Connection 5520 s WLC to 7706 Nexus s

I "inherited" a bunch of material that the customer wants to use me to a local wireless network. The interesting bit connects the WLCs 5520 to the 7706 s nexus.

Ideally, because I have two WLCs and two Nexus, I would like to connect a port of each WLC to each link, but it is complicated by the fact that the Nexus is running vPC, not VSS and speaks only LACP, but the WLC includes only coy LAG.

It has been suggested that if I created the Nexus (Nexii?) to run the WLC and LACP to run LAG, it will work, but I want to be reasonably sure before going to the risk of exposing myself to ridicule when a CEP fails.

So, in a nutshell: can (and if so, how) I connect two 5520 WLCs to a pair of Nexus 7706, such as incoming traffic or Nexus can get WLC and criticaly, BACK to the source using only the features of L2, or if this is not possible, how do this with routing rather than go without making a rod for my back?

Thanks for any help

Jim

Hello Jim,

Cisco TAC, topology I tried was invalid itseems. By their suggestion a configured WLC LATE can be connected to a single switch upstream :(

Please find attachment as the physical topology that I was recommended.

Tags: Cisco Wireless

Similar Questions

  • AP failed to connect with the WLC.

    We have 5 sets of 1700 APs works on the mode of the controller and cisco WLC 2500.
    I configured the controller as I always used to do, but this time the access points have been unable to reach the controller.
    That's what I did:
    controller IP address:192.168.1.250/24
    GW:192.168.1.1
    Primary DHCP: 192.168.1.250
    I have connected the port1 controller with ethernet cable from the switch and the same switch I connected the AP.
    We used the adapter instead of the POE switch.
    I even tried assigning address to AP directly through the console as:
    CAPWAP ap controller ip address and so on. This did not help either.

    There was this message in the AP "% CAPWAP-5-DHCP_RENEW: could not find WLC by using DHCP IP." DHCP IP renewal. "
    Moreover, the POE ports in the controller, they provide enough energy for the PA to operate?
    Help, please.
    I have attached the PuTTY log as well.

    Hello
    WLC connection has successfully been created. Then he for some reason any. I don't know if this helps, but try to connect the ethernet cable directly to the AP instead of port POE port to THE.
    You can use port POE on AP even if you don t use the POE switch.

    And regarding the port POE on WLC. Cisco doesn´t recommend that you directly connect AP to WLC, but it is possible.

    Also I Don t see that the IP address is assigned by DHCP.
    Try also to use the commands:
    CAPWAP ap ip address...
    CAPWAP ap ip default-gateway...

    I guess the WLC and switch are configured correctly.

    EDIT:

    I had similar problem today.
    Just connect the cable from the console to AP, go to mode and type the commands:
    Claire capwap private-config
    Claire lwap private-config

    then reload AP with command "reload".

    After these commands AP joined succesfully WLC

  • Access point does not connect to my WLC

    Hi all

    I have a strange...

    I have 5 AP1000 used to connect to my WLC without problem, now they will not join with the WLC.

    I have the following error in syslog "no Council payload of data found in the join query? I'm also 10 AP1242 who register without problem. Does anyone have any ideas how I can get these babies to join the WLC?

    See you soon

    Colin

    Yes, 1000 access points are supported only on code 4.2... They do not have enough memory to support higher levels of code...

  • Internet Auth users simultaneous connections by Cisco WLC 5508?

    Hello

    We have 2 WLC5508 (7.2.111.3) with multiple SSID.

    One of them is configured as Passthrough with an external boot server. Works very well.

    Now, we want to use the "failure of MAC filtering on.

    If the client MAC address is configured under filtering MAC on the WLC, authentication is done without WebAuth.

    If the MAC address is not known, the client will be redirect to the external WebAuth server for authentication.

    To preserve the functionality of relay for the user, we have hard coded a username & password in the start page.

    Thus, each customer WebAuth uses the same user name & password for authentication against the WLC.

    Strategies of user login is set to unlimited.

    So far so good, it seems to work, but I've read that the controllers of Cisco 5500 supports only 150 concurrent connections to Auth users.

    The two WLC have abount 100-170 clients connected.

    Question:

    -It's going to be a problem with 150 connections simultaneous, despited when the not usin only one user for all customers-Wifi?

    -L' user WebAuth is possible with a Cisco ISE as Passthrough, no username & password must be entered by the user.

    If so, some guide information wolud be great.

    -When it is properly authenticated, a logout screen shows on the Windows client. Can he hide some how?

    Thanks for the replies ;-)

    Kind regards

    Norbert

    Its probably a limitation to the treatment of patients with the same credentials.  I never ran into a questions, but how many comments will complain, if they hit the button to accept a few seconds after :)

    Thank you

    Scott

    Help others using the system of rating and marking answers questions like "answered."

  • Connection to a wlc on subnets

    I recently bought a 4402 wireless controller to manage our access points. When I put the APs on the same subnet as the subnet ap-Manager, I get the access point you want to connect. When I put on the subnet wireless access point, it does not connect. Does not record again.

    I read that I have to layer 3 routing on the 4502 to work. I'm doing now. Do I need to configure anything on my switches to ensure that packets are by (a bit like defining where the DHCP server) or should it just work? Do I need to set up a WLAN ID that corresponds to the ID of the WLAN using the switches? I thought I tried that first and not had much luck. Any ideas on this vague question?

    I'm trying to dig into the documentation to see if I can find the answer, but so far I have found nothing.

    Sent by Cisco Support technique iPhone App

    You will want to ensure that your APs can route where that you install to the WLC management address.

    How APs find the controller may occur a few different ways:

    (1) A DNS record

    (2) layer 2 broadcast (that you've already seen)

    (3) IP Route forward

    (4) DHCP Option 43

    (5) manual to initiate the PA

    Most people lead with option 43.

    http://www.my80211.com/Cisco-WLC-Labs/2009/7/4/Cisco-DHCP-option-43-configuration-nugget.html

    If you see the configuration guide will explain the other process.

  • Please tell me how to connect with FCoE mini-UCS and Nexus N5k (N5K-C5548UP-B-S32)

    I have UCS 5108 chassis of Server Blade (with two blades B200 M3 inside and two FI 6324) connected to the switch of Nexus N5k 4x10GE links.

    I want to set both aggregated channels FCoE (vFC) of chassi to pass.

    All the instructions I've seen mention that UCS-mini needs to be mode end-host FC, but version 3.0 UCSM does not support this mode, what should you do?

    I put in place following the www.cisco.com/c/en/us/support/docs/switches/nexus-5000-series-switches/116248-configure-fcoe-00.html instructions

    But after the installation, I get an error on the fabric: FCoE or FC uplink is down on Vsan 500;

    And the Nexus program: Vsan 500 is declining (pending flogi)

    When I ' display interface vfc 1 ' CLI nexus I don't see "Trunk VSAN (high)", but

    "VSANS trunk (boot) (500).

    Unfortunately, I can't find the technical notes for mini UCS (with UCSM v. 3.0), so maybe you can promt guides or suggestion for this?

    Thank you in advance!

    Same question here.

    TIA

  • WLC Flex connect local authentication does not work

    Hi guys,.

    I'll give you a brief description of our current flexconnect configuration. We have APs configured mode flexconnect in the remote office and in local mode in the local office. Wireless LANs are the same in both locations and we have detected a problem in one specific SSID. It is a voice SSID and configured in 802.1 x mode that authenticates to a RADIUS server in the remote desktop.

    We detected only when the WAN line gets collapsed the IP phones unplugged wireless SSID and when the WAN line become free, reconnected.

    We have seen that we can configure Flexconnect local auth mode to avoid this problem, but it of esn can't work properly. We have set up APs in remote site with an IP address static and configured as NAS in the RADIUS server, but we did not see any which authenticayion in th RADIUS server package when change us the SSID to «FlexConnect auth» local

    Can you give me an idea to help solve this problem?

