On the Cisco Catalyst 9800 Series WLC, enabling/disabling the remote LAN (RLAN) ports on APs requires going into the configuration for each AP and manually enabling/disabling the ports. However, as the number of APs that need to have their RLAN ports periodically enabled or disabled increases, the manual process no longer becomes feasible. In order to solve this problem, the process can be automated. One such automation method is to use the Cisco Embedded Event Manager (EEM) built into IOS XE. With the EEM applets, the 9800 will automatically go through all the APs joined to it, and enable/disable the RLAN ports on only the APs that support RLAN.
This guide will cover the following:
For the EEM applets to work, a CSV file with the names of all the APs connected to the 9800 will need to be created. There are multiple methods to get the CSV file, but this guide will cover how to create the file via download from the 9800 WebUI.
To do so, open up a web browser and go to WebUI of the 9800: https://<IP of 9800>/webui/
Navigate to Monitoring > Wireless > AP Statistics. In the General tab, click on the Excel icon at the top of the table to download the list of all the APs.
In the Export to Excel popup, select Export All Pages to download the list of all the APs and click Yes. Save the file as an XLSX file.
Open the file in Excel and delete all the columns except for AP Name.
Now, delete the first row containing the header, leaving only the AP names.
To allow the CSV to correctly load and behave as expected in the applet:
Save the new file as a CSV file.
Now, copy the CSV file to the 9800.
To ensure that the CSV file used will work correctly, we will be using an EEM applet that will read the CSV file and output the names of the first 10 APs in the listed. If the output is correct, then the CSV file will work with the enabling and disabling applets.
The verification applet is shown below.
event manager applet verify_AP_List_file action 1.0 comment Load the CSV file and store it in AP_LIST action 2.0 comment Iterate through the entire list of APs action 2.1.1 if $i gt 10 action 2.1.2 file puts output_file "AP $AP should be on a single line" action 3.0 comment Close the Files |
The output should match the example below. If it matches, the CSV file is verified to work with the enabling and disabling applets.
WLC#more bootflash:verify_AP_List_file.txt Enabling Ports on AP AP AP006C.BCBA.06D8 should be on a single line AP AP00A2.891C.1678 should be on a single line AP AP3890.A584.A660 should be on a single line AP justloo_AP_Bedroom should be on a single line |
If the output is like the example below where the characters "o;?" appear in the name of the first AP, the CSV file will need to be opened in a text editor, such as Sublime Text. Create a new CSV file within the text editor and copy the contents of the original CSV file to the new file. Rerun the verification applet and ensure the output is correct.
WLC#more bootflash:verify_AP_List_file.txt Enabling Ports on AP AP o;?AP006C.BCBA.06D8 should be on a single line AP AP00A2.891C.1678 should be on a single line AP AP3890.A584.A660 should be on a single line AP justloo_AP_Bedroom should be on a single line |
If the output shows the output sentence spanning multiple lines after the AP name, this indicates an issue with the delimiter used in the foreach action in action 2.1. There may be an extra return character added to the end of each AP name, resulting in the incorrect output. To solve this, change the delimiter from "\n" to "\r\n". Rerun the verification applet and ensure the output is correct.
WLC#more bootflash:verify_AP_List_file.txt Enabling Ports on AP AP o;?AP006C.BCBA.06D8 should be on a single line AP AP00A2.891C.1678 should be on a single line AP AP3890.A584.A660 should be on a single line AP justloo_AP_Bedroom should be on a single line |
If the output of the verification applet is correct, the CSV file will work with the enabling and disabling applets.
The EEM applets for the enabling and disabling of RLAN ports are shown below. The 2 applets are virtually identical except for the comments and syslog messages will say "enabling" or "disabling" based on the applet used.
Enabling Applet:
event manager applet enable_LAN_Ports action 0.0 comment Starting Script: Loading the AP List file and saving it to the AP_LIST Variable action 1.0 comment Load the CSV file and store it in AP_LIST action 2.0 comment Iterate through the entire list of APs and enable the ports only on the supported RLAN APs action 2.1 comment Get the model of the current AP action 2.2.1 regexp "1810W" "$_cli_result" action 2.2.1.2 set supports_RLAN 1 action 2.2.2 regexp "OEAP1810" "$_cli_result" action 2.2.3 regexp "1815T" "$_cli_result" action 2.2.4 regexp "1815W" "$_cli_result" action 2.2.5 regexp "702W" "$_cli_result" action 2.3 comment Checks if supports_RLAN was set to 1. If not, the AP will be skipped. action 2.4 comment AP supports RLAN so the ports will be enabled. action 2.4.1 comment Enable Port 1 action 2.4.2 comment Enable Port 2 action 2.4.3 comment Disable Port 3 action 2.5 end action 3.0 comment Close the Files |
Disabling Applet:
event manager applet disable_LAN_Ports action 1.0 comment Load the CSV file and store it in AP_LIST action 2.0 comment Iterate through the entire list of APs and disable the ports only on the supported RLAN APs action 2.1 comment Get the model of the current AP action 2.2.2 regexp "OEAP1810" "$_cli_result" action 2.2.3 regexp "1815T" "$_cli_result" action 2.2.4 regexp "1815W" "$_cli_result" action 2.2.5 regexp "702W" "$_cli_result" action 2.3 comment Checks if supports_RLAN was set to 1. If not, the AP will be skipped. action 2.4 comment AP supports RLAN so the ports will be disabled. action 2.4.1 comment Disable Port 1 action 2.4.2 comment Disable Port 2 action 2.4.3 comment Disable Port 3 action 2.5 end |
Applet Breakdown:
The applet will log the current AP and which port was enabled and disabled. This can be seen within syslog and will appear like the example below.
Mar 5 18:02:27.280: %HA_EM-6-LOG: enable_LAN_Port: Enabling Ports on AP Mar 5 18:02:27.717: %HA_EM-6-LOG: enable_LAN_Port: Enabled Port 1 on AP006C.BCBA.06D8 Mar 5 18:02:27.827: %HA_EM-6-LOG: enable_LAN_Port: Enabled Port 2 on AP006C.BCBA.06D8 Mar 5 18:02:27.938: %HA_EM-6-LOG: enable_LAN_Port: Enabled Port 3 on AP006C.BCBA.06D8 Mar 5 18:02:28.259: %HA_EM-6-LOG: enable_LAN_Port: Enabled Port 1 on AP00A2.891C.1678 Mar 5 18:02:28.370: %HA_EM-6-LOG: enable_LAN_Port: Enabled Port 2 on AP00A2.891C.1678 Mar 5 18:02:28.481: %HA_EM-6-LOG: enable_LAN_Port: Enabled Port 3 on AP00A2.891C.1678 |
Here are some important tidbits missing from this documentation.
This applet can only enable 100 ports in a single run (33 hospitality APs plus 1 port). If you have more than 33 APs you need separate CSV files for each group of 33 APs to run the applet against.
The CSV file should be named "AP_List_Fixed.csv" and yes it is case sensitive, unless you want to modify the applet code and change the input file name. The screenshot shows "AP_List.csv" which does not match the applet code that is published.
Also missing from the document are the commands to execute the applets which are:
event manager run verify_AP_List_file
event manager run enable_LAN_Ports
event manager run disable_LAN_Ports
I hope someone finds this information is helpful.