Cisco WLC 2500 AP-Manager
hello
i have a question about a cisco wlc 2500.
when you configure a interface on the controller, you can set a ip address
mask en DHCP server address but also you can set the interface as a AP-Manager
why is this?
thanks
On the old WLC models like 2100, 2006,4400 we had to configure the management interface for managing the WLC and the AP manager so that the APs could create the LWAPP or CAPWAP tunnel to the WLC.
On the new model of WLCs like the 2500,5508 the AP manager interface is not required, the management interface if it has the check for dynamic interface it will work at the same time as the AP manager interface.
Here is the link where you can check on how to deploy the 2504 WLC and the different setups to use with several AP managers.
http://www.cisco.com/en/US/products/ps11630/products_tech_note09186a0080b8450c.shtml
Similar Messages
-
Cisco WLC 2500 - 802.1x with Vasco Radius SMS OTP
Hello folks,
I have what seems to be a complex implementation with many things that need to be done on a customers network and I wanted to be pointed in the right direction.
The current scenario is such, the customer has a Cisco WLC 2500 device that has 3 access points(these are in the same AP group) connected to it. There is one SSID that I will call PRODUCTION here that some domain users use to connect to the local network. The customer has requested to have a GUEST SSID added to the WLC where guest users will connect to and recieve a SMS OTP for authentication.
Correct me if I am wrong, but I will obviously need to segment the SSIDs to have them running on different subnets to ensure that guest users do not have access to the production network once they authenticate. In order to do this I will need to configure Dynamic VLAN assignment for the Cisco WLC and connect it to a 802.1x port on the switch.
Now what is not clear is I am not interested in authenticating the users that connect via "Production SSID" and want to bypass authentication for those users and have them assigned to the default vlan (or maybe perhaps have them authenticate via LDAP on the AD), however I want to force the "GUEST" SSID users to authenticate so that they may recieve an SMS OTP (reason for this is to force guests to register their phone numbers to use the internet so that Illegal activity may be tracked).
1)So would it be possible to bypass authentication(or authenticate them via LDAP) for the PRODUCTION SSID as only domain users would know the SSID password to log on and have them by default assigned to the production subnet (default vlan) but force the GUEST SSID users to another VLAN via 802.1x sms otp?
2)*Important* Another issue that is not clear is will I be able to directly configure AAA Radius settings on the Cisco WLC to directly authenticate with the VASCO Radius OTP and recieve a challenge-response(required for OTP) during authentication? As I have seen from Ciscos Dynamic VLAN assignment docuementation (http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml) additional IETF Radius Perimeters are used such as Tunnel-Private-Group-ID etc are used which I can't seem to configure on the Vasco.
I do beileve this is a great project in helping me understand the INs and OUTs of CISCO WLC as well as Wireless NAC, If anyone could enlighten me and point me in the right direction I would be forever in debt. Much appreciated.
Best Regards
Sinan Barghouthi - JNCIA-FWV , JNCIA-IDP , CCA-NS , TCSM-8.0On your WLAN you can enable AES and TKIP. Just know that some clients mau have issue when they see both TKIP and AES. Ive had pretty good success with this in the past. Dont forget, you also need to enable WMM allowed to get N rates.
But you will need to configure AES on the client as well to support N rates.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection." -
hello everyone
i have a question.
i am trying to get snmp version 3 working on my network.
i am using solarwinds to monitor the cisco WLC's. but when i add a snmp-user to the controller
i get the following message:
(Cisco Controller) debug>snmp all enable
(Cisco Controller) debug>*Sep 06 14:40:30.515: SNMPD: Packet from: 192.168.8.192:59047, in_packet_len = 71
*Sep 06 14:40:30.516: SNMPD: calling srDoSnmp.
*Sep 06 14:40:30.516: Unknown engine Ids
*Sep 06 14:40:30.517: SNMPD: Sending SNMP packet to 192.168.8.192:59047, out_packet_len = 115
*Sep 06 14:40:30.542: SNMPD: Packet from: 192.168.8.192:59047, in_packet_len = 137
*Sep 06 14:40:30.542: SNMPD: calling srDoSnmp.
*Sep 06 14:40:30.543: SNMPD: received get pdu
*Sep 06 14:40:30.543: SNMPD:calling do_response
*Sep 06 14:40:30.543: Searching for requested instance of sysObjectID
*Sep 06 14:40:30.543: SNMPD: Sending SNMP packet to 192.168.8.192:59047, out_pac ket_len = 153
*Sep 06 14:40:30.765: SNMPD: Packet from: 192.168.8.192:59049, in_packet_len = 73
*Sep 06 14:40:30.765: SNMPD: calling srDoSnmp.
*Sep 06 14:40:30.765: Unknown engine Ids
*Sep 06 14:40:30.766: SNMPD: Sending SNMP packet to 192.168.8.192:59049, out_packet_len = 117
*Sep 06 14:40:30.791: SNMPD: Packet from: 192.168.8.192:59049, in_packet_len = 138
*Sep 06 14:40:30.791: SNMPD: calling srDoSnmp.
*Sep 06 14:40:30.791: SNMPD: received get pdu
*Sep 06 14:40:30.791: SNMPD:calling do_response
*Sep 06 14:40:30.791: Searching for requested instance of sysContact
*Sep 06 14:40:30.792: SNMPD: Sending SNMP packet to 192.168.8.192:59049, out_packet_len = 138
*Sep 06 14:40:30.818: SNMPD: Packet from: 192.168.8.192:59049, in_packet_len = 73
*Sep 06 14:40:30.818: SNMPD: calling srDoSnmp.
*Sep 06 14:40:30.818: Unknown engine Ids
*Sep 06 14:40:30.819: SNMPD: Sending SNMP packet to 192.168.8.192:59049, out_packet_len = 117
*Sep 06 14:40:30.843: SNMPD: Packet from: 192.168.8.192:59049, in_packet_len = 178
*Sep 06 14:40:30.844: SNMPD: calling srDoSnmp.
*Sep 06 14:40:30.844: SNMPD: received set pdu
*Sep 06 14:40:30.844: SNMPD:calling do_sets
*Sep 06 14:40:30.844: snmpd: Attempt to set object sysContact
*Sep 06 14:40:30.844: pass 1 of set request processing done
*Sep 06 14:40:30.846: pass 2 of set request processing done
*Sep 06 14:40:30.846: calling set method which do not have undo methods
*Sep 06 14:40:30.846: set failed, undoing
*Sep 06 14:40:30.847: SNMPD: Sending SNMP packet to 192.168.8.192:59049, out_pac
*Sep 06 14:41:57.517: Authentication failure, bad community string
*Sep 06 14:41:57.518: Bad Community name
*Sep 06 14:41:57.518: SNMPD: Failed to get result Pdu.
*Sep 06 14:41:57.518: SNMPD: *NOT* sending out packet, out_packet_len = 0
i have only configure the SNMP v3 User on the controller.Hello Johan,
debugs show:
Authentication failure, bad community string
This indicates community string mismatch. Make sure about the community string and encryptin and privacy passwords.
Make sure to enable only SNMPv3 on WLC to isolate better.
HTH
Amjad
You want to say "Thank you"?
Don't. Just rate the useful answers,
that is more useful than "Thank you". -
Problèmes d'ajout de licences sur un controller WLC 2500
Bonjour,
Je possède un Cisco WLC 2500 controller pour mes bornes Wifi.
Sur ce controller j'ai déjà un pack de 25 licences d'installées.
Récemment j'ai acheté un nouveau pack de licence et il met impossible de l'ajouter correctement.
j’effectue la procédure suivante :
Je clique dans l'onglet "management" puis sur "software activation"
Je clique sur "commandes"
Je sélectionne "install licences"
ce que j'obtiens
ensuite je reboot le controller, mais les licences ne sont pas présente dans la liste.
Avez-vous une idée ?
Merci d'avanceGREP peut servir à deux choses : un enrichissement automatique via les styles GREP ou un rechercher-remplacer. Les styles GREP ne font qu'enrichir du texte existant mais n'ont pas pour fonction d'ajouter du texte. Pour ce que tu cherches à faire (un ajout), la syntaxe proposée dans le livre doit donc être utilisée dans la boîte de dialogue « rechercher-remplacer ».
-
Hi,
I have successfully connected my WLC 2500 controller with 20 light weight Access points 1262N.
I have used the internal DHCP server option in the controller for the AP's and client.
Port 1 of the WLC is trunked with the switch 2960. All is working fine
The problem comes when I remove the Ethernet cable from the management interface and restart the WLC. The AP's don't come back. If I don't restart the WLC the AP's remain.
On the other hand, when I leave the Ethernet cable connected to the management port with my pc and then reboot the WLC, the AP's appear.
Seems like whenever im not physically connected to the management port of the WLC and restart it, the AP's don't come back. The only way to make them come back again is to connect my PC to the management port.
Please help me. What seems to be the problem here ?
Best Regards,Hi,
All 20 Pc;s are in one area connected to the same AP im assuming. The PC;s are stationary, so didnt check for roaming, but generally my laptop connectivity is fine while roaming. It rarely disconnects but users have complained that it did disconncect a few times.
Please see below the WLC configuration:
User:Dawaa
Password:********
(Cisco Controller) >sh
(Cisco Controller) show>running-config
Notice: "show running-config" has been changed to be an alias to "show run-config".
Use "show run-config commands" to display the configuration commands.
Press Enter to continue or to abort...
System Inventory
NAME: "Chassis" , DESCR: "Cisco 2500 Series Wireless LAN Controller"
PID: AIR-CT2504-K9, VID: V01, SN: PSZ163602PD
Burned-in MAC Address............................ 20:3A:07:67:C3:00
Maximum number of APs supported.................. 15
Press Enter to continue or to abort
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.101.0
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 1.0.0
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... tEthernet0
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 192.168.0.140
Last Reset....................................... Software reset
System Up Time................................... 0 days 1 hrs 23 mins 40 secs
System Timezone Location......................... (GMT +3:00) Baghdad
Configured Country............................... SA - Saudi Arabia
Operating Environment............................ Commercial (0 to 40 C)
--More or (q)uit current module or to abort
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +26 C
External Temperature............................. +30 C
Fan Status....................................... 4200 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 10
Burned-in MAC Address............................ 20:3A:07:67:C3:00
Maximum number of APs supported.................. 15
Press Enter to continue or to abort
AP Bundle Information
Primary AP Image Size
ap1g2 10596
ap3g1 11088
ap3g2 10968
ap801 7092
ap802 8428
c1130 5072
c1140 9288
c1250 6784
c1520 7852
c602i 3736
Secondary AP Image Size
ap1g2 10596
ap3g1 11088
ap3g2 10968
ap801 7092
ap802 8428
--More or (q)uit current module or to abort
c1130 5072
c1140 9288
c1250 6784
c1520 7852
c602i 3736
Press Enter to continue or to abort
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Strong Password Check Features:
case-check ...........Enabled
consecutive-check ....Enabled
default-check .......Enabled
username-check ......Enabled
Press Enter to continue or to abort
Network Information
RF-Network Name............................. Dawaa
Web Mode.................................... Enable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Disable
Secure Web Mode RC4 Cipher Preference....... Disable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Telnet...................................... Enable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Multicast Address : 239.60.60.60
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
MLD snooping................................ Disabled
MLD timeout................................. 60 seconds
MLD query interval.......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
--More or (q)uit current module or to abort
Cisco AP Default Master..................... Enabled
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Enable
Mgmt Via Dynamic Interface.................. Enable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect ................... Disable
Web Auth Captive-Bypass .................. Disable
Web Auth Secure Web ....................... Enable
Fast SSID Change ........................... Disabled
AP Discovery - NAT IP Only ................. Enabled
IP/MAC Addr Binding Check .................. Enabled
CCX-lite status ............................ Disable
oeap-600 dual-rlan-ports ................... Disable
oeap-600 local-network ..................... Enable
Press Enter to continue or to abort
Port Summary
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE
1 Normal Forw Enable Auto 1000 Full Up Enable N/A
2 Normal Disa Enable Auto Auto Down Enable N/A
3 Normal Disa Enable Auto Auto Down Enable Enable (Power Off)
4 Normal Disa Enable Auto Auto Down Enable Enable (Power Off)
Press Enter to continue or to abort
AP Summary
Number of APs.................................... 14
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
AP6c20.56a0.b352 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b3:52 default location 1 SA 1
AP6c20.5666.e34a 2 AIR-LAP1262N-E-K9 6c:20:56:66:e3:4a default location 1 SA 1
AP6c20.56a0.b341 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b3:41 default location 1 SA 1
AP6c20.56a0.b4db_(Expiry) 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b4:db Expiry Warehouse 1 SA 1
AP6c20.569a.59da 2 AIR-LAP1262N-E-K9 6c:20:56:9a:59:da default location 1 SA 1
AP6c20.5666.e2db 2 AIR-LAP1262N-E-K9 6c:20:56:66:e2:db default location 1 SA 1
AP6c20.568c.d530_(Expiry) 2 AIR-LAP1262N-E-K9 6c:20:56:8c:d5:30 default location 1 SA 1
AP6c20.5666.e2ca 2 AIR-LAP1262N-E-K9 6c:20:56:66:e2:ca default location 1 SA 1
AP6c20.5666.e354 2 AIR-LAP1262N-E-K9 6c:20:56:66:e3:54 default location 1 SA 1
AP6c20.569a.59fd 2 AIR-LAP1262N-E-K9 6c:20:56:9a:59:fd default location 1 SA 1
AP6c20.56a0.b346 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b3:46 default location 1 SA 1
AP6c20.56a0.b2f0 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b2:f0 default location 1 SA 1
AP6c20.568c.d1ec 2 AIR-LAP1262N-E-K9 6c:20:56:8c:d1:ec default location 1 SA 1
AP6c20.56a0.b425 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b4:25 default location 1 SA 1
--More or (q)uit current module or to abort
AP Tcp-Mss-Adjust Info
AP Name TCP State MSS Size
AP6c20.56a0.b352 disabled -
AP6c20.5666.e34a disabled -
AP6c20.56a0.b341 disabled -
AP6c20.56a0.b4db_(Expiry) disabled -
AP6c20.569a.59da disabled -
AP6c20.5666.e2db disabled -
AP6c20.568c.d530_(Expiry) disabled -
AP6c20.5666.e2ca disabled -
AP6c20.5666.e354 disabled -
AP6c20.569a.59fd disabled -
AP6c20.56a0.b346 disabled -
AP6c20.56a0.b2f0 disabled -
AP6c20.568c.d1ec disabled -
AP6c20.56a0.b425 disabled -
Press Enter to continue or to abort
AP Location
Total Number of AP Groups........................ 0
Site Name........................................ default-group
Site Description.................................
AP Operating Class............................... Not-configured
RF Profile
2.4 GHz band.....................................
5 GHz band.......................................
WLAN ID Interface Network Admission Control Radio Policy
1 management Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
AP6c20.56a0.b352 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b3:52 default location 1 SA 1
AP6c20.5666.e34a 2 AIR-LAP1262N-E-K9 6c:20:56:66:e3:4a default location 1 SA 1
AP6c20.56a0.b341 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b3:41 default location 1 SA 1
AP6c20.56a0.b4db_(Expiry) 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b4:db Expiry Warehouse 1 SA 1
--More or (q)uit current module or to abort
AP6c20.569a.59da 2 AIR-LAP1262N-E-K9 6c:20:56:9a:59:da default location 1 SA 1
AP6c20.5666.e2db 2 AIR-LAP1262N-E-K9 6c:20:56:66:e2:db default location 1 SA 1
AP6c20.568c.d530_(Expiry) 2 AIR-LAP1262N-E-K9 6c:20:56:8c:d5:30 default location 1 SA 1
AP6c20.5666.e2ca 2 AIR-LAP1262N-E-K9 6c:20:56:66:e2:ca default location 1 SA 1
AP6c20.5666.e354 2 AIR-LAP1262N-E-K9 6c:20:56:66:e3:54 default location 1 SA 1
AP6c20.569a.59fd 2 AIR-LAP1262N-E-K9 6c:20:56:9a:59:fd default location 1 SA 1
AP6c20.56a0.b346 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b3:46 default location 1 SA 1
AP6c20.56a0.b2f0 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b2:f0 default location 1 SA 1
AP6c20.568c.d1ec 2 AIR-LAP1262N-E-K9 6c:20:56:8c:d1:ec default location 1 SA 1
AP6c20.56a0.b425 2 AIR-LAP1262N-E-K9 6c:20:56:a0:b4:25 default location 1 SA 1
Press Enter to continue or to abort
RF Profile
Number of RF Profiles............................ 0
Out Of Box State................................. Disabled
RF Profile Name Band Description Applied
Press Enter to continue or to abort
AP Config
Cisco AP Identifier.............................. 0
Cisco AP Name.................................... AP6c20.56a0.b352
Country code..................................... SA - Saudi Arabia
Regulatory Domain allowed by Country............. 802.11bg:-AE 802.11a:-E
AP Country code.................................. SA - Saudi Arabia
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
MAC Address...................................... 6c:20:56:a0:b3:52
IP Address Configuration......................... DHCP
IP Address....................................... 192.168.0.111
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 192.168.0.220
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ default location
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
--More or (q)uit current module or to abort
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.3.101.0
Boot Version ................................... 12.4.2.4
Mini IOS Version ................................ 7.3.1.73
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1262N-E-K9
AP Image......................................... C1260-K9W8-M
--More or (q)uit current module or to abort
IOS Version...................................... 15.2(2)JA$
Reset Button..................................... Enabled
AP Serial Number................................. FCZ1642Z0A6
AP Certificate Type.............................. Manufacture Installed
AP User Mode..................................... CUSTOMIZED
AP User Name..................................... dawaa
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 0 days, 22 h 01 m 44 s
AP LWAPP Up Time................................. 0 days, 01 h 25 m 37 s
Join Date and Time............................... Wed Mar 13 16:10:25 2013
Join Taken Time.................................. 0 days, 00 h 02 m 19 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211n-2.4
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
--More or (q)uit current module or to abort
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 1c:e6:c7:04:7a:20
Operation Rate Set
1000 Kilo Bits........................... SUPPORTED
2000 Kilo Bits........................... SUPPORTED
5500 Kilo Bits........................... SUPPORTED
11000 Kilo Bits.......................... MANDATORY
MCS Set
MCS 0.................................... DISABLED
MCS 1.................................... DISABLED
MCS 2.................................... SUPPORTED
MCS 3.................................... DISABLED
MCS 4.................................... DISABLED
MCS 5.................................... DISABLED
MCS 6.................................... DISABLED
MCS 7.................................... DISABLED
MCS 8.................................... DISABLED
MCS 9.................................... DISABLED
MCS 10................................... DISABLED
--More or (q)uit current module or to abort
MCS 11................................... DISABLED
MCS 12................................... DISABLED
MCS 13................................... DISABLED
MCS 14................................... DISABLED
MCS 15................................... DISABLED
MCS 16................................... DISABLED
MCS 17................................... DISABLED
MCS 18................................... DISABLED
MCS 19................................... DISABLED
MCS 20................................... DISABLED
MCS 21................................... DISABLED
MCS 22................................... DISABLED
MCS 23................................... DISABLED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ SA
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 13
--More or (q)uit current module or to abort
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Level 6 .......................... 5 dBm
Tx Power Level 7 .......................... 2 dBm
Tx Power Level 8 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 3
Phy DSSS parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 6
Extension Channel ......................... NONE
--More or (q)uit current module or to abort
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11,12,
......................................... 13
Current CCA Mode .......................... 0
ED Threshold .............................. -50
Legacy Tx Beamforming Configuration ....... CUSTOMIZED
Legacy Tx Beamforming ..................... ENABLED
Antenna Type............................... EXTERNAL_ANTENNA
External Antenna Gain (in .5 dBi units).... 0
Diversity.................................. DIVERSITY_ENABLED
802.11n Antennas
A....................................... ENABLED
B....................................... ENABLED
C....................................... ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
--More or (q)uit current module or to abort
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Radio Extended Configurations
Beacon period.............................. 100 milliseconds
Beacon range............................... AUTO
Multicast buffer........................... AUTO
Multicast data-rate........................ AUTO
RX SOP threshold........................... AUTO
CCA threshold.............................. AUTO
Cisco AP Identifier.............................. 0
Cisco AP Name.................................... AP6c20.56a0.b352
Country code..................................... SA - Saudi Arabia
Regulatory Domain allowed by Country............. 802.11bg:-AE 802.11a:-E
AP Country code.................................. SA - Saudi Arabia
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
--More or (q)uit current module or to abort
MAC Address...................................... 6c:20:56:a0:b3:52
IP Address Configuration......................... DHCP
IP Address....................................... 192.168.0.111
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 192.168.0.220
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ default location
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
--More or (q)uit current module or to abort
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.3.101.0
Boot Version ................................... 12.4.2.4
Mini IOS Version ................................ 7.3.1.73
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1262N-E-K9
AP Image......................................... C1260-K9W8-M
IOS Version...................................... 15.2(2)JA$
Reset Button..................................... Enabled
AP Serial Number................................. FCZ1642Z0A6
AP Certificate Type.............................. Manufacture Installed
AP User Mode..................................... CUSTOMIZED
AP User Name..................................... dawaa
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
--More or (q)uit current module or to abort
AP Up Time....................................... 0 days, 22 h 01 m 44 s
AP LWAPP Up Time................................. 0 days, 01 h 25 m 37 s
Join Date and Time............................... Wed Mar 13 16:10:25 2013
Join Taken Time.................................. 0 days, 00 h 02 m 19 s
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211n-5
Radio Subband................................ RADIO_SUBBAND_ALL
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 1c:e6:c7:04:7a:20
Operation Rate Set
6000 Kilo Bits........................... MANDATORY
--More or (q)uit current module or to abort
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
MCS Set
MCS 0.................................... DISABLED
MCS 1.................................... DISABLED
MCS 2.................................... DISABLED
MCS 3.................................... SUPPORTED
MCS 4.................................... SUPPORTED
MCS 5.................................... SUPPORTED
MCS 6.................................... SUPPORTED
MCS 7.................................... SUPPORTED
MCS 8.................................... SUPPORTED
MCS 9.................................... SUPPORTED
MCS 10................................... SUPPORTED
MCS 11................................... SUPPORTED
MCS 12................................... SUPPORTED
MCS 13................................... SUPPORTED
MCS 14................................... SUPPORTED
--More or (q)uit current module or to abort
MCS 15................................... SUPPORTED
MCS 16................................... DISABLED
MCS 17................................... DISABLED
MCS 18................................... DISABLED
MCS 19................................... DISABLED
MCS 20................................... DISABLED
MCS 21................................... DISABLED
MCS 22................................... DISABLED
MCS 23................................... DISABLED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ SA
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 4
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
--More or (q)uit current module or to abort
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 7
Tx Power Level 1 .......................... 17 dBm
Tx Power Level 2 .......................... 14 dBm
Tx Power Level 3 .......................... 11 dBm
Tx Power Level 4 .......................... 8 dBm
Tx Power Level 5 .......................... 5 dBm
Tx Power Level 6 .......................... 2 dBm
Tx Power Level 7 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 36
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 36,40,44,48,52,56,60,64,100,
......................................... 104,108,112,116,132,136,140
TI Threshold .............................. -50
Legacy Tx Beamforming Configuration ....... CUSTOMIZED
--More or (q)uit current module or to abort
Legacy Tx Beamforming ..................... ENABLED
Antenna Type............................... EXTERNAL_ANTENNA
External Antenna Gain (in .5 dBi units).... 0
Diversity.................................. DIVERSITY_ENABLED
802.11n Antennas
A....................................... ENABLED
B....................................... ENABLED
C....................................... ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
--More or (q)uit current module or to abort
CleanAir Capable......................... No
Radio Extended Configurations
Beacon period.............................. 100 milliseconds
Beacon range............................... AUTO
Multicast buffer........................... AUTO
Multicast data-rate........................ AUTO
RX SOP threshold........................... AUTO
CCA threshold.............................. AUTO
Press Enter to continue or to abort
Cisco AP Identifier.............................. 1
Cisco AP Name.................................... AP6c20.5666.e34a
Country code..................................... SA - Saudi Arabia
Regulatory Domain allowed by Country............. 802.11bg:-AE 802.11a:-E
AP Country code.................................. SA - Saudi Arabia
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
MAC Address...................................... 6c:20:56:66:e3:4a
IP Address Configuration......................... DHCP
IP Address....................................... 192.168.0.39
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 192.168.0.220
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ default location
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or to abort
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.3.101.0
Boot Version ................................... 12.4.2.4
Mini IOS Version ................................ 7.3.1.73
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1262N-E-K9
AP Image......................................... C1260-K9W8-M
IOS Version...................................... 15.2(2)JA$
--More or (q)uit current module or to abort
Reset Button..................................... Enabled
AP Serial Number................................. FCZ1642Z09V
AP Certificate Type.............................. Manufacture Installed
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 0 days, 22 h 03 m 17 s
AP LWAPP Up Time................................. 0 days, 01 h 28 m 23 s
Join Date and Time............................... Wed Mar 13 16:10:26 2013
Join Taken Time.................................. 0 days, 00 h 02 m 04 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211n-2.4
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
--More or (q)uit current module or to abort
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 54:78:1a:f2:51:c0
Operation Rate Set
1000 Kilo Bits........................... SUPPORTED
2000 Kilo Bits........................... SUPPORTED
5500 Kilo Bits........................... SUPPORTED
11000 Kilo Bits.......................... MANDATORY
MCS Set
MCS 0.................................... DISABLED
MCS 1.................................... DISABLED
MCS 2.................................... SUPPORTED
MCS 3.................................... DISABLED
MCS 4.................................... DISABLED
MCS 5.................................... DISABLED
MCS 6.................................... DISABLED
MCS 7.................................... DISABLED
MCS 8.................................... DISABLED
MCS 9.................................... DISABLED
MCS 10................................... DISABLED
MCS 11................................... DISABLED
--More or (q)uit current module or to abort
MCS 12................................... DISABLED
MCS 13................................... DISABLED
MCS 14................................... DISABLED
MCS 15................................... DISABLED
MCS 16................................... DISABLED
MCS 17................................... DISABLED
MCS 18................................... DISABLED
MCS 19................................... DISABLED
MCS 20................................... DISABLED
MCS 21................................... DISABLED
MCS 22................................... DISABLED
MCS 23................................... DISABLED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ SA
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 13
--More or (q)uit current module or to abort
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Level 6 .......................... 5 dBm
Tx Power Level 7 .......................... 2 dBm
Tx Power Level 8 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 2
Phy DSSS parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 1
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
--More or (q)uit current module or to abort
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11,12,
......................................... 13
Current CCA Mode .......................... 0
ED Threshold .............................. -50
Legacy Tx Beamforming Configuration ....... CUSTOMIZED
Legacy Tx Beamforming ..................... ENABLED
Antenna Type............................... EXTERNAL_ANTENNA
External Antenna Gain (in .5 dBi units).... 0
Diversity.................................. DIVERSITY_ENABLED
802.11n Antennas
A....................................... ENABLED
B....................................... ENABLED
C....................................... ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
Coverage exception level................... 25 %
--More or (q)uit current module or to abort
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Radio Extended Configurations
Beacon period.............................. 100 milliseconds
Beacon range............................... AUTO
Multicast buffer........................... AUTO
Multicast data-rate........................ AUTO
RX SOP threshold........................... AUTO
CCA threshold.............................. AUTO
Cisco AP Identifier.............................. 1
Cisco AP Name.................................... AP6c20.5666.e34a
Country code..................................... SA - Saudi Arabia
Regulatory Domain allowed by Country............. 802.11bg:-AE 802.11a:-E
AP Country code.................................. SA - Saudi Arabia
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
MAC Address...................................... 6c:20:56:66:e3:4a
--More or (q)uit current module or to abort
IP Address Configuration......................... DHCP
IP Address....................................... 192.168.0.39
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 192.168.0.220
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ default location
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
--More or (q)uit current module or to abort
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.3.101.0
Boot Version ................................... 12.4.2.4
Mini IOS Version ................................ 7.3.1.73
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1262N-E-K9
AP Image......................................... C1260-K9W8-M
IOS Version...................................... 15.2(2)JA$
Reset Button..................................... Enabled
AP Serial Number................................. FCZ1642Z09V
AP Certificate Type.............................. Manufacture Installed
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 0 days, 22 h 03 m 17 s
--More or (q)uit current module or to abort
AP LWAPP Up Time................................. 0 days, 01 h 28 m 23 s
Join Date and Time............................... Wed Mar 13 16:10:26 2013
Join Taken Time.................................. 0 days, 00 h 02 m 04 s
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211n-5
Radio Subband................................ RADIO_SUBBAND_ALL
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 54:78:1a:f2:51:c0
Operation Rate Set
6000 Kilo Bits........................... MANDATORY
9000 Kilo Bits........................... SUPPORTED
--More or (q)uit current module or to abort
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
MCS Set
MCS 0.................................... DISABLED
MCS 1.................................... DISABLED
MCS 2.................................... DISABLED
MCS 3.................................... SUPPORTED
MCS 4.................................... SUPPORTED
MCS 5.................................... SUPPORTED
MCS 6.................................... SUPPORTED
MCS 7.................................... SUPPORTED
MCS 8.................................... SUPPORTED
MCS 9.................................... SUPPORTED
MCS 10................................... SUPPORTED
MCS 11................................... SUPPORTED
MCS 12................................... SUPPORTED
MCS 13................................... SUPPORTED
MCS 14................................... SUPPORTED
MCS 15................................... SUPPORTED
--More or (q)uit current module or to abort
MCS 16................................... DISABLED
MCS 17................................... DISABLED
MCS 18................................... DISABLED
MCS 19................................... DISABLED
MCS 20................................... DISABLED
MCS 21................................... DISABLED
MCS 22................................... DISABLED
MCS 23................................... DISABLED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ SA
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 4
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
--More or (q)uit current module or to abort
Tx Power
Num Of Supported Power Levels ............. 7
Tx Power Level 1 .......................... 17 dBm
Tx Power Level 2 .......................... 14 dBm
Tx Power Level 3 .......................... 11 dBm
Tx Power Level 4 .......................... 8 dBm
Tx Power Level 5 .......................... 5 dBm
Tx Power Level 6 .......................... 2 dBm
Tx Power Level 7 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 64
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 36,40,44,48,52,56,60,64,100,
......................................... 104,108,112,116,132,136,140
TI Threshold .............................. -50
Legacy Tx Beamforming Configuration ....... CUSTOMIZED
Legacy Tx Beamforming ..................... ENABLED
--More or (q)uit current module or to abort
Antenna Type............................... EXTERNAL_ANTENNA
External Antenna Gain (in .5 dBi units).... 0
Diversity.................................. DIVERSITY_ENABLED
802.11n Antennas
A....................................... ENABLED
B....................................... ENABLED
C....................................... ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
--More or (q)uit current module or to abort
Radio Extended Configurations
Beacon period.............................. 100 milliseconds
Beacon range............................... AUTO
Multicast buffer........................... AUTO
Multicast data-rate........................ AUTO
RX SOP threshold........................... AUTO
CCA threshold.............................. AUTO
Press Enter to continue or to abort
