02-13-2014 12:09 AM - edited 07-05-2021 12:10 AM
We have a anchor Foreign WLAN setup . The SSID is using the L3 webauth security . The SSID is anchored to the anchor controller . The setup is working fine that the clients get the webpage from the anchor controller and the IP as expected . The issue is that VM clients in the nettwork is not able to get the ip address .
Documents states that this is a limitation of cisco and inorder to overcome the issue we need to enable the Passive client option on the SSID .
Since we are using the L3 security i am not able to enable the Passive client option .
Hence i need to configure a SSID with L2 prifile in the anchor foreign setup ( need to get the IP range from the Anchor dynamic interface ) and the VM should get the IP . Please help me to get this done
thanks in Advance
Nishad
02-13-2014 12:19 AM
Hi Nishad,
See this post:
https://supportforums.cisco.com/thread/329343
https://supportforums.cisco.com/thread/2065405
https://supportforums.cisco.com/thread/2087163
Starting in 7.0.116.0, cisco added support for non-cisco WGBs with the passive client feature on a wlan. This feature will also apply to VMware and virtual clients -- it is available on the 2100, 2500, 5500 WLCs, although it is not available on the 4400 series (WISM/3750) due to architecture limitations.
you can try enabling the passive client feature on your WLAN to see if this helps resolve the issue.
Regards
02-13-2014 12:25 AM
Hi sandeep ,
Thanks for the reply . i need help in configuring the SSID with L2 security in anchor foreign setup .
I am using 5508 controller with 7.6.100.0 code
is it possible to anchor the SSID with l2 security policy .
I have integrated LDAP to the controller `
Regards\Diburaj
02-13-2014 12:58 AM
If I understood correct : Can combine Layer 3 security (Web Authentication) with Layer 2 security?
is it ??
then your answer is here:
http://wirelessccie.blogspot.de/2009/12/wlc-layer-2-and-layer-3-security.html
Regards
Dont forget to arte helpful posts
02-13-2014 02:16 AM
Hi sandeep ,
I can combine L2 and L3 . but if we enable l3 security we will not be able to enable passive client option .
Regards
Nishad KI
02-13-2014 01:56 AM
VM clients in bridge mode is still an issue. Their workaround right now is to have your VM client in NAT or shared mode. I run Parallel's on my Mac and can't get an IP for both the client and bridged VM.
Sent from Cisco Technical Support iPhone App
02-13-2014 02:22 AM
HI Scot ,
As per cisco docs the passive client option will resolve the issue
Is there any one who has got the VM setup working
Regards
Nishad KI
02-13-2014 04:27 AM
If you search the forums, you can see others still have issues. You can also google it and you can see that they suggest passive client and disable IP Mac binding. Doesn't work for me.
Sent from Cisco Technical Support iPhone App
02-14-2014 12:23 AM
Hi scot
I have the similar setup (anchor - foreign )
I have used L2 security ( WEP ) and anchored the SSID to the anchor controller .
I enabled Passive client option ( WLAN >SSID >Advanced ) , The Mulicast option should be enabled globally .
All my Windows workstation VM client gets the IP , i am not sure on MAC OS .
Now my customer requirement is to use WPA+WPA2 option and need to get authenticated with the LDAP ( integrated in controller )
Can anyone help me in configuring the setup .
Thanks in advance
Regards
Angus
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: