Cisco Security Advisory: Access Point Memory Exhaustion from ARP Attacks
I recieved this Cisco Advisory e-mail today. I have 1200 access points that I upgraded yesterday to 12.3(7)JA2, in which this problem was corrected. In the advisory it states to upgrade to this software release and to make a configuration change on each radio interface. I made this change on Dot11Radio0 interface and it took. I have 2 more interfaces ( Dot11Radio0.2 and Dot11Radio0.75) in which I get an error when I try to make this configuration change. I don't quite understand these interfaces, so I would like to know if I really need to make this change on the other 2 interfaces or is making the change on the 1st one enough. Any information is certainly appreciated. Thanks, Laurie Coles
Since you have subinterfaces configured, you are apparently using
VLANs on your APs. The ARP table is only relevant for the VLAN
with the management IF, that is the native VLAN.
For all other VLANs it's simply bridging, therefore no ARP table,
and therefore this vulnerability doesn't apply here.
So your only concern should be the native VLAN, and unless you
need wireless access for managing your APs the best way for
securing this would be to not configure a SSID for this VLAN.
Then the only access to the AP would be over the Ethernet-IF.
The security advisory is more important for APs configured
without VLANs where wireless clients and the management IF
of the AP are in the same (W)LAN.
Similar Messages
-
Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service
Hello,
Question regarding the work around for the recent Cisco Security Advisory (cisco-sa-20070124). The link to this advisory is here:http://www.cisco.com/en/US/customer/products/products_security_advisory09186a00807cb0e4.shtml#vuln
The work around says to create an access-list for example:
access-list 150 permit tcp TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK
So trusted_hosts, is that the hosts on my network?
Infrastructure_addresses, is this my routers
I'm not sure what they are saying here. If anyone could shed some light, that would be great
Thanks
MikePretty close. Trusted hosts SHOULD be hosts that are A.,trusted and B., require access to those devices. So as an example "TRUSTES_HOSTS" could be management stations, admin desktops, or whatever is required to have access and you is "trusted". Ideally infrastructure address space should only be reachable from trusted users that need access and no one else. Infrastructure space would likely include addresses for routers, firewalls, switches , authentication servers, monitoring servers, basically anything that makes the network run and keeps it alive. Hope this helps.
-
Cisco 1142 Wireless access point intermittently will not authenticate
Hi all,
We have a Cisco 1142 standalone access point, and from time to time I will come into the office and it will not authenticate any users to either our guest or corporate networks. I then have to go in and reboot the access point. After that, it begins to work. Any advice? Here's my configuration below:
Current configuration : 6450 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname cisco-chiap01
logging monitor errors
enable secret 5 $1$fsD8$CU42/3/Up5AAlL4hQWvvg0
aaa new-model
aaa group server radius rad_eap
server 172.17.16.12 auth-port 1645 acct-port 1646
server 172.17.21.10 auth-port 1812 acct-port 1813
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
server 172.17.21.10 auth-port 1812 acct-port 1813
aaa group server radius rad_eap2
server 172.17.16.12 auth-port 1645 acct-port 1646
server 172.17.21.10 auth-port 1812 acct-port 1813
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login eap_methods2 group rad_eap2
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
login on-failure log
login on-success log
dot11 syslog
dot11 vlan-name Admin vlan 100
dot11 vlan-name DevNetwork vlan 20
dot11 vlan-name Guest vlan 150
dot11 vlan-name Network vlan 16
dot11 ssid DevNetwork
vlan 20
authentication open eap eap_methods2
authentication network-eap eap_methods2
authentication key-management wpa version 2
dot11 ssid Guest
vlan 150
authentication open
authentication key-management wpa version 2
guest-mode
mbssid guest-mode
wpa-psk ascii 7 142407060101380B013A3A2670435642
information-element ssidl advertisement
dot11 ssid Network
vlan 16
authentication open eap eap_methods2
authentication network-eap eap_methods2
authentication key-management wpa version 2
username monkeyman privilege 15 secret 5 $1$ZZ7C$rqimu2FNONdfeacMNGAD/.
