I have an issue where I have an AP in one room and another in another.When I walk from one room to the other, I lose signal but manages to see the SSID and join.But, I cannot seem to surf the Internet, I have to manually disconnect and reconnect. Normal wireless routers I reconnect seamlessly without any manual disconnect & reconnect.Currently using cisco 5508 and ap2600.
Currently have a 5508 in the lab and testing 4 AP's with it. Eventually there will be 18 AP's spread thru out different floor in our building.
So far access is working fine using WPA, 802.1x and the client configured to use windows logon credentials..But it doesn't seem to automatically transfer between access points.
I am having some troubles with client roaming on a 5508 controller running firmware 7.3.101.0. As soon as a client roams outside the range of an AP they lose data flow and do not seem to transition to another AP for about 1 minute.This is a small network with 6 x AIRCAP3502E-N-K9 AP's (running in H-REAP mode) on the same floor and clients are a mix of HP notebooks, Mac Books, iMacs, iPads and iPhones. There are several seperate SSID's setup and the problem occurs on all. All are WPA2/AES with either a PSK or 802.1X. Both 2.4GHz and 5GHz radios are enabled with auto power and channel selection.
I have tried changing the roaming settings from default and also playing with the AP power settings to no avail.Is this normal behaviour or is there something I can do to improve the reconnection speed?
I have two 5508, no anchor, only one SSID with internal web authentication using radius server.Under "Configuring Mobility Groups", Cisco guide says: "If a client roams in web authentication state, the client is considered as a new client on another controller instead of considering it as a mobile client".
I understand that if a client that has already autheticated via web roams between two LAPs that are associated with different WLCs, it has to reathenticate.
I am running a WiFi network built on Cisco 1262 APs and Cisco WLC 5508. My APs broadcast two SSIDs, let call them "WiFi_Pay" and "WiFi_Free". I have a problem: when users migrate from "WiFi_Pay" to "WiFi_Free" (not moving, connecting to the same AP), the connection fails. If they try for second time, it is always successful. My task is to ensure that such migrations run smoothly and be successful from the first attempt.
Since two months they work full time with the new Dutch Electronic Patient Dossier.We installed 3 Cisco 5508 controllers, version 7.0.230.0 last year on a HP-switched network on a layer 2 mobility domain.Cisco 1041 AP are
The personnel works woth thin clients url... The one with the double antenna.This client has a Broadcom BCM943228HM4L 802.11 a.b.g.n (2x2) adapter.
On the client they have a connected RDP session to a server with the documents.Now they are walking from one patient to another patient. The problem they experience is a very late roaming. At the beginning of the corridor, the client will associate, but is going to roam at the end of the corridor. We installed 4 AP's on each corridor, so they signal is very well, maybe to well?
I disabled client loadbalancing and band select.The lowest data rates are also disabled. Mandatory begins at 12 Mbps. I can increase this to 18 Mbps.These clients work with PSK, with both methods (WPA-TKIP and WPA2-AES) enabled.We did this because of many old and new clients.
The customer tried to find out the problem with a smartphone, same issue. Very late roaming.I can upgrade the WLC to 7.0.240.0. The only problem I have is the WCS. When upgrading to 7.2 and higher I need to have NCS.
I have studied many guides but I can't find out if there is a down-side to setting the timeout this high.Could it result in slow roaming or re-authentication if there is a connection error? The customer have large areas with high client density and some outdoor areas with low client density.
Is there any additional configuration to be done on the 5508 WLC for Wireless Laptop / Voice Roaming? I tested with Wireless IP Phone and found some blankness in voice , whereas i have other access point nearby , which wasn't switching over easily .
I'm trying to figure out if it is possible to configure in one site a wireless setup that goes like this:
One WLC (5508), multiple LAP's in H-REAP mode.
AP's will be splitted in multiple VLAN's belonging to different departments but with the same SSID.Each VLAN will have it's own DHCP scope. All AP's are located in the same site and I need to know if it is possible to roam between AP's that belong to different departments?
I have an issue where I cannot get clients to change SSID. I have two SSID, one WPA2 secure, one open guest. The secure is locally switched via Flexconnect and the guest is centrally switched. Both of them work. I have been able to test this and both work as intended. The problem is that once you connect to one of them, either secure or guest, you cannot then change to the other. The only way to change is to delete the dhcp entry from the scope and then do it.
