4402 WLC Dynamic Interfaces- More than 1 Gateway Possible?

I am configuring a guest access solution with multiple guest access gateways associated with a single VLAN. Each gateway will have its own /24 network, and obviously it own gateway. The interface configuration page requires a single gateway in the IP config section.
Does anyone know the purpose of this IP config?
Will command line config of the dynamic interface permit no gateway and a netmask big enough to encompass all gateways?
Thanks

Thanks for your replies.
2 Coova gateways each with web authentication and a dhcp server plugged into each layer2 vlan works great with IOS APs, which do no require IP config per (vlan) subinterface.
The objective is to loadbalance, provide redundancy and handle the total number of guests. The DHCP servers race to provide the client with IP config which then causes the client subsequently use that gateway.

Similar Messages

  • ISE and WLC dynamic interface group assignment ?

    I have a somewhat large deployment coming up with several WLC dynamic interfaces assigned to an interface group, replicated across for multiple sites.  I understand that ISE can return the VLAN ID to the WLC to place the client in, but if I'm using interface groups, this seems to negate the usefulness of the interface group to load clients across multiple VLANs.  Not only that, but with the number of dynamic interfaces (VLAN ID's), multiplied by the number of sites, would seem to be overwhelming on the ISE side policy configuration.
    Is it possible for ISE to return an Interface name/group to the WLC instead of just a VLAN ID ?
    TIA

    I understand that WLC 7.2 code can now accept the interface group name as a AAA override, which is great, but it doesn't specify the AAA source (ISE vs. ACS).
    This is the example I'm questioning: (they use the VLAN ID only, instead of an interface name)
    http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bba10d.shtml#topic17
    Edit:
    Found the correct Attribute Under "Adv. Attribute Settings" in the Airspace Authorization Profiles (Airespace:Airespace-Interface-Name).

  • WLC dynamic interface limit

    Hi,
    I have a WISM with sw version 4.0.179.11 wich I try to add more dynamic interfaces on. However I get the message " Can't create more than 64 entries".
    I find in the deployment guide for WLC - quote: "Dynamic Interfaces are created by users and are designed to be analogous to VLANs for wireless LAN client device. The WLC will support up to 512 Dynamic Interface instances. "
    Has anybody encountered this limitation before?
    How can I add more than 64 interfaces ?
    regards rolf

    Hi.
    I have a customer wth a WLC which has DHCP Proxy disabled and Primary & Secondary DHCP servers configured (external to the WLC).
    The problem I've just started looking at is...if the Primary has run out of leasable IP addresses, the WLC doesn't appear to request one from the Secondary server.
    It looks like (without any real investigation) the "I've run out of addresses" response from the Primary server is sufficient for the WLC to believe that the Primary is still on the network and it doesn't need to go to the Secondary.
    I'll add more as and when I do more testing.

  • 2125 WLC Dynamic interfaces and their physical interface

    I'm trying to broadcast multiple SSIDs per AP. I would like the new second SSID to be on a different VLAN. I have been reading this article http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00805e7a24.shtml#dyn-interface and it looks like you create a trunk port on the switch that the WLC is connected to, which makes sense to me. A friend however told me to use a seperate physical interface on the WLC and assign the dynamic interface to it and connect it to the desired VLAN, instead of using the interface that is currently in production. I liked this idea because I would have downtime trying to reconfigure the port as a trunk that's in production.
    So I guess my question is, if I use a secondary port on the WLC to connect to a different network than what the AP is on how will communication work? When the AP sends data to the WLC will everything be encapsulated in CAPWAP? How about the primary link connecting the WLC to the primary production network? Will this data to and from the WLC on the switch retain it's CAPWP encapsulation? Now that I'm thinking about it I guess it would have to since the WLC is what decapsulates the CAPWAP data and not the switch...
    I would just like some advice on if I'm doing this correctly. Thanks a lot!  -Mark

    We generally recomment one trunk port to be configured for different VLAN (for management and AP inetreface) but we can use other ethernet port also on WLC for any differnt VLAN config.
    For all your port related queries please find the attach link with the diagramme.:-
    http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70mint.html
    Q. How does a WLC switch packets?
        A. All the client (802.11) packets are encapsulated in a LWAPP packet by the LAP and sent to the WLC. WLC descapsulates the LWAPP packet and acts based on the destination IP address in the 802.11 packet. If the destination is one of the wireless clients associated to the WLC, it encapsulates the packet again with the LWAPP and sends it to the LAP of the client, where it is decapsulated and sent to the wireless client. If the destination is on the wired side of the network, it removes the 802.11 header, adds the Ethernet header, and forwards the packet to the connected switch, from where it is sent to the wired client. When a packet comes from the wired side, WLC removes the Ethernet header, adds the 802.11 header, encapsulates it with LWAPP, and sends it to the LAP, where it is decapsulated, and the 802.11 packet is delivered to the wireless client. For more information about this, refer to the LWAPP Fundamentals section of the document Deploying Cisco 440X Series Wireless LAN Controllers.
    Q. What are the various options available to access the WLC?
        A. This is the list of options available to access the WLC:
            GUI access with HTTP or HTTPS
            CLI access with Telnet, SSH, or console access
            Access through service port
        For more information on how to enable these modes, refer to the Using the Web-Browser and CLI Interfaces section of the document Cisco Wireless LAN Controller Configuration Guide, Release 5.1. Usually, the management interface IP address is used for GUI and CLI access. Wireless clients can access the WLC only when the optionEnable Controller Management to be accessible from Wireless Clients is checked. In order to enable this option, click the Management menu of the WLC, and click Mgmt via Wireless on the left-hand side. WLC can also be accessed with one of its dynamic interface IP addresses. Use the config network mgmt-via-dynamic-interface command to enable this feature. Wired computers can have only CLI access with the dynamic interface of the WLC. Wireless clients have both CLI and GUI access with the dynamic interface.

  • Wireless lan Controller 4402 / ping dynamic interface failed

    hi,
    i've a problem with a Wireless Lan Controller 4402.
    When i configure the dynamic interface on the my network , with wired lan
    i don't reach (i use the ping command) the ip address of the WLC.
    In my case (wired):
    On my pc i've a ip 10.1.78.1 255.255.0.0 and dgw 10.1.1.1 (vlan721)
    The lan WLC have a ip of management 10.12.2.4 /24 (vlan799) [dgw 10.12.2.1]
    dynamic vlan 792 ip add 10.12.78.100 / 22 (vlan792) [dgw 10.12.68.1]
    i ping these interfaces (10.12.2.4 and 10.12.78.100) and the ping is ok.
    When i create a dynamic interface vlan 721 starting the problem:
    dynamic vlan 791 ip address 10.1.1.240 / 16 (vlan721)
    After this ......the ping on 10.12.2.4 and 10.12.78.100 don't respond very well
    and i lose the 80-90% of the ping packages.
    through the wi-fi instead I do not have problems.
    the problem exist only via wired (cable).
    Can you help me?
    Thanks
    FCostalunga

    Hello,
    Pinging the dynamic interface is officially not supported. The reason why is because the controller places a very low priority on ICMP traffic. Typically, you will not have an issue with doing so on your wireless network because this interface is basically a gateway for the client. However, from the wired network - the only interface designed to respond to pings 100% of the time is the management interface. Hope this helps!
    -Mark

  • WLC Dynamic Interface

    I wonder why we need Dynamic Interfaces. I have created two WLANs. One is WPA2-Enterprise obtaining vlan id's per user from Radius server and the other WEP wlan for guest users whose traffic should go to a specific guest vlan. I am using an external DHCP server and configured WLC not to proxy dhcp requests and to act as a bridge.
    I had to create dynamic interfaces on WLC (we are using 5508 with software version 7) for all the VLANs which radius server returns. I could make it with only defining the dynamic interfaces and entering 0.0.0.0 for ip addresses.
    For the other WLAN with WEP, I have to enter and IP for the dynamic interface to work. I am not sure if this is a requirement or my misconfiguration, but I do want a way not to set an IP address for the dynamic interface. I do not want to waste addresses and also do not want the clients to be able to access wlc through that IP address.
    I appreciate any comment on why I need IP addresses for dynamic interfaces.

    Vadood... The WLC does use that IP address as it needs to have layer 2 connection to any subnet it will place users on. Even is your doing AAA override, the radius tell the WLC that that device needs to be on vlan x and the WLC will put that device on vlan x, but if the WLC has no IP address on that subnet, well then the communication stops there. The user will never get an IP address if using dhcp or if the device has a static, the WLC has no way to communicate to that subnet.
    By the way, users can't access the dynamic interface by default. You have to enable that. But then again, they can try to access the management interface also, unless you disable globally management over wireless.
    Sent from Cisco Technical Support iPhone App

  • Dynamic actions: more than 999 rows?

    hello,
    is there a solution when there are more than 999 lines to insert for an infotype in dynamic actions?
    the sequential number has only a length of 3, but i have more than 999 lines to insert!
    thanks in advance.

    For this kind of table, Numbers would be a better choice.
    In Pages we may build tables with 65 * 999 cells.
    In Numbers we may build tables with 256 * 65535 cells.
    Yvan KOENIG (VALLAURIS, France) mardi 11 mai 2010 22:39:24

  • Dynamic Query more than 40000 char cause err

    Hi,
    I have query which size crossed more than varchar2(32000 in PL/SQL) type, due to which i made that variable to CLOB.
    Now OPEN CURSOR Statement does not work..i don't know how to solve this error..plz help.
    OPEN v_DataCursor FOR v_SqlQry USING 1, 25;
    v_SqlQry is type of CLOB.
    please help.
    regards,
    RSD.

    You won't be able to execute a 32K+ statement like that. You'll have to use DBMS_SQL (or execute immediate on 11g upwards supports CLOBS)
    Example on 10g:
    SQL> ed
    Wrote file afiedt.buf
      1  declare
      2    v_large_sql  CLOB;
      3    v_num        NUMBER := 0;
      4    v_upperbound NUMBER;
      5    v_sql        DBMS_SQL.VARCHAR2S;
      6    v_cur        INTEGER;
      7    v_ret        NUMBER;
      8  begin
      9    -- Build a very large SQL statement in the CLOB
    10    LOOP
    11      IF v_num = 0 THEN
    12        v_large_sql := 'CREATE VIEW vw_tmp AS SELECT ''The number of this row is : '||to_char(v_num,'fm0999999')||''' as col1 FROM DUAL';
    13      ELSE
    14        v_large_sql := v_large_sql || ' UNION ALL SELECT ''The number of this row is : '||to_char(v_num,'fm0999999')||''' as col1 FROM DUAL';
    15      END IF;
    16      v_num := v_num + 1;
    17      EXIT WHEN DBMS_LOB.GETLENGTH(v_large_sql) > 40000 OR v_num > 800;
    18    END LOOP;
    19    DBMS_OUTPUT.PUT_LINE('Length:'||DBMS_LOB.GETLENGTH(v_large_sql));
    20    DBMS_OUTPUT.PUT_LINE('Num:'||v_num);
    21    --
    22    -- Now split that large SQL statement into chunks of 256 characters and put in VARCHAR2S array
    23    v_upperbound := CEIL(DBMS_LOB.GETLENGTH(v_large_sql)/256);
    24    FOR i IN 1..v_upperbound
    25    LOOP
    26      v_sql(i) := DBMS_LOB.SUBSTR(v_large_sql
    27                                 ,256 -- amount
    28                                 ,((i-1)*256)+1 -- offset
    29                                 );
    30    END LOOP;
    31    --
    32    -- Now parse and execute the SQL statement
    33    v_cur := DBMS_SQL.OPEN_CURSOR;
    34    DBMS_SQL.PARSE(v_cur, v_sql, 1, v_upperbound, FALSE, DBMS_SQL.NATIVE);
    35    v_ret := DBMS_SQL.EXECUTE(v_cur);
    36    DBMS_OUTPUT.PUT_LINE('View Created');
    37* end;
    SQL> /
    Length:40015
    Num:548
    View Created
    PL/SQL procedure successfully completed.
    SQL> select count(*) from vw_tmp;
      COUNT(*)
           548
    SQL> select * from vw_tmp where rownum <= 10;
    COL1
    The number of this row is : 0000000
    The number of this row is : 0000001
    The number of this row is : 0000002
    The number of this row is : 0000003
    The number of this row is : 0000004
    The number of this row is : 0000005
    The number of this row is : 0000006
    The number of this row is : 0000007
    The number of this row is : 0000008
    The number of this row is : 0000009
    10 rows selected.
    SQL>

  • Dynamically populating more than one field using xml data binding

    Hi All,<br /><br />I have the following code that works fine to dynaically populate a<br />second drop-down list2 from a choice in drop-down list1 using xml data<br />biding.<br /><br />var tempString = "xfa.record." + this.boundItem(xfa.event.newText);<br />var oItems = xfa.resolveNode(tempString);<br />var nItemsLength = oItems.nodes.length;<br /><br />myinfo.page1.state.clearItems();<br />myinfo.page1.state.rawValue = null;<br /><br />for (var nItemCount = 0; nItemCount < nItemsLength; nItemCount++)<br />{<br />myinfo.page1.state.addItem(oItems.nodes.item(nItemCount).value);<br />}<br /><br />Here is my xml file<br /><br /><?xml version="1.0" encoding="UTF-8"?><br /><myinfo><br /><country/><br /><countries><br /><item uiname="United States" token="US"/><br /><item uiname="South Africa" token="SA"/><br /><item uiname="Australia" token="AU"/><br /></countries><br /><state/><br /><AU><br /><item>Australian Capital Territory</item><br /><item>New South Wales</item><br /><item>Northern Territory</item><br /><item>Queensland</item><br /><item>South Australia</item><br /><item>Tasmania</item><br /><item>Victoria</item><br /><item>Western Australia</item><br /></AU><br /><US><br /><item>California</item><br /><item>New York</item><br /><item>Texas</item><br /><item>Michigan</item><br /><item>North Carolina</item><br /><item>South Carolina</item><br /></US><br /><SA><br /><item>Eastern Cape</item><br /><item>Free State</item><br /><item>Gauteng</item><br /><item>KwaZulu-Natal</item><br /><item>Limpopo</item><br /><item>Mpumalanga</item><br /><item>Northern Cape</item><br /><item>North-West</item><br /><item>Western Cape</item><br /></SA><br /></myinfo><br /><br />I have two questions:<br /><br />1) I want to be able to structure my xml in a way that I can populate<br />a third drop-down list3 from a choice in list2. I need to know how to<br />to include the different capital cities of the states in my xml data<br />so that they can get populated in list3 from a selection in list2;<br /><br />2) And be able to script the third list3 to get dynamically populated<br />from a choice in list2.<br /><br />Thanks in advance for your help.

    I would like to ask someone for help.
    I have an XML file a result of the XSLT transformation. A schema was created based on this XML and this schema is bound to a form as a data source.  When I preview my form using a Preview tab with transformed XML as a Data File in LiveCycle Designer 8.1, I can see only the first form data across 3 Text fields on the form. The rest of the forms are not getting displayed. What am I doing wrong?
    Here is the part of the XML file Im trying to display on the form:
        FORM 1
        FORM 1 DESCRIPTION
        $5000
        FORM 2
        FORM 2 DESCRIPTION
        $7000
        FORM 3
        FORM 3 DESCRIPTION
        $4000
    Part of the schema that was created based on the XML file from above:
    Thank you.

  • CFC question - dynamically changing more than just an argument

    Hopefully this is really simple and obvious but I cna't find anything at the moment.
    I have the following query
         <cfquery name="dept" datasource="#dbdsnd#" username="#dbuname#" password="#dbpass#">
                SELECT * from dept
                WHERE deptCurrent = "Y"
                 AND deptID <> "0"
                ORDER BY deptName
          </cfquery>
    which is currently in my cfm file but I'm trying to move into a cfc. This I can do!
    The next stage of this would be to include arguments for the deptID. Again this I can do!
    Where I'm struggling is trying use this for many purposes sticking to the deptID in the where clause I'm currently using the following variants (some in psuedo code sorry)
    <cfif user neq "michael"><cfelse>And deptID <>"#value#"</cfif> (CFC objects to the cfif)
    AND deptID = "#value#" (= rather than <>)
    Is there an easy way? Could my argument be the whole line so I could use
    SELECT * from dept
    WHERE deptCurrent = "Y"
    #ARGUMENT.deptIDcode#
    ORDER BY deptName
    Thanks
    Michael

    Writing this out seems to have answered my question - I can replace the line with #argument.xxx#

  • Generating Dynamic Images (more than one)

    Hello everyone, I'm trying to create a jsp page that show's a group of images dynamically selected by the user. I want to be able to draw separate images separated by some text. I can get the jsp to draw one image but it then ignores everything after that. Here's my code. Any help would be greatly appreciated.
    <%@page contentType="text/html"%>
    <%@page import="com.sun.image.codec.jpeg.*, java.awt.*, java.awt.image.*, java.io.*" %>
    <html>
    <head><title>JSP Page</title></head>
    <body>
    <%
    ServletOutputStream os = response.getOutputStream();
    BufferedImage image1 = new BufferedImage(100, 100, BufferedImage.TYPE_INT_RGB);
    Graphics2D g2d1 = image1.createGraphics();
    g2d1.setColor(Color.red);
    g2d1.fillOval(10, 10, 80, 80);
    BufferedImage image2 = new BufferedImage(100, 200, BufferedImage.TYPE_INT_RGB);
    Graphics2D g2d2 = image2.createGraphics();
    g2d2.setColor(Color.blue);
    g2d2.fillOval(10, 10, 80, 180);
    JPEGImageEncoder encoder1 = JPEGCodec.createJPEGEncoder(os);
    //JPEGImageEncoder encoder2 = JPEGCodec.createJPEGEncoder(os);
    encoder1.encode(image1);
    os.flush();
    response.setContentType("text/html");
    %>
    hello?
    <%
    encoder1.encode(image2);
    os.flush();
    %>
    </body>
    </html>
    I also tried:
    <%@page contentType="text/html"%>
    <%@page import="com.sun.image.codec.jpeg.*, java.awt.*, java.awt.image.*, java.io.*" %>
    <html>
    <head><title>JSP Page</title></head>
    <body>
    <%
    ServletOutputStream os = response.getOutputStream();
    BufferedImage image1 = new BufferedImage(100, 100, BufferedImage.TYPE_INT_RGB);
    Graphics2D g2d1 = image1.createGraphics();
    g2d1.setColor(Color.red);
    g2d1.fillOval(10, 10, 80, 80);
    BufferedImage image2 = new BufferedImage(100, 200, BufferedImage.TYPE_INT_RGB);
    Graphics2D g2d2 = image2.createGraphics();
    g2d2.setColor(Color.blue);
    g2d2.fillOval(10, 10, 80, 180);
    JPEGImageEncoder encoder1 = JPEGCodec.createJPEGEncoder(os);
    //JPEGImageEncoder encoder2 = JPEGCodec.createJPEGEncoder(os);
    encoder1.encode(image1);
    encoder1.encode(image2);
    os.flush();
    %>
    </body>
    </html>
    Thanks in advance for any help.
    EB

    Hi eb,
    The solution is very easy
    Here is a servlet(ImageTester) which creates an image on the fly ....
    It can be acessed at say url http://localhost:8080/servlet/ImageTester
    wirte another HTML file test.html as under
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
    <HTML>
    <HEAD>
    <TITLE> New Document </TITLE>
    </HEAD>
    <BODY>
    <img src="http://89.193.88.15:8080/servlet/ImageTester">
    Text Item
    <img src="http://89.193.88.15:8080/servlet/ImageTester">
    </BODY>
    </HTML>
    /* source for ImageTester.java */
    import java.awt.*;
    import java.awt.image.*;
    import com.sun.image.codec.jpeg.*;
    import java.util.*;
    import java.io.*;
    import com.sun.image.codec.jpeg.JPEGCodec;
    import com.sun.image.codec.jpeg.JPEGImageEncoder;
    import java.awt.image.BufferedImage;
    import javax.servlet.*;
    import javax.servlet.http.*;
    public class ImageTester extends HttpServlet
    public void init()
    throws ServletException
    public void doGet(HttpServletRequest request, HttpServletResponse httpservletresponse)
    throws IOException, ServletException {
    // httpservletresponse.setContentType("image/" + s);
    // httpservletresponse.setContentType("image/jpg");
    // javax.servlet.ServletOutputStream servletoutputstream = httpservletresponse.getOutputStream();
    // httpservletresponse.setHeader("Pragma", "no-cache");
    // httpservletresponse.setHeader("Cache-Control", "no-cache");
    // httpservletresponse.setDateHeader("Expires", 0L);
    // Create image
    int width=200, height=200;
    BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
    // Get drawing context
    Graphics g = image.getGraphics();
    // Fill background
    g.setColor(Color.white);
    g.fillRect(0, 0, width, height);
    // Create random polygon
    Polygon poly = new Polygon();
    Random random = new Random();
    for (int i=0; i < 5; i++) {
    poly.addPoint(random.nextInt(width),
    random.nextInt(height));
    // Fill polygon
    g.setColor(Color.cyan);
    g.fillPolygon(poly);
    // Dispose context
    g.dispose();
    // Send image to browser
    httpservletresponse.setContentType("image/jpg");
    OutputStream outputStream = new BufferedOutputStream(httpservletresponse.getOutputStream(), 1024);
    JPEGImageEncoder encoder = JPEGCodec.createJPEGEncoder(outputStream);
    encoder.encode(image);
    outputStream.close();
    public void doPost(HttpServletRequest httpservletrequest, HttpServletResponse httpservletresponse)
    throws ServletException
    try
    doGet(httpservletrequest, httpservletresponse);
    catch(Exception exception)
    exception.printStackTrace();
    Cheers!!!!!
    ezaz khan

  • Problem with Assigning more than one value to GROUP dynamically

    Hi,
    I have a problem with assigning more than one value to GROUP varible dynamically.
    I am able to assign only one value dynamically through Initialization block
    I have even tried with the ROW-WISE initialization blocks..
    using this query..
    SELECT 'GROUP', G.GROUP_NAME
    FROM GROUP_MAP G
    WHERE G.USER_NAME = ':USER'
    if GROUP_1, GROUP_2 are two groups to be associated,
    through this, i'm getting " GROUP_1;GROUP_2 " into GROUP variable ( seen from Narative view )
    And the properties and securities of this Groups are not inherited.
    Please let me know if there is any other way to Populate the GROUP variable dynamically with more than one value.
    Thank you.,

    Hi,
    i finally got in this way..
    i had created a function which takes USER_NAME as input and returns a string that contains the GROUP names with semicolon delimeted..
    Though it is same as that of ROW-WISE initialization,
    the properties of those groups are also being inherited..
    Now, i can assign more than one groups and its properties to a user dynamically.

  • Prime\SNMP Monitoring of dynamic interfaces

    Hi - Is anyone aware of a method of monitoring the bandwidth utilisation on a dynamic interface on a WLC?
    I'd like to monitor the traffic on each dynamic interface to generate usage stats on centrally switched guest and employee SSID's.
    Thanks

    You have to get that stats from switch where you defined those SVI. WLC dynamic interface not terminate any L3 traffic  & switch SVI is the place to go.
    If you have netflow monitoring or simple snmp monitoring tool, you can get that stats from the switch.
    HTH
    Rasika
    **** Pls rate all useful responses ****

  • ALV, sums, more than one WAERS, WAERS is not shown

    Hello,
    I have a problem:
    I have a table which contains WRBTR AND WAERS.
    There are more than one possible waers.
    So  I have a table for example:
    100   EUR
    1000 EUR
    500  EUR
    700  USD
    800  EUR
    The sum line looks like:
    2600 EUR
    700
    The second WAERS is missing.
    Why does the report show the EUR and not the USD?
    I want both WAERS.
    Any idea?

    Hi,
    Check this code it works fine.
    DATA : BEGIN OF WA_JESUS,
             V_NO TYPE I,
             V_M1(3) TYPE c,
           END OF WA_JESUS.
    DATA :  IT_JESUS LIKE HASHED TABLE OF WA_JESUS WITH HEADER LINE WITH UNIQUE KEY V_m1.
    IT_JESUS-V_NO   = 700.
    IT_JESUS-V_M1 = 'USD' .
    COLLECT IT_JESUS.
    IT_JESUS-V_NO   = 800.
    IT_JESUS-V_M1 = 'EUR' .
    COLLECT IT_JESUS.
    IT_JESUS-V_NO   = 700.
    IT_JESUS-V_M1 = 'EUR' .
    COLLECT IT_JESUS.
    LOOP AT IT_JESUS.
    WRITE : / IT_JESUS-V_NO,
              IT_JESUS-V_M1.
    ENDLOOP.
    Thanks,
    Reward If Helpful.

  • Cannot contact Non-native dynamic interfaces on WLC 4402

    Hi,
              In my company we are recently planning to get a DMZ anchor for Guest WLAN. Our setup is as following
    We have two 5508 WLCs in inside corporate network which serves for the corporate wlan. Recently we put one 4402 in DMZ in LAG mode. Two SSID has been created in 4402 namely guest and consultant. We have mobility configured perfect between these three. For the the two ssids the 4402 is the anchor.   We have created sub interfaces in ASA for management and two WLANs. The port channel is also configured proper with the native vlan for management and allowing all three vlans through it. The concern is that we cannot ping the untagged dynamic interface of WLC. The WLAN clients are getting DHCP ip perfectly on each ssid, I mean in different networks. But the clients cannot reach the gateway which is the subinterface of ASA. If I am using the webauth I am not getting redirected to the authentication page. but if I set the security to none (both L2 and L3) I can reach up to the corresponding dynamic interface and not beyond that.
    Below are my configuration details
    At switch side
    interface Port-channel1
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 177
    switchport trunk allowed vlan 177-180
    switchport mode trunk
    interface GigabitEthernet2/0/26
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 177
    switchport trunk allowed vlan 177-180
    switchport mode trunk
    channel-group 1 mode on
    interface GigabitEthernet1/0/26
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 177
    switchport trunk allowed vlan 177-180
    switchport mode trunk
    channel-group 1 mode on
    WLC configurations
    (Cisco Controller) >show interface summary
    Interface Name                   Port Vlan Id  IP Address      Type    Ap Mgr Guest
    ap-manager                        LAG  untagged 192.168.7.3     Static  Yes    No
    management                      LAG  untagged 192.168.7.2     Static  No     No
    qd-consultant                     LAG  179      192.168.9.254   Dynamic No     No
    qd-guest                            LAG  178      192.168.8.254   Dynamic No     No
    qd-test                              LAG  180      192.168.10.254  Dynamic No     No
    service-port                         N/A  N/A      0.0.0.0               DHCP    No     No
    virtual                                 N/A  N/A      192.0.2.1           Static  No     No

    Your configuration looks good except you should assign an ip address to the service port. Never leave that at 0.0.0.0. Change that to an ip address that is non routable in your network.
    Now for your issue. Have you tried plugging in a laptop to the dmz switch in those vlans to see if it works wired. Since these are new subnets, are you sure they are being NAT'd to your public address. Check that first and let us know. The WLC should be able to ping the gateway and out into the Internet if things are setup right in the dmz.
    Sent from my iPhone

Maybe you are looking for