lab setup instruction (adv mobility - cmx) drn 1.0

8/12/2019 Lab Setup Instruction (ADV Mobility - CMX) Drn 1.0

1/18

Instruction to LAB team for ADV Mobility [CMX]

MGMT PC:

1.

MGMT PC either Windows 7 or Windows 2008 R2 .2. Make sure the System Date, Time & TimeZone set to current and the Activated the OS with

Valid key.

3. Must have Dual NIC card. Rename the onboard NIC to Internet Do-Not-Touch connect it to

GK Internet switch and the External NIC (Second) to Lab-NIC. For Lab NIC the IP address

should be 192.168. X0.15 and subnet mask 255.255.255.0 and NO DEFAULT

GATEWAY.

4. Copy the ( Maps Folder ) to the MGMT PC Desktop .

5. Create a folder named Copy of CMX on the MGMT PC desktop and Copy the .ova files of

(AD, MSE & PI) in to it. Copy the Wireless Client to C:\Virtual Machines Folder . (If that

folder not exists please create one and copy the files).

File Location for pointers 4 & 5 [ \\192.168.200.254\ve\Completed\Copy of CMX ].

6. Create a folder called software in C:\ drive and copy the drivers for USB Serial cable &

Wireless Adaptor.

7. It is advisable to have latest version of IE, Chrome & Firefox . Make sure the Java, Flash,

Direct X, .Net Framework 3.5 SP1 and Later installed.

8. For Firefox, follow these steps to enable WebGL:

In the browser address line, enter about:config

In the Search text box, enter webgl to filter the settings.

Double click webgl.forceenabled.

Make sure that webgl.disables is disabled.


2/18

9. Please use SecureCRT for the console connection and make sure PuTTY is NOT there on the

Desktop.

10. Make sure you have connected and saved the console session for WLC, POD Switch & AP.

11. Keep the VMware workstation and vSphere Client running on the MGMT PC before the

class commences. Make sure you logged in to the Esxi using vSphere client.

12. Power ON the Win 7 Wireless VM image on the Workstation. Remove old SSID entries from

Manage wireless Networks.

13. Log in to the Win7 Wireless VM and make sure the wireless USB adapter is

attached/Mapped. Make sure the wireless driver is installed on both MGMT & VM and

license is still active. If expired, reactivate it. Also ensure that the VMTools are

updated.

ESXi:-

1. Its advisable to install ESXi 5.0 and make sure the host PC has 5.1 version of vsphere client

installed [ Optional ].

2. Make sure the Esxi machine has 1 TB HDD space and minimum of 32 GB RAM.

3. ESXi should have two NICs. Onboard NIC should connected to the GK Internet Giga Switch

and the other one should be connected to this Classroom POD switch.

4. Make sure that No Keyboard/Mouse connected to the Esxi machine.

5. Configure the Username and Password for Esxi as per the user credentials table given

below.

6. Create a Vmkernal switch inside the Esxi and assign the ip address 192.168.X0.10 and

VLANID X0.

7. Make sure the Vmkernal IP is pingable from the host machine (RDP Machine).

8. Create a Virtual Machine and Name it as MGMT & assign VLANID X0.

9. All images related to the Lab must be mapped to the MGMT adapter.

10. Deploy AD, PI & MSE and configure the IP address & Password as per the Lab guide. Makesure AD license is still active. If expired, reactivate it.

11. Delete the old entries of DNS records and create new one according to the POD.

12. Make sure that the NTP is configured and running in AD.

13. Open Run cmd Type net stop w32time && net start w32time hit enter key


3/18

WLC, AP & Switch:

1. The WLC should run 7.5.102.0 as an Active image . Make sure the configuration in the WLC is

cleared.

2.

APs need to be hard reset properly to get the AP find its WLC without any certificate ortimer issue. Please find the steps below on how to hard reset.

a. Power off the AP by either plugging out the cable from PoE switch or switching off

the power adapter that gives power source to the AP.

b. Start pressing the HARD RESET button when the AP is powered down.

c. Keep hold of the button and power on the AP by any method (either via PoE or

Power adaptor)

d. Keep on holding the button for full 1 minute (60 seconds) until you start to see the

stable RED light. Then the AP is already in the ROMMON mode. Then you can issue

the below given command.

3. DO NOT forget to issue SET BOOT command ( set BOOT flash:ap3g2-k9w8-mx.152-

2.JB1/ap3g2-k9w8-mx.152-2.JB1 ) and reload ( boot )

4. Please let the trainer knows about the AP model and Country code.

5. Do reset (Clear config & vlan.dat) the Switch before you pushing in the switch configuration

6. Do reset (Clear config) the Router before you pushing in the Router configuration

7. Please use good conditioned cables (Both Data Cable & Console) while connecting thedevices.

User Credentials:-

Machines Username Password IP addressEsxi root cisco123 192.168.X0.10

AD Administrator C1sc0123 192.168.X0.11

WLC admin C1sc0123 192.168.X0.30

Wireless Client Administrator C1sc0123 DHCP (192.168.X0.0/24)

MSE root password 192.168.X0.80

Prime Infrastructure (GUI) root Adm1n123 192.168.X0.70

Prime Infrastructure (CLI) admin Adm1n123 192.168.X0.70


4/18

Lab Topology Diagram:-

G0/1- AP-1

G0/2 WLC

G0/3 Esxis Second NIC card .

G0/4 Host Machines Second NIC, [Lab NIC].

G0/5 Internet


5/18

Change the Hex valueaccording to the WLC IP.

The First four digits f104 isstandard and next two sets

of 4 digits only is the IP

Switch Configuration(Sample- Replace X with the POD number)

Switch:

hostname CMX-SW

!vlan X0,X1,X2,X3,X4!enable secret 5 $1$NAo5$B4zS81umF.BGhsNzASCUS.!!!ip routingip dhcp excluded-address 192.168.X0.1 192.168.X0.100ip dhcp excluded-address 192.168.X1.1 192.168.X1.100ip dhcp excluded-address 192.168.X2.1 192.168.X2.100ip dhcp excluded-address 192.168.X3.1 192.168.X3.100ip dhcp excluded-address 192.168.X4.1 192.168.X4.100ip dhcp excluded-address 192.168.X5.1 192.168.X5.100!ip dhcp pool vlanX0

network 192.168.X0.0 255.255.255.0default-router 192.168.X0.1domain-name primeinfra.comoption 43 hex f104.c0a8.0a1edns-server 192.168.10.X1 8.8.8.8

!ip dhcp pool vlanX1

network 192.168.X1.0 255.255.255.0default-router 192.168.X1.1domain-name primeinfra.comdns-server 192.168.10.X1 8.8.8.8


network 192.168.X2.0 255.255.255.0default-router 192.168.X2.1

domain-name primeinfra.comdns-server 192.168.X0.11 8.8.8.8domain-name primeinfra.com


network 192.168.X3.0 255.255.255.0default-router 192.168.X3.1dns-server 192.168.X0.11 8.8.8.8domain-name primeinfra.com


network 192.168.X4.0 255.255.255.0default-router 192.168.X4.1


6/18

domain-name primeinfra.comdns-server 192.168.10.X1 8.8.8.8

!nmsp enable!

spanning-tree mode pvstspanning-tree extend system-id!interface GigabitEthernet 2/0/1

description PODX_AP-1switchport access vlan X0switchport mode accessno shut

!interface GigabitEthernet 2/0/2

description PODX_WLCswitchport trunk encapsulation dot1qswitchport mode trunkno shut


description PODX_ESXIswitchport trunk encapsulation dot1qswitchport mode trunkno shut


description PODX_MGMTswitchport access vlan X0switchport mode accessno shut


description Internetswitchport trunk encapsulation dot1qswitchport mode trunk

no shut!interface Vlan1

no ip addressshutdown

!interface VlanX0

ip address 192.168.X0.1 255.255.255.0no shut

!

interface VlanX1ip address 192.168.X1.1 255.255.255.0


7/18

no shut!interface VlanX2


!interface VlanX3


!interface VlanX4


!ip sla enable reaction-alerts

snmp-server community cisco RW!!line con 0line vty 0 4

password ciscologin

line vty 5 15login

!end

Verification:

AD:

1. Deploy the AD-1 OVA file and change the IP address to 192.168.X0.11/24. No need Gateway

2. Restart the NTP service [Open Run cmd Type net stop w32time && net start w32time hit

enter key ]

DNS Records Creation

Since DNS server plays an important role when it comes to keeping the network upand accessible, it becomes important for the administrators to keep a close eye onthe DNS records, and verify their validity on a regular basis. DNS records are theentries of the computer names along with their corresponding IP addresses in theDNS server database. Although there can be several DNS record types that a DNSserver database can have, some of the most commonly used and important DNSrecords include:


8/18

Host (A) Host (A) records are the names of the computers along with their correspondingIPv4 IP addresses that are registered with the DNS server.

Host (AAAA) Host (AAAA) records are the names of the computers along with theircorresponding IPv6 IP addresses that are registered with the DNS server.

Task 1: Add a Reverse Lookup zone

Step 1 Log on to Windows server 2008 server[AD] with user name and passwordas Administrator /C1sc0123

Step 1 From the desktop screen, click Start .Step 2 From the Start menu, go to Administrative Tools DNS .Step 3 From the DNS Manager, on the left, expand AD.Step 4 Expand Reverse Lookup Zone, Right click on the existing entry and delete

it.

Step 5 Right-click the Reverse Lookup Zones folder, and click New Zone . A zoneconfiguration wizard appears.

Step 6 Click Next. Step 7 Select the Primary Zone and Click Next .Step 8 Leave the default settings and click Next.Step 9 Select the IPV4 Reverse look up Zone and Click Next.Step 10 Enter the your pods Network address : 192.168. X0 (Where X is your pod

number)

Step 11 Click Next

Step 12 Leave the default settings and click Next .Step 13 Review the configuration and click Finish.


9/18

Task 2: Add a Forward Lookup Zone

To add Host (A) DNS records manually to the DNS database, administrators must follow thesteps given as below:

Step 1 From the DNS Manager, on the left, expand AD, Expand Forward LookupZone.

Step 2 Right-click primeinfra.com .Step 3 From the displayed context menu, click New Host (A or AAAA) .

Step 4 On New Host box, type host Name along with the IP address of the targethost computer in the Name (uses parent domain name if blank) and IPaddress fields respectively.


10/18

Step 5 Once done, click Add Host . Optionally, Create associated pointer (PTR)record checkbox can also be checked to automatically generate a PTR entryof the target computer in the Reverse Lookup Zones before clicking AddHost button.

Step 6 On the displayed message box, click OK.Step 7 Back on the New Host box, click Done .Step 8 Repeat the Step 3 to Step 5 for all the components (MSE & WLC)Step 9 Close DNS Manager snap-in when done.

PI Virtual Appliance Configuration

Step 1 At the login prompt, enter the setup command.

Step 2 Prime Infrastructure configuration script starts. The script takes youthrough the initial configuration steps for Prime Infrastructure virtualappliance. In the first sequence of steps, you configure network settings.

Step 3 When prompted, enter the following settings by referring the image below.a. The hostname for the virtual appliance. PI-X b. The IP address for the virtual appliance. 192.168.X0.70 c. The IP default subnet mask for the IP address entered. 255.255.255.0 d. The IP address of the default gateway for the network environment in

which you are creating the virtual machine. 192.168.X0.1 e. The default DNS domain for the target environment. primeinfra.com f. The IP address or hostname of the primary IP nameserver in the network.

192.168.X0.11 g. At the Add/Edit another nameserver prompt? N h. Enter Primary NTP Server: 192.168.X0.11 i. Add/Edit Secondary server? N

j. Enter the Timezone: Asia/Singapore

k. Enter username [admin]: admin l. Enter password: Adm1n123 m. Enter password again: Adm1n123 n. Configure HA? No


11/18

Step 4 Enter the username for the user account used to access PrimeInfrastructure system running on the virtual machine. The default usernameis admin, but you can change this to another username by typing it here.

Step 5 Enter the password for Prime Infrastructure. The password must be at leasteight characters and must include both lowercase and uppercase lettersand at least one number. It cannot include the username or default Ciscopasswords. After you enter the password, the script verifies the networksettings you configured. For example, it attempts to reach the defaultgateway that you have configured.

Step 6 After verifying the network settings, the script starts Prime Infrastructureinstallation processes. This process can take several minutes, during whichthere is no screen feedback. When finished, the following banner appearson the screen:

=== Initial Setup for Application: Prime Infrastructure ===Step 7 After this banner appears, the configuration starts with database scripts

and reboots the server as shown in the console:Running database cloning script...

logger: invalid option -- l

usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]

Running database creation script...

logger: invalid option -- l

usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]

Setting Timezone, temporary workaround for DB...

Generating configuration...

Rebooting...


12/18

Step 8 Log in as admin and enter the admin password.Step 9 Launch Internet Explorer 8 or 9 or Mozilla Firefox 11.0 or 12.0 on a different

computer than the one on which you installed and started PrimeInfrastructure.

Step 10 In the address line of browser, enter https://192.168.X0.70. PrimeInfrastructure user interface displays the Login page.

Step 11 Enter your username. The default username is root .Step 12 Enter the root password you created during setup.

MSE Configuration:

Step 1 Log in to the MSE console with these credentials: root/password .Upon the initial boot up, the MSE prompts the administrator to launch thesetup script.

Step 2 Enter yes to this prompt.Step 3 If the MSE does not prompt for setup, enter the following command:

/opt/mse/setup/setup.sh .

Step 4 Configure the host name by entering choice 2.


13/18


14/18

Step 8 Configure the time zone by entering the choice 8.

Step 9 Configure the NTP settings by entering the choice 12 .

Step 10 Accept the change to the configuration by entering the choice 23 .

MSE Commands


15/18

Run this command in order to determine the status of MSE services:

[root@MSE ~]# getserverinfo

Run this command in order to start the contextaware engine for client tracking:

[root@MSE ~]# /etc/init.d/msed start

Run this command in order to determine the status of the contextaware engine for

client tracking:

[root@MSE ~]# /etc/init.d/msed status

Run this command in order to stop the contextaware engine for client tracking:

[root@MSE ~]# /etc/init.d/msed stop

Run this command in order to perform diagnostics:

[root@MSE ~]# rundiag


16/18


17/18

Network Name (SSID): CMX-X

Configure DHCP Bridging Mode [Yes] [no] : NoAllow Static IP Addresses [YES][no]: Yes Configure a RADIUS Server now? [YES][no]: No

Note By default, one WLAN SSID is already configured on the WLC and usesserver-based authentication. If you skip RADIUS configuration during thestartup wizard, the result is a preconfigured SSID that uses 802.1X EAP,requiring a RADIUS server but without one defined. Use this choice is toprevent open authentication security vulnerabilities.

Enter Country Code list (enter 'help' for a list ofcountries) [US]: US Enable 802.11b Network [YES][no]: Yes Enable 802.11a Network [YES][no]: Yes Enable 802.11g Network [YES][no]: Yes

Note On your controller, enable all radios: 802.11b, 802.11g, and 802.11a. TheAP for this controller has only one 802.11a radio. You still allow allprotocols, so that if an 802.11b/g AP joins the controller, its radios will beenabled.

Enable Auto-RF [YES][no]: Yes Configure a NTP server now? [YES][no]: Yes Enter the NTP servers IP address: 192.168.X0.11

Enter a polling interval between 3600 and 604800secs: 3600

Note You do not configure the time on this controller. In a real deployment, youwould configure the time during the initial configuration of the controller.In this remote lab scenario, the time has already been configured and isconsistent with the time of the other devices in the lab.

Configuration correct? If yes, system will save it

and reset. [Yes][NO]: Yes


18/18

SNMP Configuration [WLC]

Complete these steps:

Step 1 Open Internet Explorer or Firefox and connect to https://192.168.X0.30 ,

where X is your assigned pod number.Step 2 You should see a login window similar to the one shown here.

Step 3 Log into the Cisco WLC using the following values: Username: admin Password: C1sc0123

Step 4 Choose Wireless Tab and verify the AP is Joined to WLC . Step 5 Choose Management > SNMP > Communities .

Step 6 If public or private appears in the Community Name column, hover yourcursor over the blue drop-down arrow for the desired community andchoose Remove to delete this community.

Step 7 Click New to create a new community. The SNMP v1 / v2c Community > Newpage appears.

Step 8 Enter the information as mentioned below and Click on Apply to save theConfiguration.

Community name: cisco IP Address: 192.168.X0.70IP mask: 255.255.255.0Access Mode: Read/Write Status: Enable

Congratulations!! You have Successfully Setup the lab

lab setup instruction (adv mobility - cmx) drn 1.0

Documents