Cisco :: IPSec Between WLC 4400 And ACS 5.2
Apr 3, 2011I found [URL] that it's possible to create IPSec between WLC and MS IAS server. Is it possible to use ACS 5.2 instead of IAS and establish IPsec between WLC and ACS?
View 1 Replies
ADVERTISEMENT
Cisco Routers :: Can RV042G IPSec VPN Support Apple IOS IPSec VPN
Apr 29, 2013I tried any type of combination and just couldn't make it works. Only PPTP works well. Whether Apple iOS IPSec VPN is supported or not?
View 11 Replies View RelatedCisco :: 4400 Does Not Have IP Filtering
Apr 26, 2012We have a Cisco 4400 series WLAN controller.When I go to the clients and view who is connected; I can also filter it. However it only lets me filter by mac address, ap, wlan profile, etc.
It does not have IP filtering. Is there a way to filter using IP? Basically I want to find a particular client with a certain IP that's connected to our WLAN.Also how do we block the client? If we deemed that person should not get access.
Cisco :: WLC 4400 To 5500 Migration?
May 30, 2012We have a single 4404 that was setup long before I arrived with Guest networks that timeout and other such tweaks. Is there a document somewhere that shows a way to migrate the old settings to a new 5508 that we are purchasing? By the time the 5508 arrives I will have a very small window to setup the unit before a new wing goes live. I need the new unit as we have reached our limit of licensed AP's on the old 4404. It seems like everyone keeps talking about an easy way but no one says how to do it.
I have never setup one of these units before from scratch so I don't know how long it will take.
Cisco :: Device Package WLC 4400 - LMS 4.1
Oct 23, 2011Does WLC 4400 is supported in LMS 4.1 in CiscoView.
When I check device update in admin-system-software center. I don't see any available package for the WLC 4400.
Cisco Wireless :: How To Add An SSID To AP's Through WCS 4400
Sep 24, 2012We have a new SSID that needs to be added to an AP through a 4400 Controller with software version
7.0.116.0
All AP's are configured as Lightweight.
Cisco :: Can't Do Radius Authentication Via WLC 4400
Jan 3, 2013I am configuring an old WLC4400 with V4.2.130.0. I added a new sub-interface for VLAN 50 with proper IP for the subnet and then add the Radius server(Windows server 2008 with NPS) onto WLC4400. I then created new WLAN with WPA+WPA2 Encryption and 802.1x key management and selected the Radius server under AAA for authentication.
Configured the test XP with WPA-Enterprise and PEAP as EAP method. I purposely configured computer to prompt for username and password.
When I try to connect, I did get prompt for username and password. However after that nothing happens. It seems like laptop just keep trying to authenticate.
I checked windows event log and do not see anything under NPS. I know this windows server NPS setup works as it is also the authentication server for our remotevpn.
is there any special option I need to turn on for WLC in order for Radius authentication work? Or is there any known bug with V4.2.130.
Cisco :: Migrating APs From WLC 4400 V.4.0.179.11 To WLC 5508 V.7.2.110.0
Jun 11, 2012I am replacing an old 4400 series WLC running version 4.0.179.11 to a new 5508 WLC running version 7.2.110.0.
We currently have 70 x 1131 Access points on the 4400 WLC.
With this upgrade, do i need to upgrade the old 4400 to version 6.0 so the AP's get an up to date IOS or can i directly migrate all AP's over to the new 5508 without any version incompatabilities on the AP's?
I am abit worried that the AP's are running a very old IOS on the 4400 v.4.0.179.11 to go straight to the new 5508 v.7.2.110.0.
Cisco :: Migrate WLC 4400 To 5500?
Aug 1, 2011l need change a wlc 4400 to 5500, but l don´t know what l need back up, and how can I do to join the H Reap APs in the new 5500 WLC because all H Reap APs that l have, are not in the same city , and I understand if l want join AP in the new WLC l need to connect in the same network segment, is it rigth ?
View 7 Replies View RelatedCisco :: WLC 4400 - Web Authentication Using LDAP
Mar 14, 2011I have some problems integrating WLC 4400 with AD using ldap. The the WLC LDAP Server and W LAN for Web Authentication are configured according to [URL].
when I connect to SSID the laptop is given the ip address, then I can see the web-page with lo gin and password - it seems to be OK, but when I enter lo gin and pass it tells me, that it's incorrect.
