Cisco Wireless :: 5508 Multiple WLC In Same Location Best Practices
Jun 1, 2011
We have 2 5508 WLC's on site (5508-1 & 5508-2) and at the completion of this project we will have around 150 access points. We are also using WCS. 5508-1 is set as the primary/master controller. 5508-2 is the secondary controller, serves as backup if/when 5508-1 fails. All LAPs connect to 5508-1 by default, so 5508-2 is basically sitting there doing nothing. Is this the best way to take advantage of the resources that are available? Would wireless clients see improved performance if the access points were split between the two controllers? If we do split LAPs between the controllers should I make sure that all of the LAPs on a particular floor are connected to the same controller or does that matter?
View 7 Replies
ADVERTISEMENT
Jul 26, 2012
setup a WEP SSID on my 5508 controllers. THat being said, I have multiple sites with extremely old scan guns that only do 104bit wep. I plan on locally switching this SSID and using static WEP 104bit key with MAC authentication, and then ACLing to limit my inherent security issues/exposure once someone compromises my WEP key. [code]
View 4 Replies
View Related
May 13, 2013
I am trying to build a new network from scratch, I have the WLC 5508 w/ Aironet 3600e APs connected to my Netgear Smart Switches and a Linksys RV082 router that I'm using as my DHCP server with several VLANs for several stuff on my Switches.
I have 2 questions:
1. Can I have 5 Interfaces configured on 5 different VLANs, each SSID on each a different Port:
Port 1: Controller management only=> 192.168.x.x /24
Port 2: SSID 1: WiFi Internal=> 172.16.x.x/12 (Radius Auth with no sharing)
Port 3: SSID 2: WiFi Internal w/ sharing=> 192.168.x.x/24 (Radius Auth with sharing)
Port 4 :SSID 3: WiFi Guest=> 10.0.x.x/8 (Web Auth)
Port 5: SSID 4: WiFi IT=> 192.168.x.x/24 ( Radius or certificate Auth with access to the controller management interface)
2. How can I use the Controller as the DHCP server for all the WiFi traffic, and how should that be configured to work with my other DHCP server?
View 3 Replies
View Related
Oct 31, 2012
I have the wireless controller 5508 and many AP1261 registered on site. It detects a lot of rogue access points around. I would like to find out geographic location of these rogue access points. Is it possible?
View 2 Replies
View Related
Mar 5, 2012
I'm looking for some input on RRM. I personally have NOT used it in a LONG TIME, since probably the 4.0 days and then very shortly due to massive issues it was causing and admittedly, in part due to my ignorance at the time. So, every since that point, I have always set all my channels and power manually but now feel I am getting to some points where RRM may be required / beneficial. So, I've invested some time and have begun researching and trying to get the ends and outs on it but I'm forseeing a potential issue in myworld anyways and am hoping for some clarification. Lets take the below example:
-WLC5508a and b - (2 100ap license controllers) - these hold the majority of the AP's for the main hospital.Lets say, 140AP's.
-WLC5508c and d - (1 100ap and 1 50ap licensed controllers) - These tend to hold our smaller sites and and buildings, not all connected and some a few miles from each other
-WLC4402a and b - (failover ready)
So, with RRM, I can set setting it up on the 5508A/B with out issue as this is one big large building. However,what about C and D? I suppose I can make them a separate RF Group, but how would RRM respond when it has16 AP's in Building X and then 3 AP's in Building Y 30 AP's in Building Z and sporadic buildings with 1's and 2's? Everything I've read so far, leads me to believe if these devices are separated it probably won't be an issue, however, I just don't want something causing a change in Building Z and Building X be affected because RRM decided it would try to fix it. My point is, I can't afford to have a separate RF Group (meaning separate controllers) for every location.
View 1 Replies
View Related
Dec 5, 2011
We have a 5508 WLC with WCS and are using 1131AG WAPs. How to determine if there is interference or noise at a remote location without going there with a spectrum analyzer?
