cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
14395
Views
82
Helpful
146
Replies

Ask the Expert: Cisco Wireless LAN Controllers (WLCs)

ciscomoderator
Community Manager
Community Manager

Read the biowith Cisco Expert Nicolas Darchis

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how to trobuleshoot, configure and deploy any Cisco Wireless LAN controller with Cisco subject matter expert Nicolas Darchis.

Nicolas Darchis is a wireless and authentication, authorization, and accounting expert for the Technical Assistance Center at Cisco Europe. He has been troubleshooting wireless networks, wireless management tools, and security products, including Cisco Secure Access Control Server since 2007. He also focuses on filing technical and documentation bugs. Nicolas Darchis holds a bachelor's degree in computer networking from the Haute Ecole Rennequin Sualem and a master's degree in computer science from the University of Liege. He also holds CCIE Wireless certification number 25344.

Remember to use the rating system to let Nicolas know if you have received an adequate response.

Nicolas might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Wireless sub-community, Getting Started with Wireless discussion forum shortly after the event.

This event last through Friday June 28, 2013. Visit the community often to view responses to youe questions of other community members.

146 Replies 146

They indeed ARE complicated to understand and this is a WLC-related event :-)

but let me try to summarize to the max

MDM integration = middleware for tablet management (enforcing settings)

endpoint onboarding = provisioning of certificates on android/ios/mac/PC who connect to the guest portal

SGA = Trustsec related technology where you replace access lists in your network by group tags which allow or not access to other group tags ressources

Provisioning of certificates on android/ios/mac/PC who connect to the guest portal, if haven't avanced license is it a problem?

Do you know if the WLC can be interfaced with an API with our software at the reception which provide the number on the bagde. this to facilitate the work for the receptionist? so he will have only to fill out only one intererface and not our  software and the wlc portal

No. WLC supports no API.

ISE, however is the guest creation device and does have a REST API you can use.

I forgot to ask you two very important questions:

1- I have to use our radius which is installed on a linux server, for this I have to add clients in the radius, which one I 'll add?  WLC or all the access points, with other words: who ask radius for autentication wlc or the access point?

2- Till now, I have used only wlc with one access point, and for next step do I have to repeat the configuration on all AP because if yes I have to access physically with my laptop to put  the lightweight mode. Is there any other method to do this remotely because the AP are already installed :-)

Thanks Nicolas

1- WLC only

2- It just depends what states your APs are at the moment. I understand you have existing IOS APs so you just need to convert them to lightweight. Once done, if their DHCP pool provides them with the WLC ip in option 43, they will join the WLC automaticaly and get the same config as given by the WLC.

To convert the AP to lightweight, if it's a post-2006 AP, you can simply telnet to the AP and load the lightweight IOS image via TFTP and reload and youer' good to go. Older APs really need you to use the conversion tool as it also installs a certificate (Which is already present in APs later than 2006).

WCS/NCS/Prime can also be used for converting APs to lightweight. But in no case you should require a physical access ...

To response to your question, all accces points are in standalone mode and the model is 1131AG-E-K9.

Sorry but i don't uderstand what do you mean with "ip in option 43".

how can I know the year of the model on the AP?

It's easier to do a "show run" and see if there is an embedded cisco certificate already installed ...

Most 1130s will have it

do you advise me to upgrade the wlc with the latest version? because now I work with version 7.2.111.3.
pehapse with latest version of the software there more features?

This does not seem like a question ... Of course newer versions have more features. But you run the one you prefer, that's it.

I don't know if it's true, but one version of the latest of the wlc has issues with Windows 8 laptops, this is why I want to be sure before upgrading the wlc :-)

sorry but I found that the bug was solved on the version 7.2.111.3

it's seems so easy to add wlc as client on the radius, is there another configuration to add on the radius?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: