Cisco WLC 5700 Series Interface Configuration Manual

Page 1

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

First Published: 0,

Last Modified: 0,

Americas Headquarters

Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883

Text Part Number: OL-32314-01

Page 2

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright©1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWAREOF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://

www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership

relationship between Cisco and any other company. (1110R)

Page 3

Preface

CHAPTER 1

Preface vii

Document Conventions vii

Preface

Document Conventions, page vii

•

Document Conventions

This document uses the following conventions:

DescriptionConvention

^ or Ctrl

Italic font

...

[x | y]

Both the ^ symbol and Ctrl represent the Control (Ctrl) key on a keyboard. For example, the key combination ^D or Ctrl-D means that you hold down the Control key while you press the D key. (Keys are indicated in capital letters but are not case sensitive.)

Commands and keywords and user-entered text appear in bold font.bold font

Document titles, new or emphasized terms, and arguments for which you supply values are in italic font.

Terminal sessions and information the system displays appear in courier font.Courier font

Bold Courier font indicates text that the user must enter.Bold Courier font

Elements in square brackets are optional.[x]

An ellipsis (three consecutive nonbolded periods without spaces) after a syntax element indicates that the element can be repeated.

A vertical line, called a pipe, indicates a choice within a set of keywords or arguments.

Optional alternative keywords are grouped in brackets and separated by vertical bars.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 vii

Page 8

Document Conventions

Preface

DescriptionConvention

Note

{x | y}

Required alternative keywords are grouped in braces and separated by vertical bars.

[x {y | z}]

Nested set of square brackets or braces indicate optional or required choices within optional or required elements. Braces and a vertical bar within square brackets indicate a required choice within an optional element.

string

A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks.

Nonprinting characters such as passwords are in angle brackets.< >

Default responses to system prompts are in square brackets.[ ]

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line.

Reader Alert Conventions

This document may use the following conventions for reader alerts:

Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.

Tip

Caution

Timesaver

Warning

Means the following information will help you solve a problem.

Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Means the described action saves time. You can save time by performing the action described in the paragraph.

IMPORTANT SAFETY INSTRUCTIONS

This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device. Statement 1071

SAVE THESE INSTRUCTIONS

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

viii OL-32314-01

Page 9

Preface

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 ix

Page 10

Obtaining Documentation and Submitting a Service Request

Preface

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

x OL-32314-01

Page 11

CHAPTER 1

Using the Command-Line Interface

Information About Using the Command-Line Interface, page 1

•

How to Use the CLI to Configure Features, page 6

•

Information About Using the Command-Line Interface

Command Modes

The Cisco IOS user interface is divided into many different modes. The commands available to you depend on which mode you are currently in. Enter a question mark (?) at the system prompt to obtain a list of commands available for each command mode.

You can start a CLI session through a console connection, through Telnet, an SSH, or by using the browser.

When you start a session, you begin in user mode, often called user EXEC mode. Only a limited subset of the commands are available in user EXEC mode. For example, most of the user EXEC commands are one-time commands, such as show commands, which show the current configuration status, and clear commands, which clear counters or interfaces. The user EXEC commands are not saved when the controller reboots.

To have access to all commands, you must enter privileged EXEC mode. Normally, you must enter a password to enter privileged EXEC mode. From this mode, you can enter any privileged EXEC command or enter global configuration mode.

Using the configuration modes (global, interface, and line), you can make changes to the running configuration. If you save the configuration, these commands are stored and used when the controller reboots. To access the various configuration modes, you must start at global configuration mode. From global configuration mode, you can enter interface configuration mode and line configuration mode .

This table describes the main command modes, how to access each one, the prompt you see in that mode, and how to exit the mode.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 1

Page 12

Command Modes

Using the Command-Line Interface

Table 1: Command Mode Summary

About This ModeExit MethodPromptAccess MethodMode

User EXEC

Privileged EXEC

Begin a session using Telnet, SSH, or console.

While in user EXEC mode, enter the enable command.

Controller>

Controller#

Enter logout or quit.

Enter disable to exit.

Use this mode to

Change

•

terminal settings.

Perform basic

•

tests.

Display system

•

information.

Use this mode to verify commands that you have entered. Use a password to protect access to this mode.

Use this mode to execute privilege EXEC commands for access points. These commands are not part of the running config of the controller, they are sent to the IOS config of the access point.

Global configuration

While in privileged EXEC mode, enter the configure command.

Controller(config)#

To exit to privileged EXEC mode, enter exit or

end, or press Ctrl-Z.

Use this mode to configure parameters that apply to the entire controller.

Use this mode to configure access point commands that are part of the running config of the controller.

VLAN configuration

While in global configuration

Controller(config-vlan)#

mode, enter the

vlan vlan-id

command.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

2 OL-32314-01

Page 13

Using the Command-Line Interface

Understanding Abbreviated Commands

About This ModeExit MethodPromptAccess MethodMode

Interface configuration

While in global configuration mode, enter the interface command (with a specific interface).

Controller(config-if)#

To exit to global configuration mode, enter the exit command.

To return to privileged EXEC mode, press Ctrl-Z or enter end.

To exit to global configuration mode, enter exit.

To return to privileged EXEC mode, press Ctrl-Z or enter end.

Use this mode to configure VLAN parameters. When VTP mode is transparent, you can create extended-range VLANs (VLAN IDs greater than 1005) and save configurations in the controller startup configuration file.

Use this mode to configure parameters for the Ethernet ports.

Line configuration

While in global configuration mode, specify a line with the line vty or

line console

command.

Understanding Abbreviated Commands

You need to enter only enough characters for the controller to recognize the command as unique.

This example shows how to enter the show configuration privileged EXEC command in an abbreviated form:

Controller# show conf

Controller(config-line)#

To exit to global configuration mode, enter exit.

To return to privileged EXEC mode, press Ctrl-Z or enter end.

Use this mode to configure parameters for the terminal line.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 3

Page 14

No and Default Forms of Commands

Almost every configuration command also has a no form. In general, use the no form to disable a feature or function or reverse the action of a command. For example, the no shutdown interface configuration command reverses the shutdown of an interface. Use the command without the keyword no to reenable a disabled feature or to enable a feature that is disabled by default.

Configuration commands can also have a default form. The default form of a command returns the command setting to its default. Most commands are disabled by default, so the default form is the same as the no form. However, some commands are enabled by default and have variables set to certain default values. In these cases, the default command enables the command and sets variables to their default values.

CLI Error Messages

This table lists some error messages that you might encounter while using the CLI to configure your controller.

Table 2: Common CLI Error Messages

Using the Command-Line Interface

% Ambiguous command: "show con"

% Incomplete command.

% Invalid input detected at ‘^’ marker.

You did not enter enough characters for your controller to recognize the command.

You did not enter all of the keywords or values required by this command.

You entered the command incorrectly. The caret (^) marks the point of the error.

How to Get HelpMeaningError Message

Reenter the command followed by a question mark (?) without any space between the command and the question mark.

The possible keywords that you can enter with the command appear.

Reenter the command followed by a question mark (?) with a space between the command and the question mark.

The possible keywords that you can enter with the command appear.

Enter a question mark (?) to display all of the commands that are available in this command mode.

The possible keywords that you can enter with the command appear.

Configuration Logging

You can log and view changes to the controller configuration. You can use the Configuration Change Logging and Notification feature to track changes on a per-session and per-user basis. The logger tracks each configuration command that is applied, the user who entered the command, the time that the command was entered, and the parser return code for the command. This feature includes a mechanism for asynchronous

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

4 OL-32314-01

Page 15

Using the Command-Line Interface

notification to registered applications whenever the configuration changes. You can choose to have the notifications sent to the syslog.

Only CLI or HTTP changes are logged.Note

Using the Help System

You can enter a question mark (?) at the system prompt to display a list of commands available for each command mode. You can also obtain a list of associated keywords and arguments for any command.

SUMMARY STEPS

help

abbreviated-command-entry ?

abbreviated-command-entry <Tab>

command ?

command keyword ?

Using the Help System

DETAILED STEPS

Step 1

Step 2

Step 3

Step 4

help

Example:

Controller# help

abbreviated-command-entry ?

Example:

Controller# di? dir disable disconnect

abbreviated-command-entry <Tab>

Example:

Controller# sh conf<tab> Controller# show configuration

Example:

Controller> ?

PurposeCommand or Action

Obtains a brief description of the help system in any command mode.

Obtains a list of commands that begin with a particular character string.

Completes a partial command name.

Lists all commands available for a particular command mode.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 5

Page 16

How to Use the CLI to Configure Features

Using the Command-Line Interface

PurposeCommand or Action

Step 5

Step 6

command ?

Example:

Controller> show ?

command keyword ?

Example:

Controller(config)# cdp holdtime ?

<10-255> Length of time (in sec) that receiver

must keep this packet

Lists the associated keywords for a command.

Lists the associated arguments for a keyword.

How to Use the CLI to Configure Features

Configuring the Command History

The software provides a history or record of commands that you have entered. The command history feature is particularly useful for recalling long or complex commands or entries, including access lists. You can customize this feature to suit your needs.

Changing the Command History Buffer Size

By default, the controller records ten command lines in its history buffer. You can alter this number for a current terminal session or for all sessions on a particular line. This procedure is optional.

SUMMARY STEPS

terminal history [size number-of-lines]

DETAILED STEPS

Step 1

terminal history [size number-of-lines]

Example:

Controller# terminal history size 200

PurposeCommand or Action

Changes the number of command lines that the controller records during the current terminal session in privileged EXEC mode. You can configure the size from 0 to 256.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

6 OL-32314-01

Page 17

Using the Command-Line Interface

Recalling Commands

SUMMARY STEPS

DETAILED STEPS

Configuring the Command History

To recall commands from the history buffer, perform one of the actions listed in this table. These actions are optional.

The arrow keys function only on ANSI-compatible terminals such as VT100s.Note

Ctrl-P or use the up arrow key

Ctrl-N or use the down arrow key

show history

Step 1

Step 2

Step 3

Ctrl-P or use the up arrow key

Ctrl-N or use the down arrow key

show history

Example:

Controller# show history

Disabling the Command History Feature

The command history feature is automatically enabled. You can disable it for the current terminal session or for the command line. This procedure is optional.

SUMMARY STEPS

terminal no history

PurposeCommand or Action

Recalls commands in the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands.

Returns to more recent commands in the history buffer after recalling commands with Ctrl-P or the up arrow key. Repeat the key sequence to recall successively more recent commands.

Lists the last several commands that you just entered in privileged EXEC mode. The number of commands that appear is controlled by the setting of the terminal history global configuration command and the history line configuration command.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 7

Page 18

Enabling and Disabling Editing Features

DETAILED STEPS

Using the Command-Line Interface

PurposeCommand or Action

Step 1

terminal no history

Example:

Controller# terminal no history

Enabling and Disabling Editing Features

Although enhanced editing mode is automatically enabled, you can disable it and reenable it.

SUMMARY STEPS

terminal editing

terminal no editing

DETAILED STEPS

Step 1

Step 2

terminal editing

Example:

Controller# terminal editing

terminal no editing

Example:

Controller# terminal no editing

Disables the feature during the current terminal session in privileged EXEC mode.

