User names from Wireless LAN Controller

Similar Messages

• Issues after changing the AP Name on Wireless LAN Controller

  I recently changed the AP Name of all the Wireless Access Points in my branch office (which are all associated to the branch office Wireless LAN Controller(s)). After that I noticed that all branch office employees are unable to connect to the employee SSID. The employee SSID uses web authentication and employees are authenticated using Head Office AD via Cisco ACS, both located at the Head Office.
  There are other SSID's on the WLC which all work fine, but only employee SSID which uses AD authentication does not work. AD authenticaion is working fine because employee's in HO are successfully able to connect to the employee SSID at HO.
  The branch office is connected to the HO via a tunnel link. We noticed that if we restart both the ASA at either ends of the tunnel. The employee SSID starts working again but only temporarily for a day or so... what could be the issue? Can renaming the AP's cause issues? How can I fix this problem?
  Thanks in advance

  Thanks Elliott,
          I did the debug like you said and I am getting the following debug messages:
  *apfMsConnTask_0: Jun 20 08:18:14.580: Deleting the client immediatly since WLAN is changed
  and also
  *apfReceiveTask: Jun 20 05:25:11.857: 00:1f:3c:86:af:15 Orphan Packet from 192.168.52.34
  The logging on the WLC shows
  *apfReceiveTask: Jun 18 17:56:41.788: %MM-1-ANCHOR_UNAVAILABLE: mm_mobile.c:2155
  All export anchors are down. Cannot anchor the client.00:c0:a8:f3:cd:ae
  The DHCP pool for the employee users are configured on a guest WLC which sits behind an ASA

• Integrate Wireless LAN Controller with Windows IAS

  I would like to have internal users authenticate to Wireless LAN Controller Module using Windows IAS server. What option are there for me to present to users? Do they get a separate domain username/password box? Can it pass thru their existing domain login credentials if they already logged into Windows domain? Does any additional client/laptop software need to be installed?

  What you should do is configure PEAP and use the IAS so users can authenticate with their AD credentials.
  This should help you:
  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080921f67.shtml

• Cisco Wireless Control System need wireless Lan Controller ?

  Cisco Wireless Control System need wireless Lan Controller , for Rogue detection

  Hi Joao,
  The WCS is used in conjuntion with the WLC (Wireless Lan Controller) for Rogue Detection. It is not a must for this function but more of an add-on :)
  The Cisco WCS is an optional network component that works in conjunction with Cisco Aironet Lightweight Access Points, Cisco wireless LAN controllers and the Cisco Wireless Location Appliance.
  From this doc;
  http://www.cisco.com/en/US/products/ps6305/index.html
  Overview of WCS
  The Cisco Wireless Control System (WCS) is a Cisco Unified Wireless Network Solution management tool that adds to the capabilities of the web user interface and command line interface (CLI), moving from individual controllers to a network of controllers. WCS includes the same configuration, performance monitoring, security, fault management, and accounting options used at the controller level and adds a graphical view of multiple controllers and managed access points.
  WCS runs on Windows 2003 and Red Hat Enterprise Linux ES 4.0 and AS 4.0 servers. On both Windows and Linux, WCS can run as a normal application or as a service, which runs continuously and resumes running after a reboot.
  The WCS user interface enables operators to control all permitted Cisco Unified Wireless Network Solution configuration, monitoring, and control functions through Internet Explorer 6.0 or later. Operator permissions are defined by the administrator using the WCS user interface Administration menu, which enables the administrator to manage user accounts and schedule periodic maintenance tasks.
  WCS simplifies controller configuration and monitoring while reducing data entry errors with the Cisco Unified Wireless Network Controller autodiscovery algorithm. WCS uses the industry-standard SNMP protocol to communicate with the controllers.
  From this good doc;
  http://www.cisco.com/en/US/products/ps6305/products_configuration_guide_chapter09186a00806b7270.html#wp1131195
  Detect and Locate Rogue Access Points
  From this WCS doc;
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806f070a.shtml#new5
  Rogue Detection under Unified Wireless Networks
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080722d8c.shtml
  Hope this helps!
  Rob

