Client DHCP issues with WLC4136 Controller

hermeszdatahermeszdata Member Posts: 225
Well, I managed to get my WLC4136 WLAN controller up and running ... somewhat!

For the past couple of days I have been banging my head on the desk trying to figure this out but have not gotten any where. I am able to configure the WLC via telnet/ssh and via the GUI. APs register without issues and I am able to configure those. Wired clients are able to access local devices and the internet. Wireless Clients connect to the AP(s) but do not obtain a DHCP address!

Current topology includes:
c2911 Router
c3550 Switch as Distribution Switch
c3560 PoE 24 as Wireless COre switch
WLC4136 Wireless Lan COntroller
AIR-AP1010-A-K9 APs


c2811 Router Configs
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CO172Rtr
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
clock timezone mst -7
clock summer-time MDT recurring
voice-card 3
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.0.0.1 10.0.0.100
ip dhcp excluded-address 10.0.100.1 10.0.100.99
ip dhcp excluded-address 172.16.0.1 172.16.0.10
ip dhcp excluded-address 192.168.255.1 192.168.255.5
!
ip dhcp pool qiGuestWLAN
network 10.0.0.0 255.255.252.0
default-router 10.0.0.1 
dns-server 4.2.2.2
!
ip dhcp pool CO172WAP
network 10.0.100.0 255.255.255.0
default-router 10.0.100.1
!
ip dhcp pool CO172HN
network 172.16.0.0 255.255.255.0
default-router 172.16.0.1 
dns-server 205.171.3.65 205.171.2.65 
!
ip dhcp pool Service
network 192.168.255.0 255.255.255.0
default-router 192.168.255.1 
! 
!
!
multilink bundle-name authenticated
!
!
!
!
! 
archive
log config
hidekeys
! 
!
!
!
!
!
!
!
interface FastEthernet0/1
no shut
!
!
interface FastEthernet0/1.10
description Hotel Management Network Connection Through Workgroup Switch $FW_INSIDE$
encapsulation dot1Q 10
ip address 172.16.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
no shut
!
interface FastEthernet0/1.11
description NetManagementLAN $FW_INSIDE$
encapsulation dot1Q 11 native
ip address 192.168.255.1 255.255.255.0
ip nat inside
ip virtual-reassembly
no shut
!
interface FastEthernet0/1.100
description $Guest WLAN$
encapsulation dot1Q 100
ip address 10.0.100.1 255.255.255.0
ip nat inside
ip virtual-reassembly
no shut
!
interface FastEthernet0/1.101
enc dot1q 101
ip address 10.0.0.1 255.255.252.0
ip nat inside
ip virtual-reassembly
no shutdown
!
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 173.164.45.206
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list CO172NAT interface FastEthernet0/0 overload
!
ip access-list standard CO172NAT
permit 10.0.0.0 0.0.3.255
permit 10.0.100.0 0.0.0.255
permit 172.16.0.0 0.0.0.255
permit 192.168.255.0 0.0.0.7
!
!
!
!
!
!
!
line con 0
exec-timeout 15 0
login local
line aux 0
line vty 0 4
access-class CO172vtySecure in
exec-timeout 15 0
logging synchronous
login local
transport input telnet ssh
!
ntp clock-period 17180169
ntp server 192.43.244.18
end
c3550 Switch (This is the Primary Switch)
CO172SW#sh run
Building configuration...
Current configuration : 5749 bytes
!
! No configuration change since last restart
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname CO172SW
!
!
no aaa new-model
ip subnet-zero
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
! 
!
!
!
interface FastEthernet0/1
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 2
switchport mode access
shutdown
!
interface FastEthernet0/5
switchport mode dynamic desirable
shutdown
!
interface FastEthernet0/6
switchport mode dynamic desirable
shutdown
!
interface FastEthernet0/7
switchport mode dynamic desirable
shutdown
! 
interface FastEthernet0/8
switchport mode dynamic desirable
shutdown
!
interface FastEthernet0/9
switchport trunk encapsulation dot1q
switchport trunk native vlan 11
switchport mode trunk
!
interface FastEthernet0/10
switchport access vlan 11
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 11
switchport mode access
!
interface FastEthernet0/12
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/13
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/14
switchport access vlan 10
switchport mode access
spanning-tree portfast
spanning-tree bpdufilter enable
!
interface FastEthernet0/15
switchport access vlan 10
switchport mode access
shutdown
!
interface FastEthernet0/16
switchport access vlan 10
switchport mode access
shutdown
!
interface FastEthernet0/17
switchport trunk encapsulation dot1q
switchport trunk native vlan 11
switchport mode trunk
!
interface FastEthernet0/18
switchport access vlan 11
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/20
switchport access vlan 10
switchport mode dynamic desirable
shutdown
!
interface FastEthernet0/21
switchport access vlan 100
switchport mode dynamic desirable
shutdown
!
interface FastEthernet0/22
switchport access vlan 100
switchport mode access
!
interface FastEthernet0/23
switchport access vlan 100
switchport mode access
!
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport trunk native vlan 11
switchport mode trunk
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport trunk native vlan 11
switchport mode trunk
!
interface Vlan1
no ip address
no ip route-cache
! 
interface Vlan11
ip address 192.168.255.2 255.255.255.248
!
ip default-gateway 192.168.255.1
ip classless
ip http server
ip http authentication local
ip http secure-server
!
!
!
control-plane
!
!
line con 0
exec-timeout 15 0
login local
line vty 0 4
exec-timeout 15 0
login local
transport input telnet
line vty 5 15
no login
!
ntp clock-period 17180210
ntp server 192.43.244.18
ntp server 192.168.255.1
end
CO172SW#
c3560 Config (this switch is remote and powers the APs)
CO172WCore#sh run
Building configuration...
Current configuration : 8001 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CO172WCore
!
boot-start-marker
boot-end-marker
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
! 
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
! 
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 1,10,11,100,101
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 1,10,11,100,101
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 1,10,11,100,101
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 1,10,11,100,101
switchport mode trunk
spanning-tree portfast
!
!
!Output cut! All ports configured same
!
!
interface FastEthernet0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,11,100,101
switchport mode trunk
shutdown
!
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport trunk native vlan 11
switchport trunk allowed vlan 1,10,11,100,101
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,11,100,101,1002-1005
switchport mode trunk
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
no ip address
no ip route-cache
no ip mroute-cache
!
interface Vlan11
ip address 192.168.255.3 255.255.255.248
!
ip default-gateway 192.168.255.1
ip classless
ip http server
ip http authentication local
ip http secure-server
!
!
!
!
control-plane
!
!
!
line con 0
login local
stopbits 1
line vty 0 4
login local
line vty 5 15
login
!
end
CO172WCore# 
WLC4136 Configuration
(Cisco Controller) >show run
Press Enter to continue... 
System Inventory
Switch Description............................... Cisco Controller
Machine Model.................................... WLC4136
Serial Number.................................... FLS0935H00L
Burned-in MAC Address............................ 00:0B:85:33:3B:60
Gig Ethernet/Fiber Card.......................... Present
Crypto Accelerator 1............................. Absent
 
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 3.2.210.0
RTOS Version..................................... 3.2.210.0
Bootloader Version............................... 3.2.210.0
Build Type....................................... DATA + WPS
System Name...................................... CO)172WLC
System Location.................................. 
System Contact................................... 
System ObjectID.................................. 1.3.6.1.4.1.14179
IP Address....................................... 10.0.100.21
System Up Time................................... 0 days 2 hrs 44 mins 35 secs
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +47 C
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 2
3rd Party Access Point Support................... Disabled
Number of Active Clients......................... 1
 
Switch Configuration
802.3x Flow Control Mode......................... Disable 
Current LWAPP Transport Mode..................... Layer 3
LWAPP Transport Mode after next switch reboot.... Layer 3
FIPS prerequisite features....................... Disabled
 
Network Information
RF-Network Name............................. co172
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Shell (ssh).......................... Enable
Telnet...................................... Disable
Ethernet Multicast Mode..................... Disable
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
ARP Unicast Mode............................ Disabled
Cisco AP Default Master..................... Disable
Mgmt Via Wireless Interface................. Disable
Bridge AP Zero Config....................... Enable
Bridge Shared Secret........................ youshouldsetme
Allow Old Bridging Aps To Authenticate...... Enable
Over The Air Provisioning of AP's........... Enable
Mobile Peer to Peer Blocking................ Enable
Apple Talk ................................. Disable
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Fast SSID Change ........................... Disabled

Port Summary
STP Admin Physical Physical Link Link Mcast 
Pr Type Stat Mode Mode Status Status Trap Appliance POE 
-- ------- ---- ------- ---------- ---------- ------ ------- --------- -------
1 Normal Forw Enable Auto 1000 Full Up Enable Enable N/A 
 
AP Summary
AP Name Slots AP Model Ethernet MAC Location Port
------------------ ----- ------------------- ----------------- ---------------- ----
Guest4 2 AP1010 00:0b:85:8d:83:a0 default_location 1 
 
AP Config
Cisco AP Identifier.............................. 7
Cisco AP Name.................................... Guest4
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:0b:85:8d:83:a0
IP Address Configuration......................... DHCP
IP Address....................................... 10.0.100.100
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 10.0.100.1
Cisco AP Location................................ default_location
Cisco AP Group Name.............................. Guest_HSIA
Primary Cisco Switch............................. 
Secondary Cisco Switch........................... 
Tertiary Cisco Switch............................ 
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Remote AP Debug ................................. Disabled
S/W Version .................................... 3.2.210.0
Boot Version ................................... 2.1.78.0
Mini IOS Version ................................ -- 
Stats Reporting Period .......................... 180
LED State........................................ Enabled
Number Of Slots.................................. 2 
AP Model......................................... AP1010
AP Serial Number................................. WCN110600W9
AP Certificate Type.............................. Manufacture Installed
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211g
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
WLAN Override ............................... Enabled
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 1
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:0b:85:8d:83:a0
Operation Rate Set 
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
6000 Kilo Bits........................... SUPPORTED
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... SUPPORTED
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... SUPPORTED
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
Beacon Period ............................. 100
DTIM Period ............................... 1
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US 
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters 
Configuration ............................. AUTOMATIC
RTS Threshold ............................. 2347
Short Retry Limit ......................... 7
Long Retry Limit .......................... 4
Fragmentation Threshold ................... 2346
Maximum Tx MSDU Life Time ................. 512
Maximum Rx Life Time ...................... 512
Tx Power 
Num Of Supported Power Levels ............. 5
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Configuration .................... CUSTOMIZED
Current Tx Power Level .................... 3
Phy OFDM parameters
Configuration ............................. CUSTOMIZED
Current Channel ........................... 11
TI Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBm units).... 11
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
Cisco AP Identifier.............................. 7
Cisco AP Name.................................... Guest4
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:0b:85:8d:83:a0
IP Address Configuration......................... DHCP
IP Address....................................... 10.0.100.100
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 10.0.100.1
Cisco AP Location................................ default_location
Cisco AP Group Name.............................. Guest_HSIA
Primary Cisco Switch............................. 
Secondary Cisco Switch........................... 
Tertiary Cisco Switch............................ 
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Remote AP Debug ................................. Disabled
S/W Version .................................... 3.2.210.0
Boot Version ................................... 2.1.78.0
Mini IOS Version ................................ -- 
Stats Reporting Period .......................... 180
LED State........................................ Enabled
Number Of Slots.................................. 2 
AP Model......................................... AP1010
AP Serial Number................................. WCN110600W9
AP Certificate Type.............................. Manufacture Installed
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211a
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
WLAN Override ............................... Disabled
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 0
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:0b:85:8d:83:a0
Operation Rate Set 
6000 Kilo Bits........................... MANDATORY
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
Beacon Period ............................. 100
DTIM Period ............................... 1
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US 
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 4
MAC Operation Parameters 
Configuration ............................. AUTOMATIC
RTS Threshold ............................. 2347
Short Retry Limit ......................... 7
Long Retry Limit .......................... 4
Fragmentation Threshold ................... 2346
Maximum Tx MSDU Life Time ................. 512
Maximum Rx Life Time ...................... 512
Tx Power 
Num Of Supported Power Levels ............. 5
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 161
TI Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBm units).... 11
AntennaMode................................ ANTENNA_OMNI
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
 
AP Airewave Director Configuration
Number Of Slots.................................. 2 
AP Name.......................................... Guest4
MAC Address...................................... 00:0b:85:8d:83:a0
Radio Type..................................... RADIO_TYPE_80211b/g
Noise Information
Noise Profile................................ PASSED
Channel 1.................................... -84 dBm
Channel 2.................................... -78 dBm
Channel 3.................................... -86 dBm
Channel 4.................................... -89 dBm
Channel 5.................................... -95 dBm
Channel 6.................................... -97 dBm
Channel 7.................................... -95 dBm
Channel 8.................................... -94 dBm
Channel 9.................................... -94 dBm
Channel 10................................... -93 dBm
Channel 11................................... -93 dBm
Interference Information
Interference Profile......................... PASSED
Channel 1.................................... -75 dBm @ 1 % busy
Channel 2.................................... -128 dBm @ 0 % busy
Channel 3.................................... -128 dBm @ 0 % busy
Channel 4.................................... -128 dBm @ 0 % busy
Channel 5.................................... -128 dBm @ 0 % busy
Channel 6.................................... -86 dBm @ 8 % busy
Channel 7.................................... -84 dBm @ 4 % busy
Channel 8.................................... -128 dBm @ 0 % busy
Channel 9.................................... -128 dBm @ 0 % busy
Channel 10................................... -87 dBm @ 1 % busy
Channel 11................................... -85 dBm @ 4 % busy
Load Information
Load Profile................................. PASSED
Receive Utilization.......................... 0 %
Transmit Utilization......................... 0 %
Channel Utilization.......................... 6 %
Attached Clients............................. 0 clients
Coverage Information
Coverage Profile............................. PASSED
Failed Clients............................... 0 clients
Client Signal Strengths
RSSI -100 dbm................................ 0 clients
RSSI -92 dbm................................ 0 clients
RSSI -84 dbm................................ 0 clients
RSSI -76 dbm................................ 0 clients
RSSI -68 dbm................................ 0 clients
RSSI -60 dbm................................ 0 clients
RSSI -52 dbm................................ 1 clients
Client Signal To Noise Ratios
SNR 0 dbm................................. 0 clients
SNR 5 dbm................................. 0 clients
SNR 10 dbm................................. 0 clients
SNR 15 dbm................................. 0 clients
SNR 20 dbm................................. 0 clients
SNR 25 dbm................................. 0 clients
SNR 30 dbm................................. 0 clients
SNR 35 dbm................................. 0 clients
SNR 40 dbm................................. 1 clients
SNR 45 dbm................................. 0 clients
Nearby APs
Radar Information
RF Parameter Recommendations
Power Level.................................. 3
RTS/CTS Threshold............................ 2347
Fragmentation Tnreshold...................... 2346
Antenna Pattern.............................. 0
Number Of Slots.................................. 2 
AP Name.......................................... Guest4
MAC Address...................................... 00:0b:85:8d:83:a0
Radio Type..................................... RADIO_TYPE_80211a
Noise Information
Noise Profile................................ PASSED
Channel 36................................... -93 dBm
Channel 40................................... -92 dBm
Channel 44................................... -93 dBm
Channel 48................................... -92 dBm
Channel 52................................... -93 dBm
Channel 56................................... -93 dBm
Channel 60................................... -93 dBm
Channel 64................................... -92 dBm
Channel 149.................................. -98 dBm
Channel 153.................................. -98 dBm
Channel 157.................................. -99 dBm
Channel 161.................................. -100 dBm
Channel 165.................................. -100 dBm
Interference Information
Interference Profile......................... PASSED
Channel 36................................... -128 dBm @ 0 % busy
Channel 40................................... -128 dBm @ 0 % busy
Channel 44................................... -128 dBm @ 0 % busy
Channel 48................................... -128 dBm @ 0 % busy
Channel 52................................... -128 dBm @ 0 % busy
Channel 56................................... -128 dBm @ 0 % busy
Channel 60................................... -128 dBm @ 0 % busy
Channel 64................................... -128 dBm @ 0 % busy
Channel 149.................................. -128 dBm @ 0 % busy
Channel 153.................................. -128 dBm @ 0 % busy
Channel 157.................................. -128 dBm @ 0 % busy
Channel 161.................................. -128 dBm @ 0 % busy
Channel 165.................................. -128 dBm @ 0 % busy
Load Information
Load Profile................................. PASSED
Receive Utilization.......................... 0 %
Transmit Utilization......................... 0 %
Channel Utilization.......................... 0 %
Attached Clients............................. 0 clients
Coverage Information
Coverage Profile............................. PASSED
Failed Clients............................... 0 clients
Client Signal Strengths
RSSI -100 dbm................................ 0 clients
RSSI -92 dbm................................ 0 clients
RSSI -84 dbm................................ 0 clients
RSSI -76 dbm................................ 0 clients
RSSI -68 dbm................................ 0 clients
RSSI -60 dbm................................ 0 clients
RSSI -52 dbm................................ 0 clients
Client Signal To Noise Ratios
SNR 0 dbm................................. 0 clients
SNR 5 dbm................................. 0 clients
SNR 10 dbm................................. 0 clients
SNR 15 dbm................................. 0 clients
SNR 20 dbm................................. 0 clients
SNR 25 dbm................................. 0 clients
SNR 30 dbm................................. 0 clients
SNR 35 dbm................................. 0 clients
SNR 40 dbm................................. 0 clients
SNR 45 dbm................................. 0 clients
Nearby APs
Radar Information
Channel Assignment Information
Current Channel Average Energy............... unknown
Previous Channel Average Energy.............. unknown
Channel Change Count......................... 0
Last Channel Change Time..................... Sun May 1 13:04:19 2011
Recommendd Best Channel...................... 161
RF Parameter Recommendations
Power Level.................................. 1
RTS/CTS Threshold............................ 2347
Fragmentation Tnreshold...................... 2346
Antenna Pattern.............................. 0
 
