03-11-2019 11:48 AM - edited 07-05-2021 10:02 AM
Hello,
We are using Cisco 5508 wireless controller (8.2.166.0)
We mostly use LAP AIR-AP1832I-E-K9 access points, atm there is 130 lwap's registred to this controller.
Recently we started to have upload issues with guestnet WLAN, configured to use CAPWAP. Download speed's are fine, but uplaod is almost 0.
Setup, roughly explained goes :
CE (lwap => cisco switch => cisco router) DMVPN connection to DATA center PE ( CONTROLLER => firewall *virutal applience)
Setup from controller to firewall uses QinQ trunnking.
Flex-connect WLAN setup doesnt have this issue, everything works fine.
Do you have any idea what could be wrong ?
Thank you in advance.
Regards,
03-12-2019 02:33 AM
I had a problem where the mobilty express AP's were ordered instead of Capwap. I had to console on to each AP and run AP-Type capwap and discovered that even then some of them had not joined. I then typed - capwap ap primary-controller ip address 10.1.1.1
The AP restarted and synced to the controller and uploaded the firmware.
Not sure if it will help you but that is what I did.
08-27-2019 06:48 AM
This bit is already done, all access-points are already registered on controller with same firmware.
03-12-2019 05:56 AM - edited 03-12-2019 05:59 AM
Could be an MTU issue here. Check your configured MTU on the WLC and if you actually bring it through the tunnel. Also check the TCP MSS setting on the WLC, you maybe need to reduce it a little.
If you test with a wired client, in the same VLAN as the wireless clients, do you get better speeds?
08-27-2019 07:01 AM
Indeed TCP MSS setting on the WLC decrease resolves issue, temporary. We used value 1250.
It works OK for couple of days and than problem occurs again, to resolve its enough just to press apply same existing settings. It's as access points stops to listen controller.
Tell me more about MTU on the WLC ? I can't find that settings, what do you advise to set ?
Note : DMVPN tunnel which connects RTR (and access points) to Data centre where controller is located has this settings
ip mtu 1400
ip tcp adjust-mss 1360
tunnel path-mtu-discovery
08-27-2019 07:09 AM
Now, while it works fine it has this config.
If you something strange, please advise :
Cisco AP Identifier.............................. 78
Cisco AP Name.................................... xxxx
Country code..................................... BE - Belgium
Regulatory Domain allowed by Country............. 802.11bg:-E 802.11a:-E
AP Country code.................................. BE - Belgium
AP Regulatory Domain............................. -E
Switch Port Number .............................. 13
MAC Address...................................... 38:20:56:80:5d:28
IP Address Configuration......................... DHCP
IP Address....................................... 10.179.196.42
IP NetMask....................................... 255.255.255.248
Gateway IP Addr.................................. 10.179.196.41
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1389
DHCP Release Override............................ Disabled
Telnet State..................................... Globally Disabled
Ssh State........................................ Globally Enabled
Cisco AP Location................................ default location
Cisco AP Floor Label............................. 0
Cisco AP Group Name.............................. xxx-ap-group
Primary Cisco Switch Name........................
--More-- or (q)uit
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... FlexConnect
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Rogue Detection ................................. Enabled
AP Vlan Trunking ................................ Enabled (Inherited)
AP Native Vlan ID: .............................. 1 (Inherited)
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 8.2.166.0
Boot Version ................................... 1.1.2.4
Mini IOS Version ................................ 0.0.0.0
Stats Reporting Period .......................... 30
Stats Collection Mode ........................... normal
Radio Core Mode ................................. Disabled
--More-- or (q)uit
Slub Debug Mode ................................. Disabled
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. PoE/Medium Power (15.4 W)
Number Of Slots.................................. 2
AP Model......................................... AIR-AP1832I-E-K9
AP Image......................................... AP1G4-K9W8-M
IOS Version...................................... 8.2.166.0
Reset Button..................................... Enabled
AP Serial Number................................. xxxxxxxxx
AP Certificate Type.............................. Manufacture Installed
AP LAG Configuration Status ..................... Disabled
LAG Support for AP .............................. No
Native Vlan Inheritance: ........................ Group
FlexConnect Vlan mode :.......................... Enabled
Native ID :..................................... 1
WLAN 111 :...................................... 100 (Group-Specific)
FlexConnect VLAN ACL Mappings
FlexConnect Group................................ xxxx-hreap-group
Group VLAN ACL Mappings
--More-- or (q)uit
Group VLAN Name to Id Mappings
AP-Specific FlexConnect Policy ACLs :
L2Acl Configuration ............................. Not Available
FlexConnect Local-Split ACLs :
WLAN ID PROFILE NAME ACL TYPE
------- -------------------------------- --------------------------------- -------
Flexconnect Central-Dhcp Values :
WLAN ID PROFILE NAME Central-Dhcp DNS Override Nat-Pat Type
------- --------------------------------- -------------- -------------- --------- ------
111 xxx-corp False False False Wlan
Flex AVC visibility Configurations..............
WlanId PROFILE NAME Inherit-level Visibility Flex Avc-profile
------- -------------------------------- ------------- ---------- --------------------------------
FlexConnect Backup Auth Radius Servers :
Primary Radius Server........................... Disabled
Secondary Radius Server......................... Disabled
--More-- or (q)uit
AP User Mode..................................... AUTOMATIC
AP User Name..................................... xxxadmin
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 32 days, 04 h 24 m 23 s
AP LWAPP Up Time................................. 14 days, 13 h 52 m 12 s
Join Date and Time............................... Tue Aug 13 02:13:50 2019
Join Taken Time.................................. 0 days, 00 h 01 m 59 s
Memory Type...................................... DDR3
Memory Size...................................... 965632 KBytes
CPU Type......................................... ARMv7 Processor rev 0 (v7l)
Flash Type....................................... Onboard Flash
Flash Size....................................... 58368 KBytes
GPS Present...................................... NO
Ethernet Vlan Tag................................ Disabled
Ethernet Port Duplex............................. Full
Ethernet Port Speed.............................. Auto
AP Link Latency.................................. Disabled
Rogue Detection.................................. Enabled
AP TCP MSS Adjust................................ Enabled
AP TCP MSS Size.................................. 1250
--More-- or (q)uit
Hotspot Venue Group.............................. Unspecified
Hotspot Venue Type............................... Unspecified
DNS server IP ............................. Not Available
08-27-2019 07:25 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide