I have created this video showing how to set-up the WiSM without using the Auto LAG commands. I prefer to do it this way as you have more control over the commands you can put on the interface.
There is no sound on the video.
http://www.youtube.com/watch?v=jqz4Ra8eoq0
Wednesday, 30 March 2011
Working with the WCS FTP Server
The details for the FTP server on the WCS are...
User: ftp-user
Password: (wcsrootpassword)
The format to download an IOS to an AAP is
archive download-sw /overwrite ftp://ftp-user:password@10.10.210.6/filename.tar
User: ftp-user
Password: (wcsrootpassword)
The format to download an IOS to an AAP is
archive download-sw /overwrite ftp://ftp-user:password@10.10.210.6/filename.tar
Thursday, 24 March 2011
Local EAP and Radius EAP - Network User
I used to believe that when you use Local Radius you must not have an External Radius server configured as the External Radius is always preferred. Well this can be true, but it depends on the settings on the Radius server setup.
If you have the "Network User" box ticked on the Radius server configuration. This becomes the default Radius server for all AAA authentication. You need to have "Network User" selected if you set up AP Policies and want the AP's authenticated against AAA as there is nowhere to configure a specific server.
Where you can specify a server, such as 802.1x authentication within a WLAN, there is no need to have "Network User" selected and Local Radius and External Radius can work in harmony!
If you have the "Network User" box ticked on the Radius server configuration. This becomes the default Radius server for all AAA authentication. You need to have "Network User" selected if you set up AP Policies and want the AP's authenticated against AAA as there is nowhere to configure a specific server.
Where you can specify a server, such as 802.1x authentication within a WLAN, there is no need to have "Network User" selected and Local Radius and External Radius can work in harmony!
Friday, 18 March 2011
AP Policies ACS
AP Policies can be used to have a list of approved AP's. It is also possible to back this off to Radius. Remember to check the MAC address delimiter. Add the MAC address of the AP to ACS with the MAC as the username and password.
Also you must check "Network User" on the Radius server as the server cannot be individually specified.
Also you must check "Network User" on the Radius server as the server cannot be individually specified.
ACS Network Access Profiles
You can use Network Access Profiles in ACS to either grant or deny access based on various attributes. This example denies users from SSID "Sec1" and a particular OUI from accessing the network. You can use various attributes so its worth learning what the main ones are.
You can also use this to allow authentication based on certain attributes and deny others.
You can also use this to allow authentication based on certain attributes and deny others.
LDAP Authenticated Bind
You can bind to an LDAP server for local authentication. Authenticated bind is possible and easier as you dont need to make changes to the AD for anonymous bind.
Monday, 14 March 2011
Per User QoS Roles Bug
There appears to be a bug when entering the values for per user bandwidth roles on the WLC in 4.2.
If I enter the values 40,40,50,50 in that order to specift the standard traffic and UDP traffic values, I get the following after I click apply.
You see, they are not in the order I applied them. This workaround appears to be to enter the values in the CLI.
config netuser guest-role create visitor
config netuser guest-role qos data-rate average-data-rate visitor 40
config netuser guest-role qos data-rate burst-data-rate visitor 40
config netuser guest-role qos data-rate average-realtime-rate visitor 50
config netuser guest-role qos data-rate burst-realtime-rate visitor 50
show netuser guest-roles
Role Name........................................ visitor
Average Data Rate........................... 40
Burst Data Rate............................. 40
Average Realtime Rate....................... 50
Burst Realtime Rate......................... 50
If I enter the values 40,40,50,50 in that order to specift the standard traffic and UDP traffic values, I get the following after I click apply.
config netuser guest-role create visitor
config netuser guest-role qos data-rate average-data-rate visitor 40
config netuser guest-role qos data-rate burst-data-rate visitor 40
config netuser guest-role qos data-rate average-realtime-rate visitor 50
config netuser guest-role qos data-rate burst-realtime-rate visitor 50
show netuser guest-roles
Role Name........................................ visitor
Average Data Rate........................... 40
Burst Data Rate............................. 40
Average Realtime Rate....................... 50
Burst Realtime Rate......................... 50
Wednesday, 9 March 2011
CCX Versions and Features
http://www.cisco.com/web/partners/pr46/pr147/program_additional_information_new_release_features.html
MFP (Management frame protection only supported on CCX5 devices)
MFP (Management frame protection only supported on CCX5 devices)
Open with EAP or Network EAP
Jermome did a real good blog on this, but to summarize
OPEN with EAP = Authentication bit set to 0. All EAP methods but LEAP require this.
