Cisco Wireless :: 1142 / 5508 - User Switching Every Few Minutes Between 2.4ghz And 5ghz?
Aug 20, 2012
This first started when a user said they were getting disconnected and reconnected a few times a day to our wireless network. He is in a remote office with a 1142 which is set to H-Reap talking back to our 5508. Our WLC is running 7.0.166 The laptop has an intel ulitmate 6300agn wireless card with the latest 15.x drivers.
We are using an SSID with wpa2 and 802.1x auth back to our ACS server using PEAP with our windows credentials.attached is what i am seeing on the wcs troubleshooting page.When i do a debug client on the WLC i see many reauthentications coming from the client on the different radio.
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c Reassociation received from mobile on AP 0c:85:25:f3:7d:40
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c 10.24.8.108 RUN (20) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c Applying site-specific IPv6 override for station 00:24:d7:d1:16:6c - vapId 512, site 'VH-GasWorks', interface 'management'
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c Applying IPv6 Interface Policy for station 00:24:d7:d1:16:6c - vlan 2, interface id 0, interface 'management'
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c Applying site-specific override for station 00:24:d7:d1:16:6c - vapId 512, site 'VH-GasWorks', interface 'management'
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c 10.24.8.108 RUN (20) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c STA - rates (8): 140 18 24 36 48 72 96 108 48 72 96 108 0 0 0 0
*apfMsConnTask_2: Aug 22 12:59:36.762: 00:24:d7:d1:16:6c Processing RSN IE type 48, length 38 for mobile 00:24:d7:d1:16:6c
[code]....
Now this may be not be the issue thats causing our dropouts a couple times a day as this is happening every 5 mins.
View 12 Replies
ADVERTISEMENT
Jan 28, 2013
Can i run both 2.4 and 5ghz at the same time? so my N user's can connect at 300Mpbs on the 5ghz bonded, and my G users can connect to 54Mbps?Also i ask because of coverage, my 5ghz does not cover as far as the 2.4 so those at the extremity's could at least get G with a good signal?
View 4 Replies
View Related
Jun 4, 2012
1142N-E0K9 will support both 2.4 and 5 ghz or only 2.4 .
View 4 Replies
View Related
Jul 16, 2012
We ordered 2 Cisco AIR-LAP1242AG-E-K9 Wireless Access Points with 4 AIR-ANT5135D-R antennas.We accidentally ordered the 5GHz antennas instead of the 2.4GHz antennas.Would it be possible to use the 5GHz antennas as 2.4GHz antennas?If so, are there any down sides to it?
View 15 Replies
View Related
May 6, 2013
I'd like to set up a 2.4Ghz and a 5Ghz SSID at the same time, using one Cisco AP541N-E-K9. But I can't figure out any way to do so.
View 1 Replies
View Related
Feb 23, 2013
On my dual band E2500, I have both the 2.4 and 5 GHZ enabled. I have a fairly new HP with an N wireless card but I cannot get it to connect at the 5GHZ frequency. The only computer that will connect at the speed is my wife's with an external Cisco wireless card. What the settings should be on the PC in order to get it to connect at the higher frequency?
View 4 Replies
View Related
Mar 19, 2011
How do I know if I'm using 2.4 or 5ghz? I would like the laptop and ps3/net flix to use the 5ghz and everything else to use 2.4ghz. I used the e3000 CD fro the setup. When I was at the last part of the setup, when it gives you a ssid name and password. I deleted it and typed in a name that I could remember. I clicked the button for the next step and everything was complete. I also received another name for guest to use the computer. The e3000 setup just game me some wild name like running water.
I would like to know since I have two different names, which on e is using 5ghz and which one is using 2.4thz? Can you tell me if the e3000 automatically have the first name use 5ghz and the guest just 2.4ghz on the second name?
View 3 Replies
View Related
Sep 27, 2011
Is it possible to establish the WDS-connection on 5GHz and connect Wireless-Clients on 2,4GHz with these Acces-Points?There are some threads concerning performance-issues in combination with WDS on 541 - any news on this with the actual software-release?
View 1 Replies
View Related
Oct 15, 2011
2 days ago my e1000 died, so I went big and bought the e4200 (due to newness, its already loaded with Firmware 1.0.03 build 14) to aleviate my networking woes. I'm running into an issue where I'm utilizing both the 2.4Ghz bands and the 5Ghz band. My desktop as an AE1000, and I'm utilizing that on the 5Ghz band. Everything else in the house (Dell laptop, 2x iPhone 4 and an HP printer) are all connecting to the network wirelessly.
