Cisco :: Port Configuration On New 2504 WLC
May 17, 2011
I've read some conflicting things on the new 2504 WLC's. Some things indicate all 4 ports are fully useable, while others indicate perhaps only 1 or 2. I think I've read in product documentation that it support a max of two ap-manager interfaces. Does, for sure, all 4 ports are useable? I'm thinking of the following configuration:
Port 1: management interface and first ap-manager interface
Port 2: second ap-manager interface
Port 3: first dynamic/client interface
Port 4: second dynamic/client interface
I'm planning on deploying my ap's in h-reap mode with a max of 25 ap's per 2504. Since I'm using h-reap, bandwidth shouldn't be much of an issue so I'm also considering trimming it down to using just two physical ports as follows so I can take up fewer gig switchports which are scarce at many of my locations:
Port 1: management interface and first ap-manager interface
Port 2: first and second dynamic/client interface
I've always deployed 4400's and 5508's with LAG so I haven't had to think about this much until now.
View 4 Replies
ADVERTISEMENT
May 29, 2013
i must configure a secured wireless network with access restriction based on SSID. the equipements are : cisco wlc 2504 (soft 7.3) cisco secure acs aplliance 1121 (soft 5.4) . the users that will connect to the network are regrouped by identity groups, each identity group having it's own SSID. Clearly each group of users must access only one SSID. i followed the procedure below to configure it:
-- creating user identity groups;
-- creating users and assigning them to the groups;
--- creating authorization profiles for each SSID under policy element/ authorization and permission/network access/authorization profiles and putting the Airespace-Wlan-Id(the SSID number) in the radius tab.
--- assigning the authorization profiles to the identity groups under access policies.
after all these config the users can access the network using there userid/password configured. But the problem is Every user can access every SSID, seems like the restriction is so not very well configured.
i found some documentation on this kind of config but the version of ACS used seems older than the one that i use, so menu are very different.
View 8 Replies
View Related
Apr 17, 2013
I can't seem to find and answer to this, but is it possible on a 2504 WLC to trigger a configuration backup when the configuration is saved like on Cisco routers and switches?
View 2 Replies
View Related
Mar 3, 2013
I will now install a Cisco WLC 2504 and 18 AP´s ( 1142n).
Client has a Cisco infrastruture with Cisco Switch´s 3750x and others.
We expected to have :
1. Managment Vlan to add WLC 2504 and the AP´s ( DHCP server should be reached on this Vlan)
2. Configure a trunk in the switch port where the WLC will connect, allowing vlan´s that we choose to reach.
3. configure WLC ( ssid´s, Vlan´s, interfaces).
4. Configure AP´s.
Is there any basic setup that i missed for things to run ?
Normally I create DHCP reservations for AP`S and for Clients in diferent Vlan´s:
Mgmt Vlan 100: 192.168.0.xx
AP´s vlan 101: 192.168.1.xx
Clients Vlan 102: 192.168.2.xx
All this ones should be created as interfaces on WLC?
View 11 Replies
View Related
Dec 6, 2012
I am currently experiencing an issue with a WLC that I am trying to connect 3 new Access Points to of the type AIR-LAP1142N-E-K9 running Cisco IOS Software, C1140 Software (C1140-RCVK9W8-M), Version 15.2(2)JA
I had the controller on firmware 7.0.220.0 and just upgraded to 7.3.101.0 in the hopes to solve my issue. The already connect APs running 12.4 was upgraded without any issues (apart from one - I'll get to that one) and it is now running as before. But the issue with the 3 new APs still persists. I have supplied a screenshot of the AP Join page.
Another issue that arose from the said upgrade was that a previously shutdown AP (of the same type and software version as the ones that upgraded perfectly) got turned on after the WLC firmware upgrade and is now not able to join the controller.
View 20 Replies
View Related
Nov 25, 2012
I am actually working in configuring a wireless controller 2504 integrated a windows 2008 server as radius server for authenticating the network users registered in a windows active directory database. The Radius server is a Windows 2008 Server with the rol of Network Policy Server.
I have been following a pair of documents in Internet, but it doesn't work yet.
