Cisco Mobility Express Deployment Guide–Release 8.3.102.0

C H A P T E R

3

Deploying Cisco Mobility Express Solution

•

Pre-requisites for Deploying Mobility Express Solution, page 9

•

Connecting Cisco Mobility Express Capable Access Point, page 9

•

Determining the image on the Access Point, page 10

•

Conversion, page 11

•

Configuring Mobility Express Controller using Over-the-Air Setup Wizard, page 14

•

Configuring Mobility Express Controller using Startup Wizard from CLI, page 23

•

Logging into Mobility Express Controller, page 24

Pre-requisites for Deploying Mobility Express Solution

1

You must not have other Cisco Wireless LAN Controllers; neither appliance nor virtual in the same network during set up or during daily operation of a Cisco Mobility Express network. The Mobility Express controller cannot interoperate or co-exist with other Wireless LAN Controllers in the same network.

2

Decide on the first Access Point to be configured as a Master Access Point. This Access Point should be capable of supporting the Wireless LAN Controller function.

3

DHCP Server: A DHCP server must be configured so that Access Points and clients can obtain an IP

Address. Starting AireOS

®

Release 8.3.102.0 or later, one can configure a DHCP server on the Master

Access Point. If the DHCP server on the Master Access Point is not being used, an external DHCP server must be configured.

4

If your network is using universal regulatory domain access points, then you will need prime the access point to the right regulatory domain, before the APs start serving clients. See the Cisco Aironet Universal

AP Priming and Cisco Air Provision User Guide, at this URL: http://www.cisco.com/c/en/us/td/docs/wireless/access_point/ux-ap/guide/uxap-mobapp-g.html

Connecting Cisco Mobility Express Capable Access Point

To connect Cisco Mobility Express capable access point, perform the following steps:

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

9


Determining the image on the Access Point

Procedure

Step 1

Connect Cisco Mobility Express capable access point to a switch port and power it up.

Note

All Access Points in a Mobility Express deployment should be in the same Layer 2 domain

Step 2

The switch port to which Access Point is connected can be a trunk port or an access port. If multiple VLANs are being utilized for client traffic, the switch port should be configured as a trunk interface. Also, note that management traffic is untagged and if a VLAN is being used for management, it should be configured as a native VLAN on the switch port.

Example of the switch port configuration. In this example, vlan 40 is being used for Management.

interface GigabitEthernet1/0/37 description » Connected to Master AP « switchport trunk native vlan 40 switchport trunk allowed vlan 10,20,30,40 switchport mode trunk

Step 3

Observe the access point LED.

a) When you power up the access point—The access point starts a power-up sequence that you can verify by observing the access point LED. If the power-up sequence is successful, the discovery and join process starts. During this process, the LED blinks sequentially green, red, and OFF.

b) When the access point joins the Mobility Express controller—The LED chirps green if no clients are associated or turn green if one or more clients are associated.

c) If the LED is not ON—The access point does not receive power.

d) If the LED blinks sequentially for more than 10 minutes—This could be because the access point does not have the Mobility Express capable image.

Determining the image on the Access Point

The Cisco 1830, 1850, 2800 and 3800 series access points can either have CAPWAP image or the Cisco

Mobility Express image which is capable of running the virtual Wireless LAN controller function on the

Access Point.

To determine the image and capability of an Access Point, follow the steps below:

Procedure

Step 1

Login to the Access Point CLI using a console and type AP#show version and check the full output of show version. The default login credentials are Username:cisco and Password:cisco.

Step 2

If show version output does not display AP Image Type and AP Configuration parameters as highlighted below, it means that AP is running the CAPWAP image and a conversion to Cisco Mobility Express is required if you want to run the controller function on the Access Point. To convert from a CAPWAP Access Point to

Mobility Express, go to Conversion section.

10



Conversion

Note

Access Point with CAPWAP image will not show the AP Image Type and AP Configuration parameters in the AP#show version output.

cisco AIR-AP1852E-UXK9 ARMv7 Processor rev 0 (v71) with 997184/525160K bytes of memory.

Processor board ID RFDP2BCR021

AP Running Image : 8.2.100.0

Primary Boot Image : 8.2.100.0

Backup Boot Image : 8.1.106.33

AP Image type : MOBILITY EXPRESS IMAGE

AP Configuration : MOBILITY EXPRESS CAPABLE

0 Gigabit Ethernet interfaces

0 802.11 Radios

Radio FW version . 1401b63d12113073a3C08aa67f0c039c0

NSS FW version : NSS.AK.1.0.c4-0Z026-E_cust C-1.24160

Step 3

If the show version displays AP Image Type: MOBILITY EXPRESS IMAGE and AP Configuration:

NOT MOBILITY EXPRESS CAPABLE, it means that even though the Access Point has the Cisco Mobility

Express image, it is configured to run only as a CAPWAP Access Point. Such an Access Point will not run the controller function and will not participate in the Master Election process upon failure of the active Master

AP.

cisco AI R-AP1852E-UXK9 ARMv7 Processor rev 0 (v7I) with 997184/726252K bytes of memory.

Processor board ID RFDP2BCR021

AP Running Image : 8.2.101.0

Primary Boot Image : 8.2.100.0

Backup Boot Image : 8.1.106.33

AP Image type : MOBILITY EXPRESS IMAGE

AP Configuration : NOT MOBILITY EXPRESS CAPABLE

For this AP to run the controller function, execute the following command from the AP CLI.

AP#ap-type mobility-express tftp://

Conversion

Note

On 1830 and 1850 Series Access points, conversion from CAPWAP to Mobility Express is supported from Release 8.1.122.0 and later but it is recommended to have CAPWAP version 8.2.100.0 on the Access

Point prior to converting from CAPWAP to Mobility Express. If the CAPWAP image on the Access Point is prior to 8.2.121.0, Access Point MUST first join a WLC running 8.2.100.0 or higher to upgrade its

CAPWAP image. After the CAPWAP image of the AP has been upgraded, conversion of AP from

CAPWAP to Mobility Express can be performed.

Note

On 2800 and 3800 series Access Points, Mobility Express is supported starting Release 8.3.102.0 so they must have 8.3.102.0 CAPWAP image before they can be converted to Mobility Express. If the CAPWAP image on the Access Point is prior to 8.3.102.0, Access Point MUST first join a WLC running 8.3.102.0

or higher to upgrade its CAPWAP image. After the CAPWAP image of the AP has been upgraded, conversion of AP from CAPWAP to Mobility Express can be performed.

The following conversions are supported:


11


Converting a CAWAP AP into a Mobility Express AP

1

Converting a CAWAP AP to Mobility Express–This conversion is required when you have an access point running CAPWAP image, and you want to use them to deploy a Mobility Express network. For this, you would convert the CAPWAP AP to a Master AP (runs controller function in a Mobility Express network).

2

Converting a Mobility Express capable AP to CAPWAP AP - There are two reasons for this conversion:

a

If you want to migrate the access points from a Mobility Express network to another controller (not

Mobility Express) network.

b

If you do not want access points to participate in the Master AP election process in a Mobility Express network.

Procedure

Step 1

Download the conversion image for the Access Point from cisco.com to the TFTP server. It is a tar file. Do not untar the file

The following table lists the Cisco Mobility Express software for Cisco Wireless Release 8.3.102.0.

Access Points Supported As

Master

1830

1850

2800

3800

Software to be Used only for

Conversion from Unified Wireless

Network Lightweight AP Software

To Cisco Mobility Express

Software

AIR-AP1830-K9-8-3-102-0.tar

AIR-AP1850-K9-8-3-102-0.tar

AIR-AP2800-K9-8-3-102-0.tar

AIR-AP3800-K9-8-3-102-0.tar

AP Software Image Bundle, to be

Used for Software Update, or

Supported Access Point Images, or Both

AIR-AP1830-K9-ME-8-3-102-0.zip

AIR-AP1850-K9-ME-8-3-102-0.zip

AIR-AP2800-K9-ME-8-3-102-0.zip

AIR-AP3800-K9-ME-8-3-102-0.zip

Step 2

Login to the Access Point CLI using a console and type AP#show version and check the full output of showversion. The default login credentials are Username:cisco and Password:cisco


To convert an access point running CAPWAP image into a Mobility Express capable image, you have to download and install the Mobility Express image from a TFTP server. A single CLI command has been provided to download the Mobility Express image from a TFTP server and convert the AP Configuration to

MOBILITY EXPRESS CAPABLE.

Pre-requisites for converting CAPWAP AP to Mobility Express:

1

A TFTP server with Mobility Express image. See Procedure below.

2

A DHCP server to assign an IP address to the Cisco access point.

12




3

The Cisco 1800 series access point must not join any existing controller in the network when you are trying to load Mobility Express image. If you have an existing controller on your network to which the

AP can join, conversion is not successful.

To convert an AP running CAPWAP image to Mobility Express, perform the following steps:

Procedure

Step 1

Enter enable to go to privileged execution mode.

Step 2

Enter show version on the Access Point CLI. From the show version output, you can determine the AP Image

type and AP Configuration and can then proceed with the conversion process.

• Case 1: If the AP Image type is MOBILITY EXPRESS IMAGE and AP configuration is NOT

MOBILITY EXPRESS CAPABLE, only conversion of AP Configuration is required. Go to 5 .

• Case 2: In the show version output, if the AP Image type and AP Configuration are not available, download of the Mobility Express image and conversion of AP Configuration is required. Go to 6 .

Step 3

Enter the command below to change the AP Configuration to MOBILITY EXPRESS CAPABLE.

AP#ap-type mobility-express tftp://<TFTP Server IP>/<path to tar file>

Since the Access Point has an AP Image type: MOBILITY EXPRESS IMAGE; a new image does not be downloaded. After the command is issued, the Access Point reboots and comes up as AP Configuration

MOBILITY EXPRESS CAPABLE .

Step 4

If AP Image Type and AP Configuration is not available in show version, it means that the AP is running

CAPWAP image. To do the conversion, execute the command below:

AP#ap-type mobility-express tftp://<TFTP Server IP>/<path to tar file>

Example:

AP#ap-type mobility-express tftp://10.18.22.34/AIR-AP1850-K9-8.1.120.0.tar

Starting the ME image download...

It may take few minutes to finish the download.

Note

After the image download is complete, it writes to flash followed by a reboot.

Image downloaded, writing to flash...

do PREDOWNLOAD, part1 is active part sh: CHECK_ME: unknown operand

Image start 0x40355008 size 0x01dae41a file size 0x01dae7ca

Key start 0x42103422 size 0x00000230

Sinature start 0x42103652 size 0x00000180

Verify returns 0 btldr rel is 16 vs 16, does not need update part to upgrade is part2 activate part2, set BOOT to part2

AP primary version: 8.1.105.37

Archive done.

Oe as AP needs to boot up with ME image

The system is going down Now!

sent SIGTERM to all processes sent SIGKILL to all processes


13


Converting a Mobility Express AP into a CAPWAP AP

Requesting system reboot79]

[07/24/2015 18:19:43.0887] Restarting system.

[07/24/2015 18:19:43.1257] Going down for restart now

Step 5

After AP reboots, Mobility Express starts in Day 0 and CiscoAirProvison SSID is broadcast.

Converting a Mobility Express AP into a CAPWAP AP

When the AP type is CAPWAP, AP cannot run the controller function and cannot participate in the Master

AP election process.

After changing the AP Type, if this AP is migrated to another WLC network (non-Mobility Express network), it joins the controller in that network. If the image on the WLC is different than the one on the AP, a new

CAPWAP image is requested from the WLC.

