Cisco WLC DHCP upgrade issues
Hi,
I've discovered an issue with our WLC 4400 series controllers when we do firmware upgrades (recently moved to 6.0.199) it seems to reset the dhcp server on the controller but the Access points still retain their old IP until the lease runs out (48hrs). This means that any AP's requesting a new lease often get an IP conflict for the first 48hrs after the upgrade and we experienced areas where AP's wouldnt connect.
Is this a common issue and is there anyway to get the AP's to request a new address from the controller?
thanks,
Matt
Hi Matt,
When you do a WLC upgrade, a WLC reboot is required, this results in the DHCP lease table getting restarted as well.
Solution:
1-Setup an external DHCP Server to overcome this.
2- Restart the access points, so they request a new IP address.
This is mentioned on WLC release notes 6.0.199.0 that you are running, it is for clients, for the rule still applies:
Link
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn6_0_199.html#wp581125
Internal DHCP Server
When clients use the controller's internal DHCP server, IP addresses are not preserved across reboots. As a result, multiple clients can be assigned the same IP address. To resolve any IP address conflicts, clients must release their existing IP address and request a new one.
The same also applies on newer releases such as 6.0.199.4 and 7.0.
Have a good day.
Serge
Similar Messages
-
Cisco WLC ISE integration issue
Dear all,
We have wlc 5508 and ISE integration, out wireless clients can connect to Guest or Corporate SSID
When connecting to Corporate SSID, they can obtain IP address and successfully associate, to use internal service like (email, corporate service and etc) user need to download Airwatch agent and etc, but initially he can use ONLY internet connection, so the issue is client randomly reassociate, downtime of client less than a second, for example Android phone shows that periodically it disconnecting and reasociating again to SSID, i dont know if it is bug or some timers need to be configured, any ideas ?There is no problem with non-802.1x SSID
The problem is on ISE timers ? -
Hello,
I configured on my WLC 5508 a new Interface & VLAN . The WLC act as DHCP Proxy.
I enabled also Flex Connect local switching . Then I removed on my Switch under the
VLAN settings the IP helper because as I know the WLC act as IP helper.
What is still not clear for me is where I have to insert the DHCP server adress
on my WLC controller. Must I insert the DHCP server IP under my management Interface
or where I have to enter the DHCP server IP.
I tested this with the new VLAN interface and added the DHCP server IP but without success.
Thanks for help.
RegardsHi,
I addedd an IP helper under the L3 configuration without success. Same, WLAN clients don´t get an IP .
I configured following:
add a new VLAN into the switch with layer 3 and addedd IP helper on the L3 switch.
add the VLAN into the WLC controller wth a new SSID and Interface for this VLAN.
Enabled Flex Connect under the SSID.
Done a test with a wired client direct on a switch without problems.
If I try to connect over the WLAN then the client don´t get an IP.
Regards -
Hi,
We are facing this problem
we are using guest SSID with captive portal authentication.
We are using below step to conect to network
1) User will click on guest SSID & get IP from DHCP scope
2) User will open google.com & then it will redirect to authentication page - we need to provide userid/pass & then we will able to access internet
Problem
Assume user only do Step -1 , Then My dhcp scope is utilizing
How can we restrict the same to 'geneuine' user, any option/workaround ?
br/subhojitI have to agree with e. Shortening theeaae will help.
But the kny way to keep people off the WLAN would be to use a PSK so that only authorized users can get on.
HTH
Steve -
Upgrade BootLoader on Cisco WLC 4404
What is the latest Bootloader for the Cisco WLC 4404? And where can I download it?
My current versions are:
Product Version.................................. 5.2.178.0
RTOS Version..................................... 5.2.178.0
Bootloader Version............................... 4.0.206.0
Also is there a reason to upgrade the bootloader image?
On this webpage http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00805f381f.shtml it shows the steps to upgrade WLC are :
This sequence is recommended for your WLC software upgrade:
Upload a backup of your controller configuration to a TFTP server.
Disable the 802.11a and 802.11b/g networks on your controller.
Upgrade the primary image on your controller.
Upgrade the boot image on your controller.
Note: This is a required step for upgrades to 4.1 on the WiSM, 3750G Wireless LAN Controller, and 4400 Series Controllers.
Re-enable the 802.11a and 802.11b/g networks on your controller.
I get the primary image is just going to be AIR-WLC4400-K9-6-0-196-0.aes. But where do i download the Bootloader and it looks like i just do the same thing i did with the primary image.
I think I am missing something.
ThanksThe boot software image consists of the controller boot kernel and boot menu script. that is.. when you use the WLC for the first time. then you will be able to use this while entering the username, mobility information.. interfaces informations etc.. the Software version is the one which you issue CLI commands...or even simple example wil be.. reboot the WLC and hit ESC.. the software that you access at this time will be boot loader..
to upgrade the bootloader...
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00805f381f.shtml#hw
Regards
Surendra -
Configuration of Cisco WLC 2504 with Local LAN static IP and DHCP
I want to configure Cisco WLC 2504 with Local LAN static IP and WLC 2504 with DHCP so that APs can be connect with controller.
Currently i am using WLC 2504 with DHCP so can anyone suggest how to do that..Hi Sandeep
The info is correct, if we're using code below 7.3.101.0.
This issue is fixed via the below bug id.
CSCto01390 Unable to ping AP's directly connected to a 2500 controller
check the fix that is updated on 7.4, 7.5 RNE.
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn75.html
Note
Directly connected APs are supported only in Local mode.
http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps8322/ps11630/data_sheet_c78-645111.html
For quick and easy deployment Access Points can be connected directly to 2504 Wireless LAN Controller via two PoE (Power over Ethernet) ports
Thanks
Saravanan -
WLC 5508, DHCP Problem after Update Cisco ASA(DHCP-Server)
Hello,
our Problem is, our Apple Devices get no ip adress from our Cisco ASA Cluster(ASA 9.1.2) over Wireless(Cisco WLC 5508). All other devices(Windows, Android,...) work correct, without problems. Our WLC is in HA-Mode.
Does anybody have an Idea?
Thank you very much and Best regards,
StefanHello again,
I hope this case is the solution.
https://supportforums.cisco.com/message/3942112#3942112
I will let you know after downgrade.
Best regards,
Stefan -
Hi,
I configured WLC as DHCP server and is working fine when connected to 3750 core switch. The AP's and clients are getting IP address.
When the same WLC is connected to 6500 , the DHCP is not working from WLC . The same port of 6500 switch is verified by connecting a 3750 switch as dhcp server and AP as well as clients are getting IP.
DHCP snooping and port security is not enabled in the 6500 and the configuration is simple. The WLC is untagged and the 6500 port is a trunk port with 242 as native VLAN.
Please helpDear Surendra,
Please see the answers in line.
1.As per your previous post, if we connect WLC to 3750 core everything works fine.. so in this case, i assume that we have INTERFACE VLAN on the switch and then the management interafce on the WLC are in the same subnet?? correct??
"Yes , All are in the same Vlan . Interface VLAN and management interface are in same subnet."
2. Similarly, if we swap the 3750 with 6500, it doesnt work.. in this case.. have you created the interface vlan on the 6500 in the same subnet as that of management interface of the WLC??
" Yes, the 6500 has vlan interface without IP. The same way we configured 3750 "
Or
3.are we not swapping the 6500 and we are connecting the WLC to the WLC to the 6500 and then this 6500 to the 3750??
"We connected WLC LAP to 3750 and the dhcp of wlc is working fine.. When WLC & AP connected to 6500 , the WLC DHCP is not working. We verified the 6500 port by coonecting 3750 as DHCP server and WLC is connected to 3750 and all were working fine. When WLC is directly connected to 6500 , the LAP is not joing to WLC. When static IP is given to LAP, the LAP joined WLC but the clients were not getting IP."
4.Layer 2 means... interface VLAN on the switch and the WLC management and the AP DHCP pool are all in the same subnet. correct?
"Yes all are in the same subnet"
Thanks for your efforts.
Regards,
Savad -
Hi All,
We currently have 4 x WLC 5500 (AIR-CT5508-K9) V01 and V02
So two in one datacenter and the other two in another datacenter. They are connected via Mobility group to and BOYD open wifi with an Anchor WLC the other 1.
All four of them are 7.4.110.0 and the APs we use are AIR-LAP1142N-E-K9 and AIR-CAP2602I-E-K9.
We are looking to get 2700 or 3700 AP so we can use 802.11ac, but we need to upgrade all WLC to 7.6.130.0.
1. is it a direct upgrade from 7.4.110.0 to 7.6.130.0?
2. If I upgrade one datacenter one weekend and the other next weekend, during that week two WLC would be 7.4 and other two 7.6 would it break or cause issue with Mobility group to and BOYD open wifi with an Anchor WLC?
3. Can any please provide step to step guide for the upgrade from 7.4 to 7.6?
Many Thanks
appreciate it :)Hi Rasika,
Many Thanks for your reply and help!
1. In regards to Upgrade the FUS, is it required to be upgraded once the WLC are upgraded to 7.6 or is just good practice?
2. Or I can I upgrade the FUS another time?
Here is our sysinfo
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.110.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... bupa-sw_sta-un1-dcwlc
System Location.................................. Unit1 DC
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.96.5.10
Last Reset....................................... Software reset
System Up Time................................... 448 days 13 hrs 9 mins 12 secs
System Timezone Location......................... (GMT) London, Lisbon, Dublin, Edinburgh
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... GB - United Kingdom
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +39 C
External Temperature............................. +26 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 7
Number of Active Clients......................... 572
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ 64:00:F1:F1:1E:40
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 175
3. Also once Ive upgraded the WLCs from 7.4 to 7.6, should I reboot the WLC and let it upgrade all APs, the upgrade the FUS or upgrade FUS after upgrading the WLC without the reboot which is required?
Many Thanks,
Zilad -
Cisco wlc ios 7.2 with clients windows 8 can not authenticate with 802.1x
Hello my name is Ivan:
I have a solution a unified solution wireless with a cisco wlc 7.2 and ap cisco. My issue is the follow:
My users are using laptops with OS windows 8, and they can not access to the network wireless because they authenticate in to the network using 802.1x wpa/wpa2 with tkip or aes.
I find a bug in the ios of the wlc. The number is CSCua29504. I would not to change the drivers in the laptop to join the users in to the solution.
Please is possible to find any software to do the upgrade in the wlc? Or perhaps we need to do an upgrade in to cisco lightweight access point?
Please help me in this issue.
Regards
IvanBug ID CSCua29504 has been fixed in WLC firmware 7.0.235.3, 7.3.101.X or 7.4.100.X.
So if you are NOT running any one of these codes, then yes. Upgrade your firmware is your solution.
Fixed in: (12)
7.4(100.0),7.4(1.20),7.3(112.0),7.3(101.0),7.3(1.67)
7.2(111.3),7.2(111.1),7.2(110.4),7.0(236.0),7.0(235.3) -
Dear Friends,
I am using Cisco WLC 2504 current software version is 7.0.220.0 and I want to upgrade it to the latest version which is 8.x.x.x.
Could you please help and advice the best way of doing it? Also can I upgrade direct to the latest version or do I have to upgrade step by step?
Thank you very much for your help and support.
Thanks
UmarHi
Could you please help and advice the best way of doing it? Also can I upgrade direct to the latest version or do I have to upgrade step by step?
Yes, you can go directly to 8.0.x from 7.0.x code. Refer below link
http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn80mr1.html#68333
Make sure you refer the release notes for any known issues with this code. Also upgrade FUS to 1.9.0.0 as well. This will take around 30 min downtime as well.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.html
If you have different AP models, MSE, Prime products, refer this compatibility matrix as reference.
http://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html
HTH
Rasika
**** Pls rate all useful responses **** -
Hi friends,
I am planning to have a wireless environment for a corporate company. I would like to have a Cisco wireless LAN controller 2100 series and 15 numbers of cisco aironet 1142 n access point. Since wireless is gonna be a very important medium for the premises, I am planning to have high availability for the 2100 series WLC.
With this scenario I am having the following of queries?
1. Does high availability is supported with WLC 2100 series or need to go for an hihger end WLC's? It would be great if I am guided with some documents on this?
2. My wired switching infrastructure at the core is running with GLBP. Can I connect the both WLC in each switch in an dual home architecture?
3. Is there any pre-requistes for doing the high availability for the WLc's?
4. Yet another company that is close to me do have the same architecture for wireless infrastructure, except that they have cisco WLC as 5508 and Cisco aironet 1142n access point. All the end points NIC adapters that they have support a/b/g standard. But with an n series they continously report low signal strength, the reason for this still unknown?
But the tech documents of 'n' series access point claims that they support, 300Mbps within 33 feet and 200 Mbps within 66 feet.
They are having 2 nos of Cisco 1142n access point for every 30 feet but still they are facing low signal strength. Also there workspace are all cubicles and without any interference.
It would be great if I am guided on this issue also?
Regards,
Karthik Anbumani/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Hi Karthik,
You can build this HA solution based on the 2100 controllers. And if you want HA for 15 access points you need two 2125 controllers. But I will suggest that you consider the 5508 controller since that is a more future proof hardware and will give you more features that you might want to use such as Office Extend.
Right now there is a bundle available for one 5508 with 10 x AIR-LAP1142 and the GPL price for that bundle is USD 31,424. And you should consider if you need the HA solution or if you are covered by the onsite support. In the product list below I have used the regulatory domain E and power cable for Europe. Make sure that you get this correct for your country. This is a limited offer ending August 1st 2010. You also need the additional 5 access points or more if you want Office Extend.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Also consider that the 2100 series only have FastEthernet interfaces so you will not be able to utilize the full 11n throughput.
1 x 5508 with 10 x 1142:
Product
Description
Quantity
Price
Lead Time
AIR-CT25-1140E10
802.11a/g/n ESTI Cfg5508-25 10AP WCS Demo Promo ends 8/1/10
1
24,595.00
14 Days
AIR-CT5508-25-K9Z
5508 Series Controller for up to 25 APs
1
0.00
14 Days
AIR-PWR-5500-AC
Cisco 5500 Series Wireless Controller Redundant Power Supply
1
1,495.00
14 Days
SWC5500K9-70
Cisco Unified Wireless Controller SW Release 7.0
1
0.00
14 Days
AIR-PWR-CORD-CE
AIR Line Cord Central Europe
1
0.00
14 Days
AIR-LAP1142N-E-K9Z
Manufacturing Level PID - AIR-LAP1142N-E-K9
10
0.00
14 Days
S114RK9W-12421JA
Cisco 1140 Series IOS WIRELESS LAN LWAPP RECOVERY
10
0.00
LIC-CT5508-25
25 AP Base license
1
0.00
14 Days
LIC-CT5508-BASE
Base Software License
1
0.00
14 Days
WCS-CD-K9Z
CD With Windows And Linux. No License.
1
0.00
14 Days
CON-OSP-CT25E10
ONSITE 24X7X4 802.11a/g/n ESTI Cfg: 5508-25; 10APs;
1
0.00
CON-OSP-CT0825
ONSITE 24X7X4 Cisco 5508 Series
1
2,944.00
CON-OSP-1142EK9Z
ONSITE 24X7X4 802.11a/g/n Fixed AP
10
2,390.00
Total LeadTime: 14 Days Total Price: USD 31,424.00
Total LeadTime: 14 Days Total Price: USD 31,424.00
2 x 2125 with 10 x 1142:
Product
Description
Quantity
Price
Lead Time
AIR-WLC2125-K9
2100 Series WLAN Controller for up to 25 Lightweight APs
1
8,995.00
21-35 Days
CAB-AC-C5-EUR
AC Power Cord, Type C5, Europe
1
0.00
14 Days
SWLC2100K9-70
Cisco Unified Wireless Controller SW Release 7.0
1
0.00
14 Days
ASA5505-PWR-AC
ASA 5505 AC Power Supply Adapter
1
0.00
14 Days
SSC-BLANK
ASA 5505 SSC Blank Slot Cover
1
0.00
14 Days
CON-OSP-AC2125K9
ONSITE 24X7X4 WLAN Controller for for Retail
1
1,656.00
Total LeadTime: 21 - 35 Days Total Price: USD 10,651.00
Product
Description
Quantity
Price
Lead Time
AIR-WLC2125-K9
2100 Series WLAN Controller for up to 25 Lightweight APs
1
8,995.00
21-35 Days
CAB-AC-C5-EUR
AC Power Cord, Type C5, Europe
1
0.00
14 Days
SWLC2100K9-70
Cisco Unified Wireless Controller SW Release 7.0
1
0.00
14 Days
ASA5505-PWR-AC
ASA 5505 AC Power Supply Adapter
1
0.00
14 Days
SSC-BLANK
ASA 5505 SSC Blank Slot Cover
1
0.00
14 Days
CON-OSP-AC2125K9
ONSITE 24X7X4 WLAN Controller for for Retail
1
1,656.00
Total LeadTime: 21 - 35 Days Total Price: USD 10,651.00
Product
Description
Quantity
Price
Lead Time
AIR-LAP1142-EK9-PR
LAP1142 Controller Based E Reg Domain
1
9,950.00
14 Days
S114RK9W-12421JA
Cisco 1140 Series IOS WIRELESS LAN LWAPP RECOVERY
1
0.00
AIR-LAP1142-EBULK
BOM LEVEL PID FOR BULK PACK
10
0.00
14 Days
CON-OSP-LAP1142E
ONSITE 24X7X4 802.11a/g/n Fixed Unified AP; ETSI
10
2,390.00
CON-OSP-L1142E0P
ONSITE 24X7X4 802.11a/g/n LWAPP AP EU Cnfg-Promo Pk
1
0.00
Total LeadTime: 14 Days Total Price: USD 12,340.00
Total LeadTime: 21 - 35 Days Total Price: USD 33,542.00
Regards,
André -
Cisco WLC 2500 - 802.1x with Vasco Radius SMS OTP
Hello folks,
I have what seems to be a complex implementation with many things that need to be done on a customers network and I wanted to be pointed in the right direction.
The current scenario is such, the customer has a Cisco WLC 2500 device that has 3 access points(these are in the same AP group) connected to it. There is one SSID that I will call PRODUCTION here that some domain users use to connect to the local network. The customer has requested to have a GUEST SSID added to the WLC where guest users will connect to and recieve a SMS OTP for authentication.
Correct me if I am wrong, but I will obviously need to segment the SSIDs to have them running on different subnets to ensure that guest users do not have access to the production network once they authenticate. In order to do this I will need to configure Dynamic VLAN assignment for the Cisco WLC and connect it to a 802.1x port on the switch.
Now what is not clear is I am not interested in authenticating the users that connect via "Production SSID" and want to bypass authentication for those users and have them assigned to the default vlan (or maybe perhaps have them authenticate via LDAP on the AD), however I want to force the "GUEST" SSID users to authenticate so that they may recieve an SMS OTP (reason for this is to force guests to register their phone numbers to use the internet so that Illegal activity may be tracked).
1)So would it be possible to bypass authentication(or authenticate them via LDAP) for the PRODUCTION SSID as only domain users would know the SSID password to log on and have them by default assigned to the production subnet (default vlan) but force the GUEST SSID users to another VLAN via 802.1x sms otp?
2)*Important* Another issue that is not clear is will I be able to directly configure AAA Radius settings on the Cisco WLC to directly authenticate with the VASCO Radius OTP and recieve a challenge-response(required for OTP) during authentication? As I have seen from Ciscos Dynamic VLAN assignment docuementation (http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml) additional IETF Radius Perimeters are used such as Tunnel-Private-Group-ID etc are used which I can't seem to configure on the Vasco.
I do beileve this is a great project in helping me understand the INs and OUTs of CISCO WLC as well as Wireless NAC, If anyone could enlighten me and point me in the right direction I would be forever in debt. Much appreciated.
Best Regards
Sinan Barghouthi - JNCIA-FWV , JNCIA-IDP , CCA-NS , TCSM-8.0On your WLAN you can enable AES and TKIP. Just know that some clients mau have issue when they see both TKIP and AES. Ive had pretty good success with this in the past. Dont forget, you also need to enable WMM allowed to get N rates.
But you will need to configure AES on the client as well to support N rates.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection." -
Cisco WLC 5508 with 3702APs - mobile hotspot for 2000 Guest users
Cisco WLC 5508 with 3702APs - mobile hotspot for 2000 Guest users
I've been given a fantastic "opportunity" by my boss to use our existing wireless infrastructure to provide internet access to potentially upto 2000 VIP guests arriving with BYOD devices, in a very densely populated area for a 3 day event. We are talking an area of approx 200m x 15m. Think of it as an awards ceremony/concert. The solution will also be mobile so we will be using internet breakout from different telcos as it will move to approx 20 countries. The area is also incredibly densely populated with other wifi APs. I did a brief site survey and AirMagnet could detect over 2500 other 'rogue' APs from where I was stood! I hope CleanAir works!
