DHCP Server in non-glocal zone
Is there anyway to run a DHCP server in a non global zone ? Can you give a zone access to a networking device such as qfe3 so dhcpd can catch and respond to requests ?
Thanks
Actually, the DHCP server doesn't need direct access to the networking device. However, it currently doesn't work with logical interfaces and zones only expose logical interfaces. Adding this support to the DHCP server is currently under consideration.
Blaise
Similar Messages
-
Hi,
is it possible for SF/SG300 switches to be used as DHCP server for non-management VLAN-s.
The switch has VLAN1 as management VLAN - has IP address assigned.
The switch has additional VLAN - VLAN200 and I'd like SG300 to act as DHCP server for clients on this VLAN.
Is this possible at all?Hi Jernej, the switch must operate in layer 3 mode. You can enable dhcp server per vlan.
To qualify to make a DHCP pool for a layer 3 vlan, none of the vlan interface can have an IP address issued via DHCP, so you vlan 1 and 200 must have a static ip address assigned. The vlan 1 does not require dhcp server configured for vlan 200 to have one.
Here is a sample configuration
config t
vlan database
vlan 200
exit
interface vlan 1
ip address 192.168.100.137 255.255.255.0
no ip address dhcp
exit
interface vlan 200
ip address 192.168.99.1 255.255.255.0
exit
ip dhcp server
ip dhcp pool network test
address low 192.168.99.1 high 192.168.99.254 255.255.255.0
default-router 192.168.99.1
dns-server 8.8.8.8
-Tom
Please mark answered for helpful posts -
Windows 2003 DHCP server merge to Solaris 10
Does anyone ever tried to merge a Windows2003 DHCP server to Solaris 10? Especially running this DHCP server in a solaris zone?
I have an old windows 2003 server with 100 DHCP clients that needs be be transported to Solaris so we can get rid of this Windows machine.
Is it possible to read the DHCP backupfile from windows2003 with Solaris?Troy H wrote:
> Hi,
>
> I have an issue where I do not see SLP being deployed successfully from
> a Windows Server's DHCP scope options. All of the other options come
> through.
>
> I followed this MS doc: http://support.microsoft.com/kb/285019
>
> As far as I can tell, it's setup correctly.
> Has anyone else setup SLP Options in MS and gotten them to work?
> Thank you,
> Troy
Okay, more information:
Workstations that are imaged will receive SLP information as long as the
Zen agent hasn't been installed.(using latest Zen7SP1 Postpatch)
Once you install the Zen agent you will no longer receive SLP via DHCP.
Note that the Novell Client version can be 491 to 491 SP3.
However, if you rename the C:\windows\system32\novell\novdhcp.dll file,
you'll resume getting SLP info from DHCP.(TID 10093676)
Pretty strange, eh? -
Does anyone know how the internal DHCP server in these access points connects to virtual interfaces and bridges in the unit?
Is there some sort of default connection that connects the DHCP server to the native bridge group or VLAN?
In a test case, with an SSID in the native VLAN and bridge group, the 1702i serves an IP address to a wireless client no problem. But with a second SSID in a non native VLAN and bridge group, no IP gets served. My only guess is that since the bvi1 defaults to the native bridge group and VLAN, sub-interfaces also in this group are assumed to be in the same subnet as bvi1, or in this case:
interface bvi1
ip address 192.168.1.205 255.255.255.0
no ip route-cache
exit
It would be the ..1. subnet.
Since the dhcp pool is set as:
ip dhcp pool GeneralWiFi
network 192.168.1.0 255.255.255.0
lease 1
default-router 192.168.1.1
dns-server 8.8.8.8
exit
There may be an assumption that anything bvi1 can talk to is in the ..1. subnet, so the above pool gets activated on a request coming through bvi1.
Is the DHCP server just hanging out waiting for a request from an "area" that is assumed to be on the same subnet as the given pool?
Do I need to somehow show the device what subnet the 2nd SSID/ subinterfaces are in so the internal DHCP server can decide it needs to go to work, or is there some sort of bridging between the DHCP server and the interfaces that needs to be done? I am trying to use the same DHCP pool for the second subnet at this point, since I assume I will need another router to service an additional subnet and DHCP pool.Keep in mind that DHCP is a broadcast packet to start. So the AP can only listen in the subnet that it has an IP address for.
Now, for any other subnet you can use the AP for DHCP but you have to have an IP helper address on your L3 pointing back to the AP.
That being said, I wouldn't use the DHCP server on the AP as it is limited. You'd be better off using a Microsoft server or some other device that is designed for DHCP.
HTH,
Steve -
Non-Airport DHCP Server in Gateway mode...
Hello:
I've searched the forums, and found that what I need doesn't seem to be supported... but I'm going to bring it up again in hopes that Apple will see this need, and look into updates...
I run Mac OS X Server on my network. I would like to use the DHCP server supplied by Apple (with all the relevant bells and whistles associated with it) in Mac OS X Server... but I also want to use my shiny new Airport Extreme (N, Gig) as the internet gateway on my network.
There is no way to suppress the DHCP server on the Airport if I want to "share a public IP Address"... and as we all know... two DHCP servers on the same Layer 2 network is a bad, bad thing.
Will Apple help me use Apple's products? Please!!!
- matthewk
Message was edited by: KrawNETI solved the problem in my network.
But it only works if the IP ends with "1" is not in use (by the server e.g.).
DHCP on my server works with IPs from 192.168.x.150 to 192.168.x.199
DHCP on the Airport Express only works with 192.168.x.200
By doing this, the router (Airport Express) gets the IP 192.168.x.1 (it always gets the "1").
In DHCP on my server I changed the router adress to 192.168.x.1
The 192.168.x.200 adress from the Airport Express DHCP I gave to my iPhone fix.
So all other clients in the net still get IPs and all other information from the server`s DHCP.
Btw. in the server`s DHCP log there where just two lines saying, that "dhcpd: host 1,00:00:00:00:00:00 ...(my iPhone)... declines IP 192.168.x.200 from server 192.168.x.1" and "dhcpd: INIT-REBOOT host 1,00:00:00:00:00:00 binding for 192.168.x.200 with another server" nothing more ans so there are no problems. -
E4200 1.0.03 DHCP server buggy
The e4200 1.0.03 DHCP server appears to be quite buggy. After configuring a static IP / reservation for a client which already had a dynamic IP from the pool, the e4200 continued to offer this client its pool IP. However, the DHCP client listing in the e4200 showed the client having the static IP even though it was still being offered that pool address.
This may sound like user error, but I can assure you, it is not. I have had a very frustrating experience with this product, and rather than fool with tech support again, I ran `tcpdump -e -s1600 -n -vvvv -i eth0 port bootpc or port bootps` to absolutely rule out a mistake on my part, bug in the DHCP client, etc. I found that the client was always offered that old IP, even thought the e4200 status display showed the "new" static one, after doing a DHCPDISCOVER without requesting a specific IP. This condition persists across e4200 reboots even after having the client release its lease!
I finally was able to resolve this by forcing the client to request the static IP from the e4200.
This is unquestionably a bug in the DHCP server, and additionally, the user interface does not show the real state of the underlying DHCP leases held by clients which have static addresses / reservations. Troubleshooting this condition is well beyond the abilities of the average user.
I hope Cisco will include a fix for this in the next firmware revision.
EDIT: firmware 1.0.03 build 14 checksum 4e7c9a89ae4667b225b425ee4e55b95egv, no, you are incorrect. I will provide another packet dump. Below you can see my machine releasing its lease (for .138, it got this IP AGAIN after having the correct one until a reboot) and then doing a new DISCOVER. The directed IP packet does not result from a presumably active lease.
colossus jsw # tcpdump -e -s1600 -n -vvvv -i eth0 port bootpc or port bootps
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1600 bytes
01:42:32.364073 8c:89:a5:61:4a:bd > 58:6d:8f:a0:1f:4b, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 328)
172.19.87.138.68 > 172.19.87.1.67: [udp sum ok] BOOTP/DHCP, Request from 8c:89:a5:61:4a:bd, length 300, xid 0x22796c25, Flags [none] (0x0000)
Client-IP 172.19.87.20
Client-Ethernet-Address 8c:89:a5:61:4a:bd
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Release
Server-ID Option 54, length 4: 172.19.87.1
Hostname Option 12, length 8: "colossus"
END Option 255, length 0
PAD Option 0, length 0, occurs 40
01:43:21.988216 8c:89:a5:61:4a:bd > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 8c:89:a5:61:4a:bd, length 300, xid 0x86572644, Flags [none] (0x0000)
Client-Ethernet-Address 8c:89:a5:61:4a:bd
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Hostname Option 12, length 8: "colossus"
Parameter-Request Option 55, length 17:
Subnet-Mask, BR, Time-Zone, Default-Gateway
Domain-Name, Domain-Name-Server, Option 119, Hostname
Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route
NTP, Classless-Static-Route, Classless-Static-Route-Microsoft, Option 252
NTP
END Option 255, length 0
PAD Option 0, length 0, occurs 27
01:43:22.029027 8c:89:a5:19:38:33 > 8c:89:a5:61:4a:bd, ethertype IPv4 (0x0800), length 344: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 330)
172.19.87.100.67 > 172.19.87.138.68: [udp sum ok] BOOTP/DHCP, Reply, length 302, xid 0x86572644, Flags [none] (0x0000)
Your-IP 172.19.87.138
Server-IP 172.19.87.100
Client-Ethernet-Address 8c:89:a5:61:4a:bd
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: 172.19.87.100
Lease-Time Option 51, length 4: 7200
Subnet-Mask Option 1, length 4: 255.255.255.0
BR Option 28, length 4: 172.19.87.255
Default-Gateway Option 3, length 4: 172.19.87.2
Domain-Name Option 15, length 10: "zoemai.com"
Domain-Name-Server Option 6, length 8: 74.128.17.114,74.128.19.102
NTP Option 42, length 4: 72.8.156.155
END Option 255, length 0
01:43:22.029196 8c:89:a5:61:4a:bd > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 8c:89:a5:61:4a:bd, length 300, xid 0x86572644, Flags [none] (0x0000)
Client-Ethernet-Address 8c:89:a5:61:4a:bd
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
Server-ID Option 54, length 4: 172.19.87.100
Requested-IP Option 50, length 4: 172.19.87.138
Hostname Option 12, length 8: "colossus"
Parameter-Request Option 55, length 17:
Subnet-Mask, BR, Time-Zone, Default-Gateway
Domain-Name, Domain-Name-Server, Option 119, Hostname
Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route
NTP, Classless-Static-Route, Classless-Static-Route-Microsoft, Option 252
NTP
END Option 255, length 0
PAD Option 0, length 0, occurs 15
01:43:22.032137 58:6d:8f:a0:1f:4b > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 328)
172.19.87.1.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x86572644, Flags [Broadcast] (0x8000)
Server-IP 172.19.87.1
Client-Ethernet-Address 8c:89:a5:61:4a:bd
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: NACK
Server-ID Option 54, length 4: 172.19.87.1
MSG Option 56, length 31: "requested address not available"
END Option 255, length 0
PAD Option 0, length 0, occurs 17
01:43:22.109602 8c:89:a5:19:38:33 > 8c:89:a5:61:4a:bd, ethertype IPv4 (0x0800), length 344: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 330)
172.19.87.100.67 > 172.19.87.138.68: [udp sum ok] BOOTP/DHCP, Reply, length 302, xid 0x86572644, Flags [none] (0x0000)
Your-IP 172.19.87.138
Server-IP 172.19.87.100
Client-Ethernet-Address 8c:89:a5:61:4a:bd
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 172.19.87.100
Lease-Time Option 51, length 4: 7200
Subnet-Mask Option 1, length 4: 255.255.255.0
BR Option 28, length 4: 172.19.87.255
Default-Gateway Option 3, length 4: 172.19.87.2
Domain-Name Option 15, length 10: "zoemai.com"
Domain-Name-Server Option 6, length 8: 74.128.17.114,74.128.19.102
NTP Option 42, length 4: 72.8.156.155
END Option 255, length 0
01:43:23.031008 58:6d:8f:a0:1f:4b > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 328)
172.19.87.1.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x86572644, Flags [none] (0x0000)
Your-IP 172.19.87.20
Client-Ethernet-Address 8c:89:a5:61:4a:bd
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: 172.19.87.1
Lease-Time Option 51, length 4: 86400
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 172.19.87.1
Domain-Name Option 15, length 10: "zoemai.com"
Domain-Name-Server Option 6, length 12: 74.128.17.114,74.128.19.102,172.19.87.1
END Option 255, length 0
PAD Option 0, length 0, occurs 6 -
Remote access VPN with ASA 5510 using DHCP server
Hi,
Can someone please share your knowledge to help me find why I am not able to receive an IP address on remote access VPN connection while I can get an IP address on local DHCP pool?
I am trying to setup remote access VPN with ASA 5510. It works with local dhcp pool but doesn't seem to work when I tried using an existing DHCP server. It is being tested in an internal network as follows:
ASA Version 8.2(5)
interface Ethernet0/1
nameif inside
security-level 100
ip address 10.6.0.12 255.255.254.0
ip local pool testpool 10.6.240.150-10.6.240.159 mask 255.255.248.0 !(worked with this)
route inside 0.0.0.0 0.0.0.0 10.6.0.1 1
crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dyn1 1 set transform-set FirstSet
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface inside
crypto isakmp enable inside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
vpn-addr-assign aaa
vpn-addr-assign dhcp
group-policy testgroup internal
group-policy testgroup attributes
dhcp-network-scope 10.6.192.1
ipsec-udp enable
ipsec-udp-port 10000
username testlay password *********** encrypted
tunnel-group testgroup type remote-access
tunnel-group testgroup general-attributes
default-group-policy testgroup
dhcp-server 10.6.20.3
tunnel-group testgroup ipsec-attributes
pre-shared-key *****
I got following output when I test connect to ASA with Cisco VPN client 5.0
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDO
4024 bytesR copied in 3.41 0 secs (1341 by(tes/sec)13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 853
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ke payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ISA_KE payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing nonce payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received xauth V6 VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received DPD VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Fragmentation VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, IKE Peer included IKE fragmentation capability flags: Main Mode: True Aggressive Mode: False
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received NAT-Traversal ver 02 VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Cisco Unity client VID
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, Connection landed on tunnel_group testgroup
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing IKE SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, IKE SA Proposal # 1, Transform # 9 acceptable Matches global IKE entry # 1
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ISAKMP SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ke payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing nonce payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Generating keys for Responder...
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Cisco Unity VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing xauth V6 VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing dpd vid payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Traversal VID ver 02 payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Fragmentation VID + extended capabilities payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 440
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing notify payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Received Cisco Unity client VID
Jan 16 15:39:21 [IKEv1]: Group = testgroup, I
[OK]
kens-mgmt-012# P = 10.15.200.108, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 87
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing MODE_CFG Reply attributes.
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary DNS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary DNS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary WINS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary WINS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: IP Compression = disabled
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Split Tunneling Policy = Disabled
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Setting = no-modify
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Bypass Local = disable
Jan 16 15:39:26 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, User (testlay) authenticated.
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 60
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg ACK attributes
Jan 16 15:39:27 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=49ae1bb8) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 182
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg Request attributes
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 address!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 net mask!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DNS server address!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for WINS server address!
Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Received unsupported transaction mode attribute: 5
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Banner!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Save PW setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Default Domain Name!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split Tunnel List!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split DNS!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for PFS setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Browser Proxy Setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for backup ip-sec peer list!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Smartcard Removal Disconnect Setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Application Version!
Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Client Type: WinNT Client Application Version: 5.0.07.0440
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for FWTYPE!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DHCP hostname for DDNS is: DEC20128!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for UDP Port!
Jan 16 15:39:32 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected. No last packet to retransmit.
Jan 16 15:39:37 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=b04e830f) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 84
Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing hash payload
Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing notify payload
Jan 16 15:39:37 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected. No last packet to retransmit.
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE received response of type [] to a request from the IP address utility
Jan 16 15:39:39 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Cannot obtain an IP address for remote peer
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE TM V6 FSM error history (struct &0xd8030048) <state>, <event>: TM_DONE, EV_ERROR-->TM_BLD_REPLY, EV_IP_FAIL-->TM_BLD_REPLY, NullEvent-->TM_BLD_REPLY, EV_GET_IP-->TM_BLD_REPLY, EV_NEED_IP-->TM_WAIT_REQ, EV_PROC_MSG-->TM_WAIT_REQ, EV_HASH_OK-->TM_WAIT_REQ, NullEvent
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE AM Responder FSM error history (struct &0xd82b6740) <state>, <event>: AM_DONE, EV_ERROR-->AM_TM_INIT_MODECFG_V6H, EV_TM_FAIL-->AM_TM_INIT_MODECFG_V6H, NullEvent-->AM_TM_INIT_MODECFG, EV_WAIT-->AM_TM_INIT_XAUTH_V6H, EV_CHECK_QM_MSG-->AM_TM_INIT_XAUTH_V6H, EV_TM_XAUTH_OK-->AM_TM_INIT_XAUTH_V6H, NullEvent-->AM_TM_INIT_XAUTH_V6H, EV_ACTIVATE_NEW_SA
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE SA AM:bd3a9a4b terminating: flags 0x0945c001, refcnt 0, tuncnt 0
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, sending delete/delete with reason message
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing IKE delete payload
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:39 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=9de30522) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
Regards,
LayFor RADIUS you need a aaa-server-definition:
aaa-server NPS-RADIUS protocol radius
aaa-server NPS-RADIUS (inside) host 10.10.18.12
key *****
authentication-port 1812
accounting-port 1813
and tell your tunnel-group to ask that server:
tunnel-group VPN general-attributes
authentication-server-group NPS-RADIUS LOCAL
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni -
Can I use my WRT54G as a DHCP server only? I've got 5 dynamic IP's from Time Warner..
Hi everyone, I'm wondering if I can use my WRT54G as a DHCP server only only my network, without having to have any of my PC's plugged into it's router ports? I looked at the settings but I couldn't get it to work.
Here's why: I just got Time Warner Business Class cable internet which comes with 5 dynamic IP's. I want each computer, well 4 of them at least and 1 for the WRT54G, to have a unique IP when accessing the internet, and the other computers (5 more computers) to use the DHCP server in the WRT54G to get a NAT IP for use on the internet.
We play Diablo II on the internet and only 4 computers can be connected through 1 IP, so that limits us in my current configuration.
Current Equipment: One WRT54G, one Netgear GS116 16 port gigabit non-managed switch. One Time Warner Cable modem. Also attached to the network is one HP network printer, a Buffalo LinkStation NAS and a Zensonic Network DVD player.
Current config: Cable modem --> WRT54G --> Netgear switch.
Ideal config: Cable modem --> Netgear switch --> WRT54G.
With my current config, I am not taking advantage of the 5 dynamic IP's, but all the computers connected to the Netgear switch or the WRT54G can connect to the internet and the NAS.
So my ideal config (where I don't have to buy anything and where all the computers can print and access the NAS) is to connect all the computers and devices to the Netgear Switch and somehow force 4 of the computers and the WRT54G to get a dynamic IP from the cable modem, while the other computers and devices use the DHCP server on the WRT54G to get to the internet.
Is this possible?
I called Time Warner Cable and they weren't any help. I called the Linksys sales department and they weren't of much help either.
I suppose that I could purchase a new 8 port switch and attach 4 computers, the cable modem and the WRT54G to it. Then attach the Netgear to the WRT54G to accomodate the printer, NAS, and the other 5 computers. But in that senario, the 4 computers connected to the new switch can't print and can't reach the NAS. And geez, some computers would have to go through 3 devices to reach the internet, which has got to slow them down.
I did read about the Linksys EFG120 which has a DHCP server, but at $400 and only 120 gigs, it doesn't work for me.
I called Time Warner and the cost of more dynamic IP's is prohibitive, I'm already paying $79 a month for this internet and they want another $50 a month for 7 more dynamic IP's and that wouldn't help my NAS or my printer.
The cost of a 16 port gigabit switch with DHCP is an amazing $800 or so, which is out of the question.
Sorry for being so long winded and thanks for reading this far. I'm looking forward to any replies.That is a hell of a setup. I don't know if it would be easier and cheaper to either buy a real router like a Cisco, get fixed IP addresses and a RV042, or buy 4 network cards for the four of the five computers which need the internet access for gaming.
O.K. First your setup:
1. You wire the modem to the 6-port switch.
2. You connect the remaining 5 ports with the WAN ports of 5 WRTs with DHCP on the WAN interface.
3. You configure each WRT with unique LAN IP addresses in the same subnet, e.g. 192.168.1.1/255.255.255.0, 192.168.1.2, 192.168.1.3, 192.168.1.4, 192.168.1.5.
4. You turn off all DHCP servers except on one, e.g. 192.168.1.1. That router will be the default router and internet connection for any client which gets dynamic LAN addresses (as fallback or guests, I would not configure the NAS or printer with DHCP addresses if you have everything else on static IP addresses). You can certainly disable all DHCP servers if you want, too.
5. Now you connect all WRTs with each other.
5a. You connect port 1 of the 1st WRT with port 1 of the 2nd.
You connect port 2 of the 2nd with port 1 of the 3rd.
Port 2 of the 3rd with port 1 of the 4th.
Port 2 of the 4th with port 1 of the 5th.
(Do not create a loop connecting port 2 of the 5th with port 2 of the 1st!!)
5b. You buy another switch and connect each port 1 of each router with this switch. This has the advantage that you don't have a long cascade between the 1st and the 5th router like in 5a.
6. You connect all devices to the LAN.
6a. If you did 5a, you will probably put each computer to the router which internet connection it uses. The NAS and printer could go anywhere.
6b. If you did 5b, you hopefully bought a 16 or 24 port switch. Then you plug simply everything into that switch. Otherwise you can certainly use the free ports of the WRTs like in 6a.
7. You configure all your devices with static IP addresses. For instance,
IP 192.168.1.11
netmask 255.255.255.0
gateway 192.168.1.1
For the DNS servers I would highly recommend to use the DNS servers of your ISP directly and not use the relay on 192.168.1.1.
The gateway address defines through which router the computer connects to the internet.
8. You may still have to configure port forwardings on the router to the game computer if required for the game.
An interesting alternative to this setup might be to buy 4/5 network cards for the 4/5 computers with direct internet access. Then you use the one network card to connect to your single LAN behind your single WRT. The other network card goes into the switch behind the modem and has direct internet access. You then have to tell Windows which of the network cards has the default gateway for the internet connection (to prevent routing all traffic through the LAN and the WRT to the internet). One game computer would have to be behind the WRT. -
DHCP Setup across multiple VLANs on RV325 - DHCP Server only working on VLAN 1
I have multiple VLAN subnets defined on my RV325 - when I try and utilize a DHCP Server on each VLAN, it only seems to be issuing IP Addresses to clients on VLAN ID 1. When I first set this up months ago, I thought I had tested it providing IP Addresses via the other subnets. Now that I am trying to do so, it isn't working "as expected". Example - I am using VLAN 25 as the GuestWireless subnet utilizing a separate 802.11n WAP that is set to Bridge connections to the IP Address of the VLAN interface. Devices are able to connect to the WAP, but end up with a self-assigned IP Address 169.x.x.x address. There has to be an easy fix to this, but I seem to be "stuck" figuring out what it is…pointers/redirects appreciated. Thanks!
Thanks - I've already reviewed that information before I posted. I've been working with DHCP since the mid-90's, so I'm comfortable with the settings/configuration I need to leverage to make this work via other means using various Network-based OSes.
I'm wondering if there are other options in configuring this device that can impact the ability to dynamically serve IP addresses on a VLAN/subnet-by-VLAN/subnet basis.
As I did more testing, I discovered when I reserved an IP Address via the IP & MAC Binding option within the DHCP Settings, those devices would receive their static reservations and work as expected, so the problem seems to be leveraging the DHCP Pool for devices connecting to VLANs other that VLAN 1.
Any ideas as to why the DHCP Pool's are "non-functioning" for the other VLANs is greatly appreciated...
Each VLAN is setup with a separate DHCP Server configuration as shown below:
VLAN ID = 1 (Default, Inter VLAN Routing = Enabled, LAN1-6 = Untagged, LAN7=Tagged, LAN8=Excluded, LAN9-14 Untagged)
Device IP Address = 172.16.xxx.1
Subnet Mask = 255.255.255.0
DHCP Mode = DHCP Server
Remote DHCP Server = 0.0.0.0
Client Lease Time = 1440 min
Range Start = 172.16.xxx.100
Range End = 172.16.xxx.199
DNS Server = Use DNS as Below
Static DNS 1 = 208.67.222.222
Static DNS 2 = 208.67.220.220
WINS Server = 0.0.0.0
Correctly serving IP Addresses via DHCP (both static and dynamic) to Wired devices & Wireless devices connecting through WAP (set to Bridge)
VLAN ID = 25 (GuestWireless, Inter VLAN Routing = Disabled, LAN1-LAN7 = Excluded, LAN8 = Untagged, LAN9-14 = Excluded)
Device IP Address = 172.16.yyy.1
Subnet Mask = 255.255.255.0
DHCP Mode = DHCP Server
Remote DHCP Server = 0.0.0.0
Client Lease Time = 1440 min
Range Start = 172.16.yyy.100
Range End = 172.16.yyy.199
DNS Server = Use DNS as Below
Static DNS 1 = 208.67.222.222
Static DNS 2 = 208.67.220.220
WINS Server = 0.0.0.0
NOT serving dynamic IP Addresses via DHCP to Wired devices & Wireless devices connecting through WAP (set to Bridge)
Static DHCP Reservations setup via IP & MAC Binding settings DO WORK in terms of providing the assigned static IP Address to the client. Inbound/Outbound traffic to Internet works for devices with Static DHCP Reservations.
VLAN ID = 100 (Voice, Inter VLAN Routing = Disabled, LAN1-6 Excluded, LAN7 = Untagged, LAN8-14 = Excluded)
Device IP Address = 192.168.zzz.1
Subnet Mask = 255.255.255.0
DHCP Mode = DHCP Server
Remote DHCP Server = 0.0.0.0
Client Lease Time = 1440 min
Range Start = 192.168.zzz.100
Range End = 192.168.zzz.199
DNS Server = Use DNS as Below
Static DNS 1 = 208.67.222.222
Static DNS 2 = 208.67.220.220
WINS Server = 0.0.0.0
NOT serving dynamic IP Addresses via DHCP to Wired devices & Wireless devices connecting through WAP set to Bridge
Static DHCP Reservations setup via IP & MAC Binding settings DO WORK in terms of providing the assigned static IP Address to the client. Inbound/Outbound traffic to Internet works for devices with Static DHCP Reservations. -
DNS/DHCP app no longer sees DNS/DHCP server.
When I moved the majority of my Netware 6 servers to OES-NW last year, I started using iManager to handle admin duties for DNS and DHCP.
With a planned move to OES-L coming up, I tried accessing both services using the DNS/DHCP java console.
While I am able to log into that console, I am unable to see my DNS/DHCP server or any of the expected components for either service (DHCP pools, zone records, etc...).
I have tried both the console that is installable from the server and the newer LDAP-based version.
I have tried both 32 and 64-bit versions on XP and Windows 7, respectively.
Since I want to move those services to OES/Linux and the java console is the only mechanism that can administrate the services on that platform, I am perplexed.
My needs are simple, and I could easily move those duties to a SUSE server or even a Windows server, but that is not my preference.
Any ideas on where to begin troubleshooting are welcome.On 06.08.2012 21:56, gathagan wrote:
>
> When I moved the majority of my Netware 6 servers to OES-NW last year, I
> started using iManager to handle admin duties for DNS and DHCP.
>
> With a planned move to OES-L coming up, I tried accessing both services
> using the DNS/DHCP java console.
>
> While I am able to log into that console, I am unable to see my
> DNS/DHCP server or any of the expected components for either service
> (DHCP pools, zone records, etc...).
>
> I have tried both the console that is installable from the server and
> the newer LDAP-based version.
> I have tried both 32 and 64-bit versions on XP and Windows 7,
> respectively.
>
> Since I want to move those services to OES/Linux and the java console
> is the only mechanism that can administrate the services on that
> platform, I am perplexed.
> My needs are simple, and I could easily move those duties to a SUSE
> server or even a Windows server, but that is not my preference.
>
> Any ideas on where to begin troubleshooting are welcome.
You have more than one DNS-DHCP locator object in your tree, and the
console is picking up a/the empty one. Find the proper object (look at
the other tab in consoleone or imanager to see if it's connected with
servers zones and the like), and delete the superflouos ones.
This is an *extremely* common problem when OES gets introduced into a
tree, as it by default creates new locator objects in the server
container, if it's not configured otherwise.
CU,
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de -
Dhcp server won't admit my Arch Linux (though Win's have no problems)
1. Generally my dhcpcd works fine in every network (and always has, I have not changed anything substantial).
2. Currently I am in a network (for just a couple of weeks) in which it does not.
3. The network will ignore all my dhcp requests over both network devices, enp1s0 and wlp2s0 (ethernet and wifi)
4. When trying the same from Windows (dual boot), the dhcp client works brilliantly (i.e. the hardware is fine)
5. I can force entry into the cable network by simply assigning an IP address and setting netmask and gateway as was configured by dhcp when I tried from Windows
6. For wifi this does not work. More specifically it works for a brief moment if (and only if) I was connected from Windows immediately before and assign myself the same IP address (I can ping the gateway and also 8.8.8.8). After this moment the network apparently kicks me out (cannot ping anything any more, nothing answers). dhcpcd inform (dhcpcd -s <IP Adress>) does not fare better.
7. I tried changing some of the settings in dhcpcd.conf that have been given as reasons for similar problems in the forums, archwiki, or somewhere else, including exchanging 'duid' for 'clientid', and commenting out 'require dhcp_server_identifier'. Does not help. My dhcpcd.conf, see below.
8. dhclient does not work either.
What I want: Connect to the internet via wifi from Arch.
I guess this comes down to making the dhcp server believe my Arch was one of the Windowses it is used to. How do I do that?
I understand that dhcp does not involve clients revealing their operating systems to the servers; but some configurations are likely different between Arch and Windows. I am not used to working with Windows and have no idea how to access the dhcp client configuration settings there (if this is even possible) to get an idea what exactly is different. Here is my dhcpcd.conf - any ideas what exactly about it displeases the server so much or what I might change or add to make the server more pleasantly inclined?
dhcpcd.conf
hostname
clientid
#duid
persistent
option rapid_commit
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
option ntp_servers
#require dhcp_server_identifier
nohook lookup-hostname
noipv4ll
I would include the logs as well, but they are boring beyond belief, do not contain anything except for dhcpcd trying and failing with timeout.Thanks, MoonSwan & ewaller,
MoonSwan wrote:Windows' IP address and network settings navigate to: Control Panel -> Network and Internet -> Network Connections -> Click on Device Here (WIFI or LAN) -> Properties and from there you should be able to see the settings you need to figure out what's going on in Windows.
Found that, There are a lot of "Advanced properties", for instance "Bandwidth Capacity" is set to "11b/g: 20MHz", "BSS Mode" is set to "802.11n Mode", "Fragmentation Threshold" to "2346" (whatever that may mean) ... etc. Unfortunately, I cant copy any of that; most of it also seems rather unimportant; also I left all this on its default setting when I followed the instructions on how to connect to this wifi on Windows.
