Help for wireless controller settings

Unanswered Question
Apr 17th, 2012

I setup cisco wireless controller 2500 connecting 2 Aironet APs, with windows 2008 NPS as radius server (server certificate installed), via

[WPA2][Auth(802.1X)], MAC Filtering

Now I have domain computer (laptop) connected to SSID which provides direct to the LAN dhcp server. That means my notebook got same ip range as when it connected to LAN.

The user used cached domain logon info to logon the computer, then the wireless profile started to connect with radius server which has User group policy.

Problem is the notebook (logon as normal domain user) browse \\"domain name" or any \\hostname will take 10 mins or more to pop up with "enter network password" or sometimes "The specified netwrok name is no longer avail"...

However ever if I simply \\192.168.2.x which is the host's ip address, I got list of share folders instantly.

And when I disable the wireless and connect to the LAN cable, I had no problem to browse any shared folders.

Is there any setting in wireless controller block anything? I did not configure anything on APs.

Help please as it had hold me several days of work.

Thanks.

GPING

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (4 ratings)
George Stefanick Tue, 04/17/2012 - 20:24

I dont think its the WLC. The WLC is a extension of the wired network. But it telling that it looks like something is going on.

A few things of interest

Is your DNS  valid when you connect to the wireless also what wireless supplicant are you using ?

gping2005 Wed, 04/18/2012 - 06:30

Problem fixed. Because I setup the 192.168.2.x as "virtual interface", which totally confused the WLC.

So what the hell the virtual interface is used?

ven.taylor Wed, 04/18/2012 - 06:52

The virtual interface should be 1.1.1.1

The controller typically uses this interface for web redirect when using the web splash page (web auth).

The controller also uses 1.1.1.1 as a virtual proxy for the actual DHCP server (if configured)

Make sense?

Ven

Scott Fella Wed, 04/18/2012 - 06:59

Just to add, it can be any ip address, just not an ip address that is routable internally in your network.

Thanks,

Scott Fella

Sent from my iPhone

nikhilcherian Wed, 04/18/2012 - 07:06

In the olden days 1.1.1.1 IP was not made public, but now you can see this IP address in the internet, hence it is not advisable to use that for the virtual network.

Preferrably you can assign an IP in the 192.0.2.* range

Thanks

NikhiL

George Stefanick Thu, 04/19/2012 - 09:57

To add to the virtual 1.1.1.1 IP address drama

Since 1.1.1.1 was given to someone. If you had a wieless user and they went to that specific web site that resloved to 1.1.1.1, the user would not get directed to that web site. The WLC would see 1.1.1.1 as a connected route, thus you would hit the WLC.

warknite49 Thu, 04/19/2012 - 13:28

So how do I Create the other vans on the controller? Do you have a link to some documentation that explains how to do that.

Thanks,

Tony

Sent from Cisco Technical Support iPad App

gping2005 Sat, 04/21/2012 - 18:10

Hi, Ven,

If i setup dhcp pools on WLC for wlans, what is the dhcp server address for wlan interfaces? the management ip or virtual interf 1.1.1.1?

Thansk.

GPING

Scott Fella Sat, 04/21/2012 - 18:22

Internal dhcp configured on the wlc, you will always use the management ip address for the primary dhcp on the interface.

Thanks,

Scott Fella

Sent from my iPhone

Actions

Login or Register to take actions

This Discussion

Posted April 17, 2012 at 6:54 PM
Stats:
Replies:10 Avg. Rating:5
Views:670 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard