WLC config dubt
Dear All,
I am writing the wlc configuration on the paper, I do not have yet the wlc 5508 here. It is the first time that i configure a wlc.
I have choose to connect the wlc to two different cisco 3750 that will be the core of a small network (30 users)
To connect the wlc I have choose to do not use LAG but to configure two different APMANAGER1 and APMANAGER2, then i have assigned them two port1 and port2:
config interface create APMANAGER1 99
config interface address APMANAGER1 172.26.104.2 255.255.255.0 172.26.104.1 <-------this is the core1 layer 3 interface ip address
config interface vlan APMANAGER1 99
config interface port APMANAGER1 port1
config interface dhcp APMANAGER1 172.26.100.61 172.26.100.62
config interface ap-manager APMANAGER1 enable
config interface create APMANAGER2 99
config interface address APMANAGER2 172.26.104.3 255.255.255.0 172.26.104.254 <-------this is the core2 layer 3 interface ip address
config interface vlan APMANAGER2 99
config interface port APMANAGER2 port2
config interface dhcp APMANAGER2 172.26.100.61 172.26.100.62
config interface ap-manager APMANAGER2 enable
then I have configured 16 different wlan such as:
config interface address Direzione 172.26.100.98 255.255.255.224 172.26.100.97
config interface vlan Direzione 5
config interface dhcp Direzione 172.26.100.61 172.26.100.62
config interface quarantine vlan Quarantena 23
config wlan enable 5
My question is how I can assign each wlan to both APMANAGER? If one of the two port1 and port2 fails I want tha all wlan take over on the aviable port.
Thanks & Regards,
Igor.
You're confused on several notions :
-Most minor is that the management interface on the 5508 (only this model) also acts as an ap manager. So you just need to create one extra ap manager to have 2.
-Then there's the big confusion between wlan (SSID) and interface/vlan. You said :
then I have configured 16 different wlan such as:
config interface address Direzione 172.26.100.98 255.255.255.224 172.26.100.97
config interface vlan Direzione 5
config interface dhcp Direzione 172.26.100.61 172.26.100.62
config interface quarantine vlan Quarantena 23
config wlan enable 5
This is an interface configuration. Not a wlan/SSID configuration. But your last command is to enable SSID 5 although you are not showing the commands to create an SSID 5 with appropriate WPA settings and so on ...
-Last confusion is that ap managers are interface with which the APs are building their tunnel towards the WLC. It has nothing to do with client traffic. So you cannot bind an ap manager to SSIDs or dynamic interfaces.
Just have one AP manager configured on each port. If one port fails. All the APs who joined through that port/ap manager (logically 50% of the APs) will be disconnected and quicly reconnect through the other ap manager interface. Nothing else to do.
Nicolas
Similar Messages
-
Unknown error message in WLC Config Analyzer
Hello,
does anybody know what means the following error message from WLC Config Analyzer?
30026,General: Network state not matching: WLC3-Ortona,on 11g. My state :True, its state :True. This may introduce join issues on APs
My WLC IOS version is 7.0.98.0
Thanks
JohnnyHello,
does anybody know what means the following error message from WLC Config Analyzer?
30026,General: Network state not matching: WLC3-Ortona,on 11g. My state :True, its state :True. This may introduce join issues on APs
My WLC IOS version is 7.0.98.0
Thanks
Johnny -
WLC Config Analyzer and AP Model / End of Sale APs
Be nice if the WLC Config Analyzer spit out a list of end of sale/end of life. I know the some TLMA type tools will do this with SNMP.
I've got a show run-config from a lot of 5508s running 7.6 and want to recommend older APs be replaced, however each controller has almost 500 APs on it. I could do a "show ap summary" and then some excel magic to find them.
Be nice if I could do a sort/statistic of what model APs across many 5508s.You need to configure the AP's in h-reap or FlexConnect which it is called in version 7.2. This way you can specify what ssid is mapped to what local vlan.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080736123.shtml -
I have several WLC's in our enviornment and one WCS managing them. I use Orion to monitor and backup the configs to all our devices, which stores all them all in a organized database in txt format, this way I can simply cut and paste the config back into a device when needed, however I have tried to backup our WLC in the same manner and have been unsuccesful in every attempt.
Does anyone know of a way to backup all WLC configs in txt format using Orion?Text backups generally don't work with WLC's in my experience. I back up my controllers via WCS. The difference is that Orion is probably doing something like a "show run", which doesn't give you everything you need to restore a controller to a previous state. WCS makes the same kind of XML backups that would be created if you used the web management interface on the controller to create a backup. The XML backups are pretty much one stop shopping for everything you need to get a controller back up and running (although you should always test your backup process).
Robert -
Clear WLC config (on WiSM v4.0.179.8)
I did,
clear config,
then
reset system
(without saving).
Then WLC rebooted and went into setup dialog as expected.
What was not expected was that the,
User:
Password:
were not back to default of admin, admin but had retained their easlier settings.
Why were User and Password not reset to default values?
Thanks, MHMy apologizes on the below post - do you get the same response when you reboot the WLC and hit 'ESC' for additional boot options - and then clear the config this way?
-
Binary WLC config - does it hols AP config?
Can I put binary config backup from a working WLC (WiSM in this case) into a factory default WLC & be up & running again? Specifically, is AP config in binary file? (Cisco Doco states AP config is not in "show running-config" output for example).
After putting binary file in factory default WLC I know I'll have to reconfigure Mobility Group since it refers to MAC addresses of other controllers. Any other gotchas like this?
Thanks, MHIf you take a backup of the config of your WLC, you can easily re-apply that to another WLC of the same type & code version.
When you ask about the config holding the AP Config, I'm not sure what you mean. The AP it's self will store much of it's own configuration in local Flash - is there something specific you're aiming at? -
Copy WLC Config from 2006 to 2106
I've had a WLC 2006 for a while. Just purchased the WLC 2106 as an upgrade. Is it possible to copy the config of the 2006 to the 2106? I don't want to have to manually recreate the WLANs and reassociate the APs with the new controller. I have tried saving the 2006 config to a TFTP server and uploading it to the 2106, but I get an error saying file type is not supported.
I did jsut notice there is a bootloader update available for the 2106. I didn't look for it before, I thought I read the 2106 couldn't have the bootloader updated.
"Note - You can use this command to verify the boot software version on all controllers except the 2106 because the bootloader is not upgradable on the 2106 controller."
Can you verify if this is correct as well as having a bootloader mismatch is causing my config copy issues? -
I am finding it difficult to locate the backup config files for my controllers on the WCS server. Can someone tell me the file extension and the file folder where these files are saved so I can verify they are getting saved? This seems to be more complicated to find than it needs to be.
When WCS was installed it asked you for a folder name where to store these files. Go to Admin--Settings--Server Settings and you will see the drive and folder name. Look in these .. Should be under TFTP folder
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection." -
Measuring the result of AP/WLC config changes.
What can I do to see the affects of reducing power levels and disabling certian data rates in our environment?
We have 5508 WLC running 7.4 and a mixture of 3502, 3602, and a couple of 1142s.The best way to visibly see the difference would be to walk around with a survey laptop in passive mode. You could use AirMagnet or Ekahau to do this and it will give you a heatmap of the signal strenghts
HTH,
Steve
Please remember to rate useful posts, and mark questions as answered -
WLC config analyzer - AP Aprox Cert Expiration
Hi All,
I just notice the config analyzer show AP certificate expiration date.
I have some older 1131 expiring starting in July. Why is this?
Model
Admin Status
Serial
Aprox Cert Expiration
AIR-LAP1131AG-E-K9
Enabled
FCZ0932Q0CX
2015 August
AIR-LAP1131AG-E-K9
Enabled
FCZ0932Q0D2
2015 August
AIR-LAP1131AG-E-K9
Enabled
FCZ0932Q0BG
2015 August
AIR-LAP1131AG-E-K9
Enabled
FCZ0932Q0BR
2015 August
AIR-LAP1131AG-E-K9
Enabled
FCZ0932Q0BK
2015 August
AIR-LAP1131AG-E-K9
Enabled
FCZ0932Q0BH
2015 August
AIR-LAP1131AG-E-K9
Enabled
FCZ0951Q0RL
2015 December
AIR-LAP1131AG-E-K9
Enabled
FCZ0931Q0ED
2015 July
AIR-LAP1131AG-E-K9
Enabled
FCZ0931Q0EH
2015 July
AIR-LAP1131AG-E-K9
Enabled
FCZ0931Q0EE
2015 July
AIR-LAP1131AG-E-K9
Enabled
FCZ0948Q11D
2015 November
AIR-LAP1131AG-E-K9
Enabled
FCZ0948Q112
2015 November
AIR-LAP1131AG-E-K9
Enabled
FCZ0948Q10Z
2015 November
AIR-LAP1131AG-E-K9
Enabled
FCZ0948Q10B
2015 November
AIR-LAP1131AG-E-K9
Enabled
FCZ0948Q0JJ
2015 NovemberHi Loe,
Thanks for the quick reply.
