Cisco 4402 Controller and 1113 ACS Set up??

Hello all,
I have a 4402 and 1113 I am trying to set up. I have tried everything to try and get the controller to talk to the 1113 with zero luck. Is there a step by step example configuration out there?

There are many reason why an AP is not able to join AP.One Main reason could be AP unable to deted the controller's IP address on the Domain.Refer URL
http://www.cisco.com/en/US/customer/products/ps6366/prod_technical_reference09186a00806cfa96.html#wp1050674

Similar Messages

  • Cisco 526 controller and AP541N

    Hello,
    I have a cisco 526 controller. Since this device is EOL. Can I still use 526 controller with AP541N? What are the limitations and problem configuring with
    AP541N?
    Thanks.
    Dipendra

    Hi Dipendra,
    The 541N is NOT supported via the 526 Controller
    With the Cisco AP 541N, you can:
    • Easily set up, configure, and manage multiple wireless access points, without the need to invest in a wireless controller
    http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10492/data_sheet_c78-566239.html
    Cheers!
    Rob

  • Cisco wireless controller and AP-binding domain how do you integrate wireless domain authentication?

    With Cisco equipment wlc 2500 and AP 1600 combines windows 2008 r2 domain controller to achieve the following purposes, 
    1, all cell phones and laptops can access the wireless network with a domain user authentication. 
    2, the guest network should how to do it? 
    My idea is: 
    Made a total of two ssid below 
    Mobile users cnnewcity_mobile: Use webportal certification, so the center certification, local forwarding 
    Computer users cnnewcity_wifi: transparent certification, local forwarding, local authentication 
    The basic steps are as follows: 
    1, set the Radius server clients (AP or controller) 
    2, locking authorization group --- this should be based on the domain user group authorization radius server 
    3, the mobile roaming - different locations on the DHCP server choose to do this you have to consider the next 43 
    4, the establishment of a two vlan to a mobile user to the computer user, create a DCHP scope on the DHCP
    I do not know if you have wood there are better ways?

    Integrating the AD to the WLC Requires:
    1. AD to be registered:
     AT: Security->AAA
        AT: LDAP     
        CLICK: New
        Server IP:    <AD IP>
        Port Number:    389     
        Simple Bind:    Authenticated
        Bind User:    CN=Administrator,CN=Users,DC=testing,DC=local,DC=com
        Bind Pass:    <LDAP Admin pass>
        Confirm Pass: <LDAP Admin pass>
        User Base DN:    OU=WebAuth_Users,DC=testing,DC=local,DC=com
        User Attrib:    sAMAccountName      
        User Obj. Type:    person        
    Enable at WLAN Profile
    1. AT: WLAN->WLANs
        CLICK: <Desired WLAN> -typically web authentication
    2. AT: Security Tab
        AT: AAA Servers
    3. AT: LDAP Servers
        **Select Created LDAP
    4. Apply to Save
    Source: Tried it in implementations :))

  • LWAPP cannot translate cisco-lwapp-controller

    Hi all:
    I had add a hostname to DNS server as CISCO-LWAPP-CONTROLLER . and i use my controller as a internal DHCP server , it will assign ip to a lot of vlan. My lightweigh ap cannot translate the cisco-lwapp-controller and other a record at DNS server .

    Can you translate that on the local lan? Verify that the manamgement and ap-manager is configured for vlan "0" untagged and that the trunk port is setup with the native vlan of the WLC management and ap-manager interface. If you console in the ap and power cycle the ap, what does the log show. Post the log so we can take a look at it.

