IPSEC issue in Cisco IAD 2431

Hello all,
I cam across something when i was troubleshooting IPSEC VPN connections between two Cisco IAD 2431s. Here is a snapshot of config on one of the routers:
crypto map vpnmap 6 ipsec-isakmp
description To_Grovecity
set peer X.X.X.X
set transform-set vpnset
match address To_Grovecity
crypto map vpnmap 10 ipsec-isakmp
description To_Datacenter
set peer Y.Y.Y.Y
set transform-set vpnset
match address To_Datacenter
qos pre-classify
ip access-list extended To_Grovecity
permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255
ip access-list extended To_Datacenter
permit ip 10.24.96.0 0.0.0.255 10.11.12.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 172.31.46.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 10.80.102.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255
  permit ip 10.24.96.0 0.0.0.255 10.24.69.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 192.168.15.0 0.0.0.255
From this router's LAN interface (10.24.96.1), I couldn't ping the router's LAN interface corresponding to the Grovecitypeer which is x.x.x.x. The LAN interface at Grovecity is 10.80.103.3
As soon as I removed the statement " permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255" which was unnecessarily present in the To_Datacenter ACL, things started working.
What confuses me is since the crypto map vpnmap for Grovecity is at sequence 6 and is before the vpnmap for Datacenter, the statement "
permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255" under the To-Datacenter ACL would never be considered and it doesn't matter if that staement is present in the ACL or not but apparently it does. HAs anyone faced this before or am I missng something?
Thanks
Mukundh

Hi,
In order to successfully build a SA, the L2L peers need to exchange the same exact ACE (mirror of each other) along with other parameters like the transform-set, PFS group (if configured)...
Otherwise Phase II does not come up.
Thanks.
Portu.
Please rate any helpful posts.

Similar Messages

  • Issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login

    issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login

    issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login

  • Calling issue with Cisco 7937 conference station

    Hi Friends,
    I am facing issue wiht Cisco 7937 conference station, our customer have various branch offices accross the world. All branches are connected over MPLS through service provider( SIP service provider) . there is a centralized CUCM and remote office have SIP Voice gateways .
    When making calls from once remote site to another using Cisco 6921 phones calls working fine
    When making calls from once remote site to another using Cisco 7937 conference station to make call  any phone at remote office, calls are getting disconneted, remote phone rings when calls,  but its gets fast busy tone when other party picks up the phone and  not able to talk.
    I suspect the issue with Codec but we have configured transcoders  in VG and registered with CUCM
    Please help me if any one experience such issue earlier.
    Regards
    Siva

    hi Basant,
    1. Actually tow phones A and B are registerd with centralized CUCM, A and B are located in two different locations, RTP traffic between And B pass through service provider. 
    Call Flow --> Phone A ---->CUCMRouterpattern--> SIP trunk ----> Voice gateway--->Service provider cloud---> Respective Voice Gateway---> CUCM -- Phone B
    Show Run
    =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.02.27 15:14:52 =~=~=~=~=~=~=~=~=~=~=~=
    sh run
    Building configuration...
    Current configuration : 12139 bytes
    ! Last configuration change at 06:35:59 UTC Tue Feb 25 2014
    ! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
    ! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
    version 15.1
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname eucamvgw01
    boot-start-marker
    boot system flash:c2900-universalk9-mz.SPA.151-4.M5.bin
    boot-end-marker
    card type e1 0 0
    logging buffered 51200 warnings
    no logging console
    no aaa new-model
    no network-clock-participate wic 0
    no ipv6 cef
    ip source-route
    ip traffic-export profile cuecapture mode capture
    bidirectional
    ip cef
    ip multicast-routing
    ip domain name drreddys.eu
    ip name-server 10.197.20.1
    ip name-server 10.197.20.2
    multilink bundle-name authenticated
    stcapp ccm-group 2
    stcapp
    stcapp feature access-code
    stcapp feature speed-dial
    stcapp supplementary-services
    port 0/1/0
    fallback-dn 5428025
    port 0/1/1
    fallback-dn 5428008
    port 0/1/2
    fallback-dn 5421462
    port 0/1/3
    fallback-dn 5421463
    isdn switch-type primary-net5
    crypto pki token default removal timeout 0
    voice-card 0
    dsp services dspfarm
    voice call send-alert
    voice call disc-pi-off
    voice call convert-discpi-to-prog
    voice rtp send-recv
    voice service voip
    ip address trusted list
    ipv4 10.198.0.0 255.255.255.0
    ipv4 152.63.1.0 255.255.255.0
    address-hiding
    allow-connections sip to sip
    no supplementary-service h225-notify cid-update
    no supplementary-service sip moved-temporarily
    no supplementary-service sip refer
    fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
    fax-relay ans-disable
    sip
    rel1xx supported "track"
    privacy pstn
    no update-callerid
    early-offer forced
    call-route p-called-party-id
    voice class uri 100 sip
    host 41.206.187.71
    voice class codec 10
    codec preference 1 g711alaw
    codec preference 2 g711ulaw
    codec preference 3 ilbc
    codec preference 4 g729r8
    codec preference 5 g729br8
    voice class codec 20
    codec preference 1 g729br8
    codec preference 2 g729r8
    voice moh-group 1
    moh flash:moh/Panjo.alaw.wav
    description MOH G711 alaw
    multicast moh 239.1.1.2 port 16384 route 10.198.2.9
    voice translation-rule 1
    rule 1 /^012237280\(..\)/ /54280\1/
    rule 2 /^012236514\(..\)/ /54214\1/
    rule 3 /^01223651081/ /5428010/
    rule 4 /^01223506701/ /5428010/
    voice translation-rule 2
    rule 1 /^00\(.+\)/ /+\1/
    rule 2 /^0\(.+\)/ /+44\1/
    rule 3 /^\([0-9].+\)/ /+\1/
    voice translation-rule 3
    rule 1 /^9\(.+\)/ /\1/
    rule 2 /^\+44\(.+\)/ /0\1/
    rule 3 /^\+\(.+\)/ /00\1/
    voice translation-rule 4
    rule 1 /^54280\(..\)/ /12237280\1/
    rule 2 /^54214\(..\)/ /12236514\1/
    rule 3 /^\+44\(.+\)/ /\1/
    rule 4 /^.54280\(..\)/ /12237280\1/
    rule 5 /^.54214\(..\)/ /12236514\1/
    voice translation-rule 9
    rule 1 /^\(....\)/ /542\1/
    voice translation-rule 10
    voice translation-rule 11
    rule 1 /^\+44122372\(....\)/ /542\1/
    rule 2 /^\+44122365\(....\)/ /542\1/
    voice translation-rule 12
    voice translation-rule 13
    rule 1 /^\([18]...\)/ /542\1/
    voice translation-rule 14
    voice translation-profile MPLS-incoming
    translate calling 10
    translate called 9
    voice translation-profile MPLS-outgoing
    translate calling 11
    translate called 12
    voice translation-profile PSTN-incoming
    translate calling 2
    translate called 1
    voice translation-profile PSTN-outgoing
    translate calling 4
    translate called 3
    voice translation-profile SRST-incoming
    translate calling 14
    translate called 13
    license udi pid CISCO2921/K9 sn FGL145110RE
    hw-module ism 0
    hw-module pvdm 0/0
    username administrator privilege 15 secret 5 $1$syu5$DsxdOgfS7Wltx78o4PV.60
    redundancy
    controller E1 0/0/0
    ip tcp path-mtu-discovery
    ip scp server enable
    interface Embedded-Service-Engine0/0
    no ip address
    shutdown
    interface GigabitEthernet0/0
    description internal LAN
    ip address 10.198.2.9 255.255.255.0
    duplex auto
    speed auto
    interface ISM0/0
    ip unnumbered GigabitEthernet0/0
    service-module ip address 10.198.2.8 255.255.255.0
    !Application: CUE Running on ISM
    service-module ip default-gateway 10.198.2.9
    interface GigabitEthernet0/1
    description to TATA NGN
    ip address 115.114.225.122 255.255.255.252
    duplex auto
    speed auto
    interface GigabitEthernet0/2
    description SIP Trunks external
    ip address 79.121.254.83 255.255.255.248
    ip access-group SIP-InBound in
    ip traffic-export apply cuecapture size 8000000
    duplex auto
    speed auto
    interface ISM0/1
    description Internal switch interface connected to Internal Service Module
    no ip address
    shutdown
    interface Vlan1
    no ip address
    ip forward-protocol nd
    no ip http server
    no ip http secure-server
    ip route 0.0.0.0 0.0.0.0 10.198.2.1
    ip route 10.198.2.8 255.255.255.255 ISM0/0
    ip route 41.206.187.0 255.255.255.0 115.114.225.121
    ip route 77.37.25.46 255.255.255.255 79.121.254.81
    ip route 83.245.6.81 255.255.255.255 79.121.254.81
    ip route 83.245.6.82 255.255.255.255 79.121.254.81
    ip route 95.223.1.107 255.255.255.255 79.121.254.81
    ip route 192.54.47.0 255.255.255.0 79.121.254.81
    ip access-list extended SIP-InBound
    permit ip host 77.37.25.46 any
    permit ip host 83.245.6.81 any
    permit ip host 83.245.6.82 any
    permit ip 192.54.47.0 0.0.0.255 any
    permit icmp any any
    permit ip host 95.223.1.107 any
    deny ip any any log
    control-plane
    voice-port 0/1/0
    compand-type a-law
    timeouts initial 60
    timeouts interdigit 60
    timeouts ringing infinity
    caller-id enable
    voice-port 0/1/1
    compand-type a-law
    timeouts initial 60
    timeouts interdigit 60
    timeouts ringing infinity
    caller-id enable
    voice-port 0/1/2
    compand-type a-law
    timeouts initial 60
    timeouts interdigit 60
    timeouts ringing infinity
    caller-id enable
    voice-port 0/1/3
    compand-type a-law
    timeouts initial 60
    timeouts interdigit 60
    timeouts ringing infinity
    caller-id enable
    no ccm-manager fax protocol cisco
    ccm-manager music-on-hold bind GigabitEthernet0/0
    ccm-manager config server 152.63.1.19 152.63.1.100 172.27.210.5
    ccm-manager sccp local GigabitEthernet0/0
    ccm-manager sccp
    mgcp profile default
    sccp local GigabitEthernet0/0
    sccp ccm 10.198.2.9 identifier 3 priority 3 version 7.0
    sccp ccm 152.63.1.19 identifier 4 version 7.0
    sccp ccm 152.63.1.100 identifier 5 version 7.0
    sccp ccm 172.27.210.5 identifier 6 version 7.0
    sccp
    sccp ccm group 2
    bind interface GigabitEthernet0/0
    associate ccm 4 priority 1
    associate ccm 5 priority 2
    associate ccm 6 priority 3
    associate ccm 3 priority 4
    associate profile 1002 register CFB_UK_CAM_02
    associate profile 1001 register XCODE_UK_CAM_02
    associate profile 1000 register MTP_UK_CAM_02
    dspfarm profile 1001 transcode
    codec ilbc
    codec g722-64
    codec g729br8
    codec g729r8
    codec gsmamr-nb
    codec pass-through
    codec g711ulaw
    codec g711alaw
    codec g729ar8
    codec g729abr8
    maximum sessions 18
    associate application SCCP
    dspfarm profile 1002 conference
    codec g711ulaw
    codec g711alaw
    codec g729ar8
    codec g729abr8
    codec g729r8
    codec g729br8
    maximum sessions 2
    associate application SCCP
    dspfarm profile 1000 mtp
    codec g711alaw
    maximum sessions software 200
    associate application SCCP
    dial-peer cor custom
    name SRSTMode
    dial-peer cor list SRST
    member SRSTMode
    dial-peer voice 100 voip
    description *** Inbound CUCM ***
    translation-profile incoming PSTN-incoming
    incoming called-number .
    voice-class codec 10
    voice-class sip call-route p-called-party-id
    dtmf-relay rtp-nte
    no vad
    dial-peer voice 500 voip
    description *** Inbound TATA MPLS ***
    translation-profile incoming MPLS-incoming
    session protocol sipv2
    session target sip-server
    incoming called-number ....
    incoming uri from 100
    voice-class codec 20
    dtmf-relay rtp-nte
    no vad
    dial-peer voice 510 voip
    description *** Outbound TATA MPLS ***
    translation-profile outgoing MPLS-outgoing
    destination-pattern 54[013-9]....
    session protocol sipv2
    session target ipv4:41.206.187.71
    session transport udp
    voice-class codec 20
    dtmf-relay rtp-nte
    no vad
    dial-peer voice 520 voip
    description *** Outbound TATA MPLS ***
    translation-profile outgoing MPLS-outgoing
    destination-pattern 5[0-35-9].....
    session protocol sipv2
    session target ipv4:41.206.187.71
    session transport udp
    voice-class codec 20
    dtmf-relay rtp-nte
    no vad
    dial-peer voice 200 voip
    description *** Inbound M12 *** 01223651081, 01223651440 - 01223651489
    translation-profile incoming PSTN-incoming
    session protocol sipv2
    session target sip-server
    session transport udp
    incoming called-number 0122365....
    dtmf-relay rtp-nte
    codec g711ulaw
    no vad
    dial-peer voice 201 voip
    description *** Inbound M12 *** 012237280XX
    translation-profile incoming PSTN-incoming
    session protocol sipv2
    session target sip-server
    session transport udp
    incoming called-number 012237280..
    dtmf-relay rtp-nte
    codec g711ulaw
    no vad
    dial-peer voice 202 voip
    description *** Inbound M12 *** 01223506701
    translation-profile incoming PSTN-incoming
    session protocol sipv2
    session target sip-server
    session transport udp
    incoming called-number 01223506701
    dtmf-relay rtp-nte
    codec g711ulaw
    no vad
    dial-peer voice 210 voip
    description *** Outbound M12 ***
    translation-profile outgoing PSTN-outgoing
    destination-pattern +...T
    session protocol sipv2
    session target ipv4:83.245.6.81
    session transport udp
    dtmf-relay rtp-nte
    codec g711alaw
    no vad
    dial-peer voice 211 voip
    description *** Outbound ISDN for SRST and emergency ***
    translation-profile outgoing PSTN-outgoing
    destination-pattern 9.T
    session protocol sipv2
    session target ipv4:83.245.6.81
    session transport udp
    dtmf-relay rtp-nte
    codec g711alaw
    no vad
    dial-peer voice 212 voip
    description *** Outbound ISDN for emergency ***
    translation-profile outgoing PSTN-outgoing
    destination-pattern 11[02]
    session protocol sipv2
    session target ipv4:83.245.6.81
    session transport udp
    dtmf-relay rtp-nte
    codec g711alaw
    no vad
    dial-peer voice 2000 voip
    description *** Outbound to CUCM Primary ***
    preference 1
    destination-pattern 542....
    session protocol sipv2
    session target ipv4:152.63.1.19
    voice-class codec 10
    voice-class sip call-route p-called-party-id
    dtmf-relay rtp-nte
    no vad
    dial-peer voice 2001 voip
    description *** Outbound to CUCM Secondary ***
    preference 2
    destination-pattern 542....
    session protocol sipv2
    session target ipv4:152.63.1.100
    voice-class codec 10
    voice-class sip call-route p-called-party-id
    dtmf-relay rtp-nte
    no vad
    dial-peer voice 2002 voip
    description *** Outbound to CUCM Teritiary ***
    preference 3
    destination-pattern 542....
    session protocol sipv2
    session target ipv4:172.27.210.5
    voice-class codec 10
    voice-class sip call-route p-called-party-id
    dtmf-relay rtp-nte
    no vad
    dial-peer voice 999010 pots
    service stcapp
    port 0/1/0
    dial-peer voice 999011 pots
    service stcapp
    port 0/1/1
    dial-peer voice 999012 pots
    service stcapp
    port 0/1/2
    dial-peer voice 999013 pots
    service stcapp
    port 0/1/3
    sip-ua
    no remote-party-id
    gatekeeper
    shutdown
    call-manager-fallback
    secondary-dialtone 9
    max-conferences 4 gain -6
    transfer-system full-consult
    ip source-address 10.198.2.9 port 2000
    max-ephones 110
    max-dn 400 dual-line no-reg
    translation-profile incoming SRST-incoming
    moh flash:/moh/Panjo.ulaw.wav
    multicast moh 239.1.1.1 port 16384 route 10.198.2.9
    time-zone 22
    time-format 24
    date-format dd-mm-yy
    line con 0
    login local
    line aux 0
    line 2
    no activation-character
    no exec
    transport preferred none
    transport input all
    transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
    stopbits 1
    line 131
    no activation-character
    no exec
    transport preferred none
    transport input all
    transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
    stopbits 1
    line vty 0 4
    session-timeout 60
    exec-timeout 60 0
    privilege level 15
    login local
    transport input all
    line vty 5 15
    session-timeout 60
    exec-timeout 60 0
    privilege level 15
    login local
    transport input all
    scheduler allocate 20000 1000
    ntp server 10.1.30.1
    end
    eucamvgw01#
    Sh SCCP
    =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.03.03 17:57:44 =~=~=~=~=~=~=~=~=~=~=~=
    SCCP Admin State: UP
    Gateway Local Interface: GigabitEthernet0/0
    IPv4 Address: 10.198.2.9
    Port Number: 2000
    IP Precedence: 5
    User Masked Codec list: None
    Call Manager: 10.198.2.9, Port Number: 2000
    Priority: 3, Version: 7.0, Identifier: 3
    Call Manager: 152.63.1.19, Port Number: 2000
    Priority: N/A, Version: 7.0, Identifier: 4
    Trustpoint: N/A
    Call Manager: 152.63.1.100, Port Number: 2000
    Priority: N/A, Version: 7.0, Identifier: 5
    Trustpoint: N/A
    Call Manager: 172.27.210.5, Port Number: 2000
    Priority: N/A, Version: 7.0, Identifier: 6
    Trustpoint: N/A
    MTP Oper State: ACTIVE - Cause Code: NONE
    Active Call Manager: 152.63.1.19, Port Number: 2000
    TCP Link Status: CONNECTED, Profile Identifier: 1000
    Reported Max Streams: 400, Reported Max OOS Streams: 0
    Supported Codec: g711alaw, Maximum Packetization Period: 30
    Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
    Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
    Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
    TLS : ENABLED
    Transcoding Oper State: ACTIVE - Cause Code: NONE
    Active Call Manager: 152.63.1.19, Port Number: 2000
    TCP Link Status: CONNECTED, Profile Identifier: 1001
    Reported Max Streams: 36, Reported Max OOS Streams: 0
    Supported Codec: ilbc, Maximum Packetization Period: 120
    Supported Codec: g722r64, Maximum Packetization Period: 30
    Supported Codec: g729br8, Maximum Packetization Period: 60
    Supported Codec: g729r8, Maximum Packetization Period: 60
    Supported Codec: gsmamr-nb, Maximum Packetization Period: 60
    Supported Codec: pass-thru, Maximum Packetization Period: N/A
    Supported Codec: g711ulaw, Maximum Packetization Period: 30
    Supported Codec: g711alaw, Maximum Packetization Period: 30
    Supported Codec: g729ar8, Maximum Packetization Period: 60
    Supported Codec: g729abr8, Maximum Packetization Period: 60
    Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
    Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
    Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
    Conferencing Oper State: ACTIVE - Cause Code: NONE
    Active Call Manager: 152.63.1.19, Port Number: 2000
    TCP Link Status: CONNECTED, Profile Identifier: 1002
    Reported Max Streams: 16, Reported Max OOS Streams: 0
    Supported Codec: g711ulaw, Maximum Packetization Period: 30
    Supported Codec: g711alaw, Maximum Packetization Period: 30
    Supported Codec: g729ar8, Maximum Packetization Period: 60
    Supported Codec: g729abr8, Maximum Packetization Period: 60
    Supported Codec: g729r8, Maximum Packetization Period: 60
    Supported Codec: g729br8, Maximum Packetization Period: 60
    Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
    Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
    Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
    TLS : ENABLED
    Alg_Phone Oper State: ACTIVE - Cause Code: NONE
    Active Call Manager: 152.63.1.19, Port Number: 2000
    TCP Link Status: CONNECTED, Device Name: AN71FEF7F070080
    Reported Max Streams: 1, Reported Max OOS Streams: 0
    Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
    Supported Codec: g711ulaw, Maximum Packetization Period: 20
    Supported Codec: g711alaw, Maximum Packetization Period: 20
    Supported Codec: g729r8, Maximum Packetization Period: 220Supported Codec: g729ar8, Maximum Packetization Period: 220
    Supported Codec: g729br8, Maximum Packetization Period: 220
    Supported Codec: g729r8, Maximum Packetization Period: 220
    Supported Codec: ilbc, Maximum Packetization Period: 120
    Alg_Phone Oper State: ACTIVE - Cause Code: NONE
    Active Call Manager: 152.63.1.19, Port Number: 2000
    TCP Link Status: CONNECTED, Device Name: AN71FEF7F070081
    Reported Max Streams: 1, Reported Max OOS Streams: 0
    Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
    Supported Codec: g711ulaw, Maximum Packetization Period: 20
    Supported Codec: g711alaw, Maximum Packetization Period: 20
    Supported Codec: g729r8, Maximum Packetization Period: 220
    Supported Codec: g729ar8, Maximum Packetization Period: 220
    Supported Codec: g729br8, Maximum Packetization Period: 220
    Supported Codec: g729r8, Maximum Packetization Period: 220
    Supported Codec: ilbc, Maximum Packetization Period: 120
    Alg_Phone Oper State: ACTIVE - Cause Code: NONE
    Active Call Manager: 152.63.1.19, Port Number: 2000
    TCP Link Status: CONNECTED, Device Name: AN71FEF7F070082
    Reported Max Streams: 1, Reported Max OOS Streams: 0
    Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
    Supported Codec: g711ulaw, Maximum Packetization Period: 20Supported Codec: g711alaw, Maximum Packetization Period: 20
    Supported Codec: g729r8, Maximum Packetization Period: 220
    Supported Codec: g729ar8, Maximum Packetization Period: 220
    Supported Codec: g729br8, Maximum Packetization Period: 220
    Supported Codec: g729r8, Maximum Packetization Period: 220
    Supported Codec: ilbc, Maximum Packetization Period: 120
    Alg_Phone Oper State: ACTIVE - Cause Code: NONE
    Active Call Manager: 152.63.1.19, Port Number: 2000
    TCP Link Status: CONNECTED, Device Name: AN71FEF7F070083
    Reported Max Streams: 1, Reported Max OOS Streams: 0
    Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
    Supported Codec: g711ulaw, Maximum Packetization Period: 20
    Supported Codec: g711alaw, Maximum Packetization Period: 20
    Supported Codec: g729r8, Maximum Packetization Period: 220
    Supported Codec: g729ar8, Maximum Packetization Period: 220
    Supported Codec: g729br8, Maximum Packetization Period: 220
    Supported Codec: g729r8, Maximum Packetization Period: 220
    Supported Codec: ilbc, Maximum Packetization Period: 120
    eucamvgw01#

