WLC 5508 series issues with APs

Hi  All,
we recently upgrade our WLC to a new hardware 5508 running 7.6.120.0 and we seem to notice 
now and then users ring up and complain that they can not connect to the APs most are AIR-CAP3502I-N-K9 or AIR-LAP1242AG-N-K9
We can see the APs in the controller and can not see anything wrong.
We reboot the APs and it fix the problems.
Just wondering if anybody experience the same issues with this IOS & hardware ???
Any feedback is much appreciated
Thanks
qle

Cisco has issued a "deferred notice" for 7.6.120.X.  Cisco openly recommends everyone to use the newer code, 7.6.130.X.  
If you "read between the lines", Cisco is saying everyone needs to AVOID 7.6.120.X.

Similar Messages

  • In WLC 5508 HA Issue with Russia IOS Image

    Hi,
    I have two 5508 WLC IOS code 7.6.120.0 in the both wlc I am having the same code. But in the one wlc i am having Russia image as below mention...
    Cisco Unified Wireless Network Software Release 7.6 for Cisco 5500 Series Wireless LAN Controllers with Licensed Payload Encryption.Only Recommended for Russia Where Data DTLS Payload Encryption is Regulated by the Government. AIR-CT5500-LDPE-K9-7-6-120-0.aes & in the 2nd wlc Cisco Unified Wireless Network Software Release 7.6 for Cisco 5500 Series Wireless LAN Controllers. 
    AIR-CT5500-K9-7-6-120-0.aes. In this case can I configure HA one like as primary & 2nd wlc as standby mode use the same license in the both wlc. I bye it two separately box before 2 years.
    IOS code will be the same but image is change. It's possible for HA. When I buy it that time both wlc ios code is 7.0.X.X & 7.5.X.X.
    If possible then how can do for the same. or it's not possible. I am try to convert as normal ios code but it's not accepted. Only upgrade with Russia ios code. 
    Help me out please.....
    Thanks & Regards,
    Rahul Wankhade 

    HI Rahul,
    Yes you can configure WLC as HA.
    *** Diff of images:
    –Licensed DTLS— AS_5500_LDPE_x_x_x_x.aes
    –Non licensed DTLS— AS_5500_x_x_x_x.aes
    HA Config:
    1. Either you must have enough AP licencse on both.
    http://rscciew.wordpress.com/2014/01/22/ap-failover/
    2. Or you must have 2nd wlc with minimium 50AP licence to convert it to HA SKU.
    http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html
    Regards
    Dont forget to rate helpful posts

  • WLC 5508 tunneling issue

    Hi,
    I have a WLC 5508 connected in a hub and spoke topology. The WLC is located at the hub which is the main office. In one of the remote spoke locations I have five Access Points that are connected to the local LAN and the model for the APs is AIR-CAP3602I-E-K9. The APs are all connected to access ports on the switch in vlan 1. I have two WLAN configured on the controller. I have two interfaces configured on the controller. The management and the guest interface. WLAN 1 is associated with the management interface. In the WLAN 1 advanced setting the flex local switching option is enabled. WLAN 2 is associated with the guest interface and this interface is tunneling vlan 248 the guest vlan. The problem I am having is that the devices can not communicate with each other if they are connected to the wireless connection WLAN 2 which is the tunneled vlan.
    Example: The client would like to be able to connect his ipad to the apple tv for presentation. If I connect both devices to the WLAN 1 which is using flex local switching option they can communicate with no problem, but if the devices are connected to WLAN 2 the guest vlan they can't communicate with each other. Is it possible to get this to also work on WLAN 2 ?
    Note: Both WLAN types are WLAN and P2P Blocking Action is set to default (disabled).
    Does any one have any ideas what could be causing my issue?
    Thanks in advance for your help,

    Well since your talking about Apple TV, you need to look at this reference guide for Apple's bonjour. This will explain how to get it to work and the limitation when an AP is in local or FlexConnect mode. The bonjour just doesn't work as people think it should because they can get it to work with a linksys AP.
    http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_tech_note09186a0080bb1d7c.shtml
    Sent from Cisco Technical Support iPhone App

  • WLC 5508 802.1x with AES

    Hi,
    We have a staff WLAN on Cisco WLC 5508. We use 802.1x with TKIP with authentication from RADIUS server. We deployed new 802.11n APs but on staff WLAN we cannot enable 802.11n because of the TKIP encryption. Can we just simply change the encryption without changing any other configuration to support 802.11n data rates?

    On your WLAN you can enable AES and TKIP. Just know that some clients mau have issue when they see both TKIP and AES. Ive had pretty good success with this in the past. Dont forget, you also need to enable WMM allowed to get N rates.
    But you will need to configure AES on the client as well to support N rates.
    "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
    ‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

  • WLC 5508 authorization issue

    Hello,
    I have an issue with two wlc 5508 in the same mobility group. We use TACACS to authenticate admins, with maximum privileges.
    When I want to configure cleanair, or some security functions (such as ACL, or password policies), I have an error message saying that my privileges are not enough.
    When I use local account, it works well.
    At the begining, I thought it was a TACACS issue, but I have the same problem with WCS and SNMP. Cleanair doesn't appears in config menu, and I have an error message for security function.
    Do you have any idea ?
    Thanks for your help.
    FW : 7.0.116.0

    Show sysinfo results :
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.0.116.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... 6.0.182.0
    Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
    Build Type....................................... DATA + WPS

  • WLC 5508 Switchover Issue

    Hi There,
       Our issue is about a WLC 5508 conected to a HP Switch L3 model HP7500 using link-aggregation. Sometimes the controller change to the secondary box and log the error message: Switchover Reason = Default gateway is not reachable, Switchover Time 
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.6.120.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... 6.0.182.0
    Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
    Build Type....................................... DATA + WPS
    management                       LAG  untagged x.y.z.a    Static  Yes    No
    redundancy-management            LAG  untagged x,y.z.b     Static  No     No
    redundancy-port                  -    untagged 169.254.0.12    Static  No     No
    (Cisco Controller) >show redundancy summary
                Redundancy Mode = SSO ENABLED
                    Local State = ACTIVE
                     Peer State = STANDBY HOT
                           Unit = Primary
                        Unit ID = 6C:41:6A:5F:75:00
               Redundancy State = SSO (Both AP and Client SSO)
                   Mobility MAC = 6C:41:6A:5F:75:00
    Average Redundancy Peer Reachability Latency = 488 usecs
    Average Management Gateway Reachability Latency = 748 usecs
    Redundancy Management IP Address................. x.y.z.a
    Peer Redundancy Management IP Address............ x.y.z.b
    Redundancy Port IP Address....................... 169.254.0.12
    Peer Redundancy Port IP Address.................. 169.254.0.13
    Peer Service Port IP Address..................... 0.0.0.0
    Switchover History[1]:
    Previous Active = 10.140.0.13, Current Active = x.y.z.a
    Switchover Reason = Default gateway is not reachable, Switchover Time = Tue Aug 19 05:32:44 2014
    Any idea what´s the problem could be?  We check alllan environment spanning-tree, vlan, routing, no physical issues.
    My best regards
    Adriano Porcaro

    Show sysinfo results :
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.0.116.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... 6.0.182.0
    Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
    Build Type....................................... DATA + WPS

  • WLC 5508 not communicating with ACS 4.2

    Hi,
    Strange one here, I have setup a WLAN with PEAP user authentication through ACS to the Windows database. My clients cannot connect to the WLAN.
    From the logs, I can see no activity on the Radius server stats (as seen from the controller) and no failed login attempts on the ACS itself. The ACS/Radius is setup correctly on the controller and the controller can ping the ACS, but they just don't seem to be talking???
    I have used this setup before, but the only difference is that the controller is a 5508 (done this with 4400's in the past) and the ACS is running on VMWare (Never done this before).
    If I change the security to WPA2 PSK it works fine.
    I want to use PEAP for user authentication. NOT Machine auth. I have a certificate installed on the ACS and it is in the trust list of the client PC.
    Any help appreciated!
    Dan

    Noble,
    Here are a few links...
    http://www.cisco.com/en/US/docs/wireless/controller/6.0/configuration/guide/c60sol.html
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807f42e9.shtml
    If you find this helpful, please rate the post!
    Thanks

  • HP Officejet 6800 e-All-in-One-series - issues with printing from MSWord / Setup

