Tags
In this post we will look at General WLAN configuration CLI commands in detail. Here is the default settings of General Tab once you create a WLAN
Here is the CLI commands related to this.
(WLC2) >config wlan ? create Creates a WLAN. broadcast-ssid Configures SSID Broadcast on a WLAN. interface Configures the WLAN's interface. disable Disables a WLAN. enable Enables a WLAN. delete Deletes a WLAN. radio Configures the Radio Policy. multicast Configures the WLAN's multicast parameters.
Let’s create a new WLAN with ID of 17 & SSID called “Test-17” by using CLI commands. Here is the how you create a new WLAN using CLI.
(WLC2) >config wlan create ? foreignAp Third Party Access Points. <WLAN id> Enter WLAN Identifier between 1 and 512. (WLC2) >config wlan create 17 ? <name> Enter Profile Name up to 32 alphanumeric characters. (WLC2) >config wlan create 17 Test-17 ? <ssid> Enter SSID (Network Name) up to 32 alphanumeric characters. (WLC2) >config wlan create 17 Test-17 Test-17
By default following settings will be enable on this WLAN & you can see below CLI commands added to configuration once you create the SSID.
config wlan mfp client enable 17 config wlan security wpa enable 17 config wlan wmm allow 17 config wlan exclusionlist 17 60 config wlan broadcast-ssid enable 17 config wlan interface 17 management config wlan session-timeout 17 1800
If you want to enable/disable broadcast this SSID you can do this on this WLAN as follows.
(WLC2) >config wlan broadcast-ssid ? disable Disables Broadcast SSID on a WLAN. enable Enables Broadcast SSID on a WLAN. (WLC2) >config wlan broadcast-ssid disable ? <WLAN id> Enter WLAN Identifier between 1 and 512. (WLC2) >config wlan broadcast-ssid {enable|disable} 17
You can map this WLAN to interface or interface group you created on your WLC. Here is the CLI for that. I have simply use management interface
(WLC2) >config wlan interface ?
<WLAN id> Enter WLAN Identifier between 1 and 512.
foreignAp Third Party Access Points.
(WLC2) >config wlan interface 17 ?
<interface-name> Enter the interface name upper case not supported.
(WLC2) >config wlan interface 17 management
Let’s create interface group called “int-group-1” & map interface “vlan11” & “vlan12″ (which is already created prior to this & not shown configuration in this post”. Here is the CLI config for interface group creation & mapping interface on to that.
(WLC2) >config interface group create int-group-1 "Interface Group 1" (WLC2) >config interface group interface add int-group-1 vlan11 (WLC2) >config interface group interface add int-group-1 vlan12
Now let’s map Test-17 WLAN to this interface group. You have to simply use interface group name instead of interface name.
(WLC2) >config wlan interface 17 int-group-1
Now let’s enable radio policy for this WLAN. Here are the option available. Without impacting other WLANs if you only want to certain type of clients able to join this network you have to configure this settings correctly. Let’s say no clients in 2.4 GHz should associate with less than 11Mbps data rates to this WLAN (In other words 802.11b clients should not associate). So you have to select 802.11g-only. In this example we will enable 802.11a & 802.11g clients to join this WLAN.
(WLC2) >config wlan radio 17 ?
802.11a-only Configures the WLAN on 802.11a only.
802.11ag Configures the WLAN on 802.11a and 802.11g only.
802.11bg Configures the WLAN on 802.11b/g only (802.11b only, if 802.11g is disabled).
802.11g-only Configures the WLAN on 802.11g only.
all Configures the WLAN on all Radio bands.
(WLC2) >config wlan radio 17 802.11ag
Since we map this WLAN onto an interface group, multiple interface IP assign to same WLAN clients. Therefore to optimize multicast with this configuration you need to enable “multicast vlan select” feature. This will nominate 1 vlan for multicast communication for the entire interface group instead of each individual vlan send IGMP query for its client.
(WLC2) >config wlan multicast ?
interface Configures the WLAN's multicast interface.
(WLC2) >config wlan multicast interface ?
<WLAN id> Enter WLAN Identifier between 1 and 512.
(WLC2) >config wlan multicast interface 17 ?
enable Enables the multicast-interface feature for a WLAN.
disable Disables the multicast-interface feature for a WLAN.
(WLC2) >config wlan multicast interface 17 enable ?
<interface-name> Enter the interface name upper case not supported.
(WLC2) >config wlan multicast interface 17 enable vlan11
You can enable this WLAN by simply following CLI commands
(WLC2) >config wlan enable 17
Now if you look at the GUI WLAN general tab you would see something like this.
Now if you try to join this SSID, even though you enable broadcast SSID you cannot see it visible. Why is this ? You have to remember only WLAN ID 1-16 are broadcast by default. If you create any WLAN ID greater than 16, then you have to create an AP Group to broadcast them. Therefore let’s create an AP Group called “mrn-apgroup” and put my ap into this group.
(WLC2) >config wlan apgroup ? add Creates a new AP Group. delete Deletes a existing ap group. description Configures a description for an AP group. interface-mapping Adds or deletes a new apgroup/WLAN/interface mapping. nac-snmp Configures NAC SNMP functionality on given AP-Group. radio-policy Configures Radio Policy on given AP-Group. (WLC2) >config wlan apgroup add ? <apgroup name> Specify the name of the apgroup to configure. (WLC2) >config wlan apgroup add mrn-apgroup ? <description> (optional) Specify the description for the AP group. (WLC2) >config wlan apgroup add mrn-apgroup (WLC2) >config wlan apgroup interface-mapping ? add Adds a new apgroup/WLAN/interface mapping. delete Adds a new apgroup/WLAN/interface mapping. (WLC2) >config wlan apgroup interface-mapping add ? <apgroup name> Specify the name of the apgroup to configure. (WLC2) >config wlan apgroup interface-mapping add mrn-apgroup ? <WLAN or Remote LAN Id> Enter WLAN or Remote LAN Identifier between 1 and 512. (WLC2) >config wlan apgroup interface-mapping add mrn-apgroup 17 ? <Interface Name> Specify the interface name. (WLC2) >config wlan apgroup interface-mapping add mrn-apgroup 17 int-group-1
Now let’s add AP in to the AP-Group created. Remember that AP will reboot & impact the clients if you are doing this on a production AP.
(WLC2) >show ap summary
Number of APs.................................... 1
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
------------------ ----- -------------------- ----------------- ---------------- ---- ------- ------
LAP2 2 AIR-CAP3502I-N-K9 70:81:05:03:7c:ef CAT2-Fa102 LAG AU 1
(WLC2) >config ap group-name ?
<groupname> Enter the group name of Cisco APs as String
(WLC2) >config ap group-name mrn-apgroup ?
<Cisco AP> Enter the name of the Cisco AP.
(WLC2) >config ap group-name mrn-apgroup LAP2
In GUI you will see like this
Once you do this you will see “Test-17” SSID is visible to clients.
In the next post we will look at how to do the QoS specific configuration of a WLAN via CLI.
Related Posts
1. Configuring WLAN via CLI – Part 1
2. Configuring WLAN via CLI – Part 3
3. Configuring WLAN via CLI – Part 4
4. Configuring WLAN via CLI – Part 5
5. Configuring WLAN via CLI – Part 6
mrn-cciew 
This material can be used as the basis of ccie wireless tecnology ,Rasika is not just a double ccie but well vested with these tecnologies, i am sure he will join the cisco team very soon.
Hi Vick,
Thanks for the suggestion to join Cisco team 🙂
I think I can better serve wider community being outside Cisco (so no obligation to express my own view here). Amount of free time I have immensely help for this blogging.
Rasika
Hi Nayarasi,
Thank you so much for your knowlege here. I have visited your site many times over the years. One question I have about the WLAN ID. Is there a way to change the ID # once the WLAN has been deployed? Thank you
No you can’t do that. You hv to delete & recreate it with new ID
HTH
Rasika
I have a WLC 5508 runing 8.2.141.0
Presently we have created one SSID and it assigned to four APS with different AP groups defined as per location.
We have created a guest WLAN and assigned its dynamic interface but the SSID is not seen/broadcasted
Please advise how to go about this as we need the guest WLAN to be seen from all APs
I have responded to your CSC thread on this. Let’s keep it there
HTH
Rasika
Hi,
I got a problem. I configured wlan, interface, ap groups, associated wlans to the right ap group and also in the ap chose the right ap group. I can see just one ssid (the guest one).
I typed the following command:
(Cisco Controller) >show ap wlan 802.11-abgn APA0E0.AF4D.50A6
Site Name…………………………………. AP-Group-Didattica
Site Description……………………………
WLAN ID Interface BSSID ATF Override ATF Policy ID ATF Policy Name
——- ———– ————————– ————– ————– ————–
12 w-campus 00:a3:8e:28:e3:80 n/a n/a n/a
1 w-ich-mobile 00:a3:8e:28:e3:81 n/a n/a n/a
2 w-ich-guest1 00:a3:8e:28:e3:82 n/a n/a n/a
11 w-hum-ricerca 00:a3:8e:28:e3:83 n/a n/a n/a
7 w-hum-intranet 00:a3:8e:28:e3:84 n/a n/a n/a
4 w-ich-users-campus 00:a3:8e:28:e3:85 n/a n/a n/a
It should be showing all the SSID!! I marked the Broadcast check for all the SSIDs…
Thanks in advance
What software version you running ? What sort of security method/encryption (AES, TKIP) configured on those SSIDs ?
Rasika
Hi Nayarasi.
I have a question and I think i know the answer but not sure, hope you can help me.
I have a Cisco Mobility Express WLC.
If I delete a WLAN an it´s SSID and re-create them again exactly the same, previously attached clients have to search and enter psk again to connect the SSID? Or the previously saved configuration on the device for that same SSID is still correct.
Thanks in advance.
Clients should able to connect using the previously stored PSK on their client devices
HTH
Rasika
Yes, they did.
Thank you.