WLAN Subnet
We have two buildings with separate subnet's that are about 100 yards apart. We have two AP's in each location and the coverage is very good. The issue we are having is when someone goes from one building to the other, the wireless holds onto the IP address which is on the wrong subnet, so we have to have the users disconnect and reconnect to the wireless network. Besides making a campus and expanding the subnet location, is there any other way we can force laptops to reconnect when accessing the other subnet or AP's?
Any information would be greatly appreciated.
I'm assuming you have an autnomous setup? 100 yards aprat is pretty far and intersting that a device anc still stay connected even though they walk into the other building. The only thing you can do is disable some of the lower data rates on your AP. I would disable everything below 11mbps and keep 11mbps as mandatory and the rest supported. Give that a try. You might also maybe lower the TX power down to 50mW, but play with the data rates first.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Similar Messages
-
I'm wondering if there's a best practice regarding the subnet size of the dynamic interface.
Is for example a /16 recommended, knowing broadcast/multicast to the clients are disabled.
I've a setup where via aaa override, the users are placed in their corresponding vlan: admin (wlan I), staff
(wlan II), guest (wlan III). There's only a wlc on the central site. So all wireless traffic from all sites (connected via fiber) are passing through the wlc.
I'm wondering if there's a difference (performance,other?,...) between a solution with three vlans (one for each ssid but large enough) versus
1)ap group solution with dedicates vlan
2)assign a vlan via aaa override based on 'location' and function (admin,...)
(staf from site 1 = staf from site 2)
So what are you thinking?
Pro's /contra's of a big subnet in this situation and in general deploymentDavy,
I chuckle when people ask this question. I say this because we are all use to small subnets, because of the broadcast / multicast drama that happens on the wired side. As you pointed out, the WLC proxys this for the clients so its never sent over the wireless.
Ive designed many a WLANs. I normally lead with /21 or /22 which in most environments works well.
If there are specific location needs, perhaps NATing or special security segmentation one could venture to use AP groups. This would allow then piece of mind knowing each location is defined by an AP group. Good example would be something like PCI. This could also aid in management as well.
So if you find yourself needing more control in the future, ap groups will give that ability. -
ASA 5505 9.1(2) NAT/return traffic problems
As part of an office move we upgraded our ASA to 9.1(2) and have been having what seem to be NAT problems with some services ever since. These problems manifest themselves with return traffic. For example, network time sync (NTP, port 123) works fine from the ASA, but hosts on the inside network cannot access external NTP servers (ntpq -pe shows all servers stuck in .INIT. status), creating problems with drifting clocks. Services like XBox Live also do not work; the XBox device can contact the internet, but return traffic from the service never gets back to the device.
For NTP specifically, I've tried allowing NTP 123 through the firewall, but it doesn't help. Conceptually, this should not be required since an inside host is initiating the connection and the NAT rules "should" allow the return packets. To further muddy the waters around NTP, a Linux VM CAN get NTP if it's network adapter is in NAT mode (so it's NAT'ing through the host workstation, then through the Cisco) but CAN NOT get NTP if the adapter is running in bridged mode (so the VM is talking directly to the ASA as if it were just another machine on the inside network).
I've stripped down the ASA config to the basics level, but still can't get this resolved. The main symptom of the problem is that if I disable the access-list rules around ICMP, I'll see lots of ICMP warnings in the ASA logs, which seems to indicate that there are traffic problems communiating with the inside hosts. I've narrowed the problem down to the ASA since replacing the device with a simple Netgear consumer-grade "firewall" lets all this traffic flow just fine.
Network is extremely basic:
DHCP ASSIGNED IP from ISP <----------> ASA <-----------------> inside (192.168.50.X)
^
|----------------------- guest vlan (10.0.1.X)
show running-config:
Result of the command: "show running-config"
: Saved
ASA Version 9.1(2)
hostname border
domain-name mydomain.com
enable password aaa encrypted
passwd bbb encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
switchport trunk allowed vlan 1,3
switchport trunk native vlan 1
switchport mode trunk
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.50.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
interface Vlan3
nameif Guest-VLAN
security-level 10
ip address 10.0.1.1 255.255.255.0
boot system disk0:/asa912-k8.bin
boot system disk0:/asa911-k8.bin
boot system disk0:/asa831-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns server-group DefaultDNS
name-server 208.104.2.36
domain-name domain
same-security-traffic permit inter-interface
object network obj_any
subnet 0.0.0.0 255.255.255.0
object network Guest-WLAN
subnet 0.0.0.0 255.255.255.0
description Interent access for guest Wireless
object network xbox-nat-tcp3074
host 192.168.50.54
object network xbox-nat-udp3074
host 192.168.50.54
object network xbox-nat-udp88
host 192.168.50.54
object service xbox-live-88
service udp destination eq 88
object network xbox
host 192.168.50.54
object network obj-inside
subnet 192.168.50.0 255.255.255.0
object network obj-xbox
host 192.168.50.54
object network plex-server
host 192.168.50.5
object network ubuntu-server
host 192.168.50.5
description Ubuntu Linux Server
object network ntp
host 192.168.50.5
object network plex
host 192.168.50.5
object network INTERNET
subnet 0.0.0.0 0.0.0.0
object-group service xbox-live-3074 tcp-udp
port-object eq 3074
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service plex-server-32400 tcp
description Plex Media Server
port-object eq 32400
access-list outside_access_in extended permit object-group TCPUDP any object xbox object-group xbox-live-3074 log alerts
access-list outside_access_in extended permit object xbox-live-88 any object xbox log alerts
access-list outside_access_in extended permit tcp any any eq echo
access-list outside_access_in remark Plex Live access
access-list outside_access_in extended permit tcp any object plex-server object-group plex-server-32400
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit icmp any any unreachable
access-list outside_access_in extended permit icmp any any echo-reply
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu Guest-VLAN 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-713.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network xbox-nat-tcp3074
nat (inside,outside) static interface service tcp 3074 3074
object network xbox-nat-udp3074
nat (inside,outside) static interface service udp 3074 3074
object network xbox-nat-udp88
nat (inside,outside) static interface service udp 88 88
object network plex
nat (inside,outside) static interface service tcp 32400 32400
object network INTERNET
nat (inside,outside) dynamic interface
nat (Guest-VLAN,outside) after-auto source dynamic any interface
access-group outside_access_in in interface outside
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
no user-identity enable
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http 192.168.50.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca trustpoint ASDM_TrustPoint0
enrollment self
subject-name CN=border
crl configure
crypto ca trustpool policy
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca xxxx
quit
crypto ca certificate chain ASDM_TrustPoint0
certificate xxxx
quit
crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
telnet timeout 5
ssh 192.168.50.0 255.255.255.0 inside
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
vpn-addr-assign local reuse-delay 60
dhcp-client client-id interface outside
dhcpd auto_config outside
dhcpd address 192.168.50.5-192.168.50.132 inside
dhcpd address 10.0.1.50-10.0.1.100 Guest-VLAN
dhcpd dns 208.104.244.45 208.104.2.36 interface Guest-VLAN
dhcpd lease 86400 interface Guest-VLAN
dhcpd enable Guest-VLAN
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 192.168.50.0 255.255.255.0
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp server 152.19.240.5 source outside prefer
ssl trust-point ASDM_TrustPoint0 outside
username xxx password xxx/ encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect icmp
service-policy global_policy global
prompt hostname context
service call-home
call-home reporting anonymous
call-home
contact-email-addr [email protected]
profile CiscoTAC-1
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
hpm topN enable
Cryptochecksum:xxx
: endHi,
Configuration seems fine.
With regards to the ICMP, you could also add this
class inspection_default
inspect icmp error
I would probably start by trying out some other software level on the ASA
Maybe some 8.4(x) software or 9.0(x) software. See if it some bug perhaps.
One option is ofcourse to capture traffic directly on the ASA or on the hosts behind the ASA. And go through the information with Wireshark.
- Jouni -
Adaptiva Software Distribution not working with Cisco APs in Local Mode
A worldwide customer would like to use a new Software distribution system called Adaptiva to replace SCCM within Windows environment. As far as I understand, Adaptiva is designed to work like a snowball system. A single PC at a remote side can be "infected" with new Software and will distribute the package to other PCs within the same IP-subnet, saving WAN bandwidth.
First tests are showing that it is working well with Cisco WLAN solution as long as we are using Flexconnect WLAN APs.
Customer locations with Local WLAN AP design create problems for this new software distribution method.
The WLAN-PCs can be reached from outside, but the establishment of the Client/Server-model between the WLAN Clients is not working. The Port used by this software for communication between clients in each WLAN subnet is UDP Port 34329.
Our WLCs are running at 7.4.130.0. The problem is appearing independently of AP Multicast settings or Broadcast Forwarding. Enabling Broadcast forwarding without Reboot did not improve the situation.
Global Multicast Mode and IGMP Snooping are also of no influence.
P2P Blocking Action is "Disabled" within the WLAN setup.
Who has any idea what might cause this communication problem between WLAN clients in Local Mode of APs ?
Thank You for answers
WiniI can think of two solutions. You could 1: turn the "auto-lock" to never, so that your phone never sleeps. Or, you could 2: jailbreak your iPhone and install "insomnia". I wish we had the Cisco Mobile app. I usually use wifi/insomnia and turn data off at work since we have wireless pretty much everywhere...
Sent from Cisco Technical Support iPad App -
I have a question about how wireless data traffic flows between 2 wireless clients that are associated with the same AP/WLAN/subnet. It doesn't have to go through the WLC, does it?
Is this documented some where on Cisco website that I can find?
Thanks
Binh DinhWhen the access point (AP) joins a Wireless LAN (WLAN) controller, a Lightweight Access Point Protocol (LWAPP) tunnel is formed between the two devices. All traffic is sent through the LWAPP tunnel, which includes all client traffic. The only exception to this is when an AP is in REAP mode. When the AP is in Remote-Edge Access Point (REAP) mode, the control traffic is still tunneled to the controller but the data traffic is bridged locally on the local LAN.
Here is the link info:
http://supportwiki.cisco.com/ViewWiki/index.php/In_LWAPP_network,_does_all_the_network_traffic_both_from_and_to_the_WLAN_client_tunneled_through_a_4400_series_WLAN_controller_that_runs_firmware_version_3.2,_once_a_connection_is_established -
Creating "guest" VLAN on WLC 4400, created interface not selectable
Presently have an internal network WLAN (HREAP) setup and running. I'm trying to create a guest Internet-only WLAN referencing this link http://www.cisco.rw/en/US/tech/tk722/tk809/technologies_configuration_example09186a008070ba8f.shtml
Created dynamic interface "corp-26" and verified it was enabled. When I create the Internet-only WLAN... under Interface Name, only "management" appears in the drop down list; "corp-26" doesn't appear.
How do I assign "corp-26" to my Internet-only WLAN?The management & ap-management are for the APs themselves. You will want a seperate vlan/wlan/subnet for your guest ssids altogether.
You can provide dhcp from the controller or from a dedicated server.
if you select override for dhcp under the wlan settings, provide a dhcp server address, otherwise add the dhcp server entries under the interface settings.
What is really cool is that 1.1.1.1 appears as the dhcp server (unless you changed it on the controller to something else.) It has caused some confusion at times -
WLC 5508 , AP client dhcp address different from WLAN interface VLAN subnet?
Hope the title makes sense, here's my situation: I have multiple businesses on 1 WLC 5508, there's a LAG to my core switch with seperate interfaces for each, broken up by vlans.
My question is: if i have a WLAN setup to use interface "Company A" which is vlan 10 with an ip of 10.0.1.5 which then points to 10.0.1.10 for dhcp.
Can the WLAN client connecting to the Company A WLAN use an IP in a different IP range?(192.168.1.10?) can the wlc route? from the perspective of the DHCP server where doers the request come from? (10.0.1.5?)
Can the DHCP server 10.0.10.10 on vlan 10 respond back with and ip on a different subnet to assign to the client to use and still be fully fonctioning? would the default gateway for the client need to be 10.0.1.5? So the clients ip would be 192.168.1.10 /24 with a gateway of 10.0.1.5 (ip adress fo vlan10 interface on WLC) And if multiple clients on the same subnet wanted to talk to each other woudl the WLC know how to route them to each other without passing through the default gateway?
Sorry if this is confusing I'm having a bit of a hard time explaining it in works, i can try and draw somethign up if it makes more sense.
thanks
EricI think if you want these clients to stick to a WLAN configured on a VLAN that has a different IP addressing you could configure your VLAN with the normal IP addressing then add on the SVI the 2nd IP_Class_default_gateway.
E.G.
Vlan 10
interface vlan 10
ip address 10.0.10.1 255.255.255.0
ip address 192.168.1.1 255.255.255.0 secondary
Clients that receive IP address from 192.168.1.0/24 network will be able to reach 192.168.1.1 and all traffic will pass right. -
Anyone put two wlans on two wisms into one subnet?
We have two WiSM blades on one C6500 switch. We use WiSMs as DHCP relay pointing to central DHCP. Because of the lack of IP subnets, we want to use one /22 subnets for the two WLANs(same SSID) on two wisms. Anyone tried this? Any problems with this setup?
Thanks!
ZhenningIf I understand this correctly, you want to have multiple vlans tied to one ssid. If this is correct, then AP Groups is what you need to configure.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008073c723.shtml
Unless youare trying to have one subnet and one ssid configured on both WiSM's, which should work. -
WLAN AP & Client subnet sizing
Does anyone know of any recommendations regarding sizing of:
- AP subnets
- Client subnets
when designing Cisco wireless networks?
I've checked out the design guides and various FAQ's etc., but haven't come across anything obvious.
In the case of AP subnets, I wonder if there is a recommended point at which the number of APs in a subnet becomes too high. There must be a break-point where the level of broadcast traffic starts to have negative impact on performance for all APs in the subnet. I often use an AP subnet range per switch stack or per floor, which seems to work fine, but may not be best use of limited IP address space. But, would it really be advisable to create a 24 bit AP range and then put 250 APs into it?
The same question applies to client subnets. Again, if I have 500 users, I wouldn't usually create a single 23 bit subnet to accomodate them and then allow that single range to be assigned to a single SSID to cover a campus. Generally, I would use a number of ranges and use AP groups on an SSID to keep the broadcast domains down to reasonable sizes on the client side. Again, what is a 'reasonable' size (in terms of numbers of clients on a subnet)?
I'm guessing there are a lot of variables in here (for instance the levels & types of traffic). But, I would be interested to hear of any tried & tested (or Cisco recommended) rules of thumb.
Thanks in advance.
Nigel.Just to add in another consideration to this discussion, I'd like to throw in multicasting.
The main argument that underpins the sizing considerations discussed above is the fact that the WLC does not forward broadcasts to client, allowing large subnets to be used with no issues.
However, with the growth of BYOD etc. recently, there is a growing demand for multicasting due to the services provided by Bonjour for Apple devices (e.g. Apple TV, Air Print etc.).
I'd be interested to hear if anyone has any views on how the potential growth in multicast traffic for Bonjour services is going to impact client subnet sizing (if at all..?).
There is a great guide about Bonjour deployment from Cisco at: http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_tech_note09186a0080bb1d7c.shtml
I'm guessing that IGMP snooping should ensure that only clients that need to receive a multicast stream will get it. But, even so, I'm guessing this will have some detrimental impact as many clients on the same subnet may receive the same stream?
Anyone any useful input on this?
Nigel. -
Im at my wits end with my n93i and WLAN. Could any...
OK i havea netgear WG121 router and recently got an n93i.
Now I had an n95 for a few days before and that used to connect to my WLAN fine by just using the wlan wizzard. But with this N93I it gives me no end of troubles.
First of all I kept getting incorrect wep key error (even though I was entering in the wep key that I use on my pc). PS Out of curiosity should I be using the password that my PC connects to or the admin password to the router? Both didnt work anyway.
So found this site http://www.wepkey.com/ for converting your ASCII key to Hex. Still didnt work. Only this time it said WLAN network not found.
So then someone said I should try setting a static ip by entering in the gateway address, subnet from my PC as well as the ip address of my phone. When this was done the web page looked to be loading but then said no gateway reply.
I honestley dont know what to do now. It seems there are so many people with WIFI problems around but I dont see any solutions.
Can anyone assist me?I'm even more concerned now after hearing back regarding my initial post. Apparently any cancellations or changes are showing as done by me using the self help platform on my BT account. This isn't the case. The actions carried out on certain dates listed on the email I received were all carried out by BT over the phone and not myself. I didn't even know it was possible to cancel a direct debit using the BT website. I thought it had to be cancelled at the bank and then a phone call to BT. I was logged onto my BT account while the phone calls were taking place but any action was carried out by BT and not myself.
BT are insisting I have no DD set up. Yet it clearly shows on my bank account that there is an active DD for BT. To confirm that, I've spoken to my bank today who have verified there is most definitely a DD set up to pay BT on the bank account. They've double checked the account number with me and it's definitely for my BT account. The bank are sending me a letter confirming it's an active DD for me to include all other details for the Ombudsman because I really feel this needs fetching to their attention.
To be fair to the person who has replied I have been told I can pay a small amount and set the DD up rather than pay in full or face restrictions. But despite BT's insistence that I have no DD set up my bank clearly states I have. I'm now going to have to cancel the DD that BT are sure isn't active and set it up again.
Incidentally the monthly payments I'm to make are £45 - less than the £60 and a lot less than the £104 previously mentioned! So on one hand I will have a satisfactory conclusion but on the other I have to still cancel a "none existent" existing DD, set a new one up and am out of pocket on bank charges caused by BT trying to take payment on the wrong date. I then have to trust they'll not do the same thing again.......
It's all like a stupid joke that's just not funny. -
DHCP Client will not work on a WLAN 4402
Wireless Scenario
I am attempting to create a wireless network using a 4402 WLAN Controller and 1200 series LWAPP access points.
The WLAN Controller has the following interface settings:
Management Interface 10.71.50.9
Ap-Manager Intereface 10.71.50.8
Virtual Interface 1.1.1.1
VLAN 451 10.29.64.27
I have two access points that both pulled a DHCP Address and recognize the WLAN Controller.
Access Point 1 10.29.64.20
Access Point 2 10.29.64.21
I have configured the WLAN Controller to use the Cisco ACS Server for Authentication. I am using LEAP at present, but intend to go with certificate based authentication at a later date. The ssid I am using is ybor-wirenew. The client gets authenticated and associated but does not get an IP Address from DHCP.
I have tried the internal DHCP server on the controller, and although the wireless client gets a 10.29.64.x address it will not communicate with the default gateway or the rest of the network.
The only thing that works is creating a scope on the 10.71.50.x network. The client then gets an address and functions normally.
I need this to work across subnets. Is there something that I am missing???The problem is with your AP's and wireless clients being in the same subnet/vlan. I learned the hard way the thw WLC's expect the AP's to appear like any other client device on your wired network. Once they are associated with the WLC, your wireless clients are dropped into a different VLAN/subnet. An example config would be:
Management - 10.0.1.2 VLAN 1
AP-Manager - 10.0.1.3 VLAN 1
AP - 10.0.2.2 VLAN 2
Wireless Clients - 10.0.3.x VLAN 3
There are other known issues with crossing address space and the service port on the WLC. -
Connecting to a wlc across subnets
I have recently purchased a 4402 wireless controller to manage our access points. When I put the APs on the same subnet as the ap-manager subnet I get the ap to connect. When I put the ap on the wireless subnet, it will not connect. Does not even register.
I read I need to do layer 3 routing on the 4502 for this to work. I am trying to do that now. Do I need to set up anything on my switches to make sure that the packets go through(sort of like defining where to find the DHCP server) or should it just work? Do I need to set up a WLAN ID that matches the WLAN ID that the switches use? I thought I tried that first and had no luck. Any ideas on this vague question?
I am trying to dig through the documentation to see if I can find the answer but so far I have not found anything.
Sent from Cisco Technical Support iPhone AppYou will want to make sure your APs can route from where ever you install them to the WLC managment address.
How APs find the controller can happen a few different ways:
1) DNS A record
2) Layer 2 broadcast (which you seen already)
3) IP Route Forward
4) DHCP Option 43
5) Manual Prime the AP
Most folks lead with option 43.
http://www.my80211.com/cisco-wlc-labs/2009/7/4/cisco-dhcp-option-43-configuration-nugget.html
if you check the config guide you will explain the other processes. -
Windows file sharing across subnets
I have a SonicWall TZ170 wireless router that will not allow the LAN and WLAN to have the same subnet IP address. I have a WinXP Pro desktop on the LAN at 192.168.70.100 and a PowerBook on the WLAN at 192.168.71.100. The router firewall is set up to allow all traffic (any IP address) between the two subnets. However, no matter what i do, I cannot get the PowerBook to connect to the PC. (I've also tried SMB://192.168.70.100/share, where "share" is the name of the shared folder on the PC.) I know the file sharing settings are correct, since I can mount the PC share when the PowerBook is connected to the LAN.
I've since read that SMB does not work over different subnets. Is this correct? If so, is there any other way to share files on the PC with the PowerBook?
PowerBook G4 15 Mac OS X (10.4.8)Ideas?
I'm downloading the manuals, to see if I can glean any clues from there as far as configuring the firewall rules in the device.
