Cisco Flex 7500 controller with client disconnects

Similar Messages

• Cisco Flex 7500 and anchor

  Hello, I couldn't find this on the Cisco Flex 7500 specs
  http://www.cisco.com/en/US/partner/prod/collateral/wireless/ps6302/ps8322/ps11635/data_sheet_c78-650053.html
  Do anybody know if I can set up an anchor mobility group between the Flex 7500 and the WLC 5508?
  Kind regards

  Yes, 5508 can be used as anchor controller for static anchoring while 7500 as foreign using central swtiching.
  For Mobility:
  Fault Tolerance
  It is recommended to use Flex 7500 as both the primary and backup controllers.
  Flex 7500 primary and backup controllers must be in the same mobility domain.
  Ref:
  http://www.cisco.com/en/US/products/ps11635/products_tech_note09186a0080b7f141.shtml

• Cisco 5508 Wireless Controller with Splash Page Disclaimer

  How do one configure a splash disclaimer page on a Cisco Wireless Controller 5508 with no authentication?
  Jimmy

  There are many options to you in this scenario, but if you're looking to simply provide a splash page via the WLC without interacting with any other web servers, you can configure Local Web Authentication (LWA) as seen in this configuration example.
  http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html?referring_site=RE&pos=1&page=http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71881-ext-web-auth-wlc.html
  If you are not wanting the authentication, you can choose the "passthrough" method which will not require any credentials, only accepting an AUP or whatever you want.

• WLC 5508 and Flex 7500

  Hi,
  I am going to deploy 5508 with 12 AP version now..
  In future, we are going to get another Cisco Flex 7500 Series Cloud Controller.
  My question is can 5508 run N+1 redundancy with 7500? or is there any best practice or upgrade path avail?
  Thanks,
  John

  My understanding is that the 7500 cloud controller is for H-REAP only implementations and if it could be used as an N+1 (which I haven't heard it can) like Leolaohoo said it'd only be useful for your H-REAP access points and not your local mode ap's.. they are intended for drastically different network topology and scenarios.

• Problem getting Airprint (Bonjour) to communicate to HP LaserJet CP1525nw printer across a Cisco 5508 Wireless Controller

  I cannot get my IPad2 to print (it cannot find the printer) using a Laserjet CP1525nw color printer across a wireless network using a Cisco 1508 Wireless Controller with 49 wireless access points. HELP!!!!
  What is the secret to getting Bonjour to work on it?
  I can get the IPad2 to locate the HP CP1525nw printer without a hitch using a low budget Netgear WAG102 stand alone wireless access point on the same network.

  If it helps somebody, here is what you need to do.
  It worked for me, but only in Multicast-Unicast mode.
  http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_tech_note09186a0 080bb1d7c.shtml

• Cisco Wireless LAN Controller Always disconnect

  Dear All,
  Please help to assist my issue.I used Cisco Wireless LAN Controller model: 5508 with version 7.0.98.0 and I got issue with connection always disconnect ping always loss or some time client can't get DHCP from Controller. 
  - I configure as Internal DHCP Server with 1 SSID.
  http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/110865-dhcp-wlc.html
  - DHCP least is not full and I also try to clear-lease all but still not work.

  1. Config dhcp proxy enable
  2. In case of internal Dhcp, try debug for clients
   using,
  debug client <MAC ADDRESS OF CLIENT>

• Issue with AP 3702i, AP not registered in Flex 7500

  Hi
  My problem is this , I have several Access Points 3702i , which are seteados with Static IP , which were previously configured . When connected to the network , they are not able to register with the WLC Flex 7500, the AP reachable from the WLC for ping , but still not recorded.
  I connected to the network, I connect the console to the AP and I reconfigure the AP two or three times, until it is able to register.
  Anyone know if this happens over a Bug or a series of equipment failures that come with ????
  The Access Point throws typical logs trying to connect to the WLC , try enocntrar a DHCP and restarted , despite having a Static ip and is reachable from the WLC .
  Greetings and esperi someone can answer .

  What code running on your 7500 ? 3700 require 7.6.100.x or above
  http://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html
  If possible attach the console output of the AP while this issue is happening. That will tell us reason for the failures
  HTH
  Rasika
  *** Pls rate all useful responses ***

• [svn:bz-4.0.0_fixes] 23961: Bug#3200562: New Flex Session Id generated while disconnect with streaming amf channel

  Revision: 23961
  Revision: 23961
  Author:   [email protected]
  Date:     2012-06-15 04:42:44 -0700 (Fri, 15 Jun 2012)
  Log Message:
  Bug#3200562: New Flex Session Id generated while disconnect with streaming amf channel
  While invalidating session, make sure a new one does not get created.
  Modified Paths:
      blazeds/branches/4.0.0_fixes/modules/core/src/flex/messaging/endpoints/BaseStreamingHTTPE ndpoint.java
  Property Changed:
      blazeds/branches/4.0.0_fixes/modules/

  You're trying to do this directly in ActionScript without using Flex, correct?
  The mxmlc compiler for Flex adds some registerClassAlias calls to map types between the client and the server. This will be missing if try to use the messaging code outside of a Flex app.
  Take a look at the mx.utils.RpcClassAliasInitializer class in rpc.swc. This has a static registerClassAliases method that will do the class registration for you. You should just need to call this before running your messaging code.
  -Alex

• [svn:bz-trunk] 23948: Bug##3200562: New Flex Session Id generated while disconnect with streaming amf channel

  Revision: 23948
  Revision: 23948
  Author:   [email protected]
  Date:     2012-06-13 06:11:35 -0700 (Wed, 13 Jun 2012)
  Log Message:
  Bug##3200562: New Flex Session Id generated while disconnect with streaming amf channel
  On session time out, Flex Client is invalidated on the server side. It also results in Flex Session getting invalidated. In order to complete the client-server streaming connection handshake, the client ends up sending a CLOSE command. On the server side, for any work to be done, the MB first needs to creates a Flex Session (if none exists). After doing the necessary cleanup, the newly created Flex Session will also be invalidated. No stray Flex Sessions will left dangling...
  Modified Paths:
      blazeds/trunk/modules/core/src/flex/messaging/endpoints/BaseStreamingHTTPEndpoint.java

• Does Flex HttpService support https with client authentication

  Hi,
  We have a set of backend services available over https with client auth (cert based). We need to use mxml HttpService to access these backend services. Does HttpService support ssl with client auth?
  Another question is, for Https does flex share the browser keystore and certstore or uses its own?
  Thanks,
  Debashis

  Yes , a flex HTTPService can access services on https://.  But if I remember correctly , to use an https:// service , the swf has to be served on an https.  Example ,
  Served from https:// ... --> Can access https:// ...
  Served from https:// ... --> Can acess https:// ...
  Served from https:// ... --> CANNOT access https:// ...
  Served from https:// ... --> CANNOT access https:// ...
  Since Flex has the browser do the connecting , the browser handles the keystore stuff , not Flex. I think.

• [svn:bz-4.6.x] 23962: Bug#3200562: New Flex Session Id generated while disconnect with streaming amf channel

  Revision: 23962
  Revision: 23962
  Author:   [email protected]
  Date:     2012-06-15 04:57:45 -0700 (Fri, 15 Jun 2012)
  Log Message:
  Bug#3200562: New Flex Session Id generated while disconnect with streaming amf channel
  While invalidating session, make sure a new one does not get created.
  Modified Paths:
      blazeds/branches/4.6.x/modules/core/src/flex/messaging/endpoints/BaseStreamingHTTPEndpoin t.java

  I thought the same that those devices simply are too old. However I would like to know what causes this capabilities change. We want to get rid of the old H/W, but at the moment it looks as if we would need to revert back to the 4402 in order to get those things working again.
  I have not enough information, but those devices are some kind of handhelds. Their MAC OUI belongs to Newport Electronics.
  Regards,
  Patrick

• [svn:bz-trunk] 23960: Bug#3200562: New Flex Session Id generated while disconnect with streaming amf channel

  Revision: 23960
  Revision: 23960
  Author:   [email protected]
  Date:     2012-06-15 04:15:18 -0700 (Fri, 15 Jun 2012)
  Log Message:
  Bug#3200562: New Flex Session Id generated while disconnect with streaming amf channel
  While invalidating session, make sure a new one does not get created.
  Modified Paths:
      blazeds/trunk/modules/core/src/flex/messaging/endpoints/BaseStreamingHTTPEndpoint.java

• Cisco LWAP & WLAN Controller Flexconnect Across HP Switches

  Hello All, I'm looking for a little guidance in making the needed routing and switching configuration changes on our Corporate Network to accomadate flex connect functionality for Cisco Lightweight Access Points (LWAPs).  The LWAPs that are currently configured on our network only work when our WLAN Controller is up and running and I need for them to be disconnectable so that we can move the WLAN Controller to our virtual co-lo.  It should be known that I inhereted this network from the previous admin and have been working hard to map everything out to the best of my ability.  Also, the WLAN controller is already operating in our production network so it limits my ability to do much testing. 
  Just FYI, I'm a new Systems Admin promoted from a Desktop Support role and have my CCENT (Currently working on CCNA & MCITP Server Admin) so I have some knowledge but it is limited on the networking and switching side of things.  Unfortunately, the Senior Systems Admin has even less knowledge of networking than me and I don't really have anyone to turn to which is why I'm posting here.  I would have utilized GNS to help me simulate the configuration however there are HP switches in the mix and no means of emulating them.
  -Relevant Device List-
  (CONSA251) Sonicwall  NSA 240 - 10.1.1.251
    Interface Information 
  Interface    IP Address    Description   
  X0  ->  LAN
    10.1.1.251   LAN Interface  
  X1  ->  WAN
    *************   Time Warner WAN  
  X2  ->  DMZ
    *************   DMZ Interface  
  X3  ->  WAN
    *************   Sprint WAN  
  X0-V20  ->  LAN
    10.1.101.1   Corporate WLAN  
  X0-V30  ->  LAN
    192.168.1.1   Guest WLAN 
  (CORT250) Cisco 3845 - 10.1.1.250
  (CO-WLAN-CTRLER) Cisco 5508 Wireless Controller - 10.1.1.2
  (COSW240) HP Procurve 4108GL - 10.1.1.240
  (COSW238) HP Procurve 2510B-24 - 10.1.20.238
  (CORP-AP-MIS) AIR-LAP1131AG-A-K9 - 10.1.1.79
  (COSW239) HP1810G-24 - No IP (Inaccesible but being replaced)
  I will now go on to explain our network topology as it pertains to the WAPs and WLAN Controller and how I believe it needs to be configured in order to operate from my perspective. 
  Our Corporate and Guest Wireless Access is provided via the Sonicwall CONSA251 through a connection from the X0 interface to HP Switch COSW239 which is then connected to WLAN Controller CO-WLAN-CTRLER as detailed below:
  Device - Interface Name/Port
  CONSA251 - X0
  COSW239  - 2
  COSW239  - 18,19
  CO-WLAN-CTRLER - 2,3
  The WLAN Controller currently communicates with all the LWAPs via Layer 3 TCP\IP as I understand it and then routes all DHCP requests and traffic destine for the 10.1.101.1 (corporate WLAN) and 192.168.1.1 (Guest WLAN) to the Sonicwall and vice versa.
  Now what I am trying to do is VLAN the LWAP CORP-AP-MIS across the HP Switches to the X0 interface on the Sonicwall NSA240 where it will be able to route traffic via VLAN 20 & 30.  The problem lies in my inexperience with HP VLAN configurations and how the ports need to be configured on each device so it can route traffic to the Sonicwall when the WLAN Controller is shutdown.
  The LWAP CORP-AP-MIS layer 2 trace to the WLAN Controller is as shown below:
  Device - Interface Name/Port
  CORP-AP-MIS -  FA/0
  COSW238     - 16
  COSW238     - 25
  COSW240     - B4
  COSW240     - H6
  CORT250     - GigabitEthernet0/0
  CORT250     - Se1/0
  CONSA251    - X0
  Now for all intesive purposes the Corporate Router CORT250 should probably be handling the routing for our Corporate and Guest Wireless network however that was not the way it was originally setup and I have to work with what was inhereted.  The Corporate Router CORT250 has a default route to the Sonicwall and the Sonicwall CONSA251 has all the routing already in place for the Corporate & Guest WLANs.
  What I would like to do is VLAN off the X0-V20&V30 accross multiple switches and switchports to each LWAP in our building.  I do have the LWAP I'm testing on configured with Flex Connect which I understand is required for it to be disconnectable.
  Any guidance on how I would go about configuring this accross devices would be appreciated.  I know there are some difference between HP and Cisco Switching terms and how tagging, untagging, and trunking works however I lack the experience to apply this in practice especially in a production environment. 
  I will be happy to provide any additional information or clarification that is needed.  Thank you in advance for the help.

  Just to add about the ISE... you can profile, but having only one ssid might or might not work in your situation.  Also if you end up with remote sites or ap's in h-reap mode, currently ISE cant do any profiling.  If you go with the 7500 or 5508/WiSM2, they don't really do an active-active or active backup. They are both up and you can split the load or put all ap's on one, its up to you.  I usually split the load just to make sure both are working.  I don't want to all of a sudden loose the primary and then find out my secondary/backup is not working.

• WLC 5508 - Clients disconnecting

  I am running WLC 5508 7.2.111.3 with some 2602i AP.
  Last week one user reported his new macbook pro 2013 was encountering connectivity issues.His older macbook pro 2009 was working perfectly.
  The user is sitting in the middle of 2nd floor having equal distance from second's floor access points.
  The problem is that his Macbook pro 2013 was persistently trying to associate with 3rd's floor Access Points. Whatever i tried to do (deauthenticate user,rebooting 2nd & 3rd floor APs) the connection was persistent to 3rd floor Access Point. Even when i tried to install an Access Point in the user's office his Macbook Pro 2013 refused (!!!) to leave 3rd's floor Access Points.However his Macbook pro 2009 was always connected to the nearest Access Point (either to 2nd floor Access Points or to the newly installed access point in his office).
  This week i had two visitors in 4th floor reporting that their Laptops (Sony Vaio) were doing very slow with the wireless.
  When i tried to troubleshoot i found in the controller that their laptops were associating with 4th floor Access Points and after a minute they were disconnected and trying to associate to Ground Floor (!) Access Points. Of course they couldn't establish a connection and then associated again with 4th floor access points and after a while disconnected and trying to associate to Ground Floor Access Points
  I tried to debug client with Sony Vaio and saw in the controller the following message
  *apfMsConnTask_7: Mar 24 10:42:15.473: %APF-4-INVALID_ACTION_CATEGORY: apf_wme_utils.c:5481 Could not process 802.11 Action. Received Action frame with invalid category field(not supported by controller) from client. Mobile:*********, Category:7.
  I also see a lot of these messages for other clients.
  *apfMsConnTask_3: Mar 19 12:03:54.243: %APF-4-ASSOCREQ_PROC_FAILED: apf_80211.c:5275 Failed to process an association request from c8:6f:1d:24:0e:7d. WLAN:5, SSID:************. mobile in database timed out.
  Am i hitting any bug similar or equal to CSCue53980?

  have you tried with open authentication ( no security ) ? Check if client is able to associate then

• Clients disconnected from WLC randomly

  Hi,
  I'm doing some tests with clients to see how much time they are kept registered in the controller while they are disconnected. I've set session timeout to 0 (infinite) and user idle timeout to 12 hours. 
  The problem is that sometimes the clients are disconnected from the controller before the user idle timeout expires:
  apfMsDeleteByMscb Scheduling mobile for deletion with deleteReason 6, reasonCode 1
  Other times they are expired normally by the user idle timeout (deleteReason4,reasonCode4).
  If I am not wrong deleteReason 6 corresponds to manual deletion of the client, but there is no manual interventention when this happen, is the controller who deletes it.
  Can anybody explain why this happens randomly?
  WLC version 6.0.196
  Thanks.

  Refer the 2 Bugs :
  Unified APs removing clients on maximum retries.
  CSCti91944
  Description
  Symptom:
  A wireless client might be removed from the mobility database before the user idle timeout. When this happens, if "debug client MAC" is in effect, messages similar to the following are seen on the WLC:
  *spamApTask3: clientmacaddrXYZ Received Idle-Timeout from
  AP macADDR-abc slot 0 for STA XYZ Client MAC ADDR
  *spamApTask3: apfMsDeleteByMscb Scheduling mobile for deletion with
  deleteReason 4, reasonCode 4
  The symptoms, as experienced by the user, depends on the behavior of the client device and on the WLAN configuration as follows:
  - If the WLAN is configured for web-auth, the client is forced to reauthenticate through the web.
  - If the WLAN is configured for L3 mobility and if the client performs an L3 roam at the time of the removal, the client's old IP address in the old subnet is no longer valid, and the client is forced to re-DHCP in the new subnet. Any existing TCP connections fail to work expected. If the client is a 792x wireless phone on a call, the talk path is lost for the remainder of the call.
  - If the WLAN is configured for L2 mobility, then the client is forced to perform a full EAP authentication (if EAP is configured) and to re-DHCP (if DHCP required is configured). In most cases, this does not cause a perceptible service interruption, unless the client's IP address changes.
  Conditions:
  This occurs when an access point fails to transmit 250 consecutive packets to the client (if there are 64 failed retransmits per packet, which means 4 consecutive dropped packets, it triggers the deauth).
  Examples:
  - Client radio is temporarily disabled.
  - Client has gone into hibernation/standby.
  - For a voice client, if the client is in a call and is unable to receive audio packets for a fraction of a second.
  Workaround:
  None; however, reconfiguring the WLAN for layer 2 rather than layer 3 mobility can mitigate the effect.
  Known Affected Releases:
  (3)
  7.0(98.0)
  6.0(199.0)
  6.0(199.4)
  Clients hit Idle timeout after successful authentication
  CSCue34763
  Description
  Symptom:
  A wireless client, while associated/authenticated (in RUN state), will be
  prematurely idle timed out by an AP. With "debug client" in effect on the
  WLC, messages similar to the following are seen:
  *spamApTask2: Jan 30 17:10:17.258: 00:11:22:33:44:55 Received Idle-Timeout from
  AP 84:78:ac:00:11:22, slot 1 for STA 00:11:22:33:44:558
  *spamApTask2: Jan 30 17:10:17.258: 00:11:22:33:44:55 apfMsDeleteByMscb
  Scheduling mobile for deletion with deleteReason 4, reasonCode 4
  The idle timeout event occurs while the client is not idle, and more rapidly,
  after the client's last reassociation, than the configured user idle timeout
  value.
  Conditions:
  Flexconnect (H-REAP) local switching is configured, with DHCP Required.
  Workaround:
  Clients hit Idle timeout after successful authentication
  CSCue34763
  Description
  Symptom:
  A wireless client, while associated/authenticated (in RUN state), will be
  prematurely idle timed out by an AP. With "debug client" in effect on the
  WLC, messages similar to the following are seen:
  *spamApTask2: Jan 30 17:10:17.258: 00:11:22:33:44:55 Received Idle-Timeout from
  AP 84:78:ac:00:11:22, slot 1 for STA 00:11:22:33:44:558
  *spamApTask2: Jan 30 17:10:17.258: 00:11:22:33:44:55 apfMsDeleteByMscb
  Scheduling mobile for deletion with deleteReason 4, reasonCode 4
  The idle timeout event occurs while the client is not idle, and more rapidly,
  after the client's last reassociation, than the configured user idle timeout
  value.
  Conditions:
  Flexconnect (H-REAP) local switching is configured, with DHCP Required.
  Workaround:
  Disable DHCP required.
  Disable DHCP required.