Cisco Wireless :: 2500 / Wireless Guest Users Cannot Ping If ACL Is Applied
Sep 16, 2012
This is the first time I am trying my hands on wireless gears. I have 2500 WLC and 1142 AP (which I converted from Standalone to LAP).I have a layer 3 POE switch where i am using port 1 for the WLC which is a trunk port.
Port 2 is for the AP using access vlan 111
Port 3 is trunk port going to a router where i am running dhcp server for the VLANs which are as follow:
VLAN 110 -Corp Wireless (10.1.110.0/24)
VLAN 111 - AP-Mgmt (10.1.111.0/24)
VLAN 999 - Guest (10.1.101.0/24)
I wanted to block the traffic from the Guest VLAN 999 but when i apply the ACL on the Guest Interface created on the WLC, I dont see any pings going across and neither I see any hit counts on the deny statement as if the ACL is never applied.
View 4 Replies
ADVERTISEMENT
Feb 27, 2012
I would like to integrate our intranet web page with Cisco WLC 2500. Is it possible to integrate custom web page with WLC. I know, that I can create custom authentication page, but what about creation of the user?
View 5 Replies
View Related
Feb 3, 2013
I just read that starting from version 7.4, the 2500 controller can be used to terminate guest anchor tunnels. have a question regarding the performance of the internal DHCP server when used in guest environments.
View 1 Replies
View Related
Feb 10, 2010
I am having ASA firewall 5520. I want to block yahoo mail, gmail using regex for particular users only.
View 5 Replies
View Related
Aug 20, 2012
I run a business and have customers who would like to use my wireless internet. I previously had a completely open network that I would allow them to use, until someone illegally downloaded a movie and got us in trouble. I would like to allow use of the network again, but limit activities like this. Basically, so they could only do basic web browsing, etc.
View 1 Replies
View Related
May 7, 2013
I have a cisco wlc 2504 is deploying authentication services to guest users toward a portal web customized and configured. I need to install my certificate verisign (certificate.cer) in to cisco wlc because my users don't like the page no trusted (The wlc is showing me ''There is a problem with this website's security certificate'') when they are trying to access to ssid to users guests.
View 2 Replies
View Related
Mar 22, 2010
Have a WLC 5508 running 6.x code with LAP's providing wireless for our internal laptops (WPA2 and EAP-TLS). I want to provide guest wireless which goes out a different port on the WLC to a guest firewall/cable modem. However, we want to prevent our internal laptops from being able to use the guest wireless. I have RADIUS (IAS) and LDAP for my AD available. We would prefer not to have use Lobby Ambassador and just have the guests use a simple password or web passthru. Guests may be laptops or smartphones. What options are available? I have tried a test setup using dynamic vlan assignments from RADIUS using the IETF flags, but can't seem to get it to work. Is there a way to identify the SSID is being used at the RADIUS server?
View 13 Replies
View Related
Sep 19, 2012
My customer has multiple sites, each with a 2504 WLC.A data center with a 5508 in the DMZ acting as Anchor for the remote sites.ACS 5.x and NCS Prime.All guest users will egress to the internet via a Vlan in the DMZ.Authentication is currently web-auth on the Anchor, but will move to NCS once that is fully deployed.
Is it possible to put a printer in each site for Guest WLAN users to use?
View 3 Replies
View Related
Apr 11, 2012
I have a 3560G and an ASA FW, for which I am trying to use PBR to append the next hop. The gateway is the switch VLAN address and the amended net hop is the same VLAN interface on the ASA. Trouble is, I can ping the FW from a client, but not the switch. If I remove the route map, I can ping both. Even more strange is this is the case for some VLANs, but not all!
Config:
HOST ON VLAN 96
IP 10.11.120.99
S/M 255.255.255.240
[Code].....
View 2 Replies
View Related
Mar 4, 2013
I have a WLC 2500 which I would like to configure with guest access. I want to set up a web passthrough with email input. Is it possible to collect the email address information? Is it stored somewhere in the controller or do I need some external server?
View 1 Replies
View Related
Dec 7, 2010
We have a customer with ACS 4.2 Appliances who currently uses the Layer 3 web-redirect guest function to authenticate users against AD via ACS and LDAP to the AD, its a mixture of un-managed Windows, Mac & linux clients.
They want to move to an 802.1x solution.
Now MS-CHAPv2 is proably the obvoius choice (maybe it isnt considering Linux and MAC clients ... comments???). However the only option to integrate with AD is LDAP i.e remote agents or an upgrade to 5.x is out of the question.
View 9 Replies
View Related
Feb 16, 2013
I am a restaurant owner and have a wireless network set-up via DLink DSL 2730U router. Now some times I get customers who demand to use the network and they use it for free which I find irritating. I have found one solution of 'Guests/Virtual Point' but I need to limit the time (say 15 minutes) for which they can use the network.
View 1 Replies
View Related
Feb 3, 2011
Our Guest access system seems to be having problems with DHCP. It seems to take a while to deliver an IP address making the client device show the "limited or no connectivity" message, which of course makes the users complain. On one occassion I have seen my own client eventually picking up an address even after the limited connectivity message appeared. On another I saw the debug showing "Dhcp request for autoconfig address", which I suspect is a symptom of the problem.
Our Anchor Controller is the DHCP server and is a 4402 running 7.0.98.0 - I've attached some DHCP packet debug.
View 6 Replies
View Related
Mar 21, 2013
We recently implement WLC 5500 Series, I found out guest user once period of that user expired it will not appear at lobbyadmin page where you can see list of users.
Is there any way to see expired guest users and also IP address which assign to guest user?
View 2 Replies
View Related
Jun 8, 2011
I have Vista as my Host OS and using Microsoft Virtual PC, I have Installed 3 machines (XP, Win2003 and Linux)I am connected to Internet via USB data card.My guest OS are not able to see each other(ping each other).
View 14 Replies
View Related
Jun 27, 2012
I have installed an Oracle DB (11.2) on a guest VM (Centos 5) and my host is Windows 7 Ultimate.I need to able to connect to the DB from windows.Ping status is as follows:
guest -> host - IP : Yes
guest -> host - hostname : Yes
guest -> guest - hostname : Yes
guest -> guest - IP : Yes
[code]....
View 5 Replies
View Related
Oct 17, 2012
Any problems with the guest network on the ea4500 with the cloud firmware? I am losing guest clients after about 24 hours and the re-authentication fails. you enter the guest password and nothing happens until you reboot the router.
View 2 Replies
View Related
Nov 26, 2011
I have noticed that changes in MAC address filter list are applied only after reboot of router. It is inconvenient.
Router Linksys E4200
Firmware Version: 1.0.03
Operation system on client computer is Windows 7.Can it be resolved in the next version of firmware?
View 1 Replies
View Related
Apr 30, 2012
We have recently been given this unusual task. The setup is a series of CAP3502P access points, and a wireless controller (either 2500 Series or 5500 Series), as well as other standard network infrastructure.
In this network, the client (mobile/wireless) devices must be able to detect when they change what access point they are communicating through, while also requiring a seamless transition. Ie, if the client device is communicating via access point A, and displaying the application menus for A, when the user walks to the area services by access point B, it must detect that sot he application can display menus for B, without the user having to select "B".
Is there a way for the client device to detect which access point it is using and provide that to an application? Or alternatively a way for a host service residing on a server to get that information from the wireless controller?
View 2 Replies
View Related
Feb 12, 2013
We plan on buying a Cisco 2700 wireless location appliance but I need to know if it will be compatible with our 2500 WLC.I've tried to look but cant find any document for this. Also can you deploy the location appliance without a WCS?
View 7 Replies
View Related
Oct 25, 2012
when I did connect the AP to the switch and this is already connected to the WLAN 2500, I got this error message [code] And this AP is not joined to the WLAN 2500, but if I use one model of AP like LAP1120 it works, that mean, the wireless is able to see the Ip Address.How can I do to correct the problem with the AP 3600 series?
View 5 Replies
View Related
Apr 16, 2012
I setup cisco wireless controller 2500 connecting 2 Aironet APs, with windows 2008 NPS as radius server (server certificate installed), via
[WPA2][Auth(802.1X)], MAC Filtering
Now I have domain computer (laptop) connected to SSID which provides direct to the LAN dhcp server. That means my notebook got same ip range as when it connected to LAN.
The user used cached domain logon info to logon the computer, then the wireless profile started to connect with radius server which has User group policy.
