Step 1
| Connect your PC to the service port and configure it to use
the same subnet as the controller.
Note
| In case of
Cisco WLC 2500, connect your PC to the port 2 on the controller and configure
to use the same subnet.
|
|
Step 2
| Start Internet Explorer 6.0
SP1 (or later) or Firefox 2.0.0.11 (or later) on your PC and browse to
http://192.168.1.1. The configuration wizard appears.
Note
| You can
use both HTTP and HTTPS when using the service port interface. HTTPS is enabled
by default and HTTP can also be enabled. The default IP address to connect to
the service port interface is 192.168.1.1.
|
Note
| For the
initial GUI Configuration Wizard only, you cannot access the controller using
IPv6 address.
|
Figure 1. Configuration Wizard — System
Information Screen
|
Step 3
| In the System Name text box,
enter the name that you want to assign to this controller. You can enter up to
31 ASCII characters.
|
Step 4
| In the User Name text box,
enter the administrative username to be assigned to this controller. You can
enter up to 24 ASCII characters. The default username is
admin.
|
Step 5
| In the Password and Confirm
Password text boxes, enter the administrative password to be assigned to this
controller. You can enter up to 24 ASCII characters. The default password is
admin.
Starting in release 7.0.116.0, the following password policy has
been implemented:
-
The password must contain
characters from at least three of the following classes:
-
Lowercase letters
-
Uppercase letters
-
Digits
-
Special characters
-
No character in the password
must be repeated more than three times consecutively.
-
The new password must not be
the same as the associated username and not be the username reversed.
-
The password must not be
cisco, ocsic, or any variant obtained by changing the capitalization of letters
of the word Cisco. In addition, you cannot substitute 1, I, or ! for i, 0 for
o, or $ for s.
|
Step 6
| Click
Next. The SNMP
Summary screen appears.
Figure 2. Configuration Wizard — SNMP
Summary Screen
|
Step 7
| If you want to
enable Simple Network Management Protocol (SNMP) v1 mode for this controller,
choose
Enable from the
SNMP v1 Mode drop-down list. Otherwise, leave this parameter set to
Disable.
Note
|
SNMP manages
nodes (servers, workstations, routers, switches, and so on) on an IP network.
Currently, there are three versions of SNMP: SNMPv1, SNMPv2c, and SNMPv3.
|
|
Step 8
| If you want to
enable SNMPv2c mode for this controller, leave this parameter set to
Enable.
Otherwise, choose
Disable from the
SNVP v2c Mode drop-down list.
|
Step 9
| If you want to
enable SNMPv3 mode for this controller, leave this parameter set to
Enable.
Otherwise, choose
Disable from the
SNVP v3 Mode drop-down list.
|
Step 10
| Click
Next.
|
Step 11
| When the
following message appears, click
OK:
Default values are present for v1/v2c community strings.
Please make sure to create new v1/v2c community strings once the system comes up.
Please make sure to create new v3 users once the system comes up.
The Service Interface
Configuration screen appears.
Figure 3. Configuration Wizard-Service Interface Configuration
Screen
|
Step 12
| If you want the
controller’s service-port interface to obtain an IP address from a DHCP server,
select the
DHCP Protocol
Enabled check box. If you do not want to use the service port or if
you want to assign a static IP address to the service port, leave the check box
unselected.
Note
|
The
service-port interface controls communications through the service port. Its IP
address must be on a different subnet from the management interface. This
configuration enables you to manage the controller directly or through a
dedicated management network to ensure service access during network downtime.
|
|
Step 13
| Perform one of
the following:
-
If you enabled DHCP, clear
out any entries in the IP Address and Netmask text boxes, leaving them blank.
-
If you disabled DHCP, enter
the static IP address and netmask for the service port in the IP Address and
Netmask text boxes.
|
Step 14
| Click
Next.
The LAG Configuration screen
appears.
Figure 4. Configuration Wizard — LAG
Configuration Screen
|
Step 15
| To enable link
aggregation (LAG), choose
Enabled from the
Link Aggregation (LAG) Mode drop-down list. To disable LAG, leave this text box
set to
Disabled.
|
Step 16
| Click
Next
The Management
Interface Configuration screen appears.
Note
| The management interface is
the default interface for in-band management of the controller and connectivity
to enterprise services such as AAA servers.
|
|
Step 17
| In the VLAN
Identifier text box, enter the VLAN identifier of the management interface
(either a valid VLAN identifier or
0 for an untagged
VLAN). The VLAN identifier should be set to match the switch interface
configuration.
|
Step 18
| In the IP
Address text box, enter the IP address of the management interface.
|
Step 19
| In the Netmask
text box, enter the IP address of the management interface netmask.
|
Step 20
| In the Gateway
text box, enter the IP address of the default gateway.
|
Step 21
| In the Port
Number text box, enter the number of the port assigned to the management
interface. Each interface is mapped to at least one primary port.
|
Step 22
| In the Backup
Port text box, enter the number of the backup port assigned to the management
interface. If the primary port for the management interface fails, the
interface automatically moves to the backup port.
|
Step 23
| In the Primary
DHCP Server text box, enter the IP address of the default DHCP server that will
supply IP addresses to clients, the controller’s management interface, and
optionally, the service port interface.
|
Step 24
| In the Secondary
DHCP Server text box, enter the IP address of an optional secondary DHCP server
that will supply IP addresses to clients, the controller’s management
interface, and optionally, the service port interface.
|
Step 25
| Click
Next. The
AP-Manager Interface Configuration screen appears.
Note
|
This screen
does not appear for Cisco 5500 Series Controllers because you are not required
to configure an AP-manager interface. The management interface acts like an
AP-manager interface by default.
|
|
Step 26
| In the IP
Address text box, enter the IP address of the AP-manager interface.
|
Step 27
| Click
Next. The
Miscellaneous Configuration screen appears.
Figure 5. Configuration Wizard —
Miscellaneous Configuration Screen
|
Step 28
| In the RF
Mobility Domain Name text box, enter the name of the mobility group/RF group to
which you want the controller to belong.
Note
|
Although the name that you
enter here is assigned to both the mobility group and the RF group, these
groups are not identical. Both groups define clusters of controllers, but they
have different purposes. All of the controllers in an RF group are usually also
in the same mobility group and vice versa. However, a mobility group
facilitates scalable, system-wide mobility and controller redundancy while an
RF group facilitates scalable, system-wide dynamic RF management.
|
|
Step 29
| The Configured
Country Code(s) text box shows the code for the country in which the controller
will be used. If you want to change the country of operation, select the check
box for the desired country.
Note
|
You can choose more than
one country code if you want to manage access points in multiple countries from
a single controller. After the configuration wizard runs, you must assign each
access point joined to the controller to a specific country.
|
|
Step 30
| Click
Next.
|
Step 31
| When the
following message appears, click
OK:
Warning! To maintain regulatory compliance functionality, the country code
setting may only be modified by a network administrator or qualified IT professional.
Ensure that proper country codes are selected before proceeding.?
The Virtual Interface
Configuration screen appears.
Figure 6. Configuration Wizard —
Virtual Interface Configuration Screen
|
Step 32
| In the IP
Address text box, enter the IP address of the controller’s virtual interface.
You should enter a fictitious, unassigned IP address.
Note
|
The virtual
interface is used to support mobility management, DHCP relay, and embedded
Layer 3 security such as guest web authentication and VPN termination. All
controllers within a mobility group must be configured with the same virtual
interface IP address.
|
|
Step 33
| In the DNS
Host Name text box, enter the name of the Domain Name System (DNS) gateway used
to verify the source of certificates when Layer 3 web authorization is enabled.
Note
|
To ensure
connectivity and web authentication, the DNS server should always point to the
virtual interface. If a DNS hostname is configured for the virtual interface,
then the same DNS hostname must be configured on the DNS servers used by the
client.
|
|
Step 34
| Click
Next. The WLAN
Configuration screen appears.
Figure 7. Configuration Wizard — WLAN
Configuration Screen
|
Step 35
| In the Profile
Name text box, enter up to 32 alphanumeric characters for the profile name to
be assigned to this WLAN.
|
Step 36
| In the WLAN
SSID text box, enter up to 32 alphanumeric characters for the network name, or
service set identifier (SSID). The SSID enables basic functionality of the
controller and allows access points that have joined the controller to enable
their radios.
|
Step 37
| Click
Next.
|
Step 38
| When the
following message appears, click
OK:
Default Security applied to WLAN is: [WPA2(AES)][Auth(802.1x)]. You can change this after the wizard is complete and the system is rebooted.?
The RADIUS Server Configuration screen is displayed.
Figure 8. Configuration Wizard-RADIUS Server Configuration Screen
|
Step 39
| In the Server IP Address text box, enter the IP address of the RADIUS server.
|
Step 40
| From the Shared Secret Format drop-down list, choose
ASCII or
Hex to specify the format of the shared secret.
Note
|
Due to security reasons, the RADIUS shared secret key reverts to ASCII mode even if you have selected HEX as the shared secret format from the Shared Secret Format drop-down list.
|
|
Step 41
| In the Shared Secret and Confirm Shared Secret text boxes, enter the secret key used by the RADIUS server.
|
Step 42
| In the Port Number text box, enter the communication port of the RADIUS server. The default value is 1812.
|
Step 43
| To enable the RADIUS server, choose
Enabled from the Server Status drop-down list. To disable the RADIUS server, leave this text box set to
Disabled.
|
Step 44
| Click
Apply. The 802.11 Configuration screen appears.
Figure 9. Configuration Wizard — 802.11 Configuration Screen
|
Step 45
| To enable the 802.11a, 802.11b, and 802.11g lightweight access point networks, leave the
802.11a Network Status,
802.11b Network Status, and
802.11g Network Status check boxes selected. To disable support for any of these networks, unselect the check boxes.
|
Step 46
| To enable the controller’s radio resource management (RRM) auto-RF feature, leave the
Auto RF check box selected. To disable support for the auto-RF feature, unselect this check box.
Note
|
The auto-RF feature enables the controller to automatically form an RF group with other controllers. The group dynamically elects a leader to optimize RRM parameter settings, such as channel and transmit power assignment, for the group.
|
|
Step 47
| Click
Next. The Set Time screen appears.
Figure 10. Configuration Wizard — Set Time Screen
|
Step 48
| To manually configure the system time on your controller, enter the current date in Month/DD/YYYY format and the current time in HH:MM:SS format.
|
Step 49
| To manually set the time zone so that Daylight Saving Time (DST) is not set automatically, enter the local hour difference from Greenwich Mean Time (GMT) in the Delta Hours text box and the local minute difference from GMT in the Delta Mins text box.
Note
|
When manually setting the time zone, enter the time difference of the local current time zone with respect to GMT (+/–). For example, Pacific time in the United States is 8 hours behind GMT. Therefore, it is entered as –8.
|
|
Step 50
| Click
Next. The Configuration Wizard Completed screen appears.
Figure 11. Configuration Wizard — Configuration Wizard Completed Screen
|
Step 51
| Click
Save and Reboot to save your configuration and reboot the controller.
|
Step 52
| When the following message appears, click
OK:
Configuration will be saved and the controller will be
rebooted. Click ok to confirm.?
The controller saves your configuration, reboots, and prompts you to log on.
|