5760 WLC Clean Air question
Hi,
My customer Cisco 5760 WLCs running as a HA pair. Clean Air has been configured on these boxes but when I do a sh ap dot11 5ghz cleanair summary all the APs show Spectrum Oper State as Down:-
CPIT-5760-WLC-1#sh ap dot11 5ghz cleanair summary
AP Name MAC Address Slot ID Spectrum Capable Spectrum Intelligence Spectrum Oper State
AP1 xxxx.xxxx.xxxx 1 Enabled Enabled Down
AP2 xxxx.xxxx.xxxx 1 Enabled Enabled Down
AP3 xxxx.xxxx.xxxx 1 Enabled Enabled Down
Anyone got any ideas as to how I overcome this little obstacle?
Thanks
Alan
Thanks for the reply. As far as I can tell all the radios are operational:-
and Clean Air has been configured:-
ap dot11 24ghz cleanair
ap dot11 5ghz cleanair
Also the link you sent was for release 7 on the old series controllers whereas this is a HA pair of the 5760s running release 3.03.
I have been through the configuring Clean Air chapter for this release and it doesn't suggest anything I haven't already tried.
Alan
Similar Messages
-
5760 WLC and 5760 HA WLC question
Hi everyone,
I assume this information must exist... I just cannot locate it. Customer purchasing two 5760 WLCs:
1 AIR-CT5760-500-K9
1 AIR-CT5760-HA-K9
I am looking for info on how to configure these 2 WLCs to work together. How do you inform the production WLC that a HA WLC is available to sync with? Do WLCs have to be L-2 adjacent, or will HA operate at L-3? How does this HA setup work? etc.
Any help would be really appreciated.Hi,
Any news regarding this issue?
We've have the same scenario:
1 AIR-CT5760-500-K9
1 AIR-CT5760-HA-K9
Both running
IOS XE 03.03.01SE
I've activated Global AP Failover Priority in both WLC and from a total of 47 APs, i've configured 8 with Priority Critical, 7 APs with Priority High and 3 APs with Priority Medium.
We've issued an reload to the primary WLC and it took 7 minutes for the APs recover from the Secondary to the Primary
13:14 - reload issued on the primary WLC
13:15 - service granted by the secondary WLC (required an shut/no shut to the "Network Status" of the radio interfaces)
13:22 - service recovered to the primary WLC
Edit - Forgot to mention that the priority values mentioned above didn't show much improvement in the AP recovery time... -
Hi,
we have this:
1x wlc 5508 7.2.103
1x cisco prime infrasture physical appliance 1.2
And for test of clean air 1x ap 3600 series
But i have a question if i would like see bluetooth device in neighborhood.D you really have to other device?
On the cisco web i founded 3355 or virtual appliance.Do I need this device?
Thank you
Sent from Cisco Technical Support iPad AppYou need, a minimum, the AP and the WLC if you want to see how BT is being detected.
CPI is only for show-and-tell. -
Hello
Do I need to buy additional license for clean air to work, currently my BOQ cover
WLC 5508 with 50 AP license ( part no : AIR-CT5508-50-K9 )
20 AP ( model 3502 )
Redundant Power supply
LIC-CT5508-50 ( is this required to be mentioned )
Also I would like to understand are there any better model than AP 3502 & newer WLC model than 5508 ( I would have application users accessing application via Wireless LAN )
thanks
STThank you Scott for the guide will have a look at that.
