Cisco 9800 WLC configuration Demo

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello and welcome to asgen tech forum and in this video we are going to see how to apply um the user configuration or the wlan configuration on c9800 controllers in my earlier video i have shown you the overview of it how to navigate around this and then if you get a brand new box uh how to apply base configuration how to enable h a or redundancy between them and now the next step apply the controller config so that ap can join controllers and it can start broadcasting the ssid so that user can associate to that ssid and start using network services one key thing is to remember that if you are familiar with cisco wireless solution the earlier solutions will rely on aros but c9800 is using ios 6c so the configuration method is a is a vastly different from airways so you will think you will see that we still configure those things but we configure those things differently that means the approach is different and that's why we will try to we'll spend few minutes to understand the config model what is mandatory what is optional and how they are interlinked together okay and if you are not if you find it complicated or difficult just bear with me when i go to demo things will be very very clear to you okay so in 9800 config model there are two key things policy and tags under policy you define three types of policy wlan policy site policy and radio policy and as the name suggests wlan is all about wireless lan characteristics then site policy you can define things per site uh and radio policy so all your rf related characteristics these things are interrelated that mean once you define your wlan you can call in those policy or profile under site so that they can inherit those values and finally you apply these policies and tags to iap so you say that all my ap or one particular ap or one part or ap is in particular building they will inherit this profile so assignment can be static dynamic location based and multiple ways right so let's read a little bit more about this so profile these are the things you define first and these are the different kind of profile you define so you define your ap join profile wlan profile not everything is mandatory but these are the different profiles available flex profile is especially if you have remote branches where there is no wlc controller and this there is a centralized controller that is a flex configuration right so you define your flex profile then you define your tags and finally as i mentioned you can apply these tags based on static static allocation or location base like that if you're wondering that you have to configure all these objects uh that's not necessary by default there are everything configure as a default default default so if you don't want to configure anything you can still use the default values and apply it to ap right and that's what you will see that as soon as my controller is up and my ap has got reachability to the controller via dhcp it has joined the controller already because it is using all those default profiles okay let's now quickly talk about demo so this is my demo setup in earlier video we have to appear of 9800 where we have configured hf between them uh 9800 is connected to a distribution distribution infrastructure via a port channel and this distribution infrastructure has ap connected to it so in this model we are going to configure our wlc so that ap can join controller and at the same time user can associate to those ssids okay now let's go to demo a couple of things i want to show you is on my wlc controller i have already allowed uh vlan uh user vlan so my user vlan is 250 my ap val vlan was 10 as you have seen in earlier video now i have added vlan 250 as well okay because i want these in these vlan traffic to come to wlc right so this is our wlc dashboard and let's go to steadily go to configure but before we go to configure let's look at the access point and you can see my access point has joined using default default default all these things and if you click on this tag you will see a very good view what we just talked about right the different object and how they are associated uh or attached to the ap so right now it's everything is using default but don't worry we are going to build a new one so let's go to config and this is the tab we'll be focusing on tags and profile this is the this is the concentration of our configuration okay so let's start with ap join we already have a default ap profile but we are going to ignore that and let's click add another one so i'm going to say um my 9800 i don't know i know it's not a great name but yep i am not very creative so let's define the ntp ip here go to the next tab uh things to remember adjustments and this looks good so default value is good cap all the default looks good what i want to do i want to configure define my primary controller you can define your secondary controller also but for sake of a quick video we just live with primary and go to ap everything here looks good okay and management this is also good uh device user okay let's create a user admin so this is my ap and password cisco one two three super secret password um cisco123 okay i don't want any dot 1x other things rogue ap my rook detection is enabled and icap is a new feature where you can capture all the packet full packet capture so management frame control frame data frame everything you can capture from wlc itself so looks good now um so key things to remember what we configured is we configured ntp we configured a cap app so you define your controller ip and we define the ap credentials okay so let's save it all right again let's go back to configuration we are not going to do flex so let's click on profile policy add policy profile so i want to add one and i'm going to say name it my 9800 policy pro file and we are going to enable it okay once you enable it everything looks good here so we have enabled it now let's go to access policy under access policy i want to select uh my user vlan okay and no acl are the things needed so i am living with bare minimum configuration here but you can see all these parameters are here for you and qos and avc so i'm going to select fastlane so fastlane is 802.11e implementation all the best practices mobility no mobility needed advance things looks good here few things you have to remember okay access i am looking at pre-author start general okay so looks good now apply let's go back again now rf profile all these rf profiles are defined already but i will just create a dummy one so we can say my 9800 rf 5 gigahertz status enable copyrighted device and i will create one more for 2.4 gigahertz by 9800 to 4 gigahertz and enable this so we can use very well use the layer profile but i i'm just creating the dummy one so that i can show you how it is get applied so configuration is done so we have created ap join profile policy profile in rf profile now let's move on to the tags and this is the things you will create again so first thing is policy tags add policy tags so i'm going to say again my 2800 policy tag and then you actually map it so wlan profile we created earlier wlan profile here and policy profile here in drop down say yes apply to devices so we have created our policy profile now let's create a site profile site tag sorry my 9800 site tag ap join profile we created an another one so i'm going to select that one and apply to device so we created a site and then we have rf so let's create a new rf profile rf tag my 9800 rf tag and these are the the ones we created i'm going to we call them here okay so so far what we did we created ap join profile we created a policy profile and other things but what we didn't create it's wlan okay so let's go back to wlan okay security security what we want to do we want to just use i don't want to use this for simplicity we just want to use psk so for psk our pre-shared key this is the key user will use to join the network and you can see the super secret cisco one two three so that is my security update okay yes so my ssid is dcs 9800 and it is using psk security pre-shared key and we have defined the pre-shared key okay so everything is configured we have seen that we created ap join profile policy profile rf tag and then we went to tag configure all those tags right and call this values so here you can see this is my policy profile which is calling wlan profile which so everything is nested and now finally final part is assign it to ap how do you assign it to ap right so i'm going to say static ap mac address you can say default triangle i want this whatever custom things we defined we are going to use them here okay what it is asking me to uh is ap mac address all right so we need mac address of the ap and i have it in my excel sheet or we can very well log into the ap and check the mac address but i have it handy here for me [Music] okay i'm going to copy that mac address and i'm going to enter it here at the same time what we will do we will connect to the console of that ap and watch the association in real time okay invalid mac address we could expect us to put a colon format oops this is a serial number my bad so let's connect to this ap first and ap mac is this okay this is our ap mac and i'm connected to my ap here okay apply to devices and you can watch it in real time okay cap web straight so every time you do something some changes the cap back dtls tunnel is going to tear down and it will reboot and it will associate to the new tag well i hope uh so far you were able to follow me i know it was a little complicated demo because we are really building a lot of objects and calling those objects together but think of it it's it's a it's quite simple so basically how i um my my mind mapping is you define four objects first if you don't want to rely on uh on default profiles you define four things first your ap join profile your where you define your ntp h a uh mss and the username and password for ap then second step is define your wlan profile wlan profile is for your ssid ssid security but if you are using wp2 wpa2 enterprise or psk so that security then rf profile rf profile is pretty simple right and then policy profile the policy profile is where you are going to define your uh user vlan right what if you have multiple vlan user vlan voice vlan or finance and other segments you define all those vlans there right so all these four objects you have to define first then you move on to do tags once you click on tags you have to define policy tag policy tag when you define policy tag you will call in wlan profile and policy profile and attach it to the policy tag then the site tag site tag define a site tag associate your ap join profile to the site tag and then rf tag simple finally ap associate association and as i shown you static so if you do static you are going to put the mac address of the ap and define three parameters uh what we have discussed policy tag name site tag name rf diagram and it will make your ap reboot and the ap is going to get ip address from dhcp okay and let's check if our username and password what we define is working so define yes i can log in and let's go one two three show my p int brief it has got an ip address uh from the controller and now let's go back to the controller click on access points i am interested in this access point only and now you can see that whatever we defined as a part of new config model this ap is inheriting only those profiles you can see this so it has changed from default to the newer one and join stats so basically my ap has joined and it is connected for client right now i do not have any client who can actually associate it associate to the ssid what we defined because the setup is in a lab but in i'll see whenever i have that setup available i'll try to join my phone or my laptop to the ssi id and i will show you the client start here okay but from wlc you can see things from cli perspective also the same information show ap summary and show wireless client um summary yep summary no client i'll see whenever the client available i'll do a add-on of like two-minute video quickly and show you how how the client is connected and using this services so i hope you find this series interesting enough and now you feel confident with the new hardware or new products 9800 if you have any question any any confusion feel free to ask questions in my comment section and i'll make sure that i'll take time and reply your queries thank you very much
Info
Channel: SDN TechForum
Views: 3,265
Rating: undefined out of 5
Keywords: Networking, sdntechforum, monitoring, cisco
Id: -iIfDMx6Qhk
Channel Id: undefined
Length: 21min 17sec (1277 seconds)
Published: Thu Oct 01 2020
Related Videos
Cisco 9800 WLC- Base config and Redundancy
SDN TechForum
5.3K
Juniper Mist Marvis Evolution - The Journey to an AI-Driven Enterprise​
Tech Field Day
2.4K
Wi-Fi, WLAN, WLC - Get (free) Hands On | Cisco CCNA 200-301
Keith Barker
77K
Cisco C9800 WLC FlexConnect Configuration
Rowell Dionicio
5.3K
Cisco C9800L Wireless LAN Controller - Basic Wireless Setup
Ingram Micro BTC - Cisco
5K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
Cisco 9800-L Wireless Controller Overview and Setup
Cisco Sal
36K
Wireless for Network Engineers - part I
SDN TechForum
71
9800 wireless controller High availability with the RMI and gateway reachability failover feature
Yogesh Gawankar
2.5K
Introduction to Networking
Eli the Computer Guy
2M
$250 Slab To $7700 Table
Blacktail Studio
3.6M
FortiGate 60F HA Cluster Build
Fortinet Guru
1.8K
Cisco 9800 CL Controller install on VMWARE - Wireless LAN Controller
Chris Avants
1.6K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.