Power Up and Initial Configuration

This chapter guides you through a basic controller configuration, which is sufficient for you to access your network. Complex configuration procedures are beyond the scope of this publication and can be found in the modular configuration and command reference publications in the Cisco IOS software configuration documentation set that corresponds to the software release installed on your Cisco hardware.

Checking Conditions Prior to System Startup

Ensure that all the card slots and compartments are closed. Install blank faceplates on empty slots. Always have power supply slots filled. If you leave a power supply slot uncovered, then you risk exposure to hazardous voltages on the power pins on the midplane.


Warning


Blank faceplates and cover panels serve three important functions: they prevent exposure to hazardous voltages and currents inside the chassis; they contain electromagnetic interference (EMI) that might disrupt other equipment; and they direct the flow of cooling air through the chassis. Do not operate the system unless all cards, faceplates, front covers, and rear covers are in place.

Statement 1029



Note


To view the boot sequence, you must have a console connection to the Cisco Catalyst 9800-40 Wireless Controller before it powers up.

Ensure that the following conditions are addressed before starting up the controller:

  • The network interface cable or the optional Management port cable is connected.

  • The chassis is securely mounted and grounded.

  • The power and interface cables are connected.

  • Your PC with terminal emulation program (Putty or equivalent) is connected to the console port, powered up, and is configured for 9600 baud, 8 data bits, 1 stop bit, no parity, with flow control set to none.

  • You have selected passwords for access control.

  • Captive installation screws are tight on all removable components.

  • The console terminal is turned on.

  • You have determined the IP addresses for the network interfaces.

  • The EPA and the NIM are inserted in their slots, if applicable.


    Note


    The EPA and NIM must be defined.


  • Empty card slots are filled with card blanks. This ensures proper air flow through the chassis and electromagnetic compatibility (EMC).

Powering Up the Controller

Before you begin

Before you power on, make sure that:
  • The power supply cord is plugged into the power supply inlet.

  • All cables are connected.

  • Your computer is powered up and connected.

You are now ready to power on the system for the first time.

Procedure


Step 1

Move the chassis power switch to the ON position.

Listen for the fans; you should immediately hear them operating. Ensure that the power supply LED OK is green and the FAIL LED is not illuminated. The front-panel indicator LEDs provide power, activity, and status information useful during bootup. For more detailed information about the LEDs, see the LEDs section.

Step 2

Observe the initialization process.

When the system boot is complete (the process takes a few seconds), the controller begins to initialize.

The following is an example of what is displayed during the system boot process:

Initializing Hardware ...
 
System integrity status: 90170200 12030117
 
 
System Bootstrap, Version 16.10(2r), RELEASE SOFTWARE
Copyright (c) 1994-2018  by cisco Systems, Inc.
 
Current image running: Boot ROM1
Last reset cause: PowerOn
 
C9800-40-K9 platform with 33554432 Kbytes of main memory
 
Warning: filesystem is not clean
File size is 0x2ae586e3
Located C9800-40-universalk9_wlc.16.10.01.SPA.bin
Image size 719685347 inode num 15, bks cnt 175705 blk size 8*512
###############################################################################
###############################################################################
###############################################################################
#####################################
Boot image size = 719685347 (0x2ae586e3) bytes
 
ROM:RSA Self Test Passed
ROM:Sha512 Self Test Passed
 
Package header rev 3 structure detected
Calculating SHA-1 hash...done
validate_package_cs: SHA-1 hash:
        calculated fdf6e062:e7a16041:b642e191:16a8f2b2:a98397f4
        expected   fdf6e062:e7a16041:b642e191:16a8f2b2:a98397f4
Validating main package signatures
 
RSA Signed RELEASE Image Signature Verification Successful.
Validating subpackage signatures
Image validated
Nov 14 21:21:26.350: %PMAN-3-PROC_EMPTY_EXEC_FILE: R0/0: pvp: Empty executable used for process bt_logger
Nov 14 21:21:29.175: %PMAN-3-PROC_EMPTY_EXEC_FILE: R0/0: pvp: Empty executable used for process bt_logger
 
Both links down, not waiting for other chassis
Chassis number is 1
Nov 14 21:21:29.956: %PMAN-3-PROC_EMPTY_EXEC_FILE: R0/0: pvp: Empty executable used for process bt_logger
Nov 14 21:21:31.877: %PMAN-3-PROC_EMPTY_EXEC_FILE: R0/0: pvp: Empty executable used for process bt_logger
Nov 14 21:21:38.272: %PMAN-3-PROC_EMPTY_EXEC_FILE: R0/0: pvp: Empty executable used for process bt_logger
Nov 14 21:21:41.387: %PMAN-3-PROC_EMPTY_EXEC_FILE: R0/0: pvp: Empty executable used for process bt_logger
 
              Restricted Rights Legend
 
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
 
           Cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706
 
 
 
Cisco IOS Software [Gibraltar], C9800 Software (C9800_IOSXE), Version 16.10.1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Fri 09-Nov-18 19:40 by mcpre
 
 
 
PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR
LICENSE KEY PROVIDED FOR ANY CISCO SOFTWARE PRODUCT, PRODUCT FEATURE,
AND/OR SUBSEQUENTLY PROVIDED SOFTWARE FEATURES (COLLECTIVELY, THE
"SOFTWARE"), AND/OR USING SUCH SOFTWARE CONSTITUTES YOUR FULL
ACCEPTANCE OF THE FOLLOWING TERMS. YOU MUST NOT PROCEED FURTHER IF YOU
ARE NOT WILLING TO BE BOUND BY ALL THE TERMS SET FORTH HEREIN.
 
Your use of the Software is subject to the General Terms and Conditions found at
https://www.cisco.com/c/dam/en_us/about/doing_business/legal/Cisco_General_Terms.pdf.
 
You hereby acknowledge and agree that certain Software and/or features are
licensed for a particular term, that the license to such Software and/or
features is valid only for the applicable term and that such Software and/or
features may be shut down or otherwise terminated by Cisco after expiration
of the applicable license term (e.g., 90-day trial period). Cisco reserves
the right to terminate any such Software feature electronically or by any
other means available. While Cisco may provide alerts, it is your sole
responsibility to monitor your usage of any such term Software feature to
ensure that your systems and networks are prepared for a shutdown of the
Software feature.
 
 
cisco C9800-40-K9 (1GL) processor (revision 1GL) with 7866661K/6147K bytes of memory.
FIPS: Flash Key Check : Found Key , FIPS Mode Enabled
 
Processor board ID TKM21130895
1 Virtual Ethernet interface
4 Ten Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
33554432K bytes of physical memory.
26910719K bytes of eUSB flash at bootflash:.
234365527K bytes of SATA hard disk at harddisk:.
0K bytes of WebUI ODM Files at webui:.
 
Base Ethernet MAC Address          : 00:A3:8E:23:7F:40
 
Installation mode is BUNDLE
 
%INIT: waited 0 seconds for NVRAM to be available
 
 
Press RETURN to get started!

Performing the Initial Configuration on the Controller

Using the Cisco IOS-XE CLI - Cisco Setup Command Facility

The setup command facility prompts you to enter the information that is needed to configure a controller quickly. The facility takes you through an initial configuration, including wireless configurations.


Note


The setup command facility is entered automatically if there is no configuration on the controller when it is booted into Cisco IOS-XE.

You will be prompted for wireless configuration after the Day 0 banner.

For information on modifying the configuration after you create it, see the Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide and the Cisco Catalyst 9800 Series Wireless Controller Command Reference Guide.

This section covers the following:

  • Configuring the device management interface.

  • Configuring the device management IP.

  • Setting a static route.

  • Configuring the management credentials.

  • Configuring the wireless management interface.

  • Choosing the deployment mode.

  • Configuring the system name or hostname.

  • Configuring credentials for management access on access points.

  • Configuring the country code.

  • Configuring the time using an NTP server or manually.

  • [Optional] Configuring a time zone.

  • [Optional] Configuring the wireless client density.

  • [Optional] Configuring AAA servers.

  • [Optional] Configuring the wireless network settings.

  • [Optional] Configuring a network name or SSID.

  • [Optional] Configuring a virtual IP.

  • [Optional] Configuring an RF network name.

  • [Optional] Configuring high avalability.


Note


Presently, there is no direct method to get back to your previous configuration. Press Ctrl-C to restart the configuration and return to the setup without saving the configuration.


Procedure


Step 1

Navigate to the Day 0 setup wizard using the write erase command or directly on the Day 0 device.

Step 2

Device management interface setup configures the device management or service port. This interface enables the basic configuration to access the device using the GUI. This is an optional configuration where you can opt to configure only the wireless management interface and not the device management.

Configure device management interface?[yes]:

Step 3

Device management IP helps access the device using the GUI.


 Configure static IP address? [yes]:
    Enter the interface IP [TenGigabitEthernet0/0/2]: 192.168.1.10
    Enter the subnet mask [TenGigabitEthernet0/0/2] [255.0.0.0]: 255.255.255.0

Step 4

Setting a static route to access the device using the GUI.


Interface belongs to VRF "Mgmt-intf". Please configure a static route on the VRF
Enter the destination prefix: 0.0.0.0
Enter the destination mask: 0.0.0.0
Enter the forwarding router IP: 10.104.170.1

Step 5

Enter the management username and password. This is a mandatory step.


Enter the management username: cisco
  Enter the password: ********
  Reenter the password: ********

Step 6

Configure the wireless management if you haven't configured a device management interface.


Basic management setup is now complete. At this point, it is possible to save the above and
continue wireless setup using the webUI (for this, choose 'no' below)

Would you like to continue with the wireless setup? [yes]: yes

Note

 

This prompt is not applicable for 17.4 release.

Note

 

If you have not configured the device management, the setup moves to Step 8 before displaying the above banner.

In 17.3 release, you will be allowed to exit the wizard after configuring at least one of the interfaces, that is, device or wireless management.

This banner is no longer available in 17.4. You cannot exit the wizard without completing the configuration.

If you select Yes , you need to follow the upcoming steps. Also, you can access the device using the IP configured in Step 4.

Step 7

Wireless management interface is a mandatory configuration:


Configuring wireless management interface
  Select interface to be used for wireless management
   1. TenGigabitEthernet0/0/1 [Up]
   2. TenGigabitEthernet0/0/2 [Up]
   3. TenGigabitEthernet0/0/3 [Up]
  Choose the interface to config [1]:

Step 8

Enter a VLAN ID:

Enter the vlan ID (1-4094): 112

Step 9

Configure an IPv4 or IPv6 address:


  Configure IPv4 address? [yes]:
    Enter the interface IP [TenGigabitEthernet0/0/1]: 9.11.112.40
    Enter the subnet mask [TenGigabitEthernet0/0/1] [255.0.0.0]: 255.255.255.0
  Configure IPv6 address? [yes]: no

Step 10

Configure a VLAN DHCP server and IP address:


 Do you want to configure a VLAN DHCP Server? [yes]: yes
   Enter the VLAN DHCP Server IP [TenGigabitEthernet0/0/1]: 9.11.112.45

Step 11

[Optional] Set up a static route to attach an AP client to the controller. The default options for static route prompts you to configure a default route. However, you can specify a different route as well.


 Configure static route? [yes/no]: yes
  Enter the destination prefix [0.0.0.0]:
  Enter the destination mask [0.0.0.0]:
  Enter the forwarding router IP: 9.11.112.1

Note

 

If you configure the device as HA RMI and you haven't configured a default route (that is, source and destination as 0.0.0.0), the wizard asks for the default route information.


Basic management setup is now complete. At this point, it is possible to save the above and
continue wireless setup using the webUI(for this, choose 'no' below) 

Would you like to continue with the wireless setup? [yes]

Step 12

Choose the deployment mode:


 Choose the deployment mode
    1. Standalone
    2. Active
    3. Standby
 Enter your selection [1]:

Note

 

You can choose from one of the following deployment modes:

  • Standalone: In this mode, you do not get to view any high availability pairing information.

  • Active: In this mode, the controller needs to be configured with all the Day 0 information.

  • Standby: In this mode, the configuration proceeds to the High Availability configuration.

Step 13

Configure the system name or hostname:

Enter the hostname [WLC]: ciscowlc

Note

 

This is a mandatory step. The hostname needs to confirm to the RFC standards.

Step 14

[Optional] Configure the login credentials for an AP.


Configure credentials for management access on Access Points? [yes]:
  Enter the management username: cisco
  Enter the management password: ****
    Reenter the password: ****
  Enter the privileged mode access password: ****
    Reenter the password: ****

Step 15

Configure the country code. You can specify multiple country codes by separating them with a comma.

Configure country code for wireless operation in ISO format ? [US]:

Step 16

Configure the date and NTP to allow access points to join the controller. You can configure time using an NTP server or manually.

Note

 

You need to enter time in the following format:

DAY-MONTH-YEAR


Configure NTP server ? [yes/no]: no
Enter the day:
Enter the month:
Enter the year:

Configure a NTP server now? [yes]:
Enter ntp server address : 9.11.112.45
Enter a polling interval between 16 and 131072 secs which is power of 2: 16

Step 17

[Optional] Configure a timezone:


 Configure timezone? [yes]:
  Enter name of timezone: ind
  Enter hours offset from UTC (-23,23): 5
  Enter mins offset from UTC (0,59) [0]: 30

Step 18

[Optional] Configure the expected client density:


 Configure Wireless client density? [yes]:
  Choose the client density
    1. Low
    2. Typical
    3. High
  Enter your selection [2]: 3

Step 19

[Optional] Configure AAA servers:

Note

 

You can configure a maximum of 6 servers during Day 0 configuration.


 Configure AAA servers? [yes]:
  Enter the AAA server address: 9.11.112.46
  Enter the AAA key: ***
Do you want to add more AAA servers? [yes]:
  Enter the AAA server address: 9.11.112.47
  Enter the AAA key: ***
Do you want to add more AAA servers? [yes]: no

Note

 

The AAA servers are required for WPA2 Enterprise. In 17.4 release, you need to configure AAA only in one place. If you follow Step 21, WPA2 Enterprise will not ask for AAA servers in Step 22.

Step 20

[Optional] Configure wireless network settings to configure WLAN information for an AP and client join:

Configure Wireless network settings? [yes]:

Step 21

[Optional] Configure an SSID for client join:


Enter the network name or service set identifier (SSID):
Choose the network type
    1. Employee
    2. Guest

If you choose Employee as the network type, the following options are displayed:


Choose the security type
    1. WPA Personal
    2. WPA Enterprise
   Enter your selection [2]:
If you choose WPA2 Personal , you will need to enter a pre-shared key (ASCII).
Enter the pre-shared key (ASCII):

If you choose WPA2 Enterprise , you will be able to add multiple AAA servers.


Enter the AAA server address:
Enter the AAA key:
Enter more AAA server details? [yes]

If you choose Guest , you get to view the following options:


Please choose the security type: 
1.	Webauth
2.	Authbypass
3.	Consent
4.	Webconsent
Enter the security type:

Step 22

[Optional] Configure a virtual IP address. The recommended virtual IP address is 192.0.2.1.


 Configure virtual IP? [yes]:
  Enter the virtual IP [192.0.6.1]:

Step 23

[Optional] Configure an RF network name.


 Configure RF-Network Name? [yes]:
  Enter the RF-Network Name: ciscorf

Step 24

[Optional] Configure high availability.

If you choose the deployment mode as Active or Standby, you will need to choose from one of the HA pairing type:

  1. RMI

  2. RP-RP

Note

 

For information on HA pairing types, see Part: High Availability (High Availability > Information About Redundancy Management Interface) in Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE Bengaluru 17.4.x.


 High Availability configuration
  Please choose the HA pairing type
    1. RMI
    2. RP-RP
  Enter your selection [1]:
If you choose RMI+RP, you need to select an interface to be used as redundancy port:

Enter the RMI IP for local chassis: 9.11.112.12
Enter the RMI IP for remote chassis: 9.11.112.13
Enter the gateway IP of the last resort: 9.11.112.1

Note

 

If you have not configured a default route earlier, you need to enter the gateway IP of the last resort.

If you choose the deployment mode as Standby, you need to specify the VLAN ID for completing the pairing:

  Enter the RMI IP for local chassis: 9.11.112.51
  Enter the RMI IP for remote chassis: 9.11.112.50
  Enter the wireless management VLAN: 112
If you choose RP, you need to select an interface to be used as redundancy port:

 Select interface to be used as redundancy port
   1. TenGigabitEthernet0/0/2 [Up]
   2. TenGigabitEthernet0/0/3 [Up]
  Choose the interface to config [1]: 2
  Enter the local IP:
 Enter the subnet mask:
 Enter the remote IP:

Completing the Configuration

When using the Cisco setup command facility, and after you have provided all the information requested by the facility as described in Using the Cisco setup Command Facility section, the final configuration appears.

To complete your controller configuration, follow these steps.

