Cisco 2504 controller, setting management wlan interface Vlan Identifier to anything but 0 loses management ability

I have setting the Management Interface Vlan Identifier to 0 or untagged.
If i change this to a vlan, I am unable to manage the device, is this correct?
Steve

If u make it untagged then specify the NATIVE vlan on the switchport..
If u tag the management interface, then dont configure the native vlan on the switchport..
Both the cases u will be able to access!!
Lemme know if this answered ur question!!
Regards
Surendra

Similar Messages

Controller interface vlan identifier

Are the VLAN identifiers configured on the controller interfaces relevant when using H-REAP APs with VLAN mappings?

The vlan identifiers are configured on the interfaces of the wlc. In h-reap, the wlan points to the management interface which should be set to untagged "0". When the ap is set to h-reap mode, that is where you would specify the locally switched vlan id. The native vlan id on the h-reap ap is important though. Management interface of the h-reap ap should be configured for native. Does this answer you question???

WLC 5508 , AP client dhcp address different from WLAN interface VLAN subnet?

Hope the title makes sense, here's my situation: I have multiple businesses on 1 WLC 5508, there's a LAG to my core switch with seperate interfaces for each, broken up by vlans.
My question is: if i have a WLAN setup to use interface "Company A" which is vlan 10 with an ip of 10.0.1.5 which then points to 10.0.1.10 for dhcp.
Can the WLAN client connecting to the Company A WLAN use an IP in a different IP range?(192.168.1.10?) can the wlc route? from the perspective of the DHCP server where doers the request come from? (10.0.1.5?)
Can the DHCP server 10.0.10.10 on vlan 10 respond back with and ip on a different subnet to assign to the client to use and still be fully fonctioning? would the default gateway for the client need to be 10.0.1.5? So the clients ip would be 192.168.1.10 /24 with a gateway of 10.0.1.5 (ip adress fo vlan10 interface on WLC) And if multiple clients on the same subnet wanted to talk to each other woudl the WLC know how to route them to each other without passing through the default gateway?
Sorry if this is confusing I'm having a bit of a hard time explaining it in works, i can try and draw somethign up if it makes more sense.
thanks
Eric

I think if you want these clients to stick to a WLAN configured on a VLAN that has a different IP addressing you could configure your VLAN with the normal IP addressing then add on the SVI the 2nd IP_Class_default_gateway.
E.G.
Vlan 10
interface vlan 10
ip address 10.0.10.1 255.255.255.0
ip address 192.168.1.1 255.255.255.0 secondary
Clients that receive IP address from 192.168.1.0/24 network will be able to reach 192.168.1.1 and all traffic will pass right.

IPSEC Cisco VPN connection. Modifying default VPN gateway allows internet traffic but loses access to VPN

Hello!!
I'm using the IPSEC Cisco VPN Network property to connect to my company.
Once I get connected, I lose internet access, because all the traffic is redirected through the tunnel and I want both, of course.
If I modify the default getaway in the routing table, with this command
route change default x.x.x.x, where this is the getaway IP when not connected to the VPN,
I gain access to internet, but I lose access through the VPN tunnel.
I was reading about it in google, and what I have to do is to add a static route to the VPN again, but I don't know how.
Could you please help me?
thanks in advance!!

Hi Norbert,
I am sorry to say that configuring routes in Azure Virtual network is not supported. I recommend you to submit your reuqirement on Azure Feedback and hope it would be released soon:
http://feedback.azure.com/forums/217313-networking-dns-traffic-manager-vpn-vnet
Best regards,
Susie
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

I'm using my airport express so I can control stereo via iPhone/iPad. It's linked to my router wirelessly (via "join network" setting). It works fine for a while, but then airplay ability / icon always disappears.

My airport express is brand new and has latest software.
My router is an Engenius 300N, and is 6 months old.
iPhone is a 5S and has latest software.
I've tried restarting router, resetting Airport, and spoken with apple support.
The only thing that works is turning power to Airport off and on, but this only works for 5 minutes then disappears again.
Help please
Matt

Oh - and also disappears from other devices eg macbook and ipad.
thanks

OOB Management of Cisco 2504

Hello,
I am wondering if this is possible, and how to execute.
We have a separate physical network for guest wireless access that we will be using a cisco 2504 controller and AP's. I wanted to manage the WLC from the corporate network, and wanted to have a management interface on our DMZ to allow 443 management from inside our corporate network.
I tried making the built in management interface on our corporate DMZ network, and another interface for the Guest Network, but I am unsuccessful:
Management port 1: 192.168.x.x
Dynamic interface port 2: 10.5.x.x
Once I enable Dynmaic AP management on the Guest network, I cant ping any devices on that network.
I also tried making a VLAN for the management network and another vlan for the Guest network and mapping them to the single built in management port, but I have been unsuccessful in that.

Hi,
ip http server
ip http authentication local
ip http secure-server
username cisco password cisco.
HTH,
Bjornarsb

Cisco 2504 Configuration

Hello,
I have a cisco 2504 controller with 10 AP's. I have 3 WLANs. I would like to have one WLAN only broadcast to 2 of my 10 AP's? Is this possible? If so how would I configure the WLan?

so i followed the configuration sheet that was listed in the article below
http://www.cisco.com/en/US/docs/wireless/controller/7.0MR1/configuration/guide/cg_wlan.html#wp1128591
Underneath the
Creating Access Point Groups
i followed it and made the modifications. But i am still able to see the one WLAN under all AP's?

Hosts having connection issue, 2504 controller

Hello,
We have a Cisco 2504 controller and approximately 35 AP's.
Some of the AP's are located directly above each other (on another floor).
When I run a basic annalyzer, it appears that there is some adjacent AP traffic, the controller has some of the close AP's with the same channel, so there is some RF interferance.
The AP's currently are all setup for "G" and majority of the AP's are 1200 series, most of them are 1242's.
Should and can the AP's be set with static channels so that there is no adjacent signals?
If so where in the controller can that be done?
Any help would be truly appreciated, we are a school with an iPad program, so the amount of connects is quite high as well as the availability to have internet acces.
Thank you for anytype of help you can provide.
jim

If you don't want the WLC to control the RF using RRM, you can manually set each ap and its radio statically. On the wireless tab, click on either 802.11an or 802.11bgn and the all the way to the right of the ap, there is a blue triangle. Hover the mouse over that and click configure, there you can set the channel and power leave for that radio on that ap. You will have to do each radio and ap. Hope this helps.
Sent from Cisco Technical Support iPad App

Why My Intel Management Engine Interface not starting?

I've been trying to flash my BIOS so that it can be compatible with Windows 7. The probelm that I am currently having is that SATA drives can not initialization the Intel Management Engine Interface. I tried to install Intel Management Engine Interface driver in windows via an app or via floppy or via a supplied ISO, but it didnt do much else. How can I fix the find an updated driver for this device and make it work properly?
Regards to all and thanks for your help.

1, the corresponding motherboard BIOS file, you can back up from the previous BIOSaccess can also be found to the official website of the motherboard BIOS file types
2, download and install the appropriate BIOS update tool brands.
3 SLIC2.1 file download OEM makers, OEM key, OEM certificate (such as Hewlett-Packard).
4, the SLIC 2.1 and SLP files downloaded brushes into the BIOS.
You can try it

SSID/VLANs for Guest/Staff with 3600 and 2504 Controller

We are deploying 3600 AP's with a 2504 and would like to create multiple SSID's that are mapped to unique VLANs so we can control the traffic at the Firewall. We have the 2504 up and running with AP's but there appears to be no where in the 2504 controller Web GUI to configure a VLAN mapping to an SSID. Any pointers to documentation on how to configure?

in the WLAN configuration, you select what interface you want it to be linked to.
In the Controller Tab, on the left, go to interfaces. This is where you create teh interface name, set the VLAN,and the IP address.
Steve

Cant Connect Cisco AIR-CAP 3602 with 2504 controller

Im trying to have one of our APs join our controller. No matter what I do, i cant get it to join the controller.
The controller has the right OS, I had to upgraded it 7.4 to support the 3600...
Both the controller and the AP has the same time and date.
But Im getting this from my AP:
*Oct 30 14:49:26.043: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Oct 30 14:49:26.055: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Oct 30 14:49:26.055: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Oct 30 14:49:26.067: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 30 14:49:26.083: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Oct 30 14:49:27.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Oct 30 14:49:27.095: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Oct 30 14:49:27.103: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Oct 30 14:49:28.087: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Oct 30 14:49:28.095: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Oct 30 14:49:28.131: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Oct 30 14:49:28.139: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Oct 30 14:49:28.147: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Oct 30 14:49:29.131: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Oct 30 14:49:29.139: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Oct 30 14:49:29.167: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 30 14:49:30.167: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Oct 30 14:49:36.083: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Oct 30 14:49:36.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.0.50 peer_port: 5246
*Oct 30 14:49:36.411: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.1.0.50 peer_port: 5246
*Oct 30 14:49:36.411: %CAPWAP-5-SENDJOIN: sending Join Request to 10.1.0.50
*Oct 30 14:49:36.411: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Oct 30 14:49:36.411: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Oct 30 14:49:36.411: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Oct 30 14:49:36.411: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 10.1.0.50
Anyone can help me please?
Thanks....

AP is connected directly to one of the ports on the 2504 controller.
I can move it to a POE switch, if needed.
Here is the output after I boot up the AP:
IOS Bootloader - Starting system.
flash is writable
FLASH CHIP: Macronix Mirrorbit (00C2)
Xmodem file system is available.
flashfs[0]: 43 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 16767488
flashfs[0]: Bytes available: 15230464
flashfs[0]: flashfs fsck took 16 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 4c:00:82:77:32:7b
Ethernet speed is 1000 Mb - FULL Duplex
Loading "flash:/ap3g2-k9w8-mx.152-4.JA1/ap3g2-k9w8-mx.152-4.JA1"...###########################
File "flash:/ap3g2-k9w8-mx.152-4.JA1/ap3g2-k9w8-mx.152-4.JA1" uncompressed and installed, entry point: 0x2003000
executing...
Secondary Bootloader - Starting system.
Xmodem file system is available.
flashfs[0]: 43 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 16767488
flashfs[0]: Bytes available: 15230464
flashfs[0]: flashfs fsck took 8 seconds.
Base Ethernet MAC address: 4c:00:82:77:32:7b
Boot CMD: 'boot flash:/ap3g2-k9w8-mx.152-4.JA1/ap3g2-k9w8-xx.152-4.JA1;flash:/ap3g2-k9w8-mx.152-4.JA1/ap3g2-k9w8-mx.152-4.JA1'
Loading "flash:/ap3g2-k9w8-mx.152-4.JA1/ap3g2-k9w8-xx.152-4.JA1"...###############################
File "flash:/ap3g2-k9w8-mx.152-4.JA1/ap3g2-k9w8-xx.152-4.JA1" uncompressed and installed, entry point: 0x2003000
executing...
              Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 22:57 by prod_rel_team
Initializing flashfs...
flashfs[3]: 43 files, 9 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 31739904
flashfs[3]: Bytes used: 16767488
flashfs[3]: Bytes available: 14972416
flashfs[3]: flashfs fsck took 8 seconds.
flashfs[3]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 11999232
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 11998208
flashfs[4]: flashfs fsck took 1 seconds.
flashfs[4]: Initialization complete.
Copying radio files from flash: to ram:
Copy in progress...CCCCC
Copy in progress...CCC
Copy in progress...CCCC
Copy in progress...CCCC
Copy in progress...CC
Uncompressing radio files...
...done Initializing flashfs.
Radio0 present 8764 8000 0 A8000000 A8010000 0
Rate table has 244 entries (64 SGI/104 BF variants)
Radio1 present 8764 8000 0 88000000 88010000 4
Radio2 not present 0 0 0 0 0 8
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP3602I-A-K9 (PowerPC) processor (revision A0) with 180214K/81920K bytes of memory.
Processor board ID FTX1731GQYY
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.5.102.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 4C:00:82:77:32:7B
Part Number                          : 73-14521-02
PCA Assembly Number                  : 800-37501-02
PCA Revision Number                  : A0
PCB Serial Number                    : FOC17273HG4
Top Assembly Part Number             : 800-35852-02
Top Assembly Serial Number           : FTX1731GQYY
Top Revision Number                  : C0
Product/Model Number                 : AIR-CAP3602I-A-K9
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:11.355: FIPS IOS test Image Checksum successful
*Mar 1 00:00:11.355: FIPS IOS test Crypto RNG DEK Key Test successful
*Mar 1 00:00:11.355: FIPS IOS test SHA-1 successful
*Mar 1 00:00:11.355: FIPS IOS test HMAC-SHA1 successful
*Mar 1 00:00:11.355: FIPS IOS test AES CBC 128-bit Encrypt successful
*Mar 1 00:00:11.355: FIPS IOS test AES CBC 128-bit Decrypt successful
*Mar 1 00:00:11.355: FIPS IOS test IOS AES CMAC Encrypt successful
*Mar 1 00:00:11.355: FIPS IOS test IOS CCM Encrypt successful
*Mar 1 00:00:11.355: FIPS IOS test IOS CCM Decrypt successful
*Mar 1 00:00:11.387: FIPS IOS test RSA Signature Generation successful
*Mar 1 00:00:11.391: FIPS IOS test RSA Signature Verification successful
*Mar 1 00:00:11.391: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar 1 00:00:11.391: %IFMGR-7-NO_IFINDEX_FILE: Unable to open nvram:/ifIndex-table No such file or directory
*Mar 1 00:00:11.847: Registering HW DTLS
*Mar 1 00:00:14.647: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:18.327: FIPS RADIO test AES 128-bit encrypt for TX on Dot11Radio 0 successful
*Mar 1 00:00:18.327: FIPS RADIO test AES 128-bit CCM encrypt on Dot11Radio 0 successful
*Mar 1 00:00:18.327: FIPS RADIO test AES 128-bit CCM decrypt on Dot11Radio 0 successful
*Mar 1 00:00:18.327: FIPS RADIO test AMAC AES 128-bit CMAC encrypt on Dot11Radio 0 successful
*Mar 1 00:00:18.327: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
*Mar 1 00:00:24.451: FIPS RADIO test AES 128-bit encrypt for TX on Dot11Radio 1 successful
*Mar 1 00:00:24.451: FIPS RADIO test AES 128-bit CCM encrypt on Dot11Radio 1 successful
*Mar 1 00:00:24.451: FIPS RADIO test AES 128-bit CCM decrypt on Dot11Radio 1 successful
*Mar 1 00:00:24.451: FIPS RADIO test AMAC AES 128-bit CMAC encrypt on Dot11Radio 1 successful
*Mar 1 00:00:24.451: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
*Mar 1 00:00:26.811: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 22:57 by prod_rel_team
*Mar 1 00:00:26.811: %SNMP-5-COLDSTART: SNMP agent on host AP4c00.8277.327b is undergoing a cold start
*Jul 4 23:55:50.035: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 4 23:55:50.035: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jul 4 23:55:50.051: %PARSER-4-BADCFG: Unexpected end of configuration file.
lwapp_crypto_init: MIC Present and Parsed Successfully
*Jul 4 23:55:50.191: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Jul 4 23:55:50.855: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Jul 4 23:55:51.027: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Jul 4 23:55:51.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 4 23:55:51.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Jul 4 23:55:53.319: FIPS HW test SHA-1 successful
*Jul 4 23:55:53.319: FIPS HW test HMAC-SHA1 successful
*Jul 4 23:55:53.319: FIPS HW test AES CBC 128-bit Encrypt successful
*Jul 4 23:55:53.319: FIPS HW test AES CBC 128-bit Decrypt successful
*Jul 4 23:55:53.819: FIPS HW test SHA-1 successful
*Jul 4 23:55:53.819: FIPS HW test HMAC-SHA1 successful
*Jul 4 23:55:53.819: FIPS HW test AES CBC 128-bit Encrypt successful
*Jul 4 23:55:53.819: FIPS HW test AES CBC 128-bit Decrypt successful
*Jul 4 23:55:53.819: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed
*Jul 4 23:55:53.819: DPAA Initialization Complete
*Jul 4 23:55:53.819: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Jul 4 23:55:54.819: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up%Default route without gateway, if not a point-to-point interface, may impact performance
*Jul 4 23:56:13.191: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Jul 4 23:56:14.279: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 4 23:56:15.279: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 4 23:56:15.371: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 4 23:56:16.371: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Jul 4 23:56:18.895: Logging LWAPP message to 255.255.255.255.
*Jul 4 23:56:23.627: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.1.1.150, mask 255.255.240.0, hostname AP4c00.8277.327b
Translating "CISCO-CAPWAP-CONTROLLER.pti.local"...domain server (10.3.1.32)
*Jul 4 23:56:34.559: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Jul 4 23:56:34.567: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER.pti.local
*Jul 4 23:56:44.567: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Oct 30 15:05:13.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.0.50 peer_port: 5246
*Oct 30 15:05:13.411: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.1.0.50 peer_port: 5246
*Oct 30 15:05:13.411: %CAPWAP-5-SENDJOIN: sending Join Request to 10.1.0.50
*Oct 30 15:05:13.411: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Oct 30 15:05:13.411: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Oct 30 15:05:13.411: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Oct 30 15:05:13.411: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 10.1.0.50
*Oct 30 15:05:18.411: %CAPWAP-5-SENDJOIN: sending Join Request to 10.1.0.50

IMP: Cisco AIR-CAP1602 &1532 not joining 2504 Controller issue

Dear Team, We have Cisco wireless implementation in clients premises. We have 8 indoor AP (AIR-CAP1602E-AK9) and 2 Outdoor AP (AIR-CAP1532I-AK9) . Seven indoor APs are able to join the 2504 controller, but 1 indoor AIR-CAP1602E AP is not joining and signal is RED continuously while as outdoor AP AIR-CAP1532I-AK9 signal goes blinking from green, red to amber continuously and is not downloading LWAPP image from the controller even after hard reset.
The output for both APs shown below-
1) AIR-CAP1602E-A-K9:
C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Compiled Fri 30-Nov-12 15:48 by aselvara
ap: reset
Are you sure you want to reset the system (y/n)?y
System resetting...
Boot from flash
IOS Bootloader - Starting system.
FLASH CHIP: Spansion S25FL256
Xmodem file system is available.
flashfs[0]: 14 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31936000
flashfs[0]: Bytes used: 418304
flashfs[0]: Bytes available: 31517696
flashfs[0]: flashfs fsck took 9 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 18:e7:28:d1:9b:05
************* loopback_mode = 0
The system is unable to boot automatically because there
are no bootable files.
C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Compiled Fri 30-Nov-12 15:48 by aselvarag
Same event repeating, failed to reset and reboot device
2) AIR_CAP1532I-A-K9 (Outdoor AP):
*Mar 1 00:01:22.211: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 1 00:01:22.211: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_47:32:e4'running version 7.5.102.0 is rejected.
*Mar 1 00:01:22.211: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:01:22.211: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:01:22.211: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:01:22.211: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 100.1.1.20
signal goes blinking from Grean, Red to Amber continuously.
Failed to download LWAPP image from the controller even after hard reset.
Default image: 7.6.95.12
Logs and screen shot attached
Please advice.
Thanks
Aakash

Hi please note the details below-
AIR-CAP1602E-A-K9:
C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Compiled Fri 30-Nov-12 15:48 by aselvara
ap: reset
Are you sure you want to reset the system (y/n)?y
System resetting...
Boot from flash
IOS Bootloader - Starting system.
FLASH CHIP: Spansion S25FL256
Xmodem file system is available.
flashfs[0]: 14 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31936000
flashfs[0]: Bytes used: 418304
flashfs[0]: Bytes available: 31517696
flashfs[0]: flashfs fsck took 9 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 18:e7:28:d1:9b:05
************* loopback_mode = 0
The system is unable to boot automatically because there
is no bootable files.
C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Compiled Fri 30-Nov-12 15:48 by aselvarag
Can't reboot device!
WLC-SYSLOG
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.5.102.0
Bootloader Version............................... 1.0.18
Field Recovery Image Version..................... 1.0.0
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... Cisco_47:32:e4
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 100.1.1.20
Last Reset....................................... Power on reset
System Up Time................................... 0 days 2 hrs 18 mins 39 secs
System Timezone Location......................... (GMT -6:00) Central Time (US a nd Canada)
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
--More-- or (q)uit
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +32 C
External Temperature............................. +37 C
Fan Status....................................... 4000 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 3
Number of Active Clients......................... 0
Burned-in MAC Address............................ 24:E9:B3:47:32:E0
Maximum number of APs supported.................. 15

Which WLC interface should be resolved from cisco-lwapp-controller.domain

Hi,
we use several 4402 wlc and want the aps connect to connect to them via dns discovery.
It would be fine if somebody could tell me to which ip address (in our dns database) I have to add an alias for cisco-lwapp-controller.<domain>.
Is it the management interface, the ap manager interface or one/all dynamic interface(s)?
Is there any hint concerning this in the documentation?
Best Regards,
Thorsten

You use the management interface of the WLC.
Here is a good link also if you have issues:
http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00808f8599.shtml#backinfo

Cisco SG300-52 52-Port Gigabit Managed Switch losing VLAN-Port Membership

Hello
We have some cisco switches in use and we're facing some problems everytime the switch loses Power.
After a reboot the port/vlan membership is lost, so are other settings recently made (like SSH access allowed, etc.).
The settings made up a year ago like the IPs, password, etc. remain untouched.
Upgrading the Firmware, Saving the Configs, etc. didn't solve the problem.
Is this a known issue? Anyone facing the same problem?
Bye and thanks for the help.
Viktor

