5508 with LAG setup and 5508 without LAG that connects to 2 switches configuration

5508

method 1:

You can setup a 5508 using ALL of its ports or 2 of its ports using only 1 LAG group to 1 PHYSICAL switch.

Method 2:

You can also setup a 5508 using 2 of its ports (primary and backup going to SWITCH A ) and using the other 2 of the ports (primary and backup going to SWITCH B). In this scenario, you do NOT want to use LAG and it should be disabled. According to Cisco, 5508 does not support STP and also you cannot use more then 1 LAG group and connect to to 2 physical switches unless they are connected without LAG . Here is a good reference:

Cisco Wireless Controller Configuration Guide, Release 8.0 - Configuring Link Aggregation [Cisco Wireless LAN Controlle…

If someone wants to chime in and provide a screenshot of what the management interface on the 5508 WLC will look like in the GUI for the 2nd scenario, its more then welcome! The CLI configuration on the switch side would look like this for method 1:

If you are setting up using method 1 with LAG, the switch configuration is as follows:

• Each neighbor port to which the controller is connected should be configured as follows:

  
  interface GigabitEthernet <interface id>
   switchport channel-group <id> mode on 
  no shutdown 
  

• The port channel on the neighbor switch should be configured as follows:

   interface port-channel <id> 
  switchport 
  switchport trunk encapsulation dot1q 
  switchport trunk native vlan <native vlan id> 
  switchport trunk allowed vlan <allowed vlans> 
  switchport mode trunk 
  no shutdown

On the controller for the 5508, you would enable LAG under the 'Controller' page, "LAG Mode on next reboot" set to "Enabled"

I will include screenshots at a later time.

=================================

NTP setup on a 3650/3850 switch

NTP:

This is fairly easy.

Conf t

Ntp server 10.1.1.1

End

Use the command ' show ntp associations' to check.

=================================

Cisco Spark Bot Integration

Creating a Cisco Spark integration can be interesting. Here is the sample code and i've added a few things to it. With this code you can add a person to the Cisco Spark room by email, remove a person by email and anytime someone says hello, the bot will say hello back by name.


Code as follows:

var Flint = require('node-flint');

// define flint setup
var config = {
  // url to access this app's webservice
  baseUrl: 'http://sparkbot-lperera3.c9users.io',
  // port that local server listens on
  localPort: process.env.PORT,
  // spark account email
  sparkEmail: 'lperera@la-networks.com',
  // spark api token
  sparkToken: 'MDA2ZDk1YTQtOWUzNy00ODA3LTk3MDYtMWE2MjJhZDg5ZjQ3NDRlN2RhNzAtNmVh'
};

// init flint framework
var flint = new Flint(config);


// echo test
flint.hears('/echo', function(bot, trigger) {
  bot.say(trigger.args.join(' '));
});

// add a person or people to room by email
flint.hears('/add', function(bot, trigger) {
  var email = trigger.args;
  if(email) bot.add(email);
});

// remove a person or people from room by email
flint.hears('/remove', function(bot, trigger) {
  var email = trigger.args;
  if(email) bot.remove(email);
});

// anytime someone says hello
flint.hears(/(^| )hello( |.|$)/i, function(bot, trigger) {
  bot.say('Hello, %s!', trigger.person.displayName);
});

Adding a SNMP configured device into ISE

After you have configured SNMP on the WLC or SWITCH, do the following:

Login to ISE






Click on Administration --> Network Devices --> +Add



 Check off "SNMP Settings" and fill in the SNMP info.






Now go back into the WLC that you just added and be sure to add the different interface IPs that go with each WLAN so that ISE knows about them.

You are done!

Adding a SNMP configured device into Cisco Prime

Adding an SNMP configured device into Cisco Prime

After you have configured SNMPv2 or SNMPv3 on the WLC or Switch, login to Cisco Prime:




Click on Configuration --> Network --> Network Devices --> Add Device

Choose SNMP and then choose SNMPv2 or SNMPv3


Do the same for SSH and you can choose Verify Credentials or Click Add and you're done!

Configuring a device for SNMP

This will cover setting up SNMPv2 and SNMPv3 and adding these devices into Cisco Prime 2.2


What is SNMP? According to Cisco documentation, SNMP is "an application layer protocol, facilitates the exchange of management information among network devices, such as nodes and routers. It comprises part of the TCP/IP suite. System administrators can remotely manage network performance, find and solve network problems, and plan for network growth by using SNMP."

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/managed_services/8_6_1/cucm/managed_services/snmp.html

What are trap logs? Traps are messages that are recorded and then they get reported in real time as the events occur. These traps are ususally sent via SNMP to a network monitoring server like Cisco WCS or Cisco Prime.

Few common traps:
* reports of rogue APs
*Aps with excessive client loads
*interference or noise
*coverage holes detected
CleanAir events

Trap types can be configured in the WLC under Management --> SNMP --> Trap Controsl page.

Syslog and SNMP? What is the difference?
You dont have to use both. Syslog is on port 514 UDP while SNMP traps are on port 162 UDP

SNMP traps can relate to the events you want to see that is being triggered on the device without having to turn on debug for everything.

SYSLOG will send anything that you can see on the CLI of the device at whatever the level you have set for logging.

Simply put, syslog sends system messages to a logging server. It will send messages from time to time while SNMP will send a message if you have a trap setup specifically.  SNMP is more secure. SNMP can be used to pull statistics and network utilization from interfaces.

http://www.cisco.com/en/US/technologies/collateral/tk869/tk769/white_paper_c11-557812.html#wp9000392
===================================================================
Setting up SNMPv2 on the WLC (read-only):
snmp community create mysnmpv2ro
snmp community ipaddr 192.168.1.1 255.255.255.0 mysnmpv2ro
snmp community accessmode ro mysnmpv2ro
snmp community mode enable mysnmpv2ro

*note: The IP address is the IP of the prime server

Setting up SNMPv2 on the WLC (read-write):
snmp community create mysnmpv2rw
snmp community ipaddr 192.168.1.1 255.255.255.0 mysnmpv2rw
snmp community accessmode rw mysnmpv2rw
snmp community mode enable mysnmpv2rw

Setting up SNMPv2 on a Switch:
snmp-server community mysnmpv2rw rw
snmp-server location los angeles
snmp-server contact info@lperera3.blogspot.com
snmp-server chassis-id cisco4500-switch

configuring to send alerts:
snmp-server host 192.168.1.1 version 2c mysnmpv2rw
snmp-server enable traps snmp linkdown linkup coldstart warmstart
====================================================================

Setting up SNMPv3 on a Switch:
snmp-server user snmpv3username snmpv3groupname v3 auth authpwd123 priv aes 256 privpwd123

snmp-server user snmpv3username snmpv3groupname v3 auth md5 authpwd123 priv des privpwd123

Tie it to an ACL:
snmp-server user snmpv3username snmpv3groupname v3 auth md5 authpwd123 priv des privpwd123 acc 10

ip access-list standard 10
permit 192.168.1.1

show commands:
show snmp user
show access-list 10

====================================================================

Setting up SNMPv3 on the WLC:

config snmp v3user create mysnmpv3 rw hmacsha aescfb128 authkey123 encryptkey123
config snmp version v3 enable
config snmp v3user delete default