Which authentication method should i use?...the Windows 2008 NPS doesn't work wtih LEAP, should i use PEAP or there is an another recomendation to authenticate the windows active directory users?
configuration tested working between a cisco wireless controller and Windows 2008 NPS as Radius Server for authenticating the windows network users.
View 11 Replies
View Related
Mar 20, 2012
I've got a question concerning the configuration of multiple AP manager interfaces on -for example- a cisco WLC 2504. I've read the configuration guide but I'm not sure whether this is the way the protocol works. Say I want to distribute AP's (and traffic) across various AP Manager interfaces on the WLC. I would configure the following:
Create one management interface (which will automatically also be an AP-Manager interface)Configure 1 (or more) Seperate ap-manager interfaces, assign them to a port number, and select "Enable dynamic AP Management". VLAN ID's will be the same.Create a WLAN and configure it's interface to "management" Is it correct if I state that the LWAPP protocol takes care of the discovery from the Access Point and sends information about the available AP-manager interfaces back to the AP and the AP knows which ap-manager interfaces are available, connecting to the least loaded one?
View 3 Replies
View Related
Apr 24, 2012
I have a question about 2504 deployment.Two WLC's , one will be acting as primary controller, second as secondary controller.
There will be two firewalls with High Availability between them. Ok, if primary controller will go down, we would need to wait about 2minutes, and AP's would join secondary controller.
But if there is a problem with firewall? Etc. FW 1 goes down. Is it possible with WLC 2504 to use it's second port as backup port ? And use the same IP address between them?
Because if we configure the second port with different IP address, we would need to wait about 2minutes, because AP's is in "rejoining" mode )(To use second port as backup, but have the same IP address on it ( like put these two interfaces into the same "vlan") , because this would be really great, if one Firewall goes down, we would still will be using the same wireless controller.)
View 3 Replies
View Related
Jun 5, 2012
Is it mandatory to connect Cisco WLC 2504 to a Gigabit port ?? can we connect it to a fasternet port (100 mbps) ?
View 4 Replies
View Related
Sep 25, 2012
is it possible to Manage the 2504 Controller over a separate Interface. Exmaple: Port 1 is used as controller management interface (untagged) - AP's are connected to the same VLAN Port 1 is used for Guest Traffic (VLAN 3 tagged) Port 2 should be used to manage the WLAN Controller from the internal LAN. (tested with untagged, tagged, same issue)
with this Setup it is possible to ping the Port 2 IP-Address from the internal LAN but if you try to connect to the controller, the Browser shows "Site not reachable".
I also enabled "Management via Wireless" but without success. I also tried to add the "management" VLAN as tagged on the management Interface with the same effect, the controller is not manageable from the internal LAN. On 5508 WLAN Controller i have an similar setup, but with LAG Port enabled. There this works.
The only interface were i can manage the WLAN controller is from the management Interface.
View 1 Replies
View Related
Dec 14, 2012
I'm using a 2504 controller. I dont have WCS.My questions are about the best way to configure a Rogue Detector AP.
In my lab environment I setup the WLC with 2 APs. One AP was in local mode, and I put the other in Rogue Detector mode.The Rogue Detector AP was connected to a trunk port on my switch. But the AP needed to get its IP address from the DHCP server running on the WLC. So I set the native vlan of the trunk port to be the vlan on which the WLC management interface resides. If the trunk port was not configured with a native vlan, the AP couldn't get an address through DHCP, nor could the AP communicate with the WLC. This makes sense because untagged traffic on the trunk port will be delivered to the native vlan. So I take it that the AP doesn't know how to tag frames.Everything looked like it was working ok.
So I connected an autonomous AP (to be used as the rogue), and associated a wireless client to it. Sure enough it showed up on the WLC as a rogue AP, but it didn't say that it was connected on the wire. From the rogue client I was able to successfully ping the management interface of the WLC.
But the WLC never actually reported the rogue AP as being connected to the wired network.So my questions are:
1. What is the correct configuration for the trunk port? Should it not be configured with a native vlan? If not, then I'm assuming the rogue detector AP will have to have a static IP address defined, and it would have to be told which vlan it's supposed to use to communicate with the WLC.