Procedure


Step 1

The facility prompts you to save the configuration.

  • If you answer no, the configuration information you entered is not saved, and you return to the controller enable prompt (WLC#). Enter setup to return to the System Configuration dialog box.

  • If you answer yes, the configuration is saved, and you are returned to the user EXEC prompt (WLC>).

Use this configuration? {yes/no} : yes
Building configuration...
Use the enabled mode 'configure' command to modify this configuration.

%LINK-3-UPDOWN: Interface GigabitEthernet0/1/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1/0, changed state to up

<Additional messages omitted.>

Step 2

When messages stop appearing on your screen, press Return to get the WLC> prompt.

Step 3

The WLC> prompt indicates that you are now at the command-line interface (CLI).

You have just completed an initial controller configuration. Note that this is not a complete configuration. At this point, you have two choices:

  • Run the setup command facility again, and create another configuration:

    WLC> enable 
    Password: password 
    WLC# setup
  • Modify the existing configuration or configure additional features by using the CLI:

    WLC> enable
    Password:  password 
    WLC# configure terminal 
    WLC(config)#
    

Using the Cisco IOS-XE CLI—Manual Configuration

This section shows you how to access the CLI to perform the initial configuration on the controller

If the system configuration message does not appear, it means a default configuration file was installed on the controller prior to shipping.

Follow these steps to configure the controller.

Procedure


Step 1

Enter no when the following system message appears on the controller.

--- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: no

Step 2

Press Return and continue with the manual configuration:

Several log messages are displayed.

Step 3

Press Return to bring up the WLC> prompt

Step 4

Type enable to enter privileged EXEC mode.

WLC> enable
WLC#

Configuring the Controller Hostname


Note


The Cisco Catalyst 9800-40 Wireless Controller provides a simplified first time out-of-box installation and configuration interface for all series of wireless controllers.

To learn more about the Day 0 Express setup on the Cisco Catalyst 9800-40 Wireless Controller, please refer https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-8/b_c9800_wireless_controller_series_web_dg.html



Note


If you prefer to configure the device manually, you need to configure the following to terminate the Day0 Wizard:

  • Wireless management interface

  • AP country code must be set


The hostname used in CLI prompts the default configuration filenames. If you do not configure the controller hostname, the controller uses the factory-assigned default hostname WLC.

Procedure
  Command or Action Purpose

Step 1

enable

Example:
WLC> enable

Enables privileged EXEC mode.

Note

 

Enter your password if prompted.

Step 2

configure terminal

Example:
WLC# configure terminal

Enters global configuration mode.

Step 3

hostname name

Example:
WLC(config)# hostname myWLC

Specifies or modifies the hostname for the network server.

Step 4

end

Example:
myWLC(config)# end

(Optional) Returns to privileged EXEC mode.

Configuring the Enable and Enable Secret Passwords

To provide an additional layer of security, particularly for passwords that cross the network or are stored on a TFTP server, you can use either the enable password command or enable secret command. Both commands accomplish the same thing—they allow you to establish an encrypted password that users must enter to access privileged EXEC (enable) mode.

We recommend that you use the enable secret command because it uses an improved encryption algorithm.


Note


If you configure the enable secret command, it takes precedence over the enable password command; the two commands cannot be in effect simultaneously.

For more information, see the Configuring Passwords and Privileges chapter in the Cisco IOS Security Configuration Guide. Also see the Cisco IOS Password Encryption Facts tech note and the Cisco Guide to Harden Cisco IOS Devices tech note.

Procedure
  Command or Action Purpose

Step 1

enable

Example:
Device> enable

Enables privileged EXEC mode.

Note

 

Enter your password if prompted.

Step 2

configure terminal

Example:
Device# configure terminal

Enters global configuration mode.

Step 3

enable secret password

Example:
Device(config)# enable secret greentree

Specifies an additional layer of security over the enable password command.

Step 4

end

Example:
Device(config)# end

Returns to privileged EXEC mode.

Step 5

enable

Example:
Device> enable

Enables privileged EXEC mode.

Verify that your new enable or enable secret password works.

Step 6

end

Example:
Device(config)# end

(Optional) Returns to privileged EXEC mode.

Configuring the Console Idle Privileged EXEC Timeout

By default, the privileged EXEC command interpreter waits 10 minutes to detect user input before timing out.

When you configure the console line, you can also set communication parameters, specify autobaud connections, and configure terminal operating parameters for the terminal that you are using. For more information on configuring the console line, see the Cisco IOS Configuration Fundamentals and Network Management Configuration Guide. In particular, see the Configuring Operating Characteristics for Terminals and Troubleshooting and Fault Management chapters.

Procedure
  Command or Action Purpose

Step 1

enable

Example:
Device> enable

Enables privileged EXEC mode.

Note

 

Enter your password if prompted.

Step 2

configure terminal

Example:
Device# configure terminal

Enters global configuration mode.

Step 3

line console 0

Example:
Device(config)# line console 0

Configures the console line and starts the line configuration command collection mode.

Step 4

exec-timeout minutes [seconds]

Example:
Device(config)# exec-timeout 0 0

Sets the idle privileged EXEC timeout, which is the interval that the privileged EXEC command interpreter waits until user input is detected.

The example shows how to specify no timeout. Setting the exec-timeout value to 0 will cause the controller to never log out once logged in. This could have security implications if you leave the console without manually logging out using the disable command.

Step 5

end

Example:
Device(config)# end

Returns to privileged EXEC mode.

Step 6

show running-config

Example:
Device# show running-config

Displays the running configuration file.

Verify that you have configured the idle privileged EXEC timeout correctly.

Example

The following example shows how to set the console idle privileged EXEC timeout to 2 minutes 30 seconds:

line console
exec-timeout 2 30

The following example shows how to set the console idle privileged EXEC timeout to 30 seconds:

line console
exec-timeout 0 30

Gigabit Ethernet Management Interface Overview

The controller provides an Ethernet management port named GigabitEthernet0.

The purpose of this interface is to allow users to perform management tasks on the controller; it is an interface that should not, and often cannot, forward network traffic, but can be used to access the controller through Telnet and SSH to perform management tasks on the controller. The interface is most useful in troubleshooting scenarios when other forwarding interfaces are inactive.

The following aspects of the management Ethernet interface should be noted:

  • The controller has one management Ethernet interface named GigabitEthernet0.

  • IPv4, IPv6, and ARP are the only routed protocols supported for the interface.

  • The interface provides a way to access the controller even if forwarding interfaces are not functional, or the Cisco IOS is down.

  • The management Ethernet interface is part of its own VRF. See the Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide for more details.

Default Gigabit Ethernet Configuration

By default, a forwarding VRF is configured for the interface with a special group named Mgmt-intf. This cannot be changed. This isolates the traffic on the management interface away from the forwarding plane. Otherwise, the interface can be configured like other Gigabit Ethernet interfaces for most functions.

For example, the default configuration is as follows:

interface GigabitEthernet0 
vrf forwarding Mgmt-intf
ip address 200.165.200.225 255.255.255.224
negotiation auto

Note


The controller does not support front-panel networking. You can enter the guest shell commands with in the controller's terminal, but you cannot configure NAT on the controller. Therefore, this type of networking does not work. Only management mode (Mgmt-intf VRF) is supported.


Configuring Gigabit Ethernet Interfaces

This section shows how to assign an IP address and interface description to an Ethernet interface on your controller.

For comprehensive configuration information on Gigabit Ethernet interfaces, see the Configuring LAN Interfaces chapter of the Cisco IOS Interface and Hardware Component Configuration Guide.

For information on the interface numbering, see the Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide.


Note


For comprehensive configuration information about IP routing and IP routing protocols, see the Configuring IP Routing Protocol-Independent Feature on cisco.com.
Procedure
  Command or Action Purpose

Step 1

enable

Example:
Device> enable

Enables privileged EXEC mode.

Note

 

Enter your password if prompted.

Step 2

show ip interface brief

Example:
Device# show ip interface brief

Displays a brief status of the interfaces that are configured for IP.

Learn which type of Ethernet interface is on your controller.

Step 3

configure terminal

Example:
Device# configure terminal

Enters global configuration mode.

Step 4

interface gigabitethernet 0

Example:
Device(config)# interface gigabitethernet 0

Specifies the Ethernet interface and enters the interface configuration mode.

Step 5

ip address ip-address mask

Example:
Device(config-if)# ip address 209.165.200.240 255.255.255.224

Sets a primary IP address for an interface.

Step 6

no shutdown

Example:
Device(config-if)# no shutdown

Enables an interface.

Step 7

end

Example:
Device(config-if)# end

Returns to privileged EXEC mode.

Step 8

show ip interface brief

Example:
Device# show ip interface brief

Displays a brief status of the interfaces that are configured for IP.

Verify that the interfaces are up and configured correctly.

Saving Your Controller Configuration

This section describes how to avoid losing your configuration at the next system reload or power cycle by saving the running configuration to the startup configuration in NVRAM. The NVRAM provides 32 MB of storage on the controller.


Note


To aid file recovery and minimize downtime in case of file corruption, we recommend that you save backup copies of the startup configuration file and the Cisco IOS-XE software system image file on a server

Note


To avoid losing work you have completed, be sure to save your configuration occasionally as you proceed. Use the copy running-config startup-config command to save the configuration to NVRAM.

Procedure

  Command or Action Purpose

Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

Note

 

Enter your password if prompted.

Step 2

copy running-config startup-config

Example:

Device# copy running-config startup-config

Saves the running configuration to the startup configuration.

Verifying the Initial Configuration

Enter the following commands in Cisco IOS-XE to verify the initial configuration on the controller:

  • show version—Displays the system hardware version, the installed software version, the names and sources of configuration files, the boot images, and the amount of installed DRAM, NVRAM, and flash memory.

  • show diag—Lists and displays the chassis, slot location, and subslot location details.

  • show interfaces— Shows if interfaces are operating correctly and if interfaces and line protocols are in the correct state, either up or down.

  • show ip interface brief—Displays a summary of the interfaces configured for IP protocol.

  • show configuration—Helps verify if you have configured the correct hostname and password.

After you have completed and verified the initial configuration, the specific features and functions are ready to be configured. See the Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide.

Powering Off the Controller Safely

Before you begin

We recommend that before turning off all power to the chassis, you issue the reload command. This ensures that the operating system cleans up all the file systems.

Procedure


Step 1

Change the controller config-register by issuing the following commands:

wlc# 
wlc# conf t
wlc(config)# config-register 0x2100

Step 2

Save the controller configuration using the following command:

wlc# write memory

Step 3

Enter the reload command.

Step 4

Confirm the reload command:

wlc# reload

Reload command is being issued on Active unit, this will reload the whole stack
Proceed with reload? [confirm]                                                 
Chassis 1 reloading, reason - Reload command
Feb  6 19:50:38.556: %PMAN-5-EXITACTION: F0/0: pvp: Process manager is exiting:
Feb  6 19:5
Initializing Hardware ...
System integrity status: 90170200 21030107

Step 5

After confirming the reload command, wait until the system bootstrap message is displayed before powering off the system:

System Bootstrap, Version 12.2(20170919:091604)
[pand16_7_v2 101], DEVELOPMENT SOFTWARE
Copyright (c) 1994-2017  by cisco Systems, Inc.                                         
Compiled Tue 09/19/2017  2:21:10.32 by pand                                             
Current image running: Boot ROM0
Last reset cause: LocalSoft     
QWLC-1GL platform with 33554432 Kbytes of main memory
rommon 1 >

Step 6

Move the chassis power switch to the Standby position.

Note

 
The fans in the power supply modules will continue to run even if the chassis power switch is in the Standby position.

Note

 
After powering off the controller, wait for a minimum of 30 seconds before powering it on again.

Environmental Monitoring and Reporting Functions

Environmental monitoring and reporting functions allow you to maintain normal system operation by identifying and resolving adverse conditions prior to loss of operation.


Caution


To prevent overheating of the chassis, ensure that your system is drawing cool inlet air. Over temperature conditions may occur if the system is drawing in the exhaust air of other equipment. Ensure adequate clearance around the sides of the chassis so that cooling air can flow through the chassis interior unimpeded and exhaust air exits the chassis and is not drawn into the inlet vent of another device.

Alarm Monitoring

The Cisco Catalyst 9800-40 Wireless Controller displays the CRIT, MAJ, and MIN alarm indicator LEDs. These LEDs indicate controller status at all times, but you must directly observe these LEDs to become aware of a controller alarm condition. Additionally, you can use the show facility-alarm status command to view the alarms.


Note


To clear the the alarm LED, you need to shutdown the ports which are not connected.
wlc# show facility-alarm status
System Totals  Critical: 1  Major: 0  Minor: 0
Source                    Time                 Severity    Description [Index]
------                   ------                -------    -------------------
Power Supply Bay 1       Feb 09 2018  20:52:48  CRITICAL  Power Supply/FAN Module Missing
xcvr container 0/0/0     Feb 09 2018  20:53:09  INFO    Transceiver Missing [0]
TenGigabitEthernet0/0/1  Feb 09 2018  20:53:11  INFO    Physical Port Administrative State Down [67]
TenGigaEthernet0/0/2     Feb 09 2018  20:53:12  INFO    Physical Port Administrative State Down [67]

To clear a visual alarm, you must resolve the alarm condition. The clear facility-alarm command does not clear an alarm LED on the Cisco Catalyst 9800-40 Wireless Controller .

Environmental Monitoring

The environmental monitoring functions use sensors to monitor the temperature of the cooling air as it moves through the chassis.

The local power supplies provide the ability to monitor:

  • Input and output voltage

  • Output current

  • Outlet temperature

The Cisco Catalyst 9800-40 Wireless Controllers are expected to meet the following environmental operating conditions:

  • Operating Temperature Nominal: 32° to 104° F (0° to 40°C)

  • Operating Temperature Short Term: 32° to 131° F (0° to 50°C)

  • Operating Humidity Nominal (relative humidity): 10 to 90% relative

  • Operating Humidity Short Term: 5 to 90% relative

  • Operating Altitude: –500 to 10,000 feet (–152.4 to 3048 meters)

  • AC Input Range: 85 to 264 VAC

In addition, the power supplies monitor internal power supply temperatures and voltages. A power supply is either within tolerance (normal) or out of tolerance (critical). If an internal power supply temperature or voltage reaches a critical level, the power supply shuts down without any interaction with the system processor.

The environmental monitoring functions use the following levels of status conditions to monitor the system:

  • Normal—All monitored parameters are within normal tolerances.

  • Warning—The system has exceeded a specified threshold. The system continues to operate, but operator action is recommended to bring the system back to a normal state.

  • Critical—An out-of-tolerance temperature or voltage condition exists. The system continues to operate, but the system is approaching shutdown. Immediate operator action is required.

  • Shutdown—Before any shutdown, the system logs the status of monitored parameters in NVRAM so that you can retrieve it later to help determine the cause of the problem.

  • Power supply shutdown—The power supply detected an internal out-of-tolerance overvoltage, overcurrent, or temperature condition and shut itself down.

Fan Failures

Four internal fans draw cooling air in through the front of the chassis and across internal components to maintain an acceptable operating temperature. The fans are located at the rear of the chassis. The fans in the Cisco Catalyst 9800-40 Wireless Controller are numbered from 0 to 5, right to left.

When the system power is on, all fans should be operational. However, the system continues to operate even if a fan fails.

Use the show platform hardware slot chassis 1 P2 fan status command to view the status of the fans, for example:

WLC# show platform hardware slot chassis 1 P2 fan status
Fan group 1 speed: 40%
Fan 0: Normal
Fan 1: Normal
Fan 2: Normal
Fan 3: Normal
Fan 4: Normal
Fan 5: Normal

Reporting Functions

The chassis manager on the forwarding engine control processor manages the local resources of the forwarding processor. The Cisco Catalyst 9800-40 Wireless Controller displays warning messages on the console, if the chassis interface-monitored parameters exceed a threshold. You can also retrieve and display environmental status reports with the following commands:

  • show environment all

  • show version

  • show inventory

  • show platform

  • show platform software status control-processor

  • show diag

Parameters are measured and reporting functions are updated every 60 seconds. A brief description of each of these commands follows.

show environment all Command

The show environment all command displays temperature, voltage, fan, and power supply information.

The following is sample output from the show environment all command:

WLC# show environment all
Sensor List:  Environmental Monitoring
Sensor        Location     State            Reading
Vin              P0        Normal           228 V AC
Iin              P0        Normal           1 A
Vout             P0        Normal           12 V DC
Iout             P0        Normal           18 A
Temp1            P0        Normal           36 Celsius
Temp2            P0        Normal           49 Celsius
Temp3            P0        Normal           47 Celsius
VRRX1: VX1       R0        Normal           752 mV
VRRX1: VX2       R0        Normal           7021 mV
VRRX1: VX3       R0        Normal           1217 mV
VRRX1: VX5       R0        Normal           1217 mV
VRRX1: VP1       R0        Normal           1699 mV
VRRX1: VP2       R0        Normal           2505 mV
VRRX1: VP3       R0        Normal           1305 mV
VRRX1: VP4       R0        Normal           5094 mV
VRRX1: VH        R0        Normal           12008 mV
VRRX2: VX1       R0        Normal           852 mV
VRRX2: VX4       R0        Normal           1018 mV
VRRX2: VX5       R0        Normal           1017 mV
VRRX2: VP1       R0        Normal           3325 mV
VRRX2: VP3       R0        Normal           1815 mV
VRRX2: VP4       R0        Normal           1052 mV
VRRX2: VH        R0        Normal           12008 mV
VRRX3: VX1       R0        Normal           986 mV
VRRX3: VX2       R0        Normal           1006 mV
VRRX3: VX4       R0        Normal           752 mV
VRRX3: VX5       R0        Normal           749 mV
VRRX3: VP1       R0        Normal           2497 mV
VRRX3: VP2       R0        Normal           1193 mV
VRRX3: VP3       R0        Normal           1515 mV
VRRX3: VP4       R0        Normal           11998 mV
Temp: RCRX IN    R0        Normal           29 Celsius
Temp: RCRX OUT   R0        Normal           34 Celsius
Temp: Yoda       R0        Normal           37 Celsius
Temp: XEPhy      R0        Normal           29 Celsius
Temp: CPU Die    R0        Minor            55 Celsius
Temp: FC FANS    R0        Fan Speed 60%    29 Celsius
show version Command

The show version command displays the system hardware configuration, software version, and names and sources of configuration files and boot images.

The following is sample output from the show version command:

WLC# show version
Cisco IOS XE Software, Version BLD_POLARIS_DEV_LATEST_20180204_164931
Cisco IOS Software [Fuji], WLC9000 Software (X86_64_LINUX_IOSD-UNIVERSALK9_WLC-M), 
Experimental Version 16.9.20180204:170500 [polaris_dev-/nobackup/mcpre/BLD-BLD_POLARIS_DEV_LATEST_20180204_164931 150]
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Sun 04-Feb-18 14:54 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2018 by cisco Systems, Inc.
All rights reserved.  Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0.  The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY.  You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0.  For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.

ROM: IOS-XE ROMMON

myWLC uptime is 4 minutes
Uptime for this control processor is 7 minutes
System returned to ROM by Reload reason not captured
System image file is "bootflash:qwlc-universalk9_wlc.BLD_POLARIS_DEV_LATEST_20180204_164931.SSA.bin"
Last reload reason: Reload reason not captured
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
 
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
 
If you require further assistance please contact us by sending email to
export@cisco.com.
 
License Type: Default. No valid license found.
License Level: adventerprise
Next reload license Level: adventerprise
 
cisco C9800-40-K9 (1GL) processor (revision 1GL) with 1637390K/6147K bytes of memory.
Processor board ID TKM20480022
1 Virtual Ethernet interface
4 Ten Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
33554432K bytes of physical memory.
30056447K bytes of eUSB flash at bootflash:.
0K bytes of WebUI ODM Files at webui:.
 
Base Ethernet MAC Address          : 00:2C:C8:A5:31:80
 
Installation mode is BUNDLE
 
Configuration register is 0x0

WLC#
show inventory Command

The show inventory command displays an extended report that includes the product inventory listing of all the Cisco products installed in the networking device.

The following is sample output from the show inventory command:

WLC# show inventory
NAME: "Chassis", DESCR: "Cisco C9800-40-K9 Chassis"
PID: C9800-40-K9     , VID: V01  , SN: TKM20480022
 
NAME: "Power Supply Module 0", DESCR: "Cisco 750 Watt reverse-airflow AC power supply"
PID: C9800-AC-750W-R  , VID: V01  , SN: ART203511UA
 
NAME: "Fan Tray", DESCR: "Cisco C9800-40-K9 Fan Tray"
PID: C9800-40-K9-FAN   , VID:      , SN:
 
NAME: "module 0", DESCR: "Cisco C9800-40-K9 Modular Interface Processor"
PID: C9800-40-K9     , VID:      , SN:
 
NAME: "SPA subslot 0/0", DESCR: "4-port 10G/1G multirate Ethernet Port Adapter"
PID: BUILT-IN-4X10G/1G , VID: N/A  , SN: JAE87654321
 
NAME: "module R0", DESCR: "Cisco C9800-40-K9 Route Processor"
PID: C9800-40-K9     , VID: V01  , SN: TKM20480022
 
NAME: "module F0", DESCR: "Cisco C9800-40-K9 Embedded Services Processor"
PID: C9800-40-K9     , VID:      , SN:


WLC#
show platform Command

The show platform command displays platform information.

The following is sample output from the show platform command:

WLC# show platform
Chassis type: C9800-40-K9
Slot         Type                 State          Insert time (ago)
------ ------------------- --------------------- -----------------   
 0       C9800-40-K9               ok               00:06:38
0/0     BUILT-IN-4X10G/1G          ok               00:05:16
R0      C9800-40-K9              ok, active         00:06:38
F0      C9800-40-K9              ok, active         00:06:38
P0      C9800-AC-750W-R            ok               00:06:10
P1       Unknown                 ps, fail           never
P2       C9800-40-K9-FAN           ok               00:06:11


Slot       CPLD Version          Firmware Version 
--------- ------------------- --------------------------------------- 
0          17083013            12.2(20180122:130204) [pand-1GL_imag...
R0          N/A                 N/A
F0         17083013            12.2(20180122:130204) [pand-1GL_imag...
WLC#
show platform software status control-processor Command

The show platform software status control-processor command displays the average load, memory usage, and CPU utilization levels at which the controller is running. The output also specifies whether the levels of these system health parameters are within defined thresholds.

