Multiple Domain Controllers On A WAN?
Sep 24, 2011What is the benefit of having multiple Domain Controllers on a WAN
View 1 Replies
ADVERTISEMENT
Domain Controllers Locating Process Is Slow?
May 16, 2011that big network has DHCP server which give ip addresses to clients and manage their internet.in one of this companies because of security matters they set up a domain network for themselves .problem is this if they use main DHCP their systems get ip in form of 172.16.58.x and boot up slowly it takes about 3 min to network indicator appears near clock and also they get into problem when ever they want to add a shared printer.but if they get ip address from DHCP and set that ip address and subnet mast and gateway manually the same as main DHCP server and only change dns server to theirs DC controller ip address every thing will work properly .but problem is they must set their ip addresses automatically.that is DHCP ip address sample
172.16.58.23
255.255.255.0
172.16.58.1
dns=172.16.1.1 & 172.16.1.2
see 172.16.58 is ip range of this company on that big network
Cisco AAA/Identity/Nac :: ACS SE 4.2.1 And Windows 2008R2 Domain Controllers?
May 8, 2011We are in the earlier stages of moving our Domain Controlllers from 2003 to 2008 R2. The remote agents are running in 2003 Domain Controllers. According with Cisco Documentation, I can move the agent to a Windows 2003 Member Server and the upgrade to 2008 R2 Domain Controllers.
View 4 Replies View RelatedActive Directory - Domain Controllers Take Over Master Browser Role?
Sep 24, 2012I know that in small networks, one of the computers is elected the Master Browser role, and elections are held every now and then. In domain networks that implement Active Directory, is there still a Master Browser role, or do the domain controllers take over this role?
View 1 Replies View RelatedCisco AAA/Identity/Nac :: ACS 4.2 Multiple AD Domain Authentication?
Feb 3, 2013I have acs 4.2 for windows installed on a windows server 2003 box, because of a merger I need to now authenticate against 2 different domains, there is a bidirectional trust between the two domains and the dial-in permission has been set in ADUC but whenever I try to authenticate a user it says dial-in permissions needed in the acs failed authentication log.
View 5 Replies View RelatedServers :: Redirect Multiple Domain Names To Same IP / Different Port?
Aug 19, 2012Redirecting a Domain to a IP:Port I host game servers for friends and strangers alike, but i'd like to make it easier for them all and give them dedicated IPs. Right now I include domain redirecting, but to connect to their server, they have to put in "example.com:xxxxx", x meaning their servers dedicated port. Is there any way that I can redirect a domain directly to "IP:Port"?
View 3 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.2 Multiple Domain Prefix Searching?
May 23, 2011We have an ACS 5.2 server connected to an AD domain controller which has several trusted domains. (domain1, domain2, domain3) We currently have to specify which domain each user belongs to (ie, domain1user) in order to connect. We would like to only have to enter the user name without the prefix, (ie, user1) and have ACS automatically check each domain for a match. Is this possible with ACS 5.2? I seem to remember this was possible with ACS 4.2.
View 2 Replies View RelatedCisco AAA/Identity/Nac :: ACS 5.2 - AD Integrate With Single Domain Name With Multiple ADs
Sep 3, 2011We having ACS version 5.2 0.26 with Active/Standby. We need to integrate active directory with ACS. Domain name given by Server team was as xyzcompy.local. When I tried to resolve the same domain name I got five servers ip address against the same domain name. however we given the ip reachability to only for two servers. We we try to save we get error saying that "Can not resolve the network address".
So my questions are;
- does ACS should have ip reachaibility to all five servers
- does the username/password we entered in the ACS should have domain admin rights?.
- the given AD is configured with windows NTP [URL] but when we configured ACS as windows NTP it was taking local server as active NTP..?
When we check the ACS logs, we saw the following error;
in acsLocalStore:
AdminName=acsadmin, DomainName=qatarconvention.local, ADOperationResult=unable to create secured connection against AD server, switching to non-secured connection. javax.naming.CommunicationException: simple bind failed: qnccad02.xxxxconvention.local:636 [Root exception is java.net.SocketException: Connection reset],
in ACSADAgent;
32484]: INFO dns.findsrv FindSrvFromDns failed: res_query failed _ldap._tcp.xxxxconvention.local
Sep 4 12:43:20 acs01-cc4 adjoin[32484]: INFO cli.adjoin Join to domain 'xxxxconvention.local', zone 'null' failed.
I attached some screen print which saw the error and output of nslookup for the domain name.
Cisco Switching/Routing :: SG-300 VLAN And Multiple Subnet Domain Broadcast
Jan 25, 2012I recently bought SG-300 28P to create the VLAN. My network hs 3 subnet 192.168.1.0, 192.168.2.0 and 192.168.3.0.My main net work is 192.168.1.0. I want to divide it to VLAN to eliminate the boardcast storm; especially from the domain 192.168.3.0
But I want all the devices from 192.168.1.0 to access other subnet.
Cisco :: ACS 4.2 - Manage WCS And Controllers?
Feb 22, 2009I have setup WCS logins to be managed by ACS 4.2 . I was looking over the docs and I appear to be missing something because I can't find any documentation on doing the same to the controllers. I did successfully lock myself out of the WiSM in the lab during some testing. I had to pull the plug on the lab ACS to allow local login.
View 6 Replies View RelatedCisco Wireless :: GRE Tunnels On 4408 Controllers?
Sep 9, 2012I have been tasked by my boss of finding out and implementing a solution of building GRE tunnels from 2 4408 Wireless controllers system for a guest wireless network. I am but a low CCNA wireless, working on getting motivated for CCNP wireless, but I didn't even know if this was possible and if it was where to begin. I have been reading configuration guides but figure I should ask the wireless experts of the world of Cisco.
View 7 Replies View RelatedCisco :: 5508 Wireless Controllers Freezing?
Dec 6, 2011Our controller get freezing every week at least twice, and do not know what is the reason. I am attaching the log for you to look at it. Last time happened was yesterday at around 13.00 pm.
View 15 Replies View RelatedCisco :: Rolling Upgrade Of WLC 4402 Controllers And APs
Nov 3, 2011In need to upgrade the software on two WLC 4402 controller in a hospital. Both WLCs have the same config and one is primary (has all APs connected) and the other backup (no APs connected.) The APs are placed so there is still coverage if one goes down in an area. My question - is it possible to do a rolling upgrade to have no downtime for the wireless clients? My plan would be to upgrade the backup WLC then selectively move APs to it. If I swap the primary and secondary controllers in the high availability tab on each AP, do I need to do a reset (General - Hardware Reset) or will it automatically reboot and connect to the upgraded backup controller? When I'm done, I'd upgrade the primary controller and now call that backup. Does this make sense?
View 4 Replies View RelatedCisco :: 4404 LAN Controllers - Effect Of Renaming WLC
Jul 22, 2012We need to rename our 4404 Wireless LAN Controllers. Would like to know if renaming via the GUI (change name in the Controller / General tab and then Apply) will cause the WLC to reload. Also wondering about the best way to push the name change to the APs (High Availability) - we are not using WCS.
View 5 Replies View RelatedCisco :: Redundant Wlan Controllers (AIR-CT5508-50-K9)
Jun 11, 2012Q: a client has a network with 60 AP's controlled by a AIR-CT5508-50-K9 (+ L-LIC-CT5508-25A) with a redundant power supply. Can he get full redundancy by purchasing a second controller? If he purchases one, can he bring it into the network? What about the extra license for 25 extra AP's installed on the first controller?
View 4 Replies View RelatedCisco Wireless :: 3850 - L2 / L3 - Difference Between Controllers?
May 2, 2013I am read this cisco document Cisco Catalyst 3850 Switch Services Guide
[URL]...
which describe that
L2 roam occurs when the user roams from an access point connected to its controller to a different access point connected to another controller, where the two controllers are L2 adjacent to each other.
L3 roam occurs when the user roams from an access point connected to its controller to a different access point connected to another controller, where the two controllers are L3 adjacent to each other.
so what exactly this mean the two controllers are L2/L3 adjacent to each other , what is the different between them.
Cisco :: Upgrade Three WLC 4402 Controllers From Version 7.0.116.0 To 7.0.235.3?
Jan 24, 2013I would like to upgrade our three WLC 4402 controllers from version 7.0.116.0 to 7.0.235.3. I have downloaded the two files (AIR-WLC4400-K9-7-0-235-3-ER.aes and AIR-WLC4400-K9-7-0-235-3.aes). Which one should I upgrade/install first?