• Wireless Lan Controller Issue

  Hi All,
  We have a Wireless Lan Controller 4402 with software version 4.0.155.5. On Friday we experience a problem where our clients wouldn't get redirected to the internal webpage for authentication. It would just come up with page not found. We know the page was working fine becasue we could manually type in the
  https://1.1.1.1/login.html and the
  page would come up and you could login successfully. The users who were already connected to the controller were not affected and continued to operate. We have 2 other WLC's at the same software revision and they were not affected so I don't think it has anything to to with software level. Its like the webserver in the wlc failed to work. We failed over the AP's to the 3rd WLC and rebooted WLC1. After the WLC1 restarted we failed one of the previous non-working AP's back to it and it works again.
  I know "now" there is debug commands to run at the time when the WLC wasn't working, but unfortunately I didn't know at the time. The WLC is running again fine and I was wondering if anybody has seen this issue before.
  Any ideas on a fix or reason would be greatly appreciated.
  Thanks,

  We are running WiSM 4.1.185.0 and we just had the similar problem with one controller. The other three controllers were fine when it happened. The exactly issue was the nslookup failed(timed out) from the client, so the web login page won't show when people lunch the browser. A reboot of the controller fixed the problem. We have been running Cisco LWAPP for more than a year (from 4.0.155.5 to 4.1.185.0) and it is the first time we see this problem. TAC is still investigating the cause.
  Zhenning

• Cisco Wireless LAN Controller Always disconnect

  Dear All,
  Please help to assist my issue.I used Cisco Wireless LAN Controller model: 5508 with version 7.0.98.0 and I got issue with connection always disconnect ping always loss or some time client can't get DHCP from Controller. 
  - I configure as Internal DHCP Server with 1 SSID.
  http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/110865-dhcp-wlc.html
  - DHCP least is not full and I also try to clear-lease all but still not work.

  1. Config dhcp proxy enable
  2. In case of internal Dhcp, try debug for clients
   using,
  debug client <MAC ADDRESS OF CLIENT>

• 4404 wireless lan controller managment via wireless clients

  I am having an issue managing a 4404 wireless lan controller via wireless clients.
  I have checked the box "enable controller management to be accessible from wireless clients" under management. For some reason that does not seem to fix the problem (page cannot be displayed). I cannot ping the controller by IP but other devices on the same subnet respond. Everything else works fine.
  I CAN manage the controller when plugged in a wired connection.
  When I do a route print it is identical wireless or wired. The route simple points to my interface. If I modify the route on my computer to actually point to our gateway instead of the interface then everything works. But why should I have to do this only for my wireless connection and not my wired to manage this box?

  Thanks for the info. I narrowed the problem down to an ARP issue.
  In order for me to connect to the controller, I run a batch file that creates a static ARP entry on my laptop. I don't have to do this for any other device except the controller. Not sure what the underlying cause is, but that works as a workaround right now.

• Wireless LAN Controller not broadcasting network to Access points

  Good Day Team,
  I am working with a 2100 series WLC controller and 1100 series access point.
  I noticed that the wireless lan controller is working. Also the access point is working.
  The issue is that there is no internet connection on the access point.
  What could be the error?
  Kindly advice

  Try do diagnose your problem following this steps:
  1) Connect to the wireless network
  2) Check your IP address with "ifconfig"
  3) Check if your gateway is set correctly with "route -n"
  4) Try to ping your gateway. Is it working?
  5) Try to ping an internet IP like google: "ping 74.125.234.115"
  6) Try to resolve names with "nslookup www.google.com" for example.
  7) Try to traceroute to an IP or name on internet. Check the result to see the last hop you reached.
  8) If you passed all those tests, try this: "telnet www.google.com 80"
  If everything works, but not the test #8, your problem could be related to some proxy configuration.

• AIR-CAP3501I access point not joining the Cisco 2100 Wireless Lan controller.

  Hello All,
  I am installing a new LAP (AIR-CAP3501I ) through the wireless lan controller (AIR-WLC2112-K9) with software version 7.0. I have an external ADSL modem which will act as the DHCP server for the wireless clients and the LAP.
  Please find my network setup as below:
  The ISP ADSL modem , WLC and LAP are connected to a unmanaged POE switch. The LAP gets its power through the POE switch. When i connect the LAP and the WLC to the switch along with the ADSL modem, the LAPs are getting the ip address from the ADSL modem, however they are not joining the WLC for further process.
  ADSL Modem ip address: 192.168.1.254
  Management ip address on the LAP: 192.168.1.1 ( Assigned to port 1, untagged Vlan).
  Ap Manager ip address: 192.168.1.1 ( Assigned to the same port i.e port1, Untagged Vlan).
  The LAP is getting an IP address from the ADSL modem in the range of the DHCP scope.
  I will paste the logs very soon.
  Please let me know if i am doing anything wrong oe what will be the issue.
  Thanks in advance,
  Mohammed Ameen

  Hello All,
  Please find the logs for  "debug capwap event" from the WLC below:
  *spamReceiveTask: Sep 26 19:44:59.196: e8:04:62:0a:3f:10 Join Version: = 117465600
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join resp: CAPWAP Maximum Msg element len = 92
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join Response sent to 192.168.1.156:45510
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 CAPWAP State: Join
  *spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
  *apfReceiveTask: Sep 26 19:44:59.198: e8:04:62:0a:3f:10 Register LWAPP event for AP e8:04:62:0a:3f:10 slot 0
  *spamReceiveTask: Sep 26 19:44:59.341: e8:04:62:0a:d1:20 DTLS connection not found, creating new connection for 192:168:1:158 (45644) 192:168:1:2 (5246)
  *spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 DTLS Session established server (192.168.1.2:5246), client (192.168.1.158:45644)
  *spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 Starting wait join timer for AP: 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.121: e8:04:62:0a:d1:20 Join Request from 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join Version: = 117465600
  *spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join resp: CAPWAP Maximum Msg element len = 92
  *spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 Join Response sent to 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 CAPWAP State: Join
  *spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
  *apfReceiveTask: Sep 26 19:45:00.125: e8:04:62:0a:d1:20 Register LWAPP event for AP e8:04:62:0a:d1:20 slot 0
  *spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 Configuration Status from 192.168.1.158:45644
  *spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 CAPWAP State: Configure
  *spamReceiveTask: Sep 26 19:45:00.273: Invalid channel 1 spacified for the AP APf866.f2ab.24b6, slotId = 0
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP info for AP e8:04:62:0a:d1:20 -- static 0, 192.168.1.158/255.255.255.0, gtw 192.168.1.254
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP 192.168.1.158 ===> 192.168.1.158 for AP e8:04:62:0a:d1:20
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Setting MTU to 1485
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Finding DTLS connection to delete for AP (192:168:1:158/45644)
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Disconnecting DTLS Capwap-Ctrl session 0xa06d6a4 for AP (192:168:1:158/45644)
  *spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 CAPWAP State: Dtls tear down
  *spamReceiveTask: Sep 26 19:45:00.277: spamProcessGlobalPathMtuUpdate: Changing Global LRAD MTU to 576
  *spamReceiveTask: Sep 26 19:45:00.277: e8:04:62:0a:d1:20 DTLS connection closed event receivedserver (192:168:1:2/5246) client 192:168:1:158/45644).
  The Acess point joins the Controller for 2-3 seconds and then unjoins again. I am not sure what i am doing wrong here. The access points are getting the IPs from the ADSL modem through the switch, then it talks to the WLC, however it does not join the controller for further process.
  Note:
  The Managemnet interface and the AP manager interface are assigned to the same port 1 with unassigned Vlan as mention above.

• Ise 1.1.1 missing Wireless LAN Controller (WLC) in Auth Profile

  Anyone else not seeing the Wireless LAN Controller tick box in Authorization Profile?
  Clean install of 1.1.1. with ISE Version 1.1.1.268—Cumulative Patch 1 applied
  EVAL license
  All the documentation says it should still be there in 1.1.1 unless im missing a trick?

  If you are referring to the ACL for the wireless lan controller that has change to the "Airespace ACL Name".
  This looks like a documentation bug.
  Tarik Admani
  *Please rate helpful posts*

• Wireless lan controller

  Hello,
  In our company we have a cisco wireless lan controller. the managemant interface (untagged 192.168.10.240) is able to ping to all te vlan's. When i add a interface (for example vlan 20 voice 192.168.20.240 255.255.255.0 192.168.20.254) i cant ping that network anymore from my controller while the ip and vlan configurations are good. Can someone help me to solve this problem?

  Because you have more than one VLAN, you need to TAG the uplink.  On the switch you need to enable Dot1Q Trunking and allow the required VLAN.

• Security policy signature in Wireless Lan Controller?

  Can we update security police signature in wireless lan controller ?

  I made this solution andthe problem still exist. and restart the VMware and also the problem still exist
  Go to Configure> Controllers
  and then which controller have config mismatch...on right side click on mismatch in Audit status tab.
  After that it will ask for audit now, click on that. After auditing it will show you the two option:
  1. Restore PI values to Controller
  2. Refresh config from controler
  Clcik on 2nd #Refresh config from controler#
  Then select 2nd option again(Use the configuration on the controller currently) and click on GO.
  Please feed me back.

• Can cisco CAP2702i connect to Cisco3850 switch with wireless LAN controller license via another switch ?

  If i connect cisco AP - CAP2702i to another switch, and use trunk port between Cisco3850 and the other switch , can the AP able to register with Cisco3850 with wireless LAN controller  ?   or the AP has to directly connect to Cisco3850 in order to register?

  The AP and 3850 wireless management are in same Vlan( vlan202). The AP is new unit and did not join MC before. 
  What i did on 3850 :
  input command - wireless management interface vlan 202
                            - ap cdp
                            - wireless mobility controller
  Is there any config i miss out on 3850 and any config need to be set on AP ?
  From Ap console output show me "could not discover WLC using dhcp ip". Is it due to AP dont have IP address? If AP register with WLC through layer 2 , i believe there is no related with IP.Correct me if i'm wrong.
  Due to the 3850 is not a POE, the AP unable directly connect to 3850  . I guess have to use power adapter to power on the AP.

• Wireless lan Controller 4402 / ping dynamic interface failed

  hi,
  i've a problem with a Wireless Lan Controller 4402.
  When i configure the dynamic interface on the my network , with wired lan
  i don't reach (i use the ping command) the ip address of the WLC.
  In my case (wired):
  On my pc i've a ip 10.1.78.1 255.255.0.0 and dgw 10.1.1.1 (vlan721)
  The lan WLC have a ip of management 10.12.2.4 /24 (vlan799) [dgw 10.12.2.1]
  dynamic vlan 792 ip add 10.12.78.100 / 22 (vlan792) [dgw 10.12.68.1]
  i ping these interfaces (10.12.2.4 and 10.12.78.100) and the ping is ok.
  When i create a dynamic interface vlan 721 starting the problem:
  dynamic vlan 791 ip address 10.1.1.240 / 16 (vlan721)
  After this ......the ping on 10.12.2.4 and 10.12.78.100 don't respond very well
  and i lose the 80-90% of the ping packages.
  through the wi-fi instead I do not have problems.
  the problem exist only via wired (cable).
  Can you help me?
  Thanks
  FCostalunga

  Hello,
  Pinging the dynamic interface is officially not supported. The reason why is because the controller places a very low priority on ICMP traffic. Typically, you will not have an issue with doing so on your wireless network because this interface is basically a gateway for the client. However, from the wired network - the only interface designed to respond to pings 100% of the time is the management interface. Hope this helps!
  -Mark

• We have an itunes account on our desktop and my kids have it on their ipod and iphone. I went in and changed our user name from my old e-mail address which is no longer accessible to my new one and now either of my kids can access the itunes store..

  We have an itunes account on our desktop and both my kids have it on iphone and ipod. I went in and changed out user name from an old e-mail address which is no longer accessible to my one I use now... When the kids try to sign onto the itunes store it tells them they have the wrong user name..
  Can this be fixed??

  Did you change the email address or create a new Apple ID?
  If the email address associated with the account was merely changed, sign out of the Apple ID on the devices and sign in using the new credentials.