Prerequisites
- Cisco access points and wireless LAN controller are deployed.
- Controller has basic networking configured and has the licenses required.
- Access points are connected to the controller and are online.
Creating your network / SSID
This document will guide you in configuring a WPA2-Enterprise SSID in Cisco WLC.
- To start the configuration process, log in to the Cisco wireless LAN controller as admin. For existing environments with additional users, log in as a user with administrative privileges.
- Click Advanced on the top right of the Dashboard.
- Click WLANs. The WLANs menu appears on the left side of the Dashboard.
- Select Create New on the top right, then click Go.
The WLANs>New page appears. - For the new WLAN set Type to ‘WLAN’. Enter the Profile Name such as "Cloud4Wi_Enterprise"
- Enter the SSID, as "Cloud4Wi Secure WiFi".
- For ID you may choose any value from the select menu.
- Click Apply on the top right to save your changes.
The wireless LAN you added appears on the WLANs information page. - Click Save Configuration on the top right to commit the configuration.
- Still on the WLANs information page, click the WLAN ID, such as “2”.
The WLANs > Edit page appears. - In General tab,
- set SSID ‘Status’ to ‘Enabled’
- set ‘Broadcast SSID’ to ‘Enabled’
- set NAS-ID value to MAC address of your access point connected to WLC controller.
This is the MAC address of the radio interface, and must match with the one entered into the Cloud4Wi dashboard.
- Then click on the Security tab.
- In Layer 2 section of Security tab
- set Layer 2 Security as ‘WPA+WPA2’,
- enable WPA2 Policy
- set WPA2 Encryption to AES.
- Under ‘Authentication Key Management’ section enable ‘802.1X’ option
- After, click on the Layer 3 tab. In the Layer 3 tab:
- set Layer 3 Security to ‘None’.
- set Captive Network Assistant Bypass to ‘None’.
- Click on AAA Servers tab:
- Enable both Authentication and Accounting servers and set the following values as RADIUS servers:
RADIUS Primary IP Address: 52.48.102.108
RADIUS Secondary IP Address: 34.252.97.217
Shared Secret: <as communicated by Cloud4Wi team> -
Enable Interim Updates and set Interim Interval to 180 seconds.
-
Click Apply on the top right to save your changes.
- Enable both Authentication and Accounting servers and set the following values as RADIUS servers:
-
Click Save Configuration on the top right to commit the configuration.
Your SSID is now configured and in a few minutes, after WLC apply changes, it will be ready to use.