boot on Certain Network Cables Might Push the Mode Button and Cause an Unexpected Reset on the 48-Port Models of Cisco Catalyst 3650 and 3850 Series Switches

Sorry, but I had to really LOL when I read this field notice! 

Picture is worth a thousand words! 

Client Debug Macro Change - Cisco code: -

A quick blog post on an observation I made while debugging in the lab. The command debug client enables a set variable of commands which enable muliple debugs. You can see what these commands are with the “show debug” command. 

Notice the change in the commands enabled between 7.6 and 8.0. 



Revolution WiFi Capacity Planner 

Did you miss Andrew von Nagy's Capacity Planner webinar ? No worries because the links are below. It's one of those sessions you will want to watch a few times and let it soak in. This session will be a guaranteed "classic". A staple of sorts for WiFi engineers to use in the future. 

What makes this even more special. Andy didn't get paid to create this calculator. It's his way of giving back to the community. Andy is a true master at his craft. Really honored to call him a friend. Someone who always answers your emails, takes your calls and willing to explain a subject 10 different ways till you understand it.

If you're new to WiFi or a veteran this session is packed with nuggets! 

Revolution WiFi Capacity Planner 


Revolution WiFi Recorded Webinar Capacity Planner 




Top 10 Sessions From Interop Las Vegas 2015

Interop Las Vegas 2015 was a blast! Few conferences bring together a rich mix of vendors, products, solutions and attendees all in one place. I was particularly interested in Cisco's Hyperlocation, which just so happen to win Best of Interop Award - 2015 Mobility. Interop was a gathering of old friends and meeting new ones. I thought the mobility track was exceptional this year. 

Cisco Hyperlocation:

I was also a panel guest at Cisco's Mobility lunch where WiFi Mobility, 802.11ac and our AWO (All Wireless Office) was topic of discussion. It was 60 minutes of great discussion and guest interaction. I would like to thank Cisco's Bill Rubino for the invite. 

I spoke at my own session "Designing Todays WiFi Network for Tomorrow's Applications". I always enjoy sharing my real world hands on experience with others. WiFi is still black magic to many IT folks in the industry. The goal in my session, take 2 things away that you didn't know before. I think the attendees agreed. My session made Interop's Top 10 Sessions and ranked #6 in the standings as voted by attendees. I would like to thank Andrew Murray for the invite and having me back at Interop. 

Interop Top 10


In closing three articles were published from my Interop session. 

Remember The Restroom When Deploying Wireless


What happens if you remove an acceptable use policy from guest Wi-Fi?


Diversity of connected devices in hospitals poses unique challenge for going fully wireless




TAC Recommended AireOS 7.6 and 8.0 - 2Q CY15

TAC code recommendations for AireOS 7.6 and 8.0 customers. 

Folks on 7.6 and 8.0 or who might be thinking about going to these versions Cisco is recommending the following releases:

7.6 -

8.0 - 


NOTE: Above links to release notes for and


Field Notice: FN - 63916 AireOS or Cisco IOS-XE 3.6.0E - AP Unable to Join WLC or AP Stuck in Downloading State - Software Update Required



Revision History

Initial Public Release

Products Affected

Products Affected
Cisco Aironet 1530 Series
Cisco Aironet 1550 Series
Cisco Aironet 1600 Series
Cisco Aironet 1700 Series
Cisco Aironet 2600 Series
Cisco Aironet 2700 Series
Cisco Aironet 3500 Series
Cisco Aironet 3600 Series
Cisco Aironet 3700 Series

Problem Description

Some Wireless Access Points (APs) manufactured between August 2014 and October 2014 might have an incorrectly programmed SHA-2 certificate.

The affected product families are:

  • Cisco Aironet 1530 Series
  • Cisco Aironet 1550 Series
  • Cisco Aironet 1600 Series
  • Cisco Aironet 1700 Series
  • Cisco Aironet 2600 Series
  • Cisco Aironet 2700 Series
  • Cisco Aironet 3500 Series
  • Cisco Aironet 3600 Series
  • Cisco Aironet 3700 Series

Issue 1

After you upgrade a Wireless LAN Controller (WLC) to software version or 3.6.0E


after the Wireless APs download the new software version, any Wireless AP with an incorrectly programmed SHA-2 certificate disconnects from the WLC and is not able to rejoin the WLC if the WLC has a SHA-2 certificate.

Issue 2

Any new Wireless AP with software version and with an incorrectly programmed SHA-2 certificate fails to validate the image downloaded from the WLC. The result is that the AP is unable to establish a connection to a WLC with version software.

If the AP has an incorrectly programmed SHA-2 certificate and the WLC has version or 3.6.0E, the likelihood of this issue being observed is 100%.


Between August and October 2014, a manufacturing change was added to support SHA-2 certificates. In the certificate chain transition, some APs were manufactured with incorrect certificate information. Prior to this change, the APs only had a SHA-1 device ID certificate. After the change the APs had both SHA-1 and SHA-2, but the SHA-2 was incorrectly programmed on the affected units.

The available fixed code ensures that the APs continue to function as APs that were manufactured prior to August 2014.

The affected APs are fully functional and equivalent to APs manufactured prior to August 2014.

In the future, Cisco will provide support for SHA-2 authentication between APs and more recently manufactured WLCs.

Problem Symptoms

New Aironet APs with factory installed recovery Cisco IOS® are able to join the controller that runs software version or 3.6.0E and download version 15.3(3)JA or 15.3(3)JN IOS. However after the AP reload, the APs are unable to join the controller. On the AP, logs similar to these are seen:

*Oct 16 12:39:06.231: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.

*Oct 16 13:14:56.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: ***.***.***.*** peer_port: 5246Peer certificate verification failed FFFFFFFF

*Oct 16 13:14:56.127: DTLS_CLIENT_ERROR: ../capwap/base_capwap/capwap/base_capwap_wtp_dtls.c:496 Certificate verified failed!
*Oct 16 13:14:56.127: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to ***.***.***.***:5246
*Oct 16 13:14:56.127: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to ***.***.***.***:5246

Another symptom of this issue is that the AP might be able to join the software version controller, download a new Cisco IOS code, and boot up and join the controller correctly; however when it goes to upgrade to the newer 8.x code it gets stuck in a loop and fails the download.

*Nov 11 10:13:53.003: Currently running a Release Image
*Nov 11 10:13:53.027: Using SHA-2 signed certificate for image signing validation.
*Nov 11 10:13:53.091: Image signing certificate validation failed (FFFFFFFF).
*Nov 11 10:13:53.091: Failed to validate signature
*Nov 11 10:13:53.091: Digital Signature Failed Validation (flash:/update/ap3g2-k9w8-mx.v153_80mr.201410311616/final_hash)
*Nov 11 10:13:53.091: AP image integrity check FAILED Aborting Image Download
Download image failed, notify controller!!! From: to, FailureCode:3 archive download: takes 339 seconds
*Nov 11 10:14:02.399: capwap_image_proc: problem extracting tar file



In order to avoid this issue, if the WLC runs software version 7.6 or earlier and you have APs affected by this issue, do not upgrade to version 8.0.100.x train. Wait for the next Cisco Connection Online (CCO) release.

Workaround for AireOS

If the WLC has been upgraded to version 8.0.100.x and the APs are supported in AireOS 7.6, downgrade to this version.

Solution for AireOS

If the WLC has software version 7.6 or earlier, upgrade the WLC to version

If the WLC has software version 8.0.100.x, follow these steps:

  1. Upgrade the WLC to software version
  2. Allow all APs to join the WLC and upgrade to software version
  3. Upgrade the WLC to software version
    Note: Step 2 is required to push the special software version onto the APs in order to allow all future upgrades.

Cisco IOS-XE

In order to avoid this issue, if the WLC has software version 3.3.x or earlier and you have APs affected by this issue, do not upgrade to version 3.6.0E.

Workaround for Cisco IOS-XE

If the WLC has been upgraded to version 3.6.0E and APs are supported in Cisco IOS-XE Version 3.3.x, downgrade to this version.

Solution for Cisco IOS-XE

If the WLC has software version 3.6.0E, follow these steps:

  1. Upgrade to version 3.6.1 or 3.7.0 or later.
  2. Enter the wireless security certificate force-sha1-cert command from the prompt.


To follow the bug ID link below and see detailed bug information, you must be a registered customer and you must be logged in.

CSCur43050 (registered customers only)
APs mfg in Aug./Sept./Oct. 2014 unable to join an AireOS controller
CSCur50946 (registered customers only)
APs mfg in Aug./Sept./Oct. 2014 unable to join an IOS-XE controller

How To Identify Hardware Levels

From the AP CLI, enter the show version command and look for the "Top Assembly Serial Number". An example of a Top Assembly Serial Number is FTX1613GJGA.

If the AP is joined to an AireOS controller:

  • From the CLI, enter the  show ap inventory APNAME command.
  • From the GUI, select  Wireless > All APs > APNAME > Inventory in order to view the serial number.

If the AP is joined to a Cisco IOS-XE controller:

  • From the controller CLI , enter the show ap name APNAME inventory command and look for the "Cisco AP" serial number.
  • From the GUI, select Configuration > Wireless > Access Points > All APs > APNAME > Inventory in order to view the serial number.

Alternately, the serial number can be found on the back/bottom of the AP:


Confirm that your serial number is affected with the Serial Number Validation Tool.

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods: 


Cisco Access Point Models Not Supported On 8.1 Code

If you're like me you may have hundreds or even thousands of Cisco 1131, 1242 and 1250 access points deployed in your wireless network today. 

Take special care and attention to the information below. A number of legacy access point models will no longer be supported past 8.0 code. 

This is reminiscent of 1000 series access points. I can recall the horror stories, people upgrading to 5.0 only to realize that the 1000 series would not join the WLC. #DontBeThatGuy!

Ask your Cisco rep about buy back programs and bundle purchases; buy X and get 5-10 free access points!


Are you the next WiFi Rockstar ??

The No Strings Attached Show is sponsoring a tremendous giveaway to one lucky winner! If you’re new to WiFi and someone who is just starting out this giveaway is your ticket to wifi stardom.

This prize pack includes hardware, software, study material and MORE! 


You need site survey software —- CHECK
You need enterprise class hardware to lab —- CHECK
You need spectrum analysis equipment — CHECK
You need study CWNP study material —- CHECK
and more ……

The deadline for this contest is December 12th, 2014. 

For the rules visit http://thenextwifirockstar.com/    


*Certain Rules and Restrictions Apply  


Clear your schedule and mark your calendars WFD#7 is this week! 

WFD#7 is a sponsored event that brings WiFi vendors also called sponsors and WiFi subject matter experts also called delegates together to discuss technology. WFD#7 sponsor list has returning vendors like Fluke AirMagnet, Wildpackets, AirTight, Aruba, Extreme Networks and Cisco. Avaya is a first time sponsor to WFD. Welcome! 

I understand a few of the sponsors will be unveiling some exciting news. Only one way to learn about these unveilings first, tune into the live stream! 

I’m interested in WFD newcomer Avaya. Avaya has been around since the early days when WiFi was just 802.11, no fancy task groups are the 11. They seem to have fallen by the way side in the early 2000’s. To date I can’t say I’ve seen their new WiFi solution in the wild. I’ve seen many customers using their communication suite of products. They have a nice suite that pulls together end to end communication and collaboration. Looking forward to learning more about their solutions. 

Over the years and after many of the WFD events you build relationships with vendors.You collaborate together. You troubleshoot together. You test new widgets together.  You share in successes together. Can’t wait to see my old friends at Wildpackets, Airmagnet, Cisco and Aruba.

Presentation Calendar

Most presentations are streamed live on this page, at TechFieldDay.com, and at some delegate and presenter web sites. After the event, the following pages contain video recordings of these presentations.

Wednesday, Aug 6 10:00-12:00
Fluke Networks Presents at Wireless Field Day 7

Wednesday, Aug 6 13:30-15:30
AirTight Networks Presents at Wireless Field Day 7

Wednesday, Aug 6 16:00-18:00
Extreme Networks Presents at Wireless Field Day 7

Thursday, Aug 7 8:00-10:00
Avaya Presents at Wireless Field Day 7

Thursday, Aug 7 10:30-12:30
Aruba Networks Presents at Wireless Field Day 7

Thursday, Aug 7 14:30-16:30
WildPackets Presents at Wireless Field Day 7

Friday, Aug 8  9:30-11:30
Cisco Presents at Wireless Field Day 7

WFD#7 delegates 


Blake Krone @BlakeKrone

Blake Krone is Cisco CCIE Wireless and CWNA certified Wireless Network Architect with experience designing and deploying enterprise class networks supporting hundreds of APs and multiple controllers for Voice, Data, and RTLS.

Craig Schnarrs @The_WiFi_Guy

Craig Schnarrs, is senior wireless network operations engineer and WiFi blogger

George Stefanick @WirelesssGuru

George Stefanick is a Wireless Architect employed by a large healthcare system in the Texas Medical Center.

Glenn Cate @GRCate

Glenn Cate is a senior IT analyst who is passionate about all things Wi-Fi!

Jake Snyder @JSnyder81

Jake is a Systems Engineer focused on designing and deploying wireless networks in the Pacific Northwest.

Jennifer Huber @JenniferLucille

Jennifer has over 10 years of experience in the networking and wireless engineering industry.

Keith R. Parsons @KeithRParsons

Keith is Managing Director of Wireless LAN Professionals, and focuses his energy on providing great WLAN education, design and consulting to global customers.

Lee Badman @WiredNot

Lee Badman currently writes for Network Computing Magazine as Wireless and Mobility blogger, and has over twelve years of professional industry analysis under his belt.

Peter Paul Engelen @PPJM_Engelen

Peter-Paul Engelen is a technical consultant with advanced (pre) sales experience and business development skills in multi-vendor Cloud-based (W)LAN and Wholesale ISP/Carriers.

Richard McIntosh @CiscoTophat

Network engineer at a higher education institute with a focus in wireless networking.

Sam Clements @Samuel_Clements

Sam Clements is an avid wireless technologist with a passion for all things mobility.

Stewart Goumans @WirelessStew

Stewart is a Mobility Consultant helping customers and fellow WiFi'ers with wireless design in Vancouver British Columbia, Canada

Buckle in and get your WiFi on!


Aruba AirWave - Wireless Field Day 4 #WFD4

The WFD#4 delegates were excited to have Aruba participate in WFD4. If you missed the presentation, no worries the entire presentation was recorded and can be viewed at the below link. 


I was one of the delegates. I walked away with a better appreciation of Aruba's management platform called AirWave. AirWave was an acquisition by Aruba back in 2008. You can read more about the purchase by viewing the below link. The value proposition for non Aruba infrastructure folks is AirWave’s vendor neutrality. Aruba calls it the multivendor management approach. Allowing real time visibility into wired and wireless infrastructures regardless of vendor gear.


The location tracking caught my attention. Its a very inexpensive solution which allows mobile client tracking without the use of expensive boxes or licenses *cough* Cisco MSE *cough*. Another take away is the open XML API. Allowing for integration into other applications allowing you to port the location data. 

AirWave allows for wired switch monitoring. As a WiFi engineer who focuses primarily on WiFi, we all know that 802.11 frames will eventually hit the wired switch fabric. Having one software solution to monitor both my wireless and my wired switches is very appealing. It allows the WiFi engineer the ability to interact with just one console, instead of pulling in data from different sources, which is always a pain. 

Airwave also supports rouge ap detection, proactive alerts, historical reporting, client troubleshooting, floor plan maps and much much more. 

You can learn more about Aruba AirWave here:




Peek inside Cisco's 802.11ac 3702i Access Point 

Cisco latest 802.11ac offering, 3702i (AIR-CAP3702i-A-K9) model access point 

(Click on image to enlarge)  














CSCui69732: Platinum 802.1p tagging defaulted to 5 after upgrade to

CSCui69732: Platinum 802.1p tagging defaulted to 5 after upgrade to


Platinum 802.1p tagging changed to 5


Platinum 802.1p tagged at 6 and upgrading to


Disable networks and change tagging back to 6


Cisco Appliance Light Path Diagnostics #ISE #NCS #PRIME 

My Cisco appliance was showing the amber color exclamation point. While I did the typical show and tech commands I could not find anything wrong with the box. I checked the Light Path Diagnostics on the appliance, it quickly pointed out a power supply problem. 



Figure 1-3 Light Path Diagnostics Panel



Figure 1-4 shows the LEDs and controls on the light path diagnostics panel.

Figure 1-4 Light Path Diagnostics Panel Components




Light Path Diagnostics Panel Components

Remind button: This button places the system-error LED on the front panel into Remind mode. In Remind mode, the system-error LED flashes once every 2 seconds until the problem is corrected, the NCS appliance is restarted, or a new problem occurs.

By placing the system-error LED indicator in Remind mode, you acknowledge that you are aware of the last failure but will not take immediate action to correct the problem.

NMI button: This button is used to force a nonmaskable interrupt to the microprocessor. This button is not currently used by the Cisco Prime Network Control System appliance. Press this button only when directed by the Cisco TAC personnel.

Checkpoint code display: This display provides a checkpoint code that indicates the point at which the system stopped during the boot block and POST. A checkpoint code is either a byte or a word value that is produced by UEFI. The display does not provide error codes or suggest components to be replaced.

Reset button: Press this button to reset the NCS appliance and run the power-on self-test (POST). You might have to use a pen or the end of a straightened paper clip to press the button. The Reset button is in the lower-right corner of the light path diagnostics panel.


Table 1-3 Light path diagnostics panel LEDs 

Follow the suggested actions in the order in which they are listed in the Action column until the problem is solved.

None, but the system error LED is lit.

An error occurred and cannot be isolated. The error is not represented by a path.

Contact Cisco TAC for assistance.


The power supplies are using more power than their maximum rating.

Contact Cisco TAC for assistance.


An error occurred.

Contact Cisco TAC for assistance.





Power supply 1 or 2 has failed.

1. Check the power supply that has a lit amber LED (see Power-supply LEDs).

2. Make sure that the power supplies are seated correctly.

3. Remove one of the power supplies to isolate the failed power supply.

4. Replace the failed power supply.


An error has occurred on a PCI bus or on the system board. An additional LED is lit next to a failing PCI slot.

Contact Cisco TAC for assistance.


A service processor error has been detected.

1. Shut down the system and remove the power cords from the NCS appliance; then, reconnect the NCS appliance to power and restart it.

2. If the problem does not go away, contact Cisco TAC for assistance.


A fan has failed, is operating too slowly, or has been removed. The TEMP LED might also be lit.

Contact Cisco TAC to replace your Cisco Prime Network Control System appliance and for further assistance.


The system temperature has exceeded a threshold level. A failing fan can cause the TEMP LED to be lit.

Contact Cisco TAC for assistance.


When only the MEM LED is lit, a memory error has occurred. When both the MEM and CNFG LEDs are lit, the memory configuration is invalid or the PCI Option ROM is out of resource.

Contact Cisco TAC for assistance.


A nonmaskable interrupt has occurred, or the NMI button was pressed.

Check the system-error log for information about the error.

Contact Cisco TAC if further assistance is needed.


A hardware configuration error has occurred.

Contact Cisco TAC for assistance.


An invalid microprocessor configuration or a microprocessor has failed (both the CPU LED and the CNFG LED might be lit).

Contact Cisco TAC for assistance.





A hard disk drive has failed or is missing.

1. Check the LEDs on the hard disk drives for the drive with a lit status LED and reseat the hard disk drive.

2. If reseating the drive does not resolve the issue, then the failed hard disk drive must be replaced. Contact Cisco TAC for assistance.





An error has occurred on the system board.

Contact Cisco TAC for assistance.


AirMagnet 802.11ac Beta - #WFD5

Time is running out. If you're an existing AirMagnet Survey PRO customer who is under Gold support and maintenance at this time. Beta will be available in the next 2-3 weeks. AirMagnet will contact you directly with more details. 

Link to sign up 





Mark Your Calendars - Wireless Field Day 5 (Aug 7th-9th, 2013) #WFD5

I’m headed to WFD5 being held in San Jose, August 7th-9th. The sponsor line up is one to get excited about! A total of 9 sponsors in all are presenting during this event. Of which, four sponsors are new to Wireless Field Day -  AirTight, 7signal, Xirrus and Meru. We also have the return of past sponsors Fluke, Aerohive, Wildpackets, MetaGeek and Motorola. 



As always the delegate gene pool is a who's who in wireless social blogging and subject matter experts in their own right. Each delegate brings their own level of experience to each event. This always makes for great conversation and sponsor interaction.




MetaGeek - 

I’m particularly interested in hearing about MetaGeeks integration with Cisco. MetaGeek demoed their WiSpy integration with Cisco Clean Air access points at Cisco Live. Interested in learning about the backend mechanics and added flexibility this new offering will bring. Hanging with the MetaGeek guys is always a blast. Good group of folks. My kind of people. 

7Signal - 

Interested in hearing about their Sapphire solution and business model. They seem like an interesting company for network optimization. No prior experience with these folks so my ears are wide open! I want to hear about their healthcare optimization experience. Might be something I can leverage. 

AirTight -

I’ve had the opportunity to work with AirTights offerings in the past. I found them to be highly competent. Most WiFi vendors today offer similar security solutions already built into their products. I want to hear how AirTight is positioning their value ad to customers and their new cloud base offering. I’m not a big overlay guy myself. Keeping my ears open. 

Xirrus - 

I have no experience with Xirrus. Looking forward to meeting the Xirrus team and learning about their offerings. I’ve heard good things about their product line. Looking forward to some good take aways from the meeting.

Meru - 

Meru is the awkward kid on the bus. They do things differently and their solution is based around single channel architecture. I’m keeping an open mind and looking forward to meeting team Meru. 

Wildpackets -

Boy do I love me some Wildpackets. I can wrap up Jay and his team in one word, OUTSTANDING. When you meet a vendor that has equally or more passion about WiFi than you do that is a vendor I want to do business with. Looking forward to the 11ac update and any new announcements that may be coming our way during the meeting.

Aerohive -

Nothing but love for my friends at Aerohive. They’re knocking down doors and making their presence known. Rightfully so, they have solid offerings and as Devin likes to always mention their “controller LESS”.They have a WiFi team that is a who’s who. Collectivity outside of Aerohive their team is responsible for the majority of 802.11 published material feeding the minds of WiFi engineers around the world. Looking forward to their presentation. When I return from WFD I have a scheduled POC using Aerohive's Branch Office product.  Looking forward to it! 

Fluke -

Not sure what Fluke will be presenting. Interesting in learning about Airmagnet 11ac road map. BTW did anyone get the AirCheck from the Aussie ? 

Motorola - 

The Motorola team had a solid presentation last WFD. Looking forward to the same this go around. 



Wednesday, Aug 7


Fluke Networks Presents at Wireless Field Day 5 

Wednesday, Aug 7


Aerohive Networks Presents at Wireless Field Day 5 

Wednesday, Aug 7


WildPackets Presents at Wireless Field Day 5

Thursday, Aug 8


AirTight Networks Presents at Wireless Field Day 5

Thursday, Aug 8


MetaGeek Presents at Wireless Field Day 5

Thursday, Aug 8


Motorola Solutions Presents at Wireless Field Day 5

Friday, Aug 9


7signal Presents at Wireless Field Day 5

Friday, Aug 9


Xirrus Presents at Wireless Field Day 5

Friday, Aug 9


Meru Networks Presents at Wireless Field Day 5


Want to follow along on Twitter ? 

Simply follow Twitter hash tag #WFD5 or follow the delegates. 


Do you have a question for a sponsor ? 

Post your question via Twitter with hash tag #WFD5 and one of the delegates will ask for you! 

What if I miss the event ? 

Gestalt IT has you covered. Each live event is recorded and posted shortly after the event for your later consumption. 


Your feedback was heard loud and clear ..  

PrimeImage Media who does an unbelievable job capturing the live dynamics of each Field Day event will be using a new Delegate Microphone System (DMS).  Now you'll be able to hear each delegate better than ever before. 



End-of-Sale and End-of-Life Announcement for the Cisco Identity Services Engine


Cisco announces the end-of-sale and end-of life dates for the Cisco Identity Services Engine. The last day to order the affected product(s) is December 24, 2013. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table 1 of the EoL bulletin. Table 1 describes the end-of-life milestones, definitions, and dates for the affected product(s). Table 2 lists the product part numbers affected by this announcement. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers' service contract.


Table 1. End-of-Life Milestones and Dates for the Cisco Identity Services Engine





End-of-Life Announcement Date

The date the document that announces the end of sale and end of life of a product is distributed to the general public.

June 25, 2013

End-of-Sale Date

The last date to order the product through Cisco point-of-sale mechanisms. The product is no longer for sale after this date.

December 24, 2013

Last Ship Date:

The last-possible ship date that can be requested of Cisco and/or its contract manufacturers. Actual ship date is dependent on lead time.

March 24, 2014

End of Routine Failure Analysis Date:

The last-possible date a routine failure analysis may be performed to determine the cause of hardware product failure or defect.

December 24, 2014

End of New Service Attachment Date:

For equipment and software that is not covered by a service-and-support contract, this is the last date to order a new service-and-support contract or add the equipment and/or software to an existing service-and-support contract.

December 24, 2014

End of Service Contract Renewal Date:

The last date to extend or renew a service contract for the product.

March 21, 2018

Last Date of Support:

The last date to receive applicable service and support for the product as entitled by active service contracts or by warranty terms and conditions. After this date, all support services for the product are unavailable, and the product becomes obsolete.

December 31, 2018



HW = Hardware OS SW = Operating System Software App. SW = Application Software

Table 2. Product Part Numbers Affected by This Announcement

End-of-Sale Product Part Number

Product Description

Replacement Product Part Number

Replacement Product Description

Additional Information


Cisco Identity Services Engine 3315 Hardware Appliance


Small Secure Network Server for ISE, NAC, & ACS Applications



Cisco Identity Services Engine 3315 Appliance Migration SKU


SNS 3415 Migration Server: Loaded with ISE Software



Cisco Identity Services Engine 3355 Hardware Appliance


Large Secure Server for ISE and NAC Applications



Cisco Identity Services Engine 3355 Appliance Migration SKU


SNS 3495 Migration Server: Loaded with ISE Software



Cisco Identity Services Engine 3395 Hardware Appliance


Large Secure Server for ISE and NAC Applications



Cisco Identity Services Engine 3395 Appliance Migration SKU


SNS 3495 Migration Server: Loaded with ISE Software




Cisco 802.11ac Certified by the Wi-Fi Alliance 

Cisco's 3602 and the RM3000 AC Module certified by the Wi-Fi Alliance! 

Read about it here ... 



Aruba 802.11ac Announcement 


Since the very beginning WiFi clients have been a challenge and they still are today. There is no standard for WiFi client vendors to follow. Vendors implement their own roaming algorithm (triggers), interpret their own signal, SNR and noise levels. Vendors almost never publish these triggers. In the industry we call this “vendor client secret sauce”. I blogged about this very subject on Aruba AirHeads forum. 


Aruba introduced ClientMatch an innovative way of managing clients. Aruba’s believes their approach to client management is unique. So unique that Aruba has filed a patent, US20130036188. Aruba takes an active approach steering clients to access points. 

Chris Lyttle @ WiFi Kiwi did an exceptional job outlining Aruba’s ClientMatch. Pay close attention the blog responses. 


You can see more from Aruba about ClientMatch here



My take on ClientMatch. Client steering isn’t at all new. Typically vendors will direct clients with reason code 17 or by managing clients by ignoring probe request on a specific radio to trick the client to go where the WiFi network thinks its best. These are more active approaches. Meaning a client must interact - do THIS and the WiFi network will do THAT. Aruba’s systems appears to be more proactive in nature. 

Aruba Access Point Model - AP-220

I couldn’t believe my eyes and ears when I seen and heard that the new Aruba 802.11ac access point is VENT FREE. Finally, Aruba got the memo and environmental departments in healthcare systems around the world are rejoicing! You have no idea how many times the subject of  Aruba Access Points and open vents have come up in discussion in healthcare opportunities. Cleaning a vented access point presents challenges of course. 

The AP-220 packs a punch of sheer speed and throughput. It’s also the best looking access point in the Aruba access point stable. 

Another Interesting approach is the dual GIG NIC. Not sure how this will be accepted when its deployed. It’s not typical to pull 2 cables per access point. There will be obvious needs for extra wired side bandwidth options. Makes me wonder why they cant tap a 10 GIG port on the back of the ap ?

802.11ac Pros / Cons (Voodoo)

The next generation wireless is not without its challenges. These challenges are industry wide and every vendor will have the burden of educating customers on proper design and deployment. Expect to see design and deployment documents released or updated specific for 802.11ac best practices.  

Customers looking at 802.11ac need to have a firm understanding of the technology and how to properly deploy it. Customers who don't, 802.11ac could hinder their wireless network. 

80/160 Mhz channels 

The 802.11n standard introduced channel bonding for the first time. It allows us the ability to take (2) neighboring 20 MHz channels and by bonding them together to make a single 40 MHz channel.Thus allowing higher speed and throughput from improvements in the PHY, MAC and extra RF real estate.  802.11n also introduced a new level of troubleshooting. The frame structure is different and requires knowledge to interpret the traffic.  Analysis tools and hardware require updating to read 802.11n traffic. 

802.11ac will be no different. You will need to update your tool box, brush up on 802.11ac frame structure. Test, lab and practice.

The issue is 80/160 MHz bonding. Aruba hasn't addressed how to deploy this monster. For that matter, Cisco hasn't either. The 5 GHz medium is known for it’s 24 non overlapping channels. Some customers only deploy UNII1 and UNII3 to avoid DFS (802.11h). This could present challenges for these folks. 

Your deployment strategy of 802.11ac needs to be defined and deployed in areas to meet specific bandwidth, throughput, density, application or business needs. Proceed with caution and consult an expert before deploying 802.11ac. 

Wave1 / Wave 2 

Wave 1 will support SU-MIMO. (SU) stands for SINGLE USER. This simply means that wave 1 technology will support sending multiple streams of data from an access point with multiple antennas downstream to a client at a high rate of speed.

Wave 2 will support MU-MIMO. (MU) stands for MULTI USER. This simply means that wave 2 technology will support sending multiple streams of data from an access point with multiple antennas downstream to multiple clients at a high rate of speed to give a “full duplex” like experience.

Wave 1 hardware is not upgradeable to Wave 2. 

Client Support 

Like all previous 802.11 advancements client support seems to be spotty the first year or so till vendors iron out the bugs and settle in. 

Legacy Devices

Once 802.11ac is deployed, how will legacy devices react to the 802.11ac IE ? There could be a percentage of clients in your enterprise who may have issues. Know your network and bench mark your clients. Keep a close eye on your legacy clients.

802.11ac Frame Analysis

Get up to speed on capturing 802.11ac frames


Did you miss the announcement?

No worries. Tech Field Day covered the event live. Check out the link below


Tech Field Day Delegates Blog Post 

Daniel Raaaaaaar! Cybulskie 



Jennifer huber - 



Chris Lyttle -