Cisco AIR-WLC4402-50-K9, AIR-WLC4402-12-K9, AIR-WLC4402-25-K9, AIR-WLC4404-100-K9 Installation And Configuration Manual

Corporate Headquarters

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 526-4100

Cisco 4400 Series Wireless LAN
Controllers - Installation and
Configuration Guide

Text Part Number: 78-17157-01

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant
to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial
environment. This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause
harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be required
to correct the interference at their own expense.

The following information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it is not
installed in accordance with Cisco’s installation instructions, it may cause interference with radio and television reception. This equipment has been tested and found to
comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These specifications are designed to provide reasonable
protection against such interference in a residential installation. However, there is no guarantee that interference will not occur in a particular installation.

Modifying the equipment without Cisco’s written authorization may result in the equipment no longer complying with FCC requirements for Class A or Class B digital
devices. In that event, your right to use the equipment may be limited by FCC regulations, and you may be required to correct any interference to radio or television
communications at your own expense.

You can determine whether your equipment is causing interference by turning it off. If the interference stops, it was probably caused by the Cisco equipment or one of its
peripheral devices. If the equipment causes interference to radio or television reception, try to correct the interference by using one or more of the following measures:

• Turn the television or radio antenna until the interference stops.

• Move the equipment to one side or the other of the television or radio.

• Move the equipment farther away from the television or radio.

• Plug the equipment into an outlet that is on a different circuit from the television or radio. (That is, make certain the equipment and the television or radio are on circuits
controlled by different circuit breakers or fuses.)

Modifications to this product not authorized by Cisco Systems, Inc. could void the FCC approval and negate your authority to operate the product.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

© 2005 Cisco Systems, Inc. All rights reserved.

CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and
iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco
Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation,
Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ
Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Pac ke t , PIX, Post-Routing, Pre-Routing,
ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered
trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0502R)

iii

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

CONTENTS

Preface v

Organization v

Conventions v

Obtaining Documentation vi

Cisco.com vi
Documentation DVD vi
Ordering Documentation vii
Documentation Feedback vii
Cisco Product Security Overview vii
Reporting Security Problems in Cisco Products viii

Obtaining Technical Assistance viii

Cisco Technical Support Website viii
Submitting a Service Request ix
Definitions of Service Request Severity ix

Obtaining Additional Publications and Information x

Installation and Configuration 1

Controller Models 2

Collecting Required Tools and Information 6

Cisco Wireless LAN Controller Hardware 6
CLI Console 6
Local TFTP Server 6
Initial System Configuration Information 6

Determining a Physical Location 8

Installing the Chassis 10

Connecting and Using the CLI Console 14

Performing Power On Self Test 15

Using the Startup Wizard 18

Logging In 20

Connecting the Network (Distribution System) 21

Connecting the Service Port Interfaces 23

Connecting Cisco 1000 Series Lightweight Access Points 25

Where to Go from Here 26

Contents

iv

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

FCC Statements for Cisco 4400 Series Wireless LAN Controllers 1

Safety Considerations 1

v

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Preface

This guide will help you to install a Cisco 4400 Series Wireless LAN Controller (referred to hereafter
as the Controller). The controller is part of the Cisco Wireless LAN Solution.

Organization

This guide is organized into the following sections:

• Collecting Required Tools and Information

• Determining a Physical Location

• Installing the Chassis

• Connecting and Using the CLI Console

• Performing Power On Self Test

• Using the Startup Wizard

• Logging In

• Connecting the Network (Distribution System)

• Connecting the Service Port Interfaces

• Connecting Cisco 1000 Series Lightweight Access Points

• Where to Go from Here

Conventions

Interactive examples use these conventions:

• Terminal sessions and system displays are in screen font.

• Information you enter is in boldface screen font.

• Nonprinting characters, such as passwords or tabs, are in angle brackets (< >).

Preface

Obtaining Documentation

vi

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Notes, cautions, and timesavers use these conventions and symbols:

Tip Means the following will help you solve a problem. The tips information might not be troubleshooting

or even an action, but could be useful information.

Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in

this manual.

Caution Means reader be careful. In this situation, you might do something that could result equipment damage

or loss of data.

Warning

This warning symbol means danger. You are in a situation that could cause bodily injury. Before you
work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar
with standard practices for preventing accidents.

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several
ways to obtain technical assistance and other technical resources. These sections explain how to obtain
technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/univercd/home/home.htm

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation DVD

Cisco documentation and additional literature are available in a Documentation DVD package, which
may have shipped with your product. The Documentation DVD is updated regularly and may be more
current than printed documentation. The Documentation DVD package is available as a single unit.

Registered Cisco.com users (Cisco direct customers) can order a Cisco Documentation DVD (product
number DOC-DOCDVD=) from the Ordering tool or Cisco Marketplace.

Cisco Ordering tool:

http://www.cisco.com/en/US/partner/ordering/

Preface

Obtaining Documentation

vii

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Cisco Marketplace:

http://www.cisco.com/go/marketplace/

Ordering Documentation

You can find instructions for ordering documentation at this URL:

http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm

You can order Cisco documentation in these ways:

• Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from

the Ordering tool:

http://www.cisco.com/en/US/partner/ordering/

• Nonregistered Cisco.com users can order documentation through a local account representative by

calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in
North America, by calling 1 800 553-NETS (6387).