However, here is some information I managed to squeeze out of the pathetic, pittyful Windows terminal which they call the "Comand Line"
C:\Windows\system32> ipconfig /all
<...>
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : <the network name>
Description . . . . . . . . . . . : <hardware description> 802.11b/g/n (2.4GHz)
Physical Address. . . . . . . . . : <the mac address>
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : <some ipv6> %13(Preferred)
IPv4 Address. . . . . . . . . . . : <the ipv4> (Preferred)
Subnet Mask . . . . . . . . . . . : <subnet mask>
Lease Obtained. . . . . . . . . . : Fri, 23. May 2014 19:47:10
Lease Expires . . . . . . . . . . : Fri, 23. May 2014 21:17:09
Default Gateway . . . . . . . . . : <gateway ip>
DHCP Server . . . . . . . . . . . : <some ip that is not part of the local subnet>
DHCPv6 IAID . . . . . . . . . . . : 319352249
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-9F-0F-D6-E0-DB-55-CF-26-6
DNS Servers . . . . . . . . . . . : <a few dns server ip's>
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : <some ipv6> (Preferred)
Link-local IPv6 Address . . . . . : <another ipv6> %12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . : <the network name>
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : <some ipv6> (Preferred)
Default Gateway . . . . . . . . . : <another ipv6>
<yet another ipv6>
DNS Servers . . . . . . . . . . . : <the same ipv4 dns server ip's as above>
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Windows\system32> netsh wlan show all
Wireless System Information Summary
(Time: 23.05.2014 20:38:49 W. Europe Daylight Time)
=======================================================================
============================== SHOW DRIVERS ===========================
=======================================================================
Interface name: Wireless Network Connection
Driver : <hardware description> 802.11b/g/n (2.4GHz)
Vendor : Broadcom
Provider : Broadcom
Date : 21.01.2012
Version : 6.20.55.31
INF file : C:\Windows\INF\oem25.inf
Files : 5 total
C:\Windows\system32\DRIVERS\BCMWL664.SYS
C:\Windows\system32\bcmihvsrv64.dll
C:\Windows\system32\bcmihvui64.dll
C:\Windows\system32\drivers\vwifibus.sys
C:\Windows\system32\bcmwlcoi.dll
Type : Native Wi-Fi Driver
Radio types supported : 802.11n 802.11g 802.11b
FIPS 140-2 mode supported : Yes
Hosted network supported : Yes
Authentication and cipher supported in infrastructure mode:
Open None
Open WEP
Shared None
Shared WEP
WPA2-Enterprise TKIP
WPA2-Personal TKIP
WPA2-Enterprise CCMP
WPA2-Personal CCMP
WPA2-Enterprise Vendor defined
WPA2-Enterprise Vendor defined
Vendor defined Vendor defined
Vendor defined Vendor defined
Vendor defined TKIP
Vendor defined CCMP
Vendor defined Vendor defined
Vendor defined Vendor defined
WPA-Enterprise TKIP
WPA-Personal TKIP
WPA-Enterprise CCMP
WPA-Personal CCMP
Authentication and cipher supported in ad-hoc mode:
WPA2-Personal CCMP
Open None
Open WEP
IHV service present : Yes
IHV adapter OUI : [00 10 18], type: [00]
IHV extensibility DLL path: C:\Windows\System32\bcmihvsrv64.dll
IHV UI extensibility ClSID: {aaa6dee9-31b9-4f18-ab39-82ef9b06eb73}
IHV diagnostics CLSID : {00000000-0000-0000-0000-000000000000}
=======================================================================
============================= SHOW INTERFACES =========================
=======================================================================
There is 1 interface on the system:
Name : Wireless Network Connection
Description : 802.11b/g/n (2.4GHz)
GUID : 6d122ca5-cdc2-42d1-a1fb-3754098b19eb
Physical address : <the mac address>
State : connected
SSID : <ssid>
BSSID : <access point mac address>
Network type : Infrastructure
Radio type : 802.11n
Authentication : WPA2-Enterprise
Cipher : CCMP
Connection mode : Auto Connect
Channel : 1
Receive rate (Mbps) : 72
Transmit rate (Mbps) : 72
Signal : 83%
Profile : <ssid>
Hosted network status : Not available
=======================================================================
=========================== SHOW HOSTED NETWORK =======================
=======================================================================
Hosted network settings
Mode : Disallowed
Settings : <Not configured>
Hosted network status
Status : Not available
=======================================================================
============================= SHOW SETTINGS ===========================
=======================================================================
Wireless LAN settings
Show blocked networks in visible network list: No
Only use GP profiles on GP-configured networks: No
Hosted network mode allowed in WLAN service: No
Allow shared user credentials for network authentication: Yes
Block period: Not Configured.
Auto configuration logic is enabled on interface "Wireless Network Connection"
=======================================================================
============================== SHOW FILTERS ===========================
=======================================================================
Allow list on the system (group policy)
<None>
Allow list on the system (user)
<None>
Block list on the system (group policy)
<None>
Block list on the system (user)
<None>
=======================================================================
=========================== SHOW CREATEALLUSER ========================
=======================================================================
Everyone is allowed to create all user profiles.
=======================================================================
============================= SHOW PROFILES ===========================
=======================================================================
Profiles on interface Wireless Network Connection:
Group policy profiles (read only)
<None>
User profiles
All User Profile : <ssid>
<other profile names>
=======================================================================
========================== SHOW PROFILES NAME=* =======================
=======================================================================
Profile eduroam on interface Wireless Network Connection:
=======================================================================
Applied: All User Profile
Profile information
Version : 1
Type : Wireless LAN
Name : <ssid>
Control options :
Connection mode : Connect automatically
Network broadcast : Connect only if this network is broadcasting
AutoSwitch : Do not switch to other networks
Connectivity settings
Number of SSIDs : 1
SSID name : "<ssid>"
Network type : Infrastructure
Radio type : [ Any Radio Type ]
Vendor extension : Not present
Security settings
Authentication : WPA2-Enterprise
Cipher : CCMP
Security key : Absent
802.1X : Enabled
EAP type : Microsoft: Protected EAP (PEAP)
802.1X auth credential : Machine or user credential
Cache user information : Yes
<other profiles ...>
=======================================================================
======================= SHOW NETWORKS MODE=BSSID ======================
=======================================================================
Interface name : Wireless Network Connection
There are 4 networks currently visible.
