The SSID on Cisco WLC support no.
Hi all
Can you please help me to provide details on the following Cisco wireless controller?
1. no support SSID on Cisco WLC
2. is it possible to limit the SSID on the access point (for example, I have 10 SSID configured on the controller, I want 10 first access points using SSID (SSID 1-5) and rest of the AP SSID 6-10)
Thank you
Jamal
Hi Jamal,.
Just to add to the great info of Robert (+ 5 points Robert)
The feature you're looking for is called WLAN substitute in versions 4.x WLC.
Allowing substitution WLAN
By default, all defined WLAN transmission on the controller access points. However, you can use WLAN editable to select WLAN is transmitted and who are not on a per access point basis. For example, you can use WLAN to control override goes where in the guest WLAN network or you can use it to disable a specific WLAN in a certain area of the network.
This doc.
http://www.Cisco.com/en/us/docs/wireless/controller/4.0/Configuration/Guide/c40wlan.html#wp1114777
Once you create a new WLAN, WLAN > page edition for the new WLAN. In this page, you can set various parameters specific to this general policy, RADIUS servers, political security WLAN key, and 802.1 x settings.
* Check Admin status under general strategies to activate the WLAN. If you want AP broadcast the SSID in beacon frames, check the SSID broadcast.
Note: You can configure up to 16 WLAN on the controller. The Cisco WLAN Solution can control up to sixteen WLAN for Lightweight APs. Each WLAN has an ID separated from WLAN (1 to 16), a WLAN SSID (name of the WLAN) separate and can be assigned to single security policies. Lightweight APs broadcast all Cisco WIFI WLAN SSID Solution assets and apply the policies that you set for each WLAN.
The good doc.
In versions 5.x, you will use AP groups, because in versions 5.x WLC, WLAN substitute has been replaced by the "Groups of AP" feature;
Creation of groups access Point
After all the access points have joined the controller, you can create up to 150 groups of access point and assign up to 16 local wireless networks in each group. Each access point announces that the WLAN enabled that belong to his group of access point. The access point no announcement not disabled WLAN in its access point group or WLAN that belong to another group.
http://www.Cisco.com/en/us/docs/wireless/controller/5.2/configuration/guide/c52wlan.html#wp1128591
To learn more about George video AP discover excellent groups
http://www.my80211.com/Cisco-Labs/2009/3/22/Cisco-AP-group-nugget.html
I hope this helps!
Rob
Tags: Cisco Wireless
Similar Questions
-
Internet Auth users simultaneous connections by Cisco WLC 5508?
Hello
We have 2 WLC5508 (7.2.111.3) with multiple SSID.
One of them is configured as Passthrough with an external boot server. Works very well.
Now, we want to use the "failure of MAC filtering on.
If the client MAC address is configured under filtering MAC on the WLC, authentication is done without WebAuth.
If the MAC address is not known, the client will be redirect to the external WebAuth server for authentication.
To preserve the functionality of relay for the user, we have hard coded a username & password in the start page.
Thus, each customer WebAuth uses the same user name & password for authentication against the WLC.
Strategies of user login is set to unlimited.
So far so good, it seems to work, but I've read that the controllers of Cisco 5500 supports only 150 concurrent connections to Auth users.
The two WLC have abount 100-170 clients connected.
Question:
-It's going to be a problem with 150 connections simultaneous, despited when the not usin only one user for all customers-Wifi?
-L' user WebAuth is possible with a Cisco ISE as Passthrough, no username & password must be entered by the user.
If so, some guide information wolud be great.
-When it is properly authenticated, a logout screen shows on the Windows client. Can he hide some how?
Thanks for the replies ;-)
Kind regards
Norbert
Its probably a limitation to the treatment of patients with the same credentials. I never ran into a questions, but how many comments will complain, if they hit the button to accept a few seconds after :)
Thank you
Scott
Help others using the system of rating and marking answers questions like "answered."
-
Cisco WLC 2504 - Access Points do not reach the controller
Hello world
We bougth a Cisco WLC 2504 with two AIR-AP2702I-UXK9 Access Points. The problem is that the AP do not join the WLC.
