Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2463
Views
0
Helpful
8
Replies

WLC Upgrades to 7.5.102.0 from 7.4.100.0 Question

Stavros Zannikos
Level 1
Level 1

‎08-02-2013 07:01 AM - edited ‎07-04-2021 12:34 AM

We went through an upgrade from 7.4.100.0 for all of our WLC's this morning.  One of the interesting features, that we wanted to take advantage of, was the BYOD profiling that the release notes talk about.  I'm going through the controllers and see that there is now a tab under the SSID called "policy mapping".  However, when I look for where I can create the local policy, I cannot find anything on the WLC for completing that task.  I've been looking for instructions and notes on how to do this, but cannot seem to find any.  Would anyone be able to point me in the right direction?  Thanks!   

Labels:
0 Helpful
8 Replies 8

Stavros Zannikos
Level 1
Level 1

‎08-02-2013 07:03 AM

Please disregard.....found it!

0 Helpful

Anil Hanagud
Cisco Employee
Cisco Employee
In response to Stavros Zannikos

‎08-02-2013 09:13 AM

Hope this is what you're looking for: the Configuring Local Policies section in the 7.5 configuration guide:

http://www.cisco.com/en/US/docs/wireless/controller/7.5/config_guide/b_cg75_chapter_0111100.html

0 Helpful

campbech1
Level 1
Level 1

‎10-28-2013 05:17 AM

Stavros,

Since you've been on 7.5 code for almost 2 months now, what has been your experience with it? Have you found it reliable and have you ran into any issues? We are rolling out ISE and an upgrade to 7.4 is required for some of the features we're trying to implement but if 7.5 is stable, I might just make the leap to it.

0 Helpful

Stavros Zannikos
Level 1
Level 1
In response to campbech1

‎10-28-2013 05:25 AM

@campbech1,

Ironically enough, we're also implementing ISE within the next few months!  Let me know how your ISE rollout goes! 

As far as code 7.5.102.0 goes, we only ran into one issue.  It's a known issue(CSCud68413), which causes any controller, that is acting as a DHCP server, to stop handing out IP addresses.  The only fix is to reboot the controller.  Our guest anchor controller is responsible for handing out DHCP addresses.  We noticed this issue early on.  Our work-around was to move the DHCP scope onto an L3 switch.  Other than that, 7.5.102.0 has been pretty stable.  I haven't experienced any other issues with it.  I do like the profiling capabilities, and the ability to create certain rulesets off of the profiles.  It's kind of a like a mini-ise, when it comes to profiles. 

Let me know how everything goes!  Good luck!

0 Helpful

dhouse630
Level 1
Level 1
In response to Stavros Zannikos

‎10-30-2013 06:58 AM

Thanks for the info on 7.5.102.  I do have a question how many AP's and Clients do you have on your 7.5 environment and have you seen Bug ID CSCtd34834.  We see this bug where we get critical errors MFP Anomaly Detected - 1 'CCMP Not Encrypted'.  from most of our clients.  It does not cause an operational issue with a small number of clients.  We are just looking for more information on larger installs as we have a plan to move quickly to 7.5.

Thanks

Mark Dycus

0 Helpful

Stavros Zannikos
Level 1
Level 1
In response to dhouse630

‎10-30-2013 07:22 AM

Mark,

We were seeing the same thing!  Our resolution (not really a resolution, but more of a work-around) was to turn down the alarms.  I do see that there is an enhancement request for this (CSCtd34834). 

0 Helpful

dhouse630
Level 1
Level 1
In response to Stavros Zannikos

‎10-30-2013 11:09 AM

I don't see how to turn down the alarms? help.  I did disable MFP on all our SSID but I still see the critical alarm.  About how many clients are you running?

Thanks again

Mark.dycus@vanderbilt.edu

0 Helpful

Ravi Singh
Level 7
Level 7

‎11-06-2013 08:55 AM

Please follow the below steps to create Local Policies.

Step 1  

Choose Security > Local   Policies.

Step 2  

Click New to create a new policy.

Step 3  

Enter the policy name and click Apply.

Step 4  

On the Policy List page, click the   policy name to be configured.

Step 5  

On the Policy > Edit page,   follow these steps:

  1. In the Match Criteria area,        enter a value for Match Role String. This is the user type or user group        of the user, for example, student, teacher, and so on.
  2. From the Match EAP Type drop-down        list, choose the EAP authentication method used by the client.
  3. From the Device Type        drop-down list, choose the device type.
  4. Click Add to add the device        type to the policy device list.

The   device type you choose is listed in the Device List.

  1. In the Action area, specify        the policies that are to be enforced. From the IPv4 ACL drop-down list,        choose an IPv4 ACL for the policy.
  2. Enter the VLAN ID that should        be associated with the policy.
  3. From the QoS Policy drop-down        list, choose a QoS policy to be applied.
  4. Enter a value for Session        Timeout. This is the maximum amount of time, in seconds, after which a        client is forced to reauthenticate.
  5. Enter a value for Sleeping        Client Timeout, which is the timeout for sleeping clients.

Sleeping   clients are clients with guest access that have had successful web   authentication that are allowed to sleep and wake up without having to go   through another authentication process through the login page.

This   sleeping client timeout configuration overrides the WLAN-specific sleeping   client timeout configuration.

  1. In the Active Hours area,        from the Day drop-down list, choose the days on which the policy has to        be active.
  2. Enter the Start Time and End        Time of the policy.
  3. Click Add.

The   day and start time and end time that you specify is listed.

  1. Click Apply.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card