Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE Amsterdam 17.2.x

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: June 25, 2020

Chapter: Configuring Passive Client on Software Defined Access [SDA-Wireless]

Configuring Passive Client on Software Defined Access [SDA-Wireless]
Information About Passive Clients
Enabling Passive Client on WLAN Policy Profile (GUI)
Enabling Passive Client on WLAN Policy Profile (CLI)
Enabling ARP Broadcast on VLAN (GUI)
Enabling ARP Broadcast on VLAN (CLI)
Configuring Passive Client in Fabric Deployment
- Enabling Broadcast Underlay on VLAN
- Enabling ARP Flooding
Verifying Passive Client Configuration

Configuring Passive Client on Software Defined Access [SDA-Wireless]

Information About Passive Clients

Passive Clients are wireless devices, such as printers and devices configured using a static IP address. Such clients when associated to an AP do not transmit any IP information. That is why, the controller does not know the IP address unless they use the DHCP.

In the controller, the clients just show up in the Learn IP state and get timed out because of the DHCP policy-timeout.

To establish TCP or IP communication with such clients, you need to perform the following:

Configure the Passive Client for each wireless profile.
Use the WLAN-VLAN mapping to plumb VLAN details to which the WLAN is being mapped.
Stop the DHCP timer for clients associated to the WLAN.

Note

You need to enable the following for passive client feature to work:

ARP broadcast on VLANs
LISP multicast. For information on LISP multicast, see:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-xe-3s-book/irl-lisp-multicast.html

For information on LISP (Locator ID Separation Protocol), see:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-xe-3s-book/irl-cfg-lisp.html

Enabling Passive Client on WLAN Policy Profile (GUI)

Procedure

Step 1	Choose Configuration > Tags & Profiles > Policy page, click Add to open the Add Policy Profile page.
Step 2	In the General tab, use the slider to enable Passive Client.
Step 3	Click Save & Apply to Device.

Enabling Passive Client on WLAN Policy Profile (CLI)

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	wireless profile policy `default-policy-profile` Example: `Device(config)# wireless profile policy default-policy-profile`	Configures the default policy profile.
Step 3	[no] passive-client Example: `Device(config-wlan)# [no] passive-client`	Enables Passive Client.
Step 4	end Example: `Device(config-wlan)# end`	Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Enabling ARP Broadcast on VLAN (GUI)

Procedure

Step 1	Choose Configuration > Layer2 > VLAN page, click VLAN tab.
Step 2	Click Add to view the Create VLAN window.
Step 3	Use the slider to enable ARP Broadcast.
Step 4	Click Save & Apply to Device.

Enabling ARP Broadcast on VLAN (CLI)

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	vlan configuration `vlan-id` Example: `Device(config)# vlan configuration 1`	Configures a VLAN or a collection of VLANs and enters VLAN configuration mode.
Step 3	[no] arp broadcast Example: `Device(config-vlan)# [no] arp broadcast`	Enables ARP broadcast on VLAN.
Step 4	end Example: `Device(config-vlan)# end`	Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Configuring Passive Client in Fabric Deployment

Enabling Broadcast Underlay on VLAN

Note

You can perform the following configuration tasks from Fabric Edge Node only and not from your controller.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `FabricEdge# configure terminal`	Enters global configuration mode.
Step 2	router lisp Example: `FabricEdge(config)# router lisp`	Enters LISP configuration mode.
Step 3	instance-id `instance` Example: `FabricEdge(config-router-lisp)# instance-id 3`	Creates a LISP EID instance to group multiple services. Configurations under this instance-id are applicable to all services underneath it.
Step 4	service ipv4 Example: `FabricEdge(config-router-lisp-instance)# service ipv4`	Enables Layer 3 network services for the IPv4 address family and enters the service submode.
Step 5	database-mapping `eid` locator-set `RLOC name` Example: `FabricEdge(config-router-lisp-instance-dynamic-eid)# database-mapping 66.66.66.64/32 locator-set rloc1`	Configures EID to RLOC mapping relationship.
Step 6	map-cache `destination-eid` map-request Example: `FabricEdge(config-router-lisp-instance-service)# map-cache 0.0.0.0/0 map-request`	Generates a static map request for the destination EID.
Step 7	exit-service-ipv4 Example: `FabricEdge(config-router-lisp-instance-service)# exit-service-ipv4`	Exits service submode.
Step 8	exit-instance-id Example: `FabricEdge(config-router-lisp-instance)# exit-instance-id`	Exits instance submode.
Step 9	instance-id `instance` Example: `FabricEdge(config-router-lisp)# instance-id 101`	Creates a LISP EID instance to group multiple services.
Step 10	service ethernet Example: `FabricEdge(config-router-lisp-instance)# service ethernet`	Enables Layer 2 network services and enters service submode.
Step 11	eid-table vlan `vlan-number` Example: `FabricEdge(config-router-lisp-instance-service)# eid-table vlan 101`	Associates the LISP instance-id configured earlier with a VLAN through which the endpoint identifier address space is reachable.
Step 12	broadcast-underlay `multicast-group` Example: `FabricEdge(config-router-lisp-instance-service)# broadcast-underlay 239.0.0.1`	Specifies the multicast group used by the underlay to carry the overlay Layer 2 broadcast traffic.
Step 13	exit-service-ethernet Example: `FabricEdge(config-router-lisp-instance-service)# exit-service-ethernet`	Exits service sub mode.
Step 14	exit-instance-id Example: `FabricEdge(config-router-lisp-instance)# exit-instance-id`	Exits instance sub mode.

Enabling ARP Flooding

Note

You can perform the following configuration tasks from Fabric Edge Node only and not from your controller.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `FabricEdge# configure terminal`	Enters global configuration mode.
Step 2	router lisp Example: `FabricEdge(config)# router lisp`	Enters LISP configuration mode.
Step 3	instance-id `instance` Example: `FabricEdge(config-router-lisp)# instance-id 3`	Creates a LISP EID instance to group multiple services. Configurations under this instance-id are applicable to all services underneath it.
Step 4	service ipv4 Example: `FabricEdge(config-router-lisp-instance)# service ipv4`	Enables Layer 3 network services for the IPv4 address family and enters the service submode.
Step 5	database-mapping `eid` locator-set `RLOC name` Example: `FabricEdge(config-router-lisp-instance-dynamic-eid)# database-mapping 66.66.66.64/32 locator-set rloc1`	Configures EID to RLOC mapping relationship.
Step 6	map-cache `destination-eid` map-request Example: `FabricEdge(config-router-lisp-instance-service)# map-cache 0.0.0.0/0 map-request`	Generates a static map request for the destination EID.
Step 7	exit-service-ipv4 Example: `FabricEdge(config-router-lisp-instance-service)# exit-service-ipv4`	Exits service submode.
Step 8	exit-instance-id Example: `FabricEdge(config-router-lisp-instance)# exit-instance-id`	Exits instance submode.
Step 9	instance-id `instance` Example: `FabricEdge(config-router-lisp)# instance-id 101`	Creates a LISP EID instance to group multiple services.
Step 10	service ethernet Example: `FabricEdge(config-router-lisp-instance)# service ethernet`	Enables Layer 2 network services and enters service submode.
Step 11	eid-table vlan `vlan-number` Example: `FabricEdge(config-router-lisp-instance-service)# eid-table vlan 101`	Associates the LISP instance-id configured earlier with a VLAN through which the endpoint identifier address space is reachable.
Step 12	flood arp-nd Example: `FabricEdge(config-router-lisp-instance-service)# flood arp-nd`	Enables ARP flooding.
Step 13	database-mapping `mac` locator-set `RLOC name` Example: `FabricEdge(config-router-lisp-instance-service)# database-mapping mac locator-set rloc1`	Configures EID to RLOC mapping relationship.
Step 14	exit-service-ethernet Example: `FabricEdge(config-router-lisp-instance-service)# exit-service-ethernet`	Exits service sub mode.
Step 15	exit-instance-id Example: `FabricEdge(config-router-lisp-instance)# exit-instance-id`	Exits instance sub mode.

Verifying Passive Client Configuration

To verify the status of the Passive Client, use the following command:

Device# show wireless profile policy detailed sample-profile-policy

Policy Profile Name           : sample-profile-policy
Description                   : sample-policy
Status                        : ENABLED
VLAN                          : 20
Client count                  : 0
Passive Client                : ENABLED    <--------------------
WLAN Switching Policy
  Central Switching           : ENABLED
  Central Authentication      : ENABLED
  Central DHCP                : DISABLED
  Override DNS                : DISABLED
  Override NAT PAT            : DISABLED
  Central Assoc               : DISABLED
.
.
.

To verify VLANs that have ARP broadcast enabled, use the following command:

Device# show platform software arp broadcast

Arp broadcast is enabled on vlans:
20

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE Amsterdam 17.2.x

Bias-Free Language

Results

Chapter: Configuring Passive Client on Software Defined Access [SDA-Wireless]

Configuring Passive Client on Software Defined Access [SDA-Wireless]

Information About Passive Clients

Enabling Passive Client on WLAN Policy Profile (GUI)

Procedure

Enabling Passive Client on WLAN Policy Profile (CLI)

Procedure

Example:

Example:

Example:

Example:

Enabling ARP Broadcast on VLAN (GUI)

Procedure

Enabling ARP Broadcast on VLAN (CLI)

Procedure

Example:

Example:

Example:

Example:

Enabling Broadcast Underlay on VLAN

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Enabling ARP Flooding

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Verifying Passive Client Configuration

Was this Document Helpful?

Contact Cisco