WLC 5760 - show client ccx roam-history

Hi,
We're running an WLC 5760 with the latests version (3.3.1). We have several wlans, with diferent authentication methods, and they are all working fine.
However we noticed that the roaming is working correctly but no information is displayed if the "show ccx roam-history".
WLC1#sh wireless client mac-address 8853.2e9e.f70a det | i CCX
Client CCX version : 4
WLC1#debug dot11 ccx-roam all
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Mobile  8853.2e9e.f70a  associated
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Sending Neighbor List packet to Mobile  8853.2e9e.f70a 
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Sending L2Roam Packet to mobile  8853.2e9e.f70a
Dec 12 17:11:40.963: 00000000: 1 wcm:  01 1a 33 81 88 53 2e 9e  f7 0a c0 25 5c 68 50 50  ..3..S.....%\hPP
Dec 12 17:11:40.963: 00000010: 1 wcm:  28 11 c0 25 5c 68 50 50  01 00 02 01 06 ab 0d 0d  (..%\hPP........
Dec 12 17:11:40.963: 00000020: 1 wcm:  03 b8 05 28 11 c0 25 5c  ec 05 a0 0b 00 07 01 06  ...(..%\........
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 00000030: ab 0d 0d 03 b8 05 28 11  0c 68 03 ea 52 10 06 00  ......(..h..R...
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 00000040: 07 01 06 ab 0d 0d 03 b8  05 28 11 0c 68 03 d6 e4  .........(..h...
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 00000050: 00 0b 00 07 01 06 ab 0d  0d 03 b8 05 28 11 0c 68  ............(..h
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 00000060: 03 4d d0 60 01 00 07 01  06 ab 0d 0d 03 b8 05 28  .M.`...........(
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 00000070: 11 0c 68 03 ea 40 70 01  00 07 01 06 ab 0d 0d 03  ..h..@p.........
Dec 12 17:11:40.963: %IOSXE-7-PLATFORM: 1 process wcm: 00000080: b8 05 28 11 0c 68 03 ea  4b 10 01 00 07 01 06 ab  ..(..h..K.......
Dec 12 17:11:40.963: 00000090: 1 wcm:  0d 0d 03 b8 05 28 11 c0  25 5c 68 50 5f 3c 01 04  .....(..%\hP_<..
Dec 12 17:11:40.964: 000000a0: 1 wcm:  01 06 ab 12 12 03 b8 05  28 11 c0 25 5c ec 05 af  ........(..%\...
Dec 12 17:11:40.964: %IOSXE-7-PLATFORM: 1 process wcm: 000000b0: 24 01 07 01 06 ab 12 12  03 b8 05 28 11 0c 68 03  $..........(..h.
Dec 12 17:11:40.964: %IOSXE-7-PLATFORM: 1 process wcm: 000000c0: ea 52 1f 24 01 07 01 06  ab 12 12 03 b8 05 28 11  .R.$..........(.
Dec 12 17:11:40.964: %IOSXE-7-PLATFORM: 1 process wcm: 000000d0: 0c 68 03 ea 4b 1f 38 01  07 01 06 ab 12 12 03 b8  .h..K.8.........
Dec 12 17:11:40.964: %IOSXE-7-PLATFORM: 1 process wcm: 000000e0: 05 28 11 0c 68 03 d6 e4  0f 38 01 07 01 06 ab 12  .(..h....8......
Dec 12 17:11:40.964: 000000f0: 1 wcm:  12 03 b8 05 28 11 c0 25  5c a3 f4 8f 30 01 07 01  ....(..%\...0...
WLC1#
Dec 12 17:11:40.964: %IOSXE-7-PLATFORM: 1 process wcm: 00000100: 06 ab 12 12 03 b8 05 28  11 0c 68 03 ea 40 7f 30  .......([email protected]
Dec 12 17:11:40.964: %IOSXE-7-PLATFORM: 1 process wcm: 00000110: 01 07 01 06 ab 12 12 03  b8 05                    ..........
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Received Neighbor List Request from Mobile  8853.2e9e.f70a
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Sending Neighbor List packet to Mobile  8853.2e9e.f70a 
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Sending L2Roam Packet to mobile  8853.2e9e.f70a
Dec 12 17:12:51.006: 00000000: 1 wcm:  01 1a 33 81 88 53 2e 9e  f7 0a c0 25 5c 68 50 50  ..3..S.....%\hPP
Dec 12 17:12:51.006: 00000010: 1 wcm:  28 11 c0 25 5c 68 50 50  01 00 02 01 06 ab 0d 0d  (..%\hPP........
Dec 12 17:12:51.006: 00000020: 1 wcm:  03 b8 05 28 11 c0 25 5c  ec 05 a0 0b 00 07 01 06  ...(..%\........
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000030: ab 0d 0d 03 b8 05 28 11  0c 68 03 ea 52 10 06 00  ......(..h..R...
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000040: 07 01 06 ab 0d 0d 03 b8  05 28 11 0c 68 03 d6 e4  .........(..h...
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000050: 00 0b 00 07 01 06 ab 0d  0d 03 b8 05 28 11 0c 68  ............(..h
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000060: 03 4d d0 60 01 00 07 01  06 ab 0d 0d 03 b8 05 28  .M.`...........(
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000070: 11 0c 68 03 ea 40 70 01  00 07 01 06 ab 0d 0d 03  ..h..@p.........
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000080: b8 05 28 11 0c 68 03 ea  4b 10 01 00 07 01 06 ab  ..(..h..K.......
Dec 12 17:12:51.006: 00000090: 1 wcm:  0d 0d 03 b8 05 28 11 c0  25 5c 68 50 5f 3c 01 04  .....(..%\hP_<..
Dec 12 17:12:51.006: 000000a0: 1 wcm:  01 06 ab 12 12 03 b8 05  28 11 c0 25 5c ec 05 af  ........(..%\...
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 000000b0: 24 01 07 01 06 ab 12 12  03 b8 05 28 11 0c 68 03  $..........(..h.
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 000000c0: ea 52 1f 24 01 07 01 06  ab 12 12 03 b8 05 28 11  .R.$..........(.
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 000000d0: 0c 68 03 ea 4b 1f 38 01  07 01 06 ab 12 12 03 b8  .h..K.8.........
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 000000e0: 05 28 11 0c 68 03 d6 e4  0f 38 01 07 01 06 ab 12  .(..h....8......
Dec 12 17:12:51.006: 000000f0: 1 wcm:  12 03 b8 05 28 11 c0 25  5c a3 f4 8f 30 01 07 01  ....(..%\...0...
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000100: 06 ab 12 12 03 b8 05 28  11 0c 68 03 ea 40 7f 30  .......([email protected]
Dec 12 17:12:51.006: %IOSXE-7-PLATFORM: 1 process wcm: 00000110: 01 07 01 06 ab 12 12 03  b8 05                    ..........
Dec 12 17:15:48.712: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Received Neighbor List Request from Mobile  8853.2e9e.f70a
Dec 12 17:15:48.712: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Sending Neighbor List packet to Mobile  8853.2e9e.f70a 
Dec 12 17:15:48.712: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2e9e.f70a Sending L2Roam Packet to mobile  8853.2e9e.f70a
Dec 12 17:15:48.712: 00000000: 1 wcm:  01 07 33 81 88 53 2e 9e  f7 0a c0 25 5c 68 81 20  ..3..S.....%\h..
Dec 12 17:15:48.712: 00000010: 1 wcm:  28 11 c0 25 5c 68 81 20  01 00 02 01 06 ab 0d 0d  (..%\h..........
Dec 12 17:15:48.712: %IOSXE-7-PLATFORM: 1 process wcm: 00000020: 03 b8 05 28 11 0c 68 03  ea 52 10 06 00 07 01 06  ...(..h..R......
Dec 12 17:15:48.712: %IOSXE-7-PLATFORM: 1 process wcm: 00000030: ab 0d 0d 03 b8 05 28 11  0c 68 03 ea 4a f0 0b 00  ......(..h..J...
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 00000040: 07 01 06 ab 0d 0d 03 b8  05 28 11 0c 68 03 d6 eb  .........(..h...
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 00000050: 20 01 00 07 01 06 ab 0d  0d 03 b8 05 28 11 c0 25  ............(..
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 00000060: 5c ec 05 a0 0b 00 07 01  06 ab 0d 0d 03 b8 05 28  \..............(
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 00000070: 11 0c 68 03 d6 e4 00 0b  00 07 01 06 ab 0d 0d 03  ..h.............
Dec 12 17:15:48.713: 00000080: 1 wcm:  b8 05 28 11 c0 25 5c 68  50 50 01 00 07 01 06 ab  ..(..%\hPP......
Dec 12 17:15:48.713: 00000090: 1 wcm:  0d 0d 03 b8 05 28 11 c0  25 5c 68 81 2f 38 01 04  .....(..%\h./8..
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 000000a0: 01 06 ab 12 12 03 b8 05  28 11 0c 68 03 ea 4a ff  ........(..h..J.
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 000000b0: 2c 01 07 01 06 ab 12 12  03 b8 05 28 11 0c 68 03  ,..........(..h.
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 000000c0: ea 52 1f 24 01 07 01 06  ab 12 12 03 b8 05 28 11  .R.$..........(.
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 000000d0: 0c 68 03 d6 e4 0f 38 01  07 01 06 ab 12 12 03 b8  .h....8.........
Dec 12 17:15:48.713: 000000e0: 1 wcm:  05 28 11 c0 25 5c ec 05  af 24 01 07 01 06 ab 12  .(..%\...$......
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 000000f0: 12 03 b8 05 28 11 0c 68  03 d6 eb 2f 3c 01 07 01  ....(..h.../<...
Dec 12 17:15:48.713: %IOSXE-7-PLATFORM: 1 process wcm: 00000100: 06 ab 12 12 03 b8 05                              .......
WLC1#show wireless client mac-address 8853.2e9e.f70a ccx roam-history
Shouldn't the output be the same as the AireOS command "show client roam-history client-mac"?
Kind regards,
Vasco Costa

Obtaining CCX Client Roaming Information (CLI)
Step 1  
View the current RF parameters configured for client roaming for the 802.11a or 802.11b/g network by entering this command:show {802.11a | 802.11b} l2roam rf-param
Step 2  
View the CCX Layer 2 client roaming statistics for a particular access point by entering this command:show {802.11a | 802.11b} l2roam statistics ap_mac
This command provides the following information:
The number of roam reason reports received
The number of neighbor list requests received
The number of neighbor list reports sent
The number of broadcast neighbor updates sent
Step 3  
View the roaming history for a particular client by entering this command:show client roam-history client_mac
This command provides the following information:
The time when the report was received
The MAC address of the access point to which the client is currently associated
The MAC address of the access point to which the client was previously associated
The channel of the access point to which the client was previously associated
The SSID of the access point to which the client was previously associated
The time when the client disassociated from the previous access point
The reason for the client roam
Debugging CCX Client Roaming Issues (CLI)
If you experience any problems with CCX Layer 2 client roaming, enter this command:
debug l2roam [detail | error | packet | all] {enable | disable}

Similar Messages

  • WLC 5760 - MAC Filtering wireless clients

    Hi,
    Does anyone ever deployed mac-filtering authentication to wireless clients in the WLC 5760?
    I've configured a WLAN for Mac-filtering authentication only (named it as "macauth"):
    wlan RNVDOS 4 RNVDOS
    aaa-override
    no broadcast-ssid
    client vlan RNVDOS
    mac-filtering macauth
    no security wpa
    no security wpa akm dot1x
    no security wpa wpa2
    no security wpa wpa2 ciphers aes
    session-timeout 1800
    no shutdown
    Then, below Configuration->Security->MAC Filtering I've added several MAC addresses i.e. :
    MAC Address: 88532e9ef70a  Attribute List: macauth
    Which turned out to be display in the CLI as:
    username 88532e9ef70a mac aaa attribute list macauth
    The problem is that whenever I try to associate the wireless client 88532e9ef70a, the client passes to the exclusion list.:
    Sep 16 10:54:55.603: 8853.2E9E.F70A Adding mobile on LWAPP AP  0C68.03EA.4070 (1)  1 wcm: E9E.F70A (.t^GwtSessionID: 0afe01fbtQ^GwH^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A  Creating WL station entry for client -  rc 0 1 wcm:
    Sep 16 10:54:55.603: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: (.t^GwtSessionID: 0afe01fbtQ^GwH^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: ssionID: 0afe01fbtQ^GwH^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.603: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm:  ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:55.603: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:55.603: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:55.603: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Idle to AAA Pending
    Sep 16 10:54:55.603: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.604: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.604: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Idle to AAA Pending
    Sep 16 10:54:55.604: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:55.604: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:55.813: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:55.813: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:55.813: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.813: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:55.813: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:55.813: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:55.813: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:55.813: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.814: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.814: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:55.814: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:55.814: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:56.520: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:56.520: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:56.520: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.520: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:56.520: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:56.520: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:56.520: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.520: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.521: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.521: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.521: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.521: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:56.729: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n 10 seconds
    Sep 16 10:54:56.729: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:56.729: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.729: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: from AAA Pending to Authenticated
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:56.729: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:56.729: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:56.729: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.729: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.730: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.730: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.730: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.730: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:56.937: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.937: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:56.937: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:56.937: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:56.937: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.937: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.937: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.937: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:57.143: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:57.143: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:57.143: 8853.2E9E.F70A apChanged 1 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:57.143: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:57.143: 8853.2E9E.F70A STA - rates (8): 1 wcm:  130 132 139 150 12 18 24 36 0 0 0 0 0 0 0 0
    Sep 16 10:54:57.143: 8853.2E9E.F70A STA - rates (12): 1 wcm:  130 132 139 150 12 18 24 36 48 72 96 108 0 0 0 0
    Sep 16 10:54:57.144:  8853.2E9E.F70A  0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [ 0C68.03EA.4070 ] 1 wcm:  site 'renova', interface 'RNVDOS'
    Sep 16 10:54:57.144: 8853.2E9E.F70A Updated location for station old AP  0C68.03EA.4070 -1, new AP  0C68.03EA.4070 -0 1 wcm: va', interface 'RNVDOS'
    Sep 16 10:54:57.144: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: P  0C68.03EA.4070 -0
    Sep 16 10:54:57.144: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:57.144: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:57.144: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:57.145: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 0 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:57.145: 8853.2E9E.F70A apfBlacklistMobileStationEntry2 (apf_ms.c: 1 wcm: 6129) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Exclusion-list (1)
    Sep 16 10:54:57.145: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 44) in 10 seconds
    Sep 16 10:54:57.145: 8853.2E9E.F70A client is added to the exclusion list, reason 1 1 wcm: d: 44) in 10 seconds
    Sep 16 10:54:57.145: *apfReceiveTask: 1 wcm:  %APF-4-ADD_TO_BLACKLIST_REASON: Client 8853.2E9E.F70A (AuditSessionID: 0afe01fb5236e37f000000de) was added to exclusion list. Reason: 802.11 association failure 
    Sep 16 10:54:57.836: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:54:58.533: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:54:59.231: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:54:59.922: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:55:06.972: 8853.2E9E.F70A apfMsExpireCallback (apf_ms.c: 1 wcm: 664) Expiring Mobile!
    Sep 16 10:55:06.972: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 46) in 60 seconds
    Sep 16 10:55:06.972: 8853.2E9E.F70A apfMsExpireMobileStation (apf_ms.c: 1 wcm: 7067) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Exclusion-list (1) to Exclusion-list (2)
    Sep 16 10:55:06.972:  8853.2E9E.F70A  0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [ 0C68.03EA.4070 ] 1 wcm: 3.2E9E.F70A  on AP  0C68.03EA.4070  from Exclusion-list (1) to Exclusion-list (2)
    Sep 16 10:55:06.972:  8853.2E9E.F70A  0.0.0.0 START (0) FastSSID for the client [ 0C68.03EA.4070 ] NOTENABLED 1 wcm: E9E.F70A  on AP  0C68.03EA.4070  from Exclusion-list (1) to Exclusion-list (2)
    Sep 16 10:55:06.972: 8853.2E9E.F70A Incrementing the Reassociation Count 1 for client (of interface RNVDOS) 1 wcm: D
    Sep 16 10:55:06.972: 8853.2E9E.F70A Clearing Dhcp state for station  ---  1 wcm:  for client (of interface RNVDOS)
    WLC1#
    WLC1#
    Kind Regards,
    Vasco

    Hi Patrick,
    Thank you for sharing your solution. It didn't solved entirely the problem but you pointed to the right direction!
    They are caused, because the system searches for an aaa authorization list, which is not configured.
    To resolve this configure the following
    aaa authorization network mac-filter local
    where mac-filter is the name you defined in the SSID.
    I've used your sugestion to create an aaa local authorization list but instead of naming it with the SSID, I've used the name of the attribute list ( macauth ) and it solved the problem:
    aaa authorization network macauth local
    username 88532e9ef70a mac aaa attribute list macauth
    wlan RNVDOS 4 RNVDOS
    client vlan RNVDOS
    mac-filtering macauth
    WLC1#sh wireless client summ
    Number of Local Clients : 1
    MAC Address    AP Name                          WLAN State              Protocol
    8853.2e9e.f70a APf872.ead7.31da                 4    UP                 11n(5)  
    Cheers,
    Vasco

  • Scripting WLC show commands (ie show client detail) every x seconds/minutes

    Is there a simple way to script using either a terminal client (putty, teraterm, etc.) or Prime Infrastructure whereby I could set up a set of commands to be run at a certain interval?
    I want to conduct some client testing roaming across a site whilst some how performing a show client detail every 15 seconds and a show run-config every 30 minutes?
    TIA,
    Nick

    Is there a simple way to script using either a terminal client (putty, teraterm, etc.) or Prime Infrastructure whereby I could set up a set of commands to be run at a certain interval?
    Yes you can. 
    The easiest method is to use console.  You can knock up a script to run the command at specific intervals and log the outputs.  If you do this, you must ensure the console timeout is expanded. 
    Another option is to create a PERL script (using KRON) to telnet/SSH into the appliance and run the command and retrieve the results. 

