2 controllers - Cisco 526 wireless mobility Controller

Similar Messages

• Cisco 526 Wireless express controller and Guest setup

  We are going to implement a small (2-3 APs) wireless network and we wanted gust to have access too. My question is how do we implemetn the guest setup and separate that accessf rom our network. How does the 526 do it. Do we need a separate internet access for guest. Do we need separate vlan? Is it easy to setup using the 526?
  Thank you,
  Gilbert

  Thanks for the reply. I did see this before I just cannot understand how creating the guest vlan will segragate the guest connection from our network. I just need more explanation on how the guest connection would not be able to access our data network.

• How to replace the certificate of Cisco 2106 wireless LAN controller for CAPWAP ?

  I have interested in CAPWAP feature and I download the open capwap project to make Access Controller (AC) and Wireless Terminal Point (WTP). I had built the AC which used PC and WTP which used Atheros AP. The CAPWAP feature work well when I enabled the CAPWAP that used my own AC  and WTP. When I got the Cisco 2106 wireless LAN controller (Cisco WLC), I configured the Cisco WLC to instead my own AC but I got the authorize fail in Cisco WLC side. It seem the Cisco WLC could not recognize the CAPWAP message which sent form my own WTP. I think this issue just need to synchronize the certificate between Cisco WLC and WTP.So I need to replace the Cisco WLC's certificate manually. Does anyone know how to replace the certificate manually with Cisco WLC ?
  Best Regards,
  Alan

  Unfortunately this Support Community is for Cisco Small Business & Small Business Pro product offerings.  The WLC2106 is a traditional Cisco product.  You can find this type of support on the Cisco NetPro Forum for all traditional Cisco products.
  Best Regards,
  Glenn

• Software Version Upgrade for Cisco 4402 Wireless Lan Controller

  Hi,
  We have Cisco 4402 Wireless Lan Controller with Software Version 3.2.171.6 and we want to upgrade it to latest version.
  So can anyone please let me know the latest version to upgrade the WLC?
  Also since WLC is running on very lower version is it possible to upgrade to the latest version directly or we have to move it step by step to upgrade this to latest version?
  Thanks

  Take a look at the compatibility matrix below:
  http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
  7.0.235 is the latest that you can go to:
  http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7_0_235_0.html
  The release notes outline the upgrade process.
  "Upgrade to 4.0.206.0 or later 4.0 release, then upgrade to 4.2.176.0, before upgrading to 7.0.235.0."

• AIR-CAP3501I access point not joining the Cisco 2100 Wireless Lan controller.

  Hello All,
  I am installing a new LAP (AIR-CAP3501I ) through the wireless lan controller (AIR-WLC2112-K9) with software version 7.0. I have an external ADSL modem which will act as the DHCP server for the wireless clients and the LAP.
  Please find my network setup as below:
  The ISP ADSL modem , WLC and LAP are connected to a unmanaged POE switch. The LAP gets its power through the POE switch. When i connect the LAP and the WLC to the switch along with the ADSL modem, the LAPs are getting the ip address from the ADSL modem, however they are not joining the WLC for further process.
  ADSL Modem ip address: 192.168.1.254
  Management ip address on the LAP: 192.168.1.1 ( Assigned to port 1, untagged Vlan).
  Ap Manager ip address: 192.168.1.1 ( Assigned to the same port i.e port1, Untagged Vlan).
  The LAP is getting an IP address from the ADSL modem in the range of the DHCP scope.
  I will paste the logs very soon.
  Please let me know if i am doing anything wrong oe what will be the issue.
  Thanks in advance,
  Mohammed Ameen

