Cisco Wireless :: 5508 Low Uptake Of Using Wireless Devices
Jun 12, 2013
I have 2 x 5508 WLCs in place with around 50 APs split between the 2.
As there is currently a low uptake of using wireless devices all of which we own I have up until now been using WPA2 and MAC filtering to control access to the network.
This all needs to change as we are about to embark on the B.Y.O.x revolution. This means being able to support a wide range of OSes from Windows to Android. This in itself presents a whole series of issues but right now I'm trying to explore how much of the burden the WLCs can take.
For instance I was thinking about setting up web auth on the controllers that would authenticate against an external RADIUS server - this seems fairly straight forward.
If this was to be a bog standard windows network I could set up a Microsoft NPS server that could control and define policies to mobile devices, but as this is going to be a mixed environment that's not a solution I can use.
What other features do the controllers provide that would be useful in my situation - can you for instance automatically direct data to a specific vlan based on authentication information?
View 1 Replies
ADVERTISEMENT
Jun 14, 2012
I'm seeing a problem with Apple IOS devices connecting from one SSID and then connecting immediately to another. I've tried to replicate this fault with non Apple IOS devices, but I'm unable.
Environment:
Single 5508 WLC running 7.2.110.0 AIR-LAP1142N-A-K9 AP's
WLC is in clients head office, MPLS to their branch sites. AP's are in Flex Connect mode, with AP and Flex Connect groups for the AP's at the branch. 3 x SSIDs; Corporate (802.1X), Guest (Web-Auth) & Non-Corp (PSK).
Scenario:
Client is connected to the Corporate SSID with his iPad (new model, running iOS 5.1.1). No problem with access, he is able to roam throughout the building with good SNR/RSSI. He wants to test the other SSID's, he attempts to connect directly to the Guest or Non-Corp and gets an error message on the client saying 'Unable to Connect' or 'Unable to Join'. Debugs on the WLC for the client shows no connection attempt, no errors. I can see the client disconnect from the Corporate SSID, but nothing for the Guest or Non-Corp SSID.
If the client then disconnects and forgets the Corporate SSID from the wireless profiles on their i Pad, waits 20-30 seconds (I can see the client disconnect cleanly from the WLC) and then attempts to connect to the Guest or Non-Corp SSID's - he doesn't have a problem. He immediately associates, and is able to connect. If he then tries to connect directly to another SSID, while still associated to another from the same WLC/AP – he gets the error again. Forget/wait 20-30 seconds, attempt to connect – no problem. We've tested with several i Phones (4 & 4S), i Pads (2 & new model) - all running the same Apple IOS (5.1.1).
I unfortunately can't do much troubleshooting with TAC on this as the client is no longer onsite, and I don't have a 5508 in our lab that I can currently test with. I've tried playing with beacon intervals, etc to no avail.
View 3 Replies
View Related
Apr 5, 2013
I have a problem with MSE tracking client in my network.What we have:PI 1.3 with evaluation license (temporary)MSE 7.4.100 with 3k device licenses (hardware appliance 3355)WLC 5508 7.4.100.For now MSE is reacheble from PI and WLC, all setings are synchronized, NMSP status is active, mse assigned for maps and synchronized, on map we have 3 APs, but in Contex Aware tab we didnt see any tracking devices, all counts 0.
View 11 Replies
View Related
Jul 26, 2012
setup a WEP SSID on my 5508 controllers. THat being said, I have multiple sites with extremely old scan guns that only do 104bit wep. I plan on locally switching this SSID and using static WEP 104bit key with MAC authentication, and then ACLing to limit my inherent security issues/exposure once someone compromises my WEP key. [code]
View 4 Replies
View Related
Aug 25, 2012
We have integrated WLC 5508 to cisco ise 3315 with ios 1.1.1 and using Guest Sponsor portal for wireless guest users.Where we have created open ssid in wlc and redirect web login portal in wlc for guest users. We have enable all respective node in policy service for profiling and also configure snmp in wlc as well as in ise.
When guest user is connected to open ssid its get redirected to web login page of ise portal and when it gets login we are only able to see the username which guest user login but not the end device in monitoring log.
Wireless End devices are not able to get profiled can any one tell me what configuration I need to do on ise or wlc side to profiled end guest wireless device like android,iphone and laptops
View 7 Replies
View Related
Jan 29, 2013
I am setting up a new Guest network with a captive portal and it seems to all work fine except when Apple devices go to sleep. When they come back on it isn't just a case of logging in again as it just indicates to the client that it is still connected and won't present the login page again. The Controller will show the client as auth required. So far the quickest way has been for me to delete the network on iPads and re-enter my settings or create a new profile on a Macbook and join again. I have also had some success when doing a manual DHCP refresh on my Macbook which sometimes seems to kick the Controller into action so it presents the login page to the client again. Whether it is related to the timers on the Controller (5508 running code 7.0.235.3) or - as I just read in another post by Leo - the 20 minute timeout that all Apple devices have built in to conserve battery life
View 3 Replies
View Related
Aug 15, 2011
I have installed my new E4200 and it works beautifully. I have several wirelss adapters and a few wired connections through powerline adapters. I also have a second VPN router attached to the 4200.I can see the wireless connected devices with the associated IP addresses. If I plug a laptop directly into the Cisco, I can of course see it.However, I can see none of the devices attatched to the powerline devices? I have a securty cam connected via the powerline and want to know the IP address. I checked with cisco technical support via chat and they said it is impossible. I have used 2 previous routers with the same configuration and can see all devices.
View 1 Replies
View Related
Oct 15, 2012
Is there any shut down proceedure for cisco devices in data center cisco router,switches,firewalls ASA-5580-20,ace-4710 and IPS-4260 devices.
View 4 Replies
View Related
Feb 12, 2011
I have been testing WiFi devices such as the iPhones and iPads connectivity with the following setup:
1. 3502i AP
2. WLC 5508 SW 7.0.98
3. NGS
The i-devices have iOS v4.2
My goal is to have the guest user i-devices maintain the credentials (username and password) when they login again to the wireless network. Like if the device sleep, I think definitely they would loose those IP address issued by the DHCP. Once the guest user uses them again and connect them to the wireless network the user would not need to type-in those credentials on the Web Authentication page directed by the WLC.
The credentials are issued by the sponsor who created them on the NGS. It seems that there are WiFi problems with these i-devices. But somehow, I'm looking for a solution that would automated the logins like a checkbox if you want to be kept signed in, on Yahoo or Stay signed in for GMail.
View 6 Replies
View Related
Oct 11, 2012
All of a sudden my laptop, android phone and blu ray player (all wireless devices) can't communicate with my wired devices (marantz receiver and samsung tv). Everything still connects to the internet independently but i can't for instance play music from my wireless laptop to my wired marantz receiver. I had no trouble with this last week and didn't change anything (that I'm aware of) I did get Verizon to switch out my router but it didn't solve anything. My wife's computer also cannot connect to wired devices. Lastly, if I connect my laptop with via ethernet cable it sees wired devices fine. I tried shutting off windows firewall but didn't work. I have no other firewall/virus software installed. I can ping to all devices (wired and wireless) from my laptop.
View 1 Replies
View Related
Feb 23, 2012
I have a E4200 router. The firmware version is 1.1.02. I am reluctant to upgrade; however, my iMAC is picking up the 5GHz broadcast setting, but the rest of my wireless devices only recognize my lower 2.4GHz setting. I have changed channels, my router address is changed because it conflicted with my Verizon DSL. I do not have FIOS. What can I do to fix this problem. I have an ipad, 2 iphones, 2 ipod touches, 2 laptops (PCs), an XBOX, and a PS3 that needs to connect to a higher broadcast. The connections are slow and at times get dropped.
View 4 Replies
View Related
Sep 8, 2011
when I switch my e2000 wireless setting to 5 ghz the wireless devices don't work
View 2 Replies
View Related
Nov 6, 2012
output are here
*Mar 1 01:28:21.018: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 01:28:21.022: %LWAPP-3-CLIENTERRORLOG: bsnSetCurrentBHRate : fail to set
radio control and data rate
*Mar 1 01:28:21.179: %CDP_PD-2-POWER_LOW: All radios disabled - AC_ADAPTOR (00
00.0000.0000)
*Mar 1 01:28:21.984: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEth
ernet0, changed state to up
*Mar 1 01:28:34.341: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigne
d DHCP address 192.168.10.244, mask 255.255.255.0, hostname AP2c54.2d0d.c3c4
View 1 Replies
View Related
May 1, 2012
I have a WLC 5508, AIR-LAP1142N APs and a SSID for students to connect to who bring their own device. I am still testing this and it has not been rolled out but I am running into some serious issues with joining the network. I am authenticating them through a RADIUS server (2008 R2). Problem: many of them cannot connect because they are lacking the certificate.
1. What is a good setup for authentication in a BYOD environment
2. If my setup is good what can I do to allow kids to use their computers on the wireless either without the certificate (which I know is unlikely) or what do I need to have them do to connect. I am hoping it does not involve hard wiring and getting the certificate from the server.
View 1 Replies
View Related
Oct 24, 2011
have a Cisco 5508 controller (version 6.0.199.4) that when I enable global multicast mode it will work for an hour or two and then it will kill the network. All internet both wired and wireless, access to server everything dead. I then have to directly connect to the service port and disable the global multicast mode. Then two reasons for enabling it are Docs2Go and LanSchool both require multicast to be enabled. I have it enabled on our wired network and it works OK there. ted.
View 10 Replies
View Related
Oct 23, 2012
I just turned on 2 Wirelless LAN Controllers 5508 and I am getting this message on both of them:
Loading primary image (Image not found)
** Unable to read "linux.pri.img" from ide 0:2 **
Loading backup image (Image not found)
** Unable to read "linux.bak.img" from ide 0:2 **
And it is taking me to the BootMenu. I selected option 4 to Clear Configuration and the controller seems to restart the system but I still get the same error. I checked the LEDs status and Sys is Amber and Alarm is OFF which according to the documentation is a System Crash.
View 1 Replies
View Related
Apr 7, 2013
Is there any way to configure a wired guest network with a combination of 5508 and 2504 wireless controllers? I am aware that the 2504 does not have wired guest functionality, however is it possible to set up a wired guest on the 5508 and using mobility anchors, transmit the l2 information through eoip to communicate with the remote vlan?Home built NAC solution, using 802.1x authentication on switchports for public areas. If user is an employee, communicates with the supplicant on their machine, and places them on an internal vlan.If user is a guest, user fails 802.1x check and is placed on a "guest" vlan with an ACL and external DNS.If placed on the guest vlan, the user has to accept a terms of use form.This is working currently with our 5508s without any issue, however we have some remote offices we'd like to roll this out to that are using 2504 controllers. I'm hoping there's a way that I can use the 5508 as an anchor or vice versa to make this work.
View 1 Replies
View Related
Apr 15, 2012
Interface management on WCL 5508 is assigned ip 192.168.255.200 and from a PC ( on different subnet), i can ping but cannot access https to WCL but From a PC ( in the same subnet) i can ping and https.
