Virtual interface ip of Wireless controller
Hi,
In our wireless controller, there is a virtual interface having ip 192.168.100.1.
when tracing the packets, we saw this ip being reflected in sniffer as dhcp server address instead of original dhcp server ip.
The controller interfaces of ssid have original dhcp server ip ( 172.16.31.2 ) mentioned in them, this is where clients get there ip from.
In this case, why does virtual interface ip (192.168.100.1) is seen as dhcp server in sniffer traces instead of original dhcp server 172.16.31.2
Appreciate all inputs to help me understand this.
If you have dhcp proxy enabled in the WLC, which is default, the WLC will proxy dhcp and it uses the virtual IP address. If you look at a client that is connected to the wireless and on a windows machine you look at the ipconfig /all, you will also see that the dhcp server is the virtual IP address if the WLC. Dhcp proxy can be disabled as long as you dint have the WLC being used as the dhcp server, or else it it's required to have dhcp proxy enabled.
Virtual IP is also used for mobility and guest portal page.
Sent from Cisco Technical Support iPhone App
Similar Messages
-
WLAN Controller learning IP/MAC on wrong virtual interface
Hello
I believe since I upgraded my WiSM to 7.0.250.0 is it learning a MAC address on the wrong virtual interface.
The setup:
- a Linux server with 2 virtual interfaces, both use the same MAC address, one is the gateway of VLAN 116 and one is the gateway of VLAN 240
- a WiSM with several virtual interfaces, including one in 116 and one in 240
Here the arp table with the problem:
MAC Address IP Address Port VLAN Type
00:50:56:BD:32:92 172.16.240.9 29 240 Host
00:1E:4A:FA:87:8B 172.16.102.12 29 0 Permanent
00:1E:4A:FA:50:0B 172.16.102.13 29 0 Permanent
00:1E:4A:FA:81:2B 172.16.102.14 29 0 Permanent
00:50:56:BD:32:92 172.16.116.9 29 240 Host
00:1D:E0:31:55:23 172.16.116.185 29 116 Client
58:94:6B:68:50:E8 172.16.118.201 29 116 Client
1C:B0:94:B7:38:08 172.16.118.234 29 116 Client
And here after I made a PING from the controller to the listed ip address:
MAC Address IP Address Port VLAN Type
00:50:56:BD:32:92 172.16.240.9 29 240 Host
00:1E:4A:FA:87:8B 172.16.102.12 29 0 Permanent
00:1E:4A:FA:50:0B 172.16.102.13 29 0 Permanent
00:1E:4A:FA:81:2B 172.16.102.14 29 0 Permanent
00:50:56:BD:32:92 172.16.116.9 29 116 Host
00:1D:E0:31:55:23 172.16.116.185 29 116 Client
38:E7:D8:D3:7C:FA 172.16.118.92 29 116 Client
58:94:6B:68:50:E8 172.16.118.201 29 116 Client
1C:B0:94:B7:38:08 172.16.118.234 29 116 Client
18:AF:61:12:E9:FB 192.168.1.59 29 117 Client
Has anybody else the same problem?
The host 172.16.116.9 is also the configured DHCP server on VLAN 116.
Is there a way to statically configure this IP address on that VLAN? Because it causes every few days a service outage on that VLAN (which is bound to an SSID).Yup, I'd say still valid. Seeing as it is the gateway, if it had different mac addresses per interface, it might still work.
No, clients in the same subnet can communicate, but it is not recommended to 'bridge' wired and wireless with a WLC. The WLC doesn't like to bridge the communication by default, though there are work arounds.
I might also say that as it uses the same MAC address for both virtual interfaces L2 is going to be messed up as each time there were an ARP the entry would change.
Take a look and see if you can manually change the mac for one of the interfaces and test again.
HTH,
Steve -
Cisco Aironet 3502i and Virtual Wireless Controller- Question
Hello everyone,
As soon, I purchased two Cisco 3502i and Cisco 1142 however, two issue are that I don't have controller and smartnet. As my purpose, it using for Home Use but house with 2,500 Sq ft with two floor and new 24x24ft garage with two floor. I put two Cisco 3502i for garage and one cisco 1142 in house on second floor. Separated for multi media, gaming, streaming high resolution video, parts, and downloads programmings online. It will run with Cisco Catalyst Express 500 with 24 ports (4 POE) and two gigabit ports. In house, it have Dell Poweredge 2850, Cisco Catalyst Express 500 with 24 ports POE and 2 ports gigabit.
I thought to make my own developing with my first time using Wireless Controller. I wanted to try out with Virtual WLC on Dell Poweredge 2850 running ESXi 4.1.
Specs for Dell Poweredge 2850:
- 2x Intel Xeon Dual Core 3.8 GHz
- 4GB RAM (Will upgrade to 12GB soon)
- 2x 146GB and 2x 36GB SCSI
- 2x 1 Gbps built in and 4x 1 Gbps PCI-X
Developing with Untangle and pfSense to make it support with LADP and VLAN to both Cisco Express 500 using 4 gbps PCI-X. I have read the requipment list to use Virtual WLC but it seem met the requipment for my 2850. If someone offer me to get Virtual WLC and IOS from their, I accept to "borrow" it. I do go college which is Rochester Institute of Technology at New York and my major is Applied Computer Technology. I live here at Hampton Road, Virginia. Just in case if you might know about RIT. I just start to learning myself with Cisco books.
I have a question:
- Is there possible to get trial or full version of Virtual WLC?
- Is there possible to get Lightweight or Autonomous IOS for Cisco 1142 and 3502i?
- Does it supported Dell PowerEdge 2850?
- Does 3502i support Autonomous? (Not actually but I have researched around online about that it will work with 1262's IOS)
Thanks
GageAnswers in-line...
I have a question:
- Is there possible to get trial or full version of Virtual WLC?
No. You will need a SmartNet contract (or a freshly purchased device) to obtain software from cisco. Nobody will provide this to you.
- Is there possible to get Lightweight or Autonomous IOS for Cisco 1142 and 3502i?
No. You will need a SmartNet contract (or a freshly purchased device) to obtain software from cisco.
Nobody will provide this to you.
- Does it supported Dell PowerEdge 2850?
Cisco doesn't go in to great detail regarding the actual Hardware requirements of the vWLC (as far as ESX Host requirements). Primarily, making sure you are running ESX 4.x/5.x is necessary. The vWLC provisions 2Gb of RAM and 8GB of thick provisioned storage, so if your host can accomodate I don't see any reason it wouldn't work.
- Does 3502i support Autonomous? (Not actually but I have researched around online about that it will work with 1262's IOS)
Yes, with the latest versions of IOS 15.2(2)JB, full functionality in autonomous can be achieved on the 1550, 3500, and 3600 series APs
http://www.cisco.com/en/US/docs/wireless/access_point/ios/release/notes/15.2_2_JB.html#wp355587 -
Cisco Virtual Wireless Controller
Hello,
Does the Cisco Virtual WLC support the 1230AP?
There is a list of supported AP's from the data sheet the1230 isnt listed, maybe shoould assume no support?!
http://http://www.cisco.com/en/US/partner/prod/collateral/wireless/ps6302/ps8322/ps12723/data_sheet_c78-714543.html
Regards,
Garry.no, it doesn't. But it has to do with the 7.3 code, as that is the lowest code the vWLC can run.
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn73.html
HTH,
Steve
Please remember to rate useful posts, and mark questions as answered -
Hi!
I try to configure a Cisco 5508 Wireless controller and 25 Air-lap1041 to use as VoIP and data. I read documents, manuals, etc, but the AP doesn't charge the configuration, or not conect with the Wireless Controller, why? No Radius server present, only WPA security.howto, please...
