Centrally Switched and Flex Local Switched WLAN - same SSID

Similar Messages

• HSRP between 2 access switches and 2 core switches

  Hi I am looking for running HSRP between 2 access switches and 2 core switches for client PC and Server network’s next-hop redundancy as per attached setup.
  As you can see I have used one /29 network for connecting CORE & ACCESS switches & configure Interface VLAN10 (Layer 3 SVI) with shown IPs and standby IP (VIP).G0/1 on Access Switches & G2/1 on Core Switches are access ports for VLAN10.
  There is a L2 Trunk interconnecting Core-Main/Backup & as well as Access-Main/Backup Switches allowing VLAN10 to allow VLAN10’s HSRP packets to pass through (apart from other HSRP instances).
  Below are the HRSP & Trunk configuration on Core and Access Switches please have a look and suggest if they are correct in term of HSRP implementation, as I can see on both side HSRP master & standby status are fine as desired, but I can’t ping VIP of ACCESS Switch from CORE switch, but the VIP of CORE switch I can ping from ACCESS switch.
  Access-Main
  interface GigabitEthernet0/1
   description ***Connected to CR-SW-01 PORT G2/1***
   switchport access vlan 10
   switchport mode access
   load-interval 30
  interface GigabitEthernet0/2
   description ***Connected to AC-SW-01 & AC-SW-02 for HRSP***
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 10,40
   switchport mode trunk
   load-interval 30
  interface Vlan10
   description ***Connected to CR-SW-01 PORT G2/1***
   ip address 10.10.11.1 255.255.255.248
   standby 1 ip 10.10.11.2
   standby 1 timers msec 200 msec 750
   standby 1 preempt delay minimum 180
   standby 1 authentication accvlan10
  Access-Backup
  interface GigabitEthernet0/1
   description ***Connected to CR-SW-02 PORT G2/1***
   switchport access vlan 10
   switchport mode access
   load-interval 30
  interface GigabitEthernet0/2
   description ***Connected to AC-SW-01 & AC-SW-02 for HRSP***
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 10,40
   switchport mode trunk
   load-interval 30
  interface Vlan10
   description ***Connected to CR-SW-02 PORT G2/1***
   ip address 10.10.11.3 255.255.255.248
   standby 1 ip 10.10.11.2
   standby 1 priority 10
   standby 1 timers msec 200 msec 750
   standby 1 preempt delay minimum 180
   standby 1 authentication accvlan10
  Core-Main
  interface GigabitEthernet2/1
   description ***Connected to AC-SW-01 PORT G0/1***
   switchport access vlan 10
   switchport mode access
   load-interval 30
  interface GigabitEthernet2/2
   description ***Connected to CR-SW-01 & CR-SW-02 for HRSP***
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 10,20
   switchport mode trunk
   load-interval 30
  interface Vlan10
   description ***Connected to AC-SW-01 PORT G0/1***
   ip address 10.10.11.4 255.255.255.248
   standby 1 ip 10.10.11.5
   standby 1 timers msec 200 msec 750
   standby 1 preempt delay minimum 180
   standby 1 authentication crvlan10
  Core-Backup
  interface GigabitEthernet2/1
   description ***Connected to AC-SW-02 PORT G0/1***
   switchport access vlan 10
   switchport mode access
   load-interval 30
  interface GigabitEthernet2/2
   description ***Connected to CR-SW-01 & CR-SW-02 for HRSP***
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 10,20
   switchport mode trunk
   load-interval 30
  interface Vlan10
   description ***Connected to AC-SW-02 PORT G0/1***
   ip address 10.10.11.6 255.255.255.248
   standby 1 ip 10.10.11.5
   standby 1 priority 10
   standby 1 timers msec 200 msec 750
   standby 1 preempt delay minimum 180
   standby 1 authentication crvlan10

  Hi Rick thanks once again, so I am assuming I should use to configure as below and still one /29 subnet I can use to connect these Switches with the above static routings.
  Access Switch-Main
  interface Vlan10
   description ***Connected to CR-SW-01 PORT G2/1***
   ip address 10.10.11.1 255.255.255.248
   standby 2 ip 10.10.11.2
   standby 2 timers msec 200 msec 750
   standby 2 preempt delay minimum 180
   standby 2 authentication accvlan10
  ip route 192.168.20.0 255.255.255.0 10.10.11.5
  Access Switch-Backup
  interface Vlan10
   description ***Connected to CR-SW-02 PORT G2/1***
   ip address 10.10.11.3 255.255.255.248
   standby 2 ip 10.10.11.2
   standby 2 priority 10
   standby 2 timers msec 200 msec 750
   standby 2 preempt delay minimum 180
   standby 2 authentication accvlan10
  ip route 192.168.20.0 255.255.255.0 10.10.11.5
  Core Switch -Main
  interface Vlan10
   description ***Connected to AC-SW-01 PORT G0/1***
   ip address 10.10.11.4 255.255.255.248
   standby 1 ip 10.10.11.5
   standby 1 timers msec 200 msec 750
   standby 1 preempt delay minimum 180
   standby 1 authentication crvlan10
  ip route 192.168.40.0 255.255.255.0 10.10.11.2
  Core Switch -Backup
  interface Vlan10
   description ***Connected to AC-SW-02 PORT G0/1***
   ip address 10.10.11.6 255.255.255.248
   standby 1 ip 10.10.11.5
   standby 1 priority 10
   standby 1 timers msec 200 msec 750
   standby 1 preempt delay minimum 180
   standby 1 authentication crvlan10
  ip route 192.168.40.0 255.255.255.0 10.10.11.2

• Differences between VMware virtual switches and HyperV virtual switches

  Hello,
  I've deployed an OpenVpn infrastructure (configured in bridging mode) within a VMmare ESX4 environment.
  The scenario is this:
  A remote client connects to the OpenVpn server (VM1), VM1 also owns an interface where traffic passes in tagged mode complaint to vlan 8021q, VM2 owns a interface on the vlan10. VM1 can ping VM2 without any problem (supposing vlan 10 traffic), but the remote
  client cannot ping VM2.
  The scenario works perfectly in a physical environment (without any virtual machine).
  The scenario is like this:
  Analizing traffic with Wireshark on the VM2 I've noticed that an ARP request leaves from the remote client MAC to the destination host interface of VM2 (broadcast ARP request).
  The host VM2 sends an ARP reply directly to the MAC address of the remote client.
  This last packet doesn't pass the vSwitch, so it isn't received by the remote client and the ping fails.
  This occurs because the VMware ESX vSwitch only knows all the MACs of virtual machines within the ESX environment, it doesn't learn MAC addresses like a physical real switch and it discards packets sent to unknown unicast MAC addresses (broadcast traffic instead
  is passed). Within the VMware infrastructure this is solvable only by using of the Promiscuos mode feature of the virtual switch port.
  I would like to ask if HyperV virtual switches work like VMware ESX virtual switches. So in Hyper-V virtual switches do learn mac addresses actually like a physical switch?

  This last packet doesn't pass the vSwitch, so it isn't received by the remote client and the ping fails. This occurs because the VMware ESX vSwitch only knows all the MACs of virtual machines within the ESX environment, it doesn't learn MAC addresses
  like a physical real switch and it discards packets sent to unknown unicast MAC addresses (broadcast traffic instead is passed). Within the VMware infrastructure this is solvable only by using of the Promiscuos mode feature of the virtual switch port.
  Thank you; I did the same in Wireshark and noticed the ARP reply was not being received by my VMware guest Hyper-V host, so I did an Internet search and found this document at the top of the list. For other people that came here because their VMware guest
  Hyper-V lab server's SCVMM 2012 SP1 logical switch virtual network adapter combination could not ping other VMware guests; In addition to "Accept" for your VMware vSwitch (described above), you will need to change your VM Network VLAN ID to "All".

• How to auto-switch Wi-Fi network for the same SSID?

  Hi. In my testing, iPad will auto-switch to antoher same SSID Wi-Fi network when the signal become weak. My question is : What is the condition of auto-swith for iPad?

  Question again！

• SCCM central site and primary site use the same SQL SERVER with two Instance.

  Hi  Guys,
  I want deploy SCCM 2012 central site and primary site in my domain. But Only one Sql server for me. Any one can tell me how to install the central site server and primary site server with the same SQL SERVER with two instance.
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
  Sean Xiao
  TechNet Community Support

  Although you can install like the configuration you said above, we do not recommend you do it this way. If your SQL box has  problems, all the data will go away and you will not have data redundancy.
  You need to configure the different SQL Port and SQL Broke service port e.g.
  SQL port 4023  SQL Broke Service port 4022 for CAS instance
  SQL port 4024  SQL Broke Service port 4021 for PRI instance
  Juke Chou
  TechNet Community Support
  I agree with Johan and this configuration should not be used. But I want to clarify that the default ports for "SQL port" (actually, SQL over TCP) is 1433 and the SQL Broker Service uses 4022. The configuration above should work but the "correct" would be
  to use 1433 and 4022 for the CAS and 10434 and 4023 for the Primary :)
  You can read more about Network Ports used by Configuration Manager here
  http://technet.microsoft.com/en-us/library/hh427328.aspx#BKMK_CommunicationPorts
  /Tim
  Tim Nilimaa | Blog: http://infoworks.tv | Twitter: @timnilimaa

• Nexus5k - LACP towards HP blades switch(and nortel blade switch)

  Hi
  First I have to say this is not the first time i'm working with these old switches and not the first time i've configured LACP on them.
  So I did the config on the blade switch , enabled LACP, the uplink ports as members and tagged.
  Created port-channel on the nexus side.
  when i try to bring up the ports on the Cisco Nexus 5k this is the errors I get. this is fot the HP blade:
  2013 Jun 11 14:44:03 dist4 %ETH_PORT_CHANNEL-5-PORT_SUSPENDED: Ethernet171/1/7: Ethernet171/1/7 is suspended
  2013 Jun 11 14:44:03 dist4 %LACP-FEX171-3-LACP_MEM_PC_MISCFG: LACP misconfiguration detected on Ethernet171/1/7(0x1faa0180): (Member channel group id: 31-1, does not match PC group id: 31-1
  0)
  2013 Jun 11 14:44:04 dist4 %ETH_PORT_CHANNEL-5-PORT_SUSPENDED: Ethernet172/1/7: Ethernet172/1/7 is suspended
  2013 Jun 11 14:44:04 dist4 %LACP-FEX172-3-LACP_MEM_PC_MISCFG: LACP misconfiguration detected on Ethernet172/1/7(0x1fab0180): (Member channel group id: 31-1, does not match PC group id: 31-1
  0)
  I had one port-channel for a switch that came up with no problems. I compared the config but could not identify the issue.the config is very similar.
  has anyone encountered these errors or similar before? if yes, what am I missing? and also what does it mean when it says "
  Member channel group id: 31-1, does not match PC group id: 31-10) ?
  Thanks,
  Mary

  Marcel,
  Thank you for your reply.
  I tried again right now with the command you suggested but still no luck.
  we have so many more hp switches with the similar config that are working fine. I just can't figure out why these 3 switches are having issues.
  my current config on the member port is as below
  interface Ethernet171/1/36
    description WINBL1-NFS2:P2
    lacp rate fast
    switchport mode trunk
    switchport trunk allowed vlan 410,412
    spanning-tree bpdufilter enable
    flowcontrol send off
    channel-group 30 mode active
  2013 Jun 13 11:00:51 dist4 %ETH_PORT_CHANNEL-5-PORT_SUSPENDED: Ethernet171/1/36: Ethernet171/1/36 is suspended
  2013 Jun 13 11:00:51 dist4 %LACP-FEX171-3-LACP_MISCFG: LACP misconfiguration detected on Ethernet171/1/36(0x1faa08c0): (Member system mac does not match PC system mac)
  2013 Jun 13 11:00:52 dist4 %ETH_PORT_CHANNEL-5-PORT_SUSPENDED: Ethernet172/1/36: Ethernet172/1/36 is suspended
  2013 Jun 13 11:00:50 dist4 %LACP-FEX172-3-LACP_MISCFG: LACP misconfiguration detected on Ethernet172/1/36(0x1fab08c0): (Member system mac does not match PC system mac)
  Thanks,
  Mary

• Multicast and Flexconnect Local Switching

  Hi All,
  Hope you can help with this -
  I have the following:
  A 5508 in a remote datacentre and several sites with AP's running in flexconnect mode, connected to cisco switches.
  I have an ssid on which I want to run some push to talk "phones" which I believe use multicast.
  What do I need to do to enable multicast for this, I have read many documents but I'm a little confused !
  I need to enable multicast on the controller globally ?
  Enable igmp snooping ?
  Does multicast mode need to be multicast or unicast ?
  Do I need a multicast address in this case ?
  Do i need to configure the switches (2960) for any multicast configuration, there is none at present ?
  The phones that do PTT will only need to talk to other phones locally at each site, but each site will have some phones, does this make any difference to anything ?
  hope someone can help, thanks !

  The guidelines for Flexconnect and Multicast are as follows:
  1. Set the AP Multicate mode on the controller to Unicast (Multicast-Unicast Mode) : The wireless controller replicates the multicast packet and sends it to each Access Point in a Unicast CAPWAP Tunnel
  2. L3 routing isn't required on the wired network
  3. There will be high controller and wired network loading
  4. No multicast address is required in multicast-unicast mode
  5. No multicast configuration required on Layer 2 switches as CGMP is enabled  by default

• Problems with uVerse DVR connected to a network switch and 1x3 HDMI switch

  So that I can connect multiple devices (Apple TV & BluRay player), I've connected my uVerse DVR to a network switch with IP Quality of Service function.  Is it known whether or not this will cause problems?  I am having problems, but see next question for probable cause. I have also connected my HD TV to a 1x3 HDMI switch output, with inputs from the uVerse DVR, Apple TV, & BluRay player.  This clearly has caused problems because the DVR goes through the power on sequence almost everytime the TV is turned on, I have intermittent problems with the HDMI switch displaying video on the TV, and on several occassions, shows scheduled for recording haven't recorded at all or only partially recorded.

  I've been having problems with this for months especially with the GigaPower rollout and broke down and decided to resort to some network engineering tactics versus calling out AT&T Techs. The Techs are good at their job but they are only knowledgeable about the hardware aspect but are dumb founded on this one and it's not their job to know.  To the point of using a switch next to the DVR and this counts truly for all set top boxes via Ethernet they need to be physically seperated wires. Well, unless you want to pay someone to put an extra Ethernet drop next to each wired set-top box or DVR this isn't feasible so options are deal with it or spend $20 more dollars on a switch that supports 802.1q trunking which makes two 'virtual' independent ethernet cables over one line.  If you can do it great otherwise this takes a higher than average knowledge of basic networking.   A basic setup would be: + Get two switches - Netgear GS108T or GS108E I've found does the job well. + Enable 802.1q advanced VLANs+ Make two additional vlans 2 and 3 (1 is the native VLAN)+ Mark a port as tagged 'T' for the trunk port to the other switch for VLANS 1,2,3 (I used port 8)+ Assign VLAN 2 and mark as untagged for ports 2-7 - this is for data traffic+ Assign VLAN 3 and mark as untagged for port 8 only - this is for video multi-cast traffic+ ***DISABLE*** MULTI-CAST IGMP SNOPING otherwise IPTV won't work. On the back of the Uvserse router, take an Ethernet wire and plug into port 8 and take an Ethernet cable and plug into port 7.  This does not create a loop though sounds like it, we've created two unique layer 2 networks.  Now configure the second Netgear switch (or switch of your choosing...) the same exact way but plug your DVR into port '8' and all your data stuff XBox, whatever... into ports 2-7. Whalla, you've eliminating multi-cast flooding and DVR traffic is independent.  Ever since I started doing this I increased the speed throughput from 10 MB/s or to never working to a full reliable gigabit speed or respectibly whatever UVerse service you get.    

• App switcher and dock not switching spaces for application

  The app switcher occassionally stops switching spaces to bring up the application. When this happens clicking on the dock icon doesn't work to switch spaces either. A logout and log back in are needed for the functionality to return.

  Because my dock's already too full with apps that are even more frequently used. Using the app switcher became part of my workflow long ago, and I'm sorry to lose it.

• Understanding Flexconnect - Local vs Central Switching, and WLC failover scenario ??

  Hello Experts
  We have one WLC 5508 in Building1, few 2700 Series AP in Building1, and one 1252AG in Building2. The LAN subnet is same for both Buildings connected via a dark fiber.
  My requirement is to have Central Switching in Building1 since WLC is located locally, and Local Switching in Building2 to avoid inter-building traffic, for both Buildings we already one VLAN/IP Subnet. (Both Buildings access resources from a central Datacenter which hosts all the servers.)
  Questions:
  1. Is the above scenario possible using single SSID ? My understanding is that one WLAN+SSID can't have both Local and Central switching enabled.
  2. In Flexconnect Central Switching mode, during WLC failure, does the switching change to Local switching automatically ?
  3. When I choose Local Switching for a specific WLAN, does it Locally switch always , or does it Locally switch only when WLC is down ?
  4. We want to use Microsoft PEAP using AD User Authentication. When Local Authentication is enabled on WLC, I understand that when WLC fails (and RADIUS Server is still reachable), can we still have the AP directly contact RADIUS server as a direct client and provide 802.1X Microsoft PEAP authentication. Guess this is Primary Backup Radius Server configuration. Is this understanding correct ?
  Thanks.

  Hi
  The LAN subnet is same for both Buildings connected via a dark fiber.
  If this is the case there is no need of FlexConnet, as you have enough bandwidth & same L2 extended in those two buildings. Typically FlexConnect is for branch deployment where WAN link bandwidth is a concern.
  Anyway if you want to do this & here is the answer for your specific queries.
  1. Is the above scenario possible using single SSID ? My understanding is that one WLAN+SSID can't have both Local and Central switching enabled.
  You can have both local switching & central switching available for a given SSID. Only FlexConnect mode AP will do Local switching & all Local mode AP will do central switching, though both using the same SSID.
  2. In Flexconnect Central Switching mode, during WLC failure, does the switching change to Local switching automatically ?
  No, if it is central switching SSID, when WLC is not available client won't able to join this SSID. It is not fall back to Local switching.
  3. When I choose Local Switching for a specific WLAN, does it Locally switch always , or does it Locally switch only when WLC is down ?
  This is applicable only to FlexConnect mode APs & it always do local switching if that configured. If WLC is not reachable AP will go on "standalone mode" & still do local switching.
  4. We want to use Microsoft PEAP using AD User Authentication. When Local Authentication is enabled on WLC, I understand that when WLC fails (and RADIUS Server is still reachable), can we still have the AP directly contact RADIUS server as a direct client and provide 802.1X Microsoft PEAP authentication. Guess this is Primary Backup Radius Server configuration. Is this understanding correct ?
  Yes, when this option configured & WLC is not reachable (but RADIUS is reachable) then AP will act as Authenticator & pass radius messages to Auth Server directly.
  This is a very good Ciscolive presentation you should see as it describe lots of these features & which WLC codes they introduced.
  BRKEWN-2016 - Architecting Network for Branch Offices with Cisco Unified Wireless
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Configuring and Troubleshooting Virtual Switching System (VSS)