Problem is the notebook (logon as normal domain user) browse \"domain name" or any \hostname will take 10 mins or more to pop up with "enter network password" or sometimes "The specified netwrok name is no longer avail". However ever if I simply \192.168.2.x which is the host's ip address, I got list of share folders instantly.
And when I disable the wireless and connect to the LAN cable, I had no problem to browse any shared folders.
View 10 Replies
View Related
Nov 20, 2011
I am having trouble adding a new controller(2500) to the WCS.
-My WCS version 6.0.196.0
-My WLC version 7.0.116.0
If i upgrade my WCS i may add the new contoller? Even if in cisco DATA-SHEET there isnt any mention regarding this WLC(basicly it says that the WCS does not support this WLC)
Monitoring and migration of selected Cisco Aironet standalone (autonomous) access points. Monitoring of the standalone access points of Cisco 800, 1800, 2800, and 3800 Series Integrated Services Routers.
View 3 Replies
View Related
Jan 3, 2012
I have a scenario where we have
Cisco 1300 Outdoor APs
Cisco 3600 Indoor APs
WLC 2500
Now i need to integrate the WLC with Windows 2008 AD for authentication.The idea is to let the users authenticate via AD for accesing the wireless network.
Will the integration work with NPS?
View 2 Replies
View Related
Feb 15, 2012
I'm configuring a 2500 series WLC to test some wireless configuration changes we'd like to make on our 5500's that are currently in prodcution.
The 2500 and the 5800's interfaces are configured as a LAG.
One of the primary goals of these configuration changes is to move the LAPs from their current VLAN (the same subnet as our primary WLAN) to two separate VLANs. Were choosing to move the LAPs to 2 APs based on the WLC best practices document's suggestion to limit the number of LAPs per vlan to 60-100. We've had several issues in the past with LAPs failing to join with their static IPs, releasing them and then joining with DHCP addresses.
LAP's will be on separate vlans using subnets 10.10.10.0/25 and 10.10.10.128/25. WLC management interface is in the 10.10.1.0/25 subnet.
Should we continue using static IPs for the LAPs or DHCP?
What subnet should the AP management interface be on?
Is it possible to have mutiple AP management interfaces with LAG?
View 4 Replies
View Related
Aug 18, 2011
Is it possible to allow certain websites to bypass the web authentication pages, so that they do not need to authenticate to get to our own website, but do have to if they wish to go anywhere else?Looking at a 5508 model at the moment
View 4 Replies
View Related
May 10, 2013
By any way can I achieve HA in 2500 controller? I dont mind even I didnt get Stateful switchover.
View 5 Replies
View Related
Aug 2, 2011
We are looking at MAC address filter on the WCS (Limted to 2500?) for the machine then a rule on the ACS pointing to an AD group.
View 1 Replies
View Related
Dec 7, 2012
i am having wirless controller cisco 2500 series. i want to know how many web authentication users i can create in the 2500 series controller with time out option for each users.
i know it will support the web authentication for internet access for the users but i need to know how many it will accept at a time with hours specification.
View 4 Replies
View Related
Nov 27, 2011
know if Cisco LMS will ever support the 2500 wireless controller ? I have just checked the supported devices for LMS 4.1 and the controller is not there.
View 1 Replies
View Related
Apr 3, 2012
I have some concern regarding the compatibility of AP with the WLC. we are using AIR-CT2504(7.0.116.0) series WLC with AP AIR-LAP1242AG(7.0.116.0) but now i checked on Cisco website they are End-of-Sale/End-of-Life for the Power Supply for Cisco Aironet 1130, 1140, 1240 and 1300 Series Access Point.
Now My question is:
1: Which is the latest AP series we should use for WLC 2500 series?
View 4 Replies
View Related
Apr 18, 2012
Im making a design for a customer that will have around 200 wireless users.
We were thinking in the WLC 2500, because the number of APs will be around 30.
But the problem is that from time to time, the client organizes events, and in these events the number of wireless clients will be around 600.
In the WLC2500 specs te maximun numbers of users is 500, but i want to know if this is just a recomendation, of if the WLC will drop the connection attemp # 501.
View 3 Replies
View Related
Apr 25, 2012
I need the MIBs for Cisco 2500 WLC. I have it for 5508 WLC. Does it works same for 2500 WLC too ?
View 1 Replies
View Related
