Configurazione Cisco Wireless LAN Controller Network Module
Inviato: ven 13 ago , 2010 10:54 am
Ciao a tutti .. ho un problema con la configurazione del controller wireless e l'access point lwapp
Ho seguito la configurazione riportata qui http://www.cisco.com/en/US/docs/ios/12_ ... #wp2110457 pero' quando configuro l'interfaccia management tutto va a buon fine e riesco a pingarla invece quando configuro l'interfaccia ap-manager non riesco in nessun modo a pingarla pur essendo nella stessa rete.
Qui di seguito vi posto la configurazione del controller :
Cisco Controller) >show running-config
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac video tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11a channel global off
802.11a txPower global 1
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac video tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
802.11b channel global off
802.11b txPower global 1
aaa auth mgmt local radius
--More-- or (q)uit
Location Summary
Algorithm used: Average
Client
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
Calibrating Client
RSSI expiry timeout: 5 sec
Half life: 0 sec
Rogue AP
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
RFID Tag
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
location rssi-half-life tags 0
location rssi-half-life client 0
--More-- or (q)uit
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
Cisco Public Safety is not allowed to set in this domain
ap syslog host global 255.255.255.255
cdp disable
country IT
dhcp create-scope ApPool
dhcp address-pool ApPool 192.168.254.5 192.168.254.10
dhcp default-router ApPool 192.168.254.1
--More-- or (q)uit
dhcp enable ApPool
dhcp dns-servers ApPool 192.168.254.2
dhcp network ApPool 192.168.254.0 255.255.255.0
local-auth method fast server-key 736563726574
interface create vlan10 10
interface create vlan20 20
interface create vlan30 30
interface address ap-manager 10.171.14.10 255.255.255.248 10.171.14.9
interface address management 10.171.14.11 255.255.255.248 10.171.14.9
interface address virtual 1.1.1.1
interface address dynamic-interface vlan10 10.171.14.98 255.255.255.224 10.171.14.97
interface address dynamic-interface vlan20 10.171.14.34 255.255.255.224 10.171.14.33
interface address dynamic-interface vlan30 10.171.14.130 255.255.255.224 10.171.14.129
--More-- or (q)uit
interface dhcp ap-manager primary 10.171.14.9
interface dhcp management primary 10.171.14.9
interface dhcp dynamic-interface vlan10 primary 10.171.14.97
interface dhcp dynamic-interface vlan20 primary 10.171.14.33
interface dhcp dynamic-interface vlan30 primary 10.171.14.129
interface vlan vlan10 10
interface vlan vlan20 20
interface vlan vlan30 30
interface port ap-manager 1
interface port management 1
interface port vlan10 1
--More-- or (q)uit
interface port vlan20 1
interface port vlan30 1
load-balancing window 5
mesh security eap
mgmtuser add admin **** read-write
mobility group domain icomm
mobility dscp value for inter-controller mobility packets 0
network webmode enable
network mgmt-via-wireless enable
network mgmt-via-dynamic-interface enable
network otap-mode disable
network rf-network-name icomm
radius fallback-test mode off
--More-- or (q)uit
radius fallback-test username cisco-probe
radius fallback-test interval 300
snmp version v2c enable
snmp version v3 enable
sysname Cisco_cc:8f:c0
wlan create 1 ICOMM-DATI ICOMM-DATI
wlan create 2 ICOMM-FONIA ICOMM-FONIA
wlan create 3 ICOMM-TOOWAY ICOMM-TOOWAY
wlan interface 1 vlan10
wlan interface 2 vlan20
wlan interface 3 vlan30
--More-- or (q)uit
wlan broadcast-ssid disable 1
wlan broadcast-ssid disable 2
wlan broadcast-ssid disable 3
wlan session-timeout 1 1800
wlan session-timeout 2 1800
wlan session-timeout 3 1800
wlan wmm allow 1
wlan wmm allow 2
wlan wmm allow 3
wlan security wpa akm ft reassociation-time 20 1
wlan security wpa akm ft over-the-air enable 1
wlan security wpa akm ft over-the-ds enable 1
--More-- or (q)uit
wlan security wpa akm ft reassociation-time 20 2
wlan security wpa akm ft over-the-air enable 2
wlan security wpa akm ft over-the-ds enable 2
wlan security wpa akm ft reassociation-time 20 3
wlan security wpa akm ft over-the-air enable 3
wlan security wpa akm ft over-the-ds enable 3
wlan security wpa wpa1 ciphers tkip enable 1
wlan security wpa wpa1 ciphers tkip enable 2
wlan security wpa wpa1 ciphers tkip enable 3
wlan enable 1
--More-- or (q)uit
wlan enable 2
wlan enable 3
(Cisco Controller) >
Pingo correttamente l'interfaccia 10.171.14.11 ma non riesco a pingare l'interfaccia 10.171.14.10 qualcuna ha qualche idea ?
Grazie a tutti
Ciao !
Ho seguito la configurazione riportata qui http://www.cisco.com/en/US/docs/ios/12_ ... #wp2110457 pero' quando configuro l'interfaccia management tutto va a buon fine e riesco a pingarla invece quando configuro l'interfaccia ap-manager non riesco in nessun modo a pingarla pur essendo nella stessa rete.
Qui di seguito vi posto la configurazione del controller :
Cisco Controller) >show running-config
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac video tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11a channel global off
802.11a txPower global 1
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac video tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
802.11b channel global off
802.11b txPower global 1
aaa auth mgmt local radius
--More-- or (q)uit
Location Summary
Algorithm used: Average
Client
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
Calibrating Client
RSSI expiry timeout: 5 sec
Half life: 0 sec
Rogue AP
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
RFID Tag
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
location rssi-half-life tags 0
location rssi-half-life client 0
--More-- or (q)uit
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
Cisco Public Safety is not allowed to set in this domain
ap syslog host global 255.255.255.255
cdp disable
country IT
dhcp create-scope ApPool
dhcp address-pool ApPool 192.168.254.5 192.168.254.10
dhcp default-router ApPool 192.168.254.1
--More-- or (q)uit
dhcp enable ApPool
dhcp dns-servers ApPool 192.168.254.2
dhcp network ApPool 192.168.254.0 255.255.255.0
local-auth method fast server-key 736563726574
interface create vlan10 10
interface create vlan20 20
interface create vlan30 30
interface address ap-manager 10.171.14.10 255.255.255.248 10.171.14.9
interface address management 10.171.14.11 255.255.255.248 10.171.14.9
interface address virtual 1.1.1.1
interface address dynamic-interface vlan10 10.171.14.98 255.255.255.224 10.171.14.97
interface address dynamic-interface vlan20 10.171.14.34 255.255.255.224 10.171.14.33
interface address dynamic-interface vlan30 10.171.14.130 255.255.255.224 10.171.14.129
--More-- or (q)uit
interface dhcp ap-manager primary 10.171.14.9
interface dhcp management primary 10.171.14.9
interface dhcp dynamic-interface vlan10 primary 10.171.14.97
interface dhcp dynamic-interface vlan20 primary 10.171.14.33
interface dhcp dynamic-interface vlan30 primary 10.171.14.129
interface vlan vlan10 10
interface vlan vlan20 20
interface vlan vlan30 30
interface port ap-manager 1
interface port management 1
interface port vlan10 1
--More-- or (q)uit
interface port vlan20 1
interface port vlan30 1
load-balancing window 5
mesh security eap
mgmtuser add admin **** read-write
mobility group domain icomm
mobility dscp value for inter-controller mobility packets 0
network webmode enable
network mgmt-via-wireless enable
network mgmt-via-dynamic-interface enable
network otap-mode disable
network rf-network-name icomm
radius fallback-test mode off
--More-- or (q)uit
radius fallback-test username cisco-probe
radius fallback-test interval 300
snmp version v2c enable
snmp version v3 enable
sysname Cisco_cc:8f:c0
wlan create 1 ICOMM-DATI ICOMM-DATI
wlan create 2 ICOMM-FONIA ICOMM-FONIA
wlan create 3 ICOMM-TOOWAY ICOMM-TOOWAY
wlan interface 1 vlan10
wlan interface 2 vlan20
wlan interface 3 vlan30
--More-- or (q)uit
wlan broadcast-ssid disable 1
wlan broadcast-ssid disable 2
wlan broadcast-ssid disable 3
wlan session-timeout 1 1800
wlan session-timeout 2 1800
wlan session-timeout 3 1800
wlan wmm allow 1
wlan wmm allow 2
wlan wmm allow 3
wlan security wpa akm ft reassociation-time 20 1
wlan security wpa akm ft over-the-air enable 1
wlan security wpa akm ft over-the-ds enable 1
--More-- or (q)uit
wlan security wpa akm ft reassociation-time 20 2
wlan security wpa akm ft over-the-air enable 2
wlan security wpa akm ft over-the-ds enable 2
wlan security wpa akm ft reassociation-time 20 3
wlan security wpa akm ft over-the-air enable 3
wlan security wpa akm ft over-the-ds enable 3
wlan security wpa wpa1 ciphers tkip enable 1
wlan security wpa wpa1 ciphers tkip enable 2
wlan security wpa wpa1 ciphers tkip enable 3
wlan enable 1
--More-- or (q)uit
wlan enable 2
wlan enable 3
(Cisco Controller) >
Pingo correttamente l'interfaccia 10.171.14.11 ma non riesco a pingare l'interfaccia 10.171.14.10 qualcuna ha qualche idea ?
Grazie a tutti
Ciao !