WN Podcast 021 – Cisco Catalyst 9800 – Built & Basics

Welcome to our new WiFi Ninjas Podcast episode!

Today, we kick of the Cisco Catalyst 9800 Podcast series, where we will cover some nitty & gritty stuff and share our real world deployment tips and experiences about those new, hot WLCs!

Let’s start with basics 🙂

  • What is C9800?
  • 9800-80 – 2RU Appliance
    • 80Gbps
    • 6000 APs
    • 64,000 Clients
    • 100Gbps Uplink Module Option!
  • 9800-40 – 1RU Appliance
    • 40Gbps
    • 2000 APs
    • 32,000 Clients
  • 9800-CL – Public/Private Cloud Virtual Controller
    • VMWare/KVM/AWS/GCP
    • 2Gbps of centrally-switched traffic
    • 6,000 APs
    • 64,000 Clients
    • Supported features that were not supported on the AireOS vWLC
      • SSO High Availability
      • Local or Flex Mode APs
      • Guest Anchoring
  • 9800-SW – Embedded 9300/9500 Switch Controller
    • 200 APs
    • 4,000 Clients
    • Indirect AP Support (APs can be connected to downstream switches)
  • 9800-L
    • 250 Aps
    • 5000 clients
    • Max throughput 5Gbps
    • Fixed uplinks 2 x 10gbps
  • Features
  • Built
    • VMware
      • Networking
        • 3 interfaces
        • HA considerations
        • Trunk
          • Accept Promiscuous Mode!
        • Central vs Flex
        • OOB
          • Not used
      • Kill the autoinstall, CLI (at least for us) is quicker
      • VLAN and SVI for mgmt
      • Set country code
      • Specify interface (mgmt SVI) to be used for wireless mgmt / AP join
      • Create a cert, validate its creation with sh wireless management trustpoint
      • Configure SSH
    • Physical
  • Challenges
    • Internal DHCP
      • ‘Reserved Only’ turned on by default
      • Configure DHCP Pool, starting IP, ending IP, lease time, gate, DNS, domain
      • Set DHCP Server IP address to be C9800 mgmt.
    • Prime bug
    • Compatibility with other Cisco infra
    • AAA attribute
  • Guest Flow
    • MAB CWA
    • Redirection ACL is not applied anywhere, it’s just referred to by ISE AuthZ Profile
    • Use WLAN guest ACL or have it referenced back by RADIUS

With tons of love x,

WiFi Ninjas

Stay up to date with the WiFi Ninjas
Never miss a blog or podcast again!