Cisco Aironet AIR-SAP2602I-E-K9 - Setting QoS from CLI...
Hey guys,
I've created a QoS policy from within the GUI. However when trying to apply the policy to all incoming and outgoing interfaces of the VLAN concerned (1000 / CORP) from within the GUI I'm not convinced it is working. I select the policy against each interface and hit "apply" and then it defaults back to no policy being selected. Looking at show run I can see the policy is created although I'm not convinced it has been applied to the interfaces? Could somebody please take a quick glance at the config below and indicate whether the policy has been applied to the interfaces for VLAN 1000. Pretty sure it hasn't.
User Access Verification
Username: admin
Password:
LATHQWAP#show run
Building configuration...
Current configuration : 3456 bytes
! Last configuration change at 00:38:43 UTC Thu Mar 4 1993 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LATHQWAP
logging rate-limit console 9
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
no ip routing
dot11 syslog
dot11 vlan-name Data vlan 1000
dot11 vlan-name Guest vlan 1234
dot11 ssid Corp
vlan 1000
authentication open
authentication key-management wpa version 2
wpa-psk ascii 7
dot11 ssid Guest
vlan 1234
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii 7
crypto pki token default removal timeout 0
username admin privilege 15 password 7
class-map match-all _class_Lync0
match ip dscp cs5
policy-map Lync
class _class_Lync0
set cos 6
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid Corp
ssid Guest
antenna gain 0
stbc
station-role root
interface Dot11Radio0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
interface Dot11Radio1
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid Corp
ssid Guest
antenna gain 0
no dfs band block
stbc
channel dfs
station-role root
interface Dot11Radio1.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface GigabitEthernet0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
interface BVI1
ip address 10.10. 255.255.254.0
no ip route-cache
ip default-gateway 10.10.
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
transport input all
end
Thank you to anyone taking the time to assist. Greatly appreciated - very new Cisco wireless tech.
Cheers.
Sorted this myself. It wouldn't apply to the VLAN because VLAN 1000 was the native VLAN.
Similar Messages
-
Hey guys,
I'm configuring my access points with two SSID's through the GUI. The first is a corporate SSID and the second a guest SSID. The corporate SSID needs to be attached to native VLAN 1000. The guest SSID needs to be attached to VLAN 1234. Both SSID's / VLAN's are to use WPAv2 AES CCMP with a PSK. Although I'm getting an error message indicating that my VLAN's don't exist on ‘Radio1-802.11N 5GHZ’ . Here are steps I take from start to error...
Create SSID’s with no security. CORP not to broadcast. Set CORP to use native VLAN 1000. Set guest to use VLAN1234.
Within security encryption manager > Set encryption mode cipher to AES CCMP on both VLAN 1000 and VLAN1234.
Within services > VLAN check that both VLAN’s have Radio0-802.11N 2.4GHZ and Radio1-802.11N 5GHZ selected. They do.
Within Security > SSID Manager – set client authenticated key management to mandatory, enable WPA – WPAv2. Set pre-shared key. Hit apply > “ERROR: VLAN 1000 doesn’t exist on ‘Radio1-802.11N 5GHZ’ (see Services > VLAN).
I get the same error for both SSID’s. Radio1-802.11N 5GHZ is "checked" against both VLAN's. Am I missing something? Both Radio0-802.11N 2.4GHZ and Radio1-802.11N 5GHZ are enable interfaces and are "up".
I'm pretty customed to switch and router IOS although have absolutely no exposure to WAP CLI.
Any assistance appreciated.I've resolved this myself. The GUI is basically terrible and very buggy. I used the CLI and was able to add WPA through the CLI.
-
Configuring Cisco Aironet 1140 for Radius and setting up a Radius server
guys i need some help setting up my Radius to work with cisco aironet 1140, i am new at this however i was tasked with setting up a Radius server and setting our AP with WPA2- enterprise so users can log into our AP using AD credentials.
When i try to setup on the AP a new SSID i do not see the option for WPA2- enterprise?Here are other links with examples:
https://supportforums.cisco.com/thread/331581
http://targetcisco.blogspot.com/2011/03/cisco-autonomous-access-point.html
http://downloads.avaya.com/css/P8/documents/100041614
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Cisco Aironet Air-Ap 1262n-E-K9 Mac different when Scanned Android WiGLE WiFi
Hi All
I developed an Android Application to scan for the RSSI signals using the mac address of the Access Point (AP). When I do a scan for my personal Vodafone router or my personal dLAN 500 WiFi, I can pick up the mac address and get the signal levels from that.
When I try do the same for the Cisco 802.11n Dual Band Access Point, Aironet Air-Ap 1262n-E-K9 the app will not pick up the routers mac that is on the label on the back. I downloaded the free WiGLE WiFi app and Scanned with it and it too doesn't give the mac I am looking for, what it does give me is six mac address 3 on channel 11 and 3 on 44 with the RSSI values.
My Question: Is the mac address on the Cisco AP label just for the LAN and the WiFi antennas have each got a separate mac 3 on the 2.4GHz and 3 on the 5GHz.
Can someone help me better understand this problem I am having, I hope I have explained it well enough for you to understand what I am trying to do.what it does give me is six mac address 3 on channel 11 and 3 on 44 with the RSSI values.
Each SSID has it's own unique MAC address. This is the original standard.
The MAC address printed at the back of an AP is the MAC address in Ethernet. -
I just finished my first Arch installation. I'm as green as they come, so your help and patience is appreciated!
Situation: I want to connect using my workplace's ethernet to the internet, so I can download a GUI. I've figured out how to assign a static IP, now I just need to know how to conifgure the proxy settings. How can I do this from the command line?
Thanks!Clicky
-
X120e - Will a USB-connected Cardbus Cisco Aironet card go around whitelist restrictions?
I have a x120e that I'm trying to get with Cisco LEAP security. The Cisco Aironet (AIR-CB21AG-A-K9) cardbuss card will connect to LEAP but I'm wondering if connecting this cardbus card to the x120e via a Cardbus to USB adapter will allow me to connect this WiFi card to the x120e. I have run up against the whitelist restrictions when I tried to replace the half mini PCI card with an Intel WiFi card. I haven't quite worked up the courage to flash the BIOS with a new adapter name. DaveM
Hello,
I have not heard of anyone using that particular solution. Perhaps you could test it and let us know the results.
Have you looked for an external USB Wi-Fi adapter that supports Cisco LEAP protocol? I would think that would be easier to use, though, not to mention more convient to carry around, especially with a USB extension cable or right-angle adapter.
Regards,
Aryeh Goretsky
I am a volunteer and neither a Lenovo nor a Microsoft employee. • Dexter is a good dog • Dexter je dobrý pes
S230u (3347-4HU) • X220 (4286-CTO) • W510 (4318-CTO) • W530 (2441-4R3) • X100e (3508-CTO) • X120e (0596-CTO) • T61p (6459-CTO) • T43p (2678-H7U) • T42 (2378-R4U) • T23 (2648-LU7)
Deutsche Community Comunidad en Español Русскоязычное Сообщество -
Hello, I have 2 Cisco Aironet 1300 Bridges which provide data and voice communication between 2 buildings. Up until recently QoS has not been needed, but lately there appears to be congestion due to reports of poor voice quality. Building A houses a V3000 NBX Telephone system, Building B houses approximately 30 remote IP phones. Building A and Building B are approximately 100 yards apart. No VLAN's. Due to myself being an extreme noob to Cisco bridges, I was hoping some of you may have had experience in setting this up and hopefully provide some tips. I need to prioritize traffic on UDP ports 2093-2096 and TCP port 1040. Thank you in advance for any suggestions. My current running config is below:
Using 1283 out of 32768 bytes
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LHS-WeightRoom-WCV
ip subnet-zero
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
dot11 ssid wcv
authentication open
guest-mode
dot11 ssid wcvcisco
authentication open
infrastructure-ssid optional
username root privilege 15 password 7 0247335A05320A2244
username Cisco privilege 15 password 7 074E164D403D1C061F
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
ssid wcv
ssid wcvcisco
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root bridge
bridge-group 1
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
hold-queue 80 in
interface BVI1
ip address 10.141.8.6 255.255.254.0
no ip route-cache
ip default-gateway 10.141.8.5
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
control-plane
bridge 1 route ip
line con 0
line vty 0 4
endHere is the URL for the configuration of Cisco Aironet 1300 QoS. Follow the guide it may help you
http://www.cisco.com/en/US/docs/wireless/access_point/1300/12.3_4_JA/configuration/guide/o13qos.html -
I'm trying to deploy a WiFi solution for a client. It would consist of 2 SSIDs; one for internal users with internal network access and a guest with only internal access.
I have a Sonicwall TZ215:
External IP: x.x.x.x
LAN IP: 192.168.1.1/24
DHCP Server: 192.168.5-195/24
+++++++++++++++++++++++
Cisco SG500:
v1.3.0.62 / R750_NIK_1_3_647_260
CLI v1.0
set system mode switch queues-mode 4
file SSD indicator encrypted
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
hostname xxx
ip ssh server
snmp-server location "xxx"
snmp-server contact "John Doe"
clock timezone CST 0 minutes 0
clock dhcp timezone
ip telnet server
interface vlan 1
ip address 192.168.1.2 255.255.255.0
no ip address dhcp
interface gigabitethernet1/1/1
switchport mode access
interface gigabitethernet1/1/2
switchport mode access
interface gigabitethernet1/1/3
switchport mode access
interface gigabitethernet1/1/4
switchport mode access
interface gigabitethernet1/1/5
switchport mode access
interface gigabitethernet1/1/6
switchport mode access
interface gigabitethernet1/1/7
switchport mode access
interface gigabitethernet1/1/8
switchport mode access
interface gigabitethernet1/1/9
switchport mode access
interface gigabitethernet1/1/10
switchport mode access
interface gigabitethernet1/1/11
switchport mode access
interface gigabitethernet1/1/12
switchport mode access
interface gigabitethernet1/1/13
switchport mode access
interface gigabitethernet1/1/14
switchport mode access
interface gigabitethernet1/1/15
switchport mode access
interface gigabitethernet1/1/16
switchport mode access
interface gigabitethernet1/1/17
switchport mode access
interface gigabitethernet1/1/18
switchport mode access
interface gigabitethernet1/1/19
switchport mode access
interface gigabitethernet1/1/20
switchport mode access
interface gigabitethernet1/1/21
switchport mode access
interface gigabitethernet1/1/22
switchport mode access
interface gigabitethernet1/1/23
switchport mode access
interface gigabitethernet1/1/24
switchport mode access
interface gigabitethernet1/1/25
switchport mode access
interface gigabitethernet1/1/26
switchport mode access
interface gigabitethernet1/1/27
switchport mode access
interface gigabitethernet1/1/28
switchport mode access
interface gigabitethernet1/1/29
switchport mode access
interface gigabitethernet1/1/30
switchport mode access
interface gigabitethernet1/1/31
switchport mode access
interface gigabitethernet1/1/32
switchport mode access
interface gigabitethernet1/1/33
switchport mode access
interface gigabitethernet1/1/34
switchport mode access
interface gigabitethernet1/1/35
switchport mode access
interface gigabitethernet1/1/36
switchport mode access
interface gigabitethernet1/1/37
switchport mode access
interface gigabitethernet1/1/38
switchport mode access
interface gigabitethernet1/1/39
switchport mode access
interface gigabitethernet1/1/40
switchport mode access
interface gigabitethernet1/1/41
switchport mode access
interface gigabitethernet1/1/42
switchport mode access
interface gigabitethernet1/1/43
switchport mode access
interface gigabitethernet1/1/44
switchport mode access
interface gigabitethernet1/1/45
switchport mode access
interface gigabitethernet1/1/46
switchport mode access
interface gigabitethernet1/1/47
switchport mode access
interface gigabitethernet1/1/48
switchport mode access
interface gigabitethernet1/1/51
switchport mode access
interface gigabitethernet1/1/52
switchport mode access
exit
macro auto disabled
ip default-gateway 192.168.1.1
encrypted
+++++++++++++++++++++++++++++++++++=
Cisco AIR-SAP2602I
! Last configuration change at 00:11:27 UTC Mon Mar 1 1993 by administrator
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname XXX
logging rate-limit console 9
enable secret 5 $1$RVFD$DybWHlNypzf3XsnL6RGND/
no aaa new-model
no ip routing
ip domain name XXX
dot11 syslog
dot11 vlan-name Guest_VLAN vlan 200
dot11 vlan-name Internal_Users vlan 300
dot11 vlan-name default vlan 1
dot11 ssid Internal
vlan 300
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 05180704241A18471802161B05
dot11 ssid Guest
vlan 200
authentication open
authentication key-management wpa
guest-mode
mbssid guest-mode
infrastructure-ssid optional
wpa-psk ascii 7 10652D4B5341151E09173E
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-2946962253
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2946962253
revocation-check none
rsakeypair TP-self-signed-2946962253
crypto pki certificate chain TP-self-signed-2946962253
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32393436 39363232 3533301E 170D3933 30333031 30303431
34325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39343639
36323235 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009438 47D6CAB8 36B9260D D5FEFA7A DFA7E065 E47ECCA2 346674C6 54D9C004
D6D62585 DE26A41E 447E8607 D0BD58C5 92899510 4EEBF95C 9352D082 1BB71EBF
72D56DDC 87D55A85 4A242578 6BBD31AD E48C8354 1C7331BD 5ED9F29D 5F8B868E
14DB0C08 3930D2D4 3266ED2D 9902DAA4 A348B722 82FCC132 6FC4BF22 DC7B9DBC
2F010203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 149FB8D9 F772C9DE 4BC86DD9 451902F3 4994F7D8 E0301D06
03551D0E 04160414 9FB8D9F7 72C9DE4B C86DD945 1902F349 94F7D8E0 300D0609
2A864886 F70D0101 05050003 81810054 FBCE018A CC09679F 8CB2D20A C773DE00
51AFA13A AB5105D5 BAAB6F2F B7CAF46A 2BFDCDDC F156593F 16C509EF 8C5215C1
7631DEFA 9E16633C 1E89CE65 C56591B2 5BE90BD0 1941F0EA 5478924C 4C0E229D
013743C3 2D4993E0 C44F9143 89A7A5D6 870E3A6C A772B8BB D032956F 1A5B894A
40EC55B9 8C5E3876 7E4B45FE 3DD00B
quit
ip ssh version 1
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm
encryption vlan 100 mode ciphers aes-ccm
encryption vlan 200 mode ciphers aes-ccm
encryption vlan 300 mode ciphers aes-ccm
broadcast-key vlan 1 change 10000
broadcast-key vlan 100 change 10000
ssid Internal
ssid Guest
antenna gain 0
stbc
mbssid
station-role root
interface Dot11Radio0.200
encapsulation dot1Q 200 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.300
encapsulation dot1Q 300
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
interface Dot11Radio1
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm
encryption vlan 300 mode ciphers aes-ccm
encryption vlan 200 mode ciphers aes-ccm
broadcast-key vlan 1 change 10000
antenna gain 0
dfs band 3 block
channel dfs
station-role root
interface Dot11Radio1.1
encapsulation dot1Q 1
no ip route-cache
interface Dot11Radio1.200
encapsulation dot1Q 200 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.300
encapsulation dot1Q 300
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
hold-queue 160 in
interface GigabitEthernet0.1
encapsulation dot1Q 1
no ip route-cache
interface GigabitEthernet0.200
encapsulation dot1Q 200 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.300
encapsulation dot1Q 300
no ip route-cache
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
interface BVI1
ip address 192.168.1.10 255.255.255.0
no ip route-cache
ip default-gateway 192.168.1.1
no ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
login local
transport input all
end
+++++++++++++++++++++++++++++++++++++++++
I was able to get dhcp from the Sonicwall with 192.168.1.0/24, but not from the SG500. I created a scope(192.168.2.0/24 for guest; 192.168.3.0/24 for internal users) I even created DHCP scope on the AP, but cannot get an IP from that either. I creatd an ACL to allow the 192.168.3.0/24 access elewhere, and denied 192.168.2.0 access to other but internet.
If I disabled all scopes on the Sonicwall, I get an APIPA from both AP/SG500. Any thoughts?What is your default VLAN?
On the AP, you configured VLAN 200 to be the native. is that the same with your othe devices?
"encapsulation dot1Q 200 native"
Regards,
Amjad
Rating useful replies is more useful than saying "Thank you" -
Setting up Cisco Aironet 1250 for home use
Hey everyone,
I'm rather new to the whole Enterprise Router lines. I've set up countless networks with Linksys routers in the past. However, this Aironet is giving me more trouble than I'd want it to. I was wondering if anyone could help. I've assigned it an IP Address and accessed that In-Browser interface and set up an SSID and activated the two extensions. I've been able to connect to the router with my computer and access the internet without restriction. However, when I attempt to connect a second PC or Laptop to the network, it won't allow network access to the second device. I've been stuck there forever. Is there any specific setup method I need to use to make sure more than one workstation/device? I want to use this router for home use, I often use laptops and move around the house a lot, so the advantage of better connection signal and speed is well worth it. Any help is highly apprieciated. If you need more information, don't hesitate to contact me.Sorry for my late reply. Here is the config:
It wasn't connected to anything. This was a raw pull from a fresh cold boot.
IOS Bootloader - Starting system.
Xmodem file system is available.
flashfs[0]: 150 files, 7 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31868928
flashfs[0]: Bytes used: 6406144
flashfs[0]: Bytes available: 25462784
flashfs[0]: flashfs fsck took 16 seconds.
Reading cookie from flash parameter block...done.
Base Ethernet MAC address: 54:75:d0:dd:b5:12
Loading "flash:/c1250-k9w7-mx.124-10b.JDA3/c1250-k9w7-mx.124-10b.JDA3"...##################################################################################################################################################################################################################
File "flash:/c1250-k9w7-mx.124-10b.JDA3/c1250-k9w7-mx.124-10b.JDA3" uncompressed and installed, entry point: 0x3000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C1250 Software (C1250-K9W7-M), Version 12.4(10b)JDA3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Sun 07-Jun-09 03:50 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01000000
Initializing flashfs...
flashfs[1]: 150 files, 7 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 31868928
flashfs[1]: Bytes used: 6406144
flashfs[1]: Bytes available: 25462784
flashfs[1]: flashfs fsck took 4 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
Warning: the compile-time code checksum does not appear to be present.
Radio 1 A600 8000 0 0 A8030000 30
Radio 1 A600 8000 0 0 B8030000 13
tx_paks 1293
tx_paks 646
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html you require further assistance please contact us by sending email to
[email protected]. AIR-AP1252AG-A-K9 (PowerPC 8349) processor (revision C0) with 49142K/16384K bytes of memory.
Processor board ID FTX1423902R
PowerPC 8349 CPU at 533Mhz, revision number 0x0031
Last reset from power-on
1 Gigabit Ethernet interface
2 802.11 Radio(s)
If
cisco
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 54:75:D0:DD:B5:12
Part Number : 73-10425-06
PCA Assembly Number : 800-27630-06
PCA Revision Number : B0
PCB Serial Number : FOC142025F4
Top Assembly Part Number : 800-29039-03
Top Assembly Serial Number : FTX1423902R
Top Revision Number : A0
Product/Model Number : AIR-AP1252AG-A-K9
Press RETURN to get started!
