Alarm Threshold
Hi.
Does anyone know if it is possible to alter the threshold in the Alarm Set in Cisco Prime Collab? I added one of our MCUs to CPM and set up an Alarm set below.
I then dialled many endpoints into the MCU to see if I would get an alarm from CPM telling me that the port utilisation were high but I got nothing... I am getting emails telling me a Zone is down on one of our VCS's & emails to tell me an endpoint has de-registered so I know the emails are set up correctly.
So my questions are;
Can I alter the High Utilisation setting to trigger an alarm at say 50% then again at 75%?
Has anyone successfully managed to get CPM to send any alarms in regards to the MCU?
The version of CPM I am using is: Cisco Prime Collaboration Version: 9.5
The MCU I am testing is a Codian MCU 4505
You can change the thresholds by editing the /etc/opt/SUNWsrsvp/alarm_rules file.
Similar Messages
-
SUNMC ALARMS THRESHOLDS MEANING
Hi friend,
I am able to see thresholds like below..
Will any one kindly explain this ?
What does they mean actually ?
Unknown, Lost commands and No contact status values ---- Critical Threshold for FANSTATUS
Regards
Srinivas MasettyDoes anyone have a list of SunMCs default thresholds,
or know how I can find them without drilling down
into each module?If you don't mind looking at some strangely formatted text files, the standard thresholds can be found in /opt/SUNWsymon/modules/cfg/*-d.def files.
In the Console, if a module is loaded, you don't have to open an Attribute Editor for every value... instead you can go to the "Module Manager" tab, click the module, then the "Rules" button, and see all thresholds set (including any you set yourself).
That will show most of the defaults. But for some alarms (especially hardware alarms) their thresholds are more complex (and/or hidden) in "rules". I can't get to docs.sun.com right now to give you a link, but a search of the SunMC docs will list the names of the rules and what they do. The Health Monitor module uses many rules and is a good place to start your search.
Is there a single doc listing all attribues and thresholds? Not that I've ever seen. But someone may prove me wrong! :)
Regards,
[email protected]
http://www.HalcyonInc.com -
I have a shared variable with a lower and upper alarm level.
I am generating a user event when the alarm threshold is exceeded (see attached jpg). However, when returning back into the 'valid' region two events are generated. What could be the source of those two events and how can I avoid this behavior (I need only one event when passing the threshold again).
VPS
Attachments:
alarm_events.jpg 67 KBHi VPS,
The events triggering twice could possibily due to a redundant notification, on which you should do nothing in your code.
If you notice, the events are triggered twice when only shared variable is changed its state to the alarm state, but it would trigger only once when it changes to the normal state.
Check for the time stamp to make a comparison. When the alarm is triggered, the two events would have different timestamps,
Timestamp on 1st event trigger -00:00:00 MM/DD/YYYY - is a redundant notification just ignore it.
Timestamp on second event trigger - Current time and date - is your Alarm do your action here.
It also makes no sense for the time stamp being 0 for a new alarm triggered.
You can have a look at the example vi DSC Alarm Demo.lvproj, DSC Alarm Event structure supprt.vi shipped with DSC module for a better understanding.
Hope this helps.
Message Edited by Vsh on 09-15-2009 04:08 AM -
"alarm and event display" crashes my application
Dear All,
I use the "alarm and event disply.vi" in my DSC application. It works fine: I can acknowledge alarms, events etc. BUT...
When I double click the alarm item (or press Alt-Enter) and watch the alarm properties in the Alarm Properties dialog, I can usually watch the properties for some time, selecting the next or previous alarm item, but most often than not, my application just crashes. I don't get any LabVIEW error dialogs. Only Windows is telling me that the application stopped working and it just closes giving me no explanation. Sometimes I don't even see the Windows message.
I've tried this on two different computers... same boat!
I'm using:
- LV2011
- Windows 7
In my application I create the shared variables programmatically, set alarm thresholds programmatically etc.
Anybody had the same problem?
regards
Witold NoconWell…I think I have isolated the problem, and I have recreated it in the Boiler example. Here’s what’s happening:
If you watch the properties of the alarm in the Alarm and Event Display, and if this alarm “disappears” at this time, the application will crash. This will happen for example when this variable is set to AUTO ACK.
You can try setting the R02 pump to zero. This will cause the L01 level to increase reporting an alarm. Now if you set the flows so that the level start decreasing (I set the outflow to max, and the inflow tozero), and immediately click the HI HI alarm and watch it’s properties, the application will crash at the time when this alarm is cleared due to the decreasing level (AUTO ACK).
It also seems a “little non-deterministic” but this may be my own impression.
Anybody had a similar problem or is able to recreate it? -
Cannot open ACS 5.4 alarm notifcations via URL
Hi,
We have configured the ACS 5.4 to send us alarms on Failed authentication on any device.
When we get the alert the report URL inside the notification does not open via browser.
Is there anyway that we can configure the ACS 5.4 to open the report URL via an IP address and through FQDN.
I tried changing the hostname to FQDN, but it does not accept special characters.Hi
FYI, there are two types of alarms in ACS:
Threshold Alarms
Threshold alarms are defined on log data collected from ACS servers that notify you of certain events. For example, you can configure threshold alarms to notify you of ACS system health, ACS process status, authentication activity or inactivity, and so on.
You define threshold conditions on these data sets. When a threshold condition is met, an alarm is triggered. While defining the threshold, you also define when the threshold should be applied (the time period), the severity of the alarm, and how the notifications should be sent.
System Alarms
System alarms notify you of critical conditions encountered during the execution of the ACS Monitoring and Reporting viewer. System alarms also provide informational status of system activities, such as data purge events or failure of the log collector to populate the View database.
You cannot configure system alarms, which are predefined. However, you do have the option to disable system alarms or decide how you want to be notified if you have enabled them.
For more information regarding configuration, please go through this link:
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/common_scenarios.html -
Why wont my DMVPN get phased 1 isakmp?
I’m trying to setup a DMVPN solution with the hub behind a firewall using a static 1 to 1 NAT.
I can get the DMVPN to work fine, but once I add the ipsec policy it doesn’t go passed ISAKMP phase 1.
I have put rules in the firewall to allow NAT-T, GRE tunnels, ESP and AH, I have also put in a allow any any rule just in case I missed something! I was getting a NAT-T issue but then put in the command line no crypto ipsec nat-transparency udp-encapsulation and this solved the issue and ISAKMP phase 1 completed. I have also tried changing the mode from tunnel to transport and back again.
I have tried crypto maps as I wasn’t sure if it was a UDP header issue due to the NAT’ing
My setup is as follows:
Cisco 1941--------JUNIPER SXR-------CLOUD--------Cisco 382
(HUB) (FIREWALL) (SW 3750) (SPOKE)
(STATIC 1 2 1 NAT)
--------------HUB--------------------------
Cisco 1941 - HUB
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.2(4)M2, RELEASE SOFTWARE (fc2)
version 15.2
crypto isakmp policy 1
authentication pre-share
crypto isakmp key TTCP_KEY address 0.0.0.0
crypto isakmp keepalive 10 3
crypto isakmp nat keepalive 200
crypto ipsec transform-set TTCP_SET esp-aes esp-sha-hmac
mode transport
no crypto ipsec nat-transparency udp-encapsulation
crypto ipsec profile TTCP_PRO
set transform-set TTCP_SET
interface Tunnel12345
description DMVPN TUNNEL
ip address 10.10.10.1 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 12345
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel protection ipsec profile TTCP_PRO
interface GigabitEthernet0/0
description LINK TO FW ON VLAN 1960
ip address 192.168.10.1 255.255.255.0
duplex auto
speed auto
interface GigabitEthernet0/1
ip address 192.168.20.254 255.255.255.0
duplex auto
speed auto
router ospf 1
network 10.10.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 192.168.10.254
----------------------Spoke--------------------------
cisco 3825 - Spoke
Cisco IOS Software, 3800 Software (C3825-ADVENTERPRISEK9-M), Version 15.1(4)M5, RELEASE SOFTWARE (fc1)
version 15.1
crypto isakmp policy 1
authentication pre-share
crypto isakmp key TTCP_KEY address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 10 3
crypto isakmp nat keepalive 200
crypto ipsec transform-set TTCP_SET esp-aes esp-sha-hmac
mode transport
no crypto ipsec nat-transparency udp-encapsulation
crypto ipsec profile TTCP_PRO
set transform-set TTCP_SET
interface Tunnel12345
description DMVPN TUNNEL
ip address 10.10.10.2 255.255.255.0
no ip redirects
ip nhrp map 10.10.10.1 1.1.1.1
ip nhrp map multicast 1.1.1.1
ip nhrp network-id 12345
ip nhrp nhs 10.10.10.1
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel protection ipsec profile TTCP_PRO
interface GigabitEthernet0/0
description LINK TO INTERNET
ip address 2.2.2.2 255.255.255.0
duplex auto
speed auto
media-type rj45
interface GigabitEthernet0/1
ip address 192.168.30.1 255.255.255.0
duplex auto
speed auto
media-type rj45
router ospf 1
network 10.10.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 2.2.2.3
------------------------FIREWALL---------------------------
[edit]
Admin@UK_FIREWALL# show
## Last changed: 2014-07-23 19:54:53 UTC
version 10.4R6.5;
system {
host-name FIREWALL;
services {
ssh;
telnet;
xnm-clear-text;
web-management {
http {
interface vlan.0;
https {
system-generated-certificate;
interface vlan.0;
dhcp {
router {
192.168.20.254;
pool 192.168.20.0/24 {
address-range low 192.168.20.20 high 192.168.20.250;
default-lease-time 3600;
propagate-settings vlan.1960;
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 1.1.1.1/24;
ge-0/0/7 {
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members vlan1960;
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
unit 1960 {
family inet {
address 192.168.10.254/24;
routing-options {
static {
route 0.0.0.0/0 next-hop 1.1.1.2;
protocols {
stp;
security {
nat {
static {
rule-set STATIC_NAT_RS1 {
from zone untrust;
rule NAT_RULE {
match {
destination-address 1.1.1.1/32;
then {
static-nat prefix 192.168.10.10/32;
screen {
ids-option untrust-screen {
icmp {
ping-death;
ip {
source-route-option;
tear-drop;
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
land;
zones {
security-zone trust {
address-book {
address SERVER-1 192.168.10.10/32;
host-inbound-traffic {
system-services {
all;
protocols {
all;
interfaces {
vlan.1960 {
host-inbound-traffic {
system-services {
dhcp;
all;
ike;
protocols {
all;
ge-0/0/7.0 {
host-inbound-traffic {
system-services {
all;
ike;
protocols {
all;
security-zone untrust {
screen untrust-screen;
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
tftp;
all;
ike;
protocols {
all;
policies {
from-zone trust to-zone untrust {
policy PERMIT_ALL {
match {
source-address SERVER-1;
destination-address any;
application any;
then {
permit;
policy ALLOW_ESP {
match {
source-address any;
destination-address any;
application ESP;
then {
permit;
policy ALLOW_IKE_500 {
match {
source-address any;
destination-address any;
application junos-ike;
then {
permit;
policy ALLOW_PING {
match {
source-address any;
destination-address any;
application junos-icmp-ping;
then {
permit;
policy ALLOW_NAT-T {
match {
source-address any;
destination-address any;
application junos-ike-nat;
then {
permit;
policy ALLOW_GRE {
match {
source-address any;
destination-address any;
application junos-gre;
then {
permit;
policy AH_51 {
match {
source-address any;
destination-address any;
application AH_PO_51;
then {
permit;
policy ANY_ANY {
match {
source-address any;
destination-address any;
application any;
then {
permit;
from-zone untrust to-zone trust {
policy ACCESS {
match {
source-address any;
destination-address SERVER-1;
application any;
then {
permit;
policy ALLOW_ESP {
match {
source-address any;
destination-address any;
application any;
then {
permit;
policy ALLOW_IKE_500 {
match {
source-address any;
destination-address any;
application junos-ike;
then {
permit;
policy ALLOW_PING {
match {
source-address any;
destination-address any;
application any;
then {
permit;
policy ALLOW_GRE {
match {
source-address any;
destination-address any;
application junos-gre;
then {
permit;
policy ALLOW_NAT-T {
match {
source-address any;
destination-address any;
application junos-ike-nat;
then {
permit;
policy AH_51 {
match {
source-address any;
destination-address any;
application AH_PO_51;
then {
permit;
policy ANY_ANY {
match {
source-address any;
destination-address any;
application any;
then {
permit;
applications {
application ESP protocol esp;
application AH_PO_51 protocol ah;
vlans {
vlan-trust {
vlan-id 3;
vlan1960 {
vlan-id 1960;
interface {
ge-0/0/7.0;
l3-interface vlan.1960;
------------------------------DEBUG------------------------------
-----------Cisco 1941-----------------
HUB#sh cry is sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
192.168.10.1 2.2.2.2 QM_IDLE 1006 ACTIVE
IPv6 Crypto ISAKMP SA
UK_HUB#sh dm
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
UK_HUB# debug dm al al
*Jul 25 12:22:39.036: NHRP RIB_RWATCH: Debugging is OFF
*Jul 25 12:22:39.036: NHRP RIB_RWATCH: Debugging is ON
*Jul 25 12:22:58.976: ISAKMP:(1006):purging node 1130853900
*Jul 25 12:23:14.704: ISAKMP (1006): received packet from 2.2.2.2 dport 500 sport 500 Global (R) QM_IDLE
*Jul 25 12:23:14.708: ISAKMP: set new node 670880728 to QM_IDLE
*Jul 25 12:23:14.708: ISAKMP:(1006): processing HASH payload. message ID = 670880728
*Jul 25 12:23:14.708: ISAKMP:(1006): processing SA payload. message ID = 670880728
*Jul 25 12:23:14.708: ISAKMP:(1006):Checking IPSec proposal 1
*Jul 25 12:23:14.708: ISAKMP: transform 1, ESP_AES
*Jul 25 12:23:14.708: ISAKMP: attributes in transform:
*Jul 25 12:23:14.708: ISAKMP: encaps is 2 (Transport)
*Jul 25 12:23:14.708: ISAKMP: SA life type in seconds
*Jul 25 12:23:14.708: ISAKMP: SA life duration (basic) of 3600
*Jul 25 12:23:14.708: ISAKMP: SA life type in kilobytes
*Jul 25 12:23:14.708: ISAKMP: SA life duration (VPI) of 0x0 0x46 0x50 0x0
*Jul 25 12:23:14.708: ISAKMP: authenticator is HMAC-SHA
*Jul 25 12:23:14.708: ISAKMP: key length is 128
*Jul 25 12:23:14.708: ISAKMP:(1006):atts are acceptable.
*Jul 25 12:23:14.708: IPSEC(validate_proposal_request): proposal part #1
*Jul 25 12:23:14.708: IPSEC(validate_proposal_request): proposal part #1,
(key eng. msg.) INBOUND local= 192.168.10.1:0, remote= 2.2.2.2:0,
local_proxy= 1.1.1.1/255.255.255.255/47/0,
remote_proxy= 2.2.2.2/255.255.255.255/47/0,
protocol= ESP, transform= NONE (Transport),
lifedur= 0s and 0kb,
spi= 0x0(0), conn_id= 0, keysize= 128, flags= 0x0
*Jul 25 12:23:14.708: map_db_find_best did not find matching map
*Jul 25 12:23:14.708: IPSEC(ipsec_process_proposal): proxy identities not supported
*Jul 25 12:23:14.708: ISAKMP:(1006): IPSec policy invalidated proposal with error 32
*Jul 25 12:23:14.708: ISAKMP:(1006): phase 2 SA policy not acceptable! (local 192.168.10.1 remote 2.2.2.2)
*Jul 25 12:23:14.708: ISAKMP: set new node 2125889339 to QM_IDLE
*Jul 25 12:23:14.708: ISAKMP:(1006):Sending NOTIFY PROPOSAL_NOT_CHOSEN protocol 3
spi 838208952, message ID = 2125889339
*Jul 25 12:23:14.708: ISAKMP:(1006): sending packet to 2.2.2.2 my_port 500 peer_port 500 (R) QM_IDLE
*Jul 25 12:23:14.708: ISAKMP:(1006):Sending an IKE IPv4 Packet.
*Jul 25 12:23:14.708: ISAKMP:(1006):purging node 2125889339
*Jul 25 12:23:14.708: ISAKMP:(1006):deleting node 670880728 error TRUE reason "QM rejected"
*Jul 25 12:23:14.708: ISAKMP:(1006):Node 670880728, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
*Jul 25 12:23:14.708: ISAKMP:(1006):Old State = IKE_QM_READY New State = IKE_QM_READY
*Jul 25 12:23:28.976: ISAKMP:(1006):purging node 720369228
*Jul 25 12:23:44.704: ISAKMP (1006): received packet from 2.2.2.2 dport 500 sport 500 Global (R) QM_IDLE
*Jul 25 12:23:44.704: ISAKMP: set new node -1528560613 to QM_IDLE
*Jul 25 12:23:44.704: ISAKMP:(1006): processing HASH payload. message ID = 2766406683
*Jul 25 12:23:44.704: ISAKMP:(1006): processing SA payload. message ID = 2766406683
*Jul 25 12:23:44.704: ISAKMP:(1006):Checking IPSec proposal 1
*Jul 25 12:23:44.704: ISAKMP: transform 1, ESP_AES
*Jul 25 12:23:44.704: ISAKMP: attributes in transform:
*Jul 25 12:23:44.704: ISAKMP: encaps is 2 (Transport)
*Jul 25 12:23:44.704: ISAKMP: SA life type in seconds
*Jul 25 12:23:44.704: ISAKMP: SA life duration (basic) of 3600
*Jul 25 12:23:44.704: ISAKMP: SA life type in kilobytes
*Jul 25 12:23:44.704: ISAKMP: SA life duration (VPI) of 0x0 0x46 0x50 0x0
*Jul 25 12:23:44.708: ISAKMP: authenticator is HMAC-SHA
*Jul 25 12:23:44.708: ISAKMP: key length is 128
*Jul 25 12:23:44.708: ISAKMP:(1006):atts are acceptable.
*Jul 25 12:23:44.708: IPSEC(validate_proposal_request): proposal part #1
*Jul 25 12:23:44.708: IPSEC(validate_proposal_request): proposal part #1,
(key eng. msg.) INBOUND local= 192.168.10.1:0, remote= 2.2.2.2:0,
local_proxy= 1.1.1.1/255.255.255.255/47/0,
remote_proxy= 2.2.2.2/255.255.255.255/47/0,
protocol= ESP, transform= NONE (Transport),
lifedur= 0s and 0kb,
spi= 0x0(0), conn_id= 0, keysize= 128, flags= 0x0
*Jul 25 12:23:44.708: map_db_find_best did not find matching map
*Jul 25 12:23:44.708: IPSEC(ipsec_process_proposal): proxy identities not supported
*Jul 25 12:23:44.708: ISAKMP:(1006): IPSec policy invalidated proposal with error 32
*Jul 25 12:23:44.708: ISAKMP:(1006): phase 2 SA policy not acceptable! (local 192.168.10.1 remote 2.2.2.2)
*Jul 25 12:23:44.708: ISAKMP: set new node 1569673109 to QM_IDLE
*Jul 25 12:23:44.708: ISAKMP:(1006):Sending NOTIFY PROPOSAL_NOT_CHOSEN protocol 3
spi 838208952, message ID = 1569673109
*Jul 25 12:23:44.708: ISAKMP:(1006): sending packet to 2.2.2.2 my_port 500 peer_port 500 (R) QM_IDLE
*Jul 25 12:23:44.708: ISAKMP:(1006):Sending an IKE IPv4 Packet.
*Jul 25 12:23:44.708: ISAKMP:(1006):purging node 1569673109
*Jul 25 12:23:44.708: ISAKMP:(1006):deleting node -1528560613 error TRUE reason "QM rejected"
*Jul 25 12:23:44.708: ISAKMP:(1006):Node 2766406683, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
*Jul 25 12:23:44.708: ISAKMP:(1006):Old State = IKE_QM_READY New State = IKE_QM_READY
---------Cisco 3825------------------
SPOKE_1#sh dm
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface: Tunnel12345, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
1 1.1.1.1 10.10.10.1 IPSEC 1d22h S
SPOKE_1#sh cry is sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
1.1.1.1 2.2.2.2 QM_IDLE 1006 ACTIVE
IPv6 Crypto ISAKMP SA
SPOKE_1#debug dm all all
*Jul 25 12:50:23.520: IPSEC(sa_request): ,
(key eng. msg.) OUTBOUND local= 2.2.2.2:500, remote= 1.1.1.1:500,
local_proxy= 2.2.2.2/255.255.255.255/47/0 (type=1),
remote_proxy= 1.1.1.1/255.255.255.255/47/0 (type=1),
protocol= ESP, transform= esp-aes esp-sha-hmac (Transport),
lifedur= 3600s and 4608000kb,
spi= 0x0(0), conn_id= 0, keysize= 128, flags= 0x0
*Jul 25 12:50:23.520: ISAKMP: set new node 0 to QM_IDLE
*Jul 25 12:50:23.520: SA has outstanding requests (local 112.176.96.152 port 500, remote 112.176.96.124 port 500)
*Jul 25 12:50:23.520: ISAKMP:(1006): sitting IDLE. Starting QM immediately (QM_IDLE )
*Jul 25 12:50:23.520: ISAKMP:(1006):beginning Quick Mode exchange, M-ID of 1627587566
*Jul 25 12:50:23.520: ISAKMP:(1006):QM Initiator gets spi
*Jul 25 12:50:23.520: ISAKMP:(1006): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) QM_IDLE
*Jul 25 12:50:23.520: ISAKMP:(1006):Sending an IKE IPv4 Packet.
*Jul 25 12:50:23.520: ISAKMP:(1006):Node 1627587566, Input = IKE_MESG_INTERNAL, IKE_INIT_QM
*Jul 25 12:50:23.520: ISAKMP:(1006):Old State = IKE_QM_READY New State = IKE_QM_I_QM1
*Jul 25 12:50:23.524: ISAKMP (1006): received packet from 1.1.1.1 dport 500 sport 500 Global (I) QM_IDLE
*Jul 25 12:50:23.524: ISAKMP: set new node -1682318828 to QM_IDLE
*Jul 25 12:50:23.524: ISAKMP:(1006): processing HASH payload. message ID = 2612648468
*Jul 25 12:50:23.524: ISAKMP:(1006): processing NOTIFY PROPOSAL_NOT_CHOSEN protocol 3
spi 484617190, message ID = 2612648468, sa = 0x70B05F14
*Jul 25 12:50:23.524: ISAKMP:(1006): deleting spi 484617190 message ID = 1627587566
*Jul 25 12:50:23.524: ISAKMP:(1006):deleting node 1627587566 error TRUE reason "Delete Larval"
*Jul 25 12:50:23.524: ISAKMP:(1006):deleting node -1682318828 error FALSE reason "Informational (in) state 1"
*Jul 25 12:50:23.524: ISAKMP:(1006):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Jul 25 12:50:23.524: ISAKMP:(1006):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE
*Jul 25 12:50:34.972: NHRP: Setting retrans delay to 64 for nhs dst 10.10.10.1
*Jul 25 12:50:34.972: IPSEC-IFC MGRE/Tu12345(2.2.2.2/1.1.1.1): connection lookup returned 691EDEF4
*Jul 25 12:50:34.972: NHRP: Attempting to send packet via DEST 10.10.10.1
*Jul 25 12:50:34.972: NHRP: NHRP successfully resolved 10.10.10.1 to NBMA 1.1.1.1
*Jul 25 12:50:34.972: NHRP: Encapsulation succeeded. Tunnel IP addr 1.1.1.1
*Jul 25 12:50:34.972: NHRP: Send Registration Request via Tunnel12345 vrf 0, packet size: 92
*Jul 25 12:50:34.972: src: 10.12.34.1, dst: 10.10.10.1
*Jul 25 12:50:34.972: (F) afn: IPv4(1), type: IP(800), hop: 255, ver: 1
*Jul 25 12:50:34.972: shtl: 4(NSAP), sstl: 0(NSAP)
*Jul 25 12:50:34.972: pktsz: 92 extoff: 52
*Jul 25 12:50:34.972: (M) flags: "unique nat ", reqid: 65537
*Jul 25 12:50:34.972: src NBMA: 2.2.2.2
*Jul 25 12:50:34.972: src protocol: 10.12.34.1, dst protocol: 10.10.10.1
*Jul 25 12:50:34.972: (C-1) code: no error(0)
*Jul 25 12:50:34.972: prefix: 32, mtu: 17916, hd_time: 7200
*Jul 25 12:50:34.972: addr_len: 0(NSAP), subaddr_len: 0(NSAP), proto_len: 0, pref: 0
*Jul 25 12:50:34.972: Responder Address Extension(3):
*Jul 25 12:50:34.972: Forward Transit NHS Record Extension(4):
*Jul 25 12:50:34.972: Reverse Transit NHS Record Extension(5):
*Jul 25 12:50:34.972: NAT address Extension(9):
*Jul 25 12:50:34.972: (C-1) code: no error(0)
*Jul 25 12:50:34.972: prefix: 32, mtu: 17916, hd_time: 0
*Jul 25 12:50:34.972: addr_len: 4(NSAP), subaddr_len: 0(NSAP), proto_len: 4, pref: 0
*Jul 25 12:50:34.972: client NBMA: 1.1.1.1
*Jul 25 12:50:34.972: client protocol: 10.10.10.1
*Jul 25 12:50:34.972: NHRP: 116 bytes out Tunnel12345
*Jul 25 12:50:34.972: NHRP-RATE: Retransmitting Registration Request for 10.10.10.1, reqid 65537, (retrans ivl 64 sec)
*Jul 25 12:50:36.132: ISAKMP:(1006):purging node 1566291204
*Jul 25 12:50:36.132: ISAKMP:(1006):purging node 742410882
*Jul 25 12:50:53.520: IPSEC(key_engine): request timer fired: count = 1,
(identity) local= 2.2.2.2:0, remote= 1.1.1.1:0,
local_proxy= 2.2.2.2/255.255.255.255/47/0 (type=1),
remote_proxy= 1.1.1.1/255.255.255.255/47/0 (type=1)
*Jul 25 12:50:53.520: IPSEC(sa_request): ,
(key eng. msg.) OUTBOUND local= 2.2.2.2:500, remote= 1.1.1.1:500,
local_proxy= 2.2.2.2/255.255.255.255/47/0 (type=1),
remote_proxy= 1.1.1.1/255.255.255.255/47/0 (type=1),
protocol= ESP, transform= esp-aes esp-sha-hmac (Transport),
lifedur= 3600s and 4608000kb,
spi= 0x0(0), conn_id= 0, keysize= 128, flags= 0x0
*Jul 25 12:50:53.520: ISAKMP: set new node 0 to QM_IDLE
*Jul 25 12:50:53.520: SA has outstanding requests (local 112.176.96.152 port 500, remote 112.176.96.124 port 500)
*Jul 25 12:50:53.520: ISAKMP:(1006): sitting IDLE. Starting QM immediately (QM_IDLE )
*Jul 25 12:50:53.520: ISAKMP:(1006):beginning Quick Mode exchange, M-ID of 2055556995
*Jul 25 12:50:53.520: ISAKMP:(1006):QM Initiator gets spi
*Jul 25 12:50:53.520: ISAKMP:(1006): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) QM_IDLE
*Jul 25 12:50:53.520: ISAKMP:(1006):Sending an IKE IPv4 Packet.
*Jul 25 12:50:53.520: ISAKMP:(1006):Node 2055556995, Input = IKE_MESG_INTERNAL, IKE_INIT_QM
*Jul 25 12:50:53.520: ISAKMP:(1006):Old State = IKE_QM_READY New State = IKE_QM_I_QM1
*Jul 25 12:50:53.520: ISAKMP (1006): received packet from 1.1.1.1 dport 500 sport 500 Global (I) QM_IDLE
*Jul 25 12:50:53.520: ISAKMP: set new node -1428573279 to QM_IDLE
*Jul 25 12:50:53.524: ISAKMP:(1006): processing HASH payload. message ID = 2866394017
*Jul 25 12:50:53.524: ISAKMP:(1006): processing NOTIFY PROPOSAL_NOT_CHOSEN protocol 3
spi 2888331328, message ID = 2866394017, sa = 0x70B05F14
*Jul 25 12:50:53.524: ISAKMP:(1006): deleting spi 2888331328 message ID = 2055556995
*Jul 25 12:50:53.524: ISAKMP:(1006):deleting node 2055556995 error TRUE reason "Delete Larval"
*Jul 25 12:50:53.524: ISAKMP:(1006):deleting node -1428573279 error FALSE reason "Informational (in) state 1"
*Jul 25 12:50:53.524: ISAKMP:(1006):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Jul 25 12:50:53.524: ISAKMP:(1006):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETESome time ago I was running a similar setup, but the firewall was an ASA, not a Juniper.
Some comments:
You shouldn't disable NAT-transparence. It should work with the default-setting which is "enabled"
The firewall only has to allow UDP/500 and UDP4500. It will never see any other traffic between the hub and spoke.
The firewall shouldn't do any inspections etc. on the traffic to the hub.
You shouldn't use wildcard-PSKs. The better solution is to use digital certificates.
You probably need some MTU/MSS-settings like "ip mtu 1400" and "ip tcp adjust mss 1360".
For running ospf through DMVPN make sure the Hub is the DR and set the network-type to broadcast. -
BT Infinity and Juniper SRX Configuration
First time using this community and I have only recently been thrown into the world of Juniper. I bought an SRX210B to use for lab work at home and am trying to get it working with my BT Infinity circuit. The physical link appears up and so does the PPPoE session (from what I can work out) but the logical link is down. Can anyone provide assistance?
interfaces {
ge-0/0/0 {
unit 0 {
encapsulation ppp-over-ether;
ge-0/0/1 {
unit 0 {
description LAB01VMW001;
family ethernet-switching {
port-mode trunk;
vlan {
members [ MGMT DATA VOICE SERVER DMZ ];
native-vlan-id 100;
fe-0/0/2 {
unit 0 {
description LAB01UCM001;
family ethernet-switching {
port-mode trunk;
vlan {
members [ MGMT DATA VOICE DMZ ];
native-vlan-id 100;
fe-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members MGMT;
pp0 {
traceoptions {
flag all;
unit 0 {
point-to-point;
ppp-options {
pap {
local-name "[email protected]";
local-password "xxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA
passive;
pppoe-options {
underlying-interface ge-0/0/0.0;
idle-timeout 0;
auto-reconnect 10;
client;
family inet {
negotiate-address;
vlan {
unit 10 {
family inet {
address 10.10.10.1/24;
unit 20 {
family inet {
address 10.10.20.1/24;
unit 30 {
family inet {
address 10.10.30.1/24;
unit 66 {
family inet {
address 172.16.0.1/24;
unit 99 {
family inet {
address 10.10.99.1/24;
routing-options {
static {
route 0.0.0.0/0 {
next-hop pp0.0;
metric 0;
protocols {
stp;
security {
nat {
source {
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule source-nat-rule {
match {
source-address 0.0.0.0/0;
then {
source-nat {
interface;
screen {
ids-option untrust-screen {
icmp {
ping-death;
ip {
source-route-option;
tear-drop;
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
land;
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
protocols {
all;
interfaces {
vlan.10;
vlan.99;
vlan.30;
vlan.20;
security-zone untrust {
screen untrust-screen;
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
tftp;
pp0.0 {
host-inbound-traffic {
system-services {
all;
policies {
from-zone trust to-zone untrust {
policy trust-to-untrust {
match {
source-address any;
destination-address any;
application any;
then {
permit;
vlans {
DATA {
description DATA;
vlan-id 10;
l3-interface vlan.10;
DMZ {
description DMZ;
vlan-id 66;
l3-interface vlan.66;
HOLE {
description Blackhole;
vlan-id 100;
MGMT {
description MGMT;
vlan-id 99;
l3-interface vlan.99;
SERVER {
description SERVER;
vlan-id 30;
l3-interface vlan.30;
VOICE {
description VOICE;
vlan-id 20;
l3-interface vlan.20;All sorted by BT engineer. Super fast broadband download and BT vision up and running perfect.
-
teams administration software
· Support display 30 network devices such as routers and switches
· Display the network topology structure type tree and access to equipment from this window.
· Monitoring of switches including packet errors, temperature, bandwidth, CPU and memory.
· Alarm notification (by network errors or threshold) by email.
· Allow the computer to update the software without the need for command line usage or TFTP server application.CNA is a great tool and have a lot of features, but LMS/CPI is full fledged NMS application which suits all your requirements.
Following are the benefit of CNA :
Cisco Network Assistant facilitates:
Network discovery and convenient display in a topology map
Configuration management of Cisco products fitting small and medium businesses
Single-click Telnet or access to device manager
Front panel view of devices, clusters and stacks
Inventory reports and health monitoring
Troubleshooting of common network issues
Event notification of network errors and alarm thresholds
Drag-and-drop Software upgrades saves time in maintaining your network
Direct access to lifecycle information using Cisco Active Advisor
Following is the benefits and features of LMS/CPI:
Primary Functional Areas and Benefits
Monitoring and Troubleshooting
Proactively identify and quickly fix network problems before they affect end users and services with out-of-the-box preconfigured monitoring dashboards.
Configuration Management
Simplify the roll-out of new technologies and network changes through guided workflows based on Cisco best practices with built-in configuration templates that help reduce errors.
Compliance and Audit Management
Upgradable compliance engine offers extensive modeling of industry, corporate, IT, and technology policies and quick visibility into compliance status of the network.
Comprehensive Reporting
Get immediate up-to-date information about the network through flexible reporting for inventory, user tracking, compliance, switch port usage, end-of-sale, PSIRT, and other critical areas.
Work Centers
Easily manage all phases of the end-to-end lifecycle of Cisco value-added technologies and solutions, such as medianet, EnergyWise, TrustSec and Identity, Auto Smartports, and Smart Install.
Cisco Prime LMS manages the deployment of the latest Cisco technologies and services such as Cisco TrustSec, and EnergyWise. Get started today with new Cisco Prime LAN Management Solution, and the related resources on this page.
There is a similar discussion in past :
https://supportforums.cisco.com/thread/180485
-Thanks -
I need to change the current Mail box aging policy for an existing system. If I reduce the current set up how does it effect existing "deleted" messages? Does it delete all existing ones or does it only delete new ones from the date of the change as with changes in Template/COS?
Also I need to change the alarm threshold is there a best practice based upon the size of the hard drive- % wise ?
thanksHi -
The default mailbox message aging policy is Enabled for Deleting voice messages automatically in the Deleted Items folder. "Permanently Delete Messages in the Deleted Items Folder in 15 Days"
So unless you have disabled this rule, voice messages are already getting deleted. You may want to check here.
When you enable the policy for a specific number of days, the timestamp of the message is used for calculating, based on
how the user marked the message as new, resaved the message, deleted the message, or restored a deleted message as saved from the phone interface, called the "modification time". So if you change it to 90 days, voice messages older than 90 days will be deleted the next time the scheduled task "Clean Deleted Messages" runs, which is every day, every 30 minutes. From Cisco's Unity Connection 8.5 System Admin guide, "If you only need one set of message aging rules, you can change the specifications for the default message aging policy and assign that one policy to all users and all templates. If you need to allow some users to retain messages longer than other users, you can create additional policies and assign different policies to user templates and to individual users. If you want to send message aging alerts to some users and not to others, you can create additional policies that include aging alerts. (Message Aging Alerts are available only in Cisco Unity Connection 8.5 and later.)". You might have "privileged" users, i.e. Managers that you want to protect and configure a different policy for these users.
Hope this helps! Ginger -
SunMC Performance Reports - Newbie
Good morning,
I've installed v3.6.1 and v4 just to poke around, but I haven't purchased any of the agents or add-ons (but we're about to), and one of my primary questions is about performance reporting. Does SunMC provide graphs and/or reports that can be easily generated, or e-mailed on a regular basis or something? Is there an add-on piece that provides that?
Thanks!
- DTYes, Sun MC does include the Performance Reporting Manager (PRM) addon which enables you to graph and report on various monitored metrics including hardware and software inventory reports. i.e. What hardware you currently have in your datacenter, what systems have a particular patch.
However, the PRM addon does not provide support for email the graphs on a regular basis. For this you would need Halcyon's Enterprise Reporter:
http://www.halcyoninc.com/products/EReporter
This product offering is bundled with Halcyon's WebPortal product which is a web interface into Sun MC that provides many easy to use features such as group operations (loading modules on 100 systems with a single click, alarm threshold tuning, etc.)
