Cisco 5508 wlc mesh SSID broadcast?
Hello
I feel a strange phenomenon in my environment. Users on computers laptops Windows seem to be trying to connect to the SSID, they see the arrival of an access point which is mode bridge (and not broadcasting an SSID). I confirmed that nothing weird happens where the bridge would be broadcast SSID (standing right next to the newly imaged bridge on a laptop and when I connect I continue straight to a properly configured flexconnect AP).
There is no output from the path of the box in Windows to tell the operating system that an access point is not valid once he thinks he is, so I'm reaching out to the community to see if someone else has seen this before. My next troubleshooting step is to bridges in stand-alone mode, if I can't find an answer.
The environment consists of a WLC HA pair, standard 5508 flexconnect environment internal wireless, and we have a pair of bridge linking the two buildings. The affected computers are Windows 7 and Windows 8
Hello
Are you sure the mesh, access point is not configured to announce the WLAN of concern?
Unless it is in a group of AP with no WLAN, WLAN 1-16 will be announced via its interface 2.4 ghz (and 5 GHz so "mesh access customer backhaul" is enabled).
Here's a controller cli command to confirm (1550 is the AP name) ("site name" is the ap group)
(jk-4400-111) > show ap WiFi 802. 11 b 1550
Site Name........................................ 1550
WLAN ID BSSID Interface
Site description...
------- ----------- --------------------------
18 management 88:f0:77:b7:b2:20
management 88:F0:77:B7:B2:21 19
Tags: Cisco Wireless
Similar Questions
-
Our security policy requires that all web pages admin must be signed by our CA business. I have successfully implemented a SSL certificate 3rd party Auth Web our WLAN of comments, but I need to install a self-signed certificate for the management of the WLC himself. I followed the instructions here:
http://www.Cisco.com/en/us/Tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml
but it was more useful for Web auth. I can't find a specific document explaining how it should be done for the management interface.
Any help much appreciated.
(1) Please use a password. Empty passwords regularly give problems.
(2) you don't recombine the key with the certificate before you download to the WLC:
Combine the CA.pem certificate with the private key, and then convert the file to a .pem file.
Type this command in the OpenSSL application:
openssl>pkcs12 -export -in CA.pem -inkey mykey.pem -out CA.p12 -clcerts
-passin pass:check123 -passout pass:check123
!--- This command should be on one line.
openssl>pkcs12 -in CA.p12 -out final.pem -passin pass:check123 -passout pass:check123
Note: In this command, you must enter a password for the parameters -passin' and -passout . The password is set to the setting -passout must match the setting SubscriptionId is configured on the WLC. In this example, the password is configured at the time the -passin' and settings -passout is check123. Step 4 of the procedure in the section download the WLC third certificate of this document deals with the configuration of the SubscriptionId parameter.
The final.pem is the file that is transferred via TFTP to the Cisco WLC.
Now that you have the certificate of the third-party CA, you must download the certificate to the WLC.
-
iPhone/iPad connectivity problem with of 5508 WLC
Hello
We are implementing a new Cisco 5508 WLC and C3602I LWAP corporate wireless network. Us are not running no matter what RADIUS or EAP for now and start with WPA2 / AES with a pre-shared to start flying.
The question that we are conducting is based iOS devices (iPhone/iPad) don't seem to want to connect. We just get one couldn't enter wireless messages. We had success with several portable Windows-based, my MacBook connects, as well as several different Android devices.
Looking at the logs on the WLC I see those entries that correspond to the MAC address of my iPhone.
* apfMsConnTask_6: 17:25:20.620 Jul 17: % CSA-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:376 could not check support rate. Lack of support rate. Length: 0 mobile MAC: 24:ab:81:92:4 d: 97.
Does anyone has any ideas or have encountered this problem before?
Any help would be greatly appreciated.
Thank you!
Andrew
What is happening with several iDevices? Can you try to restart one of these iDevices, because there seems to be a problem with the unit and not the wireless.
-
New Cisco Aironet 1602i is not broadcasting the SSID I place
New Cisco Aironet 1602i is not broadcasting the SSID I place
SSID I set up is not broadcasting, so I don't see the wireless network to choose and connect. On my laptop if I choose specify the name of the SSID then I am able to connect to the wireless network. I have only 1 Configuration SSID on the access point. Anyone know how to update the configuration for the SSID is broadcast?
The green light on the AP flashes and turns off about 3 seconds; is this normal or should it stays on all the time?
Current configuration: 1842 bytes
!
version 15.2
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
host ap name
!
!
Pulse 9 logging console
enable secret 5 $1$ rrlE$ msWqu8CGY/tpDkgRAAAIe /.
!
No aaa new-model
no ip Routing
no ip cef
!
!
!
dot11 syslog
!
dot11 ssid Mi Casa
open authentication
authentication-key wpa version2 management
WPA - psk ascii 7 142017070F0C787B7579
!
!
Crypto pki token removal timeout default 0
!
!
username Cisco privilege 15 password 7 112A1016141D
!
!
Bridge IRB
!
!
!
interface Dot11Radio0
no ip address
no ip route cache
!
encryption algorithms aes - ccm tkip encryption mode
!
SSID Mi Casa
!
gain of antenna 0
STBC
beamform ofdm
root of station-role
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface Dot11Radio1
no ip address
no ip route cache
!
encryption algorithms aes - ccm tkip encryption mode
!
SSID Mi Casa
!
gain of antenna 0
DFS block 3 Strip
STBC
beamform ofdm
channel SFR
root of station-role
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface GigabitEthernet0
no ip address
no ip route cache
automatic duplex
automatic speed
Bridge-Group 1
Bridge-Group 1 covering-disabled people
No source of bridge-Group 1-learning
!
interface BVI1
IP 192.168.10.200 255.255.255.0
no ip route cache
!
by default-gateway IP 192.168.10.1
IP forward-Protocol ND
IP http server
no ip http secure server
IP http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
1 channel ip bridge
!
!
!
Line con 0
line vty 0 4
local connection
transport of entry all
!
end
Hi you must guest mode config on the ssid... Read this bud
https://supportforums.Cisco.com/docs/doc-5442
Sent by Cisco Support technique iPhone App
-
5508 WLC works only with small business unit SA 520 security
Cisco 5508 is new Wireless LAN Controller supporting 802.11ac new Giga bit wireless. It has been connected to the port of SA 520 LAN LAN port of small business Security Appliance (trunk). VLAN by default 1 works fine, which is for the management but vlan data does not work.
However, I can ping from WLC until SA 520 on vlan data but no ping SA 520. Also the wireless clients connected to the AP cannot connect to SA 520 on the data vlan 2702 as gateway?
both have the latest firmwares. These devices are supported?
Any suggestion?
Hello
I guess your VLAN DATA is another VIRTUAL local network that you have configured on the WLC.
Make sure of the ff.
1. you have configured the correct WLAN interface
2. you have assigned the right WLAN interface on your SSID
3. the DHCP of your users (where btw?) if in the WLC, check if it is on the correct subnet and that it is enabledAlso considering it is a safety device, check that the ff:
1. you have configured the necessary policies and fro the AP and WLC
-Note that traffic CAPWAP able, to avoid any problem, just allow and fro WLC and AP for example, two policies a WLC-> AP and another AP-> WLC2. of course, the policies necessary to allow traffic
PS: The compatibility is not a problem, note that your servers SMB of device as a connection of the WLC. You should have no problem integrating the two
If it is not much, kindly rate helpful messages :)
-
Want a couple of opinions on the broadcast of the SSID or not. We have 200 series 1200 ap on a University campus and currently distributed only in a few areas (5%) on campus we also have cisco WLSE to manage.
In my humble OPINION, not broadcasting the SSID is security the same way that wrap you in aluminum foil you made the bulletproof. (It is not / is not, believe me).
A large part of the decision boils down to bandwidth management.
For example, do not broadcast your SSID, anyone using MS Windows Zero Config Wireless will have connection problems... ZWC always will prefer a SSID broadcast, often even if you have the client 'hard-coded' to associate with a specific SSID. Expect phone calls.
Or the other decision, I hope that you have some solid backend authentication and authorization.
It is essentially you have something other people want to (bandwidth, potentially free band). If you're lucky, people will * only * steal bandwidth.
In the past, I think you will find that 'only' bandwidth theft is not enough, you will get some hotshot King or kiddie-script, or spammer, porn that will do malicious things in and on your network (if you are broadcasting your SSID or not.. Word bypass).
Convenience for users and reduce the ' my laptop does not connect to your wireless system (it tries to connect to rogue AP from some students or other hotspot) calls. "
Also keep them my mind is that if you don't broadcast your SSID, unlike someone else (malicious) (advertise * your * SSID)... they can usurp the user and capture traffic... or at least it makes it much easier to perform a man-in-the-middle attack (do a search for "ettercap").
Advertise your SSID and have a good system of auth/auth on the back-end. Everything in the newspaper and be vigilant. Have a plan (and a strong policy) to deal with attackers and did not hesitate to run it.
It is worth a few days of discussion, around this topic and a variety of opinions each valid in a given context. You must weigh the consumers against the administration, against the risk, compared to the budget... and a dozen other variables.
(In general), there is no single best answer for most scenarios.
That's why a good designer / architect system pulls down the fortunes and worth ever penny.
Good luck
Scott
-
How can I disable the ssid broadcast?
I can't find it on my EA6500, and it might be the same for all routers Linksys EA. I found this link which explains why he is no longer available.
-
I have a v1 WRT610N router and cannot find where I'm able to disable the SSID broadcast. I thought I had looked at all the settings screens, but I can't. can someone tell me how to disable the SSID broadcast for this router? Thank you!
Click on wireless on top and it should show these two things
(On the red circles)
-
HP6700 printer: unable to connect to the router wireless D - Link DI-514 when the router Broadcast SSID is set to no. My MAC laptop and HP laptop both work with the set SSID on no. If I change the router Wireless SSID Broadcast is YES, then the printer HP6700 can connect to the wireless router. I set up the printer it saying that the SSID and password have been, the same as both of my laptops, but it connects ever, unless I have change the router to broadcast the SSID. Help!
Have you tried to update the firmware on the DI-514?
You can also try to set a static IP address on the printer, and then assign the printer to the list of DHCP static in the interface of the router.
To give a static IP address to your printer:
-Print a the front of the printer Network Setup Page. Note the IP address of the printer.
-Enter the IP address in a browser to reveal the internal settings of the printer.
-Choose the network tab, then wireless along the left side, then on the IPv4 tab.
-On this screen, you want to set a manual IP address. You must assign an IP address outside the range that the router sets automatically (called the DHCP range). If you do not know the range, change the last set of numbers (those after the last '.') 250
-Apply the subnet 255.255.255.0 (unless you know it's different, if so, use it)
-Enter the IP of your router (on the Page of the Network Config) for the gateway.
-Enter for the first DNS 8.8.8.8 and 8.8.4.4 for second DNS. It's Google DNS. You can choose a different external DNS if you wish.
-Click 'apply '.
Now, stop the router and printer, start the router, wait, and then start printing.After that you remove and re - add the printer to your Mac.
Show support by clicking on the blue Kudos star in the post that solved your problem. Doing so will help the other members of the forum their solutions also.
-
Unable to connect via wireless with SSID broadcast disabled
I want to configure my router for my SSID is not broadcast, because I think it's a logical step to take for increased security. I have not been able to do since I started using my new laptop Inspiron 5558. I tried this several times and every time I turn off the SSID broadcast, I am not able to connect to the Wi - Fi on this laptop. Other remote computers in my house and my smartphone connect without problem, but nothing I've tried helps my new computer Dell laptop to connect via Wi - Fi, except for allowing the SSID broadcast.
I have a router Actiontec MI424WR reverend E. I have installed the new driver and the Intel PROset utility and unfortunately nothing has changed. I went to the settings to investigate some of the other solutions offers, and I came across something that seems to have solved my problem. What I found in SETTINGS/network & Internet/change adapter options/Wi-Fi/see the status of my properties of connection/Wireless / on the connection tab, it was an uncontrolled area with the words "connect even if the network is not broadcasting its name (SSID). I checked this box, and since then, I was able to connect to my network wireless with SSID broadcast disabled. I will now call this resolved and if no new problems arise. start a new post. Thanks for sticking with me on this.
Ed J.
-
Recover the forgotten password already created WLAN in 5508 WLC
Hello
Is it possible that we can retrieve the forgotten password already created WLAN in 5508 WLC. I do not want to reset the password want to only see the existing password. Image is attached as a reference.
Kind regards
Muhammad Noman
Hi Muhammad,
I don't think that it is possible that the key is encrypted in the configuration files as well.
See you soon,.
Ric
-
WLC 2100 limit SSID Broadcast for each AP
All,
Is there a way to limit a certain AP to an individual SSID? We have a WLC 2100 and 6 attached AP. Let me know if you need more information.
Thank you.
Is there a way to limit a certain AP to one individual SSID? We have a 2100 WLC and 6 AP's attached. Let me know if you need anymore information.
If you want, for instance, AP1 to broadcast the SSID, 1, 3 and 5. AP2 to broadcast the SSID 2, etc.
If this is the case, then AP groups is the way to go.
-
WLC 5508 WIRELESS problem SSID
Hello
I recently got a 5508 controller. I use 1 SSID for employees on the main site (using certificate authentication). I want to use the same SSID with different DHCP servers on remote sites, (AP configure with the HREAP mode). So I tried to configure different WLAN ID using the same SSID (I spend in addition to the IP address of the DHCP server). When I try to enable the SSID, I got the following error: "WLAN SSID and L2 security policy with duplicate. I tried to use "Group AP" and put the different WLAN ID in different group AP but it doesn't work.
Someone at - it an idea?
Thanks in advance
Kind regards
Eric
Hello
At the time, we specify the WLAN to use local switching, VLAN HREAP mapping will do the job... It's... the central site clients will grab the IP address of the DHCP Server central according to the dynamic interface mapped to the WLAN and toward the remote father remore users will grab the IP address of the remote DHCP configured based o NTHE VLAN mapping pool WLAN on the AP HREAP for...
Let me know if this answers your question!
Concerning
Surendra
-
On remote access points SSID broadcast
I'm deploying a Uniified Wireless Communication network that spans two location (Head Office and branch) using 1xWLC 4402 and 13 x 1252 APs. Is it possible to configure the access points to the branch to broadcast the ssid, which would not be released on the APs on the WLC seat.
Thank you
OLA
Hi, you could use "overwrite WLAN' to do.
Here the necessary instructions... to search "To substitute WLAN" in the document to get good paragraph...
http://www.Cisco.com/en/us/docs/wireless/controller/4.0/Configuration/Guide/c40wlan.html#wp1089232
-
I have a controller 5508 which resets intermittently, I updated to 8 of our other 7.6.130.0 to 8.0.133.0 without problem. Has anyone else had similar problems? If Yes, what is the reference as appropriate. Output below SysInfo & WLC Log:
(Cisco Controller) > show sysinfo
Name of the manufacturer... Cisco Systems Inc..
Product name... Cisco controller
Version of the product... 8.0.133.0
Bootloader Version... 1.0.20
Retrieving Image Version field... 7.6.101.1
Firmware version... FPGA 1.7, 1.8 Env, USB 2.2 console
Build Type....................................... DATA + WPSName of the system... ABM-GLAN-LS-WLC1
Location of the system... Glanrhyd LS Hub 1
Contact System...
ObjectID of system... 1.3.6.1.4.1.9.1.1069
Redundancy mode... SSO
IP Address....................................... 10.*. *. *
IPv6 address...:
Last Reset....................................... Software reset
Time system... 0 days 19 hours 1 minutes 0 seconds
Location of the time zone of the system...
System Stats in real time interval... 5
System Stats Normal range... 180The country is set... GB - United Kingdom
-Other - or ITU (q)
Operating environment... Utilities (0 to 40 ° C)
Limits the internal temperature alarm... 0 to 65 ° C
... Internal temperature + 34 C
Outdoor temperature... + 19 C
Fan Status....................................... OkState of 802. 11 b network... Activated
State of 802. 11A network... Activated
Number of wireless LANs... 8
Number of Active Clients... 39Built-in MAC address... 7 C: 0E:CE:49:C4:C0
Power supply 1... Currently, OK
Power supply 2... Absent
Maximum number of taken access points supported... 500
Nas - Id system...
Types of certificate MIC WLC... SHA1/SHA2Before the WLC crash even once, kindly would coredump 'config coredump enable '.
How about "sh stat of memory"?
And get ready to upgrade to 8.0.140.0. Release notes can be found HERE.
Maybe you are looking for
-
HP 110-243wb desktop PC: can I upgrade the ram and memory of my HP 110-243wb desktop PC?
Can I upgrade the ram and memory of this HP 110-243wb desktop PC? What suggest you and you thank in advance.
-
Rotate an image after clicking twice on benchmarks in the photo
Hello community! I am looking for a solution to rotate an image by clicking on the two reference points on the image. The two pairs of coordinates of the mouse clicking on can give me the angle of rotation with a simple geometry. After this, I turn t
-
Have made many attempts to install MS of the indications of updates KB2804576 and KB2804577, nothing helped, despite the "installed successfully". I am told that this is caused by the missing or damaged file: MSVBVM60. DLL. How can I acquire and ins
-
My WMM doesn't work anymore, I already have SP2 so it won't reinstall and my installation disc is scratched. How can I reinstall WMM?
-
Jasc paint shop pro studio, Dell Edition
I got this error message and don't know why and what to do. Error 1706. Valid any source not found for Jasc Paint Shop Pro Studio product. Reference Dell Edition. Windows Installer cannot continue.