H-REAP Issues: Clients get dropped onto Native VLAN on one AP
Hi,
I have a wireless deployment consisting of 2 WLC's centrally located in two data centres, with WCS managing the WLC's. There are currently two sites with wireless. Each site is it's own AP Group with different SSIDs at both sites.
The site where I am having an issue with H-REAP has 48 AP's installed across a number of floors.
The problem I am experiencing is that when clients get associated to one specific AP, they will successfully connect to the SSID, but are getting dropped into the native VLAN (VLAN 23) instead of the VLAN (VLAN 22) that is mapped to the SSID. The clients get an IP address from the native VLAN and can access the corporate network, but due to firewall rules they cannot get access to some key corporate assets, as the native VLAN (VLAN 23) is not included in a specific firewall group for wireless clients. Clients connected to the same SSID but on a different AP are getting dropped into the correct VLAN (VLAN 22).
The switchport configuration for the one AP that is having issues is specifically below:
interface GigabitEthernet5/47
description *** Wireless AP ***
switchport access vlan 23
switchport trunk native vlan 23
switchport trunk allowed vlan 22,23
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
spanning-tree guard root
However, this configuration is the same across all AP connected switchports. The switchport is trunking correctly:
show int gi5/47 trunk
Port Mode Encapsulation Status Native vlan
Gi5/47 on 802.1q trunking 23
Port Vlans allowed on trunk
Gi5/47 22-23
Port Vlans allowed and active in management domain
Gi5/47 22-23
Port Vlans in spanning tree forwarding state and not pruned
Gi5/47 22-23
I have attached a screenshot of the AP configuration from WCS. As can be seen, the AP is configured for H-REAP, with the Native VLAN set, and the SSID-to-VLAN mappings also set.
I have tried doing a configuration reset on this AP and re-configuring it from scratch, but it still exhibits the same behaviour.
Does anyone have any ideas on what I can do to resolve this problem?
Thanks in advance.
I have built an interface of the 2106 for VLAN5 and the interfaces for the 2106 and the bridges are built as trunks and all vlans are allowed. If I plug in a laptop on the 3560 in the new building, and the port is assigned to VLAN5, I get an address and can surf out just fine. I will scrub the 2106 & 3750 configs and try and upload them. To further test I moved the DHCP scope onto the 2106 and my wireless client is able to get an address from the 2106, I can ping the interface on the 2106 (192.168.5.2) I just cant connect to the 3750 switch.
Similar Messages
-
We have deployed a WLC 5508 w/ SW version 6.0.199.4, 1142 AP's & open authentication w/ MAC filtering. Clients are randomly getting dropped with "Limited Access" shown in Win 7. In this state, the client machine is unable to ping the gateway and sometimes lose their DHCP assigned IP as well. A manual disconnect/re-connect to the SSID is required everytime.
I ran a debug on one the clients stuck in the "Limited Access" state (debug client xx:xx:xx:xx):
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Adding mobile on LWAPP AP 3c:ce:73:c5:1e:b0(0)
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 23) in 5 seconds
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 apfProcessProbeReq (apf_80211.c:4722) Changing state for mobile e0:91:53:60:1f:e4 on AP 3c:ce:73:c5:1e:b0 from Idle to Probe
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.225: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.225: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.646: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.646: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.666: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.666: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:28.553: e0:91:53:60:1f:e4 apfMsExpireCallback (apf_ms.c:418) Expiring Mobile!
*Apr 15 16:59:28.554: e0:91:53:60:1f:e4 0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [3c:ce:73:c5:1e:b0]
*Apr 15 16:59:28.554: e0:91:53:60:1f:e4 Deleting mobile on AP 3c:ce:73:c5:1e:b0(0)
On doing a manual re-connect, got the following logs:
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Association received from mobile on AP b8:62:1f:e9:9f:30
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Applying site-specific IPv6 override for station e0:91:53:60:1f:e4 - vapId 7, site 'Academy', interface 'students'
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Applying IPv6 Interface Policy for station e0:91:53:60:1f:e4 - vlan 15, interface id 14, interface 'students'
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Applying site-specific override for station e0:91:53:60:1f:e4 - vapId 7, site 'Academy', interface 'students'
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1276)
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 STA - rates (8): 130 132 139 150 12 18 24 36 0 0 0 0 0 0 0 0
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 STA - rates (12): 130 132 139 150 12 18 24 36 48 72 96 108 0 0 0 0
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [b8:62:1f:e5:6a:90]
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 Updated location for station old AP b8:62:1f:e5:6a:90-0, new AP b8:62:1f:e9:9f:30-0
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 apfProcessAssocReq (apf_80211.c:4268) Changing state for mobile e0:91:53:60:1f:e4 on AP b8:62:1f:e9:9f:30 from Probe to AAA Pending
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 20) in 10 seconds
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 START (0) Initializing policy
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state AUTHCHECK (2)
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 AUTHCHECK (2) Change state to L2AUTHCOMPLETE (4) last state L2AUTHCOMPLETE (4)
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP b8:62:1f:e9:9f:30 vapId 7 apVapId 2
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state DHCP_REQD (7)
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 apfPemAddUser2 (apf_policy.c:213) Changing state for mobile e0:91:53:60:1f:e4 on AP b8:62:1f:e9:9f:30 from AAA Pending to Associated
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 49) in 65535 seconds
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 Including FT Mobility Domain IE (length 5) in Initial assoc Resp to mobile
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 Sending Assoc Response to station on BSSID b8:62:1f:e9:9f:30 (status 0) Vap Id 2 Slot 0
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 apfProcessRadiusAssocResp (apf_80211.c:1957) Changing state for mobile e0:91:53:60:1f:e4 on AP b8:62:1f:e9:9f:30 from Associated to Associated
*Apr 15 17:01:38.189: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 308, port 13, encap 0xec03)
*Apr 15 17:01:38.189: e0:91:53:60:1f:e4 DHCP dropping packet due to ongoing mobility handshake exchange, (siaddr 0.0.0.0, mobility state = 'apfMsMmQueryRequested'
*Apr 15 17:01:39.953: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) State Update from Mobility-Incomplete to Mobility-Complete, mobility role=Local, client state=APF_MS_STATE_ASSOCIATED
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 4166, Adding TMP rule
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
type = Airespace AP - Learn IP address
on AP b8:62:1f:e9:9f:30, slot 0, interface = 13, QOS = 0
ACL Id = 255, Jumbo F
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (ACL ID 255)
