QOS & Switch & AP & WLC Configuration

Similar Messages

• Understanding Flexconnect - Local vs Central Switching, and WLC failover scenario ??

  Hello Experts
  We have one WLC 5508 in Building1, few 2700 Series AP in Building1, and one 1252AG in Building2. The LAN subnet is same for both Buildings connected via a dark fiber.
  My requirement is to have Central Switching in Building1 since WLC is located locally, and Local Switching in Building2 to avoid inter-building traffic, for both Buildings we already one VLAN/IP Subnet. (Both Buildings access resources from a central Datacenter which hosts all the servers.)
  Questions:
  1. Is the above scenario possible using single SSID ? My understanding is that one WLAN+SSID can't have both Local and Central switching enabled.
  2. In Flexconnect Central Switching mode, during WLC failure, does the switching change to Local switching automatically ?
  3. When I choose Local Switching for a specific WLAN, does it Locally switch always , or does it Locally switch only when WLC is down ?
  4. We want to use Microsoft PEAP using AD User Authentication. When Local Authentication is enabled on WLC, I understand that when WLC fails (and RADIUS Server is still reachable), can we still have the AP directly contact RADIUS server as a direct client and provide 802.1X Microsoft PEAP authentication. Guess this is Primary Backup Radius Server configuration. Is this understanding correct ?
  Thanks.

  Hi
  The LAN subnet is same for both Buildings connected via a dark fiber.
  If this is the case there is no need of FlexConnet, as you have enough bandwidth & same L2 extended in those two buildings. Typically FlexConnect is for branch deployment where WAN link bandwidth is a concern.
  Anyway if you want to do this & here is the answer for your specific queries.
  1. Is the above scenario possible using single SSID ? My understanding is that one WLAN+SSID can't have both Local and Central switching enabled.
  You can have both local switching & central switching available for a given SSID. Only FlexConnect mode AP will do Local switching & all Local mode AP will do central switching, though both using the same SSID.
  2. In Flexconnect Central Switching mode, during WLC failure, does the switching change to Local switching automatically ?
  No, if it is central switching SSID, when WLC is not available client won't able to join this SSID. It is not fall back to Local switching.
  3. When I choose Local Switching for a specific WLAN, does it Locally switch always , or does it Locally switch only when WLC is down ?
  This is applicable only to FlexConnect mode APs & it always do local switching if that configured. If WLC is not reachable AP will go on "standalone mode" & still do local switching.
  4. We want to use Microsoft PEAP using AD User Authentication. When Local Authentication is enabled on WLC, I understand that when WLC fails (and RADIUS Server is still reachable), can we still have the AP directly contact RADIUS server as a direct client and provide 802.1X Microsoft PEAP authentication. Guess this is Primary Backup Radius Server configuration. Is this understanding correct ?
  Yes, when this option configured & WLC is not reachable (but RADIUS is reachable) then AP will act as Authenticator & pass radius messages to Auth Server directly.
  This is a very good Ciscolive presentation you should see as it describe lots of these features & which WLC codes they introduced.
  BRKEWN-2016 - Architecting Network for Branch Offices with Cisco Unified Wireless
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Dynamic switch of component configuration

  Hello all,
  In my webdynpro application i select a list of addresses. Dependent on selected address i would like to show an address with predefined component configuration.
  Selection of addresses and show of an address are implemented in two components but in one application. I have definied configurations for each adress type.
  Is it possible to switch the component configuration at runtime?
  Or i must create two applications and after selection of an address start the second application with an application configuration?
  Thanks
  Regards
  Paul

  hi
  good
  go through this link
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b0446f5c-fcb9-2910-e082-88becbe3ddc9
  thanks
  mrutyun^

• Wireless Design - WLC Configuration

  Soon to be working on a design for a Wireless installation across one of our buildings. The wireless survery has been completed, and we'll be installing 175 APs, across the 3 floors of the
  building.
  With regards to the back-end WLC setup, I have a few queries around the WLC configuration. We're looking at implementing the 4400 series of devices, and due to us having nearly 200 APs, we'll need at least 2 x 4404 or 4 x 4402 - I'm assuming its simpler to have fewer devices to make management simpler.
  Also, looking at the Cisco reference material, they recommend that a 4404 can support up to 100 APs, with regards configuring the ports on the box, would I need to configure LAG across the WLC
  ports in order for it to accomodate all of the Access Points. If we were to go with a scenario of using 2 x 4404 devices, would we be in a position whereby if we lost a Controller, we'd lose
  all of the Access Points associated with that Controller? In order for us to have full resiliency, we'd need an additional 4404 controller for the APs to failover on too?
  From a licensing perspective, we'll be purchasing a licence to cover 200 APs.
  TIA

  Do you think that the phone carrier change the Android OS kernel and removed the proxy setting option before they sell it to consumers? If it's so why would they do such thing?
  As far as I'm aware, no.  Phone carriers don't care about wi-fi proxy.  They won't make any money if they do and they equally won't make money if they don't.  This "proxy" issue came straight from the developers of the Android OS themselves.  It's been highlighted since day one of the Android release.  This is why some browsers have incorporated proxy settings to their application because the Android OS developers are not interested to fix this shortfall.
  RE: iPhone and iPad users if you use Windows proxy server and intergrated Windows authentication is enabled the credential should not be prompted for user if it's already entered in their devices.
  Unfortunately, I don't have the details with me right now but I'll try to see if I still have this information when I go back to work.

• QoS roles on WLC, Per user or per conection?

  Hi guys.
  This morning I`m talking with my colleages about QoS roles on WLC and their behaviour, then a question has arisen me, because I know when I apply a QoS role or QoS profile it is a per-user role. Ok said my colleage, but What is the behaviour when several devices are using the same user with a QoS role applied?
  Good question, I always assumed that this QoS role applies to every different connection managing it like a new user connection, that is, every new connection with the same user (if the QoS role is, for example, 256k for this user) will have a bandwitdh of 256k, but now I'm not sure if the WLC manages every connection at this way or divide the bandwitdh defined for that used into as many parts as connection have with this user ( for ten connections, for example, 25,6k).
  Anyone can tell me how is the behaviour of the WLC in this scenario???
  Thanks in advanced.
  Best Regards.

  My2c.
  If you apply the values on QoS profile instead of User profile then it is applicable to users connected to that WLAN mapped QoS profile. This way total no. of users will divide the available bandwidth. However, user with p2p application might consume all available bandwidth.

• Guest wireless WLC configuration doubts

  Hi Experts,
  I have one WLC which is configured as a Foreign controller and other is configured with Anchor which is connected in DMZ ( behind firewall ) ...
  I have one more Anchor controller which is physically connected to other remote office ...
  As of now ,All guest clients are connecting to remote site anchor controller which is suppose to connecte locally configured anchor controller.
  Can anybody suggest me ... what configuration or settings i need to look into so that guest clients can be connected to locally configured Anchor controller.
  Please suggest me ....

  So you want the remote Anchor controller to be treated as a backup. Right ?
  In my knowledge, that's not possible to use only one anchor controller at one time. since we have to enter the Anchor controller details in the foreign controller. So if we enter both the Anchor controllers in the Foreign controller they will start load balancing.
  Other process is - make a manual entry in the Foreign controller at the time of primary anchor controller failure so that the traffic start moving to remote anchor controller. This is a work around.
  Otherwise I don't know if there are any settings which can be done at the Primary Anchor controller to switch to backup controller in the event of failure.

• QoS EOIO - How to Configure in JMS adapter?

  Hi there,
  In order to configure the JMS sender-adapter with EOIO QoS, I need to provide 2 "extra" parameters. These are
  1)Queue ID
  2)Processing J2EE Cluster Server (ClusterID)
  So far I was able to find out the name of the ClusterId in our system but for the Queue ID I still have some doubts.
  From the XI documentation I understand that for QoS EOIO , all messages share the same queue. They also say; <i>The "suffix" of this queue must be explicitly set in the application program by a <u>serialization context</u> before the client proxy is called.</i> What exactly is <i>serialization-context</i> in this context?
  Can someone provide me with a clear explanation which steps I need to follow in order to use the functionality of QoS EOIO? And if possible some example of the name of an EOIO queue?
  Thanks,
  R.

  Hi Roberto,
  For queue ID, you can specify any arbitrary queue ID for example, POQueue1, jayqueue or salesorder...
  It can be anything you want and no additional configuration is needed.  Just specify any name you like to use for queue ID and you are all set.
  Thanks,
  Jay

• Upstream bandwidth QoS profile 5508 WLC

  Hello,
  Is it possible, through a QoS profile, to control how much bandwidth a user gets to use for upstream traffic?  I can easily set limits for downstream traffic, via the per user bandwidth contracts, but it is not obvious to me on how to control upstream traffic.
  Any and all info is appreciated!
  Thanks 

  upstream traffic needs to be defined at L3, via your QoS settings. As you've said, the profile on the WLC is downstream only.
  HTH,
  Steve
  Sent from Cisco Technical Support iPad App

• Prime 1.3 can't updates switches and wlc

  Hello.
  I have Prime 1.3, two WLC 5508 and 8 switches 2960s
  I try update my devices through Prime, but I can't.
  When I start "Upgrade Analysis" and select switche (Catalyst WS-C2960S-24PS-L) and image (c2960s-universalk9-mz.150-2.SE2.bin) then click to "Run report"
  Prime shows me that "Image not Applicable for this Device"
  I try different images, but it does not help.
  And with WLC 5508 the same trouble.
  Maybee anybody know why Prime can't do right analysis and updates devices?

  I am having this same issue with Prime 1.3.  I can't deploy software to my 2504 or 5508 controllers.  I get the "Image not Applicable for this Device" message and it tells me there is "No Flash" when I try to deploy to individual devices.  I can manually load the exact same file to those controllers via a TFTP server and they upgrade just fine.  Help from cisco would be great on this.

• WLC configuration for EAP-TLS

  Hi,
  I am tring to set up a Cisco WLC 2006 with EAP-TLS + WPA.
  Everytime I try to log in to the network my wireless card gives a message saying " validating user", but nothing else happens.
  I cannot find any manual for configuring this. Can anyone perhaps assist?
  Regards
  Dean

  More details would be helpful:
  What RADIUS server are you using, what CA are you using, where (what VLAN) they located, which port of the WLC are you connected to (RADIUS/CA)?
  Are you using the Vendor's client software or MS wireless zero config? Which version? or Linux? Which distribution/version?
  Having this info will be a good start ...
  Let us know
  Scott

• "vlan dot1q tag native" end-to-end QoS switched network

  Guys,
  Can I use this in my switched network design, (without using 802.1q tunneling as documentation always seems to mention this vlan in a vlan scenario???)
  I have native vlans and I want to act upon the 802.1p CoS field from end-to-end in my switched network. If the packet happens to be in a native vlan, I cannot do this.
  ie
  pc------accessswitch--------distswitch/rtr
  between access and distribution, there is a dot1q trunk, and the native vlan is the vlan what the pc is in
  Choices.
  run this comand vlan dot1q tag native
  dont have a native vlan, ie have vlan 1 (default as native) on the dot1q up to the dist
  or act only upon L3 dscp
  Can anyone help?
  Many thx,
  Ken

  Hi there,
  Many thx for that. This I understand and the question was really, if I wanted to use a dot1p tag in the dot1q header, but the vlan that the PC was on was the same vlan as the native vlan on the dot1q trunk, what is the best option to ensure I can action qos.
  Just trust dscp on the trunks always
  tag the native,
  or just dont run a native vlan
  I hope this makes sense. Sorry if I was a little confusing b4.
  Thx
  Ken

• WLC configuration Backup with WCS

  Hi,
  What kind of backup is done with the configuration Backup Task in the WCS Administration.
  Is this a backup of the actual running config on the WLC or is it the saved (startup) config on the controller?
  Is there a way to view/edit a configuration backup from the controller?
  Can I create a task on the WCS to do a cyclic/automatic save configuration to flash?
  Regards Christian

  the configuration backup is for the controllers
  and the files live wherever you specified the tftp server location on install of WCS.
  The WLC backup is the running config from when the backup was completed.
  go to your tftproot directory to view the config
  If you are running a rev that outputs in xml format AND you are not encrypting it on the WLC.
  I would not try editing the file. The hash will be altered and the config backup file will be useless.
  You want WCS to be able to run the command 'save config' on each controller? How handy are you with tcl scripting?

• Add Cisco Switch into a configuration

  I have a Dell 6248 switch with three VLANS defined (1,2,10).
  I need to expand VLAN 10 (need more ports) on the Dell Switch.
  I have downloaded the Cisco CNA.
  In the attached screen of the CNA, am I on the correct display to create a new VLAN 10 ?
  What is the best way to connect the Dell Switch to the Cisco?  
  thanks

  Yes, so far 21-24 are in VLAN 10, but I will need to set a few more .
  This is bit more complicated.
  What I am looking at an old test and dev virtual infrastructure configuration that was set up with a 1GB Linksys Switch and a Dell 6248 Switch.
  The reason given for the Linksys in the config is it was the only 1GB switch available at the time when the SAN had to be installed and there were no more available ports on the 6248. Running Dell Dpack reports show latency issues when migrating from an EqualLogic Volume to a MD3200 volume and from the MD3200 to Md3200 volumes (on the order of 30-45 minutes for a 20GB VM). Migrating from EqualLogic volumes to EqualLogic volumes is in seconds.
  I think the Linksys is the issue as does our Dell reps. We are looking at replacing the Linksys with a Cisco or another L2/L3.
  SAN traffic is isolated to VLAN 10 on the Dell Switch. I want to set up a VLAN 10 on the Cisco switch and then want to connect the Md3200 to the Cisco which will be connected to VLAN 10 on the Dell Switch for access to an EqualLogic SAN.  I am not sure what will be involved.
  Is it as simple as what you are saying,, I config the VLAN10 on the Cisco switch and connect a port from the Cisco to VLAN 10 on the Dell Switch.. .
  I have a diagram attached,,,it needs some updates but it is close to the config.

• WLC: Configuring Global Credentials for Access Points

  Hi,
  I have an WLC 4404 running Software Version 5.0.148.0 with 40 LWAPPs (1242AG, some 1231G). I want to configure global credentials for the LWAPPs. The configuration guide did not mention, if I have to reboot the LWAPPs after setting the credentials.
  So, could I set this option during operation time? Thanks a lot for your help.
  Regards
  Simon

  Hi,
  Configuring the "Override global credentials" option in the GUI does not reboot the AP. It can be done in a production environment, just did it on one of my 1252s to test.
  Hope it helps.
  Jerome

• CPI1.3: WLC Configuration Archive - Failure

  Good day, everybody!
  I try to make Configuration Archive for Wireless Lan Controller. WLC managed without any mistaces, SNMP v3 and SSH v2 have already configured.
  But, when I start Configuration Archive task and check Status in Jobs Dashboard - I always have Failure, like this:
  Does anybody know why I can't normally save configuration? Thanks for advices!

  In the Jobs Dashboard I choose Configuration Archive Results - Failure and see Fetch Running information:
  SNMP: Failed to establish SNMP connection to 10.0.10.101 - Cause: Device is Unreachable. Check the ReadOnly community string. SNMP: Failed to establish SNMP connection to 10.0.10.101 - Cause: Device is Unreachable. Check the ReadOnly community string.
  But I don't understand, why Check the ReadOnly community string? I use SNMP v3!
  For example, I've successfully got Configuration Archive from c3560G by using same SNMP v3 and SSH parametres.
  Does anybody have ideas?