This is used when allocating and configuring VLANs when connecting new access points is a time-consuming task, especially if a large number of switches are used between access points and the controller on the enterprise network. This solution simplifies the connection of access points even in an L2 network, as there is no need to route VLANs for each SSID through all switches, since it involves configuring SoftGRE tunnels to carry user traffic.

Recommended switch port configuration towards the AP and WLC.

Port configuration towards the AP
MES2324P#configure 
MES2324P(config)#interface GigabitEthernet 1/0/12
MES2324P(config-if)#switchport mode access 
MES2324P(config-if)#switchport access vlan 110
Command description
#go to configuration mode
#go to requikred port settings
#switch port to access mode
#configure VLAN for managing access points
Port configuration towards WLC
MES2324P#configure 
MES2324P(config)#interface GigabitEthernet 1/0/12
MES2324P(config-if)#switchport mode trunk
MES2324P(config-if)#switchport trunk allowed vlan add 110
Command description
#go to configuration mode
#go to requikred port settings
#switch port to trunk mode
#configure VLAN for managing access points

Configuring SoftGRE controller tunnels

Configuring SoftGRE controller tunnels
wlc(config)# softgre-controller
wlc(config-softgre-controller)# nas-ip-address 127.0.0.1
wlc(config-softgre-controller)# data-tunnel configuration wlc
wlc(config-softgre-controller)# aaa radius-profile default_radius
wlc(config-softgre-controller)# keepalive-disable
wlc(config-softgre-controller)# service-vlan add 115
wlc(config-softgre-controller)# enable
wlc(config-softgre-controller)# exit
Command description
#go to the SoftGRE controller configuration mode
					
#set the data tunnels configuration mode. The wlc mode is selected, in which SoftGRE DATA tunnel parameters are requested from the WLC.
#select the AAA profile created earlier (see the Configuring RADIUS page)
#disable availability check for the remote tunnel gateway, because SoftGRE does not require constant connection check. It remains passive until there is a need for data transfer.
#enable user traffic with VLAN-ID 115: for the traffic with this VLAN to get into the tunnel, assign this VLAN in the SSID-profile settings
#enable softgre-controller operation

Configuring and enabling the functionality of automatic building of SoftGRE tunnels

Configuring and enabling the functionality of automatic building of SoftGRE tunnels
wlc(config)# tunnel softgre 1
wlc(config-softgre)# mode data
wlc(config-softgre)# local address 192.168.1.1
wlc(config-softgre)# default-profile
wlc(config-softgre)# enable
Command description
#go to SoftGRE tunnel settings
#select the operating mode. In our case it's "data" - data mode
#set an IP address of the local tunnel gateway.
#enable the use of this tunnel's configuration to automatically build tunnels with the same mode and local address (default-profile is created by default in the SoftGRE controller profile).
#enable tunnel operation

Configuration of the following sections is also required:


AP-location wlc-30(config-wlc-ap-location)# mode tunnel — enable SoftGRE tunnel establishing mode from the controller side;
DHCP-server wlc(config-dhcp-server-vendor-specific)# suboption 12 ascii-text "192.168.1.1" — suboption 12 for the tunnel establishing from the AP side;
SSID-profile wlc(config-wlc-ssid-profile)# vlan-id 115 ) — VLAN-ID for traffic on the VLAN to be tunnelled.

All changes made to the configuration must be saved in the non-volatile memory of the device.

wlc-30# commit

Configuration has been successfully applied and saved to flash. Commit timer started, changes will be reverted in 600 seconds. #changes are saved and the timer is started

wlc-30# confirm 

Configuration has been confirmed. Commit timer canceled. #changes are confirmed and applied
  • Нет меток