I try to put a static ip in the LAP, with lwapp or capwap command, (LWAPP/CAPWAP ap ip address direccion mascara) and the AP returns "You should configure Domain and Name Server from controller CLI/GUI." and i can't change the name of the AP (Command is disabled).
Log from AP:
using ÿÿÿÿ ddr static values from serial eeprom
ddr init done
Running Normal Memtest...
Passed.
IOS Bootloader - Starting system.
FLASH CHIP: Numonyx P33
Checking for Over Erased blocks
Xmodem file system is available.
DDR values used from system serial eeprom.
WRDTR,CLKTR: 0x83000800, 0xc0000000
RQDC, RFDC : 0x80000037, 0x00000184
PCIE0: link is up.
PCIE0: VC0 is active
PCIE1: link is NOT up.
PCIE1 port 1 not initialize
PCIEx: initialization done
flashfs[0]: 6 files, 2 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32385024
flashfs[0]: Bytes used: 2369024
flashfs[0]: Bytes available: 30016000
flashfs[0]: flashfs fsck took 21 seconds.
Reading cookie from system serial eeprom...Done
Base Ethernet MAC address: 44:2b:03:dc:09:25
Ethernet speed is 1000 Mb - FULL duplex
Loading "flash:/c1140-rcvk9w8-mx/c1140-rcvk9w8-mx"...###########################
File "flash:/c1140-rcvk9w8-mx/c1140-rcvk9w8-mx" uncompressed and installed, entr
y point: 0x4000
executing...
enet halted
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C1040 Software (C1140-RCVK9W8-M), Version 12.4(23c)JA, RELEA
SE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Tue 01-Jun-10 12:53 by prod_rel_team
Proceeding with system init
Proceeding to unmask interrupts
Initializing flashfs...
FLASH CHIP: Numonyx P33
Checking for Over Erased blocks
flashfs[1]: 6 files, 2 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 32126976
flashfs[1]: Bytes used: 2369024
flashfs[1]: Bytes available: 29757952
flashfs[1]: flashfs fsck took 7 seconds.
flashfs[1]: Initialization complete.
flashfs[2]: 0 files, 1 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 11999232
flashfs[2]: Bytes used: 1024
flashfs[2]: Bytes available: 11998208
flashfs[2]: flashfs fsck took 1 seconds.
flashfs[2]: Initialization complete....done Initializing flashfs.
Ethernet speed is 1000 Mb - FULL duplex
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-LAP1041N-E-K9 (PowerPC405ex) processor (revision B0) with 98294K/32
768K bytes of memory.
Processor board ID FCZ1611W414
PowerPC405ex CPU at 333Mhz, revision number 0x147E
Last reset from reload
LWAPP image version 7.0.94.21
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 44:2B:03:DC:09:25
Part Number : 73-14034-04
PCA Assembly Number : 800-34273-05
PCA Revision Number : A0
PCB Serial Number : FOC16075VZ3
Top Assembly Part Number : 800-34284-03
Top Assembly Serial Number : FCZ1611W414
Top Revision Number : A0
Product/Model Number : AIR-LAP1041N-E-K9
% Please define a domain-name first.
Press RETURN to get started!
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:00:09.574: *** CRASH_LOG = YES
Base Ethernet MAC address: 44:2B:03:DC:09:25
*Mar 1 00:00:09.838: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log
(contains, 1024 messages)
*Mar 1 00:00:11.848: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state
to up
*Mar 1 00:00:11.892: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1040 Software (C1140-RCVK9W8-M), Version 12.4(23c)JA, RELEA
SE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Tue 01-Jun-10 12:53 by prod_rel_team
*Mar 1 00:08:16.954: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEth
ernet0, changed state to up
logging facility kern
^
% Invalid input detected at '^' marker.
*Mar 1 00:08:28.047: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROL
LER
*Mar 1 00:08:28.049: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 00:09:08.282: %CDP_PD-2-POWER_LOW: All radios disabled - LOW_POWER_CLASS
IC_NO_INJECTOR_CONFIGURED AIR-CT5508-K9 (c464.138f.9345)
*Mar 1 00:09:08.282: -Verify the required power-injector is installed on this
port: AIR-CT5508-K9(Gig 0/0/2).
*Mar 1 00:09:08.282: -If a power-injector is installed, issue the command:"pow
er inline negotiation injector installed"
*Mar 1 00:12:19.976: %CAPWAP-5-STATIC_TO_DHCP_IP: Could not discover WLC using
static IP. Forcing AP to use DHCP.
*Mar 1 00:12:29.993: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does
not have an Ip !!
*Mar 1 00:12:39.994: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does
not have an Ip !!
*Mar 1 00:12:49.993: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does
not have an Ip !!
*Mar 1 00:12:59.994: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does
not have an Ip !!
*Mar 1 00:13:09.993: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does
not have an Ip !!
Not in Bound state.
*Mar 1 00:13:19.993: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does
not have an Ip !!
*Mar 1 00:13:19.993: %CAPWAP-5-DHCP_RENEW: Could not discover WLC using DHCP IP
. Renewing DHCP IP.
logs from wireless controller:
(Cisco Controller) >show interface summary
Interface Name Port Vlan Id IP Address Type Ap Mgr Gu
est
ap-manager 2 untagged 209.165.200.231 Dynamic Yes No
management 1 untagged 209.165.200.230 Static Yes No
service-port N/A N/A 192.168.1.157 Static No No
virtual N/A N/A 1.1.1.1 Static No No
(Cisco Controller) >
i conect with service-port ok and the management port works, i think.
AP442b.03dc.0925>ping 209.165.200.230
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.165.200.230, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
AP442b.03dc.0925>
Help, please!
i write in spanish:
Hola:
Tengo que configurar un cisco 5508 wireless controller con 25 air-lap1041n, para usarlo como acceso de datos y voz. ¿Cómo lo hago? He leído manuales, y seguido las instrucciones, pero el punto de acceso parace que no es capaz de cargar el perfil. No hay servidor radius, solo la configuración de una clave wpa. Alguién me puede indicar pasos, GraciasHi!
I buy a gigabit switch. I connect the service-port to gigabit switch, and laptop to gigabit switch. I used 192.168.1.x ip address (192.168.1.157 to service-port and 192.168.1.233 to wired port on laptop, well, the laptop has two ip adress, 192.168.1.233 and 209.165.200.2, and the laptop works ok. Ping to 209.165.200.230 -ip address of management interface- and ping to 209.165.200.203 -ip address for AP, is assigned by DHCP of WLC. And i connect the ap to gigabit switch, and the wlc assigns well an ip direction.
I post the run-config and sysinfo log. The gigabit switch is tp-link model tl-sg1005d, no configuration.
Before the logs, I see this message from AP:
*Apr 19 23:10:20.211: %CAPWAP-3-ERRORLOG: This AP is not supported in controller
version 6.0.199.4 ---->What's mean that? Is it compatible the ap with the WLC? ¿Es compatible el AP con el WLC?
Hola:
He comprado un switch gigabit. Conecto el service-port al switch gigabit y el portátil también (por cable). Uso como direcciones ip el rango 192.168.1.x (192.168.1.157 asignado al service-port y 192, 168.1.233 al portátil, bueno, el portátil tiene dos direcciones, la dicha anteriormente y la 209.165.200.2) El portátil funciona bien, hace ping al 209.165.200.230 - la ip de la management interface, y a 209.165.200.203 - ip asignada al AP por el DHCP del WLC. He conectado el AP al swtich gigabit, y el dhcp del wlc asigna correctamente una dirección ip.
