Cisco Wireless :: Assign Resilient WLCs To An OEAP 600?
Apr 17, 2012
Possible to assign reslient WLCs to an OEAP 600?
The web GUI of the OEAP itself only has a single field to enter the address of a single controller.
But, I wonder if once the OEAP is talking to your WLC across the Internet, you can allocate HA settings to the OEAP so that it can fall back to a secondary WLC if your main WLC fails.
This is sort of hinted at in the docs I have read, but I have not been able to find it explicitly stated anywhere.
It would be nice to have 2 DMZ-based WLCs at two different data centres to allow remote users to have a fail-over solution, but I need to be sure that this is supported before implementing.
View 7 Replies
ADVERTISEMENT
Dec 9, 2012
Does the AP is able to configure 2 public ip address of the DMZ-WLCs?
like ip 1.1.1.1 in my US data center, whereas a second ip 2.2.2.2 in my EU data center?
View 5 Replies
View Related
Feb 18, 2013
We have cisco 5508 office extend in dmz running code 7.3.112. 1132 AP seems to register and authenticate fine but OEAP 600 series dont seem to authenticate. they seem to join the controller and download the SSID but just wont authenticate ? not even registering on the AAA server
View 9 Replies
View Related
Mar 17, 2013
have concern regarding the faiolver of 2 WLCs.
1. One Active_WLC(2504) have a full licence of 15 Access points.
2. 2nd Seconday_WLCs(2504) have a normal licenece (Without any AP licenece-Zero AP Count License).
Now my questions are:
1. If first WLCs goes down due to any kind of problem then can secondary WLCs comes up and takover of all APs.
2. if Yes, then How may days or hours...These APs will connect to the WLC.
3.If first WLCs comes up after some days, then can this WLC automaticall tak over the situation??
View 4 Replies
View Related
Aug 20, 2012
I have found that there are only few configuration to the Cisco Aironet 600 OEAP. The settings are just for basic configuration for a wireless network when it is in autonomous mode.
A need for a Wireless LAN Controller to perform advance settings.
Also, there are no firmware available in Cisco. No upgrade/downgrade firmware avalaible for download.
View 4 Replies
View Related
May 20, 2013
Here's the list of equipments:
Pool of oeap 600 aps
1x 2504WLC as OEAP WLC (@DMZ)
1x ASA 5515
Scenario:
My OEAP WLC located at ASA - DMZ is NATted to a public ip (primary internet ISP), then my pool of OEAP-600 were configured to communicate with this OEAP WLC.
My question is:
I want to automate the failover of OEAP-600 (I don't know if this is possible) to the secondary internet ISP whenever the primary internet ISP fails. The secondary ISP is terminated on the same ASA 5515-X doing PBR and IP SLA stuff.
I know that OEAP 600 can only be pointed to one WLC ip address I know that the WLC can only be NATted to one public IP address.
What would be the best solution to perform the OEAP backup connectivity? Or just buy another set of WLC/ASA then just manually configure the OEAP-600 APs to point to the secondary ISP.
View 6 Replies
View Related
Feb 13, 2013
I'm using two 5500 WLCs with the version 7.2.110.0 When some AP with the part number AIR-CAP1552E-N-K9 associate with them, the 802.11g stays up and the 802.11a stays down.I saw the AP interfaces in Wireless --> All APs and the 802.11a is down and the regulatory domain show me not supported but the 802.11g is working normally.I follow this document from Cisco [URL] and i just have BR - Brazil to support this part number.
View 5 Replies
View Related
Apr 7, 2013
I've just been tasked with setting up 19 AIR-CT2504 WLCs with AIR-CAP3502E APs. The primary objective is to maximize throughput from clients uploading LARGE files over the air.
I need to make sure I config HT 802.11n properly with no support for legacy clients in the 5Ghz band.
View 22 Replies
View Related
Jan 31, 2013
I have a customer with a unique configuration. They have two point to point connections - one using a laser link between buildings, and a backup fiber connection running ospf. Issue is when the laser link goes down, there is loss/no forwarding during the reconvergence, causing issues with transffering video feeds.