Cisco AP Identifier.............................. 2
Cisco AP Name.................................... AP6c20.56a0.b341
Country code..................................... SA - Saudi Arabia
Regulatory Domain allowed by Country............. 802.11bg:-AE 802.11a:-E
AP Country code.................................. SA - Saudi Arabia
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
MAC Address...................................... 6c:20:56:a0:b3:41
IP Address Configuration......................... DHCP
IP Address....................................... 192.168.0.120
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 192.168.0.220
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ default location
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or to abort
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.3.101.0
Boot Version ................................... 12.4.2.4
Mini IOS Version ................................ 7.3.1.73
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1262N-E-K9
AP Image......................................... C1260-K9W8-M
IOS Version...................................... 15.2(2)JA$
--More or (q)uit current module or to abort
Reset Button..................................... Enabled
AP Serial Number................................. FCZ1642Z09Y
AP Certificate Type.............................. Manufacture Installed
AP User Mode..................................... CUSTOMIZED
AP User Name..................................... dawaa
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 0 days, 22 h 07 m 08 s
AP LWAPP Up Time................................. 0 days, 01 h 31 m 05 s
Join Date and Time............................... Wed Mar 13 16:10:26 2013
Join Taken Time.................................. 0 days, 00 h 02 m 19 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211n-2.4
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
--More or (q)uit current module or to abort
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 1c:e6:c7:04:81:f0
Operation Rate Set
1000 Kilo Bits........................... SUPPORTED
2000 Kilo Bits........................... SUPPORTED
5500 Kilo Bits........................... SUPPORTED
11000 Kilo Bits.......................... MANDATORY
MCS Set
MCS 0.................................... DISABLED
MCS 1.................................... DISABLED
MCS 2.................................... SUPPORTED
MCS 3.................................... DISABLED
MCS 4.................................... DISABLED
MCS 5.................................... DISABLED
MCS 6.................................... DISABLED
MCS 7.................................... DISABLED
MCS 8.................................... DISABLED
MCS 9.................................... DISABLED
MCS 10................................... DISABLED
MCS 11................................... DISABLED
--More or (q)uit current module or to abort
MCS 12................................... DISABLED
MCS 13................................... DISABLED
MCS 14................................... DISABLED
MCS 15................................... DISABLED
MCS 16................................... DISABLED
MCS 17................................... DISABLED
MCS 18................................... DISABLED
MCS 19................................... DISABLED
MCS 20................................... DISABLED
MCS 21................................... DISABLED
MCS 22................................... DISABLED
MCS 23................................... DISABLED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String .............. -
Splash Page in WLC 2500 Series
Can someone tell me if there is Splash Page feature in the 2500 WLC ? I cannot find any Cisco document which says it has that feature ?
Yes, Its available.
Here is a link that points to a configuration guide for a wlc 2500, 7.5.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/config_guide/b_cg75.pdf
"The splash page web redirect feature is available only for WLANs that are configured for 802.1X or
WPA+WPA2 Layer 2 security with 802.1x key management." -
Cisco WLC 5508
Software Version: 7.4.100.0
Windows Server 2008R2
I've got everything setup on the Windows Server 2008 side of things (certificates, radius clients, etc)
I added the radius server on the WLC, and configured a new WLAN to use it.
Both are on the same subnet.
When trying to conect to the WLAN it kept failing. I installed wireshark on the server to monitor the radius traffic, and to my surprise there was no radius traffic showing up on the server. The radius statistics on the WLC are at 0 as well, so it's like the WLC isn't even attempting Radius.
I reverified that the server was enabled on both the security tab and the WLAN itself on the WLC. Rebooted the controller and the server, all to no avail. I used a radius test client, and can successfully send radius commands to the server using that utility.
Frustrated, I just kept trying to reconnect on my wireless device, and after about the 15th try, finally I saw radius activity on wireshark. It rejected my access, but at least I saw activity. It also registerd radius statistcs on the WLC as well.
So now if I keep trying to connect repeatedly, about every dozen or so times the WLC actually will send a radius request to the server.
What in the world is going on here?I do have local management users on the controller.
Some hours later I added the option of authenticating management users, for the NPS server. Then logged inn to the management GUI using NPS radius, worked just fine.
However, these commands have been useful to me several times, to make sure unsuccessful requests appear in the Windows Event log:
auditpol /get /subcategory:"Network Policy Server"
If it shows ‘No auditing’ or just "Success", you can run this command to enable it:
auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable
So now I know that the NPS radius server works, for management access. I will go to the customer's site some other day to test it for 802.1x authentication. If not, I'll do some debugging to decide wihich to blame - the WLC or NPS. -
Cisco WLC 5508 with 3702APs - mobile hotspot for 2000 Guest users
Cisco WLC 5508 with 3702APs - mobile hotspot for 2000 Guest users
I've been given a fantastic "opportunity" by my boss to use our existing wireless infrastructure to provide internet access to potentially upto 2000 VIP guests arriving with BYOD devices, in a very densely populated area for a 3 day event. We are talking an area of approx 200m x 15m. Think of it as an awards ceremony/concert. The solution will also be mobile so we will be using internet breakout from different telcos as it will move to approx 20 countries. The area is also incredibly densely populated with other wifi APs. I did a brief site survey and AirMagnet could detect over 2500 other 'rogue' APs from where I was stood! I hope CleanAir works!
We need a simple authentication method for them to connect with zero admin from our side. We don't want to just offer up a rolling daily PSK as that's a bit amateur and we don't really want the VIP guests sharing the PSK with others during their stay. Ideally they could self-provision by providing an email address.
I know the WLC can handle webauth for local users but I don't think it scales very well. ie I don't think I can offer the account to several hundred people.
Cisco ISE looks a very expansive (and expensive) product but I don't think we need all it's capabilities (do I?). It would be nice to just ask a potential user for their email address and grant them access and email them next year. I've seen Cisco NAC but that looks over the top too for just guest users who will only be accessing a shared internet connection.
I've seen 3rd party supposed software solutions from Kiosk Antamedia etc do they work with Cisco Enterprise WLC solutions?
We'd like to limit users to a certain (low) bandwidth and block (say) torrent traffic to keep the general user experience worthwhile.
