Use built in MAC OS FTP Server to export Cisco WLC configuration
Working with Cisco Wireless LAN Controllers, it is sometimes needed to save and export the configuration into a text file format. It could be needed for backup purposes. Personally, I often do it so I can import the configuration into the WLC config analyzer. This is a tool developped by Cisco which helps analyzing the configurations. You can learn more about the WLC config analyzer on this website: https://supportforums.cisco.com/document/7711/wlc-config-analyzer
When exporting the configuration file, you have the choice of using the FTP, TFTP or SFTP protocol.
In this article, we will focus on exporting the configuration to the FTP server built into a MAC OS machine using the FTP protocol. For the testing we have used a Cisco WLC 2504 running AireOS 22.214.171.124 and a MacBook Air running MAC OS 10.11.3.
1 – Setup the FTP server on MAC OS
By default, the FTP server is already running. So all you need to do is:
- validate that the FTP server is running
- validate which users you can use to connect to the FTP server
To validate that the FTP server is running, open the Terminal app and type the following command: “netstat -na | grep .21 | grep LISTEN“. This command will display the listening connections on port 21 (port used by FTP). In the example below, the 2 last lines indicate that the FTP server is running and listening on port 21.
If you don’t see that the FTP server is up, running and listening. You can enter the following command in order to start the service: sudo -s launchctl load -w /System/Library/LaunchDaemons/ftp.plist
In terms of which users can connect to the FTP server, you can simply go to “System Preferences -> Accounts” to validate the users you have configured on your MAC. If you need more users, you can add user accounts. In the example below, both users “François Vergès – SemFio Networks” and “student” can connect to the ftp server:
2 – Test the connection to the FTP locally
Before transferring the configuration file over from the controller to your MAC. It is always a good idea to test the connection to your FTP server locally to make sure that you have the right credentials to connect.
In order to connect to the FTP server, you will need a username and a password. These are the one listed in the section above.
Open the Terminal application and type the following command: ftp localhost. The FTP server should ask you to enter your username and then your password. You should then be able to connect to the FTP server running on your MAC. Here is an example:
You are now almost ready to transfer some files between your Cisco controller and your MAC.
3 – Setup the connection to the Cisco WLC
Important note: Your MAC computer has to be connected to the wired network in order for the transfer to work. The controller will not allow the transfer if you are connected from the Wi-Fi network.
Here are the different way you may connect your MAC to the WLC:
- Connect your MAC to the wired network on the same vlan that is used for the management interface on the controller
- Connect directly your MAC to the service port (except for WLC 2504 which does not have a service port)
In my case, I performed my testing on a Cisco WLC 2504 so I connected my MAC to a switchport on the same vlan as the one I use for the management interface on the controller. In my case it was vlan 20.
Here is the setup I used to write this article:
So once you have connected your MAC on the same vlan as the management, you are ready to perform the actual FTP transfer.
4 – Transfer the configuration
Connect to the GUI of the controller and navigate to “Commands -> Upload File“:
In the drop down menu list name “File Type“, choose “Configuration“.
As a “Transfer Mode“, choose “FTP“.
Note: you have the possibility to secure the file by encrypting it before sending it over the network.
In the “Server Details” section, you need to fill out these different fields:
- IP Address: This is the IP address of the FTP server. So this is the IP address of your MAC computer.
- File Path: This is the path where you want to send your file onto the FTP server. If you leave “./”, it is going to send the file to the home directory of the user you are using for the transfer.
- File Name: This is the name you want to give to the configuration file onto the FTP server
- Server Login Username: This is your user account name on the FTP server
- Server Login Password: This is the password tied to this user account on the FTP server
- Service Port Number: This is the port used for FTP on the server (21 in my case)
Once you have filled out all the fields, you can click on the “Upload” button to start the transfer.
When the transfer is completed, you will get the following message: “File transfer operation completed successfully.”
Now, if I go back to my MAC computer, I can see that the configuration file is there, located on the home directory of the user “SemFio”:
5 – Troubleshoot the transfer
From the controller CLI, you can enter the following debug command to troubleshoot a transfer: debug transfer trace enable
Here is an example of the debug output of a transfer:
I hope this will help others since it is a pretty convenient way to transfer the full WLC configuration in a short amount of time.
written by François Vergès