cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
339
Views
0
Helpful
1
Replies
Highlighted
Beginner

cisco c9800 client policy bind fail

Hello,
we are trying to configure guest WLAN in foreign and anchor topology using two C9800 WLCs.
we are receiving the error messages below
== ANCHOR
Jul 14 18:38:06.288: %CLIENT_EXCLUSION_SERVER-5-ADD_TO_BLACKLIST_REASON_DYNAMIC: Chassis 1 R0/0: wncmgrd: Client MAC: 4491.60b3.a755 was added to exclusion list associated with AP Name:, BSSID:MAC: 0000.0000.0000, reason:Client policy bind fail

Jul 14 18:32:00.676: %CLIENT_EXCLUSION_SERVER-5-ADD_TO_BLACKLIST_REASON_DYNAMIC: Chassis 1 R0/0: wncmgrd: Client MAC: 1094.bb14.dbf2 was added to exclusion list associated with AP Name:, BSSID:MAC: 0000.0000.0000, reason:Client policy bind fail


== FOREIGN
Jul 14 18:38:09.036: %MM_INFRA_LOG-7-MSG_PROC_UNEXISTING_CLIENT: Chassis 1 R0/0: mobilityd: 4491.60b3.a755: Unable to process the received mobility message handoff_end from WNCD[0]. reason: Received message for unknown client

Jul 14 18:38:09.036: %CLIENT_EXCLUSION_SERVER-5-ADD_TO_BLACKLIST_REASON_DYNAMIC: Chassis 1 R0/0: wncmgrd: Client MAC: 4491.60b3.a755 was added to exclusion list associated with AP Name:APA4B4.392B.FBC8, BSSID:MAC: cc7f.753c.f2ad, reason:Excluded by Mobility Peer

Jul 14 18:32:00.968: %MM_INFRA_LOG-7-MSG_PROC_UNEXISTING_CLIENT: Chassis 1 R0/0: mobilityd: 1094.bb14.dbf2: Unable to process the received mobility message handoff_end from WNCD[0]. reason: Received message for unknown client

Jul 14 18:32:00.968: %CLIENT_EXCLUSION_SERVER-5-ADD_TO_BLACKLIST_REASON_DYNAMIC: Chassis 1 R0/0: wncmgrd: Client MAC: 1094.bb14.dbf2 was added to exclusion list associated with AP Name:APA4B4.392B.FBC8, BSSID:MAC: cc7f.753c.f2ad, reason:Excluded by Mobility Peer


=

 

 

1 REPLY 1
Highlighted
Beginner

Hello ALL,

 

I really want to know if a guide is available somewhere to help configure a Guest WLAN in Foreign and ANCHR deployment.

On the FOREIGN WLC
configured the Guest WLAN as well as the Guest Wireless profile
configured Mobility Tunnels with the ANchor WLC
configured the WLC as Foreign
Configured the Anchor Policy Profile
Configured an ACL to Redirect Guest Devices to the ISE Guest Portal
Configured an ACL to permit guest access to the internet and block access to internal resources after guest authorization

On THe ANCHOR WLC
configured Mobility Tunnels with the FOREIGN WLC
Configured the WLC as ANCHOR
Configured the Anchor Policy Profile

on the ISE, for the hotSpot Guest Portal I've
configured an authorization profile
configured an authentication policy
configured an authorization policy


ON the CAMPUS

ISE01 and ISE02 are on the CAMPUS
WLC1 is on the CAMPUS

 

in The DMZ
WLC2 in the DMZ

Content for Community-Ad