    I have been trying to set up the HP Officejet it seems for over 2 weeks - it works then doesn't - I dont want to return it but if it doesnt work proper .... I removed and reinstalled software - yesterday printed from MSWORD - today its not --- it will print pages off the internet but not from my MSWORD - its set up wirelessly - so frustrated - and what's worse is I am HP lover and now I cant even find a HP support phone number to call and I am pretty sure I remember being told while I was making my purchasing decision I could call HP for support with reference to set up when I bought the printer. Can someone tell me if the printer then not working is normal for this printer - with reference to printing MSWORD etc and if not is there some special place I am suppose to click to fix - thank you in advance 

    Hi @TheoD,
    Welcome to the HP Forums!
    Sorry to hear about your frustration with not being able to print from MS Word with your HP Officejet 6800 printer. But I am happy to help!
    It is definitely odd that this printer is not printing from MS Word but will from the Internet. I am not seeing much documentation for an HP Officejet 6800, is it possible that you have the HP Officejet 8600? Just double-checking to make sure I provide the correct information. To find your printer's Product/Model Number follow instructions in this link. Finding Your HP Product Model Number.
    For further assistance, I will also need to know what Operating System you are using. Windows or Mac? What version? If you do not know the Operating System you are using, please visit this website. Whatsmyos.
    If you are using Windows, please try our HP Print and Scan Doctor, and let me know what happens!
    Otherwise, if you still prefer to call someone, please call our phone support at 800-474-6836. If you live outside the US/Canada Region, please click the link below to get the support number for your region. Country-language selector.
    Have a nice day!
    RnRMusicMan
    I work on behalf of HP
    Please click “Accept as Solution ” if you feel my post solved your issue, it will help others find the solution.
    Click the “Kudos Thumbs Up" to say “Thanks” for helping!

