Cisco 2504 Capability Question

Similar Messages

• Wi-Fi Installation in large property W/Cisco 2504

  Hi,
  I have an interesting job where i am having to fit a wifi network through a large property. I was advised to use the Cisco 2504 WLC and 9 x Cisco AIR-AP1142N access points.
  I know that out of the box the AP's (in standalone versions) have the GUI enabled.
  Not being completley up with CLI etc, is the WLC GUI enabled straight out of the box? if not, is it complicated to get it up and running? I'm pretty good at learning/understanding these things just as long as i have a rough idea of what to do!
  Thanks in advance,
  Josh                  

  Thats great, Thanks steve.
  I have the Controller (although AP's are still on order - out of stock ) but i have one final question before i start to set it up!
  I'm looking at this guide: http://www.cisco.com/en/US/docs/wireless/controller/2500/quick/guide/ctr2504_q_s.html#wp34023 and it talks about Management interface. I presume the management IP address would be the fixed ip of the controller if you like.
  So if i had a network with a DHCP server. The Router/Server was 192.168.2.1 and the DHCP range started from .10, i could set this to be 192.168.2.2 with the router of the management interface to be .2.1. I then could set the VLAN id to be 0 as i don't need a seperate managment lan (it's only for a house afterall, and if i lock it down with passwords it should be fine).
  With the Management Port, i presume that can be the port that connects into the main PoE Switch, similalry the Management DHCP server would be 192.168.2.1?
  Virtual Gateway IP address i guess is irelevant as there will be no mobility group?
  And DHCP bridging, like on any other wifi system/AP would be 'No' as the Router will be dealing with all DHCP requests?
  Thanks again for your fantastic help so far!
  Josh

• OOB Management of Cisco 2504

  Hello,
  I am wondering if this is possible, and how to execute. 
  We have a separate physical network for guest wireless access that we will be using a cisco 2504 controller and AP's. I wanted to manage the WLC from the corporate network, and wanted to have a management interface on our DMZ to allow 443 management from inside our corporate network.
  I tried making the built in management interface on our corporate DMZ network, and another interface for the Guest Network, but I am unsuccessful:
  Management port 1: 192.168.x.x
  Dynamic interface port 2: 10.5.x.x
  Once I enable Dynmaic AP management on the Guest network, I cant ping any devices on that network.
  I also tried making a VLAN for the management network and another vlan for the Guest network and mapping them to the single built in management port, but I have been unsuccessful in that.

  Hi,
  ip http server
  ip http authentication local
  ip http secure-server
  username cisco password cisco.
  HTH,
  Bjornarsb

• Cisco 2504 Local radius configuration, is their any ways for backing up the user db? In case the WLC dies

  Cisco 2504 Local radius configuration, is their any ways for backing up the user db?  In case the WLC dies

  Please find the guide to keep the backup:-
  http://www.cisco.com/en/US/partner/docs/wireless/controller/7.0/configuration/guide/c70mfw.html#wp1063850

• Help required to implement Cisco 2504 WLC and 1042 Access Points

  Hi,
  My name is Vidya Sagar. I am new to Wireless technology. We are planning to implement Wireless in our office. I have given the requirements below. Kindly go through the details and let me know how to start.
  We have purchased Cisco 2504 Wireless Controller (One) and Ciscon 1042 Access Points (Five). At present I am going to use 3 access points only.
  I have attached a simple diagram of our office network. We have more than 30 VLANs configured in Core Switch, we are planning to give wifi access to only 3 VLANs.
  1. VLAN 121 ( IP Segment - 10.52.121.0 /24)
  2. VLAN 116 ( IP Segment - 10.52.116.0 /24)
  3. VLAN 100 ( IP Segment - 192.168.100.0 /24) (Guest)
  Please give me a implementation plan to do this. I would like to use LDAP or ACS for authentication purpose.
  Regards,
  Vidya Sagar

  Lets just do this simple first before you start using ACS as that will require a certificate installed on the ACS for using PEAP.
  So first off, the WLC we will say is in vlan 10. When you are going through the startup wizard, make sure you define the vlan tag to 10 on the management interface. Make sure your virtual interface is an IP address that is not routed in your network, like an out of band IP.
  Make sure the WLC time is correct or use NTP!!!!
  Now you should be able to http or https to the WLC. I would upgrade the code to v7.4 and install the FUS image. Please reference this link for the upgrade procedure. You don't have to upgrade now... I would wait till you get everything working first.
  http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn74.html
  Now I would connect the APs on the same vlan as the WLC for now. Make sure there is dhcp on that subnet. Once the APs have joined, then you can move them to any subnet you want. Since you don't have many APs it would be okay to leave them in the same vlan as the WLC management or out them on any other vlan you choose. The APs will be connected to an access port NOT a trunk port!!!!
  The WLC will need to be connected on a dot1q trunk port only allowing vlans 10,100,116,121. The 2504 running v7.4 will support LAG (etherchannel). Any ways, your switch port should look like this for example only
  Interface gigabit1/0/1
  description WLC2504
  switch port trunk encapsulation dot1q
  switchoort mode trunk
  switch trunk allowed vlans 10,100,116,121
  spanning-tree portfast trunk
  channel-mode group 10 mode on << only for v7.4 if you use lag
  Don't connect all four ports right now, just port one!!!!
  Your Guest vlan, you will need to create an ACL to block traffic from accessing the internal network. You might want to allow dhcp and DNS bit I would leave it open first until you can verify everything is working.
  Now on the WLC you need to create a dynamic interface for vlan 100, 116, and 121. If you click on the Controller tab in the GUI and click on interfaces on the left hand side, that will take you to where you can add/delete/modify your interfaces. When creating these interfaces, make sure you add the dhcp server IP address for the primary and or backup.
  Now that you have your dynamic interfaces created, its time I create your SSID. Now click on the WLAN tab on the GUI and click on WLAN and then on the too right select Create New and then click go. Select WLAN on the drop down menu and then for the profile name I would use the SSID name also for simplicity.lean e the WLAN id to 1 for this and 2 for the next and so on. After defining these and clicking Apply you can now define your SSID. On the General tab, enable the status and leave the radio policy to all for now, you can decide later what you want to use. Choose your interface you wan to place this SSID on and enable Broadcast SSID for now and leave everything else alone. Now click on the Security tab and on the layer 2 Security, leave it at WPA + WPA2, only check WPA2 Policy and for WPA2 encryption choose AES only. Now go to the bottom of that screen and choose PSk. We will do pre shared key for now so you get to understand the setup and make sure everything is working first. Now on the PSK format, choose ASCII and put your pre shared key in the input box. Make this simple to for testing. You don't want to put in symbols or anything like that. When you are don with that, check apply on the top right and test.
  Now you can repeat this with your other SSIDs just to test. Your guest network you can leave open for now to test open authentication.
  Here are some links for the WebAuth feature:
  https://supportforums.cisco.com/docs/DOC-13954
  http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080b1a506.shtml
  Now if you want to use ACS with PEAP, here is some links for that:
  https://supportforums.cisco.com/videos/2499
  http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080bd1100.shtml
  https://www.google.com/url?sa=t&source=web&cd=8&ved=0CFQQtwIwBw&url=http%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DWk_bRdmsQlA&ei=_BEyUeCYM8TdqAHHsICAAw&usg=AFQjCNF8PiVBQK1Kipb4j8AzD153bKtmgA&sig2=smHhNVmCr2of2NzbnDhGmw
  Well that is it, hopefully you can get the wireless up for testing and verifying everything works!
  Sent from Cisco Technical Support iPhone App

• Cisco-2504 restart itself

  hello,
  I use a Cisco-2504 wireless controller since few month, with six AP.
  I encounter none problem.
  but last week en today the controller resrat itself, so all my user are disconnect during six minutes (restart times) after all is OK.
  I don't understand what's happen.
  have you idea ? 
  Cisco-2504 Software Version 7.6.120.0
  log : in attach files.

  v7.6.130.0 is the code you should be on. Also make sure you upload the latest FUS 1.9.0.0 which takes 35-45 minutes to complete.  The log doesn't show much except for an internal error but that's its. 
  -Scott

• Cisco 2504 Configuration

  Hello,
  I have a cisco 2504 controller with 10 AP's. I have 3 WLANs. I would like to have one WLAN only broadcast to 2 of my 10 AP's? Is this possible? If so how would I configure the WLan?

  so i followed the configuration sheet that was listed in the article below
  http://www.cisco.com/en/US/docs/wireless/controller/7.0MR1/configuration/guide/cg_wlan.html#wp1128591
  Underneath the
  Creating Access Point Groups
  i followed it and made the modifications. But i am still able to see the one WLAN under all AP's?

• 100% Noob - Need Help for basic setup of Cisco 2504 and 1600 AP

  Hello,
  I am completely noob in (cisco) networking.
  I have to setup a basic but secure wireless network.
  I have a cisco 2504 and 2 APs 1600 + a random switch
  I have 4 ports on the controller.
  I want to keep the 1st port on the network for the controller management, plug my internet box on the 3rd port, and my switch on the 4th port. Then the AP will be on the switch.
  I am able to make something working when everythings are plugged on the switch, plugged in the first port (default management port).But this is not what I want.
  First thing, Is that possible ?
  1st port : office network
  2nd port : empty
  3rd port : Internet Box
  4th port : Switch + all APs
  Then, if that is possible, how should i configure the controller to make that work ? I am completely lost in the menus.
  I dont need a perfect configuration, just something simple and working.
  1 SSID, 10 DHCP addresses, block wireless users trying  to go on the office network.
  If anyone could help my doing that, It would be very nice.
  Thank you.

  You basically need two SSIDs one for corporate users and second for guests .check the link with  step by step config and brief details .
  http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/70937-guest-internal-wlan.html

• Cisco 2504 WCL and 1702i

  I have just purchase a Cisco 2504 along with two 2702i and one 1702i.
  The WLC works fine with both 2702i.
  Unfortunately, it won't locate the 1702i.
  I have just see that the problem could be that the 2504 is running software 7.6.120.0 and that I should upgrade.
  Unfortunately, I don't have a service agreement with Cisco and therefore can't!
  Am I the only one who thinks it unreasonable that you can purchase new products that are advertised to work together to then be told that your five day old WLC doesn't come with the latest firmware and that I only have RMA support and can't download the latest software?
  Regards
  Daniel

  Hi Scott
  Thankfully, TAC took pity on me and sent me the latest firmware.
  That has now fixed the problem and the 1702i is working fine with the 2504 WLC.
  I shall look into the cost of a service agreement for future problems.
  Regards
  Daniel

• Power adapter for cisco 2504 WLC

  Hi all ,
  Is there any other part numbers for cisco 2504 WLC power adpater other than
  PWR-2504-AC= ?
  Thanks,
  Regards,
  Vijay.

  No "PWR-2504-AC=" is the only power adapter option for 2504.
  Please check the datasheet:-
  http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps8322/ps11630/data_sheet_c78-645111.html

• Voice over WLAN - Cisco 2504 and iPhones/Androids

  All:
  I'm working on a solution for someone who already has a Cisco WLC 2504 running 7.6.100 and 2602i APs.  They are running iPhones with a SIP application instead of purchasing Cisco 7925G phones.  They are having issues when roaming to different APs.
  Site survey is good.  I also used a laptop with Net Surveyor on it - signal looks good.  SNR is good.  They used to have coverage issues as well but I got that taken care of for them.  Only issue now is roaming.
  WLAN SSID:
  -Qos: Platinum
  -FT-PSK and PSK enabled
  802.11a/n/ac Radio:
  -Client Roaming: -67dBm for RSSI threshold and -62dBm for scanning threshold. 
  -Disabled 6mbps and 9mbps and 12 mbps is set to mandatory.  All others are supported
  802.11b/g/n Radio:
  -Client Roaming: -67dBm for RSSI threshold and -62dBm for scanning threshold. 
  -Disabled 1mbps - 12mbps.  18mbps set to mandatory.  All others are supported
  Switch to which WLC is connected:
  -switch ports used to connect to the controller are set to trust CoS and ports to APs and uplinks are set to trust DSCP. 
  With these setting changes - I believe most everything else is default.  I am confused about the following:
  -Best practice link - http://www.cisco.com/c/en/us/td/docs/wireless/technology/vowlan/troubleshooting/vowlan_troubleshoot/2_Gen_Troubleshooting_Guidelines.html
  Says to configure voice WLAN to use 802.11a.  Issues with that: Some Android's could not connect AND the big one - I am not able to set Qos to use 802.1p for the SIP WLAN.  It tells me to disable 802.11a and 802.11b.  If I go into each radio on 'Network' tab and disable these - NOTHING can connect to any SSID.  So unless I've misunderstood something - this is a contradiction in the best-practice link I posted above.
  another question:  If I enable FT-PSK and PSK - for devices that support FT-PSK (which i'm under the impression is 802.11r) will these devices use that and for devices that don't they'll use 'regular' PSK?  How do I know if my client is connecting using PSK or FT-PSK as both are enabled on the same WLAN.
  Again - only issue is roaming.  I second or two of 'choppy' voice then everything is back to normal working as expected.  Any ideas as to what else I can enable to get these iPhones to roam better - if this is even possible.  Can iPhones roam using a SIP app with zero voice interruption?  This is the equipment that they got and can't get anything else so I got to make the best of this.  Perhaps I've already done that?  Any ideas/suggestions are very much appreciated.

