Thanks for the Walk through Keith, I did the lab but got stuck with the AAA server. Didn't notice the missing user and the wrong port number. Everything works now :)
Hi Keith, at 8:01, when the Guest Device connects to the AP and receives an IP address, should it be an IP address from 10.20.0.0/24 network? Why do both devices get IP addresses from 10.30.0.0/24 instead of 10.10.0.0/24 and 10.20.0.0/24?
CAPWAP tunnel doesn't work in PT as it should in real world, however there is a way you can make it work in PT. In the lab the AP's are connected to access ports on Vlan30. So you have to configure all the interfaces going to both AP's as Trunk ports and making Vlan30 the Native vlan. Finally, in the WLC go to WLANs > select the WLAN > Advanced > enable FlexConnect. After this, the phones get the correct IPs from the DHCP (10.10.0.0/24 & 10.20.0.0/24 in CorpWifi & GuestWifi respectively).
Tysm for this! I'm still with Packet Tracer and networking in general, being my weak point and had a lab to do something like this with the instructions being rather unclear. This definitely helped me a lot. Now I just need to brush up a bit and read up some more on VLANs to make sure I really understand everything about it since that was where I got stuck for the longest while 😅
Hi Keith, great lab this has been a great help towards my exam revision. I also agree that sometimes you just need to try and work it out for yourself to get a better understanding. The AAA server was agreat addition. I really enjoyed this one, kept me thinking.
Question in 3:42 ip address in Lightweight Access point is vlan 30. As the configuration vlan 30 for management. I did not understand. What happend to those vlan 10 and vlan 20's ip? If you could explain Thank you
Thank you for the question Avijit Deb Nath. There are some limitations within PT which don't replicate all the details normally associated with a WLC, CAPWAP with its APs, and the WLCs ability to trunk to the switch. I had to fudge a little to make it functional in PT.
@@KeithBarker this can be resolved in PT if you configure all the interfaces going to both AP's as Trunk ports and making Vlan30 the Native vlan. Finally, in the WLC go to WLANs > select the WLAN > Advanced > enable FlexConnect. After this, the phones get the correct IPs from the DHCP (10.10.0.0/24 & 10.20.0.0/24 in CorpWifi & GuestWifi respectively).
You really stumped me on this one Keith, the SSID and the radius port number smh. BTW i love how you're "clueless" you are as to what's broken on this network lol.
Sneaky Keith I like it i was all over this thought to easy then bam got stuck for 1 1/2 hours and it was the simplest thing the ssid name 🤦🏻♂️😅 done now spot on buddy thank you 👍🏼
Great Lab - I don't know what I did to fix the employee device. I totally missed bill, I was playing around with the fields and inserted bob based on my findings. I may have fat fingered a password which I didn't need to touch. I will need to walk through this lab again and trace my steps. Thanks for the explanation on ports versus interfaces. I was reading Wendell Odom's Chapter on Building a Wireless LAN and I just wasn't grasping the concept.
The demo package tracker wlc_2504_two_wlans.pkt works! Simulation mode gives PDU 802.1q with TCI 0x0 014 with is vlan 10. The demo uses an MLS and router-on-a-stick. The two networks are separated on the same AP. The demo was easy to expand with a radius server. Of course you can also choose a different vlan for the untagged traffic.
Hi Keith! Great lab work! Thank you very much, I enjoyed it a lot! Great idea with the Radius port !!! And I also change the type of wire between AP's and SW's on straight-through cable Thank You, Thank You,Thank You!
So I have a noob question. See I am JUST learning on CBT Nuggets Net +. The thing is I started knowing absolutely nothing about any of this stuff. What I'm finding to be most difficult is applying everything I'm learning. So my question is. What software would you recommend I use to try and apply what I am learning and what order would you recommend I start applying it. I already have packet tracer, but I don't even know how to use this. Did I jump ahead too much? Also, how are you pulling up these configuration windows for things like your routers? Sorry for the overload there haha.
The only reason I'm jumping right into Net + from nowhere is that it is a prereq to Microsoft Software & Systems Academy, which I'm being afforded an opportunity to attend in JAN 2021.
Keith, thanks for your undaunting effort and series of classes/materials that you have selflessly provided . I tried to use the other VLANs 10 and 20 with no sucess. What is the trick? I tried to add AP group and link WLAN but no success. Please show me how to do it.
