I have setup guest access on the controller and this is not working at the moment.
DHCP server setup on the controller for the Guest users.
You are able to connect (get ip address from controller) and the browser gets redirected to 1.1.1.1 but then page can not be displayed instead of the login page.
I have setup guest access on the controller and this is not working at the moment. DHCP server setup on the controller for the Guest users. You are able to connect (get ip address from controller) and the browser gets redirected to 1.1.1.1 but then page can not be displayed instead of the login page.
View 10 Replies View RelatedWe are deploying 3600 AP's with a 2504 and would like to create multiple SSID's that are mapped to unique VLANs so we can control the traffic at the Firewall. We have the 2504 up and running with AP's but there appears to be no where in the 2504 controller Web GUI to configure a VLAN mapping to an SSID. Any pointers to documentation on how to configure?
View 1 Replies View RelatedWe are planning to setup a new WLAN using Cisco 2504 WLAN Controller and 1142N Access Point. Is it possible to create individual user accounts for the users those who all are connecting to this WLAN Network by using the 2504 WLAN Controller ?
View 1 Replies View RelatedI would like to setup a 2504 to have one Guest WLAN and one Staff WLAN with a controller port for each WLAN connected to different devices.
I would prefer to connect the WLC Guest port to an ASA 5510 and the WLC Staff port to an internal 2960S switch. Will this work? I haven't setup a 2500 series controller previously.
I know that the 3600 series APs are not supported on the 4404 WLC. However, would the following scenario be supported? I would like to use the 4404 (software rel. 7.0) as a guest anchor with a 5508 (software release 7.2) as the foreign controller supporting series 3600 APs. I ask because the APs do not need to join the guest anchor.
View 7 Replies View RelatedCan I set up a guest wifi connection on my Cisco WLC 2504 if I already have WLANs set up inside my corporate network? I want to use port 4 and connect it directly to my ISP so that it is outside of the corporate network. I set up an interface with a valid IP from the ISP and created a "Contractor" WLAN to use that interface.
View 6 Replies View RelatedCant we create a guest user login with more than 30 days lifetime? In the lifetime field we can enter maximum 99 but it only allows up to 30
View 5 Replies View RelatedI recently got my Cisco wireless system working a few days ago and am back with a guest network. Our wireless system includes one 2504 controller and 2 2602i access points. So, I want a wireless guest network completely isolated from the LAN.
Here is what I have done.
I have created a new internal network and assigned 192.168.2.1 to an unused port on the firewall and 2.2 to a new controller interface with vlan 10. I can ping both 2.1 and 2.2 from the firewall and the controller. Basic network connectivity is working. The DHCP server is setup on this same firewall and configured only for this port. This address is referenced in the controllers interface.
A new w lan was setup and enabled. The proper interface group was selected on the w lan. I have left the default layer2 security.
As far as AAA servers tab in this wlan, this is where I am a little confused. I wish to just have a single log in for this guest network. I wasn't sure what to do so I went over to the Security tab and created a "local net users" account. I do not know how to reference the use of this under wlan, security, aaa servers. Should I check the box that says "local eap authentication"?? If so, I don't have a profile name in the drop down. What I'm looking for is the username/password to be stored locally on the controller itself since there will be only 1 account.
Under wlan, advanced tab, I do not have "Allow AAA override" checked. Should I?
Lastly, when I try to connect the client, it is not pulling a dhcp address. I wasn't sure if authentication was required before dhcp or the other way around so I'm not sure what to trouble shoot first, authentication or dhcp.
I have 2 APs, Cisco Aironet 1040, and 2504 WLC.Is it possible to configure guest access (Guest SSID/VLAN and Corporative SSID/VLAN) without dedicated guest WLC in DMZ?
View 4 Replies View RelatedI have a cisco wlc 2504 is deploying authentication services to guest users toward a portal web customized and configured. I need to install my certificate verisign (certificate.cer) in to cisco wlc because my users don't like the page no trusted (The wlc is showing me ''There is a problem with this website's security certificate'') when they are trying to access to ssid to users guests.
View 2 Replies View RelatedI recently setup a 2504 WLC that has two primary WLANs (internal and guest) which get their IP addresses from a central DHCP server using the local router's broadcast forwarding. Things seem to be working well for the internal wlan, but clients on the guest wlan don't seem to be getting IP addresses. If I give the client a static IP they are able to communicate across the wlan okay.
It is worth noting that I am using LAG between the controller and router and this guest wlan is really just a regular wlan (with PSK) that has an access-list applied to force it to the internet only. The access-list should be allowing dhcp requests through, but in any case, I removed the access-list and it made no difference.