5500 series WLC got 8SFP uplinks hence;-
Can we Group 2 or more SFP for a specific SSID only configured on WLC and other SSID to route traffic from other uplink ports
Uplinks from WLC to Core are generally configured for failover or link aggregation
On WLC there are 5 SSID configured for example , the AP installed in HR room should broadcast only ONE SSID ( is this possible )
thanks
ST -
WLAN Clients not browsing on Cisco Wireless Controller WLC NME-AIR-WLC12-K9
HiI have a question and i need a solution and expert help.I have done a deployment which involves Security (ASA5540), Routing/voice gateway/wlc NME-AIR-WLC12-k9) and Switching (Cisco3845-ccme/k9)Below is the list of equipment used:1. Cisco ASA 5540 - which is connected at the edge to the ISP router
2. Core Switch WS-C4948E as core and DHCP Server for all VLANs
3. Access/Distribution Switches WS-C3560G-48PS-S connected as trunk to the core switch
4. Router/Voice Gateway/WLC Cisco3845-CCME/K9 - This is the voice gateway and also the WLC
5. Wireless APs AIR-LAP1242AG-E-K9 (12 qty)Here is the deployment scenario:1. G0/0 of the ASA is connected to a 7200 router from the ISP (Public IP Add)
2. G0/1 of the ASA is connected to gig 1/3 on the Core Switch on VLAN 2 which is the management VLAN (Local IP 10.1.1.2)
3. Port 3 of the Core switch is on vlan 2 connected to ASA - Management IP of Core Switch is 10.1.1.1. Core Switch is the DHCP Server for all VLANS on the network.
4. All the Access/Distribution switches are configured with IP Addresses on VLAN 2
5. Telephony Services is configured on the router and DHCP Pool for Access Points and Wireless Clients is running on the router.
6. Two DHCP pools were created on the router for APs and Wireless Clients.
7. G0/0 of the router is configured on the same network that issues dhcp ip to the AP and is connected to gig 1/1 on the core switch
8 G0/1 of the router is configured as the voice port for the IP Telephony Services and is connected to G 1/2 on the core switch1. Clients receiving DHCP IP on the Core Switch can communicate with all vlans and can browse to the Internet.
2. IP Telephony Services is running well.
3. Client on wireless can get IP from the DHCP on the router but cannot browse.I have pings from the router to the core switch and firewall, but clients connected to the wireless
cannot ping other vlans on the core switch and vice versa.The port connecting the router to the core switch is an Access Port, i have changed to to trunk but still no changes.My biggest problem now is how to make the clients on the wireless communicate with other clients on the network and be able to browse to the Internet.Below is the configs on the router and core switch.Router ConfigNimc_Voice_Router#sh run
Building configuration...
Current configuration : 10513 bytes
! Last configuration change at 13:03:55 Nigeria Mon Nov 29 2010 by admin
! NVRAM config last updated at 13:03:56 Nigeria Mon Nov 29 2010 by admin
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Nimc_Voice_Router
boot-start-marker
boot-end-marker
! card type command needed for slot/vwic-slot 0/2
logging message-counter syslog
enable secret
aaa new-model
! aaa authentication login default local
aaa session-id common
clock timezone Nigeria 1
dot11 syslog
ip source-route
ip dhcp excluded-address 10.1.12.1 10.1.12.10
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp pool LWAAP-AP
network 10.1.12.0 255.255.255.0
default-router 10.1.12.1
option 43 hex f104.c0a8.0002
dns-server 83.229.88.30 4.2.2.2 193.238.28.249
option 60 ascii "Cisco AP c1240"
ip dhcp pool Wireless
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
ip cef
no ip domain lookup
ip domain name nimc.gov.ng
ip name-server 83.229.88.30
ip name-server 193.238.28.249
ip name-server 4.2.2.2
no ipv6 cef
multilink bundle-name authenticated
voice-card 0
archive
log config
hidekeys
interface GigabitEthernet0/0
description Connection to AP
ip address 10.1.12.1 255.255.255.0
ip helper-address 192.168.0.2
load-interval 30
duplex auto
speed auto
media-type rj45
interface Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/1
ip address 10.1.2.2 255.255.255.0
duplex auto
speed auto
media-type rj45
interface FastEthernet0/0/0
no ip address
shutdown
duplex auto
speed auto
interface Serial0/1/0
no ip address
shutdown
no fair-queue
clock rate 2000000
interface Serial0/1/1
no ip address
shutdown
clock rate 2000000
interface Integrated-Service-Engine1/0
ip address 192.168.0.1 255.255.255.0
no keepalive
interface Integrated-Service-Engine1/0.15
encapsulation dot1Q 15
ip address 192.168.1.1 255.255.255.0
interface Integrated-Service-Engine1/0.100
encapsulation dot1Q 100
ip forward-protocol nd
ip forward-protocol udp 12223
ip route 10.1.0.0 255.255.255.0 10.1.1.1
ip route 10.1.1.0 255.255.255.0 10.1.1.1
ip route 10.1.2.0 255.255.255.0 10.1.1.1
ip route 10.1.3.0 255.255.255.0 10.1.1.1
ip route 10.1.4.0 255.255.255.0 10.1.1.1
ip route 10.1.5.0 255.255.255.0 10.1.1.1
ip route 10.1.6.0 255.255.255.0 10.1.1.1
ip route 10.1.7.0 255.255.255.0 10.1.1.1
ip route 10.1.8.0 255.255.255.0 10.1.1.1
ip route 10.1.9.0 255.255.255.0 10.1.1.1
ip route 10.1.10.0 255.255.255.0 10.1.1.1
ip route 10.1.11.0 255.255.255.0 10.1.1.1
ip route 10.1.12.0 255.255.255.0 10.1.1.1
ip route 192.168.0.0 255.255.255.0 10.1.1.1
ip route 192.168.1.0 255.255.255.0 10.1.1.1
no ip http server
ip http secure-server
!Core Switch Configsh run
Building configuration...Current configuration : 10622 bytes
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
hostname Nimc_Core
boot-start-marker
boot-end-marker!
aaa new-model
aaa authentication login default local
aaa session-id common
storm-control broadcast include multicast
ip subnet-zero
no ip domain-lookup
ip domain-name nimc.gov.ng
ip dhcp excluded-address 10.1.2.1 10.1.2.10
ip dhcp excluded-address 10.1.4.1 10.1.4.10
ip dhcp excluded-address 10.1.5.1 10.1.5.10
ip dhcp excluded-address 10.1.6.1 10.1.6.10
ip dhcp excluded-address 10.1.7.1 10.1.7.10
ip dhcp excluded-address 10.1.8.1 10.1.8.10
ip dhcp excluded-address 10.1.9.1 10.1.9.10
ip dhcp excluded-address 10.1.10.1 10.1.10.10
ip dhcp excluded-address 10.1.3.1 10.1.3.10
ip dhcp pool Voice
network 10.1.2.0 255.255.255.0
next-server 10.1.2.1
option 150 ip 10.1.2.2
default-router 10.1.2.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
ip dhcp pool SF_DGs_Office
network 10.1.3.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.3.1
dns-server 81.199.3.7
lease 10
ip dhcp pool Admin_Process_Fac_Mgt
network 10.1.4.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.4.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
lease 10
ip dhcp pool SF_IDD
network 10.1.5.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.5.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
lease 10
ip dhcp pool Finance_Fin_Inv
network 10.1.6.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.6.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
lease 10
ip dhcp pool Finance_CS
network 10.1.7.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.7.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
lease 10
ip dhcp pool FF_Human_Capital_Mgt
network 10.1.8.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.8.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
lease 10
ip dhcp pool FF_Legal_Services
network 10.1.9.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.9.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
lease 10
ip dhcp pool SF_Procurement_Serv
network 10.1.10.0 255.255.255.0
domain-name nimc.gov.ng
default-router 10.1.10.1
dns-server 83.229.88.30 193.238.28.249 4.2.2.2
lease 10
ip vrf mgmtVrf
errdisable recovery cause bpduguard
errdisable recovery interval 180
power redundancy-mode redundant
spanning-tree mode mst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree mst configuration
name xxxx
revision 1
instance 1 vlan 1-20
spanning-tree mst 1 priority 0
spanning-tree vlan 1-20 priority 0
vlan internal allocation policy ascending
interface FastEthernet1
ip vrf forwarding mgmtVrf
no ip address
speed auto
duplex auto
interface GigabitEthernet1/1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet1/2
switchport access vlan 4
switchport mode access
spanning-tree portfast
interface GigabitEthernet1/3
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/4
switchport mode access
spanning-tree portfast
interface GigabitEthernet1/5
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/6
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/7
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/8
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast!
interface GigabitEthernet1/9
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/10
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/11
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/12
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/13
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/14
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/15
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/16
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/17
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/18
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/19
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/20
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/21
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/22
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/23
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/24
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/25
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/26
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/27
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/28
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/29
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/30
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/31
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfastinterface GigabitEthernet1/32
switchport access vlan 2
switchport voice vlan 4
interface GigabitEthernet1/33
switchport mode access
interface GigabitEthernet1/34
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/35
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/36
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/37
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/38
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/39
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/40
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/41
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/42
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/43
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/44
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/45
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/46
switchport access vlan 2
switchport mode access
switchport voice vlan 4
spanning-tree portfast
interface GigabitEthernet1/47
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet1/48
switchport trunk encapsulation dot1q
switchport mode trunk
interface Vlan1
no ip address
shutdown
interface Vlan2
description Management
ip address 10.1.1.1 255.255.255.0
interface Vlan3
description Enterprise
ip address 10.1.0.1 255.255.255.0
interface Vlan4
description Voice
ip address 10.1.2.1 255.255.255.0
interface Vlan5
description SS_DGs_Office
ip address 10.1.3.1 255.255.255.0
interface Vlan6
description Admin_Process_Fac_Management
ip address 10.1.4.1 255.255.255.0
interface Vlan7
description SF_National_Identity_Database
ip address 10.1.5.1 255.255.255.0
interface Vlan8
description Fin_Finance_Investment
ip address 10.1.6.1 255.255.255.0
interface Vlan9
description Fin_Corporate_Services
ip address 10.1.7.1 255.255.255.0
interface Vlan10
description FF_Human_Capital_Management
ip address 10.1.8.1 255.255.255.0
interface Vlan11
description FF_Legal_services
ip address 10.1.9.1 255.255.255.0
interface Vlan12
description SF_Procurement_Services
ip address 10.1.10.1 255.255.255.0
ip default-gateway 10.1.1.2
ip route 0.0.0.0 0.0.0.0 10.1.1.2
ip route 10.1.1.0 255.255.255.0 10.1.1.2
ip route 10.1.2.0 255.255.255.0 10.1.1.2
ip route 10.1.3.0 255.255.255.0 10.1.1.2
ip route 10.1.4.0 255.255.255.0 10.1.1.2
ip route 10.1.5.0 255.255.255.0 10.1.1.2
ip route 10.1.6.0 255.255.255.0 10.1.1.2
ip route 10.1.7.0 255.255.255.0 10.1.1.2
ip route 10.1.8.0 255.255.255.0 10.1.1.2
ip route 10.1.9.0 255.255.255.0 10.1.1.2
ip route 10.1.10.0 255.255.255.0 10.1.1.2
ip route 10.1.11.0 255.255.255.0 10.1.1.2
ip http server
--More--
control-plane
line con 0
stopbits 1
line vty 0 4
end
Please i need somebody to help meI wouldn't configure an ip address on the service engine subinterface.
Try setting up a vlan interface on the router with that ip address and the subinterface will be linked to the vlan interface through the encapsulation command. A vlan interface will better work as a gateway for the wireless clients
Nicolas -
I have a question that I need answered preferably by a Cisco employee or someone who has migrated to Clean Air. We are thinking of migrating to the Cisco 3500 series APs in our environment. I was told a while back that Clean Air is only supported as a fork lift upgrade, meaning all APs would need to be 3500 in order to migrate. I was also told that we could use the 3500s in monitor mode for troubleshooting, but could not intermingle AP models.
I am aware that the code level needs to be at 7.0 to have the features of clean air, but is it true that I can not migrate slowly to replace my present APs? I am in a pretty large wireless environment with multiple WiSMs. There is just no way to do this all at once.
ErickSo will I still be able to see the benefits of the Clean Air technology in a mixed environment? Interestingly, that is not the information I was given initially. Are there any features in the 7.0 code that I will not have be able to take advantage of or are there any gotchas I need to be aware? While the benefits of Clean Air may not be recognized with our b/g clients, will the 3500 APs still service b/g clients for network access?
