Cisco 1142 - DotRadio0 resets

Similar Messages

• Cisco 1142 WAP Connection Help

  We have a Cisco 1142 WAP connected to a Cisco Wireless Controller in a remote office area.  For meetings we wanted to have more hard wired connections in addition to Wifi access for attendee's / presentors etc..My question is if we purchased a Cisco 8 port POE mini switch and put that in the middle between the WAP and Controller would that work?  Or is there another business grade solution for a mix of Ethernet ports and Wifi?

  Yes, sir.  This will work.  The only "problem" I see is your 8 port PoE switch.  Let me explain:
  The good part about Cisco's 8-port PoE switches, the WS-C3560-8PC, is that it is FANLESS.  So even if you stick the switch right inside this conference or meeting room, no one will notice it's there (unless of course, one steps on the hot surface or gives the appliance a good kick).
  This model has a 1Gig SFP or RJ45 port uplink.
  Now the downside is not really that significant, unless you want to be pedantic about it.  The access ports are all 10/100BaseTX only.  
  By the way, I have no way of testing the "compact" series of the 2960C and the 3560C.  The Data Sheet itself is a bit "grey" so I won't make a comment about these two models.

• Cisco 1142 Wireless access point intermittently will not authenticate

  Hi all,
  We have a Cisco 1142 standalone access point, and from time to time I will come into the office and it will not authenticate any users to either our guest or corporate networks. I then have to go in and reboot the access point. After that, it begins to work. Any advice? Here's my configuration below:
  Current configuration : 6450 bytes
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname cisco-chiap01
  logging monitor errors
  enable secret 5 $1$fsD8$CU42/3/Up5AAlL4hQWvvg0
  aaa new-model
  aaa group server radius rad_eap
   server 172.17.16.12 auth-port 1645 acct-port 1646
   server 172.17.21.10 auth-port 1812 acct-port 1813
  aaa group server radius rad_mac
  aaa group server radius rad_acct
  aaa group server radius rad_admin
  aaa group server tacacs+ tac_admin
  aaa group server radius rad_pmip
  aaa group server radius dummy
   server 172.17.21.10 auth-port 1812 acct-port 1813
  aaa group server radius rad_eap2
   server 172.17.16.12 auth-port 1645 acct-port 1646
   server 172.17.21.10 auth-port 1812 acct-port 1813
  aaa authentication login eap_methods group rad_eap
  aaa authentication login mac_methods local
  aaa authentication login eap_methods2 group rad_eap2
  aaa authorization exec default local 
  aaa accounting network acct_methods start-stop group rad_acct
  aaa session-id common
  login on-failure log
  login on-success log
  dot11 syslog
  dot11 vlan-name Admin vlan 100
  dot11 vlan-name DevNetwork vlan 20
  dot11 vlan-name Guest vlan 150
  dot11 vlan-name Network vlan 16
  dot11 ssid DevNetwork
     vlan 20
     authentication open eap eap_methods2 
     authentication network-eap eap_methods2 
     authentication key-management wpa version 2
  dot11 ssid Guest
     vlan 150
     authentication open 
     authentication key-management wpa version 2
     guest-mode
     mbssid guest-mode
     wpa-psk ascii 7 142407060101380B013A3A2670435642
     information-element ssidl advertisement
  dot11 ssid Network
     vlan 16
     authentication open eap eap_methods2 
     authentication network-eap eap_methods2 
     authentication key-management wpa version 2
  username monkeyman privilege 15 secret 5 $1$ZZ7C$rqimu2FNONdfeacMNGAD/.
  bridge irb
  interface Dot11Radio0
   no ip address
   ip helper-address 172.17.19.10
   no ip route-cache
   encryption mode ciphers aes-ccm 
   encryption vlan 16 mode ciphers aes-ccm 
   encryption vlan 150 mode ciphers aes-ccm 
   encryption vlan 20 mode ciphers aes-ccm 
   ssid DevNetwork
   ssid Guest
   ssid Network
   antenna gain 0
   parent timeout 120
   speed  5.5 11.0 basic-6.0 9.0 12.0 36.0 48.0 54.0
   packet retries 128 drop-packet
   channel 2462
   station-role root
   rts threshold 512
   rts retries 128
  interface Dot11Radio0.11
   encapsulation dot1Q 11
   no ip route-cache
  interface Dot11Radio0.16
   encapsulation dot1Q 16 native
   no ip route-cache
   bridge-group 1
   bridge-group 1 subscriber-loop-control
   bridge-group 1 block-unknown-source
   no bridge-group 1 source-learning
   no bridge-group 1 unicast-flooding
   bridge-group 1 spanning-disabled
  interface Dot11Radio0.20
   encapsulation dot1Q 20
   no ip route-cache
   bridge-group 20
   bridge-group 20 subscriber-loop-control
   bridge-group 20 block-unknown-source
   no bridge-group 20 source-learning
   no bridge-group 20 unicast-flooding
   bridge-group 20 spanning-disabled
  interface Dot11Radio0.150
   encapsulation dot1Q 150
   no ip route-cache
   bridge-group 150
   bridge-group 150 subscriber-loop-control
   bridge-group 150 block-unknown-source
   no bridge-group 150 source-learning
   no bridge-group 150 unicast-flooding
   bridge-group 150 spanning-disabled
  interface Dot11Radio1
   no ip address
   ip helper-address 172.17.19.10
   no ip route-cache
   encryption vlan 16 mode ciphers aes-ccm 
   encryption vlan 150 mode ciphers aes-ccm 
   encryption vlan 20 mode ciphers aes-ccm 
   ssid DevNetwork
   ssid Guest
   ssid Network
   antenna gain 0
   traffic-metrics aggregate-report
   dfs band 3 block
   mbssid
   parent timeout 120
   speed  6.0 12.0 basic-24.0 36.0 48.0 54.0
   channel width 40-above
   channel dfs
   station-role root access-point
  interface Dot11Radio1.11
   encapsulation dot1Q 11
   no ip route-cache
  interface Dot11Radio1.16
   encapsulation dot1Q 16 native
   no ip route-cache
   bridge-group 1
   bridge-group 1 subscriber-loop-control
   bridge-group 1 block-unknown-source
   no bridge-group 1 source-learning
   no bridge-group 1 unicast-flooding
   bridge-group 1 spanning-disabled
  interface Dot11Radio1.20
   encapsulation dot1Q 20
   no ip route-cache
   bridge-group 20
   bridge-group 20 subscriber-loop-control
   bridge-group 20 block-unknown-source
   no bridge-group 20 source-learning
   no bridge-group 20 unicast-flooding
   bridge-group 20 spanning-disabled
  interface Dot11Radio1.150
   encapsulation dot1Q 150
   no ip route-cache
   bridge-group 150
   bridge-group 150 subscriber-loop-control
   bridge-group 150 block-unknown-source
   no bridge-group 150 source-learning
   no bridge-group 150 unicast-flooding
   bridge-group 150 spanning-disabled
  interface GigabitEthernet0
   no ip address
   no ip route-cache
   duplex auto
   speed auto
   no keepalive
  interface GigabitEthernet0.11
   encapsulation dot1Q 11
   no ip route-cache
  interface GigabitEthernet0.16
   encapsulation dot1Q 16 native
   no ip route-cache
   bridge-group 1
   no bridge-group 1 source-learning
   bridge-group 1 spanning-disabled
  interface GigabitEthernet0.20
   encapsulation dot1Q 20
   no ip route-cache
   bridge-group 20
   no bridge-group 20 source-learning
   bridge-group 20 spanning-disabled
  interface GigabitEthernet0.100
   encapsulation dot1Q 100
   ip address 192.168.100.3 255.255.255.0
   no ip route-cache
   bridge-group 100
   no bridge-group 100 source-learning
   bridge-group 100 spanning-disabled
  interface GigabitEthernet0.150
   encapsulation dot1Q 150
   no ip route-cache
   bridge-group 150
   no bridge-group 150 source-learning
   bridge-group 150 spanning-disabled
  interface BVI1
   ip address 172.17.16.251 255.255.255.0
   no ip route-cache
  ip http server
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface GigabitEthernet0 
  access-list 1 permit 172.17.16.1
  access-list 1 remark Admin network access
  access-list 1 permit 192.168.100.0 0.0.0.255
  radius-server attribute 32 include-in-access-req format %h
  radius-server host 172.17.21.10 auth-port 1812 acct-port 1813 key 7 047958071C3561410D4A44
  radius-server host 172.17.16.12 auth-port 1645 acct-port 1646 key 7 08045E471A48574446
  radius-server host 172.17.21.10 auth-port 1645 acct-port 1646 key 7 1320051B185D56797F
  radius-server timeout 15
  radius-server vsa send accounting
  bridge 1 route ip
  line con 0
  line vty 0 4
   access-class 1 in
  end

  When the issue occurs does that affect both 2.4GHz & 5GHz devices ? I would see which band operating devices affected.
  I noticed you have set CH11 under Radio 0 statically.  I would prefer to configure it as below so AP can change the channel depend on the environment.
  int d0
  channel least-congested
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Cisco ASA 5505 Reset-I Problem with TCP State Bypass

  Hello,
  I have a Cisco ASA 5505 that functions as my primary firewall and a Mitel 5000 controller behind it. I have two external phone users that have been connecting through the firewall with no issues for six months until about two weeks ago. I am now seeing the following log entry on the phone trying to connect to the Mitel Controller.
  6
  May 16 2014
  14:52:52
  302014
  72.135.115.37
  6915
  192.168.20.2
  6801
  Teardown TCP connection 1203584 for outside:72.135.115.37/6915 to inside:192.168.20.2/6801 duration 0:00:00 bytes 0 TCP Reset-I
  My phones are designed to work with the Mitel 5000 and Mitel 3300 phone controllers. The 5000 will only use port 6800 for call control, while the 3300 will use 6801 (Secured Minet), 6802 (Minet SSH), and if those fail, port 6800 (Minet Unsecured). When the phones initiate a connection, they try 6801 first. If 6801 is unavailable, the phone controller adds the RST flag to the ACK packet. When the phone sees the RST flag, it is supposed to reset and use the next port (6802). The same process happens again for port 6802, then the phone knows to try 6800. The problem is that the ASA sees the RST flag now and terminates the connection at the firewall. Therefore, the phones never see the RST flag, and continue to try the connection with port 6801.
  I have tried to use the TCP State Bypass feature to correct the situation, but the log shows that the connection is still being terminated immediately by the firewall. I am a novice when it comes to configuring the ASA. Any help would be greatly appreciated, as the company that I bought the phone system from is out of troubleshooting options. I do not think that I have made any changes to the firewall around this time. I have packet captures and logs from my ASA and I have wireshark data on the inside of my network. I need to figure out how to configure the ASA so that it ignores the RST flag and sends the packet back to the source.
  Any help would be greatly appreciated!

  Thanks Rizwan,
  Still no luck.  I can't even ping the otherside (office)..  I am not sure if i'm running the debug rightway.   Here are my results...
  homeasa(config)# ping inside 10.10.5.254............. (Office CIsco ASA5505 IP on local side.  I also tried pinging the server on other side (office) whic is @10.10.5.10 and got the same result)
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 10.10.5.254, timeout is 2 seconds:
  Success rate is 0
  homeasa(config)# debug crypto isakmp 7
  homeasa(config)# debug crypto ipsec 7
  homeasa(config)# sho crypto isakmp 7
                                     ^
  ERROR: % Invalid input detected at '^' marker.
  homeasa(config)# sho crypto isakmp
  There are no isakmp sas
  Global IKE Statistics
  Active Tunnels: 0
  Previous Tunnels: 0
  In Octets: 0
  In Packets: 0
  In Drop Packets: 0
  In Notifys: 0
  In P2 Exchanges: 0
  In P2 Exchange Invalids: 0
  In P2 Exchange Rejects: 0
  In P2 Sa Delete Requests: 0
  Out Octets: 0
  Out Packets: 0
  Out Drop Packets: 0
  Out Notifys: 0
  Out P2 Exchanges: 0
  Out P2 Exchange Invalids: 0
  Out P2 Exchange Rejects: 0
  Out P2 Sa Delete Requests: 0
  Initiator Tunnels: 0
  Initiator Fails: 0
  Responder Fails: 0
  System Capacity Fails: 0
  Auth Fails: 0
  Decrypt Fails: 0
  Hash Valid Fails: 0
  No Sa Fails: 0
  Global IPSec over TCP Statistics
  Embryonic connections: 0
  Active connections: 0
  Previous connections: 0
  Inbound packets: 0
  Inbound dropped packets: 0
  Outbound packets: 0
  Outbound dropped packets: 0
  RST packets: 0
  Recevied ACK heart-beat packets: 0
  Bad headers: 0
  Bad trailers: 0
  Timer failures: 0
  Checksum errors: 0
  Internal errors: 0
  hjnavasa(config)# sh crypto ipsec sa peer 96.xxx.xxx.118
  There are no ipsec sas
  homeasa(config)#

• Cisco 1142 WGB in a controller based network

  Hi,
  I have trouble with Cisco AP1142 which is configured in WGB mode. I'm trying to get it work in a controller based network, where LAPs are configured in H-REAP. SSID where WGB should be associated drops it traffic to VLAN60. Security type is WPA2-PSK.
  I've configured the WGB and it associates and gets IP from the correct network....but the problem is that laptop connected to WGB won't work. It gets no IP address and won't work with static IP.
  At the moment I have no VLANs configured on the WGB - should I have?
  AP IOS version is 12.4(25d)JA and WLC version is 7.0.98.0.
  Please find config file attached and also a topology image. Hope these help.
  Br,
  Petri

  Hi Petri,
  WGB mode with HREAP is not supported:
  http://tools.cisco.com/squish/dcAfC
  http://tools.cisco.com/squish/CcFE6
  You may want to test this with uWGB mode and static IP config.However, there is a new bug filed for uWGB mode as well:
  CSCtl21683    uWGB needs official testing and support with h-reap
  HTH,
  Alex

• Cisco 1142 AP as a repeater

  Hi,
  I am a bit confused with the GUI configuration of an AP and repeater my concerns are:
  I have 3 AP 1142 series i want two APs to be connected to the main AP(ethernet) while the others act as repeaters.
  How do i go about creating an AP as  a repeater to assoicate with the AP connected to a switch
  Thanks

  Hello Samson,
  As per your query i can suggest you the following solution-
  Configuring a Repeater Using the CLI
  If you want to configure your AP as a repeater and use the command-line interface, the following is an example configuration setting. This example configures the AP with two parents:
  ap1130# configure terminal
  ap1130(config)# interface dot11radio 0
  ap1130(config-if)# ssid qbranch
  ap1130(config-ssid)# infrastructure-ssid
  ap1130(config-ssid)# exit
  ap1130(config-if)# station-role repeater
  ap1130(config-if)# dot11 extensions aironet
  ap1130(config-if)# parent 1 0012.7fc2.1bdc 1000
  ap1130(config-if)# parent 2 0012.44b4.b250 1000
  ap1130(config-if)# end
  ao1130# copy running-config startup-config
  Hope this will help you.

• CISCO WAP200 after reset will not accept default id/pswd

     I had to reset the WAP200 wireless device expecting that it would then allow access using the default id/pswd of admin.  Unfortunately, I am not able to gain access to the setup GUI as it does not recognize the default id of admin and pswd of admin.  I reset the device twice with the same result.  The device warranty ran out in 2012 as it was purchased back in 2009.
  Any pearls of wisdom so I can gain access?     
  Best Regards         

  Kevin,
  Is the AP plugged into your network or do you just have a PC plugged directly into it with a static IP? I would give the PC a static 192.168.1.200/24, no gateway. Reset as Tom suggested and then log in using admin/admin.
  - Marty

• Require help to configure Cisco 1142 AP

  Hi Team,
                   I'm new to Wireless. Recently I've configured a Wireless AP (Model:AIR-AP1142N-A-K9) with the help of a Youtube Video.
  Please find the Below configuration details:
  AP Configuration:
  <REMOVED>#show run
  Building configuration...
  Current configuration : 4955 bytes
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname <REMOVED>
  enable secret 5 $1$nyT5$7naR21WqmWcPukAhSssAo/
  no aaa new-model
  ip domain name <REMOVED>
  dot11 syslog
  dot11 vlan-name MGMT_VLAN vlan 20
  dot11 vlan-name WIRELESS_LAN vlan 30
  dot11 ssid <REMOVED>
     vlan 30
     authentication open
     guest-mode
  crypto pki trustpoint TP-self-signed-<removed>
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-<removed>
  revocation-check none
  rsakeypair TP-self-signed-<removed>
  crypto pki certificate chain TP-self-signed-<removed>
  certificate self-signed 01
  <removed>
  quit
  username <REMOVED> privilege 15 password 7 01100F175804
  username <REMOVED> Privilege 15 secret 5 $1$Jeq0$SxvYfrDZkWNx5N3XITAab0
  username <REMOVED> privilege 15 secret 5 $1$e9Mc$JwGalVaHjrFf4Gn4kj/VY1
  username <REMOVED> privilege 0 secret 5 $1$0eRJ$OzYn1oU.1W8aDOVi27Fbt0
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption mode ciphers aes-ccm
  encryption vlan 30 key 1 size 40bit 7 <REMOVED> transmit-key
  encryption vlan 30 mode wep mandatory
  ssid <REMOVED>
  antenna gain 0
  channel 2412
  station-role root
  interface Dot11Radio0.20
  encapsulation dot1Q 20 native
  no ip route-cache
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio0.30
  encapsulation dot1Q 30
  no ip route-cache
  bridge-group 30
  bridge-group 30 subscriber-loop-control
  bridge-group 30 block-unknown-source
  no bridge-group 30 source-learning
  no bridge-group 30 unicast-flooding
  bridge-group 30 spanning-disabled
  interface Dot11Radio1
  no ip address
  no ip route-cache
  shutdown
  antenna gain 0
  dfs band 3 block
  channel dfs
  station-role root
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface GigabitEthernet0
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  no keepalive
  interface GigabitEthernet0.20
  encapsulation dot1Q 20 native
  no ip route-cache
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface GigabitEthernet0.30
  encapsulation dot1Q 30
  ip helper-address 192.168.30.1
  no ip route-cache
  bridge-group 30
  no bridge-group 30 source-learning
  bridge-group 30 spanning-disabled
  interface BVI1
  description <<< LAN INTERFACE >>>
  ip address 192.168.20.202 255.255.255.0
  no ip route-cache
  ip default-gateway 192.168.20.2
  no ip http server
  ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  access-list 115 remark <<< ACL-FOR-SSH-ACCESS >>>
  access-list 115 permit tcp host 192.168.20.190 any eq 22
  access-list 115 permit tcp host 192.168.20.191 any eq 22
  access-list 115 permit tcp host 192.168.20.192 any eq 22
  access-list 115 permit tcp host 192.168.20.193 any eq 22
  access-list 115 permit tcp host 192.168.20.194 any eq 22
  access-list 115 permit tcp host 192.168.20.195 any eq 22
  access-list 115 deny   tcp any any
  bridge 1 route ip
  line con 0
  login local
  stopbits 1
  line vty 0 4
  access-class 115 in
  exec-timeout 5 0
  login local
  transport input ssh
  transport output none
  line vty 5 15
  access-class 115 in
  login local
  transport input ssh
  transport output none
  end
  Access Switch Configuration :
  <REMOVED>#show run int gig 1/0/1
  Building configuration...
  Current configuration : 129 bytes
  interface GigabitEthernet1/0/1
  description ** Trunk to GF-AP1 **
  switchport trunk native vlan 20
  switchport mode trunk
  end
  Core Switch side Configuration:
  ip dhcp excluded-address 192.168.30.1 192.168.30.10
  ip dhcp pool WIRELESS_SCOPE
  network 192.168.30.0 255.255.255.0
  default-router 192.168.30.1
  dns-server 192.168.20.66
  With the above configuration the AP is working fine and it's getting DHCP ip address from the Core switch and the users are also able to access all the internal network resources and Internet too according to customer requirement.
  But recently customer raised few concerns:
  1. Customer is unable to login into AP by using WEBBROWSER
      (error: The Server 192.168.20.202:443 requires a username and password. The server says: Lever_15_access.)
      SSH to the AP is working fine.
  2. Customer is asking to create 2 SSIDs in every access point.
        a.) COMPANY SSID (Which should have full access to the local network as well as Internet too.)
        b.) GUEST       SSID (Which should only access internet but not internal network.)
  3. Only few users should be able to access GUI of AP as I've done for SSH using ACL's
  Kindly help with the above concerns as I've to answer the customer tomorrow.
  Regards,
  Vamsi Harish.T.
  [email protected]

  Hi,
  Same local credentials that you use for SSH can be used for http/https.
  Make sure you provide correct credentials. If still not working provide a screenshot of the error and try to enable http server for testing purposes only and try if it works with http.
  For multiple SSIDs with multiple VLANs try this config example:
  https://supportforums.cisco.com/docs/DOC-14496
  HTH
  Amjad
  Rating useful replies is more useful than saying "Thank you"

• Cisco PIX-515e reset to factory defaults

  Hi,
  I have a cisco PIX-515e which i have connected to a emulator through the console port, and im having trouble erasing data from it.
  I can get into 'pixfirewall' mode and 'monitor' mode but thats as far as i get. i have tried 'write erase' and 'configure factory-default' in both modes to no success.
  Any help would be much appreciated.
  thanks,

  this is a little late over a year, you probably alreay figured it out. in monitor mode.
  set your interface
  monitor> int 0          (this doesnt matter much as long as the interface is valid)
  next set the ip address of our pix
  monitor> add 192.168.1.50     (this just sets the pix int 0 to this ip address)
  now set the tftp server
  monitor> server 192.168.1.79     (this is the ip address of my pc with a tftp server)
  set the gateway
  monitor> gateway 0.0.0.0      (i had much trouble with this but until i set the gateway to this it didnt work)
  now back to your pc assuming you have a tftp server installed.
  download the necessary recover tool at (subject to change probably) make sure you put it in your default directory of your tftp server.
  http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml
  this is key probably
  if you have the wrong tool the image will download successfully to your pix but it will not do anything just stop
  after the file has been received.
  so if your unsure try all the images.
  now back to the pix
  to initiate a file download you have to declare it so
  monitor> file np62.bin
  and then to start the download
  monitor> tftp
  see below.... (entire session via console cable)
  monitor> int 0
  0: i8255X @ PCI(bus:0 dev:14 irq:10)
  1: i8255X @ PCI(bus:0 dev:13 irq:11)
  Using 0: i82557 @ PCI(bus:0 dev:14 irq:10), MAC:
  monitor> add 192.168.1.50
  address 192.168.1.50
  monitor> server 192.168.1.79
  server 192.168.1.79
  monitor> gateway 0.0.0.0
  gateway 0.0.0.0
  monitor> file np62.bin
  file np62.bin
  monitor> tftp
  tftp [email protected].....................................................
  Received 73728 bytes
  Cisco Secure PIX Firewall password tool (3.0) #0: Wed Mar 27 11:02:16 PST 2002
  System Flash=E28F128J3 @ 0xfff00000
  BIOS Flash=am29f400b @ 0xd8000
  Do you wish to erase the passwords? [yn]
  if that doesnt work im not sure just try the other images.

• Cisco PIX-515e reset to factory defaults *Expert Advice Only Please*

  Hi,
  I have a cisco PIX-515e which i have connected to a emulator through the console port, and im having trouble erasing data from it.
  I can get into 'pixfirewall' mode and 'monitor' mode but thats as far as i get. i have tried 'write erase' and 'configure factory-default' in both modes to no success.
  When i last posted this i had alot of replies mentioning ROMMON mode but i want to stress the PIX 515e does not have ROMMON mode it has MONITOR mode however the commands are not the same as ROMMON commands.
  Any help would be much appreciated.
  thanks,

  8 MB RAM
  PCI Device Table.
  Bus Dev Func VendID DevID Class              Irq
  00  00  00   8086   7192  Host Bridge
  00  07  00   8086   7110  ISA Bridge
  00  07  01   8086   7111  IDE Controller
  00  07  02   8086   7112  Serial Bus         9
  00  07  03   8086   7113  PCI Bridge
  00  0D  00   8086   1209  Ethernet           11
  00  0E  00   8086   1209  Ethernet           10
  00  11  00   14E4   5823  Co-Processor       11
  00  13  00   8086   B154  PCI-to-PCI Bridge
  01  04  00   8086   1229  Ethernet           11
  01  05  00   8086   1229  Ethernet           10
  01  06  00   8086   1229  Ethernet           9
  01  07  00   8086   1229  Ethernet           5
  Cisco Secure PIX Firewall BIOS (4.2) #0: Mon Dec 31 08:34:35 PST 2001
  Platform PIX-515E
  System Flash=E28F128J3 @ 0xfff00000
  Use BREAK or ESC to interrupt flash boot.
  Use SPACE to begin flash boot immediately.
  Reading 123392 bytes of image from flash.
  PIX Flash Load Helper
  Initializing flashfs...
  flashfs[0]: 8 files, 3 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 16128000
  flashfs[0]: Bytes used: 13963264
  flashfs[0]: Bytes available: 2164736
  flashfs[0]: Initialization complete.
  Booting first image in flash
  Launching image flash:/pix722.bin
  128MB RAM
  Total NICs found: 6
  mcwa i82559 Ethernet at irq 10  MAC: 0016.9da2.5907
  mcwa i82559 Ethernet at irq 11  MAC: 0016.9da2.5908
  mcwa i82559 Ethernet at irq 11  MAC: 000d.8810.d91c
  mcwa i82559 Ethernet at irq 10  MAC: 000d.8810.d91d
  mcwa i82559 Ethernet at irq  9  MAC: 000d.8810.d91e
  BIOS Flash=am29f400b @ 0xd8000  MAC: 000d.8810.d91f
  Initializing flashfs...
  flashfs[7]: 8 files, 3 directories
  flashfs[7]: 0 orphaned files, 0 orphaned directories
  flashfs[7]: Total bytes: 16128000
  flashfs[7]: Bytes used: 13963264
  flashfs[7]: Bytes available: 2164736
  flashfs[7]: flashfs fsck took 15 seconds.
  flashfs[7]: Initialization complete.
  Licensed features for this platform:
  Maximum Physical Interfaces : 6
  Maximum VLANs               : 25
  Inside Hosts                : Unlimited
  Failover                    : Active/Active
  VPN-DES                     : Enabled
  VPN-3DES-AES                : Enabled
  Cut-through Proxy           : Enabled
  Guards                      : Enabled
  URL Filtering               : Enabled
  Security Contexts           : 2
  GTP/GPRS                    : Disabled
  VPN Peers                   : Unlimited
  This platform has an Unrestricted (UR) license.
  Encryption hardware device : VAC+ (Crypto5823 revision 0x1)
                                   |            |
                                  |||          |||
                                .|| ||.      .|| ||.
                             .:||| | |||:..:||| | |||:.
                              C i s c o  S y s t e m s
  Cisco PIX Security Appliance Software Version 7.2(2)
    ****************************** Warning *******************************
    This product contains cryptographic features and is
    subject to United States and local country laws
    governing, import, export, transfer, and use.
    Delivery of Cisco cryptographic products does not
    imply third-party authority to import, export,
    distribute, or use encryption. Importers, exporters,
    distributors and users are responsible for compliance
    with U.S. and local country laws. By using this
    product you agree to comply with applicable laws and
    regulations. If you are unable to comply with U.S.
    and local laws, return the enclosed items immediately.
    A summary of U.S. laws governing Cisco cryptographic
    products may be found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
    If you require further assistance please contact us by
    sending email to [email protected].
    ******************************* Warning *******************************
  Copyright (c) 1996-2006 by Cisco Systems, Inc.
                  Restricted Rights Legend
  Use, duplication, or disclosure by the Government is
  subject to restrictions as set forth in subparagraph
  (c) of the Commercial Computer Software - Restricted
  Rights clause at FAR sec. 52.227-19 and subparagraph
  (c) (1) (ii) of the Rights in Technical Data and Computer
  Software clause at DFARS sec. 252.227-7013.
                  Cisco Systems, Inc.
                  170 West Tasman Drive
                  San Jose, California 95134-1706
  Cryptochecksum (unchanged): 43dccc97 2fb4bfec 15a33bef dad78b7e
  Type help or '?' for a list of available commands.
  pixfirewall>
  I am unable to get onto enable mode because i do not no the password? any idea of a way round, i need to get into that enable mode.

• WCS v7.0.164.0 + Cisco 1142 LWAP AP's

  I have deployed a number of AIR-LAP1142N-E-K9 access points at a site, but I have an issue where all access point have defaulted to Channel 1.  I have set the perameters on the Lightweight AP Template correctly to allow dinamic power and channel selection.  The positioning of the AP's are as per the WCS planning tool.  Any help would be welcome.....

  It's also possible DCA is disabled on the WLC, check it under:
  802.11a > RRM > Dynamic Channel Assignment (DCA)
  Also check your power:
  802.11a > RRM > Tx Power Control(TPC)
  Nabil

• Cisco 1142AP Autonomous - Radio interface constantly reset and provides crash file

  Hello All,
  We have 10 Cisco 1142 Access Points currently configured as Autonomous and I'm experiecing very unusual behavior with the 2.4GHz radio interfaces on each of them. The IOS firmware is 15.2.2JB and they're connected to Cisco 2960 PoE switches. I'm not sure what could be causing this problem however it is service impacting and looks bad on me since I don't have a solution for it. One potential fix could be to upgrade the firmware to 15.2.4 but I'm sure if it is a firmware problem. Any advice would help. Here's an excerpt from the AP log:
  Aug 18 14:40:16:  Writing driver stats to flash:/ap_log_r0_0.log..
  Aug 18 14:40:21:
  Aug 18 14:40:21: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  Aug 18 14:40:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
  Aug 18 14:40:23: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
  Aug 18 14:40:23: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
  Thanks,
  Ali Ibrahim

  You should be able to go in and view teh R0_0.log file.
  there might be something in there that you can do a bug search for.
  HTH,
  Steve

• Cisco Phone Resets

  We have remote users which connect through vpn . Their Cisco 7942 Phones reset themselfs atleat twice in a day. I am attaching some phones logs it showing me tcp timeout. It only happens to vpn user everything works fine on Lan.     

  Ok, I have an answer for my own question. Since it is only happening to vpn clients which do not have any Qos plus  cloud where other traffic is taking over. Our phones are time sensitive device loosing connectivity from CM.

• Cisco 2504 Domain Authentication for WIFI Clients

  I got a question.
  I have a 2504 controller, and a bunch of 3600 APs. (which now works, thanks to Scott Fella)
  I want the WIFI users to be able to connect to the WIFI, If their computer is part of the domain. Otherwise, they connect to the guest WIFI.
  How can I go about doing that? I tried searching the forums, but perhaps Im not searching for the right keywords.
  I thought it was LDAP, but I could not find much info on it.
  Thanks....         

  I wouldn't look at LDAP. I would use a radius server and machine authentication. If your a Microsoft shop, then bring up IAS for 2003 or NPS for 2008. These can work as your radius server. To figure out how to configure machine auth, just search Google for NPS wireless machine authentication.
  Here is one link
  http://araihan.wordpress.com/2010/04/30/complete-guide-to-build-a-cisco-wireless-infrastructure-using-cisco-wlc-5500-cisco-1142-ap-and-microsoft-radius-server/
  Sent from Cisco Technical Support iPhone App

• E1550 - Error code 82BD0119, Cisco Connect gives connection timeout error during setup

  During setup, after 90% completion I get "adapter connection timeout period expired". I'm unable to configure my router.
  I downloaded the lates Cisco Connect software and tried that as well but I get the same problem.
  Operating System : Windows Vista Home Premium SP1 (32 bit).
  Any help will be apreciated. Thanks.

  I believe you have a static IP address assigned in the computer. Here are the steps to check for the wireless:
  ~~ Go to Wireless network connection properties.
  ~~ Click On Internet protocol TCP/IP and go to properties.
  ~~ Select 'Obtain IP address automatically' and 'Obtain DNS server automatically'.
  ~~ Click OK and then close.
  Check for the Local Area Connection as well in the same procedure.
  Then uninstall the existing Cisco connect software, reset the router.
  Steps to reset the router:
  Push the reset button on router for 30 seconds, turn off the router wait for 30 seconds and then power it on. After this process reconfigure the router. Power light should blink when you perform the reset process.
  After performing the following steps install the Cisco connect again and check the status.