Blocked Stack Ports on 2960X-48FPD-L Stack (Unstable Switch Stack!) Spanning Tree?

Similar Messages

• Do I configure spanning-tree port type ed trunk on LACP port-channels

  Hello,
  Can't seem to see a clear answer and wondering if something could offer some advice please?
  We are using LACP aggregation across all our 10 gig attached servers and also trunking them.  We're running a VPC pair of 5596 Nexus.
  For a standard trunk port I always add the spanning-tree port type edge trunk to the interface config.
  However I think I should be adding this to the overiding port-channel config.  At present a colleague has configured the VPC below omitting the spanning-tree port type config.
  interface port-channel100
    description a-server
    switchport mode trunk
    switchport trunk allowed vlan 100
    vpc 100
  The port member configs are these which do contain the spanning tree port type:
  interface Ethernet1/1
    description a-server(1)
    switchport mode trunk
    switchport trunk allowed vlan 100
    spanning-tree port type edge trunk
    channel-group 100 mode active
  I always try to keep the overiding port channel config the same as its members and obviously for most config, you can't have disparate configs anyway.
  However for the spanning tree config the NexOS allows you to have the members with spanning tree port types and not have to reflect that in the port-channel.
  However I have this issue with STP:
  Switch1# show spanning-tree interface po100
  Vlan             Role Sts Cost      Prio.Nbr Type
  VLAN0100         Desg BKN*200       128.4996 (vPC) Network P2p *BA_Inc
  Is this due to the inconsistency with my port channel to member configs?
  Any advice would be gratefully accepted.
  Thanks!

  Hi Paul, there are some parameters you can define on individual ports and there are some of them that will be inherited from the port-channel configuration no matter what has been configured under the infidividual ports. Spanning-tree configuration is one of the inherited ones. As soon as the port joins into a port-channel, it will start to use spanning-tree settings under the port-channel. When it leaves the channel, then it can continue to use the individual configuration.
  There is a nice summary here under NX-OS Interface Conf Guide > Port-Channel Conf:
  http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/interfaces/configuration/guide/if_portchannel.html#wp1798338
  Evren

• 2960X 15.0(2)EX5 Stack Bug? Master Switch Ports link in Orange, no spanning Tree

  Is anyone aware of a bug in version 15.0(2)EX5 for 2960X Switches that would cause a switch in the master role to stop linking in new ports in green (and passing traffic).  I have 2 2960X-48FPD-L Switches in a stack and whichever switch I designate master will only link new connections in orange and not pass traffic.  All ports linked in show up/up and can be seen in a show cdp neighbor but won't pass any other traffic. 
  If I unplug the Stacking cables both switches become masters and ports linked in green on the previous member switch stay green, but after it switches to master any new connections plugged in only link in orange. 
  If I switch priorities and reboot the problem switches to the new master switch and the problem goes away on the member switch.
  Also, a switch in the master role does not show any spanning tree instances for ports in the orange link state. 
  Has anyone seen this issue and do you know of a solution? 
  Jim

  A quick update for those with this same problem.
  1.  15.2(3)E turned out to be very unstable causing my switch stack to randomly lockup/reboot one of the switches about once a week.
  2.  I downgraded back to 15.0(2)EX5 but found a workaround.  It turns out the switch stack with the 15.0 versions does not like the switchport voice vlan command on any of the interfaces on the master switch.  I simply removed the voice vlan configuration on the interfaces and all the switch ports linked in just fine.  I would prefer to run the phones on a voice vlan, but it still works without, just the PC's and phones are on the same vlan. 
  Jim

• 2960X-48FPD-L shared 10Gig/1Gig ports dropped connections

  I have a Catalyst 6513 at the core.  We cut-over four IDF's last evening.  The typical IDF follows the following model: A 2960X-48FPD-L at the top of stack with one to four 2960X-48FPS-L in each stack.  We are using interface GigabitEthernet 1/0/49 & 1/0/50 (Port-channel) to connect to the 6513 over MMF.  All IDF's were up last night night.  This morning, two IDF's dropped their connections.  We were unable to bring the connections up until we moved the Port-channel to 1Gig interfaces one of the 2960X-48FPS-L switches in the stack.  I am wondering if there are any known issues with the 1Gig/10Gig shared ports on the 2960X-48FPD-L switches?
  Thank you,
  Mike

  Hi Mike, 
  Can you check the logs of either end of the switches.  The logs will show you why the link(s) went down.  
  Could you also post the output to the command "sh interface <BLAH>" of either side?  

• (28) 2" Blocks stacked equals 60" ???

  Maybe I am tired and missing something terribly simple, but I can't seem to make this work! I have a label that I need to design a template for and to do so I need (30) 2" blocks stacked on each other. I have a 60" high art board laid out and when I blend the two 5"x2" blocks or use the rectangular grid tool the numbers seem to not work out. I am not using any stroke and assume that without a stroke the width and height are true. Even if my answer is stupid please help.
  Thanks!
  TSM777
  p.s. file example attached

  I'm confused. If you use the rect grid you should enter the following amounts and it should come out correct:
  And since you are setting up a template it would be wise to change those to guides once done and save as a template file. I see no reason that the stroke would matter, if you view in outline mode and align with you artboard (which should be set to the actual overall size) then it is true and accurate.
  I suspect that the blending mode isn't counting the first and last step, if you physically count the 'boxes' there are 30 there.

• Cisco Catalyst 2960X-48FPD-L Whit SFP+ 10GB

  Hello!!
  Can i use 10Gb Link between a Cisco Catalyst 6500 whit a Cisco Catalyst 6900 Series 8-Port 10 Gigabit Ethernet Fiber Module (WS-X6908-10G-2T) card and 10GBASE-SR X2 Fiber port, and . And in the other side use a Cisco Catalyst 2960X-48FPD-L (have two SFP+ bays) whit SFP-10G-SR=  (multimode fiber)
  this solutions works???
  another question:
  WS-X6908-10G-2T card   comes equipped with DFC4. What mean that? requiere another slot in a 6500 chassis??
  thanks

  Hi,
  Q1:- yes it should work.
  http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/data_sheet_c78-648212.html
  2)
  WS-X6908-10G-2T card   comes equipped with DFC4. What mean that? requiere another slot in a 6500 chassis??
  Answer: No DFC4 is the sub-module which would sit on the line card WS-X6908-10G-2T. It doesnt require any spare slot.
  WS-X6908-10G-2T: comes equipped with DFC4 for distributed forwarding, supporting 256K forwarding entries, increased ACL entries to 64K, increased Netflow entries to 512K, and increased IPv4 forwarding speed to 60 Mpps
  HTH

• Challenge: Spanning Tree Control Between 2 links from Switch DELL M6220 to 2 links towards 2 switches CISCO 3750 connected with an stack (behavior like one switch for redundancy)

  Hello,
  I have an Spanning tree problem when i conect  2 links from Switch DELL M6220 (there are blades to virtual machines too) to 2 links towards 2 switches CISCO 3750 connected with an stack (behavior  like one switch  for redundancy, with one IP of management)
  In dell virtual machine is Spanning tree rapid stp, and in 3750 is Spanning tree mode pvst, cisco says that this is not important, only is longer time to create the tree.
   I dont know but do you like this solutions i want to try on sunday?:
   Could Spanning tree needs to work to send one native vlan to negociate the bdpus? switchport trunk native vlan 250
  Is it better to put spanning-tree guard root in both 3750 in the ports to mitigate DELL to be root in Spanning Tree?
  Is it better to put spanning- tree port-priority in the ports of Swicht Dell?
  ¿could you help me to control the root? ¿Do you think its better another solution? thanks!
   CONFIG WITH PROBLEM
  ======================
  3750: (the 2 ports are of 2 switches 3750s conected with a stack cable, in a show run you can see this)
  interface GigabitEthernet2/0/28
   description VIRTUAL SNMP2
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 4,13,88,250
   switchport mode trunk
   switchport nonegotiate
   logging event trunk-status
   shutdown
  interface GigabitEthernet1/0/43
   description VIRTUAL SNMP1
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 4,13,88,250
   switchport mode trunk
   switchport nonegotiate
   shutdown
  DELL M6220: (its only one swith)
  interface Gi3/0/19
  switchport mode trunk
  switchport trunk allowed vlan 4,13,88,250
  exit
  interface Gi4/0/19
  switchport mode trunk
  switchport trunk allowed vlan 4,13,88,250
  exit

  F.Y.I for catylyst heroes - here is the equivalent config for SG-300 - Vlan1 is required on the allowed list on the catylyst side (3xxx/4xxx/6xxx)
  In this example:
  VLANS - Voice on 188, data on 57, management on 56.
  conf t
  hostname XXX-VOICE-SWXX
  no passwords complexity enable
  username xxxx priv 15 password XXXXX
  enable password xxxxxx
  ip ssh server
  ip telnet server
  crypto key generate rsa
  macro auto disabled
  voice vlan state auto-enabled !(otherwise one switch controls your voice vlan….)
  vlan 56,57,188
  voice vlan id 188
  int vlan 56
  ip address 10.230.56.12 255.255.255.0
  int vlan1
  no ip add dhcp
  ip default-gateway 10.230.56.1
  interface range GE1 - 2
  switchport mode trunk
  channel-group 1 mode auto
  int range fa1 - 24
  switchport mode trunk
  switchport trunk allowed vlan add 188
  switchport trunk native vlan 57
  qos advanced
  qos advanced ports-trusted
  exit
  int Po1
  switchport trunk allowed vlan add 56,57,188
  switchport trunk native vlan 1
  do sh interfaces switchport po1
  !CATYLYST SIDE
  !Must Explicitly allow VLan1, this is not normal for catalysts - or spanning tree will not work ! Even though it’s the native vlan on both sides.
  interface Port-channel1
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 1,56,57,189
  switchport mode trunk

• Sg-300 - 3750 stack with SPANNING-TREE root problem.

  Morning. I think ive configured a few hundred switches, maybe a thousand in my time, but never have a faced such horribleness that is the SG-300. After this week, I think ill refuse to touch them.
  Got 2 voice vlans and running a few vrf's on a 3750 stack. but this discussion is about layer 2.
  2 x 3750 stacked
  1 x voice switch sg-300 company A voice vlan 18 - Po1 up to 3750 distributed etherchannel Po1 (LACP active both sides) 2 ports in channel
  1 x voice switch sg-300 company B voice vlan 19 - Po1 up to 3750 distributed etherchannel Po2 (LACP active both sides) 2 ports in channel
  Allowed vlans on both sides (command on Port-channel) are data A, Voice A, Mgt A to switch A
  Allowed vlans on both sides (command on Port-channel) are data B, Voice B, Mgt B to switch B
  It seems that these switches are limited to one voice vlan....
  and that spanning tree BPDU's are ignored (or not recevied- havnt released the shark yet).  let me explain.
  originally when using "smart port" the switch with the lowest mac address, whatever Voice vlan was configured would take over the other switche's voice vlan, argh what a nightmare.
  I gave up on the GUI as its far to complcated and have Almost got this working.
  I am now using auto voice vlan, but have disabled smart macro. I hope that disabling smart macro stop other switches from learning the switch with the lowest mac address's voice vlan.  So far so good - in the LAB. No where was it documented in the cli guide how do disable this stupid feature.
  DHCP is working from scope on core, can mange the switches etc etc, access vlan voice vlan all good (after a monster battle).
  Now I have an issue with spanning tree.
  spanning tree priority for vlans 1-4094 on the 3750 is 4096.
  spanning tree priority for vlans 1-4094 on the SG-300's is 6xxxx.
  ALL switches think that they are the root. (well the "logical" 3 of them) The 3750's for all vlans, and the SG-300 for the one instance as it doesnt support per vlan.  (I am not interested in trying MST here..this is not a datacentre)
  On the 3750's Ive tried ieee, pvst, rpvst, while matching the non per-vlan equivalent on the SG series.
  What is the difference between a General port and Trunk Port on a SG-300 specific to spanning tree, native vlans (when you can just configure an untagged vlan anyway!!) and what is the relevance to the way the bpdu's are carried?
  And why the need for a PVID, when you can tell a port what is tagged and what isnt.
  Does the trunk need Vlan1 to be explicitly allowed, and untagged? Does the Po trunk need to be a general port with PVID configured? in vlan 1?
  I need to sort this, as cannot put an access switch into production that thinks it is the root of the tree.  I wish I had a 2960.... a 3500XL..anything
  Does anyone have CLI commands that can help here?

  F.Y.I for catylyst heroes - here is the equivalent config for SG-300 - Vlan1 is required on the allowed list on the catylyst side (3xxx/4xxx/6xxx)
  In this example:
  VLANS - Voice on 188, data on 57, management on 56.
  conf t
  hostname XXX-VOICE-SWXX
  no passwords complexity enable
  username xxxx priv 15 password XXXXX
  enable password xxxxxx
  ip ssh server
  ip telnet server
  crypto key generate rsa
  macro auto disabled
  voice vlan state auto-enabled !(otherwise one switch controls your voice vlan….)
  vlan 56,57,188
  voice vlan id 188
  int vlan 56
  ip address 10.230.56.12 255.255.255.0
  int vlan1
  no ip add dhcp
  ip default-gateway 10.230.56.1
  interface range GE1 - 2
  switchport mode trunk
  channel-group 1 mode auto
  int range fa1 - 24
  switchport mode trunk
  switchport trunk allowed vlan add 188
  switchport trunk native vlan 57
  qos advanced
  qos advanced ports-trusted
  exit
  int Po1
  switchport trunk allowed vlan add 56,57,188
  switchport trunk native vlan 1
  do sh interfaces switchport po1
  !CATYLYST SIDE
  !Must Explicitly allow VLan1, this is not normal for catalysts - or spanning tree will not work ! Even though it’s the native vlan on both sides.
  interface Port-channel1
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 1,56,57,189
  switchport mode trunk

• [Solved] SSH not working (ISP blocks my port 22)

  OK full story:
  I want to be able to connect to my home arch linux box from school. The setup there are winxp machines whit putty on my usb or the pc itself. I know that my school is not blocking any ports as my friend can connect to his linux box at home. (also ssh)
  These are things i did and can think of i need to to do get ssh working:
  Before everything else i started to configure my Linsys router.
  My ISP gives me an Dynamic IP so i need to use the dyndns.org service. I made an account and configured my linsys router DDNS tab to work with the account. I got into the port forward tab an putted in ssh port forwarding (on port 22 TCP for my ip 192.168.1.102 => did ifconfig to be sure). Port forwarding for port 9091 is also on for my transmission webgui i'm saying this here because this works when i'm at school.
  1. Installed openssh
  # pacman -S openssh
  All installed fine.
  2. I've put the sshd into the daemon part of my rc.conf file.
  DAEMONS=(syslog-ng network netfs crond @alsa @g15daemon @samba @sshd dbus hal)
  3. Hosts.allow file =
  # /etc/hosts.allow
  SSHD: ALL
  # End of file
  4. Hosts.deny =
  # /etc/hosts.deny
  ALL: ALL: DENY
  # End of file
  5. sshd_config file =
  # This is the sshd server system-wide configuration file. See
  # sshd_config(5) for more information.
  # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
  # The strategy used for options in the default sshd_config shipped with
  # OpenSSH is to specify options with their default value where
  # possible, but leave them commented. Uncommented options change a
  # default value.
  #Port 22
  #AddressFamily any
  ListenAddress 0.0.0.0
  #ListenAddress ::
  # Disable legacy (protocol version 1) support in the server for new
  # installations. In future the default will change to require explicit
  # activation of protocol 1
  Protocol 2
  # HostKey for protocol version 1
  #HostKey /etc/ssh/ssh_host_key
  # HostKeys for protocol version 2
  #HostKey /etc/ssh/ssh_host_rsa_key
  #HostKey /etc/ssh/ssh_host_dsa_key
  # Lifetime and size of ephemeral version 1 server key
  #KeyRegenerationInterval 1h
  #ServerKeyBits 1024
  # Logging
  # obsoletes QuietMode and FascistLogging
  #SyslogFacility AUTH
  #LogLevel INFO
  # Authentication:
  LoginGraceTime 120
  PermitRootLogin yes
  #StrictModes yes
  #MaxAuthTries 6
  #MaxSessions 10
  #RSAAuthentication yes
  #PubkeyAuthentication yes
  #AuthorizedKeysFile .ssh/authorized_keys
  # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  #RhostsRSAAuthentication no
  # similar for protocol version 2
  #HostbasedAuthentication no
  # Change to yes if you don't trust ~/.ssh/known_hosts for
  # RhostsRSAAuthentication and HostbasedAuthentication
  #IgnoreUserKnownHosts no
  # Don't read the user's ~/.rhosts and ~/.shosts files
  #IgnoreRhosts yes
  # To disable tunneled clear text passwords, change to no here!
  #PasswordAuthentication yes
  #PermitEmptyPasswords no
  # Change to no to disable s/key passwords
  ChallengeResponseAuthentication no
  # Kerberos options
  #KerberosAuthentication no
  #KerberosOrLocalPasswd yes
  #KerberosTicketCleanup yes
  #KerberosGetAFSToken no
  # GSSAPI options
  #GSSAPIAuthentication no
  #GSSAPICleanupCredentials yes
  # Set this to 'yes' to enable PAM authentication, account processing,
  # and session processing. If this is enabled, PAM authentication will
  # be allowed through the ChallengeResponseAuthentication and
  # PasswordAuthentication. Depending on your PAM configuration,
  # PAM authentication via ChallengeResponseAuthentication may bypass
  # the setting of "PermitRootLogin without-password".
  # If you just want the PAM account and session checks to run without
  # PAM authentication, then enable this but set PasswordAuthentication
  # and ChallengeResponseAuthentication to 'no'.
  UsePAM yes
  #AllowAgentForwarding yes
  #AllowTcpForwarding yes
  #GatewayPorts no
  #X11Forwarding no
  #X11DisplayOffset 10
  #X11UseLocalhost yes
  #PrintMotd yes
  #PrintLastLog yes
  #TCPKeepAlive yes
  #UseLogin no
  #UsePrivilegeSeparation yes
  #PermitUserEnvironment no
  #Compression delayed
  #ClientAliveInterval 0
  #ClientAliveCountMax 3
  #UseDNS yes
  #PidFile /var/run/sshd.pid
  #MaxStartups 10
  #PermitTunnel no
  #ChrootDirectory none
  # no default banner path
  Banner /etc/issue
  # override default of no subsystems
  Subsystem sftp /usr/lib/ssh/sftp-server
  # Example of overriding settings on a per-user basis
  #Match User anoncvs
  # X11Forwarding no
  # AllowTcpForwarding no
  # ForceCommand cvs server
  6. ssh_config file=
  # $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $
  # This is the ssh client system-wide configuration file. See
  # ssh_config(5) for more information. This file provides defaults for
  # users, and the values can be changed in per-user configuration files
  # or on the command line.
  # Configuration data is parsed as follows:
  # 1. command line options
  # 2. user-specific file
  # 3. system-wide file
  # Any configuration value is only changed the first time it is set.
  # Thus, host-specific definitions should be at the beginning of the
  # configuration file, and defaults at the end.
  # Site-wide defaults for some commonly used options. For a comprehensive
  # list of available options, their meanings and defaults, please see the
  # ssh_config(5) man page.
  Host *
  # ForwardAgent no
  # ForwardX11 no
  # RhostsRSAAuthentication no
  # RSAAuthentication yes
  # PasswordAuthentication yes
  # HostbasedAuthentication no
  # GSSAPIAuthentication no
  # GSSAPIDelegateCredentials no
  # BatchMode no
  # CheckHostIP yes
  # AddressFamily any
  # ConnectTimeout 0
  # StrictHostKeyChecking ask
  # IdentityFile ~/.ssh/identity
  # IdentityFile ~/.ssh/id_rsa
  # IdentityFile ~/.ssh/id_dsa
  # Port 22
  # Protocol 2
  # Cipher 3des
  # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
  # MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
  # EscapeChar ~
  # Tunnel no
  # TunnelDevice any:any
  # PermitLocalCommand no
  # VisualHostKey no
  HashKnownHosts yes
  StrictHostKeyChecking ask
  7. Im sure SSH is running i even did => /etc/rc.d/sshd restart
  8. I have never installed any firewall on my arch box (that i know off). I can connect to it using my other linux laptop
  ssh -p 22 192.168.1.102 => works
  ssh -p 22 xxxxxx.dyndns.org => works (xxx replaced by my dyndns.org domain)
  ssh -p 22 9x.xxx.xxx.xx5 => works (xxx is my normal WAN ip offcourse)
  Keep in mind that transsmission port forwarding is working fine. I can connect from everywhere to my webgui wich is on port 9091. Anyone can help me get whats wrong?
  Last edited by Redostrike (2010-02-25 17:06:14)

  Wild guess but:
  # /etc/hosts.allow
  SSHD: ALL
  # End of file
  I don't know if this is case-sensitive, but if it is: it should be "sshd".
  If it doesn't work, doesnt hurt to try.

• Command to block a port in Vlan

  I have 3 switches interconnecting to each other. A PC in switch A wishes to ping to PC on Switch C. There are 2 paths leading to it, what command can i use to block one of the port so that there is only one path?
  Is it setting one of the switch as root? Or is it something to do with portfast?
  Note:Pulling out the physical link is not an option.

  Hi,
  By default, you have Spanning tree enabled on the switches and it should automatically block the redundent port. Use the command " show spanning-tree brief " command to check it is enable on the switch.
  Based on the lowest bridge ID( Lowest MAC + Priority ) the switches will automatically calculate the root and once agreed upon that the root switch blocks the redundent path based on some calculation. If you want you can force a particular switch to be root switch by lowering dwon the priority which is by default 32768 for the switches. You can use command " spanning-tree priority in the config mode.
  Portfast puts the port into forwarding state directly from blocking and thus skipping the intermediate states. It is generally used on host ports. Never enable portfast on the ports connecting to switches as it might results in a loop.
  HTH,
  -amit singh

• Is there any way to block USB ports through SCCM console

  How to Block the client machine USB ports using SCCM 2012 R2 console
  we know that so many 3rd party tools are able to block the USB ports for client machines, how cant we add an additional option for SCCM 2012 for Block USB ports for client PC's, to make our network secure
  thanks & Regards,
  Teja

  That's not possible by default, but you can create your own custom script and add it as a right-click action to a device.
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• I want to block incoming ports WRT54G!

  Hi!, I want to block some ports for aplications from incoming data , im enabling the router "Wrt54g" firewall and disable Upnp. Ok im going to grc.com "Shieldsup test" are stealch! All apps ( nod32, firefox, messenger msn) can open ports! Why the applications turn on the ports? , Do they appear "stealch" but not closed? From outgoing ports im using comodo firewall on vista. Thanks! and sorry my english!

  on the router's web ui , click on the "access restrictions" tab and block the ports you want ...

• Bridged Wireless Blocks TCP Port 9100?

  On one of my networked computers, HP "Solutions Center" driver says HP 6310xi networked printer is connected, shows detail status & will print the HP diagnostic report direct to printer. Windows 7 shows printer on network map, & gives detailed status & setup info from printer internal data via IE through printer's IP address page (192.168.1.100); i.e. I can ping it. However, Win 7 printer control panel shows printer as "offline" on printers list & just ques up print requests. Troubleshooting gives error message "turn power on printer". Other networked PCs print OK. Bad computer is on a separate subnet of my home network, with a LinkSys wireless bridge WET610n connection, & printer is on another wireless LinkSys WET610n subnet. My network is totally LinkSys N, with a WRT 610n as main hub. All other network functions work for all other devices on the network, including DirecTV DVR receivers & Wii console!! I have moved the printer to the other subnet, & the problem is now mirrored by the computer on the remote subnet. It is not a firewall problem, but appears that the variables are the 2 wireless bridges that seem to conspire to block TCP port 9100 when in series. A single WET610n between the printer & a computer allows printing, proven by my roaming wireless laptop having access through the WET610n via the central wireless router. Very stange!! CTH