Does anybody have any case study documents or experience of such a project? As well as the authentication it's how well the APs will handle the dense potential number of clients trying to connect in such a confined space.
Any suggestions would be gratefully appreciated from the knowledgeable community.
Cheers,
MikeHi Rasika,
We are having WLC 5508 model with software version running 7.4.121.0. AP Models are AIR-CAP2602I.
Normally our WAN links are good even while the issue pertains. We are connected to remote offices over ipsec site to site vpn for WAN. The link latency in WLC between the AP and the controller shows <1ms.
currently the Guest network is using WPA2-PSK auth given in the controller. we are trying to find a option to make the Guest wireless auth local to the office, and see if this solves the problem.
any suggestions,
Thank you,
Arjun -
Understanding statistics from a Cisco WLC?
Hello,
From the "Monitor" page on our Cisco WLC. If you go to "Access Points" from the left side then choose one of the Radios like 802.11b/g/n. That will list all the APs connected with your controller.
1) First question, some of the APs listed show the "Interference Profile" as "Failed". What does this mean? It has connected clients and no one is reporting an issue. So what does that really mean?
2) Second question, if you go to the "Details" for one of the APs I can see the "802.11 MAC Counters" showing things like Tx Fragments, Tx Failed Count, FCS Error Count, etc. Below is what I see.
Can someone explain what these statistics are saying? Again there are no issues reported by our users, but some of these values seem high and I don't understand what they are saying or if there is anything I should be considered with.
Any help on this would be great!
Thank you!
-ryaFor your convenience:
The details of the " 802.11 MAC Counters " :
Counters
Tx Fragment Count
This counter is incremented for an acknowledged MPDU with an individual address in the address 1 field.
Tx Failed Count
This counter increments when an MSDU is successfully transmitted after one or more retransmissions.
Multiple Retry Count (Graphics view only)
This counter shall increment when an MSDU is successfully transmitted after more than one retransmission.
RTS Success Count
This counter increments when a CTS is received in response to an RTS.
ACK Failure Count
This counter increments when an ACK is not received when expected.
Multicast Rx Frame Count
This counter increments when a MSDU is received with the multicast bit set in the destination MAC address.
Tx Frame Count
This counter increments for each successfully transmitted MSDU.
Multicast Tx Frame Count
This counter increments only when the multicast bit is set in the destination MAC address of a successfully transmitted MSDU. When operating as a STA in an ESS, where these frames are directed to the access point, this implies having received an acknowledgment to all associated MPDUs.
Retry Count
This counter increments when an MSDU is successfully transmitted after one or more retransmissions.
Frame Duplicate Count
This counter increments when a frame is received that the Sequence Control field indicates is a duplicate.
RTS Failure Count
This counter increments when a CTS is not received in response to an RTS.
Rx Fragment Count
This counter shall be incremented for each successfully received MPDU of type Data or Management.
FCS Error Count
This counter increments when an FCS error is detected in a received MPDU.
WEP Undecryptable Count
This counter increments when a frame is received with the WEP subfield of the Frame Control field set to one and the WEPOn value for the key mapped to the TA's MAC address indicates that the frame should not have been encrypted or that frame is discarded due to the receiving STA not implementing the privacy option.
Band Select statistics
When the feature is activated, the WLC doesn't immediately reply to probe requests on 11b/g. If immediately a probe is also seen on 11a, then the client is detected as dual band. Then WLC only replies on 11a. After some time, this "categorization" expires and WLC will again try to see if the client is present on both bands. -
Hellp on Nokia E61i associating with Cisco WLC 4402
I met some problem with associate Nokia's dual mode mobile phone E61i with Cisco WLC 4402, hope someone can help me on it:
I setup a VOICE WLAN in 4402(v5.0.148), Layer2 security is WPA1+WPA2, Key management using 802.1x, WPA1 policy enable both TKIP and AES, Radius server using ACS engine(v4.1.1.23)(enable PEAP-MSCHAPv2);
I can use my laptop to join this WLAN(my laptop configure with PEAP/MSCHAPv2, WPA-TKIP, not validate server certificate), but can't let E61i join it, each time it will remind me âunable to connect, WPA authenticate failed).
In E61i, I select WPA/WPA2 as WLAN security mode, enable EAP-PEAP, under EAP-PEAP, I enable EAP-MSCHAPv2; however under Cipher, there's a lot of options such as âRSA,3EDS,SHAâ, âRSA,AES,SHAâ, but there's no TKIP, I have tried to enable all of them and tried only enable those items which include AES, but I failed each time with the same reminder âunable to connect, WPA authenticate failedâ. I checked ACS's failed log, there's no record; In 4402, there also have no record.
If I change the security to open or static WEP for VOICE WLAN, then the E61i can connect to the WLAN.
I think the problem maybe relate to encryption or certificate, right now I just do the test in lab, not in customer's real environment, so I use ACS to generate a self signed certificate and installed it in ACS.
Pls. help to point me what I need to adjust to make it work. Thanks!Hello,
CCKM Key Management mode on Nokia E61i phone can be used
against Cisco LWAPP AP's with TKIP encryption
Nokia E61i (and other E-series WLAN enabled phones) are supporting CCKM key management method with both dynamic WEP and TKIP ciphers.
On the phone configuration, 802.1X security mode needs to be in use in order to enable CCKM support. WPA/WPA2 security mode on the phone is dedicated to standards based WPA and WPA2 methods and it does not allow usage of proprietary CCKM key management method.
Phone's 802.1X security mode does not mean that phone would only support dynamic WEP encryption method in this mode although in contexts term "802.1X" may be attached to pure dynamic WEP (legacy / pre WPA era)security methods.