*Mar 1 00:00:06.211: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar 1 00:00:07.039: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
*Mar 1 00:00:07.543: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
*Mar 1 00:00:09.587: %SYS-5-CONFIG_I: Configured from memory by console
*Mar 1 00:00:09.591: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1250 Software (C1250-K9W7-M), Version 12.4(10b)JDA3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Sun 07-Jun-09 03:50 by prod_rel_team
*Mar 1 00:00:09.591: %SNMP-5-COLDSTART: SNMP agent on host Cisco1250 is undergoing a cold start
*Mar 1 01:37:52.027: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 01:37:52.027: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 01:37:52.707: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 01:37:53.467: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 01:37:53.467: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Mar 1 01:37:53.847: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 01:37:54.467: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 01:37:54.695: %CDP_PD-4-POWER_OK: Full power - INJECTOR_DETECTED inline power source
*Mar 1 01:37:54.703: %DOT11-4-NO_HT: Interface Dot11Radio1, Mcs rates disabled on vlan 0 due to not using AES encryption or
*Mar 1 01:37:58.303: %DOT11-6-FREQ_USED: Interface Dot11Radio1, frequency 5180 selected
*Mar 1 01:37:58.307: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 01:37:58.307: %DOT11-4-NO_HT: Interface Dot11Radio0, Mcs rates disabled on vlan 0 due to not using AES encryption or
*Mar 1 01:37:58.311: %DOT11-6-FREQ_SCAN: Interface Dot11Radio0, Scanning frequencies for 13 seconds
*Mar 1 01:37:59.307: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar 1 01:38:00.307: %LINK-3-UPDOWN: Interface BVI1, changed state to down
*Mar 1 01:38:02.931: %LINK-3-UPDOWN: Interface BVI1, changed state to up
*Mar 1 01:38:11.919: %DOT11-6-FREQ_USED: Interface Dot11Radio0, frequency 2462 selected
*Mar 1 01:38:11.923: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 01:38:12.923: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Cisco1250>enable
Password:
Cisco1250#show running-config
Building configuration...
Current configuration : 1717 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Cisco1250
enable secret 5 $1$jDeQ$cFdx0aHAd8wj8tk6CCmXq/
no aaa new-model
dot11 ssid Home Network
authentication open
guest-mode
power inline negotiation prestandard source
username Cisco password 7 05280F1C2243
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption key 1 size 128bit 7 23D0220D02AE7FA723492AA01E34 transmit-key
encryption mode wep mandatory
ssid Home Network
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
encryption key 1 size 128bit 7 0B4935657C801B3620154AB56630 transmit-key
encryption mode wep mandatory
ssid Home Network
dfs band 3 block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 192.168.0.1 255.255.255.0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
snmp-server community Community RW
bridge 1 route ip
line con 0
line vty 0 4
login local
end
They way I connect it in the network is as follows:
BrightHouse Networks ISP Modem --> Cisco Aironet 1252 --> Incoming connections from computers and laptops.
Any ideas? -
Cisco 7600 MPLS and set Qos group
Hi, i'm am trying to use to following class-maps and policy maps on a Cisco 7600. The same maps have been used on both 3700 series and 7200 series. However when i try to apply IP_TO_MPLS_OUT and MPLS_TO_IP_IN on the 7600 (with SUP32 and 48 port gigabit blade) i get a message on the console
"set qos group" not supported.
I used the QoS group to carry the MPLS EXP value (as label would is popped) and this works well.
How can i get the QoS group to work on the 7600, if not is there a valid workaround?
