Virtual Wireless LAN Controller and 1602E: No SSID
Hello, I am trying to troubleshoot a customer's issue remotely.
They have vWLC 7.4, and a 1602E AP, running the 7.4 LWAPP image, successfully joined.
Whatever is tried, the SSID configuration is not pushed to the AP. Other configuration changes get reflected to the AP such as enabling/disabling ssh.
The goal is for multiple SSIDs connected to various VLANs to be setup, but I have simplified things for now.
So there is an AP group containing this one AP, and a single WPA2-PSK WLAN. The WLAN is bound to the management interface.
The SSID configuration does not get pushed out to the AP.
Any ideas what I should do to troubleshoot this? I can't see any obvious issues in the error logs.
Thanks...
Keep in ming that the vWLC only supports FlexConnect mode AP's not local mode. Is the mode of the AP in local or FlexConnect?
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Similar Messages
-
Error when installing webauth certificate virtual wireless LAN controller
Hi there
I am having issues installing web auth certificate for our virtual wirelesss LAN controller.
I am issuing a certificate from our own PKI in following format
device cert for WLC > Intermediate > our root cert.
I have followed the discussion here
https://supportforums.cisco.com/discussion/10890871/generating-csr-wlc-5508
and the document here
http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html#support
However I am still getting the following errors
*sshpmLscTask: Jun 30 17:18:26.443: sshpmLscTask: LSC Task received a message 4
*TransferTask: Jun 30 17:18:28.785: Memory overcommit policy changed from 0 to 1
*TransferTask: Jun 30 17:18:28.785: RESULT_STRING: FTP Webauth cert transfer starting.
*TransferTask: Jun 30 17:18:28.785: RESULT_CODE:1
FTP Webauth cert transfer starting.
*TransferTask: Jun 30 17:18:33.154: ftp operation returns 0
*TransferTask: Jun 30 17:18:33.154: RESULT_STRING: FTP receive complete... Installing Certificate.
FTP receive complete... Installing Certificate.
*TransferTask: Jun 30 17:18:33.154: RESULT_CODE:13
*TransferTask: Jun 30 17:18:37.159: Adding cert (8217 bytes) with certificate key password.
*TransferTask: Jun 30 17:18:37.169: sshpmCheckWebauthCert: Verification return code: 1
*TransferTask: Jun 30 17:18:37.169: Verification result text: ok
*TransferTask: Jun 30 17:18:37.171: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.
*TransferTask: Jun 30 17:18:37.361: sshpmDecodePrivateKey: calling ssh_skb_decode()...
*TransferTask: Jun 30 17:18:37.493: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x2aaaacb51628
*TransferTask: Jun 30 17:18:37.493: sshpmAddWebauthCert: got private key; extracting certificate...
*TransferTask: Jun 30 17:18:37.494: sshpmAddWebauthCert: extracted binary cert; doing x509 decode
*TransferTask: Jun 30 17:18:37.494: sshpmAddWebauthCert: doing x509 decode for 1594 byte certificate...
*TransferTask: Jun 30 17:18:37.494: sshpmAddWebauthCert: failed to validate certificate...
*TransferTask: Jun 30 17:18:37.494: RESULT_STRING: Error installing certificate.
*TransferTask: Jun 30 17:18:37.495: RESULT_CODE:12
*TransferTask: Jun 30 17:18:37.495: Memory overcommit policy restored from 1 to 0
Error installing certificate.
Any help is much appreciatedSimilar issue:
https://supportforums.cisco.com/discussion/11043836/wism-42112-and-web-auth-certificate -
3504 Wireless Lan Controller and WCS
Hi Pals,
I need to know if any version of Cisco WCS supports 3504 Wireless lan controllers. The latest 3.2.4 doesn't seem to have 3504 listed in its release notes.
Any help would be highly appreciated.
Cheers,
RajeshHi SmalKeric,
Thnx for the reply. But was wondering why ? Would appreciate you can point me to some links which describe this.
Cheers,
Rajesh -
Virtual Wireless Lan Controller moved, licence now missing.
Our Cisco WLC version 7.4.100.0 was been moved to new ESXi servers (New hardware) as a result of this I guess the UUID has changed and voided the installed licence.
I've tried to reinstall the original licences but this fail's because of a UDI mismatch.
If I try to do a rehost the first step fail's with
Local file /tmp/license.upd not found!
Can anyone point me in the right direction to recover and reinstall our licences.Thanks for your replies, the issue is that the guy who set this up also setup his own login Cisco account (rather than use our ScSITServices shared account) where the WLAN licences are located. He has since left and I'm trying without success at the moment to get Cisco support to change the password to allow me access to retrieve the licence.
-
Wireless LAN Controller- WLAN/SSID
Can we assign the smae SSID to different VLANS on the wireless lan controller?
Can we assign the smae SSID to different VLANS on the wireless lan controller?
Depends on the firmware you are running.
If you are running 7.0.116.0 then you can use a feature called Interface Groups. -
Issues after changing the AP Name on Wireless LAN Controller
I recently changed the AP Name of all the Wireless Access Points in my branch office (which are all associated to the branch office Wireless LAN Controller(s)). After that I noticed that all branch office employees are unable to connect to the employee SSID. The employee SSID uses web authentication and employees are authenticated using Head Office AD via Cisco ACS, both located at the Head Office.
There are other SSID's on the WLC which all work fine, but only employee SSID which uses AD authentication does not work. AD authenticaion is working fine because employee's in HO are successfully able to connect to the employee SSID at HO.
The branch office is connected to the HO via a tunnel link. We noticed that if we restart both the ASA at either ends of the tunnel. The employee SSID starts working again but only temporarily for a day or so... what could be the issue? Can renaming the AP's cause issues? How can I fix this problem?
Thanks in advanceThanks Elliott,
I did the debug like you said and I am getting the following debug messages:
*apfMsConnTask_0: Jun 20 08:18:14.580: Deleting the client immediatly since WLAN is changed
and also
*apfReceiveTask: Jun 20 05:25:11.857: 00:1f:3c:86:af:15 Orphan Packet from 192.168.52.34
The logging on the WLC shows
*apfReceiveTask: Jun 18 17:56:41.788: %MM-1-ANCHOR_UNAVAILABLE: mm_mobile.c:2155
All export anchors are down. Cannot anchor the client.00:c0:a8:f3:cd:ae
The DHCP pool for the employee users are configured on a guest WLC which sits behind an ASA -
Cisco Wireless LAN Controller Always disconnect
Dear All,
Please help to assist my issue.I used Cisco Wireless LAN Controller model: 5508 with version 7.0.98.0 and I got issue with connection always disconnect ping always loss or some time client can't get DHCP from Controller.
- I configure as Internal DHCP Server with 1 SSID.
http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/110865-dhcp-wlc.html
- DHCP least is not full and I also try to clear-lease all but still not work.1. Config dhcp proxy enable
2. In case of internal Dhcp, try debug for clients
using,
debug client <MAC ADDRESS OF CLIENT> -
Warning page on Cisco Wireless Lan Controller for guest access
Hi,
We have an Cisco wireless LAN controller 4400 in our organization, and lots of guest using our Wi-Fi network.
I would like to configure a warning and terms and condition page when guest using first time our network.
Can you please let me know is that possible without adding external web server and how to configure.
Many Thanks in Advance
Amit SharmaHi Amit,
Hope you are doing great!!
the below link will help you in getting the issue resolved!!
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00809bdb5f.shtml
Please dont forget to rate the usefull posts!!
Regards
Surendra -
Cisco Wireless Control System need wireless Lan Controller ?
Cisco Wireless Control System need wireless Lan Controller , for Rogue detection
Hi Joao,
The WCS is used in conjuntion with the WLC (Wireless Lan Controller) for Rogue Detection. It is not a must for this function but more of an add-on :)
The Cisco WCS is an optional network component that works in conjunction with Cisco Aironet Lightweight Access Points, Cisco wireless LAN controllers and the Cisco Wireless Location Appliance.
From this doc;
http://www.cisco.com/en/US/products/ps6305/index.html
Overview of WCS
The Cisco Wireless Control System (WCS) is a Cisco Unified Wireless Network Solution management tool that adds to the capabilities of the web user interface and command line interface (CLI), moving from individual controllers to a network of controllers. WCS includes the same configuration, performance monitoring, security, fault management, and accounting options used at the controller level and adds a graphical view of multiple controllers and managed access points.
WCS runs on Windows 2003 and Red Hat Enterprise Linux ES 4.0 and AS 4.0 servers. On both Windows and Linux, WCS can run as a normal application or as a service, which runs continuously and resumes running after a reboot.
The WCS user interface enables operators to control all permitted Cisco Unified Wireless Network Solution configuration, monitoring, and control functions through Internet Explorer 6.0 or later. Operator permissions are defined by the administrator using the WCS user interface Administration menu, which enables the administrator to manage user accounts and schedule periodic maintenance tasks.
WCS simplifies controller configuration and monitoring while reducing data entry errors with the Cisco Unified Wireless Network Controller autodiscovery algorithm. WCS uses the industry-standard SNMP protocol to communicate with the controllers.
From this good doc;
http://www.cisco.com/en/US/products/ps6305/products_configuration_guide_chapter09186a00806b7270.html#wp1131195
Detect and Locate Rogue Access Points
From this WCS doc;
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806f070a.shtml#new5
Rogue Detection under Unified Wireless Networks
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080722d8c.shtml
Hope this helps!
Rob -
Is it possible run a Wireless LAN controller without a WCS?
is it possible run a Wireless LAN controller without a WCS?