  • Directory Caching issue with Cisco Jabber client for Windows

    Hi ,
    I am facing cache issue with Cisco Jabber client for Windows. If I do any change related to modification or deletion of contacts in Active Directory/ Callmanager, it does not reflect in the Jabber. Because jabber takes the contacts from the locally stored cache file in the Windows system.
    Every time I have to remove the cache file to overcome this issue, practically it's not possible to do the same with all the Widows users. As, if any employee leaves the company and still I can see his contact appears in the "Cisco Jabber client". I have not seen this issue with Android/Apple iOS.
    Is there any automated way to remove the cache file? 
    Here is the detail of CUCM,Presence and Jabber.
    CUCM version: 9.1.x
    Presence          : 9.1.X
    Jabber              : 10.5 and 10.6

    Hello
    On our environment we had to install a dedicated Microsoft Certificate Authority "just for Cisco Jabber usage" to house the
    Network Device Enrollment Service.
    Our certificate for the CUPS were generated on this Certification Authority too.
    I discussed this certificate matter with my colleagues this afternoon and nobody seems to remember how these certificates were deployed into the
    Enterprise Trust store for the users.
    But I think they asked all 400 users to accept the 3 certificates by answering "yes" to the popup instead of using a script deployed by GPO...
    I wish you success with that deployment and really hope you have a technical partner that *Knows* this subject.
    Our partner left us alone with that unfortunately.
    Florent
    EDIT: If the "Certutil script method" works, please let me know. This could be useful in our own deployment.

  • Routing issue between Cisco Nexus and Cisco 4510 R+E Chassis

    We have configured Cisco Nexus 7K9 as core and Cisco 4510 R+E as access switches for Server connectivity.
    We are experiencing problem in terms of ARP learning and Ping issues between Cisco Nexus and end hosts.

    Hi,
    So you have N7k acting as L3 with servers connected to 4510?.
    Do you see the MAC associated with failing ARP in 4510?. Is it happening with all or few servers?. Just to verify if it is connectivity issue between N7k and 4510, you can configure an SVI on 4510 and assign address from same raneg (server/core range) and perform a ping.
    This will help narrow down if issue is between server to 4510 or 4510 to N7k.
    Thanks,
    Nagendra

  • MacBook and MacBook Pro with 10.6:  Wireless Airport Issues with Cisco

    Long Story but please bear with me:
    Loaded SL on my daughters MacBook and my MacBook Pro. Internet worked flawlessly at our house (WEP encrypted) and on other public wifi. When my daughter went back to her sorority house at college 24 hours later, she could not access the internet using the sorority house network (Cisco Aironet 1800 router and Cisco Airo Access Points).
    Her Airport on the MacBook appeared connected at full strength yet no internet. Two calls to Apple support (they were very nice) did not help. All the following were tried:
    1. Reset PRAM
    2. Deleted Airport and Safari plists
    3. Edited locations
    4. Removed Battery
    5. Others I cannot now remember
    Still no net. However, she could 'pirate' and hop on line with other identified public wifi adjacent to the sorority house. I drove to the sorority house today and tried to get on the network wirelessly using my MacBook Pro with SL. Same identical results to hers. Another MacBook without SL works great and gets right on the network.
    Is this some SL influenced issue with the Airport card and the Cisco system? Weird that both of our laptops work great with several other wifi networks but not the one at the sorority house.
    Could much of what we all our seeing with the internet access problem lie not with issues within our software or computers but with the routers and access points not being compatible? I have very little understanding of this stuff (as you all can probably tell) but the Apple Support people acted like it was a old firmware issue with Cisco and not with SL. Not actually what I wanted to hear.
    Any ideas or suggestions?

    Your description there, particularly the last part, sounds like my problem. At home, we connect using Airport and ADSL which was OK, once SL had sorted out passwords.
    At my office, where there are two wifi systems, I could not get on either, although did have IP numbers on both. The link to the outside world is via a proxy which uses a PAC file. Network Diagnostics reported each time (whatever I did) that the link to the server was OK, but the Internet was not.
    I created a new Location with identical settings (typing them in and not copying) and the only visible difference is that the new location has no DNS numbers -- I had not noticed that before. The moment I pressed, Apply, the computer was online.
    I was guessing that there was a conflict in a .plist file somewhere; but now I wonder if DNS might have been the reason (the DNS number usually used is the one from the router itself).

  • Issue with cisco ONS 15310. Slot with Ethernet ports, designed for bridging.

    Hi, guys. I’ve got an issue with cisco ONS 15310 sdh optical network. I’ve got a special slot with Ethernet ports, designed for bridging. Assume, we’ve got to multiplexers, named A and B with ports A0 and B0 respectively. The ios console of these slots says, the configuration is as follows:
    no ip address set on these ports
    Ports are administratively up
    Auto mdix
    Bridge groups are the same on these ports.
    Dot1q tunnel.
    I’m trying to monitor a device with an ip-address connected to port B0. It answers ping if I connect the notebook directly to a device. But if I connect the notebook to port A0 and ping the device pluged in port B0 through the optical network, it doesn’t answer. I tried connections with straight and cross cable.
    Guys, who set the network said, it should work as a point to point bridge with no extra configuration. But it doesn’t. I used wireshark sniffer to lookup what’s happening on port A0. All I see is cdp-s from port A0 and self-announcements of the notebook.
    Any suggestions? Thank you in advance.

    B
    Building configuration...
    Current configuration : 3712 bytes
    ! Last configuration change at
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    hostname B
    boot-start-marker
    boot-end-marker
    enable password -
    clock timezone -
    ip subnet-zero
    no ip domain-lookup
    no mpls traffic-eng auto-bw timers frequency 0
    bridge 100 protocol ieee
    bridge 140 protocol ieee
    bridge 141 protocol ieee
    bridge 142 protocol ieee
    bridge 143 protocol ieee
    bridge 144 protocol ieee
    interface Loopback0
    ip address 192.x.0.x 255.255.255.255
    interface FastEthernet0
    description -
    no ip address
    mode dot1q-tunnel
    bridge-group 140
    bridge-group 140 spanning-disabled
    interface FastEthernet1
    description --- B0 ---
    no ip address
    mode dot1q-tunnel
    bridge-group 141
    bridge-group 141 spanning-disabled
    interface FastEthernet2
    description -
    no ip address
    mode dot1q-tunnel
    bridge-group 142
    bridge-group 142 spanning-disabled
    interface FastEthernet3
    description -
    no ip address
    mode dot1q-tunnel
    bridge-group 143
    bridge-group 143 spanning-disabled
    interface FastEthernet4
    description -
    no ip address
    mode dot1q-tunnel
    bridge-group 144
    bridge-group 144 spanning-disabled
    interface FastEthernet5
    no ip address
    shutdown
    interface FastEthernet6
    no ip address
    shutdown
    interface FastEthernet7
    description -
    no ip address
    shutdown
    mode dot1q-tunnel
    bridge-group 100
    bridge-group 100 spanning-disabled
    interface POS0
    description -
    no ip address
    crc 32
    interface POS0.1
    encapsulation dot1Q 141
    no snmp trap link-status
    bridge-group 141
    interface POS0.2
    encapsulation dot1Q 142
    no snmp trap link-status
    bridge-group 142
    interface POS0.3
    encapsulation dot1Q 143
    no snmp trap link-status
    bridge-group 143
    interface POS0.4
    encapsulation dot1Q 144
    no snmp trap link-status
    bridge-group 144
    interface POS0.5
    description -
    encapsulation dot1Q 140
    no snmp trap link-status
    bridge-group 140
    interface POS1
    no ip address
    crc 32
    interface POS1.1
    encapsulation dot1Q 100
    no snmp trap link-status
    bridge-group 100
    router ospf 100
    log-adjacency-changes
    network 192.x.0.x 0.0.0.0 area 0
    ip default-gateway [x.x.x.x]
    ip classless
    no ip http server
    snmp-server community public RO
    snmp-server ifindex persist
    snmp-server trap link ietf
    snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
    snmp-server enable traps tty
    snmp-server enable traps config
    snmp-server enable traps cpu threshold
    snmp-server enable traps entity
    snmp-server enable traps syslog
    snmp-server enable traps hsrp
    snmp-server enable traps config-copy
    snmp-server enable traps bridge
    snmp-server enable traps ospf state-change
    snmp-server enable traps ospf errors
    snmp-server enable traps ospf retransmit
    snmp-server enable traps ospf lsa
    snmp-server enable traps ospf cisco-specific state-change
    snmp-server enable traps ospf cisco-specific errors
    snmp-server enable traps ospf cisco-specific retransmit
    snmp-server enable traps ospf cisco-specific lsa
    snmp-server enable traps bgp
    snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
    snmp-server enable traps ipmulticast
    snmp-server enable traps rtr
    snmp-server enable traps mpls traffic-eng
    snmp-server enable traps mpls ldp
    snmp-server enable traps rsvp
    snmp-server enable traps l2tun session
    snmp-server enable traps mpls vpn
    snmp-server host x.x.x.x public
    control-plane
    line con 0
    line vty 0 4
    password -
    logging synchronous level 4
    login
    end

  • LAG configuration issue on Cisco SG300 52 Switch

    Hi everybody,
    I am having an issue with LAG configuration on a Cisco SG300 52 switch. I have connected four Ge ports on the switch to the four NICs of a Dell R710 Server on which I installed Windows Server 2008 R2. Without LAG configured, these ports would forward traffic to and from the Dell server fine. However, if I configure LAG on the ports with LACP enabled, then they would not forward any network traffic. Debugging shows that the ports are up but their forwarding status show N/A. Am I missing any configuration? Can I configure LAG on edgeports? Or is there any compatibility issue?
    Any help  from you guys will be greatly appreciated.
    Thank you.
    Vishal

    Hi Dave,
    Thank you for your quick response and sorry to have looked at it late. Well, I already resolved the issue and like you pointed out, it was the configuration of the Dell NICs. I had to configure NIC teaming and there was a bug with the Broadcom NIC management software. I had to download this piece of software again and I was then able to configure NIC teaming on it. I initially thought that it was already configured because we got the Dell server "pre-installed with pretty much everything".
    Anyway thank you for your assistance. Oh I have a question though if you don't mind clearing my doubt. We have bought 7 of these SG300 Switches and I would like to use all of them
    in a hierarchical design as core, distribution and access layer switches because I believe this switch has got all the qualities to be used at all the three layers. We have about 100 users in our company at the moment but expecting growth of about 10-20 employees per year. Would you think a hierarchical network design for a 100 users is a bit of an overkill? Would you think these SG300 switches can handle network traffic at the distribution and core layers? I worked out the average daily traffic is only about 4 Mbps.
    Thank you for your valuable guidance.
    Kind regards,
    Vishal
    Date: Mon, 12 Sep 2011 08:09:40 -0600
    From: [email protected]
    To: [email protected]
    Subject: - Re: LAG configuration issue on Cisco SG300 52 Switch
    Cisco Support Community
    Re: LAG configuration issue on Cisco SG300 52 Switch created by David Hornstein in Small Business Switches - View the full discussion
    Hi Chundunsing,
    Thank you for the purchase of my switch.
    Chundunsing, I love the way you worded your question ; "I am having an issue with LAG configuration on a Cisco SG300 52 switch." ,but seriously you are having a problem with interfacing the dell with my switch.
    You have LAG working to the Dell R710 teamed NICs and god knows what NICs or drivers you are using to acheive this.
    Now LAG is providing , load balancing between the LAG ports.
    Now LAG is providing , link redundancy for connectibity to the Dell R710.
    If there is a configuration issue , it sure seems the way you have it configured without LACP is still working. But you have the option when you create a LAP group to enable LACP. You can see this as a tick box in the LAG group.
    But might i also install, recently firmware version 1.1.1.8, just came out.
    Please be sure to;
    Step 1. update the firmware on the switch and
    Step 2. select it as the 'active image.'
    Step 3 rebbot the switch to utilize this active image.
    If you are having any trouble doing this the admin guide references how to achieve this. for your concenience I have atteched the guide to this posting.
    regards Dave
    Reply to this message by going to Cisco Support Community
    Start a new discussion in Small Business Switches at Cisco Support Community

  • Issue with Cisco Meraki APs

    Is there any known issues with  Cisco Meraki APs with client devices which publish PMF support in probe requests ?  We are seeing  connectivity issues with Cisco Meraki MR12,MR16 and MX80   models . Please update if there are  any known issue with these APs.

    Thanks for your thoughts, Nathan. We do actually have the "Enable Fast Reconnect" option selected on our wireless profile. Good idea, though.
    We did also (originally) have 2 RADIUS servers defined within our wireless network. What we discovered was that each Meraki AP will try each one in order, top-to-bottom, and then primarily use the server that responded to it first. So, if for any reason you have a short-lived issue with your local RADIUS server responding to requests, and the AP is able to talk to a remote RADIUS server (in our case, one on the other side of the world) instead, the AP will elect to use the remote RADIUS server instead. In our case, the latency is high enough between these APs and this remote RADIUS server that while a client is roaming between APs, and having to re-authenticate, the entire process breaks down because (1) the client is moving between APs faster than the remote RADIUS server can authenticate the client, and (2) the entire exchange and communication ends up timing out -- thus forcing a manual re-connect. This is not a common occurrence by any means, but I just wanted to share what made us later choose to define only 1 RADIUS server, in the network settings. Surely our circumstance here is rather unique, but I thought it might be worth mentioning. Having only 1 RADIUS server defined forces ALL of our APs to use the same RADIUS server, regardless of anything else. It has resulted in a much smoother re-auth process for our clients.
    I appreciate the link you sent, however. If I come across anything else that is helpful, I'll certainly post it back here. I appreciate your input once again!

  • Cisco IAD 2432 - hookflash issue

    Hello experts,
    we where testing IAD2432 with SIP and it seems we can not make it to support hook-flash functionality. When I dial first number and press flash button I get a second dial tone and first phone conversation is on hold, after dialing a second number when I press flash button I get a third dial tone not a 3-way add hock conference as with traditional PBX like feature and first call gets dropped.
    Bellow is the documentation I used to configure those features with SIP:
    http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/vvfax_c/callc_c/sip_c/sipc1_c/centrex.htm#wp998956
    http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a0080783aba.html
    Any suggestion on making this working will be welcome. Thank you in advance.
    The config is attached.