When the AP type is CAPWAP (as required for this conversion), the AP doesn’t start its own controller function and when the AP joins the external controller, a new image is requested from the controller and the

AP gets the CAPWAP image.

To convert the Mobility Express AP into the CAPWAP AP, perform the following steps:

Procedure

Step 1

Login to the Access Point CLI .

Step 2

Type Enable to go to privileged execution mode.

Step 3

Enter ap#ap-type capwap and confirm to switch to the CAPWAP type.

To convert multiple 1800 series access points running Mobility Express image to CAPWAP simultaneously from the Mobility Express controller CLI, execute the following command:

(Cisco Controller) >config ap unifiedmode <switch_name> <switch_ip_address>

<switch_name> and <switch_ip_address> is the name and IP address respectively of the WLC to which the APs need to be migrate.

The above command converts all Cisco 1800 APs connected to the Mobility Express with AP Configuration:

MOBILITY EXPRESS CAPABLE to AP Configuration: NOT MOBILITY EXPRESS CAPABLE.

When this command is issued the APs are reloaded, and they come back up in local mode.

Configuring Mobility Express Controller using Over-the-Air

Setup Wizard

To configure the Mobility Express using Over-the-Air Setup wizard, perform the following steps:

14



Configuring Mobility Express Controller using Over-the-Air Setup Wizard

Procedure

Step 1

When a LED chirps green, connect a WiFi enabled laptop, through Wi-Fi, to the CiscoAirProvision SSID.

The default password is password.

The laptop gets an IP address from subnet 192.168.1.0/24.

Note

CiscoAirProvision SSID is broadcast at

2.4GHz.

Step 2

Open a browser and go to http://192.168.1.1 which redirects to the initial configuration wizard.

The initial configuration wizard's admin account page appears.

Figure 2: Initial Configuration Wizard's Admin Account Page

The banner on the opening page shows the name of the AP model on which the Mobility Express wireless

LAN controller is being configured. For example, 'Cisco Aironet 1850 Series Mobility Express'.

Note

Take the checklist that you have filled before and proceed with the following steps.

Step 3

Create an admin account on the controller by specifying the following parameters and then click Start.

• Enter the admin username. Maximum up to 24 ASCII characters.

• Enter the password. Maximum up to 24 ASCII characters.

When specifying a password, ensure that:


15



• The password must contain characters from at least three of the following classes – lowercase letters, uppercase letters, digits, special characters.

• No character in the password can be repeated more than three times consecutively.

• The new password must not be the same as the associated username and the username reversed.

• The password must not be cisco, ocsic, or any variants obtained by changing the capitalization of letters of the word Cisco. In addition, you cannot substitute 1, I, or ! for i, 0 for o, or $ for s.

Step 4

Set up your controller by specifying the values.

On the Set Up Your Controller screen, using the checklist, specify the following:

Field Name

System Name

Description

Enter the system name for Mobility Express.

Example: me-wlc

Country

Date & Time

Choose the country from the drop down list.

Choose the current date and time.

Note

The wizard attempts to import the clock information (date and time) from the computer using JavaScript. It is highly recommended that you confirm the clock settings before continuing. The access points depend on clock settings to join the WLC.

Time Zone

NTP Server

Choose the current time zone.

Enter the NTP server details (Optional). If left blank, the following three NTP pools will be automatically configured:

Enter the Management IP address.

Management IP Address

Subnet Mask

Default Gateway

Enable DHCP Server (Management Network)

Enter the subnet mask address.

Enter the default gateway.

Internal DHCP server can be used to create scopes for Management & Access Points, Employee, and

Guest Networks. Enabling of internal DHCP is optional but if you plan to use the internal DHCP server in your Mobility Express deployment, it is recommended to enable it and create a scope for

Management in Day 0. In this configuration, we will enable internal DHCP server and create a scope for

Management Network in Day 0. A DHCP scope for

Employee and Guest Network will be configured in

Day 1.

