802.1X with Guest vlan support IOS version ???

Similar Messages

• IPad supported iOS version for development

  Hi, i have a reference iPad (1) for development, running iOS 4.2.1, now i need to upgrade to 4.3 for testing, but iTunes wants me to download the latest (5.1).
  In Organizer i can see that supported iOS versions are:
  Xcode Supported iOS Versions
  6.0 (10A403)
  5.1
  5.0
  4.3
  How can i get the 4.3 and install on my dev iPad?
  Anyone managed to do this?
  Thank you.

  Not possible.
  Older versions of iOS are not available once a new version is released.
  ***** but that's the way it is.
  About the only thing you can do is find a device that has the version of iOS you want and purchase it.

• 802.1.x guest VLAN problem

  Hi,
  I have configured Guest Vlan in switch port, when i power on PC and i didn't make login, PC after some time goes to Guest Vlan but it didn't acquire an IP address and after some time port goes to unauthorized state and then after some time goes to guest vlan.and so on
  I'm using XP sp2 with:
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EAPOL\Parameters\General\Global\Suppli
  cantModeDWORD Value = 3
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EAPOL\Parameters\General\Global\AuthMo
  deDWORD Value = 0
  Could someone give some help,please.
  Thanks
  BR

  The key here is your AuthMode setting to 0. With this setting, if a connection has already been authenticated with machine-auth, the user’s credentials will not be used for authentication. The only way I can imagine that the Guest-VLAN even comes up is of you have configured AuthMode = 0 AND then turned off machine-authentication.
  As for the Guest-VLAN getting deployed to a port, and how quickly this occurs, it's a function of the tx-period timer on the switch port. Once 3 Identity requests go unanswered, AND if you have Guest-VLAN configured, the port can then be enabled into the Guest-VLAN. DHCP cannot happen until a) 802.1x authorizes a port, or b) the Guest-VLAN is enabled (in which 802.1x authorization will time out).
  I have a general question though. What are you looking to accomplish with these specific settings? Based on your registry settings:
  *machine-auth should work if you have both 802.1x-user-auth + 802.1x-machine-auth enabled.
  *user-auth should work if you have 802.1x-user-auth enabled and 802.1x-machine-auth disabled.
  *Guest-VLAN should work if you have 802.1x disabled completely. NOTE: Guest-VLAN should not get deployed in the config, since the supplicant will send EAPOL-Starts, even though you have disabled machine-auth.
  Hope this helps.

• VWLC issue with guest vlan

  Hi Team,
  I installed Cisco vWLC for the first time. Everything works fine except my guest vlan doesnt get IP address from the designated dmz network. I was wondering if I am missing something. Currently Flexconnect it configured on the wlans with LOCAL mode. I've alredy tried to go under each AP and perform vlan mapping but ... no luck so far.
  Please get back to me if you have any ideas.
  Respectfully,
  Marty-

  Hello Marty,
  As per your query i can suggest you the following solution-
  Guest vlan doesnt get IP address from the designated dmz network.So please apply the appropriate native vlan to the Flexconnect configured in the local mode.Also make sure to do vlan mapping in order to match Physial switch Vlan matching. Finally configure trunk on the Access-Point port with the corresponding native Vlan.
  For more information please refer to the link-
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008070ba8f.shtml
  Hope this will help

• Does model WS-X2914-XL-V support IOS version c2900XL-c3h2s-mz-120.5-XU.bin?

  Hi,
  really appreciate if anyone could advise on the following.
  Purpose: to implement bpdu guard on switch model WS-X2914-XL-V. current IOS version c2900XL-c3h2s-mz-120.5-XU.bin does not support bpdu guard feature.
  Action: Download from cisco website c2900xl-c3h2s-mz.120-5.WC14.bin but installation failed. (details in attached file, show version)
  Question:
  1) wonder if my switch can be upgraded to IOS c2900xl-c3h2s-mz.120-5.WC14?
  2) If yes, what causes the error in IOS upgrade?
  Thanks!!!
  Christina

  Hi Christina,
  Yes your switch definetely supports this image and your switch model number is WS-C2924M-XL-A as I can see from the attachment but in your notes you have updated WS-X2914-XL-V which I think is wrong.
  As per the attachment which you have send your switch is WS-C2924M-XL-A and it supports 12.0(5)WC14 but the problem is your switch does not have enough space available in your flash to load the new IOS.
  If you check the output of "sh flash" you will see 3612672 bytes total (840192 bytes free) which means not even 1 MB space is free and you new file will definetely be more than 1 MB so delete the old file first and then try installing the new one.
  Your switch for sure supports this new file, to confirm my statement please check this link
  http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/2935wc14/ol256210.htm#wp84866
  HTH, if yes please rate the post.
  Ankur

• Does DPM 2012 R2 with rollup 2 support any version of Windows Server 2003/2008 on Hyper-V?