bridge irb
interface Dot11Radio0
no ip address
ip helper-address 172.17.19.10
no ip route-cache
encryption mode ciphers aes-ccm
encryption vlan 16 mode ciphers aes-ccm
encryption vlan 150 mode ciphers aes-ccm
encryption vlan 20 mode ciphers aes-ccm
ssid DevNetwork
ssid Guest
ssid Network
antenna gain 0
parent timeout 120
speed 5.5 11.0 basic-6.0 9.0 12.0 36.0 48.0 54.0
packet retries 128 drop-packet
channel 2462
station-role root
rts threshold 512
rts retries 128
interface Dot11Radio0.11
encapsulation dot1Q 11
no ip route-cache
interface Dot11Radio0.16
encapsulation dot1Q 16 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
interface Dot11Radio0.150
encapsulation dot1Q 150
no ip route-cache
bridge-group 150
bridge-group 150 subscriber-loop-control
bridge-group 150 block-unknown-source
no bridge-group 150 source-learning
no bridge-group 150 unicast-flooding
bridge-group 150 spanning-disabled
interface Dot11Radio1
no ip address
ip helper-address 172.17.19.10
no ip route-cache
encryption vlan 16 mode ciphers aes-ccm
encryption vlan 150 mode ciphers aes-ccm
encryption vlan 20 mode ciphers aes-ccm
ssid DevNetwork
ssid Guest
ssid Network
antenna gain 0
traffic-metrics aggregate-report
dfs band 3 block
mbssid
parent timeout 120
speed 6.0 12.0 basic-24.0 36.0 48.0 54.0
channel width 40-above
channel dfs
station-role root access-point
interface Dot11Radio1.11
encapsulation dot1Q 11
no ip route-cache
interface Dot11Radio1.16
encapsulation dot1Q 16 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
interface Dot11Radio1.150
encapsulation dot1Q 150
no ip route-cache
bridge-group 150
bridge-group 150 subscriber-loop-control
bridge-group 150 block-unknown-source
no bridge-group 150 source-learning
no bridge-group 150 unicast-flooding
bridge-group 150 spanning-disabled
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
interface GigabitEthernet0.11
encapsulation dot1Q 11
no ip route-cache
interface GigabitEthernet0.16
encapsulation dot1Q 16 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface GigabitEthernet0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
interface GigabitEthernet0.100
encapsulation dot1Q 100
ip address 192.168.100.3 255.255.255.0
no ip route-cache
bridge-group 100
no bridge-group 100 source-learning
bridge-group 100 spanning-disabled
interface GigabitEthernet0.150
encapsulation dot1Q 150
no ip route-cache
bridge-group 150
no bridge-group 150 source-learning
bridge-group 150 spanning-disabled
interface BVI1
ip address 172.17.16.251 255.255.255.0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface GigabitEthernet0
access-list 1 permit 172.17.16.1
access-list 1 remark Admin network access
access-list 1 permit 192.168.100.0 0.0.0.255
radius-server attribute 32 include-in-access-req format %h
radius-server host 172.17.21.10 auth-port 1812 acct-port 1813 key 7 047958071C3561410D4A44
radius-server host 172.17.16.12 auth-port 1645 acct-port 1646 key 7 08045E471A48574446
radius-server host 172.17.21.10 auth-port 1645 acct-port 1646 key 7 1320051B185D56797F
radius-server timeout 15
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
access-class 1 in
endWhen the issue occurs does that affect both 2.4GHz & 5GHz devices ? I would see which band operating devices affected.
I noticed you have set CH11 under Radio 0 statically. I would prefer to configure it as below so AP can change the channel depend on the environment.
int d0
channel least-congested
HTH
Rasika
**** Pls rate all useful responses **** -
IPhone4 and Cisco Aironet 1141 access point - fail using WPAv2 Personal
I cannot get my iPhone4 (latest s/w) to connect to a Cisco Aironet 1141 access point if I specify WPAv2 Personal. It is a single access point without radius etc. I have no problems connecting using "no security", WEP or WPAv1. Is there a problem with the iPhone4 implementation of WPA2 as all my other PCs connect just fine on WPAv2?