Solution:
To allow additional usage of hardware, beyond the 10 year certificate date, Cisco is providing a software maintenance release with a feature to ignore the validity period of the certificates in the CAPWAP authentication process.
Maintenance releases with the feature to ignore the validity period of the certificates are being created for AireOS 7.0, 7.4 and 8.0 and expected to be on www.cisco.com by the end of April for 7.0 and 7.4, and by the end of June 2015 for 8.0.
* what about Maintenance releases for 7.6.x.x? any plans?
/Finn -
3850 as WLC config to connect to 6509
We have a 3850 which is currently being used as a L3 routing device between our core and Wan edge. I have started to look into the WLC and have an AP connected to the switch.
My question is do I need to trunk this switch into our core to be able to get the vlans through or as the tunnels are terminated on the switch would they just route from the switch.
What is the recommended configuration for the 3850 as a WLC
Thanks
RogerIMHO, the recommended configuration is going to be what works in your scenario.
If you are doing L3 on that Switch, and turn on the WLC functions the switch is going to terminate the CAPWAP tunnel. From there any traffic is going to follow the routing rules you have in place.
So unless you have a really compelling reason to change your link to the 6500 to be L2 and have those VLAN live on the switch, leave it a L3 connection and let the traffic route.
HTH,
Steve -
Error in 7.0 WLC Config Guide?
Maybe one of our Cisco TAC friends here on the forum can confirm or deny.
It states in 7.0, Inter-Subnet roaming is Asymmetric. Didn't Asymmetric die in 5.1 code and only SYMMETRIC tunneling is allowed ?
When you do a >show mobility summary (symmetric) is shown with no option for Asymmertic
Here is the link that states Asymmertic
http://www.ciscosystems.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70mobil.html
Thanks
EDIT: It states lower down in the document is it gone in 5.1 code. But gezzz, someone can get the wrong impression reading this ...Hi George,
it is indeed a big mistake.
I'll submit a documentation bug to have this corrected. It is extremely misleading.
Thanks !
Nicolas -
The system has unsaved changes - WLC Startup-config
Hi guys,
Is there a command to see the startup-config?
Or a command to see "what exactly" am I going to save when receiving the below message:
The system has unsaved changes.
Would you like to save them now? (y/N)
I tried show run-config vs uploaded configuration file, but the format is different so I cannot compare...Hi
With Areonet OS (5508,2504,etc) you do not have this freedom
If it is IOS you can do this using a single command "show archive config differences nvram:startup-config system:running-config" So with 5760/3850 you can do this.
http://mrncciew.com/2012/11/08/show-archive-config-differences-is-your-friend/
With Areonet 5508,2504 if you need to know what commands your configuration will adds to your config, you can do some sort of workaround (though it is not clean,still you can see what lines adding to WLC config)
Do "debug aaa tacacs enable" on your WLC CLI & then make a change using WLC GUI, you will see on your CLI what commands it will add to your config.
So you have to make your changes one by one to learn all the CLI config addition to your configuration.
HTH
Rasika
**** Pls rate all useful responses **** -
WLC 4402 Multiple clients can connect to AP but only one gets an IP
I have a 4402 which is connected to a 4506 Switch int Gig 3/1 via a trunk port. The Managment and AP-manger interfaces are on vlan 6
interface GigabitEthernet3/1
description Trunk Port to WLC
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2-6
switchport mode trunk
end
I have a 1142N AP also connected to the switch and it pulls a DHCP IP Address and configs etc and registers to the WLC. It too is on Vlan 6 and it is connected to the 4506 on int gig 4/33 which is an access port.
interface GigabitEthernet4/33
description Access port to Cisco LAP 1142
switchport access vlan 6
switchport mode access
end
My router is my dhcp server;
ip dhcp pool wlanmantraffic
network 10.6.0.0 255.255.255.0
default-router 10.6.0.1
dns-server 66.109.38.250 10.7.0.8
option 43 hex f104.3130.2e36.2e30.2e33
interface FastEthernet0/1.6
description Vlan6
encapsulation dot1Q 6
ip address 10.6.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
I am doing local authentication, so i have added users to the WLC
My problem is that the first client that connected was able to get an IP address and connect to anything internal and external.
