Add wlc to the WCS

Hi experts,
I want to add a second wlc 4402 in branch office(4.1.171.0) to WCS (4.1.83.0) in Headquarter. During this operation I receive this messages from wcs:
"controllers unreachable, check smnp and network for issue". I try to ping from wcs to wlc (no problem), snmp community is correct (there is another controller that use this communiny without problem). There aren't firewall between wlc and wcs. Can you suggest something?
Regards,

Are you using the ready-only community instead of the read-write community?
Are you able to do an snmpwalk from the WCS box?
(assuming linux with net-snmp-utils installed)
or something like getif on a windows box.
What about ACLs between the two devices?

Similar Messages

  • WCS and WLC, On the same VLAN ?

    Whats best practice ? Is it better to have the WCS on the same vlan as the controller(s)
    Johann Folkestad

    Given the fact that it is snmp traffic, the WCS to WLC snmp read/writes should be confined to a subnet(s) that are secured by ACLs/firewalls/rfc1918 address space, yada yada....
    One way to do it is to place the WCS behind a firewall on the same or reachable subnet as the WLC service or management ports. I prefer using the service port on the WLC for the WCS snmp traffic, this way I can prune that vlan off the switch trunk ports that the WLC connect to as well as put it in a subnet that is away from prying eyes. I have had it working just fine since 3.0.2x all the way up to the latest rev this way.
    the controller will touch an additional vlan for each dynamic interface you create for wlans
    You can also dual home the WCS server, but the default option on WCS install/upgrade is to bind to one interface (it will detect & prompt in regards to multiple interfaces - at least on the Linux version).
    Also don't forget to lock down https access to WCS web frontend as well

  • Use WLC's service interface IP when add WLC into WCS

    Hi All,
    Does anybody know if there's any limitations or bugs to use WLC's service interface IP when add WLC into WCS?
    Another question is I remember there's a post previously says that there are a bug regarding to ARP if the WLC not using LAG but connect one port to one switch, connect another port to another switch, so that's why it is strongly suggested to use LAG, but I can't find it now, anybody know it? Thanks!

    The service port is controlled by the service-port interface and is reserved for out-of-band management of the controller and system recovery and maintenance in the event of a network failure. It is also the only port that is active when the controller is in boot mode. The service port is not capable of carrying 802.1Q tags, so it must be connected to an access port on the neighbor switch.
    If the service port is in use, the management interface must be on a different supernet from the service-port interface.
    The service-port interface controls communications through and is statically mapped by the system to the service port. It must have an IP address on a different supernet from the management, AP-manager, and any dynamic interfaces, and it cannot be mapped to a backup port. This configuration enables you to manage the controller directly or through a dedicated operating system network, such as 10.1.2.x, which can ensure service access during network downtime.
    The service port can obtain an IP address using DHCP, or it can be assigned a static IP address, but a default gateway cannot be assigned to the service-port interface. Static routes can be defined through the controller for remote network access to the service port.

  • Add WLC in WCS

    Hi,
    i can?t add a WLC in my WCS. The WCS can ping the controller, SNMP is configured properly. I got the message "Failed to add device to WCS". The WLC is running Version 4.0.155.0, the WCS is running version 4.0.66.0. Are there any other credentials than snmp which have to be configured ?? Have anybody these versions installed ? Thanks for any suggests.

    Did you change the default snmp strings in the controller? Make sure that the status is enabled and try setting the ip address and subnet mask to 0.0.0.0. Then try using both the read or the read/write strings. I had that issue today and I just deleted and recreated the strings.

  • WCS cannot add WLC over slow link

    I have a WCS running at our main data center. We recently added a WLAN Controller (4402)in a remote office that is located over a VPN tunnel.
    The WCS can PING the WLC (but it is slow at about 250ms), and I can access the controller's web interface from the WCS server. I just cannot add the controller, it gives me the error "No response from device, check SNMP communities, version or network for issues."
    Any thoughts on what I can try?
    I have also verified the SNMP communities and removed and re-added them on both the WCS and WLC, and I've tried both the RO and RW strings. No difference.
    Thanks.

