Cisco Wireless LAN Controller Basic Configuration

Below is a basic Wireless LAN Controller Configuration that worked! My setup is exactly like in the below picture, WLC is connected to a Cisco Layer 2 PoE Switch which inturn is connected to a Cisco ADSL router to reach internet.

WLC Basic Configuration

A. Cisco WLC 2504 Basic Configuration:

When the WLC boots at factory defaults, the bootup script runs the configuration wizard, which assists you to complete the initial configuration settings.

AUTO-INSTALL: process terminated -- no configuration loaded
 Enter Administrative User Name (24 characters max): hnsadmin
 Enter Administrative Password (3 to 24 characters): ************
 Re-enter Administrative Password : ************
 Enable Link Aggregation (LAG) [yes][NO]: no
 Management Interface IP Address: 10.10.10.2
 Management Interface Netmask: 255.255.255.0
 Management Interface Default Router: 10.10.10.1
 Management Interface VLAN Identifier (0 = untagged): 0
 Management Interface Port Num [1 to 4]: 1
 Management Interface DHCP Server IP Address: 10.10.10.1
 Virtual Gateway IP Address: 1.1.1.1
 Multicast IP Address: 239.0.0.1
 Mobility/RF Group Name: HNS-WIRELESS
 Network Name (SSID): HNSCORP
 Configure DHCP Bridging Mode [yes][NO]: no
 Allow Static IP Addresses [YES][no]: no
 Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
 Please see documentation for more details.
Enter Country Code list (enter 'help' for a list of countries) [US]: IN
 Enable 802.11b Network [YES][no]: yes
 Enable 802.11g Network [YES][no]: yes
 Enable Auto-RF [YES][no]: yes
 Configure a NTP server now? [YES][no]: no
 Configure the system time now? [YES][no]: no
Warning! No AP will come up unless the time is set.
 Please see documentation for more details.
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
 Cleaning up DHCP server configuration
 Configuration saved!
 Resetting system with new configuration...
  • Management Interface VLAN IdentifierUse Valid VLAN Identifier. When Native VLAN is configured on the switch port to which the Management Interface on the controller is connected, then the controller should NOT tag the frames (Specify as 0 or just press Enter).
  • Management Interface Port Num – 1. There are 1 to 4 Gigabit Ethernet ports are available, you can choose from any one of them.
  • Virtual Gateway IP Address – Use any unused IP address in your network, typically 1.1.1.1. This IP address is used as DHCP relay (after and mobility, Mobility Management and Layer 3 security (like Guest Web Authentication, VPN termination).
  • Multicast IP Address – use an IP address from 239.0.0.0-239.255.255.255, Multicast messaging between the WLC and the AP is used when sending multicast traffic to the AP’s clients that are subscribed to the multicast messaging at the AP. This way it is still one message sent across the network and not a message-per-AP as in unicast-multicast mode. Multicast is needed when using bonjour protocol, video stream, Vocera Broadcast, Drager mobile systems
  • DHCP Bridging Mode – There are 2 modes of DHCP operation
  1. DHCP Proxy Mode (default) – The real DHCP Server IP address is not exposed in the air. The controller modifies and relays all DHCP transactions to provide helper function, and address certain security issues.The controller’s virtual IP address is normally used as the source IP address of all DHCP transactions to the client.
  2. DHCP Bridge Mode – The DHCP bridging feature is designed to make the controller’s role in the DHCP transaction entirely transparent to the client. The real IP of the DHCP server is seen in the Offer and Ack packets instead of the controller’s virtual IP address.
  • Allow Static IP Addresses – Do you want your clients to supply their own IP address?

 

B. Post Configuration of WLC 2504

  • Specify NTP Server – Go to Controller > NTP > ‘Server’ option to specify your NTP server.
 
C. Cisco Layer 2 Switch Configuration:
Port connected to WLC:-
 interface GigabitEthernet0/1
 switchport trunk native vlan 10
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree portfast
 !
  • If you have not specified “switchport trunk native vlan 10” in the switch port, you should have specified 10 in the Management Interface VLAN Identifier in WLC configuration.
Port connected to AP:-
 interface GigabitEthernet0/23
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
 !
  • Cisco lightweight APs do not understand VLAN tagging and should only be connected to the access ports of the neighbor switch.

2 thoughts on “Cisco Wireless LAN Controller Basic Configuration

  1. just wondering how I get wireless access configured if I have management on 0 and the switchport trunk default to Vlan1. I have a few SSID’s on the controller and I can access all of them accept the one on Vlan1 (Default on switch). I see the access points on Vlan 1 (default) got an IP address. I can see the SSID I have configured on the management vlan (1), but when I go to access it says unable to join. I have confirmed multiple times i have the correct PSK, but it wont connect at all. Im sure I just missed something stupid… 🙁

  2. Heya i’m for the first time here. I found this board
    and I to find It really helpful & it helped me out a lot. I am hoping to provide one thing back and help others such as you aided me.

Leave a Reply