Ascom Interoperability On Cisco WLC - 8
Ascom Interoperability On Cisco WLC - 8
Ascom Interoperability On Cisco WLC - 8
Cisco WLC
WLC controller platform
Cisco WLC v. 8.10.105
Ascom i63 v. 1.0.8
Morrisville, NC, USA
Feb 2020
Contents
Introduction..................................................................................................................................................... 3
About Ascom................................................................................................................................................................. 3
Participants .................................................................................................................................................................... 4
Verification topology................................................................................................................................................... 4
Summary ......................................................................................................................................................... 5
Ascom is a global solutions provider focused on healthcare ICT and mobile workflow solutions. The vision of
Ascom is to close digital information gaps allowing for the best possible decisions – anytime and anywhere.
Ascom’s mission is to provide mission-critical, real-time solutions for highly mobile, ad hoc, and time-sensitive
environments. Ascom uses its unique product and solutions portfolio and software architecture capabilities to
devise integration and mobilization solutions that provide truly smooth, complete and efficient workflows for
healthcare as well as for industry, security and retail sectors.
Ascom is headquartered in Baar (Switzerland), has operating businesses in 18 countries and employs around 1,300
people worldwide. Ascom registered shares (ASCN) are listed on the SIX Swiss Exchange in Zurich.
Cisco (NASDAQ: CSCO) is the worldwide technology leader that has been making the Internet work since 1984.
Our people, products and partners help society securely connect and seize tomorrow's digital opportunity today.
Discover more at thenetwork.cisco.com and follow us on Twitter at @Cisco.
Ascom US
300 Perimeter park drive
Morrisville, NC, US-27560
USA
The Ascom interoperability verification produced very good results with regards to authentication, stability and
roaming.
A full validation test was performed towards AP 9120 and 9130. A less extensive regression test has been
performed towards the already certified AP models AP 3702, 4800, 9117
One Access point model from every product generation has been selected as a representation (3702, 3802, 4800,
9117, 9120 and 9130). By testing these access points we are considered cover all supported major Cisco access
points based on chipset compatibility listed below
AP1832, 1852
AP2802, 3802
AP 4800
Cisco Wireless Controllers for High Availability for Cisco 3504 WLC, Cisco 5520 WLC, and Cisco 8540 WLC.
PMKSA Caching OK
WMM Prioritization OK
802.11e U-APSD OK
Roaming, PEAP-MSCHAPv2 Auth, AES Encryption, 802.11r/FT OK Typical roaming time 25-40ms
Average roaming times are measured using 802.11a/n. Refer to Appendix B for detailed test results
Disable Protected
Management Frames in the
Call Admission Control not working in conjunction with 802.11w WH2-2363
Cisco WLC if CAC is being
(Protected Management Frames)
used
For additional information regarding the known limitations please contact interop@ascom.com or
support@ascom.com.
In the following chapter you will find screenshots and explanations of basic settings in order to get a Cisco WLC
WLAN system to operate with an Ascom i63. Please note that security settings were modified according to
requirements in individual test cases.
- It is strongly recommended to use Fast Transition (802.11r) for enhanced roaming performance
- Select both PSK and FT PSK for compatibility with i62 and Myco 1 & 2 on the same SSID.
Note. 802.11r is not supported by Ascom i62 and Myco 1 & 2 but the devices have no problem operating on a SSIDs
were 802.11r (FT) is advertised in conjunction with a legacy method.
Configuration of authentication using external Radius server, 802.1X (Step 1). In this example is WPA2-AES used.
Select 802.1X as Authentication Key Management.
- It is strongly recommended to use Fast Transition (802.11r) for enhanced roaming performance
- Select both 802.1X and FT 802.1X for compatibility with i62 and Myco 1 and 2 on the same SSID.
In cases were i62 and Myco 1 & 2 using CCKM, select both CCKM and FT 802.1X for compatibility.
Note. 802.11r is not supported by Ascom i62 and Myco 1 & 2 but the devices have no problem operating
on a SSIDs were 802.11r (FT) is advertised in conjunction with a legacy method.
Note. Depending on authentication method used it might be necessary to add a certificate into the i63. PEAP-
MSCHAPv2 requires a CA certificate and EAP-TLS requires both a CA certificate and a client certificate.
- Coverage Hole Detection can be left enabled if RRM is used in the system.
- Make sure Client Load Balancing and Client Band select is disabled.
- 11v BSS Transition Support is not supported by Ascom i63 but can be left enabled per default
configuration.
Note for mixed device installation. Ascom i62 and Myco 1 & 2 do not support 11k but have no problem operating on
an SSID were these settings are enabled. (Assuming i62 version 6.0.0 and later)
Ascom recommended settings for 802.11b/g/n are to only use channel 1, 6 and 11. For 802.11a/n/ac use channels
according to the infrastructure manufacturer, country regulations and per guidelines below.
Note that Tx power level and channel was manually set for test purpose.
1. For environments not utilizing 802.11k Neighbor Report - Enabling more than 8 channels will degrade
roaming performance. (In situations where UNII1 and UNII3 are used, a maximum of 9 enabled
channels can be allowed) Ascom does not recommend exceeding this limit unless 802.11k is in use.
2. Ascom do support and can coexist in 80MHz channel bonding environments. The recommendations is
however to avoid 80 MHz channel bonding as it severely reduces the number of available non
overlapping channels.
3. Make sure that all non-DFS channel are taken before resorting to DFS channels. The handset can cope
in mixed non-DFS and DFS environments; however, due to “unpredictability” introduced by radar
detection protocols, voice quality may become distorted and roaming delayed. Hence Ascom
recommends if possible avoiding the use of DFS channels in VoWIFI deployments.
As Ascom i63 do support Channel Switch Announcement it’s recommended to have this setting enabled in the
system (only applicable when DFS channels are used)
Follow the recommendations “General guidelines when deploying Ascom i63 handsets in 802.11a/n/ac
environments“
The default data rate set will work fine, however for optimization Ascom recommends disabling the lowest data
rates and have 12Mbps as lowest mandatory rate.
Make sure Low Latency MAC is disabled. (Both 802.11a/n/ac and 802.11b/g/n)
Note. Using EDCA Profile “WMM” is acceptable but “Voice Optimized” is to prefer when voice clients are present in
the system.
Note. Make sure that the enabled channels in the i63 handset match the channel plan used in the system.
Note. FCC is no longer allowing 802.11d to determine regulatory domain. Devices deployed in USA must set
Regulatory domain to “USA”.
802.1X Authentication requires a CA certificate to be uploaded to the phone by “right clicking” - > Edit certificates.
EAP-TLS will require both a CA and a client certificate.
Note that both a CA and a client certificate are needed for TLS. Otherwise only a CA certificate is needed. Server
certificate validation can be overridden in version 4.1.12 and above per handset setting.
Fail 2
Comments 3
Not verified 1
Total 26
Refer to the verification specification for explicit information regarding each verification case.
The specification can be found here (requires login):
https://www.ascom-ws.com/AscomPartnerWeb/en/startpage/Sales-tools/Interoperability/Templates/
Document History