Help for wireless controller settings

Unanswered Question
Apr 17th, 2012

I setup cisco wireless controller 2500 connecting 2 Aironet APs, with windows 2008 NPS as radius server (server certificate installed), via

[WPA2][Auth(802.1X)], MAC Filtering

Now I have domain computer (laptop) connected to SSID which provides direct to the LAN dhcp server. That means my notebook got same ip range as when it connected to LAN.

The user used cached domain logon info to logon the computer, then the wireless profile started to connect with radius server which has User group policy.

Problem is the notebook (logon as normal domain user) browse \\"domain name" or any \\hostname will take 10 mins or more to pop up with "enter network password" or sometimes "The specified netwrok name is no longer avail"...

However ever if I simply \\192.168.2.x which is the host's ip address, I got list of share folders instantly.

And when I disable the wireless and connect to the LAN cable, I had no problem to browse any shared folders.

Is there any setting in wireless controller block anything? I did not configure anything on APs.

Help please as it had hold me several days of work.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
George Stefanick Tue, 04/17/2012 - 20:24

I dont think its the WLC. The WLC is a extension of the wired network. But it telling that it looks like something is going on.

A few things of interest

Is your DNS  valid when you connect to the wireless also what wireless supplicant are you using ?

gping2005 Wed, 04/18/2012 - 06:30

Problem fixed. Because I setup the 192.168.2.x as "virtual interface", which totally confused the WLC.

So what the hell the virtual interface is used?

Ven Taylor Wed, 04/18/2012 - 06:52

The virtual interface should be

The controller typically uses this interface for web redirect when using the web splash page (web auth).

The controller also uses as a virtual proxy for the actual DHCP server (if configured)

Make sense?


Scott Fella Wed, 04/18/2012 - 06:59

Just to add, it can be any ip address, just not an ip address that is routable internally in your network.


Scott Fella

Sent from my iPhone

nikhilcherian Wed, 04/18/2012 - 07:06

In the olden days IP was not made public, but now you can see this IP address in the internet, hence it is not advisable to use that for the virtual network.

Preferrably you can assign an IP in the 192.0.2.* range



George Stefanick Thu, 04/19/2012 - 09:57

To add to the virtual IP address drama

Since was given to someone. If you had a wieless user and they went to that specific web site that resloved to, the user would not get directed to that web site. The WLC would see as a connected route, thus you would hit the WLC.

warknite49 Thu, 04/19/2012 - 13:28

So how do I Create the other vans on the controller? Do you have a link to some documentation that explains how to do that.



Sent from Cisco Technical Support iPad App

gping2005 Sat, 04/21/2012 - 18:10

Hi, Ven,

If i setup dhcp pools on WLC for wlans, what is the dhcp server address for wlan interfaces? the management ip or virtual interf



Scott Fella Sat, 04/21/2012 - 18:22

Internal dhcp configured on the wlc, you will always use the management ip address for the primary dhcp on the interface.


Scott Fella

Sent from my iPhone


This Discussion