    Thanks in advance.

    Joel

    I suppose that clients connected by access points Flexconnect have problems where the WAN connection is down (?)

    It depends on your current configuration and security policy what are the feasible options in this scenario. If there is an available RADIUS server - who can still authenticate your users while the WAN line is down, you can configure your access points to access this server directly. You must use a FlexConnect for this group and configure the external server on the general tab, in the menu "AAA". You already made the point of access-static IP addresses and add them as clients on the RADIUS server, then it should work.

    Another option is that in the event of failure, access points to will authenticate the client based on a local data base and/or certificate. Also, this requires a FlexConnect group and the option 'Enable local authentication AP'. For example: If you are using PEAP and a specific user for VoWLAN account you can download the server and the certificates of CA to the WLC and add the credentials of this account to build the same configuration with the external server. Downside of this is the lack of central logging that may not match your security policy.

    Remember that the access point itself can't remember the relationship between the access point and FlexConnect group, in both scenarios, you need to configure all controllers manually with these MAC to the Group mappings. This behavior is different in comparison with the "groups of AP" what access point you remember during the passage of the controllers.

    The "FlexConnect local authentication" option on the SSID itself forces always use local authentication that has been configured on the FlexConnect group even if the connection with the WLC is available. I don't think that it is feasible to use it in your scenario.

    Please rate helpful messages... :-)

  • 3702 AP loss connectivity to WLC in local mode

    Hi Experts,

    I have an AP 3702 which loses connectivity to the WLC and line protocol goes down.

    PoE is always present on the connection to the switch, but only to 15.4 instead of the full 16.8 as with normal operation 3702.

    There are 8 other 3702 AP this floor who have no problem.

    "Could arp not the ip address of the controller, try again later" is a common phenomenon in their newspapers so I don't think it has any bearing on the issue with this particular access point.

    All 9 x 3702 are connected to a switch of edge double accommodation 3750 X battery via 3 x 3560CX in the ceilings.

    If I close and (after some time) put to the port of the switch, the AP will get back in touch with the WLC, but then drop again as before in an hour or two.

    I deleted the config on the AP and let it sit in mode monitor/sniffer for a few days and he stayed until perfectly so I thought everything was ok. I've reconfigured to accept clients, and since then, it has dropped again.

    Hope that this is not a hardware failure and your advice is really appreciated.

    Thank you

    Stem

    *Jul 22 05:14:49.539: %DPAA-3-ERROR: ! MINOR FM-MAC Error No Device;  Read wrong data (0xffff): phyAddr 0x0, reg 0x-Traceback= 119B108z 26FFF24z 26FFA8Cz 26C1870z 15090ECz 150B3C8z 150AC30z 15065C4z 12250DCz 122CF08z 132B150z 1310*Jul 22 05:14:50.099: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up*Jul 22 05:14:50.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down*Jul 22 05:14:52.539: %LINK-6-UPDOWN: Interface BVI1, changed state to down*Jul 22 05:14:53.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to down*Jul 22 05:14:54.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up*Jul 22 05:14:59.099: %LINK-6-UPDOWN: Interface BVI1, changed state to up*Jul 22 05:14:59.539: %DPAA-3-ERROR: ! MINOR FM-MAC Error No Device;  Read wrong data (0xffff): phyAddr 0x0, reg 0x-Traceback= 119B108z 26FFF24z 26FFA8Cz 26C1870z 15090ECz 150B3C8z 150AC30z 15065C4z 12250DCz 122CF08z 132B150z 1310*Jul 22 05:15:00.099: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up*Jul 22 05:15:00.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down*Jul 22 05:15:02.539: %LINK-6-UPDOWN: Interface BVI1, changed state to down
    Messages above give me the feeling that there is a problem with communication between the physical network of the access point connection and control software. This can be hardware and associated software. Your best bet to analyze tracing messages is TAC, so my advice is to connect a case and let send them your registration. The 3700's have "limited lifetime warranty" so you can ask a new in case it is broken (even without a smartnet) you have to wait at least 10 days. Keep us informed about the solution! Please rate helpful messages... :-)

  • Connect UCS to Nexus

    Hello

    I add UCS FI to our network, connect you to a switch of Nexus. our network has several VLANS isolate and VLAN normal, that all should be trunk to FI. The port of the switch, can I do mode normal trunk, or private - vlan trunk.

    Thank you

    Hello

    In general, all them VLANs is defined in a domain UCS are shared resources on any Nortbound links, see

    http://www.Cisco.com/c/en/us/support/docs/servers-unified-computing/UCS-...

    However, there is also the notion of vlan disjoint, see

    http://www.Cisco.com/c/en/us/solutions/collateral/data-center-virtualiza...

    Walter.

  • WLC connect through ACS 5.1

    Hello

    I was wondering if someone managed to configure ACS 5.1 to accept the connection of a WLC 5500 request?

    I managed to get configured following the tracking https://supportforums.cisco.com/docs/DOC-14908 link
    but when I try to connect to the WLC by using my credentials for GBA I just get the login again screen.  I checked the logs of GBA and it says my user name has passed the authentication process and it corresponds to all the rules that I set myself.  The only thing I have noticed is my 'privilege level' is only 1 but I don't know if it is right for an http connection.

    Any help would be appreciated.

    OK, so it seems that there is a space or a carriage return after ALL

    * tplusTransportThread: 11:38:45.980 24 Jan: arg [0] = [28] [role1 = ALL]

    Can rebuild you the attribute, then click on apply, you might be able to put the cursor behind ALL and click on delete.

    Steve

  • How can I ensure that only known AP to connect to WLC

    I have a Cisco 2112 WLC with of 1131 LWAP

    How can I ensure that only known AP to connect to the WLC?

    Thanks in advance

    Richard

    Hi Richard,

    You can use allow the PA against AAA to make sure that all AP registering on your WLC are allowed the AP network.

    By activating this feature, only these AP whose mac addresses are present in the list of permission, will be able to register at the WLC.

    This list of authorization may be present externally on a server or a local list on the WLC himself. The link below explains in detail:

    http://www.Cisco.com/en/us/products/ps6366/products_configuration_example09186a00808c7234.shtml

    Another feature, which has already been mentioned in this thread, is the unreliable detection. With this feature, the WLC will be able to detect any access point that is not a part of his band RF and contain them.

    Please see the document below for more information in this regard:

    https://www.Cisco.com/application/PDF/paws/70987/rogue_detect.PDF

    Kind regards

    Stéphane

  • WRT1900AC and my Nexus 5

    Hey guys,.

    I have a weird problem, when I am connected to my wrt1900 via my nexus 5 I can't check my email. When I check the setting on my nexus 5 through the email program it tells me that it cannot connect to the server. Now, if I connect through my wrt54gl which I use as a Repeater, I have no problem. Oh, the ACTC. e-mail is an IMAP it's a .edu in gmail. Any suggestions? Thank you.

    I solved my problem :-) I discovered than Android or Google Services (I don't know which) do not like IPv6. When I turned off all right. Thanks again Froidhiver for all your help and suggestions. My question now is to disable IPv6 will have no negative effect?

  • Nexus 5000 - behavior of odd Ethernet (link inactive down) interface

    Hi guys,.

    It would sound really trivial, but it's very strange behavior.

    -We have a server connected to a 2, 5000 s Nexus (for resiliancy)

    -When there is that no config on the ethernet interfaces don't either, the ethernet interface is up / upward, there is a minimum amount of traffic on the link, etc. For example

    Ethernet1/16 is in place
    Material: 1000/10000 Ethernet, address: 000d.ece7.85d7 (bia 000d.ece7.85d7)
    Description: shipley - p1.its RK14/A13
    MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA
    Port mode is access
    full-duplex, 10 Gb/s, media type is 1 / 10g
    Lighthouse is off
    Input stream control is turned off, output flow control is disabled
    Flow mode is dedicated
    Switchport monitor is off
    Last link flapped 00:00:07
    Last clearing of "show interface" counters 05:42:32
    entry 30 seconds 0 bps, 0 packets/s rate
    exit rate of 30 seconds 96 bps, 0 packets/s
    Load-time #2: 5 minutes (300 seconds)
    heat flow 0 bit/s, 0 pps; output rate 8 bits/s, 0 pps
    RX
    0 packets unicast packets multicasts 0 0 broadcast packets
    entry packets 0 0 bytes
    0 packets of removal of storm Jumbo packets 0
    Giants of Runts 0 0 0 CRC 0 no buffer
    short entry error 0 0 0 overflow under-run 0 0 ignored
    0 0 bad etype watchdog fall 0 bad proto place 0 if drop
    0 entry with dribble 0 rejection of entry
    Rx pause 0
    TX
    0 163 0 multicasts packets packets broadcast unicast packets
    packages of exit 163 15883 bytes
    0 jumbo packets
    collision of errors 0 0 released 0 postponed end collision 0
    0 lost 0 carrier no carrier 0 chatter
    Tx break 0
    1 interface resets

    -As soon as I set up the link to be an access port, the link goes down, "inactivity" example of markup

    SH int e1/16
    Ethernet1/16 is down (inactive)
    Material: 1000/10000 Ethernet, address: 000d.ece7.85d7 (bia 000d.ece7.85d7)
    Description: shipley - p1.its RK14/A13
    MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA
    Port mode is access
    Auto-duplex, 10 Gb/s, media type is 1 / 10g
    Lighthouse is off
    Input stream control is turned off, output flow control is disabled
    Flow mode is dedicated
    Switchport monitor is off
    Last link flapped 05:38:03
    Last clearing of "show interface" counters 05:41:33
    entry 30 seconds 0 bps, 0 packets/s rate
    exit rate of 30 seconds 0 bps, 0 packets/s
    Load-time #2: 5 minutes (300 seconds)
    heat flow 0 bit/s, 0 pps; output rate 0 bps, 0 pps
    RX
    0 packets unicast packets multicasts 0 0 broadcast packets
    entry packets 0 0 bytes
    0 packets of removal of storm Jumbo packets 0
    Giants of Runts 0 0 0 CRC 0 no buffer
    short entry error 0 0 0 overflow under-run 0 0 ignored
    0 0 bad etype watchdog fall 0 bad proto place 0 if drop
    0 entry with dribble 0 rejection of entry
    Rx pause 0
    TX
    0 packets 146 0 multicasts packets broadcast unicast packets
    packets to exit 146 13083 bytes
    0 jumbo packets
    collision of errors 0 0 released 0 postponed end collision 0
    0 lost 0 carrier no carrier 0 chatter
    Tx break 0
    0 resets interface

    -This behavior is visible on the two 5Ks

    -J' have tried to use a different set of ports, SFP and fiber cabling without result changed

    -I can't understand this behavior?  In this, why to configure the port would cause the link to go down?

    -If anyone has experience this before, or could shed some light on this problem, it would be appreciated.

    SH ver
    Operating system (NX - OS) Cisco Nexus software
    TAC support: http://www.cisco.com/tac
    Copyright (c) 2002-2010, Cisco Systems, Inc. All rights reserved.
    The copyright in certain works contained in this document are the property of
    other third parties and are used and distributed under license.
    Portions of this software are covered by the GNU Public
    License. A copy of the license is available at
    http://www.gnu.org/licenses/gpl.html.

