Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Guest Wireless with a pix

Hello All,

I have a WLC 4402 with 20 AP's. I currently use it only for my internal Lan and everything works great.

I would not like to add "Guest Wireless" SSID, so I connect a Cisco PIX501 to the second port. For what ever reason

I have no Layer two connectivity between the pix and port. The interfaces are obviously configured on seperate vlans

but my question is, whats the best way to troubleshoot this connectivity issue ? I have removed any Vlan tagging also

on the port. Any help would be appreciated.

Thanks

Colin

14 REPLIES

Guest Wireless with a pix

Hi Colin,

Some assumtions. You mentioned "port", I am assuming you WLC is NOT configured as LAG, correct?

You created a dynamic guest interface. Did you point this interface to the correct port on the WLC? ?

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
New Member

Guest Wireless with a pix

Correct, its not configured as a LAG.

Yes I pointed the dynamic guest interface to port 2. I have been doing some reading and see that there is a requirement between the WLC and PIX using a trunk port. I may try and plug in a Cisco switch between, to see if that helps.

Do I really need a trunk, if I am only passing the one guest vlan ?

Guest Wireless with a pix

You shouldnt need a truck from a WLC perpsective. Although I am not a PIX guy to be honest. I have my guest access layered into a switch and then our ASA. I would put a swicth inbetween the 2 boxes as you suggested for starters. Make sure from the switch you can hit the guest interface to insure the WLC is good.

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
New Member

Guest Wireless with a pix

So I added the L2 switch in between the Pix and WLC, but I am still having the same issue. I am still unable to ping the interface.

Whats really odd, if I connect a laptop with a static ip to the second interface on the WLC I can ping fine. But if I connect the WLC to a PIX or switch I am unable to ping... what the heck ?

Guest Wireless with a pix

Your switch port that your laptop was on is in the same vlan as your WLC port 2 ? What vlaue (vlan number) do you have in your dynamic interafce for your guest ?

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
New Member

Guest Wireless with a pix

I have two vlans on the WLC.

vlan 250 for Internal Users and vlan 400 for Port 2 (Guest Vlan)

New Member

Guest Wireless with a pix

On the switch, have you created the guest vlan and assign switchports to this vlan.  For testing you will need three ports configured on the switch for this vlan.  1) to the controller 2) to the pix 3) laptop for testing.  You might have to configure the port going to the controller as a trunk.

Guest Wireless with a pix

Assuming your L2 is right on the switch .. You should be able to hit the guest interface from your laptop... All are in the same VLAN correct ...

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
New Member

Guest Wireless with a pix

George - Yes this is correct, the L2 is the switch. I can confirm that the switch and pix are working properly, because if I plug in my laptop into any port on the switch I can get internet access through the pix. When I plug in port 2 from the WLC, I dont even receive a link light on the switch from the WLC. I have changed the cables also. Is it possible that port security is creating this from the WLC ?

Colin

Guest Wireless with a pix

Can you post the show run-config

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________

Guest Wireless with a pix

On your PIX, is it a 10/100 port or is it 10/100/1000?  The WLC only does 1000, and doesn't negotiate.

HTH,

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered

Guest Wireless with a pix

OH CRAP! Great point Steve !

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
New Member

Guest Wireless with a pix

Hey Guys,

The Pix is a 506e and yes its a 10/100 no 1000.

Wow this is a big discovery, thanks guys. I also have an ASA here which I will try, I will let you know how that works.

Colin

New Member

Guest Wireless with a pix

Hey Guys,

Unbelievable - I plugged in a 1000 T switch and everything is now up and running.

Thanks so much for all your help.

Cheers

Colin

746
Views
0
Helpful
14
Replies