The next-generation wireless controller from Cisco is here. It’s completely written with IOS-XE, different from the Converged Wireless days. In this tutorial, I’ll be going through the deployment of the C9800-CL. To learn how to install the C9800-CL on VMware Fusion check out François Vergès’ blog.
Do you find this content useful? If so, consider buying me a coffee! ☕
Hardware
For this lab, I initially tried to get this working using an 6th Generation Intel Core i3 Processor NUC. The i3 is not going to work.
To run the Catalyst 9800 wireless LAN controller you should get an Intel i7, minimum. My VMware lab included:
- Intel NUC mini PC kit NUC7i7BNH (Intel Core i7)
- 32GB Kit (2 x 16GB) 2400Mhz PC4-19200 260-Pin So-Dimm DDR4
- Samsung 850 EVO 500GB 2.5-Inch SATA III Internal SSD
- SanDisk Cruzer Fit 8GB USB (for ESXi)
The whole kit cost me approximately $789.79.
VMware ESXi
I’m using version 6.7.0 of VMware ESXi which is stored on the 8GB USB drive. The host boots off of that USB drive so I can keep as much of the hard drive space dedicated to virtual machines.
Prior to deploying Catalyst 9800 controller you’ll want to configure three networks within ESXi or port groups.
C9800-CL has three network interfaces. Each one will be mapped to a port group assigned on the VM. Here’s how the interfaces map on boot:
- GigabitEthernet1 = Device management interface
- GigabitEthernet2 = Wireless management interface
- GigabitEthernet3 = HA interface
The Device management interface will be used as an out-of-band management to the Catalyst 9800 controller.
The Wireless management interface will be used for AP management and can also be used to manage the controller.
The HA interface is used for redundancy between C9800 controllers.
I have two different port groups defined within ESXi for initial deployment.
- VM Network – Where GigabitEthernet1 will be mapped.
- INFRA – a trunk port where GigabitEthernet2 will be mapped.
Step 1 – OVF Tool
Next, you have to download and install the VMware OVF Tool. This is going to be used to deploy the .ova file of the C9800-CL. We are required to use the OVF Tool since we’re not running VMware vSphere Client.
Download and install the OVF Tool from VMware with a login.
Catalyst 9800-CL Controller
It’s important to understand which version of the C9800-CL will be deployed. In this lab, I am using the Small configuration.
Step 2 – Download OVA File
Next, download the .ova file for the C9800-CL. In this tutorial I am using version Gibraltar-16.101e. (You’ll need a CCO account and a valid support contract to download the .ova file.)
Step 3 – ovftool
Now that the file is downloaded to your Desktop, the first step is to create an ovftool file with some parameters for the virtual machine which will be used to deploy the .ova.
vi .ovftoolWithin this new file, insert the following text and save.
acceptAllEulas
datastore=datastore1
deploymentOption=4CPU-8GB
name=9800-wlc
net:GigabitEthernet1=VM Network
net:GigabitEthernet2=INFRA
net:GigabitEthernet3=LAB WIRELESS
prop:com.cisco.vwlc.hostname.1=9800-wlcYou’ll want to modify the datastore entry to match whatever your datastore is.
The deploymentOption is set to the small instance.
The network interfaces are also mapped to a port group within VMware ESXi. You’ll want to change those networks to match what you have in your environment.
Step 4 – Transfer ova File to VMware ESXi
Now, we’re going to transfer the .ova file to ESXi. Here’s the command to run on OSX command line.
/Applications/VMware\ OVF\ Tool/ovftool ./wlc9500C-universalk9.BLD_V1610_THROTTLE_LATEST_20181006_071153_V16_10_0_134-vga.ova vi://"root:<password>”@ip-address-of-esxiWe’re using the ovftool to deploy the .ova file we selected, in this case the C9800-CL, to our ESXi server. I am passing the login credentials to the ESXi server.