With the Aironet 1141 I can switch security between WPAv1 & WPAv2 while keeping all other settings identical. Thus I can clearly demonstrate how the iPhone4 connects when both devices are set to WPAv1 yet will fail to connect when I switch both to WPAv2. As I have said, all other PCs I have connect via WPAv2 without any issues.I cannot get my iPhone4 (latest s/w) to connect to a Cisco Aironet 1141 access point if I specify WPAv2 Personal. It is a single access point without radius etc. I have no problems connecting using "no security", WEP or WPAv1. Is there a problem with the iPhone4 implementation of WPA2 as all my other PCs connect just fine on WPAv2?
With the Aironet 1141 I can switch security between WPAv1 & WPAv2 while keeping all other settings identical. Thus I can clearly demonstrate how the iPhone4 connects when both devices are set to WPAv1 yet will fail to connect when I switch both to WPAv2. As I have said, all other PCs I have connect via WPAv2 without any issues. -
Configuring Cisco Aironet 1100 Access Point. Please help!
Hi all,
I have dozens of Cisco Aironet 1100 access points, each is managing its own wi-fi with DHCP.
I had to disable dhcp on them because they are on a wired subnet where I am using the static IPs and don't want my wired clients to get DHCP addresses, nor someone to be able to plug the wire into own laptop and get on the network.
It's been working fine with one exception - I need to be able to ping my access points from the central site, and I can't.
What IOS command would enable ICMP echo on my access points in this case?
Please help!Hi all,
I have dozens of Cisco Aironet 1100 access points, each is managing its own wi-fi with DHCP.
I had to disable dhcp on them because they are on a wired subnet where I am using the static IPs and don't want my wired clients to get DHCP addresses, nor someone to be able to plug the wire into own laptop and get on the network.
It's been working fine with one exception - I need to be able to ping my access points from the central site, and I can't.
What IOS command would enable ICMP echo on my access points in this case?
Please help! -
Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
Hello Experts,
I need to rule out that we have affected openSSL version 1.0.1 running on our devices. I need to know what is the version of openSSL that is current on the following platforms:
Cisco PIX
Cisco FWSM
Cisco ISR
Cisco VPN Concentrator
I know ASA runs 0.9.8f and I know that PIX and Concentrator are very old, and they might run an older version, however for a security assessment I need to rule those out too.
Does anyone know what is the version for these platforms?
Thanks in advance.The definitive source is and will continue to be the Cisco Security Advisory. It has already been updated several times today. Please keep checking back to it at the following URL:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
That said, the Pix and VPN Concentrator development and code release ended prior to the release of openssl with the vulnerability so I would hazard an educated guess that you won't have any problems with respect to this particular vulnerability. THAT said, if you're concerned about security vulnerabilities why are you running products with associated code that has not had other documented bugs and vulnerabilities patched for at least several years?
The ISR G2 will almost certainly depend on the IOS level and whether you are using any of the ssl-related features. -
Java.security.AccessControlException: access denied when loading from a jar
Hello!
I am trying to deploy an applet into a browser but I have encountered a security problem.
The name of the applet is SWTInBrowser(not exactly mine, it's an example from the web).
package my.applet;
import org.eclipse.swt.awt.SWT_AWT;
import java.applet.Applet;
import java.awt.event.ActionListener;
import java.awt.event.ActionEvent;
import java.awt.Canvas;
import org.eclipse.swt.widgets.Shell;
import org.eclipse.swt.widgets.Display;
import org.eclipse.swt.SWT;
import org.eclipse.swt.widgets.Listener;
import org.eclipse.swt.widgets.Event;
import org.eclipse.swt.graphics.Point;
import org.eclipse.swt.layout.FillLayout;
public class SWTInBrowser extends Applet implements Runnable{
public void init () {
/* Create Example AWT and Swing widgets */
java.awt.Button awtButton = new java.awt.Button("AWT Button");
add(awtButton);
awtButton.addActionListener(new ActionListener () {
public void actionPerformed (ActionEvent event) {
showStatus ("AWT Button Selected");
javax.swing.JButton jButton = new javax.swing.JButton("Swing Button");
add(jButton);
jButton.addActionListener(new ActionListener () {
public void actionPerformed (ActionEvent event) {
showStatus ("Swing Button Selected");
Thread swtUIThread = new Thread (this);
swtUIThread.start ();
public void run() {
/* Create an SWT Composite from an AWT canvas to be the parent of the SWT
widgets.
* The AWT Canvas will be layed out by the Applet layout manager. The
layout of the
* SWT widgets is handled by the application (see below).
Canvas awtParent = new Canvas();
add(awtParent);
Display display = new Display();
Shell swtParent = SWT_AWT.new_Shell(display, awtParent);
// Display display = swtParent.getDisplay();
swtParent.setLayout(new FillLayout());
/* Create SWT widget */
org.eclipse.swt.widgets.Button swtButton = new
org.eclipse.swt.widgets.Button(swtParent, SWT.PUSH);
swtButton.setText("SWT Button");
swtButton.addListener(SWT.Selection, new Listener() {
public void handleEvent(Event event){
showStatus("SWT Button selected.");
swtButton.addListener(SWT.Dispose, new Listener() {
public void handleEvent(Event event){
System.out.println("Button was disposed.");
// Size AWT Panel so that it is big enough to hold the SWT widgets
Point size = swtParent.computeSize (SWT.DEFAULT, SWT.DEFAULT);
awtParent.setSize(size.x + 2, size.y + 2);
// Need to invoke the AWT layout manager or AWT and Swing
// widgets will not be visible
validate();
// The SWT widget(s) require an event loop
while (!swtParent.isDisposed()) {
if (!display.readAndDispatch()) display.sleep ();
}It works perfectly in the Applet Viewer, but not in the browser. In the browser, I only get two buttons working, the SWT button doesn't appear, because of this error:
Exception in thread "Thread-21" java.lang.ExceptionInInitializerError
at org.eclipse.swt.widgets.Display.<clinit>(Display.java:130)
at my.applet.SWTInBrowser.run(SWTInBrowser.java:52)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission sun.arch.data.model read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at org.eclipse.swt.internal.Library.loadLibrary(Library.java:167)
at org.eclipse.swt.internal.Library.loadLibrary(Library.java:151)
at org.eclipse.swt.internal.C.<clinit>(C.java:21)
... 3 moreI have exported the application in a jar, and in that jar I have put the swt.jar that the application need for the displaying of the third button, swt button.
Here is also the HTML file:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Cp1252"/>
<title>
Test
</title>
</head>
<body>
<p>
<applet code="my.applet.SWTInBrowser"
archive="Test.jar"
width="1400" height="800">
</applet>
</p>
</body>
</html>Could anyone please help me solve this problem?This is in reply to the first post. I don't know what happened after.
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission sun.arch.data.model read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at org.eclipse.swt.internal.Library.loadLibrary(Library.java:167)
at org.eclipse.swt.internal.Library.loadLibrary(Library.java:151)
at org.eclipse.swt.internal.C.<clinit>(C.java:21)
If you read the above trace from bottom to top, it shows none of you classes, only classes from that Eclipse library, which seems to loadLibrary() a native DLL. In order to do this, it needs to call System.getProperty( "sun.arch.data.model" ). This call is not allowed from un unsigned applet. So I guess you need to sign the applet and this problem will go away. Many other problems may follow. Just read very very carefully all the related documentation, which I did not. -
Configuring Cisco Air 1142N Access point.
Hi Guys
I have been struggling to configure a cisco airnet AIR-LAP1142N-E-K9 access point.
this is not my first time as I have configured similar accesspoints before.
the access point gets an IP from the dhcp server. I can ping the access point over the network.
However, when I type in the ip in the web browser, nothing comes up. there is no proxy issue.
the console(hyperterminal, connected through serial cable) shows the following error message:
%CAPWAP-3-ERRORLOG: COULD NOT RESOLVE CISCO-LWAPP-CONTROLLER
Many thanks
MoHi,
2106/12/25 will support 7.0.xx code. It will also support all existing APs including 3500,1140,1040.
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7_0_116_0.html
I don't think it is EOS atleast does not say on the website :
http://www.cisco.com/en/US/products/ps7206/prod_eol_notices_list.html
Deciding on whether you need a WLC or not is upto your budget and what features you need on your Wireless Infrastructure.. If you have $$ to spend I would recommend going in for 2504. If not you can configure them in standalone and you can always buy a WLC based system in future given you only have 3 APs.
If you need IOS code, you can either approach
1) Your reseller or
2) Cisco SE
3) Call TAC support and ask CIN agent to grant access to CCO code based on what you purchased. Also explain your situation.
Link: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
You can also follow this thread to upgrade :
https://supportforums.cisco.com/message/3477595#3477595
Thanks..salil -
Cisco AIR-CAP3602I access point conversion
Hello Group,
I have a 3602i access point and have been looking to see if it was possible to load a Mesh AP image on the AP?Hello,
Agree with George. You can set the ap to mesh by changing its mode to bridge. you can change the mode from gui:
Wireless -> your ap -> ap mode.
HTH
Amjad
Sent from Cisco Technical Support iPad App -
Multiple Cisco Aironet 1131AG access points and same SSID?
We have multiple Cisco Aironet 1131AG devices, all wired on one Cisco L2 switch(2560) who is connected to L3 switch (3550). We assigned one VLAN for access point in L3 switch who acts as vtp server (L2 switch is vtp client). All ap's will have static ip address and all will have same SSID and no security and they will be using multiple channels (ex. 1,6,11). They will operate in 3 floor building for roaming wireless client. We won't using any wireless controller.
So my question is this: How to configure APs-all the same with different ip's, can we use L3 switch to create dhcp server for access points VLAN (pool for clients, and the rest for static ip for ap's)? Can one of the ap's be WDS and in the same time local radius server with users without Cisco Secure ACS or similar controller or I didn't understand this quite well :-). I followed guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32roamg.html for WDS where the part abou Cisco ACS is a problem, so I can use same ap as Local Authenticator as in guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_4_JA/configuration/guide/s34local.html#wp1035723.
Many thanks...Well, just so you know, WDS and local RADIUS authentication is only needed if you're using authentication on your wireless connection. You say you're not planning to use security, so this isn't necessary. However, I'd highly recommend at least using a simple WPA2-PSK to lock down your connection, otherwise you might end up giving free Internet access at best, and at worst you might be giving access to company PCs and servers. If you want to further use an 802.1x or WPA authentication method, then yes, you can use an AP as a RADIUS server and WDS to improve authenticated roaming, but this is far more limited than using a Cisco ACS.
As for your other questions, yes, your APs can all be configured the same except for at least three parameters: IP address, channel, and hostname. Configure your static IP addresses on the AP's BVI1 interface. Don't place it on the Radio or Ethernet interfaces, because if either of these interfaces goes down you'll lose the ability to configure the AP, so it's best to use the BVI1 interface.
And yes, configuring a DHCP scope for your clients on your L3 switch is a good design, or you could also use your DHCP server on a different subnet by using the ip helper-address command on the L3 interface. I hope this helps! Let me know if you need help configuring any of this.
Merry Christmas!
Jeff -
RE: How to secure an access point signal.
Hi everyone,
I have difficulty making my access point wireless signal secure. My network setup is simple, Modem to Router to Homeplug 1st floor, (secure wireless signal),
2nd floor (secure signal). Problem when comes to 3rd floor, signal too weak, so I place Homeplug to Access Point. (wireless works well but not secured).
Tried calling D-link support but was told that I need to fix static IP address before things can work. What the **** is that? Was told many technical issue about sub-net different, etc. Lastly the setup disc don't work with a Mac. (HaHa).
Thank you all in advance for the solution.How are you going to connect them? cat5 or coax?
cat5 instructions:
Can I use my wireless or an extra router along with the Verizon provided router?
coax instructions:
Can I get an ethernet connection in a room with only coax? -
Symbol Netvision Phone w/Cisco 1200 series Access Point
I am running 802.11b access point my phone can associate and get an ip address from my call manager but I keep getting "not registered" "registered". I and then I lose association to the access point. I have 2 vlans on one access point one for voice and one for data. Please let me know if someone has a work around or a fix.
