Friday, September 2, 2016

Creating a Dynamic Interface and WLAN on a Cisco WLC

A dynamic interface is used to connect the controller to a VLAN on the wired network. When you create a WLAN, you will bind the dynamic interface (and VLAN) to a wireless network. To create a new dynamic interface on a centralized controller, navigate to Controller > Interfaces. You should see a list of all the controller interfaces that are currently configured. Click the New button to define a new interface. Enter a name for the interface and the VLAN number it will be bound to.

Next, enter the IP address, subnet mask, and gateway address for the interface. You should also define primary and secondary DHCP server addresses that the controller will use then it relays DHCP requests from clients that are bound to the interface. Click the Apply button to complete the interface configuration and return to the list of interfaces.

The process is similar on a converged controller. Create the interface by selecting Configuration > Controller > System > VLAN > Layer 2 VLAN and entering a VLAN number and name. In essence, you are creating a VLAN on the switch that is hosting the WLC.

Next, the dynamic interface needs a way to bring Layer 3 connectivity to the Layer 2 VLAN. Select Configuration > System > VLAN > Layer 3 Interface, then click New. Enter the interface description, IP addressing information, and a DHCP server address.

Creating a New WLAN

You can display a list of the currently define WLANs by selecting WLANs from the top menu bar. You can create a new WLAN by selecting Create New from the drop-down menu and then clicking the Go button.

You can display the same list of WLANs on a converged controller by selecting Configuration > Wireless > WLAN > WLANs. Click New to create a new WLAN or select an existing WLAN from the list to edit its parameters.

Next, enter a descriptive name as the profile name and the SSID text string. Usually the Profile Name and SSID are identical, just to keep things straightforward. The ID number is used as an index into the list of WLAN that are defined on the controller. The ID number becomes useful when you use templates in Prime Infrastructure (PI) to configure WLANs on multiple controllers at the same time.

Click the Apply button to create the new WLAN. The next page will allow you to edit four categories of parameters, corresponding to the tabs across the top. On a converged controller, you will have to select the newly created WLAN again from the list of WLANs. By default, the General tab is selected.

You can control whether the WLAN is enabled or disabled with the Status check box. Even though the General page shows a specific security policy for the WLAN (the default WPA2 with 802.1x), you can make changes in a later step through the Security tab.

Under Radio Policy, select the type of radios that will offer the WLAN. By default, the WLAN will be offered on all radios that are joined with the controller. You can select a more specific policy with 802.11a only, 802.11a/g only, 802.11g only, or 802.11b/g only. For example, if you are creating a new WLAN for devices that have only a 2.4-GHz radio, it probably does not make sense to advertise the WLAN on both 2.4- and 5-GHz AP radios. Next, select the controller interface that will be bound to the WLAN. The drop-down list contains all the interface names that are available.

Finally, use the Broadcast SSID check box to select whether the APs should broadcast the SSID name in the beacons. Broadcasting SSIDs is usually more convenient for users, because their devices can learn and display the SSID names automatically. In fact, most devices actually need the SSID in the beacons to understand that the AP is still available for that SSID. Hiding the SSID name, by not broadcasting it, does not really provide any worthwhile security. Instead, it just prevents user devices from discovering an SSID and trying to use it as a default network.

No comments:

Post a Comment