  Hello All,
  Please find the logs for  "debug capwap event" from the WLC below:
  *spamReceiveTask: Sep 26 19:44:59.196: e8:04:62:0a:3f:10 Join Version: = 117465600
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join resp: CAPWAP Maximum Msg element len = 92
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join Response sent to 192.168.1.156:45510
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 CAPWAP State: Join
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
  *apfReceiveTask: Sep 26 19:44:59.198: e8:04:62:0a:3f:10 Register LWAPP event for AP e8:04:62:0a:3f:10 slot 0
  *spamReceiveTask: Sep 26 19:44:59.341: e8:04:62:0a:d1:20 DTLS connection not found, creating new connection for 192:168:1:158 (45644) 192:168:1:2 (5246)
  *spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 DTLS Session established server (192.168.1.2:5246), client (192.168.1.158:45644)
  *spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 Starting wait join timer for AP: 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.121: e8:04:62:0a:d1:20 Join Request from 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join Version: = 117465600
  *spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join resp: CAPWAP Maximum Msg element len = 92
  *spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 Join Response sent to 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 CAPWAP State: Join
  *spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
  *apfReceiveTask: Sep 26 19:45:00.125: e8:04:62:0a:d1:20 Register LWAPP event for AP e8:04:62:0a:d1:20 slot 0
  *spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 Configuration Status from 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 CAPWAP State: Configure
  *spamReceiveTask: Sep 26 19:45:00.273: Invalid channel 1 spacified for the AP APf866.f2ab.24b6, slotId = 0
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP info for AP e8:04:62:0a:d1:20 -- static 0, 192.168.1.158/255.255.255.0, gtw 192.168.1.254
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP 192.168.1.158 ===> 192.168.1.158 for AP e8:04:62:0a:d1:20
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Setting MTU to 1485
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Finding DTLS connection to delete for AP (192:168:1:158/45644)
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Disconnecting DTLS Capwap-Ctrl session 0xa06d6a4 for AP (192:168:1:158/45644)
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 CAPWAP State: Dtls tear down
  *spamReceiveTask: Sep 26 19:45:00.277: spamProcessGlobalPathMtuUpdate: Changing Global LRAD MTU to 576
  *spamReceiveTask: Sep 26 19:45:00.277: e8:04:62:0a:d1:20 DTLS connection closed event receivedserver (192:168:1:2/5246) client 192:168:1:158/45644).
  The Acess point joins the Controller for 2-3 seconds and then unjoins again. I am not sure what i am doing wrong here. The access points are getting the IPs from the ADSL modem through the switch, then it talks to the WLC, however it does not join the controller for further process.
  Note:
  The Managemnet interface and the AP manager interface are assigned to the same port 1 with unassigned Vlan as mention above.

• Cisco 526 Wireless Express Mobility Controller

  We have just purchased at UC520, 526 Controller and a LAP521 controller. We got the UC520 up and running in 15 mins, but the 526 does not include very much documentation. We can not get it to find the 521 AP on the network nor will it go to layer 2 mode. I don't want to setup layer 3 routing for a 4 PC office. During the setup the only option it gives is layer 3 and the documentation says it will do layer 2? Can anyone give me any assistance?

  The controller reference between layer2 and layer3 is a little misleading. Having the WLC (WLAN Controller) in layer2 mode means that it uses layer 2 frame headers to place the LWAPP information in. With the WLC in layer3 mode, the WLC places the LWAPP header in the IP packet header instead of on the layer 2 frame header. The newer AP's support only understanding the layer3 mode of placing LWAPP info in the layer3 packet header. In either mode, you can still configure your network with only one VLAN/subnet, which sounds like your goal. To summarize, the WLC's mode of layer2 vs layer3 only references where the LWAPP header is placed in either the frame or the packet and in no way correspondes to how you design the vlan's/subnet's of your network.

• Configuring 526 wireless controller

  Greetings,
  I recently purchased a Cisco 526 Express Mobility Controller and 5 521 AP.
  I would like to set this all up using radius and would like to know a good way to implement with security in mind.
  I am having issues with getting the controller to only allow domain user to access the AP's. For some reasaon though i am still able to gain access without any formal windows credentials only supply the PSK.

  If you have Cisco ACS server I suggest the best way would be implement EAP-Fast. This doesn't involve the manual task of creating certificates but yet provides a reasonable security to encrypt the packets. Refer URL
  http://cisco.com/en/US/products/ps6366/products_configuration_example09186a00808e5d6b.shtml

• Can AIR-AP521G-x-K9 be controlled by the Cisco 526 Mobility controller ?

