Cisco 8821, 8821-EX User Manual

Cisco Wireless IP Phone 8821 and 8821-EX

Wireless LAN Deployment Guide

The Cisco Wireless IP Phone 8821 and 8821-EX are adaptable for all mobile professionals, from users on the move within an office environment to nurses and doctors in a healthcare environment to associates working in the warehouse, on the sales floor, or in a call center. Staff, nurses, doctors, educators, and IT personnel can be easily reached when mobile.

This guide provides information and guidance to help the network administrator deploy the Cisco Wireless IP Phone 8821 and 8821-EX in a wireless LAN environment.

Revision History

Date	Comments
08/13/14	10.2(1) Release
08/17/16	11.0(2) Release

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	2

Contents
Cisco Wireless IP Phone 8821 and 8821-EX Overview .........................................................................................................................	6
Phone Models..........................................................................................................................................................................................	6
Requirements...........................................................................................................................................................................................	6
Site Survey ..........................................................................................................................................................................................	7
Call Control.........................................................................................................................................................................................	8
Wireless LAN .....................................................................................................................................................................................	8
Protocols ...............................................................................................................................................................................................	12
Wi-Fi .....................................................................................................................................................................................................	12
Regulatory.........................................................................................................................................................................................	15
Bluetooth ...............................................................................................................................................................................................	16
Languages .............................................................................................................................................................................................	17
8821-EX Certifications .........................................................................................................................................................................	17
Cleaning ................................................................................................................................................................................................	18
Accessories............................................................................................................................................................................................	19
Wireless LAN Design ..............................................................................................................................................................................	20
802.11 Network .....................................................................................................................................................................................	20
5 GHz (802.11a/n/ac)........................................................................................................................................................................	20
2.4 GHz (802.11b/g/n) ......................................................................................................................................................................	22
Signal Strength and Coverage...........................................................................................................................................................	23
Data Rates .........................................................................................................................................................................................	25
Rugged Environments.......................................................................................................................................................................	26
Security..................................................................................................................................................................................................	28
Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST)................................................	29
Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) ...................................................................................	30
Protected Extensible Authentication Protocol (PEAP).....................................................................................................................	32
EAP and User Database Compatibility.............................................................................................................................................	32
Quality of Service (QoS) .......................................................................................................................................................................	33
Call Admission Control (CAC) ........................................................................................................................................................	33
Traffic Classification (TCLAS) ........................................................................................................................................................	34
QoS Basic Service Set (QBSS).........................................................................................................................................................	34
Wired QoS ........................................................................................................................................................................................	35
Roaming ................................................................................................................................................................................................	36
Fast Secure Roaming (FSR)..............................................................................................................................................................	36
Interband Roaming............................................................................................................................................................................	37
Scanning............................................................................................................................................................................................	38
Power Management ..............................................................................................................................................................................	38
Call Capacity ........................................................................................................................................................................................	39
Multicast................................................................................................................................................................................................	39
Configuring the Cisco Wireless LAN ....................................................................................................................................................	40
Cisco Wireless LAN Controller and Lightweight Access Points ..........................................................................................................	40
802.11 Network Settings...................................................................................................................................................................	41
WLAN Settings.................................................................................................................................................................................	51
Controller Settings ............................................................................................................................................................................	56
Call Admission Control (CAC) ........................................................................................................................................................	58
Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide
	3

RF Profiles ........................................................................................................................................................................................	61
FlexConnect Groups .........................................................................................................................................................................	63
Multicast Direct ................................................................................................................................................................................	63
QoS Profiles ......................................................................................................................................................................................	64
Advanced Settings ............................................................................................................................................................................	68
Cisco Meraki Access Points ..................................................................................................................................................................	71
Creating the Wireless Network .........................................................................................................................................................	71
SSID Configuration ..........................................................................................................................................................................	73
Radio Settings ...................................................................................................................................................................................	77
Traffic Shaping .................................................................................................................................................................................	78
Monitoring Clients ............................................................................................................................................................................	79
Cisco Autonomous Access Points .........................................................................................................................................................	80
802.11 Network Settings...................................................................................................................................................................	80
WLAN Settings.................................................................................................................................................................................	84
Call Admission Control (CAC) ........................................................................................................................................................	94
QoS Policies......................................................................................................................................................................................	95
Power Management ..........................................................................................................................................................................	98
Advanced Settings ............................................................................................................................................................................	99
Cisco Autonomous Access Point Sample Configuration..................................................................................................................	99
Configuring Cisco Call Control ...........................................................................................................................................................	104
Cisco Unified Communications Manager ...........................................................................................................................................	104
Device Pools ...................................................................................................................................................................................	104
Phone Button Templates .................................................................................................................................................................	105
Security Profiles..............................................................................................................................................................................	105
SIP Profiles .....................................................................................................................................................................................	107
Common Settings............................................................................................................................................................................	107
QoS Parameters...............................................................................................................................................................................	107
G.722 and iSAC Advertisement .....................................................................................................................................................	108
Audio Bit Rates...............................................................................................................................................................................	108
Wireless LAN Profiles ....................................................................................................................................................................	109
Cisco Unified Communications Manager Express .............................................................................................................................	118
Product Specific Configuration Options .............................................................................................................................................	122
Configuring the Cisco Wireless IP Phone 8821 and 8821-EX...........................................................................................................	132
Wi-Fi Profile Configuration................................................................................................................................................................	132
Automatic Provisioning ..................................................................................................................................................................	132
Local User Interface........................................................................................................................................................................	133
Admin Webpage .............................................................................................................................................................................	141
Certificate Management......................................................................................................................................................................	144
Manual Installation .........................................................................................................................................................................	144
Simple Certificate Enrollment Protocol (SCEP).............................................................................................................................	147
Certificate Removal ........................................................................................................................................................................	180
Bluetooth Settings ...............................................................................................................................................................................	180
Upgrading Firmware ..........................................................................................................................................................................	182
Troubleshooting.....................................................................................................................................................................................	183
WLAN Signal Indicator .......................................................................................................................................................................	183
Neighbor List.......................................................................................................................................................................................	184
WLAN Statistics...................................................................................................................................................................................	184
Call Statistics ......................................................................................................................................................................................	185
Status Messages ..................................................................................................................................................................................	185
Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide
	4

WLAN Diagnostics ..............................................................................................................................................................................	186
Restoring Factory Defaults .................................................................................................................................................................	187
Phone Webpages .................................................................................................................................................................................	188
Device Information .........................................................................................................................................................................	188
Network Setup ................................................................................................................................................................................	189
Streaming Statistics.........................................................................................................................................................................	190
Device Logs ....................................................................................................................................................................................	191
Capturing a Screenshot of the Phone Display ....................................................................................................................................	193
Additional Documentation ...................................................................................................................................................................	194

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	5

Cisco Wireless IP Phone 8821 and 8821-EX Overview

The Cisco Wireless IP Phone 8821 and 8821-EX are the platforms that provide collaboration within enterprises. It brings together the capabilities of Cisco Unified Communication applications, building upon the solid foundations of Cisco Unified Communications devices, both wired and wireless.

Cisco’s implementation of 802.11 permits time sensitive applications such as voice and video to operate efficiently across campus wide wireless LAN (WLAN) deployments. These extensions provide fast roaming capabilities and an almost seamless flow of multimedia traffic, whilst maintaining security as the end user roams between access points.

It should be understood that WLAN uses unlicensed spectrum, and as a result it may experience interference from other devices using the unlicensed spectrum. The proliferation of devices in the 2.4 GHz spectrum, such as Bluetooth headsets, Microwave ovens, cordless consumer phones, means that the 2.4 GHz spectrum may contain more congestion than other spectrums. The 5 GHz spectrum has far fewer devices operating in this spectrum and is the preferred spectrum to operate the Cisco Wireless IP Phone 8821 and 8821-EX in order to take advantage of the 802.11a/n/ac data rates available.

Despite the optimizations that Cisco has implemented in the Cisco Wireless IP Phone 8821 and 8821-EX, the use of unlicensed spectrum means that uninterrupted communication can not be guaranteed, and there may be the possibility of voice gaps of up to several seconds during conversations. Adherence to these deployment guidelines will reduce the likelihood of these voice gaps being present, but there is always this possibility.

Through the use of unlicensed spectrum, and the inability to guarantee the delivery of messages to a WLAN device, the Cisco Wireless IP Phone 8821 and 8821-EX is not intended to be used as a medical device and should not be used to make clinical decisions.

Phone Models

The following Cisco Wireless IP Phone 8821 and 8821-EX models are available.

Below outlines the modes, frequency ranges and channels supported by each model.

Part Number	Description	Peak Antenna	Frequency	Available	Channel Set
		Gain	Ranges	Channels
CP-8821-K9=	Cisco Wireless IP	2.4 GHz = 2.4 dBi	2.412 - 2.472 GHz	13	1-13
	Phone 8821	5 GHz = 3.0 dBi	5.180 - 5.240 GHz	4	36,40,44,48
CP-8821-EX-K9=	Cisco Wireless IP		5.260 - 5.320 GHz	4	52,56,60,64
			5.500 - 5.700 GHz	11	100-140
	Phone 8821-EX
			5.745 - 5.825 GHz	5	149,153,157,161,165

Note: 802.11j (channels 34, 38, 42, 46) are not supported.

Channel 14 for Japan is not supported.

Requirements

The Cisco Wireless IP Phone 8821 and 8821-EX are IEEE 802.11a/b/g/n/ac devices that provide voice communications.

The environment must be validated to ensure it meets the requirements to deploy the Cisco Wireless IP Phone 8821 and 8821EX.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	6

Site Survey

Before deploying the Cisco Wireless IP Phone 8821 and 8821-EX into a production environment, a site survey must be completed by a Cisco certified partner with the advanced wireless LAN specialization. During the site survey the RF spectrum can be analyzed to determine which channels are usable in the desired band (5 GHz or 2.4 GHz). Typically there is less interference in the 5 GHz band as well as more non-overlapping channels, so 5 GHz is the preferred band for operation and even more highly recommended when the Cisco Wireless IP Phone 8821 and 8821-EX is to be used in a mission critical environment. The site survey will include heatmaps showing the intended coverage plan for the location. The site survey will also determine which access point platform type, antenna type, access point configuration (channel and transmit power) to use at the location. It is recommended to select an access point with integrated antennas for non-rugged environments (e.g. office, healthcare, education, hospitality) and an access point platform requiring external antennas for rugged environments (e.g. manufacturing, warehouse, retail).

The wireless LAN must be validated to ensure it meets the requirements to deploy the Cisco Wireless IP Phone 8821 and 8821EX.

Signal

The cell edge should be designed to -67 dBm where there is a 20-30% overlap of adjacent access points at that signal level.

This ensures that the Cisco Wireless IP Phone 8821 and 8821-EX always have adequate signal and can hold a signal long enough in order to roam seamlessly where signal based triggers are utilized vs. packet loss triggers.

Also need to ensure that the upstream signal from the Cisco Wireless IP Phone 8821 and 8821-EX meets the access point’s receiver sensitivity for the transmitted data rate. Rule of thumb is to ensure that the received signal at the access point is -67 dBm or higher.

It is recommended to design the cell size to ensure that the Cisco Wireless IP Phone 8821 and 8821-EX can hold a signal for at least 5 seconds.

Channel Utilization

Channel Utilization levels should be kept under 40%.

The Cisco Wireless IP Phone 8821 and 8821-EX convert the 0-255 scale value to a percentage, so 105 would equate to around 40% in the Cisco Wireless IP Phone 8821 and 8821-EX.

Noise

Noise levels should not exceed -92 dBm, which allows for a Signal to Noise Ratio (SNR) of 25 dB where a -67 dBm signal should be maintained.

Also need to ensure that the upstream signal from the Cisco Wireless IP Phone 8821 and 8821-EX meets the access point’s signal to noise ratio for the transmitted data rate.

Packet Loss / Delay

Per voice guidelines, packet loss should not exceed 1% packet loss; otherwise voice quality can be degraded significantly.

Jitter should be kept at a minimal (< 100 ms).

Retries

802.11 retransmissions should be less than 20%.

Multipath

Multipath should be kept to a minimal as this can create nulls and reduce signal levels.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	7

Call Control

The Cisco Wireless IP Phone 8821 and 8821-EX utilize Session Initiation Protocol (SIP) for call control with the following applications.

•Cisco Unified Communications Manager (CUCM)

Minimum = 9.1(2)

Recommended = 10.5(2), 11.0(1), 11.5(1)

•Cisco Unified Communications Manager Express (CUCME)

Minimum = 10.5

Recommended = 11.0 and later

•Cisco Unified Survivable Remote Site Telephony (SRST)

Minimum = 10.5

Recommended = 11.0 and later

Note: Cisco Unified Communications Manager requires a device package to be installed or service release update in order to enable Cisco Wireless IP Phone 8821 and 8821-EX device support.

Device packages for Cisco Unified Communications Manager are available at the following location. http://software.cisco.com/download/navigator.html?mdfid=278875240

The Cisco Wireless IP Phone 8821 and 8821-EX utilize the fast track method utilizing the Cisco Unified IP Phone 9971 as the reference model for Cisco Unified Communications Manager Express.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/feature/phone_feature/phone_feature_support_guide.html#_Toc4 36645184

Wireless LAN

The Cisco Wireless IP Phone 8821 and 8821-EX are supported on the following Cisco Wireless LAN solutions.

•Cisco Wireless LAN Controller and Cisco Lightweight Access Points

Minimum = 8.0.121.0

Recommended = 8.0.135.0, 8.1.131.0, 8.2.121.0

•Cisco Meraki Access Points

•Cisco Autonomous Access Points

Minimum = 12.4(21a)JY

Recommended = 12.4(25d)JA2, 15.2(4)JB6, 15.3(3)JD

Note: Cisco Wireless LAN Controller release 8.0.121.0 or later is required if utilizing Flexconnect + Local Switching mode.

Access Points

Below are the Cisco Access Points that are supported.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	8

Note: The Cisco Wireless IP Phone 8821 and 8821-EX are supported with the Cisco AP3600 when the internal 802.11a/b/g/n radio is utilized, however is not supported if the 802.11ac module (AIR-RM3000AC) for the Cisco AP3600 is installed.

The table below lists the modes that are supported by each Cisco Access Point.

Cisco AP	802.11a	802.11b	802.11g	802.11n	802.11ac	Lightweight	Autonomous
Series
600	Yes	Yes	Yes	Yes	No	Yes	No

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	9

700	Yes	Yes	Yes	Yes	No	Yes	Yes
700W	Yes	Yes	Yes	Yes	No	Yes	Yes
1040	Yes	Yes	Yes	Yes	No	Yes	Yes
1130	Yes	Yes	Yes	No	No	Yes	Yes
1140	Yes	Yes	Yes	Yes	No	Yes	Yes
1240	Yes	Yes	Yes	No	No	Yes	Yes
1250	Yes	Yes	Yes	Yes	No	Yes	Yes
1260	Yes	Yes	Yes	Yes	No	Yes	Yes
1600	Yes	Yes	Yes	Yes	No	Yes	Yes
1700	Yes	Yes	Yes	Yes	Yes	Yes	Yes
1810	Yes	Yes	Yes	Yes	Yes	Yes	No
1810W	Yes	Yes	Yes	Yes	Yes	Yes	No
1830	Yes	Yes	Yes	Yes	Yes	Yes	No
1850	Yes	Yes	Yes	Yes	Yes	Yes	No
2600	Yes	Yes	Yes	Yes	No	Yes	Yes
2700	Yes	Yes	Yes	Yes	Yes	Yes	Yes
2800	Yes	Yes	Yes	Yes	Yes	Yes	No
3500	Yes	Yes	Yes	Yes	No	Yes	Yes
3600	Yes	Yes	Yes	Yes	Yes (with	Yes	Yes
					AIR-
					RM3000AC
					module)
3700	Yes	Yes	Yes	Yes	Yes	Yes	Yes
3800	Yes	Yes	Yes	Yes	Yes	Yes	No
890	Yes	Yes	Yes	Yes	No	Yes	Yes

The Cisco Wireless IP Phone 8821 and 8821-EX are currently supported on the Cisco Meraki MR18, MR24, MR26, MR32, MR34, MR42, MR52, MR53 indoor access point platforms and the Cisco Meraki MR72 outdoor access point platform only.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	10

https://meraki.cisco.com/products/wireless#models

The Cisco Meraki MR12, MR16, and Z1 access point platforms are not certified for use with Cisco Wireless IP Phone 8821 and 8821-EX deployments.

Note: VoWLAN is not currently supported in conjunction with outdoor MESH technology (1500 series).

Limited support is provided when using 3rd party access points as there are no interoperability tests performed for 3rd party access points.

However the user should have basic functionality when connected to a Wi-Fi compliant access point. Some of the key features are the following:

•5 GHz (802.11a/n/ac)

•Wi-Fi Protected Access v2 (WPA2+AES)

•Wi-Fi Multimedia (WMM)

•Traffic Specification (TSPEC)

•Traffic Classification (TCLAS)

•Differentiated Services Code Point (DSCP)

•Class of Service (CoS / 802.1p)

•QoS Basic Service Set (QBSS)

Antenna Systems

Some of the Cisco Access Points require or allow external antennas.

Please refer to the following URL for the list of supported antennas and how these external antennas should be mounted.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	11

http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas- accessories/product_data_sheet09186a008008883b.html

All indoor Cisco Meraki access points have internal antennas and all outdoor Cisco Meraki access points require external antennas.

https://meraki.cisco.com/products/wireless/antennas-power

3rd party antennas are not supported, as there is no interoperability testing performed against 3rd party antennas including Distributed Antenna Systems (DAS) and Leaky Coaxial Systems.

Please refer to the following URL for more info on Cisco Wireless LAN over Distributed Antenna Systems. http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-1130-ag-series/positioning_statement_c07-565470.html

Note: Cisco Access Points with integrated internal antennas (other than the W series) are to be mounted on the ceiling as they have omni-directional antennas and are not designed to be wall mounted.

Protocols

Supported voice and wireless LAN protocols include the following:

•802.11a,b,d,e,g,h,i,n,r,ac

•Wi-Fi MultiMedia (WMM)

•Traffic Specification (TSPEC)

•Traffic Classification (TCLAS)

•Simple Certificate Enrollment Protocol (SCEP)

•Session Initiation Protocol (SIP)

•Real Time Protocol (RTP)

•G.722, G.711, iSAC, iLBC, G.729

•Cisco Discovery Protocol (CDP)

Wi-Fi

The following table lists the data rates, ranges, and receiver sensitivity info for Cisco Wireless IP Phone 8821 and 8821-EX.

5 GHz Specifications
5 GHz - 802.11a	Data Rate	Modulation	Receiver Sensitivity
Max Tx Power = 14 dBm	6 Mbps	OFDM - BPSK	-94 dBm
(Depends on region)	9 Mbps	OFDM - BPSK	-93 dBm
	12 Mbps	OFDM - QPSK	-92 dBm
	18 Mbps	OFDM - QPSK	-89 dBm
	24 Mbps	OFDM - 16 QAM	-86 dBm
Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide			12

	36 Mbps
	48 Mbps
	54 Mbps
5 GHz - 802.11n (HT20)	Data Rate
Max Tx Power = 13 dBm	7 Mbps (MCS 0)
(Depends on region)	14 Mbps (MCS 1)
	21 Mbps (MCS 2)
	29 Mbps (MCS 3)
	43 Mbps (MCS 4)
	58 Mbps (MCS 5)
	65 Mbps (MCS 6)
	72 Mbps (MCS 7)
5 GHz - 802.11n (HT40)	Data Rate
Max Tx Power = 13 dBm	15 Mbps (MCS 0)
(Depends on region)	30 Mbps (MCS 1)
	45 Mbps (MCS 2)
	60 Mbps (MCS 3)
	90 Mbps (MCS 4)
	120 Mbps (MCS 5)
	135 Mbps (MCS 6)
	150 Mbps (MCS 7)
5 GHz - 802.11ac (VHT20)	Data Rate
Max Tx Power = 12 dBm	7 Mbps (MCS 0)
(Depends on region)	14 Mbps (MCS 1)
	21 Mbps (MCS 2)
	29 Mbps (MCS 3)
	43 Mbps (MCS 4)
	58 Mbps (MCS 5)
	65 Mbps (MCS 6)
	72 Mbps (MCS 7)
	87 Mbps (MCS 8)
5 GHz - 802.11ac (VHT40)	Data Rate
Max Tx Power = 12 dBm	15 Mbps (MCS 0)
(Depends on region)	30 Mbps (MCS 1)
	45 Mbps (MCS 2)
	60 Mbps (MCS 3)
	90 Mbps (MCS 4)
	120 Mbps (MCS 5)
	135 Mbps (MCS 6)
	150 Mbps (MCS 7)

OFDM - 16 QAM

OFDM - 64 QAM

OFDM - 64 QAM

Modulation

OFDM - BPSK

OFDM - QPSK

OFDM - QPSK

OFDM - 16 QAM

OFDM - 16 QAM

OFDM - 64 QAM

OFDM - 64 QAM

OFDM - 64 QAM

Modulation

OFDM - BPSK

OFDM - QPSK

OFDM - QPSK

OFDM - 16 QAM

OFDM - 16 QAM

OFDM - 64 QAM

OFDM - 64 QAM

OFDM - 64 QAM

Modulation

OFDM - BPSK

OFDM - QPSK

OFDM - QPSK

OFDM - 16 QAM

OFDM - 16 QAM

OFDM - 64 QAM

OFDM - 64 QAM

OFDM - 64 QAM

OFDM – 256 QAM

Modulation

OFDM - BPSK

OFDM - QPSK

OFDM - QPSK

OFDM - 16 QAM

OFDM - 16 QAM

OFDM - 64 QAM

OFDM - 64 QAM OFDM - 64 QAM

-83 dBm

-78 dBm

-76 dBm

Receiver Sensitivity

-94 dBm

-91 dBm

-89 dBm

-86 dBm

-82 dBm

-77 dBm

-76 dBm

-74 dBm

Receiver Sensitivity

-91 dBm

-88 dBm

-86 dBm

-83 dBm

-79 dBm

-75 dBm

-73 dBm

-72 dBm

Receiver Sensitivity

-93 dBm

-90 dBm

-87 dBm

-84 dBm

-81 dBm

-76 dBm

-75 dBm

-74 dBm

-70 dBm

Receiver Sensitivity

-90 dBm

-87 dBm

-85 dBm

-82 dBm

-79 dBm

-73 dBm

-72 dBm -72dBm

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	13

	180 Mbps (MCS 8)	OFDM – 256 QAM	-67 dBm
	200 Mbps (MCS 9)	OFDM – 256 QAM	-66 dBm
5 GHz - 802.11ac (VHT80)	Data Rate	Modulation	Receiver Sensitivity
Max Tx Power = 12 dBm	33 Mbps (MCS 0)	OFDM - BPSK	-87 dBm
(Depends on region)	65 Mbps (MCS 1)	OFDM - QPSK	-83 dBm
	98 Mbps (MCS 2)	OFDM - QPSK	-81 dBm
	130 Mbps (MCS 3)	OFDM - 16 QAM	-78 dBm
	195 Mbps (MCS 4)	OFDM - 16 QAM	-75 dBm
	260 Mbps (MCS 5)	OFDM - 64 QAM	-73 dBm
	293 Mbps (MCS 6)	OFDM - 64 QAM	-68 dBm
	325 Mbps (MCS 7)	OFDM - 64 QAM	-68 dBm
	390 Mbps (MCS 8)	OFDM – 256 QAM	-64 dBm
	433 Mbps (MCS 9)	OFDM – 256 QAM	-62 dBm
2.4 GHz Specifications
2.4 GHz - 802.11b	Data Rate	Modulation	Receiver Sensitivity
Max Tx Power = 17 dBm	1 Mbps	DSSS - BPSK	-98 dBm
(Depends on region)	2 Mbps	DSSS - QPSK	-96 dBm
	5.5 Mbps	DSSS - CCK	-93 dBm
	11 Mbps	DSSS - CCK	-91 dBm
2.4 GHz - 802.11g	Data Rate	Modulation	Receiver Sensitivity
Max Tx Power = 14 dBm	6 Mbps	OFDM - BPSK	-95 dBm
(Depends on region)	9 Mbps	OFDM - BPSK	-94 dBm
	12 Mbps	OFDM - QPSK	-93 dBm
	18 Mbps	OFDM - QPSK	-90 dBm
	24 Mbps	OFDM - 16 QAM	-87 dBm
	36 Mbps	OFDM - 16 QAM	-84 dBm
	48 Mbps	OFDM - 64 QAM	-79 dBm
	54 Mbps	OFDM - 64 QAM	-77 dBm

2.4 GHz - 802.11n (HT20)	Data Rate
Max Tx Power = 13 dBm	7 Mbps (MCS 0)
(Depends on region)	14 Mbps (MCS 1)
	21 Mbps (MCS 2)
	29 Mbps (MCS 3)
	43 Mbps (MCS 4)
	58 Mbps (MCS 5)
	65 Mbps (MCS 6)
	72 Mbps (MCS 7)

Modulation	Receiver Sensitivity
OFDM - BPSK	-95 dBm
OFDM - QPSK	-92 dBm
OFDM - QPSK	-90 dBm
OFDM - 16 QAM	-87 dBm
OFDM - 16 QAM	-83 dBm
OFDM - 64 QAM	-78 dBm
OFDM - 64 QAM	-77 dBm
OFDM - 64 QAM	-75 dBm

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	14

Note: Receiver sensitivity is the minimum signal needed to decode a packet at a certain data rate.

The above values are pure radio specifications and do not account for the gain of the single integrated antenna.

To achieve 802.11n/ac connectivity, it is recommended that the Cisco Wireless IP Phone 8821 and 8821-EX be within 100 feet of the access point.

Regulatory

World Mode (802.11d) allows a client to be used in different regions, where the client can adapt to using the channels and transmit powers advertised by the access point in the local environment.

The Cisco Wireless IP Phone 8821 and 8821-EX operate best when the access point is 802.11d enabled, where it can determine which channels and transmit powers to use per the local region.

Enable World Mode (802.11d) for the corresponding country where the access point is located.

Some 5 GHz channels are also used by radar technology, which requires that the 802.11 client and access point be 802.11h compliant if utilizing those radar frequencies (DFS channels). 802.11h requires 802.11d to be enabled.

The Cisco Wireless IP Phone 8821 and 8821-EX will passively scan DFS channels first before engaging in active scans of those channels.

If 802.11d is not enabled, then the Cisco Wireless IP Phone 8821 and 8821-EX can attempt to connect to the access point using reduced transmit power.

Below are the countries and their 802.11d codes that are supported by the Cisco Wireless IP Phone 8821 and 8821-EX.

Australia (AU)	Iceland (IS)	Poland (PL)
Austria (AT)	India (IN)	Portugal (PT)
Bahrain (BH)	Ireland (IE)	Puerto Rico (PR)
Belgium (BE)	Israel (IL)	Romania (RO)
Brazil (BR)	Italy (IT)	Russian Federation (RU)
Bulgaria (BG)	Japan (JP)	Saudi Arabia (SA)
Canada (CA)	Korea (KR)	Serbia (RS)
Chile (CL)	Latvia (LV)	Singapore (SG)
Colombia (CO)	Liechtenstein (LI)	Slovakia (SK)
Costa Rica (CR)	Lithuania (LT)	Slovenia (SI)
Croatia (HR)	Luxembourg (LU)	South Africa (ZA)
Cyprus (CY)	Macau (MO)	Spain (ES)
Czech Republic (CZ)	Macedonia (MK)	Sweden (SE)
Denmark (DK)	Malta (MT)	Switzerland (CH)
Dominican Republic (DO)	Mexico (MX)	Taiwan (TW)
Ecuador (EC)	Monaco (MC)	Thailand (TH)
Egypt (EG)	Montenegro (ME)	Turkey (TR)
Estonia (EE)	Netherlands (NL)	Ukraine (UA)
Finland (FI)	New Zealand (NZ)	United Arab Emirates (AE)
France (FR)	Nigeria (NG)	United Kingdom (GB)
Germany (DE)	Norway (NO)	United States (US)
Gibraltar (GI)	Panama (PA)	Uruguay (UY)
Greece (GR)	Paraguay (PY)	Vietnam (VN)
Hong Kong (HK)	Peru (PE)
Hungary (HU)	Philippines (PH)

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	15

Note: Compliance information is available on the Cisco Product Approval Status web site at the following URL: http://tools.cisco.com/cse/prdapp/jsp/externalsearch.do?action=externalsearch&page=EXTERNAL_SEARCH

Bluetooth

The Cisco Wireless IP Phone 8821 and 8821-EX support Bluetooth 3.0 technology allowing for wireless headset communications.

Bluetooth enables low bandwidth wireless connections within a range of 30 feet, however it is recommended to keep the Bluetooth device within 10 feet of the Cisco Wireless IP Phone 8821 and 8821-EX.

Up to ten headsets can be paired, where the previously connected headset is given priority.

The Bluetooth device does not need to be within direct line-of-sight of the phone, but barriers, such as walls, doors, etc. can potentially impact the quality.

Bluetooth utilizes the 2.4 GHz frequency just like 802.11b/g/n and many other devices (e.g. microwave ovens, cordless phones, etc.), so the Bluetooth quality can potentially be interfered with due to using this unlicensed frequency.

Bluetooth Profiles

The Cisco Wireless IP Phone 8821 and 8821-EX support the following Bluetooth profiles.

Hands-Free Profile (HFP)

With Bluetooth Hands-Free Profile (HFP) support, the following features can be available if supported by the Bluetooth headset.

•Ring

•Answer a call

•End a call

•Volume Control

•Last Number Redial

•Call Waiting

•Divert / Reject

•3 way calling (Hold & Accept and Release & Accept)

•Speed Dialing

Phone Book Access Profile (PBAP)

Phone Book Access Profile (PBAP) support enables the exchange of phone book objects between devices.

For more information, refer to the documentation from the Bluetooth headset manufacturer.

Coexistence (802.11b/g/n + Bluetooth)

If using Coexistence where 802.11b/g/n and Bluetooth are used simultaneously, then there are some limitations and deployment requirements to be considered as they both utilize the 2.4 GHz frequency range.

Capacity

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	16

When using Coexistence (802.11b/g/n + Bluetooth), call capacity is reduced due to the utilization of CTS to protect the 802.11g/n and Bluetooth transmissions.

Multicast Audio

Multicast audio from Push To Talk (PTT), Music on Hold (MMOH) and other applications are not supported when using Coexistence.

Voice Quality

Depending on the current data rate configuration, CTS may be sent to protect the Bluetooth transmissions when using Coexistence.

In some environments, 6 Mbps may need to be enabled.

Note: It is recommended to use 802.11a/n/ac if using Bluetooth due to 802.11b/g/n and Bluetooth both utilizing 2.4 GHz, but also due to the above limitations.

Languages

The Cisco Wireless IP Phone 8821 and 8821-EX currently support the following languages.

Arabic	French	Polish
Bulgarian	German	Portuguese
Catalan	Greek	Romanian
Chinese	Hebrew	Russian
Croatian	Hungarian	Serbian
Czech	Italian	Slovak
Danish	Japanese	Slovenian
Dutch	Korean	Spanish
English	Latvian	Swedish
Estonian	Lithuanian	Thai
Finnish	Norwegian	Turkish

The corresponding locale package must be installed to enable support for that language. English is the default language on the phone.

Download the locale packages from the Localization page at the following URL: http://software.cisco.com/download/navigator.html?mdfid=278875240

8821-EX Certifications

The Cisco Wireless IP Phone 8821-EX is certified for Canadian Standards Association (CSA) Class I Division 2 and Atmospheres Explosibles (ATEX) Class I Zone 2.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	17

Certification ensures that the equipment is fit for its intended purpose and that adequate information is supplied with it to ensure that it can be used safely.

Canadian Standards Association (CSA) Class I Division 2

Laws and regulations in most municipalities, states, and provinces in North America require certain products to be tested to a specific standard or group of standards when they are to be classified safe when used in an explosive environment.

In North America, hazardous locations have traditionally been defined by the following combination of Class and Division:

•Class I - A location where a quantity of flammable gas or vapor, sufficient to produce an explosive or ignitable mixture, may be present in the air.

•Class II - A location made hazardous by the presence of combustible elements.

•Class III - A location made hazardous by the presence of easily ignitable fibers in the air.

•Division 1 - A location where a classified hazard is likely to exist.

•Division 2 - A location where a classified hazard does not normally exist but is possible under abnormal conditions.

More recently in North America, for Class I hazards, locations can be classified under the zone system as defined by the IEC/ATEX mentioned below.

Atmospheres Explosibles (ATEX) Class I Zone 2

Equipment and protective systems intended for use in potentially explosive atmospheres must comply with ATEX Directive 94/9/EC.

Areas classified into zones must be protected from effective sources of ignition.

Locations where explosive gas atmospheres are likely to be present are divided into IEC/EU-defined Zones (Class I Zone 0, 1, 2 for locations with flammable gases or vapors and Class II Zone 20, 21, 22 for locations with combustible dust or ignitable fibers).

Class I

•Zone 0 - An area in which an explosive gas atmosphere is continuously present or present for long periods.

•Zone 1 - An area in which an explosive gas atmosphere is likely to occur in normal operation.

•Zone 2 - An area in which an explosive gas atmosphere does not normally exist, or if they do occur, will exist only for a short period of time.

Class II

•Zone 20 – An area in which an ignitable concentrations of combustible dust or ignitable fibers/flyings are present continuously or for long periods of time under normal operating conditions.

•Zone 21 - An area in which an ignitable concentrations of combustible dust or ignitable fibers/flyings are likely to exist under normal operating conditions.

•Zone 22 - An area in which an ignitable concentrations of combustible dust or ignitable fibers/flyings are not likely to exist under normal operating conditions.

Cleaning

The Cisco Wireless IP Phone 8821 and 8821-EX are IP67 rated, which is designed to provide protection from dust, liquid splashes and moisture.

This allows the Cisco Wireless IP Phone 8821 and 8821-EX to be cleaned, sanitized without the possibility of damaging the unit.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	18

A moist cloth can be used for simple cleaning; however Caviwipes and Saniwipes are the recommended choice for thoroughly cleaning the phone.

Caviwipes and Saniwipes contain up to 17% Isopropanol. Any cleaning solution containing a higher degree of Isopropanol including pure Isopropanol or an alternative alcohol based liquid could potentially damage the phone.

Carry cases can additionally help protect the phone further and provide drop protection.

Accessories

The following accessories are available for the Cisco Wireless IP Phone 8821 and 8821-EX.

•Batteries

•Phone Power Supply

•Belt Holster

•Leather Case

•Desktop Charger

•Multicharger

3rd Party Accessories

Only the 3rd party accessories listed below are certified for use with the Cisco Wireless IP Phone 8821 and 8821-EX.

•	Headsets	Apple (www.apple.com)
		Jabra (www.jabra.com)
		Plantronics (www.plantronics.com)
		Sennheiser (www.sennheiser.com)
•	USB to Ethernet Dongles	Apple USB 2.0 Ethernet Adapter (www.apple.com)

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	19

Belkin B2B048 USB 3.0 Gigabit Ethernet Adapter (www.belkin.com)

D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter (www.dlink.com)

Linksys USB3GIG USB 3.0 Gigabit Ethernet Adapter (www.linksys.com)

Linksys USB300M USB 2.0 Ethernet Adapter (www.linksys.com)

Wireless LAN Design

The following network design guidelines must be followed in order to accommodate for adequate coverage, call capacity and seamless roaming for the Cisco Wireless IP Phone 8821 and 8821-EX.

802.11 Network

Use the following guidelines to assist with deploying and configuring the wireless LAN.

5 GHz (802.11a/n/ac)

5 GHz is the recommended frequency band to utilize for operation of the Cisco Wireless IP Phone 8821 and 8821-EX.

In general, it is recommended for access points to utilize automatic channel selection instead of manually assigning channels to access points.

If there is an intermittent interferer, then the access point or access points serving that area may need to have a channel statically assigned.

The Cisco Wireless IP Phone 8821 and 8821-EX support Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC) from 802.11h, which are required when using channels operating at 5.260 - 5.720 GHz, which are 15 of the 24 possible channels.

Need to ensure there is at least 20 percent overlap with adjacent channels when deploying the Cisco Wireless IP Phone 8821 and 8821-EX in an 802.11a/n/ac environment, which allows for seamless roaming. For critical areas, it is recommended to increase the overlap (30% or more) to ensure that there can be at least 2 access points available with -67 dBm or better, while the Cisco Wireless IP Phone 8821 and 8821-EX also meet the access point’s receiver sensitivity (required signal level for the current data rate).

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	20

Dynamic Frequency Selection (DFS)

DFS dynamically instructs a transmitter to switch to another channel whenever radar signal is detected. If the access point detects radar, the radio on the access point goes on hold for at least 60 seconds while the access point passively scans for another usable channel.

TPC allows the client and access point to exchange information, so that the client can dynamically adjust the transmit power. The client uses only enough energy to maintain association to the access point at a given data rate. As a result, the client contributes less to adjacent cell interference, which allows for more densely deployed, high-performance wireless LANs.

If there are repeated radar events detected by the access point (just or falsely), determine if the radar signals are impacting a single channel (narrowband) or multiple channels (wideband), then potentially disable use of that channel or channels in the wireless LAN.

The presence of an access point on a non-DFS channel can help minimize voice interruptions.

In case of radar activity, have at least one access point per area that uses a non-DFS channel (UNII-1). This ensures that a channel is available when an access point’s radio is in its hold-off period while scanning for a new usable channel.

A UNII-3 channel (5.745 - 5.825 GHz) can optionally be used if available.

Below is a sample 5 GHz wireless LAN deployment.

For 5 GHz, 21 channels are available in the Americas, 16 channels in Europe, and 19 channels in Japan.

Where UNII-3 is available, it is recommended to use UNII-1, UNII-2, and UNII-3 only to utilize a 12 channel set.

If planning to use UNII-2 extended channels (channels 100 - 140), it is recommended to disable UNII-2 (channels 52-64) on the access point to avoid having so many channels enabled.

Having many 5 GHz channels enabled in the wireless LAN can delay discovery of new access points.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	21

2.4 GHz (802.11b/g/n)

In general, it is recommended for access points to utilize automatic channel selection instead of manually assigning channels to access points.

If there is an intermittent interferer, then the access point or access points serving that area may need to have a channel statically assigned.

In a 2.4 GHz (802.11b/g/n) environment, only non-overlapping channels must be utilized when deploying VoWLAN. Nonoverlapping channels have 22 MHz of separation and are at least 5 channels apart.

There are only 3 non-overlapping channels in the 2.4 GHz frequency range (channels 1, 6, 11).

Non-overlapping channels must be used and allow at least 20 percent overlap with adjacent channels when deploying the Cisco Wireless IP Phone 8821 and 8821-EX in an 802.11b/g/n environment, which allows for seamless roaming.

Using an overlapping channel set such as 1, 5, 9, 13 is not a supported configuration.

Below is a sample 2.4 GHz wireless LAN deployment.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	22

Signal Strength and Coverage

To ensure acceptable voice quality, the Cisco Wireless IP Phone 8821 and 8821-EX should always have a signal of -67 dBm or higher when using 5 GHz or 2.4 GHz, while the Cisco Wireless IP Phone 8821 and 8821-EX also meet the access point’s receiver sensitivity required signal level for the transmitted data rate.

Ensure the Packet Error Rate (PER) is no higher than 1%.

A minimum Signal to Noise Ratio (SNR) of 25 dB = -92 dBm noise level with -67 dBm signal should be maintained.

It is recommended to have at least two access points on non-overlapping channels with at least -67 dBm signal with the 25 dB SNR to provide redundancy.