I found this straight from the Cisco documentation regarding the Clean Air design guide.
Mixing CleanAir LMAP and legacy non CleanAir APs in the same installation
Why should I not mix CleanAir LMAP and Legacy LMAP APs in the same physical area? This question pertains to this use case:
“I currently have non CleanAir APs deployed (1130,1240, 1250, 1140) in local mode. I want to add just a few CleanAir APs to increase my coverage/density. Why can’t I just add some APs and get all the CleanAir features?”
This is not recommended because CleanAir LMAPs only monitor the serving channel and all CleanAir features rely on measurement density for quality. This installation would result in indiscriminate coverage of the band. You could well end up with a channel (or several) that has no CleanAir coverage at all. However with the base installation, you would be using all of the channels available. Assuming RRM is in control (recommended) it is entirely possible that all of the CleanAir APs could be assigned to the same channel in a normal installation. You spread them out to try to get the best spatial coverage possible, and that actually increases the odds of this.
You certainly can deploy a few CleanAir APs in with an existing installation. It is an AP and would function fine from a client and coverage standpoint. CleanAir functionality would be compromised and there is no way to really guarantee what the system would or would not tell you regarding your spectrum. There are far too many options in density and coverage which can be introduced to predict. What would work?
AQ would be valid for the reporting radio only. This means it is only relevant for the channel that it is serving, and this could change at any time.
Interference alerts and zone of impact would be valid. However, any location derived would be suspect. Best to leave that out all together and assume closest AP resolution.
Mitigation strategies would be ill-advised to operate because most of the APs in the deployment would not operate the same way.
You would be able to use the AP to look at spectrum from Spectrum Connect.
You would also have the option to temporarily switch to monitor mode at any time in order to perform a full scan of the environment.
While there are some benefits, it is important to understand the pitfalls and adjust expectations accordingly. It is not recommended, and issues arising from this type of deployment are not supportable based on this deployment model.
A better option if your budget does not support adding APs that do not serve client traffic (MMAP) is to collect enough CleanAir APs to deploy together in a single area. Any area that can be enclosed on a map area can contain a Greenfield CleanAir deployment with full feature support. The only caveat on this would be location. You still need enough density for location.
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080b4bdc1.shtml -
5508 as mobility anchor to 5760 WLC
I have 4 5508 WLCs in my environment now, installed at various locations. One 5508 is acting as an anchor for guest access. All other 5508s connect back to the anchor for the same SSID, the guest wireless WLAN. A new office is opening up with several new APs using a newer 5760 WLC running as an MC. Currently the 5508's do not have New Mobility enabled. I'm pretty sure I need to enable this on the anchor at least, but the question is do all 5508 WLCs need to be changed to support New Mobility; and if so, does it require any new configuration so that I don't break the guest wireless SSID? I am new to New Mobility so I am not sure what to expect. Other than rebooting a few WLCs to turn on New Mobility.
All 5508's run 7.6.130.0. The newer 5760 runs 03.06.02E.
Thanks
JeffOK, so to recap;
- place the 2nd WLC in the DMZ with only 1 port (set for dynamic AP management)?
- Then Anchor the guest SSID (on it's DMZ IP instead of management IP as is now)
And to make that kind of anchoring work, I have to open ports below on the firewall.. right?
UDP port 16666 for inter-WLC communication, and IP protocol ID 97 Ethernet in IP for client traffic.
and:
•TCP 161 and 162 for SNMP
•UDP 69 for TFTP
•TCP 80 or 443 for HTTP, or HTTPS for GUI access
•TCP 23 or 22 for Telnet, or SSH for CLI access
Thanks to confirm that -
Hi,
I am configuring up a Cisco 5760 WLC and wondering if it is required to put in a default route? In this document it says to put one in but i dont see why it is needed as it is connected to a switch via a layer 2 Trunk.
