1510 Mesh A.P with 5508 WLAN Controller
Hi everyone,
I got a situation. We had our wireless mesh network running with 4400 Controller and 1510 A.Ps. Now that we have bought new 5508 Controller (with SW: 7.2) and 3600 Indoor APs, we are unable to add legacy APs on our new controller. After a wild googling I have found that for 1510 APs i need to be on SW ver: 4.0. But that will lead into another situation i-e I wont be able to have my 3600 APs on WLAN Controller.
Any suggessions/wise words will be very very obliged....
Thanks,
Azhar...
You would have to keep those 440's up and have all the WLC in the same mobility group. That is the only way to keep those 1510's up and running. Cusco usually supports mobility between different version but only really as far back as 2 versions. Might work though.
Here is a compatibility guide that explains what devices work with what code.
http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
Sent from Cisco Technical Support iPhone App
Similar Messages
-
AIR-LAP1310G-E-K9 acces point not joining to 5508 wlan controller
Hi,
I have Cisco AIR-LAP1310G-E-K9 access point and 5508 wlan controller with version 7.0.220 and it is joining to the WLAN controller. I have enabled dhcp in the lan controller and i dont have external dns server. How to fix this issue? Can this LAN controller version will support this access point?
My Lan Controller Management IP Address is 10.10.10.5
Please find the below configuration of 1300 access point.
AP001d.4513.dd68#reload
Proceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
%LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is available.
flashfs[0]: 4 files, 2 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 2052608
flashfs[0]: Bytes available: 5688832
flashfs[0]: flashfs fsck took 14 seconds.
Base ethernet MAC Address: 00:1d:45:13:dd:68
Initializing ethernet port 0...
Reset ethernet port 0...
Reset done!
ethernet link up, 100 mbps, full-duplex
Ethernet port 0 initialized: link is up
Unable to get our ip address: no "IP_ADDR" variable set
The system has been encountered and error initializing
tftp file system. The system is ignoring the error and
continuing boot. If you interrupt the system boot process,
the following commands will set IP_ADDR, DEFAULT_ROUTER
and NETMASK environment variables, initializing tftp file
system, and finish loading the operating system software:
set IP_ADDR
set DEFAULT_ROUTER
set NETMASK
tftp_init
boot
Loading "flash:/c1310-rcvk9w8-mx/c1310-rcvk9w8-mx"...############################################################################################################################################################################################
File "flash:/c1310-rcvk9w8-mx/c1310-rcvk9w8-mx" uncompressed and installed, entry point: 0x3000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C1310 Software (C1310-RCVK9W8-M), Version 12.4(10b)JA3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 19-Mar-08 19:09 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x003BE9E0
Initializing flashfs...
flashfs[1]: 4 files, 2 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 7741440
flashfs[1]: Bytes used: 2052608
flashfs[1]: Bytes available: 5688832
flashfs[1]: flashfs fsck took 2 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-LAP1310G-E-K9R (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
Processor board ID FHK1133E002
PowerPCElvis CPU at 262Mhz, revision number 0x0950
Last reset from reload
LWAPP image version 3.0.51.0
1 FastEthernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:1D:45:13:DD:68
Part Number : 73-8960-09
PCA Assembly Number : 800-24963-06
PCA Revision Number : A0
PCB Serial Number : FOC113000V7
Top Assembly Part Number : 800-28479-05
Top Assembly Serial Number : FHK1133E002
Top Revision Number : B0
Product/Model Number : AIR-LAP1310G-E-K9R
The name for the keys will be: ap.cisco.com
% The key modulus size is 1024 bits
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
ip ssh version 2
^
% Invalid input detected at '^' marker.
transport input ssh
^
% Invalid input detected at '^' marker.
aaa new-model
^
% Invalid input detected at '^' marker.
aaa authentication login default enable local none
^
% Invalid input detected at '^' marker.
o
^
% Invalid input detected at '^' marker.
Press RETURN to get started!
*Mar 1 00:00:05.442: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar 1 00:00:06.473: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
*Mar 1 00:00:07.817: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1310 Software (C1310-RCVK9W8-M), Version 12.4(10b)JA3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 19-Mar-08 19:09 by prod_rel_team
Translating "CISCO-LWAPP-CONTROLLER"...domain server (255.255.255.255)
transport input ssh
^
% Invalid input detected at '^' marker.
*Mar 1 00:00:33.860: %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER
*Mar 1 00:00:33.860: %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER
*Mar 1 00:00:33.861: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
logging origin-id string AP:001d.4513.dd68
^
% Invalid input detected at '^' marker.
logging 255.255.255.255
^
% Invalid input detected at '^' marker.
logging trap 3
^
% Invalid input detected at '^' marker.
*Mar 1 00:00:37.440: Logging LWAPP message to 255.255.255.255.
AP001d.4513.dd68>
%LWAPP-3-CLIENTEVENTLOG: Forcing AP to obtain IP address using DHCP
%DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.10.10.46, mask 255.255.255.0, hostname AP001d.4513.dd68
Translating "CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com"...domain server (10.10.10.5)
%LWAPP-3-CLIENTEVENTLOG: Did not get vendor specific options from DHCP.
%LWAPP-3-CLIENTEVENTLOG: Did not get log server settings from DHCP.
%LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
%LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
AP001d.4513.dd68>Your debug is very telling ..
AP001d.4513.dd68>
%LWAPP-3-CLIENTEVENTLOG: Forcing AP to obtain IP address using DHCP
%DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.10.10.46, mask 255.255.255.0, hostname AP001d.4513.dd68
Translating "CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com"...domain server (10.10.10.5)
%LWAPP-3-CLIENTEVENTLOG: Did not get vendor specific options from DHCP.
%LWAPP-3-CLIENTEVENTLOG: Did not get log server settings from DHCP.
%LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
%LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
AP001d.4513.dd68>
What are you using to tell the AP where the contoller lives ? Since you are consoled into the ap you can use the -> capwap ap controller ip address
This will point the ap to your controller
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection." -
Cisco WLC 5508 WLAN Controller
Hallöchen kennt sich jemand mit den Dingern tiefgründiger aus? Ich hätte da mal ein frage bzgl. der interface Groups.
Und Zwar kann man ja mehrere Vlans (somit auch IP Ranges) in eine Gruppe packen und diese dann wiederum ein SSID zu ordnen. Kann mir jemand erklären wie indem Falle die IP Adresse Zuweisung (DHCP der Clients unterschieden wird?
Und die 2. Frage wäre kann man verschiedene LAG Gruppen bauen oder oder nimmt er automatisch alle 8 in eine LAG Gruppe?
Danke für eure Hilfe schonmal.is ist poosible the to create more than one LAG portgroup or binds the controller all 8 ports automatically in the same group? My idea is to cerate a 3 groups for 3 costumers with 2GB uplinks to the bachground network.
When it comes to WLC, it's either you turn on LAG or you don't. You can only have one LAG.
Here's what we've done in our deployment:
We have a single outbound interface, let's call it INTERNET. We have multiple sites. So we create multiple dynamic interface with specific DHCP server.
We have created a PERL script and it's attached to our LINUX RADIUS box which specifies that all traffic goes out the INTERNET dynamic interface, however, each client gets an IP address based on the site where they come from. -
Best solution for 22 APs with no WLAN controller
Hello,
I have 22 aironet 1130 access points installed in a large building together with an ACS 4.1. what is the best solution to manage the APs, provide QOS and centrally authenticate and control the AP.
Will enabling WDS on AP provide radio management without WLSE or wlan controllers.If you are dead set on autnomous, WLSE is probably your best bet.
I worked with some third party managment software before for cisco access points and it wasnt very fun.
You can ebay used controllers pretty cheap these days. Once the 5500s are released you may even see them dip a bit lower ... -
Cisco AP 700w as a Work Group Bridge with a WLAN Controller
I am trying to setup an AP 700w as a Work Group Bridge as it would be interesting to have this running, because it has the built-in 4 port switch.
I have WiSM based WLCs running the version 7.0.240.0. I converted a 700w to an autonomous AP and on the AP I installed the IOS Version 15.3(3)JA1.
