WLC PORTS (Logical Interfaces)

Understanding the function of each logical interface is essential to successfully installing and operating a Cisco WLC-based wireless network. The WLC’s logical interfaces are used for various tasks such as managing controllers, access points, user data, and managing wireless SSIDs broadcast by access points.

1. Management Interface: The management interface is the default interface for controlling and using the WLC. Through the WLC’s administrative interface, the access point also communicates with it. The IP address of the administration interface, which is the only pingable IP address, is used by the administrator to manage her WLC.

The administrator can access her WLC’s configuration GUI by entering the management interface IP address in a web browser to log into the system.

2. AP-Manager Interface: Once the lightweight access points have joined the controller, all Layer 3 communications take place through one or more AP-manager interfaces that the controller may have. His IP address in the AP management is used as the tunnel source when sending CAPWAP/LWAPP packets from the controller to the access point and as the destination IP address when sending packets from the access point to the controller. Although models like the WLC2504 and WLC5508 lack a standalone AP-manager interface, setting one up and utilizing it is optional. Certain models have a setting in the management interface settings called “enable dynamic AP management,” which enables simultaneous usage of the management interface as an AP manager interface. Although each AP-manager interface is capable of supporting up to 48 access points, according to the documentation published by Cisco, the most recent firmware upgrade allows the smaller WLC model (2504) to support up to 75 access points. We are here to help. This limit has reportedly been raised to 75 because it is now accepted. A dual management/AP manager interface is present. A number of AP-manager interfaces should be set up if you install more access points.

3. Virtual Interface: Virtual interfaces provide DHCP relay functionality, guest web authentication, VPN termination, and other services used to manage and support wireless clients. The virtual interface performs two main functions:

• Acts as a temporary DHCP server for wireless clients that obtain IP addresses from a DHCP server. 
• Used at this point to direct the user to her web authentication login page (if configured). 

Controllers and wireless clients are the only parties that can communicate using the IP address of the virtual interface. It does not appear on packets exiting the distribution port and traveling to the local network as a source or destination address. Finally, virtual interface IP addresses must be unique across the network. Therefore, 1.1.1.1 is a commonly used IP address for virtual interfaces. For roaming between controllers to work properly without losing connectivity, each controller in the mobility group must be configured with the same virtual interface IP address.

4. Service Port Interface: The controller is managed out-of-band through the service port interface. If your management workstation is on a remote subnet, you may need to add IPv4 routes to manage the controller from the remote workstation. Note that the manager/AP-manager interface and service port IP addresses cannot be on the same subnet. WLC2124 and WLC2504 are small WLC devices without a service port interface.

5. Dynamic Interface: The easiest way to describe how they work is to think of dynamic interfaces as VLAN interfaces on your wireless network (SSID). One dynamic interface is configured per WLAN/SSID. A dynamic interface is assigned to a specific VLAN network after a wireless network or SSID has been assigned. As already mentioned, dynamic interfaces can be assigned to different physical distribution ports, allowing traffic from specific WLANs to be routed to the wired network through specific distribution ports. In this case, each distribution port carries only one VLAN on one access link. Another option is to map all dynamic interfaces to one distribution port and let it act as a trunk port, broadcasting all WLANs and VLANs. This is a common configuration technique for small networks. The final requirement is that each dynamic interface must be on a unique IP subnet or VLAN from all other interfaces. The WLC2504 controller can manage up to 16 SSIDs, thus supporting up to 16 VLANs and up to 16 dynamic interfaces.

The IETF Control and Provisioning of Wireless Access Points Protocol (CAPWAP) standard are used by Lightweight Cisco Access Points for the purpose of communicating with wireless controllers and other lightweight access points on your network.