The attributes of the LDAP server:
Server Address *.*.*.*
Port Number 389
User Base DN ou=ORG,dc=domain,dc=local
User Attribute userPrincipalName
User Object Type Person
the test user is located in AD folder ORG, but this folder also contains a lot of sub trees
There are some questions:
1) Is it obligatory to use value "Authenticated" in the Simple Bind option or it can be Anonymous?
2) Is the Controller capable for searching the users located in User Base DN sub trees?
Here is some debug from the controller:
667: LDAP_CLIENT: UID Search (base=.....
669: LDAP_CLIENT: ldap_search_ext_s returns 0 85
669: LDAP_CLIENT: Returned 1 msgs including 0 references
[Code]....
Cisco :: 1142 / 4400 - Looking For Newer AP
Sep 25, 2012I current have 20 x cisco AP 1142 with WLC 4400 series, I'm looking for newer/latest Cisco AP for expansion. I was looking at Cisco 3500 series but not sure how good/flexible they are when comparing to 1142 and other AP series.
View 1 Replies View RelatedCisco Wireless :: 4400 - APs Not Join To WLC
Jan 24, 2011I have a 4400 WLC for 100APs running the 7.0.98.0software version. Now, only 48 APs are joined, and the WLC dont accept new joins. The log below are from my WLC but appear for all others APs:
%LOG-6-Q_IND: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:3a:98:ae:e3:f0 supporting CAPWAP%LWAPP-6-CAPWAP_SUPP_VER: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:3a:98:ae:e3:f0 supporting CAPWAP%CAPWAP-3-TX_ERR: capwap_ac_sm.c:1966 Failed to transmit discovery response to AP 00:3a:98:ae:e3:f0%CAPWAP-3-ENCODE_ERR: capwap_ac_sm.c:2269 Failed to encode Discovery (code)
Cisco Wireless :: WLC Migration From 4400 To 5500
Jun 1, 2012i have a existing wireless network setup in my office existing wlc in 4402 and LAPs are 1130 & 1242 all are working fine but we are now planning to use new 5500 series controllers for the same access points,i want to ask that how i can done this job with very minore downtime and users disconnectivity + zero error results??
View 2 Replies View RelatedCisco Wireless :: WLC 4400 Change IP Address
Jan 1, 2013We have a WLC4400 controller with about 30 LAP. We moving to a new IP scope and was wondering what is the best way to change the IP address of the controller. We have tried doing this via GUI however we have to power cycle the controller to get it back online using the old ip address.
View 3 Replies View RelatedCisco Wireless :: 4400 / 5508 - Upgrade From 7.0.116.0 To 7.2.103.0?
Apr 2, 2012I want to upgrade all my controllers (a mix of 4400 and 5508) to 7.2.103.0 from 7.0.116.0. Can I make that jump or should I do incremental?
View 7 Replies View RelatedCisco :: 4400 - Host Isolation On One SSID
Feb 26, 2013What is the best way to isolate hosts on WiFi network managed with 4400 controllers so they only see def gw but not each other, something like "switchport protected" but for WiFi ....
View 4 Replies View RelatedCisco Wireless :: Pipe Output In WLC 4400?
Feb 14, 2013Like the way you do with the Cisco IOS.
ie show start | i router
Cisco AAA/Identity/Nac :: LWA Guest Portal ISE And 4400 7.0.x?
Apr 8, 2013Managed to guest LWA working with ISE for wireless guest portal access? I have Cisco 4400 WLCs running latest 7.0 code and ISE 1.1.2.All guest portal examples seem to be CWA which only works on 7.2 code.Am I without hope getting this working on 7.0 code?
View 3 Replies View RelatedCisco Wireless :: Does CSCua29504 Effects The 4400 WLC
Apr 7, 2013Does CSCua29504 affect 4400 series WLCs as well? Bug toolkit mentions just 5500, so want to get a confirmation.