Reference:
https://supportforums.cisco.com/docs/DOC-34430
Another question, since there is no more Dynamic Interfaces and they are replaced with Layer 2 & 3 interfaces instead. Do all Layer 2 interfaces you create require a layer 3 interface IP address to be configured also? As shown below:
ThanksSo by default the 5760 has IP routing enabled so you will need to put in a default route. A default gateway won't work unless you disable IP routing first.
Sent from Cisco Technical Support iPhone App -
Hello)
I have the question and I didnt find good explanation about it((( So I have Cisco 1602 which supports Clean Air Express. Does it change the channel when detect interferrer? Or not? On cisco.com it just says "makes adjustments to optimize coverage"((( Please clarify what does it mean?When I say 'is done on software", the analysis of the interference is done on software. Unlike the other models, this stage is done with a dedicated hardware, thereby leaving the APs CPU with more space to do other stuff.
With CleanAir being done on software, this process is slower in some cases as the CPU has to share resources with other processes.
Go to Wireless > 802.11a > CleanAir and see if CleanAir is enabled globally. -
Good day guys!
I would like to ask if a Mobility Service Engine is really needed to make Clean Air functional on a Cisco 3500?
Thanks!No. All you need is 7.X to run on the WLC.
One thing though ... For CleanAir to function optimally, it's recommended that you use 3500i/e exclusively. You can't (you can but CleanAir won't run clean, excuse the pun) mix the 3500 with other non-CleanAir APs. -
hi,
what is cisco clean air?
I have WLC 4404 and 1242AG AP...
can i configure this on wlc and ap?
if yes, howCisco CleanAir Technology
I have WLC 4404 and 1242AG AP...can i configure this on wlc and ap?
No. Only the 3500 WAP supports CleanAir. -
Loss of AP signal strength after upgrading to Clean Air on 5508's.
After upgrading three 5508's (which support 150 AP's) from WLC/WCS version 6.0.182.0 to version 7.0.98.0, our users complained about low signal strength. Our pre-upgrade RSSI benchmarks confirmed a decrease of -10dB to -20dB signal strength across all AP's, effectively causing wireless networking to be unusable in key areas.
After confirming our Global signal strength settings in WCS and WLC's were still at the same settings they were at prior to upgrading, we contacted our VAR for advice.
He suggested that perhaps the upgrade caused all AP's to run at a lower signal strength. He was right.
At his recommendation, we reconfigured the WCS to set two AP's to use Individual mode instead of Global mode. This is found in Radios/802.11b/g/n/Tx Power Level Assignment. Setting them to level 2 resulted in an average -15dB increase of RSSI, solving our problems in the test environment. In one case we saw an increase of -30 dB for one AP.
The signal strength loss due to the upgrade was not expected, based on the upgrade documentation. Now we must change the settings manually on the remaining 148 AP's.
I'd like to hear from anyone else who has experienced a decrease in signal strength after upgrading to Clean Air 7. If you have information from Cisco that documents this problem, I'd REALLY like to read it.
Hoping this may help you,
RSHi Rick,
this is not "expected" or "on purpose". It just happens that improving the RRM algorithm makes things better for 90% of the people but maybe worse for 10% of the people.
This is why you can set the Tx power treshold on the RRM or set the overal RRM algorithm sensitivity.
If you put the Tx power treshold to a louder number (=closer to 0) then the APs will reduce less their power level.
Hope this helps.
Nicolas
===
Don't forget to rate answers that you find useful -
Has anyone deployed converged access with 3850 switches and 5760 WLCs?
Has anyone deployed a converged access network architecture with 3850 switches and 5760 WLCs? I have done lots of projects with the 5508 WLCs In a centralized deployment. Basically with this design, I manage 2 logical networks as the wireless network is an overlay over the wired network. I can design firewall to segregate traffic between the wired and wireless hence I can carry both staff and guest traffic.
Now Cisco is telling us that there is new design such that the dats plane traffic can be dropped locally through the 3850 switched. I am not sold on this and have not found any recommended best practices on when should we use a converged access architecture.
Pros
With converged access, data traffic is terminated at the MA which is on the switches, hence the WLC will not be a bottleneck? This is to prepare adoption for 802.11ac?
Less hops for voice calls from user A to user B as data control traffic is dropped locally.
Cons
Now how do I segregate guest and staff traffic if my security folks say I need a firewall?
Troubleshooting wireless client mobility will be a nightmare as the 3850 switches are MA.
Pushing and upgrading code for the Code will mean upgrading the stack of switches in the LAN riser. This will be painful in a huge campus environment like an university.
Can someone convince me why would a customer choose converged access?
Sent from Cisco Technical Support iPad AppThey choose CA because of the capwap termination at the switch. You can still use a 5508 and tunnel guest to a DMZ segment if you wish. You will need a 5508 though is you want to tunnel traffic to an anchor WLC.
Sent from Cisco Technical Support iPhone App -
Hi
Is there a relation between rogue access point detection and clean air , Rogue access point detection is based on the clean air technology ?No, its not.
Along with what Salodh suggested, following details might help.
Rogue APs are:
APs which are not recognised by our controller.
APs not been created and managed by our controller.
The controller put those APs in a category called Rogue.
Disclaimer: Proper Authorization required to attack a Rogue AP. For Example its our building, our floor and a rogue AP shows up in the middle of it, at that point we might have the authorization to disrupt the services of that AP.
On the other hand,
CleanAir Technology identifies and resolves RF interference challenges.
The term Air Quality Index ranges from 1 to 100 (where 100 means that the Radio Frequency doesn't have much interference and 1 means that AP needs to make changes)
When and AP detects interference, it rates it by Interference Severity Levels (1=Low Interference Severity and 100=Terrible Interference)
The Interference Severity reduces the AQI levels.
AQI Sensitivity Levels:
High sensitivity: If AQI drops below 60, take action to move channels.
Medium Sensitivity: If AQI drops below 50, take action to move channels.
Low Sensitivity: If AQI drops below 35, take action to move channels. -
Attach WAP4410N as WGB to Cisco 5760 WLC with LWAP 3702
I have 5760 WLC with 3702 wireless infrastructure. Can i connect a WAP4410N AP as WGB to be attached to my current wifi network so i can provide connectivity to some wired devices? Any tips on doing so? And any limitation can be imposed for using this WAP instead of any other AP that are supported by WLC5760? If the wired clients are passive, configuring passive-client on WLC will work normally?
Thanks Eric for the reply, however, this AP is not expected to be controlled by WLC as you mentioned since it is not lightweight and not supported by this WLC for compatibility. But in this scenario, i'm talking about operating it in WGB mode to be attached to the unified wireless infrastructure. In this scenario, it is just attached as a client that pass the traffic of its clients to the other side.
I have noticed the below statement in this guide page (539)
http://hcsdemo.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/37e/consolidated_guide/b_37e_consolidated_3650_cg.pdf
When non-Cisco WGBs are used, the switch has no information about the IP address of the clients on the wired segment behind the WGB. Without this information, the switch drops the following types of messages:
• ARP REQ from the distribution system for the WGB client.
• ARP RPLY from the WGB client.
• DHCP REQ from the WGB client.
• DHCP RPLY for the WGB client.
Accordingly, if the switch will drop all this traffic, then no traffic will be passed from the WGB clients to the network ! what I’m missing here?!!!
Maybe you are looking for
-
Why can't I use my debit card to make payments *** verizon?
-
Data recovery or directory repair?
Hi Everybody, I quick formated the wrong external firewire hard drive the other day. I've been trying to find the lost data with limited success. I've tried Stellar Phoenix, Data Rescue II and TechTool Pro 4. Have I been approaching this in the right
-
Mapping issues with soap sender adapter
Scenario SOAP->XI-> file. I have configured a sender soap adapter. When the soap message is sent to XI from third party system using the 'DOC' , SXMB_MONI shows the following format <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap
-
I have problems with the 'installation of creative cloud. Error Code: 205
I have problems with the 'installation of creative cloud. Error Code: 205 What can I do to fix this?
-
How do I download Camera Raw?
I just downloaded LR5 and wanted download Camera Raw. When I went to the directed page in the Product site I got a go description of the Camera Raw but no instructions on how to download.