12-21-2017 10:12 AM - edited 07-05-2021 08:00 AM
Hello Team,
vWLC 8.4.100.0
AP 2702
I have configured flexconnect (central auth, local switching and is working perfectly fine). I have a WLAN with interface putting my users in the right VLAN switched locally.
But so far i had in WLAN advanced tab NAC state = none. I wanted to enable it to support CoA, quarantine etc. It took me some time to narrow down this problem, but it's 100% replicable, after enabling NAC state = ISE NAC:
- users can authenticate (802.1x) correctly
- users get the right address via DHCP (locally switched VLAN/dhcp server)
- arp is working fine
- but i have no IP connectivity (can not even ping default gateway)
When checking in Monitor/Clients everything looks to be the same including right VLAN.
Is that expected ? Why that is happening ? Maybe after enabling ISE NAC i need to configure some ACL for flexconnect ? (but i am not doing any BYOD/NAC yet, just want basic network connectivity still at this stage).
Could you please help ?
Thanks,
Micha
Solved! Go to Solution.
12-21-2017 02:38 PM
12-21-2017 12:08 PM
12-21-2017 01:29 PM - edited 12-21-2017 01:42 PM
Hi Francesco,
I have upgraded to 8.6.101.0.
And now for 1-2 hours both APs are constantly rebooting, downloading and rebooting (changing operational status from REG to downloading). Many many times (10+). Once REG i can see most of AP specific config is lost (like static ip or flexconnect vlan support). Also primary software version for those APs is always 8.4.100.0 - so it looks like those can not be upgrade to anything newer and stays on loop :(
It does not look good :(
Would you recommend 8.6 or 8.5 ?
(i am hitting bug: CSCvf52723 on 8.4 and it's fixed in 8.6.101.0, but that 8.6 version seems to not support my 2700 even if compatibility matrix says something different)
Thanks,
Michal
12-21-2017 02:00 PM
12-21-2017 02:31 PM
I have definitively stuck in limbo now. WLC: Primay image 8.6, secondary 8.5. For both of them my APs are in circle trying to upgrade and failing, getting back to 8.4 (for 3 hours now). Can i keep AP on 8.4 while WLC on 8.5 ?
Is it possible that AIR-CAP2702I-E-K9 do not support newer software ?
I can not download my old relatively stable 8.4 because it's deferred. What would you recommend now ?
Thanks,
Michal
12-21-2017 02:38 PM
12-21-2017 03:30 PM
Francesco, Thank for the help here.
I have finally managed to solve it:
- downgraded to 8.0 - that software was installed on both APs without issues, but had no flexconnect mode
- after that i have upgraded WLC to 8.5 and then both APs also got upgraded to 8.5 without issues, now i have flexconnect working
- and i have achieved my initial goal - bug with ISE NAC is fixed !
Thanks again a lot !
12-21-2017 03:35 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide