WLC DMZ licensing

Quick question:
If I were to put a WLC in a DMZ to act as an anchor for guest access, wireless primarily possibly wired later, as there are no APs connecting directly to the WLC I wouldn't need a high capacity WLC would I?  Bandwidth, processing power and number of SSIDs would be the limitations.
If sopme one could confirm that would be great.
thanks
Chris

Hi Chris,
You are most correct my friend
Here is a clip from a Cisco Training "White Paper"
"Guest access points do not have to be joined to the anchor controller. The most cost effective controller to use is the Cisco 4402 series controller. This controller can support up to 40 connections to foreign controllers, 2500 guest clients and provide two gigabits of forwarding capacity."
Cheers!
Rob

Similar Messages

  • WLC upgrade license and access point

    Hi everyone,
    I need suggestion regarding wlc 5508  upgrade license. Right now i have 150 license for access points. There will be upgrade around 300 access points. So we are planning to buy new license until the maximum capacity of 5508 (500 licenses).
    Our management ip address is 192.168.50.x/24 . so all the access point are pointed to this management ip address (in the same subnet)
    First question,
    Because there will be an upgrade to around 450 access point. The current management ip address will not be enough.
    Please, give me the  best suggestion ?
    Should i create another management ip address ? or I need to make a bigger subnet using the current management ip address ?
    if i create a bigger ip address, the current access points must be set again yups ?
    Second question
    There will be a new link connected to the wlc, and i want to create new user subnets.
    what is the best practices for this matter ?
    if there are better suggestion, please let me know, i am still learning about wireless
    I have attached the topology.
    Thank you
    Fanie

    For an example, a 5508 can support up to 500 AP's, and the AP's can be in one large subnet or be in many different subnets and or even different locations. As long as the ap knows how to discover the WLC or the ap already had joined the WLC, then the AP's don't have to be on the same subnet as the WLC. The easiest way to have AP's join is to stage them on the same subnet as the WLC management and then move them to a different subnet. I would probably have no more than 100 AP's per subnet, but that's me. Stage some AP's on the management subnet that the WLC is on and then when the AP's join and complete downloading code, change the switch port Vlan and shut and no shut the port. The ap will come back up and join the WLC.
    Sent from Cisco Technical Support iPhone App

  • WLC-5508 License Moves

    Hello,
    My network has 26 WLC's. 11 of them are 4402's, the rest are 5508's. 4 of the 5508's are the mobility anchors for the guest traffic. This summer we are removing the 4402's and re-arranging. 6 of the locations will be converted to Meraki. The goal at the end of the summer is to have these locations switched to Meraki and the 5508's consolidated. They will be set up at 4 sites. 1 site just a guest controller. The other 3 will have 3 5508's. 1 for mobility anchor, 1 for the AP's in the sector, 1 as a failover. I have been planning this setup and came upon a question. How do I consolidate the licenses on the 5508's? I have enough from the Meraki locations to comfortably support our AP's, just not per 5508.

    Indeed. The only possibilities are 100/100 or 100/0.
    100/100 means, it's a 100 ap license and it's activated.
    100/0 means that it's a 100 ap liecnse but it's not activated on the WLC.
    I don't see a way of only activating half of the AP count of one license (100/50 for example). I don't think that this is possible.
    Nicolas

  • WLC base license vs evolution licenses

    Good afternoon,
    one of my client I had ordered 100 adder license for his new setup.
    current setup have only 40 license. now i want to use 20 more aps with his existing wlc 5508.
    now my question is that, can i use my existing as well as evolution licenses for time being (e.g. 40+evolution) or  i can use only evolution for time being. after coming my new adder licenses, i can add my new ap license in WLC and  roll back as it is. or how it will act.
    can you help me in that.
    Nalin

    Hi Nalin,
    I don't think you can use an evaluation to increase an existing license. Normally Evalaution are  for WLC's with zero AP license and that expire after 60 days.
    Better to order adder licencse and then use other APs.
    Check here: http://www.cisco.com/image/gif/paws/112926/5508-wlc-license.pdf
    Hope it helps.
    Regards
    Dont forget to rate helpful posts

  • 2504 WLC DTLS License

    Hi,
    Does anyone know how to view if a WLC has a DTLS licence installed?
    "show license all" doesn't appear to show anything related to DTLS, perhaps that's because it's not on there...
    Thanks,
    Peter

    Here is a WLC that had the LDPE image installed and I had to install a DTLS license:
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.0.230.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... 6.0.182.0
    Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
    Build Type....................................... DATA + WPS + LDPE
    show license all
    License Store: Primary License Storage
    StoreIndex:  0  Feature: base   Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Count: Non-Counted
            License Priority: Medium
    StoreIndex:  1  Feature: base-ap-count   Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Count: 100/100/0
            License Priority: Medium
    StoreIndex:  2  Feature: data_encryption   Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Count: Non-Counted
            License Priority: Medium
    License Store: Evaluation License Storage
    StoreIndex:  0  Feature: base   Version: 1.0
            License Type: Evaluation
            License State: Inactive
                Evaluation total period:  8 weeks  4 days
                Evaluation period left:  8 weeks  4 days
            License Count: Non-Counted
            License Priority: None
    StoreIndex:  1  Feature: base-ap-count   Version: 1.0
            License Type: Evaluation
            License State: Inactive
                Evaluation total period:  8 weeks  4 days
                Evaluation period left:  8 weeks  4 days
            License Count: 500/0/0
            License Priority: None
    Here is a WLC that didn't have the LDPE image whcih you want:)
    show sysinfo
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.0.230.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... 6.0.182.0
    Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
    Build Type....................................... DATA + WPS
    show license all
    License Store: Primary License Storage
    StoreIndex:  0  Feature: base   Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Count: Non-Counted
            License Priority: Medium
    StoreIndex:  1  Feature: base-ap-count   Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Count: 500/500/0
            License Priority: Medium
    License Store: Evaluation License Storage
    StoreIndex:  0  Feature: base   Version: 1.0
            License Type: Evaluation
            License State: Inactive
                Evaluation total period:  8 weeks  4 days
                Evaluation period left:  8 weeks  4 days
            License Count: Non-Counted
            License Priority: None
    StoreIndex:  1  Feature: base-ap-count   Version: 1.0
            License Type: Evaluation
            License State: Inactive
                Evaluation total period:  8 weeks  4 days
                Evaluation period left:  8 weeks  4 days
            License Count: 500/0/0
            License Priority: None

  • 2504 WLC Additional License

    Dear Friends,
     I have 2500 series WLC, under 7.6 image, when i want to update with additional three license, i send my *.lic file through
    TFTP, after that i press install, but nothing happens, after some amount of time it says Operation Timeout,
    when i send lic file through TFTP i use path like: tftp://ip-address/licfile.lic
    What im doing wrong?
    Thank you

    Hi Kamran,
    First configure TFTP root directory and put this license file in it.
    Then use this :
    If Licensefile.lic is in License folder then:
    tftp://server_ip/License /Licensefile.lic.
    or If Licensefile.lic file are diretcly under root directory:
    tftp://server_ip/Licensefile.lic.
    Regards
    Dont forget to rate helpful posts

  • WLC Adder Licenses

    Hello,
    I have an AIR-CT5508-25-K9 WLC and a 25AP adder license L-LIC-CT5508-25A.
    As far as I understood, installing the adder license should provice an added 25AP to the already existing 25AP from the initial licensing. However, after installing the license I can still see a max count of 25APs instead of the expected 50.
    Could you please let me know if there is a flaw in my understanding of the licensing and if so please explain the adder license scheme for this particular case?
    Thank you,
    Barbara

    Hi,
    Here is the link to to the same.. please make sure tha twe are rebooting the system to take the chenges into effect.
    http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70ccfg.html#wp1880145
    Lemme know if that helps!
    Regards
    Surendra

  • WLC Lifecycle License

    Hi,
    I have a Cisco Wireless LAN Controller with 51 access points, model 2601. And I would like to buy the Cisco Prime Infraestructure 2.0, I have doubts about the Lifecycle License, how many lifecycle device license I need? For 52 devices (01 WLC + 51 CAPs) I need the L-PI2X-LF-100 ?
    Thanks

    You'll need one lifecycle license for each AP, none for the WLC
    I believe you could go for one L-PI2X-LF-25 and one L-PI2X-LF-50 giving you 75 lifecycle licenses

  • Cisco wlc license evaluation

    I have a question
    I have a wlc 5508 with license base to a capacity 100 AP. I have already registered 65 AP, and now  I need to register in to wlc 57 AP more.
    I would like to install a license of evaluation by 30 days. After that i'm going to purchase a new license to support all my APs.
    Please could you tell me how many AP adder the capacity in the WLC the license of evaluation?
    The license of evaluation are base or ap-count?
    Regards
    Ivan.

    The controllers come with a 60 day license. Here is a link explaining licensing on the 5508
    http://www.cisco.com/image/gif/paws/112926/5508-wlc-license.pdf
    "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
    ‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

  • URGENT HELP WITH VIRTUAL WLC

    We had a problem with Virtual Machine which Cisco Virtual WLC installed. Virtual Machine files were damaged and the system was not start normally. We have had to reinstall the WLC, but after installation impossible to import current license to new one.
    how can we install this licence again?

    Licenses are tied to the device they're being used on. With a virtual WLC, the license is tied to the unique identifier of the vWLC and when you recreated the vWLC after your VMware problems the new vWLC has a different unique identifier.
    It's a similar situation to what happens when a physical controller is faulty and is swapped out by cisco, the replacement will have a different serial number and you'd have to re-host the license to the new serial number.

  • Wireless controller ha between wlc5508 and wlc 4402

    We have 2 wlc:  a wlc 5508 ( license 100 AP ) and  wlc 4402 ( license 12AP).
    We try to setup when 5508 down, 12 identify AP (important AP -Group A) will join 4402 and all other AP (not improtan AP -Group B)
    wont joint  wlc 4402.
    First, all AP join wlc 5508, 2 WLC have same mobility group.
    After that, we  config 12 APs belongto group A have primary and secondary wlc, group B only has primary wlc.
    When wlc 5508 down, some of APs of GroupA and   some of APs of GroupB join wlc 4402. We test many times and we have differnet result each times.
    is theare any way to resolve our problem?
    Thanks.

    Just to add, make sure that the WLC is running the same code, if not, then make sure the ap is supported on the code that is running on the 5508. The issue with mixed code is the ap will upgrade and downgrade very time they switch to a different WLC.
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
    Sent from Cisco Technical Support iPhone App

  • Upgrade WLC 5508 to 7.3x or 7.4x?

    Hi Community,
    In order to enbale HA SSO on our two 5008 WLC's, I plan to upgrade them to 7.3 / 7.4 (currently 7.2)
    Right now 7.3.112.0 is the latest release. We do not have any 1600 series AP's, which requires 7.4.
    So here's my question..any reason going for 7.4 directly..or not going for it?
    Thanks for your thoughts/input,
    Stefan

    There are a lot of open bugs in both versions which is the problem. We have had customers go from the 7.3 to 7.4 then to the latest 7.3 and they still have HA issues. We have had a few just get rid of the HA and go with the normal two WLCs with license model. Since many have hit different bugs, I can't really tell you which one pisses them off more.
    Sent from Cisco Technical Support iPhone App

  • WLC 2504 HA Configuration

    Hi Guys,
    What configuration should I use in order to configure HA using 2x Cisco WLC 2504 ?
    - Do I need to have licenses for 2x Controllers ? I have only one WLC with license installed.  
    At the moment I have the following scenario below.
    AIR-CT2504-K9 – Primary (30 Aps Supported)
    AIR-CT2504-HA-K9 – Secondary (0 license)
    Software Version - 7.6.130.0 (Both Controllers)
    Both controllers are going to be in the same place.
    Can anyone help me please ?
    Thanks,
    Everton

    Thanks Scott Fella !
    Just one more question.
    Should I use a crossover cable to connect the primary controller to the secondary ? Or should I use a switch to connect them ?
    Thanks,
    Everton

  • Multiple WLC and AP secondary config

    Hi all, we have 2 WLC, each licensed for 12 AP's. Here is the issue, we will have up to 20 Ap in our enviroment. No problem getting each AP assigned to a primary controller. My question is assinging an AP to a secondary. If I assign 10 AP's to each as a primary, and then have each assigned to the other controller as a secondary, in the event we lose 1 controller the other will now have 20 AP's associating with it. How does the WLC handle this situation? Just accept the first 2 requests then ignore all the other 8 request?

    Hi Jeffrey,
    Just to add a note to the great tips from Dan and Leo (+5 points each guys!)
    One of the recommended designs for WLC/AP failover and redundancy is referred to as the "n+1" rule. So in your design you would add a third WLC that had no AP's associated to it. It would be licensed for either 12 or 25 AP's. 12 in case one of your WLC's fails or 25 in case both active WLC's fail :)
    WLAN Controller Failover for Lightweight Access Points Configuration Example
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008064a294.shtml#c4
    Hope this helps!
    Rob

  • WLC Guest Tunnel

    Hi,
    I've some questions about Guest Tunneling, since the docs on CCO is not so complete.
    Right now I've 2WLC4400 Series in a redundant way with 2 WLANs, 1WLAN per AP Group. All the APs are setup as H-REAP node.
    We've to setup a WLC in DMZ so that Guest WLAN traffic will be tunneled from the internal WLC to the DMZ and all is fine.
    The WLAN Guest and the interface should be defined both on internal and DMZ WLC...isn'it? the DHCP Server should be setup in DMZ?
    Then I'll setup the mobility Anchor between WLC#1 internal and WLC DMZ and between WLC#2 internal and WLC DMZ correct?
    What about the AP sice are setup like H-REAP Node with switch port as access?
    Many thanks for helping me find a solution

    Hi fella,
    Tnx a lot for the useful infos...are you sure??? maybe i'm missing a piece of the puzzle...let's do a resume:
    - My APs on different IP Subnet are configured as H-REAP nodes
    - my internal WLCs are configured with more WLANs to do central AUTH and LOCAL switching
    - my WLANs since are in H-REAP mode are mapped the to AP-Manager interface of the WLC
    - the WLC in DMZ, behind a Firewall, is configured with mobility group to be "in the same one" with the internals WLCs
    - the Guest WLAN, defined on internal and external WLCs is mapped to AP-Manager IP to be LWAPP Tunneled (central Switching) and spread on all my APs
    - the Guest WLAN will be anchored from the internal WLCs to the external one.
    So basically one WLAN client which will connect to Guest WLAN, all traffic will be LWAPP tunneled from AP MGMT IP to WLC AP-Manager IP and then, since this WLAN is anchored to the DMZ WLC, the traffic will be EoIP tunneled to this WLC where is active an DHCP Server.
    After the client is receving an IP Address from the WLC's DHCP Server the Firewall in front of the WLC will be block all the access to the internal IP subnet and permti only to be routed to the external of the enteprise...
    Am I wrong with something?
    Thnxxxxx

Maybe you are looking for