2. Assuming there is a rogue client associated with the rogue AP, how long should it reasonably take before it is determined that the rogue AP is connected to the wired network? I know this depends on if the rogue client is actually generating traffic, but in my lab environment I had the rogue client pinging the management interface of the WLC and still wasn't being picked up as an on-the-wire rogue.
View 4 Replies
View Related
Mar 28, 2012
I created a wlan just for our wireless IP phones.I assigned an interface I created which in turn was set to a specific port on company 2504 WLC. Connecting switchport is set to trunk. Right now I can't ping the voice wlan interface.
View 1 Replies
View Related
Jan 15, 2013
We just installed a hosted VOIP system using Cisco 7900 series IP phones. We are having a strange issue with a few computers where they pull DHCP information from our VOIP provider's DHCP server on the Internet and not our LAN DHCP server.
The switchports areconfigured as: switchport mode access
My rationale behind this is that the phones would use CDP to get their VLAN info from the providers Cisco router and the PCs would just ride on the default VLAN. But this is not the case. Computers randomly keep getting DHCP info from the provider's router. Do I have to use voice vlan x and make the switchports trunks?
View 6 Replies
View Related
Nov 27, 2012
My client would like to have a wireless deployment between several differented offices in the city. There is connectivity between the different sites...but my main issue is, is this option really feasible. I was thinking of a centralized WLC like the 2504 coz of price + 36 APs, 2 at each site. The main worry is the network setup considering the fact that the APs have to communicate with the WLC so unpredictable network issues i believe will have a very huge impact.
View 4 Replies
View Related
Jan 5, 2011
I have spent a day trying to get the console / AUX port of an 887 to answer a call in (simple modem on aux port for remote configuration)
I believe that all i need on the line con 0 is "modem enable" and then i should configure line aux 0 as normal.
View 2 Replies
View Related
Jun 23, 2011
I am switching out our old WRVS4400 router to the Cisco 891. Having a problem configuring the Cisco 891 router. I changed the V LAN port on the 891 from 10.10.10.1 to 192.168.2.1 and the ip address saves but when I try to rediscover it through the CCP to the new Ip address 192.168.2.1 I get the message discovery failed.
The sub net mask I used is 255.255.255.0 The only thing connected to the 891 router is our linksys 48 port switch which is SL248G and my laptop is connected to the switch. The port its connected to is FE LAN 0 . How do discover the 891 so I can do further configuration and to enable the FE8 port for using it for our internet connection?
View 8 Replies
View Related
Apr 2, 2013
interface GigabitEthernet0/0
ip address x.x.x.36 255.255.255.248
ip nat outside
ip virtual-reassembly in
no ip route-cache
duplex auto
speed auto
no cdp enable
[Code]
ip nat inside source static tcp 192.168.1.252 22 x.x.x.36 6922 extendable
ip route 0.0.0.0 0.0.0.0 x.x.x.33
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit any
Anything wrong with my config? port forwarding to my ssh wont work. Im using CISCO 1900 Series.
View 10 Replies
View Related
Oct 31, 2012
I'm having troubles setting up a separate VLAN for wireless on a SG-200-26. My first question is why did Cisco not make the VLAN setup like they have all their other business class switches? Anyways, the Access and General modes on these SG class switches are throwing me for a loop.
Right now I just have one port (g10) on the SG-200 switch that needs to be in VLAN 6, which is our wireless VLAN. All other ports are in their default VLAN, which is 1.
Here's what I've done...
Configured port G1 (trunk to another switch) as the trunk port and Port G10 (attached to WAP) as a general port. All other ports stayed in their default configuration. This is what it looks like now...
Port Mode PVID Operational VLANs
g1 Trunk 1 1U, 6T
g2 Trunk 1 1U
[Code].....
I'm pretty sure port G1 is configured correctly, but I have no idea about what port g10 should look like. Common sense tells me it should be an Access port and assign it to VLAN 6, but apparently you cannot tag the traffic within an Access port on SG switches, which makes it useless because how will other switches recognize what VLAN the packets are in? So the next logical mode would be General mode, which I put in VLAN 6. I switched that port from being 6U (untagged) to 6T (tagged), but neither seemed to work.
VLANs on SG switches, how port g10 should be configured for VLAN 6 traffic.
View 4 Replies
View Related
Jul 27, 2011
We are using 3750 switches as WAN router facing the WAN cloud. To configure QoS for its WAN port, should I use 'auto qos voip trust" or treat it like a router port and configure class-maps, policy-maps, and attact service-policy input or output?
Because switches have different queuing and dropping methods than routers, auto qos can generate QoS configs that are considered most appropriate for 3750 switches. However the switch functions as WAN router. Maybe it should be configured using router type of QoS with policy-maps and service-policy?
View 9 Replies
View Related
Jul 18, 2012
I have worked on cisco switches only..I want to configure nortel5510 have configured vlan.but Switch Ip address is changing when I am giving ip address to port. and i cant see port ip configuration in show runn also i want to configure loopback.I am configuring switch ip address 192.168.123.1/24 but when I give ip address to port 192.168.120.17/29(PORT IN DEFAULT VLAN) switch ip address changes automatically.I have port 1-4 configured in vlan 1 other ports are in L3 vlan.I want see port ip address details Like we see in cisco (SHOW IP INTERFACE BRIEF ) what is command in NORTEL??
View 2 Replies
View Related
Aug 8, 2011
how to 24 port networking switch configuration
View 1 Replies
View Related
May 15, 2012
I have an ADSL connection which I would like to have my Cisco Soho 97 ADSL router configured to dialup and forward to port 8080.
My network is 192.168.1.0/24
Router is 192.168.1.1
Server is 192.168.1.4 - Default gateway is 192.168.1.1
I am able to connect using the script below and get a public ip address but i cant get it to connect to the internet?what command to use for port forwarding to 8080?
hostname Router
!
!
ip subnet-zero
ip name-server 212.23.8.1
ip name-server 212.23.3.1
ip dhcp excluded-address 192.168.1.1
[code]...
View 5 Replies
View Related
Apr 23, 2012
I've configured port forwarding on an ASA 5505 to connect to an Access Point web administration.This Is for testing purposes only. I've followed the guidelines for port forwarding and I've created an access list but I can't connect to the AP.I know It's working because It connects fine when connected to my speedtouch router.I've attached a running-config.I'm getting hit counts on the ACL and I'm getting untranslate_hits on the nat but no translate hits.
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
!
[code]......
View 2 Replies
View Related
Nov 6, 2011
i am currently trying to use LMS 3.2 Compliance management to verify and alter our access port configurations for 802.1x. Below is our current configuration
View 1 Replies
View Related
Nov 20, 2011
I have recently replaced an RV082 router that had failed with a new RV082. The previous router was set up to forward port 443 ssl requests to a server in the network. Worked flawlessly for years and that is why I replaced it with same model. The new router is also set up to forward port 443 ssl requests to the new server. The issue is that the router responds with its own certificate and does not forward the request to the server.
View 5 Replies
View Related
Jun 8, 2012
I recently configured CISCO 3310 box with MSE version 7.2. Services are up and running in the box, I could add the MSE to WCS and also able to track the location using WCS. However, I could not connect the third party software to MSE web services to get the location information there. When I hit the server url "https://<my mse>" I get list of possible services like:
Error 404 - Not Found.No service matched or handled this request.
Known services are:
http://my server:8880/hs/
http://my server:8880/mdp/
http://my server:8880/admin/
[code]....
I browsed through the documentation (CAS_71.pdf) and found a text saying:
Note Port 80 will be enabled on the MSE if the enable HTTP command was entered on MSE. Ports 8880 and 8843 will be closed on the MSE when the CA-issued certificates are installed on the MSE. I am running the test system so I do not really want to install CA signed certificate, so I used self signed certificate and restarted the server, but it did not work.
View 10 Replies
View Related
Apr 11, 2012
I have an RV082 V2 with 2.0.2.01-tm and I am having trouble with getting my Sprint Airvana to connect properly to the mobile service. I've read on the Sprint forums indicate putting the Airvana in the DMZ generally allows the device to work properly; however, none have the RV series routers for tips on how to do this appropriately. This device used to work fine behind the RV082, but I reset it one day and it no longer works.
The Airvana is a femtocell/router device with a WAN port and 3 LAN ports. If I connect the Airvana directly to my cable modem, I get the appropriate connection and can then make calls through the device instead of through the Sprint connection; I live in a basement unit and get crappy signal without the device. This proves the device works and that my ISP is not blocking the ports. Sprint indicates the device uses UDP 53, 67, 68, 500 and 4500. Their support sucks and they insist I put the Airvana before my router. I absolutely do not want to use the Airvana as the router. There are almost no configuration options in the router interface and it needs to be rebooted somewhat regularly, which would drop internet access throughout the house for 10-15 minutes while it reboots and finally establishes an internet connection.
As soon as put the Airvana behind the RV082, I no longer get the appropriate connection. I can, however, plug my computer into one of the LAN ports on the Airvana and connect to the internet in general. I have the router assign a static IP to the Airvana, and tried forwarding the required UDP ports to the IP. This did not fix the problem.
I can certainly troubleshoot the port forwarding issues, but I would also like to look into putting the device into the DMZ, if possible. I've not worked much in this area, so I am unsure how to appropriately configure the router to allow this to happen. Is it possible to have the Airvana in the router DMZ without having a public IP for the device itself?
View 2 Replies
View Related
Aug 26, 2012
I have an issue/doubt regarding the configuration of a modem + router. The modem is a netopia-3000 (who care ) and the router is a netgear WGR614V9, The first has the address 192.168.1.1, the second 192.168.0.1 My pc in dhcp take the address from the router (192.168.0.x) and internet work, but if I set the ip manually 192.168.1.x it stop to work, why?
View 1 Replies
View Related
Jan 6, 2013
I want to port forward, so i can broadcast using icecast but it requires me to access my router. I follow the steps from Setting a Static IP Address in Windows 7 - PortForward.com but from step 4 where i have to access my router in my browser,i write my ip which is: 10.0.0.4 according to cmd, and i just get a "Oops! Google Chrome could not connect to 10.0.0.4" message.I have attached a picture showing info from my cmd. It's in danish but i don't think that should be a problem.
View 3 Replies
View Related
Nov 13, 2011
I'm trying to configure cisco 1811 with dual isp internet connections. Everything is working fine till i get to setting up port forwards.The port forwards for 2nd ISP do not work while connection to 1st isp is active. If if shutdown the connection to isp1 the port forwards work fine.
here's relevant section of the config
Code:
track 123 ip sla 1 reachability
delay down 15 up 10
!
track 456 ip sla 2 reachability
delay down 15 up 10
[code]....
I can access the 192.168.2.131 web server using the ISP1 ip but not ISP2 ip If i shutdown ISP1 interface the server becomes accessible through ISP2.Also while ISP1 is active I can't remote desktop to 192.168.1.210There are no acls, firewall zones or anything else.
View 3 Replies
View Related
Jun 12, 2013
I am connecting two catalyst 3500 XL switches via fiber fx ports for layer 2 connectivity. Do I need to configure anything in the IOS or do I just plug in the fiber?
What needs to be configured?
View 2 Replies
View Related
Jul 23, 2012
I have found some samples on the FlexConnect setup for the controller side. However none of the documents mentioned how the switch port should be configured that goes to the controller and AP.
At this moment I have a Cisco 5508 configured in CAPWAP mode with 20 APs. I would like to use same controller for connecting one of the remote sites with 2 APs in FlexConnect mode. Current the 5508 to switch port is configured as 802.1Q port. All CAPWAP AP ports are configured as "switchport access vlan X" where X=capwap VLAN. Need to know how the switch port should be set for the remote site where flexconnect APs connect.
View 7 Replies
View Related
May 23, 2012
I'm trying to configure a mirror port on a 3750. This configuration needs to replicate data from local ports, but I need that also act as a regular access port.
With the initial configuration, SPAN port, there is no problem, all the data of the configurated ports is replicating in the configurated port. On the port configurated as mirror there is a PC connected for audio recording. When the port is not operating as SPAN there is communications without problem over the LAN. But when I configure the port as SPAN, communication is interrupted.
Here is the actual configuration:
SWITCH1-PISO7#sh monitor session 1
Session 1
---------
Type : Local Session
[Code]......
View 5 Replies
View Related
