WLAN Controller Integration

Integration with third-party Wi-Fi controllers, such as Aruba and Cisco, enables Wi-Fi Cloud to retrieve information on devices managed by the controller. Wi-Fi Cloud can use this information for Wireless Intrusion Prevention System (WIPS) classification and location tracking of devices.

To configure on-premise wireless controllers for use with a Cloud Integration Point (CIP), select System > WIPS > WLAN Integration.

For more information on how to configure a Cloud Integration Point (CIP), see Wi-Fi Cloud Integration with Third-Party Controllers using CIP.

These WLAN controllers are supported:

Aruba Mobility Controller

Integration with the Aruba wireless controller enables Wi-Fi Cloud to periodically retrieve information, such as wireless device details and signal strengths, from the Aruba Mobility Controller with SNMP (Simple Network Management Protocol). Wi-Fi Cloud uses this information to automatically classify devices managed by Aruba Mobility Controllers for WIPS security and tracks the location of devices detected by Aruba APs.

  1. Select the Aruba Integration check box.
  2. Click Add Controller.
  3. Configure the required options:
  • Controller (IP Address/Hostname) — IP address or host name of the Aruba Mobility Controller Wi-Fi Cloud communicates with.
  • Port Number — Port number of the Aruba Mobility Controller from which data is imported. The defaul is port 161.
  • Cloud Integration Point — From the CIP drop-down list, select a CIP-enabled WatchGuard AP that you want to use to communicate with Wi-Fi Cloud.
  • SNMP Version — Select SNMPv2 or SNMPv3.
  • Community String — User-defined community string that Wi-Fi Cloud uses to communicate with the Aruba Mobility Controller. The default value is public.

You must configure SNMP on the controller for SNMP communications to work correctly. On the controller, make sure that the Read Community String is set to the default public or your custom string in the controller SNMP configuration.

  • Import — Enable import of data from the Aruba Mobility Controller.
  • Managed APs — Import managed APs from the Aruba Mobility Controller.
  • Managed Clients — Import clients associated with APs managed by the Aruba Mobility Controller.
  • Managed Client Associations — Import information about client associations for APs managed by the Aruba Mobility Controller.
  • Unmanaged Access Points — Import APs not managed by the Aruba Mobility Controller.
  • Unmanaged Clients — Import clients associated with APs not managed by the Aruba Mobility Controller.
  • Unmanaged Client Associations — Import information about client associations for APs not managed by the Aruba Mobility Controller.
  • Signal Strength — Import signal strength information of managed devices from the Aruba Mobility Controller. Location tracking results can vary depending on the Aruba AP models used in the network.
  1. Click Save.

The Current Status field displays the status of the controller integration service:

  • Running — The service is running. The last time the data was retrieved from the controller is displayed.
  • In Process — This status appears for a short time immediately after you add a new controller and the service is in the process of collecting data from the controller for the first time. When Wi-Fi Cloud is ready to display the data, the status changes to Running.
  • Stopped — The service has stopped. The last time the data was retrieved from the controller before the service stopped is displayed.

These errors can appear:

  • A configured and enabled controller has a host name that cannot be resolved.
  • A configured and enabled controller is not reachable.
  • System server has stopped.
  • Internal error — You must contact WatchGuard Technical Support.

Imported APs displays the number of APs imported into Wi-Fi Cloud from the controller as of the last synchronization.

You can configure the Automatic Synchronization Interval from 15-60 minutes. Wi-Fi Cloud retrieves data from the controller one time each synchronization cycle. The default is 15 minutes.

Cisco Wireless LAN Controller (WLC)

When you integrate Wi-Fi Cloud with a Cisco Wireless LAN Controller (WLC), you can retrieve information, such as wireless device details and signal strengths, from the WLC using SNMP (Simple Network Management Protocol). Wi-Fi Cloud uses this information to automatically classify devices managed by the WLC for WIPS security and tracks the location of devices detected by Cisco APs.

These Cisco Aironet APs and WLCs are supported:

  • 1000, 1100, 1130, 1140, 1200, 1250, 1300, 1602, 2602, 3500, 3602, 3702
  • 1230, 1240 AG
  • 1815i, 1832i
  • WLCs with AireOS versions 4.2x to 8.2x
  • Cisco IOS based devices with Wireless Controller Module

To add a Cisco WLC in Wi-Fi Cloud:

  1. Select the Cisco WLC Integration check box.
  2. Click Add Controller.
  3. Configure the required options:
  • Controller (IP Address/Hostname) — IP address or host name of the WLC the Wi-Fi Cloud communicates with.
  • Port Number — Port number of the WLC from which data is imported. The default is port 161.
  • Cloud Integration Point — From the CIP drop-down list, select a CIP enabled WatchGuard AP that you want to use to communicate with Wi-Fi Cloud.
  • SNMP Version — Select SNMPv2 or SNMPv3.
  • Community String — User-defined community string that Wi-Fi Cloud uses to communicate with the WLC. The default value is public.

You must configure SNMP on the controller for SNMP communications to work correctly. On the controller, make sure that the Read Community String is set to the default public or your custom string in the controller SNMP configuration.

  • Import — Enable import of data from the WLC.
  • Managed Access Points — Import managed APs from the WLC.
  • Managed Clients — Import clients associated with APs managed by the WLC.
  • Unmanaged Access Points — Import APs not managed by the WLC.
  • Unmanaged Clients — Import clients associated with APs not managed by the WLC.
  • Signal Strength — Import signal strength information of managed devices from the WLC. Location tracking results can vary depending on the Cisco AP models used in the network.
  1. Click Save.

The Current Status field displays the status of the controller integration service:

  • Running — The service is running. The last time the data was retrieved from the controller is displayed.
  • In Process — This status appears for a short time immediately after you add a new controller and the service is in the process of collecting data from the controller for the first time. When Wi-Fi Cloud is ready to display the data, the status changes to Running.
  • Stopped — The service has stopped. The last time the data was retrieved from the controller before the service stopped is displayed.

These errors can appear:

  • A configured and enabled controller has a host name that cannot be resolved.
  • A configured and enabled controller is not reachable.
  • System server has stopped.
  • Internal error — You must contact WatchGuard Technical Support.

Imported APs displays the number of APs imported into Wi-Fi Cloud from the controller as of the last synchronization.

You can configure the Automatic Synchronization Interval from 15-60 minutes. Wi-Fi Cloud will retrieve data from the controller one time each synchronization cycle. The default is 30 minutes.

Advanced Configuration

Wi-Fi Cloud does not support some Lightweight Access Points (LAPs), such as the AP1030 and AP1130. To support these APs, you can request a configuration bundle from WatchGuard Technical Support and import the bundle into Manage. Only a superuser can import a WLC configuration file. All other users, including the administrator, have only viewing rights.

In the Advanced Configuration section, select Use Custom WLC Configuration and then click Upload Custom Configuration File. Select a file to upload.

The custom WLC configuration file from this bundle is used for all future WLC synchronization. The bundle is imported as a .tgz file. An error message appears if the file is not imported or if the file is corrupted.