 802.1X security mode can be seen on Nokia Eseries phones as sort of an "everything with EAP based authentication is allowed" mode, meaning that following key management and cipher configurations are supported:
- WPA-Enterprise = WPA Key Management (EAP based authentication) with TKIP encryption
- WPA2-Enterprise = WPA2 Key Management (EAP based authentication) with AES encryption
- Mixed WPA/WPA2-Enterprise = I.e. WPA/WPA2 Mode Migration WPA2 Key Management (EAP based authentication) with AES (for unicast data) and TKIP (for multicast data) ciphers
- 802.1X dynamic WEP = legacy (pre-WPA era) 802.1XÂ based dynamic WEP (EAP based authentication with dynamic WEP encryption)
Supported:
- CCKM with WEP = CCKM Key Management (EAP based authentication) with dynamic WEP encryption
- CCKM with TKIP = CCKM Key Management (EAP based authentication) with TKIP encryption
Not supported:
- CCKM with AES = CCKM Key Management (EAP based authentication) with AES encryption
Please note that CCKM-AES mode (CCKM Key Management with AES cipher) is not working properly due to some incompatibilities between Cisco and Nokia implementations thus it must not be listed as a supported combination on the current Nokia E-series devices. We are also seeing CCKM-Fast
Re-authentication failures with Cisco autonomous AP's when AES encryption is used although initial authentication to autonomous AP's is successful. Nokia is currently working with Cisco to get CCKM-AES based authentications and roaming working properly with both LWAPP and autonomous Cisco AP's.
 Also note that Nokia E-Series does not support Cisco proprietary CKIP/CMIC encryption/data integrity methods. CKIP/CMIC is supported at least by Cisco autonomous AP's and it seems to be available also
at least on LWAPP AP version 4.1.171.0.
 CCKM on E-Series devices has been tested against Cisco LWAPP (ver. 4.1.171.0) and it works when TKIP encryption is in use (WPA Policy + TKIP encryption in Cisco LWAPP configuration terms).
In practice this means Cisco LWAPP is configured in a following manner: WLAN -> Edit -> Security->Â
Layer 2 Security = WPA+WPA2
WPA+WPA2 Parameters:
-WPA Policy = enabled
-WPA Encryption = TKIP enabled, AES disabled
-WPA2 policy = disabled
-Auth.Key Mgmt = CCKM
Br,
-Pasi- -
Query About Cisco WLC 2504 TDLS
Dear Friends,
One of my client want to encrypt data over the wireless. I have cisco WLC 2504 IOS Version 7.2.0.0.
Please help me on this. I think by-default data encrypt is enable. If not so how can I enable it. If I enable it is there any impact to my wireless user's.
Please help me out .....
Thanks & Regards,
Rahul WankhadeHow to enable:
http://www.cisco.com/c/en/us/support/docs/wireless/2500-series-wireless-controllers/113034-2500-deploy-guide-00.html#enable
Impact:
2500, WiSM2, WLC2—These platforms by default will not contain DTLS. To turn on data DTLS, you must install a license. These platforms will have a single image with data DTLS turned off. To use data DTLS you will need to have a license.
http://www.cisco.com/c/en/us/products/collateral/wireless/2500-series-wireless-controllers/data_sheet_c78-645111.html
AS per cisco: Encryption limits throughput at both the controller and the access point.
Regards
Dont forget to rate helpful posts -
Need Information of cisco WLC 5508 LAG Interface
HI
We have cisco WLC 5508 in our network and right now ,this WLC is connected to two ports of each core switches.Both CORP and GUEST SSID are configured on this WLC.
Now we want to segregate the trafffic og GUEST to on core switches from WLC. SO my question is ,how can we achieve this without using guest anchor controller ?
Can i use one interfcae cisco WLC 5508 and connect it to the firewall or any device ?
Thanks
PuneetHi
Thanks ...I am using WLC as a DHCP server for Guest.
So i want to know ,is there any requirement that GUEST subnet should be pingable from WLC management IP address.
my topology is here...
Corp network and management network are reachable however management metwork is not pinagble from guest netowrk. -
Hello
i need your help
i want to configure Cisco WLC 5508 whith 03 vlans, 3750 as core swich
- management Vlan
- local-user vlan
- Guest Vlan
i want to know all steps or config to do on WLC
thxHi,
Just check this.
It may help u.
Wireless LAN Controller and Lightweight Access Point Basic Configuration Example
http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/69719-wlc-lwap-config.html
http://rscciew.wordpress.com/2014/01/22/configure-dynamic-interface-on-wlc/
Webauth for guest users:
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html
http://rscciew.wordpress.com/2014/06/19/wlc-webauth-configuration/
Regards -
Configure cisco wlc for rsa authentication
Hi,
I wanted to find out if it is possible to authenticate wireless networks using rsa. Currently we have a cisco wlc 2504, rsa authentication manager 7.1
Do we require a cisco ACS device to make this work. Please advise.
ThanksYes it is possible. The below is the list of items which you require to configure RSA authentication on WLC
•1. RSA Authentication Manager 6.1
•2. RSA Authentication Agent 6.1 for Microsoft Windows
•3. Cisco Secure ACS 4.0(1) Build 27
Note: The RADIUS server that is included can be used in place of the Cisco ACS. See the RADIUS documentation that was included with the RSA Authentication Manager on how to configure the server.
•4. Cisco WLCs and Lightweight Access Points for Release 4.0 (version 4.0.155.0)
For more information you can go through this link:
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a008090399a.shtml -
I am trying to TFTP an image to a Cisco 2504 WLC. The management interface is 10.1.1.1 /24 and I have my PC connected to a port on the WLC with the IP address 10.1.1.10. However, I still do not have connectivity between the PC and WLC. Any advice?
If you are connected directly to the WLC, you need to make sure the management interface is untagged, set to '0'.
You really should be connecting the WLC to a switch since the WLC isn't really a switch and TAC doesn't support connecting devices like AP's or PCs to the WLC.
Sent from Cisco Technical Support iPhone App
Maybe you are looking for
-
The Vendor column in FAGLL03 item line display is empty
Dear Experts, Could you tell me is it possible to make the vendor column with figure in FAGLL03 item line display? Pls refer to the sreenshot as below, the vendor column is empty, I don't know why? Thanks! Cindy
-
Object Dependancy for CHARS in Easy DMS
Hi All I have given object Dependancey for some CHARS in SAP DMS.Its working fine in DMS , but when I check the same thing through Easy DMS, the dependancy is not working.. I can see all the CHARS and all Values are displayed there.. Can someone guid
-
Hi , I am trying register external Wireless AP CAP-1552E , with controller 5508 ( version 7.4.100). I have a couple of issues and I am bit confused. AP does not want to register to the controller , on layer 2 or layer 3 , even if I use DHCP option 4
-
Hi Photoshop is not able to open files, and not able to save files either. It keeps reverting back with a error message: Not possible due to a program error. Im running Lr Ps and Bridge on a brand new MacPro. What is wrong?
-
How To Search Within Installed Extensions ?
How to search Within Installed Extensions for specific keyword to filter it ?