- Auto Anchor SSID between Wireless LAN Controllers acting as MC
- Enabling Central Web Authentication on ISE
- Configuring Auto Anchor and Mobility Groups on Wireless Services
- Configuring Wireless Multicast on Wireless LAN Controllers
- Converged Access Consolidated Quick Reference Templates for Wireless LAN
- Converged Access Controller AP Join Issue Troubleshoot with Traces
- Converged Access Controllers MAC Address Entry for Network Mobility Service Protocol
- Configuration Example: Converged Access Management through Prime Infrastructure with SNMP v2 and v3
- Converged Access Path Maximum Transmission Unit Discovery
- Third-Party Certificate Installation on Converged Access Wireless LAN Controllers
- Configuration Example: Converged Access for WLC EAP-FAST with Internal RADIUS Server
- Converged Access and WLC Local EAP Authentication Configuration Example
- Configuration Example: Custom Web Authentication with Local Authentication
- Dynamic VLAN Assignment with Converged Access and ACS 5.2 Configuration Example
- Configuration Example: External RADIUS Server EAP Authentication
- External Web Authentication on Converged Access
- Installing Wireless Services
- Local Web Authentication with External RADIUS Authentication
- Local Web Authentication on Converged Access
- PEAP Authentication with Microsoft NPS Configuration
- QoS on Converged Access Controllers and Lightweight Access Points
- Configuration Example: TACACS Administrator Access to Converged Access Wireless LAN Controllers
- Configuration Example: Unified Access WLC Guest Anchor with Converged Access
- VideoStream Troubleshooting
- Custom Web Authentication Locally Hosted on WLC or an External Server
- Wireless Converged Access Chromecast Configuration Example
- Web Passthrough Configuration Example
- Configuration Examples: WPA2-PSK and Open Authentication
- Configuring WLAN on Foreign Cisco Catalyst 3850 Series Switches
- Configuring WLAN on Anchor Cisco 5500 Series Wireless Controller
- Global AAA Configuration
- Global Parameter-map Configuration
- Mobility Summary for Foreign Cisco Catalyst 3850 Series Switches
- Mobility Summary for Anchor Cisco 5500 Series Wireless Controller
Auto Anchor SSID between Wireless LAN Controllers acting as MC
This document describes configuring the web authentication converged access on Cisco Catalyst 3850 Series Switches and Cisco 5500 Series Wireless Controller acting as mobility controller.
- Configuring WLAN on Foreign Cisco Catalyst 3850 Series Switches
- Configuring WLAN on Anchor Cisco 5500 Series Wireless Controller
- Global AAA Configuration
- Global Parameter-map Configuration
- Mobility Summary for Foreign Cisco Catalyst 3850 Series Switches
- Mobility Summary for Anchor Cisco 5500 Series Wireless Controller
Configuring WLAN on Foreign Cisco Catalyst 3850 Series Switches
wlan converged_access_guest 3 converged_access_guest client vlan 254 mobility anchor 192.0.2.1 ----------------------> Anchor 3850 no security wpa no security wpa akm dot1x no security wpa wpa2 no security wpa wpa2 ciphers aes security web-auth security web-auth authentication-list wcm_local security web-auth parameter-map test_web no shutdown
Configuring WLAN on Anchor Cisco 5500 Series Wireless Controller
wlan convegerd_access_guest 3 converged_access_guest client vlan 254 mobility anchor 192.0.2.1 no security wpa no security wpa akm dot1x no security wpa wpa2 no security wpa wpa2 ciphers aes security web-auth security web-auth authentication-list rad_ise security web-auth parameter-map test_web no shutdown
Global AAA Configuration
The following are the global AAA configuration commands:
|
Command or Action |
Description or Purpose or Example |
|---|---|
|
aaa authentication login rad_ise group ise |
Defines the login authentication method to call under WLAN. |
|
radius server ise address ipv4 192.0.2.1 auth-port 1812 acct-port 1813 key ww-wireless |
Configures the RADIUS server. The RADIUS server name is: ise |
|
aaa group server radius ise server name ise |
Configures the RADIUS group. The radius group name is: ise |
Global Parameter-map Configuration
The following are the global parameter-map configuration commands:
|
Command or Action |
Description or Purpose or Example |
|---|---|
|
parameter-map type webauth global virtual-ip ipv4 1.1.1.1 |
Defines the virtual IP address. |
|
parameter-map type webauth test_web type webauth banner |
The parameter map is called under the WLAN. |
Mobility Summary for Foreign Cisco Catalyst 3850 Series Switches
Mobility Role : Mobility Controller Mobility Protocol Port : 16666 Mobility Group Name : 3850 Mobility Oracle : Disabled Mobility Oracle IP Address : 0.0.0.0 DTLS Mode : Enabled Mobility Domain ID for 802.11r : 0xfa71 Mobility Keepalive Interval : 10 Mobility Keepalive Count : 3 Mobility Control Message DSCP Value : 0 Mobility Domain Member Count : 4 Link Status is Control Link Status : Data Link Status Controllers configured in the Mobility Domain: IP Public IP Group Name Multicast IP Link Status ------------------------------------------------------------------------------- 198.51.100.1 - 3850 0.0.0.0 UP : UP 198.51.100.10 198.51.100.10 wlab UP : UP 198.51.100.15 198.51.100.15 wlab UP : UP 198.51.100.20 198.51.100.20 converged access UP : UP
Mobility Summary for Anchor Cisco 5500 Series Wireless Controller
The following displays the mobility controller summary for Cisco 5500 Series Wireless Controller:
Mobility Role : Mobility Controller Mobility Protocol Port : 16666 Mobility Group Name : convergedaccess Mobility Oracle : Disabled Mobility Oracle IP Address : 0.0.0.0 DTLS Mode : Enabled Mobility Domain ID for 802.11r : 0x81c Mobility Keepalive Interval : 10 Mobility Keepalive Count : 3 Mobility Control Message DSCP Value : 0 Mobility Domain Member Count : 2 Link Status is Control Link Status : Data Link Status Controllers configured in the Mobility Domain: IP Public IP Group Name Multicast IP Link Status ------------------------------------------------------------------------------- 198.51.100.15 - converged access 0.0.0.0 UP : UP 198.51.100.20 198.51.100.20 5500 UP : UP
Feedback