When I asked a few Cisco Wireless Consulting Systems Engineers if they’d ever

trust a controller’s default config for any time of AP deployment beyond 1 or 2
AP’s the typical answer (when they stopped laughing) was <expletive> NO.
Of course I anticipated that answer and was prepared with a follow up: Okay
what would you change? Now the answers to that were harder to get. Most said
“well there’s too many variables,” or “every deployment is different.”
I was ready for that response, too. What’s the same with ALL deployments?
Here’s a brief transcript:
Them: Is there VoIP clients?
Me: Let’s assume no, for now.
Them: What about 802.11b?
Me: No support.
Them: What about legacy devices?
Me: Nope. No legacy devices.
Them: What deployment style?
Me: Let’s use the 80/20 rule. 80% of deployments will be pervasive wireless network
in common open environments where AP’s are deployed approximately 60ft-80ft or
coverage areas of 3000-5000 sq/ft per AP. Let’s not focus on the interesting things
that come with warehouses or outdoor environments.
Then I got answers. Here’s a consolidation of their suggestions. It’s 3 simple
steps.
BEFORE YOU ATTEMPT THIS:

 Your radios will be brought down during this procedure!

 Know before you go: If you aren’t sure what something will do, it may be
better to not do it until you do!

NOTE: Most of these screenshots were taken from AireOS controller code 7.2 or
7.4. All of these suggestions are applicable for 7.5 and 7.6.
Step 1: Tune Each SSID

 Click on the WLANs tab at the top of the page. This will show your SSID’s.

 You select an SSID by clicking on the blue WLAN ID number to the left of
the Profile Name.

(TKIP does not support 11n data rates. Do NOT just select everything. Do not enable for WLANs with latency sensitive clients such as VOIP clients. something doesn’t work that needs to when it’s disabled) make sure you use WPA + TKIP and WPA2 + AES. off by default. it is off by default.  Make sure that WPA2 with AES encryption is selected. Now click on Security. . Only AES!)  If you must support WPA (like.  Turn on BandSelect.  Now click on Advanced  Turn on Load Balancing. Not necessary for WLANs with latency sensitive clients such as VOIP clients.

11b/g/n)  Click the WIRELESS top tab  Click the BOLD 802. Sometimes you may need to turn this off for troubleshooting. A client must at least have the ability to do the mandatory data rates. 5.  Everything else change to supported.5. 9 and 11. Step 2: Tune the RF settings  First.11b/g/n Network Left Hand Tab  Disable Network Status  Disable 1.4 GHz (802. in 2. This way no 11b data rates are supported. 6.  Some notes on this tab:  AAA Override will allow ISE (or another RADIUS server that supports it) to change VLAN or QoS queue based on authentication. 2. 60 seconds is good Timeout Value to set. .  Client Exclusion is a nice security feature to protect against duplicate IP’s or brute force attacks.  Change 12 to mandatory. A note about mandatory data rates: Lowest is where management frames are sent out. Highest one is where multicast/broadcast frames are sent out.

11b/g/n radio under the 802.11b/g/n click onRRM > Dynamic Channel Assignment (DCA)  Check Avoid Persistent Non-WiFi Interference  Check EDRRM  Within 802.11b/g/n click on CleanAir  Enable CleanAir (this MAY already be checked)  Re-Enable the 802.It is the client device responsibility to determine WHEN to roam and which AP to roam TO. A client will NEVER even try to roam until it reaches the LOWEST mandatory data rate!  Within 802.11b/g/n > Network left hand tab .

11a/n/ac)  Up top click on Wireless.  o Interference Optimal Mode (TPCv2) will optimize the radio adjust power levels to detect and overcome external interference the AP discovers.11a Network Status to disable it as we will be making changes that required it to be turned off  Disable 6 Mbps  Disable 9 Mbps  Ensure 12 Mbps is Mandatory  Ensure 24 Mbps is Mandatory  Other data rates are Supported  Within 802.11a/n/ac. then select Network. next on the left click on the Bold 802.  Uncheck 802. Now for the RF settings in 5 GHz (802. .  o Coverage Optimal Mode (TPCv1) will optimize the radio to adjust power transmit level based on neighboring AP’s it discovers.11a/n/ac click on RRM > Tx Power Control (TPC)  You have two options for RRM (Remote Radio Management).

11a/n/ac click on CleanAir . https://supportforums.com/docs/DOC-1373  If the signal strength isn’t good enough across the entire network you can manually bump up the Power Threshold to -67 or more a little at a time. TCPv2 is discouraged unless you have advance understanding of networking.  o You can only have one Mode selected.  o If you are interesting in using TPCv2 here is a link on a helpful document and WLC Configuration Analyzer tool.11a/n/ac click on RRM > Dynamic Channel Assignment (DCA) and Event Driven RRM (EDRRM)  Check Avoid Persistence Non-WiFi Interference  Channel Width to 40 MHz  If you have the 802. until RRM is properly tuned.  Within 802.cisco. This will also auto tune the 802.  Enable Event Driven RRM  Within 802. TPCv1 is the recommended mode to select.11n radios to 40 Mhz.11ac module you can select Channel Width to 80 Mhz.

WiFi Invalid Channel  Re-Enable the 802. . WiFi Inverted. Tag number default is typically preferred.1p.  Under the 802.11a/n/ac tab click on CleanAir  Top checkbox.11a/n/ac radio under the 802. Enable CleanAir  On Interferers to Detect add all  On Trap on these types under For Security Alarms add Jammer. under Wired QoS Protocol Protocol Type select 802. then QoS Left Hand Tab  For each QoS Profile.11a/n/ac > Network left hand tab Step 3: Tune QoS  Click on the Wireless top tab.

 Campus Wireless LAN Technology Design Guide – April 2014 (PDF – 20. For an exhaustive list. it serves as a starting point for just about any deployment style.And that’s it! Where this is not an exhaustive tuning guide. Here’s a few other resources that may help.4 MB) . web on over to Wireless LAN Controller (WLC) Configuration Best Practices.9 MB)  Cisco CleanAir Technology Design Guide – April 2014(PDF – 13.8 MB)  Cisco Prime Infrastructure Technology Design Guide – April 2014 (PDF – 3.