Virtualized WLC + Prime + MSE solution

Dear all,
we are facing some problem to deploy a virtualized localization solution made of WLC, Prime Infrastructure and MSE.
We constructed, in our lab, on a UCS C220M3 with VMWare 5.1 the following solution:
Virtual WLC version 7.3.101 (ip address 10.0.1.249)
Prime Infrastructure 1.2.0.103 (ip address 10.0.1.250)
Virtual MSE 7.3.101 (ip address 10.0.1.247)
WLC is working properly, can register APs and is properly integrated with the Prime. For the localization solution we deployed three access points:  
-one 3502 in flex connect mode
-two 1142 in monitor mode
The problem came out  when we started to work with the MSE. MSE has been registered inside Prime and synchronized with maps and controller.
After that we checked the maps but no information was displayed. So we started facing the problem and we found that the NMSP protocol remained inactive even if the troubleshooting windows didn't report any explicit issue.
At this stage we started checking the debug messages and in particular, for the NMSP we countinuously received the follwing message:
*nmspRxServerTask: Nov 17 17:55:09.777: Allocated new NMSP connection 0
*nmspRxServerTask: Nov 17 17:55:09.778: sslConnectionInit:  SSL_new() conn ssl 0x2aaaae71ab88
*nmspRxServerTask: Nov 17 17:55:09.778: sslConnectionInit: SSL_do_handshake for conn ssl 0x2aaaae71ab88, conn state: INIT, SSL state: HANDSHAKING
*nmspRxServerTask: Nov 17 17:55:09.778: -- returns WANT_READ for conn ssl 0x2aaaae71ab88
*nmspRxServerTask: Nov 17 17:55:09.778: sslConnectionInit() success with Connection state: INIT, SSL state: HANDSHAKING
*nmspRxServerTask: Nov 17 17:55:09.785: doSSLRecvLoop: Handshake has not completed for conn 0
*nmspRxServerTask: Nov 17 17:55:09.785: sslConnectionInit: SSL_do_handshake for conn ssl 0x2aaaae71ab88, conn state: INIT, SSL state: HANDSHAKING
*nmspRxServerTask: Nov 17 17:55:09.785: -- returns WANT_READ for conn ssl 0x2aaaae71ab88
*nmspRxServerTask: Nov 17 17:55:10.100: doSSLRecvLoop: Handshake has not completed for conn 0
*nmspRxServerTask: Nov 17 17:55:10.100: sslConnectionInit: SSL_do_handshake for conn ssl 0x2aaaae71ab88, conn state: INIT, SSL state: HANDSHAKING
*nmspRxServerTask: Nov 17 17:55:10.100: -- handshake failed for conn ssl 0x2aaaae71ab88,error = error:00000000:lib(0):func(0):reason(0)
*nmspRxServerTask: Nov 17 17:55:10.100:  freeing Nmsp conn ssl 0x2aaaae71ab88, conn id 0
Also the statistics for the NMSP protocol emphatized an SSL error:
(Cisco Controller) >show nmsp statistics summary
NMSP Global Counters
Client Measure Send Fail......................... 0
Send RSSI with no entry.......................... 0
APP msg too big.................................. 0
Failed Select on Accept Socket................... 0
Failed SSL write................................. 0
Partial SSL write................................ 0
SSL write returned zero.......................... 0
SSL write attempts to want read.................. 0
SSL write attempts to want write................. 0
SSL write got default error...................... 0
SSL write max data length sent................... 0
SSL write max attempts to write in loop.......... 0
SSL read returned zero........................... 0
SSL read attempts to want read................... 0
SSL read attempts to want write.................. 0
SSL read got default error....................... 0
Failed SSL read - Con Rx buf freed............... 0
Failed SSL read - Con/SSL freed.................. 0
Max records read before exiting SSL read......... 0
--More-- or (q)uit
Highest Prio Tx Q full........................... 0
Normal Prio Tx Q full............................ 0
Highest Prio Tx Q Sent........................... 0
Normal Prio Tx Q Sent............................ 0
Highest Prio Tx Q count.......................... 0
Normal Prio Tx Q count........................... 0
Messages sent by APPs to Highest Prio TxQ........ 0
Max Measure Notify Msg........................... 0
Max Info Notify Msg.............................. 0
Max Highest Prio Tx Q Size....................... 0
Max Normal Prio Tx Q Size........................ 0
Max Rx Size...................................... 1
Max Info Notify Q Size........................... 0
Max Client Info Notify Delay..................... 0
Max Rogue AP Info Notify Delay................... 0
Max Rogue Client Info Notify Delay............... 0
Max Client Measure Notify Delay.................. 0
Max Tag Measure Notify Delay..................... 0
Max Rogue AP Measure Notify Delay................ 0
Max Rogue Client Measure Notify Delay............ 0
Max Client Stats Notify Delay.................... 0
Max RFID Stats Notify Delay...................... 0
RFID Measurement Periodic........................ 0
--More-- or (q)uit
RFID Measurement Immediate....................... 0
SSL Handshake failed............................. 1319
NMSP Rx detected con failure..................... 0
NMSP Tx detected con failure..................... 0
NMSP Tx buf size exceeded........................ 0
NMSP Tx Invalid msg id .......................... 0
Reconnect Before Conn Timeout.................... 0
Rogue AP Info Changed DB Full.................... 0
Rogue AP Meas Changed DB Full.................... 0
Rogue Client Info Changed DB Full................ 0
Rogue Client Meas Changed DB Full................ 0
Looking around the Internet we found a similar case where the issue was solved dealing with the authorization list upon the wireless lan controller but after the suggested check we saw that the MSE is correctly authorized inside the controller: Here's the "show auth-list" on the WLC:
(Cisco Controller) >show auth-list
Authorize MIC APs against AAA ................... disabled
Authorize LSC APs against Auth-List ............. disabled
APs Allowed to Join
  AP with Manufacturing Installed Certificate.... no
  AP with Self-Signed Certificate................ no
  AP with Locally Significant Certificate........ no
Mac Addr                  Cert Type    Key Hash
00:0c:29:68:c8:57         LBS-SSC      6d6703ef9cccfb5a430e04b3ad128f8170fb435c
that perfectly matches what was on the MSE:
cmd> show server-auth-info
invoke command: com.aes.server.cli.CmdGetServerAuthInfo
AesLog queue high mark: 50000
AesLog queue low mark: 500
Server Auth Info
MAC Address: 00:0c:29:68:c8:57
Key Hash: 6d6703ef9cccfb5a430e04b3ad128f8170fb435c
Certificate Type: SSC
Finally I tried to look around the MSE logs and here what I found tailing the locserver errors:
==> /opt/mse/logs/locserver/locserver-error-0-0.log <==
11/17/12 17:54:13.513 ERROR[locp] [36] Error in ConnectHandler(endPoint) <LocpSessionTarget mode=CLIENT><LocpEndPoint status=HANDSHAKE totalBytesSent=72000 totalBytesReceived=1315800><LocpEndPoint.Key host=10.0.1.249 port=16113/></LocpEndPoint></LocpSessionTarget>
11/17/12 17:54:13.513 ERROR[com.aes] [36] [ConnectHandler:handle-09] THROW
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
        at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:1015)
        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:485)
        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1128)
        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1100)
        at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:452)
        at com.aes.server.locp.transport.IOChannelSecure.doHandshake(IOChannelSecure.java:230)
        at com.aes.server.locp.transport.LocpTransportService$ConnectHandler.handle(LocpTransportService.java:354)
        at com.aes.server.locp.transport.ChannelEventDispatcherImpl$HandlerTask.run(ChannelEventDispatcherImpl.java:348)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
        at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
        at java.util.concurrent.FutureTask.run(FutureTask.java:138)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1528)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:243)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
        at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Handshaker.java:533)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Handshaker.java:952)
        at com.aes.server.locp.transport.IOChannelSecure.doTasks(IOChannelSecure.java:265)
        at com.aes.server.locp.transport.IOChannelSecure.doHandshake(IOChannelSecure.java:193)
        ... 8 more
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
        at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:346)
        at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:111)
        at sun.security.validator.Validator.validate(Validator.java:218)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
        ... 15 more
Everything seems to bring to a certificate error but I don't know, from a side if this is the right direction of investigfation and, from the other, where to check for this certificate and how to find a solution.
May someone  give us some help?
Thank in advance to all.
Regards.
Marco

