Cisco :: WLC 5508 AP Group - Clients Using Wrong VLAN
Feb 14, 2011
I have a network setup as live-ssid. It is using the Interface for VLAN 14. All APs under the default-group AP Group obviously allows clients to DHCP an address from VLAN 14. This is working fine.
I created a new AP Group called 3rd Floor. This has the live-ssid setup, but instead of using the Interface for VLAN 14 it is setup for the Interface for VLAN 50. I have all the APs on this floor moved to the 3rd Floor AP Group.
The problem is that 95% of the clients on 3rd Floor are still picking up DHCP addresses from VLAN 14. I checked and all the clients are connected to the APs on the 3rd Floor. Only 4 Clients are getting an address from VLAN 50.
I'm not sure if something is configured wrong or not since some devices pick up the new VLAN and the rest don't. I've manually reboot the APs on the 3rd floor to see if that would fix it.
View 2 Replies
ADVERTISEMENT
May 9, 2012
I have a VPN network (in ASA 5520) with two VLAN (999 and 997) and two remote clients (User1 and User2). The VPN connection with both users is correctly connected but I can't make a ping to another computer of the same VPN network, when the VPN network is connected. For eg: When User1 is connected, has the IP: 172.16.1.230, but can't make ping to another connected PC (IP:172.16.1.236). [code]
View 3 Replies
View Related
May 31, 2012
We have two WLC's 5508. Following are its interfaces & details:mgmt 10.49.5.251 on wlc1 & .252 on wlc2 access p 10.49.6.251 on wlc1 & .252 on wlc2 there is no AP manager interface seen on both wlc's nor configured. both wlc1 & wlc2 are connected each to two switch ports, configured as normal trunk link each.LAG is enabled on both WLC's.
View 2 Replies
View Related
Jan 30, 2011
I've been having some problems with the Monitor Clients menu on a WCS 7.0 server, for instance if I go there and display the detected clients on the last 24 hours I get a different set of clients than if I go and generate a report of unique clients for the last day on the report menu. Is this normal?, shouldn't both reports get the data from the same place and give the same result?.
View 4 Replies
View Related
Feb 21, 2012
Suddenly after more than a year of running fine, my wap seems to be giving all clients a bad DNS suffix which of course breaks DNS resolution internally (no problem with internet resolution). I assume it's a wap problem since all of my wired clients receive the correct suffix. I'm using a RVS4000 router if that makes any difference.
View 2 Replies
View Related
Nov 5, 2012
We have 3 5508 WLCs (A, B, & C) and several LAPs (1140, 3500, 3600). The APs learn the controllers IP addresses through DHCP Option 43. When we setup a new site we put the IP address of the controller we want the AP to join first. Lately, I've noticed that regardless of which WLC IP I put first when I setup Option 43 the LAPs are always joining a particular controller.
View 6 Replies
View Related
Jun 16, 2012
How to check applied group policy on the domain clients
View 1 Replies
View Related
Jan 16, 2012
I have setup the WLC to authenticate to a MS Server2008 NPS for a WPA2/AES SSID. The connection is successful, but client authentication fails for wrong EAP-type. I believe this indicates a Windows7 client issue. What is the required client setup to satisfy the MS NPS?
View 8 Replies
View Related
Dec 29, 2011
Setup is like this: Poly com IP phones -> Cisco 2960 switches -> Cisco 2621XM router running 12.28(r). A Windows 2003 server running on HP Proliant DL380 G4 with the correct DHCP scope is configured for the IP phones, also sitting on a Cisco 2960 switch.
A typical port config on the 2960 is:
interface FastEthernet0/1
switchport mode access
switchport voice vlan 60
mls qos trust cos
auto qos voip trust
spanning-tree portfast
spanning-tree bpduguard enable
Relevant section of the config on the 2621XM router:
interface FastEthernet0/0
no ip address
no ip redirects
no ip proxy-arp
ip pim sparse-dense-mode
[Code] .......
This used to work on a Windows 2000 server which sat on different piece of hardware, but stopped immediately after the migration to Windows 2003 server was done. There was no change on the router or switches prior to or after the server migration. I see DHCP server log on the 2003 server giving DHCP NACK because the phones are apparently asking for IP's in the data VLAN.
View 14 Replies
View Related
Feb 12, 2013
- Incoming frames on three of a blade's four switchports are being put into VLAN 1 even though the ports are either in other access VLANs, or are configured as trunks with different VLAN IDs being tagged by the server. - When the ports go down the access VLAN is removed from the port.
Switch stack: 4x WS-CBS3120X-S, 12.2(58)SE1
HP blade: HP BL460c Gen8
This combination has been used successfully elsewhere.
Switchport configuration:
!
interface GigabitEthernet1/0/13 -------> THIS PORT IS OK
switchport mode trunk
[Code].....
View 1 Replies
View Related
Mar 29, 2012
I have 2 units Cisco WLC 5508 running software version 7.0.220 with 70 over units Cisco AP 1262N and 1242AG. Some of wireless clients having problem to get the correct IP address from the DHCP server. There are 2 units of Microsoft DHCP. Both DHCP server ip have been configured on the Interface at the WLC. The core switch also being configured with ip helper. I've attached the debug output of one of the wireless client during the problem.
View 12 Replies
View Related
Dec 6, 2011
What is the maximum allowed number of wired clients behind a workgroup bridge? In other words, is there a limit on MAC addresses?I assume 1262 AP in WGB mode is connecting to a lighweight AP (1262 or 3502), latest IOS and WLC software. I wasn't able to find the answer from Cisco documentation.
View 2 Replies
View Related
Mar 5, 2012
I'm looking for some input on RRM. I personally have NOT used it in a LONG TIME, since probably the 4.0 days and then very shortly due to massive issues it was causing and admittedly, in part due to my ignorance at the time. So, every since that point, I have always set all my channels and power manually but now feel I am getting to some points where RRM may be required / beneficial. So, I've invested some time and have begun researching and trying to get the ends and outs on it but I'm forseeing a potential issue in myworld anyways and am hoping for some clarification. Lets take the below example:
-WLC5508a and b - (2 100ap license controllers) - these hold the majority of the AP's for the main hospital.Lets say, 140AP's.
-WLC5508c and d - (1 100ap and 1 50ap licensed controllers) - These tend to hold our smaller sites and and buildings, not all connected and some a few miles from each other
-WLC4402a and b - (failover ready)
So, with RRM, I can set setting it up on the 5508A/B with out issue as this is one big large building. However,what about C and D? I suppose I can make them a separate RF Group, but how would RRM respond when it has16 AP's in Building X and then 3 AP's in Building Y 30 AP's in Building Z and sporadic buildings with 1's and 2's? Everything I've read so far, leads me to believe if these devices are separated it probably won't be an issue, however, I just don't want something causing a change in Building Z and Building X be affected because RRM decided it would try to fix it. My point is, I can't afford to have a separate RF Group (meaning separate controllers) for every location.
View 1 Replies
View Related
Jul 22, 2012
I have an AP group on a Cisco 5508 WLAN controller. Currently, it is populated with 13 Cisco 1142 lightweight access points. When I try to add a Cisco 3602i access point to the group, I get the following error in NCS: Error: OfficeExtend requires primary, secondary, or tertiary controller management IP to be set.I am using DNS to allow my AP's to find the controller and they work just fine. Is there a reason I can't add the 3600 series AP's to the AP group?
View 13 Replies
View Related
Nov 30, 2011
I recently add a second CT5508 to the network, but when I tried to add the first 5508 to the mobilty group I received a message like this:
"error in creating member"
I've tried different mobility names, via GUI, via CLI and always the same error.
I've verified twice or more than twice connectivity issues or any error on the entering the MAC and IP of the controllers, everything is fine.
I'm using version 7.0.116.0
View 4 Replies
View Related
Aug 15, 2012
I have to WLC's a 4402 and 5508 in a mobilty group. they are both running 7.0.116.0. They are configured to use Web Authentication. We are having complaints that Users are having to re-authenticate when moving around the office. My theory is they are moving from one WLC to the other and then requiring to re-authenticate.
View 5 Replies
View Related
Feb 1, 2012
I am setting up officeexten. I have placed the officeextend wlc in the dmz with an mgmt ip of 192.168.10.2. in the process of anchoring this to the internal wlc. Also the ip on the firewall for this interface is 192.168.10.1
1. does the mobility group need to match the same on the internal wlc ?
2. Now do i need a NAT transnational on the firewall for the external WAN ip (AP primed address say 66.10.10.10) to NAT back to 192.168.10.2 ?
3. The 5508 WLC is running on ver6.0.199.4 (license level base) - will this support office extend?
View 14 Replies
View Related
May 22, 2012
i have fwsm in cat6500, i have one firewall vlan group which is in firewall module 1 vlan group 10. I need tocreate another vlan group and add to firewall module 1 vlan group 10, 20. i need to have zero downtime.
View 2 Replies
View Related
Apr 18, 2011
I'm trying to configure ACS 5.2 to assign the VLAN to a user dynamically based on the AD group that the user belongs to. I've gone into:
Users and Identity Stores -> External Identity Stores -> Active Directory -> Directory Groups tab
and selected the group name from the AD. If I understand correctly, I should now see this group under:
Policy Elements -> Authorization and Permissions -> Network Access -> Authorization Profiles -> Common Tasks -> VLAN ID/Name
However, it does not. Am I missing something?
View 2 Replies
View Related
Jan 23, 2012
for some reason our wlan-controllers were build up to be standalone instead of beeing one mobility-group. I would like to change this in order to use all features of HA.
let me describe our scenario: two WLCs 5508 running SW ver. 6
- same subnet
- both are running in master controller mode
- different hostnames, ip-addresses, etc
- all settings for WLANs and AP-groups (exept the APs themselves in these groups) are the same
- in total at this moment we are running around 100 LAPs configured one half on WLC#1, the other half on WLC#2
I don't know exactly why, but when that setting was installed, someone already configuredHA for each accesspoint... e.g.:
- AP#1 primary WLC#1, secondary WLC#2
- AP#2 primary WLC#2, secondary WLC#1 but without WLC#2 knowing the configuration for AP#1 it makes no sense, correct?
so my question is: how should I do the migration in the best way?
is it easy as:
- disabling master controller mode on WLC#2
- configuring both WLCs into one mobility group
--> WLCs are negotiating their configurations for the APs
View 5 Replies
View Related
Apr 7, 2012
i have a WLC (5508) - trying to enable AP group vlans based on instructions from: url...however, my problem is that i don't have the 'ap group vlans feature enable' checkbox.
View 1 Replies
View Related
Apr 7, 2013
I have a 4400 and a 5508 WLC in the same location We want to be able to roam between ap joined to both the 4400 and the 5508 using only one ssid
Do I only need to create a mobility group and add both WLC then create only one WLAN on one of the controllers and it will be shared across bot WLC.
View 5 Replies
View Related
Jun 22, 2011
We have 2 WLCs, 4402 (main) and 5508 (backup). While we turn on both devices, 4402 have 10 APs, and 5508 have 10 APs as well. Total connected clients will be 120+, but when we turn off either 1 wlc, let's say only 4402 is power on, total 20 APs joined, but the total client will be 90+, never reach over 100 clients. The same happened on 5508, is there any maximum associated connection on WLC?
View 1 Replies
View Related
Nov 23, 2011
I have configured 5508 with multiple APs but clients on the internal SSID aren't getting an IP address. I have the IP helper address configured and I have also disabled DHCP proxy on the controller.
I get the following from the client debug, I don't know what the below mac address is, it's not one my APs or the clients, I am not seeing this mac address on the controller at all but it shows up in the debug.
type = Airespace AP - Learn IP address
on AP 6c:9c:ed:87:23:c0
*Dot1x_NW_MsgTask_0: Nov 25 16:14:17.579: 08:11:96:20:94:28 Entering Backend
[Code].....
View 5 Replies
View Related
Nov 17, 2011
Need implementation of an OID to view the number of connected clients per Access-Point? I am using a 5508 WLC.
