cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3296
Views
0
Helpful
7
Replies

Copying configuration from A to B on WISM

Roman Rodichev
Level 7
Level 7

I'm curious if the process I'm using to replicate configuration between two controllers on a WISM is the best (quickest) method. If there's a better method with WCS, please let me know

- capture "show running-config" on controller A

- add "config" at the beginning of each line

- modify some lines like mgmt/ap-mnger IPs and interface IPs, passwords

- "recover-config" on controller B to ensure it has blank config

- disable 802.11a and 802.11b

- paste config script to controller B

- enable 802.11a and 802.11b

Please let me know if there's a better way to do this.

1 Accepted Solution

Accepted Solutions

On issue 1 :

You are right I see the same problem on 4.2 WLC.

On 5.2, you can see the config wlan portion that has the ssid name, in the file.

Issue 2 :

WLC to 5.2.157.0 and later has a new command to display AP

group config as you would see below:

(Cisco Controller) >show wlan apgroups

Site Name........................................ APGroup1

Site Description................................. ApGroup1

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 management Disabled

2 vlan2 Disabled

3 management Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority

------------------ ----- ------------------- -----------------

---------------- ---- ------- --------

LAP2 2 AIR-AP1131AG-A-K9 00:19:aa:6b:62:14

default location 29 US 1

Site Name........................................ APGroup2

Site Description................................. ApGroup2

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 vlan2 Disabled

2 management Disabled

3 management Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority

------------------ ----- ------------------- -----------------

---------------- ---- ------- --------

LAP6 2 AIR-AP1131AG-A-K9 00:1c:58:dc:86:b8

default location 29 US 1

Site Name........................................ Test

Site Description................................. Test

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 management Disabled

2 management Disabled

3 vlan2 Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority

------------------ ----- ------------------- -----------------

---------------- ---- ------- --------

AP001b.d5de.993c 1 AIR-LAP1231G-A-K9 00:1b:d5:de:99:3c

default location 29 US 1

Site Name........................................ default-group

Site Description.................................

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 vlan2 Disabled

2 management Disabled

3 management Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority GroupName

------------------ ----- ------------------- -----------------

---------------- ---- ------- -------- --------------------------

The is a good command to capture the AP information

You are correct the AP-Group mapping is NOT stored on the controller config

I also explored the option of extracting the APs to AP-Group mapping

from the config file on the WLC but later realized that this mapping is

not stored on the controller config. Here is my explanation :

The AP Group to which an AP belongs

is stored on the config on each AP. So when an AP boots up, it would

look for the exact AP group name configured on it - no matter which WLC

it joins.

WLC version 5.2 had lots of improvement relating to the AP Group

feature. Here is link to the config document which provides more info

about how AP Groups are configured and function in this new version.

http://cisco.com/en/US/docs/wireless/controller/5.2/configuration/guide/

c52wlan.html#wp1128591

View solution in original post

7 Replies 7

Lucien Avramov
Level 10
Level 10

In WCS, there is no easy method for copying the config. Be careful, copying a template config from one to the other does NOT copy all the configuration.

Nevertheless, on WCS, there is a background task you can run : Controller Configuration Backup.

This will store on the WCS locally tftp / ftp folder the configuration of your WLCs.

You can then edit it, and restore it on the other WLC's GUI for example.

If I'm not mistaken, the WLC XML config file doesn't store all details in clear text. For example, I believe that the WLAN names are stored in hashed format. I'm going to try to play around with XML file, but I was wondering if copying command line config script (show running-config) is a better idea?

I just tried on a 5.2 controller which is XML.

The SSID appears in clear text as for example here:

config wlan create 2 Test-WLAN Test-WLAN

When you use the config backup on the WCS, the config should be in clear text backed up in the TFTP directory of WCS.

I'm running 4.2 on controller and WCS, and I just tried what you suggested. It appears that the backup config file is basically the same XML configuration file you can get from the WLC directly. Most of the information stored is not in clear text. So here's my WLAN:

0

2

6363696500000000000000000000000000000000000000000000000000000000

4

1

ENABLED

1800

1

1

note that the profile name is not in clear text.

So I guess doing "show running-config" is my only option to replicate configuration.

There's one more thing I noticed. The AP related configuration (for example AP-group name) is not stored in the XML file and is not stored in the clear text running-config. Strange. I guess it's actually stored right on the AP, but I find it hard to believe that all AP-related configuration settings are stored right on the AP, I would think it's stored on the WLC, I could be wrong though.