  • Looking for successful auth debug between cisco 1113 acs 4.2 and Active Directory

    Hello,
    Does anyone have a successful authentication debug using cisco 1113 acs 4.2 and Active Directory?  I'm not having success in setting this up and would like to see what a successful authentication debug looks.  Below is my current situation:
    Oct  6 13:52:23: TPLUS: Queuing AAA Authentication request 444 for processing
    Oct  6 13:52:23: TPLUS: processing authentication start request id 444
    Oct  6 13:52:23: TPLUS: Authentication start packet created for 444()
    Oct  6 13:52:23: TPLUS: Using server 110.34.5.143
    Oct  6 13:52:23: TPLUS(000001BC)/0/NB_WAIT/46130160: Started 5 sec timeout
    Oct  6 13:52:23: TPLUS(000001BC)/0/NB_WAIT: socket event 2
    Oct  6 13:52:23: T+: Version 192 (0xC0), type 1, seq 1, encryption 1
    Oct  6 13:52:23: T+: session_id 763084134 (0x2D7BBD66), dlen 26 (0x1A)
    Oct  6 13:52:23: T+: type:AUTHEN/START, priv_lvl:15 action:LOGIN ascii
    Oct  6 13:52:23: T+: svc:LOGIN user_len:0 port_len:6 (0x6) raddr_len:12 (0xC) data_len:0
    Oct  6 13:52:23: T+: user: 
    Oct  6 13:52:23: T+: port:  tty515
    Oct  6 13:52:23: T+: rem_addr:  10.10.10.10
    Oct  6 13:52:23: T+: data: 
    Oct  6 13:52:23: T+: End Packet
    Oct  6 13:52:23: TPLUS(000001BC)/0/NB_WAIT: wrote entire 38 bytes request
    Oct  6 13:52:23: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:23: TPLUS(000001BC)/0/READ: Would block while reading
    Oct  6 13:52:23: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:23: TPLUS(000001BC)/0/READ: read entire 12 header bytes (expect 16bytes data)
    Oct  6 13:52:23: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:23: TPLUS(000001BC)/0/READ: read entire 28 bytes response
    Oct  6 13:52:23: T+: Version 192 (0xC0), type 1, seq 2, encryption 1
    Oct  6 13:52:23: T+: session_id 763084134 (0x2D7BBD66), dlen 16 (0x10)
    Oct  6 13:52:23: T+: AUTHEN/REPLY status:4 flags:0x0 msg_len:10, data_len:0
    Oct  6 13:52:23: T+: msg:  Username:
    Oct  6 13:52:23: T+: data: 
    Oct  6 13:52:23: T+: End Packet
    Oct  6 13:52:23: TPLUS(000001BC)/0/46130160: Processing the reply packet
    Oct  6 13:52:23: TPLUS: Received authen response status GET_USER (7)
    Oct  6 13:52:30: TPLUS: Queuing AAA Authentication request 444 for processing
    Oct  6 13:52:30: TPLUS: processing authentication continue request id 444
    Oct  6 13:52:30: TPLUS: Authentication continue packet generated for 444
    Oct  6 13:52:30: TPLUS(000001BC)/0/WRITE/46130160: Started 5 sec timeout
    Oct  6 13:52:30: T+: Version 192 (0xC0), type 1, seq 3, encryption 1
    Oct  6 13:52:30: T+: session_id 763084134 (0x2D7BBD66), dlen 15 (0xF)
    Oct  6 13:52:30: T+: AUTHEN/CONT msg_len:10 (0xA), data_len:0 (0x0) flags:0x0
    Oct  6 13:52:30: T+: User msg: <elided>
    Oct  6 13:52:30: T+: User data: 
    Oct  6 13:52:30: T+: End Packet
    Oct  6 13:52:30: TPLUS(000001BC)/0/WRITE: wrote entire 27 bytes request
    Oct  6 13:52:30: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:30: TPLUS(000001BC)/0/READ: read entire 12 header bytes (expect 16bytes data)
    Oct  6 13:52:30: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:30: TPLUS(000001BC)/0/READ: read entire 28 bytes response
    Oct  6 13:52:30: T+: Version 192 (0xC0), type 1, seq 4, encryption 1
    Oct  6 13:52:30: T+: session_id 763084134 (0x2D7BBD66), dlen 16 (0x10)
    Oct  6 13:52:30: T+: AUTHEN/REPLY status:5 flags:0x1 msg_len:10, data_len:0
    Oct  6 13:52:30: T+: msg:  Password:
    Oct  6 13:52:30: T+: data: 
    Oct  6 13:52:30: T+: End Packet
    Oct  6 13:52:30: TPLUS(000001BC)/0/46130160: Processing the reply packet
    Oct  6 13:52:30: TPLUS: Received authen response status GET_PASSWORD (8)
    Oct  6 13:52:37: TPLUS: Queuing AAA Authentication request 444 for processing
    Oct  6 13:52:37: TPLUS: processing authentication continue request id 444
