Cisco :: AIR-WLC4402-25-K9 / Windows 7 With WLC And Guest Access?
Apr 8, 2010
AIR-WLC4402-25-K9 running 5.2.193.0 and I setup guest internet-only access which worked for 2 days. I change both the "User Idle Timeout (seconds)" and "Enable Session Timeout " to 10hours (36000) as guest was complaining he had to re-authenticate again. Anyways, guest was still able to pickup ip address and logs show that life "appears" fine but he had not internet guest access. He had a Windows7 box...anyways, before I can finish troubleshooting, he had to leave....My question is if there is any issues with Windows 7 that others had a problem...or is it the timers I tweaked - or both?
Thu Apr 8 15:19:06 2010User joe logged in. Client MAC:00:12:f0:99:71:ce, Client IP:192.168.55.110, AP MAC:00:00:00:00:00:00, AP Name:N/A15Thu Apr 8 15:09:28 2010User joe logged in. Client MAC:00:12:f0:99:71:ce, Client IP:192.168.55.107, AP MAC:00:00:00:00:00:00, AP Name:N/A
View 1 Replies
ADVERTISEMENT
Aug 18, 2011
Is it possible to allow certain websites to bypass the web authentication pages, so that they do not need to authenticate to get to our own website, but do have to if they wish to go anywhere else?Looking at a 5508 model at the moment
View 4 Replies
View Related
Feb 20, 2012
I have a WLC 4402 on my network. Recently mobile phones can connect to the wireless network and obtain a valid IP address. This IP is pingable from a workstation anywhere else on the network. However, these phones will not display web pages. They come up page cannot be displayed. I even tried putting Google's IP address in the phone's browser and it still did not display. I can connect through the same WLAN via a laptop or iPad. These devices have no problem displaying web pages. I even went ahead and created a new TESTWLAN with no encyption but to no avail. Same results: laptops connect and display web pages and smart phones connect, gain IP but do not display web pages. Comes up page cannot be displayed. This matters not whether its an iPhone or Android platform.
View 8 Replies
View Related
Sep 18, 2011
I have AIR-WLC4402-50-K9 WLC i that current IOS is 7.0.98.218 and i upgraded with 7.0.116.0 IOS but after upgrading and reboot the WLC from 15 access point 3 access point are not coming up and 12 are coing up and working fine (4 1142 and 11 1131 series access point) 3 which are not coimg is 1131 series access point. when i login with console to 3 access point its rebooting 2 times and coming on ap: prompt.
In between that i reloaded the WLC one more time because from 15 acess point only 4 aceess point are came up and i also cleck the show boot on wlc its output is 7.0.116.0 (default) 7.0.98.218 (active) so i reload the wlc and checked out of 15 acess point now 12 acess point are up and still 3 are not. And i also checked the output of show boot command its 7.0.116.0 (default)(active) 7.0.98.218
So i things its because of when 2nd time i reload the wlc the remaining 3 access point are getting.
View 1 Replies
View Related
May 9, 2012
I have two SSIDs on an Autonomous Access Point, that goes to a 2960 switch, that connects to a L3 3560. I have a vlan for admin/private internal access that uses the native vlan (1) and guest vlan (50). I have configured both and I am trying to get both to go out the same Internet connection.
I cannot get the guest access to access the Internet. It looks like my computer will go, but it just comes up saying no Internet access.All interfaces are trunking this vlan properly. I can communicate from the laptop to the 3560 but I just can't get to the Internet.
View 10 Replies
View Related
Jan 9, 2013
Does the N750 (F9K1103V1) support Guest Access while in Access Point mode? It will not provide an IP address when a guest attempts to connect.
View 20 Replies
View Related
Jan 17, 2013
I have an n600 ( F9K1102 v1 , firmware 1.00.09 ). My ISP provides my main router for my network, but I want to use the N600 as an access point, I have activated the "Use as Access Point" feature.Is it possible to still utilize the Guest Access feature in this case?
View 1 Replies
View Related
Jun 9, 2011
My network is such that I want to extend the signal of the GUEST account. I have a WAP54G set up for that purpose and am getting a very strong signal. I can access the main network, but not the Guest, I cannot even see the GUEST access. Any setting change that needs to be made that will allow me to access the GUEST account from the Access Point?
View 2 Replies
View Related
Dec 13, 2012
Here is my setup:
Netgear WNDR3700 - Main router, DHCP turned on
4x Netgear WNR2000 - Setup as Access Points (DHCP turned off), connected to main router via LAN ports
I only want the guest network to have internet access. I have the guest network enabled on the router and access points with the option to "Allow Guest network to access main network" disabled. My problem is that since the access points aren't hooked directly to my modem via the WAN port, the guest network broadcasted from the access points does not have internet access.I have read up on setting up a separate subnet for the guest network using DD-WRT but was curious if there was a way to get the desired result with the stock Netgear firmware.
