Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
665
Views
8
Helpful
3
Replies

WLC4400 Interfaces.

yong1794
Level 1
Level 1

‎08-08-2006 05:40 PM - edited ‎07-04-2021 12:48 PM

I'd like to know differnce of WLS4400 interfaces. Virtual interface, AP Management Interface, Management Interface, Service Port Interface.

I read about these interfaces info on cisco site, but could you explain the role of these interfaces easily? thanks.

Labels:
0 Helpful
3 Replies 3

Rob Huffman
Hall of Fame
Hall of Fame

‎08-09-2006 05:04 AM

Hi Kwon,

This is the best explanation I have seen so far;

How Wireless LAN Controllers Connect to Network

Port

Interface

Wireless LAN

A WLC port is a physical entity that connects the WLC to the neighbor switch. Cisco 2006 Series WLC devices have 4 10/100 copper Ethernet ports. Cisco 440x series controllers have either 2 or 4 fiber Gigabit Ethernet ports. Each port is, by default, an 802.1Q VLAN trunk port.

An interface is a logical entity on the WLC. An interface has multiple parameters associated with it, including IP address, default-gateway (for the IP subnet), primary physical port, secondary physical port, VLAN tag, and DHCP server. When LAG is not used, each interface is mapped to at least one primary physical port and an optional secondary port. Multiple interfaces can be mapped to a single WLC port.

There are multiple types of interfaces on the WLC, four of which are static types that must be present and are configured at setup time:

"Management interface (Static and configured at setup time; mandatory)

"AP Manager interface (When operating using L3 LWAPP, static and configured at setup time; mandatory)

"Virtual interface (Static and configured at setup time; mandatory)

"Service-port interface (Static and configured at setup time; optional)

"Dynamic (User-defined)

The Management interface is the default interface for in-band management of the WLC and connectivity to enterprise services such as AAA servers. If the service port is in use, the management interface must be on a different subnet from the service port. The management interface is also used for layer 2 communications between the WLC and access points. The Management interface is the only consistently "pingable" in-band interface IP address on the WLC.

A WLC has one or more AP Manager Interfaces that are used for all Layer 3 communications between the WLC and the lightweight access points after the access point discovers the controller. The AP Manager IP address is used as the tunnel source for LWAPP packets from the WLC to the access point, and as the destination for LWAPP packets from the access point to the WLC. The AP Manager must have a unique IP address.

The Virtual Interface is used to support mobility management, DHCP relay, and embedded layer 3 security like guest web authentication and VPN termination. The Virtual Interface must be configured with an unassigned and unused gateway IP address. A typical virtual interface is "1.1.1.1". The Virtual Interface address will not be pingable.

The Service-port Interface is statically mapped by the system only to the physical service port. The service port interface must have an IP address on a different subnet from the Management, AP Manager, and any dynamic interfaces. The service port can get an IP address via DHCP or it can be assigned a static IP address, but a default-gateway cannot be assigned to the Service-port interface. Static routes can be defined in the WLC for remote network access to the Service-port. The Service-port is typically reserved for out-of-band management in the event of a network failure. It is also the only port that is active when the controller is in boot mode. The physical service port is a copper 10/100 Ethernet port and is not capable of carrying 802.1Q tags so it must be connected to an access port on the neighbor switch.

Dynamic Interfaces are created by users and are designed to be analogous to VLANs for wireless LAN client device. The WLC will support up to 512 Dynamic Interface instances. Dynamic Interfaces must be configured on a unique (to the WLC) IP network and VLAN. Each Dynamic Interface acts as a DHCP relay for wireless clients associated to wireless LANs mapped to the interface.

From this excellent doc (in depth);

http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a00806cfa96.html#wp1052072

Hope this helps!

Rob

Please remember to rate helpful posts......

jkilleda
Level 3
Level 3

‎02-14-2018 02:55 AM

The virtual interface is used to support mobility management, DHCP relay, and embedded Layer 3 security such as guest web authentication and VPN termination. All controllers within a mobility group must be configured with the same virtual interface IP address.

The management interface is the default interface for in-band management of the controller and connectivity to enterprise services such as AAA servers.

The service port interface and management interface must be on different subnets. Cisco 4100 and 4400 series controllers also have a 10/100 copper Ethernet service port. The service port is controlled by the service-port interface and is reserved for out-of-band management of the controller and system recovery and maintenance in the event of a network failure. It is also the only port that is active when the controller is in boot mode. The service port is not capable of carrying 802.1Q tags, so it must be connected to an access port on the neighbor switch. Use of the service port is optional.

AP Management interface - AP-manager interfaces, which are used for all Layer3 communications between the controller and lightweight accesspoints after the accesspoints have joined the controller

0 Helpful

sbhadrav@cisco.com
Level 5
Level 5

‎02-19-2018 04:38 AM - edited ‎02-19-2018 04:39 AM

WLC4400 interfaces is a virtual LAN (VLAN) of switch ports represented by one interface to a routing or bridging system. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from all switch ports associated with the VLAN.
AP-manager interfaces do not need to be on the same VLAN or IP subnet, and they may or may not be on the same VLAN or IP subnet as the management interface. However, we recommend that you configure all AP-manager interfaces on the same VLAN or IP subnet.
The management interface provides a way to access the router even if forwarding interfaces are not functional, or the system process is down.
The service-port interface controls communications through and is statically mapped by the system tothe service port. The service port can obtain an IP address using DHCP, or it can be assigned a static IPaddress, but a default gateway cannot be assigned to the service-port interface. Static routes can bedefined through the controller for remote network access to the service port.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card