Connecting to the Controller: How to connect to a Cisco controller via the CLI and web interfaces.. Monitoring with the Controller: A look at the Monitor interface and how to perform var
Trang 1This chapter covers the following subjects:
Controller Terminology: A discussion of the terminology used with Cisco controllers
Connecting to the Controller: How to connect
to a Cisco controller via the CLI and web interfaces
Configuring the Controller Using the Web Inter-face: How to build a simple guest network, allow connections, and control where access is permitted
Monitoring with the Controller: A look at the Monitor interface and how to perform various moni-toring tasks
Trang 2Simple Network Configuration and Monitoring with the Cisco Controller
Table 13-1 “Do I Know This Already?” Section-to-Question Mapping
Configuring the Controller Using the Web Interface 10–13
One essential task of a CCNA Wireless certification candidate is being able to create a ba-sic configuration This involves tasks such as accessing the controller interface, creating a WLAN, and making sure that the WLAN is active on the access points (AP) The ultimate goal is to be able to send traffic from a client on that WLAN to some destination on the wired side of the network To do this, you need to understand some terminology used with the controllers, how to connect to a controller, how to configure the WLAN from the GUI utility of the controller, and how to perform basic monitoring of the controller
These topics are discussed in this chapter
You should do the “Do I Know This Already?” quiz first If you score 80 percent or higher, you might want to skip to the section “Exam Preparation Tasks.” If you score below 80 percent, you should spend the time reviewing the entire chapter Refer to Appendix A,
“Answers to the ‘Do I Know This Already?’ Quizzes,” to confirm your answers
“Do I Know This Already?” Quiz
The “Do I Know This Already?” quiz helps you determine your level of knowledge of this chapter’s topics before you begin Table 13-1 details the major topics discussed in this chapter and their corresponding quiz questions
Trang 3224 CCNA Wireless Official Exam Certification Guide
1. Which of the following describes a port as related to the controller terminology?
a. It is a logical interface
b. It is a physical interface
c. It is not an interface; it is a slot
d. A port is a connection to an application; for example, port 23 would connect to Telnet
2. What command configures a static route on the controller?
a route add
b ip route
c default route
d config route
3. Which port is active during the boot process?
a. Service
b. Management
c. AP-Manager
d. Virtual
4. Which of the following best defines a mobility group?
a. A group of APs that allow roaming
b. A group of controllers that communicate
c. A group of traveling clients
d. A group of mobile AP configurations
5. How was the following menu accessed?
Please choose an option from below:
1 Run primary image (version 4.1.192.17) (active)
2 Run backup image (version 4.2.99.0)
3 Manually update images
4 Change active boot image
5 Clear Configuration Please enter your choice:
a. During bootup, this menu automatically shows
b. A break sequence was entered from the CLI
c. The Controllers menu command was used
d. The Esc key was pressed during bootup
Trang 46. What is the default password for the Cisco controller CLI?
a. Cisco
b. cisco
c. admin
d. San-Fran
7. Which command is used to save the configuration from the Cisco controller CLI?
a wr em
b copy run start
c save config
d save
8. What is the default IP address of the Cisco controller?
a. 10.1.1.1
b. 10.1.209.1
c. 172.16.1.1
d. 192.168.1.1
9. Which is not a top-level menu of the Cisco controller?
c. SECURITY
d. PING
10. Which is the correct path to create an interface?
a CONTROLLER > Interfaces > New
b CONTROLLER > Inventory > New Interface
c INTERFACES > New
d CONTROLLER > Ports > New
11. When creating the WLAN profile, what two pieces of information do you need?
(Choose two.)
a. Name
b. SSID
c. Port
d. Interface
Trang 5226 CCNA Wireless Official Exam Certification Guide
12 What does it mean if the Radio Policy is set to All in the Configuration tab of the
WLAN?
a. All WLANs are on
b. The WLAN supports all radio types
c. The WLAN has all radios in it
d. Users must have all radios
13 You have selected WIRELESS > Access Points > Radios > 802.11a/n From there, you select the Configure option for one of the listed APs What does the WLAN
Override drop-down control?
a. The WLAN mode of the radio
b. Whether the WLAN SSID is broadcast via the radio
c. Whether a WLAN is accessible via the radio
d. Whether you can change the settings on this radio
14. Which management area provides information about APs that are not authorized in your network?
a. Access Point Summary
b. Client Summary
c. Top WLANs
d. Rogue Summary
15. Which three pieces of information can you find on the controller Summary page? (Choose all that apply.)
a. Software version
b. Internal temperature
c. Port speeds
d. System name
16. A radio power level of 3 indicates what?
a. Three times the power
b. The third level of power
c. 25% of the maximum power
d. 1/3 power
17. What criteria defined a wireless client, thus adding it to the Clients list?
a. A probe is seen
b. It is associated
c. It is authenticated
d. It is statically defined
Trang 618. How many rogue APs can one AP contain?
a. 1
b. 2
c. 3
d. 4
19. What would cause a client to be excluded?
a. The client has passed 802.11 authentication five times
b. The client has passed 802.11 association five times
c. The client has failed 802.11 authentication five times
d. The client has attempted 802.11 association five times
Trang 7228 CCNA Wireless Official Exam Certification Guide
Foundation Topics
Controller Terminology
Now that you have some understanding about the different types of controllers that are available, it is helpful to understand some of the terminology that goes along with them The term interface, when related to a Cisco controller, is not the same as you would
expe-rience on a router With Cisco routers, an interface can be a physical or logical (loopback) entity With Cisco controllers, an interface is logical It can include VLANs, which in turn have a port association Some interfaces are static, because your controller must always have them
The next term to understand is port A port is a physical interface on your controller It is
something that you can touch
The second term that you need to understand is interface An interface can be logical and
dynamic
Another term to understand is WLAN A WLAN consists of a service set identifier (SSID)
and all the parameters that go along with it A WLAN ties to a port
A port ties together a VLAN and SSIDs A 4404 has four ports, and a 4402 has two The Cisco Wireless Service Manager (WiSM) has eight virtual ports Some interfaces are static, and others are virtual Some static interfaces cannot be removed because they serve
a specific purpose The static interfaces include these:
■ Management interface
■ AP-Manager
■ Service port
■ Virtual
The dynamic interfaces include a user-defined list These interfaces are similar to subinter-faces and use 802.1 Q headers
If you allow users to roam, you are going to have a mobility group A mobility group is
numerous APs configured with common interfaces These interfaces must be defined on all the controllers within the mobility group If one controller does not have an interface configured, a user cannot roam to that controller
So far, you seen that both static and dynamic interfaces exist Further discussion of these interfaces might help to clarify how to use them
Dynamic Interfaces
Administrators define dynamic interfaces, and the system defines static interfaces Static interfaces have specific system roles and are required
Key
Topic
Trang 8Static Interfaces
The management interface is one that controls communications in your network for all
the physical ports It can be untagged, which means that the VLAN identifier is set to 0
By leaving the VLAN identifier set to 0, the controller does not include an 802.1Q tag with the frame; rather, the frame is sent untagged This means that if the traffic for the manage-ment interface travels across a trunk port on the switch where the controller is connected, the traffic is on the native VLAN of that trunk Your APs use the management interfaces
to discover the controller Mobility groups also exchange information using the manage-ment interface
The AP manager interface is another static interface The address that is assigned to this interface is used as the source for communications between the wireless controller and the Cisco access point That means that this address has to be unique, but it can be in the same subnet as the management interfaces
Another static interface is what is known as a virtual interface The virtual interface
con-trols the Layer 3 security and mobility manager communications for all of the physical ports of the controller The virtual interface also has the DNS gateway hostname used by the Layer 3 security and mobility managers so they can verify the source of the certifi-cates When Layer 3 web authorization is enabled, the virtual interface will be used on the wireless side to force an authorization For example, a user associates to an AP that is con-figured for web authorization Next, the user opens a web browser, which attempts to ac-cess the default home page With web authorization enabled, the web browser is
redirected to the virtual interface IP address, which is commonly set to 1.1.1.1
At this point, the user needs to enter credentials for the web authorization After the user
is authorized, he is redirected to his home page Alternatively, he could be redirected to a Terms of Use page instead of his home page
Another static interface is the service port The service port of the 4400 series controller
is a 10/100 copper Ethernet interface This service port is designed for out-of-band man-agement and can also be used for system recovery and maintenance purposes This is the only port that will be active when the controller is in its boot mode Note that the service port is not autosensing—you must use the right type of cable with it Therefore, if you were going to plug in between a switch and a service port, you would have to use the right cable, because it does not autosense Also, no VLAN tag is assigned to the port, so the port should not be a configured as a trunk port on the switch
Another interesting feature of the service port is that you cannot configure a default gate-way for the port via the web interface, but you can go into the CLI and define a static
route To define a static route, use the config route command.
This new terminology might seem a little overwhelming at first, but after you get into the controller interface and start to create wireless LANs, much of your understanding will fall into place
Trang 9230 CCNA Wireless Official Exam Certification Guide
Connecting to the Controller
To begin configuring the controller, you need a connection to it You can access the con-troller in more than one way; however, this section focuses on creating a command-line in-terface (CLI) connection After you have CLI access, you can observe the boot sequence and run though a basic configuration Doing so provides an IP address that you can use later to browse to the HTML interface
You will be connecting to the serial interface, so you will use a DB9 serial cable You will also need a laptop with a serial connection Many new laptops do not have serial connec-tions, although you can purchase an adapter that connects to a USB port
After you set up the connection from the laptop to the serial port, you need to use a ter-minal emulation application such as HyperTerter-minal, SecureCRT, or ZTerm (for Mac OSX) Using the terminal emulation application, you can boot the controller to view the boot process
Controller Boot Sequence
As you boot the controller, you are given an option to press Esc for boot options, along with other information regarding the device, as seen in Example 13-1
Example 13-1 Controller Bootup Sequence as Seen from the CLI
Bootloader 4.1.171.0 (Apr 27 2007 - 05:19:36) Motorola PowerPC ProcessorID=00000000 Rev PVR=80200020 CPU: 833 MHz
CCB: 333 MHz DDR: 166 MHz LBC: 41 MHz L1 D-cache 32KB, L1 I-cache 32KB enabled.
I2C: ready DTT: 1 is 20 C DRAM: DDR module detected, total size:512MB.
512 MB
8540 in PCI Host Mode.
8540 is the PCI Arbiter.
Memory Test PASS FLASH:
Flash Bank 0: portsize = 2, size = 8 MB in 142 Sectors
8 MB L2 cache enabled: 256KB Card Id: 1540
Card Revision Id: 1 Card CPU Id: 1287 Number of MAC Addresses: 32 Number of Slots Supported: 4 Serial Number: FOC1206F03A
Trang 10Unknown command Id: 0xa4 Unknown command Id: 0xa3 Manufacturers ID: 30464 Board Maintenance Level: 00 Number of supported APs: 12 In: serial
Out: serial Err: serial
.o88b d888888b d8888 .o88b .d88b.
d8P Y8 `88’ 88’ YP d8P Y8 8P Y8.
8P 88 `8bo 8P 88 88 8b 88 `Y8b 8b 88 88 Y8b d8 88 db 8D Y8b d8 `8b d8’
`Y88P’ Y888888P `8888Y’ `Y88P’ `Y88P’
Model AIR-WLC4402-12-K9 S/N: FOC1206F03A Net:
PHY DEVICE : Found Intel LXT971A PHY at 0x01 FEC ETHERNET
IDE: Bus 0: OK Device 0: Model: STI Flash 8.0.0 Firm: 01/17/07 Ser#: STI1M75607342054704 Type: Removable Hard Disk
Capacity: 245.0 MB = 0.2 GB (501760 x 512) Device 1: not available
Booting Primary Image
Press <ESC> now for additional boot options
***** External Console Active *****
Boot Options Please choose an option from below:
1 Run primary image (version 4.1.192.17) (active)
2 Run backup image (version 4.2.99.0)
3 Manually update images
4 Change active boot image
5 Clear Configuration Please enter your choice:
The Esc key was issued in Example 13-1 From the highlighted output, you can do the fol-lowing:
Step 1. Run the primary image
Step 2. Run the backup image