IP-MAC Binding for WLC-5508

Hello!
I am having problem in configuring wlc 5508, in a security option i applied mac-filtering and it works fine.
Now I need to configure ip-mac address binding, i tried both with gui and cli method but it is not working. While configuring mac-filtering on gui there is a option to define ip address, after defining xx.xx.xx.xx ip address for device xx it is not peaking particular ip from the pool.  
mac-filtering is still working with out issue.
Also tried with cli.....
Looking through the configuration guide i tried every possible ways but couldn't get any resolution.
mac-binding, mac-filtering is enable,
What will be the possible causes of this?
does it support mac-ip binding in its local database?
I would be thankful in your any suggestions and advises!  
Nikhil

Thanks for reply David,
Currently user are authenticate from mac address and we want IP-MAC base authentication in cisco 5508 controller.
we are facing some problem that in stead of ip-mac pair only mac address is authenticate.
can u guide me that how can i authenticate IP-MAC pair in cisco 5508 controller?
or Is this possible on Cisco 5508 controller as it is showing ip address field in GUI option?
i am waiting your reply.

Similar Messages

  • Redundancy for WLC 5508 7.1.103

    I was trying to setup 2x WLC 5508 follow this instruction , copy config of 1 WLC to another and change the IP address. Then setup HA in global config for all AP
    https://supportforums.cisco.com/thread/2036661
    Is there a way to confirm fail-over work without turning off the 1st WLC ?
    I tried this command on 1 of the AP "show capwap client config"
    But it does not show secondary controller config.

    Are you sure you don't see primary and secondary controller's IP addresses on the command "show capwap client config"?
    If configured, primary, secondary or tertiary WLCs appear on the output of this command like this:
    mwarName               WLC1
    mwarIPAddress        x.x.x.x
    mwarName               WLC2
    mwarIPAddress        y.y.y.y
    mwarName               WLC3
    mwarIPAddress        z.z.z.z
    Where, WLC1 is the primary, WLC2 is the secondary and WLC3 is the tertiary.
    Note that the listing order determines which one is primary and which is secondary...etc. (first listed is primary, second is secondary..etc).
    You double check the output of your command.
    You can take Leo's advice about testing HA without reloading the WLC, but you can also check HA per AP basis. Try adding one ACL that prevents specific AP from communicating with the primary WLC and wait to see if it will join the secondary or not.
    HTH
    Amjad
    You want to say "Thank you"?
    Don't. Just rate the useful answers,
    that is more useful than "Thank you".

  • Emergency Version for WLC 5508 with 6.0.188

    The release notes for 6.0.188 talks abt 5.2.157.0 ER.aes. But 5508 does not like the file AIR-WLC4400-K9-5-2-157-0-ER.aes.
    How can I get the boot loader on WLC 5508?
    On WLC 5508...
    Product Version.................................. 6.0.188.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... 6.0.182.0
    On WLC 4404
    Product Version.................................. 6.0.188.0
    RTOS Version..................................... 6.0.188.0
    Bootloader Version............................... 4.2.205.0
    Emergency Image Version.......................... N/A  ----------> Even though I installed 5-2-157-0-ER.aes it does not show here... Bug???

    Ok. In the release notes of 6.0.188 they should have seperated for 5508.
    On WLC 4404
    Product Version.................................. 6.0.188.0
    RTOS Version..................................... 6.0.188.0
    Bootloader Version............................... 4.2.205.0
    Emergency Image Version.......................... N/A
    When u say "The n/a issue is a bug but its with the primary image, not the ER image"
    Do you mean that because my primary image is 6.0.188 which has bug to not take  or show the ER image?

  • Web redirect not working on MAC OS X WLC 5508

    Hi,
    I have a problem with Mac OS X-users. When connecting to the guest-network, the Mac does not get redirected to the login-web.
    I have tried to manually type in the url and IP-adress to the login-page, but cannot reach it. It works with all other devices.
    Code: 7.6.130.0 Hardware: Cisco 5508
    Grateful for any input on the matter.
    Regards
    Fabian

    Is there any guest anchoring in this scenario? 
    Have you verified that your client is receiving DNS and can do nslookups?
    Is this with all MAC users or only a select subset e.g. Yosemite only machines?
    What is the virtual IP you are using?

  • Default username and password for WLC 5508 series

    Hi ,
    please let me know the default username and password for the below  WLC  device
    Model :
    AIR-CT5508-100-K9
    Image : AIR-CT5500-K9-7-0-230-0.aes                
    Regards
    Lerner 

    Password Recovery in WLC versions 5.1 and later
    If you forget your password in WLC version 5.1 and later, you can use the CLI from the serial console of the controller in order to configure a new user name and password.
    After the controller boots up, enter the Restore-Password command at the user prompt. This command is only accepted for the initial user login and becomes disabled after a user logs in. You are prompted to enter a new username/password, which can then be used to log into the controller and modify settings.

  • Prime Infrastructure 2.0 Collection Failure for WLC 5508

    Hi,
    We have installed prime infrastructure 2.0 as a VM.
    I added 2 WLCs (AIR-CT5508) in the device work center.
    Both the WLCs are showing as "Managed" but under the collection status it says "Collection Failure".
    When I hover over the message it reads:
    Other Error: Wireless Controller added successfully but some tables had their records dropped as their key fields failed validation"
    Any ideas?
    Thanks
    Satyaki

    Hi Satyaki,
    Try to reboot the WLC ,if possible and then check the status of the issue.
    Regards-
    Afroz
    **Ratings Encourages Contributors ****

  • How can i take Backup for my WLC 5508

    Plz help me to take backup for WLC 5508
    Sent from Cisco Technical Support Android App

    Check here:
    http://www.cisco.com/en/US/docs/wireless/controller/7.2/configuration/guide/cg_managing_ctrlr.html#wp1196069

  • WLC 5508 7.4.X - N+1

    Hi,
    I don't undestand this document
    http://www.cisco.com/c/en/us/td/docs/wireless/technology/hi_avail/N1_High_Availability_Deployment_Guide/N1_HA_Overview.html
    How can the third 5508 (suport max 500 AP) backup all other WLC ? n+1 how ?
    With secondary wlc configured in HA-SKU (without AP SSO) the 500 licenze are permanent ?
    who can explain me.. this is a document bug ??

    What they're describing is HA N+1, not HA 1:1 AP SSO.  This option, which is "NON-AP-SSO", allows you to use an HA-SKU or > -50-k9 SKU coverted, to operate as a dedicated +1 WLC in HA.  When using this configuration, this WLC allows the use of the "hardware maximum" of the device: Thus 500 APs for WLC 5508, or 1000APs for a WISM2 (as an example).  Since this WLC can wait as a backup to multiple WLCs, that's why it's not capable of the AP SSO, which requires a 1:1 pairing of the HA WLC with an Active HA WLC.
    When using the HA N+1 the WLC acts the same as the pre AP-SSO "HA" concept; where you had Primary, Secondary Tertiary configs on your APs (which you may still have).  All it is saying is that the N+1 HA WLC can act as one of these Secondary/Tertiary WLCs, much like a WLC you had licenesed for 250 or 500 APs could do previously.
    In the past you would use, lets say a 250 WLC AP as this backup WLC.  Many people were frustrated that they had to have a $60,000 WLC just sitting there "waiting for something to fail".  But that's what it did.  If a WLC failed, lets say one with 100 APs, this backup WLC would take on the APs and use 100 of it's 250 AP license count.  If additional WLCs failed, the process continued until this backup WLC was filled.
    The idea of using the HA-SKU in an N+1 is that while yes, you don't get the 1:1 AP SSO configuration, you are getting more bang for your buck in that this WLC can sit as a backup (as it did in the past) but it can accept up to the maximum it's hardware can handle in terms of AP count, not only what it was permanently licensed for.  Rather than spending $100,00 on a 500 AP count WLC to backup your 2x250 AP count WLCs, why not look at a $50,000 HA-SKU that can "handle" up to 500 APs.
    So given this scenario, this WLC is "backuping up all other WLCs" for whom it is a Secondary/Tertiary WLC backup.
    As far as the HA-SKU "licenese", it's not "permanent" per se.  With an HA SKU in N+1 you have a 90 day timer which will then "nag you" (via console) that this HA WLC is not truly intended to permanently house these APs.  The idea is that if the Primary WLC failed, you would get it back online and then move your APs back to where they belong and return the HA N+1 WLC back to 0 APs.

  • Port channel WLC 5508 and 3750

    Hi All,
    I want to configure Port channel for WLC 5508 and cisco 3750 Stack Switch. What changes I need to make on WLC and where?
    Thanks
    Jagdev

    Thanks Chris,
    LAG is enable on WLC, and Port channel is configured on 3750, Please see the configration and Port channel status below:-
    (Cisco Controller) >show lag summary
    LAG Enabled
    interface Port-channel14
    description Port Channel to WLC001
    switchport trunk encapsulation dot1q
    switchport mode trunk
    end
    sh etherchannel 14 summary
    Flags:  D - down        P - bundled in port-channel
            I - stand-alone s - suspended
            H - Hot-standby (LACP only)
            R - Layer3      S - Layer2
            U - in use      f - failed to allocate aggregator
            M - not in use, minimum links not met
            u - unsuitable for bundling
            w - waiting to be aggregated
            d - default port
    Number of channel-groups in use: 14
    Number of aggregators:           14
    Group  Port-channel  Protocol    Ports
    ------+-------------+-----------+-----------------------------------------------
    14     Po14(SD)        LACP      Gi1/0/22(I) Gi2/0/22(I)
    sh run int g1/0/22
    Building configuration...
    Current configuration : 209 bytes
    interface GigabitEthernet1/0/22
    description Trunk to WLC001 DistPort1
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 254
    switchport mode trunk
    channel-group 14 mode active
    end
    sh run int g2/0/22
    Building configuration...
    Current configuration : 209 bytes
    interface GigabitEthernet2/0/22
    description Trunk to WLC001 DistPort2
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 254
    switchport mode trunk
    channel-group 14 mode active
    end

  • Integration between WLC 5508 and Microsoft NPS 2008

    Hi guys,
    Any of you, have working guidance for WLC 5508 and Microsoft NPS 2008 integration?
    I managed to configure Wireless 802.1x feature (PEAP) but it failed. I'm running software ver. 7.0.116.0.
    Is there any bug related 802.1x on this software version?
    thanks in advance.
    BR
    shendy

    Hi Shendy,
    I am not aware about any bug related to this. I think you better check all configuration and make sure it is fine.
    Logs from NPS and WLC (and possibly from the supplicant) may guide you where the problem resides.
    What does the NPS logs tell about the reason of the authentication failure?
    What does the WLC logs say about the failure (check show msglog and show traplog).
    - Make sure the Radius server added correctly with correct IP and correct shared secret on WLC.
    - Make sure that the radius is configured correctly to allow PEAP-MSCHAPv2.
    - Make sure WLC is added successfully to WLC with correct IP address and correct shared secret.
    - Make sure the clients are correctly configured and the server's (NPS) certificate is trusted on the clients.
    HTH
    Amjad

  • WLC 5508 - Error extracting webauth files.

    Hi all,
    i am getting an error during the Upload of Login page for WLC 5508 customized.
    After the upload is completed i receveid the error "Error extracting webauth files."
    I tried to create the file *.tar with different program (winrar, 7zip, gnu tar, etc)
    anyone know the solution for this problem?
    Thanks
    Marco

    TQVVM Marco, it helps and issue resolved. I was downloading a folder consists of (login.html+folder CSS) compressed .TAR but failed. Instead of putting in a folder and directly downloaded the compressed .TAR and it was extracted successfully.
    Thanks.

  • Cisco ACS 5.1 & Cisco WLC 5508 & Cisco WCS

    I have managed to get TACACS+ working for the WLC and WCS but having trouble with Radius for management authentication and authorization.
    Anyone got and ideas or good documents on how to authenticate administrators using radius ACS 5.1 for WLC 5508 and WCS 6
    I take it that I still need to define roles?
    Many thanks.
    Jay

    You may try this with radius-ietf under shell-privelege
    For read-write privileges for the user, set the Service-Type Attribute to Administrative.
    For read-only privileges for the user, set the Service-Type Attribute to NAS-Prompt.
    Regards,
    Jatin
    Do rate helpful posts~

  • Second WLC 5508 for HA N+1 with Mesh Network

    Hi,
    End user has a WLC 5508  and around 12 LAPs (an increasing un short time) configured and working for mesh network (some ROOTs and MAPs)
    now is the way to deploy an additional 5508 in another site  so that be the backup of the first controller.
    Taking into account that is a mesh network what would be the options in WLC's config so that we can have the shortest time for LAPs to associate to
    the backup controller?
    I appreciate your comments
    regards

    yes, wlcs can be on different sites. be sure to configure primary, secondary wlc name and ip on those APs.

  • WLC 5508 Multiple Interfaces for Multiple SSIDs

    Hello guys,
    I am trying to build a new network from scratch, I have the WLC 5508 w/ Aironet 3600e APs connected to my Netgear Smart Switches and a Linksys RV082 router that I'm using as my DHCP server with several VLANs for several stuff on my Switches.
    I have 2 questions:
    1. Can I have 5 Interfaces configured on 5 different VLANs, each SSID on each a different Port:
    Port 1: Controller management only=> 192.168.x.x /24
    Port 2: SSID 1: WiFi Internal=> 172.16.x.x/12 (Radius Auth with no sharing)
    Port 3: SSID 2: WiFi Internal w/ sharing=> 192.168.x.x/24 (Radius Auth with sharing)
    Port 4 :SSID 3: WiFi Guest=> 10.0.x.x/8 (Web Auth)
    Port 5: SSID 4: WiFi IT=> 192.168.x.x/24 ( Radius or certificate Auth with access to the controller management interface)
    2. How can I use the Controller as the DHCP server for all the WiFi traffic, and how should that be configured to work with my other DHCP server?

    Yes you can... but you have to disable LAG.  Each post will need to be connected to a dot1q trunk and you will only allow the vlan that is required for that port.  Also on the interface, you will define what port is primary and what is backup.  I'm guessing you will not be using the backup port.  For example... port 1 that connects to a trunk port will only allow the management vlan.  Here is a link to setup dhcp on the WLC
    http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080af5d13.shtml
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • ISE Profiling for Wireless Devices (WLC 5508) like Laptops and Mobile Devices

    Hi,
    We have integrated WLC 5508 to cisco ise 3315 with ios 1.1.1 and using Guest Sponsor portal for wireless guest users.
    Where we have created open ssid in wlc and redirect web login portal in wlc for guest  users. We have enable all respective node in policy service for profiling and also configure snmp in wlc as well as in ise.
    When guest user is connected to open ssid its get redirected to web login page of ise portal and when it gets login we are  only able to see the username which guest user login but not the end device in monitoring log.
    Wireless End devices are not able to get profiled can any one tell me what configuration I need to do on ise or wlc side to profiled end guest wireless device like android,iphone and laptops
    Thanks
    Pranav

    Hi Tarikh,
    I only want to identify the end devices for wilress guest user. I have configured MAB Authentication and configure autorization policy where in mention identity group any condition as wlc web authentication and athorization profile only guest mentioning plain access for the same.
    Can you help me how I can achived profiling for wirless guest devices. I have configured all profiling probes . Enable snmp on wlc as well as in network devices.
    What else I need to configured to achived just identiting device nothing but profiling and which should reflect in authnetication logs.
    Thanks
    Pranav

Maybe you are looking for

  • Apps Adapter error while creating hire_applicant

    Hi, I tried to create a Oracle Apps adater which converts applicant to employee using HR_APPLICANT_API.HIRE_APPLICANT.But in the design time itself it is showing error "Error while writing WSDL file Exception :the wrapper procedure HR_APPLICANT_API$H

  • How i add digital signature in interactive form

    Hi gurus, I want to upload an Digital Signature in Adobe forms. Could any body tell me the procedures please help me out. Thank you, pawan

  • Interested in a LabView-Chat? (Datasocket)

    Hello, if someone needs a labview-chatprogramm then check the attached file. I made some tests with the datasocket and here is the result. Installatation: - Take two computers connected overLAN - Start the Datasocket-Server on one Computer - Change 

  • Dynamic Tabs in Form

    Hi, I have created a Form with a Tab containing few fields and two Buttons(AddTab, Delete Tab), 1) My problem is when ever i click on 'Add Tab' button, a new tab should get added to the existing tabs with the same fields as main tab. 2) When ever i c

  • AS console hangs when trying export business rules

    Hi, when i try to export business rules from administration services console it hangs and task manager shows admincon.exe 100% cpu usage. Need help. Thanks, Timur