To connect to the DAY 0 GUI, login to the defined Device Management interface via https and then the IP address of the management which you configured To know how to configure it please visit the Day 0 Configuration of WLC. In this blog we will know about WLC basic GUI Configuration (C9800).
To login use the (default) username and password credentials.
Once logged in, the user is presented with a simplified configuration flow to set the basic parameters and have the controller fully operational.
After completing these Configurations, takes you straight to the Dashboard, the dashboard is simple and easy to use.
Go to Administration -> Device to change/modify general requirements.
Here, you can change the host name, Banner and IP routing (Enabled/Disabled) in the General Tab.
Go to Administration -> Select DNS to add the DNS Server.
Here, click on +Add to Create DNS
After clicking on +Add, Add DNS Server IP addresses and Click on Apply to Device.
Go to Administration -> Time to add the NTP Server or Change Date and Time.
- Click on +Add to add the NTP server.
- Click on Change Date and Time to change the Date, Time and Time Zone.
Here, Change the Time Zone to IST and Click on Apply to Device.
Here, we can see that the source is NTP, and the time zone has been changed to IST.
Go to Administration and then click on User Administration to check or modify the User Credentials.
In User Administration, click on +Add to make new User Credentials, or select the existing User Credentials to edit User Name, Policy, Privilege, and Password.
Configure RADIUS Authentication for the WLC
Add the RADIUS Server
Step 1: Navigate to Configuration > Security >AAA
Then click on Servers/Groups > Servers > RADIUS >+Add
The RADIUS Authentication servers page appears.
Step 2: Enter all the needed information. Once done click Update & Apply to Device.
Make the following changes:
- The server name (note that it does not have to match the ISE system name)
- The server IP address
- The shared secret between the WLC and the RADIUS server
Other parameters can be configured, such as the ports used for authentication and accounting, but these are not mandatory and left as default for this documentation.
Step 3: Map the RADIUS server to a Server Group.
RADIUS server groups are configured from the Servers / Groups → RADIUS → Server Groups tab from the same GUI page as the one mentioned in step 1, which is shown in the image.
As for the server creation, a popup window appears when you click on the Add button framed in the image above, which is depicted in this image.
Create an AAA authentication login method that points to the RADIUS server group.
Step 4: Navigate to the AAA Method List → Authentication tab and create an authentication method as shown in this image.
As usual, when you use the Add button to create an authentication method, a configuration popup window appears, similar to the one depicted in this picture.
In this popup window, provide a name for the method, select Type as Dot1x, and add the group server created in the previous step to the Assigned Server Groups list. With regards to the Group Type field, several configurations are possible.
- If you select Group Type as local, the WLC first checks if the user credentials exist locally, and then falls back to the server group.
- If you select Group Type as a group and do not check the Fall back to local option, the WLC just checks the user credentials against the server group.
- if the server does not respond. If the server sends a reject, the user is authenticated, even though it can exist on the local database.
- If you select Group Type as group, and check the Fallback to local option, the WLC checks the user credentials against the server group and queries the local database only
Create a AAA authorization exec method that points to the RADIUS server group.
Step 5: Navigate to the AAA Method List → Authorization tab and create an authentication method as shown in this image.
Create a AAA accounting exec method that points to the RADIUS server group.
Step 6: Navigate to the AAA Method List → Accounting tab and create an authentication method as shown in this image.
We will continue this blog in Part 2 where we will discuss some advance configuring in WLC and know WLC in more detail.
Zindagi Technology is a Top leading IT consulting company in Delhi. We have successfully completed a lot of projects in the Public and Private sectors. Zindagi Technologies consultants have expertise in the field of designing, building and maintaining large-scale Networks. If you require any support, Please Contact us, drop us a message at +91-9773973971 or get in touch with us via email. Follow us on LinkedIn and keep in touch with the latest technology blogs.