IEEE 802.1X auto-QoS

Similar Messages

• PPPoE Over IEEE 802.1Q VLANs in 12.4T

  I am trying to configure PPPoE Over IEEE 802.1Q VLan on a 2811 router with (C2800NM-SPSERVICESK9-M), Version 12.4(24)T8
  PPPoE client on FastEthernet0/0 works fine.
  interface FastEthernet0/0
  no ip address
  duplex auto
  speed auto
  pppoe enable group global
  pppoe-client dial-pool-number 1
  But PPPoE session is not established on a subinterface with encapsulation dot1Q. It is not even trying to connect to the PPPoE server.
  Cisco Feature Navigator says that this feature was added in 12.4T.
  Can anybody confirm that 'PPPoE over IEEE 802.1Q VLANs' feature works fine on this IOS?
  Thank you in advance!

  Below works fine.
  vpdn enable
  vpdn-group 1
  request-dialin
  protocol pppoe
  bba-group pppoe global
  interface FastEthernet0/0
  no ip address
  duplex auto
  speed auto
  pppoe enable group global
  pppoe-client dial-pool-number 1
  But the same doesn't work over the subinterface:
  interface FastEthernet0/0.2
  encapsulation dot1Q 2
  pppoe enable group global
  pppoe-client dial-pool-number 1

• How to enable auto QoS on C4500-X

  How to enable auto QoS on C4500-X for Cisco phone? Since it is different from the global commands 'mls qos',who has the example? Thanks.

  http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/20ew/configuration/guide/macro.html
  Take a look at this document
  And this one
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps4324/prod_white_paper0900aecd8041691c.html

• Cisco 2960x - auto qos voip cisco-phone on access ports

  After configuring "auto qos voip cisco-phone" on a stack of 2960x switches, we later noticed that after a power cycle (config was saved first) it went missing when doing a "show run" from the interface configs, on one of the switches (g1/0/1-48 had it applied, then after power cycle it didn't show).  However, doing a "show auto qos interface" shows it is still applied to all interfaces g10/1-48. 
  I try to do "auto qos voip cisco-phone" again on g1/0/1-48, and it shows this:
  SwitchStack01(config-if-range)#auto qos voip cisco-phone
  AutoQoS Error: AutoQoS already configured
  % Range command terminated because it failed on GigabitEthernet1/0/1
  If I attempt to remove "auto qos voip cisco-phone", it shows this:
  SwitchStack01(config-if-range)#no auto qos voip cisco-phone
  AutoQoS Error: AutoQoS not configured
  % Range command terminated because it failed on GigabitEthernet1/0/1
  When I do a "show run", it is no longer displayed for the first switch of the stack.So is it still applied to the interfaces or not?   Is this a bug?  Has anyone else experienced this?  This has happened to at least a couple stacks of 2960x's we have. 
  Thanks!

  It appears to be a bug in the code.  Open a TAC ticket with Cisco and send them the output and the IOS version you are using so they can help you resolve the issue.   Most likely, they recommend an upgrade.
  HTH

• IEEE 802.1x Authentication with RADIUS failed

  Hello guys,
  I've a little strange Situation.
  If user start his Computer (Windows 7 enterprise) and computer is connected via LAN it works fine.
  If user start his Computer (Windows 7 enterprise) and computer is connected via WLAN it works also fine.
  But if user start his Computer (Windows 7 enterprise) that is connected via LAN it is not more possible to connect to WLAN (parallel). I've implemented an IEEE 802.1 RADIUS authenticiation.
  It does not work with this special user account. I've tested it already successful with couple other accounts.
  Does someone has experience with such Situation?
  Regards
  Rodik

  It does not work with this special user account. I've tested it already successful with couple other accounts.
  Hi,
  Did you mean that this problem just occures to the single User Account but others works fine at same computer, isn't it?
  When it connect Wlan failed, is there any error message? Have you tried to reinstall the WLan device driver for test?
  it would be better to provide more details about the Wlan connect failed.
  Roger Lu
  TechNet Community Support

• IEEE 802.1x port-based authetication

  I want to configure IEEE 802.1x port-based authentication on cisco switches, preferable 2960 series. Which models support this feature?. I have try with some older switches but it doesn't works properly on everyone.
  I have upgraded them whitout better results, there is namely an issue with TLS handshaking on some switches which produces authentication to fail.

  Hi Claudia,
  do you mean that the EAP-TLS authentication fails only on some 2960 switches and it works on other 2960s?
  What is the IOS version you're using there?
  What is the RADIUS server in use?
  What is the exact error message you see on the RADIUS side?
  Usually, the reason for the EAP-TLS handshake failure is to be troubleshoot on the supplicant and AAA server, however, there may be something on the switch depending on the certificate size and MTU settings on the switch(es).
  What is the server cert size and the MTU configured on the switches?
  With the info you provided it's difficult to say what's the reason of this failure.
  I would suggest to start looking into the above mentioned topics, else you would need to proceed with deeper debugging and sniffer traces, which may be better/easier to handle through a TAC case.
  I hope this helps.
  Regards,
  Federico
  If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.

• National Instruments PXI with IEEE 802.15.4 standard (ZigBee)

  Bonjour,
  En fait, je travaille sur  un projet qui a pour but d’implémenter un émetteur/récepteur Zigbee en bande de base reconfigurable sur la plateforme d'évaluation XUPV5-LX110T qui embarque un Virtex 5. Je suis actuellement dans la phase de test réel.
  Premièrement, Je veux envoyer mes données venant d’un pc vers un FPGA et de les recevoir (pour traiter mes signaux sur Matlab). Est-ce-que cette tâche est faisable ou non ? Y a-t-il une solution pour ça en utilisant un média de communication (la liaison série par exemple)
  Deuxièmement, Y a-t-il un équipement de mesure et de test de National Instruments à l’aide des PXI qui supporte le protocole sans fil Zigbee ou autrement la norme IEEE 802.15.4 (à savoir RF Vector Signal Generator et Vector Signal Analyzer) de la partie frontale analogique que ce soit en émission ou en réception?
  Et merci d’avance pour tout le monde.
  Hello,
  In fact, I'm working on a project which aims to implement a reconfigurable Zigbee tranceiver on XUPV5-LX110T Evaluation platform which integrates a Virtex 5 FPGA. I am currently in the phase of real test.
  First, I want to send my data from a PC to FPGA and receive it (to treat my signals on Matlab). Is this possible or not? If yes, Is there a solution for it using a medium of communication (e.g. serial link)
  Second, is there a measuring equipment and testing National Instruments using PXI which supports the Zigbee wireless protocol or otherwise IEEE 802.15.4 standard (i.e. RF Vector Signal Generator and Vector Signal Analyzer) of the analog front-end either in transmission or reception?
  And thanks a lot in advance for everyone.

  Hello,
  I am not sure what data you will be collecting, or how you intend on using the board. Perhaps you can explain your application a little bit more?
  Is the FPGA code already developed for your application with the XUPV5-LX110T board? As long as the developed FPGA code is able to communicate with your PC via whatever protocol you choose, then you can use that as a channel to send data back and forth. Since the board is capable of many different I/O connections, you can pretty much sending/receive data over which ever connection you prefer, Ethernet, RS-232, etc.
  Just to clear up any confusion, if you do not already have FPGA code for the board, this is not something you would be able to develop with LabVIEW FPGA programming. The XUPV5-LX110T board is not supported for programming its FPGA using LabVIEW FPGA. You can however, program in labVIEW to communicate data back and forth with the I/O you have chosen to connect with to your PC, such as Ethernet or RS-232, as mentioned above.
  As far as measuring equipment NI offers for testing with the Zibee (IEEE 802.15.4) wireless protocol in the PXI platform, if your application requires you to both transmit to, and received from the board, and then you would need either both a Vector Signal Generator and Vector Signal Analyzer, or a Vector Signal Transceiver. See the list below for some examples of what we have to offer.
  VSAs: NI PXI-5661, NI PXIe-5663E
  VSGs: NI PXI-5671, NI PXIe-5672/5673E
  VSTs: NI PXIe-5644R/5645R/5646R
  From my knowledge of ZigBee, you would be capable of communicating with the board using any of these devices.
  Matthew R.
  Applications Engineer
  National Instruments

• Configure Auto QoS on WS-C4500X

  Hi!!
  I have two 4500X connected via VSS and on the edge I have 2960X and 3750. All edge switch have Auto QoS configuration activated for voip.
  On 4500X I don't have the mls qos or qos only prompt to activate the QoS on the etherchannels.
  Is there a different way on configure the Auto QoS on the 4500X?
  I have the following software on my 4500X:
  SWITCH-A#sh ver | in IOS
  Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch  Software (cat4500e-UNIVERSAL-M), Version 03.06.00.E RELEASE SOFTWARE (fc3)
  Cisco IOS-XE software, Copyright (c) 2005-2014 by cisco Systems, Inc.
  All rights reserved.  Certain components of Cisco IOS-XE software are
  documentation or "License Notice" file accompanying the IOS-XE software,
  or the applicable URL provided on the flyer accompanying the IOS-XE
  SWITCH-A#
  SWITCH-A#sh ver | in ROM
  ROM: 15.0(1r)SG11
  System returned to ROM by power-on
  SWITCH-A#
  SWITCH-A#sh license image levels
  Module name        Image level  Priority  Configured  Valid license
  WS-C4500X-16       entservices  1         NO          entservices            
                     ipbase       2         NO          ipbase                 
  Module Name     Role           Current Level     Reboot Level
  WS-C4500X-16    Active         ipbase            ipbase  
  I looked on several docs and they spoke about the mls qos trus cos command but since I can't activate the QoS globally ...
  Can someone give me a clue???
  Best Regards,
  Jose Carlos

  Hi Reza!!! Thanks for your reply.
  I've looked on the net and found this blog http://blog.lah.io/2013/10/cisco-catalyst-4500-x-etherchannel-auto.html and thought that there is something wrong with my IOS, like a missing license.
  I will read your guide and try to configure like that but you must agree that auto qos is far more easy and reliable. Strange that the guy on the blog can configure auto qos...
  Best Regards,
  Jose Carlos

• Auto QoS in physical Interfaces Switch 4507R+E

  I'd like to take a doubt, I'm dealing with a customer that has a Core Cisco 4507R + E with 2 Sup WS-X45-SUP7-E and WS-X4748 line cards 3-RJ45-E with IOS version below: 
  Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-
  UNIVERSAL-M), Version 03.02.05.SG RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2012 by Cisco Systems, Inc.
  Compiled Tue 31-Jul-12 11:17 by prod_rel_team
  Cisco IOS-XE software, Copyright (c) 2005-2010 by cisco Systems, Inc.
  All rights reserved.  Certain components of Cisco IOS-XE software are
  licensed under the GNU General Public License ("GPL") Version 2.0.  The
  software code licensed under GPL Version 2.0 is free software that comes
  with ABSOLUTELY NO WARRANTY.  You can redistribute and/or modify such
  GPL code under the terms of GPL Version 2.0.  For more details, see the
  documentation or "License Notice" file accompanying the IOS-XE software,
  or the applicable URL provided on the flyer accompanying the IOS-XE
  software.
  Image text-base: 0x100A1A54, data-base: 0x13CCD2F8
  ROM: 15.0(1r)SG5
  Jawa Revision 7, Snowtrooper Revision 0x0.0x116
  Core4500 uptime is 1 year, 2 days, 5 hours, 21 minutes
  Uptime for this control processor is 1 year, 2 days, 5 hours, 23 minutes
  System returned to ROM by power-on
  System image file is "bootflash:cat4500e-universal.SPA.03.02.05.SG.150-2.SG5.bin
  He is implementing ToIP. The topology is structured in the collapsed model where switches etherchannel uplinks have access to 2Gb Core. 
  On all access switches the "auto qos trust" for uplinks and the "auto qos trust cisco-phone" to access ports was implemented. In Core would have to disassemble the PortChannel, apply auto qos trust in the PortChannel interfaces and ride again. 
  The doubt is that setting the 4507R + E accepts the QoS on the doors of the Port Channel? 
  As this Release Notes http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_27990-01.html 
  box in Release 3.2.3 does not support QoS on physical ports that composes the PortChannel.

  Hi,
   In this case as you pointed out, Auto-QoS is not supported on EtherChannel or its member ports. A physical port configured with Auto-QoS is not allowed to become a member of a physical port.
  See the link below where you can find details about QOS on etherchannel:
  http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/3.1.1SG/configuration/guide/qos.html#wp1563359
  Hope this helps.

• Auto qos voip cisco-phone

  Hello,
  I am very new to voip, second day.  I have configured a 3850 stack to trust cisco phones on the switchports with the auto qos feature. I am interested to know where else I have to apply qos for the policy's to apply. The 3850 stack is uplinked to a 4500x "core". My question is once the qos is applied at the switch port, is everything just grand and my qos will work or does it have to be applied elsewhere.
  Thank you.
  Dallas

  It has to be applied all throughout your network. Ie Core switch, access layer, uplinks to voice servers/gateways and access ports to phones. If you have wireless phones, those will have to be considered as well.

• Unable to issue auto qos voip on CAT2950SX-24 using IOS c2950-i6q4l2-mz.121

  Hi,
  I am unable to issue the command auto qos voip on the interface fa0/1. I am also not able to see the command using the "?". But based on the Cisco documentation, the IOS is able to support that command. Any can help or have any ideas? Here is the documentation link
  http://www.cisco.com/en/US/products/hw/switches/ps628/products_command_reference_chapter09186a00804761fd.html#wp4214415
  Thanks

  Hi
  you can use the below link to find out whether the image installed in your comes with the support for auto qos or not.
  http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp
  regds

• 3850 - auto qos voip cisco-phone

  I am having an issue where it appears that the "auto qos voip cisco-phone" command is marking down my voice packets COS and DSCP values to 0.  Anyone else notice this?  I am connecting Cisco 7945 phone to the interfaces with this command applied to the interface.  I verified that the IP Phone is sending COS = 5 and DSCP = ef to the switchport.  I verified the packets inbound to the switchport and the packets outbound as they transit to the destination IP Phone's switchport.

  Hi joshua,
  What is the IOS-XE version you are running on your 3850 ?
  Post your switchport configuration (7945 phone connected)
  Here is 3.3 QoS config guide & I noticed it says something like below qouted. So make sure this trust device command is there & your port is configured for standard VoIP port connectivity.(like voice vlan, etc)
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/consolidated_guide/configuration_guide/b_consolidated_3850_3se_cg/b_consolidated_3850_3se_cg_chapter_01101000.html#reference_8A1C35AB2874498F90C4F5600301BE9D
  "The trust device device_type interface configuration command is only supported in an auto-QoS configuration, and not as a stand-alone command on the switch. When using the trust device device_type interface configuration command in an auto-QoS configuration, if the connected peer device is not a corresponding device (defined as a device matching your trust policy), both CoS and DSCP values are set to "0" and any input policy will not take effect"
  HTH
  Rasika
  ***** Pls rate all useful responses ****

• Auto QoS Voip Trust question

  Hello,
  I am a little confused on the auto qos voip trust command. I am reading that it should be used on interior switchports like trunk ports connected to another switch. I guess my question is this: If the auto qos voip command tells the switchport to trust the incoming CoS values, then isnt it redundant to tell the port to "trust" the incoming CoS value when the auto qos voip command is already accomplishing this? Or does this have something to do with trusting DSCP values instead of CoS values? If so, why are we trusting DSCP values at the uplinks and not CoS values coming from the IP Phone? Im so confused. Thanks for any light you can shed on this topic.
  Chris.

  Chris
  Yes, the trust value used for "auto qos voip trust" depends on the operation of the port as you say.
  And yes when you use the "cisco-phone" option it will trust the values but as you say only if it detects a Cisco IP phone and it does this by using CDP. 
  What is not entirely clear, at least to me, is exactly which markings the "cisco-phone" option trusts. There seems to be conflicting information but the configuration guide talk about DSCP markings so it may be those but i can't say for sure as i have limited experience in that area.
  Jon

• NAC - L2 IEEE 802.1x and NAC - L2 IP differences.

  Hi,
  My customer is having Cisco 4507R switch with IOS version 122.31-SG1 which deosnt supports NAC - L2 IEEE 802.1x but supports NAC - L2 IP.
  What is the difference between these features and which features is required for proper authentication and posture assesment.
  Thanks and regards,
  Pulkit Sharma

  Hello,sharma
  can u be more clear abt ur question.What r u trying to achieve.

• Network IEEE 802.1X problems

  I bought a new macbook at last week and when I tried to conect on my university wireless lan with WEP IEEE 802.1X using TTLS.
  In fact the conection works for 5 seconds... After it, my macbook starts an autentication process and cannot authenticate with the LAN. This problems happens by Wireless and by cable. In fact many other students are having the same problem but only with Macbook core2duo models. The old coreduo Macbooks works fine. So, it seems to me that this new model has a problem. I hope Apple find a way to solve it!!
  macbook core2duo black   Mac OS X (10.4.8)  

  Hi materdei,
  I am having the same problem. The thing is though sometimes I stay connected without any problems for hours, but when then it disconnects if you don't "cancel" the authentication process, it just freezes there.
  By the way I don't think it's just new Macbooks, it is all of them because I have an old Macbook, it doesn't work fine either, and I know other people with old Macbooks having the same problem. But for example I have never seen older Apple computers experiencing this.
  Just thought it could be the uni's problem, but then why just Macbooks are affected?
  ps: I see that you're from Portugal, and are you also studying there? Because I am having this problem in a uni in Portugal and I am not really sure but i think all the uni's are using the same system over there.