CTS 181: Cisco Catalyst 9800-CL Setup

Rowell’s post: https://rowelldionicio.com/deploying-cisco-catalyst-9800-controller-on-vmware-esxi/

François’s post: https://www.semfionetworks.com/blog/setup-cisco-catalyst-9800-controller-on-your-laptop

Cisco introduced the new Catalyst 9800 Wireless LAN Controller: https://www.cisco.com/c/en/us/products/wireless/catalyst-9800-series-wireless-controllers/index.html

One of the main new features was the fact that they released a cloud version (escentially a VM) that you could install pretty much anywhere you want:

  • On a private Cloud
  • On a public Cloud (AWS)
  • Locally on a computer or server

They call it the C9800-CL.


  • No need to maintain a physical controller. Gives you access to the advanced features without having to install hardware.
  • Could be used for lab and quick testing.
  • Easier to scale. Start small and scale up as required.
  • Take advantage of the advantage of a public cloud infra.

We went through the setup process two different ways and wanted to share our experience:

  • Installing on a local mv on your laptop (vmware fusion)
  • Installing on a small local esxi server

Hardware Required

  • To install it on vmware fusion, you don’t need anything apart from your laptop
  • To install it on a local esxi server, we used
    • Intel NUC with an Intel Core i7 processor (Important)
    • 32GB or RAM
    • 500GB of internal SSD
    • 8GB USB SanDisk Cruzer Fit for ESXi

VMWare Setup

C9800 Initial Setup and Configurations

  • The zero day config might not be the best way to go if you want to learn how to configure the controller later on. It could be the easy way to go for a quick deployment.
  • Was easier to set it up via CLI the first time and then HTTPS into it
    • Configure the IP address, route, country code, user, management interface and generate a certificate to establish DTLS connections with the APs
  • Then you can open up a browser and connect to the C9800-CL via HTTPS

Connect an AP

  • In order to have an AP connected to the controller, you will need some sort of DHCP server

Note: VMotion is not yet supported.

CTS 150: Wi-Fi Design Day, NAC, Troubleshooting, C9800, and More

Stephen Cooper flies from Australia to San Jose to record in-person for Clear To Send. But really he was in town for work and made time to meet with me, Rowell, to talk about different topics in wireless.

Interview with Stephen Cooper

We met at the Westin hotel which happened to be the quietest place downtown due to a winter holiday event occurring.

He’s a Technical Solutions Architect for Cisco residing in Australia. Previously was the Ekahau SE for Asia Pacific working out of Australia. And before that he was at Dimension Data.

It’s challenging to find wireless guys who understand wireless and network access control such as Cisco ISE or Aruba ClearPass. At Dimension Data Stephen had to work on these types of projects. Network access control usually falls with the security team and the wireless guys don’t have much insight into how it’s deployed.

Troubleshooting is critical for wireless professionals. Understanding how the network should be working helps identifies root causes faster.

While at Ekahau, Stephen was very remote from the rest of the team. He met with a lot of customers where shifting their minds towards thinking about design first and understanding fundamentals. A vendor default is not vendor recommendation. And a challenge Stephen noticed at Ekahau is customers may not necessarily know that distinction.

When it comes to design, we often see that device types are forgotten and not considered into the design process. But the wireless community has been very good at bringing device types and their characteristics into light.

Moving to Cisco, Stephen has been able to work with clients on wireless designs, helping with migration strategies between controllers, helping customers understand how to get onto locations services network or VoIP ready network. He’s more focused on wireless and Cisco DNA – future architecture.

With Cisco’s next generation wireless architecture and intent-based network, Stephen thinks you have more flexibility with how you can deploy new controllers, but there’s still life in the AireOS controllers. There’s a large legacy install but they can still do telemetry you can use in DNA Assurance. You may not get the same level as detail compared to the C9800s.

Wi-Fi Design Day was born out of Ekahau and was started in the UK. It was meant to educate people but have it a community driven event. The first event was a huge success in London and when it was announced in Australia it was also popular. The event is unique where it’s vendor neutral with experts from multiple vendors talking about Wi-Fi as well as end users talking about their use cases. This event is much smaller and intimate compared to larger conferences.

Links & Resources

Twitter: Stephen__Cooper
Blog: wificoops.com