802.11A Configuration
802.11a Network.................................. Enabled
802.11a Low Band........................... Enabled
802.11a Mid Band........................... Enabled
802.11a High Band.......................... Enabled
802.11a Operational Rates
802.11a 6M Rate.............................. Mandatory
802.11a 9M Rate.............................. Supported
802.11a 12M Rate............................. Mandatory
802.11a 18M Rate............................. Supported
802.11a 24M Rate............................. Mandatory
802.11a 36M Rate............................. Supported
802.11a 48M Rate............................. Supported
802.11a 54M Rate............................. Supported
Beacon Interval.................................. 100
CF Pollable mandatory............................ Disabled
CF Poll Request mandatory........................ Disabled
CFP Period....................................... 4
CFP Maximum Duration............................. 60
Default Channel.................................. 36
Default Tx Power Level........................... 1
DTPC Status..................................... Enabled
DTIM Period...................................... 1
Fragmentation Threshold.......................... 2346
Long Retry Limit................................. 4
Maximum Rx Life Time............................. 512
Max Tx MSDU Life Time............................ 512
Medium Occupancy Limit........................... 100
Pico-Cell Status................................. Disabled
RTS Threshold.................................... 2347
Short Retry Limit................................ 7
TI Threshold..................................... -50
 
802.11A Advanced Configuration
AP Name Channel TxPower Level
-------------------------------- ----------- -------------
Guest4 161* 1*
Press Enter to continue Or <Ctl Z> to abort 
802.11A Airewave Director Configuration
RF Event and Performance Logging
Channel Update Logging......................... Off
Coverage Profile Logging....................... Off
Foreign Profile Logging........................ Off
Load Profile Logging........................... Off
Noise Profile Logging.......................... Off
Performance Profile Logging.................... Off
TxPower Update Logging......................... Off
Default 802.11a AP performance profiles
802.11a Global Interference threshold.......... 10 %
802.11a Global noise threshold................. -70 dBm
802.11a Global RF utilization threshold........ 80 %
802.11a Global throughput threshold............ 1000000 bps
802.11a Global clients threshold............... 12 clients
802.11a Global coverage threshold.............. 16 dB
802.11a Global coverage exception level........ 25 %
802.11a Global client minimum exception lev.... 3 clients
Default 802.11a AP monitoring
802.11a Monitor Mode........................... enable
802.11a Monitor Channels....................... Country channels
802.11a AP Coverage Interval................... 180 seconds
802.11a AP Load Interval....................... 60 seconds
802.11a AP Noise Interval...................... 180 seconds
802.11a AP Signal Strength Interval............ 60 seconds
Automatic Transmit Power Assignment
Transmit Power Assignment Mode................. AUTO
Transmit Power Update Interval................. 600 seconds
Transmit Power Threshold....................... -65 dBm
Transmit Power Neighbor Count.................. 3 APs
Transmit Power Update Contribution............. SNI.
Transmit Power Assignment Leader............... 00:0b:85:33:3b:60
Last Run....................................... 304 seconds ago
Automatic Channel Assignment
Channel Assignment Mode........................ AUTO
Channel Update Interval........................ 600 seconds
Channel Update Contribution.................... SNI.
Channel Assignment Leader...................... 00:0b:85:33:3b:60
Last Run....................................... 304 seconds ago
Channel Energy Levels 
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
Channel Dwell Times 
Minimum...................................... 0 days, 00 h 39 m 09 s
Average...................................... 0 days, 00 h 39 m 09 s
Maximum...................................... 0 days, 00 h 39 m 09 s
Radio RF Grouping
802.11a Group Mode............................. AUTO
802.11a Group Update Interval.................. 600 seconds
802.11a Group Leader........................... 00:0b:85:33:3b:60
802.11a Group Member......................... 00:0b:85:33:3b:60
802.11a Last Run............................... 304 seconds ago
&#12288;
802.11B Configuration
802.11b Network.................................. Enabled
11gSupport....................................... Enabled
802.11b/g Operational Rates
802.11b/g 1M Rate............................ Mandatory
802.11b/g 2M Rate............................ Mandatory
802.11b/g 5.5M Rate.......................... Mandatory
802.11b/g 11M Rate........................... Mandatory
802.11g 6M Rate.............................. Supported
802.11g 9M Rate.............................. Supported
802.11g 12M Rate............................. Supported
802.11g 18M Rate............................. Supported
802.11g 24M Rate............................. Supported
802.11g 36M Rate............................. Supported
802.11g 48M Rate............................. Supported
802.11g 54M Rate............................. Supported
Beacon Interval.................................. 100
CF Pollable mode................................. Disabled
CF Poll Request mandatory........................ Disabled
CFP Period....................................... 4
CFP Maximum Duration............................. 60
Default Channel.................................. 1
Default Tx Power Level........................... 1
DTPC Status..................................... Enabled
Call Admission Limit ........................... 105
G711 CU Quantum ................................. 15
DTIM Period...................................... 1
ED Threshold..................................... -50
Fragmentation Threshold.......................... 2346
Long Retry Limit................................. 4
Maximum Rx Life Time............................. 512
Max Tx MSDU Life Time............................ 512
Medium Occupancy Limit........................... 100