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 Sent an XID frame
*Apr 15 17:01:40.807: e0:91:53:60:1f:e4 Orphan Packet from STA - IP 169.254.201.128
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 308, port 13, encap 0xec03)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP processing DHCP DISCOVER (1)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 1280, flags: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP successfully bridged packet to DS
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP received op BOOTREPLY (2) (len 308, port 13, encap 0xec00)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP processing DHCP OFFER (2)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 0, flags: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 10.6.2.160
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP successfully bridged packet to STA
*Apr 15 17:01:43.240: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 316, port 13, encap 0xec03)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP processing DHCP REQUEST (3)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 1280, flags: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP requested ip: 10.6.2.160
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP successfully bridged packet to DS
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP received op BOOTREPLY (2) (len 308, port 13, encap 0xec00)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP processing DHCP ACK (5)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 0, flags: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 10.6.2.160
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 DHCP_REQD (7) Change state to RUN (20) last state RUN (20)
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 RUN (20) Reached PLUMBFASTPATH: from line 4972
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 RUN (20) Replacing Fast Path rule
type = Airespace AP Client
on AP b8:62:1f:e9:9f:30, slot 0, interface = 13, QOS = 0
ACL Id = 255, Jumbo Frames = NO,
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 RUN (20) Successfully plumbed mobile rule (ACL ID 255)
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 Assigning Address 10.6.2.160 to mobile
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 DHCP successfully bridged packet to STA
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 Added NPU entry of type 1, dtlFlags 0x0
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 Sending a gratuitous ARP for 10.6.2.160, VLAN Id 15
*Apr 15 17:01:46.428: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 308, port 13, encap 0xec03)
*Apr 15 17:01:46.428: e0:91:53:60:1f:e4 DHCP processing DHCP INFORM (8)
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP xid: 0xbb0d5d87 (3138215303), secs: 0, flags: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP ciaddr: 10.6.2.160, yiaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP successfully bridged packet to DS
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP received op BOOTREPLY (2) (len 308, port 13, encap 0xec00)
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP processing DHCP ACK (5)
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP xid: 0xbb0d5d87 (3138215303), secs: 0, flags: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP ciaddr: 10.6.2.160, yiaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
show client e0:91:53:60:1f:e4 (after re-connect)
(Cisco Controller) >show client detail e0:91:53:60:1f:e4
Client MAC Address............................... e0:91:53:60:1f:e4
Client Username ................................. N/A
AP MAC Address................................... b8:62:1f:e9:9f:30
Client State..................................... Associated
Client NAC OOB State............................. Access
Wireless LAN Id.................................. 7
BSSID............................................ b8:62:1f:e9:9f:31
Connected For ................................... 105 secs
Channel.......................................... 11
IP Address....................................... 10.6.2.160
Association Id................................... 8
Authentication Algorithm......................... Open System
Reason Code...................................... 1
Status Code...................................... 0
Session Timeout.................................. 65535
Client CCX version............................... No CCX support
QoS Level........................................ Silver
Diff Serv Code Point (DSCP)...................... disabled
802.1P Priority Tag.............................. disabled
WMM Support...................................... Enabled
U-APSD Support................................... Disabled
Power Save....................................... OFF
Current Rate..................................... m7
Supported Rates.................................. 1.0,2.0,5.5,11.0,6.0,9.0,
............................................. 12.0,18.0,24.0,36.0,48.0,
............................................. 54.0
Mobility State................................... Local
Mobility Move Count.............................. 0
Security Policy Completed........................ Yes
Policy Manager State............................. RUN
Policy Manager Rule Created...................... Yes
ACL Name......................................... none
ACL Applied Status............................... Unavailable
Policy Type...................................... N/A
Encryption Cipher................................ None
Management Frame Protection...................... No
EAP Type......................................... Unknown
Interface........................................ students
VLAN............................................. 15
Quarantine VLAN.................................. 0
Access VLAN...................................... 15
Client Capabilities:
CF Pollable................................ Not implemented
CF Poll Request............................ Not implemented
Short Preamble............................. Implemented
PBCC....................................... Not implemented
Channel Agility............................ Not implemented
Listen Interval............................ 1
Fast BSS Transition........................ Not implemented
Fast BSS Transition Details:
Client Statistics:
Number of Bytes Received................... 36509
Number of Bytes Sent....................... 32902
Number of Packets Received................. 300
Number of Packets Sent..................... 66
Number of EAP Id Request Msg Timeouts...... 0
Number of EAP Request Msg Timeouts......... 0
Number of EAP Key Msg Timeouts............. 0
Number of Data Retries..................... 95
Number of RTS Retries...................... 0
Number of Duplicate Received Packets....... 1
Number of Decrypt Failed Packets........... 0
Number of Mic Failured Packets............. 0
Number of Mic Missing Packets.............. 0
Number of Policy Errors.................... 0
Radio Signal Strength Indicator............ -66 dBm
Signal to Noise Ratio...................... 29 dB
Nearby AP Statistics:
APSOEBFF_COR3(slot 0) .....................
antenna0: 50 seconds ago -91 dBm................. antenna1: 50 seconds ago -76 dBm
APSOEAFF_FAC(slot 0) ......................
antenna0: 108 seconds ago -89 dBm................ antenna1: 108 seconds ago -87 dBm
APSOEBGF_FAC(slot 0) ......................
antenna0: 50 seconds ago -82 dBm................. antenna1: 50 seconds ago -71 dBm
APSOEBGF_STAFF(slot 0) ....................
antenna0: 49 seconds ago -74 dBm................. antenna1: 49 seconds ago -58 dBm
WLAN config
WLAN Identifier.................................. 9
Profile Name..................................... STAFF
Network Name (SSID).............................. STAFF
Status........................................... Enabled
MAC Filtering.................................... Enabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Number of Active Clients......................... 32
Exclusionlist.................................... Disabled
Session Timeout.................................. Infinity
CHD per WLAN..................................... Disabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ staff
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Disabled
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Learn IP Address....................... Enabled
Infrastructure MFP protection................. Enabled (Global Infrastructure MFP Disabled)
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
HELPPPP!We have 75 evenly distributed AP's servicing the 500 odd users. Found the below traps on WLC. I was making some changes in the WLAN settings at the time:
Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:8c:a9:82:5d:d2:dc Base Radio MAC :3c:ce:73:c6:fe:00 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
106 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:58:94:6b:f2:24:c8 Base Radio MAC :c8:f9:f9:4c:01:30 Slot: 1 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
107 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:bc:77:37:72:dc:0b Base Radio MAC :3c:ce:73:c6:53:10 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
108 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:00:26:c7:7d:12:76 Base Radio MAC :3c:ce:73:c4:79:80 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
109 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:bc:77:37:75:1f:93 Base Radio MAC :c8:f9:f9:2b:85:30 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
110 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:ac:72:89:58:8e:b9 Base Radio MAC :3c:ce:73:c6:53:10 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
111 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:bc:77:37:26:cd:e3 Base Radio MAC :3c:ce:73:c5:1f:10 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
112 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:ac:72:89:25:ea:e0 Base Radio MAC :3c:ce:73:c6:77:70 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
113 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:00:24:2c:6a:85:3d Base Radio MAC :3c:ce:73:c6:6a:50 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
114 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:68:5d:43:61:16:51 Base Radio MAC :3c:ce:73:f6:0c:20 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
115 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:7c:d1:c3:8a:64:f6 Base Radio MAC :3c:ce:73:c4:74:20 Slot: 1 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2 -
Issues with getting OS9 onto my Powermac G4
I bought a quicksilver powermac G4 the other day to run OS9. It had a clean install of 10.4 on it and no matter what I do it will not boot from my OS 9.2.1 disc.
I've tried holding "C" when booting, holding "Option" when booting and selecting the CD from the boot menu, and going to system preferences > startup disk and selecting the CD as the startup disc. Nothing has worked.
When I try to run the installer from the CD it gets about 90% done and then I get this error
http://traviscrossett.com/screen.jpg
I've heard that I might not have the right firmware to run OS9, but I don't know how to check what version I have, nor do I know which one I need.
What am I doing wrong?
Message was edited by: Crossett
Message was edited by: CrossettHi, Crosset -
Welcome to Apple's Discussions.
The issue is primarily one of which Quicksilver model you have -
Article #TA25585 - Power Mac G4: How to Differentiate Between Models (part 2)
The first model series of Quicksilver machines can use a retail (white label, large gold 9) OS 9.2.1 Install CD. They can not, however, use a Software Install CD for OS 9.2.1 which came with a different model Mac.
The second model series of QuickSilver, the 2002 models, can not use OS 9.2.1 from any source; the only way to install a bootable OS 9 on those models is by using the original disk set that came with them, which installs a model-specific version of OS 9.2.2.
When installing OS 9 (any version), if you run into difficulties try disconnecting all externals except monitor, keyboard, and mouse.
OS 9 can not be used for booting from a volume larger than 200GB.
When booted to an OS 9 Install CD, if the hard drive is not visible to the installer nor visible on the desktop, this indicates that the drive has not had OS 9 drivers installed. A default install of OSX does not necessarily install OS 9 drivers.
Article #TA20774 - Disk Is Available in Mac OS X But Not in Mac OS 9 -
SG500 auto voice VLAN question about native VLAN
I have been installing SG300 and SG500 switches and using the auto voice vlan feature by simply changing voice vlan to 100 and using vlan 1 for default and data. I normally put the switch in L3 mode and make an access porteach for my IP PBX (vlan 100) and one to connect to existing data network (vlan 1). Then I make a static route in customers default gateway to route back to vlan 100 and everything works nicely for most installs.
On my last install I decided to try to change the default vlan 1 to vlan 10 and go with 10 for data and 100 for voice. The problem I ran into was that the auto generated config on my phone switchports still use vlan 1 as native vlan. I am trying to find a way to still use auto vlan and get the desired native vlan without having to make manual config changes.
Should this be possible?
Thanks in advance.Hi Brandon, you need to modify the macro from native vlan 1 to vlan 10.
Check out this topic how to modify the macro
https://supportforums.cisco.com/thread/2177613
-Tom
Please mark answered for helpful posts -
Hi,
We are using CISCO 3750-G Switch as Core Switch. VLAN1 is being our Native VLAN since the implementation.
This switch is connected with 10 numbers of CISCO 2960 Switches by trunking ports. IP addresses assigned for L2 Switches from VLAN1 only.
Now I want to change the Default Native VLAN from 1 to some other.
My query is is there any pre-requesties to change Native VLAN or Can I change to Native VLAN ID simply?
Looking forward support.
Regards,
Ramesh BalachandranHI Ramesh,
Native VLAN will come into picture if you use trunks in your switches. Procedure to change the native VLAN.
1) conf ter
interface
switchport trunk native vlan
CAUTION: If you are chaning the native VLAN only one end the spanning-tree for the orginal native vlan and the changed native vlan will go into inconsistency state and will be blocked.
In the below example on the local end(Native VLAN chosen is 2 and the remote end is 1)
3750#sh spanning-tree int gi1/8
Vlan Role Sts Cost Prio.Nbr Type
VLAN0001 Desg BKN*4 128.8 P2p *PVID_Inc
VLAN0002 Desg BKN*4 128.8 P2p *PVID_Inc
Thanks & Regards,
Karthick Murugan
CCIE#39285 -
Native vlan for a 3550XL swtich
hello
i have the follow dilemma. a 3550XL has a voice vlan 10 , a data vlan 20 and an management vlan 99. assinging the vlan 10 as native wil remove its tagg across the trunk ports. also cisco recomends native vlan not be the same as management vlan . but when i made the vlan 99 the vlan 1 goes in shutdown situation . so what is the best practice about tha native vlan into a voice switch ?
thanksIEEE 802.1Q Configuration Considerations
IEEE 802.1Q trunks impose these limitations on a network:
In a network of Cisco switches connected through IEEE 802.1Q trunks, the switches maintain one instance of spanning tree for each VLAN allowed on the trunks. Non-Cisco devices might support one spanning-tree instance for all VLANs.
When you connect a Cisco switch to a non-Cisco device through an IEEE 802.1Q trunk, the Cisco switch combines the spanning-tree instance of the VLAN of the trunk with the spanning-tree instance of the non-Cisco IEEE 802.1Q switch. However, spanning-tree information for each VLAN is maintained by Cisco switches separated by a cloud of non-Cisco IEEE 802.1Q switches. The non-Cisco IEEE 802.1Q cloud separating the Cisco switches is treated as a single trunk link between the switches.
Make sure the native VLAN for an IEEE 802.1Q trunk is the same on both ends of the trunk link. If the native VLAN on one end of the trunk is different from the native VLAN on the other end, spanning-tree loops might result.
Disabling spanning tree on the native VLAN of an IEEE 802.1Q trunk without disabling spanning tree on every VLAN in the network can potentially cause spanning-tree loops. We recommend that you leave spanning tree enabled on the native VLAN of an IEEE 802.1Q trunk or disable spanning tree on every VLAN in the network. Make sure your network is loop-free before disabling spanning tree.
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.2_25_sec/configuration/guide/swvlan.html -
H-REAP : difficulty to get IP-adress for client after loss of controler
Hello,
I configured the following:
- H-REAP Wlan
- H-REAP AP
-There is no trunk port on the AP, so "Vlan support" is unchecked in the AP config. Because I want to transit the Capwap data and the H-REAP data on the same vlan.
-I Have controller 5508 version 6.0.182.0
The first time I connect with my PC to the H-REAP Wlan, I get an Ip address
I see the DHCP request going out of the AP.
I can disconnect and reconnect many times with my PC, and I get all the time an IP-address.
Then , I disconnect the link between the AP and the WLC, and I reconnect it after a few minutes.( So the controler is again joined by the AP)
Then, when I try to connect the the H-REAP Wlan , it is impossible to get Ip address. I do not see "dhcp-discover" going out of the AP.
I have a message in the log of the AP: "Client 0018.de6a.3058 had 1 AES-CCMP TSC replays"
Even, if I reload the AP, the problem is still there.
The only way I found to clear the problem, is to modify something in the H-Reap-Wlan config, and to apply it.
Do you have any idea ?
Michel MisonneYou are maybe right.
I do 4 actions/
- Change in Wlan :
1 Aironet IE : From enable to disable (There is information in the packet that some older clients do not understand and clients can act in strange ways. So when we disable this feature, we find the client act much better
2 Client exclusion : from enable to disable (This feature comes into play if a client has issues connecting to the wlan 3 successive times. He then will be knocked off the wlan and has to wait 60 seconds to join)
3 WMM policy : from disable to allowed (If you have any WMM clients on the wlan they will be able to work/connect
4 Upgrade my driver: (This is always a good thing to do. The newer the driver the more fixes for previous issue on the older version driver
And it woks fine.
Thank you for your help.
Michel Misonne -
Issue with getting an MP4 onto my iPod
So I've been trying to get an MP4 onto my iPod, but whenever I try to put it on, I get a message saying it won't play on my iPod so it doesn't get put onto it.
My iPod is an iPod Video, so I would assume that it could play MP4s considering the file opens perfectly fine in my actual iTunes. I set the dimensions to be 853 x 352 since those are the dimensions of the other movies in my library that work perfectly fine on my iPod, but that didn't work either.
Anybody have any ideas what I might be doing wrong? I've been trying to figure this out for almost 4 hours now...Hi if you will explain your problem in more simpler manner it will be best to track an issue.According to my understanding have to make modelLocators data bindable with dataGrid/ or you can try to replace ArrayOfBaseData with ArrayCollection.
You have to ensure that modelLocator collection should be instantiated.
var arrColl:ArrayCollection = new ArrayCollection();
Thanks. -
Hello, I get DROPS when digitizing from FCP onto my XRaid
Well, sure I´m doing something bad, because I get drops exactly every 30 Secs when digitizing in the raid.The configuration is XRaid with 4x500 in one controller RAID5 and 3x500 in the other RAID5, then a stripped raid with both (so is raid50 isn´t it?). The firmware is 1.5, and the caches are enabled (I suposse are the checkboxes inside settings in the RAID Admin program). The thing is that when I digitize material whichever source it is (betacam, DVC, SDI), I get the image freezed a couple of times in a moment and then goes on, and this happens EXACTLY EVERY 30SECS, isn´t weird?. I suposse is something in the raid configuration. The program is FCP and the card is Blackmagic extreme, and digitize is in the 10 bits setting. Ah, and if I digitize the same onto the internal 200Gb disk all goes fine.
Please, can somebody help me?
Thank you very muchAh, and just add that this raid is connected to a G5, and when I run the blackmagic speed test it goes from 220 Gb/s in read and 170 in record, so it seems to be ok. thanks
-
QoS / Native VLAN Issue - Please HELP! :)
I've purchased 10 Cisco Aironet 2600 AP’s (AIR-SAP2602I-E-K9 standalone rather than controller based).
I’ve configured the WAP’s (or the first WAP I’m going to configure and then pull the configuration from and push to the others) with 2 SSID’s. One providing access to our DATA VLAN (1000 – which I’ve set as native on the WAP) and one providing access to guest VLAN (1234). I’ve configured the connecting DELL switchport as a trunk and set the native VLAN to 1000 (DATA) and allowed trunk traffic for VLAN’s 1000 and 1234. Everything works fine, when connecting to the DATA SSID you get a DATA IP and when you connect to the GUEST SSID you lease a GUEST IP.
The problem starts when I create a QoS policy on the WAP (for Lync traffic DSCP 40 / CS5) and try to attach it to my VLAN’s. It won’t let me attach the policy to VLAN 1000 as it’s the native VLAN. If I change VLAN 1000 on the WAP to NOT be the native VLAN I can attach the policies however wireless clients can no longer attach to either SSID properly as they fail to lease an IP address and instead get a 169.x.x.x address.
I'm sure I'm missing something basic here so please forgive my ignorance.
This is driving me insane!
Thanks to anyone that provides assistance. Running config below and example of the error...
User Access Verification
Username: admin
Password:
LATHQWAP01#show run
Building configuration...
Current configuration : 3621 bytes
! Last configuration change at 02:37:59 UTC Mon Mar 1 1993 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LATHQWAP01
logging rate-limit console 9
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
no ip routing
dot11 syslog
dot11 vlan-name Data vlan 1000
dot11 vlan-name Guest vlan 1234
dot11 ssid LatitudeCorp
vlan 1000
authentication open
authentication key-management wpa version 2
wpa-psk ascii
dot11 ssid LatitudeGuest
vlan 1234
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii
crypto pki token default removal timeout 0
username admin privilege 15 password!
class-map match-all _class_Lync0
match ip dscp cs5
policy-map Lync
class _class_Lync0
set cos 6
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
stbc
station-role root
interface Dot11Radio0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
no dfs band block
stbc
channel dfs
station-role root
interface Dot11Radio1.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface GigabitEthernet0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
service-policy input Lync
service-policy output Lync
interface BVI1
ip address 10.10.1.190 255.255.254.0
no ip route-cache
ip default-gateway 10.10.1.202
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
transport input all
end
LATHQWAP01#conf
Configuring from terminal, memory, or network [terminal]? t
Enter configuration commands, one per line. End with CNTL/Z.
LATHQWAP01(config)#int dot11radio1.1000
LATHQWAP01(config-subif)#ser
LATHQWAP01(config-subif)#service-policy in
LATHQWAP01(config-subif)#service-policy input Lync
set cos is not supported on native vlan interface
LATHQWAP01(config-subif)#Hey Scott,
Thank you (again) for your assistance.
So I' ve done as instructed and reconfigured the WAP. I've added an additional VLAN (1200 our VOIP VLAN) and made this the native VLAN - so 1000 and 1234 are now tagged. I've configure the BVI interface with a VOIP IP address for management and can connect quite happily. I've configured the connecting Dell switchport as a trunk and to allow trunk vlans 1000 (my DATA SSID), 1200(native) and 1234 (MY GUEST SSID). I'm now back to the issue where when a wireless client attempts to connect to either of my SSID's (Guest or DATA) they are not getting a IP address / cannot connect.
Any ideas guys? Forgive my ignorance - this is a learning curve and one i'm enjoying.
LATHQWAP01#show run
Building configuration...
Current configuration : 4426 bytes
! Last configuration change at 20:33:19 UTC Mon Mar 1 1993 by Cisco
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LATHQWAP01
logging rate-limit console 9
enable secret 5
no aaa new-model
no ip source-route
no ip cef
dot11 syslog
dot11 vlan-name DATA vlan 1000
dot11 vlan-name GUEST vlan 1234
dot11 vlan-name VOICE vlan 1200
dot11 ssid LatitudeCorp
vlan 1000
authentication open
authentication key-management wpa version 2
mobility network-id 1000
wpa-psk ascii
dot11 ssid LatitudeGuest
vlan 1234
authentication open
authentication key-management wpa version 2
mbssid guest-mode
mobility network-id 1234
wpa-psk ascii
no ids mfp client
dot11 phone
username CISCO password
class-map match-all _class_Lync0
match ip dscp cs5
policy-map Lync
class _class_Lync0
set cos 6
bridge irb
interface Dot11Radio0
no ip address
encryption vlan 1000 mode ciphers aes-ccm
encryption vlan 1234 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
stbc
mbssid
station-role root
interface Dot11Radio0.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio0.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 spanning-disabled
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1
no ip address
encryption vlan 1000 mode ciphers aes-ccm
encryption vlan 1234 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
peakdetect
no dfs band block
stbc
mbssid
channel dfs
station-role root
interface Dot11Radio1.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 spanning-disabled
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0
no ip address
duplex full
speed auto
interface GigabitEthernet0.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 spanning-disabled
no bridge-group 254 source-learning
service-policy input Lync
service-policy output Lync
interface BVI1
mac-address 881d.fc46.c865
ip address 10.10. 255.255.254.0
ip default-gateway 10.10.
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
login local
transport input all
sntp server ntp2c.mcc.ac.uk
sntp broadcast client
end
LATHQWAP01# -
Wireless Clients getting DHCP IP from other WLAN
Hi,
My client has a wireless setup consisting of a WLC 2112 and about 7 1131AG LWAPPs. There are two SSIDs, say CORP(mapped to VLAN 900) and GUEST(mapped to VLAN 901). Wireless clients get IP through DHCP. DHCP IP is configured in the Dynamic interface.
The problem is sometimes (not always), clients connecting to SSID CORP get a DHCP IP assigned for GUEST VLAN(VLAN 901).
Since it is happening randomly, clueless as to what is causing the problem.
Any inputs?
Regards
Gnan.
P.S Just to add though this could be irrelevant, only after making VLAN ID of the admin interface and AP Manager interface as '0', the APs could talk to the WLC and i was able to http to the WLC from the LAN.(WLC Mgmt, AP Mgmt IPs and AP Manager interface are in same VLAN).It sounds like the client may be connecting to the guest WLAN first, then connecting to the Corp WLAN.
As to the VLAN setting. 0 in the WLC means untagged. If your switchport has the switchport trunk native valn < x > command you would need to be untagged. Otherwise the switch would get a packet tagged with the native vlan, and then drop the traffic.
***if your management is in VLAN 1, the above is true with out the native setting, as VLAN 1 is native by default
HTH,
Steve
Please remember to rate helpful posts or to mark the question as answered so that it can be found later. -
60 Second Delays in Client Getting Entity Bean (after finder method)
I am running WLS5.1 with SP10. I have a stateless EJB that gets a
read-write BMP entity EJB. My test client that executes the stateless
session bean periodically encounters long delays (60 seconds or more)
when acquiring the entity bean using its finder method. Logging shows
the finder method is executing properly, and typically takes 180 ms to
locate the entity bean; however, from the stateless session beans side,
it appears to take 60 seconds. The test client is only a single thread,
so I know the pool is not depleted, or anything like that. Something
appears to be going haywire with the container.
Does anybody have an idea what might be going on?
Thanks.
GregHi Greg,
On a whim, I tried the same test with the thin driver, and the same
delay occurred. This time, instead of a rollback being at the top ofthe
thread dump stack trace, it was in some other Oracle call, with the
top of the stack trace being a socketreader.are you using MTS? Is the db-server a SMP-box? Which exact patch level
does your Oracle instance have? If yes, can you try to force a dedicated
server connection and see if the problem disappears? I guess for an OCI
connection you will have to edit tnsnames.ora, for a
thin-driver-connection you would have to modify the connect string to
something like this:
jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOS
T=<dnsname>)(PORT=1521)))(CONNECT_DATA=(SID=<your
sid>)(SERVER=DEDICATED))))
There is a bug in 8.1.6.0 which is supposed to be fixed in 8.1.6.3, but
I can still reproduce it in 9i :-(. It makes the MTS-dispatcher hang for
60 seconds if you have an SMP box with low load, so maybe this could be
your problem.
Daniel
-----Original Message-----
From: Greg Crider [mailto:[email protected]]
Posted At: Wednesday, November 28, 2001 8:17 AM
Posted To: ejb
Conversation: 60 Second Delays in Client Getting Entity Bean (after
finder method)
Subject: Re: 60 Second Delays in Client Getting Entity Bean (after
finder method)
My client has been using OCI in production and development
with JTS for
over a year now without a problem. We went to OCI because
there was some
other problem with the thin driver. I'm not sure what the
problem was,
but Oracle acknowledged it, but said it wouldn't be corrected until
Oracle 9i came out. We're still using 8.1.6, so from what I'm
told, we
don't use the thin driver.
On a whim, I tried the same test with the thin driver, and the same
delay occurred. This time, instead of a rollback being at the
top of the
thread dump stack trace, it was in some other Oracle call, with the
top of the stack trace being a socketreader.
Somebody else suggested that there may be a problem with
transactions.
Does this ring a bell? Again, I have a stateless session bean
invoking a
read-write entity bean, invoking a read-only entity bean. From
everything I read, including weblogic docs, I should just rely on my
deployment descriptor to control transactions and stay away from JTA.
Hi Greg,
I remeber long ago there were an issue with jts/oci driver combination
when the connections were opened but never used...
Buy the way, are there any specific reasons to use OCI instead of
thin driver?
"Greg Crider" <[email protected]> wrote in message
news:[email protected]...
I know. That's what I don't get. BTW Slava, I am using the
latest OCI
driver; thanks for the suggestion. I tried tweaking some of the Solaris
kernel settings as relates to TCP, but that didn't clear up the problem
either; however, it did change the frequency. Modifying the retransmit
settings (very small values, sub 1.5 seconds) seemed to make it occur
less frequently.
It seems like its time for me to contact BEA Support and see what they
can turn up. Thanks for the suggestions. If anybody else has an idea,
let me know. I'm betting this is a simple, stupid config problem. I'll
post back here when I find out what's up.
But for some reason WebLogic code called the rollback:
... rollback
at
weblogic.jdbc.common.internal.ConnectionEnv.cleanup(Connection
Env.java:499)
at
weblogic.jdbc.common.internal.ConnectionEnv.destroy(Connection
Env.java:417)
at
weblogic.jdbc.common.internal.ConnectionEnv.destroy(Connection
Env.java:393)
at weblogic.jdbcbase.jts.Connection.close(Connection.java:274)
at weblogic.jdbcbase.jts.Connection.commit(Connection.java:530)
at
weblogic.jdbcbase.jts.TxConnection.commitOnePhase(TxConnection
.java:55)
at
weblogic.jts.internal.CoordinatorImpl.commitSecondPhase(Coordi
natorImpl.java
:484)
at
weblogic.jts.internal.CoordinatorImpl.commit(CoordinatorImpl.java:383)
at weblogic.jts.internal.TxContext.commit(TxContext.java:255)
Slava Imeshev <[email protected]> wrote:
Hi Greg,
Which version of OCI driver do you use? OCI driver proved to be
not that stable as the thin driver. Could you try to download
and to install the latest version of the OCI driver and
let us know
if it helps?
Regards,
Slava Imeshev
[email protected]
"Greg Crider" <[email protected]> wrote in message
news:[email protected]...
Yup, get fresh connection from the db connection pool,
and close it
>when
I'm done. The logs don't indicate that I've ever exhausted the
connection pool.
It's interesting to note these problems are occurring on
Solaris with
Oracle OCI connections. Running the same code under Linux with thin
driver connections works just fine.
Weird. Do you obtain database connection from a
datasource and close
>it
every time
you use it?
Greg Crider <[email protected]> wrote:
Okay, this appears to be the offending thread. As it
turns out, the
>same
behavior as first described in my initial post, is
occurring this
>time
in the
business method of the entity bean, as opposed to the
finder. The
getNextURL() is the business method in this case. I am using BMP, and
the
ejbLoad() and ejbStore() methods are not throwing any
SQLExceptions.
Also, I
don't see anything in the error logs that indicate a
EJB transaction
failure.
This being the case, why would an Oracle rollback be
attempted? Am I
misinterpretting this stack trace?
"ExecuteThread-67" daemon prio=5 tid=0x14e300 nid=0x51 runnable
[0xe7880000..0xe7881a30]
at oracle.jdbc.oci8.OCIDBAccess.do_rollback(Native Method)
at oracle.jdbc.oci8.OCIDBAccess.rollback(OCIDBAccess.java:417)
at
oracle.jdbc.driver.OracleConnection.rollback(OracleConnection.java:510)
at
weblogic.jdbc.common.internal.ConnectionEnv.cleanup(ConnectionEnv.java:4
>99
at
weblogic.jdbc.common.internal.ConnectionEnv.destroy(Conne
ctionEnv.java:4
>17
at
weblogic.jdbc.common.internal.ConnectionEnv.destroy(Conne
ctionEnv.java:3
>93
at weblogic.jdbcbase.jts.Connection.close(Connection.java:274)
at weblogic.jdbcbase.jts.Connection.commit(Connection.java:530)
at
weblogic.jdbcbase.jts.TxConnection.commitOnePhase(TxConnec
tion.java:55)
at
weblogic.jts.internal.CoordinatorImpl.commitSecondPhase(CoordinatorImpl.
>ja
va:484)
at
weblogic.jts.internal.CoordinatorImpl.commit(CoordinatorIm
pl.java:383)
at weblogic.jts.internal.TxContext.commit(TxContext.java:255)
at
weblogic.ejb.internal.StatefulEJBObject.postInvokeOurTx(StatefulEJBObjec
>t.
java:320)
at
weblogic.ejb.internal.BaseEJBObject.postInvoke(BaseEJBObje
ct.java:845)
at
com.pi.speechport.ETO.LoadShare.ETOLoadShareEJBEOImpl.getNextURL(ETOLoad
>Sh
areEJBEOImpl.java:114)
at
com.pi.speechport.ETO.Transcription.ETOTranscriptionBusin
ess.getVendorUR
>L(
ETOTranscriptionBusiness.java:146)
at
com.pi.speechport.ETO.Transcription.ETOTranscriptionBusin
ess.transcribe(
>ET
OTranscriptionBusiness.java:193)
at
com.pi.speechport.ETO.Transcription.ETOTranscriptionEJBEO
Impl.transcribe
>(E
TOTranscriptionEJBEOImpl.java:188)
at
com.pi.speechport.ETO.Transcription.ETOTranscriptionEJBEO
Impl_WLSkel.inv
>ok
e(ETOTranscriptionEJBEOImpl_WLSkel.java:223)
at
weblogic.rmi.extensions.BasicServerObjectAdapter.invoke(B
asicServerObjec
>tA
dapter.java:347)
at
weblogic.rmi.extensions.BasicRequestHandler.handleRequest
(BasicRequestHa
>nd
ler.java:86)
at
weblogic.rmi.internal.BasicExecuteRequest.execute(BasicEx
ecuteRequest.ja
>va
:15)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:129)
Dimitri Rakitine wrote:
Make a thread dump during these 60 seconds to see
what server is
>doing.
Greg Crider <[email protected]> wrote:
I am running WLS5.1 with SP10. I have a stateless
EJB that gets a
read-write BMP entity EJB. My test client that executes the
stateless
session bean periodically encounters long delays (60
seconds or
>more)
when acquiring the entity bean using its finder
method. Logging
>shows
the finder method is executing properly, and
typically takes 180 ms
>to
locate the entity bean; however, from the stateless
session beans
side,
it appears to take 60 seconds. The test client is
only a single
thread,
so I know the pool is not depleted, or anything like that.
Something
appears to be going haywire with the container.
Does anybody have an idea what might be going on?
Thanks.
Greg
Dimitri
Greg
>__
GREGORY K. CRIDER, Emerging Digital Concepts
Systems Integration/Enterprise Solutions/Web &
Telephony Integration
(e-mail) [email protected]
(web) http://www.EmergingDigital.com
(voicemail) 866-474-4147
(phone) 703-335-0974
(cell) 703-851-5073
(fax) 703-365-0223 -
Some Apple Loops refuse to index when dropped onto the Loop Browser
I'm hoping somebody has a fix for this odd problem. Some of the Apple Loops which came with version 1.0.1 refuse to index via the loop browser.
First off, I had to re-install GarageBand 1.0.1 after an invalid library error message appeared after upgrading to Tiger. The re-install wasn't completed totally and it did the same thing on 2 attempts. The next error message was: Apple Loops are missing, or something to that effect. I had to install the Apple Loops found in HD->Library->Application Support->GarageBand by dropping them onto the GarageBand Loop Browser at the bottom of its window. It indexed them, they appeared, and I was happy.
Today, for some reason, I looked through the loops folder mentioned above and noticed about one third of the loops do not appear in the Loop Browser, naturally some really neat stuff is missing! So I decided to drag & drop these Apple loop files onto the browser individually. It says it's indexing them, althought the guitar icon in the dock jumps while doing so, but they never appear and don't show-up in the search box either. They can however be dropped onto the Timeline from the Finder and will play as a music file. The problem is that I cannot listen to them from the loop browser for easy selecting when arranging.
Is there any way to get these stubborn Apple files to appear & play in the Loop Browser? I was hoping they could be added via the Timeline to the Loop Browser, but have had no success. Also, I tried the Apple Loops Utility thinking maybe the appropriate tags were missing, but can't figure out what is missing, if anything.
Thanks in advance for your help.
Barb
iMac G5 20 Mac OS X (10.4.4)The Loop Browser filters what it displays by only showing loops in the same Time Signature as the song you've created, and within 2 semitones of the Key your song is in.
You can change the latter by tuning off Keyword Browsing in GB's preferences.
--HangTime [Will Compute for Food] B-|> -
Remote access VPN client gets connected fails on hosts in LAN
Hi,
VPN client gets connected fine, I have a inter VLAN routing happening on the switch in the LAN so all the LAN hosts have gateway IP on the switch, I have the defult route pointing to ASA inside interface on the switch, the switch I can reach after Remote Access VPN is connected how ever I cannot ping/connect to other hosts in the LAN and if I make the gateway point to the ASA then that host is accessible, any suggestions? I really want to have gateway to be the Switch as I have other networks reachable through the Switch (Intranet routing)Hi Mashal,
Thanks for your time,
VPN Pool(Client) 192.168.100.0/24
Internal Subnets 192.9.200.0/24(VLAN 4000) and 192.168.2.0/24 (VLAN 1000)
=============
On the Switch
=============
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.2.5 to network 0.0.0.0
172.32.0.0/24 is subnetted, 1 subnets
C 172.32.0.0 is directly connected, Vlan101
C 192.168.200.0/24 is directly connected, Vlan2000
C 192.9.200.0/24 is directly connected, Vlan4000
S 192.168.250.0/24 [1/0] via 192.9.200.125
S 192.168.1.0/24 [1/0] via 192.9.200.125
C 192.168.2.0/24 is directly connected, Vlan1000
S 192.168.252.0/24 [1/0] via 192.9.200.125
S* 0.0.0.0/0 [1/0] via 192.168.2.5
===============
On ASA
===============
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 172.32.0.2 to network 0.0.0.0
C 172.32.0.0 255.255.255.0 is directly connected, outside
C 192.9.200.0 255.255.255.0 is directly connected, inside
C 192.168.168.0 255.255.255.0 is directly connected, failover
C 192.168.2.0 255.255.255.0 is directly connected, MGMT
S 192.168.100.2 255.255.255.255 [1/0] via 172.32.0.2, outside
S 192.168.100.3 255.255.255.255 [1/0] via 172.32.0.2, outside
S* 0.0.0.0 0.0.0.0 [1/0] via 172.32.0.2, outside
We don't need route print on the PC for now as I can explain what is happening I can get complete access to the 192.168.2.0/24 (VLAN 1000) but for 192.9.200.0/24 (VLAN 4000) above from the switch I can only ping IP's on the switches/pair but cannot have any tcp connections, which explains the default route being pointed on the switch is on VLAN 1000, now my issue is How do I get access to VLAN 4000 as you can see these two are on different Interfaces/zones on the ASA and please note with default gateway pointing to ASA I will have access to both the VLAN's it is only when I move the gateway pointing to Switch I loose tcp connections to one VLAN depending on the default route on the being pointing to on the switch.
So we are left to do with how to on the switch with default route. -
5508 WLC on 7.4MR2- Clients getting Disconnected using CWA
We are experiencing an issue with clients getting disconnected/time out from a wlan doing CWA. The clients are iphones. A debug client shows the error(Unknown Policy Timeout). This particular WLAN is used for provisioning with ISE. ISE shows the user authenticated the entuire time. At first, we though it was the user idle timeout setting on the WLAN advanced tab, but after increasing that clients still get disconnected. The disconnect occurs around 2 minutes. Sometimes longer around 10 minutes. Cisco seems to think we are hitting a bug introduced in 7.3.112 and will not be fixed until 8.0. Below are the bug details and the debug output. Has anyone seen this? Any possible work-arounds? Thanks.
(Cisco Controller) >debug *apfMsConnTask_7: Mar 20 17:19:02.573: Association request from the P2P Client Process P2P Ie and Upadte CB
*apfMsConnTask_7: Mar 20 17:19:02.765: Association request from the P2P Client Process P2P Ie and Upadte CB
*apfReceiveTask: Mar 20 17:20:40.442: 18:af:61:bb:55:2f 10.200.21.0 RUN (20) Unknown Policy timeout
*apfReceiveTask: Mar 20 17:20:40.442: 18:af:61:bb:55:2f 10.200.21.0 RUN (20) Pem timed out, Try to delete client in 10 secs.
*apfReceiveTask: Mar 20 17:20:40.443: 18:af:61:bb:55:2f Scheduling deletion of Mobile Station: (callerId: 12) in 10 seconds
*osapiBsnTimer: Mar 20 17:20:50.443: 18:af:61:bb:55:2f apfMsExpireCallback (apf_ms.c:615) Expiring Mobile!
*apfReceiveTask: Mar 20 17:20:50.443: 18:af:61:bb:55:2f apfMsExpireMobileStation (apf_ms.c:5835) Changing state for mobile 18:af:61:bb:55:2f on AP 54:78:1a:2f:84:50 from Associated to Disassociated
*apfReceiveTask: Mar 20 17:20:50.443: 18:af:61:bb:55:2f Scheduling deletion of Mobile Station: (callerId: 45) in 10 seconds
*osapiBsnTimer: Mar 20 17:21:00.442: 18:af:61:bb:55:2f apfMsExpireCallback (apf_ms.c:615) Expiring Mobile!
*apfReceiveTask: Mar 20 17:21:00.443: 18:af:61:bb:55:2f Sent Deauthenticate to mobile on BSSID 54:78:1a:2f:84:50 slot 1(caller apf_ms.c:5929)
*apfReceiveTask: Mar 20 17:21:00.443: 18:af:61:bb:55:2f Setting active key cache index 8 ---> 8
*apfReceiveTask: Mar 20 17:21:00.443: 18:af:61:bb:55:2f Deleting the PMK cache when de-authenticating the client.
*apfReceiveTask: Mar 20 17:21:00.443: 18:af:61:bb:55:2f Global PMK Cache deletion failed.
*apfReceiveTask: Mar 20 17:21:00.443: 18:af:61:bb:55:2f apfMsAssoStateDec
*apfReceiveTask: Mar 20 17:21:00.443: 18:af:61:bb:55:2f apfMsExpireMobileStation (apf_ms.c:5967) Changing state for mobile 18:af:61:bb:55:2f on AP 54:78:1a:2f:84:50 from Disassociated to Idle
https://tools.cisco.com/bugsearch/bug/CSCul43158
Symptom:Wireless devices are randomly disconnected every 5-10 minutes with unknown policy timeout message in debug client
Conditions:Clients using Central Web Authentication (CWA).
Workaround:none
More Info:mine is with the following. Still trying to figure out why.
*osapiBsnTimer: Mar 17 12:58:05.949: f8:16:54:07:a8:78 apfMsExpireCallback (apf_ms.c:626) Expiring Mobile!
*apfReceiveTask: Mar 17 12:58:05.949: f8:16:54:07:a8:78 apfMsExpireMobileStation (apf_ms.c:6655) Changing state for mobile f8:16:54:07:a8:78 on AP 00:e1:6d:b2:a6:90 from Associated to Disassociated
*apfReceiveTask: Mar 17 12:58:05.949: f8:16:54:07:a8:78 Scheduling deletion of Mobile Station: (callerId: 45) in 10 seconds
*annyway, i've tried increasing the Session Timeout to 8hours and still testing it .. As my problem is not consistent, i have to monitor and see if its solved.
Maybe you are looking for
-
Charts get corrupted using CFReportBuilder 10 in Windows 8.1
Reports that we created that contain Charts, using Windows Vista to author, stop working and error "resource unreadable" when we open and save the report using Win 8.1 64bit. Everything else in the reports will work fine, but the charts become corru
-
I'm looking for firefox 21, not because I'm having issues with 22 but because I'm a developer and need to test an application on that specific version. I've came accross many threads requesting this though the moderators seem extremely adiment to not
-
When I check settings>General>ICloud>manage storage I see 100MB still on an IPAD that I returned and had replaced due to a battery defect. How can I find out what is in that 1000MB of storage? Is this just the data for the standard things that are on
-
E-mailing from PSE 10 and Windows 7
Why has the problem with emailing a photo from PSE 10 and Windows 7 never been resolved?
-
Mac pro late 2013 Screen flickering
I have late 2013 mac pro 3.5 Ghz 6-core with 32GM memory. I have 2 Thunderbolt 27" monitors with Thunderbolt Hard Drive(external), purchased all brand new. I have apple fan since 2007 changed all 5 computers over to apple and have been very very hap