I suggest that you do the same.
http://www.sonicwall.com/us/support/3134.html
There are several product guides and how-to PDF's...
The other idea that might work would be to follow their suggestion: "Specifics at this point are probably best dealt with in the form of a call to our technical support team."
this is looking less like a mac issue and more like a SonicWall issue. -
Can I change the name of a VLAN in the WLAN controller?
We have three WLAN controllers and I recently noticed that a VLAN interface is not properly named. It doesn't match the other controllers, and won't work right when using enterprise templates in WCS, etc.
I would like to rename that interface so that it is the same as all of our other controllers.
The interface is mapped to our guest WLAN, which is in an AP group.
Is there an easier way to rename a VLAN interface? The only way I can think to do it would be to create a dummy VLAN interface, remap the guest WLAN to the dummy interface, reboot all the APs in the AP group, then delete the VLAN interface and then recreate it with the proper name.
Is there an easier way?
Thanks in advance!Not really. You have to remove the interface in order to create a new one on that same subnet. You can create a dummy interface, but clients will be put onto that interface while you are deleting and recreating the new one.
Sent from Cisco Technical Support iPhone App -
IOS device failed to get ip address on multiple wlan on the same anchor controller
Dear Experts:
in my implementation, we need 2 WLANs be served on the same anchor controller.
WLAN1: wep/40bit, integration with NAC/OOB on anchor controller for guest wlan service.
and guest account controlled by NACguest server.
WLAN2: wep/40bit, no layer3 secuirty for temporary using.
foreign controller: WiSM on v6.0.196.4 (also testing on 6.0.182.0)
anchor controller: WLC4402 on v6.0.196.4
on WLAN1:
Windows7 client get ip address correctly.
iOS (iPhone4 on 4.3.1/4.3.2, iPad2 on 4.3.1/4.3.2) can get ip address correctly on WLAN1.
WLAN2, iOS device cannot get ip address.
compare with debug message "debug clien mac" + "debug dhcp message enable"
on both foreign and anchor controller.
on foreign controller:
PM state has changed from: DHCP_REQD (7) Change state to RUN (20) last state RUN (20)
on anchor controller:
PM state always stay on: DHCP_REQD (7) Change state to DHCP_REQD (7) last state DHCP_REQD (7)
Enable/Disable DHCP Address Assignment Required is not work.
Enable/Disable DHCP proxy is not work.
Any hit this issue when get ip address failed in multiple WLANs on the same anchor controller?
In attachment log file,
DMZ.log: anchor controller on DMZ.
S3p1.log: WiSM on v6.0.182.0
S3p2.log: WiSM on v6.0.196.4
client mac: 00:1f:3b:05:33:c1, Windows7 Client
client mac: 58:55:ca:cf:d2:07, iPhone4 with 4.3.1,
WLAN1 subnet: 10.61.246.0/23
WLAN2 subnet: 10.61.248.0/23Hi, Nicolas:
just checking the attachment for the run-config on foreign/anchor controller.
DMZ_run.config - anchor controller
s3p1_run.config - WiSM on v6.0.182.0
s3p2_run.config - WiSM on v6.0.196.4
at this moment, we have disable the wlan 10 on foreign controller, and wlan 2 on foreign controller.
Wilson...
Maybe you are looking for
-
Inter - Company Stock Transport Order Issue
MM SAP Gurus, When I try working on "inter company stock transport order between two company codes." I found the errors while creating PO(using document type UB) ie. *1st Error -Material 1 not maintained in Plant 2. 2nd Error - Customer 1 does not ex
-
"00004.MTS" contains unsupported media or has an invalid directory structure. Please choose a folder whose directory structure matches supported media. when i try log transfer from a sony nex-vg10 but my buddy can do it with no problem on my cam an m
-
Getting rid of background noise when recording cassettes
How do I get rid of the hissing background noise when I transfer cassettes into GB?
-
my latest itunes prompted me to update to iOS 6.0, then I get a message in iTunesthat my iphone is in recovery mode, and I need to restore, I tried that I keep getting 3014 even after a restart what going on, iPhone i unubable ?
-
Howdy, I am looking for an older version of Nvidia drivers, specifically: 8.17.12.7658. The new version (9620) doesn't allow me to select the Nvidia card for certain applications like VLC, WMP, or Media Player Classic. That being said, I know the N