  • Config RADIUS on WLC 5508 - Problems comunication with NPS Server

    Hi,
    I'm facing some problems when configuring RADIUS auth with a NPS Windows Server.
    My WLAN interface is in a different vlan than the management interface, is that a problem?
    I want this wlan to be on a different vlan from the management. When i use wlan interface in the same vlan the RADIUS works without problems. But in different vlans is not working.
    The NPS server as 2 NICs, 1 for the wireless vlan, and another for the management vlan.
    the logs from the WLC shows this, but i have difficulties interpreting all this data:
    *apfMsConnTask_0: Dec 29 12:49:14.636: Association request from the P2P Client Process P2P Ie and Upadte CB
    *apfMsConnTask_5: Dec 29 12:49:36.607: 3c:c2:43:94:3e:bc Adding mobile on LWAPP AP d4:d7:48:45:fb:20(0)
    *apfMsConnTask_5: Dec 29 12:49:36.607: 3c:c2:43:94:3e:bc Association received from mobile on AP d4:d7:48:45:fb:20
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 START (0) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1709)
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 START (0) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1876)
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc Applying site-specific Local Bridging override for station 3c:c2:43:94:3e:bc - vapId 9, site 'XXX', interface 'wlan'
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc Applying Local Bridging Interface Policy for station 3c:c2:43:94:3e:bc - vlan 900, interface id 16, interface 'wlan'
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc Applying site-specific override for station 3c:c2:43:94:3e:bc - vapId 9, site 'XXX', interface 'wlan'
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 START (0) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1709)
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 START (0) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1876)
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc processSsidIE  statusCode is 0 and status is 0
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc processSsidIE  ssid_done_flag is 0 finish_flag is 0
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc STA - rates (8): 130 132 139 12 18 150 24 36 0 0 0 0 0 0 0 0
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc suppRates  statusCode is 0 and gotSuppRatesElement is 1
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc STA - rates (12): 130 132 139 12 18 150 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc extSuppRates  statusCode is 0 and gotExtSuppRatesElement is 1
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc Processing RSN IE type 48, length 20 for mobile 3c:c2:43:94:3e:bc
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc Received RSN IE with 0 PMKIDs from mobile 3c:c2:43:94:3e:bc
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc Setting active key cache index 8 ---> 8
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc unsetting PmkIdValidatedByAp
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 START (0) Initializing policy
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state AUTHCHECK (2)
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state 8021X_REQD (3)
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) DHCP required on AP d4:d7:48:45:fb:20 vapId 9 apVapId 8for this client
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc Not Using WMM Compliance code qosCap 00
    *apfMsConnTask_5: Dec 29 12:49:36.608: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP d4:d7:48:45:fb:20 vapId 9 apVapId 8 flex-acl-name:
    *apfMsConnTask_5: Dec 29 12:49:36.609: 3c:c2:43:94:3e:bc apfMsAssoStateInc
    *apfMsConnTask_5: Dec 29 12:49:36.609: 3c:c2:43:94:3e:bc apfPemAddUser2 (apf_policy.c:270) Changing state for mobile 3c:c2:43:94:3e:bc on AP d4:d7:48:45:fb:20 from Idle to Associated
    *apfMsConnTask_5: Dec 29 12:49:36.609: 3c:c2:43:94:3e:bc Stopping deletion of Mobile Station: (callerId: 48)
    *apfMsConnTask_5: Dec 29 12:49:36.609: 3c:c2:43:94:3e:bc Sending Assoc Response to station on BSSID d4:d7:48:45:fb:20 (status 0) ApVapId 8 Slot 0
    *apfMsConnTask_5: Dec 29 12:49:36.609: 3c:c2:43:94:3e:bc apfProcessAssocReq (apf_80211.c:6309) Changing state for mobile 3c:c2:43:94:3e:bc on AP d4:d7:48:45:fb:20 from Associated to Associated
    *dot1xMsgTask: Dec 29 12:49:36.611: 3c:c2:43:94:3e:bc Station 3c:c2:43:94:3e:bc setting dot1x reauth timeout = 0
    *dot1xMsgTask: Dec 29 12:49:36.611: 3c:c2:43:94:3e:bc Stopping reauth timeout for 3c:c2:43:94:3e:bc
    *dot1xMsgTask: Dec 29 12:49:36.611: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Connecting state
    *dot1xMsgTask: Dec 29 12:49:36.611: 3c:c2:43:94:3e:bc Sending EAP-Request/Identity to mobile 3c:c2:43:94:3e:bc (EAP Id 1)
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.684: 3c:c2:43:94:3e:bc Received EAPOL START from mobile 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.684: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Connecting state
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.684: 3c:c2:43:94:3e:bc Sending EAP-Request/Identity to mobile 3c:c2:43:94:3e:bc (EAP Id 2)
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.761: 3c:c2:43:94:3e:bc Received EAPOL EAPPKT from mobile 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.761: 3c:c2:43:94:3e:bc Received Identity Response (count=2) from mobile 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.761: 3c:c2:43:94:3e:bc EAP State update from Connecting to Authenticating for mobile 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.761: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Authenticating state