Fast SSID change is enabled. I also have debug client output from when the client fails when you try to switch which I will include below. I also pulled some wireshark captures and those show me that the DHCP ack packets are trying to give the client the ip address from the incorrect/previous scope. So basically it's like FAST SSID change is not working and the client is never being disassociated properly??
I am totally stumped and even though the client will most likely not be switched between SSID that often I would still like to know the solution.
Cisco 5508 running 7.2.110.0 Cisco 3502 LWAPP windows server 2008 dhcp server
How can i change AP host name for LAP via CLI? I got the error 'command is disabled' when i try to use command 'capwap ap hostname <>'
I try to disconnect LAP from WLC, factory default, clear all private-configure and clear all files in nvram: but not working (still got error). I cannot change via WLC GUI for CAP2602I series. I don't know why.
I checked bug CSCsy17745 but current in use software is fixed.
I connect a copper SFP on port 2 of WLC 5508 to a ASA 5510 firewall. The links between two devices are down. Since ASA 5510 only support 100 full, how do I change port speed on port 2 to 100.
I have two 5508 and one WCS server, the controllers are in one mobility group.Now I have to change the management IP addresses on the controllers. What are the correct steps to do this?
i see there is an option to "allow password change" or "force password change" for guest roles in the NGS. But when i created a guest account using this guest role, after webauthentication , there is no prompt to change password. Is this the intended behaviour or is there anything else that i need to configure. Looking at it, i am not sure how the NGS would allow a "guest user" to really overwrite the password by allowing password change. ? is that not a security risk as well for the NGS ? my setup has 5508 anchor controller and NGS communicating via RADIUS.
We use a wlc model AIR-CT5508-K9 with eight built-in ports. I would like to know if it is possible to change the speed of these ports down to 100Mb. At this time, they are set to auto and 1000Mbps.
1) I'm using a single subnet eg 192.168.1.0/24 for my wireless clients and i'm assigning them via the DHCP server from the WLC. As the clients are however made up of laptops and scanners, i would like to assign a range from 50-150 for the laptops and 151-250 for the scanners for easier identification. But it seems that from the WLC DHCP menu i'm not able to do this unless i segment them into a different network with different gateways.
2) Is there anyway to change the WLC user accounts password too? I dont seems to be able to find the option unless i delete the account and re-create it with the new password.
I have a 5508 WLC and a series of 1140 APs. One small but annoying thing I have noticed is that the APs are pulling the correct time from the WLC but the timezone is off so they are showing time at 0 and not -8. The timezone is set and correct on the WLC.
Is there a way to change the timeout for the Client Excluded: MACAddress status? It seems like the exclusion is rather short. I'd like to have the ability to control the exclusion time. Using WLC-5508 7.0.116.0.
I have 5 access points (WAP4410N) all connected to a befsr41 8 port/switch router, each AP has it's own SSID. Is it possible to to have one SSID for the entire wireless network so users do not have to change SSID's every time they change locations?
I currently have a UC540 system with 12x aironet 1130 APs. Seamless roaming does not seem to work, and the recommendation seems to be to introduce a WLAN controller.
I´m trying to find the best configuration to improve the roaming in a WLC 7.3I changed the power threshold under the TPC to -67 and in the client roaming I put in custom mode and the minimun RSSI in -78 dBm.but I was wondering if there is a specific configuration to improve the roaming.
I have 3 Cisco 1242 WAPs that I have deployed at a site that has NO RADIUS/AAA devices. I have given all of them a different channel (1,6,11), but the same SSID and crypto (WPA2-PSK). The issue is when a machine boots up it associates with the closest/strongest AP, but as the device "roams" it does not which to a different AP. It stays associated with the original AP until that signal is gone. Then it quickly associates with the closest AP with no problem.
How do I get the device to associate with the strongest WAP? I have research "fast roaming and WDS" but it seems like you need EAP/LEAP and they do NOT have that at all.
have configured Cisco IPPhone 7925G with EAP-TLS setting. (With manufacture installed and Userinstalled certificate). My issue is while roaming from 1 AccessPoint to another AccessPoint the call getting droped. I need to restart the IPPhone to reauthentiate again. In ACS am agging the authentication time-out error. (I had changed the time out value for EAP-TLS to 20 in WLC as per recommendation.)
