CCNP Switch Lab 7-2 Configuring a WLAN Controller

CCNP Switch Lab 7-2 Configuring a WLAN Controller

Topology

 

Objectives

  • Implement campus network infrastructure to support wireless.
  • Configure a WLAN controller (optional).

Background
In this lab, you will configure the network infrastructure (Layer 2 and Layer 3 switches) to prepare for a wireless solution involving a wireless LAN (WLAN) controller and two lightweight wireless access points (LWAPs). The WLAN controller and LWAPs are optional and might not be present in your topology. If that is the case, read through those portions of the lab that deal with their configuration to become familiar with the process and commands.

Note: This lab uses Cisco WS-C2960-24TT-L switches with the Cisco IOS image c2960-lanbasek9-mz.122- 46.SE.bin, and Catalyst 3560-24PS with the Cisco IOS image c3560-advipservicesk9-mz.122-46.SE.bin. You can use other switches (such as a 2950 or 3550) and Cisco IOS Software versions if they have comparable capabilities and features. Depending on the switch model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab.

Required Resources

  • 2 switches (Cisco 2960 with the Cisco IOS Release 12.2(46)SE C2960-LANBASEK9-M image or comparable)
  • 1 switch (Cisco 3560 with the Cisco IOS Release 12.2(46)SE C3560-advipservicesk9-mz image or comparable)
  • 1 WLAN controller (optional, however configuration instructions are provided)
  • 2 LWAPs (optional)
  • Console and Ethernet cables

Step 1: Prepare the switches for the lab.

a. Erase the startup-config file, delete the vlan.dat file, and reload each switch to clear the previous configurations.
b. Configure the switch hostnames as shown in the topology.
c. (Optional) To reset the WLAN controller, use the clear controller command followed by the reset system command.

Step 2: Configure VLANs, trunks, and VTP.

a. Configure DLS1 as a VTP server, and ALS1 and ALS2 as clients in the VTP domain CISCO. Configure the switch-to-switch links shown in the diagram as 802.1Q trunks. Add VLANs 2, 3, 10, 50, and 100 to DLS1.

b. Verify that VTP traffic has passed between the switches by comparing the non-zero VTP configuration revision using the show vtp status command.

Step 3: Configure SVIs.

Configure all the switch virtual interfaces (SVIs) shown in the diagram for DLS1.

Step 4: Configure DHCP.

DHCP gives out dynamic IP addresses on a subnet to network devices or hosts rather than statically setting the addresses. This is useful when dealing with LWAPs, which usually do not have an initial configuration. The WLAN controller that the LWAP associates with defines the configuration. A lightweight access point can dynamically receive an IP address and then communicate over IP with the WLAN controller. In this scenario, you also use DHCP to assign IP addresses to hosts that connect to the WLANs.

a. Configure DLS1 to exclude the first 150 addresses from each subnet from DHCP to avoid conflicts with static IP addresses using the ip dhcp excluded-address low-address [high-address] global configuration command.

b. To advertise on different subnets, create DHCP pools with the ip dhcp pool name command. After a pool is configured for a subnet, the Cisco IOS DHCP server processes requests on that subnet, because it is enabled by default. From the DHCP pool prompt, set the network and mask to use with the network address /mask command. Set a default gateway with the default-router address command. VLAN 50 also uses the option command, which allows you to specify a DHCP option. In this case, option 43 is specified (a vendor-specific option), which gives the LWAPs the IP address of the WLAN controller AP Manager interface. It is specified in a hexadecimal TLV (type, length, value) format. This configuration uses f104ac106464, which is made up of the following:

  • f1 is the hardcoded type of option.
  • 04 represents the length of the value (an IP address is 4 octets).
  • ac106464 is the hexadecimal representation of 172.16.100.100, which is going to be the AP manager address of the WLAN controller.

DHCP option 60 specifies the identifier that access points will use in DHCP.

Note: This lab uses Cisco Aironet 1240 series access points.

Step 5: Configure infrastructure wireless support.

On ALS1 and ALS2, configure the switch port of each access point with the spanning-tree portfast command so that the access point receives an IP address from DHCP immediately, thereby avoiding spanning-tree delays. All control and data traffic between the controller and the access points passes over this VLAN to this interface. Configure the ports going to the access points to be in VLAN 50. DLS1 will route the traffic between the VLANs. Configure the interface on DLS1 that connects to the WLAN controller as an 802.1Q trunk.

Step 6: Configure the switch port for the management host.

a. Host C is attached to DLS1 and is running Microsoft Windows. Configure the switch port to which the host is attached to be in VLAN 10 and enable PortFast.

b. Configure the host with an IP address in VLAN 10, which will (optionally) be used to access the HTTP web interface of the WLAN controller. Configure the IP address 172.16.10.50/24 with the default gateway 172.16.10.1.

c. From Host C, ping the DLS1 VLAN 10 interface. You should receive responses. If you do not, troubleshoot, verifying the VLAN of the switch port, and the IP address and subnet mask on each device on VLAN 10.

Step 7: Enable IP routing on DLS1.

a. Enabling IP routing on DLS1 lets DLS1 route between all subnets shown in the diagram. DLS1 can effectively route between all the VLANs configured because it has an SVI in each subnet.

b. Each IP subnet is shown in the output of the show ip route command issued on DLS1.

Step 8: (Optional) Configure initial settings on the WLAN controller.

When you restart the WLAN controller, a configuration wizard prompts you to enter basic configuration attributes. You have entered the wizard interface when you see “Welcome to the Cisco Wizard Configuration Tool.” Pressing Enter at a prompt accepts the default for a configuration option. The default is in square brackets. If there is more than one choice in square brackets, the default is the option in capital letters.

a. The first prompt asks for a hostname. Use the default. Use cisco as both the username and password.
Welcome to the Cisco Wizard Configuration Tool
Use the ‘ -‘ character to backup
System Name [Cisco_49:43:c0]:
Enter Administrative User Name (24 characters max): cisco
Enter Administrative Password (24 characters max): cisco

b. Enter the management interface information. The management interface communicates with the management workstation in VLAN 1. The interface number is 1, because this is the port trunked from the controller to the switch. The VLAN number is 0 for untagged. It is untagged because VLAN 1 is the native 802.1Q VLAN and is, therefore, sent untagged through 802.1Q trunks.

c. Configure an interface to communicate with the access points. This will be in VLAN 100 and is tagged as such on the trunk.

d. Configure the virtual gateway IP address as 1.1.1.1 (this is acceptable because you are not using this for routing). The virtual gateway IP address is typically a fictitious, unassigned IP address, such as the address we are using here, to be used by Layer 3 Security and Mobility managers. Virtual Gateway IP Address: 1.1.1.1

e. Configure the mobility group and network name as ccnppod. Allow static IP addresses by pressing Enter, but do not configure a RADIUS server now.

Note: Wireless equipment varies from country to country. Make sure to use the appropriate country code.

Step 9: (Optional) Configure the prompt and access methods on the WLAN controller.

a. When the WLAN controller has finished restarting, log in with the username cisco and password cisco.

User: cisco
Password: cisco

b. Change the controller prompt to WLAN_CONTROLLER with the config prompt name command. Notice that the prompt changes.

c. Enable Telnet and HTTP access to the WLAN controller. HTTPS access is enabled by default, but unsecured HTTP is not.

d. Save your configuration with the save config command, which is similar to the Cisco IOS copy run start command.

e. To verify the configuration, you can use the show interface summary, show wlan summary, and show run-config commands on the WLAN controller.

Device Configurations (Instructor version)

Switch DLS1

Switch ALS1

Switch ALS2

More Resources

About the author

Prasanna

Leave a Comment