Cisco Wireless :: OEAP 600 Series - Maximum User Count
Sep 12, 2011
Only fifteen users are allowed to connect on the WLAN Controller WLANs provided on the 600 series at any one time. A sixteenth user cannot authenticate until one of the first clients de-authenticates or a timeout occurred on the controller. Note: This number is cumulative across the controller WLANs on the 600 series. For example, if two controller WLANs are configured and there are fifteen users on one of the WLANs, no users will be able to join the other WLAN on the 600 series at that time. This limit does not apply to the local private WLANs that the end user configures on the 600 series designed for personal use and clients connected on these private WLANs or on the wired ports do not affect these limits. This is from the Configuration Guide for teh 600 series Office Extend AP. Is this count per AP or total per WLC? If I have 10 APs deployed to our remote users, can each AP support two simultaneous users? Would I need to use separate WLANs for each OEAP?
View 8 Replies
ADVERTISEMENT
Apr 18, 2012
We have a ASA 5510 (v8.2.2 with ASDM 6..4.7, 256Mb mem) with a license for 250 VPN Peers. The machine has currently one site-to-site VPN active. I've added a remote-access IPSec VPN for some users but when connecting from the remote site the connection is dropped and the ASA reports %ASA-4-713239 Tunnel Rejected : The maximum tunnel count allowed has been reached.
I've searched for info relating to this message but I found none. Before I plan a restart (it's up for 222 days), is there something I could do on CLI to fix this ?
View 4 Replies
View Related
Jan 5, 2013
what is the maximum user IDs that I can create to the ACS server? The client have an ACS appliance with version 5.2.
View 2 Replies
View Related
Feb 19, 2013
I have been searching through the cisco docs for a while and i just cant seem to find this info. Can I run aironet 1600's with my wism running 7.0.116? Also, could I run my 1130 series ap's with a wism2? Basically, what is the minimum code level for a lightweight 1600, and what is the maximum code level for a lightweight 1130?
View 3 Replies
View Related
Feb 27, 2012
Currently 2811 series router is configured for site to site VPN, CAN I configure USER VPN on the same box. We want Users to connect to VPN Server using Cisco VPN Client. best authentication method for USER VPN
View 1 Replies
View Related
Feb 18, 2013
We have cisco 5508 office extend in dmz running code 7.3.112. 1132 AP seems to register and authenticate fine but OEAP 600 series dont seem to authenticate. they seem to join the controller and download the SSID but just wont authenticate ? not even registering on the AAA server
View 9 Replies
View Related
Oct 3, 2012
I'm a bit new to Cisco and i find this AAA a bit confusing..I've turend on AAA by:aaa new-model
Can I use this "default" list for WebVPN ? And what would be a different if i create new "sslvpn" list..Also when I'll be creating user for VPN remote access.. that user will also exist in local database and have access to router via SSH?Because the research I've done it doesn't seem you can group users in different "aaa groups" e.g. user admin belongs under "admin" aaa group which can do ssh to router, users for VPN can only do remote VPN access and not SSH and login into router.i saw ASA has some attribute for users called remote-user
•admin, in which users are allowed access to the configuration mode. This option also allows a user to connect via remote access.
•nas-prompt, in which users are allowed access to the EXEC mode.
•remote-access, in which users are allowed access to the network.
But i can't find this option in IOS on my 1900 Series ISR router.
View 1 Replies
View Related
Aug 20, 2012
I have found that there are only few configuration to the Cisco Aironet 600 OEAP. The settings are just for basic configuration for a wireless network when it is in autonomous mode.
A need for a Wireless LAN Controller to perform advance settings.
Also, there are no firmware available in Cisco. No upgrade/downgrade firmware avalaible for download.
View 4 Replies
View Related
May 20, 2013
Here's the list of equipments:
Pool of oeap 600 aps
1x 2504WLC as OEAP WLC (@DMZ)
1x ASA 5515
Scenario:
My OEAP WLC located at ASA - DMZ is NATted to a public ip (primary internet ISP), then my pool of OEAP-600 were configured to communicate with this OEAP WLC.
My question is:
I want to automate the failover of OEAP-600 (I don't know if this is possible) to the secondary internet ISP whenever the primary internet ISP fails. The secondary ISP is terminated on the same ASA 5515-X doing PBR and IP SLA stuff.
I know that OEAP 600 can only be pointed to one WLC ip address I know that the WLC can only be NATted to one public IP address.
What would be the best solution to perform the OEAP backup connectivity? Or just buy another set of WLC/ASA then just manually configure the OEAP-600 APs to point to the secondary ISP.
View 6 Replies
View Related
Sep 23, 2012
I have a customer looking to deploy OEAP & wants to know if it possible to disable the local ports 1-3? Reason being, they don't want the home user connecting devices & causing more support tickets to troubleshoot an Xbox or Google TV just b/c it's connected to a company provide AP/Switch. I have read all the docs & it makes no mention of this.... I can see in 7.2 the ability to disable the local SSID but no mention of the ability to shutdown ports 1-3..Also see support in 7.2 for Dual RLAN... but that still leaves 2 local ports.
View 5 Replies
View Related
Oct 1, 2011
I have some trouble with the setup of an oeap 600 ap. The ap has joined the controller as it should and the remote-lan connection to my corporate network works well, but i can't connect to the corporate wlan.
When i check the event log on the ap it says:
"
*Oct 02 07:36:56.662: (Re)Assoc-Req from 00:1a:73:d2:82:8c forwarded to WLC, wired: no
*Oct 02 07:36:56.665: received assoc-rsp for wireless client, status=0011
*Oct 02 07:37:11.712: DisAssoc-Req/DeAUTH from 00:1a:73:d2:82:8c forwarded to WLC, wired: no
*Oct 02 07:37:11.713: WTP Event: Delete Mobile sent to wlc00:1a:73:d2:82:8c"
and a debug on the controller gives me:
apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Adding mobile
on LWAPP AP ec:c8:82:c2:3a:20(0)
*apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Association received from mobile on AP ec:c8:82:c2:3a:20
*apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Sending Assoc Response to station on BSSID ec:c8:82:c2:3a:20 (s
tatus 17) ApVapId 1 Slot 0
[code]....
View 3 Replies
View Related
Apr 17, 2012
Possible to assign reslient WLCs to an OEAP 600?
The web GUI of the OEAP itself only has a single field to enter the address of a single controller.
But, I wonder if once the OEAP is talking to your WLC across the Internet, you can allocate HA settings to the OEAP so that it can fall back to a secondary WLC if your main WLC fails.
This is sort of hinted at in the docs I have read, but I have not been able to find it explicitly stated anywhere.
It would be nice to have 2 DMZ-based WLCs at two different data centres to allow remote users to have a fail-over solution, but I need to be sure that this is supported before implementing.
View 7 Replies
View Related
Mar 7, 2013
I have a TAC case open, but it doesn't seem to be making any progress.I upgraded my 5508 controller from 7.2.111.3 up to 7.4.100.0..Most of my APs are fine. 3500s, 1100s etc.except for 602i APs. The APs associate, they update software etc, but they won't broadcast the WLAN.An interesting thing, on the 602 AP, in the log, I see this:*Mar 06 15:08:12.667: SSID remote, WLAN Profile Name: RemoteOEAP, added to the slot[0], disabled..So the AP is definately talking to the WLC and being pushed the correct WLAN profile.On the controller, the AP shows the the Admin status of the radios is showing DOWN, but the Admin status on the AP itself shows UP
I've done a factory reset on the APs to no avail. I have a 2504 WLC as well that i'm in the process of implementing in a DMZ specificially for these APs, and for testing purposes, I associated the 602 Ap to that WLC as well. This one is running 7.4.100.0 too, same results. It would appear to be a problem with this version of software?
View 6 Replies
View Related
Mar 17, 2012
I've got a strange problem here. In the office, my OEAP 600 can join WLC if there is no MAC authentication. When i enable MAC authentication at WLC, AP will fail to register. However, I try it at home and it works with both MAC authentication enable or disable. I suspect it is because of firewall in my office, but there shouldn't have any different in discovery and joining procedure for AP with MAC authentication enable or disable.
View 18 Replies
View Related
Jun 17, 2012
Flex 7500
Software Version: 7.2.103.0
I have a Flex 7500 with 200 1142AP's working fine in remote office and local setup. We have since purchased 3 OEAP 602's and looking to distribute to teleworkers.
I have configured the OEAP to point to the NAT'd IP of the WLC, the OEAP does connect and is listed briefly in the WLC wireless listing but I am not able to make any configuration changes, it will then dissassociate and try the join process all over again. I have attached below the OEAP 600 event log. I see that the WLC does not support data DTLS encryption and looking to make this work.
I have tried to install the DTLS license file from the Cisco website, but says license failed to install, with no other errors.
*Jun 18 15:18:43.938: Build version 7.0.112.72 (compiled Feb 3 2012 at 01:56:39, [L]).
*Jun 18 15:18:47.859: CAPWAP State: Init.
*Jun 18 15:18:47.860: CAPWAP State: Discovery.
[Code]....
View 2 Replies
View Related
May 21, 2012
I have established dual-rlans on different segments.I have a 2960g switch. I created vl2 (management) and vl3 (data).I connected rlan1 (port4) to vl2 and rlan2 (port3) to vl3.My laptop receives a dhcp address on vl3 and the switch (in dhcp mode) receives it's proper address on vl2.Unfortunately a MAC is assigned to each vl and to the management interface. Thats 3 out of the 2 sets of 4.
So a managed switch is NOT the desired device to have on the back side of an OEAP600.In any case doing a show mac address-table revealed that all the vl2 MAC addresses were duplicated on vl3.To the tune of 216 addresses. 108 in each vlan. Which is a close match to the current host counts for each segment 98 + 18.Obviously this application is not what was envisioned by the OEAP team during work-up.The goal of 4 host devices on the rlan is proving difficult to achieve.The client wants 2 pc's and 2 digi-port servers.
View 1 Replies
View Related
Dec 9, 2012
Does the AP is able to configure 2 public ip address of the DMZ-WLCs?
like ip 1.1.1.1 in my US data center, whereas a second ip 2.2.2.2 in my EU data center?
View 5 Replies
View Related
Sep 26, 2011
we are running WCS 7.0.164.3 and wonder whether is there any reporting option availabel that can give us daily report on Top 50 or Top 100 APs by client count.
I know that I can look at the client tab under WCS home page and see the top 5 APs by client count on real time.In our environment we have around 700 APs and would like to know by having this kind of report which APs are mostly hit ?
View 5 Replies
View Related
Feb 6, 2013
I'd like to know your experience regarding how client count affects performance.
What I have seen in a university network, with a very high client densiity, using 3500 APs, is that around 55 clients ping reply time gets over 200 ms; around 60 users there's packet loss; then, as CC increases, somewhere between 60 - 70 the service gets totally lost. Off course, this depends on bandwidth consumption per user, interference, etc.
Also, I'd like to know what we could expect from 802.11ac regarding this topic. Is there any information on tests, or some estimation already published?
View 2 Replies
View Related
Apr 29, 2012
I have an environment of Cisco 5508 Wireless Controller and 1142N Access Points. I have a problem with the ratio of concentration of clients connecting to Access points in floors.
Recently I have been turning off 802.11a on the access points and I am seeing increase in client count in a few of acces points.What is the maximum client count supported by these access points and how do i ensure they are distributed evenly on access points?
View 4 Replies
View Related
Mar 15, 2012
I have two 5508 and a few hundred 1142 in our internal net. Now I bought some OEAP 600 to do tests in some small branch offices, but I would like to enable AP policies with MAC filtering to block that anyone else can connect an OEAP through our firewall. If I enable 'Accept Self Signed Certificates (SSC)' and 'Authorize MIC APs against auth-list or AAA' as suggested in Cisco document 'Aironet 600 Series OfficeExtend Access Point Configuration Guide', will that effect only my OEAP 600 or will I have to also include the MAc addresses of my internal 1142?
View 2 Replies
View Related
Mar 6, 2012
Can Controller 4400 series work with Aironet 3600 series?
View 5 Replies
View Related
Jul 24, 2012
What's the main technical differences among the 1140 AP series and the 1260 AP series?I know that the 1260 supports external antennas while the 1140 supports internal antennas, but apart from that, is there any other important difference ?
View 10 Replies
View Related
Mar 14, 2013
We use WLC 5508 with 7.4. We tried to set max allowed clients per AP radio to 30 through GUI. We have APs with 80 clients associeted though.
When entering config wlan max-associated-clients max-clients wlan-id we got
"WLAN/Guest-Lan/remote-lan is enabled. disable to configure max associated clients."
GUI doesn't show that message, should it? In GUI, Is it necesary to disable WLAN before too?
View 3 Replies
View Related
Nov 21, 2012
Is it configurable to allow wifi user to user traffic on WLC 5508?
View 4 Replies
View Related
Aug 29, 2011
In previous LMS versions the DCR could hold more devices then the licenses of the other other applications permitted and using the "user defined fields" we have used it as a general device repository for some customers, pushing only the supported cisco devices to the various applications.In LMS 4 cisco has removed all allocation possebilities from the various applications and replaced it by an all or nothing type of allocation.Does this now mean that any entry in the DCR is automatically counted as a used device license?
View 1 Replies
View Related
Mar 6, 2011
ASA v 8.2What does the ACL hit count count ? I always thought that the acl hitcount counted the numbers of packets hitting that line in the ACL, however that is not the case. if I setup a icmp permit rule then that will only increment 1 even if I send 4 packets that hits the line. udp and tcp seems to do the same. is there some way I can make the ACL actually count the packets that hits ? where can I learn more about this ?
View 4 Replies
View Related
Aug 14, 2012
Any method to determine the maximum number of concurrently used SSL VPN licenses (sessions) on an ASA5540 over a period of time? For instance, over a week, the MAXIMUM number of concurrent users that were utilizing SSL licenses on the box. We are trying to determine current license capacity of the device.
We are running 8.2(5) on the ASA itself, and have 6.47 ASDM deployed.
View 1 Replies
View Related
Nov 7, 2012
I have several working VPNs between ASAs 8.4 and 8.3The way this was set up is with cryptomaps that match whole subnets and ACL on the outside interface to permit from/to the RFC 1918 addresses.I notice that the hit count is zero on these rules and so I wonder if they are actually necessary or doing anything.If they are not where can an acl be applied to restrict the VPN traffic? Outbound on the inside interface?
View 1 Replies
View Related
Aug 25, 2011
I have a recent new install of Cisco Works and all is working fine. My issue is with a feature that doesn't seem to be present. When I create a report to ccheck on sys logs the report returns all sys log whether they are repetitive or not. Is there a way to have a same sys log error come back with a number of ocurences?
the feature doesn't show up when I create a custom report?
View 2 Replies
View Related
Apr 15, 2012
We have configured our ASA5540 in active-standby failover.We are observing that current active session count is twice of session count before configuring HA. Earlier average active session was 50000 and now after HA it is around 100000. Failover configuration of both firewall are as follows
failover
failover lan unit primary
failover lan interface FOLan GigabitEthernet1/0
failover polltime unit 15 holdtime 45
failover replication http
failover link StateLink GigabitEthernet1/1
failover interface ip FOLan 10.3.3.1 255.255.255.0 standby 10.3.3.2
[code]....
View 3 Replies
View Related
Oct 18, 2011
I've got Cisco 7609 with WS-X6708-10GE (8x10Ge)And one port (te9/4) from it have zero bit rate counters, but all the rest of it are very good.I can see traffic if read it by SNMP. [code]
View 1 Replies
View Related
Jun 2, 2012
why I can't use cisco ehwic-3g-hspa-u card in cisco 2800 series and 1841 series router?documentation said that it should work with that devices but when I installed it, it doesn't work even as device i can't see I am using cisco latest ios advance ent. 15.1(4)M4?
View 3 Replies
View Related