Configuring Converged Access Controllers
Creating Peer Groups, Peer Group Member, and Bridge Domain ID (CLI)
Before you begin
- On the mobility agent, you can only configure the IP address of the mobility controller.
- On the mobility controller, you can define the peer group and the IP address of each peer group member.
SUMMARY STEPS
- wireless mobility controller
- wireless mobility controller peer-group SPG1
- wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr
- wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr
- wireless mobility controller peer-group SPG2
- wireless mobility controller peer-group SPG2 member ip member-ip-addr public-ip public-ip-addr
- wireless mobility controller peer-group SPG1 bridge-domain-id id
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
wireless mobility controller Example:
|
Enables the mobility controller functionality on the device. This command is applicable only to the switch. The controller is by default a mobility controller. |
||
Step 2 |
wireless mobility controller peer-group SPG1 Example:
|
Creates a peer group named SPG1. |
||
Step 3 |
wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr Example:
|
|
||
Step 4 |
wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr Example:
|
Adds another member to the peer group SPG1. |
||
Step 5 |
wireless mobility controller peer-group SPG2 Example:
|
Creates another peer group SPG2. |
||
Step 6 |
wireless mobility controller peer-group SPG2 member ip member-ip-addr public-ip public-ip-addr Example:
|
Adds a member to peer group SPG2. |
||
Step 7 |
wireless mobility controller peer-group SPG1 bridge-domain-id id Example:
|
(Optional) Adds a bridge domain to SPG1 used for defining the subnet-VLAN mapping with other SPGs. |
Example
This example shows how to create peer group and add members to it:
Device(config)# wireless mobility controller
Device(config)# wireless mobility controller peer-group SPG1
Device(config)# wireless mobility controller peer-group SPG1
Device(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.2 public-ip 10.10.20.2
Device(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.6 public-ip 10.10.20.6
Device(config)# wireless mobility controller peer-group SPG2
Device(config)# wireless mobility controller peer-group SPG2 member ip 10.10.10.20 public-ip 10.10.10.20
Device(config)# wireless mobility controller peer-group SPG1 bridge-domain-id 54
Creating Peer Groups, Peer Group Member, and Bridge Domain ID (GUI)
Before you begin
-
Ensure that the device is in mobility controller state.
-
On the mobility agent, you can only configure the IP address of the mobility controller.
-
On the mobility controller, you can define the peer group and the IP address of each peer group member.
Procedure
Step 1 |
Choose .The Mobility Switch Peer Groups page is displayed. |
Step 2 |
Click New. |
Step 3 |
Enter the following details:
|
Step 4 |
Click Apply. |
Step 5 |
Click Save Configuration. |
Configuring Local Mobility Group (CLI)
Configuration for wireless mobility groups and mobility group members where the mobility group is a group of MCs.
Before you begin
MCs can belong only to one mobility group, and can know MCs in several mobility groups.
SUMMARY STEPS
- wireless mobility group name group-name
- wireless mobility group member ip member-ip-addr public-ip public-ip-addr
- wireless mobility group keepalive interval time-in-seconds
- wireless mobility group keepalive count count
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
wireless mobility group name group-name Example:
|
Creates a mobility group named Mygroup. |
||
Step 2 |
wireless mobility group member ip member-ip-addr public-ip public-ip-addr Example:
|
Adds a mobility controller to the Mygroup mobility group.
|
||
Step 3 |
wireless mobility group keepalive interval time-in-seconds Example:
|
Configures the interval between two keepalives sent to a mobility member. |
||
Step 4 |
wireless mobility group keepalive count count Example:
|
Configures the keep alive retries before a member status is termed DOWN. |
Example
Device(config)# wireless mobility group name Mygroup
Device(config)# wireless mobility group member ip 10.10.34.10 public-ip 10.10.34.28
Device(config)# wireless mobility group keepalive interval 5
Device(config)# wireless mobility group keepalive count 3
Configuring Local Mobility Group (GUI)
Before you begin
Mobility controllers can belong to only one mobility group and can know mobility controllers in several mobility groups.
Procedure
Step 1 |
Choose .The Mobility Controller Configuration page is displayed. |
Step 2 |
Enter the following details: |
Step 3 |
Click Apply. |
Step 4 |
Click Save Configuration. |
Adding a Peer Mobility Group (CLI)
Before you begin
MCs belong to only one group, and can know MCs in several groups.
SUMMARY STEPS
- wireless mobility group member ip member-ip-addr public-ip public-ip-addr group group-name
DETAILED STEPS
Command or Action | Purpose |
---|---|
wireless mobility group member ip member-ip-addr public-ip public-ip-addr group group-name Example:
|
Adds the member as a peer MC in a different group than the Mygroup. |
Adding a Peer Mobility Group (GUI)
Before you begin
Mobility controllers belong to only one group, and can know several mobility groups.
Procedure
Step 1 |
Choose .The Mobility Peer page is displayed. |
Step 2 |
Click New. |
Step 3 |
Enter the following details:
|
Step 4 |
Click Apply. |
Step 5 |
Click Save Configuration. |
Configuring Optional Parameters for Roaming Behavior
Use this configuration to disable the sticky anchor. This command can also be used, if required, between all MA's and MC's where roaming is expected for the target SSID.
SUMMARY STEPS
- wlan open21
- no mobility anchor sticky
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
wlan open21 Example:
|
Configures a WLAN. |
Step 2 |
no mobility anchor sticky Example:
|
Disables the default sticky mobility anchor. |
Example
Device(config)# wlan open20
Device(config-wlan)# no mobility anchor sticky
Pointing the Mobility Controller to a Mobility Oracle (CLI)
Before you begin
You can configure a mobility oracle on a known mobility controller.
SUMMARY STEPS
- wireless mobility group member ip member-ip-addr group group-name
- wireless mobility oracle ip oracle-ip-addr
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
wireless mobility group member ip member-ip-addr group group-name Example:
|
Creates and adds a MC to a mobility group. |
Step 2 |
wireless mobility oracle ip oracle-ip-addr Example:
|
Configures the mobility controller as mobility oracle. |
Example
Device(config)# wireless mobility group member ip 10.10.10.10 group Group3
Device(config)# wireless mobility oracle ip 10.10.10.10
Pointing the Mobility Controller to a Mobility Oracle (GUI)
Before you begin
You can configure a mobility oracle on a known mobility controller.
Procedure
Step 1 |
Choose .The Mobility Controller Configuration page is displayed. |
||
Step 2 |
Enter the Mobility Oracle IP Address.
|
||
Step 3 |
Click Apply. |
||
Step 4 |
Click Save Configuration. |
Configuring Guest Controller
A guest controller is used when the client traffic is tunneled to a guest anchor controller in the demilitarized zone (DMZ). The guest client goes through a web authentication process. The web authentication process is optional, and the guest is allowed to pass traffic without authentication too.
Enable the WLAN on the mobility agent on which the guest client connects with the mobility anchor address of the guest controller.
Note |
With Cisco 5700 Series WLC as the guest anchor controller and Cisco 5500 Series WLC or Cisco WiSM2 as export foreign controller, the guest user role per user is not supported on the Cisco 5700 Series WLC. |
SUMMARY STEPS
- wlan wlan-id
- mobility anchor guest-anchor-ip-addr
- client vlan vlan-name
- security open
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
wlan wlan-id Example:
|
Creates a WLAN for the client. |
||
Step 2 |
mobility anchor guest-anchor-ip-addr Example:
|
|
||
Step 3 |
client vlan vlan-name Example:
|
Assigns a VLAN to the client's WLAN. |
||
Step 4 |
security open Example:
|
Assigns a security type to the WLAN. |
Example
Device(config)# wlan Mywlan1
Device(config-wlan)# mobility anchor 10.10.10.2
Device(config-wlan)# client vlan gc_ga_vlan1
Device(config-wlan)# security open
Configuring Guest Anchor
SUMMARY STEPS
- wlan Mywlan1
- mobility anchor <guest-anchors-own-ip-address>
- client vlan <vlan-name>
- security open
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
wlan Mywlan1 Example:
|
Creates a wlan for the client. |
Step 2 |
mobility anchor <guest-anchors-own-ip-address> Example:
|
Enables the guest anchors IP address on the guest anchor (GA). The GA assigns its own address on itself. |
Step 3 |
client vlan <vlan-name> Example:
|
Assigns a vlan to the clients wlan. |
Step 4 |
security open Example:
|
Assigns a security type to the wlan. |
Example
Device(config)# wlan Mywlan1
Device(config-wlan)# mobility anchor 10.10.10.2
Device(config-wlan)# client vlan gc_ga_vlan1
Device(config-wlan)# security open