View 9 Replies
View Related
Jun 19, 2012
I have an WLC with below details:
Model No:- AIR-WLC4402-50-K9
Current IOS:- 4.2.99.0
Upgrade to :- 7.0.220.0
I wants to upgade WLC with7.0.220.0 IOS. My question is that should i go for direct upgarde from 4.2.99.0 to 7.0.220.0 or is there any IOS version i have to upgarde.
View 1 Replies
View Related
Mar 14, 2012
I have one WLC AIR-WLC4402-50-K9 which is hitting some bug. So I done RMA for that devices and now i got the new WLC.Now i want to install that RMA WLC in network. So can any one tell me what is the process for installtion of WLC. I already have the old WLC in working now. Which file backup i need to take from old WLC.
View 3 Replies
View Related
Apr 18, 2012
I try to use EAP-TTLS on one of my wireless networks and the 802.1x authentification fails at this moment:
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.800: 00:16:cb:66:29:bc Processing Access-Accept for mobile 00:16:cb:06:09:bc
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.801: %APF-6-RADIUS_OVERRIDE_DISABLED: apf_ms_radius_override.c:204 Radius overrides disabled, ignoring source 2
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.801: 00:16:cb:66:29:bc Resetting web acl from 255 to 255
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.802: 00:16:cb:66:29:bc apfMsDeleteByMscb Scheduling mobile for deletion with deleteReason 20, reasonCode 2
where I can find what are deleteReason 20 and reasonCode 2?
View 23 Replies
View Related
Oct 1, 2012
info regarding my LAP521 access points that are refusing to join the WLC4402-12.This is my first lightweight access point implementation and I have 3 LAP521's and 1 AIR-CAP3502I-E-K9 access points on my network.They are meant to pick up ip address from external dhcp server and then join the WLC but only the 3502i joins successfuly while the 521's get dhcp address but do not join the WLC. From the logs, I can see that the WLC is discovered by the 521's and even get a response message from the controller but they are still unable to join as shown in the screenshot below.My WLC is running software version 7.0.230.0 and the 521's are running an lwapp image version 4.2.61.8. [code]
View 3 Replies
View Related
Dec 12, 2012
how can i set up a guest access?
View 1 Replies
View Related
Jan 25, 2012
We currently tunnel guests to a 4402 that sits behind our firewall and it's been working well for a few years but I am aware that the 4402 is now EoL so I am exploring alternatives:
We also have several 5508s deployed and I'm wondering if - in any new guest access config - I can allocate one of its free h/w ports to connect to the firewall, even though the 5508 is configured to use LAG.
To put it another way can I configure a new port to a seperate VLAN and not be part of the the LAG'd ports or are you tied to having all ports acting as a group if LAG is switched on?
View 6 Replies
View Related
Dec 6, 2012
We have 2 AIR-WLC4402-K9 devices at a remote location that will both drop their network connections some undetermined time after a reboot. We cannot reach them via telnet, SSH or HTTP. In fact, we cannot even ping them once they drop connection. The only cure we've found so far is to power-cycle the controllers. The controllers are in separate rooms and connected to separate switches. We've confirmed the links are configured as trunks and have the correct speed/duplex settings. I tried updating the IOS & boot loader on one of them but that had no effect on the problem.
View 19 Replies
View Related
Apr 25, 2011
today i upgraded our WLC4402 from 7.0.98.0 to 7.0.116.0. After the upgrade (also bootloader upgrade) the Aironet 1142 AP's do not joint the controller anymore. Error in log:*spamReceiveTask: Apr 26 11:30:46.301: %CAPWAP-3-DISC_INTF_ERR2: capwap_ac_sm.c:1468 Ignoring Primary discovery request received on a wrong VLAN (21) on interface (29) from AP ec:c8:82:ab:ed:00 Nothing changed in infrastructure. AP's are in VLAN 21, AP-Manager interface is in VLAN 21. Ap-Manager, Management Interface and Dynamic Interfaces are in PortChannel (LAG) = Interface 29.
View 8 Replies
View Related
Dec 5, 2011
has WiFi controller WLC4402 mac address table and can I show it somehow?
View 1 Replies
View Related
Mar 12, 2013
I have a Cisco 4402 WLC running version 4.2.112.0 controlling 20+ AIR-LAP1242AG-E-K9 access points running IOS 12.4 (10b). I'm trying to setup an additional AP as MESH. When I try to change the mode from local to bridge, on what will be the rootAP, I get a message stating that bridging is not support on this unit.
View 4 Replies
View Related
Mar 2, 2013
Is there is is any posibility to run WLC4402 and 104x family in H-REAP mode.
