I have a controller running 126.96.36.199 with AP's (3502i) in HREAP mode using local switch and local auth. HP's are also in HREAP groups.
I am have some issues gathering statistics. When HREAP is not used (AP's in local mode) a large amount of information about clients can be gathered on the controller or NCS, IP address, 802.1x username, RSSI, SNR etc. This is extremely useful for troubleshooting. I've noticed when in HREAP mode, at best I can get see a client IP and mac address from the controller, although the IP address is often displayed as 0.0.0.0 when the client has a valid IP address on the device and by checking associations on the AP. Clients are operating fine on the network but all client statistics on the controller are listed as either 0 (bytes sent, recieved etc) or unavailable (SNR, RSSI), while its not displayed on the controller the info can be gathered from the AP's by checking the hreap associations. Why is this info missing from the controller and NCS?
I don't see that issue unless I'm anchoring the WLAN or the users is not Authenticated. I can see the statistics of my clients connected to any of the H-REAP AP's fromt he WLC and WCS. These AP's are not in any H-REAP groups it is configured for central authentication. Try to see if you can test on an AP that isn't part of any h-reap group, have a device associtae and fully authenticate and see if you see any data.
I cant really take the AP's out of the HREAP group at the moment as I need to use local authentication (AP is the authenticator against RADIUS-802.1x). I perfomed a full authentication, got connectivity but this is all I see for client information (2nd image), as you can see the statistics are blank and remain blank. As mentioned if I sun "show capwap reap association" from the AP, the statistics (SNR, RSSI etc) are there.
I found if I kept the AP in the HREAP group but unselected "H-REAP Local Auth" from the WLAN (see image), it would bring the client statistics through to the controller. In this configuration the controller is the authenticator, which is not desirable in my scenario as I want the AP's to be the authenticators as the RADIUS server's are in the branch office's. Is this a limitation or a bug? Is there anyway of seeing client statistics on the controller when using H-REAP Local Auth?
That makes sence since the AP is doing the auth and no information is going back to the WLC. Its just like anchoring an SSID, you willnot see the client staticstics on the foreing WLC since that WLC isnot handling the real connection.
Some information does go back to the WLC (mac, IP address and some other info), just not the statistics. I dont really understand why as surely those client statistics are seperate to the authentication. This limitation isnt mentioned anywhere, is it something Cisco are likely to improve, can it be requested?
As far as I know, if your FlexConnect APs WLAN is locally switched, traffic does not come back to the WLC so statistics does not come back to the WLC. Centrally switched or local APs can see statistics.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...