This topic is to discuss the following lesson:
questions: do you need to configure vlans 20 and 30 on the switch? I don’t see these int the video (just vlan interfaces) and also why do you need to specify the dhcp server (switch) in the initial setup since the clients would be getting their ip addresses from the switch presumably before connecting to the wlc? Thanks.
Hello Brad
If you simply create the VLAN interface, the VLAN itself is not created automatically. You do need to create the VLANs themselves in the configuration. These have been shown in the text of the lesson, but not in the video for brevity.
As for the DHCP server, it is necessary because the access points themselves need to receive a dynamic IP address. Once that is done, they will then automatically find the WLC since they are on the same subnet/VLAN.
I hope this has been helpful!
Laz
Why the link between SW1 and APs are access links, if vlan 10 and 20 users are connected via same AP, so will it allow traffic of both vlans???
Hello Muhammad
If you were to configure the wireless network using what is known as a “standalone architecture” then yes, you would need to create a trunk for the connection of the access point so that each SSID can correspond to the appropriate trunk. However, when using a WLC in your architecture, you eliminate the need for a trunk. WLC uses a tunnelling protocol called Control And Provisioning of Wireless Access Points (CAPWAP). This tunnels all the info necessary (VLANs, management, SSIDs etc) between the WLC and the access point. This also allows a single AP to provide multiple SSIDs each of which place data on different VLANs, even when using an access port for the AP. Take a look at this diagram:
You can see that this greatly simplifies the configuration of each access point especially if you have multiple SSIDs. You can find out more information about both the “standalone architecture” as well as the architecture using a WLC and CAPWAP in the following lesson:
I hope this has been helpful!
Laz
2 Likes
Hi;
I try to configure this lab but i see with cisco pacKet tracer. WLC can’t have possibility to do it. Is true?
Raoul;
Hello Raoul
It is not possible to replicate this lab using packet tracer (at least not packet tracer 7.1 which I have and I attempted it on.) This is because packet tracer only allows you to configure the wireless controller using the dialog box interface for basic IP connectivity, and via Web browser if you connect a laptop to it. Once you connect with the web browser you should be able to configure all of the above configuration parameters. Unfortunately, CLI access is not available in packet tracer.
I hope this has been helpful!
Laz
HI, Do we have any other Platform to test\config the wireless Network ( WLC+AP+Clients) rather than Packet Tracer. GNS3\VIRL etc ?
Which can also be usefull in CCNP LABS and Wireless Specialty Course ?
Hello Mohit
All of these simulators/emulators do provide some level of support for WLC/AP/Clients, each one has its strengths and weaknesses. Other than these, ther is also the choice of networksims.com. To be honest I haven’t used it but I have heard good things about it. It’s not free, but it’s not too expensive…
Having said this, there is no substitution for real equipment, and you can generally find cheap used equipment that should cover your needs. It’s not always as convenient or as cheap, but it is still doable if you’re able to invest a little more money into it.
I hope this has been helpful!
Laz
Hi guys… I configure everything and the only thing that doesn’t know how to do is the internet connection. Is there any configuration example for this entire network to have internet?
Hello Agustin
In order to provide connectivity to the Internet for wireless users, you must configure a default route in the switch. Notice that for each subnet in VLANs 10, 20, and 30, a default router has been configured for each DHCP scope. These default routers are the IP addresses of the SVI ports of the switch. Assuming that the switch is an L3 switch, then you can configure another port on the switch, and connect it to the edge router, or the router that connects to the outside world. You will also have to configure a default route in the routing table of the switch to send all default traffic to the Internet.
Once that is done, then all traffic destined for the Internet will be routed correctly.
I hope this has been helpful!
Laz
Hello, can i configure the access-point with trunk like in the following configuration:
interface GigabitEthernet1/0/35
switchport trunk native vlan 999
switchport mode trunk
switchport port-security maximum 4
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address stick
## 999 is the management vlan
Hello Soufiane
I’m assuming that this is the configuration of the switchport on which the access port is connected.
This configuration will work only if you are using up to three wireless hosts on the access point. The fourth host will cause the switchport to go into err-disabled mode.
Assuming you are using a WLC and your DHCP server is somewhere on the network (and not the access point itself) then you will only be able to connect three wireless hosts to the network. The fourth host will not be able to connect.
The switchport port-security maximum 4 command will only allow up to four unique MAC addresses to connect to this port. The first MAC address is that of the access point itself. The second, third, and fourth, are the first three wireless clients to connect. The fifth address that is added will cause the port to go into err-disabled mode due to the switchport port-security violation restrict command. Note also that if a wireless client connects and disconnects before the fifth MAC address is detected, it would still go into err-disabled mode because the switchport port-security mac-address stickycommand causes any learned MAC addresses never to be “unlearned”.
Now if the access point is in stand alone mode, and it is configured to provide IP addresses through a local DHCP server, and it also acts as a switch, then this configuration would work fine. This is because in this case, the access point would be functioning as a separate subnet, and all communication with the switch would take place using a single MAC address, that of the access point itself. This would be well below the 4 MAC addresses allowed on this switchport.
I hope this has been helpful!
Laz
Hi there, can anyone help me on the topic below:
i am working on a issue on WAP 2802i not getting connected through My router which 4G router IR829. when the wap is connected to another switch/ router it gets connected in the WLC.
Hello Singhj
Problems with connectivity of a WAP to the WLC can be due to many different issues. Can you give us some more information about your topology and your configuration?
Laz
Dear Rene,
Hope you are fine .
Can we use CISCO AP as Router Mode that serve DHCP and perform NAT like CAMBIUM AP can do ??
BR//ZAMAN
Hello Zaman
Yes, it is possible to configure a Cisco WAP to function as a DHCP server, a router, as well as a NAT router. There is a multitude of configuration parameters that you can adjust and configure on such an access point. One situation in which an access point would be configured as a DHCP server and a NAT router is if it is configured as the root access point in a mesh network. More about this can be found at the following Cisco documentation:
Keep in mind that this is only one of many configuration options available for a wireless network using Cisco equipment.
I hope this has been helpful!
Laz
Hi, I just have a question on Lightweight Access Points not pointing to their local Wireless controllers. We are a school district with 27 school sites all with their own WLC. I have noticed that some times when installing an spare or repurposed AP that it won’t point to it’s local WLC, but does work and shows up on the former locations WLC. We have attempted Factory resetting the APs. BUt they continue to not grab their local WLC? Can anyone point me in the right direction to solve this mystery?
Hello Chris
There are various ways in which an AP will find its WLC. An AP that has registered with another WLC will keep that information stored, however, a factory reset should cause it to start searching for a local WLC. In any case, the best thing to do is to use the following documentation to see how to reset this configuration.
Once this is done, the best way to let an AP find the WLC is to use DHCP option 43 on the DHCP server to point the access point to the proper WLC. This is detailed below:
Try these out and let us know how you get along!
I hope this has been helpful!
Laz
Hello,
Thank you for your reply. we have performed factory resets of this AP from two addtional sites. I connects just fine at those two sites. However it will not join at its home site.
Thank you for the documentation. I have got some reading to do.
1 Like