PBCC mandatory................................... Disabled
Pico-Cell Status................................. Disabled
RTS Threshold.................................... 2347
Short Preamble mandatory......................... Enabled
Short Retry Limit................................ 7
&#12288;
802.11B Advanced Configuration
AP Name Channel TxPower Level
-------------------------------- ----------- -------------
Guest4 11 3 
&#12288;
802.11B Airewave Director Configuration
RF Event and Performance Logging
Channel Update Logging......................... Off
Coverage Profile Logging....................... Off
Foreign Profile Logging........................ Off
Load Profile Logging........................... Off
Noise Profile Logging.......................... Off
Performance Profile Logging.................... Off
Transmit Power Update Logging.................. Off
Default 802.11b AP performance profiles
802.11b Global Interference threshold.......... 10 %
802.11b Global noise threshold................. -70 dBm
802.11b Global RF utilization threshold........ 80 %
802.11b Global throughput threshold............ 1000000 bps
802.11b Global clients threshold............... 12 clients
802.11b Global coverage threshold.............. 12 dB
802.11b Global coverage exception level........ 25 %
802.11b Global client minimum exception lev.... 3 clients
Default 802.11b AP monitoring
802.11b Monitor Mode........................... enable
802.11b Monitor Channels....................... Country channels
802.11b AP Coverage Interval................... 180 seconds
802.11b AP Load Interval....................... 60 seconds
802.11b AP Noise Interval...................... 180 seconds
802.11b AP Signal Strength Interval............ 60 seconds
Automatic Transmit Power Assignment
Transmit Power Assignment Mode................. AUTO
Transmit Power Update Interval................. 600 seconds
Transmit Power Threshold....................... -65 dBm
Transmit Power Neighbor Count.................. 3 APs
Transmit Power Update Contribution............. SNI.
Transmit Power Assignment Leader............... 00:0b:85:33:3b:60
Last Run....................................... 371 seconds ago
Automatic Channel Assignment
Channel Assignment Mode........................ AUTO
Channel Update Interval........................ 600 seconds
Channel Update Contribution.................... SNI.
Channel Assignment Leader...................... 00:0b:85:33:3b:60
Last Run....................................... 371 seconds ago
Channel Energy Levels 
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
Channel Dwell Times 
Minimum...................................... 0 days, 00 h 39 m 46 s
Average...................................... 0 days, 00 h 39 m 46 s
Maximum...................................... 0 days, 00 h 39 m 46 s
Radio RF Grouping
802.11b Group Mode............................. AUTO
802.11b Group Update Interval.................. 600 seconds
802.11b Group Leader........................... 00:0b:85:33:3b:60
802.11b Group Member......................... 00:0b:85:33:3b:60
802.11b Last Run............................... 371 seconds ago
&#12288;
Mobility Configuration
Mobility Protocol Port........................... 16666
Mobility Security Mode........................... Disabled
Default Mobility Domain.......................... co172
Mobility Group members configured................ 1
Switches configured in the Mobility Group
MAC Address IP Address Group Name
00:0b:85:33:3b:60 10.0.100.21 <local> 
&#12288;
Interface Configuration
Interface Name................................... ap-manager
IP Address....................................... 10.0.100.32
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.0.100.1
VLAN............................................. 100 
Physical Port.................................... 1 
Primary DHCP Server.............................. 10.0.100.1
Secondary DHCP Server............................ Unconfigured
ACL.............................................. Unconfigured
AP Manager....................................... Yes
Interface Name................................... guestwlan
IP Address....................................... 10.0.0.2
IP Netmask....................................... 255.255.252.0
IP Gateway....................................... 10.0.0.1
VLAN............................................. 101 
Physical Port.................................... 1 
Primary DHCP Server.............................. 10.0.0.1
Secondary DHCP Server............................ Unconfigured
ACL.............................................. Unconfigured
AP Manager....................................... No
Interface Name................................... management
MAC Address...................................... 00:0b:85:33:3b:60
IP Address....................................... 10.0.100.21
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.0.100.1
VLAN............................................. 100 
Physical Port.................................... 1 
Primary DHCP Server.............................. 10.0.100.1
Secondary DHCP Server............................ Unconfigured
ACL.............................................. Unconfigured
AP Manager....................................... No
Interface Name................................... service-port
MAC Address...................................... 00:0b:85:33:3b:61
IP Address....................................... 0.0.0.0
DHCP Protocol.................................... Enabled
AP Manager....................................... No
Interface Name................................... virtual
IP Address....................................... 1.1.1.1
Virtual DNS Host Name............................ Disabled
AP Manager....................................... No
&#12288;
WLAN Configuration
WLAN Identifier.................................. 1
Network Name (SSID).............................. CO172
Status........................................... Disabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. Infinity
Interface........................................ management
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
Quality of Service............................... Silver (best effort)
WMM.............................................. Disabled
802.11e.......................................... Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Radio Policy..................................... All
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Enabled
Encryption:..................................... 128-bit WEP
Wi-Fi Protected Access (WPA1)................. Disabled
Wi-Fi Protected Access v2 (WPA2).............. Disabled
IP Security................................... Disabled
IP Security Passthru.......................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Auto Anchor................................... Disabled
Cranite Passthru.............................. Disabled
Fortress Passthru............................. Disabled
WLAN Identifier.................................. 2
Network Name (SSID).............................. qi172
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Number of Active Clients......................... 1
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
Interface........................................ guestwlan
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
Quality of Service............................... Silver (best effort)
WMM.............................................. Disabled
802.11e.......................................... Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Radio Policy..................................... 802.11G only
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Enabled
Encryption:..................................... None
Wi-Fi Protected Access (WPA1)................. Disabled
Wi-Fi Protected Access v2 (WPA2).............. Disabled
IP Security................................... Disabled
IP Security Passthru.......................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Auto Anchor................................... Disabled
Cranite Passthru.............................. Disabled
Fortress Passthru............................. Disabled
&#12288;
ACL Configuration
&#12288;
&#12288;
RADIUS Configuration
Vendor Id Backward Compatibility................. Disabled
Credentials Caching.............................. Disabled
Call Station Id Type............................. IP Address
Administrative Authentication via RADIUS......... Enabled
Aggressive Failover.............................. Enabled
Keywrap.......................................... Disabled
Authentication Servers
Idx Type Server Address Port State Tout RFC3576 IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr
--- ---- ---------------- ------ -------- ---- ------- ------------------------------------------------
Accounting Servers
Index Type Server Address Port State Tout RFC-3576 IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr
----- ---- ---------------- ------ -------- ---- -------- ------------------------------------------------
&#12288;
&#12288;
Route Info
Number of Routes................................. 0
Destination Network Genmask Gateway
------------------- ------------------- -------------------
&#12288;
&#12288;
Qos Queue Length Info
Platinum queue length............................ 100
Gold queue length................................ 75
Silver queue length.............................. 50
Bronze queue length.............................. 25
&#12288;
&#12288;
Mac Filter Info
&#12288;
&#12288;
Authorization List
&#12288;
&#12288;
&#12288;
&#12288;
Load Balancing Info
Aggressive Load Balancing........................ Enabled
Aggressive Load Balancing Window................. 0 clients
&#12288;
&#12288;
Dhcp Scope Info
Scope: GuestDHCP
Enabled.......................................... No
Lease Time....................................... 86400 (1 day )
Pool Start....................................... 10.0.0.100
Pool End......................................... 10.0.3.254
Network.......................................... 10.0.0.0
Netmask.......................................... 255.255.252.0
Default Routers.................................. 10.0.0.1 0.0.0.0 0.0.0.0
DNS Domain....................................... 
DNS.............................................. 4.2.2.2 0.0.0.0 0.0.0.0
Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0
&#12288;
&#12288;
Exclusion List ConfigurationUnable to retrieve exclusion-list entry
&#12288;
&#12288;
&#12288;
WPS Configuration Summary
Client Exclusion Policy
Excessive 802.11-association failures.......... Enabled
Excessive 802.11-authentication failures....... Enabled
Excessive 802.1x-authentication................ Enabled
IP-theft....................................... Enabled
Excessive Web authentication failure........... Enabled
Trusted AP Policy
Mis-configured AP Action....................... Alarm Only
Enforced encryption policy................... none
Enforced preamble policy..................... none
Enforced radio type policy................... none
Validate SSID................................ Disabled
Alert if Trusted AP is missing................. Disabled
Trusted AP timeout............................. 120
Untrusted AP Policy
Rogue Location Discovery Protocol.............. Disabled
RLDP Action.................................. Alarm Only
Rogue APs
Rogues AP advertising my SSID................ Alarm Only
Detect and report Ad-Hoc Networks............ Enabled
Rogue Clients
Validate rogue clients against AAA........... Disabled
Detect trusted clients on rogue APs.......... Alarm Only
Rogue AP timeout............................... 1200
Signature Policy
Signature Processing........................... Enabled
&#12288;
Spanning Tree Switch Configuration
STP Specification...................... IEEE 802.1D
STP Base MAC Address................... 00:0B:85:33:3B:60
Spanning Tree Algorithm................ Disable 
STP Bridge Priority.................... 32768
STP Bridge Max. Age (seconds).......... 20
STP Bridge Hello Time (seconds)........ 2
STP Bridge Forward Delay (seconds)..... 15
&#12288;
Spanning Tree Port Configuration
STP Port ID................................. 8001
STP Port State.............................. Forwarding
STP Port Administrative Mode................ 802.1D
STP Port Priority........................... 128
STP Port Path Cost.......................... 4
STP Port Path Cost Mode..................... Auto
(Cisco Controller) >
If I configure a wireless client with a static IP in VLAN101 and try to ping any valid ip address I get the dreaded Destination Unreachable response.
Any suggestions?

John
John
Current Progress:
Studying:
CCNA Security - 60%, CCNA Wireless - 80%, ROUTE - 10% (Way behind due to major Wireless Project)
Exams Passed:
CCNA - 640-802 - 17 Jan 2011 -- CVOICE v6 - 642-436 - 28 Feb 2011
2011 Goals
CCNP/CCNP:Voice

Comments

  • SteveO86SteveO86 Member Posts: 1,423
    The Switch port that connect to the AP's should be access ports. Only the the controller should be connected with a dot1q trunk.

    By "remote" are these AP's configured as REAP/H-REAP or in Local mode?

    If you provide a static address to the WLAN client can they ping the WLC/AP? Then try to ping the switch neighboring the WLC.

    Also is the SSID interface configured with the proper VLAN?

    From the controller, can you ping the DHCP Device?

    With LWAP's, the client traffic goes from:

    Client -> RF (SSID) -> AP -> Wired Network (Encapsulated LWAP) -> WLC -> Wired network (Decapsulated) as normal 802.3 traffic.

    If you associate and authenticate to the WLAN with a static address, ping the closest point first and reach out. If you can ping the WLC (The IP of the Interface in question) but not the switch connected to the WLC then I would verify the trunk and the SSID configuration.
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • hermeszdatahermeszdata Member Posts: 225
    SteveO86 wrote: »
    The Switch port that connect to the AP's should be access ports. Only the the controller should be connected with a dot1q trunk.

    By "remote" are these AP's configured as REAP/H-REAP or in Local mode?

    If you provide a static address to the WLAN client can they ping the WLC/AP? Then try to ping the switch neighboring the WLC.

    Also is the SSID configured with the proper VLAN?

    With LWAP's, the client traffic goes from:

    Client -> RF (SSID) -> AP -> Wired Network (Encapsulated LWAP) -> WLC -> Wired network (Decapsulated) as normal 802.3 traffic.

    If you associate and authenticate to the WLAN with a static address, ping the closest point first and reach out. If you can ping the WLC but not the switch connected to the WLC then I would verify the trunk and the SSID configuration.

    WCore Switch (APs connected to this) ports are configured as show in the 3560 PoE config. Having more than one VLAN requires the switch ports configured as trunks, not access ports, and configured with a native vlan assigned (in this case the management vlan is vlan100). Additionally, all VLANs are in each switch's database.

    APs are configured as Local. and SSID(s) are configured correctly. (NOTE: I had the same issue with a single SSID and the switch ports set as access on VLAN 100.

    Clients associate/connect to APs. Authentication is open with no encryption (unsecure network). Statically configured clients are unable to ping anything nor are they pingable from the WLC or any device. The WLC GUI shows clients connected to AP(s).

    I pulled my 1121 AP from my local network aftrer setting it up for DHCP and plugged it into the 3560 switch (initially the port set for VLAN100 and then VLAN101) in both cases the AP pulled an IP address and when the client connected it to pulled an IP address via DHCP and was able to connect completely to the network/internet.

    This confirms the router and switch setups and points directly to an issue with the WLC config.
    John
    Current Progress:
    Studying:
    CCNA Security - 60%, CCNA Wireless - 80%, ROUTE - 10% (Way behind due to major Wireless Project)
    Exams Passed:
    CCNA - 640-802 - 17 Jan 2011 -- CVOICE v6 - 642-436 - 28 Feb 2011
    2011 Goals
    CCNP/CCNP:Voice
  • SteveO86SteveO86 Member Posts: 1,423
    WCore Switch (APs connected to this) ports are configured as show in the 3560 PoE config. Having more than one VLAN requires the switch ports configured as trunks, not access ports, and configured with a native vlan assigned (in this case the management vlan is vlan100). Additionally, all VLANs are in each switch's database.

    Wireless LAN Controller and Lightweight Access Point Basic Configuration Example - Cisco Systems
    While the Cisco WLCs always connect to 802.1Q trunks, Cisco lightweight APs do not understand VLAN tagging and should only be connected to the access ports of the neighbor switch.

    Clients associate/connect to APs. Authentication is open with no encryption (unsecure network). Statically configured clients are unable to ping anything nor are they pingable from the WLC or any device. The WLC GUI shows clients connected to AP(s).

    Pretty odd.. The client can't ping the IP of the dynamic interface the SSID is configured for.. Any useful logs on the WLC? Maybe create a temporary pool on the WLC. And the WLC can ping the sub-interface (of the guest network) on router.
    I pulled my 1121 AP from my local network aftrer setting it up for DHCP and plugged it into the 3560 switch (initially the port set for VLAN100 and then VLAN101) in both cases the AP pulled an IP address and when the client connected it to pulled an IP address via DHCP and was able to connect completely to the network/internet. This confirms the router and switch setups and points directly to an issue with the WLC config.

    Agreed the DHCP setup from the router to the switches/VLAN look correct.
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • hermeszdatahermeszdata Member Posts: 225
    SteveO86 wrote: »
    Wireless LAN Controller and Lightweight Access Point Basic Configuration Example - Cisco Systems






    Pretty odd.. The client can't ping the IP of the dynamic interface the SSID is configured for.. Any useful logs on the WLC? Maybe create a temporary pool on the WLC. And the WLC has full connectivity to the rest of the network?



    Agreed the DHCP setup from the router to the switches/VLAN look correct.
    Issues resolved ... at last.

    It's all those undefined buttons and switches. So, I just began experimenting a bit.

    Under the WLANs tab in the WLC's GUI is a Security Policy area. When I switched Layer 2 Security to none (default is 802.1X) clients began grabbing IPs right away and proper access to networks gained.

    Playing with the encryption settings now.

    RE: Switch port settings. The text you quoted is accurate ... However ...
    when we define the port's config as follows:
    !
    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    [COLOR=darkred]switchport trunk native vlan 100[/COLOR]
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    spanning-tree portfast
    !
    

    the port become's an access (untagged) port for the specified native vlan. This is the same process used for data/voice trunking in VoIP configurations.

    Using VLANs with Cisco Aironet Wireless Equipment - Cisco Systems

    The above document (I've actually had this printed for a couple of months) is a great reference for VLAN trunking on APs and clearly references the aspect/importance of the native vlan, both from the AP's and Switch's perspective.

    I just wish that there was better documentation on the rest of the WLC configuration. Now on to figuring out ACLs and the rest of the security configuration.

    Thanks. icon_study.gif
    John
    Current Progress:
    Studying:
    CCNA Security - 60%, CCNA Wireless - 80%, ROUTE - 10% (Way behind due to major Wireless Project)
    Exams Passed:
    CCNA - 640-802 - 17 Jan 2011 -- CVOICE v6 - 642-436 - 28 Feb 2011
    2011 Goals
    CCNP/CCNP:Voice
  • SteveO86SteveO86 Member Posts: 1,423
    As far as the port configuration, that document is for Autonomous AP's not LWAPs, but hey if it works it works. Since the native vlan isn't tag your right you'll be ok.

    Layer 2 security settings, that means the client would associate to the AP but will not pass traffic until authenticated.

    (When in doubt I've found it helpful to SSH into the AP and debug the client, that probably would have helped with situation quicker, I just didn't think about the SSID security settings, and of course it's right their in the config icon_redface.gificon_sad.gif )
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • hermeszdatahermeszdata Member Posts: 225
    SteveO86 wrote: »
    As far as the port configuration, that document is for Autonomous AP's not LWAPs, but hey if it works it works. Since the native vlan isn't tag your right you'll be ok.

    Layer 2 security settings, that means the client would associate to the AP but will not pass traffic until authenticated.

    (When in doubt I've found it helpful to SSH into the AP and debug the client, that probably would have helped with situation quicker, I just didn't think about the SSID security settings, and of course it's right their in the config icon_redface.gificon_sad.gif )

    Tried the SSH thing but I apparently have other things to configure to allow that connectivity.

    That was a lot to look at config wise. icon_lol.gif I'm still trying to make sense of it all. Back to the books.icon_study.gif
    John
    Current Progress:
    Studying:
    CCNA Security - 60%, CCNA Wireless - 80%, ROUTE - 10% (Way behind due to major Wireless Project)
    Exams Passed:
    CCNA - 640-802 - 17 Jan 2011 -- CVOICE v6 - 642-436 - 28 Feb 2011
    2011 Goals
    CCNP/CCNP:Voice
  • hermeszdatahermeszdata Member Posts: 225
    John
    Current Progress:
    Studying:
    CCNA Security - 60%, CCNA Wireless - 80%, ROUTE - 10% (Way behind due to major Wireless Project)
    Exams Passed:
    CCNA - 640-802 - 17 Jan 2011 -- CVOICE v6 - 642-436 - 28 Feb 2011
    2011 Goals
    CCNP/CCNP:Voice
  • SteveO86SteveO86 Member Posts: 1,423
    Here's the Cisco Config guide for the IOS/Model, not sure if you got this already. (it's seem that model is EoL, now wonder that was tough to find, or I would have posted it earlier)

    Cisco Wireless LAN Controller Configuration Guide, Release 3.2 - Chapter 1 - Overview [Cisco 4400 Series Wireless LAN Controllers] - Cisco Systems

    As far as the SSH thing, it should be a configurable option under the individual AP's.

    Just wait till you get more AP's on their, the config grows. icon_rolleyes.gif

    Good luck!

    (I don't how v3.2.2 is but I know earlier versions of v5 and v6 were exceptionally buggy for me, and some of the bugs required me to reboot the AP to recover from. We are up v7 as far as controller code goes so if some of the documentation on Cisco's site don't match that would be why)
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • hermeszdatahermeszdata Member Posts: 225
    SteveO86 wrote: »
    Here's the Cisco Config guide for the IOS/Model, not sure if you got this already. (it's seem that model is EoL, now wonder that was tough to find, or I would have posted it earlier)

    Cisco Wireless LAN Controller Configuration Guide, Release 3.2 - Chapter 1 - Overview [Cisco 4400 Series Wireless LAN Controllers] - Cisco Systems

    As far as the SSH thing, it should be a configurable option under the individual AP's.

    Just wait till you get more AP's on their, the config grows. icon_rolleyes.gif

    Good luck!

    (I don't how v3.2.2 is but I know earlier versions of v5 and v6 were exceptionally buggy for me, and some of the bugs required me to reboot the AP to recover from. We are up v7 as far as controller code goes so if some of the documentation on Cisco's site don't match that would be why)


    The 4136 I have has 3.2.210.0. I currently have 20 of the AIR-AP1010s. looking to get an upgrade on the IOS for the 4136 and the APs.

    I have to start (tomorrow) on resetting what I have in APs and get them ready for installation/migration. I also need to work on the authentication process for the Quest access and how to use a URL to do this.
    John
    Current Progress:
    Studying:
    CCNA Security - 60%, CCNA Wireless - 80%, ROUTE - 10% (Way behind due to major Wireless Project)
    Exams Passed:
    CCNA - 640-802 - 17 Jan 2011 -- CVOICE v6 - 642-436 - 28 Feb 2011
    2011 Goals
    CCNP/CCNP:Voice
  • SteveO86SteveO86 Member Posts: 1,423
    Yea when you after you get the upgrade on the WLC and reboot the WLC (so it boots to the new version) all the LWAPs will be down until the the LWAPs download the new code.

    I think older version only allowed 4-6 LWAP's to download the update at once, the rest will continuously reboot, until a slot is open. So you definitely want to upgrade prior to putting everything in production. I think the latest code for the 4136 is 3.2.215.. I think not a 100% on that one.
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
Sign In or Register to comment.