    Here is what appears in the log when I try to connect via SNMP v2c.
    *Oct 13 13:26:19.552: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
    *Oct 13 13:26:03.546: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
    *Oct 13 13:25:55.548: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
    *Oct 13 13:25:51.560: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
    *Oct 13 13:25:44.483: %USMDB-4-MSGTAG027: usmdb_wcp.c:221 usmDbWcpGetParentRouterName(): Non-Doberman platform.
    *Oct 13 13:25:44.483: %USMDB-4-MSGTAG022: usmdb_wcp.c:95 usmDbWcpGetControllerSlotPort(): Non-Doberman platform.
    *Oct 13 13:25:44.482: %USMDB-4-MSGTAG023: usmdb_wcp.c:119 usmDbWcpGetPeersPortAndIp(): Non-Doberman platform.
    *Oct 13 13:25:44.481: %USMDB-4-MSGTAG022: usmdb_wcp.c:95 usmDbWcpGetControllerSlotPort(): Non-Doberman platform.
    *Oct 13 13:25:44.480: %USMDB-4-MSGTAG023: usmdb_wcp.c:119 usmDbWcpGetPeersPortAndIp(): Non-Doberman platform.
    I tried an extended ping from the WCS's default gateway and if I increase the datagram size to 1500, I get the “M” = could not fragment reply. However a size of 1300 works fine.

  • Unable to add new WLC to the Mobility Group

    Hi,
    Any help will be very welcome.
    I recently add a second CT5508 to the network, but when I tried to add the first 5508 to the mobilty group I received a message like this:
    "error in creating member"
    I've tried different mobility names, via GUI, via CLI and always the same error.
    I've verified twice or more than twice connectivity issues or any error on the entering the MAC and IP of the controllers, everything is fine.
    Any idea?
    I'm using version 7.0.116.0
    Thanks

    Hello Moises,
    Did you load a configuration backup from your first WLC to the new second WLC? If so, it's possible we have a stale duplicate entry from loading a configuration.
    On the WLC where you cannot add the member, let's try clearing out the stale entry from the CLI:
    config mobility group member delete 00:00:00:00:00:00
    Then, try to add the member and see if it works.
    -Pat

  • Cannot add WLC 5508 to Prime Infrastructure 2.1

    Regards,
    I've been migrating / implementing a WCS to PI 2.1. I had several problems at first to add the 11 WLC we have to PI which I could be solving by trying and testing as I have not found many references by Cisco when it comes to troubleshooting when deploying PI.
    I have several queries:
    1. The WCS was added 11 WLC using different SNMP communities are configured on each of them. At first when trying to add the WLC had PI SNMP communication problems. I performed the test to eliminate any of the WLC added to WCS and add it again with some communities already existing R / W without any problem. At the end, I could not add the WLC so I had to create an SNMP community with the IP of Prime in the WLC so that they can be added. Does anyone know what is the cause of this?
    2. I could not add a WLC 5508 IOS 7.3 using this method, even creating an SNMP community and IP mask 0.0.0.0 / 0. No access list or FW in between the WLC These WLC are spread over several countries but i was able to add the other WLC adding a community in each WLC pointing to the IP of Prime. It is similar to this case:
    https://supportforums.cisco.com/discussion/12232506/cannot-add-wlc-5508-v761200-prime-infrastructure-21
    Thanks for the help.

    It turns out that this situation was caused by a bug in 7.6.120.0 (CSCuo73572).
    TAC handed me an escalation image (7.6.120.16) that fixed this. 
    Added the controllers sucessfully on the first try. 
    Phill

  • WLC unreachable from WCS -

    I have a WLC2000 that was reporting in to WCS but as of 2 weeks ago WCS sees it as unreachable although it is up and connectivity exists between the two?? I was planning on deleting the WLC and attempting to add it back to WCS but am curious as to if anybody had issues with similar issues?

    Nah, It's just a problem that Airespace had and subsequently Cisco inherited. The WCS receives updates from the controller databases on a regularly scheduled basis. For whatever reason, everytime we get a new code version, it takes the WCS a while to learn where the controller is and what changes have been made to its database entries. You can usually manually force this by doing a manual refresh of config from the controller in the WCS commands section. If that doesn't work, you have to reboot the controller and it will come back and you can re-add it to the list of controllers IF it still shows as unreachable.

  • Migrating WLC from existing WCS to another WCS

    Dear tecahers:
    We support a campus with 8 WLC with 600 APs managed by our own WCS.
    Recently we are going to support a new site. They have 4 WLC with about 250 APs managed by another WCS.
    What we want to do is migrate 4 WLC with 250 APs from their WCS to our own WCS, thus we can use our own WCS to manage all the WLC and APs.
    My question is How can we migrate these 4 WLC from the existing WCS to our own WCS with the configuration and maps?
    Any help would be really appreciated.
    Regards,
    Steven

    Do you have enough licenses on the new WCS for the additional access points you plan to add ? As for migration, I recall there arent any migration tools from wcs to wcs. I recall there being tools for WLSE to WCS. Depending on how many maps you have, it shouldnt take all that long to import maps and place aps.
    "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
    ‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

  • Resetting WLC password through WCS

    Hi,
    Can someone please provide me with the steps to follow to reset the WLC credentials using WCS.
    Best Regards,

    Is there a reason you want to change the password from the WCS and not from the WLC? If you are locked out, here is a good link from George's blog
    http://www.my80211.com/home/2009/12/27/recover-your-wlc-password.html
    I tend to add another management user from the WLC or WCS and then you delete the old username and create it again with the new password.
    Sent from Cisco Technical Support iPhone App

  • WLC code upgrade, WCS, ap_3600

    i'm going to upgrade a 5508 wlc code from
    7.0.116.0
    to
    7.1.91.0
    to add 3600 series access points having it all manageable via WCS ver 7.0.230.0
    it seems to be possible, as it is explained in the compatibility matrix found on
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
    now I have to download the file to the controller...
    AIR-CT5500-K9-SPECIAL-7-1-91-0.aes
    (direct update possible)
    before doing that I'd like to know if I will loose my configuration on the controller
    i'm concerned about that because the release document is not clear:
    - We highly recommend that you back up your controller's configuration files prior to upgrading the controller software. Otherwise, you must manually reconfigure the controller.
    - For busy networks, controllers on high utilization, or small controller platforms it is advisable to disable the 802.11a/b/g networks as a precautionary measure.
    - Step 5 Disable any WLANs on the controller.
    - Step 19 Re-enable the WLANs......
    - Step 22 If desired, reload your latest configuration file to the controller. (reload config after reenabling wlans????? why???)
    so will I loose my configuration?
    what is Field Upgrade Software? should i use that instead?
    another controller  another question .....: a cisco wlc 2100
    found 2 update files
    AIR-WLC2100-K9-7-0-230-0-ER.aes
    AIR-WLC2100-K9-7-0-230-0.aes
    why 2 update files this time? what file to update first?
    thank you in advance for your answers

    The 5508 has two files when you go to 7.2, which I would for the 3600.  You'll also want to download and install the FUS image.
    the 'legacy' WLC, like the 2100, have the .aes which is the OS for the WLC.  The -ER is an Emergency Recovery image, it's waht you get when you break the boot cycle.
    HTH,
    Steve
    Please remember to rate useful posts, and mark questions as answered

  • Can't put two 5508 WLCs in the same RF group

    Hi experts,
    I have two 5508 WLCs and I want them to be backup to each other. I put in the same "RF Group Name" and even the same "Default Mobility Domain Name" however under Wireless -> 802.11b/g/n -> RRM -> RF Grouping each controller still only have themselves as the only memter to the group.
    Two controllers are having management IPs on the same subnet 192.168.161.x/24. AP-manager interfaces are in the same network as well. They can ping each other fine. The following screen shots show the current relavent config on the controller:
    I do have two controllers in the same mobility group and they are both showing up...
    Does anyone know why they can't add each other to the RF group? All other settings are pretty much default...
    Thanks!

    Hi,
    is there a chance that one of the 2 WLC doesn't contain any access point ? Or that the APs from one WLC are not physically close to the APs of the second WLC ?
    The point of RF grouping is to exchange RF information, to make RRM decisions together and to know what ap is a rogue and which is not. RF group information travels over the air from AP to AP.
    So if a wlc has no ap of if its APs are not close to those of the other WLC there is both no point in grouping with the other WLC in rf group and also no technical way of doing so.
    Regards,
    Nicolas
    ===
    Don't forget to rate answers that you find useful

  • Adding a WLC to the network

    My network has many remote locations.  Currently I have a WLC 2106 that has been supporting our LWAPs.  We have reached the licensed max that it supports (25).  In order to add more LWAPs to our Northern region, we decided to get a WLC for the Northern region and have the LWAPs in that region connect to their regional WLC instead of the Southern one.  So, now I have a WLC 5508 to add to the Northern region of my network.  My concern is, that when I connect it, if a LWAP reboots, what will determine which WLC it will join?  I read some of the Cisco doco on the hunting process, but that just seems to address the WLC selection when you have a master WLC identified and the second one is a backup.  It also speaks of the LWAPs selecting the WLC with the highest capacity ( i.e. load-balancing ).  I don't really want either.  I want the LWAPs in the northern region to select the northern WLC (5508) and the southern region LWAPs to select the southern WLC (2106).  How do I go about making sure that the LWAPs only select the WLC that they are supposed to?
    Thanks!

    No problem.. here is the solution.. manualy configure the APs to joing the northern WLC by providing the IP of the WLC using the below link..
    http://www.cisco.com/en/US/products/hw/wireless/ps430/products_tech_note09186a00808e2d27.shtml#backinfo
    Now the AP joins the northern WLC if we have the backend conenctivity to it configured corectly.. now to make sure the AP will not joing the southern WLC.. we need to configure the primary, secondary and tertiary WLC to that AP.. so that the AP will alwways join the primary and then move to secondary if primary id un available.. when we set the primary as the northern. then when the AP reloads.. it will try to join the primary always!! the below link will help you out in configuring the high availability..
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008064a294.shtml#c4
    http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00809a3f5d.shtml
    let me know how this ansred your question!!
    Regards
    Surendra

  • Searching for Access Point Report by SSID on the WCS

    Hello,
    im searching for an option to make a Report on the WCS (Software Version 6.0.170.0 )  to see all SSIDs that are ratiated in detail by the Access Points.
    I mean something like this: (example)
    AP 1   -  SSID 1 and SSID 2
    AP2   -   SSID 1
    AP3   -   SSID 3 and SSID2
    Or is they any other alternativ to see that on the WCS or WLC?
    Thank You

    Hi,
    The "AP SUMMARY" report will provide you the AP group to which the AP is mapped to.. here by we can come to know what all WLANs are getting broadcasted by the AP..
    REPORTS LAUNCH PAD >> DEVICES >> AP SUMMARY >> NEW.
    Lemme know if this answered ur question and please dont forget to rate the suefull posts!!
    Regards
    Surendra

  • Generate a Local net user Report from WLC or through WCS

    Need advice regarding downloading the Local net user list from Anchor WLC or through WCS. In WCS I could not find any menu to generate a report on Local net users in other words Guest account list.
    Please advice Thanks
    Jacob

    I don't know aobut using WCS, but you can always run a command through the cli:
    show netuser summary

Maybe you are looking for