Prime Infrastructure and WLC 2504 N+1 config syncronization

I've setup 2 cisco 2504 WLC's in a N+1 configuration, before we purchased Prime Infrastructure.  Now I'm trying to syncronize the configurations between the two devices in PI.  I've setup a configuration group, and it seems using templates will keep the configuration syncronized between the two devices.  Is it possible for PI to automatically create the templates based on the current configuration of the device.  Plus with PI 2.1 it seems like I have to create a template for every section of the configuration, shouldn't there be just one large template that has all the configurations.

Yes, you should be able to discover templates from the WLC
HTH,
Steve

Similar Messages

  • Difference between cisco prime infrastructure and cisco WCS

    Can you explain me difference between cisco prime infrastructure and cisco WCS.. I'm little bit confuse...
    Thanks..

    Hi Hasan,
    In terms of features...You can say PI is more advanced version of WCS and NCS. All the stuff possible in WCS/NCS can be done on PI as well.
    But from the architecture perspective , there are differences. If I remember correctly , WCS is based on 32 bit OS while NCS and PI based on 64 bit OS. For the same reason you cannot do inline upgrade from WCS to PI via any path and will have to change the platform/Hardware itself before moving to PI. However , inline upgrade from NCS to PI is possible if we follow the correct path.
    Regards
    Dhiresh
    **Please rate helpful posts**

  • C3850 WLC enabled and WLC 2504, which one should be Primary controller.

    I have 2 designs to make a better solution, please advise me.
    I have C3850 and WLC 2504.
    1. I will use C3850 as mobility controller (MC) and mobility agent (MA) for WLC 2504. Does it work? or
    2. I will use WLC 2504 as MC and MA for C3850.
    Can I do both of design?
    Which one is better?
    Please recommend me a solution.
    Thank you in advance.

    Hi
    2504 (or any legacy WLC) itself having MC/MA & we cannot separate that role on it. You can seperate MC & MA functionality in Converged Access product platforms (3850/3650) only.
    Therefore here are the answer to your queries
    1. You can have a 3850 with MC/MA functionality. But your 2504 will be a separate controller on your mobility domain. You can allow roaming between these two systems configuring them as mobility peers. You cannot register 3850 connected APs to any other controller other than 3850 WLC itself.So you cannot use these two different system as high availability for AP.
    You need to have min 7.6.x  on your 2504 in order to configure mobility between 2504 & Converged Access system.
    Here is a reference post how you configure roaming between 5508 & Converged Access MC (5760/3850/3650)
    http://mrncciew.com/2014/05/06/configuring-new-mobility/
    2. None of the documents listed the 2504 could act as MC for 3850/3650(MA). So my understanding is you should have 5760/5508/WiSM2/8500 as MC. But you can test it & see whether 2504 could act as MC which I doubted.
    HTH
    Rasika
    **** Pls rate all useful responses ****

  • Acs 5.3 and wlc 2504 config with restricted network access

    Hello,
    i submit you the following issue that i'm actually facing:
    i must configure a secured wireless network with access restriction based on SSID. the equipements are : cisco wlc 2504 (soft 7.3) cisco secure acs aplliance 1121 (soft 5.4) .
    the users that will connect to the network are regrouped by identity groups, each identity group having it's own SSID. Clearly each group of users must access only one SSID.
    i followed the procedure below to configure it:
    -- creating user identity groups;
    -- creating users and assigning them to the groups;
    --- creating authorization profiles for each SSID under policy element/ authorization and permission/network access/authorization profiles and putting the Airespace-Wlan-Id(the SSID number) in the radius tab.
    --- assigning the authorization profiles to the identity groups under access policies.
    after all these config the users can access the network using there userid/password configured. But the problem is Every user can access every SSID, seems like the restriction is so not very well configured.
    i found some documentation on this kind of config but the version of ACS used seems older than the one that i use, so menu are very different.
    Please can someone provide with the right steps to follow to achieve this kind of config.
    tkx in advance

    Yes.. you only have to add the end filter like what I posted... as far as the calling station id in the WLC security tab, it doesn't matter because that is not used when using 802.1x.  I would also try to not enable everything that you have just to start from the basic and make sure it works first.  The WAP Authentication Method might or might not work for you.  Uncheck that for now and when you have a successful authentication, look at the monitor log and see what radius attributes are being sent, because those attributes is what you can use to build your policies.
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • Prime Infrastructure 2.0 - Alert on Switch Config Change

    We are in the process of testing out Prime Infrastructure 2.0, is there a way to get an alert when a device's configuration has changed, and send out what has changed in email? I have scheduled Config Archiving for all of my devices, and i can see the config differences when a changes is made in the Prime GUI, but we currently use Kiwi CatTools to send out emails that show what devices had configuration changes and what those changes were, it would be nice if Prime would do that so we could do away with that service. I have looked through all of the reports but do not see anything.

    Hi,
    I know this feature is there is LMS ,where you can configure the AUTOMATED Action based on Syslogs to get an Alert for config change or any other changes ,however I do not see this option available in PI  2.0.
    Syslogs are not compltely supported in 2.0 but in PI 2.1 we should have the complete support for syslogs.
    Thanks-
    Afroz
    [Do rate the useful post]

  • Prime, MSE and WLC NMSP Status

    I have a 5508 WLC and have loaded a demo of Prime 2.1 and MSE 8.0.
    The NMSP status is showing as inactive in Prime and MSE and therefore the clients are not showing on the map I have loaded.
    Any ideas?

    MSE doesn't sync with WLC when added with PI 2.1.1
    CSCup93101
    Description
    Symptom:
    NMSP is not active between MSE and WLC when added using PI 2.1.1.
    Conditions:
    This applies to only MSE added Prime Infrastructure after upgrade to 2.1.1 on Prime Infrastructure.
    If the MSE was already added to Prime Infrastructure in 2.1 or previous releases, and then upgrade to PI 2.1.1 was performed customers will not run into the NMSP problem between MSE and WLC after the PI upgrade to PI 2.1.1.
    Workaround:
    Push a template (Templates > Features and Technologies > Controller > Security > AAA > AP or MSE Authorization) with MSE MAC address and key hash.
    Please contact Cisco TAC for a patch.
    Last Modified:
    Dec 11,2014
    Status:
    Fixed
    Severity:
    2 Severe
    Product:
    Network Level Service
    Known Affected Releases:
    (1)
    2.1(1)

  • Cisco Prime Infrastructure and no new events / alarms since update to 2.2.1

    Hello,
    I have upgraded our Cisco Prime Infrastructure from version 2.1 to 2.2.1 (with a backup and restore). We have round about 700 APs and three 5208 Controller. So far everything seems to work really fine. The only problem is that there are no new alarms/events under "Monitor", "Alarms and Events".
    The last entries (events and alarms) are dated before the upgrade. Other informations (like client counts for example) are correct.
    Is there a known bug related to my problem? Can anybody help?
    Thanks

    I have done some research:
    I see the following problems in the log-package (downloaded from Prime):
    ===
    <msg time='2015-04-07T12:10:50.620+02:00' org_id='oracle' comp_id='rdbms'
     client_id='' type='UNKNOWN' level='16'
     host_id='rzprime' host_addr='xxx.xxx.xxx.xxx' module='JDBC Thin Client'
     pid='9499'>
     <txt>ORA-1652: unable to extend temp segment by 128 in tablespace                 TS_EVENTS 
     </txt>
    </msg>
    <msg time='2015-04-07T12:10:50.727+02:00' org_id='oracle' comp_id='rdbms'
     client_id='' type='UNKNOWN' level='16'
     host_id='rzprime' host_addr='xxx.xxx.xxx.xxx' module='JDBC Thin Client'
     pid='15177'>
     <txt>ORA-1652: unable to extend temp segment by 128 in tablespace                 TS_EVENTS 
     </txt>
    </msg>
    ===
    I think that there is a problem with a too small tablespace. But I can´t fix that. Anybody? ;)

  • Savant and WLC 2504

    The customer have 1x WLC 2504 and 7x AP 3502i.
    He are installing a automation system called Savant, this system use the Bonjour protocol to discovery the services on the network.
    I've configured the multicast group on controller and switch (SG300) with IP 239.xxx.xxx.xxx, but the Savant (on iPad) don't finds the service.
    Somebody has gone through a similar scenario?
    I've used this document: http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_tech_note09186a0080bb1d7c.shtml
    PS: The customer haven't VLAN
    Best regards.