  I am going to buy a AIR-AP521G-x-K9 with IOS software which is a stand alone access point.
  However, later on I may buy a Cisco 526 Wireless Express Mobility controller in order to expand my wireless network.
  As I know at that moment I need to buy light weight AIR-LAP521G-x-K9 instead of AIR-AP521G-x-K9
  However I want to know if the stand alone AIR-AP521G-x-K9 can be control by the mobility controller without doing any change to the AIR-AP521G-x-K9 ?
  Thanks

  Hi Pak,
  The AIR-AP521G can be converted to Controller based mode via software upgrade so your investment is protected should you decide down the road to switch to Controller based. Have a look***;
  Q. Which access point products are included in the Cisco Mobility Express Solution?
  A. Two Cisco 500 Series Wireless Express Access Point products are in the Cisco Mobility Express Solution; their part numbers follow:
  AIR-AP521G-x-K9 (standalone access point)
  AIR-LAP521G-x-K9 (controller-based access point)
  The hardware for these products is the same. The products have different software,*** but the access points can be converted from standalone mode to the controller-based mode with a simple software upgrade.
  Up to three access points can be managed by Cisco Configuration Assistant. More than three access points in the network requires the controller as well.
  From this good Q & A doc;
  http://www.cisco.com/en/US/products/ps7319/products_qanda_item0900aecd8060c860.shtml
  Hope this helps!
  Rob
  Please remember to rate helpful posts.....

• Cisco 526 WLC and 2106 WLC in one Mobility Group

  Hi,
  is it possbile to build a solution with one Cisco 526 Wireless Express Mobility Controller and one Cisco 2106 Wireless LAN Controller in one Mobility Group regarding seamless roaming??
  Thank for your answers
  Best regards
  Stephan

  I don't know if it is possible, but I would think if you had any issues, TAC wouldn't support it. Try opening a case with TAC to see.

• Cisco Wireless Control System need wireless Lan Controller ?

  Cisco Wireless Control System need wireless Lan Controller , for Rogue detection

  Hi Joao,
  The WCS is used in conjuntion with the WLC (Wireless Lan Controller) for Rogue Detection. It is not a must for this function but more of an add-on :)
  The Cisco WCS is an optional network component that works in conjunction with Cisco Aironet Lightweight Access Points, Cisco wireless LAN controllers and the Cisco Wireless Location Appliance.
  From this doc;
  http://www.cisco.com/en/US/products/ps6305/index.html
  Overview of WCS
  The Cisco Wireless Control System (WCS) is a Cisco Unified Wireless Network Solution management tool that adds to the capabilities of the web user interface and command line interface (CLI), moving from individual controllers to a network of controllers. WCS includes the same configuration, performance monitoring, security, fault management, and accounting options used at the controller level and adds a graphical view of multiple controllers and managed access points.
  WCS runs on Windows 2003 and Red Hat Enterprise Linux ES 4.0 and AS 4.0 servers. On both Windows and Linux, WCS can run as a normal application or as a service, which runs continuously and resumes running after a reboot.
  The WCS user interface enables operators to control all permitted Cisco Unified Wireless Network Solution configuration, monitoring, and control functions through Internet Explorer 6.0 or later. Operator permissions are defined by the administrator using the WCS user interface Administration menu, which enables the administrator to manage user accounts and schedule periodic maintenance tasks.
  WCS simplifies controller configuration and monitoring while reducing data entry errors with the Cisco Unified Wireless Network Controller autodiscovery algorithm. WCS uses the industry-standard SNMP protocol to communicate with the controllers.
  From this good doc;
  http://www.cisco.com/en/US/products/ps6305/products_configuration_guide_chapter09186a00806b7270.html#wp1131195
  Detect and Locate Rogue Access Points
  From this WCS doc;
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806f070a.shtml#new5
  Rogue Detection under Unified Wireless Networks
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080722d8c.shtml
  Hope this helps!
  Rob

• Can cisco CAP2702i connect to Cisco3850 switch with wireless LAN controller license via another switch ?

  If i connect cisco AP - CAP2702i to another switch, and use trunk port between Cisco3850 and the other switch , can the AP able to register with Cisco3850 with wireless LAN controller  ?   or the AP has to directly connect to Cisco3850 in order to register?

