I was playing a little with Wireless LAN Controller (WLC) on NME module dedicated for Cisco ISR and ISR G2 routers. In all configuration guides at cisco.com you are advised to create subnet for management and ap-manager and distribute it over your LAN. This is not always good solution and you might want to have at least management on same subnet as you manage all of your devices. It is possible and easy.
This is my management subinterface
interface GigabitEthernet0/0.32 encapsulation dot1Q 32 ip address 10.133.32.80 255.255.252.0
Most of the configuration guides on cisco.com refers, that connection between module and router itself must be on separate subnet. I don’t like that because my VLAN 32 is routable in LAN network and some others are not. You can thankfully use unnumbered interfaces
interface Integrated-Service-Engine1/0 ip unnumbered GigabitEthernet0/0.32 no keepalive
Let’s check module status
C3925-WLC-pwo#service-module integrated-Service-Engine 1/0 status Service Module is Cisco Integrated-Service-Engine1/0 Service Module supports session via TTY line 67 Service Module is in Steady state Service Module heartbeat-reset is enabled Getting status from the Service Module, please wait.. Cisco WLAN Controller 18.104.22.168 Running
Ok, looks fine, so we can connect to module and pass configuration wizard. I’m not going to focus on wizard here, just one option. If we are using unnumbered addressing the same subnet will be used on router and controller, we have to configure management this way:
Management Interface IP Address: 10.133.32.81 Management Interface Netmask: 255.255.252.0 Management Interface Default Router: 10.133.32.1 Management Interface VLAN Identifier (0 = untagged): Management Interface Port Num : Management Interface DHCP Server IP Address: 10.133.32.80
But because integrated-Service-Engine 1/0 interface is layer 3 interface, to allow communication with rest of network we have to set static IP route on router pointing to Management Interface
ip route 10.133.32.81 255.255.255.255 Integrated-Service-Engine1/0
We should do the same for AP Manager interface. After controller module restarts we should be able to connect to WLC via web browser.
You can use unnumbered interfaces for connecting VLANs that will be propagated via SSID’s but it’s more wisely to use separate VLANs and configure routing between subnets.