06-13-2022 11:44 PM
Hello,
I am looking for some help regarding what I thought would be a simple WLAN setup. I must admit, Cisco network interfaces are not something I am familiar with at all. I have done a bit of poking around the Cisco community and it seems like there are several questions that address this issue...but I think I am not understanding something very fundamental about this as nothing I am doing seems to work. Please help!
My First Goal: Establish a connection with a single Cisco Aironet 2800AP from the WLC itself. I am under the impression that I can setup a small WLAN this way. I do not think I require any additional switches or anything (please enlighten me if I am wrong about that).
Here is a basic setup I have performed to configure the WLC 3504, without performing any extra steps.
1. Take a fully reset WLC 3504 and connect to the service port with an Ethernet cable (I do not have the Aironet AP connected to the WLC)
2. From the service port connection to a CPU I am able to perform an initial configuration via GUI by typing 192.168.0.3 in my browser.
3. I then input the following values:
Controller Settings:
- Management IP Address: 192.168.128.149
- Management IP Subnet: 255.255.255.0
- Management IP Gateway: 192168.128.191
- Management VLAN ID: 0
Wireless Network Settings:
- Employee VLAN: Management VLAN
- DHCP Server Address: -
Advanced Settings:
- Virtual IP Address: 192.0.2.1
- Local Mobility Group: Default
- DHCP
4. I then clock "Apply" and allow the WLC to reboot.
5. The GUI cuts out and at this point I am under the impression that I should be able to connect to "Port 1" on the WLC 3504 and can login to the main WLC GUI via https://192.168.128.149 , but access to the GUI appears to be unavailable this way as it is not working.
- I have tried the "config network webmode disable" command over CLI using PuTTY via USB interface with the WLC and attempting to connect via http:// does not work either.
******************************************************************************
I grabbed the following information off of the serial interface (connected via USB using PuTTY) as the WLC boots up. Is there anything in this that is telling?
******************************************************************************
Cisco bootloader . . .
Cisco BootLoader Version : 8.5.103.0 (Cisco build) (Build time: Jul 25 2017 - 07 :47:10)
Octeon unique ID: 014000620321f31e010b
OCTEON CN7240-AAP pass 1.3, Core clock: 1500 MHz, IO clock: 800 MHz, DDR clock: 1067 MHz (2134 Mhz DDR)
DRAM: 8 GiB
Clearing DRAM...... done
CPLD Revision : a5
Reset Reason : Soft reset due to RST_SOFT_RST write
SF: Detected S25FL064A with page size 256 Bytes, erase size 64 KiB, total 8 MiB
MMC: Octeon MMC/SD0: 0 (Type: MMC, Version: MMC v5.1, Manufacturer ID: 0x15, V endor: Man 150100 Snr 07dc11b8, Product: BJNB4R, Revision: 0.7)
Net: octmgmt0, octmgmt1, octeth0, octeth1, octeth2, octeth3, octeth4, octeth5, octeth6
SF: Detected S25FL064A with page size 256 Bytes, erase size 64 KiB, total 8 MiB
Press <ESC> now to access the Boot Menu...
Loading primary image (8.10.121.0)
89367619 bytes read in 2097 ms (40.6 MiB/s)
Launching...
Verifying images... OK
Launching images...
PP0:~CONSOLE-> Using device tree
PP0:~CONSOLE-> Version: Cavium Inc. OCTEON SDK version 3.1.2-p7, build 591
PP1:~CONSOLE-> Version: Cavium Inc. OCTEON SDK version 3.1.2-p7, build 591
PP2:~CONSOLE-> Version: Cavium Inc. OCTEON SDK version 3.1.2-p7, build 591
PP3:~CONSOLE-> Version: Cavium Inc. OCTEON SDK version 3.1.2-p7, build 591
PP0:~CONSOLE-> Application in 64-bit mode (ptrsize= 8 bytes)
PP0:~CONSOLE-> # cvmcs: Cores are running at 1500000000 Hz
PP0:~CONSOLE-> # cvmcs: BOOT CORE: Core 0; DISPLAY CORE: Core 3
PP0:~CONSOLE-> SDK Build Number: 3.1.2-p7, build 591
PP0:~CONSOLE-> Platform Initialization... Platform board =24590
PP0:~CONSOLE-> # fp_hal_platform_init: WLC-Kukri core_mask=0xf num_cores=4 pool= 204800/102400/34794/128
PP0:~CONSOLE-> Octeon68xx/73xx found in iit_iqs
PP0:~CONSOLE-> Done with all fp init functions
PP0:~CONSOLE-> Initializing Phy ports, queues
PP0:~CONSOLE-> Node 0 Interface 0 has 4 ports (SGMII)
PP0:~CONSOLE-> Node 0 Interface 1 has 4 ports (XFI)
PP0:~CONSOLE-> Node 0 Interface 2 has 2 ports (SGMII)
PP0:~CONSOLE-> Node 0 Inface 3 hs 128 ports (NPI)
PP0:~CONSOLE-> Node 0 Interface 4 has 4 ports (LOOP)
INIT: version 2.88 bootingPP0:~CONSOLE->
PP0:~CONSOLE->
PP0:~CONSOLE-> Active FP Cores in System = 04.
PP0:~CONSOLE->
PP0:~CONSOLE->
PP0:~CONSOLE-> Booting DP ID 0
Configuring network interfaces... done.
PP0:~CONSOLE-> Warning: Enabling PKI when PKI already enabled.
Starting udev
Decompressing... OK
Validating......MD5 ffe05140d7c9405150181c1702316256
ffe05140d7c9405150181c1702316256
OK
Setting up the kernel dump handler..
INIT: Entering runlevel: 3
Detecting Hardware ...
/sbin/oct-linux-csr: line 2: oct-remote-csr: Permission denied
/sbin/oct-linux-csr: line 2: oct-remote-csr: Permission denied
/sbin/oct-linux-csr: line 2: oct-remote-csr: Permission denied
/sbin/oct-linux-csr: line 2: oct-remote-csr: Permission denied
/sbin/oct-linux-csr: line 2: oct-remote-csr: Permission denied
Loading host drivers..
Starting Ulogd...
Starting DB Services...
Starting NA Connector...
Cryptographic library self-test....
Testing SHA1 Short Message 1
Testing SHA256 Short Message 1
Testing SHA384 Short Message 1
SHA1 POST PASSED
Testing HMAC SHA1 Short Message 1
Testing HMAC SHA2 Short Message 1
Testing HMAC SHA384 Short Message 1
passed!
XML config selected
Validating XML configuration
octeon_device_init: found 1 DPs
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Cisco AireOS Version 8.10.121.0
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Network Services: ok
Starting Statistics Service: ok
Unable to open dx flag file
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Data Externalization services: ok
Starting Network Interface Management Services: ok
Starting System Services:
Read from Flash Completed ...
ok
Starting FIPS Features: ok : Not enabled
Starting SNMP services: ok
Starting Fastpath Hardware Acceleration: ok
Starting Fastpath DP Heartbeat : ok
Fastpath CPU0.00(0): Starting Fastpath Application. SDK-Cavium Inc. OCTEON SDK v ersion 3.1.2-p7, build 591. Flags-[DUTY CYCLE] : ok
Fastpath CPU0.00(0): Initializing last packet received queue. Num of cores(4)
Fastpath CPU0.00(0): Initializing Global Packet Queue. Num of packets supported( 1000)
Fastpath CPU0.00(0): Core 0 Initialization and FIPS self-test: ok
Fastpath CPU0.00(0): 4 Cores are being initialized
Fastpath CPU0.00(0): Initializing Timer...
Fastpath CPU0.00(0): Initializing Timer...done.
Fastpath CPU0.00(0): Initializing Timer...
Fastpath CPU0.00(0): Initializing NBAR AGING Timer...done.
Fastpath CPU0.00(0): Initializing Data Ports....done
Fastpath CPU0.01(0): Core 1 Initialization and FIPS self-test: ok
Fastpath CPU0.02(0): Core 2 Initialization and FIPS self-test: ok
Fastpath CPU0.03(1): Core 3 Initialization and FIPS self-test: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Client Troubleshooting Service: ok
Starting Certificate Database: Initializing Curl Globally..
ok
Starting VPN Services: ok
Starting Management Frame Protection: ok
Starting DNS Services: ok
ok
HBL initialization is successful
Starting Licensing Services: ok
Starting Redundancy: ok
Start rmgrPingTask: ok
Starting LWAPP: ok
Starting CAPWAP: ok
Starting LOCP: ok
Starting Security Services: ok
Starting OpenDNS Services: ok
Starting Policy Manager: ok
Starting TrustSec Services: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Capwap Ping Component: ok
Starting AVC Services: ok
Starting AVC Flex Services: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting RF Profiles: ok
Starting Environment Fan Status Monitoring Service: ok
Starting Mesh Services: ok
Starting TSM: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting DTLS server: enabled in CAPWAP
In hreapLoadConfig. Loading config has failed. loading default config
Starting CleanAir: ok
Starting WIPS: ok
Starting SSHPM LSC PROV LIST: ok
Starting RRC Services: ok
Starting SXP Services: ok
Starting Alarm Services: ok
Starting FMC HS: ok
Starting IPv6 Services: ok
Starting Config Sync Manager : ok
Starting Hotspot Services: ok
Starting Tunnel Services New: Failed
Starting PMIP Services: ok
Starting Portal Server Services: ok
Starting mDNS Services: ok
Starting Management Services:
Web Server: CLI: Secure Web: ok
SSH: ok
Starting IPSec Profiles component: ok
Starting FEW Services: ok
Starting MS Agent Services: ok
Starting CPU ACL Logging services: ok
***************************************************************************
I also queried this information with the "show network summary" command:
***************************************************************************
show network summary
RF-Network Name............................. Rtest
DNS Server IP............................... 0.0.0.0
Web Mode.................................... Enable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Enable
Secure Web Mode SSL Protocol................ Disable
Web CSRF check.............................. Enable
OCSP........................................ Disabled
OCSP responder URL..........................
Network 2-factor-authentcation.............. Disable
2FA Username field ..................... Common Name
Secure Shell (ssh).......................... Enable
Secure Shell (ssh) Cipher-Option High....... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
IPv4 AP Multicast/Broadcast Mode............ Unicast
IPv6 AP Multicast/Broadcast Mode............ Unicast
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
I would be extremely grateful for any help regarding this issue and will certainly rate helpful replies.
Thank you.
Solved! Go to Solution.
06-14-2022 10:52 PM
- Use a switched network between the controller and your PC , do not use a direct link.
M.
06-15-2022 07:22 AM
- An unmanaged switch with default configuration will be fine , including default port settings , but the IP addresses between your PC and the controller must be compatible and or in the same subnet (check if you can ping the controller first)
M.
06-13-2022 11:49 PM
>.... - I have tried the "config network webmode disable"
- Would you rather not need the reverse command to get the GUI enabled . check :
M.
06-14-2022 12:18 AM
Hello Marce,
I apologize for the misunderstanding. This is the exact webpage I referenced for this command. It appears that I input a typo here. I have tried the "config network webmode enable" command. It certainly enables the standard "Web Mode" setting, but when I attempt to input the MGMT IP address using http:// instead of https:// I get the same result, no GUI.
Thank you! Any other ideas?
06-14-2022 12:26 AM
- How do you define 'no GUI' ; is there an error in the browser , an empty page, do you get connection refused , or something else ... ?
If needed ,provide a screenshot (too).
M.
06-14-2022 08:46 AM
Marce,
Thank you very much for following up!
I looked into this to get you the exact information.
Attempts to access the GUI via Microsoft edge today resulted in the following errors:
1. Logins using https:// resulted in "ERROR_CONNECTION_ABORTED"
2. Logins using https:// resulted in "ERROR_SOCKET_NOT_CONNECTED"
I did go into the CLI interface and grabbed a little bit more information that I think might be helpful.
(Cisco Controller) >show interface summary
Number of Interfaces.......................... 5
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
-------------------------------- ---- -------- --------------- ------- ------ -----
management 1 untagged 192.168.128.149 Static Yes No
redundancy-management 1 untagged 0.0.0.0 Static No No
redundancy-port - untagged 0.0.0.0 Static No No
service-port N/A N/A 0.0.0.0 DHCP No No
virtual N/A N/A 192.0.2.1 Static No No
(Cisco Controller) >show interface detailed management
Interface Name................................... management
MAC Address...................................... 70:18:a7:c9:50:01
IP Address....................................... 192.168.128.149
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 192.168.128.191
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
Link Local IPv6 Address.......................... fe80::7218:a7ff:fec9:5001/64
STATE ........................................... REACHABLE
Primary IPv6 Address............................. ::/128
STATE ........................................... NONE
Primary IPv6 Gateway............................. ::
Primary IPv6 Gateway Mac Address................. 00:00:00:00:00:00
STATE ........................................... INCOMPLETE
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Active Physical Port............................. 1
Primary Physical Port............................ 1
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. Unconfigured
--More-- or (q)uit
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
DHCP Option 82 bridge mode insertion............. Disabled
DHCP Option 6 Opendns Override................... Disabled
IPv4 ACL......................................... Unconfigured
URL ACL.......................................... Unconfigured
IPv6 ACL......................................... Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast..................................... Enabled
06-14-2022 09:04 AM
>.... Logins using https:// resulted in "ERROR_CONNECTION_ABORTED"
- Is this a persistent error when trying from other PC , Mac or 'operator terminal' with different browser (e.g.) ?
M.
06-14-2022 09:55 AM
Hello M,
I tried Chrome and Firefox using a different PC.
Chrome:
Firefox:
06-14-2022 10:21 AM
- Make sure you have no firewall in between (or verify by using host in same subnet as the controller)
M.
06-14-2022 10:47 AM
06-14-2022 10:52 PM
- Use a switched network between the controller and your PC , do not use a direct link.
M.
06-15-2022 06:39 AM
06-15-2022 07:22 AM
- An unmanaged switch with default configuration will be fine , including default port settings , but the IP addresses between your PC and the controller must be compatible and or in the same subnet (check if you can ping the controller first)
M.
06-15-2022 09:08 PM
Hello M,
Thank you for your help. By speaking to you I was able to determine that I needed to be hooked up to the network at my place of work and within the same subnet.
I was able to determine an acceptable static IP address within that subnet and used the gateway IP address of that network.
I was able to get one wireless ap connected and the SSID for my WLAN came up almost right away. I decided to attach 3 more APs. It looks like I have a little bit of trouble shooting to do with the 4th aironet ap, but I will take a crack at it!
I may be on here again very soon! Thanks again for your help!
Best wishes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide