Cisco Wireless :: AIR-LAP1131AG-E-K9 802.11a Interface Is Down
Jan 26, 2013
I have a WLC 4402 with many APs connected. Most of the APs are LAP1121 and LAP1131 and are working using 802.11b/g. I tried activating 802.11a but for some reason its not working. I see under the Monitor tab that the AP's "802.11a" interface is "down". I have enabled the radio under the "Wireless" tab. Under all the "WLAN" I have enabled all the radios but still not working. 802.11a" interface is still "down".
The AP Model is AIR-LAP1131AG-E-K9 meaning "ESTI" regulation. Under "Country" I "checked" IL.
WCS is reporting few AP's are not associated with it. While troubleshooting, AP conneceted switch interface shows UP/UP and show power inline output gives IEEE PD instead of AIR-LAP1131AG-E-K, after doing a shut/no shut on AP connected interface. Later after sometime AP comes up.
I've a 2106 WLC and the software is upgrade to 22.214.171.124. There are 3 APs with external power adapter work normally on it. Here is the problem: There is another AP with external power adapter has join the the WLC successfully. But it can not enable the radio 802.11b. Following is the error message on CLI
(Cisco Controller) config>802.11b enable AP001d.a1ef.b5f4 Cisco AP has not enough in-line power to enable radio
Since few days the WLC 2100 series controller and 3x LAP1131AG are getting disconnected and the controller gets offline via the local ip address. At that point I have to reboot. To get anywhere and after I connect wirelessly to the AP before I know it it disconnects. It worked for 3 years straight no fuss. And now nothing. I reconfigured the WLC 10times and no diffference.
I have a customer whom has six LAP1131AG-K9 but no controller and they are interested in one of the new 2500 series, specifically a AIR-CT2504-5-K9 with a 5 AP add-on license to bring total AP capacity to 10. I can't determine clearly if this controller will work for these older AP's prior to them making the jump to 802.11n via the 3500 or 3600 series, looking to the community to confirm.
We have about 70 AIR-1131AG-A-K9 APs that were installed about 5 years ago. The controller we use is a 4404 WLC, with software 126.96.36.199. This provides us our wireless network. We use Cisco switches as access, distribution, and core switches.
We have two guest networks, one for visiting physicians and another for patients and their guests. Each of these guest networks use a 4402 WLC as an anchor controller, with software 188.8.131.52. They use the same APs as our business network.
According to my understanding of the guest networks is that a tunnel (I don't know if it is encrypted or or encapsulated) is created between the APs/Guest WLAN to the anchor controllers, so this guest traffic is isolated from our business traffic. Futhermore, these guest controllers connect directly to our firewall, which only allows them access to the Internet, and not our Internal LAN.
Our Problem ========================= Well, we've been having problems with our wireless system, specifcally with patient guest access. It has gotten bad enough that they are looking to replace the Cisco APs on the south side of the hospital. We've been told that "you can get better guest access at McDonalds" : ( . I think part of our problem is that our controller code is so very old and we are have a our patient guest network open and "restrict" the number of clients attached to it by limiting our DHCP scope. The biggest complaint we get regarding the patient/guest wireless is people saying "I can't connect to the wireless", which we almost always identify as an issue caused by us running our of DHCP leases (we have about 200). These DHCP lease are used quickly, by an devices that comes into range that is set to automatically connect to any network that is in range. A lot of our staff is connected to our patient guest network and don't even realize it.
We are interested in Meraki APs because they are magaged using a cloud controller (we won't have the added expense of another controller) and they seem really easy to manage. Our biggest concern regarding Mearki is security. They make use of NAT, a Layer 3 firewall, and LAN isolation (a firewall rule that only allows clients Internet access) in each AP as a means of isolating the guest traffic from the business traffic. Does this seem like a secure way to accomplish this or are the Layer 2 tunnels that Cisco and from what I've been told recently Aruba and Juniper make use of a more secure approach?