StanStan,
Sounds like you have an interference problem.
What did your site survey show up in terms of other AP's and overlapping coverage areas ? Try a new channel that has the 2 channel separation from other busy channels and maybe even try a new/better placement of the AP
effectivly what you have now is the equivalent of pulling out the cable and plugging it back in constantly on a standard IP phone this means you will not be able to make calls
What firmware you running on the AP ? -
Cisco AIR-AP521 Access Point Disconnects Frequently
Dear All,
I have a problem in my environment. My Cisco Access Point AIR-AP521 disconnets every few days and I have to restart the access point to make it work. The System Software Version is 12.4(21a)JA1 and it is acting as a access point. The lastest event logs does not show any critical logs. I am sure that there is no electricity or switch related problem.
Please help me in fixing our this problem.
Tks,
UsmanUpgrade the software to 12.4(21a)JY and see if the issue reoccurs!!
Regards
Surendra -
Regulary disconect at CISCO Wi-Fi access point
We use CISCO access point in out office (AIR-LAP1142N-E-K9). All apple devices which use WI-FI regulary drop connection.
We have addressed this issue to CISCO support with system logs and remote access to device. The found out that Apple devices are sending disconnect command to router, so CISCO support claims that problem is in apple devices compatibility with CISCO AIR-LAP1142N-E-K9.
Did anyone had this issue before? And what would you advice to solve this?hi Max, we are having something similiar yet disssimilar - we use 2 factor authentication using an RSA token
Our issue is that wifi does not resume if you go to sleep mode (lid closed) for like 30 sec to a few minutes and we are forced to re-authenticate. It used to work fine on OSX 10.6.
.... on 10.6, the wifi "resumes" fine after coming out of sleep.
... we lose the connection after going to sleep mode on 10.7 and 10.8 and forced to re-enter RSA credentials....
Did you resolve your issue? -
Replacement for Cisco AIR-AP1120B Access Point.
Since the AIR-AP1120B is no longer available (new) what replaces it?
The 1120 was replaced by the 1130. The 1130 will be replaced by the 1140. You can still purchase the 1130 and 1140 has been available since mid-2009. The main difference for the two is the latter, the 1140, supports 802.11n.
Cisco Aironet 1130AG 802.11 A/B/G Series Access Point
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps6087/product_data_sheet0900aecd801b9058.html
Cisco Aironet 1140 802.11 N Series Access Point
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10092/datasheet_c78-502793.html
If you find my post helpful in any way, please feel free to rate. Thank you.
Maybe you are looking for
-
Some web pages do not stop loading
When I am browsing the internet certain web pages do not stop loading at all; the activity icon rotates continuously and when this happens my CPU loads go to around 25-30% continuously across all my cores (2 or 4 depending on the machine I am using)
-
Another Overheated MacBook Victim: Swollen Book
I just got my new MacBook a week ago. Yesterday when I was doing some cleaning to the bottom surface of the Mac, I found some scratches on a particular spot (somewhere below the letter D on the keyboard). I was pretty sure that the machine came scrat
-
Don't have sync option for mail on my n8 since ann...
Hi, I am first time in discussions,so if I'm doing something wrong I am sorry. I have problem with my N8 since I got Anna update.I cannot sync my mail(on my n8) with my mail.Before update I had sync option and what I did was just to choose sync and n
-
Can't Watch YouTube on iPhone 3G while using WiFi?
Ever since I got my iPhone 3G I cant watch any YouTube videos while connected to WiFi - it always says "This movie cannot be played". However while connected to Edge / 3G it works fine. It worked just fine on my old iPhone. Is there anyway to fix thi
-
hi, i am using the next code: dibujos_XML = new XML(_loader.data); var _dibujos:XMLList = dibujos_XML.children(); var _dibujo_id:Number; for each (var _dibujo:XML in _dibujos) { if (_dibujo.localNam