DHCP server + IP multipath

hi,
I have configured a solaris 10 box that runs a dhcp server with ha networking using multipathing:
ifconfig dmfe0 thehostname netmask + broadcast + group mygroup -failover deprecated up
ifconfig dmfe0 addif hahostname + broadcast + failover up
ifconfig dmfe1 otherhostname netmask + broadcast + group mygroup -failover deprecated up
The networking if working fine, and setting the failover period to 2500 in /etc/default/mpathd works great - unplug cable from dmfe0 and the host is still available
before using hahostname as a virtual interface, it was bound to dmfe0, and running dhcp was all fine. Now that the IP is on the virtual interface, the DHCP server address that clients see is the IP of "thehostname" (from /etc/hosts). 1st question: is it possible to get the DHCP server to show its IP address as the IP of HAHOSTNAME instead of THEHOSTNAME? I have added "INTERFACES=dmfe0,dmfe1" to /etc/inet/dhcpsrv.conf, not able to bind to virtual interfaces, would like to if possible
In addition to that, since implementing this networking config, dhcp is not running as well. The clients on the network all received dhcp addresses with no problems prior to the HA configuration changes, after changing to this config and restarting (either restarting the dhcp-server service with svcadm or even after a server reboot), some clients are not getting IP addresses. The clients are Windows XP clients, and I had to disable my network card and re-enable it to get it to get an IP address. I get the following error in event viewer (event ID 1001):
"The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server."
after getting an IP, i can renew my IP and there are no problems, but in the event of the primary nic failing (tested by unplugging network cable), i cannot get DHCP addresses again.
the first thing that jumps to mind is it might be an arp issue - should i be binding the same mac address to all cards perhaps? i have set local-mac-address?=true with eeprom.
ideas?

You may want to ask this under Firewall section of this forum.
Regards,
Sawan Gupta

Similar Messages

Can I use DHCP snooping and IOS DHCP server on the same switch stack

Hello,
I am shortly going to be deploying a Cisco CallManager solution for a customer whose network comprises stacks of Catalyst 3850 switches.
There is no separate core/server farm switch so the CallManager servers, voice gateways and IP phones will all plug into the same stack and be in the same VLAN (not my choice!).
For security we want to enable DHCP snooping and were planning on using the IOS DHCP server on the Catalyst switch stack.
Will this work? - when I enable DHCP snooping in networks with separate access layer switches I set the uplinks to the core as trusted links.
I am not sure whether DHCP snooping will work in this case. Do I need to set the VLAN interface on the switch as trusted, is this even possible?
Unfortunately I do not have access to a layer 3 switch to test this at the moment.
Thanks

Nope. That's the issue.
They'll sync on a third device acting as a hotspot, but the device sending a signal is not "on" the network it creates so the airport is all by itself on that network. At least that is what it looks like to me. Anyone have another take on it? Seems pretty silly that an iPad can put out a wifi signal, an Airport Express can receive a wifi signal, and yet there is no simple way to get them to communicate under this particular condition.

Can I use ASA to be a DHCP Server use in WLC wireless Client

I want to use ASA to be a DHCP Server for Wireless Client not it can't.
I check the debug log in WLC, I confirm the WLC have send the request to ASA.
In the ASA, it don't have any hits in the rule when the WLC send the DHCP relay request.
I have try don't use dhcp relay in WLC but don't success. Anybody have the same case with me? And Is the ASA can't support DHCP relay agent to request to get the IP Addr.
P.S. In the Network Design limitation so I can't use WLC to be DHCP Server.
Equipment:
ASA5510
WLC4402
How can I fix it.
Thank you very much

The issue is that the ASA doesn't accept DHCP requests from a relay agent, only broadcast DHCP requests. In the 4.2 version for the controllers there is now an option so you can change the way the controller forwards DHCP requests so that it is sent as a broadcast and not from a relay agent.

Remote access VPN with ASA 5510 using DHCP server

Hi,
Can someone please share your knowledge to help me find why I am not able to receive an IP address on remote access VPN connection while I can get an IP address on local DHCP pool?
I am trying to setup remote access VPN with ASA 5510. It works with local dhcp pool but doesn't seem to work when I tried using an existing DHCP server. It is being tested in an internal network as follows:
ASA Version 8.2(5)
interface Ethernet0/1
nameif inside
security-level 100
ip address 10.6.0.12 255.255.254.0
ip local pool testpool 10.6.240.150-10.6.240.159 mask 255.255.248.0 !(worked with this)
route inside 0.0.0.0 0.0.0.0 10.6.0.1 1
crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dyn1 1 set transform-set FirstSet
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface inside
crypto isakmp enable inside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
vpn-addr-assign aaa
vpn-addr-assign dhcp
group-policy testgroup internal
group-policy testgroup attributes
dhcp-network-scope 10.6.192.1
ipsec-udp enable
ipsec-udp-port 10000
username testlay password *********** encrypted
tunnel-group testgroup type remote-access
tunnel-group testgroup general-attributes
default-group-policy testgroup
dhcp-server 10.6.20.3
tunnel-group testgroup ipsec-attributes
pre-shared-key *****
I got following output when I test connect to ASA with Cisco VPN client 5.0
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDO
4024 bytesR copied in 3.41 0 secs (1341 by(tes/sec)13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 853
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ke payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ISA_KE payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing nonce payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received xauth V6 VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received DPD VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Fragmentation VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, IKE Peer included IKE fragmentation capability flags: Main Mode:        True Aggressive Mode: False
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received NAT-Traversal ver 02 VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Cisco Unity client VID
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, Connection landed on tunnel_group testgroup
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing IKE SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, IKE SA Proposal # 1, Transform # 9 acceptable Matches global IKE entry # 1
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ISAKMP SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ke payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing nonce payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Generating keys for Responder...
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Cisco Unity VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing xauth V6 VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing dpd vid payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Traversal VID ver 02 payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Fragmentation VID + extended capabilities payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 440
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing notify payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Received Cisco Unity client VID
Jan 16 15:39:21 [IKEv1]: Group = testgroup, I
[OK]
kens-mgmt-012# P = 10.15.200.108, Automatic NAT Detection Status:     Remote end is NOT behind a NAT device     This   end is NOT behind a NAT device
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 87
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing MODE_CFG Reply attributes.
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary DNS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary DNS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary WINS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary WINS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: IP Compression = disabled
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Split Tunneling Policy = Disabled
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Setting = no-modify
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Bypass Local = disable
Jan 16 15:39:26 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, User (testlay) authenticated.
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 60
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg ACK attributes
Jan 16 15:39:27 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=49ae1bb8) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 182
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg Request attributes
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 address!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 net mask!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DNS server address!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for WINS server address!
Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Received unsupported transaction mode attribute: 5
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Banner!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Save PW setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Default Domain Name!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split Tunnel List!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split DNS!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for PFS setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Browser Proxy Setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for backup ip-sec peer list!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Smartcard Removal Disconnect Setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Application Version!
Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Client Type: WinNT Client Application Version: 5.0.07.0440
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for FWTYPE!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DHCP hostname for DDNS is: DEC20128!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for UDP Port!
Jan 16 15:39:32 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected. No last packet to retransmit.
Jan 16 15:39:37 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=b04e830f) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 84
Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing hash payload
Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing notify payload
Jan 16 15:39:37 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected. No last packet to retransmit.
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE received response of type [] to a request from the IP address utility
Jan 16 15:39:39 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Cannot obtain an IP address for remote peer
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE TM V6 FSM error history (struct &0xd8030048) <state>, <event>: TM_DONE, EV_ERROR-->TM_BLD_REPLY, EV_IP_FAIL-->TM_BLD_REPLY, NullEvent-->TM_BLD_REPLY, EV_GET_IP-->TM_BLD_REPLY, EV_NEED_IP-->TM_WAIT_REQ, EV_PROC_MSG-->TM_WAIT_REQ, EV_HASH_OK-->TM_WAIT_REQ, NullEvent
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE AM Responder FSM error history (struct &0xd82b6740) <state>, <event>: AM_DONE, EV_ERROR-->AM_TM_INIT_MODECFG_V6H, EV_TM_FAIL-->AM_TM_INIT_MODECFG_V6H, NullEvent-->AM_TM_INIT_MODECFG, EV_WAIT-->AM_TM_INIT_XAUTH_V6H, EV_CHECK_QM_MSG-->AM_TM_INIT_XAUTH_V6H, EV_TM_XAUTH_OK-->AM_TM_INIT_XAUTH_V6H, NullEvent-->AM_TM_INIT_XAUTH_V6H, EV_ACTIVATE_NEW_SA
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE SA AM:bd3a9a4b terminating: flags 0x0945c001, refcnt 0, tuncnt 0
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, sending delete/delete with reason message
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing IKE delete payload
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:39 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=9de30522) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
Regards,
Lay

For RADIUS you need a aaa-server-definition:
aaa-server NPS-RADIUS protocol radius
aaa-server NPS-RADIUS (inside) host 10.10.18.12
key *****
authentication-port 1812
accounting-port 1813
and tell your tunnel-group to ask that server:
tunnel-group VPN general-attributes
authentication-server-group NPS-RADIUS LOCAL
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Can you use the Airport Express A1264 as an AP and a DHCP server at the same time?

Can you use the Airport Express A1264 as an Access Point and a DHCP server at the same time?
I would like to use it as a DHCP server and AP at the same time in my LAN (no internet, just local machines through a few switches). I was lead to belive this could be the case from a few networking friends that haven't been friendly enough to help me out setting it up.

I need it to act as a dLink/Cisco/Linksys/etc basic wifi router, in the fact that you can access it via wifi, and it will spit out DHCP addresses (192.168.1.xxx) to everything wired downstream of it.
I want to simultaniously provide a Wifi connection and a LAN connection at the same time
Thanks,
BRad

Can I use my WRT54G as a DHCP server only? I've got 5 dynamic IP's from Time Warner..

Hi everyone, I'm wondering if I can use my WRT54G as a DHCP server only only my network, without having to have any of my PC's plugged into it's router ports? I looked at the settings but I couldn't get it to work.
Here's why: I just got Time Warner Business Class cable internet which comes with 5 dynamic IP's. I want each computer, well 4 of them at least and 1 for the WRT54G, to have a unique IP when accessing the internet, and the other computers (5 more computers) to use the DHCP server in the WRT54G to get a NAT IP for use on the internet.
We play Diablo II on the internet and only 4 computers can be connected through 1 IP, so that limits us in my current configuration.
Current Equipment: One WRT54G, one Netgear GS116 16 port gigabit non-managed switch. One Time Warner Cable modem. Also attached to the network is one HP network printer, a Buffalo LinkStation NAS and a Zensonic Network DVD player.
Current config: Cable modem --> WRT54G --> Netgear switch.
Ideal config: Cable modem --> Netgear switch --> WRT54G.
With my current config, I am not taking advantage of the 5 dynamic IP's, but all the computers connected to the Netgear switch or the WRT54G can connect to the internet and the NAS.
So my ideal config (where I don't have to buy anything and where all the computers can print and access the NAS) is to connect all the computers and devices to the Netgear Switch and somehow force 4 of the computers and the WRT54G to get a dynamic IP from the cable modem, while the other computers and devices use the DHCP server on the WRT54G to get to the internet.
Is this possible?
I called Time Warner Cable and they weren't any help. I called the Linksys sales department and they weren't of much help either.
I suppose that I could purchase a new 8 port switch and attach 4 computers, the cable modem and the WRT54G to it. Then attach the Netgear to the WRT54G to accomodate the printer, NAS, and the other 5 computers. But in that senario, the 4 computers connected to the new switch can't print and can't reach the NAS. And geez, some computers would have to go through 3 devices to reach the internet, which has got to slow them down.
I did read about the Linksys EFG120 which has a DHCP server, but at $400 and only 120 gigs, it doesn't work for me.
I called Time Warner and the cost of more dynamic IP's is prohibitive, I'm already paying $79 a month for this internet and they want another $50 a month for 7 more dynamic IP's and that wouldn't help my NAS or my printer.
The cost of a 16 port gigabit switch with DHCP is an amazing $800 or so, which is out of the question.
Sorry for being so long winded and thanks for reading this far. I'm looking forward to any replies.

That is a hell of a setup. I don't know if it would be easier and cheaper to either buy a real router like a Cisco, get fixed IP addresses and a RV042, or buy 4 network cards for the four of the five computers which need the internet access for gaming.
O.K. First your setup:
1. You wire the modem to the 6-port switch.
2. You connect the remaining 5 ports with the WAN ports of 5 WRTs with DHCP on the WAN interface.
3. You configure each WRT with unique LAN IP addresses in the same subnet, e.g. 192.168.1.1/255.255.255.0, 192.168.1.2, 192.168.1.3, 192.168.1.4, 192.168.1.5.
4. You turn off all DHCP servers except on one, e.g. 192.168.1.1. That router will be the default router and internet connection for any client which gets dynamic LAN addresses (as fallback or guests, I would not configure the NAS or printer with DHCP addresses if you have everything else on static IP addresses). You can certainly disable all DHCP servers if you want, too.
5. Now you connect all WRTs with each other.
5a. You connect port 1 of the 1st WRT with port 1 of the 2nd.
You connect port 2 of the 2nd with port 1 of the 3rd.
Port 2 of the 3rd with port 1 of the 4th.
Port 2 of the 4th with port 1 of the 5th.
(Do not create a loop connecting port 2 of the 5th with port 2 of the 1st!!)
5b. You buy another switch and connect each port 1 of each router with this switch. This has the advantage that you don't have a long cascade between the 1st and the 5th router like in 5a.
6. You connect all devices to the LAN.
6a. If you did 5a, you will probably put each computer to the router which internet connection it uses. The NAS and printer could go anywhere.
6b. If you did 5b, you hopefully bought a 16 or 24 port switch. Then you plug simply everything into that switch. Otherwise you can certainly use the free ports of the WRTs like in 6a.
7. You configure all your devices with static IP addresses. For instance,
IP 192.168.1.11
netmask 255.255.255.0
gateway 192.168.1.1
For the DNS servers I would highly recommend to use the DNS servers of your ISP directly and not use the relay on 192.168.1.1.
The gateway address defines through which router the computer connects to the internet.
8. You may still have to configure port forwardings on the router to the game computer if required for the game.
An interesting alternative to this setup might be to buy 4/5 network cards for the 4/5 computers with direct internet access. Then you use the one network card to connect to your single LAN behind your single WRT. The other network card goes into the switch behind the modem and has direct internet access. You then have to tell Windows which of the network cards has the default gateway for the internet connection (to prevent routing all traffic through the LAN and the WRT to the internet). One game computer would have to be behind the WRT.

Can some one translate these instructions D-Link DI-524: installation as wireless HUB/Bridge General ON ALL TYPES OF ROUTERS DHCP SERVER HAS TO BE DISABLED ON ALL TYPES OF ROUTERS UPnP ALSO HAS TO BE DISABLED OTHERWISE YOU CAN SEVERELY HINDER OTHER USE

D-Link DI-524: installation as wireless HUB/Bridge
General
ON ALL TYPES OF ROUTERS DHCP SERVER HAS TO BE DISABLED
ON ALL TYPES OF ROUTERS UPnP ALSO HAS TO BE DISABLED
OTHERWISE YOU CAN SEVERELY HINDER OTHER USERS IN YOUR NEIGHBOURHOOD!
Practical example: D-Link DI-524
The DI-524 is a wireless router.Although the manufacturer doesn't mention this, you can also install this device as a wireless hub.Of course this is not supported by the manufacturer. Therefor you have nowhere to go in case of any problems Plug in the power cord of the DI-524. Do not yet connect the network cable!Search for existing wireless networks with your computer. Connect with the router.This can for example be done like this:
Click the start-button (at the bottom in the left corner of your screen).
Go to control panel
Go to internet connections (you may have to choose classic representation first)
You can now see your wireless network card, among other things. Right-click and 'View available Wireless networks'.
Connect to the router. In most cases the router will be called 'default'.Check your IP-address: you get an IP address from the DI-524
Go to the start-button
Go to 'Run'
Type 'cmd' and press enter
type 'ipconfig' and press enter
your IP address starts with 192.
Surf to your router with your regular browser. For this you need the address and a password, which you can find in the documentation.
In this case the address is 192.168.0.1
Now you must secure the router. For this it is best to use WPA-PSK
Your key is a randomly chosen sentence. Don't make this sentence too short.
Warning: Case sensitive!
You cannot reach the router anymore now.
Go back to your network card via "make connection". Search for your wireless network again and make a new connection
You are asked for a key. Supply this key the way you configured it in your router.
Surf back to the router.
Disable the DHCP server.
!! YOU HAVE TO DISABLE UPnP ON ALL TYPES OF ROUTERS
OTHERWISE YOU CAN SEVERELY HINDER OTHER USERS IN YOUR NEIGHBOURHOOD!
for this, go to Tools, Misc and switch off UPnP
Save these settings.
If you do not have a D-link router, look up in the manual or somewhere else where you can disable UPnP
Now you cannot reach the router anymore again.
It is only from this moment that you can connect the router to the modem.
Important: Use one of the 4 LAN ports. Never use the WAN port!
Go to your network card via the control panel. Right-click and "Repair"
Now you should get an IP-address in the range of 10.nnn.nnn.nnn
If you still don't have 192... you've made an error. The DI-524 still functions as a router and this is not allowed!

There are no Mac based instructions. The router is accessed and adjusted the same way whether you are using a Mac OS X, Windows or Linux. As noted in the other post it is done through your web browser which works the same from any computer. Even a Chrome Book.
akertrav wrote:
Thank you for that what I have been trying to do is extend the range of my wifi witha second dilink router. I was hoping for some mac based directions to achive this rather than the PC based as presented. Thank you for your ireply Paul

Two questions about SG300 DHCP server

Hi,
I have two questions about the DHCP server on the SG300:
On the Address Binding page, what does the "Declined" state mean? I have a NAS device that won't pull an address, and I think that the entry with a state of "Declined" corresponds to this device. It was previously pulling an address from a RV180, so the only difference is that it is now connected to the SG300. I worked around this by manually setting the address on the NAS device, but this won't scale if I run into a lot of other devices that can't pull an address.
I configured a static address binding for a WAP321 and found that instead of pulling the configured address that it pulled a dynamic address. I checked the Address Binding page and see that the dynamic entry that corresponds with the WAP321 has a Client Identifier rather than a MAC address. I changed the static entry for the WAP321 to use the client identifier displayed in the dynamic entry, and now the WAP321 pulls the configured static address. Is this expected behavior?
Thanks,
Bob

With the SX300/500 it is required the client identifier, it doesn't automatically insert it. If static DHCP is made on the switch and you didn't need client identifier, that is more or less fortunate behavior for you
So to answer this question, the expected behavior is to configure client identifier for static DHCP entry.
-Tom
Please mark answered for helpful posts
http://blogs.cisco.com/smallbusiness/

How do I find where my DHCP server is on my network?

I have a home network, a BT server, with an iMac, a MACBook Pro, two back-ups (Airports) and a Squeezebox (for internet radio). The problem is that the Squeezebox keeps dropping out and informing me that it cannot find the DHCP server. This did not used to be a problem, has happened failry recently, for no obvious reason. Any help is much appreciated.

start
system information
click network
click Wi-FI or ethernet depending how you get your network on the mac
scroll to the DHCP Server responses:
look under it's Server Identifier

Cisco 1702i WAP: how to get an interface in a non-native bridge group/ VLAN to be recognized by the internal DHCP server

Does anyone know how the internal DHCP server in these access points connects to virtual interfaces and bridges in the unit?
Is there some sort of default connection that connects the DHCP server to the native bridge group or VLAN?
In a test case, with an SSID in the native VLAN and bridge group, the 1702i serves an IP address to a wireless client no problem. But with a second SSID in a non native VLAN and bridge group, no IP gets served. My only guess is that since the bvi1 defaults to the native bridge group and VLAN, sub-interfaces also in this group are assumed to be in the same subnet as bvi1, or in this case:
interface bvi1
ip address 192.168.1.205 255.255.255.0
no ip route-cache
exit
It would be the ..1. subnet.
Since the dhcp pool is set as:
ip dhcp pool GeneralWiFi
network 192.168.1.0 255.255.255.0
lease 1
default-router 192.168.1.1
dns-server 8.8.8.8
exit
There may be an assumption that anything bvi1 can talk to is in the ..1. subnet, so the above pool gets activated on a request coming through bvi1.
Is the DHCP server just hanging out waiting for a request from an "area" that is assumed to be on the same subnet as the given pool?
Do I need to somehow show the device what subnet the 2nd SSID/ subinterfaces are in so the internal DHCP server can decide it needs to go to work, or is there some sort of bridging between the DHCP server and the interfaces that needs to be done? I am trying to use the same DHCP pool for the second subnet at this point, since I assume I will need another router to service an additional subnet and DHCP pool.

