4402 WLC connection and setup

Cisco1619 · ‎07-23-2013

I am setting up a 4402 WLC on my home lab and can't get the management port to work. I have the web interface through the service port working. I was hoping someone could help. My home lab has the switches, an 881W, and two 871. Each of these three units have the same basic set up of 4 L2 switch ports and one L3 WAN port. I have the 881W as the switch the service port connects to. The ip of the switch is 10.1.1.1, with the service port connected at 10.1.1.4. The WAN port on the 881W connects to the WAN port of one of the 871 switches. The have ip addresses of 192.168.1.1 and .2. The second 871 is connected to the first 871 through a L2 trunk port. The ip of the 871s are 10.2.1.1 and 10.2.1.2. I have the management port of the WLC connected to the second 871 through it's WAN port at 10.10.1.1. The management interface for the WLC is 10.10.1.5 and the AP-manager is 10.10.1.6 through port 2 of the 4402. Under port statistics in the WLC I see packet received and transmitted, so it appears the there is a connection.
I have moved the management port to a L2 connection on the second 871 and changed the ip accordingly, but it still does not respond to pings. I have not been able to get this up and going. Any help would be greatly appreciated.

Sent from Cisco Technical Support iPad App

Stephen Rodriguez · ‎07-23-2013

What is the config for the management interface and for the port it connects to?

Steve

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Scott Fella · ‎07-23-2013

Your setup is really not standard. First off the service port on the 4400 is for out of band and should not be connected to the network. The IP address should also be something that is not used in your network thus not routable. The management and the ap manager interface needs to be on the same subnet and either tagged or not tagged. If you have set the vlan to 0 when you went the ought the startup wizard, then the trunk port the WLC is connected to should have a native vlan configured. If you specified a vlan, then you just need to make sure the vlan is allowed. If you have the WLC connected to an access port, then the management vlan should be untagged, set to 0.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Cisco1619 · ‎07-23-2013

I have tried what you said, but I am still unable to get the management port up. I will try to get the configs tomorrow. Does this have to connect to an access port, L3 port, or does it matter if the configs are correct? Does there need to be any routes on the WLC set up?

Sent from Cisco Technical Support iPad App

Scott Fella · ‎07-23-2013

It needs to be connected to a single switch via a trunk port (use only one port on the WLC). You need to post your config and the switch config.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Cisco1619 · ‎07-24-2013

Here is the configuration for the controler management port and the switch I have it connected to. Currently I have it on a L2 connection.

(Cisco Controller) >show interface detailed management

Interface Name................................... management

MAC Address...................................... 00:24:c4:e6:38:80

IP Address....................................... 10.2.1.5

IP Netmask....................................... 255.255.255.0

IP Gateway....................................... 10.2.1.1

External NAT IP State............................ Disabled

External NAT IP Address.......................... 0.0.0.0

VLAN............................................. untagged

Quarantine-vlan.................................. 0

Active Physical Port............................. 2

Primary Physical Port............................ 2

Backup Physical Port............................. Unconfigured

Primary DHCP Server.............................. 10.2.1.2

Secondary DHCP Server............................ Unconfigured

DHCP Option 82................................... Disabled

ACL.............................................. Unconfigured

AP Manager....................................... No

Guest Interface.................................. No

(Cisco Controller) >

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname R3_871

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$ev6X$HjtwiFNNxEcL0vkOUxdrA.

!

no aaa new-model

!

crypto pki trustpoint TP-self-signed-2690146388

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2690146388

revocation-check none

rsakeypair TP-self-signed-2690146388

!

crypto pki certificate chain TP-self-signed-2690146388

certificate self-signed 01

!

!!!!Eliminating for clarity!!!!

!

dot11 syslog

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.2.1.128 10.2.1.135

!

ip dhcp pool Home_Lab

network 10.2.1.128 255.255.255.128

default-router 10.2.1.2

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

no ip domain lookup

!

username !!!removed!!!

!

archive

log config

hidekeys

!

!!

interface FastEthernet0

switchport access vlan 20

switchport mode trunk

!

interface FastEthernet1

switchport access vlan 30

!

interface FastEthernet2

switchport access vlan 20

!

interface FastEthernet3

description WLC Connection

switchport mode trunk

!

interface FastEthernet4

ip address 10.10.1.1 255.255.255.0

duplex auto

speed auto

!

interface Vlan1

no ip address

!

interface Vlan20

ip address 10.2.1.2 255.255.255.0

!

interface Vlan30

no ip address

!

ip forward-protocol nd

ip route 10.1.1.0 255.255.255.0 10.2.1.1

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

control-plane

!

line con 0

privilege level 15

logging synchronous

no modem enable

line aux 0

line vty 0 4

privilege level 15

logging synchronous

login local

!

scheduler max-task-time 5000

end

R3_871#sh int statu

Port    Name               Status       Vlan       Duplex Speed Type
Fa0                                        connected    trunk      a-full   a-100 10/100BaseTX
Fa1                                        notconnect   30           auto    auto 10/100BaseTX
Fa2                                        notconnect   20           auto    auto 10/100BaseTX
Fa3     WLC Connection     connected    trunk      a-full   a-100 10/100BaseTX

Thanks for the help!

Leo Laohoo · ‎09-03-2013

VLAN............................................. untagged

Tag your management interface to the appropriate management VLAN, 20.

IP Gateway....................................... 10.2.1.1

Where is this?

What is this router? Exactly, what model? I can see you've created an interface VLAN, where's the VLAN in relations with the VLAN database? I don't see that.

Can you post the output to the WLC command of "sh cdp nei det"?

Abhishek Abhishek · ‎09-03-2013

As per the config posted by you I can see that the issue of default gateway and the encapsulation type is not configured on the switch.

Jacob Snyder · ‎09-03-2013

4400 requires a 1000Mbps (gig) port and they don't support 100Mbps speed.. All the ports on 881W and 871 are 100Mbps.

Sent from Cisco Technical Support iPhone App