Cisco Wireless :: 891W Connecting To WLC 5508?
May 2, 2012
I am having problems connecting an 891w to a WLC, is it possible to have to separate vlans, one for the Lan ports and another for the AP module.
I do not want the AP part of the 891w in autonomous mode. The WAN port of the router will be connected to a DSL type service.
Is there a guide or something to get a 891W to connect to the WLC?
I would like to have users on a data vlan (vlan1) connecting to the network like a normal router, then the AP module to connect to the WLC via a different IP probably vlan 2
On the WLC itself i do not see any attempts in the logging.
View 10 Replies
ADVERTISEMENT
Aug 6, 2012
question in regards to the deployment of a new WLC and new LAPs,I have configured and connected a 5508 WLC and 3500 series LAP.LAG is enabled in the WLC and successfully connected to the neighboring switch (using etherchannel) and to the network.
The port-channel port is set to trunk mode obviously and certain vlan ids are currently allowed (3-5)
The management interface has this IP address 192.168.5.250/24
I created a WLAN with WLAN ID 3, Interface set to Management and say SSID test1
I have connected a new LAP to the network, which switchport interface is set to access mode and assigned with vlan id 3. The LAP is able to join the WLC successfully with an IP address, such as, 192.168.3.100 (assigned via DHCP).
When I try connecting a mobile client to the wireless LAN, it can successfully detect and connect to the WLAN, created in the WLC (test1) however it gets an IP address by DHCP, in the 192.168.5.0/24 network, which is the IP range of the management interface's IP address.
What can I do to get the clients connecting on network 192.168.3.0/24? I thought this would be the case since I allocated the WLAN Id of 3 in the WLAN test1 configuration and since the LAP switchport is set to access mode with vlan ID 3.
View 3 Replies
View Related
Aug 6, 2012
I have a wlc 5508 and I'd like to setup a network for visitors. They will connect to the WLAN, enter a password and then automatically get redirected to an external website. I understand the wlc 5508 supports this but I'm struggling to find out how to set this up I assume this can be done without having to customise webauth bundles?
View 2 Replies
View Related
Nov 18, 2012
recently we have purchased Reflection - an AirPlay mirroring software. Basically install Reflection in the laptop and you can view the screen of the iPad or iPhone via wireless network. we have tested in home wireless network no problem, but when connect to the cisco network, the iPad didn't recognize the REFLECTION installed in the laptop.
we are running WLC 5508, WLAP AP-1331AG, we can ping from laptop to the iPad laptop and ipad can access network without any issue. there is no any application port has been blocked between the client via wifi extra details for REFLECTION: [URL]
View 4 Replies
View Related
Jun 2, 2013
We have a 5508 with 7.4.100.0 vor Internal APs and OEAPs. till now every thing is ok. Now we have to connect an AP (local) in a remote office, connected to the WLC by a VPN Tunnel. The problem is that the AP in the remote office uses the NAT Address to connect to the WLC, so the traffic goes over the Internet, not trough the VPN Tunnel. On the controller I have the following setting:
AP Discovery - NAT IP Only ................. Disabled
On the AP:
AP Link Latency.................................. Disabled
How to force the AP to use the internal IP Address of the WLC?
View 7 Replies
View Related
Aug 26, 2012
I'm working on migrating autonomous WAPs to lightweight mode in a WLC 5508. Some of the older WAPs are being decommissioned at the same time.
One issue I have found is that after replacing an old WAP in autonomous mode with a new WAP (3502); some clients near the coverage of this new LWAPP are now connecting to another WAP in autonomous mode that has not been converted or replaced yet; but that is located quite far away from where these clients are, actually two floors down. Users on these clients have reported wifi dropouts, which is obvious due to the distance where the old WAP is. A workaround that seems to work is removing the wifi profiles in the client machines and recreating them again, which is not a good solution for all of the wifi profiles we have in place. At this point of time we still need to have the older WAPs until they are all replaced.
How can I get clients connecting to a LWAPP that is closer to their location? I'm wondering what causes those clients to look for an existing older WAP rather than connecting to the new LWAPP, which is broadcasting the same SSID closer to where they aree. Bear in mind that the new LWAPP is working fine and has live sessions working just fine.
View 5 Replies
View Related
Aug 31, 2011
I have an 891W with the internal AP. I want to update the AP's software but can't find anywhere to get it on Cisco's site. If I go to Download All, Routers, 800 series, 891W all I can choose is IOS, IOS ROMMON and upgrade to LWAPP. If I go to Wireless Wireless integrated service routers, 800 series, 891W I get IOS and IOS ROMMON.
View 1 Replies
View Related
Oct 12, 2012
I have had trouble to verify the support wireless speed and band that CISCO891W-AGN-A-K9 supports. I saw on a vendor website that it supports a max wireless transmission speed of 54Mbps but this seems low for what is supposed to be the current model wireless router which is supports 802.11n. What the maximum supported wireless speed and whether 5Ghz is supported? Plus I am thinking about purchasing it for my home wireless network (upgrading from an 871W).
View 1 Replies
View Related
Sep 22, 2010
Working with wired Cisco equipment for many years, but trying to configure an integrated wireless AP for the first time.
I have a Cisco 891w router with the following software (main and integrated AP801 wireless AP):
1. Cisco IOS Software, C890 Software (C890-UNIVERSALK9-M), Version 12.4(22)YB
License Level: advipservices
2. Cisco IOS Software, AP801 Software (AP801-RCVK9W8-M), Version 12.4(21a)JA1, RELEASE SOFTWARE (fc1)
Opening a connection to integrated AP801 wireless device for performing wireless configuration tasks, the connection is established OK, authentication is passed OK using credentials from main configuration file, gaining level 15 privileges with enable command, but after that... no way to enter "Global Configuration mode" because there are no "configure" family commands present!!! Simply can't say "Conf t" because there is no such command!
View 9 Replies
View Related
Apr 8, 2013
Any issue creating a guest vlan to use the WIFI on an 891W router? The IOS is version 15.1. I have created discreet Vlan's and setup subinterfaces on both the WLAN_AP0 and GigaEthernet 0 interfaces with dot1q encapsulation. The client will receive an IP from the pool but cannot ping or connect beyond the default gateway.
The external interface is using Nat overload and all wired clients are successful in connecting to outside addresses. I have insert a permit any statement in the acl which affects the external port but still no success.
View 7 Replies
View Related
Jan 6, 2013
I have an 891w that started acting up recently. Radio dot11 0 is reporting its a b radio. When it is actually an n 2.4 radio. Of course that radio is not allowing any clients to connect to it at this time. I have tried updating the firmware to the latest, tried a hardware reset but still a nogo.
sh interface output.
Dot11Radio0 is up, line protocol is down
Hardware is 802.11B Radio, address is 0000.0000.0000 (bia 0000.0000.0000)
MTU 1500 bytes, BW 11000 Kbit/sec, DLY 1000 usec,
[Code].....
View 6 Replies
View Related
Feb 26, 2012
I have a client that that is installing a new network. They have requested the use of an CISCO891W-AGN-A-K9 mostly to be consistent with upgrades perfomed at other sites. I agree with the use of this router, so that's OK. The issue is that they have requested that I use the integrated PoE available on this model. I'm also OK with this as it will make a much neater installation. However, I can't seem to find much information on how to get the integrated PoE. I need clarification as to whether I can get a kit to upgrade this router. I generally purchase from sites like newegg or cdw (I'm an independent contractor) and I can't seem to find one with it. I have found some information on 800-IL-PM-4 and 800-ILPM-4 (who could confuse those ). Are they the same or different? Which one is the correct one and does it include the AC power adapter and can if be retro'ed into a router without the PoE?
View 2 Replies
View Related
Feb 24, 2011
Alright, well I have a Cisco 891w router and have just about everything up and ready to deploy. I'm primarily using Cisco CP 2.4 to provision the router with minor tweaks being done in the CLI. I want to set up a filter to allow access to roughly 20 websites for the majority of my network which is all on the same VLAN. The ip ranges are x.x.x.10 - x.x.x.169 which I have set into a Network Object group called limitac. The second group ranges at x.x.x.170 - x.x.x.199 and is called allowac. I have set up DHCP bindings for all the devices that will connect to the network but I want to set up a web filter for only the first group. I cannot seem to find anything in the Cisco CP manual or the IOS manual for setting up filtering for a range of IPs only. Primarily there are a few computers that need full access to the web while the others should only have access to the sites I set up in the filter.
View 14 Replies
View Related
Apr 18, 2012
What I currently have is a Cisco 891W Router as well as two ISP's (both with dynamic IP's) in. I'm currently just running one of my modems into the 891 through the FE8 port and then if for some reason I have an internet failure switching the ISP modems. What I'm wondering is if there is a fairly simple way to configure (and attach) both modems to this router and then set it up to handle this failover automatically?
View 1 Replies
View Related
Mar 22, 2012
I believe I have the steps done at the IOS to config the WAN port for SSH, but I still can't connect to it. I have "logging console 7" on so I am able to see that the router is dropping my TCP session requests. I figure this is just the built-in zone-based firewall at work.
Is there a very straightforward process, via the IOS, to allow SSH inbound on the WAN port? I'm not very familiar with the IOS other than basics so while I know how to do things like "transport input ssh" and "login local" and such on the vty 0 4 line, I have no idea whatsoever on what I should do with the firewall stuff. I believce the WAN interface is already a member of the outside zone though so I imagine one just has to somehow include ssh (preferably on a non-standard port) in the exceptions on the firewall somehow.
I have been poking around for a step-by-step IOS guide for this but only find info on configuring SSH itself but not how to open the firewall to allow the connection for it through.
View 11 Replies
View Related
Sep 24, 2012
I am trying to allow RDP through my 891w.I have tried a few different yjing to no avail. [code]
View 23 Replies
View Related
Nov 6, 2011
I'm new to using Cisco Config Professional Express but a lot of things are just "off" with this utility. But my problem for this post is specifically the 891W's internal access point, or initial access to it.
My situation is that I have some 891W's. It's my first time working with them, as well as with CCP Express (2.5). After isolating the router and my PC to their own network, using the IP my PC got via DHCP frmo the router I opened a web broswer and connected to the router. The initiial configuration wizard came up and I went through the various screens. One of those screens had basic config info for the internal wireless AP which I provided. Somewhere in that screen it asked for a Hostname for the AP, and a password. It doesn't askfor a username though. To ensure I wouldn't run into confision, I made sure to set every password I ever get asked to configure as the same thing so the AP's password was also the same.
However after I finish with the wizard, the java-based CCP Express begins prompting me for first the main router credentials which I provide and it gets the router config, then it prompts mefor the username/password for the Access Point. First of all, the initial config wizard had never asked me for the username for the access point, only the hostname, and the password. I had assumed it was just going to use the main router username, or perhaps a blank username.
In any case, nothing I type ever works. I've used cisco/cisco, or a blank username with my new password, or the same username as the main router with the password ---- nothing. This is now the 4th time I have completely Reset the router to factory defaults and while I am learning the use of CCP Express through repetition, I'd also like to get this thing configured and out the door so my customer can use it.
View 3 Replies
View Related
Jun 21, 2012
i have a home lab network that is connected to my internet. I basically have a linksys router connected to cable modem and in order for my families internet to not go down while testing and learning my CCNA I am trying to treat the Linksys as the ISP.
1. Plugged my 891W router via FASTETHERNET 8 (192.168.1.10) into LAN Switch port 1 of my Linksys E4200 home router(192.168.1.1).
2. I plugged my 891W Gigabit 0 (10.10.10.1) LAN side into my 2950 Catalyst Switch (10.10.10.5 - VLAN 1)
3. my 2950 Catalyst switch (10.10.10.5 - Vlan 1) is plugged into my 2600 series router via the routers FE port (10.10.10.2).
There is a few more routers connected behind r2 but I am not dealing with them right now and there is also a switch connected into s1 but its not being used for this.
891w is labled r1
2950 is labled s1
2600 is labeled r2
I am running RIP Verison 2 for my network protocol.
r1 information below
----------------------------
r1#show ip protocols*** IP Routing is NSF aware ***
Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 24 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 Interface Send Recv Triggered RIP Key-chain GigabitEthernet0 2 2 Vlan4 2 2 wlan-ap0 2 2 Automatic network summarization is in effect Maximum path: 4 Routing for
[code].....
I can ping all over my homelab everything I can reach as long as I have a protocol up but I cannot reach the WAN IPs. I watched video by Jeremy Ciorara and I tried to follow the wan and nat part from a website [URL] And none of its working. I am not sure if this is a case where a private IP cannot function as a ISP and I am breaking some rule thats not mentioned in CCNA studies or if its something else. I tried these commands from Jeremy Video:
r1(config)#ip access-list standard "NAT_ADDRESSES"
r1(config-std-nacl)#permit any
r1(config)ip nat inside source list NAT_ADDRESSES interface fastEthernet 8 overload
However they did not work it was pretty close to whats in the basic website up there I listed as well. I think I went back to the basic configuration in the config file post above. Its really frustrating as I follow directions and they do not seem to work. I understand I am using my private 192.168.1.0 subnet as an ISP and maybe that has something to do with it but when yoru first learning and things dont work its kind of overwelming as you have problems seeing the big picture and dont yet trust in things you have learned as they are unfamiliar so its easy to get lost.
View 1 Replies
View Related
Feb 9, 2012
I am trying to configure the FE8 (WAN port) to connect to the Internet. We're swtiching ISP'ssoon so this router was set up at my office and has since been deployed at the client site. So far it is just plugged in and powered, with a console cable attached but no LAN cabling since this router will replace an existing one using the same addressing (except the WAN settings of course). So for now I am just focused on working on the WAN side since I have the ISP's cable modem attached . I had intiially used CP Express to config the wan port with an IP and mask and the various port forwarding options I intend to use. Now, connected via console cable, I tried pinging the IP of the wan port, which works. Beyond that, can't ping anyting (8.8.8.8 - a Google IP), also can't resovle any DNS names which makes sense with no apparent connectivity. Likely my config is just imcomplete. Nowhere in sh run do I see a Default Gateway, yet this ISP did specify one so I assume I need to enter it. Not sure what's the right way - I get confusing results on searches telling me either to use ip default-gateway or ip default-network. I want to think that it's as simple as entering in the IP but so far I've learned with the IOS that you never do anythign without knowing all the possible implications, which I don't. Also while I am at it, I don't know what I should have for DNS entries. This router will not be a DNS server for any internal systems that function will be managed by the two Windows 2008 R2 DNS machines. The ISP has also provided two IP's for their DNS servers. I thought it would be a simple matter of just adding two entrires via ip name-server command, which I did. So now I have four entries, first the two internal servers (inaccessible currently due to no LAN cabing to this router), and the two ISP servers. Can't ping those either, but again there's no default gateway.
View 39 Replies
View Related
Nov 6, 2012
Over the weekend this router was put into production. SSHv2 is configfured and was working fine. Due to some circumstances, we had to avoid configuring any zone-pairs that included the self zone. This of course left the router open somewhat. SSH was secured but of course a few IP's from poorly regulated parts of the world spent the weekend trying to brute force log into the router. No luck it seems. Anyway, SSH continjued working, then we set up self zone-pairs (out to self and self to out). As ssh can't be Inspected, we did a pass log for each direction. This worked for a bit, then SSH just stopped working. I've seen this happen on 891W's in the lab here too, so is not something perhaps done by some unseen DoS attack or something.
View 8 Replies
View Related
May 27, 2012
I'm working with some 891W's that have the internal 800-series AP. I have this router set up initially using Cisco Config Express, then, using Cisco Config Professional 2.5 I set up the firewall and other featuress that CCE doesn't do. Overall this is a very simple router, meant to be a small business Internet gateway device but is currently in my lab.
The intended WLAN setup is very simple. One SSID, with broadcast enabled, using WPA2-Personal. Auth: open Encryption is both TKIP and AES-CCM.
However no matter what I do I cannot get thhis thing to broadcast . In the past I had sometimes run into issues where if I had more than one AP running independently it would cause a channel conflict and one or both would cancel each other's radio, so I disabled all other AP's in my vicinity.
Also I've had issues in the past where f I enabled both TKIP and AES, sometimes clients can't find the AP as a result. My solution had been to disable one of them leaving just the other - no change here however.
Via the IOS, ssid config shows mbssid guest-mode which I believce is default.
Interestingly, if I do the following:
ap# Config t
ap(config)# dot11 ssid <myssid>
ap(config - ssid)#guest-mode
end
I end up with both "guest-mode" and "mbssid guest-mode" in the sh run for the AP, and voila, my AP broadcasts the SSID. However clients end up joining without any security at all, no prompts for pre-shared key or anything.
View 7 Replies
View Related
Jan 26, 2012
I have an 891W router that requires a firmware update to fix a bug wth the internal AP where all you get when accessing it via the CP Express ("Launch Wireless Application", which is just opening another web browser to your AP) is an Enter button. This issue seems to be common so I found a thread, though for the 881W (but same process) where the fix is to update the AP's firmware.
So I downloaded ap801-rcvk9w8-tar.124-21a.JY.tar from cisco.com, set it up in my tftp server, and at the console ran the following from the router:
Router#service-module wlan-ap 0 session <enter>
This brings me to the AP.
I then type in:
InternalAP#archive download-sw /force-reload /overwrite tftp://192.168.0.71/filename.tar <enter>
It seems to go through the process of re-imaging the fw but the end result now after it is done is that I cannot access the ap at all and the hostname has been screwed up. So now when I go to the AP (via Router#service-module wlan-ap 0 session <enter>), this is what I see:
AP6400.f177.d0ee>
If I type "enable", I get no username prompt but I do get a password prompt, however my pw no longer works. Also the IP address of the AP (192.168.0.2=) is no longe rpingable.
I did save the log of the console session for the (failed??) firmware upgrade process - the only odd thing I recall was that it seemed like it was trying to enter part of the update process commands but instead the router was interpreting them as a DNS lookup or something. Kind of stupid process it seems but anyway I am quite lost. Don't know what it'ssuch a challenge to update firmware.
View 9 Replies
View Related
Mar 15, 2011
I have an 891W that I initially configured using CCP Express (2.5). So it has a WAN IP set, and through CCP Express I had enabled via the checkboxes the various default settings for security. This includes zone-based firewall. I then added a number of NAT entries in the setup wizard.
What never occured to me at the time was that I should have added entries that allow for remote access. So it seems I've locked myself out of accessing the router via the WAN interface even though I know it's IP. I'm sure it's just a matter of adding port exceptions for SSH and/or whatever port(s) CCP uses.
So I"m wondering what the proces woudl be. In the IOS while showing the running config., I see pages and pages of class-map stuff which at present I don't know enough about to risk editing anything directly. But maybe I don't have to? What would be the best way to, for example, enable SSH access through the firewall? I already have transport input ssh set on the interface itself so I believe it's ready to allow the connection, just that I can't get to it via WAN int. so I assume it's the firewall.
View 3 Replies
View Related
Feb 21, 2013
I have an 891w as my edge device for my home office. I have a VLAN for family use (wired and wireless) that routes out to the internet just fine. I have a second VLAN assigned to a VPN tunnel that backhauls traffic to my corporate network (wired and wireless) and all of the traffic gets to the corporate network fine when I am on that VLAN.
However, while I am on the VPN VLAN, no traffic gets to the internet. I believe it is because I have the gateway of last resort (0.0.0.0) set to the WAN IP address provided by my ISP, so DNS is resolving against corporate, but because there is no specific route, it is trying to dump the traffic back out the WAN without traversing the VPN tunnel.