Hi Pongsatorn,
This is caused by a bug with the ID - CSCub42987. And yes, it only applies to the Virtual WLC's.
Here is the work-around: (need to be performed from the CLI of the MSE as follows)
1. cmdshell
2. config unauthenticated-nmsp true
3. exit
4. service msed restart
Ram.

Similar Messages

  • SNMP OID for AssociatedAPs in Virtual WLC 7.4.100.0

    Hello Guys!
    I need you help for something that I need to do to monitor my Wi-FI network.
    I'm using a Virtual WLC (SW Ver 7.4.100.0) where most that 30 APs are associated with, but I would like to monitor each disaciossiation of APs using SNMP. After some search, I have found this OID .1.3.6.1.4.1.14179.2.1.1.1.38 on some forums but it doesn't work, I see random number in my monitoring tool.
    Do you know if there is any another OID to use with this software version or maybe if I have to upgrade to ver7.6 or ver8?
    Thanks in advance,
    Kevin

    I'm assuming you don't own a license for Cisco Prime Infrastructure
    One thing you can do is send SNMP traps to your monitoring software from the WLC (I've never used virtual WLC but my assumption is most options are the same. If your software doesn't support SNMP Traps consider a different monitoring software...
    Go to Management > SNMP > Trap Receivers and set up your receiver
    Then to to Management > SNMP > Trap ControlsHere is where you set what traps are sent via SNMP. If you see the "AP" tab you can set several things.
    If you only want to see if an AP is dropping off the network and the above doesn't work, you could just put dhcp reservations on your APs and have your software ping it. This of course is only if its off network, not if it simply disassociates.

  • URGENT HELP WITH VIRTUAL WLC

    We had a problem with Virtual Machine which Cisco Virtual WLC installed. Virtual Machine files were damaged and the system was not start normally. We have had to reinstall the WLC, but after installation impossible to import current license to new one.
    how can we install this licence again?

    Licenses are tied to the device they're being used on. With a virtual WLC, the license is tied to the unique identifier of the vWLC and when you recreated the vWLC after your VMware problems the new vWLC has a different unique identifier.
    It's a similar situation to what happens when a physical controller is faulty and is swapped out by cisco, the replacement will have a different serial number and you'd have to re-host the license to the new serial number.

  • Cisco LAP 2602 can not join Virtual WLC

    dear all, 
    i just install Virtual WLC and i remove WLC 2504 , i install & configured it , but LAP can not join. it was work fine with WLC 2504.
    i used the same network topology with the old WLC.
    i receive this error logs.
    *spamApTask4: Feb 04 06:01:30.082: <<<<  Start of CAPWAP Packet  >>>>
    *spamApTask4: Feb 04 06:01:30.082: CAPWAP Control mesg Recd from 10.192.200.93, Port 26711
    *spamApTask4: Feb 04 06:01:30.082:              HLEN 4,   Radio ID 0,    WBID 1
    *spamApTask4: Feb 04 06:01:30.082:              Msg Type   :   CAPWAP_DISCOVERY_REQUEST
    *spamApTask4: Feb 04 06:01:30.082:              Msg Length : 155
    *spamApTask4: Feb 04 06:01:30.082:              Msg SeqNum : 0
    *spamApTask4: Feb 04 06:01:30.082:   
    *spamApTask4: Feb 04 06:01:30.082:       Type : CAPWAP_MSGELE_DISCOVERY_TYPE, Length 1
    *spamApTask4: Feb 04 06:01:30.082:              Discovery Type : CAPWAP_DISCOVERY_TYPE_UNKNOWN
    *spamApTask4: Feb 04 06:01:30.082:   
    *spamApTask4: Feb 04 06:01:30.082:       Type : CAPWAP_MSGELE_WTP_BOARD_DATA, Length 62
    *spamApTask4: Feb 04 06:01:30.083:              Vendor Identifier      : 0x00409600
    *spamApTask4: Feb 04 06:01:30.083:              WTP_SERIAL_NUMBER : AIR-CAP2602E-I-K9
    *spamApTask4: Feb 04 06:01:30.083:   
    *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_WTP_DESCRIPTOR, Length 40
    *spamApTask4: Feb 04 06:01:30.083:              Maximum Radios Supported  : 2
    *spamApTask4: Feb 04 06:01:30.083:              Radios in Use             : 2
    *spamApTask4: Feb 04 06:01:30.083:              Encryption Capabilities   : 0x00 0x01
    *spamApTask4: Feb 04 06:01:30.083:   
    *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_WTP_FRAME_TUNNEL, Length 1
    *spamApTask4: Feb 04 06:01:30.083:              WTP Frame Tunnel Mode : NATIVE_FRAME_TUNNEL_MODE
    *spamApTask4: Feb 04 06:01:30.083:   
    *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_WTP_MAC_TYPE, Length 1
    *spamApTask4: Feb 04 06:01:30.083:              WTP Mac Type  : SPLIT_MAC
    *spamApTask4: Feb 04 06:01:30.083:   
    *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 10
    *spamApTask4: Feb 04 06:01:30.083:              Vendor Identifier  : 0x00409600
    *spamApTask4: Feb 04 06:01:30.083: 
            IE            :   UNKNOWN IE 207
    *spamApTask4: Feb 04 06:01:30.083:      IE Length     :   4
    *spamApTask4: Feb 04 06:01:30.083:      Decode routine not available, Printing Hex Dump
    *spamApTask4: Feb 04 06:01:30.083: 00000000: 03 00 00 01                                       ....
    *spamApTask4: Feb 04 06:01:30.083:   
    *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 12
    *spamApTask4: Feb 04 06:01:30.083:              Vendor Identifier  : 0x00409600
    *spamApTask4: Feb 04 06:01:30.083: 
            IE            :   RAD_NAME_PAYLOAD
    *spamApTask4: Feb 04 06:01:30.083:      IE Length     :   6
    *spamApTask4: Feb 04 06:01:30.083:      Rad  Name     :   
    *spamApTask4: Feb 04 06:01:30.083: CEO_AP
    *spamApTask4: Feb 04 06:01:30.083: <<<<  End of CAPWAP Packet  >>>>
    *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Discovery Request from 10.192.200.93:26711
    *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 ApModel: AIR-CAP2602E-I-K9
    *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 200, joined Aps =0
    *spamApTask4: Feb 04 06:01:30.083: apModel: AIR-CAP2602E-I-K9
    *spamApTask4: Feb 04 06:01:30.083: apType = 26 apModel: AIR-CAP2602E-I-K9
    *spamApTask4: Feb 04 06:01:30.083: apType: Ox1a bundleApImageVer: 8.0.110.0
    *spamApTask4: Feb 04 06:01:30.083: version:8 release:0 maint:110 build:0
    *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Discovery Response sent to 10.192.200.93 port 26711
    *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Discovery Response sent to 10.192.200.93:26711
    Please any help.

    dear
    yes  the wlc  2504  is 8.0.110 but because its damaged i replaced it with  new vWLC v 8.0.110.
    also i can not put the LAP in flexconnect until its joint.

  • Migrate AP from WiSM to Virtual WLC

    Hello all,
    We have WiSM installed in Core Switch 6500 having 300+ AP registered on it.
    We want to migrate our AP's to new Virtual WLC. What is the best way to migrate AP to new vWLC with less down time.
    Can we migrate AP's from WiSM to Virtual WLC in bulk ( all in one time)? I read some where in form that AP version 7.3 & above start supporting vWLC. I am not sure if this applies for WisM as well ( i am assuming WiSM & WLC are differnt) ?
    My WiSM is running 7.0.240.0 & vWLC is 7.4. please check the WiSM attachments.
    Also is there any way to take backup from WiSM and restore on vWLC ?
    Regards.

    Hi,
    First of all, in order to reduce downtime, I would recommend that you upload the 7.4 code on the WiSM and predownload it to all the APs. (Wireless -> Global Configuration - AP Image Pre-download).
    Another thing would be to configure the vWLCs as back-up Primary & Secondary Controllers (Wireless -> Global Configuration - High Availabiliy). Doing this your APs will already know about the new WLC when the first will go down and will not have to go through discovery process. (test from AP CLI with show capwap client config)
    For the AP mode "mass-conversion" to flexconnect I don't know a better way than from WLC CLI, using:
    config ap mode flexconnect submode none AP_NAME_1
    config ap mode flexconnect submode none AP_NAME_300
    You could use text file to edit the the command with the AP names and than paste it all at once in the WLC. It would be wise to test it first with a few lines.
    If you did all this, when your old WLC goes down all your APs should associate to the new WLCs.
    Best regards,
    Sebastian

  • Moving Licences from WLC2504 to Virtual WLC

    I have a WLC2504 with 35 licences (two 5 packs and one 25 pack)
    The fear is that if this older piece of hardware would die, then so would my 35 licences.
    I recently installed a Virtual WLC with 5 licences.
    What I would really love to able to do, is somehow migrate my 35 licences from 2504 to the Virtual controller.
    Is there a backdoor method to get those licences out of my 2504
    I do not have a Smartnet on any of these devices, so no worries of warranties, etc..
    Comments, suggestions, opinions and flames are all welcome and appreciated
    Bryan Smith
    Fort Wayne, Indiana

    If I am not mistaken, you will not be able to move a license from a Gen 2 WLC (like the 2500) to the Gen 3 box (like the vWLC).

  • Virtual WLC software

    Hi!
    I've got a license PAK L-AIR-CTVM-5-K9. So I believe I need to download the virtual WLC software, install it on ESX and load the license file. But I'm unable to download the .ova file from cisco support page because I've no valid service contract.So I'm stuck here. Is there any alternative source on cisco.com to download the controller software itself?

    Contact the vendor who sold you the license and tell them to get you a valid Cisco Service Contract attached to your CCO account.
    Alternatively, send an email to [email protected] and give them your CCO account, your PAK license key and ask them to associate the two.

  • Virtual WLC and firmware pushing

    Hi,
    I have to install a new Virtual WLC running 7.4 with 15 2600 APs. I don't understand if I have to manually download a recovery image on the APs in order to register them on the vWLC.
    I've read something about that the vWLC is not able to push the system code on the APs...is this true?
    Any answer will be much appreciated
    Thanks
    Francesco

    Hi,
    yes, the AP must be on 7.3 to join the vWLC.
    check the following link
    http://www.cisco.com/en/US/products/ps12723/products_tech_note09186a0080bd2d04.shtml#tshoot

  • Virtual WLC in LAB environment

    Hi!
    I have just installed a Virtual WLC at home for lab purpose. Now i want to connect one accesspoint to my wlc, but for now the WLC says "0 access points supported". 
    Can i somehow still use the evaluation licens and connect a accesspoint to the wlc? 
    /Lajja1234

    Hi Lajja,
    You have to enable the evaluation license in order to allow the AP to join.
    How to do it, please check here:
    http://www.cisco.com/c/en/us/support/docs/wireless/virtual-wireless-controller/113677-virtual-wlan-dg-00.html
    Hope it helps.
    Regards
    Dont forget to rate helpful posts

  • How to discover lwapp hostname via snmp virtual WLC

    Hi there,
    we recently installed a virtual WLC and configured some LWAPP access points. I want to monitor the status of the WLC and also of the access points. Using the airespace mib or lwap-ap mib I can monitor operational status and the number of associated clients. The only problem I have at the moment is that I can't recover the hostname, mac address or ip address to identify the access point. Does anybody knows which mib or oid to use to identify the access point?

    Hi there,
    we recently installed a virtual WLC and configured some LWAPP access points. I want to monitor the status of the WLC and also of the access points. Using the airespace mib or lwap-ap mib I can monitor operational status and the number of associated clients. The only problem I have at the moment is that I can't recover the hostname, mac address or ip address to identify the access point. Does anybody knows which mib or oid to use to identify the access point?

  • Virtual WLC on VMWare ESXi 4.0

    Hi team,
    I am currently trying to install a Virtual WLC (latest 7.5 release) on a VMWare ESXi 4.0, I am using the OVF template to deploy the image, but when booting the VM I am prompted with a "No operating system found" error.
    Just to make sure there was no problem with the OVA file, I also downloaded the 7.4 release image, but I get the same error.
    Note that I did the exact same procedure in our lab a few days ago, with the 7.5 image, BUT a ESXi 4.1, and it worked perfectly. Is there any incompatibility with ESXi 4.0? The deployment guide speaks of 4.x/5.x, but I am wondering if it was tested against 4.0 ... Unfortunately the 4.0 release is a customer deployment in production, we can´t change the VMWare version.
    Are there any settings I could change on the VM to make this work?
    I noticed the system creates a small ISO file (44Kb) when powering the VM on, but it disappears when powering off. Not sure if that´s the expected behavior.
    Any guidelines on how to move forward would be appreciated!
    Thanks
    Javier

    Kindly following the link given for the ova file deployment 
                                  http://www.cisco.com/en/US/products/ps12723/products_tech_note09186a0080bd2d04.shtml
                as I agree that not all the ova files can be corrupted make sure you use the option of “deploy ova Template” in vshpere client

  • Virtual WLC on VMWare vCloud - No Operating System Found

    Hi,
    Trying to install/deploy a virtual WLC image (7.6) on a VMWare virtual Cloud Domain (VCD) environment.
    The OVF deployment runs just fine, but as soon I am booting up the image, VMWARE is stating "No Operating System found".
    What am I doing wrong?
    /Sijbren

    Fixed this one.
    In VMWARE Cloud Directory you do not have access to the directory structure.
    In a "normal" VMWARE environment the OVA file is correctly deployed including mounting a bootable ISO as CDROM disk. This does not happen in VCD.
    To fix this, you must manually upload the ISO and mount it to the VM in VCD.
    The ISO can only be recovered from a regular VMWARE OVA deployment.

  • Prime, MSE and WLC NMSP Status

    I have a 5508 WLC and have loaded a demo of Prime 2.1 and MSE 8.0.
    The NMSP status is showing as inactive in Prime and MSE and therefore the clients are not showing on the map I have loaded.
    Any ideas?

    MSE doesn't sync with WLC when added with PI 2.1.1
    CSCup93101
    Description
    Symptom:
    NMSP is not active between MSE and WLC when added using PI 2.1.1.
    Conditions:
    This applies to only MSE added Prime Infrastructure after upgrade to 2.1.1 on Prime Infrastructure.
    If the MSE was already added to Prime Infrastructure in 2.1 or previous releases, and then upgrade to PI 2.1.1 was performed customers will not run into the NMSP problem between MSE and WLC after the PI upgrade to PI 2.1.1.
    Workaround:
    Push a template (Templates > Features and Technologies > Controller > Security > AAA > AP or MSE Authorization) with MSE MAC address and key hash.
    Please contact Cisco TAC for a patch.
    Last Modified:
    Dec 11,2014
    Status:
    Fixed
    Severity:
    2 Severe
    Product:
    Network Level Service
    Known Affected Releases:
    (1)
    2.1(1)

  • Prime MSE and WLC

    Hi
    Just installed Prime 1.3, currently upgrading wlc's to 7.0.240 (WiSM), we have a MSE as well, what version should this be on, currently on 7.0.230 as this matched the WCS?
    I'm sure I read somewhere it had to be the same version as the controllers or the WCS.

    Hi,
    on this link you can find all compatibility information
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html

  • Virtual WLC Ports Confusion -or- ADDING ports to the vWLC

    I am a struggling with configuring a virtual wireless controller (vWLC).
    I am working with the newest vWLC, 8.0.100.0
    I currently own an elderly 2504 WLC with 4 ports. (four physical interfaces on the box)
    On this 2504, I use one port for the management of the WLC and for WLC to communicate with the APs.
    The APs are on the same network as the 2504. The other port is the interface that all my wireless traffic from the clients use.
    Now with this vWLC, the virtual machine has two network interface, but once I get to a point that I am able to login to the vWLC, I only see one 'port'. According to this posting, I am suppose to take the service port and point it too a dummy virtual switch or a 'Black Hole' https://supportforums.cisco.com/document/12098556/vwlc-getting-started-key-points-and-common-issues.
    Okay, I've done this and it works, but it not what I am accustomed to.
    I enjoy having the web console of the WLC and the AP on separate networks from the wireless clients.
    To complicate things my desire is for this new vWLC and my 2504 to work together.
    I want over time to migrate APs from the 2504 to the vWLC without re-addressing them.
    Can I add "ports" to my vWLC controller? Do I need to rethink my wireless infrastructure?
    I am confused and am seeking your help, advice, suggestions, opinions and flames.
    Bryan Smith
    Butler, Indiana

    I think you need to re-look at your wireless design. I would prefer the 2504 over a vWLC, but that's me. I would not of separated the ports also on the WLC.  No real reason to, to be honest. Keep AP's on a seperate subnet and the traffic to and from the WLC is tunneled using capwap. Breaking up ports was an old design to be honest and that was also done back them with the 4400's. You have to also look at the pro's and con's of FlexConnect AP's vs local mode.  I never create an ap manager interface on the newer WLC's. I have always kept the dynamic ap manager in the managemt. Traffic is tunneled and you control user traffic when it leaves the WLC. 
    Scott

Maybe you are looking for