16



Field Name

Network/Mask

First IP

First IP

Domain Name

Name Servers


Description

Enter the Network and Mask for the Management

Scope

Enter the first IP address of the Management Scope

Enter the last IP address of the Management Scope

Enter the Domain Name for the scope (Optional)

Enter the Name Server IP addresses or select Use

Open DNS to configured Open DNS Name Server

IP addresses


17


Figure 3: Set Up Your Controller Tab


Step 5

Click Next.

Step 6

Create the Employee wireless network by specifying the following fields:

Field Name Description

Network Name Enter the network name.

18




Field Name

Security

Pass Phrase

Confirm Pass Phrase

Authentication Server IP Address

Shared Secret

VLAN

VLAN ID

Enable DHCP Server (Employee Network)

Description

Choose the security type from the drop-down list.

(Choose either WPA2 Personal which uses

Pre-Shared Key (PSK) authentication or select WPA2

Enterprise (also called 802.1x) which requires a

RADIUS server for authentication).

If you have chosen WPA2 Personal security, specify the Pre-Shared Key (PSK).

Re-enter and confirm the pass phrase.

Enter the IP address of the Authentication Server

If you have chosen WPA2 Enterprise, specify the shared secret for the RADIUS server.

Choose Management VLAN or create a new VLAN.

If you have created a new VLAN specify the VLAN

ID. (VLAN ID from 1 to 4096).

If internal DHCP server has to be used for Employee

Network, Enable DHCP Server for Employee

Network and specify the scope parameters.

Step 7

Enable the Guest Network slider and specify the following parameters:

Field Name Description

Network Name Specify the SSID for your Guest network.

Security

Pass Phrase

Choose Web Consent or WPA2 Personal from the drop-down list.

If WPA2 Personal security is chosen, specify the

Pre-Shared Key (PSK).

VLAN

VLAN ID

Enable DHCP Server (Guest Network)

Choose Employee VLAN or create a New VLAN

(with VLAN ID 1 to 4096).

Specify the VLAN ID of the new VLAN (with VLAN

ID 1 to 4096).

If internal DHCP server has to be used for Guest

Network, Enable DHCP Server for Guest Network and specify the scope parameters.


19


Figure 4: Create Your Wireless Networks - Guest


20




Step 8

Click Next.

Step 9

In the Advanced Settings tab, enable RF Parameter Optimization slider and optimize by indicating the expected client density and traffic type in your network.

Figure 5: Advanced Settings Tab

The following table depicts the default values when low, typical, or high deployment type is selected from

RF parameters

Step 10 Select Traffic Type and click Next to continue.


21



A confirmation screen displays the summary of the configuration.

Step 11 Click Apply, if all the settings are correct

Note

A message appears indicating that the System will reboot. Click OK on this window.

Step 12 Click OK to reboot.

Note

After the Access Point reboots, it will start the Mobility Express controller function.

22



Configuring Mobility Express Controller using Startup Wizard from CLI

Configuring Mobility Express Controller using Startup Wizard from CLI

• Console Connection

• Startup Wizard from CLI

Console Connection

Before you can configure the AP to Mobility Express Controller, connect to the port marked ‘CONSOLE’ using SecureCRT, Putty or similar applications. The default parameters for the console ports are 9600 baud, eight data bits, one stop bit, and no parity. The console ports do not support hardware flow control. Choose the serial baud rate of 9600.

Startup Wizard from CLI

After connecting to the 'CONSOLE' port on the AP, power up the AP. After a few minutes, the following

Welcome message will be shown. To configure the Mobility Express controller, follow the steps as shown in the example below.