Keep in mind that DHCP is a broadcast packet to start. So the AP can only listen in the subnet that it has an IP address for.
Now, for any other subnet you can use the AP for DHCP but you have to have an IP helper address on your L3 pointing back to the AP.
That being said, I wouldn't use the DHCP server on the AP as it is limited. You'd be better off using a Microsoft server or some other device that is designed for DHCP.
HTH,
Steve

DHCP Setup across multiple VLANs on RV325 - DHCP Server only working on VLAN 1

I have multiple VLAN subnets defined on my RV325 - when I try and utilize a DHCP Server on each VLAN, it only seems to be issuing IP Addresses to clients on VLAN ID 1. When I first set this up months ago, I thought I had tested it providing IP Addresses via the other subnets. Now that I am trying to do so, it isn't working "as expected". Example - I am using VLAN 25 as the GuestWireless subnet utilizing a separate 802.11n WAP that is set to Bridge connections to the IP Address of the VLAN interface. Devices are able to connect to the WAP, but end up with a self-assigned IP Address 169.x.x.x address. There has to be an easy fix to this, but I seem to be "stuck" figuring out what it is…pointers/redirects appreciated. Thanks!

Thanks - I've already reviewed that information before I posted. I've been working with DHCP since the mid-90's, so I'm comfortable with the settings/configuration I need to leverage to make this work via other means using various Network-based OSes.
I'm wondering if there are other options in configuring this device that can impact the ability to dynamically serve IP addresses on a VLAN/subnet-by-VLAN/subnet basis.
As I did more testing, I discovered when I reserved an IP Address via the IP & MAC Binding option within the DHCP Settings, those devices would receive their static reservations and work as expected, so the problem seems to be leveraging the DHCP Pool for devices connecting to VLANs other that VLAN 1.
Any ideas as to why the DHCP Pool's are "non-functioning" for the other VLANs is greatly appreciated...
Each VLAN is setup with a separate DHCP Server configuration as shown below:
VLAN ID = 1 (Default, Inter VLAN Routing = Enabled, LAN1-6 = Untagged, LAN7=Tagged, LAN8=Excluded, LAN9-14 Untagged)
Device IP Address = 172.16.xxx.1
Subnet Mask = 255.255.255.0
DHCP Mode = DHCP Server
Remote DHCP Server = 0.0.0.0
Client Lease Time = 1440 min
Range Start = 172.16.xxx.100
Range End = 172.16.xxx.199
DNS Server = Use DNS as Below
Static DNS 1 = 208.67.222.222
Static DNS 2 = 208.67.220.220
WINS Server = 0.0.0.0
Correctly serving IP Addresses via DHCP (both static and dynamic) to Wired devices & Wireless devices connecting through WAP (set to Bridge)
VLAN ID = 25 (GuestWireless, Inter VLAN Routing = Disabled, LAN1-LAN7 = Excluded, LAN8 = Untagged, LAN9-14 = Excluded)
Device IP Address = 172.16.yyy.1
Subnet Mask = 255.255.255.0
DHCP Mode = DHCP Server
Remote DHCP Server = 0.0.0.0
Client Lease Time = 1440 min
Range Start = 172.16.yyy.100
Range End = 172.16.yyy.199
DNS Server = Use DNS as Below
Static DNS 1 = 208.67.222.222
Static DNS 2 = 208.67.220.220
WINS Server = 0.0.0.0
NOT serving dynamic IP Addresses via DHCP to Wired devices & Wireless devices connecting through WAP (set to Bridge)
Static DHCP Reservations setup via IP & MAC Binding settings DO WORK in terms of providing the assigned static IP Address to the client. Inbound/Outbound traffic to Internet works for devices with Static DHCP Reservations.
VLAN ID = 100 (Voice, Inter VLAN Routing = Disabled, LAN1-6 Excluded, LAN7 = Untagged, LAN8-14 = Excluded)
Device IP Address = 192.168.zzz.1
Subnet Mask = 255.255.255.0
DHCP Mode = DHCP Server
Remote DHCP Server = 0.0.0.0
Client Lease Time = 1440 min
Range Start = 192.168.zzz.100
Range End = 192.168.zzz.199
DNS Server = Use DNS as Below
Static DNS 1 = 208.67.222.222
Static DNS 2 = 208.67.220.220
WINS Server = 0.0.0.0
NOT serving dynamic IP Addresses via DHCP to Wired devices & Wireless devices connecting through WAP set to Bridge
Static DHCP Reservations setup via IP & MAC Binding settings DO WORK in terms of providing the assigned static IP Address to the client. Inbound/Outbound traffic to Internet works for devices with Static DHCP Reservations.

VPN no longer working after moving DHCP server to router

I am preparing my SBS 2008 environment for migration to Server 2012 R2 Essentials. I moved the DHCP server to the router (a Netgear R7000 with standard firmware). I am able to access RWW and CompanyWeb via the router from external locations.
With the VPN, however, I can only connect but cannot access any network resource (including file shares). The VPN is supported by the SBS server with RRAS. I didn't change any of the configuration because I didn't think any of it needed to be changed. The
router just needs to get it's reservations from a different DHCP server, right? Anyway, would appreciate if someone can shed some light on what's going on here.
JeHarry

Hello JeHarry,
I would recommend you to follow the TechNet to migrate SBS 2008 to 2012 R2 Essentials. Don't skip any part.
https://technet.microsoft.com/en-us/library/jj200141.aspx
Troubleshooting VPN Issues on 2012
http://blogs.technet.com/b/sbs/archive/2014/06/11/troubleshooting-common-vpn-issues-on-windows-server-2012-r2-essentials.aspx
Binu Kumar - MCP, MCITP, MCTS , MBA - IT , Director Aarbin Technology Pvt Ltd - Please remember to mark the replies as answers if they help and unmark them if they provide no help.

DNS/DHCP app no longer sees DNS/DHCP server.

When I moved the majority of my Netware 6 servers to OES-NW last year, I started using iManager to handle admin duties for DNS and DHCP.
With a planned move to OES-L coming up, I tried accessing both services using the DNS/DHCP java console.
While I am able to log into that console, I am unable to see my DNS/DHCP server or any of the expected components for either service (DHCP pools, zone records, etc...).
I have tried both the console that is installable from the server and the newer LDAP-based version.
I have tried both 32 and 64-bit versions on XP and Windows 7, respectively.
Since I want to move those services to OES/Linux and the java console is the only mechanism that can administrate the services on that platform, I am perplexed.
My needs are simple, and I could easily move those duties to a SUSE server or even a Windows server, but that is not my preference.
Any ideas on where to begin troubleshooting are welcome.

On 06.08.2012 21:56, gathagan wrote:
>
> When I moved the majority of my Netware 6 servers to OES-NW last year, I
> started using iManager to handle admin duties for DNS and DHCP.
>
> With a planned move to OES-L coming up, I tried accessing both services
> using the DNS/DHCP java console.
>
> While I am able to log into that console, I am unable to see my
> DNS/DHCP server or any of the expected components for either service
> (DHCP pools, zone records, etc...).
>
> I have tried both the console that is installable from the server and
> the newer LDAP-based version.
> I have tried both 32 and 64-bit versions on XP and Windows 7,
> respectively.
>
> Since I want to move those services to OES/Linux and the java console
> is the only mechanism that can administrate the services on that
> platform, I am perplexed.
> My needs are simple, and I could easily move those duties to a SUSE
> server or even a Windows server, but that is not my preference.
>
> Any ideas on where to begin troubleshooting are welcome.
You have more than one DNS-DHCP locator object in your tree, and the
console is picking up a/the empty one. Find the proper object (look at
the other tab in consoleone or imanager to see if it's connected with
servers zones and the like), and delete the superflouos ones.
This is an *extremely* common problem when OES gets introduced into a
tree, as it by default creates new locator objects in the server
container, if it's not configured otherwise.
CU,
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de

Dhcp server won't admit my Arch Linux (though Win's have no problems)

1. Generally my dhcpcd works fine in every network (and always has, I have not changed anything substantial).
2. Currently I am in a network (for just a couple of weeks) in which it does not.
3. The network will ignore all my dhcp requests over both network devices, enp1s0 and wlp2s0 (ethernet and wifi)
4. When trying the same from Windows (dual boot), the dhcp client works brilliantly (i.e. the hardware is fine)
5. I can force entry into the cable network by simply assigning an IP address and setting netmask and gateway as was configured by dhcp when I tried from Windows
6. For wifi this does not work. More specifically it works for a brief moment if (and only if) I was connected from Windows immediately before and assign myself the same IP address (I can ping the gateway and also 8.8.8.8). After this moment the network apparently kicks me out (cannot ping anything any more, nothing answers). dhcpcd inform (dhcpcd -s <IP Adress>) does not fare better.
7. I tried changing some of the settings in dhcpcd.conf that have been given as reasons for similar problems in the forums, archwiki, or somewhere else, including exchanging 'duid' for 'clientid', and commenting out 'require dhcp_server_identifier'. Does not help. My dhcpcd.conf, see below.
8. dhclient does not work either.
What I want: Connect to the internet via wifi from Arch.
I guess this comes down to making the dhcp server believe my Arch was one of the Windowses it is used to. How do I do that?
I understand that dhcp does not involve clients revealing their operating systems to the servers; but some configurations are likely different between Arch and Windows. I am not used to working with Windows and have no idea how to access the dhcp client configuration settings there (if this is even possible) to get an idea what exactly is different. Here is my dhcpcd.conf - any ideas what exactly about it displeases the server so much or what I might change or add to make the server more pleasantly inclined?
dhcpcd.conf
hostname
clientid
#duid
persistent
option rapid_commit
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
option ntp_servers
#require dhcp_server_identifier
nohook lookup-hostname
noipv4ll
I would include the logs as well, but they are boring beyond belief, do not contain anything except for dhcpcd trying and failing with timeout.