Here is a debug client for a machine connected to the guest vlan (vlan 33). The internal wlan is on the 10.10.10.0/24 network (same as wired and same that the AP's are connected to) and the guest wlan is 10.33.0.0/16. I don't understand why I am seeing the dhcp request come from the internal vlan/ wlan first and it gets an IP address on this network. I then see a request on the guest wlan/vlan at which point it appears to get a valid IP address on the guest network (10.33.0.0), but the client never sees this. [code]
My customer need creates some separately web portal for some SSID (Guest and Staff), 01 web portal for Guest and 01 Web portal for Staff. Can WLC2504 can support this features ?
View 2 Replies View RelatedMy customer has multiple sites, each with a 2504 WLC.A data center with a 5508 in the DMZ acting as Anchor for the remote sites.ACS 5.x and NCS Prime.All guest users will egress to the internet via a Vlan in the DMZ.Authentication is currently web-auth on the Anchor, but will move to NCS once that is fully deployed.
Is it possible to put a printer in each site for Guest WLAN users to use?
I currently have a single 2504 Controller managing 50 AP's. I am adding a Second 2504 AP Controller with 15 Lic to manage an additional 10 AP's. My current 2504 has each port configured for my four subnets that and it is managing AP's in 4 buildings. Should I configure the new 2504 the same way so that it can see all four sites? All so if the main 2504 goes down can the second 2504 take over even thou we will be out of lic?
View 7 Replies View Relatedupgrade on the wireless controller 2504 from 7.0 to 7.4 is direct upgrade.My customer faced problem by upgrading the software 7.0 to 7.4 directly and the image hang.how should proceed recover the image 7.4/
View 7 Replies View RelatedWe have a Cisco 2504 controller and approximately 35 AP's. Some of the AP's are located directly above each other (on another floor). When I run a basic annalyzer, it appears that there is some adjacent AP traffic, the controller has some of the close AP's with the same channel, so there is some RF interferance. The AP's currently are all setup for "G" and majority of the AP's are 1200 series, most of them are 1242's. Should and can the AP's be set with static channels so that there is no adjacent signals? If so where in the controller can that be done?
View 3 Replies View RelatedThis is a new setup and has not worked yet. I have multiple 3602 APs and one 2504 Controller. I thought initially I could plug-in an AP into one of two POE Ports on the 2504. During debug mode I see that it has low power, was suprised that the 2504 switch can't fully power the AP? Is this correct?Anyways I have another POE switch that I am using with ample power. The configuration for my wireless is that it will be completely segmented off of my internal network as this is for guest access. So DNS servers are external so I cannot create host entries for the AP to discover the controller. With that being said I believe that is just one way for the discovery process to happen. I have my controller management interface and DHCP scope on the controller on the same subnet plugged into the same POE switch. The AP does seem to get a DHCP address and I can ping the controller from the AP. I cannot get any further then that. I will not join the controller and the radios get disabled. I get messages such as "discovery response from MWAR is rejected. I will post a debug log of the AP and its bootup process. This is new equipment so I would assume the firmware is somewhat up-to-date and the 3602 AP is somewhat the latest model.
View 3 Replies View RelatedOur current way of configuration for this is standalone ap's with multiple ssid's. The main network ssid's are on the 10.0.0.0 networks. The internet only ssid is on the 192.168.1.0 network. ( this is a wireless network only,no wired) They all get there dhcp address from a layer 3 switch. To prevent the wireless 192.168.1.0 intenet only network from getting to the 10.0.0.0 networks, we just put a simple source & destination deny acl on the in vlan interface of the 192.168.1.0 network on the layer 3 switch.Now that we are impementing a Cisco 2504 controller, the management and ap manger are both on the 10.0.0.0 network.( both on port 1 with dynamic ap manager enabled) I can setup as many ssid's on the 10.0.0.0 network and they all work fine. But when I setup the 192.168.1.0 internet only ssid it will not connect. I'm assuming that its because the 192.168.1.0 network or anyone trying to connect and use that network has to go through the controller located on the 10.0.0.0 network. I'm thinking that the acl on the vlan interafce is the problem.So, if I'm correct, what is the best way to setup a separate internet only network through the private networks?
View 7 Replies View RelatedDoes the 2504 Wireless Controller support cad or jpg drawings? I have not been able to find in any of the menus.
View 1 Replies View RelatedI just completed setting up a AIR-CT2504-K9 controller with 9 APs with RADIUS on the private WLAN and an open guest WLAN; I want to enable netflow exports to a collector, but see no place in the GUI to do this and no obvious CLI commands.
View 1 Replies View Related-WLC 2504
-AP1602
-SW 7.4.100.0
We have 22 x AP1602.5 of them show up in the WLC with Controller Association Latency of around 1 minute and 10 seconds.The other 17 all have latency around 10 seconds.
1. What are possibile causes for high value of association latency?
2. Could high-value association latency be an indication of badly working wifi for data traffic?
I'm supporting a 2504 wireless controller with 3 aps in a health clinic. I'm interested in generating some useful information for the owners of the device such as radio utilization (It'd be really nice if there were some graphs). how I can generate these graphs without SNMP monitoring or something like Cisco Prime Infrastructure?
View 4 Replies View RelatedI have a question to migrate a customer from a 2106 controller to a 2504 controller. Can I use the configuration file with both controllers having the same version?
Or is there another way not having to do it again manually? The old configuration is OK, only the hardware is end of sale.
I have a Cisco Wlan Controller 2504 with 1042N AP (3-nos) every thing was working fine from past 2 months. Now i am getting a issue with clients which are connected to the wireless AP, they are not able to get an dhcp IP address from the 2960 Switch (DHCP Server). The clients are getting IP address as 0.0.0.0. [code]
View 36 Replies View RelatedAny online 2504 controller crash after upgrade to the point where even console port does not put anything out? Perfectly working 2504 running 7.0.116 ran upgrade through web GUI to 7.2. GUI showed perfect transfer, save etc... Asked for save before reboot. Select yes. Controller reboot and now it sits with following status lights:Power-greenSYS - amber blinkingALM - amber solidNothing out of console.
View 8 Replies View RelatedWLC shows the next error.
AP with MAC 00:1e:13:10:40:59 (AIR-AP1231G-E-K9 ) is unknown.
I updated the AP to lightweighd firmware using upgrade tool. But upgrade tool generate the csv files empty so I had no idea about Hash key, so I resetted the APs to default values.
WLC still doesn't register them.
How Can I register the APs? The version of the WLC is 7.3.101.0
I ordered controller 2504 and will arrive soon. I want to know that after configure the initial setup of 2504 (i.e. AP manager , Management IPs etc) and defining the DHCP for AP. Will the 1042 lightweight AP will register with the controller automatically or i need to manually define the AP (MAC address) on WLC. and also whether the Option 43 and 60 are correctly defined?
Management Interface: 10.10.22.15
AP Manager Int: 10.10.22.16
ip dhcp pool WLAN103
network 10.10.3.0 255.255.255.0
[code]...
Is there any way to configure a wired guest network with a combination of 5508 and 2504 wireless controllers? I am aware that the 2504 does not have wired guest functionality, however is it possible to set up a wired guest on the 5508 and using mobility anchors, transmit the l2 information through eoip to communicate with the remote vlan?Home built NAC solution, using 802.1x authentication on switchports for public areas. If user is an employee, communicates with the supplicant on their machine, and places them on an internal vlan.If user is a guest, user fails 802.1x check and is placed on a "guest" vlan with an ACL and external DNS.If placed on the guest vlan, the user has to accept a terms of use form.This is working currently with our 5508s without any issue, however we have some remote offices we'd like to roll this out to that are using 2504 controllers. I'm hoping there's a way that I can use the 5508 as an anchor or vice versa to make this work.
View 1 Replies View RelatedI have a 2504 controller and 2 2602 access points. I have managed to get them connected ok to the controller. Now I'm in the home stretch here trying to figure out how to authenticate clients to active directory 2003.I have followed a really good guide on setting up the windows 2003 CA server and have got my certificates installed ok on the controller.It looks as though I have to install the client certificate on each client laptop?? Is there a method other than client certificates with active directory?
View 26 Replies View RelatedAll controllers are in version 7.2.111.3.C1 is a 5508, it is ou anchor controller.C2 is a 5508, it is a big site controller.C3 is a 2504, it is a small site controller. C2 and C3 are in the same mobility group than C1 (and all is up up in mobilty managment). When "DHCP Addr. Assignment" is enable on C1 : Clients on C2 received their IP address by our external DHCP server via C1 and the guest tunneling betwenn C1 and C2 and all is working fine. Clients on C3 don't received their IP address by our external DHCP server via C1 and the guest tunneling betwenn C1 and C3, so nothing work.
View 4 Replies View RelatedI will migrate a Cisco WLAN Controller 2125 to 2504,So I have one question?I need to make all configuration into the new Wlan Controller or I can migrate with one tool or something else?
View 15 Replies View RelatedI am actually working in configuring a wireless controller 2504 integrated a windows 2008 server as radius server for authenticating the network users registered in a windows active directory database. The Radius server is a Windows 2008 Server with the rol of Network Policy Server.
I have been following a pair of documents in Internet, but it doesn't work yet.
Which authentication method should i use?...the Windows 2008 NPS doesn't work wtih LEAP, should i use PEAP or there is an another recomendation to authenticate the windows active directory users?
configuration tested working between a cisco wireless controller and Windows 2008 NPS as Radius Server for authenticating the windows network users.