We've been working with a Meraki vendor, who also happens to sell Aruba and Juniper wireless networks. It seems like don't suggest Meraki if we are concerned with security. They said they are good for situations where you have many geographically seperated sites. They suggested we use Juniper and Aruba, specifically because they use Layer 2 tunnels and that they used technologies like clear air (APs self adjust channels and power, which Meraki claims to do too). I thought that, hey does Cisco that too, why wouldn't we just go with Cisco if those are your selling points for Juniper and Aruba?
I have 10 AIR-LAP1131AG-A-K9 connected to a 4402 controller. I have a couple of questions:
- When I go into CONFIGURE/ACCESS POINT, one of the AP's has the message "**Configuration is different on the Device**". How do I connect directly to the device to check the settings? I tried to telnet but that didn't work.
- Are these access points capable of acting as a DHCP server? If so, where can I check this setting? I have workstations that are unable to pull an IP address from my DHCP server running on a Windows server. I want to make sure the AP's and/or the controller are not the issue. The clients see the SSID and the signal is strong, but when they connect they get limited network connectivity message and the IP addr is 169.254.97.123 (which is wrong).
At one of our locations we are experiencing some problems getting connected to our wireless networks.
It is possible to sit right next to an AP (AIR-LAP1131AG) and only have limited access to the network.
I have attached a snapshot from inSSID from the wireless networks in the area. All of them are broadcasted by our controller and I can´t figure out how it is possible to see SSIDs in other channels than the ones in the 2.4GHz band (11-14)?
I have a Cisco ASA 5505 and I have my internal and external interfaces configured but I currently cannot ping from the inside to an IP Address on the outside. I had this setup and working and I have another set of equirement that I am replacing that is working with my service provider so I know it is a configuration issue. When I ping 184.108.40.206 for example I get:
Destination host unreachable
Do I need to add a static route from my inside interface to my outside interfaces?
Is it possible to set up a WAN interface on a FastEthernet interface of a Cisco 877 Adsl Router ?Due to my ISP, i've to use an external VDSL modem and must connect it to my cisco 877 router (and leave it's adsl interface unused).But i don't know how to set up a wan port, other than the adsl interface itself (dialer0), on my cisco.
We are having Cisco ASA 5540 having Cisco Adaptive Security Appliance Software Version 8.0(5)23 at certain time of moment daily wer are facing latency and packetdrop wherin when I checked for ASA Interface which gives me " Input Errors" on outside interface ,so can any one tell me what are the causes to get input errors on cisco asa outisde interface.
My question is can my traffic goes from inside interface to outside interface? (because the inside interface address not from 10.0/172./192.168 private address)Also I'm allowing internet from this email server (220.127.116.11) so what my access list to be configured? and what my subnet mask shoud be there?
Pix(config)#access-list outbound permit tcp 18.104.22.168 255.255.0.0 any eq 80 Pix(config)#access-list outbound permit udp 22.214.171.124 255.255.0.0 any eq 53 Pix(config)#access-group outbound in interface inside
Needing to bridge from my wic interface to an ethernet interface on a 2900 series router so that I can pass through the ip address given to the WIC, to my ASA so that I don't have to give my ASA a private range address. (Just like a service provider might do when bringing a T1 with managed router in to my prem)
I share a modem and router with my building, and connect to the internet using an ethernet cable which plus right into the wall in my apartment. When I hover over the network/internet icon it tells me that I have a local connection only and can't get online. No changes were made to my computer between it working and not working - I have not installed any new software and the modem+router have not been changed.
When I try ipconfig/release is says it can't perform the operation while the media is disconnected. It also tells me that "an error occurred while releasing interface Loopback Pseudo-Interface 1: The system cannot find the fie specified".
I have new 1262 APs, this have Gig Interface, when I connect the AP in my 6500 with PoE Gig Interface, the AP turn on, but the interface never get up. I need to change the speed to 100 in the 6500 switch port, when I do this, the interface become UP.
This is the model of the card WS-X6148A-GE-45AF This is the Switch IOS s3223-ipservicesk9_wan-mz.122-18.SXF11.bin
The controller is 5500 version 7.2
This is the interface config: interface GigabitEthernet4/36 switchport switchport access vlan 308
I am in the process of upgrading our wireless infrastructure from a series of APs centrally managing the infrastructure centrally with the WLC 5508 and new APs (1142). All seems to be going well, the APs see the controller and are downloading the latest information/changes and I can connect to a test network. The current issue I am having is that I cannot connect to the AP via the web interface.
The config for the management interface of the 5508 is: interface GigabitEthernet4/0/20 description ** Connection to WLC-5508-01 **
WLC4404 - United States Software Version 126.96.36.199
where the new WLAN dosn't seem to be routing... but it's not related to name length (ours only 6 charecters). It's almost seems like the new WLC interface (interface2) isn't configured for the same subnet that it's plugged into, but it is.We actually have 2 WLANS. Alot of the original config was done before my time, between about 3 different people. The original WLAN config works fine, but part of the problem is the WLC4404 was configured our server VLAN, thus when a client gets an IP, they are placed on our main server VLAN. Our WLC4404 is connected to our 6509 in our Datacenter, and we have dozens of PTP T1's to our remote offices, which all have WAPs.On the WLC4404, I've configured a new interface on port 2, vlan404, and I have the new WLAN using that interface. The WLAN security is using WPA2, and authenticates via our ActiveDirector services, as well as handing out DHCP from our Windows DHCP server.
The client wireless PC is able to connect to the WAP, but unable to connect to anything else. It can only ping the WLC4404 interface2 address, and nothing else. It does receieve DHCP info (via WLC via Windows DHCP server), but cannot see DHCP server.From the WLC4404: I can telnet into the management IP address, and can ping PC's on the new WLAN, and anyplace else, except the vlan gateway ip address on the 6509.From the 6509: when telnetted in, I can ping everything except interface2 of WLC on vlan404 and the wireless PC using the new WLAN. I am able to ping the ip address of int for vlan404. The 6509 somewhat see's the WLC int2 & wireless PC. Show ARP | inc 404 from the 6509 shows the IP's of the VLAN int, WLC int2, and wireless PC. Show mac-add-tab | inc 404 shows the WLC and wireless PC on same 6509 port.From my work PC (via LAN) at a remote location: I can ping everything except Int2 on the WLC, and the wireless PC.
I'm getting familiar with an existing, working wireless installation that uses a 2504 controller (recently upgraded to 188.8.131.52).
From the documentation, it looks like there should be a "AP-manager" interface by default (static). There is not one.
Configuring the Management Interface (GUI) #
Step 1 Choose Controller > Interfaces to open the Interfaces page. ### Figure 3-3 Interfaces Page #
According to that document, there are 4 Static interfaces. On the one I'm working on, there are only two: "management" and "virtual." (There are also a couple of "Dynamic" interfaces that have been set up.)From reading the documentation, it sounds like there should be an AP-manager interface, and that this would have been there by default.
It also sounds like an AP-manager interface is needed:Information About the AP-Manager Interface ## A controller has one or more AP-manager interfaces, which are used for all Layer 3 communications between the controller and lightweight access points after the access points have joined the controller. The AP-manager IP address is used as the tunnel source for CAPWAP packets from the controller to the access point and as the destination for CAPWAP packets from the access point to the controller.
Question 1: If I do not have an AP-Manager interface, are the APs connecting at L2? Is there some way to tell on these controllers whether APs are connecting at L2 or at L3 using udp?
Question 2: Is it not the case that one AP-manager interface should be there by default? (I see in the docs that more than one can be created, but in that case I expect that the additional interface(s) would show in the list as "Dynamic" and not "Static.")
A bit of background: The customer network is largely one flat network now, and I'm planning on subnetting it, and routing from the closets up. I want to make sure what may need to be changed in this wireless setup before proceeding. (The main wireless users are also getting IP addresses on the same flat network, at this point. That obviously will change so that they are on their own subnet.)