Many thanks for your help.
policy-map IP_TO_MPLS_OUT
class qosgrp5
set mpls experimental topmost 5
priority percent 10
class qosgrp4
bandwidth remaining percent 50
set mpls experimental topmost 4
class qosgrp2
bandwidth remaining percent 20
set mpls experimental topmost 2
class class-default
bandwidth remaining percent 30
random-detect
set mpls experimental topmost 1
policy-map CE_OUT
class qosgrp5
set ip precedence 5
class qosgrp4
set ip precedence 4
class qosgrp2
set ip precedence 2
policy-map MPLS_TO_IP_IN
class MPLS_EXP5
set qos-group 5
class MPLS_EXP4
set qos-group 4
class MPLS_EXP2
set qos-group 2Hi,
I'm not aware that you can use qos groups on c7600 (LAN ports ?).
For the MPLS_TO_IP direction you can use 'mpls propagate-cos' on the egress interface as workaround. This rewrites the egress IP ToS with the internal DSCP (which is inferred from the topmost MPLS label).
For the IP_TO_MPLS direction you could just match on the original DSCP ?
cheers,
Stefan -
Cisco AIR-SAP2602I-N-K9 vs AIR-CAP2602I-E-K9
What's the difference between "AIR-SAP2602I-N-K9" and " AIR-CAP2602I-E-K9 "?
Hi there, the difference between the two is the regulatory domain they work on. The 802.11 specification as regulatory domains defines the different parameters for antenna gain, transmit power, channel selection, and so on. A (A regulatory domain - FCC):North America, South America, Central America, Australia, New Zealand, various parts of Asia E (E regulatory domain - ETSI):Europe, Middle East, Africa, various parts of Asia As you see on this site for example European shops sell the Cisco air-cap2602i-e-k9: http://hardware.nl/cisco/air-cap2602i-e-k9.html N (N regulatory domain - Non FCC):Mexico, Australia Find all regions divided by Cisco here: http://www.cisco.com/c/en/us/products/collateral/wireless/access-points/product_data_sheet0900aecd80537b6a.html
-
Cisco Air-SAP2602E-E with PoE Plus?
Hi to all,
Could be any situation in which the Access point AIR-SAP2602E-E-K9 would need PoE Plus (all four antennas transmiting maximum power, some radio speeds, etc)?
Thanks in advance.Nope.
Only the end-of-sale 1252 and 3602 (when add-on modules are installed) require PoE plus. Every other models are PoE only. -
Download and upload speed per ssid in air-sap2602.
Dear team,
How to limit the download and upload speed per ssid in air-sap2602 ?
SSID =5MB download + 1upload
SSID= 30MB download + 5upload
RegardsIf you need help with traffic shaping, you should post your question on the rLAN, Switching and Routing forum:
https://supportforums.cisco.com/community/netpro/network-infrastructure/switching
You can also look for examples by searching Configure 1941 traffic shaping:
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfgts.html
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfcbshp.html
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Cisco Aironet 1250 - How to bridge two AP's and get Non-root to talk to Root AP
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:Arial;
mso-bidi-theme-font:minor-bidi;}
I have two buidlings acroos the street from each other. I have two Cisco Aironet 1250 wireless AP's with the first one going in the main building with network backbone. The Second AP goes across the street with the other wired network segment. Both AP's have long range antenas 2.4 GHZ on top of each building. I have configured the 1st one as the Root Bridge. The one across the street is configured as non-root bridge. I have both AP's configured with the same WEP key and also with the same SSID name with both set to broadcast it. I am still unsure and confused as to how I get the non-root bridge to talk to and use the root bridge to get on the main network.
1- It’s main to use the Root parent Mac address.
2- Is there another config that I am missing to get the signal?
Note: I still not getting any signal from the root although distance between root and non-root is 330m
My root antenna is AIR-ANT24120 and non-root antenna is AIR-ANT1949 and attached files is my configuration files
Thank you.1. How are the AIR-ANT24120 and the AIR-ANT1949 installed?