View 2 Replies View RelatedCisco :: 4400 DTLS Error AP Will Not Register
Jan 12, 2011I have just upgraded one of our 4400 to 7.0.98.0. Most of the AP re-registered with out issues. I have two AIR-LAP1142N-E-K9 on a remote site that will not re-register.I have pointed them to another 2125 WLC (7.0.98.0) and they register fine. Point them to yet another 4400 (7.0.98.0) I get the same issue.I am getting this error when the register on the 4400s.*Jan 11 14:39:24.000: %CAPWAP-3-ERRORLOG: Selected MWAR 'abzewwlc'(index 1).*Jan 11 14:39:24.000: %CAPWAP-3-ERRORLOG: Go join a capwap controller *Jan 11 07:05:55.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 144.46.211.5 peer_port: 5246*Jan 11 07:06:55.000: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 144.46.211.5:5246 I suspect it may be as they both have In the client config.Then again maybe not.Configured Switch 1 Addr 158.139.177.203Configured Switch 2 Addr 144.46.214.25
Question 1 if I do a "clear config except static IP" will I still be able to telnet tp them or will they default to no telnet no ssh ?
Question 2 any idea how to get past this DTLS error ?
Cisco :: How To Use Microsoft Server 2008R2 NPS With Wlc 4400
Aug 20, 2011how to use Microsoft server 2008R2 NPS with cisco wlc 4400.am i correct, each LWAPP AP have to be connected to NPS . (this AP is also called access server)?when client tries to connect to the wlan, (in this case lets say we want a user in AD, after providing its creds, can access the network, internet etc) the auth req is sent from AP to NPS/RADIUS? where does WLC come into play here, what does WLC do?
View 3 Replies View RelatedCisco Wireless :: 4400 Mac Filtering Import
Aug 2, 2012I was wondering if there was a way to import a large number of mac addresses into the MAC filtering of a Cisco WLC 4400. We recently purchased 150 new Mac laptops and I need to add them to the Mac filtering. I have 5 WLC's to do this to.I already have the MAC addresses and names in a spreadsheet.
View 3 Replies View RelatedCisco :: 50APs / 4400 - Distribution Of APs On Both Ports Of WLC?
Mar 1, 2013I have Wireless LAN Controller 4400 running. Currently all 50 APs are running at one port of WLC. I have studied on Cisco site, that its best to run 24 APs per port of WLC and total 48 in total. My all APs are running at one port. is there any issue if i run all 50APs on one port and is this any bottleneck?Also if i want to shift half APs to second port, What will be configuration for WLC?
View 6 Replies View RelatedCisco :: 4400 Controller / Accessing Web GUI From Port 0?
Jun 7, 2011I know how to access the GUI from the service port. However, I am not able to access from Port 0. IPs have all been properly set. We have a management VLAN in our enterprise. I have configured the WLC management interface for an ip on that subnet. Port 0 is connected to a 3560G switch. I have set the switch port to be an access port to the management vlan and I have tried to set the switch port as a trunk, with the native vlan set to the management vlan. I am not able to ping nor access the web GUI remotely via the management vlan.
View 3 Replies View RelatedCisco Wireless :: 4400 DSCP Mapping Toward 802.11e QoS
Aug 18, 2009According to product bulletin no 3209 for the Cisco 4400 series, the Access Point supports 802.11e WMM.
My question goes to DSCP mapping, according to IEEE and your bulletin the DSCP field in the IP header should be set to 46 (10110 00) for mapping to a 802.11 QoS voice priority 6/7.But my Wireshark trace revealed 4400N is mapping toward with 802.11 QoS is set to Priority 5 Video.
If I google DSCP mapping toward 802.11 QoS all IEEE documention I found says EF /Voice should have 46 or 101xxx in the DSCP IP field but running through Cisco and HP docs gives 46 or 48 as value, that is the correct value. [code]
Cisco :: 4400 - Cannot Copy Configuration From Controller To WCS
Feb 22, 2011When I try to import configuration from the controller 4400 to my WCS it gives the following message:
Status Refresh succeeded but some records were dropped because their key fields failed validations.
When i see the config in the WCS, all of my light access points are not on it. I check for the logs and this is What I get: (its a lot of info, so I am putting an example!)
02/23/11 14:18:46.784 ERROR [general] [TP-Processor7] THROWcom.cisco.server.common.errors.InternalException: [COMMON-1]: COMMON-1com.cisco.server.common.errors.ObjectNotFoundException: COMMON-
[code]......
Cisco Wireless :: WLC 4400 - AP Group Information
Aug 26, 2012We have 4 x 4xxx WLCs setup in our Core. I just created an AP group in one of WLC and in theory I should see that AP group in the other 3 x WLCs
For some reason, I do not see that AP group appear in other 3 x WLCs. Very much appreciated if someone could point me to the right information or trouble shooting steps.
Cisco :: IOS Upgrade - 4400 To Support 1142 APs
Jun 26, 2011I have to upgrade a couple of 4400s to support 1142 APs. The controllers currently support 1131s, and are on version 4.0.179.11. (I know, way back there...)
Seeing this huge gap between the level we're on and the most current version, thought I'd better find out what's recommended.
The available MD versions are 4.2 and 6.0
The available 4.2 versions are:
4.2.209.0(md)
[code]....
The next MD release is 6.0.202.0 .
Cisco :: 4400 / 5508 Controllers - 802.1x Re-Authentication
Mar 28, 2012Currently in the process of migrating from psk to 802.1x radius environment using a mix of 4400 and 5508 controllers with WCS using Microsoft ias. The problem I have is there is a lot of shared iPads and tablets in the environment. Is there a way to force these user to relogin to radius after a certain time period so they are not sharing unames and passwords?
View 1 Replies View RelatedCisco :: Wireless 4400 - Customized Web Authentication
Aug 4, 2011I posted a few days ago but don't have a good response. I've dig high and low and haven't come across a solution yet. I've been trying to get a customized web Authentication typed. I didn't need a user name or password to get through. All I need is a web pass through and an accept button at the end of the HTML agreement policy or splash page.
I was able to create a log in.HTML and download to the wireless controller, but my problem is how would I get an agree button and when a user click on it and it would redirect to a website. I've followed the following link but no luck. {URL}. the link doesn't tell me weather I should create an accept button manually or is there a setting on the controller that need to check? the link also provide some info. about: Configure Client Machine for Web Pass through, but where should I download the Cisco Aironet Desktop Utility? I've download ACUv502005.exe file for my windows 7 but after the installation it didn't work for me. if you know how to configure the web-pass through. I been working for this for a week now and didn't find the info. that I was looking for.
Cisco Wireless :: 4400 - IP Or MAC Filter On 1522 AP?
May 21, 2013I have a wireless sytem with a WLC 4400 and several 1522 Access Points. They don't actually function as Access Points because I'm using radio communication only for backhaul. There are no clients connected to the Access Points. All traffic on the network comes from the devices connected on the LANs that are bridged through the APs ethernet port.
I would like to create filters to allow only certain devices to be able to transmit over the radio link. I've used this in the past on 1310 units and it was very easy to do via GUI. This filter could be either by IP or MAC Addresses. IP would be better for me.
Cisco :: 4400 WLC Random Drop In Both Multicast And Broadcast On 7.0.220
May 15, 2013We have a Cisco 4400 WLC running version 7.0.220.0 and are experiencing clients randomly dropping both broadcast and multicast at the same time. This is not specific to one area of the site and the duration of the MC/Brodacast loss varies. These comms outages don’t happen on all the clients at once but usually affect one client at a time. After a few minutes or a few hours, the client will start receiving the multicast without user intervention.
The site has Cisco 1522 AP's that have rather interesting logs where the DTLS sends fatal errors, followed by CAPWAP going into discovery state. Not sure if this has the same affect or if that's a completely seperate issue.I was told it could be the GTK but I don't believe 7.0.220 has this feature even enabled. The clients are Cisco 3230 and Cisco 1310's. The clients are running version 12.4(25d)JA1 while the 3230 router is running version 12.4(24)T7. What supporting logs or configs need to be shared to better troubleshoot. This has been going on for quite some time and is frustrating the end user as multicast is essential to the operation.
Cisco Wireless :: 4400 How To Get New Access Point To Be Seen By Controller
Jul 23, 2012I have a Cisco Series 4400 WLAN controller and I'm trying to connect a lightweight AP to the controller. I have already assigned the switch port to use my wi-fi VLAN, and have connected the AP to the switch. After a few minutes, the light on the AP goes from green to light blue (indicating it's serving clients). When I log into he wi-fi controller to look for the Ethernet mac address of the new AP, I do not see its Mac Address. I want to be able to rename the AP to reflect where it will be used, but need to select the AP via its Ethernet mac address before I can make any edits like changing its name etc. I've gone through the "monitoring" menu, selected "All" and still do not see it in their via its MAC address. I also will select the "wireless menu" which lists all the AP's on my network, listing in order from on the longest running, to just powered on.Is there something I'm missing like a "re-scan" that scan's all devices?
View 5 Replies View Related