Information About AP Audit Configuration
The AP Audit Configuration feature helps to detect wireless service synchronization issues between the controller and an AP. In Cisco IOS XE Amsterdam, Release 17.3.1, two methods are implemented to support AP audit configuration.
-
Config Checker: This functionality helps in auditing the application of wireless policies during the AP join phase. Any discrepancies at this stage is reported on the controller. This is a built-in functionality and you cannot disable the same. When you try to configure any of the AP attributes such as name, IP address, controller information, tag, mode, radio mode, and radio admin state, the AP parses the CAPWAP payload configuration from the controller and reports errors detected back to the controller with proper code. If a discrepancy is detected, the controller flags errors using the syslog.
-
Config Audit: This functionality helps to perform periodic comparison of operational states between an AP and the controller after the AP join phase and while the corresponding AP is still connected. Discrepancies, if any, are reported immediately on the controller. The consolidated report is available at the controller anytime. This functionality is disabled by default. The periodic auditing interval is a configurable parameter.
Use the ap audit-report command to enable and configure audit report parameters. When triggered, AP sends configurations from the database to the controller, and the controller compares the configurations against the current configuration. If a discrepancy is detected, the controller flags the error using the syslog.