View 4 Replies
View Related
Apr 1, 2012
I connect to my corporate network using Cisco AnyConnect Secure Mobility Client. Once connected I can no longer print to my LAN attached printer and other local resources. I use the Cisco/Lyncsys E4200 router on my LAN and can re-connect to the storage on the local LAN by setting up Port Forwarding of port 21 and MS Windows FTP folder sharing. However, I can't seem to connect to a Terminal Services client by forwarding port 3389. Is there a way to connect to the local LAN after logging into the VPN connection. I can connect to regular HTTP/HTTPS sites and most other type of connectiins, just not my own local resources.
View 3 Replies
View Related
Nov 6, 2012
output are here
*Mar 1 01:28:21.018: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 01:28:21.022: %LWAPP-3-CLIENTERRORLOG: bsnSetCurrentBHRate : fail to set
radio control and data rate
*Mar 1 01:28:21.179: %CDP_PD-2-POWER_LOW: All radios disabled - AC_ADAPTOR (00
00.0000.0000)
*Mar 1 01:28:21.984: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEth
ernet0, changed state to up
*Mar 1 01:28:34.341: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigne
d DHCP address 192.168.10.244, mask 255.255.255.0, hostname AP2c54.2d0d.c3c4
View 1 Replies
View Related
May 1, 2012
I have a WLC 5508, AIR-LAP1142N APs and a SSID for students to connect to who bring their own device. I am still testing this and it has not been rolled out but I am running into some serious issues with joining the network. I am authenticating them through a RADIUS server (2008 R2). Problem: many of them cannot connect because they are lacking the certificate.
1. What is a good setup for authentication in a BYOD environment
2. If my setup is good what can I do to allow kids to use their computers on the wireless either without the certificate (which I know is unlikely) or what do I need to have them do to connect. I am hoping it does not involve hard wiring and getting the certificate from the server.
View 1 Replies
View Related
Oct 24, 2011
have a Cisco 5508 controller (version 6.0.199.4) that when I enable global multicast mode it will work for an hour or two and then it will kill the network. All internet both wired and wireless, access to server everything dead. I then have to directly connect to the service port and disable the global multicast mode. Then two reasons for enabling it are Docs2Go and LanSchool both require multicast to be enabled. I have it enabled on our wired network and it works OK there. ted.
View 10 Replies
View Related
Oct 23, 2012
I just turned on 2 Wirelless LAN Controllers 5508 and I am getting this message on both of them:
Loading primary image (Image not found)
** Unable to read "linux.pri.img" from ide 0:2 **
Loading backup image (Image not found)
** Unable to read "linux.bak.img" from ide 0:2 **
And it is taking me to the BootMenu. I selected option 4 to Clear Configuration and the controller seems to restart the system but I still get the same error. I checked the LEDs status and Sys is Amber and Alarm is OFF which according to the documentation is a System Crash.
View 1 Replies
View Related
Apr 4, 2013
I have a WLC5508 with around 70 AP's (LAP1042N) connecting over an MPLS WAN network. WLC and AP's are running 7.4.100
From time to time I have an AP which disassociates from the WLC with the logging beneath. This is a problem with the AP, or is this due to network saturation between the AP and the WLC ?
And if so, should I change the default retransmit values ?
View 1 Replies
View Related
Apr 25, 2013
I am planning to upgrade WLC from 7.2.103.0 to 7.2.110.0 due to some bug, but I wanted to know if it is compatible with WCS - 7.0.240.0 and NAC Guest server version 2.1.0, I am made some search but I couldn't get to proper conclusion.
View 8 Replies
View Related
May 26, 2013
I have a wlc 5508 running version 7.0.116.0 that I need to uppgrade to use the CAP2602I AP. I understand that I need to upgrade it to version 7.0.240 before 7.4.100 to avoid loosing HREAP VLAN mappings, and I have also read that i need to install the FUS image [URL]. In what order should this be done? Shlod the FUS image be installed before new firmware ore after firmware or after 7.0.240 but before 7.4?
View 1 Replies
View Related
Apr 24, 2013
since few weeks i configure my APs on the new WLC5508, and then, the lights are off on the AP, is it normal? however they seems to work fine. What does this light means? FW version: 7.0.22,Is it important?
View 2 Replies
View Related