    #Disable mdns/bonjour on wlc. place the WLC Management and AP vlan on same subnet. keep the savant server and iphone on same wlan and try.
    #WLC 2500 supports only Multicast to Multicast for AP mode, be sure that wired side Multicast is configured properly and working.
    #Try with any standard app to verify bonjour and AP mode multicast works.
    #it is possible there may be any specific string that require to be added onto bonjour profile for savant to work. do debug mdns all enable and see what is missing.
    it is suggested to open TAC case for troubleshooting.

  • Cisco Prime Infrastructure and VMWare Question

        We currently do not have any VMWare configurations. Do we need to have an existing VM server to deploy the virtual appliance. I have been told it comes with an instance that I can deploy. We have a server that is new and beefy with plenty of RAM and Xeon 6 core running windows server 2008 R2. I have deployed VMware in the past. I just want the community input - Talking about Prime Infrastructure 1.1 virtual appliance.
    Thanks              

    The virtual appliance needs to have a VMware hpervisor. You can use ESXi as a bare metal hypervisor.

  • WLC 2112 and WLC 2504

    This might be a really stupid question but I need to ask just so that I get a definitive answer. I have a customer that is using a WLC 2112 and has maxed out the licenses for the WLC. I have suggested for him to purchase a 2504 with 30 or 40 licenses to replace the existing 2112. He doesn't want to purchase 30 to 40 licenses and doesn't want to remove the 2112 from the network environment. He would rather purchase a WLC 2504 with 15 licenses and just add that into the network.
    My question is, will there be a problem running a 2504 and a 2112 on the same network? Or can I just make one a primary and one a secondary?

    That should be fine. Just make sure the WLCs are running the same code version and everything should work fine. This is required for APs failover from one WLC to another. You don't want the APs upgrading or downgrading code versions every time the ap moves from the primary to the secondary WLC.
    Sent from Cisco Technical Support iPhone App

  • Prime Infrastructure and C2948G-GE-TX switches?

    I'm trying out Prime Infrastructure, but can't get the SSH to work with our C2948G-GE-TX switches.  The SNMP works, but when the correct SSH credentials are entered for Password and Enable, I get "Wrong CLI Credentials" when attempting to sync.  I can SSH with Putty to the switches just fine.  We have 12 of these switches, and all behave the same way.  Doing a "show version" on the switch gives this:
    WS-C2948G-GE-TX Software, Version NmpSW: 8.4(11)GLX
    Copyright (c) 1995-2006 by Cisco Systems, Inc.
    NMP S/W compiled on Apr 27 2006, 12:46:44
    GSP S/W compiled on Apr 27 2006, 11:47:52
    System Bootstrap Version: 6.1(6)
    Any suggestions for troubleshooting?

    If I remembered correctly, PI will no longer support Catalyst OS.

  • Difference between Cisco Prime Infrastructure and Cisco Prime NCS

    Dear All,
    I am currenctly confused in choosing what type of Cisco Prime.
    1.Which one should I choose? should I order Cisco Prime NCS or directly purchase Cisco Prime Infrastructure (since Cisco Prime Infrastructure has the feature of NCS)?
    2, Why does Cisco not just  remove the Cisco Prime NCS ordering Part Number since Cisco Prime Infrastructure already cover the NCS?
    Please advice me

    Hortono,
    I started to write a long and lengthy msg about my experience with this, but instead, let me direct you to the horses mouth.  There have been weekly webinars in regards to Cisco Prime (many differnt products under this headline) including Infrastructure.  I believe the Cisco PI is actually scheduled for Thursdays, so hopefully you'll look at this in time to catch it and ask your questions from the gurus.
    https://ciscosales.webex.com/ciscosales/j.php?J=200462944&PW=NMzhhNjM5OGU3
    Looks like this may be the last week, catch it if you can.

  • Cisco Prime Infrastructure and VLAN fetch

    I have about a dozen systems which are showing up under the Archive Failed Devices section of Device Work Center -> Configuration Archives.  The reason is Fetch VLAN configuration - Command failed.  All of the affected devices have something in common in that they are all managed by hitting a publicly routable IP address outside of the network on which the NCS server lives (NCS IP is 172.19.40.51).  To the devices, NCS looks like it is coming from an publicly routable IP address (because it is NAT'd by the firewall).  I suspected that the issue was that NCS was trying to TFTP the VLAN.dat file to the NCS server but that it was trying to send it to 172.19.40.51 instead of the NAT address.  I turned on debugs on one of the affected devices and sure enough I see that the device is trying to TFTP something to 172.19.40.51.  Of course that will never work.  I can find no way within the Admin UI of Cisco Prime to change this behavior such that NCS will try to collect the VLAN.dat file in some other way or use the NAT'd IP address for the copy attempt.
    Is there a way to get it to use something other than TFTP?  Is there some way to turn this off entirely so that it doesn't show up in the Archive Failed Devices section?  Prime seems to be able to parse the VLANs by way of the configuration file (since we use transparent mode throughout) so it seems like an extra step I don't need.

    Marvin,
    This is where everything goes off the rails for me when it comes to understanding Prime Infrastruction, Prime LMS and everything that you're talking about.  Refer to this link:  http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-lan-management-solution/data_sheet_c78-697479.html
    How should I interpret this?:
    "Cisco Prime Infrastructure 1.1 bundles campus switch, branch, core routing, and wireless LAN management into a single, easy-to-order solution that enables businesses and enterprises unparalleled operational efficiencies and investment protection. The bundle consists of:
    ● Cisco Prime LAN Management Solution, which delivers simplified management of Cisco® Borderless Networks and reduces operations costs by aligning network management functionality the way network operators do their jobs
    ● Cisco Prime Network Control System, which provides complete wireless LAN management with converged user and access management, and integrated lifecycle management of branch routers
    For more information about Cisco Prime Infrastructure, please visit http://www.cisco.com/go/primeinfrastructure."
    Am I wrong to assume that the first bullet point, which states "Cisco Prime LAN Management Solution" is referring to Prime LMS 4.2?
    Thanks,
    Steven

  • Migrated to Prime infrastructure and now the login on the server doesn't work

    We have recently migrated from WCS 7.0.230.0 to Prime Infrastructure 1.3.0.20 and now there is a problem with logging in to our accounts. The problem can be broken down into two parts:
    1. We can't logg in using radius (this is still working if we use the WCS or other applications using the same rule)
    2. Unless we delete and recreate our accounts we can't even logg in locally
    We have re-entered the radiusservers (they disappeared during the migration)
    We have tried changing authentication form from pap to chap (in both ends) and then back again
    Our radius servers are running Win2k8 R2
    Any suggestions on how to solve this? We really need to get the domain-loggin working

    mmm, i would say make sure that you have the attributes related to virtual domain appended to the list.
    If you have already done that ,
    may be you need to try the following:
    Step 1)
    Open https://NCSIPADDRESS/webacs/dbUpdateAction.do
    With root username and password
    Step 2)
    Execute the Query as below
    Query (1)
    update WCSDBA.WCSPREFERENCE
    set value='ROOT-DOMAIN'
    where key ='defaultPartition' and username='a_user'
    note-
    username should be changed to whichever user is facing issues while logging in
    Query (2)
    commit work;
    or to remove all entries in WCSDBA.WCSPREFERENCE except for SYSTEM, root or ALL_USERS:
    delete from wcsdba.wcspreference where username <> '[SYSTEM]' and username <> 'root' and username <> 'ALL_USERS';
    commit work;
    Step 3)
    Restart NCS after the commit changes and try logging back with 'a_user'
    Please make sure to rate correct answers

  • Cisco Prime Infrastructure and VMware 5.5 Cluster

    Hi ,
    We Installed Cisco Prime Infrastructure 2.2 on VMware 5.5 in Cluster Environment. When we disable the HA Admission Control Policy VM Start without error. If We enable the Admission Control We are getting Insufficient Resource available for HA.
    Any idea.
    Thanks

    Hi 
    can you copy & paste exact error what you're getting here?
    - Ashok
    Please rate the post or mark as correct answer as it will help others looking for similar information

Maybe you are looking for