  Hi
  Before any other think  I would like you to upgrade your WLC image to 7.6.130.0 & FUS to 1.9.0.0. FUS upgrade will require 30-40min downtime to your wireless.
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.html
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn76mr03.html
  It tells me to disable 802.11a and 802.11b. If I go into each radio on 'Network' tab and disable these - NOTHING can connect to any SSID. So unless I've misunderstood something - this is a contradiction in the best-practice link I posted above,
  This simply says, you have to disable radio band before changing QoS profile values. Once you change those value you can re-enable the radio band. :)
  If I enable FT-PSK and PSK - for devices that support FT-PSK (which i'm under the impression is 802.11r) will these devices use that and for devices that don't they'll use 'regular' PSK? How do I know if my client is connecting using PSK or FT-PSK as both are enabled on the same WLAN.
  Read these 802.11r post & you will understand how 802.11r works. There are certain client devices does not like PSK & FT-PSK capability advertise on the same SSID & may have connectivity issues. But most of the clients like iPhone, iPads,etc  will connect without any problems.
  http://mrncciew.com/2014/09/06/cwsp-802-11r-ft-association/
  http://mrncciew.com/2014/09/07/cwsp-802-11r-over-the-air-ft/
  http://mrncciew.com/2014/09/08/cwsp-802-11r-over-the-ds-ft/
  "show client detail <mac_address>" should indicate if client connected over FT-PSK or PSK.
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Cisco 2504 OEAP NAT directly connect AP's no ip

  I setup my 2504 to work with OEAP.  When I enabled NAT on the management interface the one AP I have directly connected to the WLC is no longer getting an IP address.  Any idea why this is?

  First, it is not recommended to have an AP directly connected to the WLC, you really need to connect it to an upstream switch and let it connect that way.
  My first thought would be that you need to take a look a the below link that talk about how the NAT ip commands work.
  http://www.cisco.com/en/US/docs/wireless/controller/7.0MR1/command/reference/cli70MR1commands.html#wp14087790
  HTH,
  Steve
  Please remember to rate useful posts, and mark questions as answered

• Cisco 2504 Domain Authentication for WIFI Clients

  I got a question.
  I have a 2504 controller, and a bunch of 3600 APs. (which now works, thanks to Scott Fella)
  I want the WIFI users to be able to connect to the WIFI, If their computer is part of the domain. Otherwise, they connect to the guest WIFI.
  How can I go about doing that? I tried searching the forums, but perhaps Im not searching for the right keywords.
  I thought it was LDAP, but I could not find much info on it.
  Thanks....         

  I wouldn't look at LDAP. I would use a radius server and machine authentication. If your a Microsoft shop, then bring up IAS for 2003 or NPS for 2008. These can work as your radius server. To figure out how to configure machine auth, just search Google for NPS wireless machine authentication.
  Here is one link
  http://araihan.wordpress.com/2010/04/30/complete-guide-to-build-a-cisco-wireless-infrastructure-using-cisco-wlc-5500-cisco-1142-ap-and-microsoft-radius-server/
  Sent from Cisco Technical Support iPhone App

• Cisco 2504

  We've recently converted to Cisco for our wireless deployments and are in the middle of our first customer install.  We purchased a 2504 from a Cisco Partner and it came with v7.2x on it, which as we now know does not work with the AP 1600's. 
  When we attempted to download the software upgrade we were told we needed a service contract to do that.  So we called the Partner we ordered the 2504 from and purchased the service contract for $399 when they said we should have an email from Cisco in aprroximately an hour with the service contract activated. 
  That was about 36 hours ago.   After calling the Partner several times we demanded to speak to a supervisor who them informed us it could take up to two weeks to complete the service contract activation on the device.  I just cancelled our oder with this Partner because that seemed unacceptable based on his reasoning for the length of time - something with their internal PO process.
  We are square in the middle of this install for our customer.  Nevermind we were shipped a device with the software 3 versions old, but we can't get the new software version for a brand new 2504?? 
  Does anyone have any idea 1) how can we get this software version for a brand new device just purchased less than a week ago, and 2) what is the fastest way to get a service contract activated for our customers brand new 2504?? 
  HELP       

  Well I guess it depends on who you get.  Support is support as I see it.  Rule of thumb... customer is always right:)  Its a battle out there between vendors and its easy to hate a vendor of little things.  As a consultant, you do what you can to make the customer happy, or else they find another vendor.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• Cisco 2504 Compatible Access Points

  Qick question I have a Cisco aironet 1041, is it conpatable with the Cisco controller 2504?
  Thansk
  Douglas

  Compatibility also depends on the code on the WLC. Here is a matrix that you should keep handy.
  http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
  Sent from Cisco Technical Support iPhone App