Cisco wireless

Equipments used:

1. WS-2950-24T Catalyst switch

2. 2x AP1242-AG (LAP)

3. Cisco linksys router (as stratum 2 NTP server)

4. Cisco 1841 router

5. Cisco 2125 wireless lan controller

You should know these before you begin:

Interface refers to logical interfaces, it is intangible, it is just logical. There are two types of interfaces – Static and dynamic, Static is created by system (WLC) and dynamic is created by network adminstrator.

Port refers to the physical ports, 2100 series controller has 8 switch ports, port 7 and 8 are PoE enabled ports.

Management interface is for controlling communications in your network for all physical port. AP discovers the controller through management interface.

AP-manager interface is the interface used for communication between APs and controller. When AP first started it will find the controller using Layer3 LWAPP when it finds the ap-manager interface ip it will join the wlc group. The ip address of ap-manager is the source of communication between AP and controller.

Virtual interface is the interface used for Layer 3 security, however dhcp request will also be redirected to this virtual interface.

Management, ap-manager and virtual interfaces are known as static interfaces created by system and cannot be deleted.

About 2125 controller

A trunk link is established between 2950 and 2125’s switchport (port 4).

The management interface is tied to vlan 10 and ap-manager interface is tied to vlan 20, both have assigned to port 4.

(Cisco Controller) >show interface summary

Interface Name                   Port Vlan Id  IP Address      Type    Ap Mgr Guest
——————————– —- ——– ————— ——- —— —–
ap-manager                       4    20       192.168.20.2    Static  Yes    No
ap-user                          4    99       10.99.99.2      Dynamic No     No
management                       4    10       192.168.10.2    Static  No     No
virtual                          N/A  N/A      1.1.1.1         Static  No     No

(Cisco Controller) >show interface detailed ap-manager

Interface Name…………………………….. ap-manager
MAC Address……………………………….. 00:25:84:f2:39:e3
IP Address………………………………… 192.168.20.2
IP Netmask………………………………… 255.255.255.0
IP Gateway………………………………… 192.168.20.1
VLAN……………………………………… 20
Physical Port……………………………… 4
Primary DHCP Server………………………… 192.168.20.1
Secondary DHCP Server………………………. Unconfigured
DHCP Option 82…………………………….. Disabled
ACL………………………………………. Unconfigured
AP Manager………………………………… Yes
Guest Interface……………………………. No

(Cisco Controller) >show interface detailed management

Interface Name…………………………….. management
MAC Address……………………………….. 00:25:84:f2:39:e0
IP Address………………………………… 192.168.10.2
IP Netmask………………………………… 255.255.255.0
IP Gateway………………………………… 192.168.10.1
VLAN……………………………………… 10
Quarantine-vlan……………………………. 0
Physical Port……………………………… 4
Primary DHCP Server………………………… 192.168.10.1
Secondary DHCP Server………………………. Unconfigured
DHCP Option 82…………………………….. Disabled
ACL………………………………………. Unconfigured
AP Manager………………………………… No
Guest Interface……………………………. No

Startup script for controller without a configuration file

If no configuration file was found, the controller will attempt to start the startup script for your ease of setting up. It’s really easy if you know what you are doing 😉

While your controller is booting up, it will use option 1 which is to run the primary image, you can interrupt this behaviour by pressing ESC once. You will see the menu as shown above. To clear the configuration choose number 5, well I think this is quite self-explanatory 🙂

Motivation to use wireless

Basically to enhance mobility for users, users will be able to connect to your wired network through the access point, so wireless is not really 100% wireless 😉 You still need cables and wiring…haha…

Lab set up

The AP is like a host, to me it is like a computer with NIC. Connect your AP to the switchports, and enable portfast, btw use straight-through cable to connect your AP to your switch 😀 Let your AP join the relevant vlan, for me I choose vlan 20 which is the same as the ap-manager 😀

Connect a cross-over cable from WLC’s switchport to the 2950’s switchport, make your switchport in trunk mode.

Connect a cross-over cable from 2950 to 1841, yeah I was using router-on-a-stick, because my L3 switches have loaned out.

Catalyst 2950 configuration

2950-1#sh run int fa0/1
Building configuration…

Current configuration : 144 bytes
!
interface FastEthernet0/1
description Connects to 1841
switchport trunk native vlan 200
switchport mode trunk
switchport nonegotiate
end

2950-1#sh run int fa0/4
Building configuration…

Current configuration : 118 bytes
!
interface FastEthernet0/4
description Connect to WLC
switchport trunk native vlan 200
switchport mode trunk
end

2950-1#sh run int fa0/6
Building configuration…

Current configuration : 138 bytes
!
interface FastEthernet0/6
description Connects to AP-1
switchport access vlan 20
switchport mode access
spanning-tree portfast
end

2950-1#sh run int fa0/7
Building configuration…

Current configuration : 138 bytes
!
interface FastEthernet0/7
description Connects to AP-2
switchport access vlan 20
switchport mode access
spanning-tree portfast
end

Do not forget to create the respective vlans 😀

Cisco 1841 configuration

1841-1#sh run | s inter
interface FastEthernet0/0
no ip address
duplex auto
speed auto
interface FastEthernet0/0.1
encapsulation dot1Q 1
ip address 192.168.1.254 255.255.255.0
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0
interface FastEthernet0/0.99
encapsulation dot1Q 99
ip address 10.99.99.1 255.255.255.0
interface FastEthernet0/0.200
encapsulation dot1Q 200 native
ip address 192.168.200.1 255.255.255.0

1841-1#sh run | s ip dhcp pool
ip dhcp pool ap-pool
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
ip dhcp pool ap-user-pool
network 10.99.99.0 255.255.255.0
default-router 10.99.99.1
ip dhcp pool management-pool
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1

Create a WLAN profile for your user to use the network

A default profile was created during the startup script, that is WLAN ID 1, the default is using management interface, you will need to create dynamic interface so that you can change the interface. However I will show you how to create a wireless profile.

As shown in the screenshot, click on Go button to create a new WLAN profile

This is what you will see after you clicked Go button, choose your own profile name and SSID.

For me I choose ap-user. You can choose whatever you like 😀

This is what I was talking about just now, you need to create a dynamic interface in order to choose which interface is associated with this WLAN profile.

Choose your own authentication method, I do not have a radius server so I use pre-shared key.

I chose a psk : 12345678

Saw those SSIDs?

Remember the vlan99? It is for the ap users.. 😀 Connected and got ip address from the vlan99 gateway 😉

Method to create dynamic interface

This section will show you how to create a dynamic interface like the one which I created (ap-user)

Click on Controller > Interface, click the New button on this page.

Easy right? 😉

I have not created vlan 50 yet, but these will be the settings for my vlan 50, on my 1841 i will create a dhcp service for 192.168.50.0/24 network.

The equipments