Cisco Wireless :: 5508 - Remote Network / AP Discovery Automation
Mar 18, 2012
I am in the process of turning our autonomous wireless network into a centrally managed lwapp network. We have a new 5508 with 1140 series APs which will be distributed in three locations nationwide.
My manager saw a presentation that showed the AP just getting plugged in and all of its configurations were downloaded. Right now I am able to get basic global information to install on an AP in the local network but I feel I am missing something. If I have three locations using different IP schemes (eg: 10.0.1.0 for A, 10.0.2.0 for B and 10.0.3.0 for C), the remote locations are getting their DHCP info from the routers.
Is there a way based on location/IP that the APs associate themselves with the correct WLAN or AP group? How much can I automate once the AP discovers the controller? I am reading the manual and searching the web but information is a bit vauge on this. My plan is if an AP fails in a remote location, all I need to do is ship a new AP out to be replaced and when the AP is added to the network the firmware and other information is downloaded and is then ready to be accessed with minimal configuration on the controller end.
View 4 Replies
ADVERTISEMENT
Jan 13, 2013
Im receving this error on my syslog server: capwap_ac_sm.c:1443 Ignoring Primary discovery request received on non-management interface (2) from APalready checked the configuration and everything seems ok. They are registered and with clients associated.What could be the cause?
View 2 Replies
View Related
May 20, 2013
I have newly deployed a Prime Infrastructure (PI) in my network, and i want to add my wirless controller in it. I get an error SNMP time out whenever i add my controller to PI through SNMP.
There are default SNMP configurations in the controller and i am simply adding them in PI with their private/public SNMP string.
WLC 5508 is connected to my core switch and PI is connected to another switch which is directly connected to core switch via Layer 3.
Is there any configuration required to be done on the switch side.?
View 2 Replies
View Related
Nov 20, 2011
I set up RME several years ago on our Ciscoworks several running LMS 3.2 to notify us on any BGP flaps via email notification.I noticed the last couple maintenance period where we had perform Circuit work with our ISP's. We haven't received any emails....I verified those routers are configured to send notifications in the Device Selector and even checked the router logs.
004161: Nov 20 05:04:52 EST: %BGP-5-ADJCHANGE: neighbor X.X.X.X Down BGP Notification sent
004162: Nov 20 05:04:52 EST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 4/0 (hold time expired) 0 bytes
The syslog collector status appears to be normal.....
View 3 Replies
View Related
Sep 16, 2012
I am having trouble getting DHCP working for a site connected using Flex Connect. Here is my setup. I have a single 5508 Controller at one site using the 10.3.0.0 network. All AP's at that site are in local mode and use the local DHCP server, 10.3.0.2. Everything works fine there. Each site uses a different SSID as well.
At my second site, 10.4.0.0, all AP's there connect back to the controller at the site above and are in Flex Connect mode. The AP's work fine and the clients work fine there but they get an IP address on teh 10.3.0.0 instead of the 10.4.0.0 network. If i setup the SSID at this site to override the DHCP server settings and tell it to use 10.4.0.2, which is our local DHCP server, the clients don't get an address at all.Is this simply a matter of setting an IP Helper address on the router where the WLC is located or is there more to it than that?
View 4 Replies
View Related
Feb 4, 2011
my system's network discovery is always off even when i try to put it on again it goes back off immediately...can it be related to the firewall settings or wat else can be preventing it from coming on?
View 3 Replies
View Related
Mar 11, 2012
I have a setup like this:
A central WLC 5508 running code 7.2 with management vlan 10 ( range 10.10.10.0/24), corp-user vlan 100 (10.11.10.0/24) with WPA2 key, guest vlan 200 (192.168.0.0/24, on local dsl modem) with WPA2 key...
A remote WLC 5508 with code 7.2 with management vlan 10 (range 10.20.10.0/24), corp-user vlan 101 (10.21.10.0/24) with WPA2 key and guest vlan 201 ( 192.168.0.0/24, on local dsl modem) with WPA2 key
corp ssid "Corp-user" on both sites
Guest ssid "Guest" on both sites
Intention is that the AP's (3500) on the remote site should fail over to the central WLC in case of any failure on the remote WLC and that the users could remain in their local vlan.
What kind of configuration would make this work?
View 8 Replies
View Related
Jun 2, 2013
We have a 5508 with 7.4.100.0 vor Internal APs and OEAPs. till now every thing is ok. Now we have to connect an AP (local) in a remote office, connected to the WLC by a VPN Tunnel. The problem is that the AP in the remote office uses the NAT Address to connect to the WLC, so the traffic goes over the Internet, not trough the VPN Tunnel. On the controller I have the following setting:
AP Discovery - NAT IP Only ................. Disabled
On the AP:
AP Link Latency.................................. Disabled
How to force the AP to use the internal IP Address of the WLC?
View 7 Replies
View Related
Aug 22, 2011
Whenever I select it and apply changes, then reopen, it has reverted back to the off position. I have removed all firewalls and software that could interact with it (disconnected it from the network whilst in this state). I have set the correct services to automatic as they should be. It is getting rather frustrating not being able to share my media across the home network. I can see and utilise other computers media but none can utilise said computers media
View 1 Replies
View Related
Jan 14, 2013
We have a 5508 controller in main site.Which has two ports connected to local network.Management VLAN 500 is untagged and mapped to Port 1.All other interfaces are including 501 to 507 are mapped to Port 2.We have a SSID that is mapped to VLAN 501 interface , which successfully can be joined in main site.We connect an AP to remote site ;We have a remote site VLAN 115 which can be reached from main site.We connect an AP to access vlan 115 port on the remote site , we had described option 43 , so AP can successfully finds controller in local mode.
AP gets ip from VLAN 115 , can setup connection / ping controller successfully.There is a wide area connection between remote and main site.No trunk setup , the whole remote site is vlan 115.However when the client is trying to connect the test SSID , client cant get connected nor get ip address.Local switching is disabled.For this setup , client comes to AP as a requested , AP tunnels traffic to controller from vlan 500 , controller lets the client get into wired platform from VLAN 501.
View 25 Replies
View Related
Sep 20, 2012
At the main site, I have 3 5508 WLCs each part of a mobility group (wlcMain-MG). In NCS, under "System/Mobility Groups" for each controller, I see each controller listed as "local" with the other Controllers listed with the group name "wlcMain-MG". None of the SSIDs are "anchored".
I have a new site with a 2500 series WLC that I would like to push out 2 SSIDs. This site contains two customers. One customer is the Main customer with the second customer leasing space.
I have the Cust2 WLAN at the remote site set to have traffic egress out of a local interface on the 2500 WLC (this traffic is then tunnelled back to their Main location via an ASA which houses the DHCP scope for that vlan). I can connect to this SSID, obtain an IP Address off the ASA and am tunnelling without issue.
For the Cust1 WLAN at the remote site, I would like to broadcast an SSID from the Main location on those same APs which are registered to the 2500. It is my understanding, that I anchor the SSID at the Main site and identically configure the SSID at the remote site. This will allow the end user to authenticate to the RADIUS server at the Main site and be placed upon the correct vlan (we are using DOT1x and dynamic vlans).
For my test, I am starting simple. I have created a test WLAN with no authentication. At the main site, on 5508 WLC3, I have created the test WLAN, and placed the interface into a low security vlan (call it VLAN-low). I have anchored this test WLAN to that controller. At the remote site, I have created the same WLAN (but placed it into the management interface for now - the VLAN-low does not exist at the remote site) and configured that WLAN to anchor back to the WLC3 at the main site. I am unable to obtain an IP address from the remote site. I have placed the remote site WLC in the wlcMain-MG as well. How close does the code need to be on the controllers - the 5508s are at 7.0.116.0 and the 2500 is at 7.0.220.0? What could I be missing?
View 5 Replies
View Related
Dec 5, 2011
We have a 5508 WLC with WCS and are using 1131AG WAPs. How to determine if there is interference or noise at a remote location without going there with a spectrum analyzer?
View 8 Replies
View Related
Apr 17, 2012
i have deployed WLC 5508 in head office with current 56 access points (mix of 1262N, 1141N and 1242) are regist ered and working fine, recently we extended to our remote office (connected over Layer 3 MPLS with OSPF Protocol) were none of the access points are not registering, i am able to reach to the controller from the specific VLAN and native VLAN without any issues. @remote site i have enabled option 43 and option 60 with the controller IP.
Number of APs.................................... 56
Global AP User Name.............................. ciscoGlobal AP Dot1x User Name........................ Not Configured
[Code]......
View 10 Replies
View Related
Aug 16, 2012
The network scheme is this one, I have Lightweight APs distributed and a pair of WLC 5508 centralized. We use a pair or SSID for all the branches, concretely Voice and Data.
All the branches has a local DHCP Win2k3 Server, and APs get its IP address correctly from the local DHCP, but the wireless clients obtains the IP address from the centralized DHCP Server, because all the DHCP traffic go through LWAPP/ CAP WAP tunnel to WLC.
I want that the clients get its IP address from the branch DHCP, i have reading and i think that we need to use H-REAP with local switching configuration and the correct vlan mapping in local switch and H-REAP for it works that we want. Is it correct? Is possible that the client obtain the IP address for the local/branch DHCP Server instead of the Local DHCP?
View 6 Replies
View Related
Feb 25, 2013
just ran a discovery on a large network and found 49 wireless controllers (5500, 4400 and 2000 series) and none of them are showing the controller serial number. They are all running 7.0.235.0 and I found no bugs that match this issue.
View 1 Replies
View Related
Sep 20, 2011
We are setting up a WLC 7500 for the first time and are having a hard time trying to connect an LAP to the WLC. We have 1042 Access Points.Reason for last unsucessful attempt: to many concurrent ap image downloads
-Last Error Occurred: Lwapp discovery request rejected
-Last Error Occurred Reason: Too many concurrent AP image downloads
We only have 1 AP plugged in so far and it does recieve an IP address from DHCP.
View 15 Replies
View Related
Jan 3, 2011
I'm adding some additional AP's (3502s) to an environment that is all 1131AG AP's. The DHCP is configured for DHCP option 43 for remote sites for layer 3 discovery. Since only one AP mode can use option 43, I've added a DNS entry for cisco-lwapp-controller in my local domain.My assumption here is that the new 3502's will be able to use DNS for discovery, while any additional 1131AG would continue to use DHCP option 43. will this work in a mixed environment?The new AP briefly showed up on my controller, but then disappeared. The LED is cycling red, green, off - indicating it is still in the discovery process. Could I effectively remove the option 43 in DHCP and have all AP's use DNS? Is this as reliable as option 43? What is the best practice for discovery?
View 6 Replies
View Related
Apr 5, 2013
I have a problem with MSE tracking client in my network.What we have:PI 1.3 with evaluation license (temporary)MSE 7.4.100 with 3k device licenses (hardware appliance 3355)WLC 5508 7.4.100.For now MSE is reacheble from PI and WLC, all setings are synchronized, NMSP status is active, mse assigned for maps and synchronized, on map we have 3 APs, but in Contex Aware tab we didnt see any tracking devices, all counts 0.
View 11 Replies
View Related
Dec 15, 2011
At customer site we have a wireless lan installed with wireless lan controller 5508. This works fine but the customer wants to add wireless bridge WET200 into the network. The problem is that the bridge seems to authenticate and associates with the LWAPP but does not get an ip-address.
View 5 Replies
View Related
Oct 3, 2012
Could I setup wired guest Internet connection without layer 3 web authentication and how?I want guest users access Internet without going through web authentication.
View 2 Replies
View Related
Aug 6, 2012
question in regards to the deployment of a new WLC and new LAPs,I have configured and connected a 5508 WLC and 3500 series LAP.LAG is enabled in the WLC and successfully connected to the neighboring switch (using etherchannel) and to the network.
The port-channel port is set to trunk mode obviously and certain vlan ids are currently allowed (3-5)
The management interface has this IP address 192.168.5.250/24
I created a WLAN with WLAN ID 3, Interface set to Management and say SSID test1
I have connected a new LAP to the network, which switchport interface is set to access mode and assigned with vlan id 3. The LAP is able to join the WLC successfully with an IP address, such as, 192.168.3.100 (assigned via DHCP).
When I try connecting a mobile client to the wireless LAN, it can successfully detect and connect to the WLAN, created in the WLC (test1) however it gets an IP address by DHCP, in the 192.168.5.0/24 network, which is the IP range of the management interface's IP address.
What can I do to get the clients connecting on network 192.168.3.0/24? I thought this would be the case since I allocated the WLAN Id of 3 in the WLAN test1 configuration and since the LAP switchport is set to access mode with vlan ID 3.
View 3 Replies
View Related
Dec 28, 2011
Three weeks ago I moved all the APs at one of our sites from WISMs (running 5.2.193) over to a pair of 5508s (running 7.0.220) and everything appeared to be fine through testing and implementation. We've got about 400 devices on this network and almost everything is working without issue, except for about 10 Honeywell Dolphin hand-held scanners that our distribution department uses. On occasion when the users go to use them, even when sitting 15 feet from an AP, the device will kick out an error that the "wireless network was not found - please move closer to an access point or return to cradle".
As much as I would love to say it's a device issue, they said the problem started the same day I moved the APs to the new controllers (they gave me the date they started experiencing the issue, I was able to link that back to the date I made the move). They worked without issue on the old controllers / code and, for the most part, both old and new controllers are configured similarly (except for enabling a few new feature that the new code supports like client-link and band-select). These are b/g clients and I did diable all .11b data rates when moving to the new controller. Also, this happens in multiple locations, not just in the receiving / distribution area.
Lastly, I'm at my wit's end on this. The issue is totally random and when they are having an issue I can't even see the device trying to connect (by debugging the client on the controller). One suggestion I've made is that we may need to upgrade the device firmware, but I'm not sure why it would work with the old controllers and not the new. I guess the worst case scenario is that I can move the couple APs they have in the receiving area back to the old controllers to see if the issue continues.
View 10 Replies
View Related
Mar 4, 2012
I've got a couple new 5508 controllers to replace my 4404's. Im wondering though if I throw them on the network to setup, will there be any conflict with the current access points? Will they try and join the new controllers for any reason automatically? Is there a better way, or a best practice to provision these new controllers?
View 3 Replies
View Related
Jul 27, 2011
I am planning on installing Clean Air Wireless network, using WLC 5508, WCS(with plus license) and MSE.
Which MSE license i need to get this to work ?
View 1 Replies
View Related
Oct 12, 2012
I suspect that he did something and gained remote access to my computer.I found out about it when I checked my wireless connections on my router and found his name on the network : Steve's - Iphone and a couple of unfamiliar connections. I then opened my task manager and ended some tasks I thought were possibly infected. When I went back to the wireless status, the unfamiliar connections disappeared.
I use Norton firewall + kaspersky internet security and my virus definitions have always been up to date, but I cannot detect anything. I also set my options to permit only MAC authenticated computers and changed my wireless WPA/WPA2 key, but every time I turn my wireless on, this guy somehow is connected to my network. [code]
View 4 Replies
View Related
Apr 7, 2013
Is there any way to configure a wired guest network with a combination of 5508 and 2504 wireless controllers? I am aware that the 2504 does not have wired guest functionality, however is it possible to set up a wired guest on the 5508 and using mobility anchors, transmit the l2 information through eoip to communicate with the remote vlan?Home built NAC solution, using 802.1x authentication on switchports for public areas. If user is an employee, communicates with the supplicant on their machine, and places them on an internal vlan.If user is a guest, user fails 802.1x check and is placed on a "guest" vlan with an ACL and external DNS.If placed on the guest vlan, the user has to accept a terms of use form.This is working currently with our 5508s without any issue, however we have some remote offices we'd like to roll this out to that are using 2504 controllers. I'm hoping there's a way that I can use the 5508 as an anchor or vice versa to make this work.