The output from 'show join ap stats' shows the following:(Cisco Controller) > view join ap stats summary all the
Database Mac EthernetMac AP AP name IP address Status
00:35: 1a: B1:A9:60 00:f2:8 b: f4:1 has: 9 c AP00f2.8bf4.1a9c 192.168.10.23 joined not
00:35: 1a: C9:99:B0 00:f2:8 b: 77:b7:fc AP00f2.8b77.b7fc not joined 192.168.10.24(Cisco Controller) > show join ap 00:35:1 detailed stats to: b1:a9:60
Synchronization phase statistics
-For the synchronization request has received... Does not apply
-For the synchronization completed... Does not applyDiscovery phase statistics
-Applications received discovered... 114
-Answers success of discovery... 114
-Discovery failure processing... 0
-Purpose of the last unsuccessful attempt of discovery... Does not apply
-Attempt to finally successful discovery time... 20:15:40.106 16 June
-Discovery attempt ultimately unsuccessful time... Does not applyJoin the live statistics
-Join applications received... 57
-Join sent successful responses... 57
-Processing of the join request without success... 0
-Purpose of the last unsuccessful attempt to join... Does not apply
-Attempt to join finally managed time... 20:15:50.414 16 June
-Join finally failed time... Does not applyConfiguration phase statistics
-Configuration requests... 114
-Answers configuration successful... 0
-Processing configuration failed... 57
-Purpose of the last unsuccessful attempt to Setup... Invalid license in the application configuration
-Attempt to finally successful configuration time... Does not apply
-Time finally failed configuration attempt... 20:15:50.810 16 JuneLast the decryption of the AP details failure messages
-Last message decryption failure reason... Does not applyDetails of recent disconnection AP
-Last AP connection failure reason... Does not apply
-Last reason for disconnection AP... Unknown failure reasonLatest summary join error
-Type of error that occurred in the last... Application of configuration rejected LWAPP
-Reason for the error that took place the last... Invalid license in the application configuration
-Time which occurred the last error to join... 20:15:50.810 16 JuneDetails of sign-out AP
-Last AP connection failure reason... Does not apply
Ethernet Mac: c 00:f2:8 b: f4:1 has: 9 Ip address: 192.168.10.23Would be grateful for the help.
Best regards
MarcHi Marc,
Make sure first that your controller has software code 8.0.x or above, if first better it. Here's the code recommended by TAC
Then, try the UX above deployment guide to begin. Under Advanced tab WLAN, you need to enable "of the first universal ap' in order to use this app provisioning & connect to the AP.
If you have more than 1 AP, then you must start 1AP using this application. Other access points that you can feed them upward, while AP original is also powered, so they'll use protocal called NDP & start them automatically
Let us know how it goes
HTH
Rasika
Pls note all useful responses *.
-
My installation has cisco WLC 5508 and ACS 1120 ver 5.0. How to authenticate users who access to the WLC via the ACS 1120 users GANYMEDE +. I am able to authenticate users for routers and cisco switches, but when I try the same for the CMT, it fails.
Can someone explain please the config/basic steps that must be configured on both services ACS & WLC.
You use plain vanilla 5.0 or have installed patches?
the ACS 5.1 has new GANYMEDE related functionaity, including support for custom services and attributes. If they are necessary for the WLC yo need support it would improve.
He could also relevant corrective patch from calendar 5.0 but I can't find any relevant specific at this stage CDETS
-
Broadcast the ssid on WLC for multiple ssid
Hello
I'm looking to broadcast the ssid as 13 on the controller, but another 2 not broadcasting. can we do this? It will be totally 15 SSID, provision of services to clients over several suppliers.
Thanks in advance
Hello
By default, the Cisco access point supports 16 SSID... If you want 15 SSID in werving network customers then its possible at the level of the problems... If the SSID is not broadcast, check if customers correctly enter the credentials and create a manual profile on the laptop or something... it will work.
Let me know if that answers your question...
Concerning
Surendra
====
Please do not forget to note positions that answered your question and mark as answer or was useful -
New Cisco Aironet 1602i is not broadcasting the SSID I place
New Cisco Aironet 1602i is not broadcasting the SSID I place
SSID I set up is not broadcasting, so I don't see the wireless network to choose and connect. On my laptop if I choose specify the name of the SSID then I am able to connect to the wireless network. I have only 1 Configuration SSID on the access point. Anyone know how to update the configuration for the SSID is broadcast?
The green light on the AP flashes and turns off about 3 seconds; is this normal or should it stays on all the time?
Current configuration: 1842 bytes
!
version 15.2
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
host ap name
!
!
Pulse 9 logging console
enable secret 5 $1$ rrlE$ msWqu8CGY/tpDkgRAAAIe /.
!
No aaa new-model
no ip Routing
no ip cef
!
!
!
dot11 syslog
!
dot11 ssid Mi Casa
open authentication
authentication-key wpa version2 management
WPA - psk ascii 7 142017070F0C787B7579
!
!
Crypto pki token removal timeout default 0
!
