WLC logg: WIPS Alert: Reason "NoProfile" detected on AP

cisco

    Sponsored Links

    Next

  • 1. PIX pinging
    seem to recall that the PIX explicitly allows for ping to its interfaces, i.e. permit icmp inside any what if at the same time i had this on an ACL that's applied to the inside interface: access-list in_acl deny icmp any any which one takes precedence?
  • 2. Dynamic Site to Site
    I have a static site to site vpn tunnel between a pix 515 and a 506. I now need to add a dynamic site to site vpn tunnel to my configuration. Basically the 515 is at HQ and the 506s are at satilite plants. Plant A (HQ) uses static ip addresses, so too does Plant B. However, plant C's ISP cannot supply static IP addresses for the solution chosen (don't ask!). Instead, the ISP router in Plant C is going to have a dynamic public ip and yet the pix is not going to even have a public ip address at all. Is a site to site tunnel possible in this setup? Can the required ipsec ports be opened and forwarded to the Plant C's pix on their ISP router? Any help would be most welcome.
  • 3. Questions on "sysopt connection permit-ipsec"
    Some questions regarding the above command. From my understanding this command implicitly generates the following for an interface enabled for IPSEC, say the outside interface: access-list <outside_ACL> permit 50 any host <PIX outside interface IP> access-list <outside_ACL> permit 51 any host <PIX outside interface IP> access-list <outside_ACL> permit udp any host <PIX outside interface IP> eq 500 Is this understanding correct? - The the sysopt command is enabled, the ACL tied to the crypto map will be implicitly trusted, allowing the decrypted IPSEC packets to be permitted even if the outside interface ACL does not explicitly allow for it. Does this mean that there's potential security issue with this? For example the following is the ACL tied to the crypto map: Crypto map ACL: access-list ipsectraffic permit tcp host 10.1.1.3 any access-list ipsectraffic permit tcp host 10.1.1.4 any Outside interface ACL: access-list outsideACL deny ip any any Effective outside interface ACL: access-list outsideACL permit any host 10.1.1.3 access-list outsideACL permit any host 10.1.1.4 access-list outsideACL deny ip any any Are static translations implicitly created as well? If so why is this still needed in some of Cisco's literature? nat (inside) 0 access-list ipsectraffic Lotsa questions, but TIA for those who clear up my understanding.

WLC logg: WIPS Alert: Reason "NoProfile" detected on AP

Postby colin » Wed, 07 Jul 2010 21:21:25 GMT

Hi NG,

i got following WLC-440X logging message:

1 Sat Jul 3 10:35:21 2010 AP 'ACCESSP-3', MAC: 00:14:6a:XX:XX:XX 
disassociated previously due to AP Reset. Uptime: 0 days, 00 h 00 m 52 s . 
Last reset reason: controller reboot command
2 Sat Jul 3 10:35:21 2010 WIPS Alert: Reason "NoProfile" detected on AP MAC: 
00:14:6a:XX:XX:XX, AP Name: ACCESSP-3

unfortuanitely the neither output interpreter nor the error messages decoder 
on cisco.com recognize those messages...so:

i cleared the AP's config via WLC, keept the static IP info and let the AP 
reload, once booted, then reconfigured the AP within the WLC.
But everytime the AP joins the WLC after a power outage, its radio 
interfaces stay down after the join!
once joined to the WLC and after i configured the AP on the WLC to enable 
its radios everything works just fine.

Now i still got the condition that after the power failure within the 
building for example that i have to re-enable some ap's within the WLCs 
management.
any clues on the message output is welcome.





Similar Threads:

1.WLC logg: WIPS Alert: Reason "NoProfile" detected on AP

Hi NG,

i got following WLC-440X logging message:

1 Sat Jul 3 10:35:21 2010 AP 'ACCESSP-3', MAC: 00:14:6a:XX:XX:XX 
disassociated previously due to AP Reset. Uptime: 0 days, 00 h 00 m 52 s . 
Last reset reason: controller reboot command
2 Sat Jul 3 10:35:21 2010 WIPS Alert: Reason "NoProfile" detected on AP MAC: 
00:14:6a:XX:XX:XX, AP Name: ACCESSP-3

unfortuanitely the neither output interpreter nor the error messages decoder 
on cisco.com recognize those messages...so:

i cleared the AP's config via WLC, keept the static IP info and let the AP 
reload, once booted, then reconfigured the AP within the WLC.
But everytime the AP joins the WLC after a power outage, its radio 
interfaces stay down after the join!
once joined to the WLC and after i configured the AP on the WLC to enable 
its radios everything works just fine.

Now i still got the condition that after the power failure within the 
building for example that i have to re-enable some ap's within the WLCs 
management.
any clues on the message output is welcome.




2.Cisco WLC - WPA MIC Errors.....all AP's same syptoms

We have a 4402 controller using WPA 1 TKIP & 2 AES, and we are getting
MIC Error counter measures on all AP's with clients connected.

Most clients are Intel, but I have tested with my Cisco card too, and
the same thing occurs.....you are associated with an AP, then it
forces the MIC counter measure, and forces all clients off for 60
seconds.

Is this a controller hardware issue? as its the same with a default
config

3.AP-1121G do not even try to join to WLC-1206

Hello!

I upgraded 1121 to lightweight with upgrade tool.
Now I want it to be joined to 2106.
In debug packet I see that 1121 sends discovery request (broadcast,
or, after I addedd dns record unicast) to 2106 and 2106 replies.
Then there is no join request from AP.
2106 is in master mode.
What can be wrong?

4.AP does not associate w WLC

Two AIR-AP1231G-A-K9 APs are on different ports of the same 3550
switch.  Both ports are configured the same.

One AP is running c1200-k9w8-mx.124-18a.JA1 and associates with the
4402.
The other is running (C1200-K9W7-M), Version 12.2(15)JA,  RELEASE
SOFTWARE (fc1) and doesn't.

Could the older software be the cause of this?

5.WLC 5508, ACS Express, AP 1142 and switch 3560E problem

All devices are in some VLAN 1 (temporaly). Ping works good. WLC gives 
Web auth for WLAN clients.

But Radius on ACS not authorized the users. When I put login and 
password in local user database on WLC authorization works very good.

What tests must I do.

6. Some wireless clients cannot detect my unbroadcast Aironet AP

7. Show Logg displays gmt time

8. Error messages coming from WLC



Return to cisco

 

Who is online

Users browsing this forum: No registered users and 57 guest