This guide walks through the essential initial commands to bring up the web UI and establish a solid baseline for your deployment.
Configuring a Cisco Catalyst 9800 WLC from the CLI is often the fastest way to get a new controller online, reachable, and ready for AP join.
Access the controller via SSH/WEB with 192.168.10.50 .
IP where the APs need to be directed for there CAPWAP tunnel 192.168.150.10 .
1. Skip the Day‑0 Wizard and Prepare AP Radios
ap dot11 24ghz shutdownap dot11 5ghz shutdown!ap country US!no ap dot11 24ghz shutdownno ap dot11 5ghz shutdown!copy run start2. Configure Basic Access and enable GUI/SSH
hostname SRV9800CL!enable secret 0 --SECRETpass!username wlc-admin-jo privilege 15 secret 0 --SECRETpass!aaa new-modelaaa authentication login default local!interface vlan 1shutdown!interface GigabitEthernet1 description MGMT-WLC-INTERFACE no switchport ip address 192.168.10.50 255.255.255.0 ! ip route 0.0.0.0 0.0.0.0 192.168.10.1 ! copy run start3.Create VLANs and Set Up the Wireless Management Interface
interface GigabitEthernet2 description MGMT-AP-&-USER-DATA-LAB switchport mode trunk!interface GigabitEthernet3 shutdown!vlan 150 name vlan150-ap-management!interface Vlan150 ip address 192.168.150.10 255.255.255.0!4.Generate the SSC Trust point for AP Join
wireless management interface Vlan150 ping 192.168.150.1!Enable mode, not in config modewireless config vwlc-ssc key-size 2048 signature-algo sha256 password 0 --SECRETpass5.Trust point validation
!Validation commands----------Example Output----------------------SRV9800CL-03#show wireless management trustpointTrustpoint Name : SRV9800CL-03_WLC_TPCertificate Info : AvailableCertificate Type : SSCCertificate Hash : 5feb8e60db34087ee8112c6648d7eabafff604f7Private key Info : AvailableFIPS suitability : Not Applicable!SRV9800CL-03#show run | inc management trustpointwireless management trustpoint SRV9800CL-03_WLC_TP
Leave a Reply