!
username Cisco privilege 15 password 7 112A1016141D
!
!
Bridge IRB
!
!
!
interface Dot11Radio0
no ip address
no ip route cache
!
encryption algorithms aes - ccm tkip encryption mode
!
SSID Mi Casa
!
gain of antenna 0
STBC
beamform ofdm
root of station-role
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface Dot11Radio1
no ip address
no ip route cache
!
encryption algorithms aes - ccm tkip encryption mode
!
SSID Mi Casa
!
gain of antenna 0
DFS block 3 Strip
STBC
beamform ofdm
channel SFR
root of station-role
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface GigabitEthernet0
no ip address
no ip route cache
automatic duplex
automatic speed
Bridge-Group 1
Bridge-Group 1 covering-disabled people
No source of bridge-Group 1-learning
!
interface BVI1
IP 192.168.10.200 255.255.255.0
no ip route cache
!
by default-gateway IP 192.168.10.1
IP forward-Protocol ND
IP http server
no ip http secure server
IP http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
1 channel ip bridge
!
!
!
Line con 0
line vty 0 4
local connection
transport of entry all
!
end
Hi you must guest mode config on the ssid... Read this bud
https://supportforums.Cisco.com/docs/doc-5442
Sent by Cisco Support technique iPhone App
-
Cisco Aironet 1830 disable broadcasting of the SSID
I recently bought a Cisco Aironet 1830 with the mobility Express version. installed 8.2.100.0. This unit is my controller and my only AP. I configured the device, but I can't seem to find a setting in the GUI or the CLI of the controller or AP disable broadcasting of the SSID. Can someone help with this?
Thank you
The CLI is available, the following command:
config ssid broadcast disable wlan
where wlan id is the number of your wlan. If in doubt, do a show wlan summary which should give you this info, I hope. Ric
-
Cisco WLC SSID anchored several subnets
Hello
I have a requirement to land a SSID on a controller of the anchor but that AP customer connect I need them to receive certain IP address.
Then...
I have a LWAP called AP1 connection to WLC1, WLC1 uses WLC2 as the anchor for the ssid SSID1 DC. When a user connects, I want the user to get an address of SUBNET1. If a user connects to AP2 is also linked to the WLC1 I want the user to get an address of SUBNET2
Now... If the AP is it is located directly on the WLC2 I could use groups AP to provide this feature, no one knows if its possible to combine it with anchor?
Thank you
RG
Fix... You can't do what you are trying to accomplish. If you were doing 802. 1 x, you can use override AAA to assign users to a vlan, but other than that, the WLC cannot perform this task.
Sent from my iPhone
-
Cisco Wireless - E2500 N Dual Band router and hide the SSID
Hello
I tried to hide my SSID by allowing emissions the SSID of the first, and then the other band.
Once I have say-activated the SSID broadcast of the last band my laptop, which has the wireless card, would lose connection to the internet on reboot.
I read somewhere, but now can't find the article, you can hide those SSID, but it requires some work to connect to a network that is more diffuse.
Someone has knowledge on how to go about this, or maybe they could point me to a resource that explains how to set this up... thanks.
Tom.
The properties of the wireless network. Check "Connect even if this network is not broadcast".
-
Yes, I know they are very old servers and technically, we should move away from CASES in total. But unfortunately, it's an environment I inherited, and I am now dealing with issues. Because of the requirement to move away from sha - 1 signed certificates that I need to replace my existing certs, certs signature sha-256. But before I do that I would like to know if anyone knows if CASE version 4.1 (8) supports SHA - 256 certificates? I did check the release notes, but there is no mention of the supported versions of SHA, etc.. I tried TACS but no joy there either, etc..
Hello Rafael,.
SHA - 2 signed the certificate of support was added in 4.7.2 for SCS and CAM.
We have filed a default document to have it documented in the release notes.
CSCud99946 Note of support for the NAC should say we support certs of SHA - 2Kind regards
Jousset
-
WLAN how can I use with Cisco WLC 2504
I have two companies co-implantant and to decrease costs would like to implement a single Cisco WLC and separate traffic with the VLAN. I see that the controllers of the series Cisco WLC 2500 min supported number of WLAN: 5 and max: 75. That means actually? When I create more than 3 WLAN on a controller, the best practices page advises me against the use of more than 3 WLAN. Is it good to have more than 3 Wireless LANs, and what are the penalties to do?
5 and 75 are the number of points WLC can support access light weight.
By default, 2504 can manage up to 5 access points. You can increase this number up to 75 by adding the new license.