    Software
    BIOS: version 1.2.0
    Charger: version N/A
    Kickstart: version 4.2 (1) N1 (1)
    system: version 4.2 (1) N1 (1)
    power-seq: version v1.2
    Compile of the BIOS time: 19/06/08
    kickstart image file is: bootflash:/n5000-uk9-kickstart.4.2.1.N1.1.bin
    Kickstart compile time: 2010-04-29 19:00 [2010-04-30 02:38:04]
    filesystem image is: bootflash:/n5000-uk9.4.2.1.N1.1.bin
    compile time: 2010-04-29 19:00 [30/04/2010 03:51:47]

    Thank you

    Sheldon

    Hello

    If you have configured ports such as access to VLANs ports, who are either:

    (a) not configured on the switch / present in the database for vlan.

    or

    (b) present in the database, but it is in a suspended state.

    You will encounter this problem.  Please can you check the status of the VLAN?

    Hope this helps

    Martin

  • Management user for WLC via LDAP Possible?

    Hi guys, just like the title suggests

    Correct me if wrong Im:

    The two GANYMEDE + and RADIUS can be used to access right management WLC?
    Well how about you for LDAP? (In fact my answer to this is 'not possible', but I just want you to)

    so is LDAP for managing the access to WLC supported?

    If you look at the options when adding a RADIUS or radius server on a WLC is a checkbox for managing it to the admins to log on to each server radius or Ganymede, it has no option to do this with LDAP. When an administrator connects to a WLC using radius or Ganymede wil server sends a specific response saying that the admin can do (read only, read/write), LDAP does not as far as I know do that.

    Hope this helps

  • UCS to NEXUS

    Hello

    Is it possible to connect a UCS solution to a pair of 5500 Nexus via native Ethernet according to LAN and CF communications native according to communications SAN? Then I was going to link arrays EMC VNX 5500 Nexus via native FC and the core of his native LAN via Ethernet. In other words, I use 5500 Nexus as a LAN/SAN consolidated device, but WITHOUT using a consolidated as FCoE Protocol. This design is ok? Have warnings or things to keep in mind?

    In addition, in this scenario it would add any benefit to connect the VNX berries to the Nexus through FCoE instead of native FC?

    Thank you

    This will work. Do us all the time in our laboratory. The 5500 replaces the need for a MDS or Brocade FC switch. It works perfectly. You can use the NPIV Switch 5500 or you can enable the CF to switching in the box of the UCS and make a E or TE port between the 5500 and UCS FIs.  We also support F port channel trunk between 5500 and UCS FI, you can do just about every option CF connection between boxes of Nexus and UCS.

    I can't comment on the VNX and it's FCOE capabilities.

    Louis

Maybe you are looking for

  • sbRIO synchronism IO and screws

    Hello I am a program on a coding sbRIO. It is a program I wrote for a cRIO and now I put it on a sbRIO. The 'problem' is that there is no support scanning for the sbRIO engine, so I use FPGA to access the IO. So I was access the e/s using the open FP

  • Photos do not print in the original proportions

    Parameters of the photo library When I opened the Windows Photo Gallery and send a picture to copy on my printer, copies are elongated. I thought it was the printer, but a new printer does the same thing, so my Gallery settings are wrong somehow. I u

  • BlackBerry Smartphones Blackberry "BOLD" w / ATT

    I am considering buying the "BOLD" and my carrier is ATT. I currently have the Pearl, and I just had a few questions about the "BOLD". It is necessary that you buy a package of data with same ATT use and opperate the phone? On the ATT site, under the

  • Dynamic PAT on the PIX

    Hi Expert, If I want the range of dynamic ports NAT in 5500 to 5800, in my address public IP that a NAT IP address private, how to set up? Here is an example, public IP = x.x.x.x address private IP = z.z.z.z NAT x.x.x.x port 5500-5800 to z.z.z.z port

  • Hard to download

    Hello, yesterday I bought the first cc pro app and went on the page creative cloud app to download. I pressed the button download and on screen, he began by saying that it is download but there is no sign of it elsewhere on my computer. I have left i