Guest

Cisco Services Modules

Wireless Services Module 2 (WiSM2) Deployment Guide

Document ID: 112968

Updated: Mar 17, 2014

   Print

Introduction

The Cisco Wireless Services Module 2 (WiSM2) Controller for Catalyst 6500 Series Switches is a highly scalable and flexible platform that enables systemwide services for mission-critical wireless in medium to large-sized enterprises and campus environments. Designed for 802.11n performance and maximum scalability, the WiSM2 controller supports a higher density of clients and delivers more efficient roaming, with at least nine times the throughput of existing 802.11a/g networks. The WiSM2 controller offers enhanced uptime with the ability to simultaneously manage up to 1,000 access points (APs); superior performance for reliable streaming video and toll quality voice; and improved fault recovery for a consistent mobility experience in the most demanding environments.

Cisco Catalyst 6500 Series WiSM2 Controller

wism2-deploy-guide-01.gif

As a component of the Cisco Unified Wireless Network, this controller provides realtime communication between Cisco Aironet access points, the Cisco Wireless Control System (WCS), and the Cisco Mobility Services Engine to deliver centralized security policies, wireless intrusion prevention system (IPS) capabilities, award-winning RF management, and quality of service (QoS). With CleanAir technology the WiSM2 protects 802.11n performance by providing cross-network access to real-time and historic RF interference information for quick, troubleshooting and resolution. This integrated approach to large-scale wireless networking, customers can realize significant total cost of ownership (TCO) benefits by streamlining support costs and reducing planned and unplanned network downtime.

Features

Other features and characteristics of the WiSM2 controller are summarized here.

Note: Sup 720 software version 12.2.(33)SXJ is the minimum software required for operation with the WiSM2 controller.

Feature Parity with 5500 Appliance Controllers:

  • Interoperability with other service modules and WiSM1

  • Supports up to 1,000 APs/15,000 clients

    Note: The 7.0.116.0 Release of WiSM2 could only support 500 APs and 10,000 clients; however, the 7.2.103.0 Release can support 1,000 APs and 15,000 clients. Refer to Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 7.2.103.0 for more information.

  • License upgrade from 100 APs in increments up to 500 APs

  • Data Plane (Encrypted/Unencrypted/ACL) throughput of 10 Gbps

  • Supports Sup720, Sup720-10G, Sup-2T, and 6500-E-Series chassis

  • Supports Non-E Series with high speed fans

  • Sup 720 Software Version 12.2(33)SXJ or higher

  • Supports up to 7 blades in a chassis; 14 in VSS mode

  • Supports up to 5 blades in a chassis when other service modules are present; 10 in VSS

  • Support for OEAP

Prerequisites

Requirements

This is a list of components that are required when deploying WiSM2 in the Catalyst chassis:

Device/Application SW Versions
Catalyst 650X with 720 Sup* 12.2(33)SXJ or Higher
Ethernet Line-Cards - Tested and Compatible with WiSM2 6148, 6516, 6548, 6704-10Gb, 6708-10Gb, 6716-10Gb, 6748 and 6724
WiSM2 Controllers 7.0 MR1 ver 7.0.116.0
WCS 7.0 MR1 ver 7.0.172.0

* The Catalyst chassis on which the Cisco WiSM2 is installed needs a Supervisor 720 module.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Related Products

WiSM2 operates with the Supervisor 720 family, including:

  • FS3 Supervisor 720 (WS-SUP720) – Also referred to as the Supervisor 720-3a.

  • FS4 Supervisor 720-3B (WS-SUP720-3B) – This is an update of the original Supervisor 720 adding support for a number of new hardware-based features like MPLS and ACL counters.

  • FS5 Supervisor 720-3BXL (WS-SUP720-3BXL) – Provides the same hardware feature capabilities as a Supervisor 720-3B, but also adds increased capacity for storing up to 1 Million IPV4 routes.

  • FS6 Supervisor 720-3C-10GE and Supervisor 720-3CXL-10GE – Adds support for 2 x 10GE uplink ports on the front panel as well as support for a number of new hardware features like support for Virtual Switch Link (VSL).

Note: The Catalyst chassis on which the Cisco WiSM2 is installed needs a Supervisor 720 module. This table shows the supported slots for the Cisco WiSM2. Installing WiSM2 in the Supervisor slot is not recommended.

wism2-deploy-guide-08.gif

Note: WiSM2(s) are supported in the –E Series chassis.

wism2-deploy-guide-09.gif

* Supervisor slots not recommended as WiSM2 slots.

