Solved: Re: WLC 2504 can't access GUI...

Zahan Al-Rashid · ‎11-12-2013

Hi All,

I am not sure what I have been doing wrong, the 2504 itself only has 4 ports and no management port but I have heard it is actually port 1 (even though there is no labels for it). This is what I have done so far to try and access the GUI:

in CLI mode I have

1) put AP managament address as 10.151.55.129 255.255.255.224;

2) I have enabled adminmode on port 1 which I am assuming is management port and enabling admin mode is the same as "no shut" on switches I assume; here is the command I entered:

(Cisco Controller) config>port adminmode 1 enable

3) enabled HTTPS/HTTP via commands:

(Cisco Controller) config>network secureweb enable

(Cisco Controller) config>network web-auth secureweb enable

(Cisco Controller) config>network webmode enable

4) I then did reset system and checked that changes have taken place using show network summary as shown below. I have also enabled mgmt-via-dynamic interface to see if it makes any difference:

RF-Network Name............................. TEST_WIFI

Web Mode.................................... Enable

Secure Web Mode............................. Enable

Secure Web Mode Cipher-Option High.......... Disable

Secure Web Mode Cipher-Option SSLv2......... Disable

Secure Web Mode RC4 Cipher Preference....... Disable

OCSP........................................ Disabled

OCSP responder URL..........................

Secure Shell (ssh).......................... Enable

Telnet...................................... Disable

Ethernet Multicast Forwarding............... Disable

Ethernet Broadcast Forwarding............... Disable

AP Multicast/Broadcast Mode................. Multicast Address : 225.225.225.225

IGMP snooping............................... Disabled

IGMP timeout................................ 60 seconds

IGMP Query Interval......................... 20 seconds

MLD snooping................................ Disabled

MLD timeout................................. 60 seconds

MLD query interval.......................... 20 seconds

User Idle Timeout........................... 300 seconds

ARP Idle Timeout............................ 300 seconds

Cisco AP Default Master..................... Disable

AP Join Priority............................ Disable

Mgmt Via Wireless Interface................. Disable

Mgmt Via Dynamic Interface.................. Enable

Bridge MAC filter Config.................... Enable

Bridge Security Mode........................ EAP

Mesh Full Sector DFS........................ Enable

AP Fallback ................................ Enable

Web Auth CMCC Support ...................... Disabled

Web Auth Redirect Ports .................... 80,1

Web Auth Proxy Redirect ................... Disable

Web Auth Captive-Bypass .................. Disable

Web Auth Secure Web ....................... Enable

Fast SSID Change ........................... Disabled

AP Discovery - NAT IP Only ................. Enabled

IP/MAC Addr Binding Check .................. Enabled

CCX-lite status ............................ Disable

oeap-600 dual-rlan-ports ................... Disable

oeap-600 local-network ..................... Enable

mDNS snooping............................... Disabled

mDNS Query Interval......................... 15 minutes

5) I have setup my LAPTOP NIC to be 10.151.55.20 255.255.255.224 and connected it to port 1 on wlc 2504; but I can't ping 10.151.55.29 nor can I browse to https://10.151.55.29/. The port does appear up (green lights flashing on port 1 and laptop NIC also flashing).

Any help would be appreciated

Scott Fella · ‎11-13-2013

If your connecting your laptop direct to port 1, then you need to untagged the management vlan. Right now you have that configured for vlan 10, you need to set that to vlan 0.

Then you will be able to ping the management interface and connect to it via the GUI.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

Sandeep Choudhary · ‎11-12-2013

Hi Zahan,

(WLC) >config network webmode enable

(WLC) >config network secureweb enable

You must reboot for the change to take effect.

If you are still having the issue then try these 2 commands and check it.

config network mgmt-via-wireless enable

config network mgmt-via-dynamic-interface enable

Hope it helps.

Regards

Rasika Nayanajith · ‎11-12-2013

if it still not working post the below outputs

1. WLC : show interface detailed management

2 SW : show run interface x/x (x/x- sw interface connected to WLC port 1)

HTH

Rasika

ZaidShaikh · ‎06-29-2016

Hi guys,

I am facing one issue with cisco 2504 software ver 8.1.131.x, when am Enabling LAG on the wlc, the wlan interfaces are then mapping with the management interface which is untagged,

also if i try to tagged the mgmt interface, am not able to access the controller thru the network(meaning from the switch) . Attached snapshot

Rasika Nayanajith · ‎06-29-2016

Did you try to change those dynamic interfaces mapping after enabling LAG ? If not try it out.

It is better to start a new thread for your issue

HTH

Rasika

*** Pls rate all useful responses ***

ZaidShaikh · ‎07-03-2016

Dear Rasik,

Issue resovled ! I enabled LAG then reboot, and manually changed the wlan interfaces to their respective ones. also mgmt interface i tagged and able to access thru switch as well. Thanks for the insights.

ZaidShaikh · ‎07-03-2016

Hi Rasik,

I am having around 300, 3700i APs out of which 170 is showing on the 8510 wlc, the hindrance am facing is that those APs which are not associated with WLC is actually connected with their access switches and from the switch i am able to ping my DHCP server which is Infoblox, but the APs are not getting the IP address. I tried the switch port shut and no shut, verifed the dhcp scopes and option 43 on the dhcp server(infoblox), but still the APs are just powered on but not getting the IP address. I also tried connecting my laptop on the same AP port on the switch , the laptop gets the IP immediately.

Can anybody has any insight where am losing or i left somtheing to config/ verify on any concerned devices??

I tried putting console into the AP and a message appears as " WLC could not discover, Renewing DHCP IP".

But am not able to see the IP , which its renewing, can you explain what am missing exactly?

dannyg8890 · ‎04-12-2018

Hello,

I cannot ping my wireless controller, below is the output for my management IP:

Interface Name................................... management
MAC Address...................................... bc:c4:93:17:7c:8f
IP Address....................................... 192.168.30.10
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 192.168.30.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
Link Local IPv6 Address.......................... fe80::bec4:93ff:fe17:7c8f/64
STATE ........................................... REACHABLE
Primary IPv6 Address............................. ::/128
STATE ........................................... NONE
Primary IPv6 Gateway............................. ::

Primary IPv6 Gateway Mac Address................. 00:00:00:00:00:00
STATE ........................................... INCOMPLETE
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Active Physical Port............................. LAG (13)
Primary Physical Port............................ LAG (13)
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. 192.168.1.2

Zahan Al-Rashid · ‎11-13-2013

Hi Guys,

Sandeepchoudhary21 - I tried what you have suggested but still not able to access GUI.

Rsaikanayanajith - details of interface below; it is not connected to a switch. It's current stand alone and I am trying to access GUI via port 1.

(Cisco Controller) >show interface detailed management

Interface Name................................... management
MAC Address...................................... f0:29:29:89:35:af
IP Address....................................... 10.151.55.29
IP Netmask....................................... 255.255.255.224
IP Gateway....................................... 10.151.55.30
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 110
Quarantine-vlan.................................. 0
Active Physical Port............................. LAG (13)
Primary Physical Port............................ LAG (13)
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. 10.151.55.29
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast..................................... Enabled

Kashud Aftab

Those links are not for 2504; I can access GUI on other models of WLC via Service port but this one has none.

kaaftab · ‎11-12-2013

kindly check the following link for reference

http://www.youtube.com/watch?v=RzZCu-_6Q1k

http://araihan.wordpress.com/2010/04/30/complete-guide-to-build-a-cisco-wireless-infrastructure-using-cisco-wlc-5500-cisco-1142-ap-and-microsoft-radius-server/

http://blog.beroot.ch/wp-content/uploads/2012/09/b_cg73.pdf

Zahan Al-Rashid · ‎11-13-2013

Hi Guys,

Sandeepchoudhary21 - I tried what you have suggested but still not able to access GUI.

Rsaikanayanajith - details of interface below; it is not connected to a switch. It's current stand alone and I am trying to access GUI via port 1.

(Cisco Controller) >show interface detailed management

Interface Name................................... management
MAC Address...................................... f0:29:29:89:35:af
IP Address....................................... 10.151.55.29
IP Netmask....................................... 255.255.255.224
IP Gateway....................................... 10.151.55.30
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 110
Quarantine-vlan.................................. 0
Active Physical Port............................. LAG (13)
Primary Physical Port............................ LAG (13)
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. 10.151.55.29
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast..................................... Enabled

Kashud Aftab

Those links are not for 2504; I can access GUI on other models of WLC via Service port but this one has none.

Scott Fella · ‎11-13-2013

If your connecting your laptop direct to port 1, then you need to untagged the management vlan. Right now you have that configured for vlan 10, you need to set that to vlan 0.

Then you will be able to ping the management interface and connect to it via the GUI.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Zahan Al-Rashid · ‎11-13-2013

Thanks Scott that has solved it.

Scott Fella · ‎11-13-2013

No problem. The issue is that your machine isn't tagging vlan 10 so the WLC is basically ignoring that packet. Now when you do connect it to the network, you should tag the managemt interface and make sure your trunking and allowing vlan 10.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

malik.shafqat1 · ‎12-19-2017

Hello Everyone,

I am facing some issue regarding GUI access of the WLC from my network. Let me discuss my network first. WLC directly connected with Core nexus switch and

port configuration is

description ****WLC Connected with Core Switch****

interface eth 1/10

switchport mode trunk

My WLC managemnt IP address is in VLAN 205 and interface is tagged with same vlan 205

My AP management ip is in same vlan 205

User connect with VLAN 140

Internet VALN 140 (WLC DHCP)

DHCP configured in WLC

Issue:

Issue is that i can only access my WLC when i connected with controller SSID's. when ever i try to access my WLC from my network/ LAN Infra then not able to access it. but i can ping its management IP address which is in vlan 205. Your expert help is required in this reagrd. Thanks in advance

WLC 2504 can't access GUI...

WLC not access from the network