Configuring Converged Access Controllers
Creating Peer Groups, Peer Group Member, and Bridge Domain ID (CLI)
Before you begin
- On the mobility agent, you can only configure the IP address of the mobility controller.
- On the mobility controller, you can define the peer group and the IP address of each peer group member.
Procedure
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
wireless mobility controller Example:
|
Enables the mobility controller functionality on the device. This command is applicable only to the switch. The controller is by default a mobility controller. |
||
Step 2 |
wireless mobility controller peer-group SPG1 Example:
|
Creates a peer group named SPG1. |
||
Step 3 |
wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr Example:
|
|
||
Step 4 |
wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr Example:
|
Adds another member to the peer group SPG1. |
||
Step 5 |
wireless mobility controller peer-group SPG2 Example:
|
Creates another peer group SPG2. |
||
Step 6 |
wireless mobility controller peer-group SPG2 member ip member-ip-addr public-ip public-ip-addr Example:
|
Adds a member to peer group SPG2. |
||
Step 7 |
wireless mobility controller peer-group SPG1 bridge-domain-id id Example:
|
(Optional) Adds a bridge domain to SPG1 used for defining the subnet-VLAN mapping with other SPGs. |
Example
This example shows how to create peer group and add members to it:
Device(config)# wireless mobility controller
Device(config)# wireless mobility controller peer-group SPG1
Device(config)# wireless mobility controller peer-group SPG1
Device(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.2 public-ip 10.10.20.2
Device(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.6 public-ip 10.10.20.6
Device(config)# wireless mobility controller peer-group SPG2
Device(config)# wireless mobility controller peer-group SPG2 member ip 10.10.10.20 public-ip 10.10.10.20
Device(config)# wireless mobility controller peer-group SPG1 bridge-domain-id 54
Configuring Local Mobility Group (CLI)
Configuration for wireless mobility groups and mobility group members where the mobility group is a group of MCs.
Before you begin
MCs can belong only to one mobility group, and can know MCs in several mobility groups.
Procedure
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
wireless mobility group name group-name Example:
|
Creates a mobility group named Mygroup. |
||
Step 2 |
wireless mobility group member ip member-ip-addr public-ip public-ip-addr Example:
|
Adds a mobility controller to the Mygroup mobility group.
|
||
Step 3 |
wireless mobility group keepalive interval time-in-seconds Example:
|
Configures the interval between two keepalives sent to a mobility member. |
||
Step 4 |
wireless mobility group keepalive count count Example:
|
Configures the keep alive retries before a member status is termed DOWN. |
Example
Device(config)# wireless mobility group name Mygroup
Device(config)# wireless mobility group member ip 10.10.34.10 public-ip 10.10.34.28
Device(config)# wireless mobility group keepalive interval 5
Device(config)# wireless mobility group keepalive count 3
Adding a Peer Mobility Group (CLI)
Before you begin
MCs belong to only one group, and can know MCs in several groups.
Procedure
Command or Action | Purpose |
---|---|
wireless mobility group member ip member-ip-addr public-ip public-ip-addr group group-name Example:
|
Adds the member as a peer MC in a different group than the Mygroup. |
Configuring Optional Parameters for Roaming Behavior
Use this configuration to disable the sticky anchor. This command can also be used, if required, between all MA's and MC's where roaming is expected for the target SSID.
Procedure
Command or Action | Purpose | |
---|---|---|
Step 1 |
wlan open21 Example:
|
Configures a WLAN. |
Step 2 |
no mobility anchor sticky Example:
|
Disables the default sticky mobility anchor. |
Example
Device(config)# wlan open20
Device(config-wlan)# no mobility anchor sticky
Pointing the Mobility Controller to a Mobility Oracle (CLI)
Before you begin
You can configure a mobility oracle on a known mobility controller.
Procedure
Command or Action | Purpose | |
---|---|---|
Step 1 |
wireless mobility group member ip member-ip-addr group group-name Example:
|
Creates and adds a MC to a mobility group. |
Step 2 |
wireless mobility oracle ip oracle-ip-addr Example:
|
Configures the mobility controller as mobility oracle. |
Example
Device(config)# wireless mobility group member ip 10.10.10.10 group Group3
Device(config)# wireless mobility oracle ip 10.10.10.10
Configuring Guest Controller
A guest controller is used when the client traffic is tunneled to a guest anchor controller in the demilitarized zone (DMZ). The guest client goes through a web authentication process. The web authentication process is optional, and the guest is allowed to pass traffic without authentication too.
Enable the WLAN on the mobility agent on which the guest client connects with the mobility anchor address of the guest controller.
Note |
With Cisco 5700 Series WLC as the guest anchor controller and Cisco 5500 Series WLC or Cisco WiSM2 as export foreign controller, the guest user role per user is not supported on the Cisco 5700 Series WLC. |
Procedure
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
wlan wlan-id Example:
|
Creates a WLAN for the client. |
||
Step 2 |
mobility anchor guest-anchor-ip-addr Example:
|
|
||
Step 3 |
client vlan vlan-name Example:
|
Assigns a VLAN to the client's WLAN. |
||
Step 4 |
security open Example:
|
Assigns a security type to the WLAN. |
Example
Device(config)# wlan Mywlan1
Device(config-wlan)# mobility anchor 10.10.10.2
Device(config-wlan)# client vlan gc_ga_vlan1
Device(config-wlan)# security open
Configuring Guest Anchor
Procedure
Command or Action | Purpose | |
---|---|---|
Step 1 |
wlan Mywlan1 Example:
|
Creates a wlan for the client. |
Step 2 |
mobility anchor <guest-anchors-own-ip-address> Example:
|
Enables the guest anchors IP address on the guest anchor (GA). The GA assigns its own address on itself. |
Step 3 |
client vlan <vlan-name> Example:
|
Assigns a vlan to the clients wlan. |
Step 4 |
security open Example:
|
Assigns a security type to the wlan. |
Example
Device(config)# wlan Mywlan1
Device(config-wlan)# mobility anchor 10.10.10.2
Device(config-wlan)# client vlan gc_ga_vlan1
Device(config-wlan)# security open