  • WLC 5760

    Since  i mentioned new to this tech,i deployed 2 WLC 5760 in network i connected one  of Stack wise 480 cable in ring type.but my port is down state
    when i give show switch stack-port summary both controllers are down state.
    What could be the issue can any one suggest me.
    Apart from the above issue i configured few of configuration please vlaidate it
    wlan Guest-WbAuth 3 Guest-WbAuth
    client vlan 100
    mobility anchor 192.168.5.1
    no security wpa
    no security wpa akm dot1x
    no security wpa wpa2
    no security wpa wpa2 ciphers aes
    security web-auth
    security web-auth authentication-list EXT_AUTH ---- need more information ?
    security web-auth parameter-map webparalocal -need more information ?
    no shutdown
    2. Redudancy configuration
    conf t
    service internal
    redundancy
    main-cpu
    standby console enable
    end
    session standby ios
    please validate this 

    Please follow the startup procedure:
    http://www.cisco.com/c/en/us/td/docs/wireless/technology/5760_deploy/CT5760_Controller_Deployment_Guide/CT5760_Centralized_Configuration_eg.html#pgfId-1071864

  • Wlc 5760 - wlan configuration

    I have a WLC 5760 and i did below configuration for WLAN:
    wlan 3 85 GUESTS
    client vlan 85
    no security wpa
    no security wpa akm dot1x
    no security wpa wpa2
    no security wpa wpa2 ciphers aes
    session-timeout 1800
    no shutdown
    the ap is joined with WLC:
    EFFAT-WLC#show ap summary
    Number of APs: 4
    Global AP User Name: Not configured
    Global AP Dot1x User Name: Not configured
    AP Name                           AP Model  Ethernet MAC    Radio MAC       State
    APAP16.0009.abdc                  3702I     1616.9999.8888  3c12.f123.0000  Registered
    * have changed the mac address
    but still i am not able to get the WLAN on the wireless clients. SSID is been broadcasted but when scanned on the client i am not getting it.

    Are you using any radius server ???
    if yes then use this commands: aaa-override
    Check this config :
    http://www.cisco.com/c/en/us/td/docs/wireless/technology/5760_deploy/CT5760_Controller_Deployment_Guide/Secure_WLAN_Configuration_on_Catalyst_3850WLC5508.html
    Hope it ehlps.
    Regards
    Dont forget to arte helpful posts

  • WLC 5760 AUTHMGR-5-FAIL log

    I am using the WLC 5760
    My SSID use WPA2 PSK and i don't use ISE or Radius or AAA to authentication
    Some client can connect to the AP,but can not ping the gateway
    When i show logging from WLC,it will see the log like
    %AUTHMGR-5-FAIL: Authorization failed or unapplied for client
    How do i resolve this problem
    Thank's

    Hi,
    Have you made sure that the appropriate vlans are permitted on the trunk between the WLC and the switch?
    Normally the gateway is an SVI on a core switch, so if the vlan is not permitted, you wouldn't be able to ping the gateway.
    HTH
    Mike

  • %AUTHMGR-4-UNAUTH_MOVE messages in WLC 5760

    Hi,
    We're getting this messages on a WLC 5760:
    Mar  7 14:24:32.136: %AUTHMGR-4-UNAUTH_MOVE: (fast) MAC address (0011.21c2.1f2f) from Ca7 to Ca44
    Mar  7 14:24:53.148: %AUTHMGR-4-UNAUTH_MOVE: (slow) MAC address (0011.21c2.115f) from Ca15 to Ca22
    Mar  7 14:47:40.142: %AUTHMGR-4-UNAUTH_MOVE: (fast) MAC address (0011.21c2.1fd9) from Ca9 to Ca44
    Mar  7 14:50:40.290: %AUTHMGR-4-UNAUTH_MOVE: (fast) MAC address (0011.21c2.1f6e) from Ca43 to Ca31
    Mar  7 14:50:46.398: %AUTHMGR-4-UNAUTH_MOVE: (slow) MAC address (0011.21c2.1f6e) from Ca31 to Ca43
    Mar  7 14:51:02.109: %AUTHMGR-4-UNAUTH_MOVE: (fast) MAC address (0011.21c2.1f2f) from Ca44 to Ca43
    Mar  7 14:54:34.961: %AUTHMGR-4-UNAUTH_MOVE: (slow) MAC address (0011.21c2.1f6e) from Ca22 to Ca41
    We didn't found any information regarding the message in the 3800/5700 WLC documentation but in other products we've found this:.
    #     Error Message    AUTHMGR-4-UNAUTH_MOVE, MSGDEF_LIMIT_MEDIUM: [chars] MAC address
         ([enet]) from [chars] to [chars]
              Explanation    There was an authenticated move on the old IDB. The first [chars] is slow or fast, the second [chars] is the source interface name, the third [chars] is the destination interface name, and [enet] is the MAC address.
              Recommended Action    No action is required.
    Does anyone knows the meaning of these messages on the 5760 WLC? These clients are mounted in warehouse stackers, moving in the wharehouse with speeds between 10 and 40 Km/hour and sometimes we have complains of roaming issues. Are this messages related with roaming issues?
    Kind regards,
    Vasco

