, ,

You can configure SNMP on a Cisco WLC via  CLI or GUI. In GUI you have to go to “Management > SNMP” section. Below screenshot show the General tab under SNMP section where you can enable/disable SNMP & configure syscontact/location information.WLC-SNMP-01

You can do this via CLI by using below commands

snmp version v2c enable
snmp syslocation HeadQuarters-WLC1
snmp syscontact 0394444444

Then if you go to “Communities” section under SNMP you can configure the snmp community values you required. Access mode can be either “read-only” or “read-write”. You have to make status “Enable”. Since you can add single IP range that should cover all your snmp servers (if you have multiple), keep in mind WCS IP should be part of this range. Therefore if you have your snmp servers & WCS server in two discrete subnets (like 192.168.x.x & 10.x.x.x) then it is very difficult to combine these into single one & have to use default address & mask of

Here is the commands to define this via CLI. I have created two snmp-communities called “mrn-ro” & “mrn-rw” with read-only & read-write capability.

snmp community create mrn-ro
snmp community mode enable mrn-ro
snmp community ipaddr mrn-ro
snmp community accessmode ro mrn-ro

snmp community create mrn-rw
snmp community mode enable mrn-rw
snmp community ipaddr mrn-rw
snmp community accessmode rw mrn-rw

Also you can configure SNMP trap receiver where WLC can send its snmp trap messages.  Community Name means SNMP trap receiver name & that does not have any significance like snmp community value.WLC-SNMP-02-1

Here is the CLI commands to achieve that.

snmp trapreceiver create WCS
snmp trapreceiver mode enable WCS

You can control which snmp traps you want to send to this trap receiver via Trap Control section under SNMP. Below shows screenshot of few control options available.WLC-SNMP-02-2

To configure SNMPv3 using GUI you can go to “SNMP v3 Users ” section under SNMP. You have to give a user profile name (similar to community value in snmp v2) & access mode. Also you need to specify authentication protocol, password & Privacy protocol, password to complete this.WLC-SNMP-02-3

By using CLI you can configure this using “config snmp v3user create” command.

config snmp v3user create mrncciew-snmpv3 rw hmacsha aescfb128 rasikanayanajith rasikanayanajith

You can use “config snmp v3user delete” command to delete existing snmpv3 user in WLC. Below shows the CLI command to deleted “default” user comes with WLC factory-default config.

config snmp v3user delete default

*** In SNMPv3 document says Reboot the controllers so that the snmpv3 user that you added takes effect. So it is good practice to reboot controller once you create snmpv3 user ***

Once you configure the SNMP on your wireless controllers then you can add them onto WCS by using them using “Configure > Controllers > Add Controllers “. Below shows adding a WLC onto my WCS using the snmpv3 user-created on WLC.


Once successfully added to WLC you will see a similar screen like below.WLC-SNMP-04

As an additional side note, here is the CLI commands require to configure snmp on ACS server. It is identical to how we configure snmp on normal IOS router/switch.
acs01/admin(config)# snmp-server host version 2c mrn-ro
acs01/admin(config)# snmp-server community mrn-ro

Update as of 20th May 2013.
Once I raised the question in Cisco support forum regarding requirement of reload after configuring SNMPv3, they have confirmed it was a document error & no reboot is required for any 7.x version of WLC code after configuring SNMPv3.(refer CSCua09707 or below Cisco Support forum post )

Does WLC require reboot after configuring SNMPv3 ?