Same SSID At A Site Without A Controller?

Similar Messages

• I want to use the same SSID in two sites (central y remote)

  I have several AP in H-REAP mode, one of them is in a remote location anthe other are in the central location. I want to use the same SSID in both locations with differents VLANS.
  In the central site, i have 3 WLANS (SSID) whit 3 different VLAN  eachother. I put the local swicthing in one SSID that I want to use in the remote site. In the remote location the users can authenticate and everything works fine but in the central location that SSID doesnt work, the user in the central location can not authenticate.
  It seems that i can not use the same WLAN (SSID) and use it en both locations checking the local switching.
  What can i do?
  Many thanks for your help

  Look I have 2 two VLANs Interfaces (vlan 252 & Vlan253) created on WLC, beside the management VLAN (ID 254), and there are 8 AP´s installed at the central location, each AP has been connected to my CORE Switch through switch ports mode Access vlan 254.
  th aeuthentitcation i have been used is "LOCAL: WPA-WPA2-PSK" in both locations (Central and remote). In the remote sites, tha AP is connected to a cisco switch through switch port mode trunk, and I use VLAN 251. When the local switching  feature is activeted on WLC, I can map the VLAN 251 (in te remote site) to the SSID I am using inthe central site and everything works fine but in the central locations the user can associste to he AP but they can not receive IP from the appropiate VLAN.
  I don t know what parameter have to change....
  Can you helpme?

• The same SSID used at 3 sites and the same vlan for client IP assignment?

  we are deploying 5508 controller and LW APs for wireless IP phone 7925G
  Controller is installed at site A and there are APs and wireless phones at site B and C as well.
  1. can I use the same SSID for all three sites for wireless phones? or have to use 3 distinct SSIDs?
  2. If I can use the same SSID, can I associate one subnet e.g 10.10.131.0/24 for wireless IP phones at 3 sites? (our Cisco UCM is fine with this)
  3. if I have use 3 distinct SSIDs, do I have to assign three subnets for IP phones at three sites?
  thanks for the help!
  Eric

  yes.. this is done by HREAP mode.. the below link will help you out!!
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml
  That is, by default the WLAN will get pushed to all APs.. so if you have a single wlan then this will broadcast the SSID and the remotre site clients will connect to it..
  Lemme know if this answered your question!!
  Regards
  Surendra

• Same SSID both on Local and FlexConnect sites

  Hi guys,
  I need to deploy identical SSID name and Security mechanism (802.1x with PEAP) on both on Local-mode and FlexConnect APs.
  First question would be: if I enable FlexConnect Local Switching on an "in production" SSID used on Local-mode APs would this generate any issues?
  Based on the answer receive what are your recommendations to accommodate this request: deploy identical SSID name and Security mechanism (802.1x with PEAP) on both on Local-mode and FlexConnect APs.

  When creating a WLAN with the same SSID,
  follow these guidelines and requirements:
  You must create a unique profile name for each WLAN.
  When multiple WLANs with the same SSID get assigned to the same AP radio, you must have a
  unique Layer 2 security policy so that clients can safely select between them.
  WLANs with the same SSID must have unique Layer 2 security policies so that clients can make a
  WLAN selection based on information advertised in
  beacon and probe responses. The available Layer 2
  security policies are as follows:
  None (open WLAN)
  Static WEP or 802.1X
  Note
  Because static WEP and 802.1X are both advertised by the same bit in beacon and probe
  responses, they cannot be differ
  entiated by clients. Therefore,
  they cannot both be used by
  multiple WLANs with the same SSID.
  CKIP
  WPA/WPA2
  Note
  Although WPA and WPA2 cannot be used by mul
  tiple WLANs with the same SSID, you can
  configure two WLANs with the same SSID with WPA/TKIP with PSK and WPA (Wi-Fi
  Protected Access) /TKIP (Temporal Key Integrity Protocol) with 802.1X, respectively, or
  with WPA/TKIP with 802.1X or WPA/AES with 802.1X, respectively.

• Need to setup AP's with the same SSID

  We are looking to purchase two Acess Points for our new building.  Currently at our old facility we have two lower end AP's with two different SSID's.  Users just manaully switch between the two.  I'd like to know how difficult it would be to set things up so users wouldn't have to manually switch as they traveled through the building.
  I have been looking at Cisco AP below and was wondering if it had the capability to do this.  Is there any other hardware or software required to set something like this up.
  Just to clarify I only need two AP's and want things transperent to my users.  I want them to be able to walk from area covered by AP1 and to another area covered by AP2 and not loose any connection.  Also want this to be automatic so the users do not have to do anything to switch things over.
  Any info anyone can provide to help me out would be greatly appreceated.  Thanks in advance.
  Cisco Aironet 1140 AIR-LAP1141N-A-K9 Wireless Access Point

  Note that the part number you gave (AIR-LAP1141N-A-K9) requires a controller to operate.  That is because the OS on it is a lightweight image.  If you already have the APs, they can be converted to autonomous mode per the instructions at http://www.cisco.com/en/US/docs/wireless/access_point/conversion/lwapp/upgrade/guide/lwapnote.html#wp161272.  If you haven't yet ordered them, use AIR-AP1141N-A-K9.  (Or,use 1142 if you want both the 2.4GHz and 5GHz radios.)
  And, yes, if you configure both APs with the same SSID and the same encryption/authentication, clients will be able to connect to both without changing their parameters.  Whether or not they roam properly is dependent on how close the APs are to one another and how well the individual clients roam.

• Same SSID, different vlans

  I currently have a 4402 in place, with my main office building working fine.
  We are looking at bringing in the wireless at 4 other sites, but we want to use the same SSID.
  How would I go about assigning different vlans (networks) to the same SSID.

  You can use the "AAA Override" feature on controller. You need to have different dynamic interfaces for different vlans configured on the controller. After sucessful authentication, radius server could pass the dynamic interface information to the controller and controller can put users to different vlans according to the feedback from radius server:
  http://www.cisco.com/univercd/cc/td/doc/product/wireless/control/c44/ccfig40/c40sol.htm#wp1086421
  Zhenning

• Multiple Cisco Aironet 1131AG access points and same SSID?

  We have multiple Cisco Aironet 1131AG devices, all wired on one Cisco L2 switch(2560)  who is connected to L3 switch (3550). We assigned one VLAN for access point in L3 switch who acts as vtp server (L2 switch is vtp client). All ap's will have static ip address and all will have same SSID and no security and they will be using multiple channels (ex. 1,6,11).  They will operate in 3 floor building for roaming wireless client. We won't using any wireless controller.
  So my question is this: How to configure APs-all the same with different ip's, can we use L3 switch to create dhcp server for access points VLAN (pool for clients, and the rest for static ip for ap's)? Can one of the ap's be WDS and in the same time local radius server with users without Cisco Secure ACS or similar controller or I didn't understand this quite well :-). I followed guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32roamg.html for WDS where the part abou Cisco ACS is a problem, so I can use same ap as Local Authenticator as in guide  http://www.cisco.com/en/US/docs/wireless/access_point/12.3_4_JA/configuration/guide/s34local.html#wp1035723.
  Many thanks...

  Well, just so you know, WDS and local RADIUS authentication is only needed if you're using authentication on your wireless connection.  You say you're not planning to use security, so this isn't necessary.  However, I'd highly recommend at least using a simple WPA2-PSK to lock down your connection, otherwise you might end up giving free Internet access at best, and at worst you might be giving access to company PCs and servers.  If you want to further use an 802.1x or WPA authentication method, then yes, you can use an AP as a RADIUS server and WDS to improve authenticated roaming, but this is far more limited than using a Cisco ACS.
  As for your other questions, yes, your APs can all be configured the same except for at least three parameters: IP address, channel, and hostname.  Configure your static IP addresses on the AP's BVI1 interface.  Don't place it on the Radio or Ethernet interfaces, because if either of these interfaces goes down you'll lose the ability to configure the AP, so it's best to use the BVI1 interface.
  And yes, configuring a DHCP scope for your clients on your L3 switch is a good design, or you could also use your DHCP server on a different subnet by using the ip helper-address command on the L3 interface.  I hope this helps!  Let me know if you need help configuring any of this.
  Merry Christmas!
  Jeff

• Access points same SSID, Radius, Help plz

  Greetings, 
  I need help and advice please configuring the following scenario...
  3 floors building, 2 AP on first floor, 1 on second floor, 1 on 3rd floor.
  i want them all to share same SSID, for user roaming around the building without being disconnected and reconnected to another AP
  currently working on window servers 2012.
  trying to read about Radius server implementation, but the thing is, i also need guests in the building to have access via their cellphones or personal computers sometimes, when told so ( non domain users)
  Can someone plz point me to a solution ? how to get domain users access ? how to have random guests access the AP internet access
  thanks

  Can u enlighten me plz on what the wireless controller task is here exactly ? i have 3 hp 2920-24G switches on all floor, and from the datasheet, supposedly it supports IEEE
  802.1X, can it be used as a wireless controller if configured properly ? also have a fortigate 60D router but only support fortinet AP for management.

• What is polipo and how do i get it? My tor access will not pull up any sites without it.

  What is polipo and how do i get it? My tor access will not pull up any sites without it.
  == This happened ==
  Just once or twice
  == tried to load any site: yahoo, gmail, etc.

  Thanks for the response Steve. I can create a .flv file, I can create an .avi file and I can burn to a file. However, using Premiere, when I drop that .avi into the new timeline and try to burn it to disk, I get the same message" operating system error: number 0x000004c8- The requested operation cannot be performed on a file with a usermap". It would be good to be able to burn from Premiere Elements but I cannot seem to. However, as you suggested, I have a work around.
  I've done some research and it seems usermap is connected to Windows 7 permissions and I have had a problem in PE9 accessing files and getting a permissions error. Don't know if this is a PE9 conflict or just a W7 issue. If you have any thoughts, I'd appreciate them.  If I find anything further I'll post it here.
  Cheers

• Centrally Switched and Flex Local Switched WLAN - same SSID

  Hi All
  I am currently working on a WLAN migration from lightweight to autonomous and would like advice on whether the following scenario is possible.
  We've deployed an 8500HA pair at the customer's central HQ with the plan that SSIDs at the central HQ will centrally switch with SSIDs at branch sites locally switching.  AP and Flex groups have been configured for the HQ and branch sites.  There is a legacy SSID at HQ that will need to break out locally so a flex group is required for HQ.
  My original plan was to do this with one WLAN Profile per SSID, configured to locally switch.  The HQ AP group will map WLAN to the relevant IP interface with the SSID omitted from the HQ Flex Group so that the SSID will centrally switch.  The branch AP groups will be configured with the SSIDs required for branch and Flex groups will be configured to break out the SSIDs  into the relevant local VLAN.
  My question is, is it possible for an SSID to be configured as locally switched for branches but also centrally switched for HQ, by configuring it in the HQ AP Group but omitting it from the HQ Flex group?
  Configured as above a client debug gives the below which seems to suggest that it isn't possible, unless I've configured something incorrectly...
  *apfMsConnTask_5: Oct 03 15:48:51.012: c0:18:85:48:c0:5d Central switch is FALSE
  My alternative option is to create a second WLAN profile for each SSID with the same SSID name but centrally switched and then apply that accordingly in the AP groups.
  If someone can verify the above I'd be very grateful.
  Many thanks in advance
  Mark

  Hi Mark
  My question is, is it possible for an SSID to be configured as locally switched for branches but also centrally switched for HQ, by configuring it in the HQ AP Group but omitting it from the HQ Flex group?
  When you configure an SSID for local switching, it is only applicable if AP in Flexconnnect mode. So as long as your HQ APs are in Local mode then all those users traffic will be central switch for the given SSID. At branch those AP are in Flex mode, they will locally switched.
  Pls do not forget to rate our responses if that is useful to you
  HTH
  Rasika

• Flex Connect Across Multiple VLANS same SSID

  I just need to find that if we have flex connect setup for differnet vlans using single controller, will roaming works when client connects to AP in a differnet VLAN but using same SSID.
  Example below:
  1) Client connects to AP on specific SSID mapped to VLAN 100, get an IP address ..all good at this point
  2) Client walks and connects to a differnet AP on same SSID but mapped to VLAN 200...at this point I observe client doesnt get a new IP address in fact it retain IP from step-1 and there is no connectivity
  3) Client walks back to first AP and connectivity is restored
  Why in step-2 client doesnt gets a new IP from VLAN 200 even when it shows connected to AP.

  Just to add to Rasika.... L3 isn't supported....I just ran into this a few days ago.... clients should request another dhcp when roaming to another FlexConnect AP that is mapped to a different VLAN.  The issue is, that some clients don't try to renew their dhcp address and gets stuck with the default 169.x.x.x.  I see this with Apple devices in general and what we are going to do is get rid of the multiple vlan setup (vlan per floor) and create a bigger vlan that the SSID will be mapped to.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• How can I publish a new site without republishing all previous sites?

  I use iweb for publishing pages of photos on different jobs that I do. However every different job requires a new site and I cannot put up a new site without republishing all my previous sites. This obviously takes a very long time of unneccesary republishing. Is there a way round this?

  The reason this is happening is because all of your sites are saved into the same iWeb Domain file. To truly make each of your sites separate and be able to edit and publish them completely independently, you will have to put each site into a separate Domain file. For exisiting sites, you can find instructions on separating your sites into different Domain files from Apnewbie here...
  http://web.mac.com/mark8heaton/iWeb/DomainSeparation/
  Going forward for new sites and for your multiple domain files, you might find it easiest to use an application called iWebSites that will help you make and manage multiple Domain files...
  http://mistergregg.com/cocoadrillosoftware/
  Let us know if you have any questions about the process.

• Sepper motor control WITHOUT motion controller

  Hello
  I am attempting to control two stepper motors in a blened motion move. I can currently drive one of the motors seperately and also change direction and speed.
  I know there are motion controllers that can be used but they are unavailable to me as I am in college. (PLEASE NO ONE SUGGEST MOTION CONTROLLERS)
  I know it maybe difficult but that is the way I have to do it. My plan is to use the motors in conjuction with a camera which acquires an image and I want the motors to follow the outline of what ever is in the image. The project is very similar to a X-Y Plotter except I will not be plotting anything, I just want the motors to move.
  Thank you
  Bye 

  Hello
  I am using Labview 2010 with two RS stepper motors and I want to move them at the same time. There will be no circular motions just straight lines. The cooridinates that are to be supplied to the motors are acquired from an image processing VI. I am taking an image of a line which always leads to the centre of the screen. My plan is to have the motors follow that line.
  I have included a VI that I am working on, it includes the image capture part of the program and then the co-ordinates for the motors to follow. These co-ordinates are designed to be used with a motion controller. I do not know how to use these co-ordinates to drive the motors without a controller.
  Bye
  Attachments:
  Thres and Wand With Usb Camera.vi ‏111 KB

• Howto block p2p traffic of clients connected to the same ssid on different wlc

  Hi all,
  I use two wlc 4400 (4.2.x version) with a mobility domain and one ssid, both wlc are connected to a cisco l2 switch infrastructure. On the wlc I use the p2p blocking action 'drop' (http://www.cisco.com/en/US/docs/wireless/controller/5.2/configuration/guide/c52wlan.html#wp1209597) to isolate the clients from each other. Does anybody know if only unicast traffic is blocked or also multicast and broadcast traffic like arp requests?
  Concerning blocking p2p traffic of clients connected to the same ssid but different controllers I found the following statement in the LAP FAQs (http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item09186a00806a4da3.shtml):
  ===
  Q. In autonomous APs, Public Secure Packet Forwarding (PSPF) is used to avoid client devices associated to this AP from inadvertently sharing files with other client devices on the wireless network. Is there any equivalent feature in Lightweight APs?
  A. The feature or the mode that performs the similar function of PSPF in lightweight architecture is called peer-to-peer blocking mode. Peer-to-peer blocking mode is actually available with the controllers that manage the LAP. If this mode is disabled on the controller (which is the default setting), it allows the wireless clients to communicate with each other through the controller. If the mode is enabled, it blocks the communication between clients through the controller. It only works among the APs that have joined to the same controller. When enabled, this mode does not block wireless clients terminated on one controller from the ability to get to wireless clients terminated on a different controller, even in the same mobility group.
  ===
  Does anybody know what's the best practise to prevent this inter wlc client traffic? I already read about using acls on the wlc dynamic interfaces, or private vlans on the l2 switch vlans where the dynamic interfaces are connected to. Is it allowed to completely isolate the wlc from each other on these dynamic interfaces with acls or private vlans or do the wlc need to see each other on this interfaces (e.g. heart beat)?
  Many thanks in advance,
  Thorsten

  Hi Sasha,Thorsten
  The bug is Junked and I believe which is what you are running into with your tests:
  CSCtr60787    WLC P2P Blocking Set to Forward-UpStream Doesn't Work.
  Bugtoolkit : http://tools.cisco.com/Support/BugToolKit/action.do?hdnAction=searchBugs
  To answer your original query :
  ACL is only solution to block client communication on same ssid between 2 wlcs. 5508 works better with ACLs then 44xx platform.
  ARP requests will be forwarded to upstream router just like any other traffic. WLC won't proxy arp for clients on same vlan.
  Gateway arp's I believe should be handled by WLC . ( Don't quote me on this but I am pretty sure it is ) ..If it was not, then how would client know about gw ?
  Multicast traffic is not applicable for p2p.
  Your ACL can be as simple as this for the scenario :
  WLC 1 - clientvlan = 10
  WLC 2 - clientvlan = 10
  and you want to restrict users from wlc1-wlc1, wlc1-wlc2, wlc2-wlc2 for same vlan10.
  Basically in that case the ACL should look like on both WLCs :
  1. Permit statement to talk to gateway.
  2. Deny to subnet.
  3. Permit all.
  4. If DHCP/DNS other services are on same subnet then you would need to add a permit
  statement before the deny.
  5. Attach the ACL to SSID or dymanic interface.
  Thanks..Salil
  CSCtr60787    WLC P2P Blocking Set to Forward-UpStream Doesn't Work.

• Just got ipad2 and it goes to different page/site without touching the screen

  just got ipad2 and it goes to different page/site without touching screen

  Try a reset. See if that solves the problem
  Reset the iPad by holding down on the sleep and home buttons at the same time for about 10-15 seconds until the Apple Logo appears - ignore the red slider - let go of the buttons.