Note: WiSM2(s) are supported in the above Non-E-Series chassis with HS fan trays.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Basic WiSM2 and Catalyst 6500 Topology

wism2-deploy-guide-02.gif

Initial System Configuration

Complete these steps:

  1. Upgrade the Catalyst 65XX with the IOS software 12.2(33)SXJ provided on Cisco.com. Only after upgrading the Catalyst IOS software will the system recognize the WiSM2 blade. Upgrade of the Catalyst IOS can be done via TFTPing the new IOS software to the system or by simply copying the image into the flash card. The flash card has to be 256 MB in size or larger. Here is an example:

    CAT6504-MA#dir disk1:
    Directory of disk1:/
    
        1  -rw-        4713  Jul 12 2010 20:36:44 +00:00  cat6504-ma
        2  -rw-        8112   Mar 1 2007 19:18:56 +00:00  running-config
        3  -rw-   130796804  Mar 30 2011 14:49:24 +00:00  
          s72033-adventerprise_wan-mz.122-33.SXJ.bin
    
    512040960 bytes total (381222912 bytes free)
  2. Issue the reload command on the Cat650X in order to restart the Cat65XX. Then, reboot the system with the new image and make sure the "boot image" is pointing to the new Catalyst IOS image on the system or the flash disk as in this example:

    rommon 1 > dir disk1:
    
    Initializing ATA monitor library...
    Directory of disk1:
    
    5      130796804 -rw-     s72033-adventerprise_wan-mz.122-33.SXJ.bin
    35816    4713      -rw-     cat6504-ma
    4      8112      -rw-     running-config
    rommon 2 > boot disk1:s72033-adventerprise_wan-mz.122-33.SXJ.bin
    
  3. After you reload with the new software, the sh version command will show the version of software as posted on Cisco.com. Make sure the proper software is loaded:

    CAT6504-MA#sh version
    Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISE_WAN-M), Version 
       12.2(33)SXJ, RELEASE SOFTWARE (fc3)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2011 by Cisco Systems, Inc.
    Compiled Thu 17-Mar-11 15:10 by prod_rel_team
    
    ROM: System Bootstrap, Version 12.2(17r)S4, RELEASE SOFTWARE (fc1)
  4. Insert the WiSM2 board in the available 65XX- E slot and issue the sh module command on the Cat65XX. The WiSM2 module has to appear in the list:

    CAT6504-MA#sh module
    Mod Ports Card Type                              Model              Serial No.
    --- ----- -------------------------------------- ------------------ -----------
      1    2  Supervisor Engine 720 (Active)         WS-SUP720-3BXL     SAL1101CWTQ
      2   48  SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX     SAL09497FS3
      3    4  WiSM 2 WLAN Service Module             WS-SVC-WISM2-K9    SAL1421JDER
    
    Mod MAC addresses                       Hw    Fw           Sw           Status
    --- ---------------------------------- ------ ------------ ------------ -------
      1  0017.9568.72b4 to 0017.9568.72b7   5.3   8.4(2)       12.2(33)SXJ  Ok
      2  0016.470d.ec04 to 0016.470d.ec33  10.2   7.2(1)       12.2(33)SXJ  Ok
      3  0011.92ff.ed20 to 0011.92ff.ed2f   0.5   12.2(18r)S1  12.2(33)SXJ  Ok
    
    Mod  Sub-Module                  Model              Serial       Hw     Status
    ---- --------------------------- ------------------ ----------- ------- -------
      1  Policy Feature Card 3       WS-F6K-PFC3BXL     SAL1052CK95  1.8    Ok
      1  MSFC3 Daughterboard         WS-SUP720          SAL1052CK3E  2.6    Ok
      2  IEEE Voice Daughter Card    WS-F6K-GE48-AF     SAL094978HV  1.2    Ok
    
    Mod  Online Diag Status
    ---- -------------------
      1  Pass
      2  Pass
      3  Pass
    CAT6504-MA#
  5. If the module is not on the list, reset the system again. If the module is shown in the list, proceed with the next step.

    Note: The next few steps are done to install/upgrade and configure the software on the WiSM2 in the Catalyst 65XX switch.

  6. You can load the software via the command line interface. Configuration via WebUI is not available at this point since the Management Interface on the wireless controller is not configured yet. The controller should be configured to operate properly on your network and configured with the IP addresses of your working subnets. You can configure the wireless controller by directly attaching it to the console ports on the WiSM2 controller or opening a console session to the controller module from the Catalyst interface as shown here.

    Note:  You can access the WiSM2 through a session command directly now.

    CAT6504-MA#session slot 3 processor 1
    The default excape character is Ctrl-^, then x.
    You can also type 'exit' at the remote prompt to end the session
    Trying 192.168.2.21 ... Open
    
    (WiSM-slot3-1)
    User: admin
    Password:*******
    (WiSM-slot3-1) >
  7. After configuring the WiSM2 controller and issuing the show sysinfo command, you should see this output with Mgmt interface IP address of 10.70.0.10:

    (WiSM-slot3-1) >show sysinfo
    
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.0.114.114
    Bootloader Version............................... 1.0.7
    Field Recovery Image Version..................... 1.0.0
    Firmware Version................................. FPGA 1.6, Env 0.0, USB console
       2.2
    Build Type....................................... DATA + WPS
    
    System Name...................................... Jian1-ma
    System Location.................................. TME Lab - Mike's Rack
    System Contact................................... Mike Adler
    System ObjectID.................................. 1.3.6.1.4.1.9.1.1293
    IP Address....................................... 10.70.0.10
    Last Reset....................................... Watchdog reset
    System Up Time................................... 0 days 0 hrs 11 mins 46 secs
    System Timezone Location.........................
    Current Boot License Level....................... base
    Current Boot License Type........................ Evaluation
    Next Boot License Level.......................... base
    Next Boot License Type........................... Evaluation
    
    Configured Country............................... US  - United States
    
    --More-- or (q)uit
    
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Enabled
    Number of WLANs.................................. 3
    Number of Active Clients......................... 0
    
    Burned-in MAC Address............................ 00:11:92:FF:EC:00
    Maximum number of APs supported.................. 100
    
    (WiSM-slot3-1) >
  8. If you need to reset the WiSM2 controller in the Catalyst chassis, use this command:

    (Config)# hw module <#> reset
    

    If you need to reset the controller to factory defaults - watch the screen, while attached to the console port on the WiSM2 controller, for the reset option to come up and then hit <esc> key. In the controller menu, choose option 4 to reset the controller to factory defaults. In order to power the WiSM2 wireless controller in the Catalyst chassis OFF or ON, use this command:

    (Config)#power enable module <#>
    

Configure Sup720 and WiSM2 Communication

Complete these steps in order to configure Sup 720 – WiSM2 communication:

  1. The Catalyst 65XX-E SUP module will communicate to the WiSM2 board via internal Service port interface on the WiSM2 card. Complete these steps in order to properly configure the interfaces and VLANs on the Catalyst 65XX to communicate properly with the WiSM2 blade. The Service port on the WiSM2 card should be configured for DHCP address or static IP address.

    Note: If you have a WiSM trunk that includes VLANs in the range of 1 to 1000 and you intend to use only 1 to 10, enter this command: no wism module x controller y allowed-vlan 11-1000

    Note: Service Port IP address should be on the different subnet from the Management interfaces of the controller.

  2. Create a VLAN in the Supervisor 720. This VLAN is local to the chassis and is used for communication between Cisco WiSM and Catalyst Supervisor 720 over a Gigabit interface on the Supervisor and service-port in the Cisco WiSM.

    Note: All VLAN numbers and IP addresses are examples.

    
    !--- Assign an appropriate IP address and 
    !--- subnet mask for VLAN 22
    
    interface Vlan22
    ip address 192.168.2.1 255.255.254.0
    
  3. If during controller configuration you chose the DHCP address for the service port, create a DHCP scope for the service port of the Cisco WiSM in Supervisor 720 or on a standalone DHCP server:

    Ip dhcp excluded-address 192.168.2.1 192.168.2.50
  4. Associate the VLAN for the service port.

    
    !---Configure this command to use vlan 22
    !--- in order to communicate with the service-port.
    
    wism service-vlan 22
    
  5. Issue the show wism status command in order to verify that the Cisco WiSM received an IP address from the DHCP server.

    Cat650X# show wism status
    CAT6504-MA#sh wism status
    
    Service Vlan : 22, Service IP Subnet : 192.168.2.1/255.255.254.0
          WLAN                     Management
    Slot  Controller Service IP    IP           SW Version  Controller Type  Status
    ----+-----------+-------------+-----------+-----------+-----------------+-------
    3     1          192.168.2.21  10.70.0.10  7.0.114.114 WS-SVC-WISM-2-K9  Oper-Up
    
    CAT6504-MA#

    Manual LAG configuration is not supported in Cisco IOS Software Releases 12.2(33) SXI and later. Auto-lag will be created by the system automatically for you.

    
    !--- Create the VLAN in the Supervisor 720 
    !--- in order to communicate with the management port
    !--- Assign an appropriate IP address and subnet 
    !--- mask for VLAN 70
    !
    
    interface Vlan70
    description Management VLAN for WiSM-2
    ip address 10.70.0.5 255.255.255.0
    end
    
    !
    
    

    Note: Also Create a DHCP pool separately for the Management VLAN or any other dynamic interface configured on the Wireless Controller for the APs and Wireless Clients.

  6. The Supervisor automatically creates a port-channel interface for the independent controller in the Cisco WiSM2 as soon as the module is detected. Usually, the port-channels have a high number, such as 405 in this example:

    Cat650X#sh ip int brief
    GigabitEthernet3/4    unassigned     YES unset  administratively down down
    Port-channel3         unassigned     YES unset  down             down
    Port-channel405       unassigned     YES unset  up               up
    Vlan1                 unassigned     YES NVRAM  administratively down down
    Vlan22                192.168.2.1    YES NVRAM  up               up
    VLAN70                10.70.0.5      YES NVRAM  up               up
    Vlan192               192.168.0.1    YES NVRAM  up               up
    CAT6504-MA#
  7. Additionally, make sure that you allow VLANs that are configured in the Cisco WiSM2 through the port-channel and Gigabit interfaces with these commands. Make sure the VLANs are also active.

    Cat-6K(config)# wism module {#} controller {#} allowed-vlan {vlan range}
    Cat-6K(config)# wism module {#} controller {#} native-vlan {vlan id}
    Cat-6K(config)# wism module {#} controller {#}  qos {trust/vlan-based}  
    <dscp/cos/ip-precedence> - Trust state of theLAG Interface 
    

    Note: Configure the controller with this commands. Here is an example:

    !
    wism  module 3 controller 1 allowed-vlan 30-100 
    !--- service VLAN should not 
    !--- be included
    
    wism module 3 controller 1 native-vlan 70
    wism module 3 controller 1 qos trust ip-precedence
    wism module 3 controller 1 qos vlan-based
    !

    Note: See Appendix B for a complete example of the Catalyst 6504 configuration.

  8. The VLAN-based QoS new command Cat-6K(config)#wism module {#} controller {#} qos vlan-based- VLAN Based QoS should be enabled for policing the wireless to wired traffic on the Catalyst 6K.

    In order to apply Flow Policer or an Aggregate Policer on the ingress of a Dynamic Interface VLAN (SVI) for the Upstream (Wireless to Wired Traffic) traffic, there is a need to issue these new commands. In the release prior to12.2(33)SXI4, there was no capability to police traffic that came out of the WiSM Lag (L2) to the SVI (L3); the QoS policy applied was a VLAN-based policy and had no effect and thus no policing was done.

    In release 12.2(33)SXI4, a new command was introduced to enable a VLAN-based QoS command on the WiSM LAG equivalent to mls qos vlan-based on any L2 switchport command on the WiSM LAG.

    This is the WiSM-1 LAG CLI command to enable traffic policing in 12.2(33)SXI4 IOS release:

    • In Standalone Chassis mode:

      wism module <module_no> controller <controller_no> qos-vlan-based
      
    • In VSS Chassis mode:

      wism switch <switch_no> module <module_no> controller <controller_no> qos-vlan-based
      

    In release 12.2(33)SXJ, required to support the WiSM-2 controller, the command changed:

    • In Standalone Chassis mode:

      wism module <module_no> controller <controller_no> qos vlan-based
      
    • In VSS Chassis mode:

      wism switch <switch_no> module <module_no> controller <controller_no> qos vlan-based
      

    There is no difference in the functionality of the two commands, just a change in the syntax. Specifically, there is no hyphen (-) after qos.

  9. Verify the previous configuration command execution:

    #show wism module 2 controller 1 status
    
    CAT6504-#show wism module 3 controller 1 status
    
    WiSM Controller 1 in Slot 2 configured with auto-lag
    
    Operational Status of the Controller : Oper-Up
    Service VLAN                         : 22
    Service Port                         : 3
    Service Port Mac Address             : 0007.7d0a.7001
    Service IP Address                   : 192.168.2.21
    Management IP Address                : 10.70.0.12
    Software Version                     : 7.0.116.0
    Port Channel Number                  : 403
    Allowed-vlan list                    : 30-100
    Native VLAN ID                       : 70
    WCP Keep Alive Missed                : 0
    CAT6504-MA#
  10. Summary: The Cisco WiSM2 controller is inserted into the appropriate slot and powered on. The basic configuration is completed with the help of the setup script. With the completion of basic configuration, you can configure the Cisco WiSM2 controller through the console CLI or through the Cisco WiSM2 controller web-interface. In order to use the session command, you have to make sure that the service port on the Cisco WiSM2 is assigned a static or DHCP assigned IP address. You need to configure WLC separately in the Cisco WiSM2 module, initially from the CLI and then from the web interface.

  11. Now you can connect to the controller management interface via GUI or console session with your laptop connected with Ethernet or wireless connection and continue the configuration.

    wism2-deploy-guide-03.gif

  12. Check the Licenses available on the controller. If the count is zero, contact License TAC support team to refresh the Licenses.

  13. Have the APs join the WiSM2 across a Layer 2/3 network switch.

  14. Have the Wireless Clients connect to the LAP and send traffic to the external servers and other wireless clients and make sure traffic (that is, ping) makes it through without any drops.

  15. This completes Basic Sup 720 and WiSM2 configuration. Additional configuration changes can be made via the WebUI interface just like on any other wireless controller. This WiSM2 deployment guide does not go into details of the wireless controller configuration.

Configure WiSM2 from WCS

Just like any other wireless controller, the WiSM2 controller can be configured from the WCS. WCS ver 7.0.172.0 or higher is required for WCS to recognize and configure WiSM2 controllers.

wism2-deploy-guide-04-1.gif

The image below shows how a WCS manages WiSM and WiSM2 controllers, including the slots in which they are inserted and the internal port to which they are connected.

Note: WiSM always comes up as two controllers and the new WiSM2 shows as one controller.

wism2-deploy-guide-05-1.gif

Configure Sup720 and WiSM2 Communication in a VSS Mode

The key enabler of the VSS technology is a special link that binds the two chassis together, called a Virtual Switch Link (VSL).

wism2-deploy-guide-06.gif

Note: Supervisor 720-3C-10GE or Supervisor 720-3CXL-10GE required to support VSS mode.

The most important change with the Cisco WiSM in a VSS environment is the way you access and manage it. In a Cisco VSS environment, a switch ID is required for many commands used to administer the WiSM2.

The slots start from 17 and ends in 29 for 13 slot chassis for Switch 1, and from 33 and ends in 45 for 13 slot chassis switch 2.

Cat650X# show module switch {#} slot {#}

show module switch 2 slot 11

Cat650X#show wism status - Shows the WiSM2 modules in VSS switch.

VSS#show wism status
Service vlan : 8, Service IP Subnet : 8.100.1.8/255.255.255.0
     WLAN
Slot Controller  Service IP  Management IP  SW Version  Controller Type  Status
----+----------+-----------+--------------+------------+----------------+-------
18   1           8.100.1.59  10.173.1.10   7.0.114.62  WS-SVCWISM-2-K9  Oper-Up
25   1           8.100.1.90  10.178.1.10   7.0.114.62  WS-SVCWISM-2-K9  Oper-Up
34   1           8.100.1.65  10.172.1.10   7.0.114.62  WS-SVCWISM-2-K9  Oper-Up
36   1           8.100.1.63  10.170.1.10   7.0.114.62  WS-SVCWISM-2-K9  Oper-Up

Manual LAG configuration is not supported in Cisco IOS Software Releases 12.2(33)SXJ and later. Auto-lag configuration will be configured for you by the system.

The Supervisor Module automatically creates two port-channel interfaces for the two independent controllers in the VSS switch for WiSM2s as soon as the module is detected. Usually the port-channels have a high number. The EtherChannel for WiSM2 starts from 689 and ends in 746.

VSS#show wism switch 2 module 4 controller 1 status

WiSM Controller 1 in slot 36 configured with auto-lag

Operational Status of the Controller : Oper-up
Service VLAN                         : 8
Service Port                         : 3
Service Port Mac Address             : 0022.bdd5.0141
Service IP Address                   : 10.100.1.63
Management IP Address                : 10.170.1.10
Software Version                     : 7.0.114.62
Port Channel Number                  : 727
Allowed-vlan list                    : 100-120,122-140,142-260,262-340,348-450,
   459,471-480,499
Native VLAN ID                       : 420
WCP Keep Alive Missed                : 0
VSS#

The Catalyst 65XX-E VS-S720-10G module will communicate to the WiSM2 boards via internal Service VLAN that has to be defined just like a single chassis configuration:

(Cat-6K)# wism service-vlan {vlan id}

Example of configuration on the Catalyst 6500:

interface vlan22
ip address 192.168.2.1 255.255.254.0
wism service-vlan 22

Create a DHCP scope for the Service Port of the Cisco WiSM2 in Supervisor 720 or on a standalone DHCP server. For Example:

Ip dhcp excluded-address 192.168.2.1 192.168.2.50

Allow VLANs that are configured in the Cisco WiSM2 through the port-channel and Gigabit interfaces with these commands:

Cat-6K(config)# wism switch (#) module {#} controller 1 allowed-vlan {vlan range}

Cat-6K(config)# wism switch (#) module {#} controller 1 native-vlan {vlan id}

Cat-6K(config)# wism switch (#) module {#} controller 1 qos trust <dscp/cos/ip-precedence> - Trust state of the Interface

Cat-6K(config)# wism switch (#) module {#} controller 1 qos vlan-based- VLAN Based QoS should be enabled for policing the wireless to wired traffic on Catalyst 6K.

To verify the proper module installations in the VSS mode, issue this command:

show wism switch 2 module 4 controller  1 status
VSS#show wism switch 2 module 4 controller 1 status

WiSM Controller 1 in slot 36 configured with auto-lag

Operational Status of the Controller : Oper-up
Service VLAN                         : 8
Service Port                         : 3
Service Port Mac Address             : 0022.bdd5.0141
Service IP Address                   : 10.100.1.63
Management IP Address                : 10.170.1.10
Software Version                     : 7.0.114.62
Port Channel Number                  : 727
Allowed-vlan list                    : 100-120,122-140,142-260,262-340,348-450,
   459,471-480,499
Native VLAN ID                       : 420
WCP Keep Alive Missed                : 0

show interface status switch 2 module 4
VSS#show interfaces status switch 2 module 4

Port           Name          Status        Vlan       Duplex  Speed Type
Te2/4/1                      connected     trunk        full    10G 10GBase Svc
Te2/4/2                      notconnect    unassigned   full    10G 10GBase Svc
Gi2/4/3                      connected     8            full   1000 1000Base Svc
Gi2/4/4                      disabled      1            full   1000 1000Base Svc
VSS#
VSS#

Cat6500#Show module switch – In oprder to verify the modules in the 2 VSS switches.

VSS#show module switch
 Switch Number:     1   Role:   Virtual Switch Active
----------------------  -----------------------------
Mod Ports Card Type                              Model              Serial No.
--- ----- -------------------------------------- ------------------ -----------
  1    6  Firewall Module                        WS-SVC-FWM-1       SAD0948020X
  2    4  WiSM 2 WLAN Service Module             WS-SVC-WISM2-K9    SAL1421JDEF
  3    6  Firewall Module                        WS-SVC-FWM-1       SAD1404027Z
  5    8  Intrusion Detection System             WS-SVC-IDSM-2      SAD100304T6
  6    4  WiSM 2 WLAN Service Module             WS-SVC-WISM2-K9    SAL14481073
  7    5  Supervisor Engine 720 10GE (Active)    VS-S720-10G        SAL13410X3Y
  9    4  WiSM 2 WLAN Service Module             WS-SVC-WISM2-K9    SAL1421JENZ
 10   48  CEF720 48 port 10/100/1000mb Ethernet  WS-X6748-GE-TX     SAD114900Y3
 11   16  CEF720 16 port 10GE                    WS-X6716-10GE      SAD112908Z2
 12    4  CEF720 4 port 10-Gigabit Ethernet      WS-X6704-10GE      SAL09444NPS

 Switch Number:     2   Role:   Virtual Switch Standby
----------------------  ------------------------------
Mod Ports Card Type                              Model              Serial No.
--- ----- -------------------------------------- ------------------ -----------
  2    4  WiSM 2 WLAN Service Module             WS-SVC-WISM2-K9    SAL1421JDFJ
  3    8  Intrusion Detection System             WS-SVC-IDSM-2      SAD103103TH
  4    4  WiSM 2 WLAN Service Module             WS-SVC-WISM2-K9    SAL1412DAKJ
  5    8  Intrusion Detection System             WS-SVC-IDSM-2      SAD094902UX
  6    6  Firewall Module                        WS-SVC-FWM-1       SAD10450180
  8    5  Supervisor Engine 720 10GE (Hot)       VS-S720-10G        SAL1332VP1Q
 11   48  CEF720 48 port 10/100/1000mb Ethernet  WS-X6748-GE-TX     SAL09433SP8
 13   16  CEF720 16 port 10GE                    WS-X6716-10GE      SAD112504YY

You can now connect to the controller management interface via GUI or console session with your laptop connected with Ethernet or Wireless connection and continue configuration.

wism2-deploy-guide-07.gif

Check the Licenses available on the controller. If the count is zero, contact License TAC support team to refresh the Licenses.

Have the APs join the WiSM2 across a Layer 2/3 network switch.

Have Wireless Clients connect to the LAP and send traffic to external servers and other wireless clients and make sure traffic (that is, ping) makes it through without any drops.

This completes Basic Sup 720 and WiSM2 configuration. Additional configuration changes can be made via the WebUI interface just like on any other wireless controller. This WiSM2 deployment guide does not go into the details of wireless controller configuration.

This also completes VSS installation of the WiSM2 modules in the Catalyst VSS configuration. Additional configuration changes can be made via the WebUI interface just like on any other wireless controller. This WiSM2 deployment guide does not go into the details of wireless controller configuration.

Appendix A: Basic Switch and WiSM2 Terminology

Term
AP Access Point
APM AP Manager Interface
DEC Distributed EtherChannel
DFC Distributed Forwarding Card
DynInt Dynamic Interface
FWSM Firewall Service Module
IDSM Intrusion Detection Service Module
ISSU In Service Software Upgrade
LAG Link Aggregation
MEC Multichassis EtherChannel
Mgmt Management Interface
NAM Network Analysis Module
OIR Online Inserted and Removal
Port Physical Gbps port
RSPAN Remote SPAN
SPAN Switch Port Analyzer
SSO Stateful Switchover
STP Spanning Tree Protocol
VACL VLAN Access Control List
VLAN Virtual LAN
VSL Virtual Switch Link
VSS Virtual Switch System
WCP Wireless Control Protocol
WCS Wireless Control System
WiSM Wireless Services Module

Appendix B: Catalyst 6504 Example of Running Config

CAT6504-MA#sh run
Building configuration...

Current configuration : 4804 bytes

!
! Last configuration change at 20:34:02 UTC Tue Apr 12 2011
!

version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service counters max age 10
!
hostname CAT6504-MA
!
boot-start-marker
boot system flash s72033-adventerprisek9_wan_dbg-mz.SIERRA_INTEG_100903
boot-end-marker
!
no logging console
!
no aaa new-model
!
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.2.1 192.168.2.20
ip dhcp excluded-address 192.168.0.1 192.168.0.20
!
ip dhcp pool wism-service-port
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1
!
no mls acl tcam share-global
mls netflow interface
mls cef error action freeze
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
wism service-vlan 22
wism module 3 controller 1 allowed-vlan 30-100
wism module 3 controller 1 native-vlan 70
wism module 3 controller 1 qos vlan-based
diagnostic bootup level minimal
port-channel per-module load-balance
!
redundancy
 main-cpu
  auto-sync running-config
 mode sso
!
vlan internal allocation policy ascending
vlan access-log ratelimit 2000
!
interface Port-channel3
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 70
 switchport mode trunk
 mls qos trust dscp
!
interface GigabitEthernet1/1
 --More--

switchport mode trunk
 mls qos trust dscp
!
interface GigabitEthernet1/1
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 10
 switchport mode trunk
!
interface GigabitEthernet1/2
 no ip address
!

Truncated …..

interface Vlan22
 description communication VLAN btween Sup720 and WiSM-2
 ip address 192.168.2.1 255.255.254.0
!
interface Vlan70
 ip address 10.70.0.5 255.255.255.0
!
ip classless
ip forward-protocol nd
!
no ip http server
!
control-plane
!
dial-peer cor custom
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end

CAT6504-MA#

Related Information

Updated: Mar 17, 2014
Document ID: 112968