If am using static web key there is no issue in roaming.
What is the reommended setting inorder for the EAP-TLS to work properly.
Is it possible to set up a roaming wireless network with wireless access points that are different brands from one another (i.e., D-Link, Cisco, Belkin, etc.)? If so, is there anything special that needs to be configured?
But my laptop often times changes access points as I move about in my office to try to optimize the signal strength, which causes the network to stop working and I had to do "ipconfig -renew" to continue using internet. Problem now is that the IT desk told me that the AP's are overloaded.
Under the section intra controller roaming, WLC 7.0 config guide states that " When the wireless client moves its association from one access point to another, the controller simply updates the client database with the newly associated access point. If necessary, new security context and associations are established as well" URL.Within the phrase "If necessary, new security context and associations are established as well" . What is meant by the new security context ? My understanding is that only an update to the MSCB (with the AP info) is the only requirement as the client is within the same controller and subnet.I just can't think why would the security info needs to be updated.
Actually we have a 4402 controller with 1120 APs both of which are marked as EoL products, we want to jump over the new 2600 APs and 5508 Controller for increase signal coverage but we have the following deals:Last firmware for 4402 controller is 7.0.Firmware needed for 5508 to support 2600 APs is 7.3.Is it possible to configure mobility between 4402 and 5508 even with different firmware branch?
I'm looking to deploy a 2504 controller and some AP1142s but would like to provide the client with an alternative, lower initial-cost option in my proposal. I've been researching the AP541N access points but several areas of their implementation seem unclear to me.
Clustering: For the clustering feature is it necessary for the network to have other SBCS components (500 series platforms)? All of their other features are either unapplicable to or already implemented in the network in question; if I have to add another appliance I would rather go the LWAPP route and use a true WLC.
What are the cababilities of clustering? Can I implement some form of wireless resilience by spacing APs closer together than necessary and they will lower transmit dBm and intelligently respond to attempt to cover a new cell where an AP has gone down?
What about roaming? I believe Cisco advertises this as part of a small business voice solution. A client roaming between two access points in the same mobility group (cluster?) on a wireless voip phone should be able to keep connection, as it's analogus to some critical UDP communications that are going to take place on the clients.
my hardware set-up : 2x AP 1100 series, 2x AP1131AG (not connected to a Cisco Switch)...all with the latest Cisco iOS
What i want to do is connect these APs and broadcast the same SSID (e.g Aironet and NOT Aironet1,Aironet2..etc). Doing that, a user with a laptop can roam between these APs and won't have to re-enter the password of the SSID every time he changes AP. I would also like the encryption to be with a 128bit password key. From what i have read, i need a local authenticator to do what (Something called Local Radius Server).
I have three Autonomous AP´s in a small office running voice applications, all of them are connected to the same infrastructure switch and they have same configuration, voice Vlan is configure to open authentication. I have two models of AP 1252 and 1262 and I paste Radio configuration below.
First issue: During calls users are facing problems when roaming between AP´s, and eventually calls are dropped. Second issue: Sometimes one of these AP´s(1252) lose all transmit signal and when return I got authentication error on log.
Setting up a multi floor WLAN using a 6500 WISM Controller. Each floor has an AP group with the floor WAPs assigned. Each floor has a VLAN and the WLC has an interface configured. Each floor has a WLAN configured with the same SSID and the only change is the interface on the WLAN per floor.DHCP is remote on AD servers and each floor as a scope configured.Each floor works fine - we can get connected and get assigned to correct IP address. The issue we had with this setup was moving between floors. When we move up a floor the client loses connection to the inital floor (coverage - as expected). if we disconnect and reconnect it connects to the new floor SSID and gets an IP from DHCP.When looking into this - I then created an interface group and added all the floor interfaces into the group. I then applied the interface group to each floor WLAN and did soem testing - it worked as expected. I could now move between floors.The issue with this is though. When I was testing I already had an IP address assigned from DHCP - before I changed to interface groups. The issue is that the intial DHCP assignment no longer works and we cant connect to the WLAN anymore,
I'm about to purchase 2 Aironet APs, either 1140 or 1160 Series for a small Business. I know too little about the AP installation. How to let both APs works in Roaming Mode so that users can move freely within the site without having to drop and connect from one AP to the other.