Welcome to our new WiFi Ninjas Podcast episode!

Today, we kick of the Cisco Catalyst 9800 Podcast series, where we will cover some nitty & gritty stuff and share our real world deployment tips and experiences about those new, hot WLCs!

Let’s start with basics 🙂

• What is C9800?

• 9800-80 – 2RU Appliance
  • 80Gbps
  • 6000 APs
  • 64,000 Clients
  • 100Gbps Uplink Module Option!

• 9800-40 – 1RU Appliance
  • 40Gbps
  • 2000 APs
  • 32,000 Clients

• 9800-CL – Public/Private Cloud Virtual Controller
  • VMWare/KVM/AWS/GCP
  • 2Gbps of centrally-switched traffic
  • 6,000 APs
  • 64,000 Clients
  • Supported features that were not supported on the AireOS vWLC
    • SSO High Availability
    • Local or Flex Mode APs
    • Guest Anchoring

• 9800-SW – Embedded 9300/9500 Switch Controller
  • 200 APs
  • 4,000 Clients
  • Indirect AP Support (APs can be connected to downstream switches)

• 9800-L
  • 250 Aps
  • 5000 clients
  • Max throughput 5Gbps
  • Fixed uplinks 2 x 10gbps

• Features

• Built
  • VMware
    • Networking
      • 3 interfaces
      • HA considerations
      • Trunk
        • Accept Promiscuous Mode!
      • Central vs Flex
      • OOB
        • Not used
    • Kill the autoinstall, CLI (at least for us) is quicker
    • VLAN and SVI for mgmt
    • Set country code
    • Specify interface (mgmt SVI) to be used for wireless mgmt / AP join
    • Create a cert, validate its creation with sh wireless management trustpoint
    • Configure SSH
  • Physical

• Challenges
  • Internal DHCP
    • ‘Reserved Only’ turned on by default
    • Configure DHCP Pool, starting IP, ending IP, lease time, gate, DNS, domain
    • Set DHCP Server IP address to be C9800 mgmt.
  • Prime bug
  • Compatibility with other Cisco infra
  • AAA attribute

• Guest Flow
  • MAB CWA
  • Redirection ACL is not applied anywhere, it’s just referred to by ISE AuthZ Profile
  • Use WLAN guest ACL or have it referenced back by RADIUS

With tons of love x,

WiFi Ninjas