Documentation Feedback

You can send comments about technical documentation to bug-doc@cisco.com.

You can submit comments by using the response card (if present) behind the front cover of your
document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Cisco Product Security Overview

Cisco provides a free online Security Vulnerability Policy portal at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

From this site, you can perform these tasks:

• Report security vulnerabilities in Cisco products.

• Obtain assistance with security incidents that involve Cisco products.

• Register to receive security information from Cisco.

A current list of security advisories and notices for Cisco products is available at this URL:

http://www.cisco.com/go/psirt

If you prefer to see advisories and notices as they are updated in real time, you can access a Product
Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this URL:

http://www.cisco.com/en/US/products/products_psirt_rss_feed.html

Preface

Obtaining Technical Assistance

viii

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Reporting Security Problems in Cisco Products

Cisco is committed to delivering secure products. We test our products internally before we release them,
and we strive to correct all vulnerabilities quickly. If you think that you might have identified a
vulnerability in a Cisco product, contact PSIRT:

• Emergencies—security-alert@cisco.com

• Nonemergencies—psirt@cisco.com

Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product to encrypt any sensitive

information that you send to Cisco. PSIRT can work from encrypted information that is compatible with
PGP versions 2.x through 8.x.
Never use a revoked or an expired encryption key. The correct public key to use in your correspondence
with PSIRT is the one that has the most recent creation date in this public key server list:

http://pgp.mit.edu:11371/pks/lookup?search=psirt%40cisco.com&op=index&exact=on

In an emergency, you can also reach PSIRT by telephone:

• 1 877 228-7302

• 1 408 525-6532

Obtaining Technical Assistance

For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, Cisco
Technical Support provides 24-hour-a-day, award-winning technical assistance. The Cisco Technical
Support Website on Cisco.com features extensive online support resources. In addition, Cisco Technical
Assistance Center (TAC) engineers provide telephone support. If you do not hold a valid Cisco service
contract, contact your reseller.

Cisco Technical Support Website

The Cisco Technical Support Website provides online documents and tools for troubleshooting and
resolving technical issues with Cisco products and technologies. The website is available 24 hours a day,
365 days a year, at this URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support Website requires a Cisco.com user ID and password.
If you have a valid service contract but do not have a user ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do

Preface

Obtaining Technical Assistance

ix

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting a web

or phone request for service. You can access the CPI tool from the Cisco Technical Support Website by
clicking the Tools & Resources link under Documentation & Tools. Choose Cisco Product Identification
Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under
Alerts & RMAs. The CPI tool offers three search options: by product ID or model name; by tree view; or for
certain products, by copying and pasting show command output. Search results show an illustration of your
product with the serial number label location highlighted. Locate the serial number label on your product and
record the information before placing a service call.

Submitting a Service Request

Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3
and S4 service requests are those in which your network is minimally impaired or for which you require
product information.) After you describe your situation, the TAC Service Request Tool provides
recommended solutions. If your issue is not resolved using the recommended resources, your service
request is assigned to a Cisco TAC engineer. The TAC Service Request Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone.
(S1 or S2 service requests are those in which your production network is down or severely degraded.)
Cisco TAC engineers are assigned immediately to S1 and S2 service requests to help keep your business
operations running smoothly.

To open a service request by telephone, use one of the following numbers:

Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has established severity
definitions.

• Severity 1 (S1)—Your network is “down,” or there is a critical impact to your business operations.

You and Cisco will commit all necessary resources around the clock to resolve the situation.

• Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of

your business operation are negatively affected by inadequate performance of Cisco products. You
and Cisco will commit full-time resources during normal business hours to resolve the situation.

• Severity 3 (S3)—Operational performance of your network is impaired, but most business

operations remain functional. You and Cisco will commit resources during normal business hours
to restore service to satisfactory levels.

• Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation,

or configuration. There is little or no effect on your business operations.

Preface

Obtaining Additional Publications and Information

x

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online
and printed sources.

• Cisco Marketplace provides a variety of Cisco books, reference guides, and logo merchandise. Visit

Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

• Cisco Press publishes a wide range of general networking, training and certification titles. Both new

and experienced users will benefit from these publications. For current Cisco Press titles and other
information, go to Cisco Press at this URL:

http://www.ciscopress.com

• Pack et magazine is the Cisco Systems technical user magazine for maximizing Internet and

networking investments. Each quarter, Packet delivers coverage of the latest industry trends,
technology breakthroughs, and Cisco products and solutions, as well as network deployment and
troubleshooting tips, configuration examples, customer case studies, certification and training
information, and links to scores of in-depth online resources. You can access Packet magazine at
this URL:

http://www.cisco.com/packet

• iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies

learn how they can use technology to increase revenue, streamline their business, and expand
services. The publication identifies the challenges facing these companies and the technologies to
help solve them, using real-world case studies and business strategies to help readers make sound
technology investment decisions. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

• Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering

professionals involved in designing, developing, and operating public and private internets and
intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

• World-class networking training is available from Cisco. You can view current offerings at

this URL:

http://www.cisco.com/en/US/learning/index.html

1

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Installation and Configuration

These controllers offer the highest level of performance and scalability for large-scale enterprise WLAN
deployments. In addition, these controllers deliver WLAN services over an existing ethernet or IP
infrastructure, protecting existing network investments while providing best-in-class wireless services.
As a core component of the award-winning Cisco Wireless LAN Solution, these controllers deliver
wireless security, intrusion detection, RF management, Quality of Service (QoS) and mobility across an
entire enterprise. It works in conjunction with other controllers, Cisco WCS, and access points to provide
network managers with a robust Wireless LAN (WLAN) solution that enables business-critical wireless
applications. From voice and data services to location tracking, the controllers provide the control,
scalability, and reliability that IT managers need to build secure enterprise-scale wireless networks.

This document is written assuming that you have already determined the 802.11 topology. Because the
Radio Resource Management (RRM) feature automatically detects and configures the access points as
they appear on the network, it is not necessary to have any access points on the network to install and
configure a controller.

The controller is 17.5 in. wide x 15.75 in. deep x 1.75 in. high (443 x 400 x 44.5 mm). The chassis can
be rack or shelf mounted.

Installation and Configuration

2

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

Controller Models

The controller comes in 2 variants—4402 and 4404.

The 4404 controller has four front-panel slots for 1000BASE-SX, 1000BASE-LX, or 1000BASE-T SFP
modules, as described in the 1000BASE-SX, 1000BASE-LX, and 1000BASE-T SFP module Quick Start
Guide.

The 4402 Cisco Wireless LAN Controller is similar, except that it has two front-panel slots for
1000BASE-SX, 1000BASE-LX, or 1000BASE-T SFP modules instead of four. The 1000BASE-SX SFP
module provides 1000 Mbps wired connections through 850nM (SX) fiber-optic links using LC physical
connectors. The 1000BASE-LX SFP module provides 1000 Mbps wired connections through 1300nM
(LX/LH) fiber-optic links using LC physical connectors. The 1000BASE-T SFP module provides
1000 Mbps wired connections through CAT-5 or higher cables using RJ-45 physical connectors.

4402 Series Controller

There are three types 4402 series controllers:

• AIR-WLC4402-12-K9—This 4402-12 controller uses two redundant GigE connections to bypass

single network failures. That is, at any given time one of the Cisco 4400 Series Wireless LAN
Controller GigE connections is active and the other is passive. In case of a network failure, the active
connection becomes passive, and the passive connection becomes active. The 4402 controller has
one back-panel slot for future expansion modules and communicates with up to 12 access points

• AIR-WLC4402-25-K9—This 4402-25 controller uses two redundant GigE connections to bypass

single network failures, and communicates with up to 25 access points. It has one back-panel slot
for future expansion modules.

• AIR-WLC4402-50-K9—This 4402-50 controller uses two redundant GigE connections to bypass

single network failures, and communicates with up to 50 access points. It has one back-panel slot
for future expansion modules.

4404 Series Controller

There is only one type of 4404 series controller

• AIR-WLC4404-100-K9—This 4404-100 controller uses four redundant GigE connections to

bypass one or two single network failures, and communicates with up to 100 access points. It has
two back-panel slots for future expansion modules.

For information on installing the network adapter modules, refer to the 1000BASE-SX, 1000BASE-LX,
and 1000BASE-T SFP module Quick Start Guide.

Installation and Configuration

3

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

The following figure shows the back panel of a 4404 controller:

Figure 1 4404 Series Controller

Note The 4404 controller has two back-panel slots for future expansion modules, while the 4402 controller

has one back-panel slots for a future expansion module.

The controllers can accommodate a second, redundant power supply. Refer to the Cisco 4400 Series
Power Supply Quick Start Guide.

Note All controller models come from the factory with integral 19-inch EIA equipment rack flush-mount ears.

The 4402 controller uses one set of two redundant front-panel SX/LC/T SFP modules uses two while the
4404 controller uses sets of two redundant front-panel SX/LC/T SFP modules:

• 1000BASE-SX SFP modules provide a 1000 Mbps wired connection to a network through an

850nM (SX) fiber-optic link using an LC physical connector.

• 1000BASE-LX SFP modules provide a 1000 Mbps wired connection to a network through a

1300nM (LX/LH) fiber-optic link using an LC physical connector.

• 1000BASE-T SFP modules provide a 1000 Mbps wired connection to a network through a copper

link using an RJ-45 physical connector.

• One or Two Enhanced Security Modules. Refer to Enhanced Security Module for the Cisco 4400

Series Wireless LAN Controller Quick Start Guide.

Installation and Configuration

4

Cisco 4400 Series Wireless LAN Controllers - Installation and Configuration Guide

78-17157-01

The controller communicates indirectly with access points through the network. The following figure
shows a controller connected in this way.

Figure 2 Typical Controller Deployment

142197

Network

Cisco Wireless
LAN Controller

Cisco 1000

Access Points