Thursday, November 27, 2025

Cisco AP Modes


Cisco APs can operate in one of the following modes, depending on how they are

configured:

 Local: This default lightweight mode offers one or more functioning BSSs on a specific

channel. During times that it is not transmitting, the AP will scan the other channels

to measure the level of noise, measure interference, discover rogue devices, and match

against wireless intrusion detection system (WIDS) events.

 Monitor: The AP does not transmit at all, but its receiver is enabled to act as a dedicated

sensor. The AP checks for IDS events, detects rogue access points, and determines

the position of stations through location-based services.

 FlexConnect: An AP at a remote site can locally switch traffic between an SSID and a

VLAN if its CAPWAP tunnel to the WLC is down and if it is configured to do so.


 Sniffer: An AP dedicates its radios to receiving 802.11 traffic from other sources,

much like a sniffer or packet capture device. The captured traffic is then forwarded to

a PC running network analyzer software such as WireShark, where it can be analyzed

further.

 Rogue detector: An AP dedicates itself to detecting rogue devices by correlating

MAC addresses heard on the wired network with those heard over the air. Rogue

devices are those that appear on both networks.

 Bridge: An AP becomes a dedicated bridge (point-to-point or point-to-multipoint)

between two networks. Two APs in bridge mode can be used to link two locations

separated by a distance. Multiple APs in bridge mode can form an indoor or outdoor

mesh network.

 Flex+Bridge: FlexConnect operation is enabled on a mesh AP.

 SE-Connect: The AP dedicates its radios to spectrum analysis on all wireless channels.

You can remotely connect a PC running software such as MetaGeek Chanalyzer or

Cisco Spectrum Expert to the AP to collect and analyze the spectrum analysis data to

discover sources of interference.

NOTE Remember that a Cisco AP is normally in local mode when it is providing BSSs and

allowing client devices to associate to wireless LANs. When an AP is configured to operate

in one of the other modes, local mode is disabled.

NOTE Remember that a Cisco AP is normally in local mode when it is providing BSSs and

allowing client devices to associate to wireless LANs. When an AP is configured to operate

in one of the other modes, local mode is disabled.


at
Labels: , , ,

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)

LWAPP (Lightweight Access Point Protocol)

  LWAPP was Cisco’s original tunneling + control protocol used between lightweight APs and a Wireless LAN Controller (WLC) before CAPWAP bec...

  • CCNA Topic 3.6 — VPN Fundamentals
      CCNA Topic 3.6 — VPN Fundamentals Blueprint Verb: Explain the purpose and use of VPNs Mastery Level: Conceptual — understand operation...
  • Cisco AP Modes
    Cisco APs can operate in one of the following modes, depending on how they are configured:  Local: This default lightweight mode offers one...
  • Port Security & Switch Hardening
      Access vs trunk considerations What happens during violations (and WHY) How to read show port-security and show port-security in...