controller

Profile Config Commands

Configures the WiNG controller (wireless controller or service platform) adoption settings

Adoption is the process a controller or service platform uses to discover available access points and/or peer controllers/service platforms, establish an association and provision the adopted device. Adoption settings are configurable and supported within a profile and applied to all devices supported by the profile.

Use this command to add a controller to a pool and group. This command also enables and disables adoption on controllers, and specifies the device types that can be adopted by a controller.

Supported in the following platforms:

Syntax

controller [adopted-devices|adoption|group|hello-interval|vlan|host]
controller adopted-devices [aps {controllers}|controllers {aps}|external-devices|external-devices-monitoring-only]
controller adoption
controller [group <CONTROLLER-GROUP-NAME>|vlan <1-4094>]
controller hello-interval <1-120> adjacency-hold-time <2-600>
controller host [<IPv4>|<IPv6>|<HOSTNAME>] {ipsec-secure|level|pool|remote-vpn-client}
controller host [<IPv4>|<IPv6>|<HOSTNAME>] {ipsec-secure} {gw [<IP>|<HOSTNAME>]}
controller host [<IPv4>|<IPv6>|<HOSTNAME>] {level [1|2]|pool <1-2> level [1|2]} {ipsec-secure {gw [<IP>|<HOSTNAME>]}|remote-vpn-client}
controller host [<IPv4>|<IPv6>|<HOSTNAME>] {remote-vpn-client}

Parameters

controller adopted-devices [aps {controllers}|controllers {aps}|external-devices|external-devices-monitoring-only]
controller Configures the WLAN‘s controller adoption settings
adopted-devices Configures the types of device (AP/controller) this controller can adopt
aps {controllers} Enables the adoption of network access points by this controller. This option is enabled by default.
  • controllers – Optional. Enables the adoption of peer controllers by this controller

All adopted devices (referred to as adoptee) receive complete configuration from the adopting controller (referred to as adopter).

controllers {aps} Enables the adoption of peer controllers by this controllers
  • aps – Optional. Enables the adoption of network access points by this controller

A controller cannot be configured as an adoptee and an adopter simultaneously. In other words, an adopted controller (adoptee) cannot be configured to adopt another controller.

Use the no > controller > adopted-devices command to remove this setting.

external-devices Enables adoption of external devices by this controller. This option is disabled by default.

When enabled, a WiNG controller can adopt and manage T5 controllers and EX3500 switches (using the IPX operating system) within a WiNG managed device subnet. This setting is disabled by default.

To disable T5 or EX3500 adoption, use the no > controller > external-devices command.

This feature is supported only on NX9500, NX9510, NX9600, and VX9000 platforms.

external-devices-monitoring-only Enables only monitoring of external devices by this controller or service platform. This option is disabled by default.
controller adoption
controller adoption Enables the adoption of the logged device (wireless controller or service platform) by other controllers. This option is disabled by default.

Use the no > controller > adoption command to disable adoption.

controller [group <CONTROLLER-GROUP-NAME>|vlan <1-4094>]
controller Configures the WLAN‘s controller adoption settings
group <CONTROLLER-GROUP-NAME> Configures the wireless controller or service platform group
  • <CONTROLLER-GROUP-NAME> – Specify the wireless controller or service platform group name.
vlan <1-4094> Configures the wireless controller or service platform VLAN
  • <1-4094> – Specify the VLAN ID from 1 - 4094.
controller hello-interval <1-120> adjacency-hold-time <2-600>
controller Configures the WLAN‘s controller settings
hello-interval <1-120> Configures the hello-interval in seconds. This is the interval between consecutive hello packets exchanged between AP and wireless controller or service platform.
  • <1-120> – Specify a value from 1 - 120 seconds.
adjacency-hold-time <2-600> Configures the adjacency hold time in seconds. This is the time since the last received hello packet, after which the adjacency between wireless controller or service platform and AP is lost, and the link is re-established.
  • <2-600> – Specify a value from 2 - 600 seconds.
controller host [<IPv4>|<IPv6>|<HOSTNAME>] {ipsec-secure} {gw [<IP>|<HOSTNAME>]}
controller Configures the WLAN‘s controller adoption settings
host [<IPv4>|<IPv6>| <HOSTNAME>] Configures wireless controller or service platform‘s IPv4/IPv6 address or hostname
  • <IPv4> – Configures wireless controller or service platform‘s IPv4 address
  • <IPv6> – Configures wireless controller or service platform‘s IPv6 address
  • <HOSTNAME> – Configures wireless controller or service platform‘s hostname
ipsec-secure {gw [<IP>| <HOSTNAME>]} Optional. Enables Internet Protocol Security (IPSec) peer authentication on the connection (link) between the adopting devices. This option is disabled by default.
  • gw – Optional. Specifies a IPSec gateway other than the wireless controller or service platform
    • <IP> – Use this option to specify the IPSec gateway‘s IP address.
    • <HOSTNAME> – Use this option to specify the IPSec gateway‘s hostname.

If the gateway‘s IP address or hostname is not specified, the system assumes the logged controller as the IPSec gateway.

controller host [<IPv4>|<IPv6>|<HOSTNAME>] {level [1|2]|pool <1-2> level [1|2]} {ipsec-secure {gw [<IP>|<HOSTNAME>]}|remote-vpn-client}
controller Configures the WLAN‘s controller adoption settings
host [<IPv4>|<IPv6>| <HOSTNAME>] Configures wireless controller or service platform‘s IPv4/IPv6 address or name
  • <IPv4> – Configures wireless controller or service platform‘s IPv4 address
  • <IPv6> – Configures wireless controller or service platform‘s IPv6 address
  • <HOSTNAME> – Configures wireless controller or service platform‘s name
level [1|2] The following keywords are common to the ‘IP‘, ‘IPv6‘, and ‘hostname‘ parameters:

Optional. After providing the wireless controller or service platform‘s address, optionally select one of the following routing levels:

  • 1 – Optional. Level 1, local routing
  • 2 – Optional. Level 2, inter-site routing
    Note: After specifying the routing level, you can, optionally enable IPSec Secure authentication and remote VPN client.
pool <1-2> level [1|2] The following keywords are common to the ‘IP‘, ‘IPv6‘, and ‘hostname‘ parameters:

Optional. Sets the wireless controller or service platform‘s pool

  • <1-2> – Select either 1 or 2 as the pool. The default is 1. After selecting the pool, optionally select one of the following two routing levels:
    • 1 – Optional. Level 1, local routing
    • 2 – Optional. Level 2, inter-site routing
{ipsec-secure {gw [<IP>| <HOSTNAME>]}| remote-vpn-client} After specifying the routing level and or device‘s pool, you can optionally specify the following:
  • ipsec-secure – Optional. Enables IPSec peer authentication on the connection (link) between the adopting devices. This option is disabled by default.
  • gw – Optional. Specifies a IPSec gateway other than the wireless controller or service platform
    • <IP> – Use this option to specify the IPSec gateway‘s IP address.
    • <HOSTNAME> – Use this option to specify the IPSec gateway‘s hostname.
      Note: If the gateway‘s IP address or hostname is not specified, the system assumes the logged controller as the IPSec gateway.
  • remote-vpn-client – Forces MiNT link creation protocol (MLCP) to use remote VPN connection on the controller

The controller uses remote VPN tunnel for this traffic. If multiple controller hosts are configured, either all the hosts should use remote-vpn-client or none.

When enabled, an MLCP connection is not initiated until remote VPN connection is UP and virtual IP, DNS server, source route, etc. are installed on the AP.

controller host [<IPv4>|<IPv6>|<HOSTNAME>] {remote-vpn-client}
controller Configures the WLAN‘s controller settings
host [<IPv4>|<IPv6>| <HOSTNAME>] Configures wireless controller or service platform‘s IPv4/IPv6 address or hostname
  • <IP> – Configures wireless controller or service platform‘s IPv4 address
  • <IPv6> – Configures wireless controller or service platform‘s IPv6 address
  • <HOSTNAME> – Configures wireless controller or service platform‘s name
remote-vpn-client Forces MLCP to use remote VPN connection on the controller

The controller uses remote VPN tunnel for this traffic. If multiple controller hosts are configured, either all the hosts should use remote-vpn-client or none.

When enabled, an MLCP connection is not initiated until remote VPN connection is UP and virtual IP, DNS server, source route, etc. are installed on the AP.

Example

nx9500-6C8809(config-profile-default-ap8533)controller group test

nx9500-6C8809(config-profile-default-ap8533)#controller host 1.2.3.4 pool 2

nx9500-6C8809(config-profile-default-ap8533)#show context
profile ap8533 default-ap8533
 no autoinstall configuration
 no autoinstall firmware
 crypto isakmp policy default
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
..........................................................
 interface ge4
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 use firewall-policy default
 controller host 1.2.3.4 pool 2
 controller group test
 service pm sys-restart
--More--
nx9500-6C8809(config-profile-default-ap8533)#

nx9500-6C8809(config-profile-testAP8432)#controller adopted-devices aps controllers

nx9500-6C8809(config-profile-testAP8432)#show context
profile ap8432 testAP8432
 autoinstall configuration
....................................................................
  logging on
 service pm sys-restart
 router ospf
 controller adopted-devices aps controllers
nx9500-6C8809(config-profile-testAP8432)#

Related Commands

no Disables or reverts settings to their default