the AIR-ANT24120 is connected virtically on tower far 11m from the earth and AIR-ANT1949 is connected horizontally on tower far 10m from the earth
2. What is the distance between both APs?
350 m
3. Do you have clear line-of-sight between the two?
there is one tanker in the middle between them but it's far 7m from the earth
4. Is the two APs properly aligned?
i think yes and changed the aligned many times without any news (I don't have any tools for alignment)
5. Which point are the antennas connected to? Primary, Secondary or middle?
I tried in the primary and secondary but never tried the middle antenna
Thanks -
Cisco Aironet 1200 wireless network very slow
I have a simple wireless network set up, 2 - Cisco Aironet 1200 AIR-AP1220B-A-K9 wireless access points with 2 dBi Diversity Omni directional Ceiling Mount Antennas. They are the only devices connected to a Multitech Routfinder router, the WAN side the router is connected to a dedicated DSL connection. They are powered by AIR-PWRINJ3 power injectors. The WAP get the IP address from the DHCP in the router.
When connecting to the wireless network it runs very very slow, the signal strength is excellent and the connection speed is 54 mbps. But when opening a web browser it takes for ever to load a simple page like msn.com. If I connect the notebook directly to the router it runs very fast. We have tested with several notebooks and have the same problem. When I view the available wireless networks in range the only two that show up are the two Cisco 1200 WAP.
I have done the following with no improvement:
Change the channels from auto to 6 on one and 11 on the other.
Reset to factory defaults.
Update the firmware to c1200-k9w7-tar.123-7.JA2.tar
Replace the 802.11b radios with 802.11g radios AIR-MP21G-A-K9.
Disable the Aironet extensions.
Following is the configuration from one of the access points (before the firmware update):
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname MMA1
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
username xxxx privilege 15 password xxxx
username xxx privilege 15 password xxxx
ip subnet-zero
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
ssid MMA1
authentication open
guest-mode
speed basic-1.0 basic-2.0 basic-5.5 basic-11.0
rts threshold 2312
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 192.168.10.100 255.255.255.0
no ip route-cache
ip default-gateway 192.168.10.1
ip http server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100
ip http authentication aaa
bridge 1 route ip
line con 0
line vty 5 15
End
Any suggestions would be greatly appreciated.
Best regards,
RandyThanks for the info.
The documentation say not to switch from auto to full duplex or half duplex when using inline power, well I think it says the AP may reboot. I may have tried half duplex before I upgraded the firmware.
While upgrading I disconnected the AP, used a patch cord to connect it to the router and pluged the power directly into it to make sure the wiring to the AP was not the problem and it did the same thing.
However, when trying to upgrade the firmware it took ~ 45 minuets to upload the image and filed a couple of times retrying. I connected the AP to the notebook directly with a crossover cable and it uploaded in about 45 seconds.
That got me to thinking that there may be a problem with the router so I have replaced it with a Linksys.
In the mean time the DSL went down yesterday so I have not been able to test the new setup.
The cables are T568B
W/O
O/W
W/G
B/W
W/B
G/W
W/B
B/W
Best regards,
Randy
Maybe you are looking for
-
Sql Query Tuning. Please help me to tune this query
Hi All , I have this problematic Sql . It is taking huge time to execute. It contains a view CIDV, which i think is the bottleneck. I have pasted the query below. I will be pasting TKPROF and explain plan for the same. Please advice me to tune this q
-
PDF printable but not save-able?
Couple questions: With a standard PDF form created in Acrobat Pro, can user "save" completed PDF, or just the "template" (without filled-in fields)? On a regular PDF (non-form), is it possible to make it only "printable" and not "savable?" Thanks...
-
Ora-1445 rowid on subselect statement
Does anybody know what oracle component is missing if I get this error? Here is the statement that's giving an error: update GTT_CHART_TNX gtt set (gtt.meter_name, gtt.entry_sequence_number) = (SELECT new_name,entry_sequence_number FROM (SELECT (w.fi
-
How can I export data to excel sheet using jsf ..Any components available.. Thanks in advance.
-
2011 air with iPhone personal hotspot
Hi all, I have got a 2011 Macbook Air 13" and an iPhone 4, both up-to-date with Lion and iOS versions. I use the Personal Hotspot feature a lot. I have set it a a favourite Network on all my Macs but it does not behave 100% on the Air: with a Snow Le