The proposed solution uses DHCP server integrated into a controller to issue the initial configuration of the access point's web interface and controller address, and to issue network settings to Wi-Fi clients.
Initial configuration of an address space for access points that will be connected to the controller
For the access point to receive a DHCP-Offer packet ( which contains the network settings for the interface) in response to a DHCP-Discover sent over the enterprise network, a management VLAN must be configured from the controller to the access point. Alternatively, the DHCP-relay mechanism of one of the switches must be used if L3 connectivity is established between the controller and the access point.
wlc(config)# ip dhcp-server pool ap-pool wlc(config-dhcp-server)# network 192.168.1.0/24 wlc(config-dhcp-server)# address-range 192.168.1.2-192.168.1.254 wlc(config-dhcp-server)# default-router 192.168.1.1 wlc(config-dhcp-server)# dns-server 192.168.1.1
#go to the DHCP server settings choosing a pool for access points (ap-pool) #specify the subnet from which devices will be receiving IP addresses #set the required range of assigned IP addresses #specify the default gateway. This is the address of the AP management bridge (see the Configuring Interfaces section) #specify the DNS server address
It is necessary to specify the NTP-server, because the correct time allows you to pass the validity check of certificates.
wlc(config-dhcp-server)# option 42 ip-address 10.10.15.17
#Issue a 42 DHCP option containing the address of an NTP server to synchronize the time on the APs
Issue a vendor specific 43 DHCP option, which contains the 12 sub-option required to build SoftGRE data tunnels. The option contains the IP address of the softGRE interface of the controller.
wlc(config-dhcp-server)# vendor-specific wlc(config-dhcp-server-vendor-specific)# suboption 12 ascii-text "192.168.1.1"
#go to vendor-specific mode to assign subptions #specify the sub-option and specify that this IP address will be passed in this vendor-specific option
Suboption 12 is not required if SoftGRE will not be used.
Issue suboption 15 so that the AP will automatically come to the controller and become operational under its control. The option contains the HTTPS URL of the controller
wlc(config-dhcp-server-vendor-specific)# suboption 15 ascii-text "https://192.168.1.1:8043" wlc(config-dhcp-server-vendor-specific)# exit wlc(config-dhcp-server)# exit
#specify the controller address
Configuration of the address space for Wi-Fi clients
wlc(config)# ip dhcp-server pool users-pool wlc(config-dhcp-server)# network 192.168.2.0/24 wlc(config-dhcp-server)# address-range 192.168.2.2-192.168.2.254 wlc(config-dhcp-server)# default-router 192.168.2.1 wlc(config-dhcp-server)# dns-server 192.168.2.1 wlc(config-dhcp-server)# end
#go to the DHCP server settings choosing a pool for users (users-pool) #specify the subnet from which devices will be receiving IP addresses #set the required range of assigned IP addresses #specify the default gateway #specify the DNS server address
All changes made to the configuration must be saved in the non-volatile memory of the device.
wlc-30# commit
Configuration has been successfully applied and saved to flash. Commit timer started, changes will be reverted in 600 seconds. #changes are saved and the timer is started
wlc-30# confirm
Configuration has been confirmed. Commit timer canceled. #changes are confirmed and applied