Chapter 3 Configuring Ports and Interfaces
Overview of Ports and Interfaces
Note If the service port is in use, the management interface must be on a different subnet from the
AP-Manager Interface
A controller has one or more
The static (or permanent)
•Sends Layer 3 messages through the network to autodiscover and communicate with other controllers.
•Listens across the network for Layer 3 lightweight access point LWAPP polling messages to autodiscover, associate to, and communicate with as many lightweight access points as possible.
Note Refer to the “Using Multiple
Note When LAG is disabled, you must assign an
Virtual Interface
The virtual interface is used to support mobility management, Dynamic Host Configuration Protocol (DHCP) relay, and embedded Layer 3 security such as guest web authentication and VPN termination. It also maintains the DNS gateway host name used by Layer 3 security and mobility managers to verify the source of certificates when Layer 3 web authorization is enabled.
Specifically, the virtual interface plays these three primary roles:
•Acts as the DHCP server placeholder for wireless clients that obtain their IP address from a DHCP server.
•Serves as the redirect address for the Web Authentication Login window.
Note See Chapter 5 for additional information on web authentication.
•Acts as part of the IPSec configuration when the controller is used to terminate IPSec tunnels between wireless clients and the controller.
The virtual interface IP address is used only in communications between the controller and wireless clients. It never appears as the source or destination address of a packet that goes out a distribution system port and onto the switched network. For the system to operate correctly, the virtual interface IP address must be set (it cannot be 0.0.0.0), and no other device on the network can have the same address as the virtual interface. Therefore, the virtual interface must be configured with an unassigned and
Cisco Wireless LAN Controller Configuration Guide
| ||
|