WLAN Controller learning IP/MAC on wrong virtual interface

Similar Messages

• WLAN Controller 4400 HA

  I have a customer who has 1 x WLAN 4402 Controller. Everything is working perfectly until last week when we add another 4402 to act as HA.
  After that, i can no longer ping the management IP of the 1st WLAN controller, nor getting into the web mgmt interface. However, everything on the 2nd new controller works perfectly.
  Mgmt IP of 1st 4400: 10.120.16.2
  Mgmt IP of 2nd 4400: 10.120.16.4
  I have spent a lot of time on this but still couldn't figured out why.
  More info on the attached files.
  Cheers,
  Hunt

  Well, the only thing left to do is reset the wlc1 to factory default and configure wlc1 from scratch since your configuration seems okay. Don't try to do a restore, just in case the config is corrupted. I had to do this once and after a week, same thing happened. which was ap's wouldn't join the controller, but I was able to manage the device.

• Virtual WLAN Controller Guest Anchor

  We are planning a WLAN upgrade and the security policy is to forward wireless Guest user traffic to the DMZ controllers. We are now considering the Virtual WLAN Controller and all AP's will register with the virtual controllers and we will use Flexconnect for Staff and internal traffic that will switch their traffic onto the local switch.
  We wish to forward the guest traffic to the DMZ Guest Anchor controller which will be a 5508 controller. This will also offer Office Extend AP service.
  I have looked at teh virtual controller docs and not very clear if this deployment model is supported. Below is a diagram of what we wish to deploy and can anyone advise if thsi is a supprted deployment model.

  Well you can use the vWLC to anchor to a 5508, but not the other way around. So if you use the DMZ 5508 for OfficeExtend, you will not be able to anchor the traffic back to the inside. Cisco doesn't support reverse anchoring for a Remote-LAN in OfficeExtend and requires you to actually have the OfficeExtend AP's connect to an inside WLC. In v7.0.x you were able to do this reverse anchor, but it was removed on later codes.
  Sent from Cisco Technical Support iPhone App

• Cisco 1010AP Can't find 4402 WLAN controller

  Hi folks,
  I'm running a 4402 WLAN controller running 5.2 code. I've got some 1010APs that don't associate with the WLC. I'm trying to keep the setup basic. The access points are plugged into the same VLAN as the native vlan for port1 on the controller. I've setup a DHCP server in the manner documented. The WLAN controller is configured as a master server. This is the message that I get in the web interface for WLC:
  AP with MAC 00:0b:85:6e:4a:90 (AP 1010 #1) is unknown.
  Any clues as to what I'm doing wrong?

  Hi Daniel,
  You won't like this I'm sure, but this is why the 1010 is not working;
  **Note: Controller software release 5.0.148.0 or later is not compatible with Cisco Aironet 1000 series access points.
  http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn52.html
  Hope this helps!
  Rob

• Wlan controller, can't bring up the gui, please advise

  Hi,
  I as configuring WLAN controller, I did following configuration but I still couldn't bring up the GUI and I wasn't able to ping WLAN controller interface ip addresses from other devices and visa versa.
  Service Interface IP Address Configuration [none][DHCP]: none
  Service Interface IP Address: 10.10.10.1
  Service Interface Netmask: 255.255.255.0
  Enable Link Aggregation (LAG) [yes][NO]: yes
  Management Interface IP Address: 192.168.132.1
  Management Interface Netmask: 255.255.255.0
  Management Interface Default Router: 192.168.132.2
  Management Interface VLAN Identifier (0 = untagged):
  Management Interface DHCP Server IP Address: 192.168.132.111
  AP Manager Interface IP Address: 192.168.132.4
  AP-Manager is on Management subnet, using same values
  AP Manager Interface DHCP Server (192.168.132.111):
  Virtual Gateway IP Address: 10.42.1.230
  Mobility/RF Group Name: NapNac
  Network Name (SSID): test
  Allow Static IP Addresses [YES][no]: yes
  Configure a RADIUS Server now? [YES][no]: no
  Warning! The default WLAN security policy requires a RADIUS server.
  Please see documentation for more details.
  Enter Country Code list (enter 'help' for a list of countries) [US]: US
  Enable 802.11b Network [YES][no]: yes
  Enable 802.11a Network [YES][no]: yes
  Enable 802.11g Network [YES][no]: yes
  Enable Auto-RF [YES][no]: yes
  Configure a NTP server now? [YES][no]: yes
  Enter the NTP server's IP address: 10.50.2.3
  Enter a polling interval between 3600 and 604800 secs: 4000
  Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
  >config network webmode enable
  >config network secureweb enable
  I did above config. but I still couldn't bring up the GUI.
  Please advise how do I resolved this.
  Thanks...

  Hello
  You can give your pc ip address 192.168.132.X and connect directly with the management interface (no lag configured)
  Possible problems
  ->Management interface doesn't tag frames while switch does
  Management Interface VLAN Identifier: xxx or put 0 and configure it as native vlan on the switch
  --> LAG wrong configured on the switch --> ports down
  Check if your etherchannel (LAG) on the switch is up
  Still not ok
  -> Default-gateway is wrong

• Communication between : AP and WLAN controller

  Hi,
  The communication between AP and WLAN Controller is ( Data and Control ) UDP.
  Source port 1024 and destination port 12222 and 12223. Actually which device listen to which port or both should listen as control and data can be generated from both the devices.
  How does the user ( wireless client) traffic is switched - if user traffic is a TCP traffic. It will be sent to WLANC and then WLANC forwards it to respective VLAN or default gateway ( depending upon the destination in the packet ).
  Please explain / share the experience.
  any link on cisco.com
  Thanka in advance
  Subodh

  "the LWAPP Control and Data messages are encapsulated in UDP packets that are carried over the IP network. The only requirement is established IP connectivity between the access points and the WLC. The LWAPP tunnel uses the access point's IP address and the WLC's AP Manager interface IP address as endpoints. The AP Manager interface is explained in further detail in the
  implementation section. On the access point side, both LWAPP Control and Data messages use an ephemeral port that is derived from a hash of the access point MAC address as the UDP port. On the WLC side, LWAPP Data messages always use UDP port 12222. On the WLC side, LWAPP Control messages always use UDP port 12223.
  The mechanics and sequencing of Layer 3 LWAPP are similar to Layer 2 LWAPP except that the packets are carried in UDP packets instead of being encapsulated in Ethernet frames."
  Taken from "Cisco 440X Series Wireless LAN Controllers Deployment Guide"

• AIR-LAP1310G-E-K9 acces point not joining to 5508 wlan controller

  Hi,
  I have Cisco AIR-LAP1310G-E-K9 access point and 5508 wlan controller with version 7.0.220 and it is joining to the WLAN controller.  I have enabled dhcp in the lan controller and i dont have external dns server. How to fix this issue?  Can this LAN controller version will support this access point? 
  My Lan Controller Management IP Address is 10.10.10.5
  Please find the below configuration of 1300 access point.
  AP001d.4513.dd68#reload
  Proceed with reload? [confirm]
  %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
  %LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is available.
  flashfs[0]: 4 files, 2 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 7741440
  flashfs[0]: Bytes used: 2052608
  flashfs[0]: Bytes available: 5688832
  flashfs[0]: flashfs fsck took 14 seconds.
  Base ethernet MAC Address: 00:1d:45:13:dd:68
  Initializing ethernet port 0...
  Reset ethernet port 0...
  Reset done!
  ethernet link up, 100 mbps, full-duplex
  Ethernet port 0 initialized: link is up
  Unable to get our ip address: no "IP_ADDR" variable set
  The system has been encountered and error initializing
  tftp file system. The system is ignoring the error and
  continuing boot. If you interrupt the system boot process,
  the following commands will set IP_ADDR, DEFAULT_ROUTER
  and NETMASK environment variables, initializing tftp file
  system, and finish loading the operating system software:
      set IP_ADDR
      set DEFAULT_ROUTER
      set NETMASK
      tftp_init
      boot
  Loading "flash:/c1310-rcvk9w8-mx/c1310-rcvk9w8-mx"...############################################################################################################################################################################################
  File "flash:/c1310-rcvk9w8-mx/c1310-rcvk9w8-mx" uncompressed and installed, entry point: 0x3000
  executing...
                Restricted Rights Legend
  Use, duplication, or disclosure by the Government is
  subject to restrictions as set forth in subparagraph
  (c) of the Commercial Computer Software - Restricted
  Rights clause at FAR sec. 52.227-19 and subparagraph
  (c) (1) (ii) of the Rights in Technical Data and Computer
  Software clause at DFARS sec. 252.227-7013.
             cisco Systems, Inc.
             170 West Tasman Drive
             San Jose, California 95134-1706
  Cisco IOS Software, C1310 Software (C1310-RCVK9W8-M), Version 12.4(10b)JA3, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2008 by Cisco Systems, Inc.
  Compiled Wed 19-Mar-08 19:09 by prod_rel_team
  Image text-base: 0x00003000, data-base: 0x003BE9E0
  Initializing flashfs...
  flashfs[1]: 4 files, 2 directories
  flashfs[1]: 0 orphaned files, 0 orphaned directories
  flashfs[1]: Total bytes: 7741440
  flashfs[1]: Bytes used: 2052608
  flashfs[1]: Bytes available: 5688832
  flashfs[1]: flashfs fsck took 2 seconds.
  flashfs[1]: Initialization complete....done Initializing flashfs.
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  cisco AIR-LAP1310G-E-K9R   (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
  Processor board ID FHK1133E002
  PowerPCElvis CPU at 262Mhz, revision number 0x0950
  Last reset from reload
  LWAPP image version 3.0.51.0
  1 FastEthernet interface
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 00:1D:45:13:DD:68
  Part Number                          : 73-8960-09
  PCA Assembly Number                  : 800-24963-06
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC113000V7
  Top Assembly Part Number             : 800-28479-05
  Top Assembly Serial Number           : FHK1133E002
  Top Revision Number                  : B0
  Product/Model Number                 : AIR-LAP1310G-E-K9R
  The name for the keys will be: ap.cisco.com
  % The key modulus size is 1024 bits
  % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
  ip ssh version 2
      ^
  % Invalid input detected at '^' marker.
  transport input ssh
                   ^
  % Invalid input detected at '^' marker.
  aaa new-model
  ^
  % Invalid input detected at '^' marker.
  aaa authentication login default enable local none
  ^
  % Invalid input detected at '^' marker.
  o
  ^
  % Invalid input detected at '^' marker.
  Press RETURN to get started!
  *Mar  1 00:00:05.442: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
  *Mar  1 00:00:06.473: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
  *Mar  1 00:00:07.817: %SYS-5-RESTART: System restarted --
  Cisco IOS Software, C1310 Software (C1310-RCVK9W8-M), Version 12.4(10b)JA3, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2008 by Cisco Systems, Inc.
  Compiled Wed 19-Mar-08 19:09 by prod_rel_team
  Translating "CISCO-LWAPP-CONTROLLER"...domain server (255.255.255.255)
  transport input ssh
                   ^
  % Invalid input detected at '^' marker.
  *Mar  1 00:00:33.860: %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER
  *Mar  1 00:00:33.860: %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER
  *Mar  1 00:00:33.861: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
  logging origin-id string AP:001d.4513.dd68
           ^
  % Invalid input detected at '^' marker.
  logging 255.255.255.255
          ^
  % Invalid input detected at '^' marker.
  logging trap 3
          ^
  % Invalid input detected at '^' marker.
  *Mar  1 00:00:37.440: Logging LWAPP message to 255.255.255.255.
  AP001d.4513.dd68>
  %LWAPP-3-CLIENTEVENTLOG: Forcing AP to obtain IP address using DHCP
  %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.10.10.46, mask 255.255.255.0, hostname AP001d.4513.dd68
  Translating "CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com"...domain server (10.10.10.5)
  %LWAPP-3-CLIENTEVENTLOG: Did not get vendor specific options from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Did not get log server settings from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  AP001d.4513.dd68>

  Your debug is very telling ..
  AP001d.4513.dd68>
  %LWAPP-3-CLIENTEVENTLOG: Forcing AP to obtain IP address using DHCP
  %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.10.10.46, mask 255.255.255.0, hostname AP001d.4513.dd68
  Translating "CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com"...domain server (10.10.10.5)
  %LWAPP-3-CLIENTEVENTLOG: Did not get vendor specific options from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Did not get log server settings from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  AP001d.4513.dd68>
  What are you using to tell the AP where the contoller lives ? Since you are consoled into the ap you can use the -> capwap ap controller ip address
  This will point the ap to your controller
  "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
  ‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

• I'm trying to use a madcatz controller on the mac but it turns on for 2 seconds and turns off. the system profiler picks it up as a xbox 360 gamepad but says its not been configured. how can i allow my self use this with my games.

  i'm trying to use a madcatz controller on the mac but it turns on for 2 seconds and turns off. the system profiler picks it up as a xbox 360 gamepad but says its not been configured. how can i allow my self use this with my games!

  I have exactly the same problem.
  I'm a little peed-off with Microsoft on this. The original wireless controller I have doesn't work either since the cable I'm using is 'just' the charge and play cable, so a direct connection to my Mac won't work with this cable. It's a cable for god's sake. Why on EARTH put any limitations on this!?!?
  Next I learn I need an additional USB wireless receiver from Microsoft to get my original 360 controller to talk to my Mac. As I certainly don't want to fork any more microsoft dollars on this, this is not an option.
  Next I think, yes! I have a MadCatz 360 wired USB controller. This should surely do the trick just plugging it in and the way I go. But oh no, for some reason I plug my MadCatz Xbox360 controller in, it flashes a few times then switches off and can't be turned on again.
  The System Profiles recognizes it as a MadCatz 360 device controller but that is about it, but the ontroller software I download for the System Prefs (360Controller, USBOverdrive etc) don't even recognize the controller as being plugged in.
  What the **** Is The Microsoft Deal with all of this!?!?
  PS: Oh, and I forgot to mention, there are No drivers for device 4716 that I can find on the MadCatz website, or am I going blind?
  If anyone has a link, it would be appreciated.
  Message was edited by: nostrawaggus

• How can I copy a PSK from one WLAN Controller to another

  I'm trying to replace a WLAN controller with a new one.  One WLAN is configured with WPA-PSK.  Nobody seems to know the key that was used.
  Anyone know if there is a way to extract the encrypted key out of a controller and put it into the new WLAN Controller?
  Thanks in advance.

  No can do ...
  https://supportforums.cisco.com/discussion/11364566/view-psks-wlans-wlc 
  However, if any users are on a MAC Book and has iCloud enabled you can see the key under the "keys". If you have a windows 7 box and uses the native supplicant you can expose the key on the supplicant ..

• Cisco LWAP & WLAN Controller Flexconnect Across HP Switches

  Hello All, I'm looking for a little guidance in making the needed routing and switching configuration changes on our Corporate Network to accomadate flex connect functionality for Cisco Lightweight Access Points (LWAPs).  The LWAPs that are currently configured on our network only work when our WLAN Controller is up and running and I need for them to be disconnectable so that we can move the WLAN Controller to our virtual co-lo.  It should be known that I inhereted this network from the previous admin and have been working hard to map everything out to the best of my ability.  Also, the WLAN controller is already operating in our production network so it limits my ability to do much testing. 
  Just FYI, I'm a new Systems Admin promoted from a Desktop Support role and have my CCENT (Currently working on CCNA & MCITP Server Admin) so I have some knowledge but it is limited on the networking and switching side of things.  Unfortunately, the Senior Systems Admin has even less knowledge of networking than me and I don't really have anyone to turn to which is why I'm posting here.  I would have utilized GNS to help me simulate the configuration however there are HP switches in the mix and no means of emulating them.
  -Relevant Device List-
  (CONSA251) Sonicwall  NSA 240 - 10.1.1.251
    Interface Information 
  Interface    IP Address    Description   
  X0  ->  LAN
    10.1.1.251   LAN Interface  
  X1  ->  WAN
    *************   Time Warner WAN  
  X2  ->  DMZ
    *************   DMZ Interface  
  X3  ->  WAN
    *************   Sprint WAN  
  X0-V20  ->  LAN
    10.1.101.1   Corporate WLAN  
  X0-V30  ->  LAN
    192.168.1.1   Guest WLAN 
  (CORT250) Cisco 3845 - 10.1.1.250
  (CO-WLAN-CTRLER) Cisco 5508 Wireless Controller - 10.1.1.2
  (COSW240) HP Procurve 4108GL - 10.1.1.240
  (COSW238) HP Procurve 2510B-24 - 10.1.20.238
  (CORP-AP-MIS) AIR-LAP1131AG-A-K9 - 10.1.1.79
  (COSW239) HP1810G-24 - No IP (Inaccesible but being replaced)
  I will now go on to explain our network topology as it pertains to the WAPs and WLAN Controller and how I believe it needs to be configured in order to operate from my perspective. 
  Our Corporate and Guest Wireless Access is provided via the Sonicwall CONSA251 through a connection from the X0 interface to HP Switch COSW239 which is then connected to WLAN Controller CO-WLAN-CTRLER as detailed below:
  Device - Interface Name/Port
  CONSA251 - X0
  COSW239  - 2
  COSW239  - 18,19
  CO-WLAN-CTRLER - 2,3
  The WLAN Controller currently communicates with all the LWAPs via Layer 3 TCP\IP as I understand it and then routes all DHCP requests and traffic destine for the 10.1.101.1 (corporate WLAN) and 192.168.1.1 (Guest WLAN) to the Sonicwall and vice versa.
  Now what I am trying to do is VLAN the LWAP CORP-AP-MIS across the HP Switches to the X0 interface on the Sonicwall NSA240 where it will be able to route traffic via VLAN 20 & 30.  The problem lies in my inexperience with HP VLAN configurations and how the ports need to be configured on each device so it can route traffic to the Sonicwall when the WLAN Controller is shutdown.
  The LWAP CORP-AP-MIS layer 2 trace to the WLAN Controller is as shown below:
  Device - Interface Name/Port
  CORP-AP-MIS -  FA/0
  COSW238     - 16
  COSW238     - 25
  COSW240     - B4
  COSW240     - H6
  CORT250     - GigabitEthernet0/0
  CORT250     - Se1/0
  CONSA251    - X0
  Now for all intesive purposes the Corporate Router CORT250 should probably be handling the routing for our Corporate and Guest Wireless network however that was not the way it was originally setup and I have to work with what was inhereted.  The Corporate Router CORT250 has a default route to the Sonicwall and the Sonicwall CONSA251 has all the routing already in place for the Corporate & Guest WLANs.
  What I would like to do is VLAN off the X0-V20&V30 accross multiple switches and switchports to each LWAP in our building.  I do have the LWAP I'm testing on configured with Flex Connect which I understand is required for it to be disconnectable.
  Any guidance on how I would go about configuring this accross devices would be appreciated.  I know there are some difference between HP and Cisco Switching terms and how tagging, untagging, and trunking works however I lack the experience to apply this in practice especially in a production environment. 
  I will be happy to provide any additional information or clarification that is needed.  Thank you in advance for the help.

  Just to add about the ISE... you can profile, but having only one ssid might or might not work in your situation.  Also if you end up with remote sites or ap's in h-reap mode, currently ISE cant do any profiling.  If you go with the 7500 or 5508/WiSM2, they don't really do an active-active or active backup. They are both up and you can split the load or put all ap's on one, its up to you.  I usually split the load just to make sure both are working.  I don't want to all of a sudden loose the primary and then find out my secondary/backup is not working.

• WLAN Controller Displays Interface IP in Web Authentication URL Instead of FQDN

  Hi,
  Can someone offer any help with the issue below please?
  I have a guest wlan configured on a Cisco 2106 WLAN controller. Guest users are redirected to a Web Authenticaion page when they try to access the internet through a web browser, and can only proceed by succesfully authenticating with the controller.
  The problem I have is that the guest users are presented with an SSL certficate error before they hit the web authentication page. I have installed an SSL certificate from Verisign on the controller, and have configured an FQDN for the interface that is used for the guest wlan. However, the certificate error still persists because when the user is re-redirected to the web auth page, the URL in the address bar is presented as the IP address of the interface instead of the FQDN, For example, when a user is redirected, the address bar in their web browser displays; https://1.1.1.5/ instead of https://guestwifi.domain.com/ The SSL certificate that is installed on the controller is securing the FQDN of the interface.
  I'm not sure if i'm missing something here, but i'm struggling to find how to get the FQDN to display instead of the IP.
  Thanks,
  Paul

  I'm not following what you mean when you sayd "FQDN for the interface that is used for the guest wlan"......
  I assume you configured the Virtual Interface  to have the dns entry as guestwifi.domain.com but clients are still being redirected to the virtual IP itself and not the dns name? 
  The only reason I can think of for that happening was if the WLC had not been rebooted since applying the DNS name to the Virtual Interface (it takes a reboot to modify client redirect stuff, the same goes for http vs https).
  so guestwifi.domain.com should have a DNS entry resolving to 1.1.1.5, that entry should be on your virtual interface, and upon reboot you should always redirect to guestwifi.domain.com unless you manually type https://1.1.1.5 in the browser.

• WLAN Controller and Location appliance graceful shutdown?

  Does anyone know if there is a supported graceful shutdown method/command for the
  4400 series WLAN Controller and 2700 Location Appliances?
  This weekend our server room will be undergoing maintenance and will experience a total power outage for a 4 hour period.  It is our intent to manually bring all equipment down (hopefully in a graceful manner) and then back up once the maintenance is completed.  As a result does anyone know if special precaution is needed to shutdown these 2 appliances, or can we simply bring down these devices hard which is the case with most other Cisco equipment?
  Thanks in advance

  Hi Mark,
  Channel 1, 6, and 11 are just about as non-overlapping as 1, 7, and 13. There's an insignificant amount of overlap, so it's just as plausible of a solution, even in Europe. I honestly don't know why you wouldn't use the extra channels to eliminate the minor overlap - every bit helps.
  The "channel blanket" or "virtual cell" WLAN design philosophy is rapidly spreading. Cisco maintains that it's a standards violation and I've heard no talk of them purchasing the not-to-be-named company or of them adopting the same design philosophy. I sincerely hope that they do one of the two soon, however, because it's very good design that's difficult for Cisco to compete against.

• WLAN Controller Message

  Hi FREINDS,
  I am consistly receiving following message on one of my WLAN controller, please could you tell me the severity level and solution of the following message:
  IDS Signature attack cleared. Signature Type: Standard, Name: NULL probe  resp 1, Description: NULL Probe Response - Zero length SSID element,  Track: per-Mac, Detecting AP Name: KU-GF-I2-W03, Radio Type: 802.11b/g,   Preced: 2, Channel: 11
  Thanks & Regards,
  Faysal

  The null signature alarm is really nothing. I disabled this alarm on my wlcs.
  Device can send different types of probe request. For example they ca. Send a direct probe request from your laptop to an ap. they can send broadcasted probe request from your laptop to everyone. And some device are programmed to send null probe reuest. Often if you run net stumbler that program sends null probes.
  Some manufactures, not Cisco gear though, when they see a null probe request will respond with their hidden (non broadcasted) ssids.
  These alerts are informing you that a device(s) are sending nulls ..
  I hope this helps..
  Sent from Cisco Technical Support iPhone App
  Sent from Cisco Technical Support iPhone App

• WLAN Controller basic configuration help needed

  Please advise me for the initial config. of wlan controller. if found following parameters needs to be configured for initial config. of wlan controller.
  Enable Link Aggregation (LAG) [yes][NO]:
  Management Interface IP Address:
  Management Interface Netmask:
  Management Interface Default Router:
  Management Interface VLAN Identifier (0 = untagged):
  Management Interface Port Num [1 to 2]:
  Management Interface DHCP Server IP Address:
  AP Transport Mode [layer2][LAYER3]:
  AP Manager Interface IP Address:
  AP-Manager is on Management subnet, using same values
  AP Manager Interface DHCP Server (192.168.50.3):
  Virtual Gateway IP Address:
  Please advise me what these parameters mean. I'm new to wlan controller.
  Please advise.
  Thanks in advance.

  Enable Link Aggregation (LAG) [yes][NO]: Yes
  Management Interface IP Address: ex - 192.168.1.2
  Management Interface Netmask: Ex- 255.255.255.0
  Management Interface Default Router: 192.168.1.1
  Management Interface VLAN Identifier (0 = untagged):(Hit enter no need to fill this)
  Management Interface Port Num [1 to 2]:1
  Management Interface DHCP Server IP Address:
  AP Transport Mode [layer2][LAYER3]: LAYER 3
  AP Manager Interface IP Address: ex - 192.168.1.3 (same subnet that of Management interface)
  AP-Manager is on Management subnet, using same values
  AP Manager Interface DHCP Server (192.168.50.3):
  Virtual Gateway IP Address:1.1.1.1

• WLAN Controller configuration help needed

  Hi,
  I need to configure AP with WLAN controller for guest access. we have 2 vlans. vlan 1 - guess vlan (internet only access) and vlan 2 - all access.
  while configuring wlan controller. which vlan should i configure as native vlan? I have radius server which would check health of the user and would direct wlan controller to put in user in vlan 1 or 2 depending on its credentials.
  please advise how to implement it. what would be initial steps.

  Hi,
  I have couple of doubts before going further for solution to implement ?
  What model of wlan controller & AP , you are using ?
  to configure the Controller , initially you need to configure the interface ( which are virtual ) .
  You need to connect controller to your existing LAN set-up may be one of the port of your core switch ............
  below are the interface which you need to configure in controller .......
  1) Management interface with IP ( which will be used to access your controller from lan ... ) this is ip should be able to ping from the network.
  2) AP manager IP ( this is again depend on model ) if it is 5500 , this is not required ..
  3) Virtual IP : this is should the IP address which is not at all there in your lan eq.1.1.1.1
  4) dynamic interface with IP : this is the interface which will map your vlan to WLAN
  once you create the mentioned interfaces , you need to create the wlan and map the above dynamic interface with respective wlan.if required you can configure the DHCP pool as well in controller for Wlan.
  let me know , whether this information helped  you ........................