When I use an autonmous based AP to connect the 700w as a WGB everything works fine. I can connect clients through the 4 port switch.
If I try to use a Controller based WLAN environment it does not work. The config is simple:
ap#sh run
Building configuration...
Current configuration : 1805 bytes
! Last configuration change at 18:37:11 UTC Thu Mar 5 2015
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap
logging rate-limit console 9
enable secret 5 $1$b5Da$QTI6Geq7ARZud34ZqA45.0
no aaa new-model
led display off
no ip source-route
no ip cef
dot11 syslog
dot11 ssid LAGERWPA
authentication open
authentication key-management wpa
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
username CISCO password 7 14341B180F0B
bridge irb
interface Dot11Radio0
no ip address
encryption mode ciphers aes-ccm tkip
ssid LAGERWPA
antenna gain 0
packet retries 64 drop-packet
station-role workgroup-bridge
bridge-group 1
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
shutdown
antenna gain 0
peakdetect
no dfs band block
packet retries 64 drop-packet
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface GigabitEthernet0
no ip address
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
interface BVI1
mac-address 18e7.2801.9610
ip address dhcp client-id GigabitEthernet0
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
lan-port port-id 1
no shutdown
lan-port port-id 2
shutdown
lan-port port-id 3
shutdown
lan-port port-id 4
shutdown
bridge 1 route ip
line con 0
line vty 0 4
login local
transport input all
end
The association is OK, it is seen as a WGB, I can reach resources on our network from the AP, ping works, I can use a telnet from client to access the AP 700w etc.:20... Here is an old post for reference.
https://supportforums.cisco.com/thread/2119996
Sent from Cisco Technical Support iPhone App -
Single WLAN Controller Limitations
Aside from redundancy, are there any other limitations to deploying a single Cisco 5508 WLAN Controller that I should be aware of? The configuration guide states you need multiple controllers for the following:
A multiple-controller system has the following additional features:
•Autodetecting and autoconfiguring RF parameters as the controllers are added to the network.
•Same-subnet (Layer 2) roaming and inter-subnet (Layer 3) roaming.
•Automatic access point failover to any redundant controller with a reduced
Is it true you can't have those roaming capabilities with a single controller?No... You have all those except for redundancy.
Sent from my iPhone -
WLAN Controller 2125 VLAN issue
Hello,
i purchased a WLan Controller 2125.
this is my first time with Cisco's Wireless Controller :-)
previously i have worked with Motorola WLan Controller. configuring Vlan was easy.
now coming back to cisco Controller
i have installed and completed the initial configuration such as management console and 1st SSID working fine.
according to Company's requirement there should be 3 SSID's
1) management VLAN-1 identifier subnet 15.15.x.x (SSID - VLAN-1)(interface1)
2) Guest VLAN-20 identifier subnet 192.168.10.0 (SSID - VLAN-20)(interface2)
3) employees VLAN-30 identifier subnet 20.20.x.x (SSID - VLAN-30)(interface3)
now the issue is only the SSID VLAN-1 is working. i beleive it is because its under the VLAN1 and management interface.
as for fulfilling network requirement i have connected controller with L3 switch as below
controller's interface1 connected to trunking interface on the switch
controller's interface2 connected to interface vlan-20 on the switch
controller's interface3 connected to interface vlan-30 on the switch
i have also configured DHCP on controller for each SSID(interface)
I CANT EVEN PING the GATEWAY FROM THE SSID VLAN-20 & VLAN-30.
HELP PlsFirst at all, test those other 2 vlans fromthe switch side just to make sure are working.
If it is working and not wirelessly, then I would need the show run-config and show arp switch
from the switch side, show cdp nei detail and show run and show arp -
Friends,
I have a problem authenticate with AP AIR-LAP1131AG-AK9 to Wlan Controller 5508 (software versión of the Wlan Controller6.0.202.0 ). This AP always tries to authenticate with Wlan Controller. Maybe it tries to download the ios version.
Could be a hardware problem.
I am going to attach the log file.
Thank.
Marco.*Nov 23 20:28:50.348: %APF-3-AID_UPDATE_FAILED: apf_80211.c:5744 Error updating Association ID for REAP AP Client64:00:f1:12:b1:d0 - AID 4
*Nov 23 20:28:50.348: %LWAPP-3-MAX_AID2: spam_api.c:1045 Reached max limit on the association ID for AP (max association ID 256)
Looks like a great case for TAC.
This is an HREAP AP? It looks like it is associated fine with the WLC (no logs indicating it is trying) but instead it looks like Client Associations are breaking because it thinks it is up to 256 AIDs.....?
Maybe this is a common error, but it hasn't cross my path before... -
WLAN Controller 5508 - Latest IOS (april/2013)
Dears,
Can somebody confirm please what is the latest IOS version for the Wlan Controller 5508 ?
Actually I am using
Software Version
7.3.102.0
I see the folliwing at Cisco website
Latest Releases
7.2.115.1(ED)7.3.112.0(ED)
7.0.240.0(ED)
7.4.100.0(ED)
Version 7.2.115 seems to be the latest one (release date 19-APR-2013)... then I see 7.3.112.0 w/ release date 30-JAN-2013...
I thought the IOS 7.4.100 would be the latest one but that release date is 17-DEC-2012
Thats very wierd coz my controller uses a 7.3.102.0.....
Can someone help me ?
What IOS is really the latest one ?
What should be the best one for me ?
Software Version
7.3.102.0
Field Recovery Image Version
System Name
XXX-XXXX-XXX
Thanks in advance!!!Lets make it simple. There are different trains. 7.0 is one, 7.2 is another, 7.3 is another and 7.4 is another. So if your on 7.2.x, the latest for that version is the .x. Each one listed above is different as far as features so you need to look at the latest for train that your on.
Sent from Cisco Technical Support iPhone App -
Wlan Controller 4402 with 15 APs (1242 ag)
Can anyone help me to configure 4402 wlan controller ( deploying procedure ) with 15 access points .
Rgds,
SenthilHi Senthil,
Very broad question but I will send you some links and see if that helps. You can please come back if you have any doubts on the same.
http://www.cisco.com/en/US/docs/wireless/controller/4.2/configuration/guide/c42lwap.html
http://www.cisco.com/en/US/docs/wireless/controller/4.2/configuration/guide/ccfig42.html
HTH
Ankur
*Pls rate all helpfull post -
Can Wlan Controller work with Third party Aps
Can Cisco Wlan Controller work for 3rd party Aps which does not have LWAPP running. If yes How.If no then how we can manage existing Ap's of say 3com in the network...
Hi Friend,
No, Cisco WLC will not support any third party APs. Even if Cisco APs are not lwapp AP then WLC will not be able to manage them.
We need to have Cisco Lwapp APs only for wireless lan controller to manage them.
For 3com Aps you need to talk to 3com guys or any third party tool if available to manage these APs.
HTH
Ankur -
WLC 5508 - wlan stability problems
Hi.
I have a WLC 5508 with half a dozen LAPs (AIR-CAP3502I-E-K9).
They have been working but sometimes clients detect conectivity problems with the wlan.
Here is the message log I can obtain from the controller:
Nov 09 12:16:31.886: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!*dot1xMsgTask: Nov 09 12:16:10.286: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:26:c6:12:e8:32Previous message occurred 7 times.Nov 09 11:55:24.682: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!*apfReceiveTask: Nov 09 11:51:30.788: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *spamApTask2: Nov 09 11:51:20.144: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:631 Failed to complete DTLS handshake with peer 10.23.1.118*dot1xMsgTask: Nov 09 11:50:44.878: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client e0:ca:94:93:be:67*apfReceiveTask: Nov 09 11:50:40.672: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:38.625: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:35.531: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:31.068: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:29.257: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:28.707: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:24.065: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
Can somebody help me to understand these messages?
1)
*apfReceiveTask: Nov 09 11:50:24.065: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
2)
Nov 09 11:55:24.682: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!
3)
*dot1xMsgTask: Nov 09 11:50:44.878: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client e0:ca:94:93:be:67
Thanks1)
*apfReceiveTask: Nov 09 11:50:24.065: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
//APs are rebooting. don't panic, check the up time of AP. This message seen when AP rebooted/freshly joined and waiting for wlc to assign channel.
2)
Nov 09 11:55:24.682: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!
//It is cosmetic and can be ignored.
3)
*dot1xMsgTask: Nov 09 12:16:10.286: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:26:c6:12:e8:32
//Keys M1-M5 used for wireless auth, here client having struggle completing the auth process.
get output of, WLC>debug client -
WAP4410N Access point and 4404 WLAN Controller.
Hello to all,
I am planning to setup a new WLAN using WAP4410N Wireless N Access Point. Is it possible to manage the AP using 4404 WLAN controller ?
I need to buy arround 42 AP for covering the entire building.
Regards,
Aslamleolaohoo
Could u please tell me which series can be used with 4404 WLANC ?
Also the AP Should support Bridging or Mesh. -
Cisco LWAP & WLAN Controller Flexconnect Across HP Switches
Hello All, I'm looking for a little guidance in making the needed routing and switching configuration changes on our Corporate Network to accomadate flex connect functionality for Cisco Lightweight Access Points (LWAPs). The LWAPs that are currently configured on our network only work when our WLAN Controller is up and running and I need for them to be disconnectable so that we can move the WLAN Controller to our virtual co-lo. It should be known that I inhereted this network from the previous admin and have been working hard to map everything out to the best of my ability. Also, the WLAN controller is already operating in our production network so it limits my ability to do much testing.
Just FYI, I'm a new Systems Admin promoted from a Desktop Support role and have my CCENT (Currently working on CCNA & MCITP Server Admin) so I have some knowledge but it is limited on the networking and switching side of things. Unfortunately, the Senior Systems Admin has even less knowledge of networking than me and I don't really have anyone to turn to which is why I'm posting here. I would have utilized GNS to help me simulate the configuration however there are HP switches in the mix and no means of emulating them.
-Relevant Device List-
(CONSA251) Sonicwall NSA 240 - 10.1.1.251
Interface Information
Interface IP Address Description
X0 -> LAN
10.1.1.251 LAN Interface
X1 -> WAN
************* Time Warner WAN
X2 -> DMZ
************* DMZ Interface
X3 -> WAN
************* Sprint WAN
X0-V20 -> LAN
10.1.101.1 Corporate WLAN
X0-V30 -> LAN
192.168.1.1 Guest WLAN
(CORT250) Cisco 3845 - 10.1.1.250
(CO-WLAN-CTRLER) Cisco 5508 Wireless Controller - 10.1.1.2
(COSW240) HP Procurve 4108GL - 10.1.1.240
(COSW238) HP Procurve 2510B-24 - 10.1.20.238
(CORP-AP-MIS) AIR-LAP1131AG-A-K9 - 10.1.1.79
(COSW239) HP1810G-24 - No IP (Inaccesible but being replaced)
I will now go on to explain our network topology as it pertains to the WAPs and WLAN Controller and how I believe it needs to be configured in order to operate from my perspective.
Our Corporate and Guest Wireless Access is provided via the Sonicwall CONSA251 through a connection from the X0 interface to HP Switch COSW239 which is then connected to WLAN Controller CO-WLAN-CTRLER as detailed below:
Device - Interface Name/Port
CONSA251 - X0
COSW239 - 2
COSW239 - 18,19
CO-WLAN-CTRLER - 2,3
The WLAN Controller currently communicates with all the LWAPs via Layer 3 TCP\IP as I understand it and then routes all DHCP requests and traffic destine for the 10.1.101.1 (corporate WLAN) and 192.168.1.1 (Guest WLAN) to the Sonicwall and vice versa.
Now what I am trying to do is VLAN the LWAP CORP-AP-MIS across the HP Switches to the X0 interface on the Sonicwall NSA240 where it will be able to route traffic via VLAN 20 & 30. The problem lies in my inexperience with HP VLAN configurations and how the ports need to be configured on each device so it can route traffic to the Sonicwall when the WLAN Controller is shutdown.
The LWAP CORP-AP-MIS layer 2 trace to the WLAN Controller is as shown below:
Device - Interface Name/Port
CORP-AP-MIS - FA/0
COSW238 - 16
COSW238 - 25
COSW240 - B4
COSW240 - H6
CORT250 - GigabitEthernet0/0
CORT250 - Se1/0
CONSA251 - X0
Now for all intesive purposes the Corporate Router CORT250 should probably be handling the routing for our Corporate and Guest Wireless network however that was not the way it was originally setup and I have to work with what was inhereted. The Corporate Router CORT250 has a default route to the Sonicwall and the Sonicwall CONSA251 has all the routing already in place for the Corporate & Guest WLANs.
What I would like to do is VLAN off the X0-V20&V30 accross multiple switches and switchports to each LWAP in our building. I do have the LWAP I'm testing on configured with Flex Connect which I understand is required for it to be disconnectable.
Any guidance on how I would go about configuring this accross devices would be appreciated. I know there are some difference between HP and Cisco Switching terms and how tagging, untagging, and trunking works however I lack the experience to apply this in practice especially in a production environment.
I will be happy to provide any additional information or clarification that is needed. Thank you in advance for the help.Just to add about the ISE... you can profile, but having only one ssid might or might not work in your situation. Also if you end up with remote sites or ap's in h-reap mode, currently ISE cant do any profiling. If you go with the 7500 or 5508/WiSM2, they don't really do an active-active or active backup. They are both up and you can split the load or put all ap's on one, its up to you. I usually split the load just to make sure both are working. I don't want to all of a sudden loose the primary and then find out my secondary/backup is not working.
-
Virtual WLAN Controller Guest Anchor
We are planning a WLAN upgrade and the security policy is to forward wireless Guest user traffic to the DMZ controllers. We are now considering the Virtual WLAN Controller and all AP's will register with the virtual controllers and we will use Flexconnect for Staff and internal traffic that will switch their traffic onto the local switch.
We wish to forward the guest traffic to the DMZ Guest Anchor controller which will be a 5508 controller. This will also offer Office Extend AP service.
I have looked at teh virtual controller docs and not very clear if this deployment model is supported. Below is a diagram of what we wish to deploy and can anyone advise if thsi is a supprted deployment model.Well you can use the vWLC to anchor to a 5508, but not the other way around. So if you use the DMZ 5508 for OfficeExtend, you will not be able to anchor the traffic back to the inside. Cisco doesn't support reverse anchoring for a Remote-LAN in OfficeExtend and requires you to actually have the OfficeExtend AP's connect to an inside WLC. In v7.0.x you were able to do this reverse anchor, but it was removed on later codes.
Sent from Cisco Technical Support iPhone App
Maybe you are looking for
-
Problem with reminder after upgrading to ios5
Hi, My name is Henri and I'm from France. Excuse me first if the question had been asked, I didn't found any answer to my research. I upgraded my iphone 4 to ios 5 yesterday and since there I couldn't use my reminder, because the plus signe didn't ap
-
Pages 5.2: two letters with accent (e.g. "éé") issue
I use the Dutch version of Pages 5.2 with OS X 10.9.2. Whenever I type two vowels that both have accents (e.g. "één", "héél" or "dóór") my typing cursor disappears as soon as I enter the second accent. Normally (as in: in Pages '09), this would be th
-
What is indexing and why does it take 122 hours?
What is indexing and why has it slowed my computer and why does it take 122 hours?
-
Thin driver 8.1.6 capabilities
hi i'm trying to get my connection pool (borrowed code - generic - and modified, ie. not using any oracle pool methods) working with my JSP. i'm using jdk1.3, Oracle 8i 8.1.6 db the thin driver is v8.1.6 JSP engine is Tomcat 3.2.1 it works fine for a
-
No Single batch split item created in delivery during picking
Hello, When there is only one batch split item, SD_DELIVERY_UPDATE_PICKING is not creating batch split item (90001) if delivery quantity is equal or less than picking quantity...I didi search for SAP Note (1360407) and found one which is applicable o