your WiFi Dreams!
Stay up to date with the WiFi Ninjas
Never miss a blog or podcast again!
If you are geeky, crazy or just curious to try out first generation of Cisco products, new Catalyst 9800 Wireless LAN Controller, this guide might be useful to you 🙂
Jokes aside, C9800 feels like a solid product that is quickly gaining trust of wifi pros and gains traction in the enterprises.
It is a spiritual successor to Cisco AireOS WLCs that sits on the well known IOS-XE that everyone knows and loves :] Thankfully, it has nothing to do with Converged Access, that also was IOS-XE based.
C9800 code was re-written from scratch and offers almost full features parity with its AireOS counterpart.
It’s quite flexible too, meaning you can install it in a private cloud (VMware etc.) public cloud or use it as an on-prem appliance sitting on a switch or a standalone box. All versions offer exact same functionality (with some obvious limitations, like no central data switching when used in public cloud), so you really just need to decide what’s easiest for you to deploy and integrate and think about scale.
I thought that creating an with easy-to-follow ESXi installation steps guide would be a great start!
First of all, here is my lab environment:
And installation steps below:
The system will install, reboot, check if bootloader upgrade is needed, apply the config (empty at this point), etc. After few minutes, we should be presented with a familiar CLI.
Note: since G1 is OOB, G2 is Mgmt. And G3 is HA in this VM, we’ll first configure G2 to access management plane of the WLC. All SSIDs I’m planning to use will leverage FlexConnect Local Switching (dropping data plane directly onto the switch on the AP level), therefore we don’t need to allow any other VLANs than 11 on this trunk. Still, we might want to test Central Switching, so let’s allow Wireless Users VLAN 20 (configured in later blogs) too:
Note: depending on your vSwitch configuration, you might need to tag management traffic on the controller side by adding “switchport trunk native vlan 11” command into the config above.
At this point WLC9800 Mgmt. interface should be pingable 🙂
Note: you might need to shut / no shut int g2 and shut / no shut int vlan 11 for the SVI to come up!
Note: wireless network needs to be disabled first. Country code configuration forces GUI to skip the DAY 0 flow as the C9800 needs a country code to be operational. You can enter up to a maximum of 20 countries.
Don’t forget to re-enable the radios 🙂
Finally, validate all is up and happy:
Note: you must specify the interface for the wireless management, create certificate and verify certificate installation. If you skip the certificate/trustpoint configuration, APs will not be able to join. However, you can go to the GUI and configure it by importing the desired certificate.
At this point, it should be possible to access the WLC via GUI using HTTPS, IP set in step 9 and credentials set in step 7!
SSH will not work yet as the lines are not yet configured.
Credentials have already been set, so we can jump straight into the stuff that’s needed to make SSH work!
Domain name is needed for RSA key generation process.
We’ll also need to specify enable password to allow us to use privileged mode.
Voilà! We are now ready to register our first AP to the new, shiny and sexy WLC 😀 Well done!