Difference between revisions of "Cisco WLC 2504"
Line 397: | Line 397: | ||
transfer download path <span style="color: green">/</span> | transfer download path <span style="color: green">/</span> | ||
transfer download filename <span style="color: green">lab1-wlc_v1.cfg</span> | transfer download filename <span style="color: green">lab1-wlc_v1.cfg</span> | ||
transfer download start | transfer <span style="color: blue">download</span> start | ||
Mode............................................. TFTP | Mode............................................. TFTP |
Latest revision as of 18:24, 15 April 2014
Initial configuration wizard
The following is initial configuration for image 7.5.102.0 version:
HINT: Use '-' hyphen to come back to previous option in the configuration wizard of WLC cli
System Name [Cisco_00:aa:bb] (31 characters max): wlc-1 Enter Administrative User Name (24 characters max): admin Enter Administrative Password (3 to 24 characters): ******** Re-enter Administrative Password : ******** Enable Link Aggregation (LAG) [yes][NO]:no Management Interface IP Address: 10.0.99.7 Management Interface Netmask: 255.255.255.128 Management Interface Default Router: 10.0.99.100 Management Interface VLAN Identifier (0 = untagged): 700
This is your Management VLAN number or use '0' if connecting directly to a laptop
Management Interface Port Num [1 to 4]: 1 Management Interface DHCP Server IP Address: 10.0.99.7 Virtual Gateway IP Address: 1.1.1.1 Multicast IP Address: 239.0.0.10
The multicast address is used by the controller in order to forward traffic to access points. It is important that it does not match another address in use on your network by other protocols. For example, if you use 224.0.0.251, it breaks mDNS used by some third party applications. It is recommended that the address be on the private range (239.0.0.0-239.255.255.255, which does not include 239.0.0.x and 239.128.0.x.)
Mobility/RF Group Name: RFMobilityGroupLab Network Name (SSID): Wireless_Lab Configure DHCP Bridging Mode [yes][NO]: no Allow Static IP Addresses [YES][no]: yes Configure a RADIUS Server now? [YES][no]: no Warning! The default WLAN security policy requires a RADIUS server. Please see documentation for more details. Enter Country Code list (enter 'help' for a list of countries) [US]: GB Enable 802.11b Network [YES][no]: yes Enable 802.11a Network [YES][no]: yes Enable 802.11g Network [YES][no]: yes Enable Auto-RF [YES][no]: yes Configure a NTP server now? [YES][no]: yes Enter the NTP server's IP address: 10.0.99.100 Enter a polling interval between 3600 and 604800 secs: 7200 Configuration correct? If yes, system will save it and reset. [yes][NO]: no Configuration saved! Resetting system with new configuration... Configuration saved! Resetting system with new configuration... Restarting system.
this may take approx ~7 min
The example output can be seen here
Change Management interface VLAN700 to '0' untagged:
Follow these steps when connecting laptop directly to WLC management port. This need to be set up as untagged port.
(Cisco Controller) >show interface summary Number of Interfaces.......................... 2 Interface Name Port Vlan Id IP Address Type Ap Mgr Guest -------------------------------- ---- -------- --------------- ------- ------ ----- management 1 700 10.0.99.7 Static Yes No virtual N/A N/A 1.1.1.1 Static No No (Cisco Controller) >config interface vlan management 0 Request failed - Active WLAN using interface. Disable WLAN first. config wlan disable all config interface vlan management 0 config wlan enable all show interface summary Number of Interfaces.......................... 2 Interface Name Port Vlan Id IP Address Type Ap Mgr Guest -------------------------------- ---- -------- --------------- ------- ------ ----- management 1 untagged 10.0.99.7 Static Yes No virtual N/A N/A 1.1.1.1 Static No No
You can connect now directly to a laptop and verify connectivity to WLC by ping to 10.0.99.7 from the laptop.
(Cisco Controller) >show interface detailed management Interface Name................................... management MAC Address...................................... 24:00:aa:bb:d7:00 IP Address....................................... 10.0.99.7 IP Netmask....................................... 255.255.255.128 IP Gateway....................................... 10.0.99.100 External NAT IP State............................ Disabled External NAT IP Address.......................... 0.0.0.0 VLAN............................................. untagged Quarantine-vlan.................................. 0 Active Physical Port............................. 1 Primary Physical Port............................ 1 Backup Physical Port............................. Unconfigured DHCP Proxy Mode.................................. Global Primary DHCP Server.............................. 10.0.99.7 Secondary DHCP Server............................ Unconfigured DHCP Option 82................................... Disabled IPv4 ACL......................................... Unconfigured IPv6 ACL......................................... Unconfigured mDNS Profile Name................................ Unconfigured AP Manager....................................... Yes Guest Interface.................................. No L2 Multicast..................................... Enabled
Applying license to support Access Poiints
By default Cisco WLC 2504 supports only 5 access points. Here we will be applying AP count license to add additional 25 access points to base image. It may happen that you need to remove base count license
(Cisco Controller) >license install tftp: url is invalid. Use tftp://<server ip>/path/filename (Cisco Controller) >license install tftp://10.10.10.2/PSZAABBCCDD_20140103032222.lic Transfering licenses from tftp://10.10.10.2/PSZAABBCCDD_20140103032222.lic 1/3 licenses were successfully installed 2/3 licenses were existing licenses 0/3 licenses were failed to install Failed license installation at index:0 : Duplicate license Failed license installation at index:1 : Duplicate license
- Verify
Please believe the last line was showing 25, now it is 50.
(Cisco Controller) show>sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.101.0
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 1.0.0
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... Cisco_aa:bb:cc
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 10.10.10.1
Last Reset....................................... Power on reset
System Up Time................................... 0 days 4 hrs 1 mins 19 secs
System Timezone Location.........................
Configured Country............................... GB - United Kingdom
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +26 C
External Temperature............................. +30 C
Fan Status....................................... 4300 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ 84:78:AC:AA:BB:CC
Maximum number of APs supported.................. 50
Upgrade WLC software using cli method
(Cisco Controller) >transfer download mode tftp (Cisco Controller) >transfer download serverip 10.10.10.3 (Cisco Controller) >transfer download path ./ (Cisco Controller) >transfer download filename AS_5500_7_5_102_9.aes (Cisco Controller) >transfer download start Mode............................................. TFTP Data Type........................................ Code TFTP Server IP................................... 10.10.10.3 TFTP Packet Timeout.............................. 6 TFTP Max Retries................................. 10 TFTP Path........................................ ./ TFTP Filename.................................... AS_5500_7_5_102_9.aes This may take some time. Are you sure you want to start? (y/N) y TFTP Code transfer starting. TFTP receive complete... extracting components. Image version check passed. Executing backup script. Writing new RTOS to flash disk. Writing new FP to flash disk. Writing new AP Image Bundle to flash disk. Executing fini script. TFTP File transfer is successful. Reboot the controller for update to complete. Optionally, pre-download the image to APs before rebooting to reduce network downtime.
- Verify version
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.220.0
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 1.0.0
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... Cisco_31:59:44
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 10.10.10.2
Last Reset....................................... Power on reset
System Up Time................................... 0 days 6 hrs 34 mins 19 secs
System Timezone Location.........................
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... GB - United Kingdom
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +25 C
External Temperature............................. +31 C
Fan Status....................................... 4000 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ 44:03:A7:AA:BB:CC
Maximum number of APs supported.................. 25
Before reboot verify image change from old 7.0.220.0 -> 7.5.102.9. Notice that the old image has become a Backup Boot Image.
(Cisco Controller) >show boot
Primary Boot Image............................... 7.5.102.9 (default)
Backup Boot Image................................ 7.0.220.0 (active)
- Reload
The controller now has the code update in active volatile RAM, but you must enter reset system to save the code update to non-volatile NVRAM and reboot the Cisco Wireless LAN Controller:
reset system The system has unsaved changes. Would you like to save them now? (y/n) y
- Verify new software/code version when WLC is booting up
(Cisco Controller) >
Updating license storage ... Done.
Restarting system.
WLCNG Boot Loader Version 1.0.16 (Built on Feb 28 2011 at 13:14:54 by cisco)
Board Revision 0.0 (SN: PSZ17012345, Type: AIR-CT2504-K9) (P)
Verifying boot loader integrity... OK.
OCTEON CN5230C-SCP pass 2.0, Core clock: 750 MHz, DDR clock: 330 MHz (660 Mhz data rate)
CPU Cores: 4
DRAM: 1024 MB
Flash: 32 MB
Clearing DRAM........ done
Network: octeth0', octeth1, octeth2, octeth3
' - Active interface
E - Environment MAC address override
CF Bus 0 (IDE): OK
IDE device 0:
- Model: 1GB CompactFlash Card Firm: CF B612J Ser#: A191102621A10AABBCCD
- Type: Hard Disk
- Capacity: 977.4 MB = 0.9 GB (2001888 x 512)
Press <ESC> now to access the Boot Menu...
Cisco AireOS Version 7.5.102.9
Firmware Version PIC 16.0
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Initializing Licensing Services:
License daemon start initialization.....
ok
License daemon running.....
Starting Statistics Service: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting FIPS Features: ok : Not enabled
Starting Fastpath Hardware Acceleration: Starting Switching Services: ok
ok
Starting Fastpath Console redirect : ok
Starting Fastpath DP Heartbeat : ok
Fastpath CPU0.00: Starting Fastpath Application. SDK-1.8.0, build 269. Flags-[DUTY CYCLE] : ok
Fastpath CPU0.00: Initializing last packet received queue. Num of cores(2)
Fastpath CPU0.00: Init MBUF size: 1856, Subsequent MBUF size: 2040
Fastpath CPU0.00: Core 0 Initialization: ok
Fastpath CPU0.00: Initializing Timer...
Fastpath CPU0.00: Initializing Timer...done.
Fastpath CPU0.01: Core 1 Initialization: ok
Starting QoS Services: ok
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Client Troubleshooting Service: ok
Starting Management Frame Protection: ok
Starting Certificate Database: ok
Starting VPN Services: ok
Starting DNS Services: ok
Starting Licensing Services: ok
Starting Redundancy: ok
Starting LWAPP: ok
Starting CAPWAP: ok
Starting LOCP: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Capwap Ping Component: ok
Starting AVC Services: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting RF Profiles: ok
Starting Power Supply and Fan Status Monitoring Service: ok
Starting Mesh Services: ok
Starting TSM: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting DTLS server: enabled in CAPWAP
Starting CleanAir: ok
Starting WIPS: ok
Starting SSHPM LSC PROV LIST: ok
Starting RRC Services: ok
Starting SXP Services: ok
Starting Alarm Services: ok
Starting FMC HS: ok
Starting IPv6 Services: ok
Starting Config Sync Manager : ok
Starting Hotspot Services: ok
Starting Portal Server Services: ok
Starting mDNS Services: ok
Starting Management Services:
Web Server: CLI: Secure Web: ok
(Cisco Controller)
Enter User Name (or 'Recover-Config' this one-time only to reset configuration to factory defaults)
After reboot verify image change from old 7.0.220.0 -> 7.5.102.9. Notice that the new image is Active.
(Cisco Controller) >show boot Primary Boot Image............................... 7.5.102.9 (default) (active) Backup Boot Image................................ 7.0.220.0
Save startup config to TFTP
Controllers contain two kinds of memory: volatile RAM and NVRAM. Save the configuration from volatile RAM to NVRAM (it becomes startup config) without resetting the controller by:
save config
Export startup config file to TFT server runs on a laptop with IP 10.0.99.20
transfer upload datatype config transfer upload mode tftp transfer upload serverip 10.0.99.20 transfer upload filename config.cfg transfer upload path / transfer upload start Mode............................................. TFTP TFTP Server IP................................... 10.0.99.20 TFTP Path........................................ / TFTP Filename.................................... config.cfg Data Type........................................ Config File Encryption....................................... Disabled ************************************************** *** WARNING: Config File Encryption Disabled *** ************************************************** Are you sure you want to start? (y/N) y TFTP Config transfer starting. File transfer operation completed successfully.
You will find config.cfg on your TFTP server and can be edited in a text editor.
Apply config to WLC from TFTP
You can also copy and paste into terminal however downloading & applying the config file from tftp seems more clean/slick/pro. Please notice that IP 10.0.99.20 is a laptop running tftp server hosting the file lab1-wlc_v1.cfg
transfer download datatype config transfer download mode tftp transfer download serverip 10.0.99.20 transfer download path / transfer download filename lab1-wlc_v1.cfg transfer download start Mode............................................. TFTP Data Type........................................ Config TFTP Server IP................................... 10.0.99.20 TFTP Packet Timeout.............................. 6 TFTP Max Retries................................. 10 TFTP Path........................................ / TFTP Filename.................................... lab1-wlc_v1.cfg Encrypt/Decrypt Flag............................. Disabled Warning: Downloading configuration will cause the controller to reset... This may take some time. Are you sure you want to start? (y/N) y TFTP Config transfer starting. TFTP receive complete... updating configuration. TFTP receive complete... storing in flash. System being reset. Resetting system ...
References
- Wireless LAN Controller (WLC) Software Upgrade
- Setting Up a Wireless LAN Controller (WLC)
- Wireless LAN Controller (WLC) Configuration Best Practices Oct 2013
- Cisco Wireless LAN Controller Configuration Guide Release 7.3
- Chapter 9 - Managing Controller Software and Configurations Cisco Wireless LAN Controller Configuration Guide, Release 6.0