Embedded Wireless on Cisco Catalyst 9000 Series Switches for Single Secure Site Deployment (Non-SDA)

Introduction to Embedded Wireless

The Cisco Integrated Wireless on Cisco Catalyst 9000 Series Switches is the next-generation Wi-Fi solution, combining the most advanced features of the Cisco Catalyst 9800 Series Wireless controller with the Catalyst 9000 series switches, creating a best-in-class wireless experience that provides enterprise-class resiliency, security, and IT simplicity for single site deployments.

Embedded wireless is supported only on the following switches:

  • Cisco Catalyst 9300 Series Switches

  • Cisco Catalyst 9400 Series Switches

  • Cisco Catalyst 9500 Series Switches

Prerequisites

  • Wireless sub-package must be preinstalled on the switch. For information on Installing Wireless Sub-Package, see: Wireless Sub-Package for Switch

  • Management IP must be configured on the switch

  • Loopback IP address must be configured on the switch


Note


For stack based High Availability information for Cisco Catalyst 9300 Switches, see the Stack Manager and High Availability Configuration Guide at: https://www.cisco.com/c/en/us/support/switches/catalyst-9300-series-switches/products-installation-and-configuration-guides-list.html

For dual RP information for Cisco Catalyst 9400 Switches, see the High Availability Configuration Guide at: https://www.cisco.com/c/en/us/support/switches/catalyst-9400-series-switches/products-installation-and-configuration-guides-list.html.


Restrictions

  • Supports only single site deployments.

  • Stateful Switch Over (SSO) is not supported with Cisco Catalyst 9500 Series Switches.

  • Security Group Tag (SGT) based segmentation is not supported.

  • StackWise Virtual Link (SVL) is not supported on the Cisco Catalyst 9500 Series Switches.

Configuring the Embedded Wireless Setup (GUI)

Before you begin

  • Login to the management IP address of the switch. Enable the wireless controller configuration by clicking on the controller icon on the top menu bar. The controller icon is grey in color and it turns green after you enable it, indicating that wireless controller configuration has been enabled.

  • Ensure that Loopback interface is created for the configuration to work. You can go to Configuration > Interface > Logical > Loopback to check whether a loopback interface is created.


Note


All the wireless-related configuration has to be done using web UI. The switching configuration can be done using either web UI or CLI.


Procedure


Step 1

Choose Configuration > Embedded Wireless Setup.

Step 2

Toggle the Embedded Wireless Setup button to Enabled. (Toggling to Disabled cleans up the fabric-related configurations. )

Step 3

Click Apply.


AP Onboarding Information (GUI)

Procedure


Step 1

Choose Configuration > Embedded Wireless Setup.

Step 2

Click Add.

The Location Configuration window is displayed.

Step 3

Click the General tab.

Step 4

In the Location Name field, enter the location name.

Step 5

In the Description field, enter a description for the location.

Step 6

In the Client Density area, use the slider to select the client density for the AP.

Step 7

Go to the AP Onboarding section.

Step 8

In the VLAN field, enter the VLAN number.

Step 9

In the IP Address field, enter the IP address.

Step 10

In the Subnet Mask field, enter the subnet address.

Step 11

In the DHCP Server field, enter the name of the DHCP server.

Note

 

The DHCP Server IP address is pushed to the ip helper address.

You can use a DHCP server that is residing outside of the Cisco Catalyst 9300 device, if the helper address is reachable. For DHCP discover packets to reach the DHCP server, configure the helper address on the SVI.

Step 12

Click Apply.

This completes the basic wireless setup.

Step 13

Click the Wireless Networks tab.

The Wireless Network page creates WLAN/SSID for the AP to broadcast.

Note

 
  • You can use an existing WLAN or create a new one. However, you cannot edit the WLAN attributes of an existing WLAN. You can delete the WLAN and re-create it on the location.

  • Deleting a WLAN does not remove it from the device, it is removed only from the Location (policy-tag).

Step 14

Click Add, to create a new WLAN. The Add Location Setup window is displayed.

Step 15

From the WLAN drop-down list, choose the WLAN. (You can also create a new WLAN by clicking the Define New link, which will take you to Add WLAN window.)

This solution supports up to 4 VRFs. A VRF is created to keep the guest SSIDs network separated from employee SSID networks.

Step 16

Go to the Policy Details section.

Step 17

From the VRF drop-down list, choose a VRF. (You can also create a VRF by clicking the Click here to add VRF.)

Step 18

From the VLAN drop-down list, choose a VLAN.

If you enter a VLAN that is not predefined, the system prompts you to enter details such as IP Address, Subnet Mask, and DHCP server.

Step 19

From the QoS drop-down list, choose the optional QoS policy.

Step 20

Click Add.

All the SSIDs that have been created for this location will be listed in the Wirelesss Networks page.


What to do next

AP Provisioning (GUI)

Procedure


Step 1

Choose Configuration > Embedded Wireless Setup > AP Provisioning.

Step 2

From the Available AP List, choose the required APs and use the right arrow to move them to the Associated AP List.

Step 3

Click Apply.

This moves the APs to the newly added location. All the ports connected to the AP should be in the same VLAN as the wireless profile VLAN.

To select the country code for the APs, go to Configuration > Access Points > Country and select the country where APs are located and click Apply. For information on selecting a country code to set the AP location, see Country Codes.