How to make the Cisco Access Points work with Hosted EVE-NG on Cloudmylab platform
The purpose of this document is to help cloudmylab Customers and partners to set up a base Cisco Wireless Lab
Pre-Requisites
- WLC version 8.5.X
- AP version 15.3.3 JF 1 or higher
- AP 3502i
Refer to the WLC version Release notes for Supported Access Points
Topology
Pre-configuration on CML
Device type | IP address |
Transit Router for the topology ( IOSv or CSR1000v | 172.16.14.141 |
WLC | Any Ip in Range 172.16.14.142-172.16.14.150 |
DHCP Server | 172.16.14.3 |
Do not use any other IP for the router. Else the locally routed subnets won't be reachable
Locally Routed Subnet for Wireless | 10.1.100.0/24 |
Locally routed Subnet Gateway on Transit Router | 10.1.100.1 |
Router Base config
hostname transit-router
!
ip dhcp excluded-address 10.1.100.1 10.1.100.2
!
ip dhcp pool WIRE
network 10.1.100.0 255.255.255.0
default-router 10.1.100.1
dns-server 8.8.8.8
option 43 hex f104.ac10.0e8d (Considering the WLC IP is 172.16.14.141)
!
interface GigabitEthernet0/0
IP address 10.1.100.1 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
ip address 172.16.14.142 255.255.255.0 (Please make sure that you use this IP for the
Router interface connected to CLOUD1)
duplex auto
speed auto
media-type rj45
!
ip route 0.0.0.0 0.0.0.0 172.16.14.1
We do not route the 10.1.100.0/24 subnet to any other IP.
Option 43 Hex Calculator: https://shimi.net/services/opt43/
Switch Base config
interface Vlan1
ip address 10.1.100.2 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.1.100.1
AP visibility check
Switch#show cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
transit-router Gig 0/2 129 R B Gig 0/0
AP588d.0995.2df3 Gig 0/1 162 T B I AIR-CAP35 Gig 0
Total cdp entries displayed : 2
WLC base configuration
System Name [Cisco_06:00:01] (31 characters max) |
POD16XX |
Enter Administrative User Name (24 characters max) |
admin |
Enter Administrative Password (3 to 24 characters) |
Cisco123 |
Re-enter Administrative Password |
Cisco123 |
Service Interface IP Address Configuration [static][DHCP] |
DHCP |
Management Interface IP Address |
172.16.14.141 |
Management Interface Netmask |
255.255.255.0 |
Management Interface Default Router |
172.16.14.1 |
Management Interface VLAN Identifier (0 = untagged) |
0 |
Management Interface Port Num [1 to 1] |
1 |
Management Interface DHCP Server IP Address |
172.16.14.3 |
Virtual Gateway IP Address |
192.0.2.1 |
Mobility/RF Group Name |
POD1685 |
Network Name (SSID) |
POD1685 |
Configure DHCP Bridging Mode [yes][NO] |
no |
Allow Static IP Addresses [YES][no] |
yes |
Configure a RADIUS Server now? [YES][no] |
no |
Enter Country Code list (enter 'help' for a list of countries) [US] |
US |
Enable 802.11b Network [YES][no] |
yes |
Enable 802.11a Network [YES][no] |
yes |
Enable 802.11g Network [YES][no] |
yes |
Enable Auto-RF [YES][no] |
yes |
Configure a NTP server now? [YES][no] |
no |
Configure the system time now? [YES][no] |
no |
Would you like to configure IPv6 parameters[YES][no] |
no |
Configuration correct? If yes, system will save it and reset. [yes][NO] |
yes |
Additional WLC Configuration: DNS
config network dns serverip 208.67.222.222
This configuration is needed for reaching the NTP Server
Additional WLC Configuration: NTP
config time ntp server 1 pool.ntp.org
(Cisco Controller) >show time
Time............................................. Wed Apr 6 08:53:50 2022
Timezone delta................................... 0:0
Timezone location................................
NTP Servers
NTP Version.................................. 3
NTP Polling Interval......................... 600
Index NTP Key Index NTP Server Status NTP Msg Auth Status
------- ---------------------------------------------------------------------
1 0 pool.ntp.org In Sync AUTH DISABLED
Additional WLC Configuration: SSC Validation Disable, and MIC disable
config certificate ssc hash validation disable
config ap cert-expiry-ignore mic enable
Additional WLC Configuration: Eval License Enable
Cisco Controller) >license activate ap-count eval
Feature Name : ap-count
Right to Use
Enabling additional access points supported by this controller product may require the
purchase of supplemental or "adder" licenses. You may remove supplemental licenses
from one controller and transfer to another controller in the same product family.
NOTE: licenses embedded in the controller at time of shipment are not transferrable.
By clicking "I AGREE" (or "I ACCEPT") below, you warrant and represent that you have
purchased sufficient supplemental licenses for the access points to be enabled.
All supplemental licenses are subject to the terms and conditions of the Cisco end user
license agreement
(http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html), together with
any applicable supplemental end user license agreements, or SEULA's.
Pursuant to such terms, Cisco is entitled to confirm that your access point enablement
is properly licensed.
If you do not agree with any of the above, do not proceed further and
--More-- or (q)uit
CLICK "DECLINE" below.
ACCEPT? [y/n]: y
Successfully activated the license
Save your config
(Cisco Controller) >save config
Are you sure you want to save? (y/n) y
AP base config
AP588d.0995.2df3#debug capwap console cli
This command is meant only for debugging/troubleshooting
Any configuration change may result in different
behavior from centralized configuration.
CAPWAP console CLI allow/disallow debugging is on
AP588d.0995.2df3#clear capwap private-config
AP588d.0995.2df3#reload
Proceed with reload? [confirm]
At this point in time post reload, AP will go through the motions of upgrade, downloading configurations etc., please be patient.
Final Verification for AP joining the WLC
Cisco Controller) >show ap summary
Number of APs.................................... 1
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC
------------------------------ ----- -------------------- -----------------
AP588d.0995.2df3 2 AIR-CAP3502I-A-K9 58:8d:09:95:2d:f3
Location Country IP Address Clients DSE Location
-------------------- ---------- --------------- ------- --------------
default location 10.1.100.59 0 [0 ,0 ,0 ]
Documentation Reference and Troubleshooting
https://community.cisco.com/t5/wireless/ap-air-sap1602e-couldn-t-join-the-controller/td-p/3740055
https://community.cisco.com/t5/wireless/cannot-join-ap-with-controller/td-p/3178637
https://support.cloudmylab.com/portal/en/kb/articles/ap-not-registering-to-vwlc