I have a customer with two independent switches (WS5100 fw v2 and RFS7000 fw v4) . Both switch got a different owners and responsible staff, BUT both are connected to the very same wired switch (bunch of layer2 switches actually), as well as all the access ports do.
How can I configure the RFS to only adopt certain APs? I guess I should make a MAC allow list for the APs, and deny any other MAC addresses, but I can’t find the way.
I’d prefer some web gui solution, but it can be CLI commands as well. Thanks Roland
6 Replies
The WS-5100 will also need to be configured to adopt only radios it is explicitly configured to adopt. This can be done in the switch policy. There will be a button for adoption policy, if I recall correctly. You will need to set the default action for the radios to "Deny Adoption". You can then add the APs that you want the WS-5100 to adopt to the include list, and the APs that you want the RFS-7010 to adopt to the exclude list. You may need to manually unadopt some APs on the WS-5100 that are already actively adopted that were meant for the RFS-7010.
Roland, The easiest way to do this would be to disable automatic AP adoption on both Wireless Controllers and then create specific Radio profiles on each Wireless Controller for the Access Points each Wireless Controller is to support. The Access Points will discover both Wireless Controllers when they boot but will only be adopted by the Wireless Controller with their profile defined. Automatic AP adoption is enabled by default but can be disabled in the Web-UI or CLI: Using Web-UI: Click Network > Access Port Radios > Global Settings Uncheck Adopt unconfigured radios automatically Using CLI: RF-Switch# configure terminal RF-Switch(config)# wireless RF-Switch(config-wireless)# no adopt-unconf-radio enable RF-Switch(config-wireless)# write memory Regards, Kevin
To note, the above steps will work only for the 7k in this scenario. Since the 5100 is running 2.x, you would need to go into the adoption policy and setup include/exclude rules for the desired radios to achieve the same effect.
All, 1. I disable the "Adopt unconfigured radios automatically" option under Access Port Radios/Configuration/Settings. 2. I connect 2 AP300 to the switch 3. They appear in AccessPort menu like "Unadopted" AP'sin two line 4. Iselect one of them and click on "Adopt" 5. In the pop-up window I choose 802.11 b/g option ans for Radio index I enter "123". 6. In Access Port Radio menu under Configuration I can see "123" radio, but there is a red X indicates that it is still unadopted. Thanks Roland
One way to approach this would be to configure 2 VLAN's on the wired switch network. any AP's associated with the 5100 would be placed on the 5100 vlan and any AP's associated with the RFS700 would be on the RFS7000 VLAN. From a business standpoint, if they want to run seperate wireless networks, it would seem logical to seperate the traffic with VLAN's -----Without knowing much about the site, it would be necessary to consider routing issues, DHCP, and DNS issues if you create seperate VLANS Another way to do this would be to create a MAC address inbound ACL on the WLAN switch wired interface. this could deny specific AP's and would prevent association. I would be uncomfortable with this arrangement because i dint fully understand the adoption process
I would turn off "auto-adopt unconfigured radios" then go to the unadopted APs tab and manually adopt those APs you want on each switch. This will then effectively create white lists on each switch for the APs you need.