How to make the Cisco Access Points work with Hosted EVE-NG on Cloudmylab platform

How to make the Cisco Access Points work with Hosted EVE-NG on Cloudmylab platform




The purpose of this document is to help cloudmylab Customers and partners to set up a base Cisco Wireless Lab



1.       WLC version 8.5.X

2.       AP version 15.3.3 JF 1 or higher

3.       AP 3502i


Refer to the WLC version Release notes for Supported Access Points




Pre-configuration on CML


Device type

IP address

Transit Router for the topology ( IOSv or CSR1000v


Any Ip in Range

DHCP Server


ยท         Do not use any other IP for the router. Else the locally routed subnets won't be reachable

Locally Routed Subnet for Wireless

Locally routed Subnet Gateway on Transit Router


Router Base config

hostname transit-router


ip dhcp excluded-address


ip dhcp pool WIRE




 option 43 hex f104.ac10.0e8d (Considering the WLC IP is


interface GigabitEthernet0/0

 IP address

 duplex auto

 speed auto

 media-type rj45


interface GigabitEthernet0/1

 ip address (Please make sure that you use this IP for the Router interface connected to CLOUD1)

  duplex auto

 speed auto

 media-type rj45


ip route

** We do not route the subnet to any other IP.

Option 43 Hex Calculator:

Switch Base config

interface Vlan1

 ip address


ip route


AP visibility check

Switch#show cdp nei

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,

                  D - Remote, C - CVTA, M - Two-port Mac Relay


Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID

transit-router   Gig 0/2           129              R B             Gig 0/0

AP588d.0995.2df3 Gig 0/1           162             T B I  AIR-CAP35 Gig 0


Total cdp entries displayed : 2



WLC base configuration

System Name [Cisco_06:00:01] (31 characters max)


Enter Administrative User Name (24 characters max)


Enter Administrative Password (3 to 24 characters)


Re-enter Administrative Password                


Service Interface IP Address Configuration [static][DHCP]


Management Interface IP Address

Management Interface Netmask

Management Interface Default Router

Management Interface VLAN Identifier (0 = untagged)


Management Interface Port Num [1 to 1]


Management Interface DHCP Server IP Address

Virtual Gateway IP Address

Mobility/RF Group Name


Network Name (SSID)


Configure DHCP Bridging Mode [yes][NO]


Allow Static IP Addresses [YES][no]


Configure a RADIUS Server now? [YES][no]


Enter Country Code list (enter 'help' for a list of countries) [US]


Enable 802.11b Network [YES][no]


Enable 802.11a Network [YES][no]


Enable 802.11g Network [YES][no]


Enable Auto-RF [YES][no]


Configure a NTP server now? [YES][no]


Configure the system time now? [YES][no]


Would you like to configure IPv6 parameters[YES][no]


Configuration correct? If yes, system will save it and reset. [yes][NO]



Additional WLC Configuration: DNS

config network dns serverip


This configuration is needed for reaching the NTP Server


Additional WLC Configuration: NTP

config time ntp server 1


(Cisco Controller) >show time


Time............................................. Wed Apr  6 08:53:50 2022


Timezone delta................................... 0:0

Timezone location................................


NTP Servers

    NTP Version..................................     3

    NTP Polling Interval.........................     600


     Index     NTP Key Index                  NTP Server                Status          NTP Msg Auth Status

    -------  ---------------------------------------------------------------------

       1              0                           In Sync              AUTH DISABLED


Additional WLC Configuration: SSC Validation Disable, and MIC disable

config certificate ssc hash validation disable

config ap cert-expiry-ignore mic enable



Additional WLC Configuration: Eval License Enable

Cisco Controller) >license activate ap-count eval


                Feature Name : ap-count


        Right to Use


        Enabling additional access points supported by this controller product may require the

        purchase  of  supplemental or "adder" licenses. You  may remove supplemental licenses

        from  one  controller and  transfer to  another  controller in the same product family.

        NOTE: licenses embedded in the controller at time of shipment are not transferrable.


        By clicking  "I AGREE"  (or "I ACCEPT") below, you warrant and represent that you have

        purchased sufficient supplemental licenses for the access points to be enabled.


        All supplemental licenses are subject to the terms and conditions of the Cisco end user

        license agreement

        (,  together with

        any applicable supplemental end user license agreements, or SEULA's.


        Pursuant  to such terms, Cisco is entitled to confirm that your access point enablement

        is properly licensed.


        If you do not agree with any of the above, do not proceed further and


--More-- or (q)uit

        CLICK "DECLINE" below.


ACCEPT? [y/n]: y



Successfully activated the license



Save your config

(Cisco Controller) >save config


Are you sure you want to save? (y/n) y


AP base config

AP588d.0995.2df3#debug capwap console cli

This command is meant only for debugging/troubleshooting

Any configuration change may result in different

behavior from centralized configuration.


CAPWAP console CLI allow/disallow debugging is on

AP588d.0995.2df3#clear capwap private-config


Proceed with reload? [confirm]


At this point in time post reload, AP will go through the motions of upgrade, downloading configurations etc., please be patient.


Final Verification for AP joining the WLC

Cisco Controller) >show ap summary


Number of APs.................................... 1


Global AP User Name.............................. Not Configured

Global AP Dot1x User Name........................ Not Configured


AP Name                         Slots  AP Model              Ethernet MAC       Location              Country     IP Address       Clients  DSE Location 

------------------------------  -----  --------------------  -----------------  --------------------  ----------  ---------------  -------  --------------

AP588d.0995.2df3                2      AIR-CAP3502I-A-K9      58:8d:09:95:2d:f3  default location              0        [0 ,0 ,0 ]


Documentation Reference and Troubleshooting


    • Related Articles

    • Do you provide IOU/IOL for EVE-NG Hosted Service?

      No. However, if you have the image, you can upload it yourself after you sign Liability Waiver form
    • AP not registering to vWLC

      %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: X.X.X103 peer_port: 5246 %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to X.X.X103:5246 %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to X.X.X103:5246 ...

      If you have your own licenses but do not have the hardware resources to setup a Cisco VIRL lab. Cloudmylab can provide you a VIRL environment that you can customize and use your own licenses. You get access to Start/Stop the virtual machine hosting ...
    • EVE-NG Professional Subscription Access Guide

      Hello Cloudmylab Family Member You must have received the access details by now, so let's get you Started Getting Access to the Pod There are two methods you can get access to the access detail as mentioned below. You can alternatively log in to your ...
    • EVE-NG Community Lab Access Guide

      Getting Access to the Pod There are two methods you can get access to the access detail as mentioned below. Check for the Url and Port Number in the email from Login with the credentials provided Once you login you will see a ...