WLC 5508 and 7.4.110.0 and AP Blackhole?

Similar Messages

• WLC 5508, Prime Infrastructure, 7921 phones and QoS

  Hi everybody!
  I have deployed about 50 wireless cisco phones int the network with 27 APs with the WLC 5508.
  I'm trying to investigate phones behaviour (I have some loss of audio).
  And I use Prime Infrastructure for monitoring.
  I run the Voice Diagnostic on the selected two phones.
  and in the Charts I see the next:
  1. for one phone "Downlink AC Queue Usage" shows all the traffic of "voice packets". but "Uplink AC Queue Usage" shows all the traffic of the "Best efforts packets".
  2. for the second phone "Downlink AC Queue Usage" shows all the traffic of "Best efforts packets". and "Uplink AC Queue Usage" shows all the traffic of the "Video packets".
  that is strange, very strange. the WLAN of these phones uses platinum QoS. none of other WLANs uses "gold" QoS.
  does this mean I have a QoS misconfiguration?
  where may the failure be? WLC? switches? router?
  please, any suggestions...

  I noticed few misconfigurations as per your response
  1. Are you configured AP as FlexConnect ?  If not AP connected switchport should be configured as ACCESS port & trust DSCP. If it is configured as FlexConnect, then you can configure switchport as turnk & in that case you  have to trust CoS using "mls qos trusct cos" command.
  2. WLC connected trunk ports always to be configured to trust CoS not DSCP. Otherwise WLC set QoS value ignored by your switch.
  3. If you WLAN is set for Platinum then you have to configure Platinum QoS profile for 802.1p & set value as 6.
  I would suggest you to verify QoS value preserve across you switch network. You have to take some wireshark packet caputres (as shown in my reference link) and make sure your voice packet DSCP goes into rest of your network as EF. You need to do this for upstream & downstream (from 7921 perspective) traffic. Here is the traffic flow if AP connected to switchport 1 & WLC connnected to switchport 2.
  7921 <-> AP <-> Switch port 1 <->  Switchport 2 <->  WLC <-> Switchport2 <-> Rest of your network
  Once you do this, then you can go to Prime & check those charts to reflect QoS values correctly. Otherwise you do not know where these QoS value get stripped/or modified in your network.
  HTH
  Rasika
  **** Pls rate all useful responses ****

• WLC 5508 running 7.4.110.0 unable to tftp upload config from controller

  Hi,
  Two WLC 5508 running identical code version. One is 50 license Primary, the second is HA. Identical config on both. HA WLC can upload its config to the TFTP or FTP server but Primary cannot. The operation fails for  both CLI and GUI and for different protocols i.e. TFTP, FTP.
  #### Primary Controller
  (Cisco Controller) >show sysinfo
  Manufacturer's Name.............................. Cisco Systems Inc.
  Product Name..................................... Cisco Controller
  Product Version.................................. 7.4.110.0
  Bootloader Version............................... 1.0.20
  Field Recovery Image Version..................... 7.6.95.16
  Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
  Build Type....................................... DATA + WPS
  System Name...................................... PRODWC7309
  System Location..................................
  System Contact...................................
  System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
  Redundancy Mode.................................. Disabled
  IP Address....................................... 10.1.30.210
  Last Reset....................................... Power on reset
  System Up Time................................... 18 days 18 hrs 51 mins 35 secs
  System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
  System Stats Realtime Interval................... 5
  System Stats Normal Interval..................... 180
  Configured Country............................... AU - Australia
  Operating Environment............................ Commercial (0 to 40 C)
  --More-- or (q)uit
  Internal Temp Alarm Limits....................... 0 to 65 C
  Internal Temperature............................. +34 C
  External Temperature............................. +17 C
  Fan Status....................................... OK
  State of 802.11b Network......................... Enabled
  State of 802.11a Network......................... Enabled
  Number of WLANs.................................. 8
  Number of Active Clients......................... 138
  Memory Current Usage............................. Unknown
  Memory Average Usage............................. Unknown
  CPU Current Usage................................ Unknown
  CPU Average Usage................................ Unknown
  Burned-in MAC Address............................ 3C:08:F6:CA:52:20
  Power Supply 1................................... Present, OK
  Power Supply 2................................... Present, OK
  Maximum number of APs supported.................. 50
  (Cisco Controller) >debug transfer trace enable
  (Cisco Controller) >transfer upload start
  Mode............................................. TFTP
  TFTP Server IP................................... 10.1.22.2
  TFTP Path........................................ /
  TFTP Filename.................................... PRODWC7309-tmp.cfg
  Data Type........................................ Config File
  Encryption....................................... Disabled
  *** WARNING: Config File Encryption Disabled ***
  Are you sure you want to start? (y/N) Y
  *TransferTask: Jun 02 10:41:15.183: Memory overcommit policy changed from 0 to 1
  *TransferTask: Jun 02 10:41:15.183: RESULT_STRING: TFTP Config transfer starting.
  TFTP Config transfer starting.
  *TransferTask: Jun 02 10:41:15.183: RESULT_CODE:1
  *TransferTask: Jun 02 10:41:24.309: Locking tftp semaphore, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
  *TransferTask: Jun 02 10:41:24.393: Semaphore locked, now unlocking, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
  *TransferTask: Jun 02 10:41:24.393: Semaphore successfully unlocked, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
  *TransferTask: Jun 02 10:41:24.394: tftp rc=-1, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
  pLocalFilename=/mnt/application/xml/clis/clifile
  *TransferTask: Jun 02 10:41:24.394: RESULT_STRING: % Error: Config file transfer failed - Unknown error - refer to log
  *TransferTask: Jun 02 10:41:24.394: RESULT_CODE:12
  *TransferTask: Jun 02 10:41:24.394: Memory overcommit policy restored from 1 to 0
  % Error: Config file transfer failed - Unknown error - refer to log
  (Cisco Controller) >show logging
  *TransferTask: Jun 02 10:41:24.393: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4579 Failed to open file /mnt/application/xml/clis/clifile.
  *sshpmReceiveTask: Jun 02 10:41:24.315: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:1087 Sema 0x2b32def8 time=142 ulk=1621944 lk=1621802 Locker(sshpmReceiveTask sshpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1647 pc=0x10b07938)
  -Traceback: 0x10af9500 0x1072517c 0x10b07938 0x12020250 0x12080bfc
  *TransferTask: Jun 02 10:39:01.789: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4579 Failed to open file /mnt/application/xml/clis/clifile.
  *sshpmReceiveTask: Jun 02 10:39:01.713: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:1087 Sema 0x2b32def8 time=5598 ulk=1621801 lk=1616203 Locker(sshpmReceiveTask sshpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1647 pc=0x10b07938)
  -Traceback: 0x10af9500 0x1072517c 0x10b07938 0x12020250 0x12080bfc
  #### HA Controller
  (Cisco Controller) >show sysinfo
  Manufacturer's Name.............................. Cisco Systems Inc.
  Product Name..................................... Cisco Controller
  Product Version.................................. 7.4.110.0
  Bootloader Version............................... 1.0.20
  Field Recovery Image Version..................... 7.6.95.16
  Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
  Build Type....................................... DATA + WPS
  System Name...................................... PRODWC7310
  System Location..................................
  System Contact...................................
  System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
  Redundancy Mode.................................. Disabled
  IP Address....................................... 10.1.31.210
  Last Reset....................................... Software reset
  System Up Time................................... 18 days 19 hrs 1 mins 27 secs
  System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
  System Stats Realtime Interval................... 5
  System Stats Normal Interval..................... 180
  Configured Country............................... AU - Australia
  Operating Environment............................ Commercial (0 to 40 C)
  --More-- or (q)uit
  Internal Temp Alarm Limits....................... 0 to 65 C
  Internal Temperature............................. +34 C
  External Temperature............................. +17 C
  Fan Status....................................... OK
  State of 802.11b Network......................... Enabled
  State of 802.11a Network......................... Enabled
  Number of WLANs.................................. 4
  Number of Active Clients......................... 0
  Memory Current Usage............................. Unknown
  Memory Average Usage............................. Unknown
  CPU Current Usage................................ Unknown
  CPU Average Usage................................ Unknown
  Burned-in MAC Address............................ 3C:08:F6:CA:53:C0
  Power Supply 1................................... Present, OK
  Power Supply 2................................... Present, OK
  Maximum number of APs supported.................. 500
  (Cisco Controller) >debug transfer trace enable
  (Cisco Controller) >transfer upload start
  Mode............................................. FTP
  FTP Server IP.................................... 10.1.22.2
  FTP Server Port.................................. 21
  FTP Path......................................... /
  FTP Filename..................................... 10_1_31_210_140602_1050.cfg
  FTP Username..................................... ftpuser
  FTP Password..................................... *********
  Data Type........................................ Config File
  Encryption....................................... Disabled
  *** WARNING: Config File Encryption Disabled ***
  Are you sure you want to start? (y/N) y
  *TransferTask: Jun 02 10:51:31.278: Memory overcommit policy changed from 0 to 1
  *TransferTask: Jun 02 10:51:31.278: RESULT_STRING: FTP Config transfer starting.
  FTP Config transfer starting.
  *TransferTask: Jun 02 10:51:31.278: RESULT_CODE:1
  *TransferTask: Jun 02 10:52:05.468: ftp operation returns 0
  *TransferTask: Jun 02 10:52:05.477: RESULT_STRING: File transfer operation completed successfully.
  *TransferTask: Jun 02 10:52:05.477: RESULT_CODE:11
  File transfer operation completed successfully.
  Not upgrading to 7.4.121.0 because of bug CSCuo63103. Have not restarted the controller yet.
  Any one else had this issue ? Is there a workaround ?
  Thanks,
  Rick.

  Thanks Stephen, In my deployments of 7.4.110.0 version I have not seen this issue so may be controller reboot will fix it (we do have HA to minimize the impact). I will keep the thread updated with findings and may request TAC for the special release 7.4.121.0 if the still not happy with 7.4.110.0
  Rick.

• ISE 1.3 not receiving Radius requests from WLC 5508 ver 8.0.110.0

  Hello all. I just implemented ISE 1.3 at a customer site. added a WLC running 8.0.110.0 using its mgmt address with a RADIUS preshared key. On the WLC, I created to SSIDs, corp and guest.
  For corp I configured WPA2 and AES and forwarded Radius requests to my 2 ISE node PSN interfaces
  For the guest I configured MAC filter with advanced features AAA overide and Radius NAC - per Cisco's documents
  The corp forwards Radius requests to ISE, the guest does not. I get nothing from the guest.
  I configured the WLC step by step from the Cisco document. I have completed over 10 ISE implementations in the last year using ISE 1.2 and WLC 7.x and have never run into this issue before.
  Any help will be much appreciated.

  This issue has been resolved. The issue was that for the guest SSID MAC filtering was enabled as required, but they had the test PCs on a mac filter bypass list for that SSID in the WLC. This was automatically authenticating the PC, and therefore not forwarding the RADIUS to ISE.
  Once we removed the PC from the MAC filter list in the WLC, the authentications were forwarded to ISE as desired.

• Migrating AP's from WLC 4400 v.4.0.179.11 to WLC 5508 v.7.2.110.0

  Hi,
  I am replacing an old 4400 series WLC running version 4.0.179.11 to a new 5508 WLC running version 7.2.110.0.
  We currently have 70 x 1131 Access points on the 4400 WLC.
  With this upgrade, do i need to upgrade the old 4400 to version 6.0 so the AP's get an up to date IOS or can i directly migrate all AP's over to the new 5508 without any version incompatabilities on the AP's?
  I am abit worried that the AP's are running a very old IOS on the 4400 v.4.0.179.11 to go straight to the new 5508 v.7.2.110.0.
  Thanks

  Hi,
  Check out this release note
  http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7_2_110_0.html#wp976667
  You'll need to get up to a supported version of 6.0 first as per the release notes.
  You'll need to check out the 6.0 release notes too to make sure there are no other intermediate upgrade steps required too.
  Nigel
  Sent from Cisco Technical Support iPad App

• Trying to get home shaing working on apple tv using Cisco Access points and a Cisco WLC 5508 with 7.2.110 code.  I can get devices working individually but they never see each other.  I can ping the apple tv from my laptop and ipad.

  Trying to get home sharing working on a corporate wireless network.  Cisco wireless.
  WLC5508 controller
  Cisco 3502 access points
  All apple devices on same WLAN - security WPA2-PSK
  ITunes account up to date
  All devices laterst software.
  Can ping apll tv from laptop
  can ping apple tv from ipad
  Can ping ipad from laptop
  can ping laptop from ipad.
  Apple tv never sees any other device.
  Any ideas?

  Fascinating just reading about your setup. I have a WRT350N and have noticed that it will drop its speed, sometimes down to 1Mbps. It seems to do so at about the same time every day, but usually comes back to speed in about 5 minutes. In my experience, the Apple TV will disconnect if the speed falls this low. Try monitoring the Linksys with Netstumbler, Vistumbler, or just in the Windows Network utility.
  Check the "lease obtained" and "lease expired" times for your router to see if that is when the network fails. I've just finished reading an angry thread over at the Linksys forum about the WRT330N where someone mentioned that the router wasn't renewing its lease.
  "I cannot set it run off automatic DHCP from the WRT330N, the router will not assign it an IP every time the lease expires, causing me to have to manually set an IP on the Print server. That's annoying. Having the router drop IP's to individual machines after 12-48 hours...very annoying."
  http://forums.linksys.com/linksys/board/message?board.id=Wireless_Routers&thread .id=67412
  If that is the problem, then I would consider setting up a Static IP address for your Apple TV. You can do that through the user interface -> Settings -> Network -> Configure ... (Quite intuitive as you only have change IP address and the subsequent details remain the same.)
  My router assigns IP Addresses in the ranges of 192.168.1.100 ->149. The idea here is to choose an address outside of that range but is not greater than 192.168.1.253 (and should not end in the number 1). You shouldn't have to change the linksys router as long as 50 clients are assigned in that range. You'll have to figure that out by accessing your router webpage at browser address 192.168.1.1 -> the default password is "admin" (without the quotes).
  Good luck.

• TS2972 Cannot get home sharing and airplay to work over corporate wifi.  Cisco WLC 5508 controllers.  Home sharing and Airplay is turned on.  Apple ID and account the same on each device.  All software is at the latest version.  Devices work individually.

  All devices at latest software.  Each device works individually ie. apple tv can play netflix and hulu videos, itunes works on both an iPad2 and a Pc with latest itunes version.  Firewall disabled ports open.  Devices on same vlan.  Laptop can ping ipad and apple-tv, iPad can ping laptop and apple-tv.  The deives just do not see each other ever.  All cisco settings are set to recommended settings for home sharing to work.  Any ideas?

  I seem to have a similar problem.  I have a Macbook and a PC, both running the current version of iTunes.  On the APTV (also running the current software version), only my Macbook library shows up under "computers".  Home Sharing is turned on for both and my Macbook library shows up under "Shared" on the PC, but the PC iTunes library doesn't show up on the Macbook or the APTV.
  My question then is: How is it that my Macbook iTunes library can show up on the PC and on the APTV, but the PC iTunes library doesn't show up on either?  If the PC can see the shared libraries, doesn't that mean it's on the same network?  Along those same lines, "Shared" libraries do NOT show up on the Macbook.  Again I ask, how is it that I can see the Macbook library on the PC, but the Macbook doesn't show any Shared libraries?
  All of this worked just fine before the upgrade to iOS 5 by the way.  I had no issues seeing any library on any devices and the APTV found both computers.
  Please help.  This is really annoying!

• WLC 5508 / firmware 7.2.110.0 is restarting automatically ( COLD START )

                     Hi Experts ,
  I am having weird issue with 5508 controller which is having firmware 7.2.110.0 . This controller is restarting automatically
  Since this issue was occuring since long time with earlier version , I have upgraded to 7.2.110.0 , however still no luck ....
  I do not have any logs related to controller crash info.

  Hey Scott,
  I'm about to upgrade a 5508 controller from 7.0.220.0 to 7.4.110.0 , and was just prepping myself on upgrading the FUS as it will be the first time. Latest for 5508 is 1.7 and I noticed for 2504 its 1.8.
  I was just curious where you saw that its mandatory to upgrade the FUS ? I can't seem to locate any actual documentation specifying anything about upgrading the FUS when going from one version to another etc. I know one of my clients has a 5508 on 7.4 with the old FUS (see below).
  Bootloader Version............................... 1.0.1Field Recovery Image Version..................... 6.0.182.0
  Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
  Build Type....................................... DATA + WPS
  Looking forward to your reply
  Thanks !

• Unable to add SNMP server in WLC 5508 with 7.4.110

  hi
  I am trying to add 0.0.0.0/0 as SNMP address and netmask and i am getting an error saying the netmask is invalid.
  is there a different way to set this?           

  Hi Roy,
  This is strange.
  I do not have a test WLC with this code to test, but command syntax is correct. I have verified it on my test controller in 7.0.116.0 & it is happy to accept it. Even 7.4 config guides does not show any other command syntax for this.
  http://www.cisco.com/en/US/docs/wireless/controller/7.4/configuration/guides/consolidated/b_cg74_CONSOLIDATED_chapter_0111.html
  One good thing is, this is the default setting once you create a snmp-community. It should have 0.0.0.0/0 as subnet/net mask & you do not require any changes for the default config.
  "show snmpcommunity" output should show the config values for your SNMP community.
  If you are trying to change it from configured subnet to default value, then as a work around you can re-create the snmp commnuity from fresh (delete & recreate)
  If you have Cisco TAC assistance then log a case with them to see why this command is not accepting in your code of WLC
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Incompatibility issue - WLC 5508 and ACS 5.4

  Hi,
  This is my scenario:
  Cisco WLC 5508 firmware 7.4.110.20 and ACS 5.4, two WLAN eap/tls, many client  can't connect to WLAN and on ACS i receive the following error:
  Authentication failed : 11051 RADIUS packet contains invalid state attribute
  workaround:
  1 -Check the network device or AAA Client for hardware problems.
  2-known RADIUS compatibility issues.
  3-Check the network that connects the device to ACS for hardware problems
  there are some incompatibility issue between WLC and ACS ? the compatibility matrix document for wireless imposes the 7.5 firmware for WLC.
  What do you think is possibile ?

  Are there any other errors shown in the details of the failed authentication?
  We may need to look at service logs in debug mode, opening a TAC case would be the best way to go about this.
  Javier Henderson
  Cisco Systems

• Using v31.4.0, any way I can designate server ports be as 110 and 25 instead of 110 and 587 for Bitdefender Anti-spam?

  Thunderbird's server ports will not allow 110 and 25, only 110 and 587. Any suggestions?

  Go to Account Settings -> Outgoing Server (SMTP) Settings and highlight the server name; then click Edit. You should be able to change the port there. Ports 25, 465, 587, and 2525 are all possibilities.

• WLC 5508 - Error When Uploading Webauth Bundle

  Currently have a WLC 5508 running 7.4.110.0.  I'm trying to upload (download) a webauth bundle to the controller from the web interface and am getting an error.  I've tried using FTP, SFTP and TFTP and get a different error with each.  When I started out with this, I was using a modified login.tar.  Thinking this was the problem, I switched to using the login.tar file included with the Web Authentication Bundle version 1.0.2 downloaded from the Cisco site.  This file fails with the errors below.  Does anyone have suggestions as to what I'm doing wrong?  Is this is a known bug in this version of the software?  Thanks!
  For FTP:
  The web interface shows: 
  % Error: Webauth Bundle file transfer failed - Unknown error - refer to log.   
  Log on the controller shows: 
  *TransferTask: May 28 13:51:12.942: #UPDATE-3-FTP_TRANSFER_FAIL: updcode.c:5631
  Error FTP file Transfer [ftp_get], <30>, Read-only file system.
  For SFTP:
  The web interface shows:
  % Error: Webauth Bundle file transfer failed - Unknown error - refer to log.
  Log on the controller shows: 
  *TransferTask: May 28 14:52:58.779: #UPDATE-3-SFTP_TRANSFER_FAIL: updcode.c:5869
   Error SFTP file Transfer [sftp_get], <11>, Resource temporarily unavailable.
  For TFTP:
  The web interface shows:
  % Error: Webauth Bundle file transfer failed - Unknown error - refer to log.
  Log on the controller shows: 
  *TransferTask: May 28 15:02:39.232: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4593 Fai
  led to open file webauth.tar.
  *sshpmReceiveTask: May 28 15:02:39.153: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:10
  87 Sema 0x2b32def8 time=11504 ulk=18587678 lk=18576174 Locker(sshpmReceiveTask s
  shpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1
  647 pc=0x10b079

  Hi,
  1. Did you used  PIcozip to compress your webauth bundle?
  2. Did you try only with one laptop , if yes then try to use other one.
  3. Just try to upload default webauth bundl from cisco to wlc and show the result to us.
  7.4.121.0 is very stable version.
  Regards

• WLC 5508 with AD, NPS but without GPO, how?

  Hi,
  I didn't found anything related to what I'm trying to do so I though I would create a new discussion...
  I would like to setup a new WLAN and to be able to connect, a user will have to enter his username/password that will be confirmed using NPS and Active Directory. The problem is, I don't want to use a GPO, I would like to only verify if the user is a member of a AD group, let's say "wlan_access".
  I don't want to install anything ( certificate, GPO, creating a WLAN configuration ) on the user's PC/laptop, only AD validation using NPS as a Radius server.
  If a user is part of that AD group, after he enter his credential he will have access to that WLAN.
  Is it possible to setup that? How should I configured the WLAN in my WLC 5508 ( running 7.2.110.0 )? How should I configure NPS ( Windows 2008 R2 Enterprise )?
  Thanks a lot for your help and answers.
  Guillaume

  Hi guys,
  With the info Stephen Rodriguez gave, it looks like I won't be able to do what we want without doing config on the user's devices ( laptop, ipad, etc.. ).
  @Joseph Vasanth Louis Yes the message is from the event viewer of the NPS server. In the connection request policies, there's not much config, I let the option "Authentication Methods" in the tab Settings uncheck, so it won't override the settings in the Network Policies.
  I though it was possible to have authentication using NPS and Active Directoy without installing anything on the user's devices and still having a secured wireless network ( not like a hotspot ).
  The solution I think is the most workable is with the PEAP or PSK, with a certificate but even that...the user will have to create the WLAN profil on his laptop, so I'm not sure we want to go that way. I'll check for the PSK option, to see if the "Web Authentication" could be done using NPS.
  Thanks guys for all your time and help. I'll continue my tests and keep you posted.

• WLC 5508 with LAP-1142n - Several Errors

  Hello all,
  I had installed a WLC 5508 with 7 LAP 1142n and 2 converted AP 1131abg.
  I am seeing some errors relating 2 issues.
  1st- One particular AP 1142 is disassociating and reseting the radios.
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
  mso-para-margin:0cm;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:10.0pt;
  font-family:"Times New Roman","serif";}
  Thu Oct 28 11:50:49 2010
  AP's Interface:0(802.11b)   Operation State Up: Base Radio MAC:e8:04:62:23:ac:e0 Cause=Radio interface   reset. Status:NA
  Thu Oct 28 11:50:49 2010
  AP's Interface:0(802.11b)   Operation State Down: Base Radio MAC:e8:04:62:23:ac:e0 Cause=Radio interface   reset. Status:NA
  Thu Oct 28 11:50:49 2010
  AP's Interface:1(802.11a)   Operation State Up: Base Radio MAC:e8:04:62:23:ac:e0 Cause=Radio interface   reset. Status:NA
  Thu Oct 28 11:50:49 2010
  AP's Interface:1(802.11a)   Operation State Down: Base Radio MAC:e8:04:62:23:ac:e0 Cause=Radio interface   reset. Status:NA
  Thu Oct 28 11:50:46 2010
  AP's Interface:1(802.11a) Operation   State Up: Base Radio MAC:e8:04:62:23:ac:e0 Cause=Radio reset due to Init.   Status:NA
  Thu Oct 28 11:50:46 2010
  AP's Interface:0(802.11b)   Operation State Up: Base Radio MAC:e8:04:62:23:ac:e0 Cause=Radio reset due to   Init. Status:NA
  Thu Oct 28 11:50:46 2010
  AP 'AP3', MAC:   e8:04:62:23:ac:e0 disassociated previously due to AP Reset. Uptime: 1 days,   10 h 24 m 23 s . Last reset reason: operator changed 11g mode.
  Thu Oct 28 11:50:35 2010
  AP Disassociated. Base Radio   MAC:e8:04:62:23:ac:e0
  Thu Oct 28 11:50:35 2010
  AP's Interface:1(802.11a)   Operation State Down: Base Radio MAC:e8:04:62:23:ac:e0 Cause=New Discovery Status:NA
  Thu Oct 28 11:50:35 2010
  AP's Interface:0(802.11b) Operation   State Down: Base Radio MAC:e8:04:62:23:ac:e0 Cause=New Discovery Status:NA
  I had some search, and the new discovery cause, might be that the AP didnt know what WLC do associate, in a multi-controller environment. This is not the case. I only have one WLC in the same management vlan.
  2st-The Radius server is beeing related in the logs as been deactivated. I raise the server time-out on Radius configuration option, but it still continues to do it.
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
  mso-para-margin:0cm;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:10.0pt;
  font-family:"Times New Roman","serif";}
  Thu Oct 28 10:24:41 2010
  RADIUS server 10.67.128.36:1812 deactivated in global list
  Thu Oct 28 10:24:41 2010
  RADIUS server 10.67.128.36:1812 failed to respond to request (ID 172)   for client e8:06:88:51:c0:2b / user 'unknown'
  Is this meaning the WLC stop sending request to the Radius Server ? We dont have BackUp Radius.
  As far as i know, its always the same mac-address client that is associated to that error, maybe a iphone.
  I had so many clients in that SSID and they are all working good.
  The Radius server is a NPS from windows Server 2008
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
  mso-para-margin:0cm;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:10.0pt;
  font-family:"Times New Roman","serif";}
  , and the client says that the medium response time is 0,02 sec, so im wondering why the controller is not getting response from Radius for a particular client?! My client also says, that didnt found any log related to that mac-address client ... what is weird...
  WLC with last software available 7.0.164
  Hope some one help me here.
  Best Regards,
  Bruno Petrónio

  Thanks Scott,
  I understand what you are mentioning, and i really didnt do it yet.
  I realize that the primary controller was not configured on the
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
  mso-para-margin:0cm;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:10.0pt;
  font-family:"Times New Roman","serif";}
  Wireless –> All APs –> High Availability tab, and did it only to the AP that is taking this beahviour.
  Is this mandatory for a 1 controller only ?
  No mather what the manual say, after that the AP is rebooting 2 mins in 2 mins... with the same kind of messages.
  The interface on the switch is getting a few input errors and the same numbers of crc... but are so few...
  Next step ... i will change it to another one's place/pathing cable.
  Regarding the Radius messages... any ideas ?
  I'm already on 30 sec's of server timeout.
  Best Regards,
  Bruno Petrónio

• SNMP TRAP ON Secondary WLC 5508

  Hi I'm Louis,
  I work on 2 WLC 5508 with version 7.4 and Prime Infrastructure 1.3
  We have activate AP SSO to work with a primary and secondary controller.
  We have added the controller to Prime infrastructure and activated SNMP.
  We receive correctly the alarms on Prime.
  But when we work on Primary WLC, and the secondary crash we haven't got information about that. No SNMP received.
  That is normal ?
  Thx for your reply
  Regards

  I find this, in Monitoring and Troubleshooting the Redundancy States
  http://www.cisco.com/en/US/docs/net_mgmt/prime/infrastructure/1.2/user/guide/chgdevconfig.html
  On my primary controller, in SNMP => Trap Log , I can see :
  RF failure notification ErrorType: 34 Reason :Lost Peer, Moving to Active-No-Peer State! => When I unplug RP link
  RF progress notification unitId: -1407319963 peerUnitId :14 unitState: -1407319863 peerUnitState :5
  RF progress notification unitId: -1407319963 peerUnitId :14 unitState: -1407319863 peerUnitState :9  => When I plug the RP link.
  So I can see the trap on my controller but there is nothing in Prime ...

• WLC 5508 tunneling issue

  Hi,
  I have a WLC 5508 connected in a hub and spoke topology. The WLC is located at the hub which is the main office. In one of the remote spoke locations I have five Access Points that are connected to the local LAN and the model for the APs is AIR-CAP3602I-E-K9. The APs are all connected to access ports on the switch in vlan 1. I have two WLAN configured on the controller. I have two interfaces configured on the controller. The management and the guest interface. WLAN 1 is associated with the management interface. In the WLAN 1 advanced setting the flex local switching option is enabled. WLAN 2 is associated with the guest interface and this interface is tunneling vlan 248 the guest vlan. The problem I am having is that the devices can not communicate with each other if they are connected to the wireless connection WLAN 2 which is the tunneled vlan.
  Example: The client would like to be able to connect his ipad to the apple tv for presentation. If I connect both devices to the WLAN 1 which is using flex local switching option they can communicate with no problem, but if the devices are connected to WLAN 2 the guest vlan they can't communicate with each other. Is it possible to get this to also work on WLAN 2 ?
  Note: Both WLAN types are WLAN and P2P Blocking Action is set to default (disabled).
  Does any one have any ideas what could be causing my issue?
  Thanks in advance for your help,

  Well since your talking about Apple TV, you need to look at this reference guide for Apple's bonjour. This will explain how to get it to work and the limitation when an AP is in local or FlexConnect mode. The bonjour just doesn't work as people think it should because they can get it to work with a linksys AP.
  http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_tech_note09186a0080bb1d7c.shtml
  Sent from Cisco Technical Support iPhone App