Connect Connector to Cisco Catalyst 9800 Series Wireless Controllers

Configure and Test the Connection Between Connector and Catalyst 9800 Controller

Before you begin

  1. Deploy a Connector OVA and activate it using a token from Cisco Spaces.

  2. Note down the IP address of a Catalyst 9800 controller that is reachable from the Cisco Spaces: Connector.

  3. On the Catalyst 9800 controller CLI, enter the config mode and enable AAA with local authentication using the aaa authorization exec default local and aaa authentication login default local commands.

    On the Catalyst 9800 controller CLI, run the following command in the enable mode: 
    show run | sec  aaa

    From the output that is displayed, copy the configuration for aaa authorization exec default. In the config mode,  append the configuration for local authentication to the copied configuration and configure the appended configuration.

    For instance, if the output displays aaa authorization exec default group dnac-network-tacacs-group, the appended configuration is aaa authorization exec default group dnac-network-tacacs-group local. This ensures that the existing configuration is not overwritten.

Procedure

Step 1

Log in to Cisco Spaces.

Step 2

In the Cisco Spaces dashboard, choose Setup > Wireless Networks.

Step 3

Expand the Connect via Spaces Connector area using the respective drop-down arrow to display a list of steps.

Step 4

To test the connectivity from the Connector to an existing Catalyst 9800 controller, click View Controllers in the Step 3 Area.

  1. Click the pencil icon to edit a Catalyst 9800 controller.

  2. Choose an active Connector from the Connector drop-down list to enable the Test Connectivity button.

  3. Go to this step to test the connectivity to an existing AireOS controller.

Step 5

To add a new Catalyst 9800 controller, click Add Controllers from the Step 3 Area.

Step 6

From the Connector drop-down list, choose a Connector.

Step 7

Enter the Controller IP address, Controller Name, and from the Controller Type drop-down list, choose Catalyst WLC to connect to a Cisco Catalyst 9800 Series Wireless Controllers.

Step 8

Do one of the following:

  • Enter Netconf username, Netconf password, and Enable password. This choice allows the Connector to recover gracefully from NMSP drops and push a fresh configuration to the Catalyst 9800 controller whenever required. If you have not configured an enable password in Catalyst 9800 controller you can skip configuring the Enable password in this step.
  • Copy the configuration commands in the Catalyst WLC CLI commands section and run them manually on the Catalyst 9800 controller CLI.

Step 9

(Optional) Run the PING and SSH functionalities to test the reachability to the Catalyst 9800 controller and the credentials by clicking Test Connectivity. Note that Test Connectivity is available only for an active Connector.

Figure 1. Adding a Catalyst 9800 Controller
Table 1. Error Description

Status of PING

Status of SSH Credential Test

Meaning of status message combination and possible checks.

SUCCESSFUL

SUCCESSFUL

 Connectivity test is successful.

SUCCESSFUL

FAILED

Ping test to the Catalyst 9800 controller is successful. But SSH test has failed. Check the following:

  1. Is SSH enabled on the controller?

  2. Is the SSH port 22 of the Catalyst 9800 controller reachable from the Connector?

  3. Have you provided accurate SSH read-write credentials?

FAILED

SUCCESSFUL

Connectivity test is successful.

FAILED

FAILED

Both Ping and SSH test to the Catalyst 9800 controller have failed. Check the following:

  1. Is there IP connectivity between Connector and controller?

  2. Is SSH enabled on the Catalyst 9800 controller?

  3. Is the SSH port 22 of the Catalyst 9800 controller reachable from the Connector?

  4. Have you provided accurate SSH credentials?

  5. Is AAA enabled with local authentication?

  6. Are you using an interface that is NOT the wireless management interface for NMSP and SSH connectivity?

Step 10

Click Save, and then click Close.

You can see the new Catalyst 9800 controller in the Controller Channel area of the Connector GUI. The Catalyst 9800 controller that is connected successfully to the Connector appears as Active. It takes approximately five minutes for the controller to change to the Active state. Refresh your window to view the status change. The added Catalyst 9800 controller is also listed in the Controller Channel area of the Connector.

You can multiple Catalyst 9800 controllers to a Connector.

What to do next

You can import the added Catalyst 9800 controller to the Cisco Spaces location hierarchy.