I have had 0 network issues with regards to my wired connections, or my 5Ghz connection. But my 2.4Ghz connection will continuously be unavailable. I have both bands set to brodcast, they have different names so my AE1000 can connect via 5Ghz band. Both yesterday evening, and this morning, my phones, laptop and printer cannot connect, and for the most part, the network doesn't show up on available networks. When it does show up, the devices can't connect.I'm proficient enough to do the general home networking, but I'm at a loss as to how to fix this, without a daily reboot of the router (which seems excessive and unwarranted for a 2 day old e4200 [or any router to be honest]).
View 2 Replies
View Related
Jul 18, 2012
I have a strange situation on my guest wireless LAN.The guest WLAN is configured as an SSID "GUEST" on Cisco 1142 lightweight APs, with WiSM controller and WLC software version 7.0.230.0.
For simple Internet access using this SSID, we have a web policy, which causes a web page to be displayed when the user opens his/her browser, and on this web page, the user must click on an "Accept" button in order to accept the terms and conditions of use. Once the user accepts, the browser will then go to the web site which the user wishes to open. When using this mode of access, everything is fine.
However, there is also a pre-authentication ACL, which allows certain types of VPN traffic to reach the Internet without the user being required to accept terms and conditions. The ACL allows ESP, IKE (UDP/500), IKE over UDP (UDP/4500), DNS, HTTPS/SSL (TCP/443), DHCP client and server (UDP/67,68).The pre-auth ACL actually works as intended; and the ACL traffic is NOT allowed when the ACL is removed. This is exactly as it should be.
However, when using, for example, a VPN client such as the Cisco VPN client, or the Cisco AnyConnect client, via this guest SSID without user acceptance, the WLAN regularly and predictably stops passing traffic. This is 100% repeatable and predictable; it happens every 300 seconds, or possibly slightly longer. I have only used my PC clock to time it so the timing isn't all that accurate but I'm sure it's within a few seconds.
Given that the problem happens at the same time interval and is constant, I guessed there must be some configuration item which needs to be altered, but I've looked extensively at the controller GUI (we actually use WCS here) and I can't see anything that looks even remotely related to this.
View 5 Replies
View Related
Dec 15, 2011
How come my 2.4GHz client can't see my 5GHz client? Shouldn't they be visible through the DIR-825 router?
View 1 Replies
View Related
Apr 14, 2013
We have deployed a WLC 5508 w/ SW version 6.0.199.4, 1142 AP's & open authentication w/ MAC filtering. Clients are randomly getting dropped with "Limited Access" shown in Win 7. In this state, the client machine is unable to ping the gateway and sometimes lose their DHCP assigned IP as well. A manual disconnect/re-connect to the SSID is required everytime.I ran a debug on one the clients stuck in the "Limited Access" state (debug client xx:xx:xx:xx):
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Adding mobile on LWAPP AP 3c:ce:73:c5:1e:b0(0)
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 23) in 5 seconds
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 apfProcessProbeReq (apf_80211.c:4722) Changing state for mobile e0:91:53:60:1f:e4 on AP 3c:ce:73:c5:1e:b0 from Idle to Probe
[code]....
View 7 Replies
View Related
Jul 26, 2012
We did wireless coverage testing using some 1142 units in autonomous mode, and got a satisfactory result, but upon converting these test units to Lightweight and adding them to our WLC5508 controller, the coverage has decreased noticeably.
Any tips or tricks to getting lightweight 1142 APs to have a range as far as the same hardware with autonomous firmware?
View 3 Replies
View Related
Dec 26, 2012
Doing segregation of SSIDs Base on AP , I have the following scenario:
Head Office :
2 SSIDs (HO_WiFi , Guest) , Access Points which are working in connected mode and grouped on the default ap group .
Remote site:
2 SSIDs (Branch_Wifi , Guest) , Access Points working in flex connected mode and locally switching the traffic .
As shown above , I will be having Head Office , and other 20 Remote Sites with Access Points working in Flex connected mode. What is the best way to group AP and segregate SSID base on location. Above Scenario are build base on WLC 5508 and AP 1142.
View 9 Replies
View Related
Sep 2, 2010
Access points 1142 controller 5508 running code 6.0.196.0 When you set the access point port speed with "config ap duplex full speed 1000 all" the access points leave the controlle and do not rejoin. I have had to reset the the access points manually with a power down and hold the reset button.
View 13 Replies
View Related
Feb 19, 2013
After the upgrade of the WLC 5508 to version 7.4 the 1142 access-points LED blinking rapidly cycling through blue, green, and red. I found the following information to this behavior: "Access point location command invoked"
The configuration didn't change. How can I switch this function?
