Cisco 1230 max clients per AP & solutions?
Hi all
We have approx 15 APs located around site. We have introduced 40+ notebooks recently and noticed slow access with our wireless network.
I understand the recommend amount is roughly 10-20 clients per access point. The less clients connected the better performance per user.
My question is can I change the max associations for each AP to 10 or 20, introduce a few more new AP's and would this mean the client notebook would keep trying until it reaches an AP that will accept associations ? Is this the recommended solution ?
Thanks
Jon
Hi Jon
Greetings!
what type ur application ur using in you clients(Laptops).my experiance i am using 25 Laptops per AP .ITS working fine for internet browing.but it doesn'tsupport for Applications like Browser based.i suggest you to put a WLAN Controller and automatic load balancing .it wil solve your problem
regs
s.Mohana sundaram
Similar Messages
-
Cisco 876w: wlan client - routing problem
I configured a Cisco 876w to connect to an existing WLAN as a client. Now I would like to connect 3 PCs to the 876w which should be able to access the internet via the 876w.
Problem:
Being at the console (ssh) of the 876w, I can ping hosts in the internet (even with their name like www.google.com) but when I'm using a client PC, I can't... What am I missing here? Could it be a NAT problem?
Config:
Internet <---> DSL Router 192.168.1.1 (and WLAN AccessPoint) <---> Cisco 876w (gets IP per DHCP, VLAN1 IP: 10.10.10.1) <---> PC (10.10.10.101)
Current configuration : 9897 bytes
version 12.4
no service pad...dot11 vlan-name wlan-lan vlan 1
dot11 ssid WLAN
vlan 1
authentication open
authentication key-management wpa
wpa-psk ascii 7 0923467F1B2E52789807132F7A202E3D31
no ip source-route
ip dhcp excluded-address 10.10.10.1 10.10.10.9
ip dhcp excluded-address 10.10.10.101 10.10.10.254
ip dhcp pool ccp-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
domain-name cisco.test.com
dns-server 208.67.222.222
ip cef
no ip bootp server
ip domain name test.com
ip name-server 208.67.222.222ip ddns update method sdm_ddns1
HTTP
add http://[email protected]/nic/update?system=dyndns&hostname=//[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://[email protected]/nic/update?system=dyndns&hostname=//[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
no ipv6 cef
multilink bundle-name authenticated
isdn switch-type basic-net3
username admin privilege 15 secret 5 $1$uiouLKjbLIUBlKbj
username service privilege 15 secret 5 $1$LKjblkJNBLKkjlbkm
archive
log config
hidekeys
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-all sdm-cls--1
match access-group name AllowAny
policy-map type inspect sdm-policy-sdm-cls--1
class type inspect sdm-cls--1
inspect
class class-default
drop
zone security wan
zone security lan
zone-pair security sdm-zp-lan-wan source lan destination wan
service-policy type inspect sdm-policy-sdm-cls--1
interface BRI0
description <--
no ip address
ip flow ingress
ip virtual-reassembly
encapsulation ppp
shutdown
dialer pool-member 1
isdn switch-type basic-net3
isdn point-to-point-setup
ppp multilink!
interface ATM0
backup interface BRI0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no atm ilmi-keepalive
interface ATM0.3 point-to-point
description <--
ip flow ingress
shutdown
pvc 1/32
pppoe-client dial-pool-number 2
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface Dot11Radio0
description <--
no ip address
no ip proxy-arp
ip flow ingress
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
encryption mode ciphers aes-ccm
encryption vlan 1 mode ciphers aes-ccm
ssid WLAN
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role non-root
no cdp enable
interface Dot11Radio0.1
encapsulation dot1Q 1 native
ip address dhcp
ip nat outside
ip virtual-reassembly
no ip route-cache
no cdp enable
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
zone-member security lan
ip tcp adjust-mss 1412
interface Dialer0
ip ddns update hostname blahblah.dnsalias.com
ip ddns update sdm_ddns1
ip address negotiated
ip nat outside
ip virtual-reassembly
zone-member security wan
encapsulation ppp
shutdown
dialer pool 1
dialer idle-timeout 600
dialer string 01919214124
dialer load-threshold 20 outbound
dialer watch-group 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname asfa
ppp chap password 7 128763520
ppp pap sent-username asfa password 7 0302141555
ppp multilink
interface Dialer2
ip ddns update sdm_ddns1
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
zone-member security wan
encapsulation ppp
dialer pool 2
dialer-group 2
no cdp enable
ppp authentication chap pap callin
ppp chap hostname gast
ppp chap password 7 095B239876473F06090A
ppp pap sent-username gast password 7 1239847629873693D
router rip
network 10.0.0.0
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
ip http access-class 23ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 105 interface Dialer0 overload
ip nat inside source list 106 interface Dot11Radio0.1 overload
ip access-list extended AllowAny
remark CCP_ACL Category=128
permit ip 10.10.10.0 0.0.0.255 any
ip access-list extended nix
remark tut nix
remark CCP_ACL Category=2
permit tcp any any
permit udp any any
permit icmp any any
permit ip any any
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 100 remark CCP_ACL Category=2
access-list 100 permit ip any any
access-list 101 remark CCP_ACL Category=2
access-list 101 permit ip 10.10.10.0 0.0.0.255 any
access-list 102 remark CCP_ACL Category=2
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
access-list 103 remark CCP_ACL Category=2
access-list 103 permit ip 10.10.10.0 0.0.0.255 any
access-list 105 remark Alles
access-list 105 remark CCP_ACL Category=2
access-list 105 permit ip 10.10.10.0 0.0.0.255 any
access-list 105 permit icmp 10.10.10.0 0.0.0.255 any
access-list 105 permit udp 10.10.10.0 0.0.0.255 any
access-list 105 permit tcp 10.10.10.0 0.0.0.255 any
access-list 106 remark NAT wlan
access-list 106 remark CCP_ACL Category=2
access-list 106 permit ip 10.10.10.0 0.0.0.255 any
access-list 106 permit icmp 10.10.10.0 0.0.0.255 any
access-list 106 permit udp 10.10.10.0 0.0.0.255 any
access-list 106 permit tcp 10.10.10.0 0.0.0.255 any
dialer watch-list 1 ip 208.67.222.222 255.255.255.255
dialer-list 1 protocol ip permit
no cdp run
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
transport input telnet ssh
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
#sh ip int brief
ndrmedienturm#sh ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
BRI0 unassigned YES NVRAM standby mode/disabled down
BRI0:1 unassigned YES unset administratively down down
BRI0:2 unassigned YES unset administratively down down
Dot11Radio0 unassigned YES TFTP up up
Dot11Radio0.1 unassigned YES DHCP up up
ATM0 unassigned YES NVRAM administratively down down
ATM0.3 unassigned YES unset administratively down down
SSLVPN-VIF0 unassigned NO unset up up
Vlan1 10.10.10.1 YES NVRAM up up
NVI0 unassigned YES unset administratively down down
Dialer0 unassigned YES NVRAM administratively down down
Dialer2 unassigned YES NVRAM up up
Virtual-Dot11Radio0 unassigned YES TFTP up up
Virtual-Dot11Radio0.1 192.168.1.54 YES DHCP up upHi,
Just check it out few things from client are you able to ping the wan interface of the cisco 876w and when you ping the internt address from client pc what is the out put of the nat translation in router.
The command to check the same is show ip nat translation is packet is gettin translated or not.
Hope to Help !!
Ganesh.H -
Max-instances-per-pk attribute
Does anybody know what is "max-instances-per-pk" attribute in
<entity-deployment> element in orion-ejb-jar.xml file?
I'm using oc4j version:
E:\oc4j\j2ee\home>java -jar oc4j.jar -version
Oracle9iAS (9.0.2.0.0) Containers for J2EEand when I deploy my CMP EJB I get this attribute added to my orion-ejb-jar.xml file with value 20!!!!!
And when I try to create (or findByPrimaryKey) many beans with
the same primary key, after 20 my server is hanging and I get timeout exceptions:
for (int i=0; i<100; i++) mybean.findByPrimaryKey("1");
when i==20 I get:
com.evermind.server.ejb.TimeoutExpiredException: timeout expired waiting for an instance
at com.evermind.server.ejb.DBEntityWrapperPool.getWrapperInstance(DBEntityWrapperPool.java:189)
at com.evermind.server.ejb.DBEntityEJBHome.getWrapperInstance(DBEntityEJBHome.java:135)
at CatalogHome_EntityHomeWrapper10.findByPrimaryKey(CatalogHome_EntityHomeWrapper10.java:302)
at pl.empolis.delta.modules.catalogman.CatalogManagerBean.getCatalogEntryByPublicID(CatalogManagerBean.java:56)
at CatalogManager_StatelessSessionBeanWrapper6.getCatalogEntryByPublicID(CatalogManager_StatelessSessionBeanWrapper6.java:734)
at java.lang.reflect.Method.invoke(Native Method)
at com.evermind.server.rmi.RMICallHandler.run(RMICallHandler.java:80)
at com.evermind.util.ThreadPoolThread.run(ThreadPoolThread.java:62)
How do I set this value to infinity?
Why I can not find any documentation about this?????
Please help,
ArturArtur -- max-instances-per-pk controls the size of the pool of wrapper instances for OC4J. I would just set it to a very large
integer value. It will be documented in the production release of the EJB guide but for now here is a section from
book. Also, the cache will be able to be disabled but that function was not in the pre-release. Lastly, we should be
posting some of the documentation very soon (look for an announcement) so that will help to clarify some things.
The wrapper instance is OC4J-generated wrapper code that provides for the
services requested in the deployment descriptor. Before the bean instance is
invoked, the client retrieves a handle to the wrapper instance. When the client
invokes the bean, the wrapper is associated with a bean instance.
The max-instances-per-pk attribute sets the maximum entity bean
wrapper instances allowed in its pool for a given primary key. An entity beans
wrapper code can be pooled if it is not used by a client.
The default maximum value is 50. Set the maximum wrapper instances as
follows:
<entity-deployment ... max-instances-per-pk="20"
</entity-deployment>
Set the minimum wrapper instances as follows:
<entity-deployment ... min-instances-per-pk="2"
</entity-deployment>
Thanks -- Jeff -
Cisco 1230 access point a radio lightweight mode
Will the cisco 1230 access point work in lighweight mode if it is using a radio?
The 1230 can be upgraded to LWAPP with the A Radio model listed below;
Solution Requirements
Migration from autonomous access point mode to lightweight mode is possible on these Cisco Aironet access point platforms:
All 1130AG access points
All 1240 AG access points
For all IOS-based 1200 series modular access point (1200/1220 Cisco IOS Software Upgrade, 1210 and **1230 AP**) platforms, it depends on the radio:
if 802.11G, MP21G and MP31G are supported
if 802.11A, RM21A and RM22A are supported
The 1200 series access points can be upgraded with any combination of supported radios: G only, A only, or both G and A.
All 1310 AG access points
From this good doc;
http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html
Hope this helps!
Rob -
Cisco IPSec VPN Client and sending a specific Radius A-V value to ACS 5.2
This setup is to try routing Cisco VPN to either RSA or Entrust from Cisco ACS 5.2, depending on some parameter in incoming AUTH request from Cisco IPSec VPN Client 5.x. Tried playing with pcf files and user names/identity stores, none seems working
Hi Tony,
to the best of my knowledge this is currently not possible, but will be once this enhancement is implemented:
CSCsw31922 Radius upstream VSAs (Tunnel Group,Client type) for VPN policy decisions
You may want to try and ask in the AAA forum if there is anything you can do on ACS...
hth
Herbert -
What is the recommended number of clients per Mac server? Also what are some recommended specs when purchasing an Apple machine that will have Mac OS X server installed? We have around 300 clients that need to be enroled on the Mac server. I want to know what is the recommended amount of clients a Mac server should contain. Also what are some recommended specs to make sure the server will flawlessly?
Hello cpreasbeck,
Thank you for contacting Apple Support Communities.
I was able to find the following transition guide for Xserve that provides some workload guidance to determine performance when planning a server deployment.
Transition Guide Xserve
http://images.apple.com/xserve/pdf/L422277A_Xserve_Guide.pdf
On page 9, Performance there is a chart that provides maximum numbers of connected users for various activities such as file sharing, mail, web, calendar, directory services and Time Machine and the CPU used as a server (Xserve, Mac Pro, Mac Mini). This information is a bit dated as the referenced software is Snow Leopard Server (OS X 10.6), and the hardware is older also, but it should give you a general idea of what you might need to look for.
Regards,
Jeff D. -
NAC-L2-802.1x (EAP-FAST) and Cisco Secure Services Client 5.0 in wired net
Hi!
(Sorry, if this is a wrong forum.)
Does anybody have any success with Cisco SSC and EAP-FAST in the wired network?
I'm going to use NAC, so I'm trying to set up EAP-FAST. I see the pop-up window on the client to enter user credentials and I see a lot of "debug radius" messages on my 3750 12.2(44)SE switch:
Access-Requests with User-Name="anonymous"
Access-Challenges (I see certificate is sent from ACS)
Access-Reject
CS ACS Failed Attempts Report shows "ACS user unknown" failure for "anonymous".
So far as I understood, EAP-FAST is a tunneled method and it uses "anonymous" to protect user's identity during phase 0 / phase 1 transactions. The actual username is sent in phase 2 transaction.
The following is excerpt from the CS ACS documentation:
"EAP-FAST can protect the username in all EAP-FAST transactions. ACS does not perform user authentication based on a username that is presented in phase one; however, whether the username is protected during phase one depends on the end-user client. If the end-user client does not send the real username in phase one, the username is protected. The Cisco Aironet EAP-FAST client protects the username in phase one by sending FAST_MAC address in place of the username. After phase one of EAP-FAST, all data is encrypted, including username information that is usually sent in clear text."
SSC 5.0 is indeed set up with "Unprotected Identity Pattern"=anonymous and "Protected Identity Pattern"=[username] using sscManagementUtility.exe
So, the question is: Why is ACS 4.1 trying to authenticate username "anonymous" if it knows that the user is fake? Does anybody have working configuaration for EAP-FAST in a wired network?
Any help is greatly appreciated.Correct, ACS database wasn't selected on the NAP Authentication page. It works now, but I constantly get the following message in the Windows event log: "The Cisco Secure Services Client service hung on starting". This is Windows 2000 Advanced Server system with SP4. SSC was set up with no domain authentication, no machine authentication, single sign-on. After some time the SSC service starts, but at that time my PC is already put into the guest VLAN by the switch (the tx-period is 10 seconds):
POD1-SW#sh run int fa1/0/1
Building configuration...
Current configuration : 378 bytes
interface FastEthernet1/0/1
switchport access vlan 999
switchport mode access
dot1x mac-auth-bypass
dot1x pae authenticator
dot1x port-control auto
dot1x timeout reauth-period server
dot1x timeout tx-period 10
dot1x reauthentication
dot1x critical
dot1x critical recovery action reinitialize
dot1x guest-vlan 91
dot1x critical vlan 11
spanning-tree portfast
end
After all the VLAN is reassigned by the switch, but the delay is too high. How can I troubleshoot this?
Thx. -
How do I Limit the number of Clients Per AP, Per Radio
I'm have WCS, 2 - WLC4404, 1 - WLC4402 and 1 WISM (6509). All running 7.X OS.
Here is my problem I have 4 3502 AP,s in the hall, but the laptops all connect to one AP. 2 Clients on A and 26 Clients on G.
How do I control this?
MikeIf you want to limit the number of clients PER AP then this is a feature that has been identified and will be available in the next few version.
You can, however, limit the number of clients and default is set to 12. -
Setting max record per page property at runtime (very urgent)
We need to display 7 record for first page and 25 for other pages...
we tried a reperating frame max record per page property is a report level property. So it cannot change for pages.
Then We try other way..
we seperated our query to the different frame to do these
But we need to summaries some field at page level and
reset at page has fallowing restriction
"A Reset At of Page will not work for reports that have multiple repeating frames associated with a group that is involved in the summary. One common case of this is a matrix report. As a result, matrix reports cannot have page-level summaries."
So all the ways we tried failed.
How can we do this ... it is very urgent. (we can use any version of report.)
Thanks for your help...repost
-
Install Error when installing CISCO AnyConnect Mobility Client
When installing Cisco AnyConnect Mobility Client 3.1.02040, I get the following install error:
There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.When installing Cisco AnyConnect Mobility Client 3.1.02040, I get the following install error:
There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. -
Local RADIUS in AP1242 with non-cisco WinXP wireless clients
I'd like to configure local RADIUS in AP1242 and connect non-cisco WinXP wireless clients (for example notebook with integrated radio) with it. I did configuration (config1.txt) like in instruction: http://cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801c0912.shtml
But I can't connect non-cisco WinXP wireless client with AP1242 anyway. At once Cisco wireless client with Aironet Desktop Utility connects with it without any problem. I've done some other configuration (config2.txt), but with the same result. Second configuration is rather then first.
How can I connect non-cisco WinXP wireless clients with AP1242 with local RADIUS?Hi Stephen,
Thanks for the quick reply. Below is the switchport config. I am able to ping the AP from the switch and connect to its web page from any workstations.
interface GigabitEthernet0/5
switchport trunk encapsulation dot1q
switchport trunk native vlan 151
switchport mode trunk
end -
Infoview Set the number of objects (max.) per page
Is there a way to set this preference "Set the number of objects (max.) per page" using infoview web.xml or any using any BO Java SDK. Please advice.
I want to set the value using some cofiguration or using java SDK. please advice.Hi
There is:
Log in to InfoView -> Preferences -> Set the number of objects (max.) per page:
This is per user
Kind Regards
Roland Hoeller -
Configurate cisco ipsec vpn client at asa 5505 version 8.4
Hi dear. I want to configurate cisco ipsec vpn client at asa 5505. At my asa the software version is 8.4.
please provide me a link or some material to config ipsec vpn client at asa 5505 version 8.4
thank you.are you looking for vpn client .pcf file or the configuration on ASA (ASDM) ?
what version of vpn client ? -
Hello,
Looks like cisco 857w does not support pptp client in my IOS version, only l2tp is supported. Does there is some IOS version I can upgrade/downgrade to configure cisco as pptp client?None of Cisco devices can be configured as PPTP client. Cisco devices can only be configured as PPTP server.
-
Home Use for the Cisco 1230 AG Model
Hi, Does anyone have instructions for using the Cisco 1230 AG Model at home i.e. using Home DSL or a Cable? So far, I assume I can hook a router into the cable modem, and
hook the AP into the router. Then, the AP will act as a DHCP server? If someone can help or point me to a doc, that would be great.The router will act as a DHCP server, not the AP. Set up a DHCP scope on the router and put the AP on the router with a static address in the range of (but not the DHCP scope of) the vlan.
for example, assume a 192.168.1.0 /24 subnet.
network is x.x.x.0
gateway is x.x.x.1
AP is .2 thru .10 (in case you want more!)
These are statically assigned
DHCP on router should be configured starting at .11 or above
Maybe you are looking for
-
BUG REPORT - Catch Up, ITV player
I'm sure there must be some way to report bugs officially - but I don't know what it is. On a couple of occasions now, I have noticed that the most recent episode of Coronation Street (e.g. 7.30pm, Weds 26th Sept 2012) does not appear in the Catch Up
-
Photoshop CS3 Batch fails to rename - saves as original name for every file?
I have created the following action: Open (File from folder on desktop - original is JPG) Image Size (resize image to 1024xXXX) Save (Save as PNG) Close I run the action via Batch: Default Actions PNG 1024xXXX (action created above) Source folder on
-
Hi, How to retrive the value of below query. I am encountered with numeric value error. select power(10,333333333333) from dual;Thanks in advance
-
i have a JMenu called jMenu2, in its action performed method i would like it to add to the bottom of its list a new JMenuItem while the program is running. private void jMenu2ActionPerformed(java.awt.event.ActionEvent evt) { // TODO add your handling
-
The problem: oracle jdbc thin driver doesn't see environment variable NLS_SORT Description: We have a lot of code written in coldfusion and now we would like to switch form CF5 to CFMX. We use oracle thin driver to connect CFMX to oracle DB. The prob