Once completed you’ll see the following message:
Opening OVA source: ./wlc9500C-universalk9.BLD_V1610_THROTTLE_LATEST_20181006_071153_V16_10_0_134-vga.ova
The manifest validates
Opening VI target: vi://root@192.168.140.5:443/
Deploying to VI: vi://root@192.168.140.5:443/
Transfer Completed
Completed successfullyStep 5 – Check VMware ESXi
You should now see the VM deployed in ESXi but it hasn’t started up yet. Select the VM and click on Power On.
Step 6 – Initial Configuration
Click on Console to open a console in-browser for the C9800-CL. You’ll see the controller boot up process. Once boot is completed, you’ll be prompted to enter initial configuration mode. Make sure to terminate autoinstall and opt out of entering intial configuration by saying no.
terminate auto install
Would you like to enter the initial configuration dialog? [yes/no]: no
Would you like to terminate autoinstall? [yes]: Step 7 – Device Management Interface
Now we’re going to configure the device management interface so the controller can be managed out-of-band. My out-of-band management will be set on GigabitEthernet1.
We will first add a static IP address and set a default route for the controller . This is to properly communicate on the network across subnets.
en
conf t
int g1
no switchport
ip address 192.168.140.6 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.140.1
Step 8 – Create Login Account
In order to access the C9800-CL CLI and web interface we’ll need to create a login.
Username admin priv 15 secret password1234Step 9 – Day 0 Configuration
The initial configuration is complete with an IP address and user account to log in. Browse to the IP address of the C9800-CL and enter the credentials you defined in Step 8.
General Settings
In this section various parameters are defined such as the Country, time/timezone, NTP servers, and
Wireless Networks
Click on Next and now it is possible to create a wireless network. To create a new wireless network, click on Add and you will be prompted for the network name, type, and security settings.
Configure the wireless networks to your environment. Then click Next.
Advanced Settings
In this window, configure your RF Group name. Under AP Certificate ensure YES is selected and a password is configured for the AP certificate. The AP certificate is what allows access points to join the C9800-CL controller.
Click on Next to view the Summary to view all the changes.
Once everything has been reviewed Click on Finish. The initial configuration is complete. You will be logged out and prompted to log back in.
After logging in you will be able to configure the Catalyst 9800-CL controller. Further configuration of the C9800-CL will be covered in a future post.
Thank you Rowell for taking the time to publish this tutorial! I have to admit I was working on the same thing, very soon I may have to deploy a few 9800-CL to upgrade the existing infrastructure. I also started on a NUC however, I didn’t know about the OVF tool. I thought I should probably share my approach, maybe it could help on building on your presentation. My approach was a little bit different, after installing the controller a few times I realized this may have to be addressed as two deployments, a switch deployment and a controller deployment (as you mentioned in your video at the end). The controller OOB management interface was getting in the way and initially I didn’t know what to do with it. All this to say that my solution was to use a tftp server and let the controller download the initial configuration from tftp. By doing this, I was able to address the switch part of the configuration: ports, vlans, banner, AAA, NTP, DNS, SNMP. For the management part (optional), also part of the tftp configuration, I moved the OOB in a VRF and added the necessary routing. Once this was completed, I was able to ssh into the controller and add some wifi specific configuration (country code). What’s amazing (an on my to-do list) is we may be able to provision APs via CLI by adding their mac addresses in the 9800-CL configuration.
All the best!
Eugen
P.S.
Many thanks for all the effort you and Francois are putting in with the Clear To Send podcast, it’s really appreciated!
Thanks for sharing your experience. It’s very helpful for others.
Hi Rowell,
I want to deploy 9800-CL on ESXi on two different server.
I dont know how server configuration will be for RP port.
Akshay
You’ll need a separate interface for it on ESXi. Configure them on the same subnet.
Thank’s Rowell Nice tutorial! Very appreciate!
Do you have a video or tutorial that explain how to register / evaluation licence, i don’t want company that i work for be bill for the license. I just want to test it before we buy.
All you need is a Cisco CCO and you should be able to download the file. You can register a new account if you’d like.