WLC is back on CCO

Get it before it gets pulled again! 🙂
Release notes are at:

And it does indeed include as a resolved caveat:

CSCti21621      Switch CAM table is not updated after L2 roam.

Cisco’s playing games has been pulled from CCO but the release notes from are back up as ‘new’.

WLC Code is on CCO!

Release notes can be found at:

This of course is the rev that we expect fixes that nasty L2 roam issue. Standard code qualification caveats strongly recommended. 🙂

Why do you configure a controller that way?

So, I was digging on the WLC Config Analyzer (a great tool by itself!) at:

And I stumbled across the list of checks that it does and (more importantly) how it determines that it’s values are ‘preferred’. If you goto:
And scroll down you’ll see the list of the Config Analyzer errors and why it thinks those errors are pertinent (including links to supporting documentation!). If you ever wanted a good solid list of supporting documentation for configuration options, this is the best I’ve seen!

Cisco WLC captured web auth character limitations

Nice to know:

Step 5 If you want the user to be directed to a particular URL (such as the URL for your company) after login,
enter the desired URL (such as http://www.AcompanyBC.com) in the Redirect URL After Login field. You
can enter up to 254 characters.
Note The controller supports web authentication redirects only to HTTP (HTTP over TCP) servers. It
does not support web authentication redirects to HTTPS (HTTP over SSL) servers.
Step 6 If you want to create your own headline on the login page, enter the desired text in the Headline field.
You can enter up to 127 characters. The default headline is “Welcome to the Cisco wireless network.”
Step 7 If you want to create your own message on the login page, enter the desired text in the Message field.
You can enter up to 2047 characters. The default message is “Cisco is pleased to provide the Wireless
LAN infrastructure for your network. Please login and put your air space to work.”

Of course you can use a web-auth bundle to overcome this limitation but you should keep it in mind if you’re using the built in captured web portal.

AeroScout Exciter firmware notice

This just in from Aeroscout:

EX2000 Exciter Bulletin – Firmware Upgrade Required     

An EX2000 Exciter firmware upgrade is currently required to prevent compatibility issues of certain tags not responding to Exciter

All customers who have EX2000 Excite
rs are required to upgrade the Exciter firmware to DSP223. In addition, if you have Cisco Context Aware Engine for Tags (CLE), you are required to upgrade the CLE to version or above.

Please refer to article #2178 on http://support.aeroscout.com for complete details. You can also reply to this email or call us at U.S. +1-877-AERO-555 (or +1-650-292-4953), EMEA & APAC +49-302-5555-

Determining the Exciter model can be done by one of the following met
a. The label on the back of the Exciter would say “EX2000” (not “EX2000B”)
b. Open AeroScout System Manager, right-click on the Exciter icon and select “Get Status” from the menu. For the EX2000, the HW version would be

If you have any further questions, please do not hesitate to contact AeroScout Technical Support at: http://support.aeroscout.com, U.S. +1-877-AERO-555 (or +1-650-292-4953), EMEA & APAC +49-302-5555-094.

Cisco has pulled the release notes for WLC version


Coincidence? Could this be due to the Vocera bug or just an oversight by a webmaster? The code is still available for download and it’s still listed on the AssureWave site (hah!) – just no release notes…

SQL Injection Vulnerability in Cisco WCS

Cisco Wireless Control System (WCS) contains a SQL injection vulnerability that could allow an authenticated attacker full access to the vulnerable device, including modification of system configuration; create, modify and delete users; or modify the configuration of wireless devices managed by WCS.

This has been fixed in version
More details at:

Planning your CleanAir refresh?

Read these and discuss it with your AM to make sure you’re getting the best price you can!



Making the Cisco IOS DHCP server useful

Yay for learning! Two of the features that I was under the impression were missing from an IOS based DHCP server are infact present:

1) The ability to ping clients prior to handing out an address:
Router(config)# ip dhcp ping packets 5
Specifies the number of ping packets the DHCP server sends to a pool address before assigning the address to a requesting client.

Router(config)# ip dhcp ping timeout 850
Specifies the amount of time the DHCP server waits for a ping reply from an address pool.

2) The ability to retain a DHCP leases table across reboots:
Router(config)#ip dhcp database flash:router-dhcp write-delay 60 timeout 10
Configure DHCP database location on a physical storage medium, this prevents the router from loosing all of it’s lease data after a reboot. By default, the router maintains the dhcp bindings in NVRAM.