Thank you Lanre Dipeolu. Feel free to join my Discord sever. Lots of people there helping each other out. Each Saturday at 10am Pacific I hold my "Office Hour" where learners can ask questions about the topics they are studying. Mostly focusing on Cisco CCNA 200-301 topics. Feel free to join us there live if you are available. Here is the link ogit.online/Join_OGIT_on_Discord Thanks again Lanre Dipeolu!
I got everything, but trunked and allowed vlans 1-30 and made 30 native on links from MLS to Sw2, and Sw2 to AP2, (to test different setups). Guest device works fine, but employee device keeps requiring a WEP key in tandem with 802.1x creds - I just don't get it. Reviewed the WLC settings many times, and the AAA server. I don't know what I'm missing.
Hi Keith, I want to thank you for such a wonderful video on WLC. I have one question related to this video, why do both the device that is guest and corp getting IP from management subnet and not from their respective subnet, is it because of PT limitation.
Keith!! Amazing video my friend! I have to ask you though the swinging sticks in the background is that the very large version or the original? I want one of those so bad but want to know so much more about it, your homework is amazing and this just adds everything to it!
Hello sir, Why am I using a trunk link between WLC and the switch , while the vlan tag is not necessary in the wireless because there are a capwap tunnel?
One more quest ,why all smartphones are taking ip addresses from dhcp vlan 30 pool ? It should not that each smartphone take from his specific dhcp vlan pool ? for example the one with GuestWifi should have 10.20.0.... because it is in the vlan 20?
Hi Keith, I need your help please, the new CCNA is been added with automation, should I study the basics of python first, before going in to automation .
@@alexisanyanwu2016 This is the exam blueprint. This is all you need to know about automation. Nothing more, nothing less. You can read up on this material in Wendell Odem's new CCNA 200-301 OCG book, or take an online course like CBT nuggets or David Bomball udemy to learn about these objectives. 6.1 Explain how automation impacts network management 6.2 Compare traditional networks with controller-based networking 6.3 Describe controller-based and software defined architectures (overlay, underlay, and fabric) 6.3.a Separation of control plane and data plane 6.3.b North-bound and south-bound APIs 6.4 Compare traditional campus device management with Cisco DNA Center enabled device management 6.5 Describe characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding) 6.6 Recognize the capabilities of configuration management mechanisms Puppet, Chef, and Ansible 6.7 Interpret JSON encoded data
There is another typo in the WLC config, it's in the Interface for Vlan 20 where you set the address for the DHCP Server, is set to 10.3.0.10. But I've seen before that it doesn't matter what this is set to as long as the AP and Users have a path to a dchp on the same segment or via a helper address.(PT thing or typical?) If all WLan Client traffic is going through the capwap tunnel, I would think that would include DHCP Reqests? or do I have this wrong? If I do have it right, then this appears to be a PT thing allowing WLan clients to get dhcp via subinterface helper address or dhcp server on same segment without going through wlc?
Now that Im back from vacation and looked a little closer, I realize the wireless user data is not in a capwap tunnel in my scenario because I have flex connect locally switched enabled :) so it makes a little more sense to me as to why it is operating as it does. Im going to play with it some more and see what kind of results I can get with flexConnect disabled
Hi Keith, I spent way to long trying to figure this out so I came to the solution. I managed everything, although I was confused as to why both wireless client got a vlan 30 address, I was expecting them to get 10 and 20 respectively? Am I being stupid here? But I seen your devices also got a management IP, little confused about that. EDIT - Just seen everyone else's comments too, I guess thats just the limitation of PT, I did alright after all. Cheers
I`ve one question - in WLC config - under Interface VLAN 20 Guests-> Interface Address: we have interface ip set to 10.20.0.1 which is used on Vlan 20 interface on MLS1, as well as Primary DHCP server set to 10.3.0.10, not 10.30.0.10. I`m not sure about buggy packet tracer but I think we should fix it if we would in "Real World"
Thank you Руслан Берзигияров For a live environment, the trunking between the WLC and the switch would work, and the correct association between the SSID and dynamic IP (which is linked to the correct VLAN via the tagging) would allow that to happen. Great observation.
@@KeithBarker Hi Keith, I started to debug the SSID association with the VLAN, but PT froze, so it's a limitation for sure. In real world, should the link between both lightweight APs and the access SW be trunk, because we have two SSID? Thanks for the great work, I learn so much from you for free.
Hello sir, why corp and guest VLAN not get associated to clients ? even though we assign interface for this SSID to corp and gust interface vlan. one more question, if client associated to proper vlan then every data traffic first pass to WLC then after to the respective VLAN. please reply my query.
cbtnuggets.com is a game changer in terms of Online courses. examsdigest.com is a gamer changer in terms of Practice exam tests. Thanks Keith for the content your provide
Mr. Keith or anyone who watched this RUclips video. Shouldn't the Wireless devices be assigned a DHCP address based on the SSID that is being connected to? For example, CorpWiFi should be assigned an address of 10.10.0.x for Vlan 10 and GuestWiFi 10.20.0.x for Vlan 20. All the wireless devices ( I added extra), at least in my Packet Tracer environment are being given 10.30.0.x, which is the management Vlan 30, regardless of the SSID that is being connected to.
Thanks for the Walk through Keith, I did the lab but got stuck with the AAA server. Didn't notice the missing user and the wrong port number. Everything works now :)
Hi Keith, at 8:01, when the Guest Device connects to the AP and receives an IP address, should it be an IP address from 10.20.0.0/24 network?
Why do both devices get IP addresses from 10.30.0.0/24 instead of 10.10.0.0/24 and 10.20.0.0/24?
@Keith please reply if you can. Thanks!
CAPWAP tunnel doesn't work in PT as it should in real world, however there is a way you can make it work in PT.
In the lab the AP's are connected to access ports on Vlan30.
So you have to configure all the interfaces going to both AP's as Trunk ports and making Vlan30 the Native vlan. Finally, in the WLC go to WLANs > select the WLAN > Advanced > enable FlexConnect.
After this, the phones get the correct IPs from the DHCP (10.10.0.0/24 & 10.20.0.0/24 in CorpWifi & GuestWifi respectively).
Did everything except turning on the service
Great content Keith, Thank You!
Thank you Arsen Mkrtchyan!
Tysm for this! I'm still with Packet Tracer and networking in general, being my weak point and had a lab to do something like this with the instructions being rather unclear. This definitely helped me a lot. Now I just need to brush up a bit and read up some more on VLANs to make sure I really understand everything about it since that was where I got stuck for the longest while 😅
Great to hear!
Hi Keith, great lab this has been a great help towards my exam revision. I also agree that sometimes you just need to try and work it out for yourself to get a better understanding. The AAA server was agreat addition. I really enjoyed this one, kept me thinking.
Glad it was helpful!
Dude your website it AWESOME! Such a help!
Glad to hear it!
Thank You keith.
Question in 3:42 ip address in Lightweight Access point is vlan 30. As the configuration vlan 30 for management. I did not understand. What happend to those vlan 10 and vlan 20's ip? If you could explain Thank you
Thank you for the question Avijit Deb Nath. There are some limitations within PT which don't replicate all the details normally associated with a WLC, CAPWAP with its APs, and the WLCs ability to trunk to the switch. I had to fudge a little to make it functional in PT.
@@KeithBarker
this can be resolved in PT if you configure all the interfaces going to both AP's as Trunk ports and making Vlan30 the Native vlan. Finally, in the WLC go to WLANs > select the WLAN > Advanced > enable FlexConnect.
After this, the phones get the correct IPs from the DHCP (10.10.0.0/24 & 10.20.0.0/24 in CorpWifi & GuestWifi respectively).
You really stumped me on this one Keith, the SSID and the radius port number smh. BTW i love how you're "clueless" you are as to what's broken on this network lol.
Thank you NetworkBruh!
Thanks Keith for the lab.
Happy to do it, thanks for the feedback John Kasonga.
Sneaky Keith I like it i was all over this thought to easy then bam got stuck for 1 1/2 hours and it was the simplest thing the ssid name 🤦🏻♂️😅 done now spot on buddy thank you 👍🏼
Thank you for working on that lab Scott! Way to go.
Great Lab - I don't know what I did to fix the employee device. I totally missed bill, I was playing around with the fields and inserted bob based on my findings. I may have fat fingered a password which I didn't need to touch. I will need to walk through this lab again and trace my steps. Thanks for the explanation on ports versus interfaces. I was reading Wendell Odom's Chapter on Building a Wireless LAN and I just wasn't grasping the concept.