View 4 Replies View RelatedCisco :: 4400 / 5508 Controllers - 802.1x Re-Authentication
Mar 28, 2012Currently in the process of migrating from psk to 802.1x radius environment using a mix of 4400 and 5508 controllers with WCS using Microsoft ias. The problem I have is there is a lot of shared iPads and tablets in the environment. Is there a way to force these user to relogin to radius after a certain time period so they are not sharing unames and passwords?
View 1 Replies View RelatedCisco WAN :: 7200 Series Input / Output Controllers?
Mar 22, 2012We have 7206 VXR running NPE-G1, we are looking for the GigE cards for 7200 which supports upto line rate and came across Cisco 7200 Series Input/Output Controllers The datasheet for the same doesnt say anything about line rates.
View 3 Replies View RelatedCisco Wireless :: Two 2504 Controllers But Different Software Versions
Aug 6, 2012I am configuring two 2504 controllers, which I ordered together, however they run different software versions and I don't have a contract/ login to download wlan controller software from the Cisco website. The one with the newest version runs 7.2.103.0 while the other one runs 7.0.220.0 I want to run them together in the same subnet and use them for redundancy (10 AP's will connect).
Is there a way I can download the software from the controller, just like I am able to do with an ASA firewall? Then I can upload it to the controller with the older software version.
Cisco :: 5508 Controllers Not Redirecting Client Requests To ISE
Jun 5, 2013Please find attached a simple BYOD/ISE document I uploaded to kick start my new Wireless setup. Its all configured on my ISE sever and Controller as per doc.My setup:
-3600 AP's
-Internal 5508 Controller
-DMZ 5508 Controller (acts as a DHCP server for wireless clients)
Controllers have established connectivity (mobility acnhors), as a client I can connect fine to my new SSID get a DHCP IP address back from DMZ WLC and at the moment can connect out to the Internet fine (using no WLAN Security as a test). So this part is working.I have now followed the document configured ISE, enabled AAA on the Internal WLC only and used the AAA override setting on WLAN as in the attached document.I connect to SSID expecting to be redirected to my ISE Guest Portal, nothing happens other than connecting to Internet WebPages.My question is, if I have followed this document correctly why is the Internal WLC not redirecting client requests to ISE, is this because my mobility anchors need to be re-configured, perhaps the AAA/ISE config needs to be applied to my DMZ WLC not internal WLC?
I would prefer the Internal WLC to redirect the login to ISE, doesn't make sense to traverse through the DMZ Firewall onto DMZ WLC back into the Internal Network again to the ISE to authenticate.Or am I missing something additionally to this document to make sure clients are directed to the ISE Guest portal login.
Cisco Wireless :: Setting Up Redundant 5508 Controllers
Mar 10, 2013I am setting up two 5508 controllers, one in HA mode, and one the primary for the remote sites in question. I plan to have these units service wireless for MPLS conected regional sites (each with their own local subnet). I was planning on using the cabled hosts network in each site for the wifi addressing and was thinking a different addressing for Guest Access, is this common? I'm obviously concerned with guest access clients but don't know enough how their trafiic is segregated from normal wifi traffic.
Also, when I stand up the controllers the management interface and ap-manager won't be in the same network as where the hosts or LWAP's will reside (routing access will exist though).
Cisco Wireless :: 5508 - Replicating Between Controllers Automatically Without HA?
Jun 11, 2013We have 2 Cisco 5508 WLCs, each wtih 50 licenses. What I would like to do is split the 50 odd APs between the 2 controllers load balancing the traffic. If a controller goes down or there is a break in the path all APs would failover to their configured secondary controller. So far so good.
However there seems to be no way to 'replicate' the configurations between controllers unless I setup HA , but as I understand it HA is Active /Passive, so essentially, unless you get a failover situaltion, completely 'redundant'.
Is there a way or either replicating between controllers automatically with out HA, or is there a way of making HA Active / Active?
Cisco :: 4400 Controllers Which Support 50 Access Points Each
Jun 25, 2011We have two 4400 controllers which support 50 Access points each and wcs with 100 base license.Now we added 5508 controller supports 50 access points.wcs is upgraded with another 50 ap license.The 5508 controller is joined to wcs and the licence showing permanent.WCS showing all aps and showing both 100 and 50 licence as permanent.But the issue is while loging into the wcs it showing the error message as"The system is in violation of license.The number of APs registered is greater then licensed."
View 5 Replies View RelatedCisco Wireless :: 5508 / Change Management IP On Controllers?
Sep 1, 2011I have two 5508 and one WCS server, the controllers are in one mobility group.Now I have to change the management IP addresses on the controllers. What are the correct steps to do this?
View 9 Replies View RelatedCisco WAN :: Unable To Create Pri-group Under T1 Controllers In 2651xm?
Feb 27, 2011im unable to create pri-group under T1 controllers in 2651xm , I have 3 T1 VWIC controller cards [dual port], tried using differnt IOS [advance enterprise/IPVoice/SPservices], i can onyl see channel-group unter the controllers.
network-clock-particiapte slot 1
network-clock-participate wic 0
i havent added "isdn switch type", does addign these command enables the Pri-group, also wheni do sh inv, i see 3 pvdms, but no serail number,
Cisco Wireless :: 5508 - Reduce Controllers Overall Footprint
Aug 12, 2012I'm looking into upgrading our 4400 series controller to 5508's. Currently we have a few sites that have 8-9 4404 100AP controllers and I'm looking to condense these down to either 3 5508-500 or 5 5508-250 depending on cost. I'm wondering what a good port to AP ratio is for controllers with licenses that can handle over 100 AP's. I know the general rule of thumb is 25 AP's per port, but that seems to me to be 4400 way of thinking. I'm trying to also reduce the controllers overall footprint, i.e. ports on the uplink switch, power consumption, rack space etc.
View 5 Replies View RelatedCisco Wireless :: WLC 5508 - Moving Controllers To Another Site
Aug 28, 2012I am planning to move our WLC's (5508) from a branch site to HQ so that all branch site APs will just report centrally in the HQ. There are two WLCs working as Active/Standby. Plan is to move one then the other. I am not really inclined with wireless.
View 9 Replies View RelatedCisco Wireless :: Roaming Between 4400 And 5500 Controllers
Oct 11, 2012Actually we have a 4402 controller with 1120 APs both of which are marked as EoL products, we want to jump over the new 2600 APs and 5508 Controller for increase signal coverage but we have the following deals:Last firmware for 4402 controller is 7.0.Firmware needed for 5508 to support 2600 APs is 7.3.Is it possible to configure mobility between 4402 and 5508 even with different firmware branch?
View 3 Replies View RelatedCisco :: Load Balance 2 5508 Wireless Controllers?
Aug 1, 2012--- I have 2 WLC's 5500 that I have to set up on my network with the same configuration except I am not sure that they can be load balanced.
-- My only thought is to take a full class C and on each WLC set up a /25, thus each device can provision 120 IP's
--- This seems a bit archaeic, but is there anything else smarter to do? Can they be load balanced?
Cisco Wireless :: 5508 Controllers - Single DNS Structure
Jun 21, 2012We are installing a set of 5508 controllers at one site in Tennessee. At another divisional site we have another controller that covers that division.
Both sites utilize the same DNS structure and would like to use the DNS entry CISCO- CAPWAP- CONTROLLER entry for bringing new AP onto the controllers at their sites, how would we go about configuring this?
Cisco :: WLC 4402 - HTTPS Access / Controllers Cannot Be Reached
Aug 1, 2011I am working in an environment with 6 4402 all running 6.0.119.4 code and WCS 6.0.196.0. I keep getting an alert from WCS that the controllers cannot be reached "Controller '10.x.x.x' is unreachable. - Controller Name: 'Name'"
Now when I go to access the WLC through HTTPS I have no access at all but controller still responds to ICMP, HTTP, Telnet, SSH. I know I should have HTTP and Telnet disabled but since HTTPS keeps failing I would have no way to get into the controller. Is this a known issue in the 6.0.199.4 code? should I consider upgrading? The only fix I have found to work is to disable HTTPS reboot controller enable HTTPS and reboot again.
Cisco Wireless :: 2504 - Redundant Controllers Multicasting
Jun 9, 2012If we have 2 Cisco 2504 series wlcs and use multicast features in both and both are primary and secondary for LAPs. what about of we use multicast ip address let's say 255.239.1.60 can we use the same ip address for the secondary controller too or we should use any other ip ?
View 7 Replies View Related