Halcyon is also offering live 1-on-1 demos of Sun MC and their solutions and would be able to show you the various features of Sun MC including PRM. To sign up and setup an appointment:
http://www.halcyoninc.com/company/request-demo.php
For a comparison of PRM vs Halcyon's Reporter visit:
http://forums.halcyoninc.com/showthread.php?t=40
There are many other postings with screenshots that may be of interest:
http://forums.halcyoninc.com/showthread.php?t=111
In addition, Halcyon provides many different add-ons to Sun MC extending it to monitor almost anything in the datacenter, including storage (Hitachi, NetApp), network devices (Cisco), applications (Oracle, Veritas, Syabse, Java System), non-Sun platforms (Windows, Linux, AIX), and integrations to various Enterprise Managers (Tivoli, HP Openview):
A full list of products can be found here:
http://www.halcyoninc.com/products/a-z.php
Apologies to all the technies who may find this posting very sales like... I am now working with our marketing team :)
regards,
bobby
www.HalcyonInc.com -
What is the problem with this code ? Race condition??
Guys,
The idea behind the attached code is quite simple.
I have a 2D parent array. First, I print a subset of this array into a table control (based on a sensor selection). Now, I want edit the numbers in the table. I need the changes to be reflected in the table and the parent 2D array. (In simple terms, this is like replacing the the edited array subset into the parent 2D array)
The problem is when I change(edit) any entry in the table, the entry changes back to its original value. The change doesnt seem to be reflecting on the parent 2D array and the table. .
Can anyone tell me where the problem is?
Thanks
Ravi
Solved!
Go to Solution.
Attachments:
Alarm threshold test.vi 14 KBI agree with Chris, here's an idea (of whatI think your code does):
The case structure in your code was unnecessary, all the cases were the same so I removed them.
The sequence structure was unnecessary.
Ton
Message Edited by TonP on 11-20-2008 07:52 PM
Free Code Capture Tool! Version 2.1.3 with comments, web-upload, back-save and snippets!
Nederlandse LabVIEW user groep www.lvug.nl
My LabVIEW Ideas
LabVIEW, programming like it should be!
Attachments:
Alarm threshold test_BD.png 19 KB -
Guest wireless in 7.0.98 hitting the splash page
I have set up Guest wireless before with my own customized splash screen for local authentication on version 5.xx on a 4404 controller.
I have the same task again but this time with a 2201 controller and the latest ios.
Try as hard as I can i cannot get a guest wireless user to hit the splash page where it gives the certificate warning or past that to the login box.
Is there some subtle difference in the set up with 7.0.98. I did notice that when setting up the DHCP scope for the 7.0.98 i had to use the DHCP server IP as the managment interface. On my last try with 5.x I used the 192.168.80.1 address (the guest WLAN) So there is a difference right there.
Anyway the clients get an IP address so no issue there but i cannot get the cert warning up let alone the splash page. Eveidently there is a tick box I am missing. I wouldnt mide but having done this a few times before I am really stumped. I have wiped the config and started again going through my old notes step by step plus digging out the cisco documentation.
If there any debugging I can stick on please let me know.
Thanks,
NeilThank you :-) Hopefully I have captured everything you need.
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2011.06.27 09:22:56 =~=~=~=~=~=~=~=~=~=~=~=
(Cisco Controller) >show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "Cisco Wireless Controller"
PID: AIR-WLC2112-K9, VID: V05, SN: JMX1520Z02W
Burned-in MAC Address............................ 64:00:F1:91:76:40
Press Enter to continue or to abort
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.98.0
RTOS Version..................................... 7.0.98.0
Bootloader Version............................... 4.0.191.0
Emergency Image Version.......................... 7.0.98.0
Build Type....................................... DATA + WPS
System Name...................................... GB-LON-WLC1
System Location.................................. London GHO
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.828
IP Address....................................... 10.y.y.22
System Up Time................................... 2 days 20 hrs 45 mins 31 secs
System Timezone Location.........................
Configured Country............................... GB - United Kingdom
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +48 C
--More or (q)uit current module or to abort
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 2
Number of Active Clients......................... 0
Burned-in MAC Address............................ 64:00:F1:91:76:40
Press Enter to continue or to abort
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Press Enter to continue or to abort
Network Information
RF-Network Name............................. lon
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
Secure Shell (ssh).......................... Enable
Telnet...................................... Enable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Multicast Address : 239.0.1.1
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Enabled
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
--More or (q)uit current module or to abort
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Fast SSID Change ........................... Disabled
IP/MAC Addr Binding Check .................. Enabled
Press Enter to continue or to abort
Port Summary
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE
1 Normal Forw Enable Auto 100 Full Up Enable N/A
2 Normal Disa Enable Auto Auto Down Enable N/A
3 Normal Disa Enable Auto Auto Down Enable N/A
4 Normal Disa Enable Auto Auto Down Enable N/A
5 Normal Disa Enable Auto Auto Down Enable N/A
6 Normal Disa Enable Auto Auto Down Enable N/A
7 Normal Disa Enable Auto Auto Down Enable Enable (Power Off)
8 Normal Disa Enable Auto Auto Down Enable Enable (Power Off)
Press Enter to continue or to abort
AP Summary
Number of APs.................................... 1
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
londonap1 2 AIR-LAP1131G-E-K9 00:21:d8:48:2b:96 London GHO 1 GB 1
Press Enter to continue or to abort
AP Location
Site Name........................................ GUEST
Site Description................................. GUEST - WebAuth - London
WLAN ID Interface Network Admission Control
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
Site Name........................................ default-group
Site Description.................................
WLAN ID Interface Network Admission Control
1 london-vlan10 Disabled
2 london-guest Disabled
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
GB-LONdon 2 AIR-LAP1131G-E-K9 00:21:d8:48:2b:96 London GHO 1 GB 1
--More or (q)uit current module or to abort
Press Enter to continue or to abort
AP Config
Cisco AP Identifier.............................. 8
Cisco AP Name.................................... Gb-london
Country code..................................... GB - United Kingdom
Regulatory Domain allowed by Country............. 802.11bg:-E 802.11a:-E
AP Country code.................................. GB - United Kingdom
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
MAC Address...................................... 00:21:d8:48:2b:96
IP Address Configuration......................... DHCP
IP Address....................................... 10.y.y.12
IP NetMask....................................... 255.255.254.0
Gateway IP Addr.................................. 10.y.y.1
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Enabled
Ssh State........................................ Disabled
Cisco AP Location................................ London
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................ London
Primary Cisco Switch IP Address.................. 10.y.y.22
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or to abort
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.98.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Enabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131G-E-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA
--More or (q)uit current module or to abort
Reset Button..................................... Enabled
AP Serial Number................................. FCW1244V0FQ
AP Certificate Type.............................. Manufacture Installed
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 2 days, 10 h 19 m 12 s
AP LWAPP Up Time................................. 0 days, 00 h 32 m 36 s
Join Date and Time............................... Mon Jun 27 07:50:18 2011
Join Taken Time.................................. 0 days, 00 h 00 m 31 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211g
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
--More or (q)uit current module or to abort
Number Of WLANs ........................... 2
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:23:5e:4a:f9:b0
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
6000 Kilo Bits........................... SUPPORTED
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... SUPPORTED
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... SUPPORTED
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ GB
--More or (q)uit current module or to abort
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 13
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 6
Tx Power Level 1 .......................... 14 dBm
Tx Power Level 2 .......................... 11 dBm
Tx Power Level 3 .......................... 8 dBm
Tx Power Level 4 .......................... 5 dBm
Tx Power Level 5 .......................... 2 dBm
Tx Power Level 6 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
--More or (q)uit current module or to abort
Configuration ............................. AUTOMATIC
Current Channel ........................... 1
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11,12,
......................................... 13
TI Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
--More or (q)uit current module or to abort
CleanAir Management Information
CleanAir Capable......................... No
AP does not have the 802.11a radio.
