Cisco :: 5508 / Unable To Telnet And Tftp To Controller
Jun 2, 2013
5508 controller is at the headquarters which can be normally pinged, telnetted, http'd and tftp'ed....at the remote site, controller can be pinged and http'ed but cannot be telnetted and tftp'ed.there is a complete tracert from the remote site pc all the way to the controller.from a switch at a remote site, the controller can be telnetted. but from a pc on the remote site (which belongs to a remote site vlan), it is unable to telnet and tftp the controller.all active components can be telnetted from the remote site, such as the core switches and routers at the headquearters, except the controller.upgraded the controller code to 7.2.xxx in headquarters but still unable to telnet and tftp the controller from remote site.is there any more settings on the controller for telnet and tftp?what could be the problem why the controller is not available for telnet and tftp from the remote site?
View 12 Replies
ADVERTISEMENT
Aug 19, 2012
I'm having some difficulties configuring my Cisco WLC (5508) - ver 7.0.230.0 .I'm have multiple client device residing on same vlan associated to the WLC but unable to telnet over port 8090. However, when inter-vlan, client device able to telnet over port 8090.Say Machine A as application hosted machine and Machine B as client machine; [code] i should be looking on the WLC to allow telnet port 8090 over from Machine A to B within the vlan .
View 2 Replies
View Related
Aug 12, 2012
I have a question about my ASA 5520, it worked well till two weeks ago, and suddenly cannot be accessed by SSH/Telnet/TFTP....only can use the Consoel port to access it now, but other VPN/ACL setting working well. [code] If I enabled the outside access for SSH like below, it works well for outside port.ssh 0.0.0.0 0.0.0.0 outside.
View 3 Replies
View Related
Apr 5, 2013
I have a 5508 wireless controller running version 6.0.199.4 (the image installed when the device was shipped) and I am trying to install by tftp version 7.3.112.0
The issue is when using tftpd32 gets to 82% transfered then fails with the error "% Error: Code file transfer failed - Error while writing output file"
View 7 Replies
View Related
Aug 20, 2012
I have a 5508 at a remote site and a 5508 at my main campus. I was doing some work on the remote site's controller, so I changed option 43 on our DNS/DHCP system, then applied an LWAPP template from NCS to the AP's to migrate them to the controller at my main campus (so users could still utilize the wireless at the remote site). They all moved over to the temporary (main campus) controller without an issue.
When I was ready to migrate the AP's back to their local (remote site) controller - I changed option 43 for each sub net that contained AP's @ the remote site to point back to their local controller's management IP address, pushed an LWAPP template again (pointing it to the local controller obviously) and apply template/reboot AP.
The AP reboots, disassociates from the main campus (temporary) controller, but when it comes back up a few minutes later - it associates BACK to the main campus controller it was on instead of to the remote site/local controller like option 43, the LWAAP template (and my frustrated screams) are now telling it to. I'm certain I'm just missing something.
View 13 Replies
View Related
Apr 3, 2013
I configure IP address on the management interface port 1 of 5508 controller when i connect it direct to my laptop i can't ping or access controller from my laptop even i connect through layer 2 switch still i can't not.
IP Address of management interface : 10.21.0.50
Laptop IP Address : 10.21.0,51
View 13 Replies
View Related
Feb 23, 2012
In our test set up, we have two WLC 5508 Controllers connected via Checkpoint UTM-1 firewall Inside and DMZ Interfaces. Both the WLC controllers are connected to the firewall via Cisco 3750 switch. On the Local (Inside) Controller, guest SSID is enabled and attached to the wireless management Interface. On the remote anchor controller, guest SSID is enabled and attached to the Management Interface as well. The following configs are replicated on both the Controllers.
SSID Name - guest
Interface - Management ( VLAN 10 on Local and VLAN 20 on remote) -
Mobility Group: Same configs at both ends
SSID Anchor : Anchor SSID on local and local SSID on Anchor.
AP: CAPWAP 3502 Management Subnet
[code]....
Is there any thing missing in the wireless configs and or the firewall rules as i could not see DHCP request back from the Anchor Controller. Also, after DHCP is obtained, the web authentication request will be redirected to an Amigopod device for authentication. In this case is the redirect URL congiguration to be performed only on the Anchor Controller or is this to be replicated on both the Local and Anchor Controllers.
View 8 Replies
View Related
Jun 13, 2012
I have to upgrade our Wireless LAN Controller modules inside 2811 routers.I downloaded files from Cisco site, verified MD5 hashes and hoped it will be pretty easy.the problem is, that WLC is only capable of code upgrade via TFTP and that the image size is ~80MBTFTP transfer hangs at approximately 64MB at the exact same packet number[CODE]
View 4 Replies
View Related
Nov 6, 2012
output are here
*Mar 1 01:28:21.018: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 01:28:21.022: %LWAPP-3-CLIENTERRORLOG: bsnSetCurrentBHRate : fail to set
radio control and data rate
*Mar 1 01:28:21.179: %CDP_PD-2-POWER_LOW: All radios disabled - AC_ADAPTOR (00
00.0000.0000)
*Mar 1 01:28:21.984: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEth
ernet0, changed state to up
*Mar 1 01:28:34.341: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigne
d DHCP address 192.168.10.244, mask 255.255.255.0, hostname AP2c54.2d0d.c3c4
View 1 Replies
View Related
Jan 8, 2013
I have WLC 5508 in my office and i am asked to backup file configuration from WLC but when i remote WLC to get the upload configuration file via tftp it doesn't work.
But when I try to use direct connection ( point to point ) with WLC and my laptop i can get the upload configuration file. is there something wrong, actually i have connected with that WLC i can ping and telnet that device
View 8 Replies
View Related
Aug 12, 2012
I know that the 3600 series APs are not supported on the 4404 WLC. However, would the following scenario be supported? I would like to use the 4404 (software rel. 7.0) as a guest anchor with a 5508 (software release 7.2) as the foreign controller supporting series 3600 APs. I ask because the APs do not need to join the guest anchor.
View 7 Replies
View Related
Jun 2, 2013
We have a customer that have 2 5508 as primary and backup controller and a 4400 as an anchor controller. We plan to upgrade the 5508 to 7.3.112.0 and the 4400 is already 7.0.116.0. Will there be any issue if the anchor controller is not the same code as the foreign controller? Do I also have to upgrade the acnhor controller to 7.0.240.0?
View 2 Replies
View Related
Nov 8, 2012
I'm trying to upgrade my 2950G-24-EI via tftp but it looks like the sw can't transfer any of the files completely or with errors. I downloaded the BIN+TAR files from Cisco (and from another site) matching my Catalyst and opened an TFTP server on my PC. The files are :
c2950-i6k2l2q4-mz.121-22.EA14.bin
c2950-i6k2l2q4-tar.121-22.EA14.tar
[code].....
View 6 Replies
View Related
Aug 16, 2011
I was trying to upgrade from 8.3.1 to 8.3.2. but I am unable to copy via tftp to the ASA flash or disk0:
ASA5520# copy tftp: flash:
Address or name of remote host []? 10.88.127.153
Source filename []? asa831-k8.bin
Destination filename [asa831-k8.bin]?
[code]....
Half way thru writing to the disk, it goes for a reboot. There is more than enought space on the disk0. I tried copying via a Compact Flash, but the ASA is not detecting the Compact Flash (which I thinks should be disk1). I tried copying a asdm file, even that also went for a reboot.I am stuck now, unable to upgrade
View 12 Replies
View Related
Jul 27, 2011
I m unable to take backup of Switch c2960 using
#Copy flash: tftp
while i m taking it show some error
t#copy flash: tftp:
Source filename []? c2960-lanbasek9-mz.122-44.SE6
Address or name of remote host []? 10.23.120.15
Destination file name [c2960-lanbasek9-mz.122-44.SE6]?
%Error reading flash:c2960-lanbasek9-mz.122-44.SE6(Is a directory)
sh flash:
Directory of flash:/
2 -rwx 1919 Mar 1 1993 10:27:17 +05:30 private-config.text
3 -rwx 11056 Mar 1 1993 10:27:17 +05:30 config.text
4 -rwx 804 Mar 1 1993 05:30:42 +05:30 vlan.dat
6 -rwx 2072 Mar 1 1993 10:27:17 +05:30 multiple-fs
7 drwx 192 Mar 1 1993 05:37:02 +05:30 c2960-lanbasek9-mz.122-44.
SE6
View 1 Replies
View Related
Sep 3, 2012
I am facing an issue with a cisco 877 router. I am not able to telnet to this router from outside using the public IP. I have also notices this works when the Nat is removed.
View 7 Replies
View Related
Oct 31, 2011
I am unable to Telnet/SSH/RDP from my inside network to my DMZ. I am not sure where the problem lies, I am able to use VNC from the inside to the DMZ (ports 5800, 5900), and also establish connection on Ports (26700-26899). I have a computer connected directly to the DMZ and those services work to all networks on the DMZ.I have attached Logs of successful VNC connections, unsuccessful RDP and Telnet sessions, and the running config.
View 23 Replies
View Related
Aug 1, 2011
We have a router that was installed a few months ago which has the following version: 15.1(3)T
I am unable to reverse telnet to a new ASA firewall, however when I move the console to a second older router with an older version of code I am able to reverse telnet
Are there any known bugs, issues with version 15.1. I use the following command as normal: telnet x.x.x.x 2001
View 5 Replies
View Related
Feb 7, 2012
The network is set up like this.
Host -----> 3750 (classic) running IPSERVICES stack ----> 3550 router -----> VPN 3005 Concentrator.
IP routing is disabled on the 3750 (it's acting solely as a switch) IP routing is enabled with an EIGRP process running on the 3550 router that has the network for the 3005 broadcasting.
I can ping the vpn 3005 concentrator from a telnet session in the 3550 but not from the 3750.I can ping between the 3750 and the 3550 vlan management interfaces. Visually speaking it's like this
3750 ------> 3550 [Success!!!!]
3550 ------> VPN 3005 Concentrator [Success!!!!]
3750 ------> 3550 --xxxx--> VPN 3005 Concentrator [Timeout....]
I know this because I tracerout to the 3005 from the 3750 and it resolved the default gateway configured for the 3550 properly but then started timing out.
The 3750 is trunked to the 3550.
3750 is vtp client mode
3550 is vtp server mode
I'm wondering if there's a layer 2 issue involved here as it is a VTP domain and maybe it's not returning properly.
View 2 Replies
View Related
Apr 21, 2013
I want to use a 5508 as an anchor controller for a wireless guest deployment....but the client has internal 4402's controllers, with software version 7.0.235.0...is it possible tu mix these two controllers for a Wireless Guest Access Deployment??
View 3 Replies
View Related
Oct 2, 2012
A wlan on my controller is configured for WPA2, AES encryption and a PSK. A vendor will supply me with a wireless device for this wlan. The vendor asks if we use AES 128 or AES 256. I had always believed we use AES256 but I can't verify this. How can I verify this to the vendor?
View 1 Replies
View Related
Mar 21, 2011
Seems that all solutions are null and void for us because we are not using SNMP v3 or H.
We are using SNMP v2, We have upgraded our WCS to latest version as well as the controllers. I have 6 controllers currently added although they are on WiSM blades.
We are unable to add the 5508 Controllers, we keep recieving this error -
No response from device, check SNMP communities, version or network for issues.
I have confirmed all connectivity is working, even with a debug on the controller you can see it sending SNMP packets to the WCS, although still same error.
View 8 Replies
View Related
Jan 9, 2013
I have a wireless controller 5508 and all my interfaces can be accessed via https or ssh from a wireless client. Management access from a wireless client is disabled so I don't understand why this is happening.
View 10 Replies
View Related
Nov 29, 2012
We have a customer that is looking to allow only static IP addresses onto the wireless network via the new 5508 we are putting into place. I can see where to require DHCP but not the opposite.
View 4 Replies
View Related
Aug 16, 2012
Is it possible to block outside P2P traffic on a guest wireless network using an ACL on the controller? I know we can do it our firewall
View 6 Replies
View Related
Sep 12, 2012
i'am trying to configure an AP1121g on my controller wlc5508 7.2 but i'am facing a compatibility issue.
View 5 Replies
View Related
Sep 30, 2011
I have a 5508 controller at our headquarters and am installing some 3502 AP's at a remote branch. Unfortunatly, the remote branch has a different Vlan setup for some reason and the vlan that is used for the WLC (90) is designated for telephony at this branch. Can I put the AP's on a different VLAN (10) without having any issues? I will still use DHCP option 43 to point them back to the controller. Below are the configs for the WLC interfaces and what I am proposing for the AP interfaces:
WLC Config
interface GigabitEthernet1/1/38
description WLC01
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 90
switchport trunk allowed vlan 1,10,50,90,91,390,410-413,610-613,800,810,811
switchport mode trunk
[code]......
View 3 Replies
View Related
Mar 29, 2012
Web Auth on 5508 running 7.2.103.0.
Issue 1: I have been trying to configured Webauth bundle however it seems that is not working.
1. login.tar created use picozip contains 3 files: login.html, terms.html, and logo.jpg.
2, uploaded via FTP to controller successfully..
3, no issue when i tried to preview on the controller
However users unable to see the login page when connected to guest wifi. when the user tried to connect cisco.com, on the browser address shows that the page redirected to url... however internet explorer / firefox display "Connection reset error".During this time, if i ask the user to type url... they can see the default login page, so no issue on connectivity to the service port.