  With Anand Ganesan
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how to monitor, configure, and troubleshoot the Virtual Switching System (VSS) in Cisco Catalyst 6500 Series Switches with expert Anand Ganesan.
  VSS is network system virtualization technology that pools multiple Cisco Catalyst 6500 Series Switches into one virtual switch, increasing operational efficiency, boosting nonstop communications, and scaling system bandwidth capacity to 1.4 Tbps. At the initial phase, a VSS will allow two physical Cisco Catalyst 6500 Series Switches to operate as a single logical virtual switch called a virtual switching system 1440 (VSS1440). 
  For more information, visit:  www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/prod_qas0900aecd806ed74b.html
  The VSS simplifies network configuration and operation by reducing the number of Layer 3 routing neighbors and by providing a loop-free Layer 2 topology.
  Anand Ganesan is a customer support engineer in the High-Touch Technical Service team at Cisco specializing in switching protocols. He has been supporting major service providers and enterprise customers in switching and all other switching technologies for more than two years with Cisco. He has a total of eight years of experience in the IT industry. He holds a bachelor of engineering degree from Bharathiyar University, Coimbatore.
  Remember to use the rating system to let Anand know if you have received an adequate response. 
  Because of the volume expected during this event, Anand might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure subcommunity, LAN Switching & Routing shortly after the event. This event lasts through September 6, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Okay..they are two different /30 networks.
  my BFD interfaces are GigabitEthernet1/3/48 and GigabitEthernet2/3/48 and they work fine.
  interface GigabitEthernet1/3/48
  description Switch 1 BFD Interface
  no switchport
  ip address 10.48.0.17 255.255.255.252
  bfd interval 100 min_rx 100 multiplier 3
  end
  interface GigabitEthernet2/3/48
  description Switch 2 BFD Interface
  no switchport
  ip address 10.48.0.21 255.255.255.252
  bfd interval 100 min_rx 100 multiplier 3
  end
  switch virtual domain 1
  switch mode virtual
  switch 1 priority 110
  dual-active pair interface GigabitEthernet1/3/48 interface GigabitEthernet2/3/48 bfd
  show switch virtual dual-active bfd
  Bfd dual-active detection enabled: Yes
  Bfd dual-active interface pairs configured:
  interface-1 Gi1/3/48 interface-2 Gi2/3/48
  router eigrp 1
  network 10.0.0.0
  network 10.1.201.0 0.0.0.255
  network 10.48.0.12 0.0.0.3
  network 10.48.177.0 0.0.0.255
  network 97.0.0.0
  network 99.0.0.0
  network 100.0.0.0
  network 100.7.7.0 0.0.0.255
  network 192.34.145.0
  network 192.168.15.0
  show ip ei in
  EIGRP-IPv4 Interfaces for AS(1)
                         Xmit Queue   Mean   Pacing Time   Multicast   Pending
  Interface       Peers Un/Reliable SRTT   Un/Reliable   Flow Timer   Routes
  Gi1/2/40           1       0/0         1       0/1           50           0
  Gi1/2/41           0       0/0         0       0/1           0           0
  Vl1               1       0/0         1       0/1           50           0
  Vl7               0       0/0         0       0/1           0           0
  Vl13               0       0/0         0       0/1           0           0
  Vl15               0       0/0         0       0/1           0           0
  Vl21               0       0/0         0       0/1           0           0
  Vl25               0       0/0         0       0/1            0           0
  Vl26               0       0/0         0       0/1           0           0
  Vl134             0       0/0         0       0/1           0           0
  Vl135             0       0/0         0       0/1           0           0
  Vl140             0       0/0         0       0/1           0           0
  Vl300             0       0/0         0       0/1           0           0
  Vl400             0       0/0         0       0/1           0           0
  Vl199             0       0/0         0       0/1           0           0
  Vl6               0       0/0         0       0/1           0           0
  Vl20               0       0/0         0       0/1           0           0
  Vl24               0        0/0         0       0/1           0           0
  Vl30               0       0/0         0       0/1           0           0
  Vl31               0       0/0         0       0/1           0           0
  Vl37               0       0/0         0       0/1           0           0
  Vl2               0       0/0         0       0/1           0           0
  Gi1/3/48           0       0/0         0       0/1           0           0
  Gi2/3/48           0       0/0         0       0/1           0           0
  Vl17               0       0/0         0       0/1           0           0
  Gi2/6/40           0       0/0         0       0/1           0           0
  Gi2/6/41           0       0/0         0       0/1           0           0
  Gi2/1/45           1        0/0         1       0/1           50           0
  Gi1/1/33           1       0/0         1       0/1           50           0
  My questions revolve around the same point.
  Are there any significance in running eigrp or any other routing protocol over this BFD link?
  Is the Dual active scenario detected by BFD or BFD notifies a routing protocol like eigrp and in turn dual active is detected?
  Should I suppress the eigrp HELLOs on these interfaces to get rid of the log message?
  Regards
  Vinayak

• PoE switch and Compact Fieldpoint

  Hello all... Is it possible to connect my Compact Field Point Controller to a PoE switch (Power over Ethernet Switch)??? This is because some other devices on the same subnet require PoE (IP cameras) and I wanted to know if this can cause some sort of problem with my Cfp... Should I connect the Compact Fieldpoint to a regular switch and connect that switch to the PoE switch??
  Let me know any suggestions...
  Thanks a million in advance,

  Hi Jaime!
  Currently there are only certain products that support the PoE standard, unfortunately the cFP family is not one of them. The best you can do is connect your cFP to a switch and then to the PoE switch like you said and check if that works. Here is the document where the PoE and NI products are described:
  http://zone.ni.com/devzone/cda/tut/p/id/9847
  Hope this helps!
  Have a great day!!!

• How to set six WRT300N wireless router use the same SSID

  I have six WRT300N wireless router and cannot setting shared the same SSID....
  Somebody can help me?

  please explain like how are you trying to set up these routers..... even if you set up these routers using the same ssid , they won't communicate with each other wirelessly....

• Same wlan both locally switched and centrally switched

  Scenario:
  1 virtual wireless controller
  50 access points, some of them some local to the controller (same site), other on remote sites, all in flexconnect mode.
  Is there a way for a wlan to be locally switched for a group of ap's, essentialy those local to the controller, and centrally switched for other groups of ap's, in fact those placed on remote sites?
  I've tried configuring flexconnect groups, and ap groups, but no luck, I've found no way to override the globally configured flag "flexconnec local switching".
  I've also tried to create two identical wlans, one locally switched and the second globally switched, but the wlc refuses to activate the second one since it has the same ssid of the first one.
  Regards,
  Massimo. 

  Since you have vWLC all AP needs to be in FlexConnect mode (If you got a normal WLC you can keep HQ AP in local mode & Remote AP in Flex mode to achieve this)
  I think in your case you have to either choose "Central Switching" or "local switching" for your APs.
  Regards
  Rasika
  **** Pls rate all useful responses ****

• FlexConnect local/central switched and Access-Accept Packets

  For our branch offices’s wireless access, we would like to use FlexConnect with one SSID and two distinct user profiles:
  •  Full network access, local switched.
  •  Limited network access, central switched:
  ◦       To isolate traffic from the branch’s LAN.
  ◦       To force traffic through a firewall at the central site.
  ▪       To ease access rules management.
  ◦       Internet access only by default.
  ▪       Internet access is located at the central site.
  ▪       We expect to manage some exceptions to the rule.
  We know that it’s not possible to switch from local to central switched using the same SSID with FlexConnect and AAA Override.
  However, we found an interesting bit in the documentation pages regarding RADIUS attributes:
  Authentication Attributes Honored in Access-Accept Packets (Airespace)
  VAP ID
  This attribute indicates the WLAN ID of the WLAN to which the client should belong. When the WLAN-ID attribute is present in the RADIUS Access Accept, the system applies the WLAN-ID (SSID) to the client station after it authenticates. [...]
  Source:
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-6/configuration/guide/b_cg76/b_cg76_chapter_0101000.html#reference_327F94A40AAE46E48153B265E521DDCF
  We then made an assumption that the following was possible:
  •  Create a second SSID
  ◦       Broadcast not enabled
  ◦       Central Switched
  •  Users would authenticate using the first SSID
  •  In it’s access-accept packet, the RADIUS server would return an
  Airespace-WLAN-Id attribute with the value of the second SSID.
  •      The WLC would then assign the second SSID to the users so they’re central switched and forwarded through the firewall at the main site.
  So far, our tests showed no results.
  •  Is that solution achievable at all? It seemed so from the documentation, but we haven’t found any documented evidence that someone actually tried it.
  •  If not, what would you recommend?
  For RADIUS, we are using Microsoft 2012r2 NPS servers. Everything’s been working fine with them so far. We can do AAA vlan override for our main site and with FlexConnect also, without any problems. What’s not working is the local/central switched scenario we’re trying to pull off. The RADIUS server sends the Airespace-WLAN-Id attribute from what I see with Wireshark, but the WLC does not seem to react to it like I thought it would. I couldn’t find a debug command that would tell me what the WLC does with the attributes from the access-accept packet. Maybe the behaviour I’m experiencing is to be expected, that’s what I would like to know.
  Thank you very much,

  Your WLAN is defined with as centrally switched or locally switched, AAA override will not chage that value.  AAA attributes can change a users vlan, acl and QoS.  The other attributes are intended to use for rules... example:
  Is the user part of this AD group and is this user on WLAN ID=1.
  You will not be able to go from centrally switched to locally swithed and vice versa.  I don't know how you would be able to achieve what your trying to acomplish with one SSID to be honest.