WiSM setup

Unanswered Question
Jul 4th, 2008

Just installed a WiSM module in slot 13 of our core 6513 at our campus. We already have a standalone 4402 up and running.

I have been reading 'Troubleshooting and Configure Initial wireless Services Module'. I'm unclear on some of the steps.

It talks about setting up a DHCP scope for the service port. Or you can static assign the addresses. I don't see how the DHCP scope is assigned to just WiSM function? The pool name in the example is wism-service-port. Is that a description or a reserved name? I tried the session slot 13 proc 1 and 2. It will not conect and times out. Show modules lists WiSM in slot 13 and passed tests.

The next steps show creating an interface Vlan192 to allow SUP720 to talk to WiSM. So, if this isn't done then the SUP720 can't talk with the WiSM? Is there something significant about Vlan192?

Following that they show how to create WiSM Management/AP manager gateway interface. Since we have a 4402 running and plan to integrate wouldn't I already have this?

The document doesn't show how to assign the management interface IP address but shows how to display it.

Maybe I need to use the console port on the WiSM to assign the service and management interface addresses?

At end of document it shows using wism commands to setup auto-LAG ports insteads of a bunch of steps.

Trying to understand what I'm doing before I do it and wonder why the session command times out and doens't connect.

Craig

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Sat, 07/05/2008 - 06:30

Let me try to answer your questions:

It talks about setting up a DHCP scope for the service port. Or you can static assign the addresses. I don't see how the DHCP scope is assigned to just WiSM function? The pool name in the example is wism-service-port. Is that a description or a reserved name? I tried the session slot 13 proc 1 and 2. It will not conect and times out. Show modules lists WiSM in slot 13 and passed tests.

-You need to configure the service port to a non-routable ip address that is not on your network. Like WiSM WLC1 2.2.2.1 and WiSM WLC2 2.2.2.2. This is the communication between the WLC's inside the WiSM and the Backplane of the switch. Don't use DHCP....

The next steps show creating an interface Vlan192 to allow SUP720 to talk to WiSM. So, if this isn't done then the SUP720 can't talk with the WiSM? Is there something significant about Vlan192?

No... You create a vlan for the service port and assign an IP address to that SVI interface.

Following that they show how to create WiSM Management/AP manager gateway interface. Since we have a 4402 running and plan to integrate wouldn't I already have this?

Each WLC needs an IP address for management and for the ap-manager interface along with any other interface you have wireless clients one. By this, I mean you need to have an ip address for every ssid mapping you do on a subnet that isn't the manager and ap-mangers subnet. The WiSM has 2 Wireless Lan Controllers and you need to console into each of those and configure them like you did the 4402. You need to enter information on the startup wizard and build the rest of the config either by gui or cli.

The document doesn't show how to assign the management interface IP address but shows how to display it.

This will be in the startup wizard of each WLC in the WiSM.

Maybe I need to use the console port on the WiSM to assign the service and management interface addresses?

Yes

At end of document it shows using wism commands to setup auto-LAG ports insteads of a bunch of steps.

You want to configure lag and on the switch, ports 13/1-4 is one etherchannel for WLC1 and 13/5-8 is antoher for WLC2. 13/9 is the service port connection to the switch for wlc and 13/10 is for wlc2. You need to create a port-channel for ports 13/1-4 and for 13/5-8.

Trying to understand what I'm doing before I do it and wonder why the session command times out and doesn't connect.

Session will not work until you setup the service port vlan and sevice port on the wlc.

Do a show wism status.

cef2lion2 Mon, 07/07/2008 - 06:07

I connected to both services ports on the wism with hyperterminal. I do not get any prompt. I power down the module and brought it back up. Tests ok with show module. I had hyperterminal open on console one of the wism as it booted. It displayed boot information and ended at wizard configuration. I could enter enter anything at that point.

Craig

ericgarnel Mon, 07/07/2008 - 09:01

Here is the cisco url:

http://www.cisco.com/en/US/docs/wireless/technology/wism/technical/reference/appnote.html

here is how to connect to the wism from the switch...

Configuring the Cisco WiSM-A

The initial configuration of the Cisco WiSM controller consists of initiating a session from the supervisor. The Cisco WiSM controller is inserted into the appropriate slot and powered up. After the administrator establishes a session with the Cisco WiSM, the basic configuration is completed with the help of the setup script. With the completion of basic configuration, the administrator can configure the Cisco WiSM controller through the console CLI or through the Cisco WiSM controller web-interface. An administrator needs to configure WiSM-A and WiSM-B separately in the Cisco WiSM module, initially from the CLI and then from the web interface. Refer to Configuring Cisco WiSM-B for steps for configuring the WiSM-B.