View 1 Replies
View Related
Dec 10, 2010
i have a Setup as Follows
- 5508/1142
- heterogenous Client with WZC, XP, SP3, SSO
- ACS 5.2, MS AD
Target is Songle Sign On wih Machine Cerificates against AD. For testing purpose we tested with EAP-PEAP/MS Chapv2 and Machine Auth, works fine. Now we installed a Machine cert in the Machine cert Store (no User Cert) and reconfigured the WZC for using certs and Machin Auth. What we see is an Error Message in the System Tray that there is no certificate available. We checked it again, the MMC shows us a Machine cert in the Store.
View 4 Replies
View Related
Sep 22, 2012
We recently had a power outage where most of our AP's were down as well as our controller. When everything came back up most of the AP's didn't rejoin the controller without me resetting all of them. It seems as if the AP's might have booted up before the controller was up, but shouldn't they just try to rejoin at a later time? They didn't rejoin for 48+ hours on there own so I'm assuming that they were not ever going to re-join. All I had to do to fix it was power them off and back on and everything worked.
DHCP is on the local switch where the AP's are powered from so that's not a problem, and they had connectivity to the controller the whole time.
5508, and 1142's.Software version 7.2.103.0 on the controller.
View 12 Replies
View Related
Oct 8, 2012
I have a user authentication issue with our WLAN deployment. My issue relates to the guest access WLAN. First a brief descrition of our setup. We have a local WLC in the branch office (5508) with two SSIDs configured, CorpNet for the internal network and GuestNet of external guest access. We also have a WLC (5508) in the DMZ to provide the guest access. We are using Cisco ISE server to authenticate guest users via a web portal.
The authentication process works as it should. An external client gets an IP in the DMZ and is redirected to the web portal to authenticate their account. When they do they are able to access and browse the internet. No problems. My issue is that if we disable their account (ie suspend or delete it) in ISE it does not seem to terminate the users session and they can continue to have internet access. What I would like to happen is that when the account is disabled in ISE then the associated device's access to the internet is removed.
View 2 Replies
View Related
Feb 23, 2012
In my Wireless network, I have two appliances WLC 5508 running version 7.0.116.0.I have a WCS running version 7.0.172.0, deployed on a windows 2003 server.I've imported the two WLCs in my WCS in order to centralize the monitoring and the configuration tasks.Now I'm facing an issue when I want to create a guest user from the WCS, rather than creating this user access on each WLC. The creation of the user account is working good, the replication is done on the both WLCs, but on one of my WLC the guest user account is deleted after one hour(around).On the second WLC, the same user account remains during all its life time.In attachment a screen shot of the advanced parameter of the guest user.You can see that the user was created on the both WLC but is only active on one ... and unfortunately the wrong because the AP is associated with the other WLC.
View 2 Replies
View Related
Dec 19, 2012
I've got a WLC5508 (7.0.116.0) that is managed by WCS (7.0.172.0). I set up another WLC5508 with the same code and managed by the same WCS. Now I'd like to export all the 800 guest user accounts with the passwords from the old WLC and import them into the new WLC.
View 10 Replies
View Related
Jul 24, 2012
I just get to hands-on on my new WLC 5508?
1) I'm using a single subnet eg 192.168.1.0/24 for my wireless clients and i'm assigning them via the DHCP server from the WLC. As the clients are however made up of laptops and scanners, i would like to assign a range from 50-150 for the laptops and 151-250 for the scanners for easier identification. But it seems that from the WLC DHCP menu i'm not able to do this unless i segment them into a different network with different gateways.
2) Is there anyway to change the WLC user accounts password too? I dont seems to be able to find the option unless i delete the account and re-create it with the new password.
View 5 Replies
View Related
Aug 12, 2011
how to set WLC 5508 to allow single create web authentication user account to get connected in a same time. i found that i can use the same username and password combo to be login in 2 machine in the same time.
View 4 Replies
View Related
Jan 18, 2013
I work at a campus and use the WCS to control access to my network for staff and only internet access for students. The Staff are assigned Username/password thru active directory and the student uses another SSID with only WPA --a password for all. I was tasked with adding more securing for students -- by adding a user/password. I do not want them connecting to my Active Directory for two reason--security risk and I have too many to input (over 1000). So, I wanted to use our internal database to validate users. I create a webpage with "WebAuth" that opens my logon page from my site and validates the login fields against the database. It works and this allows the user to navigate thru my website but not outside the site. If they try an outside url it redirect them to my logon script. I now understand why, so I'm looking for code I can add to my logon page that would allow me to redirect me to the controller's (once users are authenticated by my database) to call the WCS controller so I can enter a preset username/password so the policy management file would allow them access. I presently use "External" and don't know if "Custom" would work. Finding a way in using a database instead of adding one person at a time?
View 3 Replies
View Related
May 25, 2013
I have 5508 controller in my lab. I am working on a project to set up a public internet but with some condition.
- User should able to connect to the SSID without any authentication.
- Once user will connec to the SSID it should redirect to an external URL which indicates terms and condition and email address field.
