Cisco Wireless :: WLC 2504 / Unable To Have QoS Roles Under Tab
Jul 17, 2012why I dont have QoS roles under the QoS tab?
View 4 Replies
ADVERTISEMENT
Cisco Wireless :: Unable To Get 4402 And 2504 To Pair In Mobility
Jun 12, 2013I am unable to get my 4402 and 2504 to pair in mobility, I made short video to explain my issues.also do not worry there is no propritary information in this video, I am working on a lab that does not mirror any production networks.
View 6 Replies View RelatedCisco Wireless :: AIR-LAP1310G-A-K9R Is Unable To Associate With Controller 2504
Aug 27, 2012We have other APs that associate w/o issue AIR-LAP1141N-A-K9. However our 1 1310 is having issues.. The Controller log shows:
2012-08-29 21:16:51 local0.error 172.16.10.70 ITCNJ1WC01: *spamApTask0: Aug 28 21:17:15.038: %LWAPP-3-DECRYPT_ERR5: spam_crypto.c:293 Error decrypting packet (using old key) from AP d4:8c:b5:15:3c:04 (session identifier a3ddb9c5)
2012-08-29 21:17:33 local0.error 172.16.10.70 ITCNJ1WC01: *spamApTask0: Aug 28 21:17:17.037: %LWAPP-3-DECRYPT_ERR: spam_lrad.c:3642 The system is unable to decrypt image data message; AP d4:8c:b5:15:3c:04
2012-08-29 21:17:33 local0.error 172.16.10.70 ITCNJ1WC01: *spamApTask0: Aug 28 21:17:17.037: %LWAPP-3-DECRYPT_ERR: spam_crypto.c:735 The system is unable to decrypt LWAPP packet; AP d4:8c:b5:15:3c:04
[code]....
Cisco Wireless :: AIR-AP1242AG-E-K9 Unable To Join WLC 2504 After Upgrade To LWAPP
Sep 10, 2012I have a few AIR-AP1242-E-K9 AP that I have upgraded to LWAPP, after the upgrade the AP's don't join the controller. But some AIR-AP1232AG-E-K9 on the same site joins without any issues.The controller is: AIR-CT2504-K9, SW: 7.0.220.0. [code]
View 8 Replies View RelatedCisco Wireless :: 2504 Client Unable To Get IP Address On Guest Wlan
Feb 23, 2013I recently setup a 2504 WLC that has two primary WLANs (internal and guest) which get their IP addresses from a central DHCP server using the local router's broadcast forwarding. Things seem to be working well for the internal wlan, but clients on the guest wlan don't seem to be getting IP addresses. If I give the client a static IP they are able to communicate across the wlan okay.
It is worth noting that I am using LAG between the controller and router and this guest wlan is really just a regular wlan (with PSK) that has an access-list applied to force it to the internet only. The access-list should be allowing dhcp requests through, but in any case, I removed the access-list and it made no difference.
Here is a debug client for a machine connected to the guest vlan (vlan 33). The internal wlan is on the 10.10.10.0/24 network (same as wired and same that the AP's are connected to) and the guest wlan is 10.33.0.0/16. I don't understand why I am seeing the dhcp request come from the internal vlan/ wlan first and it gets an IP address on this network. I then see a request on the guest wlan/vlan at which point it appears to get a valid IP address on the guest network (10.33.0.0), but the client never sees this. [code]
Cisco Wireless :: 2504 - Clients Unable To Connect To Wi-Fi At Remote Location
May 29, 2013While trying to connect to WiFi at remote sites APs, the connection is getting time out.User are getting error as 'Unable to connect to <WiFi-SSID>' The APs at corporate office are functioning properly and user are able to connect to the APs.
Wifi Controller: 2504 Software ver: 7.3.101.0
Authentication 802.1x
AAA/Identity/Nac :: ACS 5.3 How To Have Different Roles On Different VDC's
Mar 6, 2013I have ACS 5.3 running TACACS+ and Nexus 7K with 2 x non-default VDC's, VDC-OTV and VDC-CR.I want my TACACS account to have role "vdc- admin" on VDC-CR, and "vdc-operator" on VDC-OTV.I tried putting the VDC's into different Network Device Groups, with VDC-CR being in an Authorization Rule that associated the Device Group with the "vdc-admin" Shell Profile. But I'm getting the same roles on both VDC's--both get whatever the role in the Shell Profile.
It's possible I'm not organizing the Devices and Network Device Groups correctly. It seems to me when I add a new Device, it knows about all the Device Groups, and the IP range and exclude syntax seems to be a pain. I have existing Device Groups, one with a 10.10.*.* IP range, and I'm trying to isolate these two VDC's out of that IP range into their own individual Device Groups.
Cisco :: How To Assign Group Roles Via ACS 5.3
Oct 10, 2012I'm currently using a LMS 4.2.x System and an ACS 5.3 System.
I solved the problem to authenticate the LMS WebGUI login to the ACS Server. But, I can't not find any document, which descripes how I can assing the group roles via ACS.
Cisco AAA/Identity/Nac :: Can Add / Modify ACS 5.2 CLI User Roles
Apr 28, 2011My company's security group uses Tripwire to monitor for changes in start-config and running-config on network devices in PCI scope. We are migrating from ACS v4.2 to v5.2. I need to create the account for Tripwire on the ACS Appliance but did not want to assign the admin role which would give access to configure terminal. The user role does not have privileges for show start-config or show running-config. Am I missing something or are these the only 2 roles available at the CLI? Can another rolle be added?
View 1 Replies View RelatedMake A Backup Of Roles And Their Configurations?
Jun 1, 2011I have a Domain Controller on windows 2003 advanced server. and I have roles and some configuration such as rights, user accounts, DHCP configuration, DNS server and etc on it.Some times windows needs to be reinstalled but after reinstalling,configuration of roles would be lost. I don't know how can I backup these settings? Is there any solution about this problem.I know a simple way is creating an image of windows installation drive by an application such as Norton Ghost but I'm talking about windows solution.
View 3 Replies View RelatedAAA/Identity/Nac :: ACS 5.4 And User Admin Roles
May 8, 2012we have created some administration accounts which should only have the possibility to work on the user database. the useradmin role is to limited to create a user and set a fixed password only, but not able to enable the users authentication against a predefined external identity store. Other roles which makes this possible are far to powerful for a second level adminstrator.The adminstrator should have the possibility the create an user and set the password check against an external database. This is not possible with the predefine role "UserAdmin". Other roles do have to many rights for these users.
View 4 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.3 VM Editing CLI Roles For VMWare Admins
Mar 7, 2012I have a client that is running ACS 5.3 as a VM in ESX 4.1. The client wants their VMWare admins to have the ability to shut down the ACS server during maintenance etc... I know I could create a CLI user with admin priviliges, however, assigning full admin priviliges is beyond the scope of what the user requires. They simply want a user account with the added privilige of performing a halt from the CLI. In the CLI Reference Guide for ACS.
So is it possible to create an account with user priviliges, then modify its permissions to allow for a halt?
What Are Actual Functions / Roles Of A Router Firmware
Apr 14, 2011I have several questions:
1. what are the actual functions/roles of a router firmware? Does the firmware work at routing or forwarding?
2. does the firmware automatically processes data? or...can he do that?
3. if a person connects to the internet through the router...does he came in contact with the firmware functions?
4. is the firmware accessed only when the user enters the configuration panel of the router?
Cisco :: LMS Version 4.1 - Configuring Dashboards Based On Defined Roles?
May 14, 2012I am trying to configure the dashboards for the pre-defined roles ie) Network Operator, Network Administrator, Helpdesk, etc but I cannot find the document to do this. I am running LMS version 4.1.
The goal is to create users and put them in one of these roles and then they would inherit these dashboards when they log on. Can this be done on LMS ? The doco that I am reading says that each user needs to configure their own dashboard or they can use the public dashboard as a starting point.
Cisco AAA/Identity/Nac :: ACS 5.2 User Roles And Restricting User Access To Add Items?
Sep 22, 2011We are running ACS 5.2 patch 6 and want to restrict access for users to be able to add devices to the system.For example, admin person in site A can only add devices into the site A group and cannot see/access other sites groups.
View 1 Replies View RelatedCisco Wireless :: Why POE In 2504 - Cannot Be Used For AP
Mar 2, 2013Why a 2504 Poe? If it can not be used for AP.
View 10 Replies View RelatedCisco Wireless :: WLC 2504 - Upgrade From 7.2. To 7.4?
Jan 22, 2013I'm planning to upgrade our WLC 2504 from 7.2.111.3 to 7.4.100.0 but the cisco site says "WLC Version 7.4.100.0 will need Prime Infrastructure Version 1.3 to be managed, Version 1.3 is not yet available to download at this point of time" Is it something about NCS? we have only 1 cisco WLC 2504 and 6 1142APs.. Also let me know is it possible to go directly from 7.2 to 7.4 ?
View 8 Replies View RelatedCisco Wireless :: WLC 2504 Max AP Support?
Nov 28, 2012what is the maximum number of APs supported on Cisco 2504 WLC?According to the Data Sheet it is 75:
[URL]
But according to the config guide it is 50:
[URL]
I believe the correct number is 50, but I just want to be sure.Is this a software limitation?
Cisco Wireless :: WLC 2504 - Some Clients Gets IP As Zero
Aug 29, 2012I've problem with a WLC 2504. Some Clients like phones and Thin Clients get an IP 0.0.0.0.Software Version is 7.0.235.0. Test with a Laptop seams to be OK. Some printers also got an 0.0.0.0.Around 30% are not OK. also had the log: Impersonation of AP with Base Radio MAC 00:yy:yy:yy:yy:yyusing source address of 00:xx:xx:xx:xx:xx has been detected by the AP with MAC Address: 00:yy:yy:yy:yy:yy on its 802.11b/g radio whose slot ID is 0 The problem is, I cannot go to 7.2 version because I have 2 x AP 1231 and 2 x 1242 AP's.1231 AP's are not anymore supported in 7.2 Version.
View 14 Replies View RelatedCisco Wireless :: Two WLC 2504 In Same Network?
Aug 15, 2012I have two WLC 2504 controllers. These controllers are for two different buildings. But they share a VLAN, and network address range. How can I control the access points to the register selected only at a specific controller.
Example:
AP 1 -> WLC 1
AP 2 -> WLC 2
AP 3 -> WLC 1
Since the buildings also broadcast in different SSID. The two controllers are in a mobility group.
Cisco Wireless :: WLC 2504 IOS Update?
Jul 12, 2012If we update our ios on WLC do we have to add the certificate for AP's again or we don't need to do that.
View 4 Replies View RelatedCisco Wireless :: 2504 - WLC 7.4.100.0 Downgrade
Mar 13, 2013Some time ago I updated a WLC, model 2504, from version 7.3 to 7.4.100.0. I also update the FUS (Field Upgrade Software) to the latest release, 1.8.0.0. Now I need to downgrade the WLC back to 7.3 version.
My doubt is: Can I just take the normal processes and downgrade the WLC back to 7.3, even with the FUS in version 1.8.0.0?
Cisco Wireless :: 2504 - AP Cannot Join WLC
Jun 10, 2013I'm new in installing WIFI, I have WLC 2504 using 7.4.100.0. I have AP 1600 (AIR-CAP1602E-E-K9)
I installed the WLC and AP in a cisco poe switch, wlc and ap are in the same subnet and can ping ap from WLC, but the AP cannot join the wlc. i have this error message
(Cisco Controller) >show ap join stats detailed 00:06:f6:d6:03:f0
Sync phase statistics
- Time at sync request received............................ Not applicable
- Time at sync completed................................... Not applicable
Cisco Wireless :: Adding A Second 2504 AP Controller
Aug 2, 2012I currently have a single 2504 Controller managing 50 AP's. I am adding a Second 2504 AP Controller with 15 Lic to manage an additional 10 AP's. My current 2504 has each port configured for my four subnets that and it is managing AP's in 4 buildings. Should I configure the new 2504 the same way so that it can see all four sites? All so if the main 2504 goes down can the second 2504 take over even thou we will be out of lic?
View 7 Replies View RelatedCisco Wireless :: WLC 2504 Not Join AP1130ag?
Mar 12, 2013I have a problem in join my ap1130ag in my wlc 2504 i activate dhcp internel (172.19.1.50 ----> 172.19.1.60) in wlc and this wlc affected address for ap1130ag (172.19.1.51) wlc and ap1130ag is connected with switch 2960 (port 17,18) this port the switche is configured in trunk mod allowed all vlan then my wlc not detected ap1130ag?
View 4 Replies View RelatedCisco Wireless :: AP 1524 Not Getting Joined With 2504 WLC
Jul 3, 2012I've got a 1524 ap and it wont join my 2540 WLC. The messages I see in the WLC is RADIUS authorization is pending for the AP. I've added the MAC address of the ap under AP Policies using MIC. I dont have a radius server either so not sure how to tackle this one.When I run debug capwap events enale under the wlc I see the following messages:Discarding discovery request in LWAPP from AP supporting CAPWAP.
View 35 Replies View RelatedCisco Wireless :: 2504 WLC And AirLAP1131AG-E-K9 Not Registering?
May 20, 2012We have a 2504 on version 7.2.103.0 and 15 of the 1131 AG's.In short we cannot get the access points to register against the WLC, they seem to be caught up in a boot loop. They are seen on the WLC with a status of downloading, then once they have downloaded (Seen via CLI) I get an error message things I can confirm are The Country code is set to GB All ports are in Native VLAN Access points are ETSI type. It stops and restarts at syslog output DTLS-3-BAD-RECORD: Erroneous record recieved from x.x.x.x: Duplicate (replayed) record.
View 26 Replies View RelatedCisco Wireless :: 2504 WLC Tunneling To 5508?
Oct 14, 2012Can a 2504 WLC on a remote site provide guest access on one SSID, drop taht out locally on that site and provide corporate access on a second WLC that it then tunnls to a 5508 at the main corporate site ?
View 4 Replies View RelatedCisco Wireless :: Upgrade Controller 2504 From 7.0 To 7.4?
Jun 16, 2013upgrade on the wireless controller 2504 from 7.0 to 7.4 is direct upgrade.My customer faced problem by upgrading the software 7.0 to 7.4 directly and the image hang.how should proceed recover the image 7.4/
View 7 Replies View RelatedCisco Wireless :: IPv6 Support On WLC - 2504?
Aug 28, 2012I would like to get it clarified, that Cisco WLC 2504 running the code ( 7.2.110.0 ) does support IPv6 or not ?
From Cisco Documents they are asking to enable IPv6 support under WLAN > Edit Page, and Enabling mulicast on Ethernet Multicast Mode under Controller > General.
But from the GUI am not able to find the above two field, Even in Interface i created under Controller > interface is not accepting IPv6 address. I am able to configure IPv6 ACL .
Is any deployment document is available to show different scenarios with configuration.
Note - Am using Access point AIR-LAP1262N-N-k9
Cisco Wireless :: WLC 2504 Software Upgrade?
May 21, 2013Currently I am using WLC 2504 with Software version 7.0.220.0. I am having some issues with Windows 8 clients they can't connect and I read on couple of review that wlc needs upgrade software.
I checked and latest versin is 7.4. Can I go to this version directly or I have to jump step by step.
Cisco Wireless :: TFTP Image To WLC 2504?
Nov 29, 2012I am trying to TFTP an image to a Cisco 2504 WLC. The management interface is 10.1.1.1 /24 and I have my PC connected to a port on the WLC with the IP address 10.1.1.10. However, I still do not have connectivity between the PC and WLC.
View 3 Replies View RelatedCisco Wireless :: Using The WLC 2504 Across Multiple Sites?
Mar 31, 2013I am about to deploy a load of Aironet LWAPs into my organization. I've configured the WLC 2504 and have a couple of the APs working at our main site. I just needed to plug them in, and they worked perfectly, straight out the box. But I just want to know the following:
1 - will the same apply if I connect an AP at a remote site? Remote sites are on different subnets and connected via IPSEC. Will the remote APs just find the WLC?
2 - is there anything I need to set up especially on the WLC in order to make this work?
3 - what happens if the IPSEC connection drops?