cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1654
Views
10
Helpful
5
Replies

Different gateway for ap config

Leftz
Level 4
Level 4

Hi C9130 is configured to join wlc 9800. Both devices are connected to core switch via same vlan. The ap ip address is 10.1.1.10 and the wlc AP-mgmt ip address 10.1.1.2. and the switch ip is 10.1.1.1. When we configure ap, there is two commands that we need to enter. Please see below. The first one's default is pointing at core switch. The second one is pointing at wlc. Both default gateway can work. The question is there is any difference effect between both gateway? Thanks

capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.1

capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.2

3 Accepted Solutions

Accepted Solutions

balaji.bandi
Hall of Fame
Hall of Fame

capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.1  - this is for AP IP config,.

if you like to AP register with WLC you need to use below command :

capwap ap controller ip address <IP Address>

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Arshad Safrulla
VIP Alumni
VIP Alumni

Hi,

Cisco recommendation is to have both WMI of WLC and AP management in 2 different VLANs. 

"It is a best practice to place the Access Points in a different VLAN than the Wireless Management Interface (WMI) one, and this is usually the case in any production deployment. If for staging or testing purposes you need to configure the APs in the same VLAN as the WMI, it is recommended to limit the number of APs to a number less than 100." 

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#:~:text=APs%20and%20Wireless%20Management%20Interface%20VLAN

Regarding the gateway for the WLC, assuming Inter-VLAN routing is enabled on the Core Switch just defining the Core switch gateway should suffice even if the AP management is another VLAN, in your case anything will work as the AP and WMI is in the same broadcast domain (VLAN), but if you only add the gateway as your WLC WMI then if you try to SSH the AP from another VLAN it will not work (Still you will be able to SSH from the same VLAN, but not from others), I personally prefer to use DHCP for AP management.

 

View solution in original post

Rich R
VIP
VIP

Just adding my bit to the the others:
capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.1
- This is technically correct because .1 is your default gateway for the subnet
capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.2
- This will simply overwrite the first line and is technically wrong because .2 is NOT your default gateway for the subnet!

@balaji.bandi has given the command for statically configuring the WLC on the AP

@Arshad Safrulla has explained how you should really be doing this and how it would be done in a production network.  Agreed you should rather use DHCP and then you can use option 43 (which also allows you to specify backup WLCs).  Refer to https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html#anc5 and https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ap_connectivity_to_cisco_wlc.html#discover-and-join-controllers for the possible methods for an AP to discover the WLC.

As Arshad says it wouldn't matter what you configure (.1 or .2) in this case because your WLC and AP are in the same subnet so the AP will discover the WLC by broadcast on the subnet but if it needs to route out of that subnet then having the wrong gateway configured will cause you problems.

Option 43: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html

View solution in original post

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.1  - this is for AP IP config,.

if you like to AP register with WLC you need to use below command :

capwap ap controller ip address <IP Address>

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Arshad Safrulla
VIP Alumni
VIP Alumni

Hi,

Cisco recommendation is to have both WMI of WLC and AP management in 2 different VLANs. 

"It is a best practice to place the Access Points in a different VLAN than the Wireless Management Interface (WMI) one, and this is usually the case in any production deployment. If for staging or testing purposes you need to configure the APs in the same VLAN as the WMI, it is recommended to limit the number of APs to a number less than 100." 

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#:~:text=APs%20and%20Wireless%20Management%20Interface%20VLAN

Regarding the gateway for the WLC, assuming Inter-VLAN routing is enabled on the Core Switch just defining the Core switch gateway should suffice even if the AP management is another VLAN, in your case anything will work as the AP and WMI is in the same broadcast domain (VLAN), but if you only add the gateway as your WLC WMI then if you try to SSH the AP from another VLAN it will not work (Still you will be able to SSH from the same VLAN, but not from others), I personally prefer to use DHCP for AP management.

 

Rich R
VIP
VIP

Just adding my bit to the the others:
capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.1
- This is technically correct because .1 is your default gateway for the subnet
capwap ap ip 10.1.1.10 255.255.255.0 10.1.1.2
- This will simply overwrite the first line and is technically wrong because .2 is NOT your default gateway for the subnet!

@balaji.bandi has given the command for statically configuring the WLC on the AP

@Arshad Safrulla has explained how you should really be doing this and how it would be done in a production network.  Agreed you should rather use DHCP and then you can use option 43 (which also allows you to specify backup WLCs).  Refer to https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html#anc5 and https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ap_connectivity_to_cisco_wlc.html#discover-and-join-controllers for the possible methods for an AP to discover the WLC.

As Arshad says it wouldn't matter what you configure (.1 or .2) in this case because your WLC and AP are in the same subnet so the AP will discover the WLC by broadcast on the subnet but if it needs to route out of that subnet then having the wrong gateway configured will cause you problems.

Option 43: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html

Gaurav  Kansal
Level 1
Level 1

Hello

One for your gateway another use for to join the controller.But you are using your AP and WLC in same subnet.If WLC in another subnet on network than you must identify the gateway in this command only rather than putting WLC ip as a gateway in IP config command on AP.

Good luck

 

Leftz
Level 4
Level 4

Thanks all

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: