I am trying to setup two SSID -one being the guest wireless (let's say 22.214.171.124/24) and the other one being the wireless for internal users (let's say 10.1.1.0/24). The problem I am facing is re: the multiple interfaces and/or LAG on the 2504 controller
The current setup is ASA(DMZ interface 1 126.96.36.199/24) is connected to AP as a trunk
ASA(Inside interface 2 10.1.1.0/24) is connected to netgear switch (L3 managed) as a trunk
WLC is connected via port 1 and 2 to netgear switch as LAG
ASA inside has DHCP and all clients will get a valid DHCP lease 10.1.1.10-10.1.1.30
Because of the existing design, the management address of WLC and AP are 10.1.1.0/24 and 188.8.131.52/24 respectively .However, once I configure the LAG on the 2504 controller I am not able to manage my WLC anymore (being connected to the netgear switch directly with ip 10.1.1.11)
Any recomendation of the setup? This is the first time I am setting up a wireless cisco controller so any recommendation would be welcomed.
Should the AP and WLC be on the same subnet?If yes should they be on the "inside" or the "DMZ" interface or it doesn't really matter?
On the old WLC models like 2100, 2006,4400 had to configure the management interface for managing the WLC and the AP manager so that the APs could create the LWAPP or CAPWAP tunnel to the WLC.
On the new model of WLCs like the 2500,5508 the AP manager interface is not required, the management interface if it has the check for dynamic interface it will work at the same time as the AP manager interface.
I've connected port 1 of the controller to the netgear as access port (that would take a 10.1.0.x address which will act as a management port as well). Port 2 of the controller would be connected directly to the DMZ port of the ASA in order to get a 172.1.1.x address and be used for GUest Wifi. For simplicity I will connect the AP to the same L2 as the Controller (10.1.1.x network) . However , If I try to create another interface for the internal clients for the same subnet I get a subnet configuration error (tried to add interface "internal clients" but becasue of the ip/subnet conflict the WLC reset them to 0.0.0.0 )
(Cisco Controller) >show interface summary
Number of Interfaces.......................... 4
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
inside-clients 1 10 0.0.0.0 Dynamic No No <-if I try to configure ip ,it conflicts with management interface
management 1 untagged 10.1.1.16 Static Yes No
virtual N/A N/A 184.108.40.206 Static No No
Am I right to assume that I can map the management interface to the SSID to act as the internal clients subnet even though traffic between controller and netgear is untagged? I've managed to set up the SSID (using the management interface thought ) and got internal IP from ASA DHCP
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...