WLC lost wireless networks

Answered Question
Nov 2nd, 2011
User Badges:

I have 2 4402 WLC's and a central office and was trying to configure an H-Reap Ap but now the entire wireless network is down. Clients arent getting IP's. I cant see anything that is wrong but things are not working like they should. Please help.

Correct Answer by Scott Fella about 5 years 9 months ago

If you plan on putting users on a different vlan at the remote (h-reap) sites, then you need to change the switchport the AP's are connected to. In h-reap you are no longer tunneling traffic if you setup local switching on the WLAN. It will be like an autonomous AP per say. Traffic gets dumped out to the switch the ap is connected to.


Sent from my iPhone

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
George Stefanick Wed, 11/02/2011 - 07:28
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

Robert,


Can you share how you are deisgn is today? How many aps and were they HREAP already ? Did they fail when you when to HREAP .. ?

rlaudicina Wed, 11/02/2011 - 07:29
User Badges:

Ok so I found that If I turned off H-Reap on the AP's and then on the WLANS the wireless is working again. I'm not sure why this is since the ap's are supposed to be hreap compatible.

rlaudicina Wed, 11/02/2011 - 07:33
User Badges:

Yes, I have a central office with 2 4402 WLC's. And 25 remote offices with 1-3 1142ap's. I just upgraded one of my 1141 AP's to a 3502 and enablde H-Reap in it. After some reading I learned that the WLAN's and AP's should all be configured for H_Reap instead of local but this is what broke the network. I could see the wireless but not get an IP address.


What I am trying to accomplish eventually is to use local DHCP server as the remote offices so that each client is assigned an IP off the local subnet instead of one big subnet here at corporate. It looks like H-Reap is the way to do this but I am having trouble figuring out how to configure it. Any advice would be appreciated.

Scott Fella Wed, 11/02/2011 - 07:45
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

That is weird. You should be able just to change the mode to h-reap with no issues at all. What I'm thinking is you might of had enabled h-reap local switching and then enabled h-reap. If that is what you did, you need to go into the AP and then click on the H-REAP tab on the AP. You need to configure the switch port to a trunk and allow only the ap managent vlan and any other vlans that you want for wireless. Then in the H-REAP tab on the AP, enable vlan support and set you management vlan and hit apply. I back into the H-REAP tab on the AP and click vlan mapping. Here you will define what ssid you want to map to what vlan. You will only be able to do this if you have H-REAP local switching enabled on the WLAN SSID in the advanced tab.


Hope this helps.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 07:57
User Badges:

yes I had H-Reap local Switching configured but had to turn this off to get the system working again. I thought that I could implement H-Reap without having to use vlan tagging and was hoping to just get the AP's into H-Reap mode and then do the VLan stuff later but I keep running into problems.

Scott Fella Wed, 11/02/2011 - 08:01
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

You should have any issues. If you don't have h-reap local switching on any of your wlan's then you should be able to switch from local to h-reap with no issues. I do that all the time.


Test with an AP local to the WLC.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:03
User Badges:

I actually did have local switching turned on but it is now off, Dont I want local switching and Auth?

Scott Fella Wed, 11/02/2011 - 08:06
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Do things one at a time.


Enable local switching on the WLAN should not break your current setup especially if your AP's are in local mode. It the same if you don't have local switching enabled and you switch from local to h-reap.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:21
User Badges:

OK so I changed all AP's to Local and enabled Local switching but NOT local Auth on the Wlans and everything appears to still be up.

Scott Fella Wed, 11/02/2011 - 08:23
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

What do you mean by local auth on the WLAN?


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:25
User Badges:

Under the Advanced tab on the WLan configuration there are two check boxes H-Reap Local switching

and H-Reap Local Auth. This is where I enabled Local Switching but not Local Auth. Is this incorrect?

Scott Fella Wed, 11/02/2011 - 08:27
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

You only need local switching.


Sent from my iPhone

Scott Fella Wed, 11/02/2011 - 08:30
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Don't enable local auth. Just local switching and learn client ip address.


Sent from my iPhone

Scott Fella Wed, 11/02/2011 - 08:25
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

So what you need to do now is setup your switchport to a dot1.q trunk and setting the native vlan on the trunk to the vlan the ap management ip is on. Let me know when you have done that and if everything is still okay.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:34
User Badges:

Ok so I am good so far then no local Auth, But I dont see anything saying learn ip address. I am working on how to get tinto the 6500 catalyst to configure the port. This is the port that the WLC plugs into I assume?

Scott Fella Wed, 11/02/2011 - 08:37
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Okay... Don't worry about that. Depends on the code.


You need to configure the port the access point is connected to not the WLC.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:41
User Badges:

Sorry I am confused here,Do I then have to configure ALL switch ports that are connected to AP's ? BTW its a 4510R not a 6500. I thought I needed to configure the ports that the WLC's connect to on the Core switch.

rlaudicina Wed, 11/02/2011 - 08:43
User Badges:

So if i am understanding correctly, in order to enable H-Reap company wide I will have to configure each switch port that conects to an AP for dot1q?

Scott Fella Wed, 11/02/2011 - 08:48
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Yes, unless you want users to be placed on the ap management vlan.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:52
User Badges:

This is what I was going to do oribinally, but If I understand correctly this wont allow me to use local DHCP servers and this is what was breaking my wireless when I tried it.

Scott Fella Wed, 11/02/2011 - 08:56
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

When you say local, you mean local to the site where the h-reap ap is located at. Again, you will need to create vlans for the wireless users, assign ip helper to the vlan interface, an make sure you have a dhcp scope created.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 09:02
User Badges:

yes I mean the local network the AP is attached to. Ok so I will choose one site and enable dot1.q on the port of the local switch that the AP plugs into. I will then have to create a new vlan for that site and configure a dhcp scope and helper address. Then I can enable the H-reap on the AP.


Repeat for each site....do I have it now? thanks for your patience BYW, just thrown into this and is not really my area.

rlaudicina Wed, 11/02/2011 - 09:06
User Badges:

Also, each site currently has its own vlan, could I not use the existing VLAN at the site? or do I need to create a new one?

Scott Fella Wed, 11/02/2011 - 09:10
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

It is always best to separate wireless from wired. If you can create new vlans.


Sent from my iPhone

Scott Fella Wed, 11/02/2011 - 09:09
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Once you are done with the switchport configuration then you will need to click

on the ap and then there will be an h-reap tab. Click that tab and then enable vlan support and put your native vlan there. And then click on the vlan mappin and enter you vlan for each WLAN ssid that you have set local switching to.


That's it.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 09:14
User Badges:

Awesome thank you very much....now I just have to figure out how to determine which ports the AP's are plugged into and then I am off.

Scott Fella Wed, 11/02/2011 - 09:16
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

You can do a show ap cdp neighbor all from the cli of the wlc.


Sent from my iPhone

rlaudicina Mon, 11/07/2011 - 09:35
User Badges:

Ok so I have configured the switchport with the Native Vlan. I enabled H-Reap on the ap that is connectd to the switch and assigned a Vlan ID to the Vlan ID field. I see the Vlan Mapping table now. If I change the Vlan ID from 1 to the new vlan setting, will this only apply to this AP? I want to make sure I dont break anything thats currentl;y worknig.

Scott Fella Mon, 11/07/2011 - 11:48
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

It only applies to that AP so you will be fine.


Sent from Cisco Technical Support iPhone App

Correct Answer
Scott Fella Wed, 11/02/2011 - 08:47
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

If you plan on putting users on a different vlan at the remote (h-reap) sites, then you need to change the switchport the AP's are connected to. In h-reap you are no longer tunneling traffic if you setup local switching on the WLAN. It will be like an autonomous AP per say. Traffic gets dumped out to the switch the ap is connected to.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:50
User Badges:

Ok then so I can remote into one of the branch switches, determine which port the AP in plugged into and then configure that port for dot1.q and then emable H-Reap on THAT AP? without causing any further issues?

Scott Fella Wed, 11/02/2011 - 08:52
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Yes correct. The ap will disconnect while you make the change but should come right back up.


Sent from my iPhone

rlaudicina Wed, 11/02/2011 - 08:55
User Badges:

Is there any forther configuration that I need to do on the WLC or otherwise? I have several sites to do this on, would I need to create actual VLANs?

Scott Fella Wed, 11/02/2011 - 08:56
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Yes you do.. See my other post.


Sent from my iPhone

rlaudicina Mon, 11/21/2011 - 12:20
User Badges:

Finally was able to deploy the first H-Reap AP out to a remote sitr and remote switching works perfectly !!! Thanks Scott!!

Scott Fella Mon, 11/21/2011 - 13:01
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Good job!


Sent from my iPhone

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode