your WiFi Dreams!
Stay up to date with the WiFi Ninjas
Never miss a blog or podcast again!
It’s simple, right? Sure! Took me a while to figure that one out.
Our goal in this post is to demo Cisco Catalyst 9800 WLC FlexConnect Configuration.
It’s assumed you’re familiar with all C9800 solution building blocks (we’ve covered it before here) but if it’s your first time, here is very quick recap:
And this is the lab. Note that VLAN 20 is now removed from the ESXi Trunk on the switch port G0/7. It is no longer needed as the AP plugged to port G0/1 will be dropping users’ data locally now.
In this example, we still have my AP registered as ‘local’ (central switching), centrally switched SSID is up, my phone is associated and has full access following the ‘central switching deployment’ blog here.
The only places where the config is different between Central and Flex are:
I’ll put more wording around the above only, as we’ve already covered all other relevant details in the ‘centrally switched’ blog post here.
This is how we registered AP as Flex and configured locally switched Flex WLAN.
For simplicity, I just deleted all Profiles and Tags except of RF Profile and RF Tag (and that’s it, I didn’t delete anything else; still, don’t worry if you start with a fresh blank config :))
“Central Switching” must be unticked to enable Flex Connect Local Switching; it also makes sense to untick “Central DHCP” as we’re probably happier with DHCP process being handled locally and not via a WLC. I also like to include the VLAN ID that we are mapping this Policy Profile to in the Name or Description, as we might have more Policy Profiles mapping different VLANs for different WLANs and it’s good to know what policy does what just by glancing at its name or description.
“VLAN/VLAN Group” is where you map WLAN to a VLAN! There is no direct equivalent to that mapping as we know from the AireOS. Please note that if you create a VLAN & name it (either through CLI: (config)# vlan 20; (config-vlan)# name LAB-WIRELESS-USERS or GUI: Configuration > Layer2 > VLAN) and use VLAN name to refer to it in a Policy Profile, it WILL NOT WORK! You must refer to a VLAN via its ID (and not a name, since it doesn’t exist on the AP!). If you want to refer a VLAN name here, you must specify 100% matching VLAN ID and corresponding VLAN name in the Flex Profile. See “Flex Profile” section below for more details.
We didn’t have to create Flex Profile for Centrally Switched WLAN, but we will need it here. We can use Flex Profile for many different things, but those are quite important:
We’ve come to the last place, where Flex relevant config sits! The second we untick “Enable Local Site”, “Flex Profile” dropdown appears. For the AP to join the WLC as a Flex AP, we need to untick “Enable Local Site” and select “Flex Profile” that the AP will use.
Since I created them in our ‘central’ switching blog and didn’t delete them, refer to our blog here to find out more about RF Profiles and Tags.
AP(s) will now reboot and should join back as a Flex AP and broadcast our SSID:
That’s it! 🙂 We massively hope it was helpful for someone!
Tons of love,
WiFi Ninjas x