View 11 Replies
View Related
Aug 1, 2012
I want to install a pair of 5508 to manage the whole wireless solution and I have a few questions regarding deployment, Please refer to the topology. The management and ap manager interfaces are conifgured with the same ip address range and thus the same vlan which is 10.160.254.X/24 also all the APs(1,2,3) in that building have the same IP address range for management which will be manually conifgured. The AP's (4 and 5) on the other building have another range of IP address for management and here is the first question. Will the AP's 4 and 5 join the WLC if I manually configure them to point to it? I know I can group interfaces and use them with the same SSID BUT the WLAN vlan in both sides are different and are separated by a router and hence the next question: Can this be done even if they are separated? and if I can, how is this possible, should I configure a dynamic interface in the WLC with an IP of that network even if it doesn't exists on that side? I'm kind of confused with this.
View 5 Replies
View Related
Jul 30, 2012
I have a Cisco 5508 setup at a host site with 3 other sites connected using hreap on 1252APs. When doing testing of network speed I find that the throughput from the wireless to wired network is at about 18mbps yet the same test on wired side is 85-100mbps and wireless to wireless is 18mbps
View 4 Replies
View Related
Oct 2, 2011
I am running 5508 controller with version 7.0 and 1142N access points.. I am facing a problem on user connectivity.
Wireless Users are getting frequent connection and disconnection. These users are not getting connected to the access point nearby although this access point is up and running. I have tried reducing the power level, configured the AP after resetting it.
View 2 Replies
View Related
Mar 31, 2011
I just installed my new DIR-655 yesterday and it went pretty smoothly. However, only my Notebook PC is connecting as 802.11n. All my other devices that are N capable are connection at 802.11g. These devices are XBox 360 Elite with wireless N adapter, 2 wireless N Roku Players, and Lexmark X6570 Printer. Is there some way to get the router to see these devices as N capable short of forcing everything to connect as 802.11n?
View 6 Replies
View Related
Apr 24, 2012
we have a working wireless network managed by a 5508 WLC and nearly a hundred AP in different buildings. We want to integrate several apple-tv in different WLAN. We enable global multicast mode and igmp snooping on the WLC. When clients connect to these wlan airplay functionnality operates for 2 or 3 minutes max and after the airplay icon disappears on iDevices. If i want airplay to work again i need to reboot the Apple-TV but again it can't work for more than 2-3 minutes.
View 8 Replies
View Related
Mar 7, 2012
I am using guest solution with two WLCs , one inside and one as anchor in DMZ.we have also NAC guest server to authenticate the guest users. inside WLC is 5508 and had been updated to latest version 7.2.103.0 last Thursday.
now we facing problem with the guest SSID , after the user authenticate, immediately disconnected and to access again he has to authenticate again and so on.
Is there any Bug with the new version because the setup was working fine before upgrading.
View 1 Replies
View Related
Aug 8, 2012
i have a wlc 5508 with code 7.0.220, with multicast enabled in it and on the lan too.I am having a bit of confusion getting bonjour to work on the wireless side. Looking at some of the cisco docs, i still have some questions on how to get it working in my specific enviroment.
I have the wlc conected to the lan via a port-channel. 2 wlan (ssid1 and ssid2) each wlan maps to a specific vlan (dynamic int), the management int (also used for dynamic ap-manager) on a third vlan (vlan x).
I need to get Bonjour working between ssid1 and vlan-x, so my wireless clients (in ssid1 can use bonjour with their laptops) can synch between wireless and wired. I know that you can do this within the same wlan (ssid) but in this case, when a user has a laptop wired into the network he cant comunicate to the wireless device. I read about Vlan Select and Multicast Optimization however, from what i understand i need to setup an interface group and just assign my wlan1 and management int to it, correct?
when or if i need a different segment (vlan y) in my lan to also "bonjour" with ssid1? For this i assume i would need to create a dynamic interface on the wlc using the same IP segment and do the a new interface group?
View 5 Replies
View Related
Apr 17, 2012
I have a new wireless configuration on a 5508 WLC. the controller is licensed for 12 AP's. I have plugged 8 AP's into the wireless vlan and 6 out of 8 come up with IP address and connect to the controller, broadcast two configured SSID's all seems good with them, but i have two AP's that do not get IP addresses. they are in the correct vlan i can plug a laptop into the group of ports in the val and get an IP address. So it seems to be just the AP's that don't. if i look at the consol of the AP it says: Waiting for PHY to auto negotiate . then it say timed out and continues to "boot with errors" then it continues to complain that it has no ip address. I have rebooted a few times and changed ports, and patch cables.
View 3 Replies
View Related
Jun 1, 2012
Currently my home network is being switched via TrendNet TEGs80G unmanaged gig switches. I have been using them for about a year now with no issues. As my home network becomes more advanced, I recently just added a Cisco ASA5505, I am thinking about swapping those unmanaged devices, 4 of them, to managed. I was looking at the Cisco SG300-10 for upstairs, and a 16 port variant for my main core. These devices do not support full Cisco IOS cli, but they are manageable with a rich feature set nonetheless. My question is, should I swap the unmanaged devices with the more expensive Cisco devices, or just keep what works and save the money until I really need to spend it. As previously stated, my home LAN works just fine as it is, however my WiFi, NTV550s, server and workstations are all on the same network. Probably not the most secure but it is what it is without VLAN support.
View 11 Replies
View Related
May 20, 2013
Ill start with a list of equipment;
5508 WLC
3502i AP's
Cisco ACS 5.3
Windows 7 clients
WLAN is configure with WPA2/AES with 802.1x for key management.Client is configure with WPA2/AES, auth method is Microsoft: Smart Card or other certificate on computer. Auth mode is User or Computer authentication. The client is configured to use a certificate on the computer. "It only works if user or computer auth is seected." If i use Computer Authenticate option......its says it cant find a certificate to use for EAP.ACS is configured to only allow for protocol EAP-TLS.We have created a standalone CA server and have distributed the CA root and client authentication certificates to all test systems.
This whole process with EAP-TLS works great if you are already logged in to the machine, with cache credentials. Once I log off the Windows 7 client, I lose connection to the WLAN. We would like to stay logged on to the WLAN. PEAP w/ MSCHAPV2 works great with staying connected to the WLAN but we want to use EAP-TLS.
View 3 Replies
View Related
May 14, 2012
We have a situation where wireless access points are just going down randomly on our network. The situation is as follows:
We have 2 Cisco 5508 WLCs (licensed for 250 APs each, with more licenses en-route), both running software version 7.2.103.0. Then we have a large-ish number (±300) of Cisco AIR-CAP3502I-E-K9 APs connecting to these two controllers. The APs are either connected to Cisco WS-C2960S switches, or in "older" areas of the network they are connected to WS-C2950 switches. We do not have PoE switches installed yet, so all APs are powered by power injectors (AIR-PWRINJ4=).
Anyhaw, all the access points are in FlexConnect (previously HREAP) mode, and they all connect via trunk ports to the switches in order to get the VLAN per SSID working. Both controllers are in the same mobility group, and both are in the DNS as "cisco-capwap-controller" as they are load balancing. The APs are installed about 25m apart in most areas. There is one installation where two APs are about 10m apart, but this is due to the shape of the building in which they are installed. We have no autonomous APs deployed at all...
The problem is that some access points work for about a day, and then they just disassociate with whichever controller they were associated to, and then they just fall off the network completely. Both WLCs, the NCS, and the network monitoring system (WhatsUp Gold) show the affected APs as physically unreachable. Looking at the trunk port on the switch, it shows that the port is up and the line protocol is up, input rate is 0 bits/sec, and output rate is up to 70,000bits/sec. There are no input or output errors on the switch port. Here is the output from one such switch port: [code]
Connecting a console cable to an affected AP is fruitless, as the AP appears to be unresponsive while it is "down". Rebooting the AP, then connecting a console cable works, but then you've lost your syslogs. Looking at the Ethernet interface on the AP, it appears as if the interface is picking up a lot of errors, especially CRC errors, which would indicate a physical cable problem.
I got our cabling contractor out to do a cable test again, and it passes every time. We have them test both the Systimax and the Molex cable installations of affected APs, and all is OK. They use a Fluke MicroScanner² cable tester which certifies the Cat 6 cable from patch lead to flylead. No problems there, and I trust that the cable is 100% as tested.
So I swap the power injector of an affected AP (let's call it AP A) with an AP that is not affected by this (let's call this one AP B), and AP A goes down again after a day, or sometimes only a couple of hours. AP B remains operational as usual. If I swap AP A out with a new AP (AP C), then AP C starts showing the same symptoms after about a day, and then it also just goes down. When "suspect" AP A is installed somewhere else, then it works and stays operational for, well, 58 days now. Changing the switch/switch port also makes no difference.
This happens to one of the APs that are part of the "10m apart deployment", but it also happens to another AP that is completely on its own in a building far away from any other wireless source, so I cannot think that this could be the problem. I happens to an AP that is less than 100m away from its closest WLC, and it happens to an AP that is more than 350km away from its closest controller. All the other APs deployed in our remote campus (350km fibre link) are 100% OK. It happens to APs connected to the older WS-C2950 switches as well as the brand new WS-C2960S switches.
I am at wits end with this one. Where could the problem be? I trust the "Big Green" company that does our cable installations, and I trust the equipment they use. I also trust both Systimax and Molex to be very good products. And I do trust Cisco, as this is the only network equipment we deploy.
View 9 Replies
View Related
Jan 19, 2012
Ok my Routers Sercurity Settings are on WPA/WPA2-Personal (PSK). But on this setting it does not allow me to use all my wireless devices. They appear with errors stating that i must change my sercurity settings to WEP. So i tried this, i first changed it to 128bit WEP and it connected to my other devices. But the router suddenly began automatically shutting off its wireless capabilities at frequent random intervals (the LED showing its function shutting off and all wireless internet sources). So i changed it back to my original settings and it fixed itself, but once again i could not access my devices. So i tried using the 64bit WEP option and once again it proved the same results as the 124bit WEP.
View 6 Replies
View Related
Jun 7, 2012
my d-link modem is connected and was providing great wireless service to numerous devices around the house until yesterday. The wireless lights are on and stable, but we can't connect. We've tried resetting and turning off to no avail. This computer is connected via an ethernet cable through the modem
View 5 Replies
View Related
Sep 26, 2012
During the summer we had three laptops and an iPod. Two of the laptops and the iPod were having trouble connecting to the Internet, but I thought that was because we had too many devices but I looked it up and most sites said that wasn't true.
Now we have two laptops and the iPod and there are still problems so I thought it was a modem issue. It's a Webstar DPC2100R2 and when the Up and Down lights go off our wireless has trouble but if I use cord which goes through a D-Link DIR-615, the Internet is fine. When the lights go out I usually turn off both devices and turn them back on after about a minute and that usually works.But then, the lights didn't come back on so I called my Cox, my provider and they did something that fixed for about a week then the two lights went out again. Yesterday I reset them again and my Acer Aspire connected and so did my iPod but my HP Pavilion couldn't so I reset it again. Now my HP and iPod work but my Acer doesn't even though I've reset it multiple times.
What's weird is that the HP never has any trouble connecting, even when the lights aren't on or when my iPod, Acer and my sister's Dell couldn't.
View 6 Replies
View Related
Oct 3, 2010
My wired devices can see my wireless devices, and my wireless devices can see my wired devices, but my wireless devices can't see other wireless devices. And by "see", I'm talking about various media servers, like TVersity, PlayOn and Windows Media Center, and by devices, I have two wireless computers, an Xbox, and a DAP-1522 bridge, among others.Is this how the DIR-825 works, or am I missing a setting to allow the wireless devices to see and communicate with each other? Specifically, I'm trying to connect my wireless N Xbox 360 with a wireless N Win 7 Home Pro laptop.
View 2 Replies
View Related