We need a simple authentication method for them to connect with zero admin from our side. We don't want to just offer up a rolling daily PSK as that's a bit amateur and we don't really want the VIP guests sharing the PSK with others during their stay. Ideally they could self-provision by providing an email address.
I know the WLC can handle webauth for local users but I don't think it scales very well. ie I don't think I can offer the account to several hundred people.
Cisco ISE looks a very expansive (and expensive) product but I don't think we need all it's capabilities (do I?). It would be nice to just ask a potential user for their email address and grant them access and email them next year. I've seen Cisco NAC but that looks over the top too for just guest users who will only be accessing a shared internet connection.
I've seen 3rd party supposed software solutions from Kiosk Antamedia etc do they work with Cisco Enterprise WLC solutions?
We'd like to limit users to a certain (low) bandwidth and block (say) torrent traffic to keep the general user experience worthwhile.
Does anybody have any case study documents or experience of such a project? As well as the authentication it's how well the APs will handle the dense potential number of clients trying to connect in such a confined space.
Any suggestions would be gratefully appreciated from the knowledgeable community.
Cheers,
MikeHi Rasika,
We are having WLC 5508 model with software version running 7.4.121.0. AP Models are AIR-CAP2602I.
Normally our WAN links are good even while the issue pertains. We are connected to remote offices over ipsec site to site vpn for WAN. The link latency in WLC between the AP and the controller shows <1ms.
currently the Guest network is using WPA2-PSK auth given in the controller. we are trying to find a option to make the Guest wireless auth local to the office, and see if this solves the problem.
any suggestions,
Thank you,
Arjun -
I am working on a firmware upgrade on WLC 5508 and WLC 2100 from 7.2.111.3 to 7.4.121. I have 10 forign controllers and 2 anchor controllers. My question are:
(1) Should I upgrade the forign controllers first or anchor controllers first?
(2) Should I or do I need to upgrade Cisco NCS, 1.1.1.24, after the WLC firmware upgrade?
(3) SHould I or do I need to upgrade CIsco MSE to latest version?
Thanks,(1) Should I upgrade the foreign controllers first or anchor controllers first?
Does not matter the order.
Make sure you upgrade the FUS to 1.9.0.0 version as well
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.html
(2) Should I or do I need to upgrade Cisco NCS, 1.1.1.24, after the WLC firmware upgrade?
Refer the below link (table 4) compatibility matrix, you should have NCS/Prime 1.3.x
http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html#wp142297
(3) Should I or do I need to upgrade CIsco MSE to latest version?
Refer the table 7 of the above link, you should have MSE 7.4.121.0 as well for compatibility
http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html#wp142297
HTH
Rasika
**** Pls rate all useful responses ****
Maybe you are looking for
-
Hello, I just upgraded to Ver 11 (I really, really wish I hadn't!) and content is missing... read on. I store my itunes library on an external usb drive. After 'upgrading' to 11 I am absolutely missing a bunch of content--just not sure exactly what.
-
Applescript date parsing has changed
i have been using a script i wrote 7 years ago to convert a string in mm/dd/yyyy format to an a/s date object, and as of last week it was working perfectly. tonite i just tried it and "11/05/2012" is parsed as 11may rather than 5nov...something chang
-
Error in CRM Middleware- SMQ2-Sysfail-Message 999999.
Dear All, I have a problem of one of the queues(in SMQ2-inbount) in CRM 5.0 is struck with SYSFAIL error. The queue name is R3AI_DNL_COND_A005. When I double click the queue entry I get an Error: Message No 999999. Log directory is full. Even resetin
-
Hi I am trying to add a Firewire bus via a PCI bus to my G5 Primarily to attach a Liquid Mix too. Focusrite tell me I need a Texas VIA or NEC chip set. Here in the UK I am finding it impossible to find a supplier that can tell me what chip set is in
-
I have a requiurement where i have to poll a certain directory and based on the file type move it to a different location.....i was planning on using 2 comm channels and using exclude file a in cc1 and file 2 in cc2... Is there any other way..? Venka