  If I understand correctly, you have a Linksys WRT610N as your main wireless-router with two satellite Linksys WET610N configured as Ethernet bridges -- right?
  You also have this setup:
  Win7 PC -> WET610N -> WRT610N -> WET610N -> Officejet 6310
  If I got this right, then the issue is probably the transit delay between the Win7 PC and the Officejet confusing HP's Solution Center.
  I think you have two options:
  1) Connect the Win7 PC directly to the WRT610N or connect the Officejet 6310 directly to the WRT610
  2) Manually install the printer.
  Let's try a manual installation:
  1. Click >> Start >> Control panel >> Printers.
  3. Click the Add a printer
  3. Select Local printer
  4. Select Create a new port and select Standard TCP/IP Port and click Next button.
  5. Under Device type, select TCP/IP Device. Under Hostname or IP address, enter the printer's host name (found on the printer's network configuration report the generated above). Click Next.
  If you get a message about Additional Port Information Required, then the printer was not found using the host name. You can go back and retry or using the printer's IP address instead of the host name.
  6. Select Hewlett-Packard from the list of manufacturers and select and select your printer model. Click Next.
  If your printer model was not listed, then select Have Disk, browse the HP CD that came with your printer and select the first file that starts with hp and ends with inf. Click Open then OK. Select your printer model. Click Next.
  7. If you are asked, use the currently installed driver.
  8. It will ask for the Printer name -- enter a new name or use the existing one. This will be the name of the printer that you select from other applications.
  9. You may be asked to share the printer. Make a choice and click Next.
  10. The Print Test Page box appears. Go ahead and print it.
  11. Click Finish.
  That should be it.
  Regards / Jim B / Wireless Enthusiasts
  ( While I'm an embedded wireless systems engineer at work, on this forum I do not represent my former employer, Hewlett-Packard, or my current employer, Microsoft )
  + Click the White Kudos star on the left as a way to say "thank you" for helpful posts.

• Blocking outgoing ports on airport extreme

  I have a current generation (mid-2014) Airport Extreme as the wireless router for a network at a small guest house/holiday home. Our broadband internet service is provided by satellite and we have therefore a usage limit as well as a restrictive FUP/Traffic management policy.
  What I'd like to be able to do is block certain ports/ip addresses from outgoing traffic. That is, I want people not to be able to use the network for really intensive stuff, things like streaming video (e.g. hulu plus, BBC iPlayer, netflix, that kind of thing), background p2p, and torrents, as it'll eat up all our broadband usage and bring our overall speed to a crawl. I see that there Airport Extreme doesn't have that kind of ability built-in to the software like some other routers do, but am I right in surmising that there might be an option of configuring it so that outgoing traffic to certain IPs be port-forwarded to a non-existent device on the network (for example)?
  If so, can someone just help me with that process. Or if there's another process that I can use to block certain kinds of traffic.
  Many thanks!

  It is simply not possible.. the AE is the wrong device in this setup.
  I would strongly recommend a cheap router with 3rd party firmware.. eg... TP-Link WDR3600 with gargoyle firmware.. just google for the info as I have had it deleted by mods here in the past.
  It will allow you to set daily quotas on usage. You can let people do whatever they like.. but they can only use a set amount per day or week or whatever time period you set. This firmware is unique in providing this ability in a domestic router.. for free.

• Block All Ports for a Host

  We are using BM 3.9 (no SP1 yet).
  I'm trying to block a Windows Media Player stream. If I put the URL that WMP uses into a deny rule, the BM log shows the html page is forbidden, yet the media still comes through.
  So I tried blocking all ports on the host. I put in a Deny rule that blocks All TCP&UDP on both the IP address and the host name. Yet, when I type the URL into WMP, I still get the stream. How do I block this with BM?
  Incidentally, after All ports didn't work, I tried specifying ports 0-65535. But I got an error that that was an invalid range. It did let me use 1-65535, though.

  David,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://support.novell.com/forums/faq_general.html
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/