Cisco | Convert Access Point C9115AXI from Leighweigh to Embedded Wireless Controller Mode
1. Download Sofware:
https://software.cisco.com/download/home/286322352/type/286323077/release/17.12.3?i=!pp
2.Step-2
#capwap ap hostname 0xAP1
0xAP1# capwap ap ip 192.168.254.254 255.255.255.0 192.168.254.1
(Noted: image yg sdh di extract tarok do folder tftp latop, dgn folder image c9800)
#sh version
#ap-type mobility-express tftp://192.168.254.2/c9800/ap1g7 tftp://192.168.254.2/C9800-AP-iosxe-wlc.bin
--------OR---------
#ap-type ewc-ap tftp://192.168.254.2/ap1g7 tftp://192.168.254.2/C9800-AP-iosxe-wlc.bin
Upgrading ...
reboot..
Would you like to enter the initial configuration dialog? [yes/no]: no
#sh version
----------FINISH, THEN NEXT CONFIG --------
====Configure the EWC IP address=====
interface Giga 0
ip add 192.168.254.254 255.255.255.0
no shut
ip default-gateway 192.168.254.1
!
ip http server
ip http secure-server
end
!
========Configure the Hostname======
0xc9800(config)#hostname 0xc9800
=======Create the administrative user=========
0xc9800(config)#username admin1 privilege 15 secret cisco1
========Configure the AP Profile==========
0xc9800(config)#ap profile default-ap-profile
0xc9800(config-ap-profile)#mgmtuser username admin password 0 Cisco123 secret 0 Cisco123
exit
====Add a simple PSK WLAN=========
0xc9800(config)#wlan WLAN_SATU 2 SSID_SATU
0xc9800(config-wlan)#NO SECurity wpa akm dot1x
0xc9800(config-wlan)#security wpa psk set-key ascii 0 Test1234
0xc9800(config-wlan)#security wpa akm psk
0xc9800(config-wlan)#no shu
0xc9800(config-wlan)#ex
===Configure the Wireless Profile Policy=====
0xc9800(config)#wireless profile policy PROFILE_SATU
0xc9800(config-wireless-policy)#no central association
0xc9800(config-wireless-policy)#no central dhcp
0xc9800(config-wireless-policy)#no central switching
0xc9800(config-wireless-policy)#http-tlv-caching
0xc9800(config-wireless-policy)#session-timeout 86400
0xc9800(config-wireless-policy)#no shut
0xc9800(config)#exit
=========Add the Default Policy Tag======
0xc9800(config)#wireless tag policy default-policy-tag
0xc9800(config-policy-tag)#wlan WLAN_SATU policy PROFILE_SATU
0xc9800(config-policy-tag)#exit
0xc9800(config)#
====Enable password encryption=======
0xc9800(config)#service password-encryption
0xc9800(config)#password encryption aes
0xc9800(config)#key config-key newpass Test1234
Switch Configuration
https://software.cisco.com/download/home/286322352/type/286323077/release/17.12.3?i=!pp
2.Step-2
#capwap ap hostname 0xAP1
0xAP1# capwap ap ip 192.168.254.254 255.255.255.0 192.168.254.1
(Noted: image yg sdh di extract tarok do folder tftp latop, dgn folder image c9800)
#sh version
#ap-type mobility-express tftp://192.168.254.2/c9800/ap1g7 tftp://192.168.254.2/C9800-AP-iosxe-wlc.bin
--------OR---------
#ap-type ewc-ap tftp://192.168.254.2/ap1g7 tftp://192.168.254.2/C9800-AP-iosxe-wlc.bin
Upgrading ...
reboot..
Would you like to enter the initial configuration dialog? [yes/no]: no
#sh version
----------FINISH, THEN NEXT CONFIG --------
====Configure the EWC IP address=====
interface Giga 0
ip add 192.168.254.254 255.255.255.0
no shut
ip default-gateway 192.168.254.1
!
ip http server
ip http secure-server
end
!
========Configure the Hostname======
0xc9800(config)#hostname 0xc9800
=======Create the administrative user=========
0xc9800(config)#username admin1 privilege 15 secret cisco1
========Configure the AP Profile==========
0xc9800(config)#ap profile default-ap-profile
0xc9800(config-ap-profile)#mgmtuser username admin password 0 Cisco123 secret 0 Cisco123
exit
====Add a simple PSK WLAN=========
0xc9800(config)#wlan WLAN_SATU 2 SSID_SATU
0xc9800(config-wlan)#NO SECurity wpa akm dot1x
0xc9800(config-wlan)#security wpa psk set-key ascii 0 Test1234
0xc9800(config-wlan)#security wpa akm psk
0xc9800(config-wlan)#no shu
0xc9800(config-wlan)#ex
===Configure the Wireless Profile Policy=====
0xc9800(config)#wireless profile policy PROFILE_SATU
0xc9800(config-wireless-policy)#no central association
0xc9800(config-wireless-policy)#no central dhcp
0xc9800(config-wireless-policy)#no central switching
0xc9800(config-wireless-policy)#http-tlv-caching
0xc9800(config-wireless-policy)#session-timeout 86400
0xc9800(config-wireless-policy)#no shut
0xc9800(config)#exit
=========Add the Default Policy Tag======
0xc9800(config)#wireless tag policy default-policy-tag
0xc9800(config-policy-tag)#wlan WLAN_SATU policy PROFILE_SATU
0xc9800(config-policy-tag)#exit
0xc9800(config)#
====Enable password encryption=======
0xc9800(config)#service password-encryption
0xc9800(config)#password encryption aes
0xc9800(config)#key config-key newpass Test1234
Switch Configuration
The port where the EWC AP is connected to must be a trunk port with the native VLAN that of the management VLAN. Example switch configuration:
configure terminal
interface gigabitEthernet 1/0/1
switchport trunk allowed vlan 10,20,30
switchport trunk native vlan 10
exit
interface Vlan 10
descr "Mgmt WIFI"
ip address 192.168.254.1 255.255.255.0
exit
interface Vlan 20
descr "Guest"
ip address 192.168.210.1 255.255.255.0
exit
interface Vlan 30
descr "Employe"
ip address 192.168.230.1 255.255.255.0
exit
vlan 10
exi
vlan 20
exit
vlan 30
----------
Unlike a 9800 controller, the EWC flash memory does not have enough space to store all AP images. All the AP images need to be hosted on an external TFTP or SFTP server. When a second AP tries to join, the EWC points it to the external server. Without these commands, no other AP is able to join it:
EWC(config)#wireless profile image-download default
EWC(config-wireless-image-download-profile)#image-download-mode tftp
EWC(config-wireless-image-download-profile-tftp)#tftp-image-server 192.168.254.2
EWC(config-wireless-image-download-profile-tftp)#tftp-image-path /
EWC#write memory
Building configuration...
[OK]
--
Access the AP Console From the EWC (former apciscoshell).
When the console cable is plugged into the AP that runs the EWC image, an EWC prompt is shown by default. If, for any reason, access to the underlying AP shell is required, it can be completed with this command:
EWC#wireless ewc-ap ap shell username admin
admin@192.168.129.1's password: Cisco123
--
Factory Reset from the EWC CLI
In order to reset the EWC back to factory defaults you can use this command from the EWC CLI prompt:
EWC#wireless ewc-ap factory-reset
-------------
Convert EWC Back To Lightweight CAPWAP Mode
If the AP running in EWC mode needs to be converted back to lightweight CAPWAP mode, it can be done via:
AP1# ap-type capwap
AP is the Master AP, system will need a reboot when ap type is changed to CAPWAP
. Do you want to proceed? (y/N) y====================================================
Refrensi Link:
https://www.cisco.com/c/en/us/products/collateral/wireless/embedded-wireless-controller-catalyst-access-points/white-paper-c11-743398.html
Cisco Nexus Verification:
https://www.cisco.com/en/US/docs/switches/datacenter/sw/4_2/nx-os/system_management/command/reference/sm_cmd_show.html
Refrensi Link:
https://www.cisco.com/c/en/us/products/collateral/wireless/embedded-wireless-controller-catalyst-access-points/white-paper-c11-743398.html
Cisco Nexus Verification:
https://www.cisco.com/en/US/docs/switches/datacenter/sw/4_2/nx-os/system_management/command/reference/sm_cmd_show.html
Posting Komentar untuk "Cisco | Convert Access Point C9115AXI from Leighweigh to Embedded Wireless Controller Mode"