In other words, I can't find the following settings stored in "show running-config" or XML file:

(Cisco Controller) >show ap config general AP1130

Cisco AP Identifier.............................. 11

Cisco AP Name.................................... AP1130

Country code..................................... US - United States

Regulatory Domain allowed by Country............. 802.11bg:-AB 802.11a:-AB

AP Country code.................................. US - United States

AP Regulatory Domain............................. 802.11bg:-A 802.11a:-A

Switch Port Number .............................. 1

MAC Address...................................... 00:21:d8:37:33:40

IP Address Configuration......................... DHCP

IP Address....................................... 172.16.7.101

IP NetMask....................................... 255.255.255.0

Gateway IP Addr.................................. 172.16.7.1

Telnet State..................................... Disabled

Ssh State........................................ Disabled

Cisco AP Location................................ default location

Cisco AP Group Name.............................. vlan5

Primary Cisco Switch Name........................ WLC2106A

Primary Cisco Switch IP Address.................. 3.45.47.144

Secondary Cisco Switch Name...................... WLC2006B

Secondary Cisco Switch IP Address................ 3.45.47.143

Tertiary Cisco Switch Name.......................

--More-- or (q)uit

Tertiary Cisco Switch IP Address................. Not Configured

Administrative State ............................ ADMIN_ENABLED

Operation State ................................. REGISTERED

Mirroring Mode .................................. Disabled

AP Mode ......................................... Local

Public Safety ................................... Global: Disabled, Local: Disabled

Remote AP Debug ................................. Disabled

S/W Version .................................... 4.2.176.0

Boot Version ................................... 12.3.8.0

Mini IOS Version ................................ 3.0.51.0

Stats Reporting Period .......................... 180

LED State........................................ Enabled

PoE Pre-Standard Switch.......................... Disabled

PoE Power Injector MAC Addr...................... 00:11:20:7f:72:af

.......

On issue 1 :

You are right I see the same problem on 4.2 WLC.

On 5.2, you can see the config wlan portion that has the ssid name, in the file.

Issue 2 :

WLC to 5.2.157.0 and later has a new command to display AP

group config as you would see below:

(Cisco Controller) >show wlan apgroups

Site Name........................................ APGroup1

Site Description................................. ApGroup1

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 management Disabled

2 vlan2 Disabled

3 management Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority

------------------ ----- ------------------- -----------------

---------------- ---- ------- --------

LAP2 2 AIR-AP1131AG-A-K9 00:19:aa:6b:62:14

default location 29 US 1

Site Name........................................ APGroup2

Site Description................................. ApGroup2

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 vlan2 Disabled

2 management Disabled

3 management Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority

------------------ ----- ------------------- -----------------

---------------- ---- ------- --------

LAP6 2 AIR-AP1131AG-A-K9 00:1c:58:dc:86:b8

default location 29 US 1

Site Name........................................ Test

Site Description................................. Test

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 management Disabled

2 management Disabled

3 vlan2 Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority

------------------ ----- ------------------- -----------------

---------------- ---- ------- --------

AP001b.d5de.993c 1 AIR-LAP1231G-A-K9 00:1b:d5:de:99:3c

default location 29 US 1

Site Name........................................ default-group

Site Description.................................

WLAN ID Interface Network Admission Control

------- ----------- --------------------------

1 vlan2 Disabled

2 management Disabled

3 management Disabled

AP Name Slots AP Model Ethernet MAC

Location Port Country Priority GroupName

------------------ ----- ------------------- -----------------

---------------- ---- ------- -------- --------------------------

The is a good command to capture the AP information

You are correct the AP-Group mapping is NOT stored on the controller config

I also explored the option of extracting the APs to AP-Group mapping

from the config file on the WLC but later realized that this mapping is

not stored on the controller config. Here is my explanation :

The AP Group to which an AP belongs

is stored on the config on each AP. So when an AP boots up, it would

look for the exact AP group name configured on it - no matter which WLC

it joins.

WLC version 5.2 had lots of improvement relating to the AP Group

feature. Here is link to the config document which provides more info

about how AP Groups are configured and function in this new version.

http://cisco.com/en/US/docs/wireless/controller/5.2/configuration/guide/

c52wlan.html#wp1128591

thanks for the info, it clears up some of the confusion I had. I'm finding other pieces of information that are not stored in the running-config. Basically all AP information is not stored on WLC, and also I just found that not all WLAN information is stored in running-config. For example all WPA settings and AAA radius server for the WLAN doesn't show up in the running-config (I'm sure they are in XML file). I'm pretty sure that stuff is stored on the controller, but wasn't included into show running-config, right? I'm basically looking for a quick and easy way to replicate as much config as possible between WISMs on 4.2, and it appears as if you really have to know which stuff is stored on WLC, which stuff is stored on WLC but doesn't show up in running-config, and which stuff is not stored on WLC at all.

lburleso
Level 1
Level 1

Resurrecting this post from 2009... because this is still not an easy problem to work around.  Which is pretty pathetic the more I think about it.

 

But now that we have virtual controllers, why not make a clone of the VM, disconnect the network interfaces,  and change the critical system info?  Maybe would just need to find a way to regenerate the SN?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: