Cisco :: 4400 - Cannot Copy Configuration From Controller To WCS
Feb 22, 2011
When I try to import configuration from the controller 4400 to my WCS it gives the following message:
Status Refresh succeeded but some records were dropped because their key fields failed validations.
When i see the config in the WCS, all of my light access points are not on it. I check for the logs and this is What I get: (its a lot of info, so I am putting an example!)
I'm looking for a document that states the best practices for WLC configurations (Management/Security/AP's..etc). I can currently only find the following document:URL
But this document has last been updated in 2008, in a few days that's almost 5 years ago, and we all know how quickly technology is evolving. 10Gb wireless is around the corner, with 1GB starting to go production now. This document also mentions the 4400 (which is end of life).
We have a customer that have 2 5508 as primary and backup controller and a 4400 as an anchor controller. We plan to upgrade the 5508 to 7.3.112.0 and the 4400 is already 7.0.116.0. Will there be any issue if the anchor controller is not the same code as the foreign controller? Do I also have to upgrade the acnhor controller to 7.0.240.0?
I know how to access the GUI from the service port. However, I am not able to access from Port 0. IPs have all been properly set. We have a management VLAN in our enterprise. I have configured the WLC management interface for an ip on that subnet. Port 0 is connected to a 3560G switch. I have set the switch port to be an access port to the management vlan and I have tried to set the switch port as a trunk, with the native vlan set to the management vlan. I am not able to ping nor access the web GUI remotely via the management vlan.
I have a Cisco Series 4400 WLAN controller and I'm trying to connect a lightweight AP to the controller. I have already assigned the switch port to use my wi-fi VLAN, and have connected the AP to the switch. After a few minutes, the light on the AP goes from green to light blue (indicating it's serving clients). When I log into he wi-fi controller to look for the Ethernet mac address of the new AP, I do not see its Mac Address. I want to be able to rename the AP to reflect where it will be used, but need to select the AP via its Ethernet mac address before I can make any edits like changing its name etc. I've gone through the "monitoring" menu, selected "All" and still do not see it in their via its MAC address. I also will select the "wireless menu" which lists all the AP's on my network, listing in order from on the longest running, to just powered on.Is there something I'm missing like a "re-scan" that scan's all devices?
I've download a login.html into the controller successfully, but when I preview the page there isn't an accept button. Do I need to create the accept button with the html file or is there some place I need to enable on the controller itself. After download the .tar file I reboot the controller but no luck. I also create a java script button redirect but it didn't redirect to where I needed to go. It just stuck on the splash page.
give me the run down on the features removed from the 4400 series in the 2500 series? Obviously 4400 is now EOL, and so i cannot purchase new. Therefore I was looking at the 2500 for my implementation to save costs also.I would like to have two SSID's, running seperate VLAN's, one voice, one guest, trunk the link to the AP's, which will be 1131AG or newer, N possibly. Voice needs to be encrypted with WPA or WPA2, guest needs to be open using the guest access feature. Here's a sample but with EAP:
[URL]
Is this supported to have WPA on one SSID and Guest access on the other? i did spot a paragraph in the 4400 manual stating that certain restrictions apply regarding one SSID having encryption and the other being guest mode?I notice also in the WCS documentation, it doesn't explicitly state it supports the 2500 series under the managed devices section?
in one of the sites, the client has an exisiting 4402 controller which he moved to the DMZ in order to set it as an anchor & he purchased two new 5508 controllers to control the corporate APs. I configured all the parameters needed for the guest anchoring & then I tested the connection but there was an issue. (all the controllers are running the same firmware version)after testing the setup, the guest users could get an IP from the internal DHCP of the anchor controller (in DMZ), but then they cannot reach the internet or anything outside the anchor controller.Cisco confirmed that the 4400 is fully compatible with the 5500 to work in an anchor-foreign secnario as long as they are running the same firmware version. yet, when I temporarily used one of the 5500 controller in the DMZ as an anchor & I applied the exact same configurations on it as the 4400, it worked perfectly without any issues.
note: on the anchor controller (4400), the management & AP-manager interfaces reside on the same subnet & the wireless guest SSID is also mapped to the management interface. (may be this setup is causing the issue) but on the 5500 it is working just fine?
Windows laptops that do not roam from one AP to another on the same 4400 controller? Particularly using an Atheros chipset - works fine under Linux... It's a WPA2/AES enterprise network on a controller running 7.0.220.0
I read the configuration guide about the 7.3 release. And I figured out that you will need a hash key for establishing a mobility group relation between a controller and a virtual controller. The 7.3 release for the 5500 series works fine for me.But the latest release 7.0.235.0 for the wireless lan controller series 4400 does not have a functionality to add a hash key while creating a new mobility group member.The command "config mobility group member hash" is totally missing. How to establish a mobility group between a 4400 controller and a virtual then ?
I read the configuration guide about the 7.3 release. And I figured out that you will need a hash key for establishing a mobility group relation between a controller and a virtual controller. The 7.3 release for the 5500 series works fine for me.
But the latest release 7.0.235.0 for the wireless lan controller series 4400 does not have a functionality to add a hash key while creating a new mobility group member. The command "config mobility group member hash" is totally missing.
how to establish a mobility group between a 4400 controller and a virtual then?
I want to configure a Cisco Wireless Lan Controller (4400 and 5500 series) with to data ports for failover? I think the primary and secondary ethernet connections should be configured as trunks. I cannot find anything on CCO about this or on the internet per se. I know how to configure for failover with APs but cannot find anything on how to configure the controller in case an the ethernet port goes down.
We are facing an issue with a customer where a Cisco 4400 Series controller is blocking the 802.11a/n Radio Interface of a 1250 AP. The radio shows as down on the controller GUI. The error message on the GUI is that the 'Regulatory Domain' is not supported. This can be seen from the attached screenshot. Also relevant parts of the WLC configs are attached. WLC: Cisco 4402 WirelessWLC Country: SADevice: Cisco Lightweight Access Point 1250 (LAP) is controlled through the 4402 Cisco Wireless LAN Controller (WLC)The operating system version of the LAP: c1250-k9w8-mx.124-18a.JA version of the WLC: Software Version 5.2.178.0 The problem is that the controller shows that the 802.11a/n Radio Interface in Radio Slot # 1 is always down , the customer tried to manually 'no shut' the AP interface from the console and it worked , but obviously this solution would not work as the configuration cannot be saved (LW AP).
We have a Cisco 4400 series wireless controller deployed as a Guest Anchor in a private DMZ. We have 13 foreign controllers anchored to this for Guest Wireless. We recently anchored 17 additional controllers to this Anchor controller. Since we have done that, periodically on just 3 of the foreign controllers, the control path shows down on the mobility peer, then comes back up. We have had this issue in the past, but it resolved itself. However, now we are seeing this issue again. Are we reaching a limit on EoIP tunnels? I have read that there is a max of 71, and that is per controller, not SSID. We do have a firewall in the middle but all necessary ports are open.
We have had this issue for quite sometime, it just does not happen frequently. Since we have added the additional controllers, it is now happpening very often, but only with 3 controllers. There is not much in common with these 3 controllers. 2 are 4400 series, and 1 is a 5508. All 3 are local on a campus LAN, different networks. Could it have anything to do with memory or utilization?
I recently upgraded our controllers to the latest version 7 software, as I read this was one of the requirements to get them to connect. But I am not having any luck getting into a controller. Normally I plug them in to the network, they pop into the controller listed as something like AP5057.a844.xxxx and then I can finish configuring them, but a static IP on them, etc. This is the first of this model AP I have tried to deploy, so I am wondering what is different with these. or what I might be missing in the default config in the WLAN controllers. Niether of which are set to "Master" either.
I set up one AP-1041 that runs standalone IOS. No controller. I have three more that I want to copy the setup configuration over to. I have the right document, but which commands will get my set configuration from AP one FTP'd to my computer and how to copy that configuration back to another AP of the same model. This way I will only need to tweak a couple settings on the additional AP's instead of starting from scratch.
We were having a discussion in my group about startup vs running configs, and how often some network managers forget to "click save" when they configure a switch. Is there a way to configure Ciscoworks to copy the running config to the startup?
I don't know how to copy / paste the ip config so I ss'd it:(url) internet provider is RCN, I have AVG and Malwarebytes installed, I've tried disabling them both and didn't fix it! Anyways my internet was working fine, until one day it just suddenly stopped working. We have multiple computers hooked up to the network (5) and all work except mine. This same problem happened to my sister's computer, she has almost the same model as mine. We fixed it by switching it to wireless, but I was wondering if there was any way around that. It's a HP Pavilion. The box thingie lights up green and everything. I can access the other computers through the network, it's just the internet that won't work.
I am using multiple cisco 2811, 3745 routers and 2950,3550 switches if I need to copy running configuration I have to go to each device and say copy run tftp: <address> Is here any way that automatically by schedule one a week or a month configuration copy from all devices to tftp server?
I have an 877W router that I would like to have a 2nd pre-configured backup for. I was thinking of getting another 870 series (probably an 877) router, as the more expensive wireless option is not actually required. Am I right to assume that I could simply copy the contents of my current config.txt file onto the second router?
We have installed a WLC440 at a school with 30 1131 APs. Only 3 showed up under Wireless tab, and others became rogue APs. Where and/or what do I need to change on the configuration for others to join properly? Have matched the configuration on this WLC with other WLC at the other schools, and still not able to find out where the problem is.
How do I save/copy all of the router configuration entries onto a memory/flash usb drive? I did not configure the router myself (out of town when purchased). I have already downloaded the manual for that router and I want to understand exactly what she (person who configured router) did and identify any mistakes she might have made. Once downloaded, I assume I can print out all configuration settings.
We have two 4400 WLC's. We have around 20 access points in our network.If we assign controller1 as primary for half of the access points and controller 2 as primary for the other half, does this mean the association of the ap's indicate load balancing by the controllers. Does this mean wlc does load balancing as different ap's associate on different controllers. or does it only server as active-standby wlc.
I have a Catalyst 4006 switch in production and a spare switch of same model. I have to quickly copy the configuration from production switch to spare switch (both L2 and L3 configurations) How do I do that?
So we have a Cisco 5508 controller that is managing 15 AP's in one of our buildings.I am running 2 wlans, one is internal access via (wpa) radius, peap and domain login...that works well now
The other is a guest lan, that is only allowed to surf the web.
The question from our security group, is there a way to restrict wireless access to ONLY a corporate approved list of devices.
As it stands right now, we only support Blackberry's as our mobility device. All local data is encrypted. The issue here is our testing shows that with an Iphone (not approved) it is very easy to connect to the WPA network if a user knows how to enter in their domain credentials. From there they can browse our internal web servers and download corporate data to a non approved, non encrypted device such as the iphone.
Any link that will give configuration examples of a wireles anchor config with one controller in a DMZ. I have tried this on my own and have some problems in my test enviorment. I believe my issues were with the firewall but not exactly sure.
I have a Cisco 2125 Wireless Lan Controller and I have problem with hold coverage errors and I had tri different solutions with different antenna, the resume is:The antena gain 10*0,5 Dbi(Using a 5 Dbi antenna or 10 Dbi antenna) with Tx power 1 and the antenna gain 20*0,5 Dbi (using 10Dbi antenna) with Tx power 3 the coverage is the same.
If I try the configuration 20*0,5 gain antenna and Tx power 1 the controller show me one error and the controller don't permit this configuration. Why don't permit this configuration?
I have to install a wireless mesh network shortly using Cisco 1552 APs. This will be controller based using 5508 controllers. The controllers currently have some 1262 APs configured in a mesh and bridging configuration so happy that it all basically works. My question is - what is the "config mesh range' command doing on the controller ( or setting the Range(RootAP to MeshAP) setting on the controller mesh GUI. The default setting is 12000feet and I have left it at default at present. Just interested in what this is used for - I assume it alters the mesh protocol parameters somehow ( or the RF parameters perhaps ) as it suggests in the guide that mesh APs will reboot following this command being changed.
I am actually working in configuring a wireless controller 2504 integrated a windows 2008 server as radius server for authenticating the network users registered in a windows active directory database. The Radius server is a Windows 2008 Server with the rol of Network Policy Server.
I have been following a pair of documents in Internet, but it doesn't work yet.
Which authentication method should i use?...the Windows 2008 NPS doesn't work wtih LEAP, should i use PEAP or there is an another recomendation to authenticate the windows active directory users?
configuration tested working between a cisco wireless controller and Windows 2008 NPS as Radius Server for authenticating the windows network users.
