Deploying Cisco Mobility Express Solution

• Pre-requisites for Deploying Mobility Express Solution, page 1

• Connecting Cisco Mobility Express Capable Access Point, page 1
• Determining the image on the Access Point, page 2
• Conversion, page 3
• Configuring Mobility Express Controller using Over-the-Air Setup Wizard, page 6
• Configuring Mobility Express Controller using Startup Wizard from CLI, page 14
• Logging into Mobility Express Controller, page 15

Pre-requisites for Deploying Mobility Express Solution

1 You must not have other Cisco Wireless LAN Controllers; neither appliance nor virtual in the same network
during set up or during daily operation of a Cisco Mobility Express network. The Mobility Express
controller cannot interoperate or co-exist with other Wireless LAN Controllers in the same network.
2 Decide on the first Access Point to be configured as a Master Access Point. This Access Point should be
capable of supporting the Wireless LAN Controller function.
3 DHCP Server: A DHCP server must be configured so that Access Points and clients can obtain an IP
Address and gateway assigned is reachable at all times.

Connecting Cisco Mobility Express Capable Access Point

To connect Cisco Mobility Express capable access point, perform the following steps:

Procedure

Step 1 Connect Cisco Mobility Express capable access point to a switch port and power it up.
Note All Access Points in a Mobility Express deployment should be in the same Layer 2 domain

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

1
 Deploying Cisco Mobility Express Solution
Determining the image on the Access Point

Step 2 The switch port to which Access Point is connected can be a trunk port or an access port. If multiple VLANs
are being utilized for client traffic, the switch port should be configured as a trunk interface. Also, note that
management traffic is untagged and if a VLAN is being used for management, it should be configured as a
native VLAN on the switch port.
Example of the switch port configuration. In this example, vlan 40 is being used for Management.
interface GigabitEthernet1/0/37
description » Connected to Master AP «
switchport trunk native vlan 40
switchport trunk allowed vlan 10,20,30,40
switchport mode trunk

Step 3 Observe the access point LED.

a) When you power up the access point—The access point starts a power-up sequence that you can verify
by observing the access point LED. If the power-up sequence is successful, the discovery and join process
starts. During this process, the LED blinks sequentially green, red, and OFF.
b) When the access point joins the Mobility Express controller—The LED chirps green if no clients are
associated or turn green if one or more clients are associated.
c) If the LED is not ON—The access point does not receive power.
d) If the LED blinks sequentially for more than 10 minutes—This could be because the access point does
not have the Mobility Express capable image.

Determining the image on the Access Point

The Cisco 1830, 1850, 2800 and 3800 series access points can either have CAPWAP image or the Cisco
Mobility Express image which is capable of running the virtual Wireless LAN controller function on the
Access Point.
To determine the image and capability of an Access Point, follow the steps below:

Procedure

Step 1 Login to the Access Point CLI using a console and type AP#show version and check the full output of show
version. The default login credentials are Username:cisco and Password:cisco.
Step 2 If show version output does not display AP Image Type and AP Configuration parameters as highlighted
below, it means that AP is running the CAPWAP image and a conversion to Cisco Mobility Express is required
if you want to run the controller function on the Access Point. To convert from a CAPWAP Access Point to
Mobility Express, go to Conversion section.
Note Access Point with CAPWAP image will not show the AP Image Type and AP Configuration
parameters in the AP#show version output.
cisco AIR-AP1852E-UXK9 ARMv7 Processor rev 0 (v71) with 997184/525160K bytes of memory.
Processor board ID RFDP2BCR021
AP Running Image : 8.2.100.0
Primary Boot Image : 8.2.100.0
Backup Boot Image : 8.1.106.33
AP Image type : MOBILITY EXPRESS IMAGE
AP Configuration : MOBILITY EXPRESS CAPABLE
0 Gigabit Ethernet interfaces

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

2
 Deploying Cisco Mobility Express Solution
Conversion

0 802.11 Radios
Radio FW version . 1401b63d12113073a3C08aa67f0c039c0
NSS FW version : NSS.AK.1.0.c4-0Z026-E_cust C-1.24160
Step 3 If the show version displays AP Image Type: MOBILITY EXPRESS IMAGE and AP Configuration:
NOT MOBILITY EXPRESS CAPABLE, it means that even though the Access Point has the Cisco Mobility
Express image, it is configured to run only as a CAPWAP Access Point. Such an Access Point will not run
the controller function and will not participate in the Master Election process upon failure of the active Master
AP.
cisco AI R-AP1852E-UXK9 ARMv7 Processor rev 0 (v7I) with 997184/726252K bytes of memory.
Processor board ID RFDP2BCR021
AP Running Image : 8.2.101.0
Primary Boot Image : 8.2.100.0
Backup Boot Image : 8.1.106.33
AP Image type : MOBILITY EXPRESS IMAGE
AP Configuration : NOT MOBILITY EXPRESS CAPABLE

For this AP to run the controller function, execute the following command from the AP CLI.
AP#ap-type mobility-express tftp://

Conversion

Note On 1830 and 1850 Series Access points, conversion from CAPWAP to Mobility Express is supported
from Release 8.1.122.0 and later but it is recommended to have CAPWAP version 8.2.100.0 on the Access
Point prior to converting from CAPWAP to Mobility Express. If the CAPWAP image on the Access Point
is prior to 8.2.121.0, Access Point MUST first join a WLC running 8.2.100.0 or higher to upgrade its
CAPWAP image. After the CAPWAP image of the AP has been upgraded, conversion of AP from
CAPWAP to Mobility Express can be performed.

Note On 2800 and 3800 series Access Points, Mobility Express is supported starting Release 8.3.102.0 so they
must have 8.3.102.0 CAPWAP image before they can be converted to Mobility Express. If the CAPWAP
image on the Access Point is prior to 8.3.102.0, Access Point MUST first join a WLC running 8.3.102.0
or higher to upgrade its CAPWAP image. After the CAPWAP image of the AP has been upgraded,
conversion of AP from CAPWAP to Mobility Express can be performed.

The following conversions are supported:

1 Converting a CAWAP AP to Mobility Express–This conversion is required when you have an access point
running CAPWAP image, and you want to use them to deploy a Mobility Express network. For this, you
would convert the CAPWAP AP to a Master AP (runs controller function in a Mobility Express network).
2 Converting a Mobility Express capable AP to CAPWAP AP - There are two reasons for this conversion:
a If you want to migrate the access points from a Mobility Express network to another controller (not
Mobility Express) network.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

3
 Deploying Cisco Mobility Express Solution
Converting a CAWAP AP into a Mobility Express AP

b If you do not want access points to participate in the Master AP election process in a Mobility Express
network.

Procedure

Step 1 Download the conversion image for the Access Point from cisco.com to the TFTP server. It is a tar file. Do
not untar the file
The following table lists the Cisco Mobility Express software for Cisco Wireless Release 8.3.102.0.

Access Points Supported As Software to be Used only for AP Software Image Bundle, to be
Master Conversion from Unified Wireless Used for Software Update, or
Network Lightweight AP Software Supported Access Point Images,
To Cisco Mobility Express or Both
Software
1830 AIR-AP1830-K9-8-3-102-0.tar AIR-AP1830-K9-ME-8-3-102-0.zip
1850 AIR-AP1850-K9-8-3-102-0.tar AIR-AP1850-K9-ME-8-3-102-0.zip
2800 AIR-AP2800-K9-8-3-102-0.tar AIR-AP2800-K9-ME-8-3-102-0.zip
3800 AIR-AP3800-K9-8-3-102-0.tar AIR-AP3800-K9-ME-8-3-102-0.zip

Step 2 Login to the Access Point CLI using a console and type AP#show version and check the full output of
showversion. The default login credentials are Username:cisco and Password:cisco

Converting a CAWAP AP into a Mobility Express AP

To convert an access point running CAPWAP image into a Mobility Express capable image, you have to
download and install the Mobility Express image from a TFTP server. A single CLI command has been
provided to download the Mobility Express image from a TFTP server and convert the AP Configuration to
MOBILITY EXPRESS CAPABLE.
Pre-requisites for converting CAPWAP AP to Mobility Express:
1 A TFTP server with Mobility Express image. See Procedure below.
2 A DHCP server to assign an IP address to the Cisco access point.
3 The Cisco 1800 series access point must not join any existing controller in the network when you are
trying to load Mobility Express image. If you have an existing controller on your network to which the
AP can join, conversion is not successful.

To convert an AP running CAPWAP image to Mobility Express, perform the following steps:

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

4
Deploying Cisco Mobility Express Solution
Converting a CAWAP AP into a Mobility Express AP

Procedure

Step 1 Enter enable to go to privileged execution mode.

Step 2 Enter show version on the Access Point CLI. From the show version output, you can determine the AP Image
type and AP Configuration and can then proceed with the conversion process.
• Case 1: If the AP Image type is MOBILITY EXPRESS IMAGE and AP configuration is NOT
MOBILITY EXPRESS CAPABLE, only conversion of AP Configuration is required. Go to 5.
• Case 2: In the show version output, if the AP Image type and AP Configuration are not available,
download of the Mobility Express image and conversion of AP Configuration is required. Go to 6.

Step 3 Enter the command below to change the AP Configuration to MOBILITY EXPRESS CAPABLE.
AP#ap-type mobility-express tftp://<TFTP Server IP>/<path to tar file>
Since the Access Point has an AP Image type: MOBILITY EXPRESS IMAGE; a new image does not be
downloaded. After the command is issued, the Access Point reboots and comes up as AP Configuration
MOBILITY EXPRESS CAPABLE .

Step 4 If AP Image Type and AP Configuration is not available in show version, it means that the AP is running
CAPWAP image. To do the conversion, execute the command below:
AP#ap-type mobility-express tftp://<TFTP Server IP>/<path to tar file>
Example:
AP#ap-type mobility-express tftp://10.18.22.34/AIR-AP1850-K9-8.1.120.0.tar
Starting the ME image download...
It may take few minutes to finish the download.
Note After the image download is complete, it writes to flash followed by a reboot.

Image downloaded, writing to flash...

do PREDOWNLOAD, part1 is active part
sh: CHECK_ME: unknown operand
Image start 0x40355008 size 0x01dae41a file size 0x01dae7ca
Key start 0x42103422 size 0x00000230
Sinature start 0x42103652 size 0x00000180
Verify returns 0
btldr rel is 16 vs 16, does not need update
part to upgrade is part2

activate part2, set BOOT to part2

AP primary version: 8.1.105.37
Archive done.
Oe as AP needs to boot up with ME image

The system is going down Now!

sent SIGTERM to all processes
sent SIGKILL to all processes
Requesting system reboot79]
[07/24/2015 18:19:43.0887] Restarting system.
[07/24/2015 18:19:43.1257] Going down for restart now
Step 5 After AP reboots, Mobility Express starts in Day 0 and CiscoAirProvison SSID is broadcast.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

5
 Deploying Cisco Mobility Express Solution
Converting a Mobility Express AP into a CAPWAP AP

Converting a Mobility Express AP into a CAPWAP AP

When the AP type is CAPWAP, AP cannot run the controller function and cannot participate in the Master
AP election process.
After changing the AP Type, if this AP is migrated to another WLC network (non-Mobility Express network),
it joins the controller in that network. If the image on the WLC is different than the one on the AP, a new
CAPWAP image is requested from the WLC.
When the AP type is CAPWAP (as required for this conversion), the AP doesn’t start its own controller
function and when the AP joins the external controller, a new image is requested from the controller and the
AP gets the CAPWAP image.
To convert the Mobility Express AP into the CAPWAP AP, perform the following steps:

Procedure

Step 1 Login to the Access Point CLI .

Step 2 Type Enable to go to privileged execution mode.
Step 3 Enter ap#ap-type capwap and confirm to switch to the CAPWAP type.
To convert multiple 1800 series access points running Mobility Express image to CAPWAP simultaneously
from the Mobility Express controller CLI, execute the following command:
(Cisco Controller) >config ap unifiedmode <switch_name> <switch_ip_address>
<switch_name> and <switch_ip_address> is the name and IP address respectively of the WLC
to which the APs need to be migrate.
The above command converts all Cisco 1800 APs connected to the Mobility Express with AP Configuration:
MOBILITY EXPRESS CAPABLE to AP Configuration: NOT MOBILITY EXPRESS CAPABLE.
When this command is issued the APs are reloaded, and they come back up in local mode.

Configuring Mobility Express Controller using Over-the-Air

Setup Wizard
To configure the Mobility Express using Over-the-Air Setup wizard, perform the following steps:

Procedure

Step 1 When a LED chirps green, connect a WiFi enabled laptop, through Wi-Fi, to the CiscoAirProvision SSID.
The default password is password.
The laptop gets an IP address from subnet 192.168.1.0/24.
Note CiscoAirProvision SSID is broadcast at
2.4GHz.
Step 2 Open a browser and go to http://192.168.1.1 which redirects to the initial configuration wizard.
The initial configuration wizard's admin account page appears.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

6
Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Over-the-Air Setup Wizard

Figure 1: Initial Configuration Wizard's Admin Account Page

The banner on the opening page shows the name of the AP model on which the Mobility Express wireless
LAN controller is being configured. For example, 'Cisco Aironet 1850 Series Mobility Express'.
Note Take the checklist that you have filled before and proceed with the following steps.

Step 3 Create an admin account on the controller by specifying the following parameters and then click Start.
• Enter the admin username. Maximum up to 24 ASCII characters.
• Enter the password. Maximum up to 24 ASCII characters.

When specifying a password, ensure that:

• The password must contain characters from at least three of the following classes – lowercase letters,
uppercase letters, digits, special characters.
• No character in the password can be repeated more than three times consecutively.
• The new password must not be the same as the associated username and the username reversed.
• The password must not be cisco, ocsic, or any variants obtained by changing the capitalization of letters
of the word Cisco. In addition, you cannot substitute 1, I, or ! for i, 0 for o, or $ for s.

Step 4 Set up your controller by specifying the values.

On the Set Up Your Controller screen, using the checklist, specify the following:

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

7
 Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Over-the-Air Setup Wizard

Field Name Description

System Name Enter the system name for Mobility Express.
Example: me-wlc

Country Choose the country from the drop down list.

Date & Time Choose the current date and time.

Note The wizard attempts to import the clock
information (date and time) from the
computer using JavaScript. It is highly
recommended that you confirm the clock
settings before continuing. The access points
depend on clock settings to join the WLC.

Time Zone Choose the current time zone.

NTP Server Enter the NTP server details (Optional). If left blank,
the following three NTP pools will be automatically
configured:

Management IP Address Enter the Management IP address.

Subnet Mask Enter the subnet mask address.

Default Gateway Enter the default gateway.

Enable DHCP Server (Management Network) Internal DHCP server can be used to create scopes
for Management & Access Points, Employee, and
Guest Networks. Enabling of internal DHCP is
optional but if you plan to use the internal DHCP
server in your Mobility Express deployment, it is
recommended to enable it and create a scope for
Management in Day 0. In this configuration, we will
enable internal DHCP server and create a scope for
Management Network in Day 0. A DHCP scope for
Employee and Guest Network will be configured in
Day 1.
Network/Mask Enter the Network and Mask for the Management
Scope
First IP Enter the first IP address of the Management Scope
First IP Enter the last IP address of the Management Scope
Domain Name Enter the Domain Name for the scope (Optional)
Name Servers Enter the Name Server IP addresses or select Use
Open DNS to configured Open DNS Name Server
IP addresses

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

8
Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Over-the-Air Setup Wizard

Figure 2: Set Up Your Controller Tab

Step 5 Click Next.

Step 6 Create the Employee wireless network by specifying the following fields:
Field Name Description
Network Name Enter the network name.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

9
 Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Over-the-Air Setup Wizard

Field Name Description

Security Choose the security type from the drop-down list.
(Choose either WPA2 Personal which uses
Pre-Shared Key (PSK) authentication or select WPA2
Enterprise (also called 802.1x) which requires a
RADIUS server for authentication).

Pass Phrase If you have chosen WPA2 Personal security, specify

the Pre-Shared Key (PSK).

Confirm Pass Phrase Re-enter and confirm the pass phrase.

Authentication Server IP Address Enter the IP address of the Authentication Server

Shared Secret If you have chosen WPA2 Enterprise, specify the

shared secret for the RADIUS server.

VLAN Choose Management VLAN or create a new VLAN.

VLAN ID If you have created a new VLAN specify the VLAN

ID. (VLAN ID from 1 to 4096).

Enable DHCP Server (Employee Network) If internal DHCP server has to be used for Employee
Network, Enable DHCP Server for Employee
Network and specify the scope parameters.

Step 7 Enable the Guest Network slider and specify the following parameters:
Field Name Description
Network Name Specify the SSID for your Guest network.

Security Choose Web Consent or WPA2 Personal from the

drop-down list.

Pass Phrase If WPA2 Personal security is chosen, specify the

Pre-Shared Key (PSK).

VLAN Choose Employee VLAN or create a New VLAN

(with VLAN ID 1 to 4096).

VLAN ID Specify the VLAN ID of the new VLAN (with VLAN

ID 1 to 4096).

Enable DHCP Server (Guest Network) If internal DHCP server has to be used for Guest
Network, Enable DHCP Server for Guest Network
and specify the scope parameters.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

10
Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Over-the-Air Setup Wizard

Figure 3: Create Your Wireless Networks - Guest

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

11
 Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Over-the-Air Setup Wizard

Step 8 Click Next.

Step 9 In the Advanced Settings tab, enable RF Parameter Optimization slider and optimize by indicating the
expected client density and traffic type in your network.

Figure 4: Advanced Settings Tab

The following table depicts the default values when low, typical, or high deployment type is selected from
RF parameters

Step 10 Select Traffic Type and click Next to continue.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

12
Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Over-the-Air Setup Wizard

A confirmation screen displays the summary of the configuration.

Step 11 Click Apply, if all the settings are correct

Note A message appears indicating that the System will reboot. Click OK on this window.

Step 12 Click OK to reboot.

Note After the Access Point reboots, it will start the Mobility Express controller function.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

13
 Deploying Cisco Mobility Express Solution
Configuring Mobility Express Controller using Startup Wizard from CLI

Configuring Mobility Express Controller using Startup Wizard

from CLI
• Console Connection
• Startup Wizard from CLI

Console Connection
Before you can configure the AP to Mobility Express Controller, connect to the port marked ‘CONSOLE’
using SecureCRT, Putty or similar applications. The default parameters for the console ports are 9600 baud,
eight data bits, one stop bit, and no parity. The console ports do not support hardware flow control. Choose
the serial baud rate of 9600.

Startup Wizard from CLI

After connecting to the 'CONSOLE' port on the AP, power up the AP. After a few minutes, the following
Welcome message will be shown. To configure the Mobility Express controller, follow the steps as shown in
the example below.
System Name [Cisco_2c:3a:40] (31 characters max): me-wlc
Enter Country Code list (enter 'help' for a list of countries) [US]:

Configure a NTP server now? [YES][no]: no

Configure the system time now? [YES][no]: no

Note! Default NTP servers will be used

Management Interface IP Address: 40.40.40.10

Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 40.40.40.1
Cleaning up Provisioning SSID
Create Management DHCP Scope? [yes][NO]: yes
DHCP Network : 40.40.40.0
DHCP Netmask : 255.255.255.0
Router IP: 40.40.40.1
Start DHCP IP address: 40.40.40.11
Stop DHCP IP address: 40.40.40.254
DomainName :
DNS Server : [OPENDNS][user DNS]
Create Employee Network? [YES][no]: YES
Employee Network Name (SSID)?: WestAutoBody-Employee
Employee VLAN Identifier? [MGMT][1-4095]: MGMT
Employee Network Security? [PSK][enterprise]: PSK
Employee PSK Passphrase (8-38 characters)?: Cisco123
Re-enter Employee PSK Passphrase: Cisco123
Create Guest Network? [yes][NO]: YES
Guest Network Name (SSID)?: WestAutoBody-Guest
Guest VLAN Identifier? [EMPLOYEE][1-4095]: EMPLOYEE
Guest Network Security? [WEB-CONSENT][psk]: WEB-CONSENT
Create Guest DHCP Scope? [yes][NO]: NO
Enable RF Parameter Optimization? [YES][no]: YES
Client Density [TYPICAL][Low][High]: TYPICAL
Traffic with Voice [NO][Yes]: Yes

Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
Cleaning up Provisioning SSID

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

14
 Deploying Cisco Mobility Express Solution
Logging into Mobility Express Controller

Note After the AP has finished rebooting, login to the Mobility Express controller WebUI using the Management
IP address.

Logging into Mobility Express Controller

To log in to the Mobility Express, perform the following steps:

Procedure

Step 1 Enter the IP address of the Mobility Express management interface in the web browser.
The Cisco Wireless LAN Controller window appears.

Step 2 Click Login.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

15
 Deploying Cisco Mobility Express Solution
Logging into Mobility Express Controller

Step 3 Enter the administrator user name and password.

Note The Mobility Express controller uses a self-signed certificate for HTTPs. Therefore, all browsers
display a warning message and asks whether you wish to proceed with an exception or not when the
certificate is presented to the browser. Accept the risk and proceed to access the Mobility Express
Wireless LAN Controller login page.
The Network Summary page appears.

Cisco Mobility Express Deployment Guide–Release 8.3.102.0

16