The following is sample output from the show platform software status control-processor command:

WLC# show platform software status control-processor
1-RP0: online, statistics updated 4 seconds ago
Load Average: healthy
  1-Min: 1.27, status: healthy, under 8.00
  5-Min: 1.31, status: healthy, under 8.00
  15-Min: 0.76, status: healthy, under 10.00
Memory (kb): healthy
  Total: 32516344
  Used: 3871416 (12%), status: healthy
  Free: 28644928 (88%)
  Committed: 4101932 (13%), under 95%
Per-core Statistics
CPU0: CPU Utilization (percentage of time spent)
User:  2.30, System:  5.40, Nice:  0.00, Idle: 92.30
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU1: CPU Utilization (percentage of time spent)
User:  5.60, System: 18.70, Nice:  0.00, Idle: 75.70
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU2: CPU Utilization (percentage of time spent)
User:  4.00, System: 11.71, Nice:  0.00, Idle: 84.28
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU3: CPU Utilization (percentage of time spent)
User:  3.19, System:  5.69, Nice:  0.00, Idle: 91.10
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU4: CPU Utilization (percentage of time spent)
User:  1.90, System:  5.40, Nice:  0.00, Idle: 92.69
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU5: CPU Utilization (percentage of time spent)
User:  4.60, System: 11.41, Nice:  0.00, Idle: 83.98
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU6: CPU Utilization (percentage of time spent)
User:  1.30, System:  3.40, Nice:  0.00, Idle: 95.29
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU7: CPU Utilization (percentage of time spent)
User:  6.10, System: 14.60, Nice:  0.00, Idle: 79.30
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU8: CPU Utilization (percentage of time spent)
User:  0.30, System:  1.40, Nice:  0.00, Idle: 98.30
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU9: CPU Utilization (percentage of time spent)
User:  0.30, System:  1.30, Nice:  0.00, Idle: 98.40
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU10: CPU Utilization (percentage of time spent)
User:  0.20, System:  0.20, Nice:  0.00, Idle: 99.60
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU11: CPU Utilization (percentage of time spent)
User:  0.10, System:  0.40, Nice:  0.00, Idle: 99.50
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU12: CPU Utilization (percentage of time spent)
User:  0.40, System:  0.90, Nice:  0.00, Idle: 98.70
IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU13: CPU Utilization (percentage of time spent)
User:  0.10, System:  0.30, Nice:  0.00, Idle: 99.59
  IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU14: CPU Utilization (percentage of time spent)
User:  0.19, System:  0.99, Nice:  0.00, Idle: 98.80
 IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
CPU15: CPU Utilization (percentage of time spent)
User:  0.10, System:  0.30, Nice:  0.00, Idle: 99.60
  IRQ:  0.00, SIRQ:  0.00, IOwait:  0.00
show diag chassis eeprom detail Command

The show diag chassis eeprom detail command displays the configuration hardware information, including power or fan module P0 and P1 EPPROM data.


Note


To reset the device to its factory defaults, perform the following:

  1. Open the controller console on PUTTY and reload the controller.

  2. When you get ################## while the image loads, right-click on the top ribbon and select special command and break to get the ROMMON prompt.

  3. Issue the following command:

    rommon 1 > confreg 0x8000
  4. Boot the image.

    You will be able to view the write erased configuration and load the image thereafter.

  5. After the image loads, you get to view the configuration back to 0x2102.


The following is sample output from the show diag chassis eeprom detail command:

WLC#: show diag chassis eeprom detail
MIDPLANE EEPROM data:
EEPROM version: 4
Compatible Type: 0xFF
Controller Type: 4103
Hardware Revision: 0.1
PCB Part Number: XX-XXXX-XX
Board Revision: 01
Deviation Number: 0-0
Fab Version: 03
PCB Serial Number: XXXXXXXXXX
RMA Test History: 00
RMA Number: 0-0-0-0
RMA History: 00
Top Assy. Part Number: XX-XXXX-XX 
CLEI Code: XXXXXXXXXX
Product Identifier (PID): C9800-40-K9
Version Identifier (VID): V01
Manufacturing Test Data:       00 00 00 00 00 00 00  00
Field Diagnostics Data:        00 00 00 00 00 00 00  00
Chassis MAC Address: 002c.c8a5.3180
MAC Address block size: 32
Chassis Serial Number: XXXXXXXXXX
Environment Monitor Data: 00 06 00 FA
Asset ID:
Power/Fan Module P0 EEPROM data:

EEPROM version: 4
Compatible Type: 0xFF
Hardware Revision: 1.0
Version Identifier (VID): V01
Product Identifier (PID): C9800-AC-750W-R
PCB Serial Number: XXXXXXXXXX
Top Assy. Part Number: 3XX-XXXX-XX
Board Revision: A0
Deviation Number: 0-0
RMA Test History: 00
RMA Number: 0-0-0-0
RMA History: 00
CLEI Code: XXXXXXXXXX
Manufacturing Test Data:    00 00 00 00 00 00 00  00
Field Diagnostics Data:     00 00 00 00 00 00 00  00
Unknown Field (type 00DA):  00 00 00 00 00 00 00  00
				00 00 00 00 00 00 00  00
Asset ID:
Power Supply Type: AC
Environment Monitor Data:   00 08 00 F8
Environment Monitor Data:   02 A5 2E E2 EE 00 5B
Environment Monitor Data:   05 02 03 50 03 58 00 4B
Platform features:   00 00 03 56 1E 53  0F  2A
			00 00 00 00 00 00  00  00
			FD		
Power/Fan Module P1 EEPROM data is not initialized