Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSID Question

I have Location A, which includes, among other thngs, a pair of 5508 WLCs running 7.2.  On these WLC, I have a number of APs and a hidden SSID xyzzy, which is controlled via Active Directory group policy.  If your device is a member of the domain, you see this network with a label which is in AD.  I'll call the label FRED.  If your device is not inthe domain, yuou see neither the SSID xyzzy, as it is not advertised, nor the label FRED, as the group policy is not applied to your machine.

This is all great and wonderful and works as planned.  So now I have location B, which includes a 2505 WLC, and a handful of access points.  Users at location B have the option of running wired or wireless.  If they are wired, they get full domain access, just likethey are in Location A.  However, if they attempt to access via wireless, instead of FRED, they see FRED 2, which shows up as a Work network, but unauthorized.  They get an IP (via DHCP), but cannot access anything.I'm pretty sure I have all of the ACLs and firewalls set correctly, but I can't find any messages one way or the other that the traffic is being blocked at the firewall.

Any obvious things I should look at?  I'm notthat familiar with the WLC logging capabilities, but I suppose I should start there.

5 REPLIES

Re: SSID Question

If the client is in a run state, and you have no ACL on the WLC, I'd span the port the controller is connected to.

Make sure the port is a dot1q trunk and is allowing all the vlan the users are on

Steve

Sent from Cisco Technical Support iPhone App

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
New Member

Re: SSID Question

Hmmm.  That could be the issue for SIte B.  At present, the Wireless controller has two active ports.  Port 1, is on VLAN 13, and it represents my management traffic.  Port 2 is on VLAN 15, and it represents the traffic for the SSID in question.

However, both ports 1 & 2 are connected directly to an ASA 5505, ports 1 & 2 respectively.  ASA port 1 is also on VLAN 13, and ASA port 2 is on VLAN 15.  The APs are connected to the ASA port 4 via some C2960 access switches.  The ASA port 4 is also on VLAN 15.

None of the VLANs are configured on the access switches.  The ASA is the only routing device at Site B.  Here's the diagram.  I didn't design it.  I've Added VLAN 15 to port 4 on the ASA.

Silver

SSID Question

Isn't it a Network Location Type related issue? I mean Windows behaviour.

New Member

SSID Question

I'm not sure.  I know that it still doesn't work. I think it has something to do with the two controllers at SIte A are synched to NCS and the one controller at Site B was added on.  I think I need to investigate the whole template thing in NCS and attempt to convince it thatthe three controllers (which are of different models and OS versions) are all on the same team.

If there is something in Windows that might threat the SSID as two distinct entities, I haven;t been able to figure that out.  I know that if a user machine from Site B comes to Site A, the SSID works fine.  Alternatively, if a user from Site A travels to Site B, the SSID shows up as FRED 2 unathenticated network.  It's all the same domain, OUs, etc...

New Member

SSID Question

Is this happening in all the laptops/clients ?

You just need to left click on the little house icon and then you can change the name of the network. Very simple if that is the only problem....

And try if it works or not.

307
Views
0
Helpful
5
Replies
CreatePlease login to create content