Courseiva
WirelessGlobal Config

wlan [profile-name] [wlan-id] [ssid]

Creates or modifies a WLAN profile on a Cisco wireless LAN controller, associating it with a WLAN ID and SSID for wireless client access.

Syntax·Global Config
wlan [profile-name] [wlan-id] [ssid]

When to Use This Command

  • Configuring a new guest wireless network with open authentication for a retail store.
  • Setting up a secure corporate WLAN with WPA2-PSK for employee access.
  • Modifying an existing WLAN to change the SSID or enable broadcast SSID.
  • Creating multiple WLAN profiles for different VLANs or security policies on the same controller.

Command Examples

Create a new WLAN with WPA2-PSK security

wlan GuestNet 1 Guest_SSID
WLAN Profile Name: GuestNet
WLAN ID: 1
SSID: Guest_SSID
Status: Enabled
Broadcast SSID: Enabled
Security: WPA2-PSK
PSK: (configured)

The output shows the WLAN profile name 'GuestNet' with ID 1 and SSID 'Guest_SSID'. Status is enabled, broadcast SSID is on, and security is set to WPA2-PSK with a pre-shared key configured.

Modify an existing WLAN to disable SSID broadcast

wlan CorpNet 2 Corporate_SSID
WLAN Profile Name: CorpNet
WLAN ID: 2
SSID: Corporate_SSID
Status: Enabled
Broadcast SSID: Disabled
Security: WPA2-Enterprise

The output indicates the WLAN 'CorpNet' is configured with ID 2, SSID 'Corporate_SSID', broadcast SSID disabled (hidden network), and WPA2-Enterprise security for 802.1X authentication.

Understanding the Output

The output from the 'wlan' command displays the WLAN profile configuration. Key fields include: 'WLAN Profile Name' (user-defined identifier), 'WLAN ID' (numeric identifier 1-16), 'SSID' (the network name broadcast to clients), 'Status' (Enabled/Disabled), 'Broadcast SSID' (Enabled means visible, Disabled means hidden), and 'Security' (e.g., WPA2-PSK, WPA2-Enterprise). In a real network, ensure the WLAN ID is unique and the SSID matches organizational naming conventions. A disabled status or incorrect security can prevent client connectivity. Watch for mismatched security settings between the controller and client expectations.

CCNA Exam Tips

1.

CCNA exam tip: The 'wlan' command is used in global config mode on a WLC; remember that WLAN IDs must be unique and range from 1 to 16.

2.

CCNA exam tip: Know that disabling broadcast SSID does not secure the network; it only hides the SSID from beacon frames.

3.

CCNA exam tip: The exam may test that WLAN profiles are applied to specific interfaces or VLANs using the 'wlan' command followed by interface configuration.

4.

CCNA exam tip: Be aware that the 'wlan' command creates the profile, but additional commands like 'security wpa psk' are needed to set the passphrase.

Common Mistakes

Mistake 1: Using the same WLAN ID for multiple profiles, causing configuration conflicts.

Mistake 2: Forgetting to enable the WLAN after creation, leaving it in 'Disabled' state and clients unable to connect.

Mistake 3: Misconfiguring the SSID with spaces or special characters that are not supported by some clients.

Related Commands

show wlan summary

Displays a summary of all WLANs configured on a Cisco wireless controller, used to quickly verify WLAN IDs, names, SSIDs, status, security settings, and interface bindings.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions