5-14
Cisco Wireless LAN Controller Configuration Guide
OL-9141-03
Chapter 5 Configuring Security Solutions
Configuring Management Frame Protection
•
Event reporting
—The access point notifies the controller when it detects an anomaly, and the
controller aggregates the received anomaly events and can report the results through SNMP traps to
alert the network manager.
You can globally configure MFP on a controller. When you do so, management frame protection and
validation are enabled by default for each joined access point, and access point authentication is
automatically disabled. Once MFP is globally enabled on a controller, you can disable and re-enable it
for individual WLANs and access points.
Note
Access points support MFP in local and monitor modes and in REAP and H-REAP modes when the
access point is connected to a controller.
You can configure MFP through either the GUI or the CLI.
Using the GUI to Configure MFP
Follow these steps to configure MFP using the controller GUI.
Step 1
Click
Security
and then
AP Authentication/MFP
under Wireless Protection Policies. The AP
Authentication Policy page appears (see
Figure 5-6
).
Figure 5-6
AP Authentication Policy Page
Step 2
To enable MFP globally for the controller, choose
Management Frame
Protection
from the Protection
Type drop-down box.
Step 3
Click
Apply
to commit your changes.