    Could you porvide "debug ccsip messages " with SIP configured and hookflash attempted

  • IAD 2431 with ATM

    OK,
    Trying to get a 2431 IAD to work with an ATM T-1. Interface comes up, PVCs come up, but no IP connectivity. Traffic counters on the interface and PVCs increment, but no IP (ping) connectivity. Can't even ping myself.
    Config below
    version 12.4
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    no service password-encryption
    hostname Router
    boot-start-marker
    boot-end-marker
    card type t1 1
    logging buffered 51384 debugging
    enable password cstc
    no aaa new-model
    clock timezone EST -5
    clock summer-time EDT recurring
    network-clock-participate T1 1/0
    network-clock-participate T1 1/1
    network-clock-select 1 T1 1/0
    ip arp gratuitous local
    voice-card 0
    controller T1 1/0
    mode atm
    framing esf
    linecode b8zs
    controller T1 1/1
    framing esf
    linecode b8zs
    interface FastEthernet0/0
    ip address 24.97.148.116 255.255.255.240
    duplex full
    speed auto
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    interface ATM1/0
    ip address 10.33.1.1 255.255.255.0
    no atm ilmi-keepalive
    atm uni-version 3.1
    arp arpa
    arp timeout 900
    pvc VoicePVC 5/185
    vbr-rt 106 64 11
    encapsulation aal2
    pvc DataPVC 5/189
    vbr-nrt 96 96 1
    encapsulation aal5snap
    protocol ip inarp
    pppoe max-sessions 5
    pppoe-client dial-pool-number 1
    ip default-gateway 24.97.148.xxx
    ip http server
    no ip http secure-server
    ip route 0.0.0.0 0.0.0.0 24.97.148.xxx
    access-list 101 permit ip any any log
    control-plane
    line con 0
    line aux 0
    line vty 0 4
    access-class 3 in
    password cisco
    login
    ntp server 64.246.130.xxx
    sho int atm 1/0
    ATM1/0 is up, line protocol is up
    Hardware is NetGX ATM TC
    Internet address is 10.33.1.1/24
    MTU 1500 bytes, sub MTU 1500, BW 1536 Kbit, DLY 20000 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ATM, loopback not set
    ARP type: ARPA, ARP Timeout 00:15:00
    Encapsulation(s):, PVC mode
    511 maximum active VCs, 2 current VCCs
    VC Auto Creation Disabled.
    VC idle disconnect time: 300 seconds
    Last input never, output never, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: Per VC Queueing
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
    721 packets input, 40376 bytes, 0 no buffer
    Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
    0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
    919 packets output, 54482 bytes, 0 underruns
    0 output errors, 0 collisions, 2 interface resets
    0 output buffer failures, 0 output buffers swapped out
    sho atm pvc
    Router#sho atm pvc
    VCD / Peak Avg/Min Burst
    Interface Name VPI VCI Type Encaps SC Kbps Kbps Cells Sts
    1/0 VoicePVC 5 185 PVC AAL2 VBR 106 64 11 UP
    ( 64)
    1/0 DataPVC 5 189 PVC SNAP VBR 96 96 1 UP
    ( 96)
    sho ip route
    Gateway of last resort is 24.97.148.113 to network 0.0.0.0
    24.0.0.0/28 is subnetted, 1 subnets
    C 24.97.148.112 is directly connected, FastEthernet0/0
    10.0.0.0/24 is subnetted, 1 subnets
    C 10.33.1.0 is directly connected, ATM1/0
    S* 0.0.0.0/0 [1/0] via 24.97.148.113
    Ping to 10.33.1.254 results in an "Incomplete" entry in the arp table.

    1. Saving the configuration and reload the router.
    2. Do a "shut" and "no shut" to the interface after config.

  • Credential windows issue on CISCO VPN 5.0.07.0410

    Hi,
    i have 2 laptop same HW with windows XP ( last OS update released ) on both laptop installed CISCO VPN 5.0.07.410 with same installation pack and procedure, both laptop work under 3G connection when try to connect with VPN, 
    On one laptop when put my credential on connection windows ( windows popuped after pressed "connect" on VPN CLIENT ) no receive any errors on screen, but CISCO VPN Client prompt me again a credential windows and reprompt this windows again and again everytime i put my credential on it.
    If try on other laptop all work fine, no credential windows loop.
    I tried to repair and reinstall CISCO VPN client but receive same issue
    Any one have same helps for me?
    Thanks

    Install Citrix Deterministic Network Enhancer to solve Cisco IPSec VPN issue with Windows 8/8.1. Check below guide,
    http://www.vmwareandme.com/2013/12/solved-windows-8-and-windows-81-cisco.html
    www.mytricks.in

  • Issues with cisco 1242 aironets

    We are currently experiencing and issue with the 1242 AG Wireless Access Points. We have have them configured as 1 Root Access point and 3 Repeaters. The repeaters seem to be experiencing frequency interference issues. The Root AP is using antenna model 2506 and the repeaters 1728's.
    What happens is when the repeaters are first started up, they see / communicate to the root access point fine, but within 5 minutes they stop communicating. If we manually set the channel to something different, they see each other for 5 - 10 minutes then eventually disappear and cannot be ping'd or seen with a sh cdp nei.
    We have tried various combinations of settings so far. Have tried channel 1 - 13 and the least conjested frequency mode. It usually settles on channel 8 when we put it in that mode. But it is the same sceneario each time. All 3 repeaters show up almost instantly after a channel change, but slowly disappear in less than 10 minutes.
    Here is our config:
    Version
    Cisco IOS Software, C1240 Software (C1240-K9W7-M), Version 12.4(21a)JA1, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2009 by Cisco Systems, Inc.
    Compiled Wed 16-Sep-09 19:06 by prod_rel_team
    ROM: Bootstrap program is C1240 boot loader
    BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.3(7)JA1, RELEASE SOFTWARE (fc1)
    ROOTAP uptime is 2 days, 3 hours, 14 minutes
    System returned to ROM by power-on
    System image file is "flash:/c1240-k9w7-mx.124-21a.JA1/c1240-k9w7-mx.124-21a.JA1"
    cisco AIR-AP1242AG-E-K9    (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
    Processor board ID FCZ112782K9
    PowerPCElvis CPU at 262Mhz, revision number 0x0950
    Last reset from power-on
    1 FastEthernet interface
    2 802.11 Radio(s)
    32K bytes of flash-simulated non-volatile configuration memory.
    Base ethernet MAC Address: 00:1C:58:B1:72:2E
    Part Number                          : 73-10256-06
    PCA Assembly Number                  : 800-26918-05
    PCA Revision Number                  : A0
    PCB Serial Number                    : FOC11262N5Z
    Top Assembly Part Number             : 800-29233-01
    Top Assembly Serial Number           : FCZ112782K9
    Top Revision Number                  : A0
    Product/Model Number                 : AIR-AP1242AG-E-K9
    Configuration register is 0xF
    Root AP Config
    Current configuration : 1987 bytes
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname ROOTAP
    no aaa new-model
    dot11 syslog
    dot11 activity-timeout client maximum 120
    dot11 activity-timeout repeater maximum 300
    dot11 ssid WIRELESS
       authentication open
       authentication key-management wpa
       guest-mode
       infrastructure-ssid
    username user privilege 15 secret 5 password
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption mode ciphers tkip
    ssid WIRELESS
    antenna gain 5
    parent timeout 10000
    channel 2417
    station-role root access-point
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    shutdown
    no dfs band block
    channel dfs
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 192.168.2.10 255.255.255.0
    no ip route-cache
    ip default-gateway 192.168.2.1
    ip http server
    ip http authentication local
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    bridge 1 route ip
    line con 0
    privilege level 15
    logging synchronous
    login local
    stopbits 1
    line vty 0 4
    privilege level 15
    logging synchronous
    login local
    stopbits 1
    line vty 5 15
    privilege level 15
    logging synchronous
    login local
    stopbits 1
    end
    Repeater Config
    Current configuration : 1764 bytes
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname REPEATER03
    no aaa new-model
    dot11 syslog
    dot11 ssid WIRELESS
       authentication open
       authentication key-management wpa
       guest-mode
       infrastructure-ssid
    username user privilege 15 secret 5 password
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption mode ciphers tkip
    ssid WIRELESS
    antenna gain 5
    parent timeout 10000
    station-role repeater
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    shutdown
    no dfs band block
    channel dfs
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 192.168.2.13 255.255.255.0
    no ip route-cache
    ip default-gateway 192.168.2.1
    ip http server
    ip http authentication local
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    bridge 1 route ip
    line con 0
    privilege level 15
    logging synchronous
    login local
    stopbits 1
    line vty 0 4
    privilege level 15
    logging synchronous
    login local
    stopbits 1
    end
    We are wondering if you have any tips to get around this.
    Also,  should these access points be able to handle ~200 clients? How close to the root access point should the repeaters be placed? I basically just go until my signal gets low and put a repeater within that range. Could vary from 30-60 meters away.
    Thanks

    Also,  should these access points be able to handle ~200 clients?
    APs, in theory, can handle >1,200 clients.  In theory.  In practice, Cisco recommends between 12-25 clients.  Imagine if you have, say, 50 clients and they are trying to access the network on a 100 Mbps FastEthernet connection.  That slows them down, right?  But consider wireless as a broadcast.  One talks and the rest listens.

  • Issues with Cisco Prime LMS 4.2.3

    Hi,
    I'm trailing Cisco Prime LMS 4.2.3 Soft appliance on ESXi before I deploy it into a live environment and am having some issues.
    I've upgraded to version 4.2.3 and the box was working fine after the upgrade however on power it up today the Apache service will not start.
    If I look at the LMS application I see this for the Apache service.
    "Apache                Administrator has shut down this server   0 "
    I have tried to starting it.
    CiscoLMS42/admin# application start Apache
    % Application failed to start
    CiscoLMS42/admin#
    If I run an application operation debug at the same time I get the following output.
    CiscoLMS42/admin# 6 [5343]: application:operation cars_install.c[1145] [admin]: Application initialization initiated for appname: Apache, operation: 0
    7 [5343]: application:operation cars_install.c[1146] [admin]: Operations: O-APP_START, 1-APP_STOP, 2-APP_STATUS
    6 [5343]: application:operation cars_install.c[1150] [admin]: Verifying app (Apache) is installed ...
    3 [5343]: application:operation cars_install.c[1152] [admin]: App (Apache) is not installed.
    3 [5343]: application:operation install_cli.c[281] [admin]: Error while starting application  - Application: Apache ErrorCode: -999
    I'm at a complete lose as to where to look next, failing anything else I'll have to rebuild it, but it would be nice to know how to get the Apache up and running again.
    regards
    Rich

    Hi Richard,
    I see the following:
    [ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor After gettingAJPPort : ajpPort = 9009 and host =CiscoLMS42
    [ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor theMgr constructor successful.
    [ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor Inside whileloop
    [ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor Tomcat is not ready, it's coming up Connection refused
    It looks like the hostname cannot be resolved. Can you try to add a static entry in /etc/hosts for the IP of the server and CiscoLMS42?
    Restart the daemon manager and it should work.
    Regards,
    Vlad
    ==========
    NMS Team
    Krakow, Poland
    Cisco TAC

  • Driver issue with Cisco HD Precision / JFV 4.4

    Hi,
    Just to installed Jabber for Video4.4 on my laptop ( win7 64bits)
    all works fine except the video!! i use a Cisco HD precision wih Jabber, may be a driver issue, the camera is not recognized.
    When i selected my integreted camera from laptop, the video is going up.
    i've already the same issue with Jabber Video 4.3.
    Does anyone has got the same issue? Any idea?
    Thanks

    Thread back from the dead...
    I have this exact scenario playing out today trying to use a PrecisionHD USB camera with Windows 7. Completed the 1.5 update listed here and following the update I see the results in the picture. The LibUSB device is present, and it looks like a Tandberg HD camera is known to the system, but not accessible/usable.
    Anybody have success with this issue or have any additional ideas to try?

Maybe you are looking for

  • Releasing Sales Orders from SNP to DP at correct levels

    We have a requirement where we want to do month to date tracking of sales orders in DP compared with the forecast. We have three important characteristics in DP at which we want the data to be released - Product, Location and Customer. Is there a way

  • Problem arise while running a appln

    Starting WLS with line: C:\Oracle\MIDDLE~1\JDK160~1\bin\java -client   -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m  -XX:MaxPermSize=512m -Dweblogic.Name=DefaultServer -Djava.security.policy=C:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\w

  • Runtime error and unable to create new web application

    Hi when i create new web application i faced this error Runtime error and unable to create new web application. in this farm we have 2 wfe servers 2 application servers. adil

  • How do I view photos in trash

    There are photos in my trash directory which  i want to restore to their proper albums but I can't view them in order to drag them to the place they belong.  Is there a way to view these photos by album or individually and is there a way to move them

  • Creative Suite 6 installation stuck on windows 7

    Bought creative suite 6 Design and Web Premium and started the installation on windows 7 Went with default installation and selected all (default)..  After around 20 min or so it keeps accessing CD drive while installing acrobat X.   Looks like it go