To achieve maximum capacity and throughput, the wireless LAN should be designed to 24 Mbps. Higher data rates can optionally be enabled for other applications other than voice only that can take advantage of these higher data rates.

Recommended to set the minimum data rate to 11 Mbps or 12 Mbps for 2.4 GHz (dependent upon 802.11b client support policy) and 12 Mbps for 5 GHz, which should also be the only rate configured as a mandatory / basic rate.

In some environments, 6 Mbps may need to be enabled as a mandatory / basic rate. Due to the above requirements, a single channel plan should not be deployed.

When designing the placement of access points, be sure that all key areas have adequate coverage (signal).

Typical wireless LAN deployments for data only applications do not provide coverage for some areas where VoWLAN service is necessary such as elevators, stairways, and outside corridors.

Microwave ovens, 2.4 GHz cordless phones, Bluetooth devices, or other electronic equipment operating in the 2.4 GHz band will interfere with the Wireless LAN.

Microwave ovens operate on 2450 MHz, which is between channels 8 and 9 of 802.11b/g/n. Some microwaves are shielded more than others and that shielding reduces the spread of the energy. Microwave energy can impact channel 11, and some microwaves can affect the entire frequency range (channels 1 through 11). To avoid microwave interference, select channel 1 for use with access points that are located near microwaves.

Most microwave ovens, Bluetooth, and frequency hopping devices do not have the same effect on the 5 GHz frequency. The 802.11a/n/ac technology provides more non-overlapping channels and typically lower initial RF utilization. For voice deployments, it is suggested to use 802.11a/n/ac for voice and use 802.11b/g/n for data.

However there are products that also utilize the non-licensed 5 GHz frequency (e.g. 5.8 GHz cordless phones, which can impact UNII-3 channels).

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	23

The Cisco Unified Network Control System (NCS) can be utilized to verify signal strength and coverage.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	24

Data Rates

It is recommended to disable rates below 12 Mbps for 5 GHz deployments and below 12 Mbps for 2.4 GHz deployments where capacity and range are factored in for best results.

The Cisco Wireless IP Phone 8821 and 8821-EX both have a single antenna, therefore it supports up to MCS 7 data rates for 802.11n (up t to 150 Mbps) and up to MCS 9 data rates for 802.11ac (up to 433 Mbps).

Higher MCS rates can be left enabled for other 802.11n/ac clients, which are utilizing the same band frequency and utilize MIMO (multiple input / multiple output) antenna technology, which can take advantage of those higher rates.

If 802.11b clients are not allowed in the wireless network, then it is strongly recommended to disable the data rates below 12 Mbps. This will eliminate the need to send CTS frames for 802.11g/n protection as 802.11b clients can not detect these OFDM frames.

When 802.11b clients exist in the wireless network, then an 802.11b rate must be enabled and only an 802.11b rate can be configured as a mandatory / basic rate.

The recommended data rate configurations are the following:

802.11 Mode	Mandatory	Supported	Disabled
	Data Rates	Data Rates	Data Rates
802.11a/n/ac	12 Mbps	18-54 Mbps,	6, 9 Mbps,
		VHT MCS 1 - MCS 9	VHT MCS 0
802.11a/n	12 Mbps	18-54 Mbps,	6, 9 Mbps,
		HT MCS 1 - MCS 7	HT MCS 0
		(HT MCS 8 - MCS 23)
802.11g/n	12 Mbps	18-54 Mbps,	1, 2, 5.5, 6, 9, 11 Mbps,
		HT MCS 1 - MCS 7	HT MCS 0
		(HT MCS 8 - MCS 23)
802.11b/g/n	11 Mbps	12-54 Mbps,	1, 2, 5.5, 6, 9 Mbps,
		HT MCS 1 - MCS 7	HT MCS 0
		(HT MCS 8 - MCS 23)
802.11a	12 Mbps	18-54 Mbps	6, 9 Mbps
802.11g	12 Mbps	18-54 Mbps	1, 2, 5.5, 6, 9, 11 Mbps
802.11b/g	11 Mbps	12-54 Mbps	1, 2, 5.5, 6, 9 Mbps
802.11b	11 Mbps	None	1, 2, 5.5 Mbps

For a voice only application, data rates higher than 24 Mbps can optionally be enabled or disabled, but there is no advantage from a capacity or throughput perspective and enabling these rates could potentially increase the number of retries for a data frame.

Other applications such as video may be able to benefit from having these higher data rates enabled. To preserve high capacity and throughput, data rates of 24 Mbps and higher should be enabled.

If deploying in an environment where excessive retries may be a concern, then a limited set of the data rates can be used (e.g. 12, 24, 54, MCS 1, MCS 4, MCS 7), where the lowest enabled rate is the mandatory / basic rate.

For rugged environments or deployments requiring maximum range, it is recommended to enable 6 Mbps as a mandatory / basic rate.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	25

Note: Some environments may require that a lower data rate be enabled due to use of legacy clients, environmental factors or maximum range is required.

Set only the lowest data rate enabled as the single mandatory / basic rate. Multicast packets will be sent at the highest mandatory / basic data rate enabled.

Note that capacity and throughput are reduced when lower rates are enabled.

Rugged Environments

When deploying the Cisco Wireless IP Phone 8821 and 8821-EX in a rugged environment (e.g. manufacturing, warehouse, retail), additional tuning on top of the standard design recommendations may be necessary.

Below are the key items to focus on when deploying a wireless LAN in a rugged environment.

Access Point and Antenna Selection

For rugged environments, it is recommended to select an access point platform that requires external antennas (e.g. Cisco 1602e, 2602e, 3502e, 3602e, and 3702e Series Access Points). It is also important to ensure an antenna type is selected which can operate well in rugged environments.

Access Point Placement

It is crucial that line of sight to the access point’s antennas is maximized by minimizing any obstructions between the Cisco Wireless IP Phone 8821 or 8821-EX and the access point. Ensure that the access point and/or antennas are not mounted behind any obstruction or on or near a metal or glass surface.

If access points with integrated internal antennas are to be used in some areas (other than the W series), then it is recommended to mount those access points on the ceiling as they have omni-directional antennas and are not designed to be wall mounted.

Frequency Band

As always, it is recommended to use 5 GHz. Use of 2.4 GHz, especially when 802.11b rates are enabled, may not work well.

For the 5 GHz channel set, it is recommended to use a 8 or 12 channel plan only; disable UNII-2 extended channels if possible.

Data Rates

The standard recommended data rate set may not work well if multipath is present at an elevated level. Therefore, it is recommended to enable lower data rates (e.g. 6 Mbps) to operate better in such an environment.

If using for voice only, then data rates above 24 Mbps can be disabled to increase first transmission success. If the same band is also used for data, video or other applications, then is suggested to keep the higher data rates enabled.

Transmit Power

Due to the potential of elevated multipath in rugged environments, the transmit power of the access point and Cisco Wireless IP Phone 8821 and 8821-EX should also be restricted. This is more important if planning to deploy 2.4 GHz in a rugged environment.

If using auto transmit power, the access point transmit power can be configured to use a specified range (maximum and minimum power levels) to prevent the access point from transmitting too hot as well as too weak (e.g. 5 GHz maximum of 16 dBm and minimum of 11 dBm).

The Cisco Wireless IP Phone 8821 and 8821-EX will utilize the access point’s current transmit power setting to determine what transmit power it uses for transmitted frames when DTPC is enabled in the access point’s configuration.

Fast Roaming

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	26

It is recommended to utilize 802.11r / Fast Transition (FT) for fast roaming. Enabling 802.11r (FT) also reduces the number of frames in the handshake when roaming to only two frames. Reducing the number of frames during a roam, increases the chances of roam success.

When using 802.1x authentication, it is important to use the recommended EAPOL key settings.

Quality of Service (QoS)

Need to ensure that DSCP values are preserved throughout the wired network, so that the WMM UP tag for voice, video, and call control frames can be set correctly.

Beamforming

If using Cisco 802.11n capable access points, then Beamforming (ClientLink) should be enabled, which can help with client reception.

Multipath

Multipath occurs when RF signals take multiple paths from a source to a destination.

A part of the signal goes to the destination while another part bounces off an obstruction, then goes on to the destination. As a result, part of the signal encounters delay and travels a longer path to the destination, which creates signal energy loss.

When the different waveforms combine, they cause distortion and affect the decoding capability of the receiver, as the signal quality is poor.

Multipath can exist in environments where there are reflective surfaces (e.g. metal, glass, etc.). Avoid mounting access points on these surfaces.

Below is a list of multipath effects:

Data Corruption

Occurs when multipath is so severe that the receiver is unable to detect the transmitted information.

Signal Nulling

Occurs when the reflected waves arrive exactly out of phase with the main signal and cancel the main signal completely.

Increased Signal Amplitude

Occurs when the reflected waves arrive in phase with the main signal and add on to the main signal thereby increasing the signal strength.

Decreased Signal Amplitude

Occurs when the reflected waves arrive out of phase to some extent with the main signal thereby reducing the signal amplitude.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	27

Use of Orthogonal Frequency Division Multiplexing (OFDM), which is used by 802.11a/n/ac and 802.11g/n, can help to reduce issues seen in high multipath environments.

If using 802.11b in a high multipath environment, lower data rates should be used in those areas (e.g. 1 and 2 Mbps). Use of antenna diversity can also help in such environments.

Security

When deploying a wireless LAN, security is essential.

The Cisco Wireless IP Phone 8821 and 8821-EX support the following wireless security features.

WLAN Authentication

•WPA2 (802.1x authentication + AES or TKIP encryption)

•WPA (802.1x authentication + TKIP or AES encryption)

•WPA2-PSK (Pre-Shared key + AES encryption)

•WPA-PSK (Pre-Shared key + TKIP encryption)

•EAP-FAST (Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling)

•EAP-TLS (Extensible Authentication Protocol - Transport Layer Security)

•PEAP-GTC (Protected Extensible Authentication Protocol - Generic Token Card)

•PEAP-MSCHAPv2 (Protected Extensible Authentication Protocol - Microsoft Challenge Handshake Authentication Protocol version 2)

•802.11r / Fast Transition (FT)

•CCKM (Cisco Centralized Key Management)

•None

WLAN Encryption

•AES (Advanced Encryption Standard)

•TKIP / MIC (Temporal Key Integrity Protocol / Message Integrity Check)

•WEP (Wired Equivalent Protocol) 40/64 and 104/128 bit

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	28

Note: Shared Key authentication is not supported.

The Cisco Wireless IP Phone 8821 and 8821-EX also support the following additional security features.

•Image authentication

•Device authentication

•File authentication

•Signaling authentication

•Secure Cisco Unified SRST

•Media encryption (SRTP)

•Signaling encryption (TLS)

•Certificate authority proxy function (CAPF)

•Secure profiles

•Encrypted configuration files

•Settings Access (can limit user access to configuration menus)

Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST)

Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST) encrypts EAP transactions within a Transport Level Security (TLS) tunnel between the access point and the Remote Authentication Dial-in User Service (RADIUS) server such as the Cisco Access Control Server (ACS) or Cisco Identity Services Engine (ISE).

The TLS tunnel uses Protected Access Credentials (PACs) for authentication between the client (the Cisco Wireless IP Phone 8821 and 8821-EX) and the RADIUS server. The server sends an Authority ID (AID) to the client, which in turn selects the appropriate PAC. The client returns a PAC-Opaque to the RADIUS server. The server decrypts the PAC with its master-key. Both endpoints now have the PAC key and a TLS tunnel is created. EAP-FAST supports automatic PAC provisioning, but it must enable don the RADIUS server.

To enable EAP-FAST, a certificate must be installed on to the RADIUS server.

The Cisco Wireless IP Phone 8821 and 8821-EX currently support automatic provisioning of the PAC only, so enable Allow anonymous in-band PAC provisioning on the RADIUS server as shown below.

Both EAP-GTC and EAP-MSCHAPv2 must be enabled when Allow anonymous in-band PAC provisioning is enabled. EAP-FAST requires that a user account be created on the authentication server.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	29

If anonymous PAC provisioning is not allowed in the production wireless LAN environment then a staging RADIUS server can be setup for initial PAC provisioning of the Cisco Wireless IP Phone 8821 and 8821-EX.

This requires that the staging RADIUS server be setup as a slave EAP-FAST server and components are replicated from the product master EAP-FAST server, which include user and group database and EAP-FAST master key and policy info.

Ensure the production master EAP-FAST RADIUS server is setup to send the EAP-FAST master keys and policies to the staging slave EAP-FAST RADIUS server, which will then allow the Cisco Wireless IP Phone 8821 and 8821-EX to use the provisioned PAC in the production environment where Allow anonymous in-band PAC provisioning is disabled.

When it is time to renew the PAC, then authenticated in-band PAC provisioning will be used, so ensure that Allow authenticated in-band PAC provisioning is enabled.

Ensure that the Cisco Wireless IP Phone 8821 and 8821-EX has connected to the network during the grace period to ensure it can use its existing PAC created either using the active or retired master key in order to get issued a new PAC.

Is recommended to only have the staging wireless LAN pointed to the staging RADIUS server and to disable the staging access point radios when not being used.

Extensible Authentication Protocol - Transport Layer Security (EAP-TLS)

Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) is using the TLS protocol with PKI to secure communications to the authentication server.

TLS provides a way to use certificates for both user and server authentication and for dynamic session key generation. A certificate is required to be installed.

EAP-TLS provides excellent security, but requires client certificate management.

Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide	30