Thanks, MoonSwan & ewaller,
MoonSwan wrote:Windows' IP address and network settings navigate to: Control Panel -> Network and Internet -> Network Connections -> Click on Device Here (WIFI or LAN) -> Properties and from there you should be able to see the settings you need to figure out what's going on in Windows.
Found that, There are a lot of "Advanced properties", for instance "Bandwidth Capacity" is set to "11b/g: 20MHz", "BSS Mode" is set to "802.11n Mode", "Fragmentation Threshold" to "2346" (whatever that may mean) ... etc. Unfortunately, I cant copy any of that; most of it also seems rather unimportant; also I left all this on its default setting when I followed the instructions on how to connect to this wifi on Windows.
However, here is some information I managed to squeeze out of the pathetic, pittyful Windows terminal which they call the "Comand Line"
C:\Windows\system32> ipconfig /all
<...>
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : <the network name>
Description . . . . . . . . . . . : <hardware description> 802.11b/g/n (2.4GHz)
Physical Address. . . . . . . . . : <the mac address>
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : <some ipv6> %13(Preferred)
IPv4 Address. . . . . . . . . . . : <the ipv4> (Preferred)
Subnet Mask . . . . . . . . . . . : <subnet mask>
Lease Obtained. . . . . . . . . . : Fri, 23. May 2014 19:47:10
Lease Expires . . . . . . . . . . : Fri, 23. May 2014 21:17:09
Default Gateway . . . . . . . . . : <gateway ip>
DHCP Server . . . . . . . . . . . : <some ip that is not part of the local subnet>
DHCPv6 IAID . . . . . . . . . . . : 319352249
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-9F-0F-D6-E0-DB-55-CF-26-6
DNS Servers . . . . . . . . . . . : <a few dns server ip's>
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : <some ipv6> (Preferred)
Link-local IPv6 Address . . . . . : <another ipv6> %12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . : <the network name>
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : <some ipv6> (Preferred)
Default Gateway . . . . . . . . . : <another ipv6>
<yet another ipv6>
DNS Servers . . . . . . . . . . . : <the same ipv4 dns server ip's as above>
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Windows\system32> netsh wlan show all
Wireless System Information Summary
(Time: 23.05.2014 20:38:49 W. Europe Daylight Time)
=======================================================================
============================== SHOW DRIVERS ===========================
=======================================================================
Interface name: Wireless Network Connection
Driver : <hardware description> 802.11b/g/n (2.4GHz)
Vendor : Broadcom
Provider : Broadcom
Date : 21.01.2012
Version : 6.20.55.31
INF file : C:\Windows\INF\oem25.inf
Files : 5 total
C:\Windows\system32\DRIVERS\BCMWL664.SYS
C:\Windows\system32\bcmihvsrv64.dll
C:\Windows\system32\bcmihvui64.dll
C:\Windows\system32\drivers\vwifibus.sys
C:\Windows\system32\bcmwlcoi.dll
Type : Native Wi-Fi Driver
Radio types supported : 802.11n 802.11g 802.11b
FIPS 140-2 mode supported : Yes
Hosted network supported : Yes
Authentication and cipher supported in infrastructure mode:
Open None
Open WEP
Shared None
Shared WEP
WPA2-Enterprise TKIP
WPA2-Personal TKIP
WPA2-Enterprise CCMP
WPA2-Personal CCMP
WPA2-Enterprise Vendor defined
WPA2-Enterprise Vendor defined
Vendor defined Vendor defined
Vendor defined Vendor defined
Vendor defined TKIP
Vendor defined CCMP
Vendor defined Vendor defined
Vendor defined Vendor defined
WPA-Enterprise TKIP
WPA-Personal TKIP
WPA-Enterprise CCMP
WPA-Personal CCMP
Authentication and cipher supported in ad-hoc mode:
WPA2-Personal CCMP
Open None
Open WEP
IHV service present : Yes
IHV adapter OUI : [00 10 18], type: [00]
IHV extensibility DLL path: C:\Windows\System32\bcmihvsrv64.dll
IHV UI extensibility ClSID: {aaa6dee9-31b9-4f18-ab39-82ef9b06eb73}
IHV diagnostics CLSID : {00000000-0000-0000-0000-000000000000}
=======================================================================
============================= SHOW INTERFACES =========================
=======================================================================
There is 1 interface on the system:
Name : Wireless Network Connection
Description : 802.11b/g/n (2.4GHz)
GUID : 6d122ca5-cdc2-42d1-a1fb-3754098b19eb
Physical address : <the mac address>
State : connected
SSID : <ssid>
BSSID : <access point mac address>
Network type : Infrastructure
Radio type : 802.11n
Authentication : WPA2-Enterprise
Cipher : CCMP
Connection mode : Auto Connect
Channel : 1
Receive rate (Mbps) : 72
Transmit rate (Mbps) : 72
Signal : 83%
Profile : <ssid>
Hosted network status : Not available
=======================================================================
=========================== SHOW HOSTED NETWORK =======================
=======================================================================
Hosted network settings
Mode : Disallowed
Settings : <Not configured>
Hosted network status
Status : Not available
=======================================================================
============================= SHOW SETTINGS ===========================
=======================================================================
Wireless LAN settings
Show blocked networks in visible network list: No
Only use GP profiles on GP-configured networks: No
Hosted network mode allowed in WLAN service: No
Allow shared user credentials for network authentication: Yes
Block period: Not Configured.
Auto configuration logic is enabled on interface "Wireless Network Connection"
=======================================================================
============================== SHOW FILTERS ===========================
=======================================================================
Allow list on the system (group policy)
<None>
Allow list on the system (user)
<None>
Block list on the system (group policy)
<None>
Block list on the system (user)
<None>
=======================================================================
=========================== SHOW CREATEALLUSER ========================
=======================================================================
Everyone is allowed to create all user profiles.
=======================================================================
============================= SHOW PROFILES ===========================
=======================================================================
Profiles on interface Wireless Network Connection:
Group policy profiles (read only)
<None>
User profiles
All User Profile : <ssid>
<other profile names>
=======================================================================
========================== SHOW PROFILES NAME=* =======================
=======================================================================
Profile eduroam on interface Wireless Network Connection:
=======================================================================
Applied: All User Profile
Profile information
Version : 1
Type : Wireless LAN
Name : <ssid>
Control options :
Connection mode : Connect automatically
Network broadcast : Connect only if this network is broadcasting
AutoSwitch : Do not switch to other networks
Connectivity settings
Number of SSIDs : 1
SSID name : "<ssid>"
Network type : Infrastructure
Radio type : [ Any Radio Type ]
Vendor extension : Not present
Security settings
Authentication : WPA2-Enterprise
Cipher : CCMP
Security key : Absent
802.1X : Enabled
EAP type : Microsoft: Protected EAP (PEAP)
802.1X auth credential : Machine or user credential
Cache user information : Yes
<other profiles ...>
=======================================================================
======================= SHOW NETWORKS MODE=BSSID ======================
=======================================================================
Interface name : Wireless Network Connection
There are 4 networks currently visible.
SSID 1 : eduroam
Network type : Infrastructure
Authentication : WPA2-Enterprise
Encryption : CCMP
BSSID 1 : <other access point ssid>
Signal : 2%
Radio type : 802.11n
Channel : 11
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
BSSID 2 : <other access point ssid>
Signal : 0%
Radio type : 802.11n
Channel : 11
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
BSSID 3 : <access point ssid>
Signal : 87%
Radio type : 802.11n
Channel : 1
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
BSSID 4 : <other access point ssid>
Signal : 0%
Radio type : 802.11n
Channel : 1
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
SSID 2 : <...>
What I find odd is this "Taredo Tunneling Pseudo-Interface". As a matter of fact, I have not the slightest idea if this is happening inside this local Windows I have here or if this is something real in the network configuration (on the other side of the access point)... It apparently should tunnel IPv6 to IPv4 and/or vice versa. However, why would there be two connections over the same network interface (IPv6 and IPv4)...
What is odd as well is that the DHCP server is not part of the subnet my Windows is in. It just seems to announce IP, netmask, gateway to the Windows ... (the gateway is in the subnet). Could it be that the Linux dhcp client does not accept something like that. No, that's unlikely, right? dhcpcd -d should have reported this...
MoonSwan wrote:Btw, love the name,
Thanks. Likewise
MoonSwan wrote:it's nice to see such a name after seeing so many that are intentionally hurtful to others of any stripe in a rainbow.
Actually, I always felt that the Arch Forum is quite tolerant in this respect. (And so is reddit, but of course, you are right, there are places on the internet where you can run into a lot of assholes. Kind of like in the real world... Quite frustrating.)
ewaller wrote:I guess it could be a MAC problem. but I don't know.
Unlikely; on windows the mac address is the same.
ewaller wrote: Can you get to the router logs? Can you see if the router saw a solicitation?
no. and given their network configuration I don't suppose the IT people here would be very forthcoming if I asked them. Their helpdesk said that they couldn't help me since my laptop was not one of their computers.
ewaller wrote:Also, (just a sanity check) are you sure you are connected to the correct access point? But that does not make sense -- you said this happens on wired as well sad
Dang.
I am. It's WPA2 encrypted & I only have access data to this one wifi network. (To avoid confusing everyone with mentioning too many different things, I did not detail this in the original post. I am accessing it using wpa_supplicant running in a terminal; wpa_supplicant works fine says "connection succeeded" etc. So the problem is not in the WPA/ wifi-connection layer but really in the IP/dhcp layer.)
ewaller wrote:Is this a corporate environment? A school perhaps?
Yes, a university. They have someone working here who went through great lengths to make it difficult for people to connect to the internet.

Setting Up Time Capsule as a DHCP server in the router portion

Hello
I have converted my existing wireless router and network hard drive to a single time capsule. My old router was setup as a DHCP server and I had the IP range set to 10.0.0.1 to 10.0.0.50 and had a IMac, Windows PC and Copier connected to the EtherNet ports and my home network ran perfectly but only at 100MPS.
I bought the time capsule to eliminate the old router and network hard rive to a single unit to free up space, but I can't figure out how to set up the time capsule router as a DHCP server? Every time I try and change the router address range and tell the software to configure the time capsule, I get errors saying my DNS range is not valid and the IP range is conflicting to the Internet settings?
My old linksys router was so easy to setup, I just selected DHCP, gave it a range and the router took care of the IP address for the Internet. I consider myself a smart guy but apple has made this a little difficult.
I would also like to setup the time capsule so it show up as an external drive in my mobileme account so I can access my files when I am on the road. HELP!!!
Ron

ronbak wrote:
I have converted my existing wireless router and network hard drive to a single time capsule. My old router was setup as a DHCP server and I had the IP range set to 10.0.0.1 to 10.0.0.50 and had a IMac, Windows PC and Copier connected to the EtherNet ports and my home network ran perfectly but only at 100MPS.
I bought the time capsule to eliminate the old router and network hard rive to a single unit to free up space, but I can't figure out how to set up the time capsule router as a DHCP server? Every time I try and change the router address range and tell the software to configure the time capsule, I get errors saying my DNS range is not valid and the IP range is conflicting to the Internet settings?
In the Internet panel and Internet Connection tab of AirPort Utility, do you have "Configure IPv4" set to "Using DHCP" and "Connection Sharing" set to "Share a public IP address"?
I would also like to setup the time capsule so it show up as an external drive in my mobileme account so I can access my files when I am on the road. HELP!!!
You can set that in the Advanced panel, MobileMe tab.

DHCP server + IP multipath

Similar Messages

Maybe you are looking for