Press Enter to continue or to abort
Press Enter to continue or to abort
AP Airewave Director Configuration
Number Of Slots.................................. 2
AP Name.......................................... londonap1
MAC Address...................................... 00:21:d8:48:2b:96
Slot ID........................................ 0
Radio Type..................................... RADIO_TYPE_80211b/g
Sub-band Type.................................. All
Noise Information
Noise Profile................................ PASSED
Channel 1.................................... -91 dBm
Channel 2.................................... -88 dBm
Channel 3.................................... -88 dBm
Channel 4.................................... -86 dBm
Channel 5.................................... -86 dBm
Channel 6.................................... -87 dBm
Channel 7.................................... -84 dBm
Channel 8.................................... -88 dBm
Channel 9.................................... -90 dBm
Channel 10................................... -85 dBm
Channel 11................................... -83 dBm
Channel 12................................... -89 dBm
Channel 13................................... -89 dBm
Interference Information
--More or (q)uit current module or to abort
Interference Profile......................... PASSED
Channel 1.................................... -63 dBm @ 1 % busy
Channel 2.................................... -128 dBm @ 0 % busy
Channel 3.................................... -63 dBm @ 2 % busy
Channel 4.................................... -46 dBm @ 8 % busy
Channel 5.................................... -44 dBm @ 2 % busy
Channel 6.................................... -64 dBm @ 1 % busy
Channel 7.................................... -46 dBm @ 4 % busy
Channel 8.................................... -128 dBm @ 0 % busy
Channel 9.................................... -70 dBm @ 4 % busy
Channel 10................................... -128 dBm @ 0 % busy
Channel 11................................... -65 dBm @ 14 % busy
Channel 12................................... -128 dBm @ 0 % busy
Channel 13................................... -128 dBm @ 0 % busy
Load Information
Load Profile................................. PASSED
Receive Utilization.......................... 0 %
Transmit Utilization......................... 9 %
Channel Utilization.......................... 14 %
Attached Clients............................. 0 clients
Coverage Information
Coverage Profile............................. PASSED
Failed Clients............................... 0 clients
--More or (q)uit current module or to abort
Client Signal Strengths
RSSI -100 dbm................................ 0 clients
RSSI -92 dbm................................ 0 clients
RSSI -84 dbm................................ 0 clients
RSSI -76 dbm................................ 0 clients
RSSI -68 dbm................................ 0 clients
RSSI -60 dbm................................ 0 clients
RSSI -52 dbm................................ 0 clients
Client Signal To Noise Ratios
SNR 0 dB.................................. 0 clients
SNR 5 dB.................................. 0 clients
SNR 10 dB.................................. 0 clients
SNR 15 dB.................................. 0 clients
SNR 20 dB.................................. 0 clients
SNR 25 dB.................................. 0 clients
SNR 30 dB.................................. 0 clients
SNR 35 dB.................................. 0 clients
SNR 40 dB.................................. 0 clients
SNR 45 dB.................................. 0 clients
Nearby APs
Radar Information
Channel Assignment Information
Current Channel Average Energy............... unknown
--More or (q)uit current module or to abort
Previous Channel Average Energy.............. unknown
Channel Change Count......................... 0
Last Channel Change Time..................... Mon Jun 27 07:50:15 2011
Recommended Best Channel..................... 1
RF Parameter Recommendations
Power Level.................................. 1
RTS/CTS Threshold............................ 2347
Fragmentation Tnreshold...................... 2346
Antenna Pattern.............................. 0
Persistent Interference Devices
Classtype Channel DC (%%) RSSI (dBm) Last Update Time
All third party trademarks are the property of their respective owners.
AP does not have the 802.11a radio.
Press Enter to continue or to abort
Press Enter to continue or to abort
802.11a Configuration
802.11a Network.................................. Enabled
11nSupport....................................... Enabled
802.11a Low Band........................... Enabled
802.11a Mid Band........................... Enabled
802.11a High Band.......................... Enabled
802.11a Operational Rates
802.11a 6M Rate.............................. Mandatory
802.11a 9M Rate.............................. Supported
802.11a 12M Rate............................. Mandatory
802.11a 18M Rate............................. Supported
802.11a 24M Rate............................. Mandatory
802.11a 36M Rate............................. Supported
802.11a 48M Rate............................. Supported
802.11a 54M Rate............................. Supported
802.11n MCS Settings:
MCS 0........................................ Supported
MCS 1........................................ Supported
MCS 2........................................ Supported
MCS 3........................................ Supported
MCS 4........................................ Supported
MCS 5........................................ Supported
MCS 6........................................ Supported
--More or (q)uit current module or to abort
MCS 7........................................ Supported
MCS 8........................................ Supported
MCS 9........................................ Supported
MCS 10....................................... Supported
MCS 11....................................... Supported
MCS 12....................................... Supported
MCS 13....................................... Supported
MCS 14....................................... Supported
MCS 15....................................... Supported
802.11n Status:
A-MPDU Tx:
Priority 0............................... Enabled
Priority 1............................... Disabled
Priority 2............................... Disabled
Priority 3............................... Disabled
Priority 4............................... Enabled
Priority 5............................... Enabled
Priority 6............................... Disabled
Priority 7............................... Disabled
Guard Interval .............................. Any
Beacon Interval.................................. 100
CF Pollable mandatory............................ Disabled
CF Poll Request mandatory........................ Disabled
--More or (q)uit current module or to abort
CFP Period....................................... 4
CFP Maximum Duration............................. 60
Default Channel.................................. 36
Default Tx Power Level........................... 0
DTPC Status..................................... Enabled
Fragmentation Threshold.......................... 2346
TI Threshold..................................... -50
Legacy Tx Beamforming setting.................... Disabled
Traffic Stream Metrics Status.................... Disabled
Expedited BW Request Status...................... Disabled
World Mode....................................... Enabled
EDCA profile type................................ default-wmm
Voice MAC optimization status.................... Disabled
Call Admission Control (CAC) configuration
Voice AC:
Voice AC - Admission control (ACM)............ Disabled
Voice max RF bandwidth........................ 75
Voice reserved roaming bandwidth.............. 6
Voice load-based CAC mode..................... Disabled
Voice tspec inactivity timeout................ Disabled
Voice max limit on number of call............. 0
CAC SIP-Voice configuration
SIP Codec Type ............................... CODEC_TYPE_G711
--More or (q)uit current module or to abort
SIP call bandwidth ........................... 64
SIP call bandwith sample-size ................ 20
Voice Stream-Size............................. 84000
Voice Max-Streams............................. 2
Video AC:
Video AC - Admission control (ACM)............ Disabled
Video max RF bandwidth........................ Infinite
Video reserved roaming bandwidth.............. 0
Best-effort AC - Admission control (ACM)...... Disabled
Background AC - Admission control (ACM)....... Disabled
Press Enter to continue or to abort
802.11a Advanced Configuration
AP Name MAC Address Admin State Operation State Channel TxPower
Press Enter to continue or to abort
802.11a Airewave Director Configuration
RF Event and Performance Logging
Channel Update Logging......................... Off
Coverage Profile Logging....................... Off
Foreign Profile Logging........................ Off
Load Profile Logging........................... Off
Noise Profile Logging.......................... Off
Performance Profile Logging.................... Off
TxPower Update Logging......................... Off
Default 802.11a AP performance profiles
802.11a Global Interference threshold.......... 10 %
802.11a Global noise threshold................. -70 dBm
802.11a Global RF utilization threshold........ 80 %
802.11a Global throughput threshold............ 1000000 bps
802.11a Global clients threshold............... 12 clients
Default 802.11a AP monitoring
802.11a Monitor Mode........................... enable
802.11a Monitor Mode for Mesh AP Backhaul...... disable
802.11a Monitor Channels....................... Country channels
802.11a AP Coverage Interval................... 180 seconds
802.11a AP Load Interval....................... 60 seconds
802.11a AP Noise Interval...................... 180 seconds
--More or (q)uit current module or to abort
802.11a AP Signal Strength Interval............ 60 seconds
Automatic Transmit Power Assignment
Transmit Power Assignment Mode................. AUTO
Transmit Power Update Interval................. 600 seconds
Transmit Power Threshold....................... -70 dBm
Transmit Power Neighbor Count.................. 3 APs
Min Transmit Power............................. -100 dBm
Max Transmit Power............................. 100 dBm
Transmit Power Update Contribution............. SNI..
Transmit Power Assignment Leader............... GB-LON-WLC1 (10.y.y.22)
Last Run....................................... 116 seconds ago
Coverage Hole Detection
802.11a Coverage Hole Detection Mode........... Enabled
802.11a Coverage Voice Packet Count............ 100 packets
802.11a Coverage Voice Packet Percentage....... 50%
802.11a Coverage Voice RSSI Threshold.......... -80 dBm
802.11a Coverage Data Packet Count............. 50 packets
802.11a Coverage Data Packet Percentage........ 50%
802.11a Coverage Data RSSI Threshold........... -80 dBm
802.11a Global coverage exception level........ 25 %
802.11a Global client minimum exception lev.... 3 clients
Automatic Channel Assignment
Channel Assignment Mode........................ AUTO
--More or (q)uit current module or to abort
Channel Update Interval........................ 600 seconds
Anchor time (Hour of the day).................. 0
Channel Update Contribution.................... SNI..
CleanAir Event-driven RRM option............... Disabled
CleanAir Event-driven RRM sensitivity.......... Medium
Channel Assignment Leader...................... GB-LON-WLC1 (10.y.y.22)
Last Run....................................... 116 seconds ago
DCA Sensitivity Level.......................... MEDIUM (15 dB)
DCA 802.11n Channel Width...................... 20 MHz
DCA Minimum Energy Limit....................... -95 dBm
Channel Energy Levels
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
Channel Dwell Times
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
802.11a 5 GHz Auto-RF Channel List
Allowed Channel List......................... 36,40,44,48,52,56,60,64
Unused Channel List.......................... 100,104,108,112,116,120,124,
128,132,136,140
DCA Outdoor AP option.......................... Disabled
--More or (q)uit current module or to abort
Radio RF Grouping
802.11a Group Mode............................. AUTO
802.11a Group Update Interval.................. 600 seconds
802.11a Group Leader........................... GB-LON-WLC1 (10.44.64.22)
802.11a Group Member......................... GB-LON-WLC1 (10.44.64.22)
802.11a Last Run............................... 116 seconds ago
802.11a CleanAir Configuration
Clean Air Solution............................... Disabled
Air Quality Settings:
Air Quality Reporting........................ Enabled
Air Quality Reporting Period (min)........... 15
Air Quality Alarms........................... Enabled
Air Quality Alarm Threshold.................. 35
Interference Device Settings:
Interference Device Reporting................ Enabled
Interference Device Types:
TDD Transmitter.......................... Enabled
Jammer................................... Enabled
Continuous Transmitter................... Enabled
DECT-like Phone.......................... Enabled
Video Camera............................. Enabled
WiFi Inverted............................ Enabled
--More or (q)uit current module or to abort
WiFi Invalid Channel..................... Enabled
SuperAG.................................. Enabled
Canopy................................... Enabled
WiMax Mobile............................. Enabled
WiMax Fixed.............................. Enabled
Interference Device Alarms................... Enabled
Interference Device Types Triggering Alarms:
TDD Transmitter.......................... Disabled
Jammer................................... Enabled
Continuous Transmitter................... Disabled
DECT-like Phone.......................... Disabled
Video Camera............................. Disabled
WiFi Inverted............................ Enabled
WiFi Invalid Channel..................... Enabled
SuperAG.................................. Disabled
Canopy................................... Disabled
WiMax Mobile............................. Disabled
WiMax Fixed.............................. Disabled
Additional Clean Air Settings:
CleanAir Event-driven RRM State.............. Disabled
CleanAir Driven RRM Sensitivity.............. Medium
CleanAir Persistent Devices state............ Disabled
--More or (q)uit current module or to abort
802.11a CleanAir AirQuality Summary
AQ = Air Quality
DFS = Dynamic Frequency Selection
AP Name Channel Avg AQ Min AQ Interferers DFS
Press Enter to continue or to abort
802.11b Configuration
802.11b Network.................................. Enabled
11gSupport....................................... Enabled
11nSupport....................................... Enabled
802.11b/g Operational Rates
802.11b/g 1M Rate............................ Mandatory
802.11b/g 2M Rate............................ Mandatory
802.11b/g 5.5M Rate.......................... Mandatory
802.11b/g 11M Rate........................... Mandatory
802.11g 6M Rate.............................. Supported
802.11g 9M Rate.............................. Supported
802.11g 12M Rate............................. Supported
802.11g 18M Rate............................. Supported
802.11g 24M Rate............................. Supported
802.11g 36M Rate............................. Supported
802.11g 48M Rate............................. Supported
802.11g 54M Rate............................. Supported
802.11n MCS Settings:
MCS 0........................................ Supported
MCS 1........................................ Supported
MCS 2........................................ Supported
MCS 3........................................ Supported
MCS 4........................................ Supported
--More or (q)uit current module or to abort
MCS 5........................................ Supported
MCS 6........................................ Supported
MCS 7........................................ Supported
MCS 8........................................ Supported
MCS 9........................................ Supported
MCS 10....................................... Supported
MCS 11....................................... Supported
MCS 12....................................... Supported
MCS 13....................................... Supported
MCS 14....................................... Supported
MCS 15....................................... Supported
802.11n Status:
A-MPDU Tx:
Priority 0............................... Enabled
Priority 1............................... Disabled
Priority 2............................... Disabled
Priority 3............................... Disabled
Priority 4............................... Enabled
Priority 5............................... Enabled
Priority 6............................... Disabled
Priority 7............................... Disabled
Guard Interval .............................. Any
Beacon Interval.................................. 100
--More or (q)uit current module or to abort
CF Pollable mode................................. Disabled
CF Poll Request mandatory........................ Disabled
CFP Period....................................... 4
CFP Maximum Duration............................. 60
Default Channel.................................. 1
Default Tx Power Level........................... 0
DTPC Status..................................... Enabled
Call Admission Limit ........................... 105
G711 CU Quantum ................................. 15
ED Threshold..................................... -50
Fragmentation Threshold.......................... 2346
PBCC mandatory................................... Disabled
RTS Threshold.................................... 2347
Short Preamble mandatory......................... Enabled
Short Retry Limit................................ 7
Legacy Tx Beamforming setting.................... Disabled
Traffic Stream Metrics Status.................... Disabled
Expedited BW Request Status...................... Disabled
World Mode....................................... Enabled
Faster Carrier Tracking Loop..................... Disabled
EDCA profile type................................ default-wmm
Voice MAC optimization status.................... Disabled
Call Admission Control (CAC) configuration
--More or (q)uit current module or to abort
Voice AC - Admission control (ACM)............ Disabled
Voice Stream-Size............................. 84000
Voice Max-Streams............................. 2
Voice max RF bandwidth........................ 75
Voice reserved roaming bandwidth.............. 6
Voice load-based CAC mode..................... Disabled
Voice tspec inactivity timeout................ Disabled
Voice max limit on number of call............. 0
CAC SIP-Voice configuration
SIP Codec Type ............................... CODEC_TYPE_G711
SIP call bandwidth: .......................... 64
SIP call bandwidth sample-size ............... 20
Video AC - Admission control (ACM)............ Disabled
Video max RF bandwidth........................ 50
Video reserved roaming bandwidth.............. 0
Best-effort AC - Admission control (ACM)...... Disabled
Background AC - Admission control (ACM)....... Disabled
Press Enter to continue or to abort
802.11b Advanced Configuration
AP Name MAC Address Admin State Operation State Channel TxPower
londonap1 00:23:5e:4a:f9:b0 ENABLED UP 1* 1(*)
Press Enter to continue or to abort
802.11b Airewave Director Configuration
RF Event and Performance Logging
Channel Update Logging......................... Off
Coverage Profile Logging....................... Off
Foreign Profile Logging........................ Off
Load Profile Logging........................... Off
Noise Profile Logging.......................... Off
Performance Profile Logging.................... Off
Transmit Power Update Logging.................. Off
Default 802.11b AP performance profiles
802.11b Global Interference threshold.......... 10 %
802.11b Global noise threshold................. -70 dBm
802.11b Global RF utilization threshold........ 80 %
802.11b Global throughput threshold............ 1000000 bps
802.11b Global clients threshold............... 12 clients
Default 802.11b AP monitoring
802.11b Monitor Mode........................... enable
802.11b Monitor Channels....................... Country channels
802.11b AP Coverage Interval................... 180 seconds
802.11b AP Load Interval....................... 60 seconds
802.11b AP Noise Interval...................... 180 seconds
802.11b AP Signal Strength Interval............ 60 seconds
--More or (q)uit current module or to abort
Automatic Transmit Power Assignment
Transmit Power Assignment Mode................. AUTO
Transmit Power Update Interval................. 600 seconds
Transmit Power Threshold....................... -70 dBm
Transmit Power Neighbor Count.................. 3 APs
Min Transmit Power............................. -100 dBm
Max Transmit Power............................. 100 dBm
Transmit Power Update Contribution............. SNI..
Transmit Power Assignment Leader............... GB-LON-WLC1 (10.44.64.22)
Last Run....................................... 530 seconds ago
Coverage Hole Detection
802.11b Coverage Hole Detection Mode........... Enabled
802.11b Coverage Voice Packet Count............ 100 packets
802.11b Coverage Voice Packet Percentage....... 50%
802.11b Coverage Voice RSSI Threshold.......... -80 dBm
802.11b Coverage Data Packet Count............. 50 packets
802.11b Coverage Data Packet Percentage........ 50%
802.11b Coverage Data RSSI Threshold........... -80 dBm
802.11b Global coverage exception level........ 25 %
802.11b Global client minimum exception lev.... 3 clients
Automatic Channel Assignment
Channel Assignment Mode........................ AUTO
Channel Update Interval........................ 600 seconds
--More or (q)uit current module or to abort
Anchor time (Hour of the day).................. 0
Channel Update Contribution.................... SNI..