Also, it can support up to 16 different WLANs (SSID)
FC
-
Cisco WLC license evaluation of Access Point
Hello
I would like to know what is happening to access connected to a Cisco WLC points if the evaluation license reached its expiration date and other licenses have not yet been installed all connected access points would cease immediately operation?
Kind regards
Mark
Yes, they would stop working.
Note: when you add licenses a reboot is required. Even if the number of supported the HA increases on reset controller is always necessary for these devices to register on the controller under the permanent license. I once added licenses and when I saw the number of the AP increase - I experimented with the restart - and when evaluating lic. expiration of my AP dropped the controller.
-
Cisco WLC 2504 with AIR-AP1131AG-A-K9
Hello
Can you help me for some info about AIR-AP1131AG-A-K9.
I have a wlc 2504, but I don't know if the AIR-AP1131AG-A-K9-supported 2504 wlc.
Can work this WLC 2504 with AIR-AP1131AG-A-K9 solution?
If so, guide.
Thank you very much
Gezimv
Check out this link. As long as you have software version 8.0.x 2504 version you can use 1131 AP with it. Nothing beyond software fate is more a series of support 1131.
http://www.Cisco.com/c/en/us/TD/docs/wireless/compatibility/matrix/compatibility-matrix.html#56735
HTH
Rasika
Pls note all useful responses *.
-
Cisco WLC 5508 &; HP printer
Hello
I have some problems with cisco and hp airprint wlan systems.
I use two cisco wlc 5508, a master and an anchor.
the APs ar connectet to master wlc, DHCP and the point of diversion to the internet are on anchor wlc.
so far, with my android phone, I can connect and hepatitis has access to the internet.
now, I use an HP Multifunction (MFP M276nw) printer with Airprint. I connect to the WLAN even the hp printer on the same IP range.
I can ping the printer from my android tablet, but I can never find the printer with a hp soft.
If I connect the printer even with the same compressed to a point of user access to home normal is all ok thing.
I think I have to configure something on my wlcs.
any ideas?
Thank you
It seems that v7.5 supports Hello on anchor. You might want to look at this thread
https://supportforums.Cisco.com/thread/2200019
Sent by Cisco Support technique iPhone App
-
Binding of the SSID authentication
Hi friends,
It is a query of wireless LAN design.
Components used
1 WLC Version 5.0
2. 1142 cisco access points
3 cisco ACS 1120
4 authentication: 802.1 x WPA.
I'm radio 2 SSID named (VLAN 10) HR & ADMIN (VLAN 20) in all points of access. Wireless clients Gets the IP address using the DHCP server.
The issue I'm facing when person ADMIN Select HR ssid, it uses its useraname / password and connect to the network and human resources able to access the resource
So, how to prevent the HR person uses his user name password to connect to the ssid ADMIN. The ultimate goal is, same HR employee selects ADMIN ssid, it should not get network access.
Please help me by sharing your valuable ideas
Kind regards
Sairam
Hi Sairam,
In the Radius access request, the WLC is including the following attributes (among others):
Called-Station-Id: this should come in the form of "(nom dele de mac: BSSID:SSID WLC)"
Airespace-WLAN-Id: this is the index of the WLAN through which the user connectsSo you could build an authentication (or authorization) rule in ACS that verifies if the Radius Airespace-WLAN-Id attribute has the same index as the SSID ADMIN (or Called-Station-Id contains the string "ADMIN") and, if so, and if the user belongs to the HR group (defined in ACS or AD, for example), only not authentication (or approval).
Hope this helps,
Fede
--
If this helps you or answers to your question if it you please mark it as 'responded' or write it down, if other users can easily find it.
Maybe you are looking for
-
I was wondering is there a tool that can save my favorites on the SD card?
-
Satellite L675 - how to change into another language (Windows 7)?
We recently bought a number of L675s with Windows 7 Home Premium. I installed it with the language = German, but a couple of our staff now came back and asked to have the English instead. The machines came with four languages (English, German, French
-
How can I recover my administrator account password
HOW TO RECOVER THE ADMINISTRATOR PASSWORD
-
Give a friend A Windows XP Instilation disk
I was wondering if this was allowed / legal to give someone a disk windows xp instilation WITHOUT a product key that they always there origional on your mobile as a friend lost his own drive, but it still has its own product key
-
Why my hp_recovery partition displayed as busy 80% but seems to be empty?
My Pavilion dv6985 has a hard drive of 250 GB almost complete after an upgrade to Win7 64 bit Vista due to a serious virus infestation. Also, the HP_recovery partition shows that almost complete but clicking on it and the record that there are shows