- User should enter his/her email address in email addrss filed and click I accept button.
- Once that is done then he/she is allowed to access internet.
We are not sure how can we achive this as I do not know what should be the return value for WLC to allow that user to go through or what should be the settings on the WLC to redirect to the page.
I have seen a settings on web authentication for external URL but I guess it is only for username passwor or Radius authentication. While in this case I do not want to use any authentication just an accept buttor or Decline button and all good to go.
View 2 Replies
View Related
Jul 24, 2012
When a guest user first trys to access the "guest" WLAN, they are presented with a "certificate page" before the web athentication page / login is presented. The WLC forces an internal redirect to https://1.1.1.1 causing the certificate page to appear. Can this be bypassed? I am runiing 5508 with 7.0.220.0.
View 12 Replies
View Related
Aug 26, 2012
I was having users on a Cisco WLC 440x controllers. Some service accounts were logged several time with the same AD-Account.Since I migrated them on the new controller (5508), it seems that we cannot have the same AD user logged several time.
I changed the Radius server with the one we were using on the old 440x but situation seems to be same,I checked the error message when trying to start a second similar connection they looks like :
*Dot1x_NW_MsgTask_4: Aug 24 14:04:51.558: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:3062 Max EAP identity request retries (3) exceeded for client xxxxxxxxxxx
*Dot1x_NW_MsgTask_4: Aug 24 14:04:51.558: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:447
Authentication aborted for client xxxxxxxxxxx
If I move back to the other 440x similar logins are allowed without any problems.
View 3 Replies
View Related
Dec 2, 2012
I have a 5508 WLC running on 7.0.116, I need to be able to pull all configured users off the WLC and import into excel, I have 900 odd users configured. When I run a show net user summary it only displays a third of users. I'm hitting space to tab through each page, then eventually I just get dumped back to the command prompt.
View 5 Replies
View Related
Apr 18, 2012
I'm on WLC 5508 . It doesn't matter if passive client feature is turned on or turned off , when you try to increase "User Idle Timeout" you can see this message:
In our network, a lot of clients gets deauthenticated. I thought it would be useful to enable "Passive-client" feature, or increase "user idle timeout" , but how these works with each other?
View 15 Replies
View Related
May 31, 2012
I am running a guest wireless network on a Cisco 5508 WLC with 6.0.202.0 code. My syslog is filling up with the following error message:
WLC: *May 15 12:32:59.244: %AAA-3-VALIDATE_GUEST_SESSION_FAILED: file_db.c:3968 Guest user session validation failed for guest_user10. Index provided is out of range..
The user that is assigned to the guest_user10 account works fine and has no idea this error is occurring.
This error message is occuring exactly every 15 minutes 24x7.
I believe I have a rogue user who has setup a device to try and login to the guest network automatically, every 15 minutes with the guest_user10 credentials. I need to track this device down. I need a way to find either the MAC or IP address of the device that is causing this error message. I have tried turning on AAA debugging on the controller but I dont get anything more than the above error. I have also tried using WCS to look at the client history but it only show the normal activity.
View 3 Replies
View Related
May 7, 2012
I need to upgrade a 1230 to the new Aironet 1250 at a location. I have only 2 external antennas at that location.
I understand that you still can run 802.11n with 2 antennas. But I can not find anywhere in WLC 5508 v7.2 that I can disable the middle nut (C)
View 3 Replies
View Related
Aug 15, 2012
how to set up support 802.11n on WLC4404 or WLC5508 in the 2.4Ghz? WLC4404 supports 802.11n? or support this protocol only in the brochures? I spent a few days, but did not get the result. I'm connected at speeds 65/130Mbit, but the real speed tests never exceeded 45Mbit. The AP from the test laptop is 7-10 meters.I tested the laptops with a Linksys AP E1200-EE ( 40Mhz, FastEthernet uplink port...)and received nearly 100Mbit!
At WLC5508 able to connect at speeds 150/300Mbit/c but only in the 5GHz band, but real speed tests never exceeded 70Mbit.In 2.4Ghz range I connected at speeds of 130/144Mbit/c, but actual measurements showed no more than the 45Mbit.
All tested with iperf and with site speedtest.net.
iperf -w64K -s
iperf -w64K -i 2 -t 300 -c x.x.x.x
Laptops: Asus (Atheros AR9002WB-1NG) and Sony (Advanced-N 6230).
My tests AP: 3501I-E and 1252AG-A
SW on WLC5508 7.2.110.0
AP tested in different variants - open system and WPA2+AES.
[code]....
View 5 Replies
View Related
Oct 13, 2002
Can I use the 2.4ghz (product #)air-ant1728 antenna on the new 802.11a cardbus?
View 3 Replies
View Related