View 8 Replies
View Related
Mar 20, 2011
I have two sites.Main site (local) has two Vlans: Vlan1 and Vlan2. Each has its own IP address range.VLAN 1 is the default Vlan and is used for CORPorate traffic. IP range 10.33.4.*VLAN 2 is for guest access to the internet IP range 10.10.10.*I have a WLC4402 on the this site with 2 WLANs: CORP on Vlan1 and GUEST on Vlan2.
Branch site (remote) which has 2 Vlans: Vlan1 and Vlan2. Each has its own IP address range.VLAN 1 is the default Vlan and is used for CORPorate traffic. IP range 10.125.15.*VLAN 2 is for guest access to the internet IP range 10.10.11.*I have an 1141 on this site using HREAP.
Locally, if you connect to CORP, you get a CORP ip address and access to CORP network. If you connect to GUEST, you get a guest ip address and guest access to the guest network. Simple so far....
Remotely, if you connect to CORP, you get a CORP ip address 10.125.15.x and access to CORP network (great). If you connect to GUEST, you get a CORP ip address 10.125.15.x and access to CORP network (not great). This is with the HREAP native vlan ID for the access point set to 2 on the controller.If I set the native vlan ID to 1 on the controller, I can not get an IP address at all.If I do not set the native vlan ID on the controller, I can not get an IP address at all.
View 2 Replies
View Related
Feb 14, 2012
I have one WLC 4402 & arround 29 Access point (1130) in our enterprise network. Wireless users LAN segment is diffrent from wired users.Wireless users like Laptop users, Mobile users & ipad users which are connetced with this wireless & using enterprise network.
Presently we are using WEP mode for security key. This WEP key are week & can be cracked easily. so security point of view i want to put strong encription mode.Presently i do not have any radius server.I found there are some modes are available Like WPA, WPA2 with PSK etc.
will there any problem with wireless users to access application after changing the mode? Which mode will be stronger & could not be crack. Could we achieve without radius server or not?
View 24 Replies
View Related
Sep 1, 2011
Our costumers has implemented 2 AIR-WLC4402-50-K9 with Software Release 7.0.98.0, the wireless infrastructure consist in 2 Root-Mesh-LAP and 8 Mesh connect over-the-air to deploy outdoor coverage.
All the LAP are Aironet 1520 Series Mesh Access Points with equipped with 3 antennas for 2.4GHz and 1 antenna for 5GHz (backhaul).For one year all seems to be ok, yesterday after a power outage of one Mesh-Root-LAP, 5 Mesh-Lap continues reload each 10-12 minutes, on the WLC Log you can see event like a reboot from AP Console, on the LAP console i can capture this event before the reload:
Log on LAP Mesh
%DOT11-6-GEN_ERROR: Error on Dot11Radio0 - Not Beaconing for too long - Current 0 Last 0
%SYS-5-RELOAD: Reload requested by Dot11 driver. Reload Reason:
Radio Not Beaconing for too long ....
LWAPP-5-CHANGED: CAPWAP changed state to DOWN
AP1780-Mesh uptime is 11 hours, 10 minutes
System returned to ROM by power spike
%DOT11-6-GEN_ERROR: Error on Dot11Radio0 - Not Beaconing for too long - Current 0 Last 0%SYS-5-RELOAD: Reload requested by Dot11 driver. Reload Reason:Radio Not Beaconing for too long ....*Sep 1 16:05:43.399: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
What does it mean? That the beacon signal trasmitted from Root-Mesh-LAP cannot reach the Mesh-Lap and so the Mesh-LAP force a reload?Where we should search the cause? In the power instability or in a interference on the 5GHz radio interface?
On one of mesh Lap I found a strange reason for a releoad:AP1780-Mesh uptime is 11 hours, 10 minutesSystem returned to ROM by power spike
Log on WLC
Log System Time Trap
0 Thu Sep 1 17:31:11 2011 AP Disassociated. Base Radio MAC:00:22:be:41:33:00
1 Thu Sep 1 17:31:11 2011 AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:22:be:41:33:00 Cause=Heartbeat Timeout Status:NA
2 Thu Sep 1 17:31:11 2011 AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:22:be:41:33:00 Cause=Heartbeat Timeout Status:NA
[Code]....
View 7 Replies
View Related
Feb 11, 2013
I understand you can have a guest wireless setup on the newer Access Points, and trunk (cisco term) the 2 VLANs and seperate them out with Access Control Lists so they don't talk to each other, but I would rather just give the VLAN 480 it's own DHCP from the router.
[code]...
View 6 Replies
View Related
Jan 28, 2012
Is it possible to provide wireless guest access over the WAN from another office via the WLC. I have WLC 5508 in a central office and have other remote offices that have one Access Point in each office that are autonomous; I will be converting these to LWAPP. Is it possible to route guest traffic back to the WLC then forward this traffic out to the internet? How would I route this traffic out as well? install a secondary WLC in the DMZ and use anchor points. I only have one WLC
View 7 Replies
View Related
Oct 11, 2012
It's my intention optimize our business WiFi network.Actually we don't have a "Guest" access.Probably WAP321 should be the best solution for us.We will need 3 WAP321 to cover offices area.I have different questions/doubts about Captive Portal functionality.using 3 different WAP321 everyone has the "captive portal" feature, or you can configure only one of the three the feature of "captive portal"?if is possible to configure only one of three the feature of "captive portal", the others WAP321 trusting the authentication?what is the ip address released from the "Captive Portal"?all Guest user have the same username and password?
View 1 Replies
View Related
Dec 2, 2012
We have a 2106 that was configured by a former employee. No one left in the company is qualified to configure it. The wireless guest access used to work fine. We'd configure a guest user account. They would connect to the guest wireless, open a web browser and login. For some reason now there is no prompt for login. People can connect to it and get an IP address, but that's it. No login prompt or anything else from there.User Login Policies was set to 0 and I put it to 8. That didn't do anything. Under Web Auth > Web Login Page it's set to Internal (Default).
View 5 Replies
View Related
Feb 3, 2013
I'm looking to implement guest WiFi access with web authentication on one of our 5508 WLC (currently deployed within a sandbox environment), but looking for some assistance. The WLC currently has a single connection from port 1 to the 'Test Site 2' switch. This is a dot1q trunk. On the WLC, the interface (for port 1) is configured as follows: [code] Currently, I have one WLAN configured with the profile name 'Guest Test 1', it's enabled and broadcasting the SSID. Security is L3 only with web authentication configured. The WLAN is configured to use the interface names "guest_wifi".
The issue is that when a client connects to the WLAN, it receives an IP address okay (10.99.254.x address), but doesn't seem to be able to contact the WLC to get the web authentication page. Eventually, the WLC terminates the connection due to an authentication failure.does it sound like I'm taking the correct approach here? The idea is that clients connect to the guest WLAN, which puts them on VLAN 99 and routes traffic through to the ASA and then onto the internet.
View 13 Replies
View Related
Mar 23, 2011
We have a 4402 wlc setup for guest network access. We are using the local net users to provide access to our guests. We have an issue where if a user signs in through the web, sometimes but not always, they are then forced to keep signing back in almost every 30-60 seconds.
View 8 Replies
View Related
Jun 6, 2012
my question regards to a pair of WLC 4402 with 7.0.98.0 software.Actual, our security policy does not really allow any peer-to-peer communication in a wireless LAN. Therefore we set the 'P2P Blocking Action' to drop, and the 'Broadcast Forwarding' feature to disabled (default).But now there is a special requirement for two mobile endpoints to communicate with each other, because one device controls the other.To test the communication, we first disabled P2P Blocking (without success) and further enabled Broadcast Forwarding to bring the communication up. Now it works, but the configuration disagrees with our policy.
1. Is there an alternative configuration as described possible, so that we do not violate the security policy? To allow only p2p connection between the two devices, ist should also be possible to drop any else by an ACL. But how to fix the problem with the broadcast, because of the needed ARP? My idea was to use a static ARP entry, but as far as i know, one of the both devices is not able for it.
2. Because, I did not find any detailed documentation:
2a. with enabled Broadcast Forwarding, the controller forwards all broadcast for any configured SSID, right?
2b. is the broadcast limited to the source VLAN/SSID?
2c. is the broadcast limited to an AP, to an WLC, or is it broadcasted to every AP on every WLC that has the relevant SSID?
we already have two new 5508 but not in an operational state now, because we plan to implement new 3600 APs.Do these WLCs offer more/another circumstances or possibilities?
View 1 Replies
View Related
Jan 2, 2013
I'm trying to connect to my wireless network using an android device with certificate but with no success.I'm using a WLC4402 7.0.235.3 SSID Security (WPA2 Auth802.1X + CCKM) [code]
View 7 Replies
View Related
Dec 6, 2011
Trying to implement HREAP over WAN between main and remote site. The WLC4402 is on main site. There will be a secondary DHCP at the remote site. Does the switch at the remote site any preparation?
View 4 Replies
View Related
Jun 21, 2007
I made a lot of tests during some days with a wlc4402 and everything was ok.
One day when I tried to reset the system I had a lot of errors (see attach) and could not go on. After changing the image the following output appeared: "RAM Disk Image Integrity Check Failed (Bad Magic Number) Hanging". Now I have no response from the controller.
View 4 Replies
View Related