Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1037
Views
0
Helpful
7
Replies

ap 2802i and remote WLC 3504

kapydan88
Level 4
Level 4

‎05-04-2020 08:26 AM - edited ‎07-05-2021 12:01 PM

Hello for everybody.

 

What is best way to register a certain number of these access points located on a remote site on a controller located in the main DC. 

To paraphrase a little, there is a site where there is no wifi. Completely new access points of the specified model 2802i were sent to this site and now they need to be registered on the controller - how can I do this correctly? Maybe i need to create dhcp pool for these ap with option 66 or not?

0 Helpful
7 Replies 7

patoberli
VIP Alumni
VIP Alumni

‎05-04-2020 08:48 AM

That depends on how your remote site is connected to main site.
First of all you need to have the CAPWAP ports open from/to the WLC.
Then there is the DHCP or also DNS option, with which you can tell the APs where to find the WLC. Please note, you should not have the CAPWAP ports open to the internet! Only do that if you have a VPN between the sites.

Then the next question is bandwidth. In the default deployment, the APs will forward all traffic to the WLC over that connection and latency must be low. So if the APs are far away or the network has no redundancy, have a read into Flexconnect local switching.
0 Helpful

kapydan88
Level 4
Level 4
In response to patoberli

‎05-04-2020 09:16 AM

"First of all you need to have the CAPWAP ports open from/to the WLC" - do you mean udp 5246, 5247 between site with these access points and main DC or between ap and wlc? 

If we are talking about udp ports, they must be accessible. There is a gre tunnel between this site and the main DC. In addition, access points from some remote sites are already registered on this WLC.

 

"Then there is the DHCP or also DNS option, with which you can tell the APs where to find the WLC" - if i understood correctly i need to add option 66 for this dhcp pool on cisco router 2921

 

interface GigabitEthernet0/0.19
description mgmt_ap
encapsulation dot1Q 19
ip address 10.192.19.1 255.255.255.0

option 66 ip <ip of remote wlc>

end

 

But about DNS option - this moment isnt clear...

 

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to kapydan88

‎05-04-2020 03:38 PM

You can use any of the discovery methods. I think you are talking about dhcp option 43 and of course dns. These are documented pretty well and shouldn’t be an issue. There is also another way that I use which utilizes ip helper and the ip forward protocol command.
-Scott
*** Please rate helpful posts ***
0 Helpful

kapydan88
Level 4
Level 4
In response to Scott Fella

‎05-05-2020 02:41 AM

"There is also another way that I use which utilizes ip helper and the ip forward protocol command."

 

In this particular case i need to add ip helper in to L3 interface for ap management

 

Msk_c2921#sh run int gi0/0.19
Building configuration...

Current configuration : 132 bytes
!
interface GigabitEthernet0/0.19
description mgmt_ap
encapsulation dot1Q 19
ip address 10.192.19.1 255.255.255.0
ip helper-address <ip_of_WLC>
end

 

And "ip forward protocol" command (but i can see, that part of this command is currently configured ip forward-protocol nd).

 

Msk_c2921#sh run | i forw
ip forward-protocol nd
Msk_c2921#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Msk_c2921(config)#ip for
Msk_c2921(config)#ip forward-protocol ?
nd Sun's Network Disk protocol
sdns Network Security Protocol
spanning-tree Use transparent bridging to flood UDP broadcasts
turbo-flood Fast flooding of UDP broadcasts
udp Packets to a specific UDP port

Msk_c2921(config)#ip forward-protocol ud
Msk_c2921(config)#ip forward-protocol udp ?
<0-65535> Port number
biff Biff (mail notification, comsat, 512)
bootpc Bootstrap Protocol (BOOTP) client (68)
bootps Bootstrap Protocol (BOOTP) server (67)
discard Discard (9)
dnsix DNSIX security protocol auditing (195)
domain Domain Name Service (DNS, 53)
echo Echo (7)
isakmp Internet Security Association and Key Management Protocol (500)
mobile-ip Mobile IP registration (434)
nameserver IEN116 name service (obsolete, 42)
netbios-dgm NetBios datagram service (138)
netbios-ns NetBios name service (137)
netbios-ss NetBios session service (139)
non500-isakmp Internet Security Association and Key Management Protocol (4500)
ntp Network Time Protocol (123)
pim-auto-rp PIM Auto-RP (496)
rip Routing Information Protocol (router, in.routed, 520)
snmp Simple Network Management Protocol (161)
snmptrap SNMP Traps (162)
sunrpc Sun Remote Procedure Call (111)
syslog System Logger (514)
tacacs TAC Access Control System (49)
talk Talk (517)
tftp Trivial File Transfer Protocol (69)
time Time (37)
who Who service (rwho, 513)
xdmcp X Display Manager Control Protocol (177)
<cr>

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to kapydan88

‎05-04-2020 11:59 PM

DHCP option is 43:
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html
Not sure if option 66 is also valid, have never seen that in use.
0 Helpful

kapydan88
Level 4
Level 4
In response to patoberli

‎05-05-2020 02:07 AM

Yes, i know about this feature - option 43. But, i thought its valid only for old ap series, like 1100/1130/1140 and 1200/1260.

 

Part from working config:

ip dhcp pool ap_mgmt
network 172.16.20.0 255.255.255.0
default-router 172.16.20.254
dns-server 10.5.4.4 10.5.4.22  
option 43 hex f104.ac10.10aa
domain-name xyz.ru
option 60 ascii "Cisco AP c1130"
lease 7

 

 

 

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to kapydan88

‎05-05-2020 02:38 AM

You don't need the option 60 normally. Option 43 works for every model of Cisco AP.


0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card