Table of Contents
Prior to release 7.3, wireless LAN (WLAN) controller software ran on dedicated hardware you were expected to purchase. The Virtual Wireless LAN Controller (vWLC) runs on general hardware under an industry standard virtualization infrastructure. The vWLC is ideal for small and mid-size deployments with a virtual infrastructure and require an on-premises controller. Distributed branch environments can also benefit with a centralized virtual controller with fewer branches required (up to 200). This document is an update for vWLC based on the CUWN 7.5 software release.
vWLCs are not a replacement of shipping hardware controllers. The function and features of the vWLC offer deployment advantages and benefits of controller services where data centers with virtualization infrastructure exist or are considered.
- Flexibility in hardware selection based on your requirements.
- Reduced cost, space requirements, and other overheads since multiple boxes can be replaced with single hardware running multiple instances of controllers, Prime Infrastructure (PI) and other servers (ISE, MSE, VSG / firewall).
- Independent and mutually exclusive instances allow administrators to use multiple virtual controllers to manage different campuses (or even to manage multiple customer sites) using the same hardware.
- Enable features provided by the virtualization software, including High Availability, failover protection, and ease of migration.
- vSphere: A virtualization infrastructure package from VMware, which includes ESX/ESXi hypervisor, vMotion, DRS, HA, Fault Tolerance, vSphere Distributed Switch, and more.
- vCenter Server: The VMware vCenter Server (formerly VMware VirtualCenter) provides a scalable and extensible platform that forms the foundation for virtualization management:
- Platform: AIR-CTVM-K9
- Hardware: Cisco UCS, HP and IBM servers, Cisco Services-Ready Engine (SRE) or UCS E-Series Servers for Integrated Services Routers G2 (UCS-E)
- VMware OS: ESX/ESXi 4.1/5.x
- FlexConnect Mode: central and local switching
- Licensing: Node locked licenses to UDI (eval 60 days)
- Maximum number of access points (APs): 200
- Maximum number of Clients: 3000
- Maximum number of sites up to 200
- Throughput performance up to 500 Mbps per virtual controller
- Management with Cisco Prime Infrastructure 1.2 and above
Note FlexConnect local switched multicast traffic is bridged transparently for both wired and wireless on the same VLAN. FlexConnect access points do not limit traffic that is based on IGMP or MLD snooping.
When multiple VM instances are rebooted simultaneously from the system, it is possible that access points may disconnect from the network even if the primary vWLC instance is active. This is a VMware limitation and not a product issue of vWLC.
- Data DTLS
- AP Enforced Rate Limiting
- Additional FlexConnect Enhancements (see release notes for more information.)
- All 802.11n APs with required software version 7.5 and above are supported.
- APs will be operating in FlexConnect mode only.
- AP autoconvert to FlexConnect is supported on controller.
- New APs ordered will ship with minimum 7.5 software from manufacturing.
- Existing APs must be upgraded to 7.5 software before joining a virtual controller.
- For Cisco 600 Series OEAP to associate with Cisco Virtual Wireless LAN Controller, follow these steps:
2. Configure the OEAP so that the OEAP does not associate with the physical controller again; for example, you can implement an ACL in the network to block CAPWAP between the OEAP and the physical controller.
Note The Virtual Controller in release 7.5 uses Self Signed Certificates (SSC) as against the Manufacturing Installed Certificates (MIC) in the traditional controller. The AP will be able to validate the SSC certificate provided by the virtual controller before joining. See AP Considerations in the following link: http://www.cisco.com/en/US/products/ps12723/products_tech_note09186a0080bd2d04.shtml#tshoot
- Cisco Catalyst Switch
- Wireless LAN Controllers Virtual Appliance
- Wireless LAN Controller 7.5 Software
- Cisco Prime Infrastructure 1.4
- 802.11n Access Points in FlexConnect Mode
- DHCP server
- DNS Server
- Wireless Client Laptop, Smartphone, and Tablets (Apple iOS, Android, Windows, and Mac)
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
In order to properly implement and test the Cisco vWLC, a minimal network setup is required, similar to the diagram shown in this section. You need to simulate a location with a FlexConnect AP in a centrally switched deployment, and/or with the addition of local and remote sites with local DHCP (better if there is also a DNS and local access to Internet).
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Cisco Unified Wireless Network (CUWN) 7.5 Release Notes contain important information about this release. Log in to Cisco.com for the latest release notes before loading and testing software. http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn75.html
Complete GUI and CLI configuration guides for UCS-E modules can be found on the links below. This document only provides the instructions the user needs to perform to install vWLC on a new out of the box UCS-E module.
Step 4 Go to https://my.vmware.com/web/vmware/login to get the customized Hypervisor image. The VMware login page appears.
The UCS-E provides a VGA connection and USB ports from the front panel for monitor display and keyboard connection; however, in this example, the CIMC will be used to launch KVM console to assist with VMware installation. Note that Java software plugin is required with compatible browsers.
Step 16 If using IE explorer and KVM console session fails to launch with an error indicating unable to connect, navigate to Tools > Internet Options > Advanced and uncheck Do not save encrypted pages to disk option.
Complete GUI and CLI configuration guides for SRE 710/910 service modules can be found on the links below. This document only provides the instructions the user needs to perform to install vWLC on a new out of the box SRE 710/910 service modules.
Step 2 Download the UCS installation script files onto a http or ftp server from the below link and then unzip it onto a ftp or http server. The latest version is 2.0.1 on CCO. This example uses an FTP server hosting appropriate files extracted below.
a. Go to http://www.cisco.com/go/ucse
Note that this sample configuration intentionally contains both UCS-E and SRE SM. Both modules cannot be configured the same time, and intentionally added for reference, to show the similarity yet subtle difference in configuration between them.