PurposeCommand or Action

Reenables the enhanced editing mode for the current terminal session in privileged EXEC mode.

Disables the enhanced editing mode for the current terminal session in privileged EXEC mode.

Editing Commands Through Keystrokes

The keystrokes help you to edit the command lines. These keystrokes are optional.

The arrow keys function only on ANSI-compatible terminals such as VT100s.Note

Table 3: Editing Commands

DescriptionEditing Commands

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

8 OL-32314-01

Page 19

Using the Command-Line Interface

Enabling and Disabling Editing Features

Moves the cursor back one character.Ctrl-B or use the left arrow key

Moves the cursor forward one character.Ctrl-F or use the right arrow key

Ctrl-A

Ctrl-T

Ctrl-K

Ctrl-U or Ctrl-X

Moves the cursor to the beginning of the command line.

Moves the cursor to the end of the command line.Ctrl-E

Moves the cursor back one word.Esc B

Moves the cursor forward one word.Esc F

Transposes the character to the left of the cursor with the character located at the cursor.

Erases the character to the left of the cursor.Delete or Backspace key

Deletes the character at the cursor.Ctrl-D

Deletes all characters from the cursor to the end of the command line.

Deletes all characters from the cursor to the beginning of the command line.

Deletes the word to the left of the cursor.Ctrl-W

Esc U

Ctrl-V or Esc Q

Return key

Deletes from the cursor to the end of the word.Esc D

Capitalizes at the cursor.Esc C

Changes the word at the cursor to lowercase.Esc L

Capitalizes letters from the cursor to the end of the word.

Designates a particular keystroke as an executable command, perhaps as a shortcut.

Scrolls down a line or screen on displays that are longer than the terminal screen can display.

Note

The More prompt is used for any output that has more lines than can be displayed on the terminal screen, including show command output. You can use the Return and Space bar keystrokes whenever you see the More prompt.

Scrolls down one screen.Space bar

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 9

Page 20

Enabling and Disabling Editing Features

Using the Command-Line Interface

Ctrl-L or Ctrl-R

Editing Command Lines That Wrap

You can use a wraparound feature for commands that extend beyond a single line on the screen. When the cursor reaches the right margin, the command line shifts ten spaces to the left. You cannot see the first ten characters of the line, but you can scroll back and check the syntax at the beginning of the command. The keystroke actions are optional.

To scroll back to the beginning of the command entry, press Ctrl-B or the left arrow key repeatedly. You can also press Ctrl-A to immediately move to the beginning of the line.

The arrow keys function only on ANSI-compatible terminals such as VT100s.Note

The following example shows how to wrap a command line that extends beyond a single line on the screen.

SUMMARY STEPS

access-list

Ctrl-A

Return key

Redisplays the current command line if the controller suddenly sends a message to your screen.

DETAILED STEPS

Step 1

access-list

Example:

Controller(config)# access-list 101 permit

tcp 10.15.22.25 255.255.255.0 10.15.22.35

Controller(config)# $ 101 permit tcp

10.15.22.25 255.255.255.0 10.15.22.35

255.25 Controller(config)# $t tcp 10.15.22.25

255.255.255.0 131.108.1.20 255.255.255.0 eq Controller(config)# $15.22.25 255.255.255.0

10.15.22.35 255.255.255.0 eq 45

Step 2

Example:

Controller(config)# access-list 101 permit

tcp 10.15.22.25 255.255.255.0 10.15.2$

Step 3

PurposeCommand or Action

Displays the global configuration command entry that extends beyond one line.

When the cursor first reaches the end of the line, the line is shifted ten spaces to the left and redisplayed. The dollar sign ($) shows that the line has been scrolled to the left. Each time the cursor reaches the end of the line, the line is again shifted ten spaces to the left.

Checks the complete syntax.Ctrl-A

The dollar sign ($) appears at the end of the line to show that the line has been scrolled to the right.

Execute the commands.Return key

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

10 OL-32314-01

Page 21

Using the Command-Line Interface

Searching and Filtering Output of show and more Commands

PurposeCommand or Action

The software assumes that you have a terminal screen that is 80 columns wide. If you have a different width, use the terminal width privileged EXEC command to set the width of your terminal.

Use line wrapping with the command history feature to recall and modify previous complex command entries.

Searching and Filtering Output of show and more Commands

You can search and filter the output for show and more commands. This is useful when you need to sort through large amounts of output or if you want to exclude output that you do not need to see. Using these commands is optional.

SUMMARY STEPS

{show | more} command | {begin | include | exclude} regular-expression

DETAILED STEPS

PurposeCommand or Action

Step 1

{show | more} command | {begin | include | exclude} regular-expression

Searches and filters the output.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not

Example:

Controller# show interfaces | include protocol Vlan1 is up, line protocol is up Vlan10 is up, line protocol is down GigabitEthernet1/0/1 is up, line protocol is down GigabitEthernet1/0/2 is up, line protocol is up

displayed, but the lines that contain output appear.

Accessing the CLI Through a Console Connection or Through Telnet

Before you can access the CLI, you must connect a terminal or a PC to the controller console or connect a PC to the Ethernet management port and then power on the controller, as described in the hardware installation guide that shipped with your controller.

If your controller is already configured, you can access the CLI through a local console connection or through a remote Telnet session, but your controller must first be configured for this type of access.

You can use one of these methods to establish a connection with the controller:

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 11

Page 22

Accessing the CLI Through a Console Connection or Through Telnet

Connect the controller console port to a management station or dial-up modem, or connect the Ethernet

•

management port to a PC. For information about connecting to the console or Ethernet management port, see the controller hardware installation guide.

Use any Telnet TCP/IP or encrypted Secure Shell (SSH) package from a remote management station.

•

The controller must have network connectivity with the Telnet or SSH client, and the controller must have an enable secret password configured.

The controller supports up to 16 simultaneous Telnet sessions. Changes made by one Telnet user

•

are reflected in all other Telnet sessions.

The controller supports up to five simultaneous secure SSH sessions.

•

After you connect through the console port, through the Ethernet management port, through a Telnet session or through an SSH session, the user EXEC prompt appears on the management station.

Using the Command-Line Interface

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

12 OL-32314-01

Page 23

Using the Web Graphical User Interface

Prerequisites for Using the Web GUI, page 13

•

Information About Using The Web GUI, page 13

•

Connecting the Console Port of the Controller , page 15

•

Logging On to the Web GUI, page 15

•

Enabling Web and Secure Web Modes , page 16

•

Configuring the Controller Web GUI, page 16

•

Prerequisites for Using the Web GUI

Operating Systems:

•

Windows 7

•

CHAPTER 2

Windows 8

•

Mac OS X 10.8

•

Browsers:

•

Google Chrome, version 35

•

Microsoft Internet Explorer, versions 10 or 11

•

Mozilla Firefox, version 30 or later

•

Safari, version 6.1

•

Information About Using The Web GUI

A web browser, or graphical user interface (GUI), is built into each controller.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 13

Page 24

Web GUI Features

You can use either the service port interface or the management interface to access the GUI. We recommend that you use the service-port interface. Click Help at the top of any page in the GUI to display online help. You might need to disable your browser’s pop-up blocker to view the online help.

Web GUI Features

The controller web GUI supports the following:

The Configuration Wizard—After initial configuration of the IP address and the local username/password or auth via the authentication server (privilege 15 needed), the wizard provides a method to complete the initial wireless configuration. Start the wizard through Configuration -> Wizard and follow the nine-step process to configure the following:

Admin Users

•

SNMP System Summary

•

Management Port

•

Wireless Management

•

Using the Web Graphical User Interface

RF Mobility and Country code

•

Mobility configuration

•

WLANs

•

802.11 Configuration

•

Set Time

•

The Monitor tab:

Displays summary details of controller, clients, and access points.

•

Displays all radio and AP join statistics.

•

Displays air quality on access points.

•

Displays list of all Cisco Discovery Protocol (CDP) neighbors on all interfaces and the CDP traffic

•

information.

Displays all rogue access points based on their classification-friendly, malicious, ad hoc, classified, and

•

unclassified.

The Configuration tab:

Enables you to configure the controller for all initial operation using the web Configuration Wizard.

•

The wizard allows you to configure user details, management interface, and so on.

Enables you to configure the system, internal DHCP server, management, and mobility management

•

parameters.

Enables you to configure the controller, WLAN, and radios.

•

Enables you to configure and set security policies on your controller.

•

Enables you to access the controller operating system software management commands.

•

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

14 OL-32314-01

Page 25

Using the Web Graphical User Interface

Connecting the Console Port of the Controller

The Administration tab enables you to configure system logs.

Connecting the Console Port of the Controller

Before You Begin

Before you can configure the controller for basic operations, you need to connect it to a PC that uses a VT-100 terminal emulation program (such as HyperTerminal, ProComm, Minicom, or Tip).

Step 1

Step 2

Step 3

Connect one end of a null-modem serial cable to the controller's RJ-45 console port and the other end to your PC's serial port.

Plug the AC power cord into the controller and a grounded 100 to 240 VAC, 50/60-Hz electrical outlet. Turn on the power supply. The bootup script displays operating system software initialization (code download and power-on self-test verification) and basic configuration. If the controller passes the power-on self-test, the bootup script runs the configuration wizard, which prompts you for basic configuration input.

Enter yes. Proceed with basic initial setup configuration parameters in the CLI setup wizard. Specify the IP address for the service port which is the gigabitethernet 0/0 interface. After entering the configuration parameters in the configuration wizard, you can access the Web GUI. Now, the controller is configured with the IP address for service port.

Logging On to the Web GUI

Step 1

Step 2

Step 3

Enter the controller IP address in your browser’s address bar. For a secure connection, enter https://ip-address. For a less secure connection, enter http://ip-address.

When prompted, enter a valid username and password, and click OK. The Summary page is displayed.

Note

When prompted, enter a valid username and password and click OK.

Note

The Accessing page appears.

The administrative username and password that you created in the configuration wizard are case sensitive. The default username is admin, and the default password is admin.

The administrative username and password that you created in the configuration wizard are case sensitive. The default username is admin, and the default password is cisco.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 15

Page 26

Enabling Web and Secure Web Modes

Using the Web Graphical User Interface

Step 1

Step 2

Step 3

Step 4 Step 5 Step 6 Step 7

Step 8

Step 9

Step 10 Step 11

Choose Configuration > Controller > Management > Protocol Management > HTTP-HTTPS.

The HTTP-HTTPS Configuration page appears.

To enable web mode, which allows users to access the controller GUI using “http://ip-address,” choose Enabled from the HTTP Access drop-down list. Otherwise, choose Disabled. Web mode (HTTP) is not a secure connection.

To enable secure web mode, which allows users to access the controller GUI using “https://ip-address,” choose Enabled from the HTTPS Access drop-down list. Otherwise, choose Disabled. Secure web mode (HTTPS) is a secure connection.

Choose to track the device in the IP Device Tracking check box.

Choose to enable the trust point in the Enable check box.

Choose the trustpoints from the Trustpoints drop-down list.

Enter the amount of time, in seconds, before the web session times out due to inactivity in the HTTP Timeout-policy (1 to 600 sec) text box. The valid range is from 1 to 600 seconds.

Enter the server life time in the Server Life Time (1 to 86400 sec) text box. The valid range is from1 to 86400 seconds.

Enter the maximum number of connection requests that the server can accept in the Maximum number of Requests (1 to 86400) text box. The valid range is from 1 to 86400 connections.

Click Apply.

Click Save Configuration.

Configuring the Controller Web GUI

The configuration wizard enables you to configure basic settings on the controller. You can run the wizard after you receive the controller from the factory or after the controller has been reset to factory defaults. The configuration wizard is available in both GUI and CLI formats.

Step 1

Step 2

16 OL-32314-01

Connect your PC to the service port and configure an IPv4 address to use the same subnet as the controller. The controller is loaded with IOS XE image and the service port interface is configured as gigabitethernet 0/0.

Start Internet Explorer 10 (or later), Firefox 2.0.0.11 (or later), or Google Chrome on your PC and enter the management interface IP address on the browser window. The management interface IP address is same as the gigabitethernet 0/0 (also known as service port interface). When you log in for the first time, you need to enter HTTP username and password. By default, the username is admin and the password is cisco. You can use both HTTP and HTTPS when using the service port interface. HTTPS is enabled by default and HTTP can also be enabled.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

Page 27

Using the Web Graphical User Interface

When you log in for the first time, the Accessing Cisco Controller <Model Number> <Hostname> page appears.

Configuring the Controller Web GUI

Step 3 Step 4

Step 5

Step 6

On the Accessing Cisco Controller page, click the Wireless Web GUI link to access controller web GUI Home page.

Choose Configuration > Wizard to perform all steps that you need to configure the controller initially. The Admin Users page appears.

On the Admin Users page, enter the administrative username to be assigned to this controller in the User Name text box and the administrative password to be assigned to this controller in the Password and Confirm Password text boxes. Click Next. The default username is admin and the default password is cisco. You can also create a new administrator user for the controller. You can enter up to 24 ASCII characters for username and password.

The SNMP System Summary page appears.

On the SNMP System Summary page, enter the following SNMP system parameters for the controller, and click Next:

Customer-definable controller location in the Location text box.

•

Customer-definable contact details such as phone number with names in the Contact text box.

•

Choose enabled to send SNMP notifications for various SNMP traps or disabled not to send SNMP notifications

•

for various SNMP traps from the SNMP Global Trap drop-down list.

Choose enabled to send system log messages or disabled not to send system log messages from the SNMP Logging

•

drop-down list.

Note

The SNMP trap server, must be reachable through the distribution ports (and not through the gigabitethernet0/0 service or management interface).

The Management Port page appears.

Step 7

Step 8

In the Management Port page, enter the following parameters for the management port interface (gigabitethernet 0/0) and click Next.

Interface IP address that you assigned for the service port in the IP Address text box.

•

Network mask address of the management port interface in the Netmask text box.

•

The IPv4 Dynamic Host Configuration Protocol (DHCP) address for the selected port in the IPv4 DHCP Server

•

text box.

The Wireless Management page appears.

In the Wireless Management page, enter the following wireless interface management details, and click Next.

• Choose the interface—VLAN, or Ten Gigabit Ethernet from the Select Interface drop-down list.

VLAN tag identifier, or 0 for no VLAN tag in the VLAN id text box.

•

IP address of wireless management interface where access points are connected in the IP Address text box.

•

Network mask address of the wireless management interface in the Netmask text box.

•

DHCP IPv4 IP address in the IPv4 DHCP Server text box.

•

When selecting VLAN as interface, you can specify the ports as –Trunk or Access ports from the selected list displayed in the Switch Port Configuration text box.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 17

Page 28

Configuring the Controller Web GUI

The RF Mobility and Country Code page appears.

Using the Web Graphical User Interface

Step 9

Step 10

In the RF Mobility and Country Code page, enter the RF mobility domain name in the RF Mobility text box, choose current country code from the Country Code drop-down list, and click Next. From the GUI, you can select only one country code.

Note

Before configuring RF grouping parameters and mobility configuration, ensure that you refer to the relevant conceptual content and then proceed with the configuration.

The Mobility Configuration page with mobility global configuration settings appears.

In the Mobility Configuration page, view and enter the following mobility global configuration settings, and click Next.

Displays Mobility Controller in the Mobility Role text box.

•

Displays mobility protocol port number in the Mobility Protocol Port text box.

•

Displays the mobility group name in the Mobility Group Name text box.

•

Displays whether DTLS is enabled in the DTLS Mode text box.

•

DTLS is a standards-track Internet Engineering Task Force (IETF) protocol based on TLS.

Displays mobility domain identifier for 802.11 radios in the Mobility Domain ID for 802.11 radios text box.

•

Displays the number of members configured on the controller in the Mobility Domain Member Count text box.

•

To enable the controller as a Mobility Oracle, select the Mobility Oracle Enabled check box.

•

Note

Only the controller can be configured as Mobility Oracle. You cannot configure the switch as Mobility Oracle.

The Mobility Oracle is optional, it maintains the client database under one complete mobility domain.

The amount of time (in seconds) between each ping request sent to an peer controller in the Mobility Keepalive

•

Interval (1-30)sec text box.

Valid range is from 1 to 30 seconds, and the default value is 10 seconds.

Step 11

Step 12

Number of times a ping request is sent to an peer controller before the peer is considered to be unreachable in the

•

Mobility Keepalive Count (3-20) text box.

The valid range is from 3 to 20, and the default value is 3.

The DSCP value that you can set for the mobility controller in the Mobility Control Message DSCP Value (0-63)

•

text box.

The valid range is 0 to 63, and the default value is 0.

The WLANs page appears.

In the WLANs page, enter the following WLAN configuration parameters, and click Next.

WLAN identifier in the WLAN ID text box.

•

SSID of the WLAN that the client is associated with in the SSID text box.

•

Name of the WLAN used by the client in the Profile Name text box.

•

The 802.11 Configuration page appears.

In the 802.11 Configuration page, check either one or both 802.11a/n/ac and 802.11b/g/n check boxes to enable the

802.11 radios, and click Next.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

18 OL-32314-01

Page 29

Using the Web Graphical User Interface

The Set Time page appears.

Configuring the Controller Web GUI

Step 13

Step 14

In the Set Time page, you can configure the time and date on the controller based on the following parameters, and click Next.

Displays current timestamp on the controller in the Current Time text box.

•

Choose either Manual or NTP from the Mode drop-down list.

•

On using the NTP server, all access points connected to the controller, synchronizes its time based on the NTP server settings available.

Choose date on the controller from the Year, Month, and Day drop-down list.

•

Choose time from the Hours, Minutes, and Seconds drop-down list.

•

Enter the time zone in the Zone text box and select the off setting required when compared to the current time

•

configured on the controller from the Offset drop-down list.

The Save Wizard page appears.

In the Save Wizard page, you can review the configuration settings performed on the controller using these steps, and if you wish to change any configuration value, click Previous and navigate to that page. You can save the controller configuration created using the wizard only if a success message is displayed for all the wizards. If the Save Wizard page displays errors, you must recreate the wizard for initial configuration of the controller.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 19

Page 30

Configuring the Controller Web GUI

Using the Web Graphical User Interface

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

20 OL-32314-01

Page 31

Configuring Interfaces

This chapter contains the following topics:

Finding Feature Information, page 22

•

Pre-requisites for Configuring Interfaces, page 22

•

Restrictions for Configuring Interfaces, page 23

•

Information About Interfaces, page 23

•

Interface Types, page 23

•

Port-Based VLANs, page 23

•

Ports, page 24

•

Access Ports, page 24

•

Trunk Ports, page 24

•

Tunnel Ports, page 25

•

CHAPTER 3

Routed Ports, page 25

•

Switch Virtual Interfaces, page 26

•

SVI Autostate Exclude, page 26

•

EtherChannel Port Groups, page 27

•

10-Gigabit Ethernet Interfaces, page 27

•

Interface Connections, page 27

•

Interface Configuration Mode, page 28

•

Default Ethernet Interface Configuration, page 29

•

Layer 3 Interfaces, page 30

•

Configuring Interfaces, page 31

•

Adding a Description for an Interface, page 33

•

Configuring a Range of Interfaces: Examples, page 34

•

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 21

Page 32

Finding Feature Information

•

Configuring Interfaces

Configuring and Using Interface Range Macros: Examples, page 34

Configuring Interfaces, page 35

Configuring Layer 3 Interfaces, page 36

Shutting Down and Restarting the Interface, page 37

Monitoring Interface Characteristics, page 39

Monitoring Interface Status, page 39

Clearing and Resetting Interfaces and Counters, page 40

Viewing Wireless Interfaces (GUI), page 40

Configuring Ports (GUI), page 41

Configuring Wireless Interface (GUI), page 42

Feature History and Information For Configuring Interfaces, page 43

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Pre-requisites for Configuring Interfaces

You can define the wireless management, AP-manager, virtual, and management interface parameters using the Startup Wizard. However, you can display and configure interface parameters through either the GUI or CLI after the controller is running.

For Cisco 5700 Series Controllers in a non-link-aggregation (non-LAG) configuration, the management interface must be on a different VLAN than any dynamic AP-manager interface. Otherwise, the management interface cannot fail over to the port that the AP-manager is on.

To configure interfaces, you must configure the default gateway, router, and the IP route using the following commands:

ip default-gateway 154.4.0.1

•

default-router 154.51.0.1

•

ip route 0.0.0.0 0.0.0.0 154.4.0.1

•

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

22 OL-32314-01

Page 33

Configuring Interfaces

Restrictions for Configuring Interfaces

Information About Interfaces

An interface is a logical entity on the controller. An interface has multiple parameters associated with it, including an IP address, default gateway, VLAN identifier, and DHCP server. The following interfaces available on the controller:

Wireless Management Interface

•

AP Manager Interface

•

Dynamic Interface

•

The wireless management interface is used for access point join functions, mobility, RRM , and also used for peer connections (MC - MC connections) and MC to MA connections.

Typically, you define the management, AP-manager, virtual, and service-port interface parameters using the Startup Wizard. However, you can display and configure interface parameters through either the GUI or CLI after the controller is running.

Restrictions for Configuring Interfaces

Interface Types

This section describes the different types of interfaces supported by the controller. The rest of the chapter describes configuration procedures for physical interface characteristics.

Port-Based VLANs

A VLAN is a switched network that is logically segmented by function, team, or application, without regard to the physical location of the users. Packets received on a port are forwarded only to ports that belong to the same VLAN as the receiving port. Network devices in different VLANs cannot communicate with one another without a Layer 3 device to route traffic between the VLANs.

VLAN partitions provide hard firewalls for traffic in the VLAN, and each VLAN has its own MAC address table. A VLAN comes into existence when a local port is configured to be associated with the VLAN, when the VLAN Trunking Protocol (VTP) learns of its existence from a neighbor on a trunk, or when a user creates a VLAN. VLANs can be formed with ports across the stack.

To configure VLANs, use the vlan vlan-id global configuration command to enter VLAN configuration mode. The VLAN configurations for normal-range VLANs (VLAN IDs 1 to 1005) are saved in the VLAN database. If VTP is version 1 or 2, to configure extended-range VLANs (VLAN IDs 1006 to 4094), you must first set VTP mode to transparent. Extended-range VLANs created in transparent mode are not added to the VLAN database but are saved in the controller running configuration. With VTP version 3, you can create extended-range VLANs in client or server mode. These VLANs are saved in the VLAN database.

In a switch stack, the VLAN database is downloaded to all switches in a stack, and all switches in the stack build the same VLAN database. The running configuration and the saved configuration are the same for all switches in a stack.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 23

Page 34

Ports

Configuring Interfaces

Add ports to a VLAN by using the switchport interface configuration commands:

Identify the interface.

•

For a trunk port, set trunk characteristics, and, if desired, define the VLANs to which it can belong.

•

For an access port, set and define the VLAN to which it belongs.

•

ports are Layer 2-only interfaces associated with a physical port. ports belong to one or more VLANs. A controller port can be an access port, a trunk port, or a tunnel port. You can configure a port as an access port or trunk port or let the Dynamic Trunking Protocol (DTP) operate on a per-port basis to set the switchport mode by negotiating with the port on the other end of the link. You must manually configure tunnel ports as part of an asymmetric link connected to an IEEE 802.1Q trunk port. ports are used for managing the physical interface and associated Layer 2 protocols and do not handle routing or bridging.

Configure controller ports by using the switchport interface configuration commands. Use the switchport command with no keywords to put an interface that is in Layer 3 mode into Layer 2 mode.

Access Ports

An access port belongs to and carries the traffic of only one VLAN (unless it is configured as a voice VLAN port). Traffic is received and sent in native formats with no VLAN tagging. Traffic arriving on an access port is assumed to belong to the VLAN assigned to the port. If an access port receives a tagged packet (Inter-Switch Link [ISL] or IEEE 802.1Q tagged), the packet is dropped, and the source address is not learned.

Two types of access ports are supported:

You can also configure an access port with an attached Cisco IP Phone to use one VLAN for voice traffic and another VLAN for data traffic from a device attached to the phone.

Trunk Ports

A trunk port carries the traffic of multiple VLANs and by default is a member of all VLANs in the VLAN database.

Although by default, a trunk port is a member of every VLAN known to the VTP, you can limit VLAN membership by configuring an allowed list of VLANs for each trunk port. The list of allowed VLANs does not affect any other port but the associated trunk port. By default, all possible VLANs (VLAN ID 1 to 4094) are in the allowed list. A trunk port can become a member of a VLAN only if VTP knows of the VLAN and if the VLAN is in the enabled state. If VTP learns of a new, enabled VLAN and the VLAN is in the allowed

Static access ports are manually assigned to a VLAN (or through a RADIUS server for use with IEEE

•

802.1x.

VLAN membership of dynamic access ports is learned through incoming packets. By default, a dynamic

•

access port is not a member of any VLAN, and forwarding to and from the port is enabled only when the VLAN membership of the port is discovered. Dynamic access ports on the controller are assigned to a VLAN by a VLAN Membership Policy Server (VMPS). The VMPS can be a Catalyst 6500 series switch; the controller cannot be a VMPS server.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

24 OL-32314-01

Page 35

Configuring Interfaces

list for a trunk port, the trunk port automatically becomes a member of that VLAN and traffic is forwarded to and from the trunk port for that VLAN. If VTP learns of a new, enabled VLAN that is not in the allowed list for a trunk port, the port does not become a member of the VLAN, and no traffic for the VLAN is forwarded to or from the port.

Tunnel Ports

Tunnel ports are used in IEEE 802.1Q tunneling to segregate the traffic of customers in a service-provider network from other customers who are using the same VLAN number. You configure an asymmetric link from a tunnel port on a service-provider edge switch to an IEEE 802.1Q trunk port on the customer switch. Packets entering the tunnel port on the edge switch, already IEEE 802.1Q-tagged with the customer VLANs, are encapsulated with another layer of an IEEE 802.1Q tag (called the metro tag), containing a VLAN ID unique in the service-provider network, for each customer. The double-tagged packets go through the service-provider network keeping the original customer VLANs separate from those of other customers. At the outbound interface, also a tunnel port, the metro tag is removed, and the original VLAN numbers from the customer network are retrieved.

Tunnel ports cannot be trunk ports or access ports and must belong to a VLAN unique to each customer.

Tunnel Ports

Routed Ports

A routed port is a physical port that acts like a port on a router; it does not have to be connected to a router. A routed port is not associated with a particular VLAN, as is an access port. A routed port behaves like a regular router interface, except that it does not support VLAN subinterfaces. Routed ports can be configured with a Layer 3 routing protocol. A routed port is a Layer 3 interface only and does not support Layer 2 protocols, such as DTP and STP.

Configure routed ports by putting the interface into Layer 3 mode with the no switchport interface configuration command. Then assign an IP address to the port, enable routing, and assign routing protocol characteristics by using the ip routing and router protocol global configuration commands.

Note

Entering a no switchport interface configuration command shuts down the interface and then re-enables it, which might generate messages on the device to which the interface is connected. When you put an interface that is in Layer 2 mode into Layer 3 mode, the previous configuration information related to the affected interface might be lost.

The number of routed ports that you can configure is not limited by software. However, the interrelationship between this number and the number of other features being configured might impact CPU performance because of hardware limitations.

The IP Base image supports static routing and the Routing Information Protocol (RIP). For full Layer 3 routing or for fallback bridging, you must enable the IP Services image on the standalone controller, or the active controller.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 25

Page 36

Switch Virtual Interfaces

A switch virtual interface (SVI) represents a VLAN of switch ports as one interface to the routing or bridging function in the system. Only one SVI can be associated with a VLAN, but you need to configure an SVI for a VLAN only when you wish to route between VLANs, to fallback-bridge nonroutable protocols between VLANs, or to provide IP host connectivity to the controller. By default, an SVI is created for the default VLAN (VLAN 1) to permit remote controller administration. Additional SVIs must be explicitly configured.

You cannot delete interface VLAN 1.Note

SVIs provide IP host connectivity only to the system; in Layer 3 mode, you can configure routing across SVIs.

Although the switch stack or controller supports a total of 1005 VLANs and SVIs, the interrelationship between the number of SVIs and routed ports and the number of other features being configured might impact CPU performance because of hardware limitations.

SVIs are created the first time that you enter the vlan interface configuration command for a VLAN interface. The VLAN corresponds to the VLAN tag associated with data frames on an ISL or IEEE 802.1Q encapsulated trunk or the VLAN ID configured for an access port. Configure a VLAN interface for each VLAN for which you want to route traffic, and assign it an IP address.

Configuring Interfaces

When you create an SVI, it does not become active until it is associated with a physical port.Note

SVIs support routing protocols and bridging configurations.

Note

The IP base feature set supports static routing and RIP. For more advanced routing or for fallback bridging, enable the IP services feature set on the standalone switch or the active switch. For information about using the software activation feature to install a software license for a specific feature set, see the Cisco IOS Software Activation document.

SVI Autostate Exclude

The line state of an SVI with multiple ports on a VLAN is in the up state when it meets these conditions:

The VLAN exists and is active in the VLAN database on the controller

•

The VLAN interface exists and is not administratively down.

•

At least one Layer 2 (access or trunk) port exists, has a link in the up state on this VLAN, and is in the

•

spanning-tree forwarding state on the VLAN.

Note

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

26 OL-32314-01

The protocol link state for VLAN interfaces come up when the first switchport belonging to the corresponding VLAN link comes up and is in STP forwarding state.

Page 37

Configuring Interfaces

The default action, when a VLAN has multiple ports, is that the SVI goes down when all ports in the VLAN go down. You can use the SVI autostate exclude feature to configure a port so that it is not included in the SVI line-state up-or-down calculation. For example, if the only active port on the VLAN is a monitoring port, you might configure autostate exclude on that port so that the VLAN goes down when all other ports go down. When enabled on a port, autostate exclude applies to all VLANs that are enabled on that port.

The VLAN interface is brought up when one Layer 2 port in the VLAN has had time to converge (transition from STP listening-learning state to forwarding state). This prevents features such as routing protocols from using the VLAN interface as if it were fully operational and minimizes other problems, such as routing black holes.

EtherChannel Port Groups

EtherChannel port groups treat multiple switch ports as one switch port. These port groups act as a single logical port for high-bandwidth connections between controllers or between controllers and servers. An EtherChannel balances the traffic load across the links in the channel. If a link within the EtherChannel fails, traffic previously carried over the failed link changes to the remaining links. You can group multiple trunk ports into one logical trunk port, group multiple access ports into one logical access port, group multiple tunnel ports into one logical tunnel port, or group multiple routed ports into one logical routed port. Most protocols operate over either single ports or aggregated switch ports and do not recognize the physical ports within the port group. Exceptions are the DTP, the Cisco Discovery Protocol (CDP), and the Port Aggregation Protocol (PAgP), which operate only on physical ports.

When you configure an EtherChannel, you create a port-channel logical interface and assign an interface to the EtherChannel. For Layer 3 interfaces, you manually create the logical interface by using the interface port-channel global configuration command. Then you manually assign an interface to the EtherChannel by using the channel-group interface configuration command. For Layer 2 interfaces, use the channel-group interface configuration command to dynamically create the port-channel logical interface. This command binds the physical and logical ports together.

EtherChannel Port Groups

10-Gigabit Ethernet Interfaces

A 10-Gigabit Ethernet interface operates only in full-duplex mode. The interface can be configured as a switched or routed port.

For more information about the Cisco TwinGig Converter Module, see the controller hardware installation guide and your transceiver module documentation.

Interface Connections

Devices within a single VLAN can communicate directly through any switch. Ports in different VLANs cannot exchange data without going through a routing device. With a standard Layer 2 controller, ports in different VLANs have to exchange information through a router. By using the controller with routing enabled, when

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 27

Page 38

Interface Configuration Mode

you configure both VLAN 20 and VLAN 30 with an SVI to which an IP address is assigned, packets can be sent from Host A to Host B directly through the controller with no need for an external router.

Figure 1: Connecting VLANs with the Switch

Configuring Interfaces

Interface Configuration Mode

The controller supports these interface types:

• Physical ports—controller ports and routed ports

• VLANs—switch virtual interfaces

• Port channels—EtherChannel interfaces

You can also configure a range of interfaces.

To configure a physical interface (port), specify the interface type, stack member number (only stacking-capable switches), module number, and controller port number, and enter interface configuration mode.

• Type—Gigabit Ethernet (gigabitethernet or gi) for 10/100/1000 Mb/s Ethernet ports, 10-Gigabit Ethernet

(tengigabitethernet or te) for 10,000 Mb/s, or small form-factor pluggable (SFP) module Gigabit Ethernet interfaces (gigabitethernet or gi).

• Stack member number—The number that identifies the controller within the stack. The controller number

range is 1 to 9 and is assigned the first time the controller initializes. The default controller number, before it is integrated into a controller stack, is 1. When a controller has been assigned a stack member number, it keeps that number until another is assigned to it.

You can use the switch port LEDs in Stack mode to identify the stack member number of a controller.

• Module number—The module or slot number on the controller: switch (downlink) ports are 0, and uplink

ports are 1.

• Port number—The interface number on the controller. The 10/100/1000 port numbers always begin at 1,

starting with the far left port when facing the front of the controller, for example, gigabitethernet1/0/1 or gigabitethernet1/0/8.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

28 OL-32314-01

Page 39

Configuring Interfaces

Default Ethernet Interface Configuration

You can identify physical interfaces by physically checking the interface location on the controller. You can also use the show privileged EXEC commands to display information about a specific interface or all the interfaces on the switch. The remainder of this chapter primarily provides physical interface configuration procedures.

These are examples of how to identify interfaces on a stacking-capable controller:

To configure 10/100/1000 port 4 on a standalone controller, enter this command:

•

Controller(config)# interface gigabitethernet1/0/4

To configure 10-Gigabit Ethernet port 1 on a standalone controller, enter this command:

•

Controller(config)# interface tengigabitethernet1/0/1

To configure 10-Gigabit Ethernet port on stack member 3, enter this command:

•

Controller(config)# interface tengigabitethernet3/0/1

Default Ethernet Interface Configuration

To configure Layer 2 parameters, if the interface is in Layer 3 mode, you must enter the switchport interface configuration command without any parameters to put the interface into Layer 2 mode. This shuts down the interface and then re-enables it, which might generate messages on the device to which the interface is connected. When you put an interface that is in Layer 3 mode into Layer 2 mode, the previous configuration information related to the affected interface might be lost, and the interface is returned to its default configuration.

This table shows the Ethernet interface default configuration, including some features that apply only to Layer 2 interfaces.

Table 4: Default Layer 2 Ethernet Interface Configuration

Default SettingFeature

Layer 2 or switching mode (switchport command).Operating mode

Allowed VLAN range

VLAN trunking

VLANs 1– 4094.

VLAN 1 (Layer 2 interfaces only).Default VLAN (for access ports)

VLAN 1 (Layer 2 interfaces only).Native VLAN (for IEEE 802.1Q trunks)

Switchport mode dynamic auto (supports DTP) (Layer 2 interfaces only).

All ports are enabled.Port enable state

None defined.Port description

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 29

Page 40

Layer 3 Interfaces

Configuring Interfaces

Default SettingFeature

Speed

Duplex mode

Flow control

unicast traffic)

Auto-MDIX

Autonegotiate. (Not supported on the 10-Gigabit interfaces.)

Flow control is set to receive: off. It is always off for sent packets.

Disabled on all Ethernet ports.EtherChannel (PAgP)

Disabled (not blocked) (Layer 2 interfaces only).Port blocking (unknown multicast and unknown

Disabled.Broadcast, multicast, and unicast storm control

Disabled (Layer 2 interfaces only).Protected port

Disabled (Layer 2 interfaces only).Port security

Disabled.Port Fast

Enabled.

Note

The switch might not support a pre-standard powered device—such as Cisco IP phones and access points that do not fully support IEEE 802.3af—if that powered device is connected to the switch through a crossover cable. This is regardless of whether auto-MIDX is enabled on the switch port.

Enabled (auto).Power over Ethernet (PoE)

Layer 3 Interfaces

The controller supports these types of Layer 3 interfaces:

SVIs: You should configure SVIs for any VLANs for which you want to route traffic. SVIs are created

•

when you enter a VLAN ID following the interface vlan global configuration command. To delete an SVI, use the no interface vlan global configuration command. You cannot delete interface VLAN 1.

Note

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

30 OL-32314-01

When you create an SVI, it does not become active until it is associated with a physical port.

Page 41

Configuring Interfaces

When configuring SVIs, you can also configure SVI autostate exclude on a port in the SVI to exclude that port from being included in determining SVI line-state status.

Routed ports: Routed ports are physical ports configured to be in Layer 3 mode by using the no switchport

•

interface configuration command.

Layer 3 EtherChannel ports: EtherChannel interfaces made up of routed ports.

•

A Layer 3 controller can have an IP address assigned to each routed port and SVI.

There is no defined limit to the number of SVIs and routed ports that can be configured in a controller or in a controller stack. However, the interrelationship between the number of SVIs and routed ports and the number of other features being configured might have an impact on CPU usage because of hardware limitations. If the controller is using its maximum hardware resources, attempts to create a routed port or SVI have these results:

If you try to create a new routed port, the controller generates a message that there are not enough

•

resources to convert the interface to a routed port, and the interface remains as a switchport.

If you try to create an extended-range VLAN, an error message is generated, and the extended-range

•

VLAN is rejected.

If the controller is notified by VLAN Trunking Protocol (VTP) of a new VLAN, it sends a message that

•

there are not enough hardware resources available and shuts down the VLAN. The output of the show vlan user EXEC command shows the VLAN in a suspended state.

If the controller attempts to boot up with a configuration that has more VLANs and routed ports than

•

hardware can support, the VLANs are created, but the routed ports are shut down, and the controller sends a message that this was due to insufficient hardware resources.

All Layer 3 interfaces require an IP address to route traffic. This procedure shows how to configure an interface as a Layer 3 interface and how to assign an IP address to an interface.

Note

If the physical port is in Layer 2 mode (the default), you must enter the no switchport interface configuration command to put the interface into Layer 3 mode. Entering a no switchport command disables and then re-enables the interface, which might generate messages on the device to which the interface is connected. Furthermore, when you put an interface that is in Layer 2 mode into Layer 3 mode, the previous configuration information related to the affected interface might be lost, and the interface is returned to its default configuration

Configuring Interfaces

This module lists the generic steps used to configure any interface on the controller. You must use the following steps to configure interfaces on the controller:

Before You Begin

•

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 31

Page 42

Configuring Interfaces

SUMMARY STEPS

DETAILED STEPS

configure terminal

global configuration

interface

show interface summary

show interface detail management

PurposeCommand or Action

Configuring Interfaces

Step 1

Step 2

Step 3

Step 4

Step 5

Example:

global configuration

Example:

global configuration

interface

Example:

show interface detail management

Example:

Enables you to enter configure terminal configured mode at the privileged prompt.configure terminal

Identify interface details, for example the interface type, connector, and so on and enter global configuration mode.

Enables you to identify the interface and enter global configuration mode.

Follow each interface command with the interface configuration commands that the interface requires. The commands that you enter define the protocols and applications that will run on the configuration commands. Interfaces configured in a range must be the same type and must be configured with the same feature options. The commands are collected and applied to the interface when you enter another interface command or enter end to return to privileged EXEC mode.

Enables you to configure the supported interfaces on the controller.

Verify the status of the configured interface using the show interface summary.show interface summary

Enables you to view the status of the configured interface.

Verify the status of the configured interface using the show interface detail management.

Enables you to view the status of the configured interface.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

32 OL-32314-01

Page 43

Configuring Interfaces

Adding a Description for an Interface

SUMMARY STEPS

enable

configure terminal

interface interface-id

description string

end

show interfaces interface-id description

copy running-config startup-config

DETAILED STEPS

Adding a Description for an Interface

Step 1

Step 2

Step 3

Step 4

enable

Example:

Controller> enable

Example:

Controller# configure terminal

interface interface-id

Example:

Controller(config)# interface gigabitethernet1/0/2

description string

Example:

Controller(config-if)# description Connects to Marketing

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if prompted.

Enters global configuration mode.configure terminal

Specifies the interface for which you are adding a description, and enter interface configuration mode.

Adds a description (up to 240 characters) for an interface.

Step 5

Example:

Controller(config-if)# end

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 33

Returns to privileged EXEC mode.end

Page 44

Configuring a Range of Interfaces: Examples

Configuring Interfaces

PurposeCommand or Action

Step 6

Step 7

show interfaces interface-id description

Example:

Controller# copy running-config startup-config

Verifies your entry.

(Optional) Saves your entries in the configuration file.copy running-config startup-config

Configuring a Range of Interfaces: Examples

This example shows how to use the interface range global configuration command to set the speed to 100 Mb/s on ports 1 to 4 on switch 1:

Controller# configure terminal Controller(config)# interface range gigabitethernet1/0/1 - 4 Controller(config-if-range)# speed 100

This example shows how to use a comma to add different interface type strings to the range to enable Gigabit Ethernet ports 1 to 3 and 10-Gigabit Ethernet ports 1 and 2 to receive flow-control pause frames:

Controller# configure terminal Controller(config)# interface range gigabitethernet1/0/1 - 3 , tengigabitethernet1/0/1 - 2 Controller(config-if-range)# flowcontrol receive on

If you enter multiple configuration commands while you are in interface-range mode, each command is executed as it is entered. The commands are not batched and executed after you exit interface-range mode. If you exit interface-range configuration mode while the commands are being executed, some commands might not be executed on all interfaces in the range. Wait until the command prompt reappears before exiting interface-range configuration mode.

Configuring and Using Interface Range Macros: Examples

This example shows how to define an interface-range named enet_list to include ports 1 and 2 on switch 1 and to verify the macro configuration:

Controller# configure terminal Controller(config)# define interface-range enet_list gigabitethernet1/0/1 - 2 Controller(config)# end Controller# show running-config | include define

define interface-range enet_list GigabitEthernet1/0/1 - 2

This example shows how to create a multiple-interface macro named macro1:

Controller# configure terminal Controller(config)# define interface-range macro1 gigabitethernet1/0/1 - 2,

gigabitethernet1/0/5 - 7, tengigabitethernet1/0/1 -2 Controller(config)# end

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

34 OL-32314-01

Page 45

Configuring Interfaces

This example shows how to enter interface-range configuration mode for the interface-range macro enet_list:

Controller# configure terminal Controller(config)# interface range macro enet_list Controller(config-if-range)#

This example shows how to delete the interface-range macro enet_list and to verify that it was deleted.

Controller# configure terminal Controller(config)# no define interface-range enet_list Controller(config)# end Controller# show run | include define Controller#

Configuring Interfaces

These general instructions apply to all interface configuration processes.

DETAILED STEPS

Configuring Interfaces

Step 1

Step 2

Step 3

Step 4

Example:

Controller> enable

Example:

Controller# configure terminal

interface

Example:

Controller(config)# interface gigabitethernet1/0/1

Controller(config-if)#

Follow each interface command with the interface configuration commands that the interface requires.

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if prompted.enable

Enters the global configuration mode.configure terminal

Identifies the interface type, the controller number (only on stacking-capable switches), and the number of the connector.

Note

You do not need to add a space between the interface type and the interface number. For example, in the preceding line, you can specify either gigabitethernet 1/0/1, gigabitethernet1/0/1, gi 1/0/1, or gi1/0/1.

Defines the protocols and applications that will run on the interface. The commands are collected and applied to the interface when you enter another interface command or enter end to return to privileged EXEC mode.

Step 5

interface range or interface range macro

(Optional) Configures a range of interfaces.

Note

Interfaces configured in a range must be the same type and must be configured with the same feature options.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 35

Page 46

Configuring Layer 3 Interfaces

Configuring Interfaces

PurposeCommand or Action

Step 6

show interfaces

Displays a list of all interfaces on or configured for the switch. A report is provided for each interface that the device supports or for the specified interface.

Configuring Layer 3 Interfaces

SUMMARY STEPS

enable

configure terminal

interface {gigabitethernet interface-id} | {vlan vlan-id} | {port-channel port-channel-number}

no switchport

ip address ip_address subnet_mask

no shutdown

end

show interfaces [interface-id]

copy running-config startup-config

DETAILED STEPS

Step 1

Step 2

Step 3

enable

Example:

Controller> enable

Example:

Controller# configure terminal

interface {gigabitethernet interface-id} | {vlan vlan-id} | {port-channel port-channel-number}

Example:

Controller(config)# interface gigabitethernet1/0/2

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if prompted.

Enters global configuration mode.configure terminal

Specifies the interface to be configured as a Layer 3 interface, and enter interface configuration mode.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

36 OL-32314-01

Page 47

Configuring Interfaces

Shutting Down and Restarting the Interface

PurposeCommand or Action

Step 4

Step 5

Step 6

Step 7

Step 8

Example:

Controller(config-if)# no switchport

ip address ip_address subnet_mask

Example:

Controller(config-if)# ip address 192.20.135.21

255.255.255.0

Example:

Controller(config-if)# no shutdown

Example:

Controller(config-if)# end

show interfaces [interface-id]

For physical ports only, enters Layer 3 mode.no switchport

Configures the IP address and IP subnet.

Enables the interface.no shutdown

Returns to privileged EXEC mode.end

Verifies the configuration.

Step 9

copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Example:

Controller# copy running-config startup-config

Shutting Down and Restarting the Interface

Shutting down an interface disables all functions on the specified interface and marks the interface as unavailable on all monitoring command displays. This information is communicated to other network servers through all dynamic routing protocols. The interface is not mentioned in any routing updates.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 37

Page 48

Shutting Down and Restarting the Interface

SUMMARY STEPS

DETAILED STEPS

Configuring Interfaces

enable

configure terminal

interface {vlan vlan-id} | { gigabitethernetinterface-id} | {port-channel port-channel-number}

shutdown

no shutdown

end

show running-config

PurposeCommand or Action

Step 1

Step 2

Step 3

Step 4

enable

Example:

Controller> enable

Example:

Controller# configure terminal

interface {vlan vlan-id} | { gigabitethernetinterface-id} | {port-channel port-channel-number}

Example:

Controller(config)# interface gigabitethernet1/0/2

Example:

Controller(config-if)# shutdown

Enables privileged EXEC mode. Enter your password if prompted.

Enters global configuration mode.configure terminal

Selects the interface to be configured.

Shuts down an interface.shutdown

Step 5

Example:

Controller(config-if)# no shutdown

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

38 OL-32314-01

Restarts an interface.no shutdown

Page 49

Configuring Interfaces

Monitoring Interface Characteristics

PurposeCommand or Action

Step 6

Example:

Controller(config-if)# end

Step 7

Example:

Controller# show running-config

Monitoring Interface Characteristics

Monitoring Interface Status

Commands entered at the privileged EXEC prompt display information about the interface, including the versions of the software and the hardware, the configuration, and statistics about the interfaces.

Returns to privileged EXEC mode.end

Verifies your entries.show running-config

Table 5: Show Commands for Interfaces

show interfaces interface-id status [err-disabled]

show interfaces [interface-id] switchport

show interfaces [interface-id] description

show ip interface [interface-id]

show interface [interface-id] stats

show interfaces interface-id

PurposeCommand

Displays interface status or a list of interfaces in the error-disabled state.

Displays administrative and operational status of switching (nonrouting) ports. You can use this command to find out if a port is in routing or in switching mode.

Displays the description configured on an interface or all interfaces and the interface status.

Displays the usability status of all interfaces configured for IP routing or the specified interface.

Displays the input and output packets by the switching path for the interface.

(Optional) Displays speed and duplex on the interface.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 39

Page 50

Clearing and Resetting Interfaces and Counters

Configuring Interfaces

PurposeCommand

show interfaces transceiver dom-supported-list

show interfaces transceiver properties

show interfaces [interface-id] [{transceiver properties | detail}] module number]

show running-config interface [interface-id]

show version

show controllers ethernet-controller interface-id phy

(Optional) Displays Digital Optical Monitoring (DOM) status on the connect SFP modules.

(Optional) Displays temperature, voltage, or amount of current on the interface.

Displays physical and operational status about an SFP module.

Displays the running configuration in RAM for the interface.

Displays the hardware configuration, software version, the names and sources of configuration files, and the boot images.

Displays the operational state of the auto-MDIX feature on the interface.

Clearing and Resetting Interfaces and Counters

Table 6: Clear Commands for Interfaces

clear counters [interface-id]

clear interface interface-id

clear line [number | console 0 | vty number]

Note

The clear counters privileged EXEC command does not clear counters retrieved by using Simple Network Management Protocol (SNMP), but only those seen with the show interface privileged EXEC command.

Viewing Wireless Interfaces (GUI)

You can view the wireless interfaces available in the controller by choosing Monitor > Controller > System > Wireless Interface. in the controller web UI. The following details of the wireless interface page are displayed.

PurposeCommand

Clears interface counters.

Resets the hardware logic on an interface.

Resets the hardware logic on an asynchronous serial line.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

40 OL-32314-01

Page 51

Configuring Interfaces

Configuring Ports (GUI)

DescriptionParameter

Interface Type

Interface Name

Displays the operator-defined interface type. Values are as follows:

• Static—Wireless Management.

AP-Manager.

•

• Service-Port—The Ten Gigabit Ethernet port located on the back of the controller

Virtual interfaces.

•

Displays the name of the interface. Values are as follows:

• Management—802.11 distribution system wired network.

• Service-port—System service interface.

• Virtual—Loopback interface for the web interface to work. This is available in

the controller by default. You need not explicitly configure this interface.

• AP-manager—Can be on the same subnet as the management IP address, but

must have a different IP address than the management interface.

• name—Operator-defined interface assignment, without any spaces.

Displays the IP address of the Controller and its distribution port.IP Address

Displays the destination subnet mask.IP Netmask

Displays the MAC address of the interface.MAC Address

Displays the virtual LAN assignment of the interface.VLAN ID

Configuring Ports (GUI)

You can configure ports in controller using the web UI. To do this, you must follow the steps defined in this module in the web UI.

You can create the following types of port using the controller web UI.

Loopback Interfaces

•

EtherChannel Port

•

Ten Gigabit Ethernet Interfaces

•

Gigabit Ethernet Interfaces

•

SUMMARY STEPS

Choose Configuration > Controller > System > Interfaces > Port Summary.

Click on the port in the port summary table to view the details of the selected port.

Click Apply.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 41

Page 52

Configuring Wireless Interface (GUI)

DETAILED STEPS

Configuring Interfaces

Step 1

Step 2

Step 3

Choose Configuration > Controller > System > Interfaces > Port Summary. Displays all the ports and details of the ports in the controller.

Click on the port in the port summary table to view the details of the selected port. The Edit Port details page appears. To edit the values listed in the page, enter values for the parameters listed in the Edit page.

You must configure the selected port as a Layer2 or Layer3 interface.Note

Click Apply.

Configuring Wireless Interface (GUI)

You can configure wireless interface the in controller using the web user interface (GUI). To do this, you must follow the steps defined in this module in the GUI.

SUMMARY STEPS

Choose Configuration > Controller > System > Interfaces > Wireless Summary.

Click New.

Select the interface to configure the AP management interface(s) and management interface.

Click Apply.

DETAILED STEPS

Step 1

Step 2

Step 3

Step 4

Choose Configuration > Controller > System > Interfaces > Wireless Summary. Displays all the wireless interfaces and details of the interfaces in the controller.

Click New. The New page appears.

Select the interface to configure the AP management interface(s) and management interface. You can configure one management and one or multiple AP management interfaces in the controller using the web UI.

Click Apply.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

42 OL-32314-01

Page 53

Configuring Interfaces

Feature History and Information For Configuring Interfaces

Command History

ModificationRelease

This command was introduced.Cisco IOS XE 3.2SE

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 43

Page 54

Feature History and Information For Configuring Interfaces

Configuring Interfaces

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

44 OL-32314-01

Page 55

CHAPTER 4

Configuring Management Interfaces

This module lists the following topics:

•

Finding Feature Information, page 45

•

Information About the Management Interface, page 45

•

Pre-requisites for Configuring Management Interfaces, page 47

•

Restrictions for Configuring Management Interfaces, page 47

•

Configuring the Management Interface using the CLI, page 48

•

Configuring the Management Interface, page 48

•

Feature History and Information For Configuring Management Interfaces, page 49

•

Finding Feature Information

Information About the Management Interface

The management interface is the default interface for in-band management of the controller and connectivity to enterprise services such as AAA servers. It is also used for communications between the controller and access points. The management interface has the only consistently “pingable” in-band interface IP address on the controller. You can access the GUI of the controller by entering the management interface IP address of the controller in the address field of your browser.

For CAPWAP, the controller requires one management interface to control all inter-controller communications and one AP-manager interface to control all controller-to-access point communications, regardless of the number of ports.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 45

Page 56

Information About the Management Interface

If the service port is in use, the management interface must be on a different supernet from the service-port interface.

Configuring Management Interfaces

Note

Caution

To prevent or block a wired or wireless client from accessing the management network on a controller (from the wireless client dynamic interface or VLAN), the network administrator must ensure that only authorized clients gain access to the management network through proper CPU ACLs, or use a firewall between the client dynamic interface and the management network.

Do not map a guest WLAN to the management interface. If the EoIP tunnel breaks, the client could obtain an IP and be placed on the management subnet.

Do not configure wired clients in the same VLAN or subnet of the service port of the controller on the network. If you configure wired clients on the same subnet or VLAN as the service port, it is not possible to access the management interface of the controller.

Do not map a guest WLAN to the management interface. If the EoIP tunnel breaks, the client could obtain an IP and be placed on the management subnet.

Authentication Type for Management Interfaces

For any type of management access to the controller, bet it SSH, Telnet, or HTTP, we recommend that you use any one authentication type, which can be TACACS+, RADIUS, or Local, and not a mix of these authentication types. Ensure that you take care of the following:

Authentication type (TACACS+, RADIUS, or Local), must be the same for all management access and

•

for all AAA authentication and authorization parameters.

The method list must be explicitly specified in the HTTP authentication.

•

Example

Follow these steps to configure Telnet:

Configure TACACS+ server by entering these commands:

tacacs server server-name

address ipv4 ip-address

key key-name

Configure the server group name by entering these commands:

aaa group server tacacs+ group-name

server name name

Configure authentication and authorization by entering these commands:

aaa authentication login method-list group server-group

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

46 OL-32314-01

Page 57

Configuring Management Interfaces

aaa authorization exec method-list group server-group

Pre-requisites for Configuring Management Interfaces

Note

These and all the other authentication and authorization parameters must be using the same database, be it RADIUS, TACACS+, or Local. For example, if command authorization has to be enabled, it also needs to be pointing to the same database.

Configure HTTP to use the above method lists:

ip http authentication aaa login-auth method-list

You must explicitly specify the method list, even if the method list is "default".

ip http authentication aaa exec-auth method-list

Do not configure any method-lists on the "line vty" configuration parameters. If the above steps and

•

the line vty have different configurations, then line vty configurations take precedence.

The database should be the same across all management configuration types such as SSH/Telnet

•

and webui.

You must explicitly define the method list for HTTP authentication.

•

Workaround

As a workaround, enter the following commands:

aaa authentication login default group server-group local

aaa authorization exec default group server-group local

Pre-requisites for Configuring Management Interfaces

The pre-requisites for configuring the management interfaces on the controller follow:

For Cisco 5700 Series Controllers in a non-link-aggregation (non-LAG) configuration, the management

•

interface must be on a different VLAN than any dynamic AP-manager interface. Otherwise, the management interface cannot fail over to the port that the AP-manager is on.

If the service port is in use, the management interface must be on a different supernet from the service-port

•

interface.

To prevent or block a wired or wireless client from accessing the management network on a controller

•

(from the wireless client dynamic interface or VLAN), the network administrator must ensure that only authorized clients gain access to the management network through proper CPU ACLs, or use a firewall between the client dynamic interface and the management network.

Restrictions for Configuring Management Interfaces

The following are the restrictions for configuring the controller's management interface:

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 47

Page 58

Configuring Management Interfaces

Configuring the Management Interface using the CLI

Do not map a guest WLAN to the management interface. If the EoIP tunnel breaks, the client could

•

obtain an IP and be placed on the management subnet.

Do not configure wired clients in the same VLAN or subnet of the service port of the controller on the

•

network. If you configure wired clients on the same subnet or VLAN as the service port, it is not possible to access the management interface of the controller.

Configuring the Management Interface using the CLI

Before You Begin

You must use the following steps to configure management interfaces on the controller. You can also use these steps to configure the AP manager interfaces on the controller. These general instructions apply to all management interfaces.

SUMMARY STEPS

DETAILED STEPS

Step 1

Step 2

Step 3

Step 4

Step 5

show ip interface brief

config terminal

wireless management interface vlan vlanID

end

show wireless interface summary

wireless management interface vlan vlanID

PurposeCommand or Action

Displays all the interfaces in the controller.show ip interface brief

Enters global configuration mode.config terminal

Creates a management interface by providing the values for the VLAN (VLAN identifier).

Returns to EXEC mode.end

Displays all the wireless interfaces in the controller.show wireless interface summary

Configuring the Management Interface

This module contains the following topics:

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

48 OL-32314-01

Page 59

Configuring Management Interfaces

Feature History and Information For Configuring Management Interfaces

Command History

ModificationRelease

This command was introduced.Cisco IOS XE 3.2SE

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 49

Page 60

Feature History and Information For Configuring Management Interfaces

Configuring Management Interfaces

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

50 OL-32314-01

Page 61

CHAPTER 5

Configuring AP Manager Interfaces

This module lists the following sections:

•

Finding Feature Information, page 51

•

Pre-requisites for Configuring Access Point Management Interface, page 51

•

Restrictions for Configuring AP Manager Interfaces, page 52

•

Information About AP-Manager Interface, page 52

•

Configuring AP Join in an AP Manager Interface, page 53

•

Viewing Configured Access Point Join Management Interfaces, page 53

•

Feature History and Information For Configuring AP Manager Interfaces, page 54

•

Finding Feature Information

Pre-requisites for Configuring Access Point Management Interface

Before configuring the AP manager interfaces in the controller you must ensure that you have separate dynamic AP manager interface per port.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 51

Page 62

Configuring AP Manager Interfaces

Restrictions for Configuring AP Manager Interfaces

• For IPv4—The MAC address of the management interface and the AP-manager interface is the same

as the base LAG MAC address.

If only one distribution system port can be used, you should use distribution system port 1.

•

You can configure multiple LAGs in the controller.

•

An AP-manager interface is not required to be configured. The management interface acts like an

•

AP-manager interface by default, and the access points can join on this interface.

If link aggregation (LAG) is enabled, there can be only one AP-manager interface. But when LAG is

•

disabled, one or more AP-manager interfaces can be created, generally one per physical port.

Port redundancy for the AP-manager interface is not supported. You cannot map the AP-manager

•

interface to a backup port.

Information About AP-Manager Interface

A controller configured with IPv4 has one or more AP-manager interfaces, which are used for all Layer 3 communications between the controller and lightweight access points after the access points have joined the controller.

Note

A controller configured with IPv6 has only one AP-manager and is applicable on management interface. You cannot remove the AP-manager configured on management interface.

The AP-manager IP address is used as the tunnel source for CAPWAP packets from the controller to the access point and as the destination for CAPWAP packets from the access point to the controller.

The controller does not support transmitting the jumbo frames. To avoid having the controller transmit CAPWAP packets to the AP that will necessitate fragmentation and reassembly, reduce MTU/MSS on the client side.

The AP-manager interface communicates through any distribution system port by listening across the Layer 3 network for access point CAPWAP or LWAPP join messages to associate and communicate with as many lightweight access points as possible.

The controller sends the access point a CAPWAP join response allowing the access point to join the controller. When the access point joins the controller, the controller manages its configuration, firmware, control and data transactions.

When an access point performs a reboot or is disconnected from the controller, the join statistics for an access point is maintained from the controller. But this statistics are lost when the controller performs a reboot or disconnects.

A controller configured with IPv6 does not support Dynamic AP-Manager. By default, the management interface acts like an AP-manager interface. Link Aggregation (LAG) is used for IPv6 AP load balancing.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

52 OL-32314-01

Page 63

Configuring AP Manager Interfaces

Configuring AP Join in an AP Manager Interface

Before You Begin

SUMMARY STEPS

conf t

wireless ap-manager interface vlan vlan-ID

end

DETAILED STEPS

PurposeCommand or Action

Step 1

Step 2

Step 3

wireless ap-manager interface vlan vlan-ID

Enters global configuration mode.conf t

Enables the access point to receive the IP address and join the specified VLAN.

Maps the AP manager to the selected interface.

Returns to EXEC mode.end

Viewing Configured Access Point Join Management Interfaces

Before You Begin

You can view the access point join interfaces configured in the controller using the following steps:

SUMMARY STEPS

show ap summary

show ap name

show ap name apname config general

show wireless interface summary

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 53

Page 64

Feature History and Information For Configuring AP Manager Interfaces

DETAILED STEPS

Configuring AP Manager Interfaces

PurposeCommand or Action

Step 1

Step 2

Step 3

Step 4

show ap summary

show ap name

show wireless interface summary

Displays the summary of all the access points configured in the interface.

Displays all the general parameter configuration for the access point.show ap name apname config general

Displays all the wireless- management and AP manager interfaces in the controller.

Feature History and Information For Configuring AP Manager Interfaces

Command History

ModificationRelease

This command was introduced.Cisco IOS XE 3.2SE

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

54 OL-32314-01

Page 65

Configuring Dynamic Interfaces

This module lists the following sections:

•

Finding Feature Information, page 55

•

Pre - requisites for Configuring Dynamic Interfaces, page 55

•

Restrictions for Configuring Dynamic Interfaces, page 56

•

Information About Dynamic AP Management, page 56

•

Configuring Dynamic Interfaces, page 56

•

Feature History and Information For Configuring Dynamic Interfaces, page 57

•

Finding Feature Information

CHAPTER 6

Pre - requisites for Configuring Dynamic Interfaces

While configuring on the dynamic interface of the controller, you must ensure the following:

• A controller’s dynamic interface and all wireless clients in the WLAN that are local to the controller

must have IP addresses in the same subnet.

You must use tagged VLANs for dynamic interfaces.

•

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 55

Page 66

Restrictions for Configuring Dynamic Interfaces

The following restrictions apply for configuring the dynamic interfaces on the controller:

You must not configure a dynamic interface in the same subnetwork as a server that is reachable by the

•

controller CPU, such as a RADIUS server, as it might cause asymmetric routing issues.

Wired clients cannot access management interface of the Cisco WLC 2500 series using the IP address

•

of the AP Manager interface – when Dynamic AP Management is enabled on a dynamic VLAN.

The controller does not respond to SNMP requests if the source address of the request comes from a

•

subnet that is configured as a dynamic interface.

For SNMP requests that come from a subnet that is configured as a dynamic interface, the controller

•

responds but the response does not reach the device that initiated the conversation.

If you are using DHCP proxy and/or a RADIUS source interface, ensure that the dynamic interface has

•

a valid routable address. Duplicate or overlapping addresses across controller interfaces are not supported.

Configuring Dynamic Interfaces

Information About Dynamic AP Management

A dynamic interface is created as a WLAN interface by default. However, any dynamic interface can be configured as an AP-manager interface, with one AP-manager interface allowed per physical port. A dynamic interface with the Dynamic AP Management option enabled is used as the tunnel source for packets from the controller to the access point and as the destination for CAPWAP packets from the access point to the controller. The dynamic interfaces for AP management must have a unique IP address and are usually configured on the same subnet as the management interface.

If link aggregation (LAG) is enabled, there can be only one AP-manager interface.Note

We recommend having a separate dynamic AP-manager interface per controller port.

Configuring Dynamic Interfaces

Before You Begin

You must create the Layer 2 interface that you plan to use in the WLAN.

You can configure the dynamic interface using the following steps:

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

56 OL-32314-01

Page 67

Configuring Dynamic Interfaces

SUMMARY STEPS

DETAILED STEPS

show VLAN

show int VLAN

configure terminal

wlan wlan-name wlan-ID wlan-SSID

client vlan vlan-name

show vlan

end

Show WLAN summary

Feature History and Information For Configuring Dynamic Interfaces

PurposeCommand or Action

Step 1

Step 2

Step 3

Step 4

Step 5

Step 6

Step 7

Step 8

Displays all the VLANs.show VLAN

Displays all the VLAN interfaces.show int VLAN

Enters global configuration mode.configure terminal

Configures the WLAN.wlan wlan-name wlan-ID wlan-SSID

Configures the client VLAN.client vlan vlan-name

Displays all the VLANs in the WLAN.show vlan

Exit configuration mode.end

Displays a summary of all the configured VLANs.Show WLAN summary

Feature History and Information For Configuring Dynamic Interfaces

Command History

ModificationRelease

This command was introduced.Cisco IOS XE 3.2SE

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 57

Page 68

Feature History and Information For Configuring Dynamic Interfaces

Configuring Dynamic Interfaces

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

58 OL-32314-01

Page 69

Configuring Multiple AP Manager Interfaces

This module lists the following sections:

•

Finding Feature Information, page 59

•

Pre-requisites For Configuring AP Manager Interfaces, page 59

•

Restrictions for Configuring Multiple AP Manager Interfaces, page 59

•

Information About Multiple AP-Manager Interfaces, page 60

•

Configuring Multiple AP Manager Interfaces, page 60

•

Feature History and Information For Configuring Multiple AP Manager Interfaces, page 61

•

Finding Feature Information

CHAPTER 7

Pre-requisites For Configuring AP Manager Interfaces

You must ensure that you have a separate dynamic AP-manager interface per controller port before configuring the controller's AP manager interfaces.

Restrictions for Configuring Multiple AP Manager Interfaces

The following restrictions apply while configuring the multiple AP manager interfaces in the controller:

You must assign an AP-manager interface to each port on the controller.

•

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 59

Page 70

Configuring Multiple AP Manager Interfaces

Information About Multiple AP-Manager Interfaces

Before implementing multiple AP-manager interfaces, you should consider how they would impact your

•

controller’s port redundancy.

Only Cisco 5500 Series Controllers support the use of multiple AP-manager interfaces.

•

AP-manager interfaces do not need to be on the same VLAN or IP subnet, and they may or may not be

•

on the same VLAN or IP subnet as the management interface. However, we recommend that you configure all AP-manager interfaces on the same VLAN or IP subnet.

If the port of one of the AP-manager interfaces fails, the controller clears the state of the access points,

•

and the access points must reboot to reestablish communication with the controller using the normal controller join process. The controller no longer includes the failed AP-manager interface in the CAPWAP or LWAPP discovery responses. The access points then rejoin the controller and are load balanced among the available AP-manager interfaces.

Information About Multiple AP-Manager Interfaces

When you create two or more AP-manager interfaces, each one is mapped to a different port. The ports should be configured in sequential order so that AP-manager interface 2 is on port 2, AP-manager interface 3 is on port 3, and AP-manager interface 4 is on port 4.

Before an access point joins a controller, it sends out a discovery request. From the discovery response that it receives, the access point can tell the number of AP-manager interfaces on the controller and the number of access points on each AP-manager interface. The access point generally joins the AP-manager with the least number of access points. In this way, the access point load is dynamically distributed across the multiple AP-manager interfaces.

Note

Access points may not be distributed completely evenly across all of the AP-manager interfaces, but a certain level of load balancing occurs.

For CAPWAP, the controller needs one management interface for all controller-controller communications. AP-manager interfaces manages the communications from controller to access points. The access points join the controller using the IP address of the AP manager. The IP address of the AP manager is used as the tunnel source for the CAPWAP packets from the controller to the access points and the destination source for the CAPWAP packets from the access points to the controller. The AP manager is a Layer3 interface that maps to an SVI in Cisco IOS software.

You can configure the AP-manager and management interface in any order, however; we recommend that you configure the management interface before configuring an AP-manager interface.

Mapping of an AP-manager interface to an SVI that does not have a mapped VLAN is valid, however; you must map the AP-manager interface to an SVI that contains a mapped VLAN. The controller assumes that the mapping of an SVI to an existing VLAN; in the absence of which the SVI status would be operationally down indicating that no access points join the controller.

Configuring Multiple AP Manager Interfaces

This section has the following topics:

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

60 OL-32314-01

Page 71

Configuring Multiple AP Manager Interfaces

Feature History and Information For Configuring Multiple AP Manager Interfaces

Command History

ModificationRelease

This command was introduced.Cisco IOS XE 3.2SE

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 61

Page 72

Feature History and Information For Configuring Multiple AP Manager Interfaces

Configuring Multiple AP Manager Interfaces

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

62 OL-32314-01

Page 73

CHAPTER 8

Configuring Interface Groups

This module lists the following sections:

•

Finding Feature Information, page 63

•

Information About Interface Groups, page 63

•

Creating Interface Groups, page 64

•

Adding a VLAN Group to a WLAN, page 65

•

Configuring the Trunk Port, page 65

•

Configuring VLAN Interfaces (GUI), page 66

•

Feature History and Information For Configuring Interface Groups, page 67

•

Finding Feature Information

Information About Interface Groups

Interface groups are logical groups of interfaces. Interface groups facilitate user configuration where the same interface group can be configured on multiple WLANs or while overriding a WLAN interface per AP group. An interface group can exclusively contain either quarantine or nonquarantine interfaces. An interface can be part of multiple interface groups.

A WLAN can be associated with an interface or interface group. The interface group name and the interface name cannot be the same.

This feature also enables you to associate a client to specific subnets based on the foreign controller that they are connected to. The anchor controller WLAN can be configured to maintain a mapping between foreign controller MAC and a specific interface or interface group (Foreign maps) as needed. If this mapping is not

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 63

Page 74

Creating Interface Groups

configured, clients on that foreign controller gets VLANs associated in a round robin fashion from interface group configured on WLAN.

You can also configure AAA override for interface groups. This feature extends the current access point group and AAA override architecture where access point groups and AAA override can be configured to override the interface group WLAN that the interface is mapped to. This is done with multiple interfaces using interface groups.

This feature enables network administrators to configure guest anchor restrictions where a wireless guest user at a foreign location can obtain an IP address from multiple subnets on the foreign location and controllers from within the same anchor controller.

Controller marks VLAN as dirty when the clients are unable to receive IP address using DHCP. The VLAN interface is marked as dirty based on two methods:

Aggressive Method—When only one failure is counted per association per client and controller marks VLAN as dirty interface when a failure occurs three times for a client or for three different clients.

Non-Aggressive Method—When only one failure is counted per association per client and controller marks VLAN as a dirty interface only when three or more clients fail.

Configuring Interface Groups

Creating Interface Groups

Before You Begin

You must create the interface groups using the following commands after you configure the terminal.

SUMMARY STEPS

vlan group groupname vlan-list 1-256

wlan wlanname 1 wlanname

client vlan vlangrp1

DETAILED STEPS

Step 1

Step 2

Step 3

vlan group groupname vlan-list 1-256

PurposeCommand or Action

Creates a VLAN group with the given group name and adds all the VLANs listed in the command. The recommended number of VLANs in a group is 128.

Enables the WLAN to map a VLAN group.wlan wlanname 1 wlanname

Maps the VLAN group to the WLAN.client vlan vlangrp1

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

64 OL-32314-01

Page 75

Configuring Interface Groups

Adding a VLAN Group to a WLAN

SUMMARY STEPS

conf t

wlan wlanname 1 wlanname

client vlan vlangrp1

end

DETAILED STEPS

Adding a VLAN Group to a WLAN

PurposeCommand or Action

Step 1

Example:

Step 2

Example:

Step 3

Step 4

Example:

Configuring the Trunk Port

Before You Begin

You must configure the VLAN after configuring the controller port as a trunk port. We recommend that you configure the trunk port first and then associate the VLANs to the trunk port.

SUMMARY STEPS

Enters global configuration mode.conf t

Enables the WLAN to map a VLAN group.wlan wlanname 1 wlanname

Maps the VLAN group to the WLAN.client vlan vlangrp1

Returns back to exec mode.end

show wireless interface summary

show run int te1/0/1

interface TenGigabitEthernet1/0/1

switchport trunk allowed vlan 1-10

switchport mode trunk

nmsp attachment suppress

end

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 65

Page 76

Configuring VLAN Interfaces (GUI)

DETAILED STEPS

Configuring Interface Groups

PurposeCommand or Action

Step 1

Example:

Step 2

Step 3

Step 4

Step 5

Step 6

Step 7

show run int te1/0/1

Example:

interface TenGigabitEthernet1/0/1

nmsp attachment suppress

Configuring VLAN Interfaces (GUI)

Displays all the wireless interfaces in the controller.show wireless interface summary

Displays the running configuration available in the controller.

Configures the 10-Gigabit Ethernet.interface TenGigabitEthernet1/0/1

Configures the trunk port.switchport trunk allowed vlan 1-10

Configures the switch port mode as a trunk.switchport mode trunk

Returns to EXEC mode.end

SUMMARY STEPS

DETAILED STEPS

Step 1

Step 2

Choose Configuration > Controller > System > Interfaces > VLAN Summary. This page displays all the VLANs and details of the VLANs in the controller.

Click the VLAN ID field in the table to view the details of the selected VLAN.

Before You Begin

You can configure VLANs in the controller using the web UI. To do this, you must follow the steps defined in this module in the web UI.

Choose Configuration > Controller > System > Interfaces > VLAN Summary.

Click the VLAN ID field in the table to view the details of the selected VLAN.

Enter the values.

Click Apply.

To create a new VLAN, click New.

To delete a VLAN, check the check box in the VLAN summary page, and click Remove.

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

66 OL-32314-01

Page 77

Configuring Interface Groups

The Edit VLAN details page appears.

Feature History and Information For Configuring Interface Groups

Step 3 Step 4 Step 5 Step 6

Enter the values.

Click Apply.

To create a new VLAN, click New.

To delete a VLAN, check the check box in the VLAN summary page, and click Remove.

Feature History and Information For Configuring Interface Groups

Command History

ModificationRelease

This command was introduced.Cisco IOS XE 3.2SE

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 67

Page 78

Feature History and Information For Configuring Interface Groups

Configuring Interface Groups

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

68 OL-32314-01

Page 79

INDEX

AP-manager interface 52, 56

and dynamic interfaces 56 described 52

dynamic AP-manager interface 56

Interface groups 63

management interface 45

described 45

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

OL-32314-01 IN-1

Page 80

Index

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

IN-2 OL-32314-01

Cisco WLC 5700 Series Interface Configuration Manual

Interface Configuration Guide, Cisco IOS XE Release 3E (Cisco WLC 5700 Series)

CONTENTS

Preface

Document Conventions

Related Documentation

Obtaining Documentation and Submitting a Service Request

Using the Command-Line Interface

Information About Using the Command-Line Interface

Command Modes

Understanding Abbreviated Commands

No and Default Forms of Commands

CLI Error Messages

Configuration Logging

Using the Help System

How to Use the CLI to Configure Features

Configuring the Command History

Changing the Command History Buffer Size

Recalling Commands

Disabling the Command History Feature

Enabling and Disabling Editing Features

Editing Commands Through Keystrokes

Editing Command Lines That Wrap

Searching and Filtering Output of show and more Commands

Accessing the CLI Through a Console Connection or Through Telnet

Using the Web Graphical User Interface

Prerequisites for Using the Web GUI

Information About Using The Web GUI

Web GUI Features

Connecting the Console Port of the Controller

Logging On to the Web GUI

Enabling Web and Secure Web Modes

Configuring the Controller Web GUI

Configuring Interfaces

Finding Feature Information

Pre-requisites for Configuring Interfaces

Restrictions for Configuring Interfaces

Information About Interfaces

Interface Types

Port-Based VLANs

Ports

Access Ports

Trunk Ports

Tunnel Ports

Routed Ports

Switch Virtual Interfaces

SVI Autostate Exclude

EtherChannel Port Groups

10-Gigabit Ethernet Interfaces

Interface Connections

Interface Configuration Mode

Default Ethernet Interface Configuration

Layer 3 Interfaces

Configuring Interfaces

Adding a Description for an Interface

Configuring a Range of Interfaces: Examples

Configuring and Using Interface Range Macros: Examples

Configuring Interfaces

Configuring Layer 3 Interfaces

Shutting Down and Restarting the Interface

Monitoring Interface Characteristics

Monitoring Interface Status

Clearing and Resetting Interfaces and Counters

Viewing Wireless Interfaces (GUI)

Configuring Ports (GUI)

Configuring Wireless Interface (GUI)

Feature History and Information For Configuring Interfaces

Configuring Management Interfaces

Finding Feature Information

Information About the Management Interface

Pre-requisites for Configuring Management Interfaces

Restrictions for Configuring Management Interfaces

Configuring the Management Interface using the CLI

Configuring the Management Interface

Feature History and Information For Configuring Management Interfaces

Configuring AP Manager Interfaces

Finding Feature Information

Pre-requisites for Configuring Access Point Management Interface

Restrictions for Configuring AP Manager Interfaces

Information About AP-Manager Interface