Have also tried changing the syslog settings on the controller but unsure how RRM information is pulled, assume via SNMP?
Still having this issue, appreciate if anyone else has experienced the same?
Regards
... View more
Greetings, id like to deploy some 1530i access points in bridge mode between two points located ~250m apart, however i'm unsure of the range these AP's will support using the internal antennas or whether the beam with is small enough to cover the distance, assume they will do several km but can anyone point me in the direction of a datasheet to confirm this please? Regards Edit: Think i may have answered my own question, internal antennas are omni's so probably looking at the external model!
... View more
Thank you for your reply Jon, yes wasnt looking to load balance but ensure that if we do exceed the maximum number of translations on the first IP address it will use the next pool member. Appreciate the validation. Regards
... View more
Greetings, we have a very busy guest/byod wireless network which has recently started to exceed 1000 clients on a regular basis, up until now it has worked without issue but have had reports that people are frequently unable to connect to the internet at peak times (Lunchtime etc) Investigations revealed that the WAN router (Cisco 3825) has started exceededing the maximum number of NAT/PAT translations on the external facing interface >65,000 - At one point it was showing as having 72,000 translations. As such i have decided to create a NAT pool to make use of additonal public address space that we have on our WAN breakout and to load balance PAT across several external IP addresses to counter the problem, however when i look at the NAT translations it still appears that i'm only overloading on the interface IP address and not load balancing ammougst all 5 external addresses in the NAT pool. WAN Breakout 213.**.**.32 /27 Interface configuration interface GigabitEthernet0/0 bandwidth 25000 ip address 213.**.**.33 255.255.255.224 ip nat outside ip virtual-reassembly in rate-limit input 25000000 4687500 9375000 conform-action transmit exceed-action drop rate-limit output 25000000 4687500 9375000 conform-action transmit exceed-action drop duplex full speed 100 media-type rj45 NAT configuration ip nat pool GUEST_WLAN 213.**.**.33 213.**.**.37 prefix-length 27 ! ip nat inside source list NAT pool GUEST_WLAN overload ! ip access-list extended NAT permit ip 192.168.16.0 0.0.7.255 any deny ip any any Debugs #sh ip nat translations | include 213.**.**.33 tcp 213.**.**.33:50630 192.168.16.6:50630 31.13.72.112:443 31.13.72.112:443 tcp 213.**.**.33:7309 192.168.16.6:50633 31.13.64.97:443 31.13.64.97:443 tcp 213.**.**.33:18769 192.168.16.6:51052 17.130.254.15:5223 17.130.254.15:5223 tcp 213.**.**.33:18747 192.168.16.6:51233 173.194.34.152:443 173.194.34.152:443 tcp 213.**.**.33:59589 192.168.16.6:51295 173.252.103.16:443 173.252.103.16:443 tcp 213.**.**.33:33720 192.168.16.6:51470 17.172.233.120:443 17.172.233.120:443 tcp 213.**.**.33:47715 192.168.16.6:51477 67.195.236.72:993 67.195.236.72:993 tcp 213.**.**.33:30787 192.168.16.6:51481 206.191.242.230:443 206.191.242.230:443 tcp 213.**.**.33:32230 192.168.16.6:51484 188.125.68.71:993 188.125.68.71:993 sh ip nat translations | include 213.**.**.34 tcp 213.**.**.52:51466 192.168.21.198:51466 17.149.32.57:443 17.149.32.57:443 tcp 213.**.**.34:52574 192.168.21.198:52574 173.252.103.16:443 173.252.103.16:443 --- 213.**.**.34 192.168.21.198 --- --- sh ip nat translations | include 213.**.**.35 --- 213.**.**.35 192.168.16.223 --- --- sh ip nat translations | include 213.**.**.36 --- 213.**.**.36 192.168.16.195 --- --- sh ip nat translations | include 213.**.**.37 --- 213.**.**.37 192.168.21.214 --- --- Really appreciate if someone could validate if this configuration is correct please? Would i be correct in assuming it wont load balance and will only utilise the pool members when the first one is exhausted? Regards
... View more
Cheers Steve, have altered my cos-dscp map to mls qos map cos-dscp 0 8 16 24 32 46 48 56 and the wired PC is now seeing incomming traffic from the wireless client as EF rather than CS5. Looking through mrncciew.wordpress.com to get a better understanding!
... View more
Have thus far had the following results One laptop connected to wireless, the other connected to wired LAN Wireless Laptop - 10.45.57.134 Wired Laptop - 10.45.35.13 Also using default COS-DSCP maps on switches Cos-dscp map: cos: 0 1 2 3 4 5 6 7 -------------------------------- dscp: 0 8 16 24 32 40 48 56 --------------------------------------------------------------------------------------------------------------- Capture on wired PC with Silver QoS profile and AVC profile enabled Source - Wireless Destination - Wired Traffic marked as CS2 --------------------------------------------------------------------------------------------------------------- Capture on wired PC with Platinum QoS profile and AVC profile enabled - Source - Wireless Destination - Wired Traffic marked as CS5 --------------------------------------------------------------------------------------------------------------- Capture on wireless PC with Silver QoS profile and AVC profile enabled Source - Wired Destination - Wireless Traffic marked as EF --------------------------------------------------------------------------------------------------------------- Capture on wireless PC with Platinum QoS profile and AVC profile enabled Source - Wired Destination - Wireless Traffic marked as EF --------------------------------------------------------------------------------------------------------------- If i remove the AVC profile all traffic is marked DSCP default in both directions however QoS settings havent been pushed out via GPO for our Lync deployment
... View more
Greetings, we have two 5508 WLC's in our HQ, all AP's connected in local mode and heavily use MS Lync over wireless. We have 5 SSID's configured for various functions, one of which is the corporate SSID which users associate to by default, at present the QoS policy is set on all WLAN's to Silver. Based on information from various sources and tech docs from Cisco i have thus far created the following AVC profile and applied it to the Corporate WLAN to identify Lync traffic and mark it accordingly Set WMM on the WLAN to required. And configured 802.1p settings on the Silver QoS profile I have also configured the switch ports connected to the WLC's to trust COS (mls qos trust cos) all switch interconnects/uplinks to trust DSCP (mls qos trust dscp) and all access ports connected to lighweight AP's to trust dscp. Now this is where i start to get confussed: Do i need to enable 802.1p if using AVC profiles to correctly classify traffic? Or based on some post just set the corporate SSID to use the Platinum QoS profile, leave all others as Silver? Any recomendations would be appreciated. Regards
... View more
Afternoon Scott, sorry just one more question. Under the AP configuration theres an option to enable "VLAN Support" which looking at the documentation defines WLAN > VLAN mappings, as per screenshots below i have already done this under the FlexConnect Group configuration - is it necessary to configure this on both the AP and in the FlexConnect group? Ive tested one of the SSID's and it works without specifying additional config on a per AP basis although i was only advertising one SSID at the time. Also the switchport that connects to the AP is configured with the correct native VLAN to assign the AP a management address, all WLAN's are attached to different VLAN's interface GigabitEthernet1/0/1 switchport trunk encapsulation dot1q switchport trunk native vlan 390 switchport mode trunk switchport nonegotiate spanning-tree portfast trunk Appreciate your help!
... View more
Thank you for your reply, What im aiming for is the following on the controller - 6 WLAN Profiles in total Central site, central switching WLAN Profile - CORP - SSID - CORP WLAN Profile - GUEST - SSID - GUEST WLAN Profile - BYOD - SSID - BYOD Remote Site, FlexConnect Local Switching WLAN Profile - FC_CORP - SSID - CORP WLAN Profile - FC_GUEST - SSID - GUEST WLAN Profile - FC_BYOD - SSID - BYOD Assign all central site AP's to AP Group "CENTRALSITE" - Associate central site WLAN profiles with AP Group Assign all remote site FlexConnect AP's to AP group "FLEXCONNECT" - Associate remote site WLAN profiles with AP Group Create single FlexConnect Group and assign all FlexConnect AP's to group Alternatively am i going about this wrong and in fact you can configure a single SSID to support both central switching (tunneled via controller) and local switching using FlexConnect which would mean i only have to configure 3 WLAN profiles enabled for FlexConnect Local Switching. As per the image attached this is an SSID that is currently pushed out to all lightweight AP's, if i select "FlexConnect Local Switching" will this stop clients tunneling traffic via the controller and attempt to switch it locally or does it only apply to AP's that are specifically configured for FlexConnect mode? Regards -
... View more
Thank you for your replies, i had specified the 2602E as we need to mount the access points on a vertical rather than horizontal surface approximately 3 meters off the ground and wanted to have better control over RF dispersion. If you say that the 2602i will work happy adopt that approach. Will be deploying the AP's in the UK hence the "E" designation. Regards
... View more
Greetings, i'm looking to deploy two Cisco 5508 WLC's in a HA pair and license them to support 150 2600e AP's. Would the BoM below be sufficient? As i understand the HA controller doesnt need licensing as in the event of the primary controller failing they would be transfered to the backup controller. 15 x AIR-CAP2602E-EK910 - AP's 600 x AIR-ANT2524DW-R - Antenna 1 x AIR-CT5508-100-K9 - Cisco 5508 Controller (Primary) 1 x AIR-CT5508-HA-K9 - Cisco 5508 HA Controller (Standby) 1 x L-LIC-CT5508-50A - Adiitional 50 AP License Regards
... View more