View 4 Replies
View Related
Feb 6, 2012
When using Cisco IOS c2960-lanbasek9-mz.122-50.SE3.bin we can delete line in SNMP group config with
no snmp-server group <group-name> v3 priv context vlan-<vlan-id>
without problems.
But, after upgrade on version c2960-lanbasek9-mz.122-58.SE2.bin there is output:
#####% Ambiguous command: "no snmp-server group <group-name> v3 priv context vlan-<vlan-id> "
It looks like some bug, but there is nothing in the bug toolkit.
View 2 Replies
View Related
Jan 22, 2012
I'm having a problem with my clients dropping the network connection constantly throughout the campus. I am using a Cisco 5508 controller and the APs are LAP1141N. At first I thought it was a roaming issue but I tested with only 1 AP and the problem persisted, I can tell you that we don't have interference problems and that our old linksys APs used to work without flaws.
View 1 Replies
View Related
May 1, 2013
I have a 5508 WLC with CAP3502i APs connected to it. I upgreaded the code to the newest 7.2.115.1 code. I am having trouble with laptops that are not physically moving but are moving their connection from AP to AP in the same area. This is in a school and causing a problem with a testing program they are using becuse they drop 2 or 3 pings in the process. I do have the area heavily saturated with AP but that is because of the amount of clients we have connecting to them. There is 8 classrooms in a hallway with 24 laptops in each classroom. Each classroom has an 3502i ap in it. The laptop can be connected to an AP with great signal and move to another AP that still has a good signal but not as great. I don't understand why if I get 4 bars and connected at 144mps it would move to a new AP. These are Lenovo laptos and i have updated their wireless card drivers and set the roaming agressiviness to low but it still happens.
View 3 Replies
View Related
Nov 8, 2012
I have a WLC 5508 with half a dozen LAPs (AIR-CAP3502I-E-K9).They have been working but sometimes clients detect conectivity problems with the wlan.Here is the message log I can obtain from the controller:
View 1 Replies
View Related
Jan 22, 2013
I have a WLC 5508 in my datacenter, and 1142s configured with FlexConnect at a remote site.Two issues:Some APs 'die' from time to time where I cannot ping them anymore and they do not service any clients. I can reset them from the WLC after which they work again. I have some clients in the building (same area) who lose connectivity from time to time and are unable to reconnect to the wireless. I am seeing errors that the gateway cannot be found or there is not a valid IP. restarting the AP closest to the clients fixes the issue. I have replaced the AP and connected to a different port on the switch.
View 6 Replies
View Related
Apr 14, 2013
We have deployed a WLC 5508 w/ SW version 6.0.199.4, 1142 AP's & open authentication w/ MAC filtering. Clients are randomly getting dropped with "Limited Access" shown in Win 7. In this state, the client machine is unable to ping the gateway and sometimes lose their DHCP assigned IP as well. A manual disconnect/re-connect to the SSID is required everytime.I ran a debug on one the clients stuck in the "Limited Access" state (debug client xx:xx:xx:xx):
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Adding mobile on LWAPP AP 3c:ce:73:c5:1e:b0(0)
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 23) in 5 seconds
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 apfProcessProbeReq (apf_80211.c:4722) Changing state for mobile e0:91:53:60:1f:e4 on AP 3c:ce:73:c5:1e:b0 from Idle to Probe
[code]....
View 7 Replies
View Related
May 16, 2012
We got a question about our WLC 5508 single controller deployment with 14 access points without a VLAN configuration.
When our clients connect to the wifi, we cannot see any ip address of them in the client details page. It shows everytime the ip address 0.0.0.0. The clients are configured with a static ip.
View 8 Replies
View Related
Mar 29, 2012
I would like to share one problem with WLC 5508 . we added a new virtual interface on the WLC. One new SSID is associated with this interface.
We created a ACL for this interface to restrict the access via WIFI to certian services. It´s not correct that everything works fine because the change were not applied. [code]
The changes of the ACL are applied on the fly, but for reason we don´t know, the clients don´t get a DHCP IP-Address (after changing the ACL) until the Controller is rebooted.
View 2 Replies
View Related