  The AP and 3850 wireless management are in same Vlan( vlan202). The AP is new unit and did not join MC before. 
  What i did on 3850 :
  input command - wireless management interface vlan 202
                            - ap cdp
                            - wireless mobility controller
  Is there any config i miss out on 3850 and any config need to be set on AP ?
  From Ap console output show me "could not discover WLC using dhcp ip". Is it due to AP dont have IP address? If AP register with WLC through layer 2 , i believe there is no related with IP.Correct me if i'm wrong.
  Due to the 3850 is not a POE, the AP unable directly connect to 3850  . I guess have to use power adapter to power on the AP.

• User names from Wireless LAN Controller

  Hi all
  I'm trying to get a report out of a Cisco 4402 Wireless LAN controller, showing all the current clients on a particular WLAN profile, with their user name.
  The Monitor -> Clients screen shows me all the MAC addreses, and I can filter by WLAN Profile Name to home in on the clients I'm interested in.  When I click on a MAC address for more detail, I can see the correctly populated User Name on the Client Properties screen - so the WLC definitely knows all the detail I need...
  Ideally I want spreadheet with a list of usernames of currently connected users (or even better, users that have connected over a time period).  I can't see any way to export this data without doing it manually (and I have 270ish clients at any one time).
  I've tried at the command line, with a "show clients summary", which at least gives me a table I can copy and paste into a spreadsheet, but again the username detail is only displayed with a "show clients detail MACADDRESS" - and the MACADDRESS field won't take a wildcard.
  I've also tried examining the log files, and setting up SysLog to a syslog server - but I haven't observed user names in any of the logs I've seen.
  The WLC is on version 4.2.176.0 - and doing an upgrade isn't very convenient at present - although I might consider taking the pain if a later release provides the funcationaility I need.
  Does anyone have any ideas on this one?
  Thanks!

  Dear Scott,
         I have some points to get clarified for step by step approach that has to be carried out during our downtime, or which is best option for this migration.
  Is that the WLC running different code will be able to join Mobility Group.  i.e. irrespective of Model and Code ?
  1. Do i have to create a mobility group and include the existing WLC and new 3 numbers of WLC , thus when i remove the Existing WLC from the Group the Ap will try to get assosiated with other WLC in the group.
  2. In WCS changing the Access point template configuring primary, secondary , tertiary Wireless LAN controller with New wireless LAN controller, during the down time this activity will be performed.
  Which method or way to proceed during the downtime. Looking for your expert view.
  Thanks .... Arun

• Cisco Wireless LAN Controller Always disconnect

  Dear All,
  Please help to assist my issue.I used Cisco Wireless LAN Controller model: 5508 with version 7.0.98.0 and I got issue with connection always disconnect ping always loss or some time client can't get DHCP from Controller. 
  - I configure as Internal DHCP Server with 1 SSID.
  http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/110865-dhcp-wlc.html
  - DHCP least is not full and I also try to clear-lease all but still not work.

  1. Config dhcp proxy enable
  2. In case of internal Dhcp, try debug for clients
   using,
  debug client <MAC ADDRESS OF CLIENT>

• Cisco 5508 Wireless Controller with Splash Page Disclaimer

  How do one configure a splash disclaimer page on a Cisco Wireless Controller 5508 with no authentication?
  Jimmy

  There are many options to you in this scenario, but if you're looking to simply provide a splash page via the WLC without interacting with any other web servers, you can configure Local Web Authentication (LWA) as seen in this configuration example.
  http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html?referring_site=RE&pos=1&page=http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71881-ext-web-auth-wlc.html
  If you are not wanting the authentication, you can choose the "passthrough" method which will not require any credentials, only accepting an AUP or whatever you want.

• Cisco 526 controller and AP541N

  Hello,
  I have a cisco 526 controller. Since this device is EOL. Can I still use 526 controller with AP541N? What are the limitations and problem configuring with
  AP541N?
  Thanks.
  Dipendra

  Hi Dipendra,
  The 541N is NOT supported via the 526 Controller
  With the Cisco AP 541N, you can:
  • Easily set up, configure, and manage multiple wireless access points, without the need to invest in a wireless controller
  http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10492/data_sheet_c78-566239.html
  Cheers!
  Rob