View 1 Replies
View Related
Jun 12, 2012
I have a 5508 WLC and 40+ LAP1142N APs spread across 19 locations that allows staff to connect to our private network via wireless. I recently deployed about 40 new laptops all identical make and model HP ProBook 4530's and all have the same client setup for the wireless. Out of those 40 laptops I have 4 that will not connect to the private network. However, these same laptops will connect to my public, open wireless network without issue. In addition to the 4 that will not connect all the others will prompt twice for network authentication.Now, I have about 10 other laptops that are not the HP model and all connect without issue and without dual propt. I don't think this is a wireless network issue but could be some type of issue with this model of laptop.
View 8 Replies
View Related
Sep 24, 2012
I am beginning to get many emails from users who have recently upgraded to OS6 and saying now they cannot connect to our open access wireless network. We use a separate server that users must agree to a user agreement page and they say they get it, but after agreeing, it goes blank and they cannot connect. I am using mostly Cisco 3502's with the 5508 controller using 7.0.112.0 IOS version. Nobody in our IT department has yet to test OS6 yet.
View 9 Replies
View Related
Dec 4, 2012
I setup a guest wired network on the WLC 5508 with 7.2.110. A postage machine can only be setup for static IP address over guest wired network. Is any one how to get it configure on the WLC 5508?
View 3 Replies
View Related
Dec 12, 2012
any luck getting Nest thermostats to stay connected on a cisco wireless network. We are running 5508s (ver 7.2.110.0) and the thermostats are connecting to a 3502. The WLAN is a locally switched FlexConnect SSID.
According to nest there are two potential issues - NAT timeout and wireless networks that do not play nicely with devices that sleep for long periods of time. I've configured static NAT translations for the Nests, so that shouldn't be an issue. Nest says "Nest uses Wi-Fi 'Power Save Mode' to allow it to sleep and charge its battery while remaining connected to the internet. Not all Wi-Fi routers support this feature or implement it correctly. When they don't, Nest will have difficulty sleeping and will restart in an attempt to reset its network connection. This may happen repeatedly if your Wi-Fi router is incompatible with the 'Power Save Mode' feature." I've tried increasing the DTIM timers to no avail.
View 3 Replies
View Related
Oct 10, 2011
I'm currentlly running Both Wired and Wireless GPO via Win2008r2, on my WIRED connections after clt-alt-del logoff my network connection stays open (pingable)While connected via wireless (WLC 5508 and WCS) Windows AD 2008r2 ;Radius Server 2003.
All Clients authenticate using Network Authen (Wireless Network Connection Properties) WPA2 Data encryp AES EAP type PEAP.Authentication Method (EAP-MSCHAP) I have no problems connecting via SSID etc... my Question is how do I keep the TCP connection open after initiating a logoff from Windows. (Closing network connection) OPEN!
I need to maintain a tcp(pingable) connection open in order to access Manufacturing clients that are connected via WIFI. (WLC).All wireless clients are issued and auto-enrollment cert via IAS .
View 8 Replies
View Related
Apr 24, 2012
we have a working wireless network managed by a 5508 WLC and nearly a hundred AP in different buildings. We want to integrate several apple-tv in different WLAN. We enable global multicast mode and igmp snooping on the WLC. When clients connect to these wlan airplay functionnality operates for 2 or 3 minutes max and after the airplay icon disappears on iDevices. If i want airplay to work again i need to reboot the Apple-TV but again it can't work for more than 2-3 minutes.
View 8 Replies
View Related
Jul 8, 2012
I have been tasked with setting up a guest wireless network for a remote office. They would prefer that the guest network be on a different VLAN than the trusted network, and they want to use a different outside IP address for the guest network.
I am trying to figure out how to configure the ASA so that it supports two different LANS, each with it's own outside IP address. Is this possible?
View 7 Replies
View Related