    Hi Vasco,
    These messages are related to roaming and it's an expected behaviour.
    %AUTHMGR-4-UNAUTH_MOVE is expected to occur when a mac address is moved to another interface by reconnecting network devices.
    Thanks,
    Ashish

  • Any extra fine tuning / configuration to be done for Client / Voice Roaming .

    Dear Folks,
    Is there any additional configuration to be done on the 5508 WLC for Wireless Laptop / Voice Roaming ? I tested with Wireless IP Phone and found some blankness in voice , whereas i have other access point nearby , which wasn't switching over easily .
    Regards,
    SID                   

    Hi,
    When working with Cisco IP phones as mention before, we need to comply with the following
    configuration on the WLC to avoid connectivity issues as per the deployment
    guide of the 7921 and 7925 IP phones.
    Here is the link for the deployment guide of the 7921 and 7925.
    http://www.cisco.com/web/strategy/docs/healthcare/7921dply.pdf
    http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7925g/7_0/english/deplo
    yment/guide/7925dply.pdf
    The WLC version must be 4.0 or higher (show sysinfo)
    The current phone version is under: Status > Firmware Version
    App Load ID CP7921G-1.0.2.LOADS 1.0.5 is available on the web & should be
    used: http://www.cisco.com/cgi-bin/tablebuild.pl/ip-7900ser-crypto
    The 11M rate should be set for 'basic' & the 18-54M rates as optional
    This will show up in the "802.11B Configuration" "Operational Rates" section
    of the 'show run' as:   
    802.11b/g 1M Rate & others............................ Disabled
    802.11b/g 11M Rate........................... Mandatory
    802.11g 54M Rate & others............................. Supported
    If the rates lower than 11 (such as 5.5) are needed, the lowest rates should
    be the 'Mandatory'
    The 12M rate should be set for 'basic' & the 18-54M rates as optional
    This will show up in the "802.11A Configuration" "Operational Rates" section
    of the 'show run' as:   
    802.11a Operational Rates
        802.11a 6M Rate.............................. Disabled
        802.11a 9M Rate.............................. Disabled
        802.11a 12M Rate............................. Mandatory
        802.11a 18M Rate............................. Supported
        802.11a 24M Rate............................. Supported
        802.11a 36M Rate............................. Supported
        802.11a 48M Rate............................. Supported
        802.11a 54M Rate............................. Supported
    If 802.1X authentication is in use, CCKM should be employed.
    This will show up in 'show wlan ' as:
    CCKM.................................... Enabled
    TKIP encryption is recommended.
    This will show up in 'show wlan ' as:
        WPA (SSN IE)............................... Enabled
             TKIP Cipher............................. Enabled
             AES Cipher.............................. Disabled
          WPA2 (RSN IE).............................. Disable
             TKIP Cipher............................. Disabled
             AES Cipher.............................. Disabled
    The DTIM period should be set for '2' under the wireless/network settings.
    This will show up in 'show run' as:
    DTIM Period...................................... 2
    The beacon interval should be set for '100' under the wireless/network
    settings.
    This will show up in 'show run' as:
    Beacon Interval.................................. 100
    WMM should be enabled on the wlan.
    This will show up in 'show wlan ' as:
    WMM.............................................. Allowed
    The wlan QOS should be set to platinum.
    This will show up in 'show wlan ' as:
    Quality of Service............................... Platinum (voice)
    Under Controller, arp unicast should be disabled
    This will be in 'show network' as:
    ARP Unicast Mode........Disabled
    Under Controller > QOS, the platinum QOS setting should have 802.1p chosen
    and the tag set to '6'
    This will show up in 'show qos platinum' as:
    protocol......................................... dot1p
    dot1p............................................ 6
    Per WLAN CAC is set under the wlan - 'AP CAC limit'.
    This will show up in 'show wlan ' as:
    Dot11-Phone Mode .......................... ap-cac-limit
    LAN "dhcp address assignment required" should be 'disabled'.
    This will show up in 'show wlan ' as:
    DHCP Address Assignment Required................. Disabled
    Aggressive load-balancing should be disabled (under 'network'
    settings).
    DTPC should be enabled under wireless > network
    This will show up in 'show run' as:
    DTPC  Status..................................... Enabled
    If no legacy clients need long preamble, set the preamble for 'short'
    under wireless > network.
    This will show up in 'show run' as:
    Short Preamble mandatory......................... Enabled
    If using eap-fast with the WLC, the 802.1x timeout is 2
    seconds.  This is not enough time for the IP phone to download and process
    the PAC.  The timeout can be increased:
    "config advanced eap request-timeout 20"
    "save config:
    In the 7921 phone, unlike with the 7920 phone, 'auto' does not mean eap-fast
    or leap, it means 'leap' with wpa2, leap with wpa2, or wpa-psk.
    If you want to use EAP-FAST, then use EAP-FAST mode, not 'auto'.
    For 7921-7921 conversations to work, 'peer-to-peer blocking' needs to be
    'off' under the 'controller' tab (this is off by default).
    In later code, the DFS settings under Wireless > 802.11A/N
    DFS(802.11H) should be:
    Power Constraint off
    Channel Announcement on
    Channel quiet mode on.
    These values will appear in 'show 802.11h' as:
    802.11h ......................................... powerconstraint :  0
    802.11h ......................................... channelswitch :  Enable
    802.11h ......................................... channelswitch mode :  1
    Do *not* turn on 802.11b/g/n > EDCA parameters 'low latency mac' -
    make sure that is disabled.
    This will appear in the output of 'show 802.11b|802.11a' as:
    Voice MAC optimization status.................... Disabled
    802.11b/g/n > EDCA parameters - set for WMM
    'Single AP Mode' should be disabled on the phones (unless there *is*
    only a single AP).
    The RF values seen by the phone are under Settings > Status > Site Survey

  • MSE Not Showing Clients After Upgrade to 7.6.100.0

    I've upgraded our 5508 WLC's to ver 7.6.100.0.  I've also upgraded our NCS to 2.0, and our MSE to 7.6.100.0.  I now can no longer see clients on the MSE map for our sites.  I've added the WLC to the MSE syncronization.  When I select "show clients" it says 0 of 0 found.  I know I have clients connected, since I can see them in the WLC.  Is this a licensing issue?  Thanks for your help!

    Make sure that NMSP is up.
    http://www.cisco.com/en/US/products/ps9742/products_tech_note09186a0080bb497f.shtml#add-va-ncs
    On WLC console, use the show auth-list command.
    The following example shows from WLC console that there is no location server available:
    In order to manually add the MSE and establish a NMSP connection to WLC, complete these steps:
    On the MSE console, run the cmdshell command, and then the show server-auth-info command.
    This example shows the MAC address and the keyhash to be used for adding to the WLC.
    Run the config auth-list add ssc command, and then run the show auth-list.
    This example shows that the MSE was added to the WLC (manually).
    On the NCS, confirm that the NMSP connection shows Active.
    Sent from Cisco Technical Support iPhone App

  • WLC 5760 multiple SSIDs with MAC filtering

    Dear All,
    I am implementing a wireless network with 5760 WLCs. The client requires a few SSIDs with MAC-based authentication. So I created different MAC filters using the commands "aaa authorization network MAC_FILTER01 local", "aaa authorization network MAC_FILTER02 local" etc
    These filters are bound to different SSIDs using the commands "mac-filtering MAC_FILTER01" "mac-filtering MAC_FILTER02" etc. and users are added to their required MAC filters using the commands "username <mac-address> mac aaa attribute list MAC_FILTER01", "username <mac-address> mac aaa attribute list MAC_FILTER02" etc.
    Now I am facing a serious issue - users belonging to any one MAC filter can connect to the all SSIDs. It seems like the MAC addresses added to the controller under different filter names are going to a common database, thereby providing access to users to all SSIDs irrespective of their MAC filter.
    Is it a limitation of local database of 5760? Has anyone faced the same issue? How can I implement independent MAC filters bound to different SSIDs?
    Thanks,
    Arun John

    Hi Arun,
    this feature currently does not exist on the  5760. it is due to release in one of the MR's of 3.6
    -Joseph

  • Prime Infrastructure to manage WLC 5760 with IOS XE 03.03.03

    Hi there Is IOS XE 03.03.03 on WLC 5760 to be managed via Prime infrastructure 2.1 or what version do I need? It seems to be not fully supported with 2.1... Thanks and best regards Dominic

    Hi Dominic,
    The release notes http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-1/release/notes/cpi_rn.html#pgfId-43893 show support of up to 03.03.02
    I have got a 3850 WLC running on IOS XE 03.03.03 managed by Prime 2.1
    The release might not be up to date. When the release notes for Prime 2.1 came out, the highest supported is 03.02.03 and a few days later got changed to 03.03.02.
    Regards,
    Jeen Chew

  • External AAA for WLC 5760

    Hi, I have WLC 5760 on mode Centralized because I don't have Switch 3850. I need to implement dot1x authentication using external AAA Server which is in my case is Active Directory on Windows 2012 Server. You can see my configuration in pictures i attached bellow. My problem is authentication is always failed. 
    Can you give me a hint ?
    AAA Server
    Authentication
    LDAP
    WLAN Security L2
    WLAN Security L3
    ERROR Log
    Thanks

    Complete these steps in order to add the WLC as an AAA client in the ACS.
    From the ACS GUI, choose the Network Configuration tab.
    Under AAA Clients, click Add Entry.
    In the Add AAA Client window, enter the WLC host name, the IP address of the WLC, and a shared secret key. See the example diagram under step 5.
    From the Authenticate Using drop-down menu, choose RADIUS .
    Click Submit + Restart in order to save the configuration.

  • Custom WebAuth WLC 5760

    I want to setup a custom webauth for my WLC 5760. I already downloaded the webauth bundle and put it in WLC via Command Download in WLC GUI. According to Guide, after the download completed, the custom page will appear in custom page dropdown for web parameter map.
    But in my case it shows nothing. So where did I miss ?
    Thank You

    Hi
    Pls refer this document 
    http://www.cisco.com/c/en/us/support/docs/wireless/5700-series-wireless-lan-controllers/117728-configure-wlc-00.html
    HTH
    Rasika
    **** Pls rate all useful responses ****

  • WLC Guest Tunnel - client ip address problem

    I can't identify the real ip address from the local wlc if the client associated to the "guest-tunnel ssid", I can only see 0.0.0.0 from the local one. The real ip address appears only on the anchor wlc. Is it correct? And if there is any method that I can identify it from the local one?

    The "real ip" will only show up in the anchor wlc along with other client related info. Since the traffic is tunneled to the anchor, the foreign wlc will not have that info.
    Thanks,
    Scott Fella
    Sent from my iPhone

  • Certain Pages do not show up in my history log. Why is that. I have a security concern as on site was my online bank site.

    I have noticed that some websites will show up in the history log and some website will not. I have a concern that there might be a security breach on my laptop that I am not aware of.

    You probably need to "Publish All" to make all of the
    pages republish and fix their nav bars.
    Hi Allyson
    I did as you said but oh oh.......... it didn't work. I have also been told that I must add the name of the second site to my first site, so that it would look like this:
    http://web.mac.com/lorna6/secondsitename
    I am told to then use this URL and make it a hyper-link to my first site and then my sites will be linked. I take it to mean that when I hyper link it to my first site, this new URL has to be in the Navigation bar at the top of the page.
    Can I name the second site anything I want or am I constrained as I was in the naming of my first site? (the .Mac constraint of having us all use our .Mac name in the URL. BTW, I don't mind this at all, and in fact I think it's a good thing, because that way I can spot another .Mac person.
    Lorna in Southern California

Maybe you are looking for

  • Operating system for my g4

    Hello, I reciently came across a g4 that has been wiped clean and I need to install an operating system. It has 800Mhz, 256MB, 30GB . Does anyone know which operating system(s) I will be able to install on this machine. Any help will be appreciated.

  • HR Master data display control.

    Hi All, I have set up an HR admin with access such that he should not be able to view pay info of some users. However, when i tested it the user is able to partly view the pay info of a user A. However, he cannot view pay info of user B. The confusio

  • Build error in BPM

    Hi Everyone,    I have been developing  DC in BPM.I have been following the BPM  tutorial SAP NetWeaver Business Process Management Resource Center  . Version : SAP NetWeaver 7.2 SP03 While deploying the DC i am getting the following error: Error:  "

  • [SOLVED] Shuttle in PL SQL region (Apex 3.2)

    Hi OTN, Is there an option of creating shuttle element in PL SQL region? I need to have a dynamic number of those elements on my page. I have copied HTML code of a static apex shuttle (with Never condition) on this page, but no double clicks or butto

  • Confidential document

    I was able to access the following document via searching OTN. Article-ID: <Note:158367.1> Circulation: REVIEW_READY (INTERNAL) ***Oracle Confidential - Internal Use Only*** Folder: server.Internals.Corruption Topic: Articles to be Refiled Title: Ora