View 7 Replies
View Related
Sep 23, 2012
I have a customer looking to deploy OEAP & wants to know if it possible to disable the local ports 1-3? Reason being, they don't want the home user connecting devices & causing more support tickets to troubleshoot an Xbox or Google TV just b/c it's connected to a company provide AP/Switch. I have read all the docs & it makes no mention of this.... I can see in 7.2 the ability to disable the local SSID but no mention of the ability to shutdown ports 1-3..Also see support in 7.2 for Dual RLAN... but that still leaves 2 local ports.
View 5 Replies
View Related
Oct 1, 2011
I have some trouble with the setup of an oeap 600 ap. The ap has joined the controller as it should and the remote-lan connection to my corporate network works well, but i can't connect to the corporate wlan.
When i check the event log on the ap it says:
"
*Oct 02 07:36:56.662: (Re)Assoc-Req from 00:1a:73:d2:82:8c forwarded to WLC, wired: no
*Oct 02 07:36:56.665: received assoc-rsp for wireless client, status=0011
*Oct 02 07:37:11.712: DisAssoc-Req/DeAUTH from 00:1a:73:d2:82:8c forwarded to WLC, wired: no
*Oct 02 07:37:11.713: WTP Event: Delete Mobile sent to wlc00:1a:73:d2:82:8c"
and a debug on the controller gives me:
apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Adding mobile
on LWAPP AP ec:c8:82:c2:3a:20(0)
*apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Association received from mobile on AP ec:c8:82:c2:3a:20
*apfMsConnTask_6: Oct 02 08:52:05.034: 00:1a:73:d2:82:7f Sending Assoc Response to station on BSSID ec:c8:82:c2:3a:20 (s
tatus 17) ApVapId 1 Slot 0
[code]....
View 3 Replies
View Related
Nov 28, 2011
I have a cisco 1841 router in place. I also have a ADSL module which fits into the cisco router. My understanding is that if configured correctly, If the primary circuit were to fail (Ethernet Circuit MPLS), the ADSL would take over services until such time the ethernet link becomes available.
Therefore the ADSL circuit is used as a resilient link. If this is possible, can the Cisco 1841 be setup to automatically switch over to the ADSL? Would there be some sort of heart beat between the ethernet circuit and adsl circuit?Also from the other end of the Cisco router, the connection goes into a firewall. If the Cisco handles the failover, I assume I would not need to configure anything on the firewall.
The end users beyond the firewall, should be able to continue, however the performace would be degraded?
View 11 Replies
View Related
Mar 7, 2013
I have a TAC case open, but it doesn't seem to be making any progress.I upgraded my 5508 controller from 7.2.111.3 up to 7.4.100.0..Most of my APs are fine. 3500s, 1100s etc.except for 602i APs. The APs associate, they update software etc, but they won't broadcast the WLAN.An interesting thing, on the 602 AP, in the log, I see this:*Mar 06 15:08:12.667: SSID remote, WLAN Profile Name: RemoteOEAP, added to the slot[0], disabled..So the AP is definately talking to the WLC and being pushed the correct WLAN profile.On the controller, the AP shows the the Admin status of the radios is showing DOWN, but the Admin status on the AP itself shows UP
I've done a factory reset on the APs to no avail. I have a 2504 WLC as well that i'm in the process of implementing in a DMZ specificially for these APs, and for testing purposes, I associated the 602 Ap to that WLC as well. This one is running 7.4.100.0 too, same results. It would appear to be a problem with this version of software?
View 6 Replies
View Related
Sep 12, 2011
Only fifteen users are allowed to connect on the WLAN Controller WLANs provided on the 600 series at any one time. A sixteenth user cannot authenticate until one of the first clients de-authenticates or a timeout occurred on the controller. Note: This number is cumulative across the controller WLANs on the 600 series. For example, if two controller WLANs are configured and there are fifteen users on one of the WLANs, no users will be able to join the other WLAN on the 600 series at that time. This limit does not apply to the local private WLANs that the end user configures on the 600 series designed for personal use and clients connected on these private WLANs or on the wired ports do not affect these limits. This is from the Configuration Guide for teh 600 series Office Extend AP. Is this count per AP or total per WLC? If I have 10 APs deployed to our remote users, can each AP support two simultaneous users? Would I need to use separate WLANs for each OEAP?
View 8 Replies
View Related
Mar 17, 2012
I've got a strange problem here. In the office, my OEAP 600 can join WLC if there is no MAC authentication. When i enable MAC authentication at WLC, AP will fail to register. However, I try it at home and it works with both MAC authentication enable or disable. I suspect it is because of firewall in my office, but there shouldn't have any different in discovery and joining procedure for AP with MAC authentication enable or disable.
View 18 Replies
View Related
Jun 17, 2012
Flex 7500
Software Version: 7.2.103.0
I have a Flex 7500 with 200 1142AP's working fine in remote office and local setup. We have since purchased 3 OEAP 602's and looking to distribute to teleworkers.
I have configured the OEAP to point to the NAT'd IP of the WLC, the OEAP does connect and is listed briefly in the WLC wireless listing but I am not able to make any configuration changes, it will then dissassociate and try the join process all over again. I have attached below the OEAP 600 event log. I see that the WLC does not support data DTLS encryption and looking to make this work.
I have tried to install the DTLS license file from the Cisco website, but says license failed to install, with no other errors.
*Jun 18 15:18:43.938: Build version 7.0.112.72 (compiled Feb 3 2012 at 01:56:39, [L]).
*Jun 18 15:18:47.859: CAPWAP State: Init.
*Jun 18 15:18:47.860: CAPWAP State: Discovery.
[Code]....
View 2 Replies
View Related
May 21, 2012
I have established dual-rlans on different segments.I have a 2960g switch. I created vl2 (management) and vl3 (data).I connected rlan1 (port4) to vl2 and rlan2 (port3) to vl3.My laptop receives a dhcp address on vl3 and the switch (in dhcp mode) receives it's proper address on vl2.Unfortunately a MAC is assigned to each vl and to the management interface. Thats 3 out of the 2 sets of 4.
So a managed switch is NOT the desired device to have on the back side of an OEAP600.In any case doing a show mac address-table revealed that all the vl2 MAC addresses were duplicated on vl3.To the tune of 216 addresses. 108 in each vlan. Which is a close match to the current host counts for each segment 98 + 18.Obviously this application is not what was envisioned by the OEAP team during work-up.The goal of 4 host devices on the rlan is proving difficult to achieve.The client wants 2 pc's and 2 digi-port servers.
View 1 Replies
View Related
Jun 10, 2013
Will Resilient Ethernet Protocol (REP) run on all Cisco switches (2960S and 3010) or is it only available on Service Provider switches like the ME3400E?
View 2 Replies
View Related
Mar 20, 2012
We have existing AP 1132 with WLC 4404 controller implemented in a site. We started add on new AP 3502 with WLC 5508.Our customer has existing 10 of 4404 controllers and configured in the same mobility group, and the roaming is working fine(ap are 1131).
Curently we deployed 2 new 5508 controllers and replaced some 1131 AP to 3500 AP. And the controller created new IP scheme for the wireless client. But after migrate 2 APs, we found that the roaming is not working when the wireless client move from new AP to old AP.
When moving from new AP to old AP, the ip address for the client is unchange, but the ping will be droped, and will never come back. Until we do a ipconfig flush, and reconnect, the connection can back to normal, but the ip address als changed to the old IP scheme.
View 2 Replies
View Related
May 2, 2011
I have three 5508 WLCs, running code 7.0.98.0 supporting 100+ LWAPs in H-REAP mode. The LWAPs are servicing 2-3 WLANs each. Some are using central authentication and local switching, some are configured for central authentication and central switching. When the LWAPs fail from one WLC to another WLC, the LWAP's lose all of their VLAN mappings and pick up the VLAN of the management interface on the new WLC.
All WLANs are configured to use the management interface on the WLC and the VLAN mappings are configured per LWAP on the H-REAP properties tab. The WLAN ID numbers and all the WLAN settings are the same across all 3 WLC's. I have created AP groups on all 3 WLC's and the AP group config matches across the 3 WLCs.
I can get the LWAPs to keep their VLAN mapping by creating an interface on the WLC with the VLAN ID of the locally switched/remote site VLAN and then setting the interface for the WLAN to the new interface. However, then the WLAN doesn't work, because the centrally located WLC doesn't have the remote site VLAN. It also seems to keep the VLAN mapping if I create the locally switched/remote site VLAN interface on the WLC , and point the WLAN to the management interface. This shouldn't be a necessary step though... In H-REAP with local switching, the LWAPs aren't using the interface on the WLC.
I found a note in the 7.0 WLC config guide that explains why the VLANs are picking up the management interface VLAN, but that same note says the VLAN mappings can be changed per LWAP/WLAN!
From config guide: For hybrid-REAP access points, the interface mapping at the controller for WLANs that is configured for H-REAP Local Switching is inherited at the access point as the default VLAN tagging. This mapping can be easily changed per SSID, per hybrid-REAP access point
Using H-REAP and been able to get the LWAPs to keep the VLAN mapping when failing from one WLC to another?
View 9 Replies
View Related
Mar 15, 2012
I have two 5508 and a few hundred 1142 in our internal net. Now I bought some OEAP 600 to do tests in some small branch offices, but I would like to enable AP policies with MAC filtering to block that anyone else can connect an OEAP through our firewall. If I enable 'Accept Self Signed Certificates (SSC)' and 'Authorize MIC APs against auth-list or AAA' as suggested in Cisco document 'Aironet 600 Series OfficeExtend Access Point Configuration Guide', will that effect only my OEAP 600 or will I have to also include the MAc addresses of my internal 1142?
View 2 Replies
View Related
Apr 22, 2012
We've been upgrading our WLCs to 7.0.230.0 but I've notifced after they have been upgraded they no longer appear in the controller section in License Center on the WCS. They still exist in the WCS and the audit the configuration jobs are working. I've also tried manually triggering the Controller License Status background tasks and this runs without reporting any errors.I thought it may be because the WCS was at a lower version but I've now upgraded this to 7.0.230.0 also but the WLCs are still missing.
View 1 Replies
View Related
Jan 25, 2012
I would like to discuss another method of a bulk controller upgrade and see what other engineers take on this upgrade path would be.Say I have an instance of 84404s with 50 APs each, In this case I have N+1 redundancy where I can follow the normal procedure.Normal Procedure.Move all APs to controllers 1-4Preload all APs with the new code versionUpgrade and reboot empty controllers 5-8 to new code versionMove all APs to 5-8 with new code versoinUpgrade empty 1-4Move all APs back home.Now take the same scenario only chage it to 80 APs per controller. I've now lost my N+1 and cannot do it quite as smoothly. As opposed to trying to follow the normal proceedure and have an extended window of "brown outs" How about doing it all at once.Black-out accelerated proceedure:Preload new code on all controllersPreload new image on all APs on all controllersReboot all 8 controllers at the same time.Allow time for APs to connect back and load the new image.I assume with this proceedure that I might see around 15-30 minutes of actual downtime to the site but it seems like that could be preferable to two-three hours of brown outs.
View 6 Replies
View Related
Aug 27, 2012
We have 2 sites, each with 2 x 4506 switches which will be connected togther using an etherchannel. The switches will provide access ports for client devices and will be configured with HSRP to provide gateway redundancy. SW1 will be HSRP active.2 metro ethernet links will be installed in each site which will connect back to our HQ sites. OSPF will be used over the backbone to provide resiliency and to allow shortest path routing to each HQ and to prevent traffic over the HQ to HQ link.
The 4506 will be trunked togther with an SVI for providing OSFP adjacency.For the traffic flow from SW2 to HQ2, traffic will hit SW1 and then route back to SW2 and then to HQ2. Is this the best way to do this? Should a second link be connected between switches just for routing or should something like GLBP be used?
View 6 Replies
View Related
Oct 18, 2012
We are currently running WCS but have built a new Prime Infrastructure 1.3 system from scratch on a brand new server, we have sucessfully migrated the old WCS database on to the new Prime server and as a test I have pointed 1 anchor controller to it. Possible to point the WLC's to both WCS and Prime Infrastructure concurrently - I was thinking that it would be a quick fallback if we has any problems with Prime (I know there have been some!) We are not running MSE but we do have mobility groups, the WLC's are 5508 running 7.0.235.3 .
View 0 Replies
View Related
Oct 15, 2011
Is it possible for the wlc (5500) block wireless users attempting to login to the network more than 3 times?I have several devices trying to connect to the network automatically using rhe old password, after 3 attempts the account will lock out! Im running peap mschapv2 with radius and active directory.
View 1 Replies
View Related
Feb 14, 2013
We are in a warehouse type setting and have data centers on each side of warehouse with 5508 WLC's in each data center. Each side is on its own subnet with routing in between and a different set of SSID's for each set of WLC’s. Are goal is to have the ability to failover in the event that if one data center goes down AP’s will move to the controllers in the other DC and the clients will still be able to operate.
Our thought was to implement mobility groups between the controllers. While I saw documentation on setting this up when the controllers are on the same vlan, I didnt see any setup config when controllers are in different vlans. So I am wondering if mobility groups are even an option for what we want to accomplish. For the most part clients stay on their respected sides of the warehouse and so we are not necessarily needing roaming for clients between controllers in DC1 and DC2. But that does raise another question in that we do have a planned voice wlan that we would like to have the ability to roam between each side of the warehouse. But we have seen ip issues with this. In the past we have had both SSID's setup on each side and ran to issues with clients not renewing their IP address when moving to the controllers on the different subnets.
Can we setup mobility groups between controllers on different vlans/subnets? For failover purposes will mobility groups assist in our setup with 2 DC’s and different subnets/vlans? If the answer is yes we can setup mobility groups between different subnets, is there a way to setup the SSID's on all controllers and have the ability for clients to roam and renew their IP’s when moving to a different controller on a different subnet?
View 3 Replies
View Related
Mar 13, 2012
We have cisco ap 500 series, it was lightweight, but we migrate it to standalone, now, the scheme is simple.We have a router 2811 and dhcp created on it, also we have f0/0.30 virtual interface with ip of 10.10.30.1.On switch one interface (trunk) goes to router f0/0 interface, and one interface (access) goes to ap.On AP we have BVI interface with 10.10.30.10, and default route to 10.10.30.1.So when we connecting to our SSID, it connect but doestn receive DHCP, and takes APIPA address, why ap doesnt assign ip to clients.
View 12 Replies
View Related
Dec 17, 2012
I have a Motorola Surfboard Modem connected to a Netgear 24-port switch. I bought the WAP4410N to provide wireless connectivity from the switch.
All my PC's can get perfect connectivity via the switch but none of my wireless devices can connect at all.
Sometimes I can get 1 PC to connect but what's strange is I can view my networked folders and such but cannot access the internet.
I've upgraded the firmware to the latest May-2012. IPv4 and IPv6 are both set to automatic.
View 1 Replies
View Related
Jan 22, 2012
Is there a way to assign priority on a wireless network? For example, on my home network there are about 4 computers connected, 5 cell phones connected, an Xbox a Wii etc etc. Is there a way to set which device takes priority over the others?
View 2 Replies
View Related
Jan 28, 2011
I have a broadband with wireless connection. I am also using on laptop. I want to assign a security key so as to avoid misuse by others
View 1 Replies
View Related
Jul 16, 2012
There are 6 computers in our home network. It happens every few months or so that router would not assign valid IP address to one of the computers. So, most of the time everything works well, but there comes a moment when one of the computers (but not others) can't get valid IP address.We try turning off and then on the router and it solves the problem most of the time. But, there are cases when turning off and on the router won't solve the problem.
View 3 Replies
View Related
Apr 1, 2013
Region : Spain
Model : TD-W8961ND
Hardware Version : V3
Firmware Version : 3.0.0 Build 120524 Rel.05221
ISP :
linksys1.jpg
I have wifi at home this link installed.
192.168.1.1 is a TD-W8961ND
192.168.1.4 is a linksys wrtt54gl
And I have two problems.
1) I can not see any desktops in my local net, and with old router I could see all, for example (diskstation, dm800, etc...) In my macbook air I can not see my NAS Synology and with old router I do.
2) All PCs that are conected to 192.168.1.4 have not IP. and DHCP in TD-W8961ND is activated.
View 5 Replies
View Related