SSID 1 : eduroam
Network type : Infrastructure
Authentication : WPA2-Enterprise
Encryption : CCMP
BSSID 1 : <other access point ssid>
Signal : 2%
Radio type : 802.11n
Channel : 11
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
BSSID 2 : <other access point ssid>
Signal : 0%
Radio type : 802.11n
Channel : 11
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
BSSID 3 : <access point ssid>
Signal : 87%
Radio type : 802.11n
Channel : 1
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
BSSID 4 : <other access point ssid>
Signal : 0%
Radio type : 802.11n
Channel : 1
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
SSID 2 : <...>
What I find odd is this "Taredo Tunneling Pseudo-Interface". As a matter of fact, I have not the slightest idea if this is happening inside this local Windows I have here or if this is something real in the network configuration (on the other side of the access point)... It apparently should tunnel IPv6 to IPv4 and/or vice versa. However, why would there be two connections over the same network interface (IPv6 and IPv4)...
What is odd as well is that the DHCP server is not part of the subnet my Windows is in. It just seems to announce IP, netmask, gateway to the Windows ... (the gateway is in the subnet). Could it be that the Linux dhcp client does not accept something like that. No, that's unlikely, right? dhcpcd -d should have reported this...
MoonSwan wrote:Btw, love the name,
Thanks. Likewise
MoonSwan wrote:it's nice to see such a name after seeing so many that are intentionally hurtful to others of any stripe in a rainbow.
Actually, I always felt that the Arch Forum is quite tolerant in this respect. (And so is reddit, but of course, you are right, there are places on the internet where you can run into a lot of assholes. Kind of like in the real world... Quite frustrating.)
ewaller wrote:I guess it could be a MAC problem. but I don't know.
Unlikely; on windows the mac address is the same.
ewaller wrote: Can you get to the router logs? Can you see if the router saw a solicitation?
no. and given their network configuration I don't suppose the IT people here would be very forthcoming if I asked them. Their helpdesk said that they couldn't help me since my laptop was not one of their computers.
ewaller wrote:Also, (just a sanity check) are you sure you are connected to the correct access point? But that does not make sense -- you said this happens on wired as well sad
Dang.
I am. It's WPA2 encrypted & I only have access data to this one wifi network. (To avoid confusing everyone with mentioning too many different things, I did not detail this in the original post. I am accessing it using wpa_supplicant running in a terminal; wpa_supplicant works fine says "connection succeeded" etc. So the problem is not in the WPA/ wifi-connection layer but really in the IP/dhcp layer.)
ewaller wrote:Is this a corporate environment? A school perhaps?
Yes, a university. They have someone working here who went through great lengths to make it difficult for people to connect to the internet. -
PHP in Solaris 10 and Non-Global Zones: Problem of performance?
Hi friends
We are feeling a poor performance with applications developed with PHP in Solaris 10, with non-global and global zones, while Intel platform (Xeon and Pentium), performance is very good. Difference between both platforms is about 200% aprox, one second in Intel to 9, 12 or 20 seconds in Solaris depending of model.
Our tests were developed in:
1. SF T2000 server Solaris 10 global zone
2. SF T2000 server Solaris 10 non-global zone
3. SF280R server Solaris 10 non-global zone
4. V240 server with 1 GB memory, 1*US III-i 1.0 GHz and Solaris 9 (really this version for test and comparisons)
5. V240 server with 8GB memory, 2*US III-i 1.5Ghz and Solaris 9 (really this version for test and comparisons too)
Intel platforms were:
1. Intel Pentium 4 2GHz 2GB memory, Linux Fedora and PHP 4.4.4
2. Intel Xeon 2 core, 2.33GHz 2GB memory, Linux Fedora and PHP 4.4.3
Versions of products are:
1. Solaris 9 or Solaris 10
2. PHP 4.4.7 downloaded from http://www.php.net/downloads.php
3. Apache 2.0.59
4. MySQL 4.1.15-log
Our php compilation and installation were:
./configure --prefix=/usr/local/php-4.4.7 \
--with-pear \
--with-openssl=/usr/local/ssl \
--with-gettext \
--with-ldap=/usr/local \
--with-iconv \
--enable-ftp \
--with-dom \
--with-mime-magic \
--enable-mbstring \
--with-zlib \
--enable-track-vars \
--enable-sigchild \
--disable-ctype \
--disable-overload \
--disable-tokenizer \
--disable-posix \
--with-gd \
--with-apxs2=/usr/local/apache2.0.53/bin/apxs \
--with-mysql \
--with-pgsql \
--with-oci8=/oracle/product/9.2.0 \
--with-oracle=/oracle/product/9.2.0 \
--with-png-dir=/usr/local \
--with-zlib-dir=/usr/local \
--with-freetype-dir=/usr/local \
--with-jpeg-dir=/usr/local
make
make install
Questions:
Is there any problem of PHP with SunFire T2000 servers or 64-bits platforms?
Is there any flag of PHP would be use to compilarion PHP in 64-bits or multithread?
I wait for any comments or suggestions about our problem with PHP compilation and performance in Solaris 10. Thanks a lot.
Sergio.I presume you compiled php on the Sun server, was this done using gcc or the Sun One C compiler.
If the latter then you can also use the flag: --enable-nonportable-atomics when you run configure -
DHCP client fails to get an valid IP address from DHCP server. windows 8.1
I have a win 8.1 Pro 64 bit pc in my office .I'm trying to connect it to my wireless cisco router with either wireless or hardwired connection but I get an error in the event viewer with discription DHCP error 1007. and Ip address showing
169.254.93.17 but our dhcp range is 192.168.1.x
Log Name: Microsoft-Windows-Dhcp-
Source: Microsoft-Windows-Dhcp-Client
Date: 23/Jun/2014 12:03:21 PM
Event ID: 1001
Task Category: Address Configuration State Event
Level: Error
Keywords: (1)
User: LOCAL SERVICE
Computer: sanddeplap.vts.com
Description:
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0xF4B7E22D8721. The following error occurred: 0x79. Your computer will continue to try and obtain an address on its
own from the network address (DHCP) server.
Event Xml:
<Event xmlns="http://schemas.">
<System>
<Provider Name="Microsoft-Windows-Dhcp-
<EventID>1001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>3</Task>
<Opcode>75</Opcode>
<Keywords>0x4000000000000001</
<TimeCreated SystemTime="2014-06-23T08:03:
<EventRecordID>363</
<Correlation />
<Execution ProcessID="988" ThreadID="7932" />
<Channel>Microsoft-Windows-
<Computer>sanddeplap.vts.com</
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="HWLength">6</Data>
<Data Name="HWAddress">F4B7E22D8721<
<Data Name="StatusCode">121</Data>
</EventData>
</Event>
I tried to track issue with microsoft network monitor I'm attaching the capture file also please help me to sort out this issue
capture report https://onedrive.live.com/redir?resid=AFE3D0245A92F6F8%21183The issue is that your machine is not being assigned an IP address / was unable to reach the DHCP server to receive one. The 169.254.x.x IP your machine is showing isn't assigned from DHCP, it's assigned by the local machine and is referred to as an APIPA
address.
So something is preventing your machine from reaching your DHCP server, which could one of a number of things. In the first instance I'd suggest having a look at
http://epan36.blogspot.co.uk/2012/09/eventid-1001-dhcp-your-computer-was-not.html which lists several of things that could cause this error and things you can try in order to resolve it.
If none of those work, can you confirm whether you have any other machines connecting via the same method on the network, which might indicate whether this is an issue at the machine end or somewhere between the machine and DHCP server? -
How to enable GUI in a non global zone in solaris11?
How to enable graphical logon in a non global zone in solaris11, so the zone can be login by Xmanager? Thanks!
This guide will cover how to setup a basic VNC connection to a Solaris 11 machine. There is also an optional step to allow for persistent VNC connections.
Step 1
Configure GDM to include ‘[security] DisallowTCP=false’ and ‘[xdmcp] Enable=true’.
$ sudo gedit /etc/gdm/custom.conf
# GDM configuration storage
[daemon]
[security]
DisallowTCP=false
[xdmcp]
Enable=true
[greeter]
[chooser]
[debug]
Step 2
Configure X-Server to accept remote connections.
# svccfg -s application/x11/x11-server
svc:/application/x11/x11-server> setprop options/tcp_listen = boolean: true
svc:/application/x11/x11-server> end
Step 3
Configure the VNC service (you could change the ‘-geometry 1280×720′ to whatever resolution you would like).
# svccfg -s xvnc-inetd
svc:/application/x11/xvnc-inetd> setprop inetd_start/exec = astring: "/usr/bin/Xvnc -desktop sol11:0 -geometry 1024x768 -inetd -query localhost -once securitytypes=none"
svc:/application/x11/xvnc-inetd> setprop inetd/wait = boolean: true
svc:/application/x11/xvnc-inetd> end
** The line highlighted red is optional – only do this if you want your VNC connection to persist (as well as any potential security issues)
or
# svccfg -s xvnc-inetd
svc:/application/x11/xvnc-inetd> editprop
search for # setprop inetd_start/exec = astring: "/usr/bin/Xvnc
copy the line, uncomment the copy, makethe changes above, write the file out.
svcadm refresh xvnc-inetd
Step 4
Disable and the re-enable the GDM and VNC-inetd services for the changes to take effect.
$ su root
Password:
# svcadm disable gdm xvnc-inetd; svcadm enable gdm xvnc-inetd
If still in maintenance, reboot (I had to, don't know why).
Step 5
Point your favourite VNC client at your Solaris server and test if it accepts your VNC connection – you should be presented with a Username/Password login screen.
If you performed the optional step to make your connections persist – close your favourite VNC client and then reconnect – if you remained logged in you have a persistent connections.
Greg on said:
After a fresh text install of Solaris-11 (11/11) both xvnc-inetd and gdm are not present. After installing them (# pkg install xvnc-inetd gdm) I can’t get gdm to start:
# svcadm enable gdm
# svcs gdm
offline 10:24:03 svc:/application/graphical-login/gdm:default
Any thoughts?
Ron on said:
You are missing some X packages. Do the following:
pkg install slim_install # installs 400+ packages
svcadm enable gdm && exit # gdm now works
pkg uninstall slim_install # uninstalls the installer package only -
Is it possible to patch Global Zone and only specific Non-Global Zones?
Hi Champs,
Is it possible to patch Global Zone and only specific Non-Global Zones? Idea is to patch DEV-zones only on the system & test applications and then patch only the STG-zones on same server!
Not sure if it is possible but just throwing a question...
Cheers,
NitinM10vir wrote:
Yes, if you have branded (non-sparse) zone!Branded zones and sparse zones don't have the relation that you imply. In Solaris 10, native zones can be sparse or whole-root (non-sparse, as you say). Zones that are not native zones are branded zones. Branded zones on Solaris 10 include Solaris Legacy Containers, previously known as Solaris 8 Containers and Solaris 9 Containers. That add-on product allows you to run Solaris 8 and Solaris 9 application environments under a thin layer of virtualization provided by the brands framework. solaris8 and solaris9 branded zones can be patched independently of each other and of the global zone.
Solaris 11 has no "native zones" - all zones use the brands framework. The "solaris" brand does no emulation and in that respect is very similar to native zones on Solaris 10. Solaris 11 also provides Solaris 10 Zones via the solaris10 brand. This allows zones or the global zone from a Solaris 10 system to be transferred to a Solaris 11 system and run as solaris10 zones. When running on Solaris 11, solaris10 zones can each be patched independently from each other and the Solaris 11 global zone. Technically, Solaris 11 doesn't have patches - it just has newer versions of packages to which the system is updated.
Maybe you are looking for
-
How do I get my macbook pro to 'see' my external HD attached to Airport BS?
Hi, I'm still finding my way around my mac and have come up against a wall! I have a Maxtor External Hard Drive attached via USB to my Airport Base Station (firmware 7.1) I can see the Hard Drive is listed in the Airport Utility, I have ticked enable
-
JTable - Dynamic wrapping of text in a cell.
Hello, Can anyone tell me how to dynamically wrap the text in a particular cell of a JTable if it is to long to be displayed on one line? I don't care if it affects the row height. Basically, I have a table with 3 columns, the thrird of which is a "n
-
Hi i have a i phone 5 64 gb and i want to replace it
hi i hve purchased a iphone 64 bg with apple care + from canada and now i moved to india now i want to replace my i phone whats the solution for it shoud i send it back to canada with some one or what please help me. my apple care+ service is remaini
-
How to you get the percentage of a number in an array in ipad numbers
How to you get the percentage of a number in an array in ipad numbers?
-
Wwan won't stay connected - ERROR
hi! i am able to connect to the internet with my sim card and access connections. after some time the connection gets lost and access connections doesn't respond anymore. in the protocoll i get the following errors: ERROR AcSvc( SYSTEM(Prvlg).3008.66