Cisco vWLC extra vCPU.
Hi.
Does anyone has any experience in adding an extra vCPU to the Cisco Virtual Wireless Controller.
The standard config is 1vCPU and 2GB RAM.
My question is: Can I add an extra vCPU?
Thanks in advance.
Why do you want to add an additional vCPU? One vCPU should be more than enough, even with 200 AP's in a heavy RF environment.
Similar Messages
-
VMware tools and hardware version for Cisco vWLC
I am currently running a Cisco vWLC (v8.0.100.0) on VMware vSphere 5.5U2 supporting about 20 APs. I just recently upgraded to vSphere 5.5U2 and I was working my way through updating the VMware tools and VM Versions on all my VMs when I glanced at this info for the vWLC. The vWLC shows a VM version of 1 with the VMware tools not running and not installed. I am curious if it is necessary or even possible to update the VMware tools and VM version for the vWLC. The vWLC is working perfectly fine and I have no issue with leaving well enough alone, but this just kind of peeked my curiosity as I really couldn't find any concrete answers in any online documentation. Does anyone have any insight on this matter?
If it's working, then leave it alone. Some of the Cisco virtual, well maybe most, don't support the VMWARE tools. Updating the version to the latest will make you have to use vCenter as the sphere client will not allow you to edit the VM anymore.
-Scott -
Cisco vWLC and Central Web Authetication ISE Issue
Hello!
I have an issue with Wireless Central Web Authentication. Wired CWA woking fine.
My APs woking in FlexConnect mode with local switching. When I connect to the WLAN with CWA, web page with guest portal in not opening, but I see, that redirect is working...
When I try to ping ISE, and have a strange result:
y@5733Z:~$ ping 10.10.2.47
PING 10.10.2.47 (10.10.2.47) 56(84) bytes of data.
64 bytes from 10.10.2.47: icmp_seq=5 ttl=63 time=1.45 ms
64 bytes from 10.10.2.47: icmp_seq=8 ttl=63 time=2.22 ms
64 bytes from 10.10.2.47: icmp_seq=10 ttl=63 time=1.43 ms
^C
--- 10.10.2.47 ping statistics ---
21 packets transmitted, 3 received, 85% packet loss, time 20106ms
rtt min/avg/max/mdev = 1.430/1.703/2.223/0.367 ms
When I change the security method on the WLAN to open or any other, ping to ISE working fine. Please help!Central Web Auth (CWA) works different on controllers/APs running in FlexConnect mode. Please check this guide and confirm that you have similar setup.
http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html
If so, please post screen shots with your configs (Redirect ACLs, policies in ISE and the WLC SSD settings).
Also, the version of code that you are running in ISE and your controller.
Thank you for rating helpful posts! -
Hi,
is it possible to configure ha in virtual WLC??
thanks,
niteshCisco Virtual Wireless Controller (vWLC) - Release 7.3 supports HA. The latest 7.3 release enables a second controller to be configured in “Hot Standby” mode to a designated primary controller.
The redundancy ports of these two controller appliances are connected with an Ethernet cable. In case of WiSM2, you can have a redundant blade in the same or across chassis with VSS. This connection is used to exchange the configurations, the CAPWAP states of APs, and regular keep-alives. This is how a sub-second failover can be achieved for hundreds of access points to the standby controller in case of a hardware failure or network loss for the primary Controller. This means that there is NO SSID Outage because of Access Points Stateful Switch Over (AP-SSO) from primary to the standby controller.
In addition, the standby controller also syncs the Pairwise Master Key (PMK) key cache from the active primary controller, so when the client re-associates to the access point, there is no need for the controller to re-authenticate with the RADIUS server, resulting in downtime of only a handful of seconds. -
Cisco vWLC - AP's not broadcasting SSID's
I am running the demo of the virtual WLC and have one 1142N AP connected to it. I have two WLAN's created and they are configured to broadcast their SSID's. However, when I look on my laptop or Android, I cannot see either of them. I checked the AP to see if it has the WLAN's on it and it does. I did this by going to Wireless -> Access Points -> Radios -> 802.11a/n AP Interfaces -> Details. Under Station Configuration Parameters -> Number of WLAN's, there are 2, which is correct.
I had this demo running on VMware workstation and had some bridging issues with it and thought that was the issue. I now have it running on ESX5.1 and am still having this issue. I am at a loss as to what is causing this problem.
One other note, the AP is receiving power through a power injector. Not sure if that makes a difference or not.
TIA for any help.
Danwhat are the WLAN ID's for them? If you created them as => 17, you need to create an AP group
HTH,
Steve
Please remember to rate useful posts, and mark questions as answered -
Move AP´s form 4400 to vWLC
Hello Community.
At the moment we migrate AP´s from our old 4402 WLC (Version 7.0.235) to a new vWLC (Version 7.5.102)
I have to load a new image to the AP´s that they will connect with the new vWLC.
My Problem is, when i upgrade a AP in a Branch Office everthing works fine. I enter the new controller IP directly to the AP, becouse the DNS points to the old controller which is the productiv at the moment.
When i try to migrate a AP in our central, where also is the physikal old controller, the AP´s will not connect to the new vWLC. I make the Update from the AP and clear the private config and enter the ip of the new controller on the CLI of the AP. After a reboot the AP joins automaticly the old wlc and makes a firmwaredowngrad.
Why ignores the AP the static configured controller IP?
Regards StefanI would recommend to pay extra attention to Troubleshooting – AP Considerations section of the deployment guide. It literally states the following
An AP must be at software version 7.3.1.35 and above to successfully join a virtual controller. Virtual controllers use SSC in order to validate an AP before joining.
There are other items listed as well, but the main requirement is in that one sentence. Cisco Lightweight AP will not join vWLC if that AP lacks Software Release 7.3 or above. For clarity sake, the latest Cisco WLC 4400 Software Release is 7.0.250.0, which implies that it won’t be possible to migrate Lightweight APs from Cisco WLC 4400 to Cisco vWLC in a direct manner.
If you try to associate an AP that runs pre 7.3 WLC Software Release, you will likely notice the following messages in the console CLI, which is a good sign you need to upgrade AP’s software before it can join vWLC:
*Mar 28 12:07:20.227: %CAPWAP-5-SENDJOIN: sending Join Request to 10.175.1.200
*Mar 28 12:07:20.231: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Mar 28 12:07:20.231: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Mar 28 12:07:20.231: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 28 12:07:20.231: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 10.175.1.200
*Mar 28 12:07:20.231: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.175.1.200
*Mar 28 12:07:30.243: %CAPWAP-3-ERRORLOG: Go join a capwap controller
Before you even start to migrate APs to the vWLC, you have to understand if those APs are being supported in the new version of WLC software (7.3 and above).
Check the WLC 7.3.112.0 Release Notes, specifically “Software Release Support for Access Points” section. There’s a table that lists the majority of Cisco Access Point models and information about their life cycle – First Support and Last Support release versions. The latest column is of highest interest. You can expect an AP to work with the new WLC Software Releases if a dash is displayed in that column. Otherwise you will have to consider replacing APs as well, and not only the WLC.
For example, Cisco Lightweight AP 1142 can be upgraded to software version 7.3 (Last Support release column has the dash). At the same time Cisco Lightweight AP 1220 can not be upgraded (Last Support release version is 7.0.x). After you confirmed that your APs are being supported by WLC 7.3 or above, you can proceed further.
There are two ways to meet this main requirement: Manual and Automatic.
Manual Upgrade (slow, not recommended in large deployments)
This methods does not require any special kit except the console cable and network connectivity to the TFTP server. Process is as follows
Get a recovery image software from the download section at Cisco.com, for WLC 7.3 or above. For example, IOS software that corresponds to WLC Software Release 7.3.112.0 is 15.2(2) JA1 – c1140-rcvk9w8-tar.152-2.JA1.tar;
Interrupt AP boot process by holding Mode button for 30 seconds (until led becomes RED);
Format flash, and download new software from the TFTP server.
load_helper
flash_init
format flash:
set IP_ADDR 192.168.0.200
set NETMASK 255.255.255.0
set DEFAULT_ROUTER 192.168.0.1
tftp_init
tar -xtract tftp://192.168.10.5/c1140-rcvk9w8-tar.152-2.JA1.tar flash:
boot
Reboot AP. It will begin a join process (will upgrade/downgrade to vWLC version, if required);
Automatic Upgrade (recommended)
This process is suitable for large environments, but it requires a presence of hardware WLC that supports Software Release 7.3 and above, like Cisco WLC 5508. Hardware WLC does not require AP to authenticate through SSC (Self-Signed Certificates) hash, thus making it possible for Lightweight AP to join hardware controller with Software Release 7.3 and above without extra efforts, and as result upgrading to the same version of software. The process is described below.
Change an existing DHCP Option 43 to list an IP address of the hardware WLC 7.3 or above (Cisco 5508 will do the trick);
Login to the old WLC’s web page (the one from where you want to migrate compatible APs);
Choose an AP and select “Clear All Config”. This will remove the CAPWAP configuration from AP’s cache and reboot it;
Wait for AP to reboot. It will join hardware WLC 7.3 and upgrade own software. Wait until AP’s status changes to REG;
Change DHCP Option 43 again but this time it has list an IP address of the vWLC
Force an upgraded AP to reboot with factory default settings (“Clear All Config”);
Wait for AP to join vWLC. It may reboot a couple of times, if software versions on hardware and virtual WLCs differ;
Voila – AP will join vWLC without physical intervention.
You can repeat steps 1 through 7 for the rest of APs one by one or in bulk.
One other important requirement to consider is that vWLC will only work with Lightweight APs configured to operate in FlexConnect mode (ex H-REAP). Even though, once upgraded, APs will eventually join vWLC, they won’t be able to associate clients until you switch them to FlexConnect mode. This can be done manually using web interface
Or, vWLC can be configured to automatically convert all APs to work in FlexConnect mode after they join the controller for the first time, and after all required upgrades are complete. To do that, execute the following command using vWLC’s CLI:
config ap autoconvert flexconnect enable
Once applied, every single AP associated with this controller, will be switched to FlexConnect mode automatically. -
ISE 1.2 rejects RADIUS messages from vWLC
Hello,
I have an ISE appliance with the Wireless license. The Cisco vWLC is configured to send Radius traffic to the device, but is getting the error message:
11054 Request from a non-wireless device was dropped due to installed Wireless license
The vWLC is showing up under endpoints as a VMWARE workstation, and not a WLC, and so under the licensing requirements will not allow RADIUS to be received from anything other than a WLC. I tried hard-coding the policy to match a Cisco WLC with a condition of matching its MAC address, and even disabled the VMWARE profile policy, but the endpoint then only matches the "Unknown" policy. Any ideas?Check the Cisco ISE dashboard (
Operations > Authentications
) for any indication
regarding the nature of RADIUS communication loss. (Look for instances of your
specified RADIUS usernames and scan the sy
stem messages that are associated with
any error message entries.)
Log into the Cisco ISE CLI
2
and enter the following command to produce RADIUS
attribute output that may aid in debugging connection issues:
test aaa group radius
new-code
If this test command is successful, you should see the following attributes:
Connect port
Connect NAD IP address
Connect Policy Service ISE node IP address
Correct server key
Recognized username or password
Connectivity between the NAD and Policy Service ISE node
You can also use this command to help narrow the focus of the potential problem
with RADIUS communication by deliberatel
y specifying incorrect parameter values
in the command line and then returning to the administrator dashboard (
Operations
> Authentications
) to view the type and frequency
of error message entries that
result from the incorrect command line. For example, to test whether or not user
credentials may be the source
of the problem, enter a username and or password that
you
know
is incorrect, and then go look for error message entries that are pertinent
to that username in the
Operations > Authentications
page to see what Cisco ISE
is reporting.)
Note
This command does not validate whether or not the NAD is configured to use
RADIUS, nor does it verify whether th
e NAD is configured to use the new
AAA model. -
VWLC clients getting DHCP address from management VLAN
Hi,
We have a strange scenario whereby some wireless employees are obtaining addresses from the management VLAN.
Some details:
DHCP managed by MS DHCP 2008 R2 (in remote data centre)
Cisco vWLC AIR-CTVM-K9 running v7.6.110.0
AP's are a mix of 2602 and 3702 (46 and 2 of each respectively)
SSID's are employee, guest, and production devices (all mapped to their own interface with relevant VLAN tag as per normal)
AP's all in FlexConnect mode as per vWLC caveats
Some employees are receiving addresses in the wireless management VLAN. This network only has six DHCP addresses available as it is solely for AP's, WLC and HSRP gateway. Obviously this gets exhausted very quickly leaving us with a scenario where clients are not obtaining DHCP addresses.
I understand that with FlexConnect mode, it will assign IP's from the native VLAN. What I don't understand is why most clients receive addresses in the correct VLAN, but a handful do not, and then cannot get an address from DHCP. Obviously the ideal scenario would be to put the AP's into local mode but unless this has changed in a SW release then I don't believe it's possible...
My question is: How do I get ALL the employees to obtain addresses from their interface and not the management VLAN?
Thanks in advance.Hi,
I think we need a closer look to your configurarion to eliminate some possibilities:
- What is the WLAN security you choose?
- What is the interface that is configured under the WLAN?
- Does your WLAN have local switching enabled?
- If your security is using RADIUS server, do you have AAA override enabled under the WLAN config?
- If your security is using RADIUS server, do you send any attributes to the users?
- You have eliminate that clients that got management vlan IPs are always on same AP or they can be on any AP.
HTH
Amjad -
Cisco WLC WebAuth Page Not Found
Hi All,
I'm using Cisco VWLC 7.4.100.60, I'm facing a problem of the internal web auth with Local Net User , any client access the guest SSID, which can re-direct to the virtual port ip http://1.1.1.1/login.html, but browser also show page not found.
May I know how can I fix it?
Many Thanks!
hangCan be many things... first off, make sure DNS is working and that the guest homepage is not a secure web site (https). Also make sure you didn't add and DNS hostname in the VIP interface unless you installed a cert and the FQDN is resolving. Here is a good guide:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080bf7d89.shtml
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Maximum number of AP supported has already joined cisco
Dear all,
We have vWLC, AP connected through MPLS network, we also have ap base license for 15 AP, the problem is that AP cant joint to WLC because of
this error:
Maximum number of AP supported has already joined cisco
WLC shows that all 15 licenses are used, but we have only 3 AP
What is that? bug or not?, everything worked fine before we put new 4 AP into the network
thank you
I attached outputs in photos:This license is evaluate and it works fine, but when it is our license it shows no AP in summary
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.100.60
RTOS Version..................................... 7.4.100.60
Bootloader Version............................... 7.4.100.60
Emergency Image Version.......................... 7.4.100.60
Build Type....................................... DATA + WPS
System Name...................................... Cisco VWLC
System Location.................................. ESXI
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1631
IP Address....................................... 192.168.6.1
System Up Time................................... 0 days 17 hrs 29 mins 9 secs
System Timezone Location......................... (GMT +4:00) Muscat, Abu Dhabi
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... Multiple Countries:BY,MX,US
--More-- or (q)uit
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 7
Number of Active Clients......................... 41
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ 00:50:56:9F:68:43
Maximum number of APs supported.................. 200
(Cisco Controller) >show ap summary
Number of APs.................................... 3
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
Meeting_Room 2 AIR-LAP1142N-E-K9 54:75:d0:f5:3a:e4 default location 1 BY 1
Fttb 2 AIR-CAP3602I-A-K9 30:f7:0d:29:03:42 default location 1 MX 1
Technical 2 AIR-LAP1142N-E-K9 c8:9c:1d:f4:72:8a default location 1 BY 1 -
Hi Team,
I installed Cisco vWLC for the first time. Everything works fine except my guest vlan doesnt get IP address from the designated dmz network. I was wondering if I am missing something. Currently Flexconnect it configured on the wlans with LOCAL mode. I've alredy tried to go under each AP and perform vlan mapping but ... no luck so far.
Please get back to me if you have any ideas.
Respectfully,
Marty-Hello Marty,
As per your query i can suggest you the following solution-
Guest vlan doesnt get IP address from the designated dmz network.So please apply the appropriate native vlan to the Flexconnect configured in the local mode.Also make sure to do vlan mapping in order to match Physial switch Vlan matching. Finally configure trunk on the Access-Point port with the corresponding native Vlan.
For more information please refer to the link-
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008070ba8f.shtml
Hope this will help -
Hi.. i have running cisco vWLC controller in my location A, its working perfectly here. Now i have another location B where i have APs registered with controller in location A. I have created another WLAN and set location B dhcp server assign location B network ip. But issue is that when we connect to this wlan it gets connected but no ip gets assigned. wireless controlloer can reach to location B dhcp server, there is no connectivity issue b/w these.
what else settings do i need to set so that clients can get ip through dhcp.Is location B WLAN configured with local or central switchinng?
