1. One Active_WLC(2504) have a full licence of 15 Access points.
2. 2nd Seconday_WLCs(2504) have a normal licenece (Without any AP licenece-Zero AP Count License).
Now my questions are:
1. If first WLCs goes down due to any kind of problem then can secondary WLCs comes up and takover of all APs.
2. if Yes, then How may days or hours...These APs will connect to the WLC.
3.If first WLCs comes up after some days, then can this WLC automaticall tak over the situation??
We are in a warehouse type setting and have data centers on each side of warehouse with 5508 WLC's in each data center. Each side is on its own subnet with routing in between and a different set of SSID's for each set of WLC’s. Are goal is to have the ability to failover in the event that if one data center goes down AP’s will move to the controllers in the other DC and the clients will still be able to operate.
Our thought was to implement mobility groups between the controllers. While I saw documentation on setting this up when the controllers are on the same vlan, I didnt see any setup config when controllers are in different vlans. So I am wondering if mobility groups are even an option for what we want to accomplish. For the most part clients stay on their respected sides of the warehouse and so we are not necessarily needing roaming for clients between controllers in DC1 and DC2. But that does raise another question in that we do have a planned voice wlan that we would like to have the ability to roam between each side of the warehouse. But we have seen ip issues with this. In the past we have had both SSID's setup on each side and ran to issues with clients not renewing their IP address when moving to the controllers on the different subnets.
Can we setup mobility groups between controllers on different vlans/subnets? For failover purposes will mobility groups assist in our setup with 2 DC’s and different subnets/vlans? If the answer is yes we can setup mobility groups between different subnets, is there a way to setup the SSID's on all controllers and have the ability for clients to roam and renew their IP’s when moving to a different controller on a different subnet?
I'm using two 5500 WLCs with the version 7.2.110.0 When some AP with the part number AIR-CAP1552E-N-K9 associate with them, the 802.11g stays up and the 802.11a stays down.I saw the AP interfaces in Wireless --> All APs and the 802.11a is down and the regulatory domain show me not supported but the 802.11g is working normally.I follow this document from Cisco [URL] and i just have BR - Brazil to support this part number.
The web GUI of the OEAP itself only has a single field to enter the address of a single controller.
But, I wonder if once the OEAP is talking to your WLC across the Internet, you can allocate HA settings to the OEAP so that it can fall back to a secondary WLC if your main WLC fails.
This is sort of hinted at in the docs I have read, but I have not been able to find it explicitly stated anywhere.
It would be nice to have 2 DMZ-based WLCs at two different data centres to allow remote users to have a fail-over solution, but I need to be sure that this is supported before implementing.
I've just been tasked with setting up 19 AIR-CT2504 WLCs with AIR-CAP3502E APs. The primary objective is to maximize throughput from clients uploading LARGE files over the air.
I need to make sure I config HT 802.11n properly with no support for legacy clients in the 5Ghz band.
We have existing AP 1132 with WLC 4404 controller implemented in a site. We started add on new AP 3502 with WLC 5508.Our customer has existing 10 of 4404 controllers and configured in the same mobility group, and the roaming is working fine(ap are 1131).
Curently we deployed 2 new 5508 controllers and replaced some 1131 AP to 3500 AP. And the controller created new IP scheme for the wireless client. But after migrate 2 APs, we found that the roaming is not working when the wireless client move from new AP to old AP.
When moving from new AP to old AP, the ip address for the client is unchange, but the ping will be droped, and will never come back. Until we do a ipconfig flush, and reconnect, the connection can back to normal, but the ip address als changed to the old IP scheme.
I have three 5508 WLCs, running code 7.0.98.0 supporting 100+ LWAPs in H-REAP mode. The LWAPs are servicing 2-3 WLANs each. Some are using central authentication and local switching, some are configured for central authentication and central switching. When the LWAPs fail from one WLC to another WLC, the LWAP's lose all of their VLAN mappings and pick up the VLAN of the management interface on the new WLC.
All WLANs are configured to use the management interface on the WLC and the VLAN mappings are configured per LWAP on the H-REAP properties tab. The WLAN ID numbers and all the WLAN settings are the same across all 3 WLC's. I have created AP groups on all 3 WLC's and the AP group config matches across the 3 WLCs.
I can get the LWAPs to keep their VLAN mapping by creating an interface on the WLC with the VLAN ID of the locally switched/remote site VLAN and then setting the interface for the WLAN to the new interface. However, then the WLAN doesn't work, because the centrally located WLC doesn't have the remote site VLAN. It also seems to keep the VLAN mapping if I create the locally switched/remote site VLAN interface on the WLC , and point the WLAN to the management interface. This shouldn't be a necessary step though... In H-REAP with local switching, the LWAPs aren't using the interface on the WLC.
I found a note in the 7.0 WLC config guide that explains why the VLANs are picking up the management interface VLAN, but that same note says the VLAN mappings can be changed per LWAP/WLAN!
From config guide: For hybrid-REAP access points, the interface mapping at the controller for WLANs that is configured for H-REAP Local Switching is inherited at the access point as the default VLAN tagging. This mapping can be easily changed per SSID, per hybrid-REAP access point
Using H-REAP and been able to get the LWAPs to keep the VLAN mapping when failing from one WLC to another?
We've been upgrading our WLCs to 7.0.230.0 but I've notifced after they have been upgraded they no longer appear in the controller section in License Center on the WCS. They still exist in the WCS and the audit the configuration jobs are working. I've also tried manually triggering the Controller License Status background tasks and this runs without reporting any errors.I thought it may be because the WCS was at a lower version but I've now upgraded this to 7.0.230.0 also but the WLCs are still missing.
I would like to discuss another method of a bulk controller upgrade and see what other engineers take on this upgrade path would be.Say I have an instance of 84404s with 50 APs each, In this case I have N+1 redundancy where I can follow the normal procedure.Normal Procedure.Move all APs to controllers 1-4Preload all APs with the new code versionUpgrade and reboot empty controllers 5-8 to new code versionMove all APs to 5-8 with new code versoinUpgrade empty 1-4Move all APs back home.Now take the same scenario only chage it to 80 APs per controller. I've now lost my N+1 and cannot do it quite as smoothly. As opposed to trying to follow the normal proceedure and have an extended window of "brown outs" How about doing it all at once.Black-out accelerated proceedure:Preload new code on all controllersPreload new image on all APs on all controllersReboot all 8 controllers at the same time.Allow time for APs to connect back and load the new image.I assume with this proceedure that I might see around 15-30 minutes of actual downtime to the site but it seems like that could be preferable to two-three hours of brown outs.
We are currently running WCS but have built a new Prime Infrastructure 1.3 system from scratch on a brand new server, we have sucessfully migrated the old WCS database on to the new Prime server and as a test I have pointed 1 anchor controller to it. Possible to point the WLC's to both WCS and Prime Infrastructure concurrently - I was thinking that it would be a quick fallback if we has any problems with Prime (I know there have been some!) We are not running MSE but we do have mobility groups, the WLC's are 5508 running 7.0.235.3 .
Is it possible for the wlc (5500) block wireless users attempting to login to the network more than 3 times?I have several devices trying to connect to the network automatically using rhe old password, after 3 attempts the account will lock out! Im running peap mschapv2 with radius and active directory.
I'm planning to upgrade our WLC 2504 from 7.2.111.3 to 7.4.100.0 but the cisco site says "WLC Version 7.4.100.0 will need Prime Infrastructure Version 1.3 to be managed, Version 1.3 is not yet available to download at this point of time" Is it something about NCS? we have only 1 cisco WLC 2504 and 6 1142APs.. Also let me know is it possible to go directly from 7.2 to 7.4 ?
I've problem with a WLC 2504. Some Clients like phones and Thin Clients get an IP 0.0.0.0.Software Version is 7.0.235.0. Test with a Laptop seams to be OK. Some printers also got an 0.0.0.0.Around 30% are not OK. also had the log: Impersonation of AP with Base Radio MAC 00:yy:yy:yy:yy:yyusing source address of 00:xx:xx:xx:xx:xx has been detected by the AP with MAC Address: 00:yy:yy:yy:yy:yy on its 802.11b/g radio whose slot ID is 0 The problem is, I cannot go to 7.2 version because I have 2 x AP 1231 and 2 x 1242 AP's.1231 AP's are not anymore supported in 7.2 Version.
I have two WLC 2504 controllers. These controllers are for two different buildings. But they share a VLAN, and network address range. How can I control the access points to the register selected only at a specific controller.
Example:
AP 1 -> WLC 1 AP 2 -> WLC 2 AP 3 -> WLC 1
Since the buildings also broadcast in different SSID. The two controllers are in a mobility group.
Some time ago I updated a WLC, model 2504, from version 7.3 to 7.4.100.0. I also update the FUS (Field Upgrade Software) to the latest release, 1.8.0.0. Now I need to downgrade the WLC back to 7.3 version.
My doubt is: Can I just take the normal processes and downgrade the WLC back to 7.3, even with the FUS in version 1.8.0.0?
I'm new in installing WIFI, I have WLC 2504 using 7.4.100.0. I have AP 1600 (AIR-CAP1602E-E-K9)
I installed the WLC and AP in a cisco poe switch, wlc and ap are in the same subnet and can ping ap from WLC, but the AP cannot join the wlc. i have this error message
(Cisco Controller) >show ap join stats detailed 00:06:f6:d6:03:f0
Sync phase statistics - Time at sync request received............................ Not applicable - Time at sync completed................................... Not applicable
I currently have a single 2504 Controller managing 50 AP's. I am adding a Second 2504 AP Controller with 15 Lic to manage an additional 10 AP's. My current 2504 has each port configured for my four subnets that and it is managing AP's in 4 buildings. Should I configure the new 2504 the same way so that it can see all four sites? All so if the main 2504 goes down can the second 2504 take over even thou we will be out of lic?
I have a problem in join my ap1130ag in my wlc 2504 i activate dhcp internel (172.19.1.50 ----> 172.19.1.60) in wlc and this wlc affected address for ap1130ag (172.19.1.51) wlc and ap1130ag is connected with switch 2960 (port 17,18) this port the switche is configured in trunk mod allowed all vlan then my wlc not detected ap1130ag?
I've got a 1524 ap and it wont join my 2540 WLC. The messages I see in the WLC is RADIUS authorization is pending for the AP. I've added the MAC address of the ap under AP Policies using MIC. I dont have a radius server either so not sure how to tackle this one.When I run debug capwap events enale under the wlc I see the following messages:Discarding discovery request in LWAPP from AP supporting CAPWAP.
We have a 2504 on version 7.2.103.0 and 15 of the 1131 AG's.In short we cannot get the access points to register against the WLC, they seem to be caught up in a boot loop. They are seen on the WLC with a status of downloading, then once they have downloaded (Seen via CLI) I get an error message things I can confirm are The Country code is set to GB All ports are in Native VLAN Access points are ETSI type. It stops and restarts at syslog output DTLS-3-BAD-RECORD: Erroneous record recieved from x.x.x.x: Duplicate (replayed) record.
Can a 2504 WLC on a remote site provide guest access on one SSID, drop taht out locally on that site and provide corporate access on a second WLC that it then tunnls to a 5508 at the main corporate site ?
upgrade on the wireless controller 2504 from 7.0 to 7.4 is direct upgrade.My customer faced problem by upgrading the software 7.0 to 7.4 directly and the image hang.how should proceed recover the image 7.4/
I would like to get it clarified, that Cisco WLC 2504 running the code ( 7.2.110.0 ) does support IPv6 or not ?
From Cisco Documents they are asking to enable IPv6 support under WLAN > Edit Page, and Enabling mulicast on Ethernet Multicast Mode under Controller > General.
But from the GUI am not able to find the above two field, Even in Interface i created under Controller > interface is not accepting IPv6 address. I am able to configure IPv6 ACL .
Is any deployment document is available to show different scenarios with configuration.
Currently I am using WLC 2504 with Software version 7.0.220.0. I am having some issues with Windows 8 clients they can't connect and I read on couple of review that wlc needs upgrade software.
I checked and latest versin is 7.4. Can I go to this version directly or I have to jump step by step.
I am trying to TFTP an image to a Cisco 2504 WLC. The management interface is 10.1.1.1 /24 and I have my PC connected to a port on the WLC with the IP address 10.1.1.10. However, I still do not have connectivity between the PC and WLC.
I am about to deploy a load of Aironet LWAPs into my organization. I've configured the WLC 2504 and have a couple of the APs working at our main site. I just needed to plug them in, and they worked perfectly, straight out the box. But I just want to know the following:
1 - will the same apply if I connect an AP at a remote site? Remote sites are on different subnets and connected via IPSEC. Will the remote APs just find the WLC?
2 - is there anything I need to set up especially on the WLC in order to make this work?
My customer is seeing these Errors coming up on one of his 2504 WLC's (ver7.3) The MAC's and IP addresses Mentioned seem to be completely fictitious as the customers IP plan is way off these subnets and the vendor lookup tool cant resolve the MAC addresses.I can confirm that there is no conflict.I've seen them appear on other 2504's across his network on seperate occasions.
I have a 2504 WLC and 1042 ap's. Everything worked great in my test enviroment (of course). Now when I want to deploy the wireless, the ap's are not getting and ip for the windows dhcp server.
I have option 43 configured in dhcp, sub option 241>ip address of the controller I have my A record in dns, cisco-capwap-controller.
*Mar 1 00:03:17.050: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !! Not in Bound state. *Mar 1 00:03:27.050: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !! *Mar 1 00:03:27.054: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP. *Mar 1 00:03:37.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !! *Mar 1 00:03:47.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !! *Mar 1 00:03:57.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !! *Mar 1 00:04:07.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !! Not in Bound state.
We have a WLC 2504, since a few months, it was working fine, we have a guest Wlan configure with web authentication and the DHCP scope for this in the WLC. The problem today is that its no redirecting the web browser to 1.1.1.1, we try it with 3 laptops and they recieve a correct IP from the DHCP but still can not get redirect to the web authentication portal. Have the default configuration Internal (Default).
In laptops we check the firewall, dont have a proxy activate and have google DNS.. 4.2.2.2 8.8.8.8. In fact this laptops connected to this ssid before.