Thank you Paul Lagatta for working on that lab! Hands on practice is one of the best ways to build your skills, and get better. Thank you!
Thank you very much ! I follow all the work iris fantastic
Thank you!
The demo package tracker wlc_2504_two_wlans.pkt works! Simulation mode gives PDU 802.1q with TCI 0x0 014 with is vlan 10. The demo uses an MLS and router-on-a-stick. The two networks are separated on the same AP. The demo was easy to expand with a radius server. Of course you can also choose a different vlan for the untagged traffic.
Hi Keith!
Great lab work! Thank you very much, I enjoyed it a lot!
Great idea with the Radius port !!!
And I also change the type of wire between AP's and SW's on straight-through cable
Thank You, Thank You,Thank You!
Cool, thanks
you looked 20 years way younger than in your old videos. :) anyway good stuff as always
Wow, thanks!
That was a good lab! Thanks.
You bet
Just want to clarify that will the AP1 and AP2 will be in vlan 30 ?
So I have a noob question. See I am JUST learning on CBT Nuggets Net +. The thing is I started knowing absolutely nothing about any of this stuff. What I'm finding to be most difficult is applying everything I'm learning. So my question is. What software would you recommend I use to try and apply what I am learning and what order would you recommend I start applying it. I already have packet tracer, but I don't even know how to use this. Did I jump ahead too much? Also, how are you pulling up these configuration windows for things like your routers? Sorry for the overload there haha.
The only reason I'm jumping right into Net + from nowhere is that it is a prereq to Microsoft Software & Systems Academy, which I'm being afforded an opportunity to attend in JAN 2021.
Keith, thanks for your undaunting effort and series of classes/materials that you have selflessly provided . I tried to use the other VLANs 10 and 20 with no sucess. What is the trick? I tried to add AP group and link WLAN but no success. Please show me how to do it.
Thank you Lanre Dipeolu. Feel free to join my Discord sever. Lots of people there helping each other out. Each Saturday at 10am Pacific I hold my "Office Hour" where learners can ask questions about the topics they are studying. Mostly focusing on Cisco CCNA 200-301 topics. Feel free to join us there live if you are available. Here is the link ogit.online/Join_OGIT_on_Discord
Thanks again Lanre Dipeolu!
I got everything, but trunked and allowed vlans 1-30 and made 30 native on links from MLS to Sw2, and Sw2 to AP2, (to test different setups). Guest device works fine, but employee device keeps requiring a WEP key in tandem with 802.1x creds - I just don't get it. Reviewed the WLC settings many times, and the AAA server. I don't know what I'm missing.
Hi Keith, I want to thank you for such a wonderful video on WLC.
I have one question related to this video, why do both the device that is guest and corp getting IP from management subnet and not from their respective subnet, is it because of PT limitation.
Thank you Dhruv Bhardwaj. It is due to PT WLS simulation not being fully functional.
Keith!! Amazing video my friend! I have to ask you though the swinging sticks in the background is that the very large version or the original? I want one of those so bad but want to know so much more about it, your homework is amazing and this just adds everything to it!
Yes it is!
Hello sir,
Why am I using a trunk link between WLC and the switch , while the vlan tag is not necessary in the wireless because there are a capwap tunnel?
One more quest ,why all smartphones are taking ip addresses from dhcp vlan 30 pool ? It should not that each smartphone take from his specific dhcp vlan pool ? for example the one with GuestWifi should have 10.20.0.... because it is in the vlan 20?
"That could be my CCIE number" , "yes that is what it is" haha
I wish Kieth did more vendor Nuetral videos.
I just did only allowing Guest connected on AP1 and Employee on AP2 only. is that ok for load balancing? Thanks Keith.
Thank you for the question and for working on the lab. Sharing the load across the APs is a good idea. Way to go.
almost lost my mind with this right here but i did it at last
Hi Keith, I need your help please, the new CCNA is been added with automation, should I study the basics of python first, before going in to automation .
Module 6, as listed in the blueprint is fairly straight forward, without going to deep. No need to study python first.
@@KeithBarker sir what is should study is network automation and not python right?
@@alexisanyanwu2016 This is the exam blueprint. This is all you need to know about automation. Nothing more, nothing less. You can read up on this material in Wendell Odem's new CCNA 200-301 OCG book, or take an online course like CBT nuggets or David Bomball udemy to learn about these objectives.
6.1 Explain how automation impacts network management
6.2 Compare traditional networks with controller-based networking
6.3 Describe controller-based and software defined architectures (overlay, underlay, and fabric)
6.3.a Separation of control plane and data plane
6.3.b North-bound and south-bound APIs
6.4 Compare traditional campus device management with Cisco DNA Center enabled device management
6.5 Describe characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding)
6.6 Recognize the capabilities of configuration management mechanisms Puppet, Chef, and Ansible
6.7 Interpret JSON encoded data
@@noshut thank you sir, I appreciate
@@KeithBarker thank you sir, I appreciate
There is another typo in the WLC config, it's in the Interface for Vlan 20 where you set the address for the DHCP Server, is set to 10.3.0.10. But I've seen before that it doesn't matter what this is set to as long as the AP and Users have a path to a dchp on the same segment or via a helper address.(PT thing or typical?) If all WLan Client traffic is going through the capwap tunnel, I would think that would include DHCP Reqests? or do I have this wrong? If I do have it right, then this appears to be a PT thing allowing WLan clients to get dhcp via subinterface helper address or dhcp server on same segment without going through wlc?
Now that Im back from vacation and looked a little closer, I realize the wireless user data is not in a capwap tunnel in my scenario because I have flex connect locally switched enabled :) so it makes a little more sense to me as to why it is operating as it does. Im going to play with it some more and see what kind of results I can get with flexConnect disabled
Instead of adding bill, I just connected Bob instead lol . I assumed Bill was fired a while back .
Hi Keith,
I spent way to long trying to figure this out so I came to the solution.
I managed everything, although I was confused as to why both wireless client got a vlan 30 address, I was expecting them to get 10 and 20 respectively?
Am I being stupid here? But I seen your devices also got a management IP, little confused about that.
EDIT - Just seen everyone else's comments too, I guess thats just the limitation of PT, I did alright after all.
Cheers
Thank you BadGuyBaz for working on that lab! Hands on practice is one of the best ways to build your skills, and get better. Thank you!
still having trouble with my pk unable to do the labs again
Are you using 7.3?
I`ve one question - in WLC config - under Interface VLAN 20 Guests-> Interface Address: we have interface ip set to 10.20.0.1 which is used on Vlan 20 interface on MLS1, as well as Primary DHCP server set to 10.3.0.10, not 10.30.0.10. I`m not sure about buggy packet tracer but I think we should fix it if we would in "Real World"
Thank you Руслан Берзигияров
For a live environment, the trunking between the WLC and the switch would work, and the correct association between the SSID and dynamic IP (which is linked to the correct VLAN via the tagging) would allow that to happen. Great observation.
@@KeithBarker Hi Keith, I started to debug the SSID association with the VLAN, but PT froze, so it's a limitation for sure. In real world, should the link between both lightweight APs and the access SW be trunk, because we have two SSID? Thanks for the great work, I learn so much from you for free.
thanks :)
Welcome!
Hello sir, why corp and guest VLAN not get associated to clients ? even though we assign interface for this SSID to corp and gust interface vlan. one more question, if client associated to proper vlan then every data traffic first pass to WLC then after to the respective VLAN. please reply my query.
Thank you for the question Raushan.
The reason is two words:
Packet Tracer
@@KeithBarker stuck on this for 4 hours, I thought that I should fix this also)
Good day Keith, I keep getting this error"servers IP address could not be reached whenever I try to download PT Labs from your site please assist
Thank you d vine muteta Give it another try, and let me know if it is still causing a problem.
Keith you look like "Iron Man"
Thank you Adinath! :)
Sorry vlan 20
cbtnuggets.com is a game changer in terms of Online courses.
examsdigest.com is a gamer changer in terms of Practice exam tests.
Thanks Keith for the content your provide
Mr. Keith or anyone who watched this RUclips video. Shouldn't the Wireless devices be assigned a DHCP address based on the SSID that is being connected to? For example, CorpWiFi should be assigned an address of 10.10.0.x for Vlan 10 and GuestWiFi 10.20.0.x for Vlan 20. All the wireless devices ( I added extra), at least in my Packet Tracer environment are being given 10.30.0.x, which is the management Vlan 30, regardless of the SSID that is being connected to.
Thank you for the question. In short, Packet Tracer has a few limitations I needed to dance around to make it function in a lab.