Cisco 9100AX conversion for surveying
This post covers the process of converting and configuring a Cisco 9100AX access point for surveying. This assumes the AP was shipped with a CAPWAP image loaded. What you’ll need: Cisco 9100 Access Point Power source such as a PoE+ OR PoE Adapter USB to Serial Adapter and Console Cable Cisco account to download software About 30 minutes Process Overview Unbox and power on AP Connect your laptop to the second port on your PoE injector Download the software IP config and start up tftp server Configure the AP with an IP address and issue upgrade command Configure EWC Join the AP to the controller Configure the AP for surveying Ready for survey! Step 1 – Unbox and power on your AP Connect your AP to your PoE injector via the mGig port to power on the access point. It is best practice to reset your AP before continuing. This is completed by holding down the reset button while powering on the AP and holding down for >20 seconds after your console session mentions that the reset button is pressed. Step 2 – Connect your laptop to the second port on your PoE injector PoE Injector Connections Connect your computer to the “DATA IN” port to make a direct connection to the AP. Step 3 – Download the software Navigate to software.cisco.com, select Wireless > Access Points > (Your model) then select IOS XE Software Select your software to download. I chose the Gibralter release 16.12.2s release (after trying to use the 16.12.3 release and running into a whole slew of issues with the AP not joining the controller). Step 4 – IP config and start up tftp server Configure your network adapter for an address in the same “network” as your AP. In this example I use tftpd64. Point you the directory to where you unzipped the software downloaded in step 3. Select the appropriate interface that is connected to your injector. Step 5 – Configure your AP with an IP address and issue upgrade command Assign your CAPWAP AP an IP Address Log in to your AP using “Cisco” as the username and password.Configure your AP with an IP address using the following command:AP#capwap ap ip adress 192.168.1.2 255.255.255.0 192.168.1.1Format – capwap ap ip address (IP) (Mask) (Gateway) AP Model and Image File Names Use the table above to determine the name of the AP image to copy.Issue the upgrade command with the image names for both the AP and the EWC.AP#ap-type ewc-ap tftp://192.168.1.5/ap1g7 tftp://192.168.1.5/C9800-AP-iosxe-wlc.binFormat – ap-type ewc-ap (AP image file path) (EWC image file path)Note – If your AP is running an older code version, you will use “ap-type mobility-express” instead. Issue the Upgrade Command You should now see the download progress on both ends. The AP will download both files. tftpd64 Progress AP Image Download Progress After downloading, the AP will reload and upgrade. You will then be presented with the option to enter the initial configuration dialog for the EWC, which leads us into step 6. Step 6 – Configure EWC EWC Initial Configuration Enter “yes” and “yes” to enter the initial configuration wizard.You will then be asked to configure the Hostname, Enable secret, Enable password, VTY password, and whether to configure SNMP network management. Next, you will be presented with an interface summary and be prompted to configure an interface used to connect to the “management network”. This is the only interface and will be where APs join and how you manage the device over the wire. After entering the name of the interface, I used the suggested settings. Configure Interface Gi0 Finally, you will be asked to[0] Exit to IOS without saving[1] Restart the setup without saving[2] Save the configuration and exit. Complete Initial Configuration You will then be kicked into command line with the following banner shown. EWC Banner The mentioned “ewc_day0_device_provisioning_guide” file states that the following configurations need to be completed:1. Hostname2. Admin username/password3. Configure the AP Profile4. Configure the WLAN5. Configure the Wireless Profile Policy6. Configure the Default Policy Tag7. Turn on Global Encryption8. Save the Configuration The commands to complete the tasks are below for easy copy/pasting. conf tap profile default-ap-profileusername admin password 0 Cisco123 secret 0 Cisco123exitwlan Howiwifi-Survey 1 Howiwifi-Surveywlan Howiwifi-Survey 1 Howiwifi-Surveyno security wpa akm dot1xsecurity wpa psk set-key ascii 0 Cisco123security wpa akm pskno shutexitwireless profile policy Howiwifi-Surveyno central associationno central dhcpno central switchinghttp-tlv-cachingsession-timeout 86400no shutexitwireless tag policy default-policy-tagwlan Howiwifi-Survey policy Howiwifi-Surveyexitservice password-encryptionpassword encryption aeskey config-key newpass Cisco123exitwrite After saving, the Day0 configuration will be “cleaned up” and the new configuration applied. You can then log into your configured controller using the specified password above. Step 7 – Join the AP to the controller You will now notice that the “AP” has not yet joined the controller due to not receiving an IP address via DHCP. This is verified by issuing “show ap summary” on the controller and by viewing the LED status indicator on the AP. AP Searching for Controller We are relying on the AP connecting to the internal EWC automatically when surveying. This can be accomplished by accessing the console of the AP and configuring an IP address (the former configured IP address configured in step 5 is removed during the upgrade). Configure the AP with an IP address The command “wireless ewc-ap ap shell username (username)” is the EWC equivalent of the “apciscoshell” command from mobility express. Because the AP has no configuration on it, we use the username “Cisco” (the default) in the command the first time we connect. The AP will now be joined to the controller. You can type “exit” to return to the EWC and issue “Show AP Summary” to view the AP. The LED status indicator should now be green. If it is not connected, follow the standard CAPWAP discovery troubleshooting steps. AP joined to EWC You should be able to see the configured SSID broadcasting using a spot check tool such as Wi-Fi Analyzer for android. Spot check SSID Step 8 – Configure the AP for surveying The configuration you use to survey will vary so I will provide all of the information …