Añado a continuación los resultados de los comandos "show run-config" y "show sysinfo". El switch es un TP-LINK modelo TL-S1005D, sin necesidad de configuración.
Antes de mostrar los resultados de los comandos, he visto el siguiente mensaje en el log del AP:
*Apr 19 23:10:20.211: %CAPWAP-3-ERRORLOG: This AP is not supported in controller
version 6.0.199.4 ---->What's mean that? Is it compatible the ap with the WLC? ¿Es compatible el AP con el WLC?
Un saludo
Antonio R.
(Cisco Controller) >show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "Cisco Wireless Controller"
PID: AIR-CT5508-K9, VID: V02, SN: FCW1608L05X
Burned-in MAC Address............................ C4:64:13:8F:93:40
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 25
Press Enter to continue or to abort
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 6.0.199.4
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console
1.27
Build Type....................................... DATA + WPS
System Name...................................... CISCO-CAPWAP-CONTROLLER
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 209.165.200.230
Last Reset....................................... Power on reset
System Up Time................................... 0 days 0 hrs 17 mins 45 secs
System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin,
Rome, Vienna
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... ES - Spain
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +36 C
External Temperature............................. +23 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Disabled
Number of WLANs.................................. 1
3rd Party Access Point Support................... Disabled
Number of Active Clients......................... 0
Burned-in MAC Address............................ C4:64:13:8F:93:40
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 25
Press Enter to continue or to abort
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Network Information
RF-Network Name............................. hosp
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
Secure Shell (ssh).......................... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Unicast
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Enabled
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
--More or (q)uit current module or to abort
--More or (q)uit current module or to abort
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Fast SSID Change ........................... Disabled
IP/MAC Addr Binding Check .................. Enabled
Press Enter to continue or to abort
Port Summary
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE SFPType
1 Normal Forw Enable Auto 1000 Full Up Enable N/A 1000BaseTX
2 Normal Disa Enable Auto Auto Down Enable N/A Not Present
3 Normal Disa Enable Auto Auto Down Enable N/A Not Present
4 Normal Disa Enable Auto Auto Down Enable N/A Not Present
5 Normal Disa Enable Auto Auto Down Enable N/A Not Present
6 Normal Disa Enable Auto Auto Down Enable N/A Not Present
7 Normal Disa Enable Auto Auto Down Enable N/A Not Present
8 Normal Disa Enable Auto Auto Down Enable N/A Not Present
Press Enter to continue or to abort
AP Summary
Number of APs.................................... 0
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location
Port Country Priority
Press Enter to continue or to abort
Press Enter to continue or to abort
AP Location
Site Name........................................ default-group
Site Description.................................
WLAN ID Interface Network Admission Control
1 management Disabled
AP Name Slots AP Model Ethernet MAC Location
Port Country Priority GroupName
Press Enter to continue or to abort
AP Config
Press Enter to continue or to abort
Press Enter to continue or to abort
AP Airewave Director Configuration
Press Enter to continue or to abort
802.11a Configuration
802.11a Network.................................. Disabled
11nSupport....................................... Enabled
802.11a Low Band........................... Enabled
802.11a Mid Band........................... Enabled
802.11a High Band.......................... Enabled
802.11a Operational Rates
802.11a 6M Rate.............................. Mandatory
802.11a 9M Rate.............................. Supported
802.11a 12M Rate............................. Mandatory
802.11a 18M Rate............................. Supported
802.11a 24M Rate............................. Mandatory
802.11a 36M Rate............................. Supported
802.11a 48M Rate............................. Supported
802.11a 54M Rate............................. Supported
802.11n MCS Settings:
MCS 0........................................ Supported
MCS 1........................................ Supported
MCS 2........................................ Supported
MCS 3........................................ Supported
MCS 4........................................ Supported
MCS 5........................................ Supported
MCS 6........................................ Supported
--More or (q)uit current module or to abort
--More or (q)uit current module or to abort
MCS 7........................................ Supported
MCS 8........................................ Supported
MCS 9........................................ Supported
MCS 10....................................... Supported
MCS 11....................................... Supported
MCS 12....................................... Supported
MCS 13....................................... Supported
MCS 14....................................... Supported
MCS 15....................................... Supported
802.11n Status:
A-MPDU Tx:
Priority 0............................... Enabled
Priority 1............................... Disabled
Priority 2............................... Disabled
Priority 3............................... Disabled
Priority 4............................... Disabled
Priority 5............................... Disabled
Priority 6............................... Disabled
Priority 7............................... Disabled
Beacon Interval.................................. 100
CF Pollable mandatory............................ Disabled
CF Poll Request mandatory........................ Disabled
CFP Period....................................... 4
--More or (q)uit current module or to abort
--More or (q)uit current module or to abort
CFP Maximum Duration............................. 60
Default Channel.................................. 36
Default Tx Power Level........................... 0
DTPC Status..................................... Enabled
Fragmentation Threshold.......................... 2346
TI Threshold..................................... -50
Legacy Tx Beamforming setting.................... Disabled
Traffic Stream Metrics Status.................... Disabled
Expedited BW Request Status...................... Disabled
World Mode....................................... Enabled
EDCA profile type................................ default-wmm
Voice MAC optimization status.................... Disabled
Call Admision Control (CAC) configuration
Voice AC:
Voice AC - Admission control (ACM)............ Disabled
Voice max RF bandwidth........................ 75
Voice reserved roaming bandwidth.............. 6
Voice load-based CAC mode..................... Disabled
Voice tspec inactivity timeout................ Disabled
Voice Stream-Size............................. 84000
Voice Max-Streams............................. 2
Video AC:
Video AC - Admission control (ACM)............ Disabled
--More or (q)uit current module or to abort
--More or (q)uit current module or to abort
Video max RF bandwidth........................ Infinite
Video reserved roaming bandwidth.............. 0
Press Enter to continue or to abort
802.11a Advanced Configuration
Press Enter to continue or to abort
802.11a Airewave Director Configuration
RF Event and Performance Logging
Channel Update Logging......................... Off
Coverage Profile Logging....................... Off
Foreign Profile Logging........................ Off
Load Profile Logging........................... Off
Noise Profile Logging.......................... Off
Performance Profile Logging.................... Off
TxPower Update Logging......................... Off
Default 802.11a AP performance profiles
802.11a Global Interference threshold.......... 10 %
802.11a Global noise threshold................. -70 dBm
802.11a Global RF utilization threshold........ 80 %
802.11a Global throughput threshold............ 1000000 bps
802.11a Global clients threshold............... 12 clients
Default 802.11a AP monitoring
802.11a Monitor Mode........................... enable
802.11a Monitor Mode for Mesh AP Backhaul...... disable
802.11a Monitor Channels....................... Country channels
802.11a AP Coverage Interval................... 180 seconds
802.11a AP Load Interval....................... 60 seconds
802.11a AP Noise Interval...................... 180 seconds
--More or (q)uit current module or to abort
--More or (q)uit current module or to abort
802.11a AP Signal Strength Interval............ 60 seconds
Automatic Transmit Power Assignment
Transmit Power Assignment Mode................. AUTO
Transmit Power Update Interval................. 600 seconds
Transmit Power Threshold....................... -70 dBm
Transmit Power Neighbor Count.................. 3 APs
Min Transmit Power............................. -10 dBm
Max Transmit Power............................. 30 dBm
Transmit Power Update Contribution............. SNI.
Transmit Power Assignment Leader............... c4:64:13:8f:93:40
Last Run....................................... 75 seconds ago
Coverage Hole Detection
802.11a Coverage Hole Detection Mode........... Enabled
802.11a Coverage Voice Packet Count............ 100 packets
802.11a Coverage Voice Packet Percentage....... 50%
802.11a Coverage Voice RSSI Threshold.......... -80 dBm
802.11a Coverage Data Packet Count............. 50 packets
802.11a Coverage Data Packet Percentage........ 50%
802.11a Coverage Data RSSI Threshold........... -80 dBm
802.11a Global coverage exception level........ 25 %
802.11a Global client minimum exception lev.... 3 clients
Automatic Channel Assignment
Channel Assignment Mode........................ AUTO
--More or (q)uit current module or to abort
Channel Update Interval........................ 600 seconds [startup]
Anchor time (Hour of the day).................. 0
Channel Update Contribution.................... SNI.
Channel Assignment Leader...................... c4:64:13:8f:93:40
Last Run....................................... 75 seconds ago
DCA Sensitivity Level.......................... STARTUP (5 dB)
DCA 802.11n Channel Width...................... 20 MHz
DCA Minimum Energy Limit....................... -95 dBm
Channel Energy Levels
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
Channel Dwell Times
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
802.11a 5 GHz Auto-RF Channel List
Allowed Channel List......................... 36,40,44,48,52,56,60,64
Unused Channel List.......................... 100,104,108,112,116,120,124,
128,132,136,140
DCA Outdoor AP option.......................... Disabled
Radio RF Grouping
802.11a Group Mode............................. AUTO
--More or (q)uit current module or to abort
802.11a Group Update Interval.................. 600 seconds
802.11a Group Leader........................... c4:64:13:8f:93:40
802.11a Group Member......................... c4:64:13:8f:93:40
802.11a Last Run............................... 75 seconds ago
802.11b Configuration
802.11b Network.................................. Enabled
11gSupport....................................... Enabled
11nSupport....................................... Enabled
802.11b/g Operational Rates
802.11b/g 1M Rate............................ Mandatory
802.11b/g 2M Rate............................ Mandatory
802.11b/g 5.5M Rate.......................... Mandatory
802.11b/g 11M Rate........................... Mandatory
802.11g 6M Rate.............................. Supported
802.11g 9M Rate.............................. Supported
802.11g 12M Rate............................. Supported
802.11g 18M Rate............................. Supported
802.11g 24M Rate............................. Supported
802.11g 36M Rate............................. Supported
802.11g 48M Rate............................. Supported
802.11g 54M Rate............................. Supported
802.11n MCS Settings:
MCS 0........................................ Supported
MCS 1........................................ Supported
MCS 2........................................ Supported
MCS 3........................................ Supported
MCS 4........................................ Supported
--More or (q)uit current module or to abort
MCS 5........................................ Supported
MCS 6........................................ Supported
MCS 7........................................ Supported
MCS 8........................................ Supported
MCS 9........................................ Supported
MCS 10....................................... Supported
MCS 11....................................... Supported
MCS 12....................................... Supported
MCS 13....................................... Supported
MCS 14....................................... Supported
MCS 15....................................... Supported
802.11n Status:
A-MPDU Tx:
Priority 0............................... Enabled
Priority 1............................... Disabled
Priority 2............................... Disabled
Priority 3............................... Disabled
Priority 4............................... Disabled
Priority 5............................... Disabled
Priority 6............................... Disabled
Priority 7............................... Disabled
Beacon Interval.................................. 100
CF Pollable mode................................. Disabled
--More or (q)uit current module or to abort
CF Poll Request mandatory........................ Disabled
CFP Period....................................... 4
CFP Maximum Duration............................. 60
Default Channel.................................. 1
Default Tx Power Level........................... 0
DTPC Status..................................... Enabled
Call Admission Limit ........................... 105
G711 CU Quantum ................................. 15
ED Threshold..................................... -50
Fragmentation Threshold.......................... 2346
PBCC mandatory................................... Disabled
RTS Threshold.................................... 2347
Short Preamble mandatory......................... Enabled
Short Retry Limit................................ 7
Legacy Tx Beamforming setting.................... Enabled
Traffic Stream Metrics Status.................... Disabled
Expedited BW Request Status...................... Disabled
World Mode....................................... Enabled
Faster Carrier Tracking Loop..................... Disabled
EDCA profile type................................ default-wmm
Voice MAC optimization status.................... Disabled
Call Admision Control (CAC) configuration
Voice AC - Admission control (ACM)............ Disabled
--More or (q)uit current module or to abort
Voice Stream-Size............................. 84000
Voice Max-Streams............................. 2
Voice max RF bandwidth........................ 75
Voice reserved roaming bandwidth.............. 6
Voice load-based CAC mode..................... Disabled
Voice tspec inactivity timeout................ Disabled
Video AC - Admission control (ACM)............ Disabled
Video max RF bandwidth........................ 50
Video reserved roaming bandwidth.............. 0
802.11b Advanced Configuration
Press Enter to continue or to abort
802.11b Airewave Director Configuration
RF Event and Performance Logging
Channel Update Logging......................... Off
Coverage Profile Logging....................... Off
Foreign Profile Logging........................ Off
Load Profile Logging........................... Off
Noise Profile Logging.......................... Off
Performance Profile Logging.................... Off
Transmit Power Update Logging.................. Off
Default 802.11b AP performance profiles
802.11b Global Interference threshold.......... 10 %
802.11b Global noise threshold................. -70 dBm
802.11b Global RF utilization threshold........ 80 %
802.11b Global throughput threshold............ 1000000 bps
802.11b Global clients threshold............... 12 clients
Default 802.11b AP monitoring
802.11b Monitor Mode........................... enable
802.11b Monitor Channels....................... Country channels
802.11b AP Coverage Interval................... 180 seconds
802.11b AP Load Interval....................... 60 seconds
802.11b AP Noise Interval...................... 180 seconds
802.11b AP Signal Strength Interval............ 60 seconds
Automatic Transmit Power Assignment
Transmit Power Assignment Mode................. AUTO
Transmit Power Update Interval................. 600 seconds
Transmit Power Threshold....................... -70 dBm
Transmit Power Neighbor Count.................. 3 APs
Min Transmit Power............................. -10 dBm
Max Transmit Power............................. 30 dBm
Transmit Power Update Contribution............. SNI.
Transmit Power Assignment Leader............... c4:64:13:8f:93:40
Last Run....................................... 213 seconds ago
Coverage Hole Detection
802.11b Coverage Hole Detection Mode........... Enabled
802.11b Coverage Voice Packet Count............ 100 packets
802.11b Coverage Voice Packet Percentage....... 50%
802.11b Coverage Voice RSSI Threshold.......... -80 dBm
802.11b Coverage Data Packet Count............. 50 packets
802.11b Coverage Data Packet Percentage........ 50%
802.11b Coverage Data RSSI Threshold........... -80 dBm
802.11b Global coverage exception level........ 25 %
802.11b Global client minimum exception lev.... 3 clients
Automatic Channel Assignment
Channel Assignment Mode........................ AUTO
Channel Update Interval........................ 600 seconds [startup]
Anchor time (Hour of the day).................. 0
Channel Update Contribution.................... SNI.
Channel Assignment Leader...................... c4:64:13:8f:93:40
Last Run....................................... 213 seconds ago
DCA Sensitivity Level: ...................... STARTUP (5 dB)
DCA Minimum Energy Limit....................... -95 dBm
Channel Energy Levels
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
Channel Dwell Times
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
802.11b Auto-RF Allowed Channel List........... 1,6,11
Auto-RF Unused Channel List.................... 2,3,4,5,7,8,9,10,12,13
Radio RF Grouping
802.11b Group Mode............................. AUTO
802.11b Group Update Interval.................. 600 seconds
802.11b Group Leader........................... c4:64:13:8f:93:40
802.11b Group Member......................... c4:64:13:8f:93:40
802.11b Last Run............................... 213 seconds ago
Mobility Configuration
Symmetric Mobility Tunneling (current) .......... Enabled
Symmetric Mobility Tunneling (after reboot) ..... Enabled
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... hosp
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x97e2
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 1
Mobility Control Message DSCP Value.............. 0
Controllers configured in the Mobility Group
MAC Address IP Address Group Name Multicast
IP Status
c4:64:13:8f:93:40 209.165.200.230 hosp 0.0.0.0
Up
Advanced Configuration
Probe request filtering.......................... Enabled
Probes fwd to controller per client per radio.... 0
Probe request rate-limiting interval............. 500 msec
EAP-Identity-Request Timeout (seconds)........... 30
EAP-Identity-Request Max Retries................. 2
EAP Key-Index for Dynamic WEP.................... 0
EAP Max-Login Ignore Identity Response........... enable
EAP-Request Timeout (seconds).................... 30
EAP-Request Max Retries.......................... 2
EAPOL-Key Timeout (milliseconds)................. 1000
EAPOL-Key Max Retries............................ 2
dot11-padding.................................... Disabled
Authentication Response Timeout (seconds)........ 10
Rogue Entry Timeout (seconds).................... 1200
AP Heart Beat Timeout (seconds).................. 30
AP Discovery Timeout (seconds)................... 10
AP Local mode Fast Heartbeat (seconds)........... disable
AP Hreap mode Fast Heartbeat (seconds)........... disable
AP Primary Discovery Timeout (seconds)........... 120
AP Primed Join Timeout (seconds)................. 0
Packet Forwarding watchdog timer (seconds)....... 240 (enable)
Location Configuration
RFID Tag data Collection......................... Enabled
RFID timeout.................................... 1200 seconds
RFID mobility.................................... Oui:00:14:7e : Vendor:pango S
tate:Disabled
Interface Configuration
Interface Name................................... management
MAC Address...................................... c4:64:13:8f:93:40
IP Address....................................... 209.165.200.230
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 209.165.200.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 192.168.1.1
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Active Physical Port............................. 1
Primary Physical Port............................ 1
Backup Physical Port............................. Unconfigured
Primary DHCP Server.............................. 209.165.200.230
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
Interface Name................................... service-port
MAC Address...................................... c4:64:13:8f:93:41
IP Address....................................... 192.168.1.157
IP Netmask....................................... 255.255.255.0
DHCP Option 82................................... Disabled
DHCP Protocol.................................... Disabled
AP Manager....................................... No
Guest Interface.................................. No
Interface Name................................... virtual
MAC Address...................................... c4:64:13:8f:93:40
IP Address....................................... 1.1.1.1
DHCP Option 82................................... Disabled
Virtual DNS Host Name............................ Disabled
AP Manager....................................... No
Guest Interface.................................. No
WLAN Configuration
WLAN Identifier.................................. 1
Profile Name..................................... HOSP3C
Network Name (SSID).............................. HOSP3C
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
WLAN ACL......................................... unconfigured
DHCP Server...................................... 209.165.200.230
DHCP Address Assignment Required................. Enabled
Quality of Service............................... Platinum (voice)
Scan Defer Priority.............................. 5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... 802.11b and 802.11g only
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Disabled
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Enabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Disabled
PSK..................................... Enabled
CCKM.................................... Disabled
FT(802.11r)............................. Disabled
FT-PSK(802.11r)......................... Disabled
FT Reassociation Timeout......................... 20
FT Over-The-Air mode............................. Enabled
FT Over-The-Ds mode.............................. Enabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Learn IP Address....................... Enabled
Infrastructure MFP protection................. Enabled
Client MFP.................................... Optional
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Band Select...................................... Enabled
Load Balancing................................... Enabled
Mobility Anchor List
WLAN ID IP Address Status
Press Enter to continue or to abort
Press Enter to continue or to abort
ACL Configuration
Press Enter to continue or to abort
CPU ACL Configuration
CPU Acl Name................................ NOT CONFIGURED
Wireless Traffic............................ Disabled
Wired Traffic............................... Disabled
RADIUS Configuration
Vendor Id Backward Compatibility................. Disabled
Call Station Id Case............................. lower
Call Station Id Type............................. IP Address
Aggressive Failover.............................. Enabled
Keywrap.......................................... Disabled
Fallback Test:
Test Mode.................................... Off
Probe User Name.............................. cisco-probe
Interval (in seconds)........................ 300
MAC Delimiter for Authentication Messages........ hyphen
MAC Delimiter for Accounting Messages............ hyphen
Authentication Servers
Idx Type Server Address Port State Tout RFC3576 IPSec - AuthMode/P
hase1/Group/Lifetime/Auth/Encr
Accounting Servers
Idx Type Server Address Port State Tout RFC3576 IPSec - AuthMode/P
hase1/Group/Lifetime/Auth/Encr
--More or (q)uit current module or to abort
TACACS Configuration
Authentication Servers
Idx Server Address Port State Tout
Authorization Servers
Idx Server Address Port State Tout
Accounting Servers
Idx Server Address Port State Tout
LDAP Configuration
Press Enter to continue or to abort
Local EAP Configuration
User credentials database search order:
Primary ..................................... Local DB
Timer:
Active timeout .............................. 300
Configured EAP profiles:
EAP Method configuration:
EAP-FAST:
Server key ................................
TTL for the PAC ........................... 10
Anonymous provision allowed ............... Yes
Authority ID .............................. 436973636f00000000000000000000
00
Authority Information ..................... Cisco A-ID
Press Enter to continue or to abort
HREAP Group Summary
HREAP Group Summary: Count: 0
Group Name # Aps
Press Enter to continue or to abort
HREAP Group Detail
Press Enter to continue or to abort
Route Info
Number of Routes................................. 0
Destination Network Netmask Gateway
Press Enter to continue or to abort
Qos Queue Length Info
Platinum queue length............................ 100
Gold queue length................................ 75
Silver queue length.............................. 50
Bronze queue length.............................. 25
Press Enter to continue or to abort
Mac Filter Info
Press Enter to continue or to abort
Authorization List
Authorize MIC APs against AAA ................... disabled
Authorize LSC APs against Auth-List ............. disabled
Allow APs with MIC - Manufactured Installed C.... disabled
Allow APs with SSC - Self-Signed Certificate..... disabled
Allow APs with LSC - Locally Significant Cert.... disabled
Load Balancing Info
Aggressive Load Balancing........................ Disabled
Aggressive Load Balancing Window................. 5 clients
Aggressive Load Balancing Denial Count........... 3
Statistics
Total Denied Count............................... 0 clients
Total Denial Sent................................ 0 messages
Exceeded Denial Max Limit Count.................. 0 times
None 5G Candidate Count.......................... 0 times
None 2.4G Candidate Count........................ 0 times
Press Enter to continue or to abort
Dhcp Scope Info
Scope: PUNTOSAP
Enabled.......................................... Yes
Lease Time....................................... 86400 (1 day )
Pool Start....................................... 209.165.200.201
Pool End......................................... 209.165.200.229
Network.......................................... 209.165.200.0
Netmask.......................................... 255.255.255.0
Default Routers.................................. 0.0.0.0 0.0.0.0 0.0.0.0
DNS Domain.......................................
DNS.............................................. 0.0.0.0 0.0.0.0 0.0.0.0
Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0
Press Enter to continue or to abort
Exclusion List ConfigurationUnable to retrieve exclusion-list entry
Press Enter to continue or to abort
CDP Configuration
Press Enter to continue or to abort
Country Channels Configuration
Configured Country............................. ES - Spain
KEY: * = Channel is legal in this country and may be configured manually.
A = Channel is the Auto-RF default in this country.
. = Channel is not legal in this country.
C = Channel has been configured for use by Auto-RF.
x = Channel is available to be configured for use by Auto-RF.
(-,-) = (indoor, outdoor) regulatory doamin allowed by this country.
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-
802.11bg :
Channels : 1 1 1 1 1
: 1 2 3 4 5 6 7 8 9 0 1 2 3 4
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-
ES (-E ,-E ): A * * * * A * * * * A * * .
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
802.11a : 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
Channels : 3 3 3 4 4 4 4 4 5 5 6 6 0 0 0 1 1 2 2 2 3 3 4 4 5 5 6 6
: 4 6 8 0 2 4 6 8 2 6 0 4 0 4 8 2 6 0 4 8 2 6 0 9 3 7 1 5
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
ES (-E ,-E ): . A . A . A . A A A A A * * * * * * * * * * * . . . . .
Press Enter to continue or to abort
WPS Configuration Summary
Auto-Immune
Auto-Immune.................................... Disabled
Client Exclusion Policy
Excessive 802.11-association failures.......... Enabled
Excessive 802.11-authentication failures....... Enabled
Excessive 802.1x-authentication................ Enabled
IP-theft....................................... Enabled
Excessive Web authentication failure........... Enabled
Signature Policy
Signature Processing........................... Enabled
Press Enter to continue or to abort
Custom Web Configuration
Radius Authentication Method..................... PAP
Cisco Logo....................................... Enabled
CustomLogo....................................... None
Custom Title..................................... None
Custom Message................................... None
Custom Redirect URL.............................. None
Web Authentication Type.......................... Internal Default
External Web Authentication URL.................. None
Configuration Per Profile:
Rogue AP Configuration
Rogue Location Discovery Protocol................ Disabled
Rogue on wire Auto-Contain....................... Disabled
Rogue using our SSID Auto-Contain................ Disabled
Valid client on rogue AP Auto-Contain............ Disabled
Rogue AP timeout................................. 1200
MAC Address Classification # APs # Clients Last Heard
Adhoc Rogue Configuration
Detect and report Ad-Hoc Networks................ Enabled
Auto-Contain Ad-Hoc Networks..................... Disabled
Client MAC Address Adhoc BSSID State # APs Last Heard
Rogue Client Configuration
Validate rogue clients against AAA............... Disabled
Rogue Client Configuration
Validate rogue clients against AAA............... Disabled
--More-- or (q)uit
MAC Address State # APs Last Heard
Ignore List Configuration
MAC Address
Rogue Rule Configuration
Priority Rule Name State Type Match Hit Count
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 6.0.199.4
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console
1.27
Build Type....................................... DATA + WPS
System Name...................................... CISCO-CAPWAP-CONTROLLER
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 209.165.200.230
Last Reset....................................... Power on reset
System Up Time................................... 0 days 0 hrs 41 mins 2 secs
System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin,
Rome, Vienna
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... ES - Spain
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +39 C
External Temperature............................. +23 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Disabled
Number of WLANs.................................. 1
3rd Party Access Point Support................... Disabled
Number of Active Clients......................... 0
Burned-in MAC Address............................ C4:64:13:8F:93:40
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 25
(Cisco Controller) >
The AP log
AP442b.03dc.0925>
*Apr 19 23:10:18.428: %CAPWAP-3-ERRORLOG: Selected MWAR 'CISCO-CAPWAP-CONTROLLER
'(index 0).
*Apr 19 23:10:18.428: %CAPWAP-3-ERRORLOG: Go join a capwap controller
logging facility kern
^
% Invalid input detected at '^' marker.
logging facility kern
^
% Invalid input detected at '^' marker.
*Apr 19 23:10:19.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_i
p: 209.165.200.230 peer_port: 5246
*Apr 19 23:10:19.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Apr 19 23:10:20.200: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully
peer_ip: 209.165.200.230 peer_port: 5246
*Apr 19 23:10:20.201: %CAPWAP-5-SENDJOIN: sending Join Request to 209.165.200.23
0
*Apr 19 23:10:20.201: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
*Apr 19 23:10:20.211: %CAPWAP-3-ERRORLOG: This AP is not supported in controller
version 6.0.199.4 ---->What's mean that? Is it compatible the ap with the WLC? ¿Es compatible el AP con el WLC?
*Apr 19 23:10:20.354: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
*Apr 19 23:10:20.355: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 209
.165.200.230:5246
*Apr 19 23:10:20.356: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Apr 19 23:10:20.356: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Apr 19 23:10:20.412: %CAPWAP-3-ERRORLOG: Dropping dtls packet since session is
not established -
Hi,
In all Cisco documentation 1.1.1.1 is always specified as Virtual Interface IP address.
Here is my concern. When wireless client gets an IP address (through DHCP), 1.1.1.1 is entered as DHCP server which means that at 50% lease time client will attempt DHCP Request to 1.1.1.1
1.1.1.1 is not routable on the wired network, but controller makes sure that it is accessible on the wireless network.
The problem is if you have both wired and wireless connected, default gateway through wired connection wil have less cost, so client will attempt to send traffic to 1.1.1.1 using wired interface and will obviously fail.
At 83.5% of lease time client will attempt full DHCP process starting from Discovery and I guess this is when the IP on wireless NIC will be renewed, cause those Discovery messages are to 0.0.0.0....
Is my understanding correct?
Thanks!
DavidHi,
With both wired and wireless active at the same time (when laptop is docked for example)DHCP Request to 1.1.1.1 will fail cause it will be sent using wired interface and not wireless (default route metric in the host's routing table). This will cause this DHCP Request to fail at 50% lease time.
Next step is DHCP Discover at 83.5% of lease time. Destination IP will be 255.255.255.255 and it will be generated specifically on wireless interface, since this in the interface that needs to renew the IP.
This is exactly my question. Will this Discover to 255.255.255.255 go through wireless interface, cause this is the interface that needs IP addresses renewed. If so, I assume it will succeed and client's IP address will be renewed.
A bit worse than renewing at 50% lease time as a normal DHCP process, but better than loosing the IP at all when 100% lease time hits. 83.5% is somewhere in between...
Comments?
Can you also advise how do you disable DHCP Relay function on the controller? Do you need to remove DHCP IP addresses in WLAN configs?
Another question is about needing WLAN for Management interface. Is it needed for any reason? WLANs are always documented to be bound to Dynamic Interfaces and not Management, however Management interface does appear in the drop down menu under WLAN configuration. Thoughts?
Thanks!
David -
Setting up 2100 wireless controller
I have just taken delivery of a Cisco 2106 Wireless LAN controller and two Cisco 802.11a/b/g Lightweight Access Point devices.
I have connected the Controller to the PC and I am tyrying to configure the box. The network we have is as follows:
we have a fixed IP address on the router and all workstations have fixed IP addresses of the form 10.0.0.X and get DNS from the windows SBS 2003. The router default gateway is 10.0.0.1.
so to the config of the Wireless controller... I need to know the following: (my comments in [ ] ??? means I have no idea at all) please excuse all my dumb questions
• A management interface (DS Port or network interface port) IP address, such as 10.40.0.4 [can I use any free IP addres of the form 10.0.0.x ]
• A management interface netmask address, such as 255.255.255.0. [same as our netwrok sub?]
• A management interface default router IF address, such as 10.40.0.5 [again something of the form 10.0.0.x? - how is this different from DS Port?]
• A VLAN identifier if the management interface is assigned to a VLAN, such as 40 or 0 for an untagged VLAN.[????]
• A management interface port, such as 1. [again ????]
• A management interface DHCP server IP address, such as 10.10.0.6 (the IP address of the default DHCP server that will supply IP addresses to clients and the management interface. [we do not use DHCP - all clients have fixed IPs so what do I do here?]
• An access point manager interface IP address, such as 10.40.0.7. [what is this and what should I use given our network setup?]
• A virtual gateway IP address (a fictitious, unassigned IP address, such as 1.1.1.1, used by all Cisco wireless LAN controller Layer 3 security and mobility managers). [can I use 1.1.1.1 or something else?]
• A Cisco wireless LAN controller mobility or RF group name, such as rfgrp40 if required. An RF group name can contain up to 19 printable ASCII characters. [can I use anything and if so where and when would I use this]
• An 802.11 network name (SSID), such as wlanl. An SSID can contain up to 32 printable, case-sensitive ASCII characters. [again, can I use anything and if so where and when would I use this]
• Whether or not to allow static IP addresses from clients, either Yes or No. [???]
- Yes is more convenient, but has lower security (session can be hijacked).
- No is less convenient, but has higher security and works well for Windows XP devices.
• RADIUS server IP address, communications port, and secret if you are configuring a RADIUS server, such as 10.40.0.3, 1812, and mysecretcode. [again help ???]
• The country code for this installation. Enter help to see a list or refer to the Cisco Wireless LAN Controller Configuration Guide for country code information. This guide is available at CISCO.com [I am in the USA]
• Status of the 802.11a, 802.11b, and 802.11g networks, either enabled or disabled [???]
• Status of radio resource management (RRM), either enabled or disabled [???]
THANKYOU FOR ANY HELP!!!!Mike,
I have attached a link to all your questions...
https://www.cisco.com/en/US/products/ps7206/tsd_products_support_series_home.html -
Wireless Controller locking down User per SSID
I am using Wireless Controller 4112. We use WPA enterprise mode for authentication and encryption via Microsoft IAS server and MS AD domain.
My question is how to lock down a user to a specific SSID? I would guess that this is via some vendor specific radius attributes, am I right? And if so, what would be the name (and ID) for the attributes?
Thanks in advance.Making progress in setting up the wireless controller with multiple VLAN and WLAN/SSID. I create a virtaul interface at the controller and assign a VLAN number to it. The controller mgmt port is also set to a trunk port. Create a new SSID WLAN and have it mapped to the new virtual interface. Things work good.
The new problem I am trying to solve is how to prevent wired users to access the controller admin web interface via the virtual interface IP. I try create ACL and map it to the virtual interface. It doesn't seem working. -
No internal Interface for Corp Wireless?
I have been trying to create a Guest WLan on my 4402 WLC system and have found several confilcting documents explaining the procedure. During this process I have notices that although the current corp wireless works, there was never a virtual interface created for it. Instead it uses the same Wlan/Vlan as the ap manager and managemnt interfaces. Could this by why I cant seem to get the Guest access working? or is this not a problem after all since the wireless does work.
Any advice would be appreciated, would love to take a class or something on this, good stuff but there seems to be alot to it.Hello Robert,
It is OK to use the management interface as your internal wireless network interface as long as you are OK with that design (clients and management in the same subnet).
Basically, if you want to put WLAN traffic in a different WIRED vlan, you create a dynamic interface for the desired VLAN (controller > interfaces) and then select the desired interface under the WLAN configuration.
On the switch side, you will need to make sure that these new vlans are being trunked to the WLC.
The following diagram explains the interface usage on the WLC platform:
http://www.cisco.com/en/US/docs/wireless/controller/7.0MR1/configuration/guide/cg_ports_interfaces.html#wp1278618
-Pat -
How do I configure the 2504 Wireless controller with AP?
I recently purchase the 2504 wireless controller and the 1602i AP. I was able to do the basic setup of the controller and can now access the web interface, but the AP is not being detected and I am unable to add it.
First of all: 1602 AP need minimum software version on WLC: 7.4.100.0
paste this info:
sh sysinfo from WLC
sh version from AP.
Did you create a DHCP pool for APs to get IP ?
Try to to be keep AP and WLC on same subnet.
regards -
Error in GUI of Cisco 3850 Switch with Wireless Controller.
Hi,
I have Configured 3850 switch wireless controller. But while accessing the controller through GUI, I faced following errors while configuring it through GUI.
Because its complecated to configure it through CLI.
Attached are the snaps of error faced.
and if I didnt get this error, and able to configure, I can save it because of this error.
Please help me on this issue, so that I can easily configure the controller.
Brgds,
Ninad ThakareHi Sandeep,
Here is the configuration which I have did.
ip http server
ip http secure-server
wsma agent exec
profile httplistener
profile httpslistener
wsma agent config
profile httplistener
profile httpslistener
wsma agent filesys
profile httplistener
profile httpslistener
wsma agent notify
profile httplistener
profile httpslistener
wsma profile listener httplistener
transport http
wsma profile listener httpslistener
transport https
wireless mobility controller
wireless management interface Vlan4 ( Voice VLAN )
wlan FG-WiFi 1 FG-WiFi
client vlan 4
ip dhcp server 10.106.72.1
no security wpa akm dot1x
security wpa akm psk set-key ascii 0 testing1234
no security wpa wpa2
no security wpa wpa2 ciphers aes
no wmm
no shutdown
wlan GLOBALACCESSII 2 GLOBALACCESSII
client vlan 4
ip dhcp server 10.106.72.1
no security wpa akm dot1x
security wpa akm psk set-key ascii 0 testing1234
no security wpa wpa2
no security wpa wpa2 ciphers aes
no wmm
no shutdown
ap group default-group
ap group 3850WLC
wlan FG-WiFi
vlan 4
wlan GLOBALACCESSII
vlan 4
end
Brgds,
Ninad Thakare -
Problems between a Wireless Controller and a Switch.
I have a Wireless Controller 4402 connected to one sw2960G.
I configured the controller with LAG and the switch (sw2960G) with etherchanel.
I connected the controller 2 distribution ports to the 2 ports of the switch (configured with etherchanel).
It worked like it should work.
But the problem is like this: if I take one cable that is connected to the switch and unplugged that cable from the switch (if that cable is the one connected to controllers port one) I have connectivity between both machines.
If I plug in the switch the cable connected to controller port one and take the other cable and unplugged that cable from the switch I stop the connectivity between the two machines.
I think that was not supposed to happen⦠because the LAG in the controller should put every AP in the second controller's port, and the connectivity between the machines should not end.
Can any one help me?
Can any one tell me what I am doing wrong?
Thanks in advance,
RuiWith LAG enabled in the controller I think I can have only one ap-manager interface.
The LAG will (it is supposed to) do the load balance automatically.
I mean, if one of the interfaces is âdownâ the other will have to coupe with all the AP's.
I should have always connection between the controller and the switch.
The STP of the controller is configured by default (STP Mode = OFF).
In the case of etherchannel load balance⦠I saw the Cisco documentation and I did not saw any thing about that. I think that The LAG as to do that for the controller⦠I'm right about that?
I will see the link that you advisedâ¦
Can you help me?
Thanks,
Rui -
Question about 2504 Wireless Controller
Hello,
I am tasked with configuring a 2504 wireless controller. Is it possible to assign an SSID to an interface that has dynamic ap management enabled?
Scenario:
Location1:
1) 10.0.0.0/24
2)192.168.0.0/24 DMZ
Location 2:
1) 10.0.5.0
Both locations are routable using network 1 at each location. However, I need to configure several access points and send them to location 2. These access points will communicate with the controller at location 1 on network 1. Two SSIDs will need to be on network 1 at location 1. The other SSID will be on Network 2 at location 1. This network is not routable.
Thank You for your help.So this is how you want this to be setup:
Scenario:
Location1:
1) 10.0.0.0/24
2)192.168.0.0/24 DMZ
Location 2:
1) 10.0.5.0
Both locations are routable using network 1 at each location. However, I need to configure several access points and send them to location 2. These access points will communicate with the controller at location 1 on network 1. Two SSIDs will need to be on network 1 at location 1. The other SSID will be on Network 2 at location 1. This network is not routable.
Since location 1 is a flat network with only one subnet (internal) and one in the DMZ, you will configure WLC management/ap-manger port 1 on the 10.0.0.0/24 subnet. You can then map your SSID#1 to the management interface. Create a new dynaminc interface on the WLC and assign it an ip in the 192.168.0.0/24 subnet and place that on port 2. Connect port 2 to the DMZ. Now since you want everything to tunnel back to the WLC from location 2, you would leave the ap's in local mode. Devices in location 2 associating on SSID #1 will obtain an ip address in location 1 and tunnel back to the WLC and traffic will egress out of port 1. Devices that associate in location 1 or location 2 to SSID#2 (Guest) will tunnel back to the WLC in location 1 and traffic will egress out of port 2.
Since you want to tunnel traffic back to the WLC from location 2, you need to make sure your link has enough bandwidth or else the ap's will be bouncing.
If you setup the AP's in location 2 in h-reap mode, then you can place devices that associate to SSID #1 on the 10.0.50.0 subnet. Devices that associate to SSID #2 at location 2 will tunnel back to the WLC and egress out of port 2. -
Redirect to web authentication not working on Cisco 5508 Wireless Controller
Hi,
I have a wlan with web authentication:
http://i55.tinypic.com/w145zk.png
and
http://i51.tinypic.com/344sfm0.png
When I connect to the SSID (I get correct IP from the Cisco 5508 Controller) and try to surf, I do not get redirected to the web authentication page (https://1.1.1.1/login.html), when I manually insert the URL I get "cannot display the webpage". Any idea?
The virtual interface is 1.1.1.1.
Here is a screenshot of interface and internal dhcp:
http://i52.tinypic.com/2vkm1d2.png
Any idea why clients are not redirecting?
Thanks!Thanks for the reply dmantil!
When I changed the Virtual DNS name to 1.1.1.1 (the same as the IP) I get redirected if I use http://198.133.219.25, but not with http://cisco.com, I get redirected only if I use IP.
I forgot to mention that the controller is in a lab with no access to DNS server. Does the controller check if the domain is valid before redirecting users? I cant find any documentation on how the controller redirect users. -
Clients are unable to access a New wireless Controller 5508
Clients are unable to access the public ssid, which is wide open(or any other ssids).
I'm using LAG and I can ping each interface on the controller. Ap's show a total of 2 and 2 are up.
interface name is public vlan identifier 107, ip add 10.1.255.252, interface dynamic
Software version 7.0.98.0
Model No.
AIR-CT5508-K9
Burned-in MAC Address
50:3D:E5:1A:2F:60
Maximum number of APs supported
25
FIPS Prerequisite Mode
Disable
UDI :
Product Identifier Description
AIR-CT5508-K9
Version Identifier Description
V01
Serial Number
FCW1508L0KT
Entity Name
Chassis
Entity Description
Cisco Wireless Controller
Profile Name
Type
SSID
Status
Enabled
Security Policies
(Modifications done under security tab will appear after applying the changes.)
Radio Policy
All 802.11a only 802.11a/g only 802.11g only 802.11b/g only
Interface
jmhmanagementpublicspacelabsvoice
Broadcast SSID
Enabled
Layer 2 security none
Below is the errors that are in the controller's log.
spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-DECODE_ERR: spam_lrad.c:1932 Error decoding join request from AP 00:00:00:00:00:00
*spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-JOIN_DB_ERR: spam_lrad.c:6216 Could not allocate an entry in the database for AP 00:00:00:00:00:00 - dropping the join request (# of APs joined = 2)
*spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-AP_DB_CREATE_ERR: spam_lrad.c:4945 Unable to create an entry for AP 00:00:00:00:00:00 in the database - invalid mac address
*spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-PAYLOAD_MISSING: spam_lrad.c:5400 Join request does not contain BOARD_DATA payload
*spamApTask0: Dec 06 14:54:24.728: %LWAPP-3-DECODE_ERR: spam_lrad.c:1932 Error decoding join request from AP 00:00:00:00:00:00
*spamApTask0: Dec 06 14:54:24.728: %LWAPP-3-JOIN_DB_ERR: spam_lrad.c:6216 Could not allocate an entry in the database for AP spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-DECODE_ERR: spam_lrad.c:1932 Error decoding join request from AP 00:00:00:00:00:00
*spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-JOIN_DB_ERR: spam_lrad.c:6216 Could not allocate an entry in the database for AP 00:00:00:00:00:00 - dropping the join request (# of APs joined = 2)
*spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-AP_DB_CREATE_ERR: spam_lrad.c:4945 Unable to create an entry for AP 00:00:00:00:00:00 in the database - invalid mac address
*spamApTask0: Dec 06 14:54:43.895: %LWAPP-3-PAYLOAD_MISSING: spam_lrad.c:5400 Join request does not contain BOARD_DATA payload
*spamApTask0: Dec 06 14:54:24.728: %LWAPP-3-DECODE_ERR: spam_lrad.c:1932 Error decoding join request from AP 00:00:00:00:00:00
*spamApTask0: Dec 06 14:54:24.728: %LWAPP-3-JOIN_DB_ERR: spam_lrad.c:6216 Could not allocate an entry in the database for AP
I have attached show run-config and show running-configFor the public WLAN, what is 10.1.1.1? Is it a real DHCP server, is it a FW? If it's a FW, then you'll need to disable dhcp proxy:
CLI config dhcp proxy disable
GUI Controller > Advanced > DHCp, and uncheck the box for proxy.
As for all of your other SSID, they are all pointd at the management interface. Double check the WLAN config, and point them to the interface you want the user to get an IP address in.
HTH,
Steve
Please remember to rate helpful posts or to mark the question as answered so that it can be found later.
Maybe you are looking for
-
Why aren't all albums listed under albums in my phone's Music app (home sharing)
I'm using home sharing to listen to music on my iPhone 4S. I can access the shared library no problem, but when I go to the Album list, not all albums are there. Everything that I've recently ripped is there but only 9 out of ~40 albums that I impo
-
Why is it getting very hot mac mini 2011
my mac mini gets too hot and shuts down on its own
-
Alright, I "borrow" internet from my neighbor, is it possible for me to run my wireless connection from my macbook to my pc with just an ethernet cable?
-
Mask Pro 4 vs. Photoshop CS5 masking tools?
There hasn't been an update to OnOne's Mask Pro 4 for several years and I was wondering if it still has any improvements over the masking tools in Photoshop CS5? If so, is it worth buying? Thank you
-
Combining 3 descriptions in a hierarchy as one description for a Row
Hello Expert, If a hierarchy has levels 1, 2,3,4 with descriptions Level 1 --- Brands Level 2 --- Colors Level 3 --- Flavors In BEx, I showed row as Brands and users can drill down on this hierarchy to see the volume and then drill further down to se