How Can I configure the Wireless Lan controller?
ThanksHi Alfred,
The WLC can be completly configured and operated without the WCS. The WCS is a nice addition for the management especially when running multiple WLC's but is not required.
Info on WLC (with Video);
http://www.cisco.com/en/US/products/ps6366/index.html
Info on the WCS;
http://www.cisco.com/en/US/products/ps6305/index.html
Hope this helps!
Rob -
How to replace the certificate of Cisco 2106 wireless LAN controller for CAPWAP ?
I have interested in CAPWAP feature and I download the open capwap project to make Access Controller (AC) and Wireless Terminal Point (WTP). I had built the AC which used PC and WTP which used Atheros AP. The CAPWAP feature work well when I enabled the CAPWAP that used my own AC and WTP. When I got the Cisco 2106 wireless LAN controller (Cisco WLC), I configured the Cisco WLC to instead my own AC but I got the authorize fail in Cisco WLC side. It seem the Cisco WLC could not recognize the CAPWAP message which sent form my own WTP. I think this issue just need to synchronize the certificate between Cisco WLC and WTP.So I need to replace the Cisco WLC's certificate manually. Does anyone know how to replace the certificate manually with Cisco WLC ?
Best Regards,
AlanUnfortunately this Support Community is for Cisco Small Business & Small Business Pro product offerings. The WLC2106 is a traditional Cisco product. You can find this type of support on the Cisco NetPro Forum for all traditional Cisco products.
Best Regards,
Glenn -
4404 wireless lan controller managment via wireless clients
I am having an issue managing a 4404 wireless lan controller via wireless clients.
I have checked the box "enable controller management to be accessible from wireless clients" under management. For some reason that does not seem to fix the problem (page cannot be displayed). I cannot ping the controller by IP but other devices on the same subnet respond. Everything else works fine.
I CAN manage the controller when plugged in a wired connection.
When I do a route print it is identical wireless or wired. The route simple points to my interface. If I modify the route on my computer to actually point to our gateway instead of the interface then everything works. But why should I have to do this only for my wireless connection and not my wired to manage this box?Thanks for the info. I narrowed the problem down to an ARP issue.
In order for me to connect to the controller, I run a batch file that creates a static ARP entry on my laptop. I don't have to do this for any other device except the controller. Not sure what the underlying cause is, but that works as a workaround right now. -
Hi All,
We have a Wireless Lan Controller 4402 with software version 4.0.155.5. On Friday we experience a problem where our clients wouldn't get redirected to the internal webpage for authentication. It would just come up with page not found. We know the page was working fine becasue we could manually type in the
https://1.1.1.1/login.html and the
page would come up and you could login successfully. The users who were already connected to the controller were not affected and continued to operate. We have 2 other WLC's at the same software revision and they were not affected so I don't think it has anything to to with software level. Its like the webserver in the wlc failed to work. We failed over the AP's to the 3rd WLC and rebooted WLC1. After the WLC1 restarted we failed one of the previous non-working AP's back to it and it works again.
I know "now" there is debug commands to run at the time when the WLC wasn't working, but unfortunately I didn't know at the time. The WLC is running again fine and I was wondering if anybody has seen this issue before.
Any ideas on a fix or reason would be greatly appreciated.
Thanks,We are running WiSM 4.1.185.0 and we just had the similar problem with one controller. The other three controllers were fine when it happened. The exactly issue was the nslookup failed(timed out) from the client, so the web login page won't show when people lunch the browser. A reboot of the controller fixed the problem. We have been running Cisco LWAPP for more than a year (from 4.0.155.5 to 4.1.185.0) and it is the first time we see this problem. TAC is still investigating the cause.
Zhenning -
Wireless LAN Controller not broadcasting network to Access points
Good Day Team,
I am working with a 2100 series WLC controller and 1100 series access point.
I noticed that the wireless lan controller is working. Also the access point is working.
The issue is that there is no internet connection on the access point.
What could be the error?
Kindly adviceTry do diagnose your problem following this steps:
1) Connect to the wireless network
2) Check your IP address with "ifconfig"
3) Check if your gateway is set correctly with "route -n"
4) Try to ping your gateway. Is it working?
5) Try to ping an internet IP like google: "ping 74.125.234.115"
6) Try to resolve names with "nslookup www.google.com" for example.
7) Try to traceroute to an IP or name on internet. Check the result to see the last hop you reached.
8) If you passed all those tests, try this: "telnet www.google.com 80"
If everything works, but not the test #8, your problem could be related to some proxy configuration. -
AIR-CAP3501I access point not joining the Cisco 2100 Wireless Lan controller.
Hello All,
I am installing a new LAP (AIR-CAP3501I ) through the wireless lan controller (AIR-WLC2112-K9) with software version 7.0. I have an external ADSL modem which will act as the DHCP server for the wireless clients and the LAP.
Please find my network setup as below:
The ISP ADSL modem , WLC and LAP are connected to a unmanaged POE switch. The LAP gets its power through the POE switch. When i connect the LAP and the WLC to the switch along with the ADSL modem, the LAPs are getting the ip address from the ADSL modem, however they are not joining the WLC for further process.
ADSL Modem ip address: 192.168.1.254
Management ip address on the LAP: 192.168.1.1 ( Assigned to port 1, untagged Vlan).
Ap Manager ip address: 192.168.1.1 ( Assigned to the same port i.e port1, Untagged Vlan).
The LAP is getting an IP address from the ADSL modem in the range of the DHCP scope.
I will paste the logs very soon.
Please let me know if i am doing anything wrong oe what will be the issue.
Thanks in advance,
Mohammed AmeenHello All,
Please find the logs for "debug capwap event" from the WLC below:
*spamReceiveTask: Sep 26 19:44:59.196: e8:04:62:0a:3f:10 Join Version: = 117465600
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join resp: CAPWAP Maximum Msg element len = 92
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join Response sent to 192.168.1.156:45510
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 CAPWAP State: Join
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
*apfReceiveTask: Sep 26 19:44:59.198: e8:04:62:0a:3f:10 Register LWAPP event for AP e8:04:62:0a:3f:10 slot 0
*spamReceiveTask: Sep 26 19:44:59.341: e8:04:62:0a:d1:20 DTLS connection not found, creating new connection for 192:168:1:158 (45644) 192:168:1:2 (5246)
*spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 DTLS Session established server (192.168.1.2:5246), client (192.168.1.158:45644)
*spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 Starting wait join timer for AP: 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.121: e8:04:62:0a:d1:20 Join Request from 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join Version: = 117465600
*spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join resp: CAPWAP Maximum Msg element len = 92
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 Join Response sent to 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 CAPWAP State: Join
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
*apfReceiveTask: Sep 26 19:45:00.125: e8:04:62:0a:d1:20 Register LWAPP event for AP e8:04:62:0a:d1:20 slot 0
*spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 Configuration Status from 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 CAPWAP State: Configure
*spamReceiveTask: Sep 26 19:45:00.273: Invalid channel 1 spacified for the AP APf866.f2ab.24b6, slotId = 0
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP info for AP e8:04:62:0a:d1:20 -- static 0, 192.168.1.158/255.255.255.0, gtw 192.168.1.254
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP 192.168.1.158 ===> 192.168.1.158 for AP e8:04:62:0a:d1:20
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Setting MTU to 1485
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Finding DTLS connection to delete for AP (192:168:1:158/45644)
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Disconnecting DTLS Capwap-Ctrl session 0xa06d6a4 for AP (192:168:1:158/45644)
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 CAPWAP State: Dtls tear down
*spamReceiveTask: Sep 26 19:45:00.277: spamProcessGlobalPathMtuUpdate: Changing Global LRAD MTU to 576
*spamReceiveTask: Sep 26 19:45:00.277: e8:04:62:0a:d1:20 DTLS connection closed event receivedserver (192:168:1:2/5246) client 192:168:1:158/45644).
The Acess point joins the Controller for 2-3 seconds and then unjoins again. I am not sure what i am doing wrong here. The access points are getting the IPs from the ADSL modem through the switch, then it talks to the WLC, however it does not join the controller for further process.
Note:
The Managemnet interface and the AP manager interface are assigned to the same port 1 with unassigned Vlan as mention above.
Maybe you are looking for
-
Effect of Cube Compression on BIA index's
What effect does cube compression have on a BIA index? Also does SAP recommend rebuilding indexes on some periodic basis and also can we automate index deletes and rebuild processes for a specific cube using the standard process chain variants or pro
-
Some cookies are necessary in order to manage material on banking sites, subscription sites, etc. It seems to me that enabling some way to scroll through the cookie list, marking those one wants to keep, would be useful -- then one could periodically
-
Weird problem - having issues *only* with 1UP's podca
I subscribe to a lot of podcasts - UP, IGN, TwiT, etc., and they all work fine instead of UP's. However, it doesn't appear to be a problem on their end. If I download their podcasts via Juice or directly from the web site, they work fine. However, if
-
Tried to Cancel, Conveniently Dropped Call, Another RIDICULOUS Bill
I called on June 19th to cancel my service. My line (which had no phone attached to it) kept calling 911 and directory assistance... My bill is normally $55, and ended up $190. The next bill was $119. So after being on the phone and sent to several d
-
I installed 1.2 and noticed two problems. 1. Pressing F1 or clicking on Help>Lightroom help shoots me immediately to online help. Now I cannot figure out how to fix problem number 2. 2. I created a quick collection. Now when I click on "quick collect