If traffic is central switched (tunneled back to the WLC in location A) that may the problem in your case. I assume location A and B are in separate broadcast domains, so there should be an issue with the dhcp discovers from clients.
You should try to local switch the traffic for WLAN B or if it has to be central switched you should switch locally dhcp packets from clients. -
Time mismatch between controller and AP, why?
Hello all,
I have a lab setup with a Cisco vWLC deployed in VMWare ESXI and 2x 1131 APs,
The APs are failing to join the controller due to a certificate error. I have noticed that the time that APs are using is an hour out from the controller.
The controller time and timezone are set correctly (London timezone, it's currently summer time here so its GMT+1), but the APs are being set to an hour early (GMT+0) and are failing to join.
I tried setting the time manually on the APs, but as soon as they talk to the controller it sets itself wrong again!
How can I resolve this?
Thanks
BenHow can I resolve this?
You can't.
LWAPP/CAPWAP standards do not include the APs to inherit timezones of the controller. So the controller can have different timezones but the controller-based APs are always in UTC/GMT/Zulu timezones. -
Hi,
We have a customer with a Cisco CISCO1941/K9. The router has 2 WAN connection. 1 connection has a monthly bandwith limit of 20GB/month and is an high speed connection. The second connection is unlimited and used as a fallback connection in case the primary line is unreachable.
We need to prevent the primary connection to use more as 20GB/monthly and in case it uses 20GB make the router switch to the second connection till the new billing period starts.
Is there any way to do this on a Cisco CISCO1941/K9 without Cisco Prime / extra hardware/software costs?
Thanks in advance for any reply.
SvenThere is one line that needs to be removed when using an interface that is not cellular which is "regsub -all {r} $interface "r " interface" This changed the "Cellular0" to "Cellular 0" I commented it out in the attached file and it is working as expected.
*Jun 20 12:19:01.840: %HA_EM-6-LOG: data_limit.tcl: C819-4G FastEthernet1 has used 34297149. Bytes with a monthly subscription of 100000000 Bytes (34.297149 % used)
*Jun 20 12:20:01.856: %HA_EM-6-LOG: data_limit.tcl: C819-4G FastEthernet1 has used 34308997. Bytes with a monthly subscription of 100000000 Bytes (34.308997 % used)
*Jun 20 12:21:01.836: %HA_EM-6-LOG: data_limit.tcl: C819-4G FastEthernet1 has used 34331844. Bytes with a monthly subscription of 100000000 Bytes (34.331844 % used) -
Cisco UC Virtualization Hypervisor - Supported vCPU and RAM BE6000 HD SERVER ?
How much vCPU and total RAM is supported by the default Cisco UC Virtualization Hypervisor shipped with BE6000 HD Server ?
The BE6000 High Density Server has a total of 16vCPU and 48 GB of RAM.
How much total vCPU and total RAM is Supported/Licensed by the default Cisco UC Virtualization Hypervisor ?The total server CPU and memory is capped at what comes in the BE6k and BE7k bundle SKU. Per-VM limits are listed here: http://docwiki.cisco.com/wiki/Unified_Communications_VMware_Requirements#Purchasing_.2F_Sourcing_Options_for_Required_Virtualization_Software
Maybe you are looking for
-
How can I rotate an image in Final Cut Pro X?
I imported over a thousand pictures from iPhoto to make a slideshow of my trip to California. How can I rotate images without reimporting them?
-
I have a black band across my screen is it broken
I have got a black band across my screen on my I pad don't know how this has come is it an error or something, or is it broken.
-
Hello Expert, Can anyone tell me, how to check RFC and HTTP adapter setting in XI? regards Ramesh
-
Adding printer in active directory- in windows server 2008 r2
Is that addition will enhance the printing and the scanning management capability ? how ? and to which extent ? by example please !! thank you in advance
-
Linksys SRW2008MP VLAN problems
Hello, We have 7 SRW2008MP's and one SRW2016. We successfully configured 2 VLANS on all the above switches and found no problems when the Linksys SRW switches' VLANS were linked with two copper or FO cables. We recently needed to extend both Linksys