We are installing a set of 5508 controllers at one site in Tennessee. At another divisional site we have another controller that covers that division.
Both sites utilize the same DNS structure and would like to use the DNS entry CISCO- CAPWAP- CONTROLLER entry for bringing new AP onto the controllers at their sites, how would we go about configuring this?
Our controller get freezing every week at least twice, and do not know what is the reason. I am attaching the log for you to look at it. Last time happened was yesterday at around 13.00 pm.
View 15 Replies View RelatedI am setting up two 5508 controllers, one in HA mode, and one the primary for the remote sites in question. I plan to have these units service wireless for MPLS conected regional sites (each with their own local subnet). I was planning on using the cabled hosts network in each site for the wifi addressing and was thinking a different addressing for Guest Access, is this common? I'm obviously concerned with guest access clients but don't know enough how their trafiic is segregated from normal wifi traffic.
Also, when I stand up the controllers the management interface and ap-manager won't be in the same network as where the hosts or LWAP's will reside (routing access will exist though).
We have 2 Cisco 5508 WLCs, each wtih 50 licenses. What I would like to do is split the 50 odd APs between the 2 controllers load balancing the traffic. If a controller goes down or there is a break in the path all APs would failover to their configured secondary controller. So far so good.
However there seems to be no way to 'replicate' the configurations between controllers unless I setup HA , but as I understand it HA is Active /Passive, so essentially, unless you get a failover situaltion, completely 'redundant'.
Is there a way or either replicating between controllers automatically with out HA, or is there a way of making HA Active / Active?
I have two 5508 and one WCS server, the controllers are in one mobility group.Now I have to change the management IP addresses on the controllers. What are the correct steps to do this?
View 9 Replies View RelatedI'm looking into upgrading our 4400 series controller to 5508's. Currently we have a few sites that have 8-9 4404 100AP controllers and I'm looking to condense these down to either 3 5508-500 or 5 5508-250 depending on cost. I'm wondering what a good port to AP ratio is for controllers with licenses that can handle over 100 AP's. I know the general rule of thumb is 25 AP's per port, but that seems to me to be 4400 way of thinking. I'm trying to also reduce the controllers overall footprint, i.e. ports on the uplink switch, power consumption, rack space etc.
View 5 Replies View RelatedI am planning to move our WLC's (5508) from a branch site to HQ so that all branch site APs will just report centrally in the HQ. There are two WLCs working as Active/Standby. Plan is to move one then the other. I am not really inclined with wireless.
View 9 Replies View Related--- I have 2 WLC's 5500 that I have to set up on my network with the same configuration except I am not sure that they can be load balanced.
-- My only thought is to take a full class C and on each WLC set up a /25, thus each device can provision 120 IP's
--- This seems a bit archaeic, but is there anything else smarter to do? Can they be load balanced?
I have two 5508 WLCs. Both have APs attached to them. If I create a guest account with the lobby administrator on one, will that user account be able to log in to the network if the client is attached to the ohter WLC? So far, I have found that I need to create the same user on both WLC's, in order to have the user login.
View 2 Replies View RelatedJust recently upgrade our 2 5508 controllers from 6.0.199.0 to 7.0.116.0. Since that upgrade, I have a handful (8 to 10) of wireless laptops that now refuse to associate to any access points. The thing these laptops all have in common is some variation of the Intel Wifi Link AGN cards. I have about 200 other clients out there working just fine.
I've tried everything under the sun that I can think of. Patches, drivers, the whole sh'bang.
Is there a known issue with 7.0.116.0 and these particular cards?
Is there any way to configure a wired guest network with a combination of 5508 and 2504 wireless controllers? I am aware that the 2504 does not have wired guest functionality, however is it possible to set up a wired guest on the 5508 and using mobility anchors, transmit the l2 information through eoip to communicate with the remote vlan?Home built NAC solution, using 802.1x authentication on switchports for public areas. If user is an employee, communicates with the supplicant on their machine, and places them on an internal vlan.If user is a guest, user fails 802.1x check and is placed on a "guest" vlan with an ACL and external DNS.If placed on the guest vlan, the user has to accept a terms of use form.This is working currently with our 5508s without any issue, however we have some remote offices we'd like to roll this out to that are using 2504 controllers. I'm hoping there's a way that I can use the 5508 as an anchor or vice versa to make this work.
View 1 Replies View RelatedCurrently in the process of migrating from psk to 802.1x radius environment using a mix of 4400 and 5508 controllers with WCS using Microsoft ias. The problem I have is there is a lot of shared iPads and tablets in the environment. Is there a way to force these user to relogin to radius after a certain time period so they are not sharing unames and passwords?
View 1 Replies View RelatedPlease find attached a simple BYOD/ISE document I uploaded to kick start my new Wireless setup. Its all configured on my ISE sever and Controller as per doc.My setup:
-3600 AP's
-Internal 5508 Controller
-DMZ 5508 Controller (acts as a DHCP server for wireless clients)
Controllers have established connectivity (mobility acnhors), as a client I can connect fine to my new SSID get a DHCP IP address back from DMZ WLC and at the moment can connect out to the Internet fine (using no WLAN Security as a test). So this part is working.I have now followed the document configured ISE, enabled AAA on the Internal WLC only and used the AAA override setting on WLAN as in the attached document.I connect to SSID expecting to be redirected to my ISE Guest Portal, nothing happens other than connecting to Internet WebPages.My question is, if I have followed this document correctly why is the Internal WLC not redirecting client requests to ISE, is this because my mobility anchors need to be re-configured, perhaps the AAA/ISE config needs to be applied to my DMZ WLC not internal WLC?
I would prefer the Internal WLC to redirect the login to ISE, doesn't make sense to traverse through the DMZ Firewall onto DMZ WLC back into the Internal Network again to the ISE to authenticate.Or am I missing something additionally to this document to make sure clients are directed to the ISE Guest portal login.
I have 2 x Redundant Guest Anchor Controllers (5508) located in 2 separate Data Centers with all the management and guest user VLAN spanned between two. Everything is working fine with the Guest WiFi access except the DHCP functionality as the Controllers are acting themselves as the internal DHCP Servers.
This is how I tried to distribute :
network. 10.1.0.0/23
gateway: 10.1.1.254
Controller 1, DHCP Server pool: 10.1.0.2 - 10.1.0.254 Gw: 10.1.1.254
Controller 2, DHCP Server pool: 10.1.1.2 - 10.1.1.254 Gw: 10.1.1.254
As the user load balancing between the Anchor Controllers cannot be controlled (i.e. they are active/active), the same client sometime getting 2 different IP addresses from both the Controllers (as they do not talk to each other in terms of DHCP) hence depleting the pool addresses.
I guess one way of solving this is to just run 1 DHCP server in one of the controllers but that defeats the purpose of having N+1 Controllers. Is there a better way of doing the DHCP load balancing and having full redundancy at the same time?
I am setting up a Cisco 5508 wireless controller and was looking for some feedback or assistance. Basically I already have my guest SSID configured and functioning. Created an interface group containing my vlans and applied the created ACL "Guest Policy - internet only", which is also working.I want to setup a second SSID called "staffstudent" and use RADIUS for authentication. I have already created two separate network policies on the radius server: staff and student. Each only allows certain user groups. I want to be able to differentiate on the controller side which profile they are logging in on and then apply the correct ACL. I have two currently configured: one for staff and one for student. It appears to me that since you have to apply the ACL at the interface level I cannot use both since my interface is accepting both staff and students. Is there a way I can filter them using RADIUS so that when they login RADIUS can return a "student" value and then apply the correct ACL? Same for staff?
View 2 Replies View RelatedWe have some older Honeywell Dolphin 7900 Series Handhelds that have issues with wireless communication. Very unreliable communication. One recommendation from Honeywell is to disable the G standard and only allow B. Basically have a WLAN that is solely b radio enabled. I see that their are options to go B/G only or A only, but no options in the radio policy to go B only.
We are using WCS 7.0.240 and the controller is a WLC 5508 running the same code revision.
Is this doable on a single WLAN while leaving G available on other WLAN's?
I have a situation where a user needs more than one office extend AP in his home. My office extend controller is a 5508 running 7.0.220.0. Are there any issues NATing multiple OE APs to a single address? My initial lab results indicate that each of the AP's associate with the controller and establish a DTLS tunnel. I see the SSIDs get pushed to the AP and then it seems to restart the process never being fully operational. Is there a workaround that will allow me to run mutliple OE APs?
View 12 Replies View Relatedhow to set WLC 5508 to allow single create web authentication user account to get connected in a same time. i found that i can use the same username and password combo to be login in 2 machine in the same time.
View 4 Replies View RelatedI want to prevent guest from doing peer - peer communication on my Guest (5508) controllers. Is this a feature on the WLC or only by applying an ACL on the router interface?
View 2 Replies View RelatedWe know that every node in the network uses its routing table to forward the packets towards their destination. I have a doubt that which data structure used to implement these routing protocols.
View 6 Replies View RelatedWhich data structure used to preparation of a routing table.
View 6 Replies View Relatedin LMS3.2.1 we have NMSRoot/log/syslog.log where syslogs are being logged actively from managed devices. i couldn't find the same in LMS4.2. I am configuring LMS4.2 from scratch and in the hope of making the trasition from old LMS3.2.1 to LMS 4.2, I am planning assigning the old LMSs IP to the new one. basically changing the IP address of LMS4.2.
View 10 Replies View RelatedI previously put this is the 'Video over IP' discussions group, which is not getting any response.I have a 6509 and need to configure QoS on gig line cards that have 1P3Q8T queue structure. I've already got the mls qos configured, and have the correct class maps built for Voice, Video, and Signalling.(I'm not doing autoqos). I have only four classes; voice, video, signalling, and default (best effort).I need to configure the commands on the individual gig ports for the appropriate bandwidths as shown below:
1. 300 VoIP G711 calls x 100kbs/call = 30mbs of priority queue DSCP = EF (46) CoS = 5
2. 150 Video conference calls x 1.5mbs/call = 225mbs DSCP = CS4 (32) CoS = 4
3. 450 Signalling x 13kps/call = 5.8mbs (round to 6mbs) DSCP = CS3 (24) CoS = 3
4. Default class is not marked DSCP & CoS = 0
Is it possible to assign a single ssid to multiple interface groups by assigning the ssid to multiple AP groups?
I have buildings geographically dispersed that are configured with multiple vlans in interface groups so that I can maintain an addressing scheme of dhcp assigned addresses per building. Each building is also further grouped as AP groups. I'd like to know if by assigning the same wlan ssid to each of the AP groups, will I maintain addressing integrity for each building? I'm thinking it will work.
Do the buildings have to be outside AP range of each other to avoid problems?
5508 controller
7.2.110.0 code
6 buildings
6 interface groups
1 ssid
I have been tasked by my boss of finding out and implementing a solution of building GRE tunnels from 2 4408 Wireless controllers system for a guest wireless network. I am but a low CCNA wireless, working on getting motivated for CCNP wireless, but I didn't even know if this was possible and if it was where to begin. I have been reading configuration guides but figure I should ask the wireless experts of the world of Cisco.
View 7 Replies View RelatedI am read this cisco document Cisco Catalyst 3850 Switch Services Guide
[URL]...
which describe that
L2 roam occurs when the user roams from an access point connected to its controller to a different access point connected to another controller, where the two controllers are L2 adjacent to each other.
L3 roam occurs when the user roams from an access point connected to its controller to a different access point connected to another controller, where the two controllers are L3 adjacent to each other.
so what exactly this mean the two controllers are L2/L3 adjacent to each other , what is the different between them.
I am configuring two 2504 controllers, which I ordered together, however they run different software versions and I don't have a contract/ login to download wlan controller software from the Cisco website. The one with the newest version runs 7.2.103.0 while the other one runs 7.0.220.0 I want to run them together in the same subnet and use them for redundancy (10 AP's will connect).
Is there a way I can download the software from the controller, just like I am able to do with an ASA firewall? Then I can upload it to the controller with the older software version.
Actually we have a 4402 controller with 1120 APs both of which are marked as EoL products, we want to jump over the new 2600 APs and 5508 Controller for increase signal coverage but we have the following deals:Last firmware for 4402 controller is 7.0.Firmware needed for 5508 to support 2600 APs is 7.3.Is it possible to configure mobility between 4402 and 5508 even with different firmware branch?
View 3 Replies View RelatedIf we have 2 Cisco 2504 series wlcs and use multicast features in both and both are primary and secondary for LAPs. what about of we use multicast ip address let's say 255.239.1.60 can we use the same ip address for the secondary controller too or we should use any other ip ?
View 7 Replies View RelatedI have 2 WLAN controllers, a 4400 series and 5500 series controller. The 4400 series has 100 seat limit on it, with 74 Access Points currently connected. The 5500 series has a 250 max, but we bought it with only 50 licenses, and it is max'd out at 50.The 5500 controller is the controller that has a DNS entry so that the Access Points will know to find that controller as they're being added. BUT, because we've reached our limit of 50 licenses, I'd like to be able to set the 4400 series controller to be the controller that new Access Points try to connect to. By going back to the 4400 as the controller that new Access Points connect to buys me time to plan for more licenses on next years budget for the 5500 controller.
View 29 Replies View RelatedEvery time I power down my WLC2504 controller and then back up, the time reverts back to the year 2000.The APs can't join the controller, due to certificate errors, until I reset the clock. This problem just started recently.
View 6 Replies View RelatedHaving performance issues running two 5508 controllers on the same network? One is running 7.3.101.0, the other is running 7.0.98.0. The legacy APs are connected to the WLC on the older code to support older hardware. The new WLC is accepting all the new 3600 APs. Once all legacy APs are replaced, the 5508 on old code will be disabled.
View 3 Replies View RelatedI want to download the Cisco 2500 Series Wireless Controllers Release 7.3 Software AIR-CT2500-K9-7-3-112-0.aes.I have CON-SMB for it, when I try to download it I am not to download it. I have mentioned the message given by Cisco" The category for this contract does not include the feature or the benefit for software download that you are requesting at the moment, this means that even if the contract is a support assistant (8X5XNBD) does not support the the mentioned feature for you to update the device you need, please refer to your partner directly to be able to acquired a Cisco Service Contract that supports and include the software download feature to be able to upgrade and update your device as you need."Is there any seprate contract for downloading the Software.
View 2 Replies View Related