Issue 2: Since i couldnt make that work, i have use default webauth internal. its all good. then when i tried to upload customlogo.jpg (18k size). User able to see the login page however not the logo. it shows broken image icon on the web browser. --> i can see the logo when i did preview on the controller.
Issue 3: last resort if i couldnt get the answer by sunday, how do i delete or remove the customlogo ?? so by monday users will not be seeing any errors on the page.
View 7 Replies
View Related
Nov 13, 2012
Cisco 5508 Series Wireless Controller for up to 100 APs 802.11a/g/n Ctrlr-based AP w/CleanAir; Ext Ant; E Reg Domain..For Mobility i want to settup the device such that the SSID would be the same with thesame security key and in different subnet.
View 5 Replies
View Related
Mar 6, 2012
I can not get our 3602i AP's to register with our 5508 controller which is running 7.2.103.0 code. We keep seeing an error in the log on the WLC "AAA Authentication Failure for UserName:c46413c08e92 User Type: WLAN USER" and on the Access Point we are seeing [code]
I entered the CAPWAP ap controller ip address directly into the AP so it shouldn't be an option 43 DHCP issue
View 15 Replies
View Related
Feb 10, 2013
I use WLC 5508 (ver 7.0.116.0) with aironet 1140. I need to connect my APs to different controller .After log in via ssh to AP i am trying to do:
capwap ap controller ip add x.x.x.x
reset
But after reload, AP is still joined to the old WLC. So another idea was to log to that WLC and put:
config ap primary-base WLC2 AP_NAME x.x.x.x
and after that:
config ap reset AP_NAME
But still nothing, it's joined to another controller although "show ap client config" shows that primary-base switch is x.x.x.x ?How can i force it to join to other controller?
View 3 Replies
View Related
Jan 29, 2012
We are looking to upgrade our 5508 wireless controller from 7.0.98.0 to 7.0.220.0. Reason being, we have experienced a lot of access points disassociating from the controller as well as client authentication issues. Upgraded from 7.0.98.0 to 7.0.220.0 and any issues during the upgrade or after the upgrade?
View 3 Replies
View Related
Nov 26, 2012
We have a WLC (5508) in our main office in Brisbane that is hosting two WLANs. One provides wireless access to our internal network and the second provides wireless guest access. The guest WLAN is anchored to a controller sitting in the DMZ at our Data Centre.
In the DMZ the anchor controller has a management interface and an interface in the DMZ for the wireless guest access. I am using the DHCP server on the anchor DMZ to provide IPs etc to wireless guest clients. The default gateway is 10.8.144.1 which is a VIP or a pair of firewalls.
Initially everything works fine. Guests connect to the guest network, have to authenticate via a web portal (Cisco ISE server) and then can go on an use the internet. Works perfectly until the firewalls fail over and the secondary firewall takes over the VIP address. All access to the internet is lost at that point. If I try to disconnect and then reconnect a wireless client it connects, as in it will get an IP address, but DNS resolution stops and I do not get redirected to the web auth portal. If the firewalls are failed back to the primary then everything works again, no issues. However, if I reboot the WLC while the secondary firewall has the VIP IP everything will work fine as it did on the primary. If the firewalls now fail over to the primary again everything goes to ****. Until either the firewalls are failed back or the anchor WLC is rebooted.
Initially I thought this was an issue on the firewall, but this doesn't appear to be the case. When the firewall fails over it sends out a gratuitous ARP advising of the change in MAC address for the 10.8.144.1 IP address. The WLC seems to update its ARP table because if I run the command "show arp switch" it has the 10.8.144.1 IP address with the MAC address of the active firewall. From the client perspective I have run a wireshark and captured packets on the wireless interface when trying to connect. The laptop is continuously send ARP requests for 10.8.144.1 but gets not reply. Without this the client cannot send an ethernet frame to the gateway and hence get to the DNS server and WEB portal. Internet access breaks. Doing a TCP dump on the active firewall shows it receiving and then sending a reply to the ARP request. It just never gets to the wireless client. Debugging ARP packets on the anchor WLC seems to indicate that the controller is receiving the ARP replies from the firewall. So I'm at a loss as to why things should break when the firewalls fail over.
I have a 3750 switch in the DMZ with SVI of 10.8.144.4. I thought I could get a work around where I would make this the default gateway. The theory being that this interface MAC address would never change. However I was wrong. Even with this IP set as the gateway address for the wireless clients I see the exact same bahaviour when the firewalls fail over. I can't explain it other than to say that the gratuitous ARP sent by the firewalls seems to kill the ability of ARP replies to be sent back to the wireless client.
View 3 Replies
View Related