View 8 Replies
View Related
Aug 26, 2012
Is it possible to assign a single ssid to multiple interface groups by assigning the ssid to multiple AP groups?
I have buildings geographically dispersed that are configured with multiple vlans in interface groups so that I can maintain an addressing scheme of dhcp assigned addresses per building. Each building is also further grouped as AP groups. I'd like to know if by assigning the same wlan ssid to each of the AP groups, will I maintain addressing integrity for each building? I'm thinking it will work.
Do the buildings have to be outside AP range of each other to avoid problems?
5508 controller
7.2.110.0 code
6 buildings
6 interface groups
1 ssid
View 4 Replies
View Related
May 18, 2013
My 5508 WLC which runs version 7.4 is configured as a DHCP server for the clients and here's my problem:
-One AP is attatched with an interface which has the vlan 10 and a ssid in AP groups
-One AP is attatched with another interface which has the vlan 20 and the same ssid in AP groups
And there are two DHCP pools in WLC, one is for vlan 10 and one is for vlan 20.For now, a PC accesses AP-1 and get an IP address from DHCP pool vlan 10, then I power off AP-1, then the client accesses AP-2 but still get the IP address from DHCP pool vlan10, i need to get the IP from DHCP VLAN20, what can i do now?
View 7 Replies
View Related
Nov 8, 2012
We have 3 3602Es connected to a 2504 WLC. I was wondering for best practices for antenna placement. They are all mounted on the side of a wall, near the ceiling (above everyone's head).
View 10 Replies
View Related
May 19, 2013
I'm looking for a document that states the best practices for WLC configurations (Management/Security/AP's..etc). I can currently only find the following document:URL
But this document has last been updated in 2008, in a few days that's almost 5 years ago, and we all know how quickly technology is evolving. 10Gb wireless is around the corner, with 1GB starting to go production now. This document also mentions the 4400 (which is end of life).
View 1 Replies
View Related
Nov 8, 2012
I am trying to come up with a wireless solution for a campus deployment. The campus has ten buildings currently using Autonomous APs and are currently converting to Dual 5508 Controller model.
I would like to have a separate AP Mgmt subnet in each building, so I will configure an ip helper on the SVI on this vlan to:
Option1 - Point to the Internet Router configured with DHCP Option 43 with the controller IP addresses
Option 2 - Point to the Wireless LAN Controller itself.
Problem with Option 1 is that the Internet Router will now have to connect directly to the COE network to be able to route back to the AP mgmt subnets. So I would emply a VRF here to keep the separation.
Problem with option 2 is that there appears to only be one DHCP scope allowed on the controller. So this would mean a flat mgmt network across all buildings which I am trying to avoid. I know that after the AP joins the controller, I could change the IP and change the vlan on the port but this is not very neat.
So question is:
Is there a way of getting multiple DHCP pools on the controller?
View 3 Replies
View Related
Jan 3, 2012
I have a 5508-WLC appliance and configured multiple ap-manager interfaces to balance the join request from LAPs and the load.I went to console port from some LAPs and saw that there was that balance among multiple ap manager interfaces (Dynamic AP Management Interfaces). Then we torn down one of the ap manager interfaces and confirmed that the LAPs were moved to next ap manager interface automatically.But the question here is, how can I verify which ap-manager interface was used for a LAP from the WLC via GUI or CLI ?? or how can I see the amount of APs joined using that ap manager interface from WLC ?
View 2 Replies
View Related
Sep 26, 2012
On a wlc 5508-7.0.116, can I set up 2 ssids that map to one wlan/vlan/subnet. I thought you could but I don't have the means to test without breaking production.
My goal is this:
Ssid red open
Ssid blue wpa 2
But all clients on the same ip subnet
View 3 Replies
View Related
Jan 15, 2013
I have looked through the forum and think that I have found the answer to my question but I just need confirmation of my thoughts. We are using a 5508 W LAN controller running software ver 7.2.110.0 and LAP 1142n AP's.
What I would like to do is to configure multiple guest W LAN for each of our regional offices. Each of these W LAN needs to be configured with a Web Authentication page relevant to the office location. My question is this, can I have a Web Authentication page for each location or just 2, the default internal page and 1 customized page?
View 4 Replies
View Related
Jan 2, 2012
I'm trying to research the tunnel limits on a 5508 controller if you're terminating controllers to two different SSID's. For example. In my DMZ i have a GUEST SSID for contractors and guests and then I have another SSID used by employees so that tablet and mobile phone users can access the interenet. Because we don't trust any of these devices we have that SSID is termiated just as we do our GUEST SSID.
To reduce the number of anchor controllers I deploy, I wanted to start with one 5508 Controller. (then move up to about 3) This controller would have two SSID's, GUEST & MOBILE. On the Foreign controllers when I setup anchor tunneling I will be anchoring to the same controller however to two different SSID's.
Per the 5508 specs it supports 71 tunnels.
So my question to the group is, will the 5508 see this anchoring as one tunnel each? Or does it support 71 Tunnels per SSID?
View 14 Replies
View Related
Apr 7, 2013
I have a 4400 and a 5508 WLC in the same location We want to be able to roam between ap joined to both the 4400 and the 5508 using only one ssid
Do I only need to create a mobility group and add both WLC then create only one WLAN on one of the controllers and it will be shared across bot WLC.
View 5 Replies
View Related
Feb 29, 2012
I have a situation where a user needs more than one office extend AP in his home. My office extend controller is a 5508 running 7.0.220.0. Are there any issues NATing multiple OE APs to a single address? My initial lab results indicate that each of the AP's associate with the controller and establish a DTLS tunnel. I see the SSIDs get pushed to the AP and then it seems to restart the process never being fully operational. Is there a workaround that will allow me to run mutliple OE APs?
View 12 Replies
View Related
Apr 23, 2012
I'm trying to figure out if it is possible to configure in one site a wireless setup that goes like this:
One WLC (5508), multiple LAP's in H-REAP mode.
AP's will be splitted in multiple VLAN's belonging to different departments but with the same SSID.Each VLAN will have it's own DHCP scope. All AP's are located in the same site and I need to know if it is possible to roam between AP's that belong to different departments?
View 3 Replies
View Related
Jan 23, 2013
Currently my solution consist of two 5508 controllers and several non-mesh and few mesh AP (2600) running in flexconnect mode in one single site in europe. Everything is going fine. However there is going to be a new site in Canada. I found some documentation saying that multiple country code is not available for mesh ap. Mesh ap are not going to join controller if multiple country code configured . but all this documentation is regarding version 7.2 and older. Im running version 7.4.100.0 and on configuration guide I don't find anything related to that.
View 9 Replies
View Related
Feb 1, 2012
with LMS 4.1 Reporting in several areas it is possible with selecting devices to use 'Group Selector' (e.g. Syslog Severity Level Summary Report).Group Selector dynamically chooses devices in selected Group at Report runtime to get the latest devices.Not all Reports in LMS 4.1 provide this Group Selector, e.g. Best Practices Deviations/Discrepancies.Is that a bug? As DCR changes often (add/delete) we urgently need to dynamically perform reports to latest DCR-Population.
View 1 Replies
View Related
Jan 10, 2012
What are considered the best practices for monitoring ASA's--specifically the 5510 with Sec+ License.
My current monitoring application keeps reporting issues with outbound interface buffers being too high, but there are not any performance issues and I believe the thresholds are just set absurdly low.
View 1 Replies
View Related
Oct 10, 2012
i am looking for the best practices when using a Cisco ASA 5505 to provide NAT and protect my inside network from the outside.
I have the inside security level set to 100 and the outside set to 0, want other features can be used to protect the network from the Internet, am assuming that the security levels will ensure no traffic comes from the outside to the inside unless there is a rule that allows it.
Would any firewall policies be required to increase the level of security?
