Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1840
Views
0
Helpful
11
Replies

I am not able to ping Radius Servers from WLC (Mobility Express)

pozoteleco
Level 1
Level 1

‎08-22-2019 01:16 PM - edited ‎07-05-2021 10:53 AM

Hi everybody;

I have the following question, i just installed and configured WLC controller with 7 AP's, the management interface have the ip address 192.168.10.90. i am able to ping the interface vlan 10 (internally is the management vlan) of switch 1 (192.168.10.22) and even i am able to ping from WLC whatever ip address from managament vlan of all of devices of my network. I tried to ping my radius server 10.102.100.1 too, but in this case i am not be able to.

 

On switch 1 i can ping the radius ip address 10.102.100.1 , and also i tried ping 10.102.100.1 source 192.168.10.22 and i can ping.

 

What could it be the problem??

Anotación 2019-08-22 215904.png

1 person had this problem
Labels:
0 Helpful
11 Replies 11

Rasika Nayanajith
VIP
VIP

‎08-22-2019 02:31 PM

On the ME AP, do you have default-gateway setting point it to your SW IP (10.22) ?

 

HTH

Rasika

0 Helpful

pozoteleco
Level 1
Level 1
In response to Rasika Nayanajith

‎08-22-2019 11:27 PM

Sure,

(Cisco Controller) >show interface detailed management

Interface Name................................... management
MAC Address...................................... 00:00:5e:00:01:01
IP Address....................................... 192.168.10.90
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 192.168.10.22
IP Address Type.................................. Static
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
Link Local IPv6 Address.......................... fe80::c6f7:d5ff:feb3:1a60/64
STATE ........................................... NONE
Primary IPv6 Address............................. ::/128
STATE ........................................... NONE
Primary IPv6 Gateway............................. ::
Primary IPv6 Gateway Mac Address................. 00:00:00:00:00:00
STATE ........................................... CREATING
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Physical Port.................................... 1
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. Unconfigured
Secondary DHCP Server............................ Unconfigured


Is there something wrong? Kind regards.
0 Helpful

Rasika Nayanajith
VIP
VIP
In response to pozoteleco

‎08-23-2019 01:16 AM - edited ‎08-23-2019 01:18 AM

That's look normal.

What happen if you put a PC on vlan 10 & see if you can ping RADIUS server from that PC ? 
To double check, pls share your switchport configuration that connects to ME

 

Rasika

0 Helpful

pozoteleco
Level 1
Level 1
In response to Rasika Nayanajith

‎08-23-2019 03:23 AM

If i connect a Laptop Directly to the switch in vlan 10, i am able to ping to whatever side.

The switchport configuration is the same like i put in the scheme.

I think the problem it should be here:

(Cisco Controller) >show system route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 srcr3
7.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 srcr3
192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 virtual


What is your opinion??

What it should be the command to configure routes??

Kind regards.
0 Helpful

pozoteleco
Level 1
Level 1
In response to pozoteleco

‎09-24-2019 06:44 AM

I still having the problem, could you help me? :(

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to pozoteleco

‎09-24-2019 06:55 AM

Can you run a packet capture on the Radius server to see if your Ping packets actually arrive? That would help to somewhat isolate the problem.
What release of ME are you running on the APs?
Do you have an ACL configured on the ME?
0 Helpful

pozoteleco
Level 1
Level 1
In response to patoberli

‎09-24-2019 07:40 AM

Hi!
1 - I didn't see any ping arriving to the radius server.

2 - For AP the version is:
cisco AIR-AP1815I-E-K9 ARMv7 Processor rev 5 (v7l) with 1015824/658320K bytes of memory.
Processor board ID FGL2325B2F5
AP Running Image : 8.8.125.0
Primary Boot Image : 8.8.125.0
Backup Boot Image : 8.5.140.0
Primary Boot Image Hash:
Backup Boot Image Hash:
AP Image type : MOBILITY EXPRESS IMAGE
AP Configuration : MOBILITY EXPRESS CAPABLE

3 - No ACL created yet.

Kind regards.
0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to pozoteleco

‎09-24-2019 08:25 AM

For testing, remove the Native VLAN on the Switchport, or do not tag it on the AP.
It's either native (and not tagged) or tagged and not native.
0 Helpful

pozoteleco
Level 1
Level 1
In response to patoberli

‎09-25-2019 12:28 AM

So you mean to remove switchport trunk native vlan 10 from switch and tag the management interface of controller with vlan 10 ??

Kind regards.
0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to pozoteleco

‎09-25-2019 02:29 AM

It depends on your setup, but essentially yes try this for testing.

0 Helpful

Mirza
Level 1
Level 1

‎10-30-2020 06:24 AM

Hi pozoteleco,

 

I am having the same issue, so how do you fix it?

 

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card