    Oct  6 13:52:37: TPLUS: Authentication continue packet generated for 444
    Oct  6 13:52:37: TPLUS(000001BC)/0/WRITE/46130160: Started 5 sec timeout
    Oct  6 13:52:37: T+: Version 192 (0xC0), type 1, seq 5, encryption 1
    Oct  6 13:52:37: T+: session_id 763084134 (0x2D7BBD66), dlen 16 (0x10)
    Oct  6 13:52:37: T+: AUTHEN/CONT msg_len:11 (0xB), data_len:0 (0x0) flags:0x0
    Oct  6 13:52:37: T+: User msg: <elided>
    Oct  6 13:52:37: T+: User data: 
    Oct  6 13:52:37: T+: End Packet
    Oct  6 13:52:37: TPLUS(000001BC)/0/WRITE: wrote entire 28 bytes request
    Oct  6 13:52:37: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:37: TPLUS(000001BC)/0/READ: read entire 12 header bytes (expect 33bytes data)
    Oct  6 13:52:37: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:37: TPLUS(000001BC)/0/READ: read entire 45 bytes response
    Oct  6 13:52:37: T+: Version 192 (0xC0), type 1, seq 6, encryption 1
    Oct  6 13:52:37: T+: session_id 763084134 (0x2D7BBD66), dlen 33 (0x21)
    Oct  6 13:52:37: T+: AUTHEN/REPLY status:7 flags:0x0 msg_len:27, data_len:0
    Oct  6 13:52:37: T+: msg:  Error during authentication
    Oct  6 13:52:37: T+: data: 
    Oct  6 13:52:37: T+: End Packet
    Oct  6 13:52:37: TPLUS(000001BC)/0/46130160: Processing the reply packet
    Oct  6 13:52:37: TPLUS: Received Authen status error
    Oct  6 13:52:37: TPLUS(000001BC)/0/REQ_WAIT/46130160: timed out
    Oct  6 13:52:37: TPLUS(000001BC)/0/REQ_WAIT/46130160: No sock_ctx found while handling request timeout
    Oct  6 13:52:37: TPLUS: Choosing next server 101.34.5.143
    Oct  6 13:52:37: TPLUS(000001BC)/1/NB_WAIT/46130160: Started 5 sec timeout
    Oct  6 13:52:37: TPLUS(000001BC)/46130160: releasing old socket 0
    Oct  6 13:52:37: TPLUS(000001BC)/1/46130160: Processing the reply packet
    Oct  6 13:52:49: TPLUS: Queuing AAA Authentication request 444 for processing
    Oct  6 13:52:49: TPLUS: processing authentication start request id 444
    Oct  6 13:52:49: TPLUS: Authentication start packet created for 444()
    Oct  6 13:52:49: TPLUS: Using server 172.24.5.143
    Oct  6 13:52:49: TPLUS(000001BC)/0/NB_WAIT/46130160: Started 5 sec timeout
    Oct  6 13:52:49: TPLUS(000001BC)/0/NB_WAIT: socket event 2
    Oct  6 13:52:49: T+: Version 192 (0xC0), type 1, seq 1, encryption 1
    Oct  6 13:52:49: T+: session_id 1523308383 (0x5ACBD75F), dlen 26 (0x1A)
    Oct  6 13:52:49: T+: type:AUTHEN/START, priv_lvl:15 action:LOGIN ascii
    Oct  6 13:52:49: T+: svc:LOGIN user_len:0 port_len:6 (0x6) raddr_len:12 (0xC) data_len:0
    Oct  6 13:52:49: T+: user: 
    Oct  6 13:52:49: T+: port:  tty515
    Oct  6 13:52:49: T+: rem_addr:  10.10.10.10
    Oct  6 13:52:49: T+: data: 
    Oct  6 13:52:49: T+: End Packet
    Oct  6 13:52:49: TPLUS(000001BC)/0/NB_WAIT: wrote entire 38 bytes request
    Oct  6 13:52:49: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:49: TPLUS(000001BC)/0/READ: Would block while reading
    Oct  6 13:52:49: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:49: TPLUS(000001BC)/0/READ: read entire 12 header bytes (expect 43bytes data)
    Oct  6 13:52:49: TPLUS(000001BC)/0/READ: socket event 1
    Oct  6 13:52:49: TPLUS(000001BC)/0/READ: read entire 55 bytes response
    Oct  6 13:52:49: T+: Version 192 (0xC0), type 1, seq 2, encryption 1
    Oct  6 13:52:49: T+: session_id 1523308383 (0x5ACBD75F), dlen 43 (0x2B)
    Oct  6 13:52:49: T+: AUTHEN/REPLY status:4 flags:0x0 msg_len:37, data_len:0
    Oct  6 13:52:49: T+: msg:   0x0A User Access Verification 0x0A  0x0A Username:
    Oct  6 13:52:49: T+: data: 
    Oct  6 13:52:49: T+: End Packet
    Oct  6 13:52:49: TPLUS(000001BC)/0/46130160: Processing the reply packet
    Oct  6 13:52:49: TPLUS: Received authen response status GET_USER (7)
    The 1113 acs failed reports shows:
    External DB is not operational
    thanks,
    james

    Hi James,
    We get External DB is not operational. Could you confirm if under External Databases > Unknown User           Policy, and verify you have the AD/ Windows database at the top?
    this error means the external server might not correctly configured on ACS external database section.
    Another point is to make sure we have remote agent installed on supported windows server.
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawi.html#wp289013
    Also provide the Auth logs from the server running remote agent, e.g.:-
    AUTH 10/25/2007 15:21:31 I 0376 1276 External DB [NTAuthenDLL.dll]:
    Attempting Windows authentication for user v-michal
    AUTH 10/25/2007 15:21:31 E 0376 1276 External DB [NTAuthenDLL.dll]: Windows
    authentication FAILED (error 1783L)
    thanks,
    Vinay

  • Cisco 4402 WLC IOS Upgradation using CLI and Web Interface

    Hi,
    I would like to know how to upgrade IOS of Cisco 4402 WireLess LAN Controller using CLI and Web interface ?
    Can any one help me regarding the same.
    Please answer as soon as possible.
    Thanks in advance.

    Here are the instructions for upgrading the controllers via GUI:
    http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn52.html#wp472449
    Instructions via cli:
    Cisco recommends that a direct CLI console port connection is used to update the controller software.
    1. Make sure a TFTP server is available for the Operating System (OS) software download. Also, keep these guidelines in mind when the TFTP server is set up:
    If a download is performed through the service port, the TFTP server must be on the same subnet as the service port because the service port is not routable.
    If a download is performed through the Distribution System (DS) network port, the TFTP server can be on the same or a different subnet because the DS port is routable.
    The TFTP server cannot run on the same computer as the Cisco Wireless Control System (WCS) because WCS and the TFTP server use the same communication port.
    2. Download the desired OS software update file from the Cisco website to the default directory on the TFTP server.
    3. Log into the WLC CLI.
    4. Issue the ping server-ip-address command to verify that the WLC can contact the TFTP server.
    5. Issue the transfer download start command and answer n when prompted to view the current download settings.
    This example shows the command output:
    transfer download start
    Mode........................................... TFTP
    Data Type...................................... Code
    TFTP Server IP.................................
    xxx.xxx.xxx.xxx
    6. TFTP Path...................................... TFTP Filename.................................. AS_2000_3_0_x_x.aes --OR-- AS_4100_3_0_x_x.aes --OR-- AS_4400_3_0_x_x.aes Are you sure you want to start? (y/n) n Transfer Canceled Issue these commands to change the download settings:
    * transfer download mode tftp
    * transfer download datatype code
    * transfer download serverip tftp-server-ip-address
    * transfer download filename filename
    * transfer download path absolute-tftp-server-path-to-file
    Note: All TFTP servers require the full pathname. For example, in Windows, the path is C:\TFTP-Root. (In UNIX forward slashes (/) are required.)
    7. Issue the transfer download start command to view the updated settings, and answer y when prompted to confirm the current download settings and start the OS code download.
    This example shows the download command output:
    transfer download start
    Mode........................................... TFTP
    Data Type...................................... Code
    TFTP Server IP.................................
    xxx.xxx.xxx.xxx
    TFTP Path......................................
    path>
    TFTP Filename..................................
    AS_2000_3_0_x_x.aes --OR--
    AS_4100_3_0_x_x.aes --OR--
    AS_4400_3_0_x_x.aes
    Are you sure you want to start? (y/n) y
    TFTP Code transfer starting.
    TFTP receive complete... extracting components.
    Writing new bootloader to flash.
    Making backup copy of RTOS.
    Writing new RTOS to flash.
    Making backup copy of Code.
    Writing new Code to flash.
    TFTP File transfer operation completed successfully. Please
    restart the switch (reset system) for update to complete.
    8. The WLC now has the code update in active volatile RAM, but the reset system command must be issued to save the code update to non-volatile RAM (NVRAM) and reboot the WLC.
    This is a sample output:
    The system has unsaved changes.
    Would you like to save them now? (y/n) y
    The controller completes the bootup proce

  • Cisco 4402 Guest lan and product lan DHCP assignment

    I'm currently setting up a wirless lan with a Cisco 4402 Wireless Lan Controller and 1 cisco 1242AG Access points.
    All the devices include:
    Cisco catalyst 6505
    Cisco 4402
    D-Link broadband router
    Connection between them:
    6505 trunking with 4402 (dot1q and trunk vlan 1 and vlan 3, but i found that all vlan on the 6506 will trunk together), wlan 1 is production lan while vlan 3 is Guest lan)
    6505 vlan 3 is connecting to D-Link broadband router as a guest lan
    both vlan 1 and vlan 3 have DHCP server for production PC and guest notebook respectively.
    On 4402, i have two interfaces and 2 WLAN. one interface for production lan pointing DHCP server to product DHCP address and the other interface for guest lan, which pointing to guest lan DHCP server.
    when a notebook connec to guest lan, it will assign an address from guest DHCP server, while connecting to production lan, a production IP will be assigned last week. But the things change w/o changing the structure, when i connect to guest lan SSID, the ip suppose assign by the Guest lan DHCP, but it failed, the notebook got ip address from production lan.
    Is it trunking makes those all Vlan "mixed", and get ip from the DHCP server with faster respone time?
    How can i make sure when i connect to guest lan, the ip will be assigned from Guest Lan DHCP server and vice versa?
    Many thanks!

    Here is the URL for the Cisco Guest Access Using the Cisco Wireless LAN Controller which will help you :
    http://www.cisco.com/en/US/docs/wireless/technology/guest_access/technical/reference/4.0/GAccess.html

  • VLAN assignment without ACS on Cisco Wireless Controller 5508

    I was wondering if it is possible to do dynamic VLAN assignment on the Cisco Wireless Controller 5508 without using Cisco ACS but use Microsoft NPS server instead?  Is there a manual or article that someone can point me in the right direction?
    Thank you!

    Any RADIUS server will allow you to do the dynamic vlan assignment if you configure the right RADIUS attributes (64, 65 and 81 that Steve mentioned above).
    This doc shows example of dynamic vlan assignment with WLC and ACS.
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml
    Same config on WLC is needed. However, on the RADIUS you need to configure the same attributes on the NPS instead.
    HTH
    Amjad
    Rating useful replies is more useful than saying "Thank you"

  • 4402 LAN Controller and 44 AP Point with CUCM 7.1

    First time going to configure 4402 LAN Controller with 44 AP with 7921 wireless IP Phone, Please light me with document and info to configure 4402 lan controller with Access point.
    Just connecting Controller and AP in switch both will get registered, I have two LAN Controller for redundancy [ how to configure redundancy in controller ].
    For layer 3 roaming what are the basic steps I should configure in controller and AP.

    Here's a link to the doc that outlines how to configured the controller to best support a 7921:
    http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/6_0/english/deployment/guide/7921dply.pdf
    For redundancy you will want to have the controller in the same mobility group:
    http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/6_0/english/deployment/guide/7921dply.pdf
    Having them in the same mobility group will also take care of any roaming between controllers.

  • Software Version Upgrade for Cisco 4402 Wireless Lan Controller

    Hi,
    We have Cisco 4402 Wireless Lan Controller with Software Version 3.2.171.6 and we want to upgrade it to latest version.
    So can anyone please let me know the latest version to upgrade the WLC?
    Also since WLC is running on very lower version is it possible to upgrade to the latest version directly or we have to move it step by step to upgrade this to latest version?
    Thanks

    Take a look at the compatibility matrix below:
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
    7.0.235 is the latest that you can go to:
    http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7_0_235_0.html
    The release notes outline the upgrade process.
    "Upgrade to 4.0.206.0 or later 4.0 release, then upgrade to 4.2.176.0, before upgrading to 7.0.235.0."

  • Reimage cisco 1113 ACS - NIC driver

    HI,
    I tried to re-image a cisco 1113 ACS appliance into windows 2003 and was successful. I suppose to use this for my staging/LAB.My only problem is the NIC cards shows unknown since no appropraite driver was found. Googled for a few days but ends up nothing. Does anybody knows the exact driver? Appreciate anybody's reply.
    Thanks.

    Just for everybody's info.
    I manage to download the NIC driver. It is a Generic Broadcom NetXtreme Gigabit Ethernet.
    Now it is working fine.

  • Wireless Guest Network using Cisco 4402 as an Anchor Controller

    Hello,
    We have recently redesigned our wireless guest network in accordance to Cisco's recommended deployment using the anchor controller in the DMZ. We have created two mobility groups (enterprise and anchor). The anchor controller and DMZ has two subnets (guest managment and guest clients). The guest management subnet is connected to the controller and firewall allowing the mobility groups and EOIP tunnels while the guest client network is also connected to the controller and firewall to push the client traffic directly out the firewall. The setup works well but the one part that I'm not happy with is the DHCP. Currently DHCP is being handled on the firewall because of issues we had with dhcp relay and the controllers internal dhcp service.
    Does anyone have any information on getting DHCP relay working or the internal dhcp service on the controllers when using as a anchor?
    This is basically the setup guide that we followed.
    http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob41dg/ch10GuAc.html
    Thanks!

    Hi,
    Make sure you have the IP helper address configured under the VLAN interface on the L3 and also make sure to disable DHCP proxy on both the WLC (Anchor and Foreign).
    This will help us as well..
    lemme know if this answered your question..
    Regards
    Surendra
    ====
    Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull

  • Tacacs problem with ACS 4.2 NDG and shell authorization sets

    Hi all,
    I am trying to solve this problem without success so far. I have fresh ACS 4.2.15 patch 5 ACS installation and I am tryng to deploy it to our environment. So I have configured one 2960S to be my test client and everything works fine. Problem is when I try to create fine grained policies using network device groups and shell authorization sets.
    I have created shell authorization sets called ReadOnly and FullAccess. I have also created NDG called FloorSwitches and added my 2960. I have 2 user groups called FloorSwitchesReadOnly and FloorSwithcesFullAccess. Now, if I configure group FloorSwitchesFullAccess and assign Shell command authorization set per NDG and then log into the switch, all of my commands are refused as unauthorized.
    One thing that I have noticed is that if I assign shell command authorization set to any device ( in user group settings ) it works fine. Or if I create association with DEFAULT NDG in user group it also works. So my conclusion is that ACS for some reason does not associate my switch with correct group but rather puts it to DEFAULT group for some reason.
    Did anyone had similar problem or is there something that I am doing in a wrong way? Is there another way to achieve such thing without using NDG's?
    Thanks everyone....

    Please upgrade to patch 6, there is a bug in patch 5 and you can check the release notes or the readme for more information.
    What is your user setting set to while you are testing command authorization, did you set it back to the group setting?
    Thanks,
    Tarik Admani

  • Cisco Aironet 3502i and Virtual Wireless Controller- Question

    Hello everyone,
    As soon, I purchased two Cisco 3502i and Cisco 1142 however, two issue are that I don't have controller and smartnet. As my purpose, it using for Home Use but house with 2,500 Sq ft with two floor and new 24x24ft garage with two floor. I put two Cisco 3502i for garage and one cisco 1142 in house on second floor. Separated for multi media, gaming, streaming high resolution video, parts, and downloads programmings online. It will run with Cisco Catalyst Express 500 with 24 ports (4 POE) and two gigabit ports. In house, it have Dell Poweredge 2850, Cisco Catalyst Express 500 with 24 ports POE and 2 ports gigabit.
    I thought to make my own developing with my first time using Wireless Controller. I wanted to try out with Virtual WLC on Dell Poweredge 2850 running ESXi 4.1.
    Specs for Dell Poweredge 2850:
    - 2x Intel Xeon Dual Core 3.8 GHz
    - 4GB RAM (Will upgrade to 12GB soon)
    - 2x 146GB and 2x 36GB SCSI
    - 2x 1 Gbps built in and 4x 1 Gbps PCI-X
    Developing with Untangle and pfSense to make it support with LADP and VLAN to both Cisco Express 500 using 4 gbps PCI-X. I have read the requipment list to use Virtual WLC but it seem met the requipment for my 2850. If someone offer me to get Virtual WLC and IOS from their, I accept to "borrow" it. I do go college which is Rochester Institute of Technology at New York and my major is Applied Computer Technology. I live here at Hampton Road, Virginia. Just in case if you might know about RIT. I just start to learning myself with Cisco books.
    I have a question:
    - Is there possible to get trial or full version of Virtual WLC?
    - Is there possible to get Lightweight or Autonomous IOS for Cisco 1142 and 3502i?
    -  Does it supported Dell PowerEdge 2850?
    - Does 3502i support Autonomous? (Not actually but I have researched around online about that it will work with 1262's IOS)
    Thanks
    Gage

    Answers in-line...
    I have a question:
    - Is there possible to get trial or full version of Virtual WLC?
    No.  You will need a SmartNet contract (or a freshly purchased device) to obtain software from cisco.  Nobody will provide this to you.
    - Is there possible to get Lightweight or Autonomous IOS for Cisco 1142 and 3502i?
    No.  You will need a SmartNet contract (or a freshly purchased device) to obtain software from cisco. 
    Nobody will provide this to you.
    -  Does it supported Dell PowerEdge 2850?
    Cisco doesn't go in to great detail regarding the actual Hardware requirements of the vWLC (as far as ESX Host requirements).  Primarily, making sure you are running ESX 4.x/5.x is necessary.  The vWLC provisions 2Gb of RAM and 8GB of thick provisioned storage, so if your host can accomodate I don't see any reason it wouldn't work.
    - Does 3502i support Autonomous? (Not actually but I have researched around online about that it will work with 1262's IOS)
    Yes, with the latest versions of IOS 15.2(2)JB, full functionality in autonomous can be achieved on the 1550, 3500, and 3600 series APs
    http://www.cisco.com/en/US/docs/wireless/access_point/ios/release/notes/15.2_2_JB.html#wp355587

  • 5508 and 4402 Controller Anchoring?

    Hello,
    I am running 5508 wireless controllers. I pass along another agency's WLAN across my wireless network that is anchored to their older 4402 controller.
    I wish to run the new 3600 series APs and am planning on migrating to NCS and the new 7.2 code.
    I know that the older 4400 series controllers will not handle the newer 7.1 or 7.2 code. However, i still wish to maintain this anchor relatiosnhip with the older 4402 controller. I need to know if this will work or not.
    Surely someone else has encountered this?
    Thanks,
    Phill

    Sent this one to TAC... they said it should work fine.
    I am planning a large deployment that depends heavily on the 3600 series AP...
    Not anchoring with older controllers would be a show stopper..or at least bring the project to a crawl...
    I'm already trying to figure out a workaround for surveying with the 3600 AP when i cant even run it. 
    (7.1, and 7.2 will not work with WCS...I already tried running it and it broke my ability create guest accounts...I was impressed with the 3600 AP though...).
    I have to wait until I can get NCS purchased to migrate to the 7.2 code
    Not looking for anymore surprises....
    Phill

Maybe you are looking for