View 1 Replies
View Related
Feb 15, 2012
I want to apply an authorization profile depending of the login username used, like assign the VLAN ID, so on a lab I created 2 rules, each of them using the System:Username field and then apply the Authorization profile with the correct VLAN to the user.Which one of the following configurations will be the best practice doing this if this condition will be applied for 300 users?? In my opinion, the best practice will be using the System:UserName condition on Authorization Network Access but I want to know what you think, do you agree??
View 0 Replies
View Related
Feb 14, 2013
We are in a warehouse type setting and have data centers on each side of warehouse with 5508 WLC's in each data center. Each side is on its own subnet with routing in between and a different set of SSID's for each set of WLC’s. Are goal is to have the ability to failover in the event that if one data center goes down AP’s will move to the controllers in the other DC and the clients will still be able to operate.
Our thought was to implement mobility groups between the controllers. While I saw documentation on setting this up when the controllers are on the same vlan, I didnt see any setup config when controllers are in different vlans. So I am wondering if mobility groups are even an option for what we want to accomplish. For the most part clients stay on their respected sides of the warehouse and so we are not necessarily needing roaming for clients between controllers in DC1 and DC2. But that does raise another question in that we do have a planned voice wlan that we would like to have the ability to roam between each side of the warehouse. But we have seen ip issues with this. In the past we have had both SSID's setup on each side and ran to issues with clients not renewing their IP address when moving to the controllers on the different subnets.
Can we setup mobility groups between controllers on different vlans/subnets? For failover purposes will mobility groups assist in our setup with 2 DC’s and different subnets/vlans? If the answer is yes we can setup mobility groups between different subnets, is there a way to setup the SSID's on all controllers and have the ability for clients to roam and renew their IP’s when moving to a different controller on a different subnet?
View 3 Replies
View Related
Oct 21, 2012
how i can configure a second ssid for guest access in our environment. this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time. My AP config is attached below.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan? Does the access point need to be aware of the voice vlan? Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
View 1 Replies
View Related
Sep 18, 2012
My question is if I can configure 3 ssid, for 3 different VLAN and add the DHCP address from a WAP4410N AP, when you upgrade to the latest version of IOS I can have this functionality?
View 2 Replies
View Related
May 3, 2012
I'm essentially looking to extend an existing network in a primary warehouse for our company across a parking lot to a secondary warehouse with no network drops. I need to keep the ability to assign addresses in the existing scheme over to two computers in the secondary warehouse.
View 1 Replies
View Related
Jan 15, 2012
I have two Cisco Location Appliances 2700 devices that has version 6.0.101.0 on. I'm having problems getting it to work. Any that can assist with this?
View 1 Replies
View Related
Aug 9, 2011
The compatibility matrix shows no support for a Location Appliance 2700 for any version 7.0.x.x for WCS and WLC. However, I did see a thread here where a v6.0.x.0 had compatibility. v6.0.202.0 is MD. Is it compatible with v7 WCS and WLC?
View 3 Replies
View Related
Sep 6, 2011
I have 2 Cisco WLC 4400's connected to a WCS. I want to use this Location Tracking feature within the WLC 4400s so that i can track movement of particular network devices throughout my facility. I cannot find anything on how to set this up on the internet. I found a PDF explaining the 4 different ways you can track objects but nothing more.
Is this service still supported in the newest versions?
View 8 Replies
View Related
Sep 29, 2012
where is the button to turn on the wireless for a HP 2000 notebook pc?
View 1 Replies
View Related
Apr 12, 2012
I will be staying at a rental property that has ethernet cable & modem. If I bring my E4200 v2 router from home & connect it to their modem, will my Toshiba 16GB Thrive be able to access the internet via WiFi? When I initially set up the router, I ran the router CD on my laptop, and the Thrive automatically accessed the internet. Will the Thrive automatically do the same when I connect the router at the new location. There is no computer there to run the router software. Will the the network be secured as it is at home? Same network name & password?
View 1 Replies
View Related
Feb 12, 2013
We plan on buying a Cisco 2700 wireless location appliance but I need to know if it will be compatible with our 2500 WLC.I've tried to look but cant find any document for this. Also can you deploy the location appliance without a WCS?
View 7 Replies
View Related