Network EAP = Authentication bit set to 1. LEAP requires this.
Some Cisco clients such as AP's require both when using a EAP method other than LEAP. This is for legacy reasons.
As only CCX devices can use LEAP, setting the method to Network EAP will allow only CCX devices to connect.
OPEN with EAP = Authentication bit set to 0. All EAP methods but LEAP require this.
Network EAP = Authentication bit set to 1. LEAP requires this.
Some Cisco clients such as AP's require both when using a EAP method other than LEAP. This is for legacy reasons.
As only CCX devices can use LEAP, setting the method to Network EAP will allow only CCX devices to connect.
dot11 arp-cache
This is sometimes knows as "power save mode" and is the highest supported on the 7920 phone. It prevents the AP from forwarding arp requests to clients if it alreeady knows the client, thus saving the wake up time required on the client.
U-APSD is the highest level of power save on the 7921. Although dot11 arp cache should also be enabled.
dot11 arp-cache
Use the dot11 arp-cache global configuration command to enable client ARP caching on the access point. ARP caching on the access point reduces the traffic on your wireless LAN and increases client battery life by stopping ARP requests for client devices at the access point. Instead of forwarding ARP requests to client devices, the access point responds to requests on behalf of associated client devices and drops ARP requests that are not directed to clients associated to the access point. When ARP caching is optional, the access point responds on behalf of clients with IP addresses known to the access point but forwards through its radio port any ARP requests addressed to unknown clients. When the access point knows all the IP addresses for associated clients, it drops any ARP requests not directed to its clients. In its beacon, the access point includes an information element to alert client devices that they can safely ignore broadcast messages to increase battery life.
[no] dot11 arp-cache [optional]
Syntax Description
Defaults
ARP caching is disabled by default.
Command Modes
Global configuration
Command History
Examples
This example shows how to enable ARP caching:
AP(config)# dot11 arp-cache
Tuesday, 8 March 2011
WCS Alarm Removal States
What the different Alarm removal states mean....
- CLEAR : Remove the alarm from the list, but it will stays at the WCS Database.
- DELETE : Forget the alarm. When it happens again, the WCS thinks it’s the first time.
- ACKNOWLEDGE : Yeah, yeah.. I know. Don’t show the alarm again.
- CLEAR : Remove the alarm from the list, but it will stays at the WCS Database.
- DELETE : Forget the alarm. When it happens again, the WCS thinks it’s the first time.
- ACKNOWLEDGE : Yeah, yeah.. I know. Don’t show the alarm again.
Switch Port Best Practice Configs - Work in progress
These are some of the default port configurations I am going to use in the exam. Its a work in progress, so please comment if you disagree or can add to anything.
Default Switch Commands
no ip domain-lookup
port-channel load-balance src-dst-ip
!
mls qos
mls qos map cos-dscp 0 8 16 24 32 46 48 54
mls qos map dscp-cos 46 to 5
mls qos map dscp-cos 24 to 3
!
line con 0
logging syncronous
exec-timeout 0
Switch to Switch Links
!
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (if specified by the question)
switchport trunk allowed vlan x,y,z
priority-queue out (on a 3560 or 2960)
mls qos trust dscp
!
WAN/Internet
ip access-list extended ACL-RTP
permit udp any range 16384 32767 any range 16384 32767
!ip access-list extended ACL-SCCP
permit tcp any any eq 2000
permit tco any eq 2000 any!
class-map MAP-RTP
match access-group name ACL-RTP
!
class-map MAP-SCCP
match access-group name ACL-SCCP
!
policy-map POLICY-VOICE
class MAP-RTP
set dscp ef
class MAP-SCCP
set dscp cs3
!
interface fastethernet x/x
no switchport
ip address x.x.x.x y.y.y.y
service-policy POLICY-VOICE in
priority-queue out
CME
interface fastethernet x/x
switchport mode access
switchport access vlan x
spanning-tree portfast
spanning-tree bpduguard enable
mls qos trust DSCP
priority-queue out
WISM
wism service-vlan z
!
wism module x controller 1 allowed-vlan y,z(this should bring up the LAG)
wism module x controller 1 native-vlan x (i would make this something other than management to maintain qos)
wism module x controller 1 qos-trust cos
!
wism module x controller 2 allowed-vlan y,z
wism module x controller 2 native-vlan x
wism module x controller 2 qos-trust cos
WLC (LAG)
interface fastethernet x/x
channel-group 1 mode on
!
interface port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (again, dont make this the management uless you are told to)
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
spanning-tree bpduguard enable
priority-queue out
mls qos trust cos
WLC (No LAG)
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (if specified by the question)
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
spanning-tree bpduguard enable
priority-queue out
mls qos trust cos
LAP (Local Mode)
interface fastethernet x/x
switchport mode access
switchport access vlan x (always needed for management interface)
spanning-tree portfast
spanning-tree bpduguard enable
priority-queue out
mls qos trust dscp
LAP (H-REAP)
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (always needed for management interface)
switchport trunk allowed vlan x,y,z
priority-queue out
mls qos trust cos
AAP (Multiple VLANs)
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (if specified by the question)
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
spanning-tree bpduguard enable
priority-queue out
mls qos trust cos
AAP (Single VLAN)
interface fastethernet x/x
switchport mode access
switchport access vlan x
spanning-tree portfast
spanning-tree bpduguard enable
priority-queue out
mls qos trust dscp
IP Phone
interface fastethernet x/x
switchport mode access
switchport access vlan x
switchport voice vlan y
spanning-tree portfast
spanning-tree bpduguard enable
priority-queue out
mls qos trust device cisco-phone (cdp required, this detects a cisco phone and applies the configured trust)
mls qos trust cos
Note about "priority queue out"
This is required in the 3560 to turn queue 1 into the expedite (priority) queue. And then, based on default output queue mappings, CoS of 5 gets places into the queue and dealt with first.
The Cat 6500 depending on the module, does not need or support the command as it often has a fixed priority queue, so it may be that simply applying the correct trust state and make sure the maps are correct is enough to deal with voice as priority. I guess it depends on what they are asking.
Notes about SRR/WRR and marking
Default Switch Commands
no ip domain-lookup
port-channel load-balance src-dst-ip
!
mls qos
mls qos map cos-dscp 0 8 16 24 32 46 48 54
mls qos map dscp-cos 46 to 5
mls qos map dscp-cos 24 to 3
!
line con 0
logging syncronous
exec-timeout 0
Switch to Switch Links
!
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (if specified by the question)
switchport trunk allowed vlan x,y,z
priority-queue out (on a 3560 or 2960)
mls qos trust dscp
!
WAN/Internet
ip access-list extended ACL-RTP
permit udp any range 16384 32767 any range 16384 32767
!ip access-list extended ACL-SCCP
permit tcp any any eq 2000
permit tco any eq 2000 any!
class-map MAP-RTP
match access-group name ACL-RTP
!
class-map MAP-SCCP
match access-group name ACL-SCCP
!
policy-map POLICY-VOICE
class MAP-RTP
set dscp ef
class MAP-SCCP
set dscp cs3
!
interface fastethernet x/x
no switchport
ip address x.x.x.x y.y.y.y
service-policy POLICY-VOICE in
priority-queue out
CME
interface fastethernet x/x
switchport mode access
switchport access vlan x
spanning-tree portfast
spanning-tree bpduguard enable
mls qos trust DSCP
priority-queue out
WISM
wism service-vlan z
!
wism module x controller 1 allowed-vlan y,z(this should bring up the LAG)
wism module x controller 1 native-vlan x (i would make this something other than management to maintain qos)
wism module x controller 1 qos-trust cos
!
wism module x controller 2 allowed-vlan y,z
wism module x controller 2 native-vlan x
wism module x controller 2 qos-trust cos
WLC (LAG)
interface fastethernet x/x
channel-group 1 mode on
!
interface port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (again, dont make this the management uless you are told to)
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
spanning-tree bpduguard enable
priority-queue out
mls qos trust cos
WLC (No LAG)
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (if specified by the question)
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
spanning-tree bpduguard enable
priority-queue out
mls qos trust cos
LAP (Local Mode)
interface fastethernet x/x
switchport mode access
switchport access vlan x (always needed for management interface)
spanning-tree portfast
spanning-tree bpduguard enable
priority-queue out
mls qos trust dscp
LAP (H-REAP)
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (always needed for management interface)
switchport trunk allowed vlan x,y,z
priority-queue out
mls qos trust cos
AAP (Multiple VLANs)
interface fastethernet x/x
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan x (if specified by the question)
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
spanning-tree bpduguard enable
priority-queue out
mls qos trust cos
AAP (Single VLAN)
interface fastethernet x/x
switchport mode access
switchport access vlan x
spanning-tree portfast
spanning-tree bpduguard enable
priority-queue out
mls qos trust dscp
IP Phone
interface fastethernet x/x
switchport mode access
switchport access vlan x
switchport voice vlan y
spanning-tree portfast
spanning-tree bpduguard enable
priority-queue out
mls qos trust device cisco-phone (cdp required, this detects a cisco phone and applies the configured trust)
mls qos trust cos
Note about "priority queue out"
This is required in the 3560 to turn queue 1 into the expedite (priority) queue. And then, based on default output queue mappings, CoS of 5 gets places into the queue and dealt with first.
The Cat 6500 depending on the module, does not need or support the command as it often has a fixed priority queue, so it may be that simply applying the correct trust state and make sure the maps are correct is enough to deal with voice as priority. I guess it depends on what they are asking.
Notes about SRR/WRR and marking
When looking at QoS configurations for switchports, there are several things to keep in mind. I'll address two here. First, when you configure "mls qos," that automatically enables SRR or WRR on the ports with the default percentages and thresholds. Additional configurations of SRR or WRR would be used to change the defaults.
For the individual interface trust configurations, remember that if the port is an access port, there will not be any CoS markings in the frame to trust. On a trunk port, you would generally trust CoS (if you need to trust anything.) However, as mentioned, you normally want to trust DSCP on trunks between switches. The reason is that the frames have already had their CoS-DSCP mappings on ingress to the switch. Thus, they have an appropriate DSCP marking that you have already determined. Let's say that you are trusting an end device's DSCP markings. And, let's say that they send a packet with DSCP AF31. On egress (with the default map,) that will be mapped to CoS 3. On ingress, if you trust CoS, that will be remarked to DSCP CS3. Thus, your trust of the end device marking is negated by trusting CoS on the trunk.
Monday, 7 March 2011
WCS Radius and TACACS Management
TACACS
Create custom attribute in Interface settings and populate in user or groups with roles copied from WCS Groups. These can be edited for exact requirements but must be numbered sequentially.
RADIUS
Create custom attribute in Interface settings and populate in user or groups with roles copied from WCS Groups. These can be edited for exact requirements but must be numbered sequentially.
RADIUS
Friday, 4 March 2011
Airspace Attributes ACS
Check the Aire-Interface-Name and assign a name with THE SAME as the WLC Interface you created.. It’s case sensitive.
Submit & Restart.
Submit & Restart.
IETF Radius Attributes VLAN Assignment
Make sure that allow aaa override is checked at the WLAN config.
Wednesday, 2 March 2011
Creating and Installing Device Certs using Windows CA
Use this method to stop the annoying security alert when logging into HTTPS to manage the WLC's.
Install openssl0_9_8 on a Windows 2000/XP PC
Navigate to C:\OpenSSL\bin
Need to create the Cert request on behalf of the WLC. This creates the private "mykey.pem" and request "myreq.pem". Fill in information and put the WLC hostname as the CN. Remember the password!
OpenSSL> req -new -newkey rsa:1024 -nodes -keyout mykey.pem -out myreq.pem
Open myreq.pem in wordpad and copy
Goto https://ca_servert/certcrv and login as administrator
Request a Certificate
Advanced Request
Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
Paste the request and select Template Web Server
Download cert in Base 64 Format, save to open SSL folder as certnew.cer
Run the next command to merge the cert with the private key file
OpenSSL> pkcs12 -export -in certnew.cer -inkey mykey.pem -out finalcert.p12 -clcerts -passin pass:cisco -passout pass:cisco
You then need to convert thr p12 file into a pem file for the controller
OpenSSL> pkcs12 -in finalcert.p12 -out final.pem -passin pass:cisco -passout pass:cisco
The cert is now created, need to upload it to the controller type webadmincert and dont forget to add a DNS entry for the hostname!
The same process can also be used for adding device certs for Local EAP. You will also require the CA Cert to be installed on the controller.
Request the CA cert and download in DER format. Then convert to PEM
OpenSSL> x509 -in rootca.cer -inform DER -out rootca.pem -outform PEM
Install openssl0_9_8 on a Windows 2000/XP PC
Navigate to C:\OpenSSL\bin
Need to create the Cert request on behalf of the WLC. This creates the private "mykey.pem" and request "myreq.pem". Fill in information and put the WLC hostname as the CN. Remember the password!
OpenSSL> req -new -newkey rsa:1024 -nodes -keyout mykey.pem -out myreq.pem
Open myreq.pem in wordpad and copy
Goto https://ca_servert/certcrv and login as administrator
Request a Certificate
Advanced Request
Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
Paste the request and select Template Web Server
Download cert in Base 64 Format, save to open SSL folder as certnew.cer
Run the next command to merge the cert with the private key file
OpenSSL> pkcs12 -export -in certnew.cer -inkey mykey.pem -out finalcert.p12 -clcerts -passin pass:cisco -passout pass:cisco
You then need to convert thr p12 file into a pem file for the controller
OpenSSL> pkcs12 -in finalcert.p12 -out final.pem -passin pass:cisco -passout pass:cisco
The cert is now created, need to upload it to the controller type webadmincert and dont forget to add a DNS entry for the hostname!
The same process can also be used for adding device certs for Local EAP. You will also require the CA Cert to be installed on the controller.
Request the CA cert and download in DER format. Then convert to PEM
OpenSSL> x509 -in rootca.cer -inform DER -out rootca.pem -outform PEM
Tuesday, 1 March 2011
Coverage Hole Algorithm
Client SNR Cutoff Value (|dB|) = [AP Transmit Power (dBm) – Constant (17 dBm) – Coverage Profile (dB)]
Normally you would be given the SNR value that you want the algorithm triggered on. Lets say that you are asked to increase the power of the AP, should the client SNR fall below 20dB SNR. You also need the current power level. 17 in this case (Power level 2 FCC)
19=17-17-x
x=- -19.
So the Coverage Profile should be 19
Normally you would be given the SNR value that you want the algorithm triggered on. Lets say that you are asked to increase the power of the AP, should the client SNR fall below 20dB SNR. You also need the current power level. 17 in this case (Power level 2 FCC)
19=17-17-x
x=- -19.
So the Coverage Profile should be 19
FCC Regulations and Channels
FCC 2.4 GHz BAND RULES (POINT-TO-MULTIPOINT)
Maximum = +36dBm (4watts)
Maximum Power from Intentional Radiator *1 | Maximum Antenna Gain (dBi) | EIRP (dBm) | EIRP (watts) |
30dBm or 1 watt | 6 | 36 | 4 |
27dBm or 500mW | 9 | 36 | 4 |
24dBm or 250mW | 12 | 36 | 4 |
21dBm or 125mW | 15 | 36 | 4 |
18dBm or 63mW | 18 | 36 | 4 |
15dBm or 32mW | 21 | 36 | 4 |
12dBm or 16mW | 24 | 36 | 4 |
*1 The FCC terminology of Intentional Radiator is the transmitter power of the wireless equipment, such as a wireless access point, router or bridge.
FCC 2.4 GHz BAND RULES (POINT-TO-POINT)
Maximum = See FCC Special Rule *2
Maximum Power from Intentional Radiator *1 | Maximum Antenna Gain (dBi) | EIRP (dBm) *3 | EIRP (watts) *3 |
30dBm or 1 watt | 6 | 36 | 4 |
29dBm or 800mW | 9 | 38 | 6.3 |
28dBm or 630mW | 12 | 40 | 10 |
27dBm or 500mW | 15 | 42 | 16 |
26dBm or 400mW | 18 | 44 | 25 |
25dBm or 316mW | 21 | 46 | 39.8 |
24dBm or 250mW | 24 | 48 | 63 |
23dBm or 200mW | 27 | 50 | 100 |
22dBm or 160mW | 30 | 52 | 158 |
*1 The FCC terminology of Intentional Radiator is the transmitter power of the wireless equipment, such as a wireless access point, router or bridge.
*2 The FCC ruling states that for every 1dBi the Intentional Radiator is reduced below the initial 30dBm that the antenna gain may be increased from the initial 6dBi by 3dB.
*3 Equivalent Isotropically Radiated Power (EIRP) is terminology for the total RF power radiated by the antenna.
FCC 5 GHz BANDS AND RULES
BAND | Frequency (GHz) | Channels | Permitted Use Location | Point-to-Point Max. Intentional Radiator Power *1 | Point-to-Point Maximum EIRP *2 | Point-to-MultiPoint Intentional Radiator Power *1 | Point-to-MultiPoint Maximum EIRP *2 |
UNII (Low) | 5.15-5.25 | 36, 40, 44, 48 | Indoor Only | 40mW 16dBm | 160mw 22dBm | 40mW 16dBm *4 | 160mW 22dBm |
UNII-2 (Middle) | 5.25-5.35 | 52, 56, 60, 64 | Indoor or Outdoor | 200mW 23dBm | 800mW 29dBm | 200mW 23dBm *4 | 800mW 29dBm |
UNII-2 Extended | 5.470-5.725 | 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140 | Indoor or Outdoor | 200mW 23dBm | 800mW 29dBm | 200mW 23dBm *4 | 800mW 29dBm |
UNII-3 (Upper) | 5.725-5.825 | 149 to 161 | Typical Outdoor | Antenna to 23dBi *3 | 200 watts | 800mW 29dBm *4 | 3200mW 35dBm |
*1 The FCC terminology of Intentional Radiator is the transmitter power of the wireless equipment, such as a wireless access point, router or bridge.
*2 Equivalent Isotropically Radiated Power (EIRP) is terminology for the total RF power radiated by the antenna.
*3 Fixed point-to-point in the UNII-3 band may utilize directional antennas up to 23dBi gain without any corresponding reduction of the Intentional Radiator's RF output power. If antennas higher than 23dBi gain are utilized, a reduction of 1 dB is required for every 1 dB increase in the antenna gain above 23dBi.
*4 The FCC point to multipoint rule is the maximum power from the intentional radiator + maximum antenna gain of 6 dBi. For every 1 dB gain over 6 dB the power of the intentional radiator must be reduced by 1 dB.
*5 FCC Part 15.407 defines the power limits. For example, in the 5.15-5.25 GHz band the maximum conducted output power over the frequency band of operation shall not exceed the lesser of 50 mW or 4 dBm + 10 log B, where B is the 26-dB emission bandwidth in MHz. In addition, the peak power spectral density shall not exceed 4 dBm in any 1-MHz band. We have shown the lesser amount of 40mW as the IEEE documents have done. We have applied the same concept to the other bands.
Subscribe to:
Posts (Atom)