I'm new to the Cisco WLCs and recently implemented a wireless infrastructure using a WLC 2100 with 1262 LWAPs. I have two of the 1262s plugged into ports 7/8 using crossover cables. They're functioning correctly with the exception of the inability SSH and send pings to the LWAPs behind the WLC. Is there anyway to ping/shh through the WLCs to the LWAPs behind it? I use an NMS (Nagios) to monitor the status of the LWAPs and it can't monitor them if it cannot ping them. Also, is there anyway to configure the WLC to monitor the status of LWAPs?
Background: Cisco 4400 series WCS w/ Cisco 1142n LWAPs. Clients are HP Elitebook 2730p notebooks with Intel 5100 wifi chips.I was installing Dragon Dictate on several users tablets this weekend. I was ready for the 1 hour install. I noticed that one of the computers was done far quicker than I expected. The computer had a wired ethernet cable attached to it's docking station. The other 3 were accessing the network via the wireless. I did some checking on the WCS, and the other three notebooks were downloading files at a whopping 8 Mbps each. The server that they were. downloading from is attached via gigabit ethernet, and was little utilized. All three notebooks reported that they were connected ~80Mbps to our 2.4GHz N network. I'm willing to accept that wireless is going to be slower than wired, but this seems extreme. The three tablets were connected back to the same LWAP, which is connected to a gigabit switch. There were only three other people in the building at this time, so network congestion isn't an issue.
I have 2 APs, Cisco Aironet 1040, and 2504 WLC.Is it possible to configure guest access (Guest SSID/VLAN and Corporative SSID/VLAN) without dedicated guest WLC in DMZ?
I have three 5508 WLCs, running code 7.0.98.0 supporting 100+ LWAPs in H-REAP mode. The LWAPs are servicing 2-3 WLANs each. Some are using central authentication and local switching, some are configured for central authentication and central switching. When the LWAPs fail from one WLC to another WLC, the LWAP's lose all of their VLAN mappings and pick up the VLAN of the management interface on the new WLC.
All WLANs are configured to use the management interface on the WLC and the VLAN mappings are configured per LWAP on the H-REAP properties tab. The WLAN ID numbers and all the WLAN settings are the same across all 3 WLC's. I have created AP groups on all 3 WLC's and the AP group config matches across the 3 WLCs.
I can get the LWAPs to keep their VLAN mapping by creating an interface on the WLC with the VLAN ID of the locally switched/remote site VLAN and then setting the interface for the WLAN to the new interface. However, then the WLAN doesn't work, because the centrally located WLC doesn't have the remote site VLAN. It also seems to keep the VLAN mapping if I create the locally switched/remote site VLAN interface on the WLC , and point the WLAN to the management interface. This shouldn't be a necessary step though... In H-REAP with local switching, the LWAPs aren't using the interface on the WLC.
I found a note in the 7.0 WLC config guide that explains why the VLANs are picking up the management interface VLAN, but that same note says the VLAN mappings can be changed per LWAP/WLAN!
From config guide: For hybrid-REAP access points, the interface mapping at the controller for WLANs that is configured for H-REAP Local Switching is inherited at the access point as the default VLAN tagging. This mapping can be easily changed per SSID, per hybrid-REAP access point
Using H-REAP and been able to get the LWAPs to keep the VLAN mapping when failing from one WLC to another?
i have a cisco ACS version 5.0, I need to authenticate a wireless users connected to WLC 2100 controller when i connect the controller to a Dot1x port in the switch , the port go down.
i have a dwl-2100 access point. first can this be used as a regular wireless router, and second, i tried the 192.168.0.1, and connection got reset a few times, so what else can i do to set out a pswd?
How do i setup my d link dwl 2100 ap at my new address. I have moved and my installation cd has gone missing. The install wizard wants to work off the cd
I am trying to config my wireless lan controller (WLC) 2106 to discover my new 3500 access points.I followed the example Cisco configuration doc.69719.I am using a Cisco 3760 switch to interconnect the AP and WLC.I set up DHCP in the switch. [code]
Since few days the WLC 2100 series controller and 3x LAP1131AG are getting disconnected and the controller gets offline via the local ip address. At that point I have to reboot. To get anywhere and after I connect wirelessly to the AP before I know it it disconnects. It worked for 3 years straight no fuss. And now nothing. I reconfigured the WLC 10times and no diffference.
I have a cisco AIR-LAP1262N-A-K9 and AIR-LAP1142N-A-K9, and i would like to join to Cisco WLC2106 (software version 7.0.98.0)My ap 1262N have 3 antennas externals with 7dbi of ganancy,Is possible to do it?
I'd WLC 2100 series and 9 access point LAP1142N .8 LAP1142N can work fine and join a capwap controller is ok but only one LAP1142 is can not . Part of LAP is AIR-LAP1142N-A-K9
Apr 2 10:52:42.284: LWAPP_CLIENT_EVENT: spamResolveStaticGateway - gateway found *Apr 2 10:52:42.284: LWAPP_CLIENT_EVENT: spamResolveStaticGateway - gateway found *Apr 2 10:52:42.284: LWAPP_CLIENT_EVENT: Dropping discovery in LWAPP. This AP model is not supported by LWAPP WLC. *Apr 2 10:52:42.284: status of voice_diag_test from WLC is false *Apr 2 10:52:52.284: %CAPWAP-3-ERRORLOG: Go join a capwap controller
We have two 2100 WLC's that support 12 access points. One has been sitting in a box for some time, but we're at the point where we need to add additional access points that will put us in excess of the 12 limitation. What is the best way to go for installing the second WLC?
I have a problem with our WLC 2100 series (2125). Basycally internal DHCP server configured on WLC is not working. I have one AP connected to port no 7 (PoE) to bypass and eliminate problem with other equipment.
I have a fairly simple WLC 2100 configured to control two APs. We had a power outage a few days ago, and though the WLC was on a surge protector, it did not come back up properly after the outage. The STATUS light sticks at amber and I can't get any console response. At this point I'm not sure what to do except replace the WLC, though I'm loathed to do that as our budget was just cut substantially for next year and we're trying to turn nickels into pennies.
I am having trouble on setting up a WLC2100 ver 7. we need to implement a private and public network. private network authenticate to IAS - RADIUS (windows server 2003 server) while the public network is open but when a client connect to AP it will redirect to a 3rd party web athentication - HotSpot Server. the challenge is we want to broadcast a single SSID.
senario:
1. when a user/guest connect to the AP a radius server will authenticate thru IAS - Radius.
2. when a user is authenticate via radius a dhcp server will give an ip address of the private network.
3. if the user is not authenticate a dhcp server will give the public ip address and netowrk traffic must go to a different VLAN.
my question is, is it possible to broadcast a single SSID for the two network? is there a document which is related to our scenario?
The operating temperature for 2100 wireless lan controllers is up to a miximum of 40 degrees celsius according to the datasheet. We deployed some 2112 controllers all displaing a temperature above 50 degrees celsiun. This during normal operation and deployed proper enviromet (aroco ...)
I have a Killer Nic 2100 installed on an 1155 setup under Windows 8. I can upload large files to anywhere on my home network .. but when I pull large files off of my main computer with the Killer Nic in it .. the connection drops out on my main rig... no network connection of any kind on my main rig until I reboot ..
I don't have this problem with the onboard nic ..
sometimes the network will drop when the power flutters .. all the other computers I have will have internet connection .. but my rig won't ..
I'm using Cisco 2100 cable modem. It worked fine until some time later where the Data Send & Receive LED's stopped blinking. A man came to check if the cable was the problem by replacing it, but it wasn't. He claims it might be related to the laptop. I have tried several times restarting it. (I'm using mobile broadband) I would really like fast rather than slow internet ( I was limited so now it's slow but free)
Recectly we replaced Cisco 2100 Series LAN controller to Cisco 5508 Wirless LAN controller , I downloaded WebAuth Bundle from my Old LAN Controller ,when i am trying to upload to my New Wireless LAN controller ,its not uploading and also it gave me uploading failure error message .
I have an instance of ISE and NCS with a WLC 2100 plus a couple of LWAPs. This is an evaluation POC lab to sell ISE and NCS to our management to make our life easier.The problem I have amoungst many is I can create a guest user directly on the ISE and the guest can login, the ISE monitor shows the guest authenticates but the clients webpage passes them back to the login page not onto the original client url. The web auth is pointed at the ISE/guestportal/portal.jsp page.If I point the web auth at the internal WLC page using a WLC local user account it works.If I set the guest access to pass through it works without issues getting dhcp and dns. On the ISE is there a policy needed to say if guests are web authenticated give them access? The need is for AD authenticated users to be able tocreate guest users. The AD authentication works for sponsorship and guest creation its just the guest access redirection I am having issues with.
One of our customers have one Cisco WLC 2100 (firmware 5.2) with 4 AP Mesh 1522, in a city deployment. In order to achieve local regulatory, has to implement bandwidth limitations per user.
I got screen captures of WLC QoS Profiles options, with Average Data Rate in Per-User Bandwidth Contracts. So my question is, do I need any other equipment to achieve per user bandwidth limitation? Can it be done with WLC QoS options?
We have a 2100 cisco Wireless LAN Controller which manages 3 APs and assign IP address to clients which connects via wifi. Currently, we are deploying dual stack IPv6 and our consultant stated that our current controller does not support IPv6.
This is rather odd statement because there is an option to enable IPv6 in the advance tab of WLAN. And sometimes clients (win7 and Mac OS X) are getting v6 addresses, able to ping v6 sites, and reach v6 sites successfully. And other times, clients do not..or getting the v6 address for 10-15minutes, then unable to ping/reach v6 sites.
Our consultant is sticking by his words saying it does not support. If this is true, then clients should not be able to get v6 at all....not sometimes and not other times; very inconsistent.
And what is ipv6 pass through? What is ipv6 bridging?
I have a couple of AP's that are down and won't let me change to up. When I try to enable admin status I get a pop up window: " error in enabling admin status".
I have configured the WLC for power injectors with a 3550.
We have a building with 6 Cisco Airnet 1140 connected to a Cisco 2100 WLC, all tied into a nice Central Certificate server and a Win2008 NPS/Radius server on a Win2008 AD. Our trusted PC wireless access is fine, with domain laptops with certificates authenticating with DHCP all round the building. We use GP to apply settings to an AD integrated Proxy server for internet access.
The problem I now have is with guest access...
We are an education establishment, so students could turn up with anything from a laptop to an iPad to an Android phone, which immediately rules out using proxy PAC files to configure the proxy.
What I really want is a method of using the radius to verify the guest user against their existing AD user account, which I believe is possible. The one snag we have is in order to avoid the user having to configure the Internet proxy we would have to switch it to a transparent mode, which immediately restricts our ability to report on AD username, we would only have an IP address to report on, which is next to useless!
We've looked at a Gateway product (Astaro), which integrates the Filtering onto the Gateway, but the downside is that you have to use their APs, so we would be replicating existing work, whilst also managing two filters.
I have a wireless controller 2100. I can't access it via browser, when I am connected to one of its physical ports. I use the same subnet ip address as that of the management interface of the wlc.
In the near future my company is looking into the option of adding a second network connection (exclusively for customers visiting our facility) to our pre existing WLAN network. We are currently using a Cisco 2100 series Wireless LAN Controller and probably 6-8 APs. Our main connection is made up of 4 T1 lines and the second connection will more than likely be a cheap DSL connection. I'm wondering if this technology supports two separate connections on one controller and APs. For example, is there a way within the controller web interface to separate what is currently our "Guest" connection from the main Internet line? I was thinking of just plugging from the DSL router directly to the controller and save the hassle of changing routing and VLANs.
how to chance the web authentication certificte on WLAN 2100 controller. My users are complaining that they need to accept the security certificate before proceeding to the actual authentication?
We need WiFi security on our corporate SSIDs locked down using certificates, we are using wlc cisco 2100 series. We need these on every workstation, laptops etc.
I current have a Cisco 2100 Cable modem (192.168.100.1) connected to a Cisco Linksys E2000 (192.168.0.1) that is connected to a Cisco 3550 (192.168.0.10). I would like to relocate the E2000 to another room. This would require me to connect the 2100 and the E2000 through the 3550. I have had to set a MAC address clone on the E2000 of the PC that is also connected to the 3550.
The question I have is how do I get this all to interconnect so that the E2000 is used by the 2100 for validation to the internet provider (Time/Warner). I am also using the E2000 for DHCP.
Here is a copy of the running config:
version 12.1 no service pad service timestamps debug uptime service timestamps log uptime