System Name [Cisco_2c:3a:40] (31 characters max): me-wlc

Enter Country Code list (enter 'help' for a list of countries) [US]:

Configure a NTP server now? [YES][no]: no

Configure the system time now? [YES][no]: no

Note! Default NTP servers will be used

Management Interface IP Address: 40.40.40.10

Management Interface Netmask: 255.255.255.0

Management Interface Default Router: 40.40.40.1

Cleaning up Provisioning SSID

Create Management DHCP Scope? [yes][NO]: yes

DHCP Network : 40.40.40.0

DHCP Netmask : 255.255.255.0

Router IP: 40.40.40.1

Start DHCP IP address: 40.40.40.11

Stop DHCP IP address: 40.40.40.254

DomainName :

DNS Server : [OPENDNS][user DNS]

Create Employee Network? [YES][no]: YES

Employee Network Name (SSID)?: WestAutoBody-Employee

Employee VLAN Identifier? [MGMT][1-4095]: MGMT

Employee Network Security? [PSK][enterprise]: PSK

Employee PSK Passphrase (8-38 characters)?: Cisco123

Re-enter Employee PSK Passphrase: Cisco123

Create Guest Network? [yes][NO]: YES

Guest Network Name (SSID)?: WestAutoBody-Guest

Guest VLAN Identifier? [EMPLOYEE][1-4095]: EMPLOYEE

Guest Network Security? [WEB-CONSENT][psk]: WEB-CONSENT

Create Guest DHCP Scope? [yes][NO]: NO

Enable RF Parameter Optimization? [YES][no]: YES

Client Density [TYPICAL][Low][High]: TYPICAL

Traffic with Voice [NO][Yes]: Yes

Configuration correct? If yes, system will save it and reset. [yes][NO]: yes

Cleaning up Provisioning SSID


23


Logging into Mobility Express Controller

Note

After the AP has finished rebooting, login to the Mobility Express controller WebUI using the Management

IP address.


To log in to the Mobility Express, perform the following steps:

Procedure

Step 1

Enter the IP address of the Mobility Express management interface in the web browser.

The Cisco Wireless LAN Controller window appears.

Step 2

Click Login.

24




Step 3

Enter the administrator user name and password.

Note

The Mobility Express controller uses a self-signed certificate for HTTPs. Therefore, all browsers display a warning message and asks whether you wish to proceed with an exception or not when the certificate is presented to the browser. Accept the risk and proceed to access the Mobility Express

Wireless LAN Controller login page.

The Network Summary page appears.


25



26


Cisco Mobility Express Deployment Guide–Release 8.3.102.0

Deploying Cisco Mobility Express Solution

Pre-requisites for Deploying Mobility Express Solution

Connecting Cisco Mobility Express Capable Access Point

Determining the image on the Access Point

Conversion

Converting a CAWAP AP into a Mobility Express AP

Converting a Mobility Express AP into a CAPWAP AP

Configuring Mobility Express Controller using Over-the-Air

Setup Wizard

Configuring Mobility Express Controller using Startup Wizard from CLI

Console Connection

Startup Wizard from CLI

Logging into Mobility Express Controller

Related manuals

Table of contents

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

Deploying Cisco Mobility Express Solution

Pre-requisites for Deploying Mobility Express Solution

Connecting Cisco Mobility Express Capable Access Point

Determining the image on the Access Point

Conversion

Converting a CAWAP AP into a Mobility Express AP

Converting a Mobility Express AP into a CAPWAP AP

Configuring Mobility Express Controller using Over-the-Air

Setup Wizard

Configuring Mobility Express Controller using Startup Wizard from CLI

Console Connection

Startup Wizard from CLI

Logging into Mobility Express Controller

Related manuals

Cisco

Headset 500 Series

Cisco

1800 Series

Cisco

5520 Wireless Controller

Cisco

5500 Series Wireless Controllers

Cisco

5500 Series Wireless Controllers

Cisco

Mobility Express for Aironet Access Points

Cisco

5500 Series Wireless Controllers

Cisco

Mobility Express for Aironet Access Points

Cisco

Mobility Express for Aironet Access Points

Table of contents