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:36.761: 3c:c2:43:94:3e:bc Entering Backend Auth Response state for mobile 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.794: 3c:c2:43:94:3e:bc Received EAPOL START from mobile 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.794: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Aborting state
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.795: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Connecting state
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.795: 3c:c2:43:94:3e:bc Sending EAP-Request/Identity to mobile 3c:c2:43:94:3e:bc (EAP Id 4)
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.795: 3c:c2:43:94:3e:bc Reached Max EAP-Identity Request retries (3) for STA 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.795: 3c:c2:43:94:3e:bc Sent Deauthenticate to mobile on BSSID d4:d7:48:45:fb:20 slot 0(caller 1x_auth_pae.c:3165)
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.795: 3c:c2:43:94:3e:bc Scheduling deletion of Mobile Station:  (callerId: 6) in 10 seconds
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.795: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Disconnected state
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:54.795: 3c:c2:43:94:3e:bc Not sending EAP-Failure for STA 3c:c2:43:94:3e:bc
    *apfMsConnTask_5: Dec 29 12:49:55.518: 3c:c2:43:94:3e:bc Association received from mobile on AP d4:d7:48:45:fb:20
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1709)
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1876)
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc Applying site-specific Local Bridging override for station 3c:c2:43:94:3e:bc - vapId 9, site 'XXX', interface 'wlan'
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc Applying Local Bridging Interface Policy for station 3c:c2:43:94:3e:bc - vlan 900, interface id 16, interface 'wlan'
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc Applying site-specific override for station 3c:c2:43:94:3e:bc - vapId 9, site 'XXX', interface 'wlan'
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1709)
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1876)
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc processSsidIE  statusCode is 0 and status is 0
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc processSsidIE  ssid_done_flag is 0 finish_flag is 0
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc STA - rates (8): 130 132 139 12 18 150 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc suppRates  statusCode is 0 and gotSuppRatesElement is 1
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc STA - rates (12): 130 132 139 12 18 150 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc extSuppRates  statusCode is 0 and gotExtSuppRatesElement is 1
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc Processing RSN IE type 48, length 20 for mobile 3c:c2:43:94:3e:bc
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc Received RSN IE with 0 PMKIDs from mobile 3c:c2:43:94:3e:bc
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc Setting active key cache index 8 ---> 8
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc unsetting PmkIdValidatedByAp
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Initializing policy
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Change state to AUTHCHECK (2) last state 8021X_REQD (3)
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state 8021X_REQD (3)
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) DHCP required on AP d4:d7:48:45:fb:20 vapId 9 apVapId 8for this client
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc Not Using WMM Compliance code qosCap 00
    *apfMsConnTask_5: Dec 29 12:49:55.519: 3c:c2:43:94:3e:bc 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP d4:d7:48:45:fb:20 vapId 9 apVapId 8 flex-acl-name:
    *apfMsConnTask_5: Dec 29 12:49:55.520: 3c:c2:43:94:3e:bc apfPemAddUser2 (apf_policy.c:270) Changing state for mobile 3c:c2:43:94:3e:bc on AP d4:d7:48:45:fb:20 from Associated to Associated
    *apfMsConnTask_5: Dec 29 12:49:55.520: 3c:c2:43:94:3e:bc Stopping deletion of Mobile Station: (callerId: 48)
    *apfMsConnTask_5: Dec 29 12:49:55.520: 3c:c2:43:94:3e:bc Sending Assoc Response to station on BSSID d4:d7:48:45:fb:20 (status 0) ApVapId 8 Slot 0
    *apfMsConnTask_5: Dec 29 12:49:55.520: 3c:c2:43:94:3e:bc apfProcessAssocReq (apf_80211.c:6309) Changing state for mobile 3c:c2:43:94:3e:bc on AP d4:d7:48:45:fb:20 from Associated to Associated
    *dot1xMsgTask: Dec 29 12:49:55.521: 3c:c2:43:94:3e:bc Station 3c:c2:43:94:3e:bc setting dot1x reauth timeout = 0
    *dot1xMsgTask: Dec 29 12:49:55.521: 3c:c2:43:94:3e:bc Stopping reauth timeout for 3c:c2:43:94:3e:bc
    *dot1xMsgTask: Dec 29 12:49:55.521: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Connecting state
    *dot1xMsgTask: Dec 29 12:49:55.521: 3c:c2:43:94:3e:bc Sending EAP-Request/Identity to mobile 3c:c2:43:94:3e:bc (EAP Id 1)
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:55.592: 3c:c2:43:94:3e:bc Received EAPOL START from mobile 3c:c2:43:94:3e:bc
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:55.592: 3c:c2:43:94:3e:bc dot1x - moving mobile 3c:c2:43:94:3e:bc into Connecting state
    *Dot1x_NW_MsgTask_4: Dec 29 12:49:55.592: 3c:c2:43:94:3e:bc Sending EAP-Request/Identity to mobile 3c:c2:43:94:3e:bc (EAP Id 2)

