I have a need to vlan tag traffic between my wlc and aps. I see where you can set this under controller -> interfaces -> management and ap-manager interfaces and vlan identifier. My question is...once this is done, how does the ap know to tag its traffic bound for the wlc? Is there a command I need to run on the ap? Or is there something I can do in the wlc software?
I would use a separate vlan identifier for the APs from my client SSID/WLANs. For the WLANs add a dynamic interface for each in the subnet it exists. Make sure to tag the appropriate vlan tag here. You can do the same thing for the APs on the mgt and AP mgr interfaces. Make sure all ports on the switches are trunked for appropriate vlans. oOnce this is done the APs get their configuration from the controller. You only must insure that they can discover the controller. You can achieve this through the use of option 43, DNS discovery, or priming the APs.
That's what I gathered from cisco's site when they said that lwapp ap's dont understand vlan tagging. So I just set them up in another subnet and used dns to find the CISCO-LWAPP-CONTROLLER. I have two wlans, one is a guest wlan that uses the cisco controller to authenticate. That one is working great with the new ap's. The other..however uses a microsoft ias server for auth. and that doesn't seem to be working with the new ap's in the other subnet. It does work fine with the other ap's though. Is there something I overlooked?
You should be connecting your APs to access ports, not trunks; so VLAN tagging is irrelevant (even if you were to tag it the switch would overwrite). The VLANs where clients are terminated are all defined on the WLCs (which is the client data ingress/egress point).
I'd double-check your RADIUS and IAS configuration, you should have only a single client for each WLC defined in your RADIUS server, and need only one RADIUS server defined on any given WLC (although once you have it working you should setup a secondary for redundancy). Remember, it's not the APs that are performing authentication, it's the WLCs.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...