Cisco Wireless :: 5508 / APs Roaming In H-REAP Mode With Multiple VLANs?
Apr 23, 2012
I'm trying to figure out if it is possible to configure in one site a wireless setup that goes like this:
One WLC (5508), multiple LAP's in H-REAP mode.
AP's will be splitted in multiple VLAN's belonging to different departments but with the same SSID.Each VLAN will have it's own DHCP scope. All AP's are located in the same site and I need to know if it is possible to roam between AP's that belong to different departments?
View 3 Replies
ADVERTISEMENT
Dec 21, 2011
We have some remote H-READ APs at a branch office and a 7921 phone which drops calls/loses audio when roaming between APs.We are just using WPA2 without any 802.1x or CCKM/PKC.
Do we absolutely have to set up a radius server/8021.x/EAP to enable fast roaming?We had 2 AP's autonomous with WPA2 before and roaming didn't seem to be an issue. We now have 4 APs over WLC in the same office and the phone calls are very unstable.
View 3 Replies
View Related
Mar 2, 2013
Is there is is any posibility to run WLC4402 and 104x family in H-REAP mode.
View 8 Replies
View Related
Sep 4, 2012
We have a customer who is evaluating a Cisco Vs. Motorla wirless solution. He says that a Motorola AP can only work in standalone mode for 48 hrs. after it lost communication to the controller. Is there any limitation like this with a 2500 controller and 1140 series access points solution?. Is there any reference to show?
View 3 Replies
View Related
Feb 29, 2012
Im configuring a WLC 5508 ( version 7 ) with h-reap local switching.All is working , yet i wonder if the vlan mapping can be done better.Currently i need to go into each Lightweight Access point , enable h-reap, then set the native vlan , with the final step to map the vlan. This needs to be done for each AP. In an environment of 100's of APs i would take forever. ( i thought one of the main points of the WLC is centralized management).
View 1 Replies
View Related
May 2, 2011
I have three 5508 WLCs, running code 7.0.98.0 supporting 100+ LWAPs in H-REAP mode. The LWAPs are servicing 2-3 WLANs each. Some are using central authentication and local switching, some are configured for central authentication and central switching. When the LWAPs fail from one WLC to another WLC, the LWAP's lose all of their VLAN mappings and pick up the VLAN of the management interface on the new WLC.
All WLANs are configured to use the management interface on the WLC and the VLAN mappings are configured per LWAP on the H-REAP properties tab. The WLAN ID numbers and all the WLAN settings are the same across all 3 WLC's. I have created AP groups on all 3 WLC's and the AP group config matches across the 3 WLCs.
I can get the LWAPs to keep their VLAN mapping by creating an interface on the WLC with the VLAN ID of the locally switched/remote site VLAN and then setting the interface for the WLAN to the new interface. However, then the WLAN doesn't work, because the centrally located WLC doesn't have the remote site VLAN. It also seems to keep the VLAN mapping if I create the locally switched/remote site VLAN interface on the WLC , and point the WLAN to the management interface. This shouldn't be a necessary step though... In H-REAP with local switching, the LWAPs aren't using the interface on the WLC.
I found a note in the 7.0 WLC config guide that explains why the VLANs are picking up the management interface VLAN, but that same note says the VLAN mappings can be changed per LWAP/WLAN!
From config guide: For hybrid-REAP access points, the interface mapping at the controller for WLANs that is configured for H-REAP Local Switching is inherited at the access point as the default VLAN tagging. This mapping can be easily changed per SSID, per hybrid-REAP access point
Using H-REAP and been able to get the LWAPs to keep the VLAN mapping when failing from one WLC to another?
View 9 Replies
View Related
Jul 21, 2011
I have more different client networks with one ssid, when a client is in another network gets an ip it still from the old network.
How can I to the wlc change this so he gets one right address. I have a Cisco WLC 5508 and 1262/1252 Access point
View 6 Replies
View Related
Feb 12, 2013
I have an issue where I have an AP in one room and another in another.When I walk from one room to the other, I lose signal but manages to see the SSID and join.But, I cannot seem to surf the Internet, I have to manually disconnect and reconnect. Normal wireless routers I reconnect seamlessly without any manual disconnect & reconnect.Currently using cisco 5508 and ap2600.
View 8 Replies
View Related
Apr 7, 2011
Currently have a 5508 in the lab and testing 4 AP's with it. Eventually there will be 18 AP's spread thru out different floor in our building.
So far access is working fine using WPA, 802.1x and the client configured to use windows logon credentials..But it doesn't seem to automatically transfer between access points.
View 1 Replies
View Related
Oct 21, 2012
how i can configure a second ssid for guest access in our environment. this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time. My AP config is attached below.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan? Does the access point need to be aware of the voice vlan? Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
View 1 Replies
View Related
Sep 18, 2012
My question is if I can configure 3 ssid, for 3 different VLAN and add the DHCP address from a WAP4410N AP, when you upgrade to the latest version of IOS I can have this functionality?
View 2 Replies
View Related
May 27, 2013
I am having some troubles with client roaming on a 5508 controller running firmware 7.3.101.0. As soon as a client roams outside the range of an AP they lose data flow and do not seem to transition to another AP for about 1 minute.This is a small network with 6 x AIRCAP3502E-N-K9 AP's (running in H-REAP mode) on the same floor and clients are a mix of HP notebooks, Mac Books, iMacs, iPads and iPhones. There are several seperate SSID's setup and the problem occurs on all. All are WPA2/AES with either a PSK or 802.1X. Both 2.4GHz and 5GHz radios are enabled with auto power and channel selection.
I have tried changing the roaming settings from default and also playing with the AP power settings to no avail.Is this normal behaviour or is there something I can do to improve the reconnection speed?
View 11 Replies
View Related
Nov 27, 2011
I have two 5508, no anchor, only one SSID with internal web authentication using radius server.Under "Configuring Mobility Groups", Cisco guide says: "If a client roams in web authentication state, the client is considered as a new client on another controller instead of considering it as a mobile client".
I understand that if a client that has already autheticated via web roams between two LAPs that are associated with different WLCs, it has to reathenticate.
View 6 Replies
View Related
May 22, 2012
I am running a WiFi network built on Cisco 1262 APs and Cisco WLC 5508. My APs broadcast two SSIDs, let call them "WiFi_Pay" and "WiFi_Free". I have a problem: when users migrate from "WiFi_Pay" to "WiFi_Free" (not moving, connecting to the same AP), the connection fails. If they try for second time, it is always successful. My task is to ensure that such migrations run smoothly and be successful from the first attempt.
View 2 Replies
View Related
Jun 3, 2013
Since two months they work full time with the new Dutch Electronic Patient Dossier.We installed 3 Cisco 5508 controllers, version 7.0.230.0 last year on a HP-switched network on a layer 2 mobility domain.Cisco 1041 AP are
The personnel works woth thin clients url... The one with the double antenna.This client has a Broadcom BCM943228HM4L 802.11 a.b.g.n (2x2) adapter.
On the client they have a connected RDP session to a server with the documents.Now they are walking from one patient to another patient. The problem they experience is a very late roaming. At the beginning of the corridor, the client will associate, but is going to roam at the end of the corridor. We installed 4 AP's on each corridor, so they signal is very well, maybe to well?
I disabled client loadbalancing and band select.The lowest data rates are also disabled. Mandatory begins at 12 Mbps. I can increase this to 18 Mbps.These clients work with PSK, with both methods (WPA-TKIP and WPA2-AES) enabled.We did this because of many old and new clients.
The customer tried to find out the problem with a smartphone, same issue. Very late roaming.I can upgrade the WLC to 7.0.240.0. The only problem I have is the WCS. When upgrading to 7.2 and higher I need to have NCS.
View 1 Replies
View Related
Apr 29, 2013
I have a device manufacture there are requesting the following change on a customer's WLC 5508.
-config advanced eap identity-request-timeout 60
-config advanced eap request-timeout 60
I have studied many guides but I can't find out if there is a down-side to setting the timeout this high.Could it result in slow roaming or re-authentication if there is a connection error? The customer have large areas with high client density and some outdoor areas with low client density.
View 3 Replies
View Related
Jun 26, 2012
Is there any additional configuration to be done on the 5508 WLC for Wireless Laptop / Voice Roaming? I tested with Wireless IP Phone and found some blankness in voice , whereas i have other access point nearby , which wasn't switching over easily .
View 3 Replies
View Related
May 13, 2013
I am trying to build a new network from scratch, I have the WLC 5508 w/ Aironet 3600e APs connected to my Netgear Smart Switches and a Linksys RV082 router that I'm using as my DHCP server with several VLANs for several stuff on my Switches.
I have 2 questions:
1. Can I have 5 Interfaces configured on 5 different VLANs, each SSID on each a different Port:
Port 1: Controller management only=> 192.168.x.x /24
Port 2: SSID 1: WiFi Internal=> 172.16.x.x/12 (Radius Auth with no sharing)
Port 3: SSID 2: WiFi Internal w/ sharing=> 192.168.x.x/24 (Radius Auth with sharing)
Port 4 :SSID 3: WiFi Guest=> 10.0.x.x/8 (Web Auth)
Port 5: SSID 4: WiFi IT=> 192.168.x.x/24 ( Radius or certificate Auth with access to the controller management interface)
2. How can I use the Controller as the DHCP server for all the WiFi traffic, and how should that be configured to work with my other DHCP server?
View 3 Replies
View Related
Sep 27, 2011
Just checking in to ask about setting up a network with multiple WAPs. Right now, I have it set up with two WAPs, and can roam seemlessly between the two. Same security, SSIDs, etc. I have one broadcasting on channel 1, and the other on channel 11.What I wanted to ask is this: in the future, I'd like to add two wireless access to a different network that exists in the same building. So I'd have two more WAPs, broadcasting a different network with a different SSID. I can assign one to channel 6, but the last WAP will not have a non-overlapping channel to use. Is that going to cause interference issues?
View 2 Replies
View Related
Mar 9, 2010
Is it possible to have multiple dhcp pools for multiple VLANs? The switch is a 6509 and/or 4506 catalyst. I don't want to use server-based products.
View 5 Replies
View Related
Feb 20, 2008
I have two Cisco 1300's acting as bridges only. I have created an infrastructure ssid on VLAN 2 and assigned this to the radio. I am carrying multiple VLANs between the bridges (using subinterfaces on the fastethernet and radio ports).I have enabled WPA-PSK, but how do I check that this is being used between the bridges? Also - I have a switch connected at each end of the bridge. When I make VTP changes, the remote switch does not pick these up - is this because VTP goes over VLAN1 regardless of the Native VLAN (2 in my case)? Do I have to carry VLAN1 over the bridge to get VTP working, or is there an alternative solution?
View 7 Replies
View Related
Mar 16, 2013
I have a wlc2112-k9. I have succesfully setup a WLAN with 802.1x authentication and dynamic VLAN assignment. The issue I have (and maybe it isn't an issue and just the way the controller works) is that if the vlan interfaces I have defined are connected to different ports from which the default interface for the WLAN it doesn't work.So for instance, I create my WLAN and set the interface to the management interface (which is connected to port 1). I then define all my other vlan interfaces that could be returned by my radius server.[code]
Port 1 is configured on the switch on vlan 21. If the radius server returns a VLAN ID of 102, 104 or 106 my client successfully connects to the WLAN but it gets put on VLAN 21. However if I move the vlan interfaces above over to port 1 the client correctly gets put on the correct VLAN.All ports on the switch are configured as trunk with the native vlan set to the corresponding value that is set on the WLC.
Is this just the way the controller functions? That it can't assign a client to a different interface that is connected to a different port from the default one setup when the WLAN is created? I would have just though that if the radius server returned VLAN 102 that it would find that interface and connect the user session via that interface regardless of the port it is configured on.
View 11 Replies
View Related
Apr 24, 2013
We have a pair of 1310's (running 12.3(8)JEA3) connecting 2 buildings together. The wired side of each AP is connected to switchports configured as access ports.
But, now we need to extend multiple VLANs across the wireless bridge. So I'm thinking I just need to configure some sub-interfaces on the radio side and ethernet side and bridge them together. But I'm unclear on if I need an SSID for each bridge group. I would hope not. But after reading this, I'm not sure. Most of the documentation seems to be dealing with wireless clients. Well, in this case I don't have any wireless clients and just need to extend VLANs.
These 2 sites are hundreds of miles away from where I am, and I don't have any 1310's to test this out on. Should I be able to load similar software on other AP's (like 1142's) and have them function as bridges to test this out?
View 3 Replies
View Related
Oct 12, 2011
I have two 1142n LWP ap converted into standalone, as client doesn't have any controller there. They just want to extend their network via wireless.
L3 switch (trunk port gig 1/48) -----> connected to AP1
L3 switch (trunk port 2/48) -----------> connected to AP2
client is looking for 3 vlans on the floor ( users might multiple vlans might associated same AP ). They have a dedicated DHCP/DNS server and he will be configuring 3 vlans on L3 switch with correct ip helper address on SVI interfaces.
I'm i allowed to created 3 SSID's on 1142n standalone AP ?
What would the various optiosn to achieve this requirement ? Is there any simplest way to achieve this ? Do i need to go for 802.1x ? I remember client told their users are authenticating by using AD for wired network. This is their first request for wireless environment
View 2 Replies
View Related
Feb 27, 2013
I read from this forum some discussion about the WLC VLAN Select feature. [URL]. I see that you can use this feature to have multiple VLANS (interfaces) to map to the same WLAN (SSID).
What I try to learn is under what scenarios would people need to have mutliple vlan mapped to single SSID?
In my environment, I have 50+ AP int he campus on 20+ Cisco 4500 switches. I have single WLAN and it is mapped to one subnet. All wireless users would be on that subnets, whereas wired users are on 20+ subnets of their own.
View 6 Replies
View Related
Apr 18, 2013
I have a Cisco 5508 setup an running with Cisco 3502 AP. with same SSID
however i need segment the network using 3-Diff VLANS:
1. vlan 1-----students
2. vlan2----- Visitors
3.vlan3------ Staff
the students and visitor are not ment to login to the corporate network, however the staff are to be login using their Active Directory User name and Password how to i achieve this ?
View 4 Replies
View Related
Oct 8, 2012
just have few questions about designing WLC 5508
The scenario is that currently one of the client has a firewall Tie ring T1 internet facing and T2 internal which has multiple DMZ connected.
T2 firewall has a DMZ switch connected which has a router which connects to MPLS cloud to different site across the country. (around 10 sites) all static routing.
Now the client is thinking to deploy wireless at all 10 sites using H-REAP. The issue is that client has only one WLC and they are not willing to buy other as i was thinking to deploy two WLC one for corporate and one for guest users. (one in internal network and on in DMZ)
Now my question is as follow.
1- Keeping in mind that there is only one WLC where should i physically put it?
2- How guest users will work ? How the authentication will be done?
3-There are 8 SFP ports in WLC how physical topology will look like?
4-How many Vlans i have to make for wirless users will that be 10? (1 at each site) ?
my last question is that how these ports work on WLC are they just like switch e.g one port can be assigned to different vlan....just confuse about interfaces and vlans on WLC (interfaces concept)
View 3 Replies
View Related
Oct 8, 2012
just have few questions about designing WLC 5508. The scenario is that currently one of the client has a firewall Tie ring T1 internet facing and T2 internal which has multiple DMZ connected. T2 firewall has a DMZ switch connected which has a router which connects to MPLS cloud to different site across the country. (around 10 sites) all static routing. Now the client is thinking to deploy wireless at all 10 sites using H-REAP. The issue is that client has only one WLC and they are not willing to buy other as i was thinking to deploy two WLC one for corporate and one for guest users. (one in internal network and on in DMZ). Now my question is as follow.
1- Keeping in mind that there is only one WLC where should i physically put it?
2- How guest users will work ? How the authentication will be done?
3-There are 8 SFP ports in WLC how physical topology will look like?
4-How many V LANs i have to make for wireless users will that be 10? (1 at each site) ?
My last question is that how these ports work on WLC are they just like switch e.g one port can be assigned to different v lan....just confuse about interfaces and vlans on WLC (interfaces concept).
View 3 Replies
View Related
Apr 7, 2012
i have a WLC (5508) - trying to enable AP group vlans based on instructions from: url...however, my problem is that i don't have the 'ap group vlans feature enable' checkbox.
View 1 Replies
View Related
Aug 26, 2012
Is it possible to assign a single ssid to multiple interface groups by assigning the ssid to multiple AP groups?
I have buildings geographically dispersed that are configured with multiple vlans in interface groups so that I can maintain an addressing scheme of dhcp assigned addresses per building. Each building is also further grouped as AP groups. I'd like to know if by assigning the same wlan ssid to each of the AP groups, will I maintain addressing integrity for each building? I'm thinking it will work.
Do the buildings have to be outside AP range of each other to avoid problems?
5508 controller
7.2.110.0 code
6 buildings
6 interface groups
1 ssid
View 4 Replies
View Related
May 18, 2013
My 5508 WLC which runs version 7.4 is configured as a DHCP server for the clients and here's my problem:
-One AP is attatched with an interface which has the vlan 10 and a ssid in AP groups
-One AP is attatched with another interface which has the vlan 20 and the same ssid in AP groups
And there are two DHCP pools in WLC, one is for vlan 10 and one is for vlan 20.For now, a PC accesses AP-1 and get an IP address from DHCP pool vlan 10, then I power off AP-1, then the client accesses AP-2 but still get the IP address from DHCP pool vlan10, i need to get the IP from DHCP VLAN20, what can i do now?
View 7 Replies
View Related
Nov 8, 2012
I am trying to come up with a wireless solution for a campus deployment. The campus has ten buildings currently using Autonomous APs and are currently converting to Dual 5508 Controller model.
I would like to have a separate AP Mgmt subnet in each building, so I will configure an ip helper on the SVI on this vlan to:
Option1 - Point to the Internet Router configured with DHCP Option 43 with the controller IP addresses
Option 2 - Point to the Wireless LAN Controller itself.
Problem with Option 1 is that the Internet Router will now have to connect directly to the COE network to be able to route back to the AP mgmt subnets. So I would emply a VRF here to keep the separation.
Problem with option 2 is that there appears to only be one DHCP scope allowed on the controller. So this would mean a flat mgmt network across all buildings which I am trying to avoid. I know that after the AP joins the controller, I could change the IP and change the vlan on the port but this is not very neat.
So question is:
Is there a way of getting multiple DHCP pools on the controller?
View 3 Replies
View Related
Jun 1, 2011
We have 2 5508 WLC's on site (5508-1 & 5508-2) and at the completion of this project we will have around 150 access points. We are also using WCS. 5508-1 is set as the primary/master controller. 5508-2 is the secondary controller, serves as backup if/when 5508-1 fails. All LAPs connect to 5508-1 by default, so 5508-2 is basically sitting there doing nothing. Is this the best way to take advantage of the resources that are available? Would wireless clients see improved performance if the access points were split between the two controllers? If we do split LAPs between the controllers should I make sure that all of the LAPs on a particular floor are connected to the same controller or does that matter?
View 7 Replies
View Related