  We have Hyper-V Hosts with VMs which include Windows 2003/2003R2/2008/2008R2.
  If I we upgrade to DPM 2012 R2 Update Rollup 2, will we be able to backup all those VMs now?   The support matrix (http://technet.microsoft.com/en-us/library/jj860400.aspx)
  still seems to show what is supported by the initial release of DPM 2012 R2, not an updated version for the rollup.
  We currently use DPM 2012 SP1 and Hyper-V hosts using Server 2012.

  Hi,
  This is kind of a loaded question because DPM 2012 R2 never dropped support for protecting Windows 2003/2008 using host level backup.
  However, the support matrix will be updated shortly to include the added support for protecting workloads on Windows 2003 / 2008 using DPM 2012 R2 UR2.
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT]
  This posting is provided "AS IS" with no warranties, and confers no rights.

• ASA 5525X with 9.1(2) IOS version Memory grow issue

  Hi,
  So, finnaly i have installed two 5525X firewals in A/S failover.
  working fine, CPU is ok.
  memory behave very strange. it is growing day by day. i have a week already firewalls installed and the memory grew from 20 % to 51 %
  CPU is arrounf 20- 30 % durring the day, and 3 % during the night. RAM is just kiling me. if it grows so, i will need to reload it after a week.
  here is the output from the stanby firewall:
  fw01# failover exec mate sh memory
  Free memory:        3275200112 bytes (76%)
  Used memory:        1019767184 bytes (24%)
  Total memory:       4294967296 bytes (100%)
  I have also attached log from show memory details

  Hi,
  It might be something related to SSH.
  Since couple of hours i am not able to log via ssh to the router. lucky i have console to it.
  I can ssh to stanby asa, strage but i was disconnected twice already from stanby.
  I will disable ssh version 2.
  The point is that i cannot log also via telnet and asdm (enabled them thinking it might give me possibility to log to firewall).
  Related to TAC, unfortunately, my company does not have support for this firewalls. when i try to log a case to TAC, i need to secify the serial number, and cisco tells that the serial number i provide is not under support (or something like this).
  I was thinking to downgrade it to 9.1.1 or to 9.0.2, but if it might not help.
  There are two processes that consume memory (more allocated)
  IP Background
  CP Processing
  I have read somewhere that CP processing includes Thread Detection and packet inspection ..... i do not have thread detection configured. i will try to remove as much inspection as i have.related to ip background, i do not knwo. last week I found a VM generated a lot of Multicast (50 Mbps) and as was droping it. after stopign the Multicast, CPU decreased, but not RAM. so, no ideas. also, i have port channel configured (g0/0 and g0/1)
  I plan to restart the firewall on saturday. probably downgrade it or move it on standby. The stabdby firewall has the memory working fine.

• 802.1x Guest Vlan and Routed access layer design

  Hi!
  For many reasons, I have to re-design my campus network in a more ISP like way. The plan is to move to a routed access layer in the next two years. I have 802.1x with guest vlan on my access ports(3750). I was reading on the subject and I found that the guest vlan feature was not availeble with internal vlan(routed port).
  Is this limitation realy there, is there a way I can get around it without complicating my design even more. Do cisco have plan to lift this???

  You cannot use/configure 802.1X on a routed port today. Typically, 802.1X is to be used for LAN edge ports.
  The Guest-VLAN should work with a routed access design though. If your Guest-VLAN is chosen to be separate from say otherwise statically configured access VLANs, you would need to configure it via separate SVI with corresponding IP info (in a routed access model).
  Hope this helps,

• CS5.5 Air for iOs - Which iOs versions are supported?

  Hi everyone,
  I wanted to test the functionalities of the Cs5.5 exporter for iOS, by exporting a previous Flash game i made on my 2G iPod, with 4.2.1 iOs version installed.
  Since i wouldn't want to pay for the iOS developer certificate just for trying, can anyone point out a solution for this?
  Moreover, is anyone sure it's gonna work? I wouldn't wanna spend good money just for seeing the Flash exporter is no good for my device.
  Suggestions?
  Anyone tried on similar OS?
  Thanks a lot
  Iacopo

  Ok, i managed to use a fake certificate (i know i shouldn't say that) just to check the feasability of a game on iOS and.... I found out that the exporter doesn't work on my iPod Touch 2G (iOs 4.2.1)!! It says the iPod is not supported!!
  Any news on this?
  Do i need to buy an iPhone 5 to test flash games? It sounds a little extreme....

