I've been configuring Cisco WLC 2504 and 5508 for quite some time now and only got the chance to blog it. I always use PuTTY or HyperTerminal to console to the WLC since SecureCRT v7.2.1 gets stuck after this line:
Would you like to terminate autoinstall? [yes]
My test setup includes a Cisco AIR-CAP1602E-E-K9, a Cisco Catalyst 3650 switch and WLC 2504. The C stands for controller-based AP while the Cisco AIR-SAP1602E is a standalone AP. I've manually set the country, local date and time on the WLC.
The AP doesn't seem to join the WLC when the date and time aren't manually configured or set to non-working NTP. The AP also doesn't join when the country is set other than the specified country Stock Keeping Unit (SKU). Once the WLC is in production, you could configure it for NTP afterwards.
Here's a Cisco WLAN compliance matrix to specified approved countries and this is what the initial boot up and setup wizard looks like:
100%
36110929 bytes read
Launching...
Launching images...
init started: BusyBox v1.6.0 (2010-05-13 17:50:10 EDT) multi-call binary
starting pid 688, tty '': '/etc/init.d/rcS'
Detecting Hardware ...
Installing ether-pow driver - 0x6008
starting pid 879, tty '/dev/ttyS0': '/usr/bin/gettyOrMwar'
Setting up ZVM
Exporting LD_LIBRARY_PATH
Cryptographic library self-test....passed!
XML config selected
Validating XML configuration
XML Config version file is corrupted :Move all files to tmp XML dir
XML config version file is corrupted: Removed xml dir
touch: /mnt/application/xml/clis/XMLInvalidTagConfig.txt: No such file or direct
ory
octeon_device_init: found 1 DPs
/dev/fpga: No such device or address
readCPUConfigData: cardid 0x6060001
XML validation can not be done file open failed
sh: cannot create /mnt/application/xml/clis/XMLInvalidTagConfig.txt: nonexistent
directory
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Cisco AireOS Version 7.6.110.0
Firmware Version PIC 16.0
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Error (256) found in fsck check - attempt to repair.
Initializing Licensing Services:
License daemon start initialization.....
ok
License daemon running.....
Starting Statistics Service: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting FIPS Features: ok : Not enabled
Starting Fastpath Hardware Acceleration: ok
Starting Fastpath Console redirect : ok
Starting Fastpath DP Heartbeat : ok
Fastpath CPU0.00: Starting Fastpath Application. SDK-1.8.0, build 269. Flags-[DU
TY CYCLE] : ok
Fastpath CPU0.00: Initializing last packet received queue. Num of cores(2)
Fastpath CPU0.00: Init MBUF size: 1856, Subsequent MBUF size: 2040
Fastpath CPU0.00: Core 0 Initialization: ok
Fastpath CPU0.00: Initializing Timer...
Fastpath CPU0.00: Initializing Timer...done.
Fastpath CPU0.00: Initializing Timer...
Fastpath CPU0.00: Initializing NBAR AGING Timer...done.
Fastpath CPU0.01: Core 1 Initialization: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Client Troubleshooting Service: ok
Starting Management Frame Protection: ok
Starting Certificate Database: ok
Starting VPN Services: ok
Starting DNS Services: ok
Starting Licensing Services: ok
Starting Redundancy: ok
Starting LWAPP: ok
Starting CAPWAP: ok
Starting LOCP: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Capwap Ping Component: ok
Starting AVC Services: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting RF Profiles: ok
Starting Power Supply and Fan Status Monitoring Service: ok
Starting Mesh Services: ok
Starting TSM: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting DTLS server: enabled in CAPWAP
Starting CleanAir: ok
Starting WIPS: ok
Starting SSHPM LSC PROV LIST: ok
Starting RRC Services: ok
Starting SXP Services: ok
Starting Alarm Services: ok
Starting FMC HS: ok
Starting IPv6 Services: ok
Starting Config Sync Manager : ok
Starting Hotspot Services: ok
Starting Portal Server Services: ok
Starting mDNS Services: ok
Starting Management Services:
Web Server: CLI: Secure Web: Web Authentication Certificate not found (
error). If you cannot access management interface via HTTPS please reconfigure V
irtual Interface.
(Cisco Controller)
Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
Would you like to terminate autoinstall? [yes]: // HANGS UP TO THIS POINT WHEN USING SecureCRT
System Name [Cisco_3e:de:84] (31 characters max):
AUTO-INSTALL: process terminated -- no configuration loaded
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (3 to 24 characters):Cisco123 // REQUIRES UPPER AND LOWER CASE LETTERS AND REPEATED NUMBERS THRICE ISN'T ALLOWED
Re-enter Administrative Password: Cisco123
Enable Link Aggregation (LAG) [yes][NO]: no
Management Interface IP Address: 172.27.197.15
Management Interface Netmask: 255.255.255.192
Management Interface Default Router: 172.27.197.1
Management Interface VLAN Identifier (0 = untagged):
Management Interface Port Num [1 to 4]: 1
Management Interface DHCP Server IP Address: 172.27.197.1
Virtual Gateway IP Address: 1.1.1.1 // FOR WIRELESS ROAMING
Multicast IP Address: 239.0.0.1
Mobility/RF Group Name: MY_WIRELESS
Network Name (SSID): MY_WIRELESS
Configure DHCP Bridging Mode [yes][NO]: no
Allow Static IP Addresses [YES][no]: no
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter 'help' for a list of countries) [US]: SG // REQUIRED FOR AP TO JOIN
Enable 802.11b Network [YES][no]: yes
Enable 802.11a Network [YES][no]: yes
Enable 802.11g Network [YES][no]: yes
Enable Auto-RF [YES][no]: yes
Configure a NTP server now? [YES][no]: no // REQUIRED FOR AP TO JOIN OR SET LOCAL CLOCK
Configure the system time now? [YES][no]: yes
Enter the date in MM/DD/YY format: 02/02/15
Enter the time in HH:MM:SS format: 14:23:00
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
After the wizard, the WLC will reboot and it's now accessible via HTTPS. IE tends to work smoothly with the WLC GUI.
Here are some useful show commands on the WLC:
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.100.0 // AP MUST USE SAME VERSION
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 1.0.0
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... MY_WLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 172.27.197.15
Last Reset....................................... Power on reset
System Up Time................................... 41 days 11 hrs 42 mins 59 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... SG - Singapore
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +40 C
External Temperature............................. +45 C
Fan Status....................................... 4400 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 2
Number of Active Clients......................... 0
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ B0:FA:EB:8B:XX:YY
Maximum number of APs supported.................. 25 // CAN INCREASE VIA LICENSING
If the WLC and AP are running on different versions, the AP will log the error below. The APs are currently shipped with version 7.6 as of this writing. You can directly upgrade to 7.6 if you're on WLC version 7.0 or 7.4.
(Cisco Controller) >show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "Cisco 2500 Series Wireless LAN Controller"
PID: AIR-CT2504-K9, VID: V01, SN: PSZ17220XYZ
Burned-in MAC Address............................ 10:F3:11:A4:7A:BC
Maximum number of APs supported.................. 15
Press Enter to continue or <ctrl-z> to abort
<OUTPUT TRUNCATED>
(Cisco Controller) >show ap summary
Number of APs.................................... 1
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location
Country IP Address Clients
------------------ ----- -------------------- ----------------- ------------
---- ------- --------------- -------
APfc5b.3937.3abc 2 AIR-CAP1602E-E-K9 fc:5b:39:37:3a:bc default loca
tion SG 172.27.197.8 0
(Cisco Controller) >show ap join stats summary all
Number of APs.............................................. 1
Base Mac AP EthernetMac AP Name IP Address Status
04:da:d2:ce:12:34 6c:20:56:13:ab:cd APfc5b.3937.3abc 172.27.197.22 Joined
(Cisco Controller) >debug capwap events enable
(Cisco Controller) >debug disable-all
(Cisco Controller) save config
Are you sure you want to save? (y/n) y
Configuration Saved!
Would you like to terminate autoinstall? [yes]
My test setup includes a Cisco AIR-CAP1602E-E-K9, a Cisco Catalyst 3650 switch and WLC 2504. The C stands for controller-based AP while the Cisco AIR-SAP1602E is a standalone AP. I've manually set the country, local date and time on the WLC.
The AP doesn't seem to join the WLC when the date and time aren't manually configured or set to non-working NTP. The AP also doesn't join when the country is set other than the specified country Stock Keeping Unit (SKU). Once the WLC is in production, you could configure it for NTP afterwards.
Here's a Cisco WLAN compliance matrix to specified approved countries and this is what the initial boot up and setup wizard looks like:
100%
36110929 bytes read
Launching...
Launching images...
init started: BusyBox v1.6.0 (2010-05-13 17:50:10 EDT) multi-call binary
starting pid 688, tty '': '/etc/init.d/rcS'
Detecting Hardware ...
Installing ether-pow driver - 0x6008
starting pid 879, tty '/dev/ttyS0': '/usr/bin/gettyOrMwar'
Setting up ZVM
Exporting LD_LIBRARY_PATH
Cryptographic library self-test....passed!
XML config selected
Validating XML configuration
XML Config version file is corrupted :Move all files to tmp XML dir
XML config version file is corrupted: Removed xml dir
touch: /mnt/application/xml/clis/XMLInvalidTagConfig.txt: No such file or direct
ory
octeon_device_init: found 1 DPs
/dev/fpga: No such device or address
readCPUConfigData: cardid 0x6060001
XML validation can not be done file open failed
sh: cannot create /mnt/application/xml/clis/XMLInvalidTagConfig.txt: nonexistent
directory
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Cisco AireOS Version 7.6.110.0
Firmware Version PIC 16.0
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Error (256) found in fsck check - attempt to repair.
Initializing Licensing Services:
License daemon start initialization.....
ok
License daemon running.....
Starting Statistics Service: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting FIPS Features: ok : Not enabled
Starting Fastpath Hardware Acceleration: ok
Starting Fastpath Console redirect : ok
Starting Fastpath DP Heartbeat : ok
Fastpath CPU0.00: Starting Fastpath Application. SDK-1.8.0, build 269. Flags-[DU
TY CYCLE] : ok
Fastpath CPU0.00: Initializing last packet received queue. Num of cores(2)
Fastpath CPU0.00: Init MBUF size: 1856, Subsequent MBUF size: 2040
Fastpath CPU0.00: Core 0 Initialization: ok
Fastpath CPU0.00: Initializing Timer...
Fastpath CPU0.00: Initializing Timer...done.
Fastpath CPU0.00: Initializing Timer...
Fastpath CPU0.00: Initializing NBAR AGING Timer...done.
Fastpath CPU0.01: Core 1 Initialization: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Client Troubleshooting Service: ok
Starting Management Frame Protection: ok
Starting Certificate Database: ok
Starting VPN Services: ok
Starting DNS Services: ok
Starting Licensing Services: ok
Starting Redundancy: ok
Starting LWAPP: ok
Starting CAPWAP: ok
Starting LOCP: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Capwap Ping Component: ok
Starting AVC Services: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting RF Profiles: ok
Starting Power Supply and Fan Status Monitoring Service: ok
Starting Mesh Services: ok
Starting TSM: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting DTLS server: enabled in CAPWAP
Starting CleanAir: ok
Starting WIPS: ok
Starting SSHPM LSC PROV LIST: ok
Starting RRC Services: ok
Starting SXP Services: ok
Starting Alarm Services: ok
Starting FMC HS: ok
Starting IPv6 Services: ok
Starting Config Sync Manager : ok
Starting Hotspot Services: ok
Starting Portal Server Services: ok
Starting mDNS Services: ok
Starting Management Services:
Web Server: CLI: Secure Web: Web Authentication Certificate not found (
error). If you cannot access management interface via HTTPS please reconfigure V
irtual Interface.
(Cisco Controller)
Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
Would you like to terminate autoinstall? [yes]: // HANGS UP TO THIS POINT WHEN USING SecureCRT
System Name [Cisco_3e:de:84] (31 characters max):
AUTO-INSTALL: process terminated -- no configuration loaded
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (3 to 24 characters):Cisco123 // REQUIRES UPPER AND LOWER CASE LETTERS AND REPEATED NUMBERS THRICE ISN'T ALLOWED
Re-enter Administrative Password: Cisco123
Enable Link Aggregation (LAG) [yes][NO]: no
Management Interface IP Address: 172.27.197.15
Management Interface Netmask: 255.255.255.192
Management Interface Default Router: 172.27.197.1
Management Interface VLAN Identifier (0 = untagged):
Management Interface Port Num [1 to 4]: 1
Management Interface DHCP Server IP Address: 172.27.197.1
Virtual Gateway IP Address: 1.1.1.1 // FOR WIRELESS ROAMING
Multicast IP Address: 239.0.0.1
Mobility/RF Group Name: MY_WIRELESS
Network Name (SSID): MY_WIRELESS
Configure DHCP Bridging Mode [yes][NO]: no
Allow Static IP Addresses [YES][no]: no
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter 'help' for a list of countries) [US]: SG // REQUIRED FOR AP TO JOIN
Enable 802.11b Network [YES][no]: yes
Enable 802.11a Network [YES][no]: yes
Enable 802.11g Network [YES][no]: yes
Enable Auto-RF [YES][no]: yes
Configure a NTP server now? [YES][no]: no // REQUIRED FOR AP TO JOIN OR SET LOCAL CLOCK
Configure the system time now? [YES][no]: yes
Enter the date in MM/DD/YY format: 02/02/15
Enter the time in HH:MM:SS format: 14:23:00
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
After the wizard, the WLC will reboot and it's now accessible via HTTPS. IE tends to work smoothly with the WLC GUI.
Here are some useful show commands on the WLC:
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.100.0 // AP MUST USE SAME VERSION
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 1.0.0
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... MY_WLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 172.27.197.15
Last Reset....................................... Power on reset
System Up Time................................... 41 days 11 hrs 42 mins 59 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... SG - Singapore
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +40 C
External Temperature............................. +45 C
Fan Status....................................... 4400 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 2
Number of Active Clients......................... 0
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ B0:FA:EB:8B:XX:YY
Maximum number of APs supported.................. 25 // CAN INCREASE VIA LICENSING
If the WLC and AP are running on different versions, the AP will log the error below. The APs are currently shipped with version 7.6 as of this writing. You can directly upgrade to 7.6 if you're on WLC version 7.0 or 7.4.
*Mar 1 00:02:40.694:
%CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_a5:5f:44'running version 7.0.220.0 is rejected. // WLC IS ONVERSION 7.0; CHECK THE UPGRADE PATH IN CISCO.COM
(Cisco Controller) >show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "Cisco 2500 Series Wireless LAN Controller"
PID: AIR-CT2504-K9, VID: V01, SN: PSZ17220XYZ
Burned-in MAC Address............................ 10:F3:11:A4:7A:BC
Maximum number of APs supported.................. 15
Press Enter to continue or <ctrl-z> to abort
<OUTPUT TRUNCATED>
(Cisco Controller) >show ap summary
Number of APs.................................... 1
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location
Country IP Address Clients
------------------ ----- -------------------- ----------------- ------------
---- ------- --------------- -------
APfc5b.3937.3abc 2 AIR-CAP1602E-E-K9 fc:5b:39:37:3a:bc default loca
tion SG 172.27.197.8 0
(Cisco Controller) >show ap join stats summary all
Number of APs.............................................. 1
Base Mac AP EthernetMac AP Name IP Address Status
04:da:d2:ce:12:34 6c:20:56:13:ab:cd APfc5b.3937.3abc 172.27.197.22 Joined
(Cisco Controller) >debug capwap events enable
(Cisco Controller) >debug disable-all
(Cisco Controller) save config
Are you sure you want to save? (y/n) y
Configuration Saved!
No comments:
Post a Comment