Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
806
Views
5
Helpful
1
Replies

Associate AP 3702 with WLC 9800

Go to solution
dawnccier
Level 1
Level 1

‎09-24-2021 10:52 PM

*Network Environment

APAironet 3702

WLC Catalyst 9800

Version16.12.4a

 

*Scenario1.

AP&WLCSame building but different subnet

AP ModeLocal Mode

AP MGT Vlan10

User Vlan10

 

Q1. What is the switchport mode should be set at the PoE switch which connected to APTrunk or accessHow about if user vlan is 20

Q2. How to configure the AP MGT Vlan and User Vlan at C9800 profile separately by GUI

Q3. Is it necessary that configure dhcp relay for User Vlan at WLC when user get IP from external DHCP serverIf yesHow to do it

Q4.Should all of central switchingcentral associationcentral dhcpcentral authentication keep enable

Q5.Is it necessary that create vlan 10 and the SVI vlan 10 at WLC

Q6. Is it necessary that configure trunk allowed vlan 10 at the L3 port which connected to WLC

 

 

*Scenario2.

AP&WLCSame building but different subnet

AP ModeFlex Mode

AP MGT Vlan10

User Vlan10

 

Q1. What is the switchport mode should be set at the PoE switch which connected to APTrunk or accessHow about if user vlan is 20

Q2. How to configure the AP MGT Vlan and User Vlan at C9800 profile separately by GUI

Q3. Is it necessary that configure dhcp relay for User Vlan at WLC when user get IP from external DHCP serverIf yesHow to do it

Q4.Should all of central switchingcentral associationcentral dhcpcentral authentication keep enable

Q5.Is it necessary that create vlan 10 and SVI vlan 10 at WLC

Q6. Is it necessary that configure trunk allowed vlan 10 at the L3 port which connected to WLC

 

 

 

 

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arshad Safrulla
VIP Alumni
VIP Alumni

‎09-25-2021 06:01 AM

1.

Local Mode - Access Port with AP management VLAN

Flex Mode - Trunk port with Wireless VLAN's allowed, Native VLAN as AP management VLAN.

2.

To set the AP Management 

Create a VLAN, then create SVI || Configuration>>Layer 2>>VLAN

Set the Dynamic AP manager interface || Configuration>>Interface>>Wireless

To set the User VLAN in Local Mode

Configuration>>Tags & Profiles>>Policy profile>>Access Policies>>VLAN

To set the User VLAN in Flexconnect mode

Configuration>>Tags & Profiles>>Flex profile>>VLAN

3. 

Local Mode - DHCP relay configuration in WLC is not required. Just allow the VLAN over the trunk connected to WLC and configure the DHCP relay or the ip helper address in the Layer 3 SVI upstream switch/firewall/router.

Flex Mode - Since traffic is locally switched, you must configure any DHCP parameters in your existing switch/firewall/router where Layer 3 interface for that VLAN is configured.

Local Modecentral switching, central association, central dhcp, central authentication must be enabled.

Flex Mode - no central association, no central dhcp, no central switching only central authentication can be enabled. (depending on requirements you can disable central auth as well)

5.

In both Flex and Local mode it is mandatory to configure a Layer 2 VLAN mapped to the SSID, but the corresponding Layer 3 interface (SVI) is optional, unless you need the multicast DNS (mDNS) feature or DHCP relay functionality. 

6. 

Local Mode - Yes

Flex Mode- No, Allow only AP management VLAN.

 

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

View solution in original post

1 Reply 1

Go to solution
Arshad Safrulla
VIP Alumni
VIP Alumni

‎09-25-2021 06:01 AM

1.

Local Mode - Access Port with AP management VLAN

Flex Mode - Trunk port with Wireless VLAN's allowed, Native VLAN as AP management VLAN.

2.

To set the AP Management 

Create a VLAN, then create SVI || Configuration>>Layer 2>>VLAN

Set the Dynamic AP manager interface || Configuration>>Interface>>Wireless

To set the User VLAN in Local Mode

Configuration>>Tags & Profiles>>Policy profile>>Access Policies>>VLAN

To set the User VLAN in Flexconnect mode

Configuration>>Tags & Profiles>>Flex profile>>VLAN

3. 

Local Mode - DHCP relay configuration in WLC is not required. Just allow the VLAN over the trunk connected to WLC and configure the DHCP relay or the ip helper address in the Layer 3 SVI upstream switch/firewall/router.

Flex Mode - Since traffic is locally switched, you must configure any DHCP parameters in your existing switch/firewall/router where Layer 3 interface for that VLAN is configured.

Local Modecentral switching, central association, central dhcp, central authentication must be enabled.

Flex Mode - no central association, no central dhcp, no central switching only central authentication can be enabled. (depending on requirements you can disable central auth as well)

5.

In both Flex and Local mode it is mandatory to configure a Layer 2 VLAN mapped to the SSID, but the corresponding Layer 3 interface (SVI) is optional, unless you need the multicast DNS (mDNS) feature or DHCP relay functionality. 

6. 

Local Mode - Yes

Flex Mode- No, Allow only AP management VLAN.

 

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card