On top of the basic transport layer, the controller sup-ports Cisco Secure Guest Access and Voice-over-WLAN advanced mobility services.. As part of the Smart Business Communications Syst
Trang 1multiaccess point management On top of the basic transport layer, the controller sup-ports Cisco Secure Guest Access and Voice-over-WLAN advanced mobility services As part of the Smart Business Communications System, this controller is managed by the Cisco Configuration Assistant, easing deployment and decreasing the cost of ongoing maintenance A single Cisco 526 controller supports up to six Cisco 521 access points, and up to two controllers can be deployed per network, delivering the capacity, simplicity, and price point that is appropriate for the SMB.1
The Cisco 526 Wireless Express controller supports the following features:
■ Secure network access for guest users
■ Support for Cisco voice-over-WLAN optimization
■ Easy management with CCA
■ Support for Cisco LWAPP
■ Support for up to six access points per controller and up to 2 controllers per network, for a total of 12 access points
■ Multiaccess point RRM
■ Support for a wide range of authentication mechanisms to enable scalable security ar-chitectures and minimize security interoperability issues (WEP, MAC filtering, WPA, WPA2, WebAuth, 802.1X, and EAP)
■ Wired/wireless network virtualization
Comparing the Cisco Mobility Express Architecture to the CUWN When you compare the Cisco Mobility Express Architecture to the Cisco Unified Wire-less Network, you will find that the model is similar; however, the protocols are different The Mobility Express solution does not use the full enterprise class version of LWAPP; rather, it uses a subset of LWAPP In addition, the Cisco 521 AP cannot communicate with CUWN wireless LAN controllers Likewise, the Cisco 526 cannot communicate with APs from the 1100 series or higher The 526 supports control of up to 12 APs in a small net-work
Configuring the 521 AP and 526 Controller
In general, you can configure the Mobility Express solution in three ways, none of which are performed on the AP You do not even need to directly access the AP Instead, on the controller itself, use either the CLI, which is normally used for basic setup and initializa-tion, or the web interface After a basic setup on the controller, you can use the Configu-ration Assistant management tool Each of these methods is discussed in the following sections
Using the CLI to Configure the Controller
To configure the Cisco Mobility Express solution, you need a console connection to the Cisco 526 You do not need to do anything on the AP because the controller takes care of
Trang 2it After you have a console connection, you can power on the device and view the boot
process In Example 15-1, notice that if you press the Esc key, you are presented with
multiple boot options The normal selection is to run the primary image
Example 15-1 Booting the Cisco 526 Controller
Booting Primary Image
Press <ESC> now for additional boot options
Boot Options
Please choose an option from below:
1 Run primary image (Version 4.2.61.8) (active)
2 Run backup image (Version 4.1.154.22)
3 Manually upgrade primary image
4 Change active boot image
5 Clear Configuration
Please enter your choice:
Continuing with the boot process, Example 15-2 shows the tests that are performed as the device initializes
Example 15-2 Tests During the Boot Process
CISCO SYSTEMS Embedded BIOS Version 1.0(12)6 08/21/06 17:26:53.43
Low Memory: 632 KB High Memory: 251 MB PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 01 00 1022 2080 Host Bridge
00 01 02 1022 2082 Chipset En/Decrypt 11
00 0C 00 1148 4320 Ethernet 11
00 0D 00 177D 0003 Network En/Decrypt 10
00 0F 00 1022 2090 ISA Bridge
00 0F 02 1022 2092 IDE Controller
00 0F 03 1022 2093 Audio 10
00 0F 04 1022 2094 Serial Bus 9
00 0F 05 1022 2095 Serial Bus 9
Evaluating BIOS Options
Launch BIOS Extension to setup ROMMON
Cisco Systems ROMMON Version (1.0(12)7) #2: Fri Oct 13 10:52:36 MDT 2006
continues
Trang 3Platform AIR-WLC526-K9
Launching BootLoader
Cisco Bootloader (Version 4.0.191.0)
.o88b d888888b d8888 .o88b .d88b.
d8P Y8 `88’ 88’ YP d8P Y8 8P Y8.
8P 88 `8bo 8P 88 88 8b 88 `Y8b 8b 88 88 Y8b d8 88 db 8D Y8b d8 `8b d8’
`Y88P’ Y888888P `8888Y’ `Y88P’ `Y88P’
Booting Primary Image
Press <ESC> now for additional boot options
Detecting hardware
Generating Secure Shell DSA Host Key
Generating Secure Shell RSA Host Key
Generating Secure Shell version 1.5 RSA Host Key XML config selected
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc All rights reserved.
Cisco AireOS Version 4.2.61.8 Initializing OS Services: ok Initializing Serial Services: ok Initializing Network Services: ok Starting ARP Services: ok
Starting Trap Manager: ok Starting Network Interface Management Services: ok Starting System Services: ok
Starting FIPS Features: Not enabled Starting Fast Path Hardware Acceleration: ok Starting Switching Services: ok
Starting QoS Services: ok Starting Policy Manager: ok Starting Data Transport Link Layer: ok Starting Access Control List Services: ok Starting System Interfaces: ok
Trang 4Starting Management Frame Protection: ok Starting LWAPP: ok
Starting Certificate Database: ok Starting VPN Services: ok
Starting Security Services: ok Starting Policy Manager: ok Starting Authentication Engine: ok Starting Mobility Management: ok Starting Virtual AP Services: ok Starting AireWave Director: ok Starting Network Time Services: ok Starting Cisco Discovery Protocol: ok Starting Broadcast Services: ok Starting Power Over Ethernet Services: ok Starting Logging Services: ok
Starting DHCP Server: ok Starting IDS Signature Manager: ok Starting RFID Tag Tracking: ok Starting Mesh Services: ok Starting TSM: ok
Starting LOCP: ok
Starting CIDS Services: ok Starting Ethernet-over-IP: ok Starting Management Services:
Web Server: ok CLI: ok Secure Web: Web Authentication Certificate not found (error).
dhcp pool 192.168.1.100(0xc0a80164) — 192.168.1.102(0xc0a80166), network 192.168.1.0(0xc0a80100) netmask 255.255.255.0(0xffffff00), default gateway 0xc0 internal dhcp server is config successfully
(Cisco Controller)
Upon completing the boot sequence, a controller with no configuration prompts you to perform the setup using the Cisco Wizard Configuration tool, as demonstrated in Example 15-3 Be prepared to provide the following information:
■ Hostname of the device
■ Username of the administrator
■ Password for the administrator
■ Management interface information
■ AP-Manager interface information
■ Virtual gateway IP address
Trang 5Example 15-3 Cisco Wizard Configuration
Welcome to the Cisco Wizard Configuration Tool Use the ‘-’ character to backup
System Name [Cisco_be:7a:e0]: 526-3 Enter Administrative User Name (24 characters max): admin3 Enter Administrative Password (24 characters max): *****
Re-enter Administrative Password : *****
Management Interface IP Address: 10.30.1.100 Management Interface Netmask: 255.255.255.0 Management Interface Default Router: 10.30.1.254 Management Interface VLAN Identifier (0 = untagged): 0 Management Interface Port Num [1 to 2]: 1
Management Interface DHCP Server IP Address: 10.30.1.253
AP Manager Interface IP Address: 10.30.1.101
AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.30.1.253):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: CP-POD3
Enable Symmetric Mobility Tunneling [yes][NO]: NO
Network Name (SSID): IUWNE-301 Allow Static IP Addresses [YES][no]: YES
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter ‘help’ for a list of countries) [US]: US
Enable 802.11b Network [YES][no]: yes Enable 802.11g Network [YES][no]: yes Enable Auto-RF [YES][no]: yes
Configure a NTP server now? [YES][no]: no Configure the system time now? [YES][no]: no
Warning! No AP will come up unless the time is set.
Please see documentation for more details.
Key
Topic
Trang 6Figure 15-3 Login Screen to the 526 Controllers
After you have completed the configuration from the CLI, you can browse to the IP ad-dress of the management interface
Using the Web Browser to Configure the Controller
To access the controller via a web browser, enter the IP address of the management
inter-face of the controller preceded by https:// This is either the IP address you configured in
the CLI Wizard or the default address of 192.168.1.1 In Figure 15-3, you can see the login page for the controller that will appear
Notice that the connection is secure via HTTPS Click the Login button and enter a
user-name and password before performing any configuration After you are logged in, you are presented with a Summary page, as seen in Figure 15-4
The Summary page gives you a look at the controller status, the AP status, and the top WLANs Changes are logged as you make them, and you can see them on the Summary page
Trang 7Figure 15-4 Summary Page
Note: The Wireless Express controller web interface is quite similar to the WLC web in-terface used in the CUWN architecture
When it comes to the controllers, you do not need to do much work The AP and con-trollers will find each other You can see in Figure 15-5 that the All APs option from the WIRELESS menu is showing an AP that has been discovered
When you select the AP name, you are taken to a page that allows you to enter details spe-cific to that AP, such as its name and its primary controller, as shown in Figure 15-6 You can also enable or disable the AP from this menu Other options include resetting the AP and clearing the AP configuration
Using the Cisco Configuration Assistant With the configuration as is, you can access the Configuration Assistant The Cisco Con-figuration Assistant (CCA) is a management tool that installs on a Windows computer and
is based on an application called Cisco Network Assistant, which has been modified to support the Cisco Mobility solution After you have installed the CCA, you can access it via a desktop shortcut When the application launches, you need to connect to or create a community When you log in for the first time, you create a community A community is
a group name for your Mobility Express network Figure 15-7 shows the configuration page that you see when creating a community
Key
Topic
Trang 8Figure 15-5 The All APs List
Figure 15-6 Details Page for AP Configuration
Trang 9Figure 15-7 Creating a Community
CCA will discover the standalone APs The APs will appear in the CCA interface If you are running CCA 1.5 or later, you can migrate the standalone APs to lightweight APs
CCA will also discover WLCs using IP discovery and the Cisco Discovery Protocol (CDP).
CDP is a Cisco proprietary protocol that can gain information about directly connected Cisco devices CCA has a topology view shown in Figure 15-8; by right-clicking on a de-vice in the topology, you can access the dede-vice and configure it, as seen in Figure 15-9
Trang 10Figure 15-8 CCA Topology View
Figure 15-9 Configuration Menu in Topology View