The system name, Cisco WiSM controller administrative user credentials, the management, the AP manager, virtual interfaces, the mobility group name, one SSID, a RADIUS server, and other options are configured by the setup script. For the management interface, leave the VLAN untagged because it corresponds to the native VLAN on the switch trunk port. For a Cisco WiSM controller, an untagged VLAN is assigned VLAN number 0, which may not correspond to the VLAN number on the switchport. In our example, the switchport's native VLAN is VLAN number 40; but on the Cisco WiSM controller, the management interface is assigned to VLAN 0. In our example, the default values for the other options are accepted.

The syntax for the session command to access to Cisco WiSM from the supervisor is as follows:

Sup720t# session slot processor < Proc #>

In this example, the module is installed in slot 3, and processor number one is configured first (such as, WiSM-A).

Sup720# sess slot 3 proc 1

cef2lion2 Mon, 07/07/2008 - 10:47

I was able to get into the console of WiSM-A. I didn't have hardware flow control disabled in HyperTerminal. I ran the setup wizard. I was able to view the configuration in the WiSM console and see the IP of the service interface.

I went to the 6513 console. I created Vlan192 and the service port gateway. I made sure if wasn't shutdown. Ran the wism service-vlan 192 command as well.

I did a show WiSM show status. The SUP720 isn't talking with the WiSM as the SUP720 doesn't see the WiSM IP of the service port. I still can't session over to it as well.

Craig

ericgarnel Mon, 07/07/2008 - 11:24

what is the output of the following:

sh wism module controller <1 or 2> status

did you add vlan tags to the ports on the wism? they need to be untagged.

Also, take a look at your logging, check for port inconsistencies.

Also do a show ip dhcp binding to see if the 6513 is handing ip addresses to the wisms. You can change the ip to static on the wism blades once they are up

Scott Fella Mon, 07/07/2008 - 11:32

Okay.... when you look at the service port interface, did you set the vlan to 192 or 0. If you set it to 0 then make sure you trunk has native vlan 192. Also, did you creat an interfave for vlan 192 on the switch? Post the show wism status. Show run interface vlan 192 and show run interface gig13/9 and also for gig13/10.

cef2lion2 Mon, 07/07/2008 - 11:37

Here is the output.

show wism status

Service Vlan : 192, Service IP Subnet : 2.2.2.1/255.255.255.0

WLAN

Slot Controller Service IP Management IP SW Version Status

----+-----------+----------------+----------------+-----------+---------------

13 1 0.0.0.0 0.0.0.0 Service Port Down

13 2 0.0.0.0 0.0.0.0 Service Port Down

AA_Router#sh wism module 13 controller 1 status

WiSM Controller 1 in Slot 13 configured manually

Operational Status of the Controller : Service Port Down

Service VLAN : 192

Service Port : 9

Service Port Mac Address : 0000.0000.0000

Service IP Address : 0.0.0.0

Management IP Address : 0.0.0.0

Software Version :

Port Channel Number : 0

Native VLAN ID : 1

WCP Keep Alive Missed : 0

AA_Router#

Scott Fella Mon, 07/07/2008 - 12:03

Looking at this from my phone... it looks like you didn't configure an ip address on the WLC. Your output shows 0.0.0.0.... You need an ip address in order for the two to communicate.

cef2lion2 Mon, 07/07/2008 - 12:09

Is there a way to do this without dhcp for the service port? I used the console port of the wism module to add a static entry. It shows for the wism side but the SUP720 isn't seeing it. I did run the wism commands to setup the 8 Gi ports from both controllers.

Craig

Scott Fella Mon, 07/07/2008 - 12:15

You should have gig13/9 for the service port on wlc1 and gig13/10 for wlc2. Their are 4 ports for the wlc1 and 4 for wlc2, but these are not used for the service port. I never use dhcp for the service port, I always create a static which I set in the startup wizard.

cef2lion2 Mon, 07/07/2008 - 12:30

Correct. I do have gig13/9 for the service port on wlc1 and gig13/10 for wlc2.

Their are 4 ports for the wlc1 and 4 for wlc2.

I did use the startup wizard via the wism console to setup the static address of the service port.

I have the Vlan192 setup for the service port. Its gateway is 2.2.2.1. My service port for wlc1 is 2.2.2.2 and for wlc2 2.2.2.3. I used the wism service-vlan 192 command as documented. How do ports 10/9-10 get related since they are the service ports?

As a side note. I was trying to use the interface command to setup more the one Gi port parameters. gi13/1-4. It would only allow me to specify one port at a time. I ended up using the wism module command to setup the 4 port per controller.

Craig

cef2lion2 Mon, 07/07/2008 - 12:55

I found the interface range command. Is it better to setup all the Gi port manually or use the wism module commands?

I do have a 4402 standalone controller up and running on our LAN. I'm trying to add the wism module to that setup. So my management/AP vlan already exists.

I think I'm missing something simple. Just can't get the SUP720 to talk with the wism.

Craig

Scott Fella Mon, 07/07/2008 - 13:01

Can you port your show config from the switch and the show run-config from the wlc. This way we can see how everything is set up. I usually configure the ports manually , but I do use the range command.

ericgarnel Mon, 07/07/2008 - 14:40

Not sure, but as stated prior, you can always convert the interfaces to static assignments once they have an address and then turn off dhcp.

You could also try the arp -s command

arp -s ip_address MAC_address

cef2lion2 Mon, 07/07/2008 - 14:44

I opened a TAC case on this as well. They are suggesting using DHCP for the service port. I can try that but wonder why I'm having some much trouble just using a static IP.

I cleared config on the WLC-A. Have yet to even touch WLC-B. Will after I figure out how to do this. After clearing the config and resarting the WLC-A some of th config is still there such a service port IP. Is there a means to force the setup wizard to run again?

On the 6513 I'm backing out the WISM module commands and setting up the GI ports manually.

Craig

ericgarnel Mon, 07/07/2008 - 15:22

You may be better off letting the 6513 & wism do the "automagic" setup for you. You will see that some of your commands will not show up on the running-config. You can reset the wism to factory defaults, but I am not sure if that will invoke the wizard as I have never done it.

cef2lion2 Mon, 07/07/2008 - 18:10

Going to start over and go the DHCP route and focus on the service port to SUP720 communications. Wonder what the 'wism service-vlan 192' does. I know the service ports for WLC-A and WLC-B operate over 13/9-10. Would the wism service-vlan command put the 13/9-10 in vlan 192? Those ports don't show in the running config.

cef2lion2 Mon, 07/07/2008 - 18:35

I did find this in a Cisco troublshooter.

Enter reset system at the WiSM controller CLI. At the prompt that asks whether you need to save changes to the configuration, enter Y or N. The unit reboots. When you are prompted for a username, enter recover-config to restore the factory default configuration. The Cisco WLAN controller reboots and displays this message:

Welcome to the Cisco WLAN Solution Wizard Configuration ToolThe WiSM is now reset to factory defaults. Use the configuration wizard to enter new configuration settings.

cef2lion2 Tue, 07/08/2008 - 05:32

I found the issue. I was following steps in the 'Troubleshooting and Configure Initial Wireless Services Module' document. I then was going over 'Configuring Cisco Wireless Services Module'. The first document is missing creating the 192 vlan itself. It shows creating the interface. Once I created the 192 vlan the SUP720 started to communicate with the WISM.

Sup720(config)# vlan 192

! -- Assign an appropriate IP address and subnet mask for VLAN 192

Sup720(config)# interface Vlan 192

Sup720(config-if)# ip address 192.168.10.1 255.255.255.0

Sup720(config-if)# no shutdown

Sup720(config-if)# exit

cef2lion2 Tue, 07/08/2008 - 07:21

Now that I have the SPU720 talking with the WISM module I turned to the mangement port.

I followinged the instruction using the WISM module command to configure th port-channel and GI ports. Was not able to ping or access the mangement port of WLC-A or B. I backed out of the WISM commands and created the port-channel manually and set the GI ports. Still not able to talk with management port. Using VLAN 8 and set that native on the port-channel and GI ports. sh wism mod con st lists vlan 1 as native.

Craig

cef2lion2 Tue, 07/08/2008 - 11:57

All is working now. I have the ports tagged on the WISM AP and Management ports. As soon as I changed that I was able to get to Web Page of the WLC-A and B.

Saw the note in the setup about not tagging the VLAN. Had missed that.

Actions

This Discussion

 

 

Trending Topics - Security & Network