Document ID: 68100
Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Configure
Network Diagram
Catalyst Switch Configurations
WLAN Controller VLAN Configuration
Verify
Catalyst Switches Verification
WLAN Controller VLAN Verification
Troubleshoot
Troubleshooting Procedure
NetPro Discussion Forums - Featured Conversations
Related Information
Introduction
This document provides a sample configuration for VLANs on wireless LAN (WLAN) controllers and the Cisco Catalyst switch that is associated with the controller.
Prerequisites
Requirements
There are no specific requirements for this document. However, this document assumes that there is a working DHCP server to provide IP addresses to the access points (APs) that are registered to the controller.
Components Used
The information in this document is based on these software and hardware versions:
-
Configuration A:
-
Catalyst switch that runs Cisco IOS® Software and a WLAN controller
-
Cisco 4404 WLAN Controller
-
-
Configuration B:
-
Catalyst switch that runs Catalyst OS (CatOS) software and a WLAN controller
-
Cisco 4404 WLAN Controller
-
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Configure
In this section, you are presented with the information to configure the features described in this document.
Note: Use the Command Lookup Tool ( registered customers only) to find more information on the commands used in this document.
Network Diagram
VLANs with WLAN controllers use this model:
Catalyst Switch Configurations
This section uses these configurations:
|
Catalyst Switch That Runs Cisco IOS Software |
|---|
lab1sup720ip1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. lab1sup720ip1(config)#interface gigabitethernet 1/6 lab1sup720ip1(config-if)# lab1sup720ip1(config-if)#switchport lab1sup720ip1(config-if)#switchport trunk encapsulation dot1q lab1sup720ip1(config-if)#switchport trunk allowed vlan 1,5,15,20,25,30,35,40,45,50,55,100 lab1sup720ip1(config-if)#switchport mode trunk lab1sup720ip1(config-if)#end lab1sup720ip1# |
|
Catalyst Switch That Runs CatOS Software |
|---|
controller-catos> (enable) set trunk 2/1 on dot1q Port(s) 2/1 trunk mode set to on. Port(s) 2/1 trunk type set to dot1q. ! !clearing out/pruning unwanted vlans ! controller-catos> (enable) clear trunk 2/1 21-24,26-30,31-34,36-39,41-44,46-49,51-54, 56-99,101-999 !--- This command should be on one line. Removing Vlan(s) 21-24,26-34,36-39,41-44,46-49,51-54,56-99,101-999 from allowed list. Port 2/1 allowed vlans modified to 1,5,15,20,25,35,40,45,50,55,100,1000-1005,1025-4094. |
WLAN Controller VLAN Configuration
GUI Configuration
Complete these steps and the GUI sequence of images for the VLAN configuration for a WLAN controller.
-
Choose Controller > Interfaces > New.
-
Enter the Interface Name and VLAN Identifier and click Apply.
This window comes up after you set the Interface Name and VLAN Identifier:
Note: In order to create a dynamic interface with spaces using the CLI, issue the config interface create command and mention the interface name within quotes. Here is an example:
(C4-4400) >config interface create 'int spaces'
Note: In order to display the details of the interface, issue this command:
(C4-4400) >show interface detailed 'int spaces' Interface Name................................... int spaces
-
Enter the IP Address, Netmask, Gateway, and the DHCP server IP address, and click Apply.
Note: The IP address assigned to this interface acts as the DHCP relay for a client to obtain an IP address from the DHCP server. For example, when a client attempts to associate to a WLAN/SSID (see step 5 in this configuration) mapped to this dynamic interface, it performs a local subnet broadcast to identify the DHCP server. The controller sends a request to the DHCP server (or to itself if it is the DHCP server for the segment) with the IP address of this dynamic interface as relay IP to the DHCP server configured for this interface. The DHCP server assigns an IP address to the client from the configured DHCP scope.
-
Verify the interface configuration.
Click the Controller tab in the menu at the top of the window, and choose Interfaces from the menu on the left.
-
Click the WLANs tab in the menu at the top of the window, and click New....
-
Enter the service set identifier (SSID) and click Apply.
This example uses vlan15 for ease of understanding.
-
Select vlan15 from the Interface Name drop-down menu at the bottom of the window, and click Apply.
In this case, SSID vlan15 is tied to Interface Name vlan15.
CLI Configuration
Use this section in order to configure your VLAN via command-line interface (CLI).
-
Create the interface and the associated VLAN tag.
The command is config interface create interface_name vlan_id .
(lab5wlc4404ip15) >config interface create vlan15 15
-
Define the IP address and default gateway.
The command is config interface interface_name IP_address netmask gateway .
(lab5wlc4404ip15) >config interface address vlan15 192.168.15.10 255.255.255.0 192.168.15.1 !--- This command should be on one line.
-
Define the DHCP server.
The command is config interface dhcp interface_name dhcp_server 1 dhcp_server 2 dhcp_server 3 dhcp_server 4 .
(lab5wlc4404ip15) >config interface dhcp vlan15 192.168.5.15
-
Verify the interface configuration.
The command is show interface summary.
(lab5wlc4404ip15) >show interface summary Interface Name Port Vlan Id IP Address Type Ap Mgr ----------------------- ---- -------- --------------- ------- ------ ap-manager 1 untagged 192.168.5.215 Static Yes management 1 untagged 192.168.5.15 Static No service-port N/A N/A 100.100.100.100 Static No virtual N/A N/A 1.1.1.1 Static No vlan15 1 15 192.168.15.10 Dynamic No (lab5wlc4404ip15) >
-
Define the WLAN.
The command is config wlan create wlan_id name .
(lab5wlc4404ip15) >config wlan create 2 vlan15
-
Define the interface for the WLAN.
The command is config wlan interface wlan_id interface_name .
(lab5wlc4404ip15) >config wlan interface 2 vlan15
-
Verify the WLAN and the associated interface.
The command is show wlan summary.
(lab5wlc4404ip15) >show wlan summary Number of WLANs.................................. 2 WLAN ID WLAN Name Status Interface Name ------- -------------------- --------- -------------------------------- 1 lab5wlc4404ip15 Enabled management 2 vlan15 Disabled vlan15 (lab5wlc4404ip15) >
Verify
Use this section to confirm that your configuration works properly.
The Output Interpreter Tool ( registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output.
Catalyst Switches Verification
-
Catalyst switch that runs Cisco IOS Software— show running-config interface interface_type interface_number
controller-ios#show running-config interface gigabitethernet 2/1 Building configuration... Current configuration : 190 bytes ! interface GigabitEthernet2/1 no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,5,15,20,25,30,35,40,45,50,55,100 switchport mode trunk end
-
Catalyst switch that runs CatOS software—show config mod
controller-catos> (enable) show config 2 !--- This command shows non-default configurations only. !--- Issue the show config mod all command in order to !--- show both default and non-default configurations. ............................ begin ! # ***** NON-DEFAULT CONFIGURATION ***** ! ! #time: Sat Jan 7 2006, 08:03:04 ! # default port status is enable ! ! #module 2 : 2-port 1000BaseX Supervisor clear trunk 2/1 2-4,6-14,16-19,21-24,26-34,36-39,41-44,46-49,51-54,56-99,101-999 set trunk 2/1 on dot1q 1,5,15,20,25,35,40,45,50,55,100,1000-1005,1025-4094 end Console> (enable)
WLAN Controller VLAN Verification
See the WLAN Controller VLAN Configuration section of this document, which includes verification steps.
Troubleshoot
Use this section to troubleshoot your configuration.
Troubleshooting Procedure
Complete these instructions in order to troubleshoot your configuration.
-
Ping from the WLAN controller to the default gateway that is configured on the VLAN routed interface, and then ping in the opposite direction.
-
WLAN controller:
(lab5wlc4404ip15) >ping 192.168.15.1 Send count=3, Receive count=3 from 192.168.15.1
-
VLAN routed interface:
lab1sup720ip1#ping 192.168.15.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.10, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms lab1sup720ip1#
-
-
If the pings are unsuccessful, deploy a packet capture/sniffer at the switch and check in order to verify proper VLAN tagging.
Note: When you initiate the ping from your controller to a Layer 3 gateway, which is on the same subnet as your dynamic interface, the controller appears to source the ping from the dynamic interface.
NetPro Discussion Forums - Featured Conversations
| NetPro Discussion Forums - Featured Conversations for Wireless |
| Wireless - Mobility: WLAN Radio Standards |
| Wireless - Mobility: Security and Network Management |
| Wireless - Mobility: Wireless IP Voice and Video |
| Wireless - Mobility: Getting Started with Wireless |
| Wireless - Mobility: General |
Related Information
- Configuring a LAN Interface as a Layer 2 Access Port section of Configuring Layer 2 Ethernet Interfaces (Catalyst switches that run Cisco IOS Software)
- Configuring an 802.1Q Trunk section of Configuring Ethernet VLAN Trunks (Catalyst switches that run CatOS)
- Configuring Local and Remote SPAN (Catalyst switches that run Cisco IOS Software)
- Configuring SPAN and RSPAN (Catalyst switches that run CatOS)
- Configuring Wireless LANs
- Technical Support & Documentation - Cisco Systems
| Updated: Jan 21, 2008 | Document ID: 68100 |