Vlan Name Tagged Ports UnTagged Ports Created by
1 1 gi51-52,Po1-8 D
10 10 gi51-52 S
20 20 gi51-52 S
30 30 gi51-52 S
40 40 gi51-52 gi1-9,gi14-34, S
gi38-41,gi49-50
50 50 gi51-52 S
100 100 gi51-52 S
190 SecurityNetwork gi51-52 gi11-13,gi35-37 S
200 200 gi51-52 S
210 Wireless gi51-52 gi10 S
300 ServerSubnetOne gi51-52 gi42-48 S
config-file-header
as4
v1.4.0.88 / R800_NIK_1_4_194_194
CLI v1.0
set system mode switch
file SSD indicator encrypted
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
no cdp run
no spanning-tree
port jumbo-frame
vlan database
vlan 10,20,30,40,50,100,190,200,210,300
exit
voice vlan state disabled
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
no lldp run
hostname as4
no passwords complexity enable
username cisco password encrypted xxxxx
ip ssh server
snmp-server location Eingang
snmp-server contact [email protected]
clock timezone " " +1
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server 157.161.57.2 poll
ip name-server 192.168.200.1
interface vlan 190
name SecurityNetwork
interface vlan 200
ip address 192.168.200.34 255.255.255.0
interface vlan 210
name Wireless
interface vlan 300
name ServerSubnetOne
interface gigabitethernet1
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet2
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet3
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet4
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet5
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet6
spanning-tree disable
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet7
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet8
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet9
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet10
switchport mode access
switchport access vlan 210
lldp med disable
interface gigabitethernet11
switchport mode access
switchport access vlan 190
lldp med disable
interface gigabitethernet12
switchport mode access
switchport access vlan 190
lldp med disable
interface gigabitethernet13
switchport mode access
switchport access vlan 190
lldp med disable
interface gigabitethernet14
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet15
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet16
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet17
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet18
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet19
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet20
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet21
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet22
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet23
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet24
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet25
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet26
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet27
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet28
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet29
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet30
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet31
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet32
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet33
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet34
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet35
switchport mode access
switchport access vlan 190
lldp med disable
interface gigabitethernet36
switchport mode access
switchport access vlan 190
lldp med disable
interface gigabitethernet37
switchport mode access
switchport access vlan 190
lldp med disable
interface gigabitethernet38
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet39
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet40
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet41
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet42
switchport mode access
switchport access vlan 300
lldp med disable
interface gigabitethernet43
switchport mode access
switchport access vlan 300
lldp med disable
interface gigabitethernet44
switchport mode access
switchport access vlan 300
lldp med disable
interface gigabitethernet45
switchport mode access
switchport access vlan 300
lldp med disable
interface gigabitethernet46
switchport mode access
switchport access vlan 300
lldp med disable
interface gigabitethernet47
switchport mode access
switchport access vlan 300
lldp med disable
interface gigabitethernet48
switchport mode access
switchport access vlan 300
lldp med disable
interface gigabitethernet49
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet50
switchport mode access
switchport access vlan 40
lldp med disable
interface gigabitethernet51
switchport trunk allowed vlan add 10,20,30,40,50,100,190,200,210,300
lldp med disable
interface gigabitethernet52
switchport trunk allowed vlan add 10,20,30,40,50,100,190,200,210,300
lldp med disable
exit

VLAN assignment without ACS on Cisco Wireless Controller 5508

I was wondering if it is possible to do dynamic VLAN assignment on the Cisco Wireless Controller 5508 without using Cisco ACS but use Microsoft NPS server instead? Is there a manual or article that someone can point me in the right direction?
Thank you!

Any RADIUS server will allow you to do the dynamic vlan assignment if you configure the right RADIUS attributes (64, 65 and 81 that Steve mentioned above).
This doc shows example of dynamic vlan assignment with WLC and ACS.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml
Same config on WLC is needed. However, on the RADIUS you need to configure the same attributes on the NPS instead.
HTH
Amjad
Rating useful replies is more useful than saying "Thank you"

Cisco 2504 controller, setting management wlan interface Vlan Identifier to anything but 0 loses management ability

Similar Messages

Maybe you are looking for