    yes, I thought of that. But if i use a simple password authentication on the wireless, i can reach the server with the same subnet interface. But i don't want to allow this subnet to acess the management subnet of the wireless controller.
    One question i have is: The WLC uses whitch subnet on radius? Uses the subnet of the wireless interface or uses always the management interface?
    Could you help me understand how the radius auth works with this wireless controller? Did you see anything strange in the logs that I posted above? It seems to run ok until:
    dot1x - moving mobile 3c:c2:43:94:3e:bc into Authenticating state
    Entering Backend Auth Response state for mobile 3c:c2:43:94:3e:bc
    Received EAPOL START from mobile 3c:c2:43:94:3e:bc
    dot1x - moving mobile 3c:c2:43:94:3e:bc into Aborting state
    I also note this: "Applying Local Bridging Interface Policy for station "
    What does this means?

  • Default username and password for WLC 5508 series

    Hi ,
    please let me know the default username and password for the below  WLC  device
    Model :
    AIR-CT5508-100-K9
    Image : AIR-CT5500-K9-7-0-230-0.aes                
    Regards
    Lerner 

    Password Recovery in WLC versions 5.1 and later
    If you forget your password in WLC version 5.1 and later, you can use the CLI from the serial console of the controller in order to configure a new user name and password.
    After the controller boots up, enter the Restore-Password command at the user prompt. This command is only accepted for the initial user login and becomes disabled after a user logs in. You are prompted to enter a new username/password, which can then be used to log into the controller and modify settings.

  • [875P Neo Series] issues with Sapphire X850XT GDDR3 256mb

    hi guys .... i got this weird trouble with my g-card ..i thought it was the bios but have tried all there is now ...no difference at all
    i get some dissrupts in all games ... and all runs slow  (usually faster with my old ati 9800 pro card the one that broke for me)
    i have also tried to move my s-card around ...  no diff ....tried the latest ATI drivers  (5.3) and backwards ..no diff at all
    its running on 1.5v (also tried 1.55v) and also tested to give the memorys some more volt up to 2.75..
    can it be a bios settings thing maby?
    or maby the SATA controller is messing with it ?  a well ...im fumbling in dark now =)
    hopefully someone has had the same thing

    its there or there abouts i think, i get around the 5300 - 5400 mark depending on when i run it :S
    Last night i tried turning of fast writes (in catalyst control centre, cant find it in BIOS) ive swapped the memory round to be in single channel and also underclocked the card 20 of both memory timings and core. Whilst this makes no difference to game performance and only lost me about 40 3D mark 05 points it didnt crash after, so ill run it like that over the next few days to see what it does then reintroduce each setting till i can recreate the problem.
    Oh and in addition, i think its a MB problem, when it boots it says at the top "bo BIOS installed" despite being the latest release (its always done this) sometimes it says that the DDR timings are to tight even though they are set at a loose 3-3-3-8 and ive never been able to get 4 sticks of ram working either in dual channel, they will work individually or in matched pairs but if i put all 4 in it hates it, Memtest found around 4million errors in 1 pass but if you check them in 2's in either of the banks its fine :S.
    The MB is also set to "slow" as increasing this setting makes it unstable.
    LOAM

  • An issue with WLC 5508 and 7921 phone

    Hello all!
    I have a system with WLC 5508 and some 1242 APs. And I use a lot of 7921 phones.
    One of 7921 phones was in trouble. It loses registration, disconnect conversations...
    I installed the trial WLC and run voice diagnostics.
    I  saw some of "Potentially degraded QoS in downlink direction because of  incorrect packet classification" messages and one "Fair upstream packet  loss ratio: 1,2%, which is less than threshold 2.5%"
    As I understand all of 7921 phones in these area are affected.
    what  does it mean? I set up Platinum QoS for voice WLAN. I don't have any qos  configuration string for AP and WLC ports on switches...
    any ideas?
    thanx in advance

    Sergey:
    There is one application called "WLC Config analyzer". You save your "show run-config" from your WLC in a text file and import it by this application. it will analyze the file for you and tell you what recommendations for voice are missing so you improve them.
    When importing a config file you choose what voice clinets you are using, so you need to choose cisco 7921 to it tells you what config improvemetns is needed based on 7921 needs.
    Here is the link to download the application:
    https://supportforums.cisco.com/docs/DOC-1373
    download the latest versoin.
    BTW, how many voice/data clients are connected to one AP in that area? if I remember correctly if you are utilizing voice then the max number of clients connected to one AP should not exceed 17. If you have more than this number per AP try to minimize the number of users concurrently connected to the AP then try again.
    Hope you'll find the config analyzer useful.
    If useful please don't forget to rate.
    Amjad

  • APs (LAP1142N) are disconnecting after joining the WLC (5508)

    Hi,
    We are having a problem at the school I'm working at. There are 133 APs located across campus.
    They have been running for 3.5 years without any trouble.
    Recently we have been having issues with APs disconnecting at random.
    It started last week with just a couple. We got them running again, but later the same day new ones had disconnected.
    This has continued with more APs and it looks like it happens at random and it is never the same one that disconnects.
    We have a centralized support-unit that helps us with stuff like this, but they haven't come up with a solution, so I was hoping someone here had seen this behavior before.
    Today at 7AM all the APs were running, but at the time of this post 6 of them have disconnected.
    AP (130 of them):
    Product ID: AIR-LAP1142N-E-K9
    Version ID: V01
    Software Version: 7.4.100.0
    Boot version: 12.4.18.3
    IOS: 15.2(2)JB$
    Country Code: Norway (NO)
    Regulatory domains: 802.11bg:-E    802.11a:-E
    Controller:
    Cisco 5508 Wireless Controller
    Firmware: 7.4.100.0
    Recovery version: 6.0.182.0
    Temp is running at 35C
    Memory at a stable 50%
    Cores 0%/2%, 4%/2%, 3%/2%, 4%/1%, 3%/3%, 5%/2%, 0%/1%, 0%/1%, 0%/1%, 0%/1%
    Only using 4 of the ports on the controller 1-4
    Some of the error-messages I have located on the different APs that have disconnected:
    Layer 3 discovery request not received on management VLAN
    Lwapp discovery request rejected
    Just give me a shout if any other information is needed.
    - Hille

    You may be facing this bug CSCud97983
    https://tools.cisco.com/bugsearch/bug/CSCud97983
    Here are some more information about bugs we experienced with this 7.4 code
    http://mrncciew.com/2013/02/10/day-0-with-wlc-7-4-code/
    7.4MR2 (7.4.111.x) is available (pre-release image) if you want latest bug fixed image. This is specially if you are using wireless guest service & having apple iOS 7 devices.
    https://supportforums.cisco.com/docs/DOC-37334
    HTH
    Rasika
    **** Pls rate all useful responses ****

  • WLC 5508 Multiple Interfaces for Multiple SSIDs

    Hello guys,
    I am trying to build a new network from scratch, I have the WLC 5508 w/ Aironet 3600e APs connected to my Netgear Smart Switches and a Linksys RV082 router that I'm using as my DHCP server with several VLANs for several stuff on my Switches.
    I have 2 questions:
    1. Can I have 5 Interfaces configured on 5 different VLANs, each SSID on each a different Port:
    Port 1: Controller management only=> 192.168.x.x /24
    Port 2: SSID 1: WiFi Internal=> 172.16.x.x/12 (Radius Auth with no sharing)
    Port 3: SSID 2: WiFi Internal w/ sharing=> 192.168.x.x/24 (Radius Auth with sharing)
    Port 4 :SSID 3: WiFi Guest=> 10.0.x.x/8 (Web Auth)
    Port 5: SSID 4: WiFi IT=> 192.168.x.x/24 ( Radius or certificate Auth with access to the controller management interface)
    2. How can I use the Controller as the DHCP server for all the WiFi traffic, and how should that be configured to work with my other DHCP server?

    Yes you can... but you have to disable LAG.  Each post will need to be connected to a dot1q trunk and you will only allow the vlan that is required for that port.  Also on the interface, you will define what port is primary and what is backup.  I'm guessing you will not be using the backup port.  For example... port 1 that connects to a trunk port will only allow the management vlan.  Here is a link to setup dhcp on the WLC
    http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080af5d13.shtml
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • WLC 5508 and Multiple DHCP servers in different sites?

    Hi
    I work for health authority in our region and we just purchased a Cisco wlc 5508 controller along with 25 3500 AP's. We have multiple sites with different IP subnets in each, all connected by a frame relay (owned by ISP). Each site has its own DHCP server. I have the controller in our main site. So when I take an AP to a remote site, the Ap gets an DHCP address from local DHCP server (which is great) and contacts controller and joins controller. Everything is good. BUT, when a client joins at the remote site, it gets an address from a previous site which will not work because the client is now on a different subnet. We dont use Vlans as they dont transvers the frame relay. I need those clients to obtain DHCP from the local DHCP server from the site they are on. Is that possible??
    I have updated the controller to latest version as well.
    Thanks
    Bryan Yaciuk, CCNA
    Parkland Regional Health Authority

    We call this as HREAP LOCAL SWITCHING!! but here is the catch.. everytime the AP joins the new site.. we need to configure the VLAN mapping and this wil do it for you!! Here is the link which will resolve ur issue..
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml#ll
    Lemme know if this answered ur question and please dont forget to rate the usefull posts!!
    Regards
    Surendra

Maybe you are looking for