A couple of days ago Cisco released 7.6MR2 (220.127.116.11) code for their Wireless LAN Controllers.
Release notes for the code can be found here.
Aside form the usual slew of bug fixes and a couple of feature enhancements the biggest change in this release is the introduction of a new web-based initial configuration mode for the 2500 series controllers designed to make these devices slightly easier for users to get up and running as well as apply some sensible best practice defaults that would otherwise maybe be missed by an admin.
I thought I would upgrade my lab WLC and give this a go and see what the new “dashboard” looks like compared to the traditional WLC GUI that we are all familiar with, after the upgrades were done I defaulted the config from the GUI and reloaded it.
After the WLC had rebooted as per the instructions I connected to Port 2 and was issued an IP addresses in the 192.168.1.x /24 range. The WLC could be reached at http://192.168.1.1 and immediately I was presented with the following screen asking me to configure an admin account:
That step completed you are taken to a screen that asks for some basic configuration values to get the WLC online (so far most of this would be as per the initial configuration via the CLI).
After providing the information for management access, timezone, country etc. you move onto configuring an “employee” SSID. You can choose to use either WPA2-PSK based authentication here or RADIUS (I am using WPA2-PSK here):
I chose not to enable the “guest network” but these are the options you have available to configure, as I understand it from reading the release notes this would also automatically configure a couple of ACLs and a DHCP scope on the WLC itself to allow guests to connect but restrict them from accessing the management network defined earlier.
Following on from configuring your initial SSIDs you are asked to confirm your settings and at this point the WLC will save the config and reload, at this point you can disconnect from Port 2 and connect Port 1 on the WLC to your network.
And that folks, is pretty much it. The WLC rebooted and I was able to log into it at the address I had configured, here are some interesting observations / potential caveats that I noticed that are not covered by the release notes:
- DHCP Proxy is disabled by default, this may or may not be an issue depending on your environment and possibly could save some issues for those with an ASA as a DHCP server in a small network.
- Country code was not set to GB as expected, it was on US which was an annoyance as my lab APs are all -E region.
- Fast SSID change is not enabled by default, I generally consider this to be sensible best practice at the moment.
Here are a couple of screen shots of the new dashboard, fairly basic but I think it offers a nice high-level view of the status of a controller and presents users with the most relevant information all in one place. Clicking into various elements of this dashboard just takes you to pages within the traditional GUI.
The whole process of the initial setup was very reminiscent to me of the initial configuration of a Ruckus ZoneDirector, you supply similar kinds of information and at the end of the process have a basic config to get you up and running quickly.
In all this process took me around 5 minutes to complete, not much faster than I can blitz through the CLI based iniital configuration but for new users to the platform it may avoid presenting them with options they are unfamiliar with (Mobility / RF group names etc.) and the controller will still require some advanced configuration for most deployments (multicast configuration being the biggest one here I can think of that is omitted from this setup process).
I think this is a good step in the right direction for Cisco, it would be nice to see them address a few other things many of us in the industry consider “current best practices” such as disabling low data rates by default, or maybe offer people a few options that would lead to this out of the box.
The biggest issue I experienced was the one with the country code miss-configuration, I’m not sure if that was a failing on my part or the GUI didn’t pass some information correctly but either way that would potentially lead to serious deployment issues for users not familiar with how regulatory domains are configured on the WLC (people may not even be aware of why this is also very important to be setup correctly). If anybody is able to verify / reproduce this let me know.