I have Cisco 4404 WLC with Image 7.0.235.0 We have one SSID Sup_Admin with following config. Which is getting the IP address from the interface pool “corp”.
WPA+WPA2 with AES and TKIP
Auth key Mgmt is 802.1X
We are using Cisco ACS as radius server On the same WLC I have created another SSID Corp_Admin . Which also should get the IP address from the interface pool “corp”. Both SSID has the same settings ,but the second SSID is not working.
we have a WLC 4404, Software Version 4.2.61.0 and the following Problem. The WLC worked for many years with the SSID "SKHGR". In addition to the existing SSID I have a second SSID "SKHGR-M" is created. The configuration of the two SSID's is identical.
The problem is: when I activate the second SSID, the AP losing connection with the WLC. In the log appears"AP disassociated. ... Base Radio" and " "not advertising ssid due to radio policy". The AP's connect with the WLC, lose after few seconds the contact.
I have WLC 4404 Controller with 180 LWAPP. i want to disable Broadcast SSID from some specified APs not all. is it possible to do that with 4404 WLC controller.
Currently I am working on a setup for a client that has sites connected through a highspeed ISP VLAN connection, (ATT Opt-E-Man). Due to MAC address translation restrictions from the network provider the client VLANs are not allowed to exist on their point-to-point (sort of) connection. Notice the ISP VLAN changes but it is the same physical connection at Site A. Internet is only available through a seperate physical connection at Site A. A Cisco 4404 is sitting at Site A sending out a single SSID to all the different Sites (yes more than just what I showed).
Problem, all the wireless clients are getting IP's based on VLAN 10 from the site where the 4404 controller sits. I would like the AP located at remote sites (B and C for example) to use the same SSID but have the clients still get IP's based on the VLAN for that location. This way when they dock and undock the gateway does not crash out.
I have a Cisco WLC 4404 with version software 7.0.230.0 and it gived me a this logg
Oct 9 15:43:08 192.168.122.34 WLC_4404_CC: *osapiReaper: Oct 09 15:41:49.549: %OSAPI-3-FILE_OPEN_FAILED: osapi_file.c:370 Failed to open the file : /proc/895/stat.(erno 24)
I have a Cisco 4404 WLC that is up, has green status light, the interfaces are showing activity. I see it connected to my Cisco 6500, (Sh port status) it shows connected and trunking,; I also see a lot of activity on the interfaces. Also it will not let me console in, I can console in on my other Cisco 4404 WLC's with out and issues, so I know my cables and configure are correct. The only change a I made today was the time zone. I noticed the time was off by a hour and noticed that the time zone wasn't set so I set it correctly. Shortly after that I saw the WLC go belly o up in my WCS. I tried rebooting the WLC several times without luck. Since I can not gain access via the console I can not really trouble shoot.
We have 2 4404 controllers running 6.0.x code. I have several SSID setup with different VLANS. When the clients associate they do not show the name of the AP they are connected to, is there any way to display the assocated AP name?
Is it possible to assign a single ssid to multiple interface groups by assigning the ssid to multiple AP groups?
I have buildings geographically dispersed that are configured with multiple vlans in interface groups so that I can maintain an addressing scheme of dhcp assigned addresses per building. Each building is also further grouped as AP groups. I'd like to know if by assigning the same wlan ssid to each of the AP groups, will I maintain addressing integrity for each building? I'm thinking it will work.
Do the buildings have to be outside AP range of each other to avoid problems?
I am facing a strange problem in my WLAN Setup. none of my wireless clients are able to associate with Wireless LAN but when I delete and create a new wireless profile in WLC 4404 clients starts associating with WLAN. every 2-3 days I had to delete and create wlan profile. Is it related to IOS bug or any other problem? My Wireless LAN Controller image is AIR-WLC4400-K9-5-1-151-0.aes.
I have a 4404 with 3 SSID's configured on it. I only want all SSID's to be available on one floor in one building and not on any other AP's in any other building or floor.I thought the way to do it was via AP group but have not had any luck getting that to work. I setup a group for the AP's that I do not want all SSID's and then assigned those AP's to that group. However, I can still see all three SSID's where I only want to see 2 SSID's.
The story is that we recently upgraded our 4404 controller to the new 7.2.0.230 code. This upgrade was from 4.2.209 code. I would like to make the change to the Multicast setup so that It is multcasted and not unicasted.So I went into the controller and selected MULTICAST for AP multicast mode and entered in a multicast ip of 239.255.1.60 ( default choosen in the cisco howto's)I then test the reason for enabling the multicast and it doesnt work. The problem is that the Wireless HP printers setup to use Apples IPRINT are not able to be found. However, when I select the Multicast setting for the APs to be UNICAST the Ipads can find the Printers and print to them.What am I doing wrong with this Multicast setting? Do i need to add a Multicast address to the router?
WLC4404 - United States Software Version 5.2.193.0
where the new WLAN dosn't seem to be routing... but it's not related to name length (ours only 6 charecters). It's almost seems like the new WLC interface (interface2) isn't configured for the same subnet that it's plugged into, but it is.We actually have 2 WLANS. Alot of the original config was done before my time, between about 3 different people. The original WLAN config works fine, but part of the problem is the WLC4404 was configured our server VLAN, thus when a client gets an IP, they are placed on our main server VLAN. Our WLC4404 is connected to our 6509 in our Datacenter, and we have dozens of PTP T1's to our remote offices, which all have WAPs.On the WLC4404, I've configured a new interface on port 2, vlan404, and I have the new WLAN using that interface. The WLAN security is using WPA2, and authenticates via our ActiveDirector services, as well as handing out DHCP from our Windows DHCP server.
The client wireless PC is able to connect to the WAP, but unable to connect to anything else. It can only ping the WLC4404 interface2 address, and nothing else. It does receieve DHCP info (via WLC via Windows DHCP server), but cannot see DHCP server.From the WLC4404: I can telnet into the management IP address, and can ping PC's on the new WLAN, and anyplace else, except the vlan gateway ip address on the 6509.From the 6509: when telnetted in, I can ping everything except interface2 of WLC on vlan404 and the wireless PC using the new WLAN. I am able to ping the ip address of int for vlan404. The 6509 somewhat see's the WLC int2 & wireless PC. Show ARP | inc 404 from the 6509 shows the IP's of the VLAN int, WLC int2, and wireless PC. Show mac-add-tab | inc 404 shows the WLC and wireless PC on same 6509 port.From my work PC (via LAN) at a remote location: I can ping everything except Int2 on the WLC, and the wireless PC.
Is there a command like the "| include" command to filter comand results? For example say I want to find a specific client mac in the "sh dhcp leases" output. On a router or switch I would just type "sh ip dhcp binding | include (mac address). Is there something like this on the WLC CLI?
My WLC 4404 runs with Software Version 5.2.193.0. The built-in IOS for AP is Version 12.4(18a)JA2.I run into problem same as in CSCta29484 Bug (Radio stops beaconing for 10-second period).I would like to try fixed image for LAP without upgrade WLC. Is it possible?
From what I can see on some of the message discussion boards, this is an alert only message. I would like to get clarification that this will not cause operational issues with the controller.
I did try to change the free memory by using the command
config memory monitor leaks 10000 300000
but then I get a response about core dumps and the alerts do not go away.
we took one of our controllers and turned LAG on and since then it is unreachable on the WCS. The controller is running version 7.0.116.0 and the WCS is running 7.0.172.0. I can access teh WLC no problem through web interface and CLI, as I can also do this with the WCS as well, but the WCS cannot access the WLC.From CLI i can ping the WCS from the Controller and get a response, but from CLI on the WCS, I cannot ping the controller.
I have currently Ciso4404 WLC installed which is in vlan4001 with the 172.16.10.0/24 subnet
I have bought Cisco 5508 WLC recently as AP count is increased... Can I install it in same vlan and subnet? If yes what would be the setting for APs to join... If no how can I configure it with other vlan and subnet..
I am currently running with code WCS wityh 10 4404 controllers across 3 sites.I am currently at code level 4.2.207, and actively employ Wireless VLAN Override.I understand that when I upgrade to code 6.0.202.0, that Wirelss VLAN Override is not available, and that I would need to configure Access Point groups.I can configure the groups, however I note a caution from: url...
Note: AP groups do not allow multicast roaming across group boundaries. AP groups allow APs on the same controller to map the same WLAN (SSID) to different VLANs. If a client roams between APs in different groups, the multicast session does not function properly because this is currently not supported. Currently, the WLC forwards multicast only for the VLAN configured on the WLAN and does not take into consideration VLANs configured in AP groups.We use Vocera here across all our sites, and Wireless VLAN Override works a treat, however I'm concerned I may come across problems with a roaming Vocera badge andAccess Point Groups - in that the badge may lose connectivity?
I'm facing a problem related to devices authenticating to our wireless network. Below are how it is setup:WLC 4404 pass authentication to ACS 5.3 (PEAP + MsChapV2) then to AD server.Client can get stock in this status and it keeps repeating from 1 to 20.
I am currently running a guest wireless network using 4404 controllers on the wireless side and a 4402 as an anchor controller, all running 7.0.98.0 and all is working fine. Accounts being created via the WCS lobby admin and applied to the 4402.The question I have is, is there any way of restricting the use of an account to 1 device at a time. I am currently seeing evidence of password sharing and my boss would like to make sure that everyone who use the system has their own credentials.
I have a Cisco 4404 wireless lan controller managing about 85 AP's.
The wireless side is setup for a private wlan and a public wlan. On the public side, users are directed to a captive-portal agreement page before they can get on the internet. My question is if there is a way for a single client, specified by either mac address or static IP , can be connected to this wlan without being prompted for the agreement page? I would like to setup a wireless printer for guests connected to this public side.
we have acs 4.2 as our radius server, and 2 wlc 4404 with a wism2 for our wireless network. we have 2 SSID network, lets call them SSID A and B. A have a more restricted access to server than B.PEAP machine authentification is authorize on both network, to let our users laptop connect before the user login, this enable us to have our computer gpo deploy before the user logon, or have network access to authenticate a user to our directory if he had not logon previously on the laptop.
Users from group A can't logon to SSID B, they can only logon to SSID A, but we have some clever users from group A who have change they wireless setting to only send machine authentification (this can be done in the advance setting of a wireless network in windows 7) to connect to SSID B
We can't force the wireless config by GPO because we don't have an ad 2008 domain, we are still in 2003 soo we can't change the gpo for windows 7 wireless setting . I can't force user to require machine authentification and user authentification because we have a lot of ipad and iphone, and other mobile device that connect using only their user credentials.Is there a way I could configure this without having to disable machine authentification for SSID B?
Iam having trouble to conect my 1121-AG AP`s to my 4404 WLC.
My WLC version is 7.0.116.0.
I can see he AP is getting an IP address from the controller(internal DHCP). But from some reason they can`t connect to the WLC. I have tried many things such as:
1)reset to default settings
2) move the AP to Autonumos mode and back to LWAPP mode -- didnt work.
Our company has 8 4404-100 Cisco wireless controllers and each WLC has 8 W LANs configured. They are all working fine. However, the WLAN ID sequence is not consistent. I'm wondering if it's possible to change the WLAN ID on these WLCs without (or slightly) impacting the users. I don't want to re-configure all the WLAN profiles.
We have recently upgraded the software on our two WLC 4404 from software release 4.0.xxx to 4.2.xxx to 6.1.199.4 and lastly to version 7.0.98.0.
We could access the WLC's GUI's using https when it was on version 4.0.xxx. When we did the upgrades from version 4.2.xxx to 6.1.199.4 we couldn't access the Admin page through https anymore but only through normal http. We enabled https through the GUI and through the CLI and we did do the re-generation certificate , without any success. We then upgraded to version 7.0.98.0 and we still have the same result , cannot access Admin GUI through https.
I've got a client who purchased numerous 3600 series AP's (3602i to be exact) and would like to add them into their WLAN 4404 controller. They're currently on 5.x system code so I plan on getting them upgraded to the latest 7 code.
They currently have a number of AP's adding and working fine. Once the WLAN controller is upgraded, does anything specific need to be done within the WLAN gui to add in these new 3600 series AP's?
