Cisco AIR-WLC2106-K9 - Wireless LAN Controller 2106, 2100 Series Quick Start Manual
Quick Start Guide
Cisco 2100 Series Wireless LAN Controller
INCLUDING LICENSE AND WARRANTY
1 About this Guide
2 Unpacking and Preparing the Controller for Operation
3 Connecting the Network
4 Obtaining Documentation and Service Request
5 Translated Warnings
1 About this Guide
This guide is designed to help you install and minimally configure your Cisco
2100 Series Wireless LAN Controller.
2
FCC Safety Compliance Statement
This equipment has been tested and found to comply with the limits for a Class B digital device,
pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection
against harmful interference in a residential installation. This equipment generates, uses, and can
radiate radio frequency energy and, if not installed and used in accordance with the instructions, may
cause harmful interference to radio communications. However, there is no guarantee that interference
will not occur in a particular installation. If this equipment does cause harmful interference to radio
or television reception, which can be determined by turning the equipment off and on.
Try to correct the interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and receiver.
• Connect the equipment to an outlet on a circuit different from that to which the receiver is
connected.
• Consult the dealer or an experienced radio/TV technician for help. (cfr reference 15.105)
Safety Information
Safety warnings appear throughout this guide in procedures that may harm you if performed
incorrectly. A warning symbol precedes each warning statement. The warnings below are general
warnings that are applicable to the entire guide. Translated versions of the safety warnings in this guide
are provided in the “Translated Warnings” section on page 21.
Warning
This warning symbol means danger. You are in a situation that could cause bodily injury.
Before you work on any equipment, be aware of the hazards involved with electrical
circuitry and be familiar with standard practices for preventing accidents. Use the
statement number provided at the end of each warning to locate its translation in the
translated safety warnings that accompanied this device.
Statement 1071
SAVE THESE INSTRUCTIONS
Warning
There is the danger of explosion if the battery is replaced incorrectly. Replace the battery
only with the same or equivalent type recommended by the manufacturer. Dispose of
used batteries according to the manufacturer’s instructions.
Statement 1015
3
Warning
This equipment must be grounded. Never defeat the ground conductor or operate the
equipment in the absence of a suitably installed ground conductor. Contact the
appropriate electrical inspection authority or an electrician if you are uncertain that
suitable grounding is available.
Statement 1024
Warning
Ultimate disposal of this product should be handled according to all national laws and
regulations.
Statement 1040
Safety Considerations
• Verify that the ambient temperature remains between 32 to 104° F (0 to 40° C), taking into
account the elevated temperatures when installed in a rack or enclosed space.
• When multiple Cisco 2100 series controllers are mounted in an equipment rack, be sure that the
power source is sufficiently rated to safely run all the equipment in the rack (input: 100–240VAC,
50/60 Hz, output: 48VDC, 2.08A per controller).
• Verify the integrity of the electrical ground before installing the controller.
Introduction to the Controller
The Cisco 2100 Series Wireless LAN Controller works in conjunction with Cisco lightweight access
points and the Cisco Wireless Control System (WCS) to provide system-wide wireless LAN functions.
As a component of the Cisco Unified Wireless Network, the Cisco 2100 Series Wireless LAN
Controller presents network administrators with the visibility and control necessary to effectively and
securely manage business-class WLANs and mobility services such as voice, guest access, and location
services.
Cisco 2100 series controllers have eight 10/100 copper Ethernet distribution system ports through
which the controller can support up to 6, 12, or 25 access points (2106, 2112, or 2125 models).
In order to best use this guide, you should have already designed the wireless topology of your network
and have a working knowledge of how controllers function in a wireless LAN network.
Figure 1 shows a typical Cisco 2100 Series Wireless LAN Controller network topology and network
connections, showing the medium dependent interface (MDI) Ethernet cables required. The controller
has an auto MDI feature, so you can use straight-through or crossover cables.
4
Figure 1 Typical Cisco 2100 Series Wireless LAN Controller Topology and Network Connections
135755
10/100BASE-T
MDI cables
10/100BASE-T
MDI cable
Network
Distribution
system
connection
Access
point
connections
WAN or LAN
connection to
main office
Cisco Access Points
Null modem serial
cable (DB-9 -> RJ-45)
to console connection
LAN link for
management software
connections
Console emulator
for initial boot-up
Cisco WCS software,
web user interface
5
Figure 2 shows the front panel and describes the LEDs for the 2100 series controller.
Figure 2 Front Panel and LEDs
Component/LED State and Description
1
USB port Not used, reserved for future use.
2
Speed indicators (ports 1–8) Off—Network traffic flowing at 10 Mbps.
Green—Network traffic flowing at 100 Mbps.
3
Link activity indicators (ports 1–8) Green—Physical link established.
Flashing green—Network activity.
4
Power LED Green—Controller powered on.
Off—Controller is powered off.
5
Status LED Flashing green—Power-up diagnostics/booting.
Green—Controller is operational.
Amber—Problem encountered during boot.
6
Alarm LED Green—Not used.
Amber—An outstanding alarm exists.
7
AP LED Green—At least one access point has joined.
Off—No access points joined.
170956
Cisco 2100
SERIES
Wireless LAN Controller
1
LINK/ACT
100 MBPS
2 3 4 5 6 7 8
Power Status Alarm AP
0
1 2 3 4 5 6 7
6
Figure 3 shows the back panel and identifies its components.
Figure 3 Back Panel and Components
Caution Do not connect a Power over Ethernet (PoE) cable to the console port. Doing so will
damage the controller.
Note Wait at least 20 seconds before reconnecting an access point to the controller. Otherwise, the
controller may fail to detect the device.
Note Direct connection is not supported; therefore ports 7 and 8 must not be used.
1
Power plug
5
Reset button
2
Power over Ethernet enabled ports (7 & 8)
6
Cable lock slot
3
Distribution ports (1–6)
7
Console port
4
USB ports (reserved for future use)
8
Security service card (SSC) slot (reserved for
future use)
78 6
43221 5
7
2 Unpacking and Preparing the Controller for Operation
Follow these steps to unpack the controller and prepare it for operation:
Step 1 Open the shipping container and carefully remove the contents.
Step 2 Return all packing materials to the shipping container and save it.
Step 3 Ensure that all items listed in the “Package Contents” section are included in the shipment.
Check each item for damage. If any item is damaged or missing, notify your authorized Cisco
sales representative.
Package Contents
Each 2100 series controller package contains the following items:
• One Cisco 2100 series wireless LAN controller
• One Power supply and power cord
• One Ethernet cable (RJ45 to RJ45)
• One Console cable (RJ45 to DB9)
• This guide
• Cisco product registration card
Note The controller ships with controller software loaded. When upgrading software, do not
upgrade to any release earlier than release 4.0.197.0
Required Tools and Information
You will need the following tools and information before you can install the controller:
• Wireless LAN controller hardware
–
Controller with factory-supplied power cord and mounting hardware
–
Network, operating system service network, and access point cables as required
• Command-line interface (CLI) console
–
VT-100 terminal emulator on CLI console (PC, laptop, or palmtop)
–
Null modem serial cable to connect CLI console and controller
8
• Local TFTP server (required for downloading operating system software updates). Cisco uses an
integral TFTP server. This means that third-party TFTP servers cannot run on the same
workstation as the Cisco WCS because Cisco WCS and third-party TFTP servers use the same
communication port.
Initial System Configuration Information
Obtain the following initial configuration parameters from your wireless LAN or network
administrator:
• A system (controller name), such as controller. The system name can contain up to 32 printable
ASCII characters.
• An administrative username and password, which can contain up to 24 printable ASCII
characters. If you do not specify a username and password, the defaults admin and admin are used.
• A management interface (DS Port or network interface port) IP address, such as 10.40.0.4.
• A management interface netmask address, such as 255.255.255.0.
• A management interface default router IP address, such as 10.40.0.5.
• A VLAN identifier if the management interface is assigned to a VLAN, such as 40 or 0 for an
untagged VLAN.
• A management interface port, such as 1.
• A management interface DHCP server IP address, such as 10.40.0.6 (the IP address of the default
DHCP server that will supply IP addresses to clients and the management interface.
• An access point manager interface IP address, such as 10.40.0.7.
• A virtual gateway IP address (a fictitious, unassigned IP address, such as 1.1.1.1, used by all Cisco
wireless LAN controller Layer 3 security and mobility managers).
• A Cisco wireless LAN controller mobility or RF group name, such as rfgrp40 if required. An RF
group name can contain up to 19 printable ASCII characters.
• An 802.11 network name (SSID), such as wlan1. An SSID can contain up to 32 printable,
case-sensitive ASCII characters.
• Whether or not to allow static IP addresses from clients, either Yes or No.
–
Yes is more convenient, but has lower security (session can be hijacked).
–
No is less convenient, but has higher security and works well for Windows XP devices.
• RADIUS server IP address, communications port, and secret if you are configuring a RADIUS
server, such as 10.40.0.3, 1812, and mysecretcode.
• The country code for this installation. Enter help to see a list or refer to the Cisco Wireless LAN
Controller Configuration Guide for country code information. This guide is available at
cisco.com.
9
• Status of the 802.11a, 802.11b, and 802.11g networks, either enabled or disabled.
• Status of radio resource management (RRM), either enabled or disabled.
Choosing a Physical Location
You can install the controller almost anywhere, but it is more secure and reliable if you install it in a
secure equipment room or wiring closet. For maximum reliability, mount the controller while
following these guidelines:
• Make sure you can reach the controller and all cables attached to it.
• Make sure that water or excessive moisture cannot get into the controller.
• Make sure that airflow through the controller is not obstructed. Leave at least 4 in. (10 cm) clear
on both sides of the controller.
• Verify that the ambient temperature remains between 32 to 104° F (0 to 40° C).
• Make sure that the controller is within 328 ft. (100 m) of equipment connected to the
10/100BASE-T ports.
• Make sure that the power cord can reach a 100 to 240 VAC grounded electrical outlet.
Connecting the Controller’s Console Port
Caution Do not connect a Power over Ethernet (PoE) cable to the console port. Doing so will
damage the controller.
Before you can configure the controller for basic operations, you need to connect it to a PC that uses
a VT-100 terminal emulator (such as HyperTerminal, ProComm, Minicom, or Tip). Follow these steps
to connect the PC to the controller’s console port:
Step 1 Plug the RJ-45 connector on a null-modem serial cable into the controller’s console port and
the other end of the cable into the PC’s serial port.
Step 2 Start the PC’s terminal emulation program.
10
Step 3 Configure the terminal emulation program for the following parameters:
• 9600 baud
• 8 data bits
• No flow control
• 1 stop bit
• No parity
Running the Bootup Script and Power-On Self Test
When you plug the controller into an AC power source, the bootup script initializes the system, verifies
the hardware configuration, loads its microcode into memory, verifies its operating system software
load, and initializes itself with its stored configurations. Before performing this test, you should have
connected your PC to the controller’s CLI console as described in the “Connecting the Controller’s
Console Port” section on page 9. Follow these steps to run the bootup script and conduct the power-on
self test (POST).
Step 1 Plug the external power supply into the Power jack on the back of the controller.
Step 2 Plug a country-specific power cord into the external power supply, then plug the other end
into a grounded 100–240 VAC, 50/60 Hz electrical outlet.
Note If you wish to run a previous release of the controller code, press Esc when the boot
loader prompt appears. The Bootloader Options menu appears.
Note When the controller receives power, the green front panel Power LED lights. If the
Power LED does not light, make sure that the electrical outlet is supplying power and
that the power connections to the controller are correct.
11
Step 3 Observe the bootup using the CLI screen.
The bootup script displays operating system software initialization (code download and POST
verification) and basic configuration as shown in the following bootup display example:
CISCO SYSTEMS
Embedded BIOS Version 1.0(12)6 08/21/06 17:26:53.43
Low Memory: 632 KB
High Memory: 251 MB
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 01 00 1022 2080 Host Bridge
00 01 02 1022 2082 Chipset En/Decrypt 11
00 0C 00 1148 4320 Ethernet 11
00 0D 00 177D 0003 Network En/Decrypt 10
00 0F 00 1022 2090 ISA Bridge
00 0F 02 1022 2092 IDE Controller
00 0F 03 1022 2093 Audio 10
00 0F 04 1022 2094 Serial Bus 9
00 0F 05 1022 2095 Serial Bus 9
Evaluating BIOS Options ...
Launch BIOS Extension to setup ROMMON
Cisco Systems ROMMON Version (1.0(12)7) #2: Fri Oct 13 10:52:36 MDT 2006
Platform AIR-WLC2106-K9
Launching BootLoader...
Cisco Bootloader (Version 4.0.197.0)
.o88b. d888888b .d8888. .o88b. .d88b.
d8P Y8 `88' 88' YP d8P Y8 .8P Y8.
8P 88 `8bo. 8P 88 88
8b 88 `Y8b. 8b 88 88
Y8b d8 .88. db 8D Y8b d8 `8b d8'
`Y88P' Y888888P `8888Y' `Y88P' `Y88P'
Booting Primary Image...
Press <ESC> now for additional boot options...
Step 4 If desired, press Break or Ctrl-R to interrupt the boot process and access the rommon prompt
or or press Space to stop the countdown timer and boot immediately.
12
Step 5 Continue booting the controller or press Esc to access the following menu:
1. Run primary image (active)
2. Run backup image (Version x.x.x.x)
3. Manual upgrade primary image
4. Change active boot image
5. Clear configuration
Please enter your choice:
If you did not press Esc, the boot process continues and takes two to three minutes. Do not
reboot the controller until the user login prompt appears.
Detecting hardware . . . .
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Cisco AireOS Version 4.0.197.0
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting Fast Path Hardware Acceleration: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting FIPS Features: Not enabled
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Management Frame Protection: ok
Starting LWAPP: ok
Starting Crypto Accelerator: Not Present
Starting Certificate Database: ok
Starting VPN Services: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Power Over Ethernet Services: ok
13
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
starting TSM: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting Management Services:
Web Server: ok
CLI: ok
Secure Web: ok
Step 6 If the controller passes the POST, the bootup script runs the Startup Wizard, which prompts
you for basic configuration information.
Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
System Name [Cisco_bc:d0:40]:
Note The startup wizard runs the first time that you power up the controller. The second
time you power it up, the controller prompts you for a login ID and password.
Using the Startup Wizard
Before you can use the startup wizard, you must obtain the information discussed in the “Required
Tools and Information” section on page 7. Table 1 contains startup wizard information you can use
to configure your controller for basic operation.
Note The available options appear in brackets after each configuration parameter. The default value
appears in all uppercase letters.
Note If you enter an incorrect response, the controller provides you with an appropriate error
message such as invalid response, and returns to the wizard prompt.
14
Note Press the hyphen key if you need to return to the previous command line.
Table 1 Startup Wizard Information
Wizard Setting Action
System Name Enter the system name, which is the name you
want to assign to the controller. You can enter up
to 32 ASCII characters.
Administrative user name Enter the administrative username and password
to be assigned to this controller. You can enter up
to 24 ASCII characters for each.
The default administrative username and
password are both admin and admin.
Administrative user password
Management Interface IP Address Enter the IP address of the management interface.
The management interface is the default interface
for in-band management of the controller and
connectivity to enterprise services such as AAA
servers.
You can access the controller’s GUI interface
using this address.
Management Interface Netmask Enter the IP address of the management interface
netmask.
Management Interface Default Router Enter the IP address of the default router.
Management Interface VLAN Identifier Enter the VLAN identifier of the management
interface (a valid VLAN identifier or 0 for an
untagged VLAN).
The VLAN identifier should be set to match the
switch interface configuration.
Management Interface Port Number Enter the port number of the access point
manager interface.
Management Interface DHCP Server IP Address Enter the management interface DHCP server IP
address.
15
AP Manager Interface IP Address Enter the IP address of the access point manager
interface.
The AP manager interface manages all Layer 3
communications between the controller and
lightweight access points after the access points
have joined the controller.
Virtual Gateway IP Address Enter the IP address of the controller’s virtual
interface. You should enter a fictitious,
unassigned IP address, such as 1.1.1.1.
The virtual interface is used to support mobility
management, DHCP relay, and embedded Layer
3 security such as guest web authentication and
VPN termination. All controllers within a
mobility group must be configured with the same
virtual interface IP address.
Mobility/RF Group Name If desired, enter the name of the mobility
group/RF group to which you want the controller
to belong.
Although the name that you enter here is assigned
to both the mobility group and the RF group,
these groups are not identical. Both groups define
clusters of controllers, but they have different
purposes. All of the controllers in an RF group
are usually also in the same mobility group and
vice versa. However, a mobility group facilitates
scalable, system-wide mobility and controller
redundancy while an RF group facilitates
scalable, system-wide dynamic RF management.
Network Name (SSID) Enter the network name, or service set identifier
(SSID). This is the default SSID that the access
points use when they join a controller.
Allow Static IP Addresses Enter YES to allow clients to assign their own IP
address or no to make clients request an IP
address from a DHCP server. The default setting
is YES.
Table 1 Startup Wizard Information (continued)
Wizard Setting Action
Loading...