I then connected another client on another laptop and that client could connect but not get an IP address, it just self assigned.
When i look at the clients i can see the MAC address of both Clients on the WLC, but doing a show mac address-table dynamic i only see the MAC of the client that works properly. The client that doesnt get an IP has no entry in the 4506 switch.
I am stumped, from what I understand, is that the 2nd clients traffic is being trunked to the WLC , hence it has the MAC address. But I dont know why its not getting a DHCP assigned IP address.
Thanks in advance for your help.Here is some of the WLC config,
(Cisco Controller) >show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "4400 Series WLAN Controller:25 APs"
PID: AIR-WLC4402-25-K9, VID: V02, SN: FOCblankedbyme
Burned-in MAC Address............................ 00:07:0E:55:FA:C0
Crypto Accelerator 1............................. Absent
Crypto Accelerator 2............................. Absent
Power Supply 1................................... Absent
Power Supply 2................................... Present, OK
Maximum number of APs supported.................. 25
Press Enter to continue or to abort
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.235.3
RTOS Version..................................... 7.0.235.3
Bootloader Version............................... 7.0.235.3
Emergency Image Version.......................... 7.0.235.3
Build Type....................................... DATA + WPS
System Name...................................... CISCO-LWAPP-CONTROLLER
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.14179.1.1.4.3
IP Address....................................... 10.6.0.3
System Up Time................................... 0 days 21 hrs 7 mins 20 secs
System Timezone Location......................... (GMT -5:00) Eastern Time (US a
nd Canada)
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +36 C
--More or (q)uit current module or to abort
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 3
Burned-in MAC Address............................ 00:07:0E:55:FA:C0
Crypto Accelerator 1............................. Absent
Crypto Accelerator 2............................. Absent
Power Supply 1................................... Absent
Power Supply 2................................... Present, OK
Maximum number of APs supported.................. 25
Press Enter to continue or to abort
AP Bundle Information
Primary AP Image Size
ap3g1 6672
ap801 5180
ap802 5220
c1100 3092
c1130 4960
c1140 4980
c1200 3360
c1240 4800
c1250 5500
c1310 3132
c1520 6400
c3201 4312
c602i 3712
Secondary AP Image Size
ap801 4952
c1100 3040
--More or (q)uit current module or to abort
c1130 4880
c1140 4492
c1200 3312
c1240 4712
c1250 5060
c1310 3080
c1520 5240
c3201 4260
Press Enter to continue or to abort
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Strong Password Check Features:
case-check ...........Enabled
consecutive-check ....Enabled
default-check .......Enabled
username-check ......Enabled
Press Enter to continue or to abort
Network Information
RF-Network Name............................. RFMobile
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Unicast
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Enabled
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
--More or (q)uit current module or to abort
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
Apple Talk ................................. Disable
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect ................... Disable
Fast SSID Change ........................... Disabled
802.3 Bridging ............................. Disable
IP/MAC Addr Binding Check .................. Enabled
Press Enter to continue or to abort
Port Summary
STP Admin Physical Physical Link Link Mcast
Pr Type Stat Mode Mode Status Status Trap Appliance POE
1 Normal Forw Enable Auto 1000 Full Up Enable Enable N/A
2 Normal Forw Enable Auto 1000 Full Up Enable Enable N/A
Press Enter to continue or to abort
AP Summary
Number of APs.................................... 1
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location
Port Country Priority
NOSC-N-B1917-AP01 2 AIR-LAP1142N-A-K9 00:22:bd:1b:34:5a Route
23B 1 US 1
AP Tcp-Mss-Adjust Info
AP Name TCP State MSS Size
NOSC-N-B1917-AP01 disabled -
Press Enter to continue or to abort
AP Location
Total Number of AP Groups........................ 0
Site Name........................................ default-group
Site Description.................................
WLAN ID Interface Network Admission Control Radio Pol
icy
1 management Disabled None
AP Name Slots AP Model Ethernet MAC Location
Port Country Priority
NOSC-N-B1917-AP01 2 AIR-LAP1142N-A-K9 00:22:bd:1b:34:5a Route
23B 1 US 1
Press Enter to continue or to abort
AP Config
Cisco AP Identifier.............................. 6
Cisco AP Name.................................... NOSC-N-B1917-AP01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:22:bd:1b:34:5a
IP Address Configuration......................... DHCP
IP Address....................................... 10.6.0.26
Gateway IP Addr.................................. 10.6.0.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Enabled
Ssh State........................................ Enabled
Cisco AP Location................................ Route 23B
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or to abort... Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.3
Boot Version ................................... 12.4.18.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1142N-A-K9
AP Image......................................... C1140-K9W8-M
IOS Version...................................... 12.4(23c)JA6
--More or (q)uit current module or to abort
Reset Button..................................... Enabled
AP Serial Number................................. FTX1337SA7D
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 6
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... CUSTOMIZED
AP User Name..................................... danielott
AP Dot1x User Mode............................... CUSTOMIZED
AP Dot1x User Name............................... danielott
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 0 days, 19 h 22 m 53 s
AP LWAPP Up Time................................. 0 days, 01 h 08 m 46 s
Join Date and Time............................... Mon Nov 5 16:17:51 2012
Join Taken Time.................................. 0 days, 00 h 00 m 12 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211n-2.4
--More or (q)uit current module or to abort
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:27:0d:07:cb:e0
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
6000 Kilo Bits........................... SUPPORTED
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... SUPPORTED
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... SUPPORTED
36000 Kilo Bits.......................... SUPPORTED
--More or (q)uit current module or to abort
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
MCS Set
MCS 0.................................... SUPPORTED
MCS 1.................................... SUPPORTED
MCS 2.................................... SUPPORTED
MCS 3.................................... SUPPORTED
MCS 4.................................... SUPPORTED
MCS 5.................................... SUPPORTED
MCS 6.................................... SUPPORTED
MCS 7.................................... SUPPORTED
MCS 8.................................... SUPPORTED
MCS 9.................................... SUPPORTED
MCS 10................................... SUPPORTED
MCS 11................................... SUPPORTED
MCS 12................................... SUPPORTED
MCS 13................................... SUPPORTED
MCS 14................................... SUPPORTED
MCS 15................................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Level 6 .......................... 5 dBm
Tx Power Level 7 .......................... 2 dBm
Tx Power Level 8 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
--More or (q)uit current module or to abort
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 1
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11
TI Threshold .............................. -50
Legacy Tx Beamforming Configuration ....... AUTOMATIC
Legacy Tx Beamforming ..................... DISABLED
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
802.11n Antennas
A....................................... ENABLED
B....................................... ENABLED
C....................................... ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
--More or (q)uit current module or to abort
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Cisco AP Identifier.............................. 6
Cisco AP Name.................................... NOSC-N-B1917-AP01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:22:bd:1b:34:5a
IP Address Configuration......................... DHCP
IP Address....................................... 10.6.0.26
Gateway IP Addr.................................. 10.6.0.1
--More or (q)uit current module or to abort
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Enabled
Ssh State........................................ Enabled
Cisco AP Location................................ Route 23B
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address...............Secondary Cisco Switch Name.......
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.3
Boot Version ................................... 12.4.18.0
Mini IOS Version ................................ 3.0.51.0
--More or (q)uit current module or to abort
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1142N-A-K9
AP Image......................................... C1140-K9W8-M
IOS Version...................................... 12.4(23c)JA6
Reset Button..................................... Enabled
AP Serial Number................................. FTX1337SA7D
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 6
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... CUSTOMIZED
AP User Name..................................... danielott
AP Dot1x User Mode............................... CUSTOMIZED
AP Dot1x User Name............................... danielott
--More or (q)uit current module or to abort
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 0 days, 19 h 22 m 53 s
AP LWAPP Up Time................................. 0 days, 01 h 08 m 46 s
Join Date and Time............................... Mon Nov 5 16:17:51 2012
Join Taken Time.................................. 0 days, 00 h 00 m 12 s
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211n-5
Radio Subband................................ RADIO_SUBBAND_ALL
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:27:0d:07:cb:e0
Operation Rate Set
--More or (q)uit current module or to abort
6000 Kilo Bits........................... MANDATORY
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
MCS Set
MCS 0.................................... SUPPORTED
MCS 1.................................... SUPPORTED
MCS 2.................................... SUPPORTED
MCS 3.................................... SUPPORTED
MCS 4.................................... SUPPORTED
MCS 5.................................... SUPPORTED
MCS 6.................................... SUPPORTED
MCS 7.................................... SUPPORTED
MCS 8.................................... SUPPORTED
MCS 9.................................... SUPPORTED
MCS 10................................... SUPPORTED
MCS 11................................... SUPPORTED
MCS 12................................... SUPPORTED
MCS 13................................... SUPPORTED
--More or (q)uit current module or to abort
MCS 14................................... SUPPORTED
MCS 15................................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 21
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 7
Tx Power Level 1 .......................... 17 dBm
Tx Power Level 2 .......................... 14 dBm
Tx Power Level 3 .......................... 11 dBm
--More or (q)uit current module or to abort
Tx Power Level 4 .......................... 8 dBm
Tx Power Level 5 .......................... 5 dBm
Tx Power Level 6 .......................... 2 dBm
Tx Power Level 7 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 161
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 36,40,44,48,52,56,60,64,100,
......................................... 104,108,112,116,132,136,140,
......................................... 149,153,157,161,165
TI Threshold .............................. -50
Legacy Tx Beamforming Configuration ....... AUTOMATIC
Legacy Tx Beamforming ..................... DISABLED
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
802.11n Antennas
A....................................... ENABLED
--More or (q)uit current module or to abort
B....................................... ENABLED
C....................................... ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No -
WLC, FlexConnect, ISE: Dynamic VLAN not working
Hi,
Not sure if this is a WLC or ISE problem, but since I am unsure of the WLC config I will try here first.
Equipment:
WiSM2 7.2.111.3
ISE 1.1.1.268
AP 3502 in FlexConnect
What I want to achive:
One SSID, multiple VLAN
Devices gets profiled in ISE and based on type of device it gets asigned to a VLAN
Problem:
When the device connects the first time it ends up in native VLAN and not switched to the right VLAN, but when I reconnect then it is added to the right VLAN.
WLC config (I know you like images so here you go ):
I must be missing something but I can't figure out what. I will be attaching a debug aaa event enable for when the client connect the first time.
In ISE I have an Authorization Profile that just say VLAN ID/Tag 158 (the VLAN that the device should go to) an it is added to the Authorization rule of the profiled device. CoA is set to Reauth.
When the client connects I get three events in ISE:
1.
Authentication failed :
22056 Subject not found in the applicable identity store(s)
2. Authentication Success. With the results:
UserName=00:18:DE:A2:BC:3A
User-Name=00-18-DE-A2-BC-3A
State=ReauthSession:c20e8b2f0000027e50ed27f8
Class=CACS:c20e8b2f0000027e50ed27f8:ISE01/144259326/671335
Termination-Action=RADIUS-Request
Tunnel-Type=(tag=1) VLAN
Tunnel-Medium-Type=(tag=1) 802
Tunnel-Private-Group-ID=(tag=1) 158
cisco-av-pair=profile-name=AX-Intel-Device
3.
Dynamic Authorization failed :
11213 No response received from Network Access Device
Has anyone got this to work? Do I need to add FlexConnect groups? If so then why?
Regards,
PhilipI think you're hitting CSCua58554
The bugtoolkit description is horrible.... From what I recall when I ran into it, I believe that Flex connect is having a problem with Mac filtering based AAA override on open wlans (and/or CWA based). In general, AAA override works fine when it is from like an eap authentication.
We had to use a 7.3 ES to resolve it.....
Looks like it is implemented in 7.4 though..... If you dont want to join the 7.4 bandwagon quite yet, you might could ask TAC for an ES of 7.3, don't think they have a 7.2 build.
Maybe you are looking for
-
I updated 5.0.1 to my iPhone 4. Just before it I syncronized the phone with iTunes not to loose my content. However after uploading 5.0.1 I couldn't first connect the to iTunes and when I finally succeeded to get iTunes to recognize the iPhone the ve
-
Wifi with stock kernel driver rtl8192ce not working consistently
Hi, My wifi card RTL8188CE does not work consistently with kernel driver rlt8192ce. The problem that i observe is that after some time ~1hr wifi devices get disconnected and are not able to reconnect. On restarting wifi using systemctl restart hostap
-
I can't print on my HP Photosmart C309a from my new Mac book air
I bought a new mac book air and with the new version system iOS X 10.9.1 I can´t print. I try to add it as a printer and it posts, ¨Can't install the software because it is not currently available from the Software Update server.¨. Is there anything
-
Hi! We have a report with ALV Grid. When we press "Microsoft Excel" button to activate it, the following error appears: "Template not found in BDS - Layout: Templat Guid:". Do we have to apply a note to correct this problem? Or do we have to create
-
Setting font of a column headers
Hi! How can I set a font (size,color, etc.) of column headers in tabular form? Tom