Cisco :: How Many 5508wlc Be Added To Mobility Group
Jun 23, 2011How many WLCs 5508 can you add to the mobility group?
View 1 RepliesHow many WLCs 5508 can you add to the mobility group?
View 1 RepliesI have a Question i am testing mobility group with Failover for redundend connection between 2 Cisco 5500 Wlc.On both the controllers i got the mobility working And both the controllers have the same version.And configuration. But when i unplug the main controller the access-Points don't convers to the second one .The just keep on creaming can't find the main controllerAlso with this thus the second wlc need to have the same.Interface ip address like management.
View 8 Replies View RelatedIt seems the 7.3.101 version Mobility group peer cannot up,: refer to the attach,
Peer 1: version: 7.3.101
Peer 2: version 7.0.98
Peer3: version 7.2.103
Today we got new two WLC for Anchor use, and config the mobility group, but it's failed and cannot up, the ping is ok.
I recently add a second CT5508 to the network, but when I tried to add the first 5508 to the mobilty group I received a message like this:
"error in creating member"
I've tried different mobility names, via GUI, via CLI and always the same error.
I've verified twice or more than twice connectivity issues or any error on the entering the MAC and IP of the controllers, everything is fine.
I'm using version 7.0.116.0
I have to WLC's a 4402 and 5508 in a mobilty group. they are both running 7.0.116.0. They are configured to use Web Authentication. We are having complaints that Users are having to re-authenticate when moving around the office. My theory is they are moving from one WLC to the other and then requiring to re-authenticate.
View 5 Replies View RelatedI am setting up officeexten. I have placed the officeextend wlc in the dmz with an mgmt ip of 192.168.10.2. in the process of anchoring this to the internal wlc. Also the ip on the firewall for this interface is 192.168.10.1
1. does the mobility group need to match the same on the internal wlc ?
2. Now do i need a NAT transnational on the firewall for the external WAN ip (AP primed address say 66.10.10.10) to NAT back to 192.168.10.2 ?
3. The 5508 WLC is running on ver6.0.199.4 (license level base) - will this support office extend?
I read the configuration guide about the 7.3 release. And I figured out that you will need a hash key for establishing a mobility group relation between a controller and a virtual controller. The 7.3 release for the 5500 series works fine for me.But the latest release 7.0.235.0 for the wireless lan controller series 4400 does not have a functionality to add a hash key while creating a new mobility group member.The command "config mobility group member hash" is totally missing. How to establish a mobility group between a 4400 controller and a virtual then ?
View 2 Replies View Relatedfor some reason our wlan-controllers were build up to be standalone instead of beeing one mobility-group. I would like to change this in order to use all features of HA.
let me describe our scenario: two WLCs 5508 running SW ver. 6
- same subnet
- both are running in master controller mode
- different hostnames, ip-addresses, etc
- all settings for WLANs and AP-groups (exept the APs themselves in these groups) are the same
- in total at this moment we are running around 100 LAPs configured one half on WLC#1, the other half on WLC#2
I don't know exactly why, but when that setting was installed, someone already configuredHA for each accesspoint... e.g.:
- AP#1 primary WLC#1, secondary WLC#2
- AP#2 primary WLC#2, secondary WLC#1 but without WLC#2 knowing the configuration for AP#1 it makes no sense, correct?
so my question is: how should I do the migration in the best way?
is it easy as:
- disabling master controller mode on WLC#2
- configuring both WLCs into one mobility group
--> WLCs are negotiating their configurations for the APs
I have a 4400 and a 5508 WLC in the same location We want to be able to roam between ap joined to both the 4400 and the 5508 using only one ssid
Do I only need to create a mobility group and add both WLC then create only one WLAN on one of the controllers and it will be shared across bot WLC.
I have a customer buys 12 x WISM and build up a mobility, when I add the final WLC to mobility, it prompts that there mobility group has reached the max of mobility member, but the total member is 23, according the configuration guide, it should be allow to 24 member, do I hit some bug? My using version is 7.0.98.0.
View 5 Replies View RelatedI read the configuration guide about the 7.3 release. And I figured out that you will need a hash key for establishing a mobility group relation between a controller and a virtual controller. The 7.3 release for the 5500 series works fine for me.
But the latest release 7.0.235.0 for the wireless lan controller series 4400 does not have a functionality to add a hash key while creating a new mobility group member.
The command "config mobility group member hash" is totally missing.
how to establish a mobility group between a 4400 controller and a virtual then?
We are looking to setup a guest WLAN, and I have a dedicated port connected to our backup cable modem. On our old 4400 WLC I had specific ports assigned to interfaces. We upgraded to a 5508, and for the life of me I cannot figure out where to do this. On the 5508, under interfaces, there is no option to list a port under Physical Information. Our 5508 is running 7.2.111.3 software.
View 2 Replies View RelatedOne of our customers wants to update the firmware of a 5508 wlc, but always gets the following error message: Error Message %UPDATE-3-INV_FILE_SIGN: Error! Invalid image signature!. Image may be corrupt.but the same image works fine on another 5508. The update was downloaded via a smartnet for the wlc, on which the update works fine. does the customer has to download another image for the second controller, or should the image work on both wlc?
View 1 Replies View RelatedCurrently the guest wireless users are maintained by WCS 7.0.172.0. I'm having a project to set up another 5508WLC in one location to replace the WLC in use in different location. My concern is regarding the guest user accounts. Can I use the feature of "Save Guest Accounts on Device" in WCS to save all the guest accounts on another WLC? I tried this feature and I got the message of "Successfully saved Guest users to the following respective controller(s) where they were applied". I don't know if it is because there is currently only one WLC in the WCS or the account can only be saved on the original controller where it was created.
View 1 Replies View RelatedWe have;
3 - 5508WLC
1 - 4402 WLC
Cisco Prime 1.3
25 - 3502i
We have 25 remote sites that use MPLS back to the company HQ that has one connection to the internet.Also at the HQ we have a seperate ISP connection.The remote sites and HQ have AP's which provide internal company access. We would like to have a seperate Guest WLAN at these remote sites to provide access to the ISP connection at the HQ's. Do we need to have an anchor controller? From documentation I have been reading it looks like anchor controllers are mostly used for networks that have a single connection to the internet and they use the FW to control/ secure the guest and company network from each other. Is there a differnt way of seperating the guest wireless and company wireless network securely from each other but use the same WLC's and AP's??
We are re-designing our wireless network and are navigating the security options.Are design will include a 5508 WLC and 3600 series APs. We plan on breaking our wireless out into four VLANS.Is 802.1x the standard for wireless authentication?What EAP flavor would you recommend for wireless? We will be supporting an environment with a variety of mobile devices (iPhone, iPad, HP tablets, Dell laptops, etc.). We will also be supporting wireless Cisco VoIP phones. Someone suggested choosing between EAP-Fast or EAP-PEAP, does this seem reasonable? Also, if we want to authenticate users using their AD account, we need to have NPS running on the AD server and use the radius protocol from client to server, is that right?
View 1 Replies View RelatedI try to map LDAP Group to ASA Group policy following documentation:
[URL]
This is a config for ASA 8.0. I would have expected it to work on 8.4 as well but I do run into problems. The mapping as shown in LDAP Debug and ASA Log will actually happen but it is overwritten by the "GPnoAccess" Group Policy configured locally in the Tunnel Group. From earlier works with RADIUS I would have expected the user specific Attribute to be "stronger"?
ASA Log:
AAA retrieved user specific group policy (correct Policy) for user = XXX
AAA retrieved default group policy (GPnoAccess) for user = XXX
I am installing LMS 4.0 in my site newly I have nearly 1000 devices in network .When i had tried the autodiscovery mode using ping sweep method the devices are getting discovered but showing us unreacheable . All the devices are going under unreacheable no devices are getting added to the DCR .SNMP settings are configured correctly.
whether the autodiscovery will add the devices to DCR or i need to add the devices manually.As per my requierement i need to configure below things , is it possible to configure the same
1)LMS as SYSLOG server
2)LMS should send EMAIL notification if device goes down , interfaces goes down , memory / cpu goes high ,switch module goes down
3)Need to know if cisco releases new device packages how we will update to the cisco works .
i have planned a deployment with one acs in Europe working as primary, one acs in europe as secondary and one acs in USA as secondary also.
I can add one acs in europe to the deployment as secondary. When I try to add the acs in USA to the deployment - Nothing really works.
The status shown in the primary is offline (red) and status pending. It stays like this for hours. When I log in to the gui directly on the acs in USA, it still has status primary.
The two acs are transparently connected. There is WAN optimization (cisco waas) in between the two datacentres..
We have just installed LMS 4.0.1 and started to discover parts of the network. After the discovery process finished successfully - 100+ new devices were added to DCR message - I was able to see the devices by clicking on their number but when I go to Inventory-Add/Import/Manage Devices I cannot see any device in the Group that I created.If I restart the CiscoWorks Daemon Manager process the newly discovered devices are added to the custom Group. This seems like a bug as I had a LMS 4.0 evaluation installation a few months ago and device discovery was working fine meaning the devices were added immediately to the Inventory.
View 4 Replies View RelatedI am pretty new to Cisco - and I have a little 506E that I love. I got it working with my first scenario where I have one server that is my web, and e-mail server.I also opened the RDP port so I can remote into it. The IP's for the old server are internal 192.168.1.23 name ferbweb-external 71.12.111.219 name ferbwebpub. Now - I need to add another server in the exact same way with the same ports 80, 25, and 3389 open to the outside - IP's internal 192.168.1.31 name ferbmail and external 71.12.111.220 name ferbmailpub.I can get to all of these ports on the new server on the inside network - so that is not the problem.So, I went into the config, copied the statements for the old server, and changed them for the new server and added them to the config. I can still get to the old server from the outside fine, but cannot get to any ports on the the new server from the outside at all.I have done a lot of research, and cannot find what I am doing wrong.
View 6 Replies View RelatedI have the Cisco Router 861 whit the IOS c860-universalk9-mz.150-1.M7.bin. I have created a Vlan, but when I create a second vlan, I have this message: "Vlan can not be added. Maximum number of 2 vlan(s) in the database.
I need to add more than two vlan.
Note If you configure VPN, the client dynamically adds invisible NAT rules to the end of this section. Be sure that you do not configure a twice NAT rule in this section that might match your VPN traffic, instead of matching the invisible rule. If VPN does not work due to NAT failure, consider adding twice NAT rules to section 3 instead.
View 2 Replies View RelatedBy reruning discovery with new seeds etc I have more devices discovered. Howeverr they are not shown in the inventory, only in the Device Discovery Summary however.
View 10 Replies View Relatedwhen we add new switch to STP converged enviroment, switch flush the data from the data base.how to protect database from deleting the information
View 10 Replies View RelatedI recently installed a wireless printer and all seemed to work well until the next day. I am able to get on the Internet with my iPad but not my PC. I've tried winsock fix, ipconfig, netsh commands and other stuff but I can't connect to the Internet. When I tried to run ipconfig/all here's what I got:
An internal error occurred:The request is not supported.
I am researching on the behaviors of routers when MTU is increased beyond the MTU set in the routers. Also, when I use jumbo frames instead of normal MTU, how does it affect the network. So, what I plan to do is
LAN_A -- > blackbox --> WAN --------> WAN --> blackbox --> LAN_B
All the traffic coming from LAN_A will be of size 1500 Bytes or less. The blackbox in the center will add an overhead of 4 bytes, recalculate the CRC and transmit the packet on the WAN side. I wanted to know that:
1- if my LAN router and WAN router, both are set at 1500 MTU, then will WAN router drop the packet if it receives a packet greater than 1500B ?
2- If i keep my LAN side to 1500 MTU and I switch my WAN router to Jumbo frames, how will this configuration affect the complete network ? Will it work or not ?
3- I want to add the overhead on every packet coming in from LAN side, so, what options do I have to achieve this goal ?
PS. All types of traffic can come from LAN side.
I added the network printer cum scanner - cm1312, going to control panel >> add printer >> etc. etc. Now I can print. But there is no scanner installed. What I can do?
View 5 Replies View RelatedI added RAM to my HP Pavilion a6000n PC, and the only downside is that it no longer identifies the Netgear WNR1000v2-VC router as wireless.I run Windows 7 - have Comcast Internet and have an Arris TM722 modem.The modem and router were supplied by Comcast.I reloaded the cd that came with the router, everything appears to be on the hard drive, but the wireless is still not "enabled". The computer shows the connection as a local area connection, even though the modem and router are connected to each other and the pc.
View 2 Replies View RelatedI have a friend who asked me how he could stop his children accessing porn etc on their ipods etc that they pick up from a wireless router.Is it possible to route a wireless signal through a computer that has parental controls?
View 1 Replies View RelatedI am doing an evaluation of LMS 4.0. I have loaded the system on Windows and manually added my core 3750 switch into the system. Device availability is showing the device as available. However, the other pollers like link utilization, error count, etc. all show that there is no data. When I go into the poller config, the pollers for link utilization and errors show 0 devices associated and a status of "instance not found". The CPU and availability pollers show active with my one device added. I have verified the credentials and if I go into Inventory -> Port and module and select my 3750 I do get a list of all the interfaces and the descriptions so LMS is connecting to the switch and pulling data.
So how do I get the pollers for link utilization and errors to start populating data?
Second question, during install I did configure the software update section and it said there was an LMS 4.0.1 available which I told it to download. Now I have a psu_download directory and some more directories like cm, cmf, etc. but I don't see any file on what to do with them. What do I need to do to install the new package files that were downlaoded to psu_download?
I have run out of public facing IP addresses and I need more. Assuming I have been issued 1.1.1.0/24 and my new/additional range/subnet issued is 2.2.2/0/24 - Can I carry on with the same configuration on my ASA5510 and just add static NAT for new services in the 2.2.2.0/24 range.
i.e.existing config
route 0.0.0.0 0.0.0.0 1.1.1.254 (upstream ISP)
Interface outside ip address 1.1.1.1 255.255.255.0
NAT 2.2.2.1 to 10.1.2.3
or, assume my ISP will deliver 2.2.2.1 to my outside interface (1.1.1.1.1/24) and if my NAT is in place it will get delivered to 10.1.2.3 inside.
or, put another way I dont need change my set-up as I just static route to my ISP!
my real public IP is a /27 can I use my broadcast address (its a legit public IP address)?
i.e 1.2.3.0/27 = 1.2.3.1 to 1.2.3.31
Outside interface = 1.2.3.1/27
Can I use 1.2.3.31 and NAT it to an internal server?
Nice for those who want to see what it looks like:
Cisco Connect Cloud: [URL] EA6500: [URL] . And of course all other Linksys devices: [URL]