• 802.1x with Vlan assignment and IP phone and PC

  I have a Catalyst 4510R and I want to im plement 802.1x with dynamic VLAN assignment via Radius server. I am going to plug to switch ports Cisco IP phones and PCs (PCs are plugged in the IP phone).
  For this implementation I need to configure the switch port in mode trunk because I have voice vlan corresponding IP phone and data vlan corresponding to PC.
  However I have read that I can not enable 802.1x on a trunk port.
  How could I configure this?
  I need that when the PC is authenticated correctly is assigned to his cooresponding data vlan and the IP phone is in the voice vlan.
  Thanks

  You should configure the port as an access port with an aux-vlan. Here's an example:
  interface GigabitEthernet2/2
  switchport access vlan 701
  switchport mode access
  switchport voice vlan 702
  load-interval 30
  qos trust device cisco-phone
  qos trust cos
  auto qos voip cisco-phone
  dot1x pae authenticator
  dot1x port-control auto
  tx-queue 3
  bandwidth percent 33
  priority high
  shape percent 33
  spanning-tree portfast
  spanning-tree bpduguard enable
  service-policy output autoqos-voip-policy
  Hope this helps,

• My iPhone 4 does NOT supported iOS 7...

  My iPhone 4 (16 GB - White) does NOT supported iOS 7.., and because my iPhone device has been Discountinued already since October 4, 2011..
  Some other iPhone 4 supported iOS 7 (only 8 GB capacity storage) below on Wikipedia, NOT mine as 16 GB...
  http://en.wikipedia.org/wiki/IPhone_4
  Now my iPhone 4 (works with T-Mobile) supported iOS 4.2.1, right now... NOT supported iOS 7, because it's passed out of date is Discontinued since October 4, 2011..

  DamienLu12 wrote:
  Humm... The compatible are difference on iOS versions with each Apple iPhone (capacity storage) below:
  1. Version iOS 4.2.1 is now compatible with iPhone 4 (16 & 32 GB)
  2. Version iOS 5.0.1 is now compatible with iPhone 4S (32 & 64 GB)
  3. Version iOS 6.1.3 is now compatible with iPhone 4 (8 GB) and iPhone 4S (16 GB)
  4. Version iOS 7.1.1 is now compatible with iPhone 4 (8 GB) and iPhone 4S (8 GB)
  5. New Version iOS 8 (Coming This Fall) will compatible with iPhone 4S (8 GB) during this Fall 2014...
  My iPhone 4S (64 GB) does not compatible with iOS 7 or 8... Just kept using iOS 6.1.3 or older version as iOS 5.0.1...
  That information is not correct

• I am using Iphone 3G and running with ios version 4.2.1 .I am looking for to run whatsup apps.Can you guide me which IOS version should i download wherein,it will support whatsup apps

  I am using Iphone 3G and running with ios version 4.2.1 .I am looking for to run whatsup apps.Can you guide me which IOS version should i download wherein,it will support whatsup apps

  with an iphone 3G the most up to date ios is 4.2.1 so you have a problem because whatsapp requires a higher version.  If you saved an earlier version of whatsapp you could install that otherwise you cannot use the app.  You will need to get a more up to date phone

• 802.1x Auth-Fail VLAN and Guest-VLan not available

  Hi Pros,
  Having an issue with an 881 I have recently acquired. I'm wanting to setup a Virtual Office scenario. Everything is working fine except for 802.1x...
  I can get the 881 to authenticate things connected to it, but I don't have the options of guest-vlan or auth-fail vlan.
  Idea is if the users takes the router home and someone, either accidentally or on pupose, connects an unauthorized Laptop, they stay off the Corp network but can get to the internet still.
  I found this link on Cisco's site:
  http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6660/ps6808/deployment_guide_c07_458259_ns855_Networking_Solutions_White_Paper.html
  That link shows them configuring a guest vlan right on the fa0-3 ports of an 881W. I dont have that option on mine. I can only configure 802.1x on the vlan interface. I have 802.1x working, for things that connect to vlan1, but I would like to have a "fallback" setup.
  EZVPN_Remote(config-if)#int fa1
  EZVPN_Remote(config-if)#dot
  EZVPN_Remote(config-if)#dot1?
  dot1q
  EZVPN_Remote(config-if)#dot1
  EZVPN_Remote(config-if)#int vlan1
  EZVPN_Remote(config-if)#dot1x ?
    default           Configure Dot1x with default values for this port
    host-mode         Set the Host mode for 802.1x on this interface
    max-reauth-req    Max No.of Reauthentication Attempts
    max-req           Max No.of Retries
    pae               Set 802.1x interface pae type
    port-control      set the port-control value
    reauthentication  Enable or Disable Reauthentication for this port
    timeout           Various Timeouts
  Any thoughts why I'm seeing this behavior? Feature-set? IOS Version?
  EZVPN_Remote#sh ver
  Cisco IOS Software, C880 Software (C880DATA-UNIVERSALK9-M), Version 15.1(2)T4, )
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2011 by Cisco Systems, Inc.
  Compiled Tue 12-Jul-11 21:02 by prod_rel_team
  ROM: System Bootstrap, Version 12.4(22r)YB5, RELEASE SOFTWARE (fc1)
  EZVPN_Remote uptime is 6 hours, 1 minute
  System returned to ROM by reload at 14:53:21 UTC Thu Oct 13 2011
  System restarted at 14:52:47 UTC Thu Oct 13 2011
  System image file is "flash:c880data-universalk9-mz.151-2.T4.bin"
  Last reload type: Normal Reload
  Last reload reason: Reload Command
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  Cisco 881 (MPC8300) processor (revision 1.0) with 236544K/25600K bytes of memor.
  Processor board ID FTX153482GK
  5 FastEthernet interfaces
  1 Virtual Private Network (VPN) Module
  256K bytes of non-volatile configuration memory.
  126000K bytes of ATA CompactFlash (Read/Write)
  License Info:
  License UDI:
  Device#   PID                   SN
  *0        CISCO881-SEC-K9       xxxxxxxx
  License Information for 'c880-data'
      License Level: advipservices   Type: Permanent
      Next reboot license Level: advipservices
  Thanks in advance!

  Shamless bump...

• 802.1X Switch IOS version

                     Hi,
  I' have realy big layer two access network made of etherogenius Cisco switch with different IOS version and train.
  My customer bought ISE (ADVANCED AND BASE LICENSE).
  As far I read on DS it is seem that if you have Minimum IOS release 12.2(52) SE you are able to perform COA, reading  DS with more attention I notice that cisco raccomend IOS versione 12.2(55)SE3 why ? does it means COA does not work with 12.2(52)SE ?
  But more important :
  I need a minimum IOS release to perform 802.1x on my  wired network ?

  Carlo,
  Here is the guide that states 12.2(52)SE but the foot note states that for 802.1x authentication you need 12.2(55)SE.
  http://www.cisco.com/en/US/docs/security/ise/1.1/compatibility/ise_sdt.html#wp55038
  After checking the release notes this solution falls under the Cisco Trustsec which is supported on 12.2(55)SE, there are several features released in 12.2(55)SE such has vlan assignment in multi-auth mode that makes it much easier for Cisco help generate initial configs for their customers.
  Here are the release notes:
  http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_55_se/release/notes/OL23054.html#wp1047679
  Thanks,
  Tarik admani

• 802.1x with VLAN assignment on Catalyst 2950T-48-SI

  I will really appreciate if you can confirm me if the C2950T-48-SI will support the following features.
  - IEEE 802.1x with VLAN assignment
  - SSHv2
  - SNMPv3
  The data sheet for the Cisco Catalyst 2950 Series Switches with Standard Image mentions all the above and more features for the 2950T-48-SI, but at the same time the power point presentation, (Cisco Catalyst 2950 Series Switches, and the tool Sofware advisor say that those features are only supported with the Enhanced Image.
  If your those feature are supported by the Standard Image, would you please also inform the last IOS version supported.
  Thanks a lot.

  SSH isn't available on the SI version of the 2950 as you require the Crypto features and these are not available for the SI (the documentation is a little vague here but trust me I have upgraded one and it doesn't like it...). The documentation says 'Switches that support only the SI cannot run the cryptographic image.'
  802.1x with VLAN assignment is available only in the latest IOS - or at least since 12.1(22).
  SNMPv3 is supported.
  HTH
  Andy