CleanAir Event-driven RRM option............... Disabled
CleanAir Event-driven RRM sensitivity.......... Medium
Channel Assignment Leader...................... GB-LON-WLC1 (10.44.64.22)
Last Run....................................... 530 seconds ago
DCA Sensitivity Level: ...................... MEDIUM (10 dB)
DCA Minimum Energy Limit....................... -95 dBm
Channel Energy Levels
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
Channel Dwell Times
Minimum...................................... 0 days, 00 h 33 m 07 s
Average...................................... 0 days, 00 h 33 m 07 s
Maximum...................................... 0 days, 00 h 33 m 07 s
802.11b Auto-RF Allowed Channel List........... 1,6,11
Auto-RF Unused Channel List.................... 2,3,4,5,7,8,9,10,12,13
Radio RF Grouping
802.11b Group Mode............................. AUTO
802.11b Group Update Interval.................. 600 seconds
802.11b Group Leader........................... GB-LON-WLC1 (10.44.64.22)
--More or (q)uit current module or to abort
802.11b Group Member......................... GB-LON-WLC1 (10.44.64.22)
802.11b Last Run............................... 530 seconds ago
802.11a CleanAir Configuration
Clean Air Solution............................... Disabled
Air Quality Settings:
Air Quality Reporting........................ Enabled
Air Quality Reporting Period (min)........... 15
Air Quality Alarms........................... Enabled
Air Quality Alarm Threshold.................. 35
Interference Device Settings:
Interference Device Reporting................ Enabled
Interference Device Types:
Bluetooth Link........................... Enabled
Microwave Oven........................... Enabled
802.11 FH................................ Enabled
Bluetooth Discovery...................... Enabled
TDD Transmitter.......................... Enabled
Jammer................................... Enabled
Continuous Transmitter................... Enabled
DECT-like Phone.......................... Enabled
Video Camera............................. Enabled
802.15.4................................. Enabled
--More or (q)uit current module or to abort
WiFi Inverted............................ Enabled
WiFi Invalid Channel..................... Enabled
SuperAG.................................. Enabled
Canopy................................... Enabled
Xbox..................................... Enabled
WiMax Mobile............................. Enabled
WiMax Fixed.............................. Enabled
Interference Device Alarms................... Enabled
Interference Device Types Triggering Alarms:
Bluetooth Link........................... Disabled
Microwave Oven........................... Disabled
802.11 FH................................ Disabled
Bluetooth Discovery...................... Disabled
TDD Transmitter.......................... Disabled
Jammer................................... Enabled
Continuous Transmitter................... Disabled
DECT-like Phone.......................... Disabled
Video Camera............................. Disabled
802.15.4................................. Disabled
WiFi Inverted............................ Enabled
WiFi Invalid Channel..................... Enabled
SuperAG.................................. Disabled
Canopy................................... Disabled
--More or (q)uit current module or to abort
Xbox..................................... Disabled
WiMax Mobile............................. Disabled
WiMax Fixed.............................. Disabled
Additional Clean Air Settings:
CleanAir Event-driven RRM State.............. Disabled
CleanAir Driven RRM Sensitivity.............. Medium
CleanAir Persistent Devices state............ Disabled
802.11a CleanAir AirQuality Summary
AQ = Air Quality
DFS = Dynamic Frequency Selection
AP Name Channel Avg AQ Min AQ Interferers DFS
Press Enter to continue or to abort
q
Mobility Configuration
Symmetric Mobility Tunneling (current) .......... Enabled
Symmetric Mobility Tunneling (after reboot) ..... Enabled
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... lon
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x209c
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 1
Mobility Control Message DSCP Value.............. 0
Controllers configured in the Mobility Group
MAC Address IP Address Group Name Multicast IP Status
64:00:f1:91:76:40 10.44.64.22 lon 0.0.0.0 Up
Press Enter to continue or to abort
Advanced Configuration
Probe request filtering.......................... Enabled
Probes fwd to controller per client per radio.... 2
Probe request rate-limiting interval............. 500 msec
Aggregate Probe request interval................. 500 msec
EAP-Identity-Request Timeout (seconds)........... 30
EAP-Identity-Request Max Retries................. 2
EAP Key-Index for Dynamic WEP.................... 0
EAP Max-Login Ignore Identity Response........... enable
EAP-Request Timeout (seconds).................... 30
EAP-Request Max Retries.......................... 2
EAPOL-Key Timeout (milliseconds)................. 1000
EAPOL-Key Max Retries............................ 2
dot11-padding.................................... Disabled
Press Enter to continue or to abort
Location Configuration
RFID Tag data Collection......................... Enabled
RFID timeout.................................... 1200 seconds
RFID mobility.................................... Oui:00:14:7e : Vendor:pango State:Disabled
Press Enter to continue or to abort
Interface Configuration
Interface Name................................... ap-manager
MAC Address...................................... 64:00:f1:91:76:40
IP Address....................................... 10.y.y.23
IP Netmask....................................... 255.255.254.0
IP Gateway....................................... 10.y.y.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. untagged
Physical Port.................................... 1
Primary DHCP Server.............................. 10.y.y.19
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
Interface Name................................... guest
MAC Address...................................... 64:00:f1:91:76:40
IP Address....................................... 192.168.x.1
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 192.168.x.2
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 80
Quarantine-vlan.................................. 0
Physical Port.................................... 1
Primary DHCP Server.............................. Unconfigured
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
Interface Name................................... london-vlan10
MAC Address...................................... 64:00:f1:91:76:40
IP Address....................................... 10.x.x.149
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.x.x.20
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 10
Quarantine-vlan.................................. 0
Physical Port.................................... 1
Primary DHCP Server.............................. 10.44.64.19
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
Interface Name................................... management
MAC Address...................................... 64:00:f1:91:76:40
IP Address....................................... 10.y.y.22
IP Netmask....................................... 255.255.254.0
IP Gateway....................................... 10.y.y.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Physical Port.................................... 1
Primary DHCP Server.............................. 10.y.y.19
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
Interface Name................................... virtual
MAC Address...................................... 64:00:f1:91:76:40
IP Address....................................... 1.1.1.1
DHCP Option 82................................... Disabled
Virtual DNS Host Name............................ Disabled
AP Manager....................................... No
Guest Interface.................................. No
Press Enter to continue or to abort
WLAN Configuration
WLAN Identifier.................................. 1
Profile Name..................................... corporate
Network Name (SSID).............................. corporate
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ london-vlan10
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
--More or (q)uit current module or to abort
WLAN Configuration
WLAN Identifier.................................. 2
Profile Name..................................... Guest
Network Name (SSID).............................. GUEST
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Disabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ Guest-network
WLAN ACL......................................... unconfigured
DHCP Server...................................... 10.44.64.22
DHCP Address Assignment Required................. Enabled
--More or (q)uit current module or to abort
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Disabled
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
--More or (q)uit current module or to abort
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Enabled
ACL............................................. Unconfigured
Web Authentication server precedence:
1............................................... local
2............................................... radius
3............................................... ldap
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
--More or (q)uit current module or to abort
Mobility Anchor List
WLAN ID IP Address Status
Press Enter to continue or to abort
Press Enter to continue or to abort
ACL Configuration
Press Enter to continue or to abort
CPU ACL Configuration
CPU Acl Name................................ NOT CONFIGURED
Wireless Traffic............................ Disabled
Wired Traffic............................... Disabled
Press Enter to continue or to abort
RADIUS Configuration
Vendor Id Backward Compatibility................. Disabled
Call Station Id Case............................. lower
Call Station Id Type............................. IP Address
Aggressive Failover.............................. Enabled
Keywrap.......................................... Disabled
Fallback Test:
Test Mode.................................... Off
Probe User Name.............................. cisco-probe
Interval (in seconds)........................ 300
MAC Delimite -
ACS 5.1 login snmp tracking
Hello sirs,
Could you please answer a little question.
Is it possible to track failed login attempts to ACS instances (both on CLI and web GUI) by snmp?
Unfortunately i haven't found such option in
Monitoring and Reports >
Alarms >
Thresholds >I've figured out how to monitor failed attempts via syslog. However there is another trouble. We've many servers in a distributed deployment. Syslog set to global on all servers through our primary server (syslog writes to the syslog server and log collector). Log collector placed on the secondary server. Syslog server receives log messages about administrator logins to the primary server, but it hasn't received any messages from another servers in deployment. I've changed settings on the primary server and it seem's that on secondary servers this setting was changed automatically (according to GUI). What can be source of problem? All related ports on fw's are open.
And there is another issue. Is that possible to monitor CLI login attempts through syslog?
I've found only this messages in catalog:
10006 INFO Administrator Authentication and Authorization AAC Administrator authentication failed
33103 INFO Internal Operations Diagnostics CLI User login to ACS configuration mode failed
51000 NOTICE Administrative and Operational Audit Administrator-Login Administrator authentication failed
Sorry for my poor English. -
Possible to modify default module settings for large deployments?
Is it possible to modify the default threshold and action settings for select modules, so that everything is good to go as soon as I add the node into SMC?
I am trying to find a way to easily standardize the monitoring and notification settings across the environment.Hi mcomdsm,
I think the easiest way to standardize your thresholds and actions settings would be to use the Manage Jobs feature, which allows you to create tasks like loading/unloading modules, adding rows to specific modules, setting up alarm thresholds and actions and apply it to a user-defined group of objects. This way, if you add a new node to Sun MC, you can run the same task already saved in managed jobs against the new node.
There is a nice example on how to use Manage Jobs here: [http://forums.halcyoninc.com/showthread.php?t=97&highlight=threshold]
Pegah Garousi
Halcyon Monitoring Solutions -
Autoamtically email reports from ACS5?
Hi All,
Is there a way I can get the ACS (5.3) to email some of it's reports on a schedule?
I'm hoping to send automated summaries of failed logins to the service desk each Monday morning. I just don't see any way of doing it!
MWell, you can create a threshold alarm for failed attemps and so you can get e-mails about failed attempts:
From ACS view -> Alarms -> Thresholds. create a new threshold. fromn "Category" choose "Failed Authentications".
When the failed attemtps exceeds the threshold you creates you'll receive a notification e-mail.
But this is still does not seem what you want about a report with all failed attemtps to be sent.
Maybe you are looking for
-
Just wanted to know from you if you have aby idea about this or if you can make suggestions on this. This is relating to the Bank Acceptance Draft (B.A.D.) in China, For example, company receive the BAD from our customer on 2008-3-31, but the BAD due
-
10.6.8 update sends mini mac into panic screen what now?
After update mini mac is now a brick Unable to safe boot or use any key commands So is it time to reinstall software?
-
Trouble Setting Mac Up To Windows Network Printer
I have an HP printer set up to an HP desktop PC, and also have my wireless router set up to that computer. The printer says it is ready to share on the PC, but I can't seem to find it on my Mac. I found it before, but it wouldn't print out anything b
-
HT4623 I cannot connect to my wifi after updating to iOS 6
I updated my iPhone 4s to iOS 6. I cannot connect to my wifi after updating to iOS 6. I updated while connected to iTunes. I can no longer connect to the wifi that I had previously used at that location. However, I can connect to all of the other
-
Older purchased songs wont upgrade
Ok awhile back I finally got a mac. When I got it I had already been using iTunes for awhile on my windows laptop and had a pretty good starter library building up(about 300 songs purchased from iTunes) so I moved my music over to the mac and deautho