Laptops re-association

Similar Messages

• Concept of association and authentication?

  Hello, hope someone can enlighten me on this.  We have a 5508 WLC with a few WAP's (1131's and 1242's).  Our wireless clients use certificate base authentication against our AD (i.e. both computer cert and user cert are required).  However, from time to time I see clients being associated but not authenticated as reported by the WLC.  Could it be possible, as some literatures indicate that a client can only be "associated" after it's successfully authenticated?  Perhaps I'm not quite clear about the concept.  Thanks in advance.
  Eric

  Hey Eric,
  Clear as mud isn't it
  I like to think of it this way, in the Library at our campus
  there are hundreds of students most are using laptops. If we look at the AP's
  in this area we might see 120 Associations for example but we may only see 65
  Authentications. In this case 55 users laptops have Associated but not gone
  through the Authentication process.
  Here is Cisco's explanation;
  Wireless Client Association
  In the client association process, access points send out beacons announcing one or more SSIDs, data rates, and other information. The client sends out a probe and scans all the channels and listens for beacons and responses to the probes from the access points. The client associates to the access point that has the strongest signal. If the signal becomes low, the client repeats the scan to associate with another access point (this process is called roaming). During association, the SSID, MAC address, and security settings are sent from the client to the access point and checked by the access point. Figure 3-6 illustrates the client association process.
  Figure 3-6 Client Association
  A wireless client's association to a selected access point is actually the second step in a two-step process. First, authentication and then association must occur before an 802.11 client can pass traffic through the access point to another host on the network. Client authentication in this initial process is not the same as network authentication (entering username and password to get access to the network). Client authentication is simply the first step (followed by association) between the wireless client and access point, and it establishes communication. The 802.11 standard specifies only two different methods of authentication: open authentication and shared key authentication. Open authentication is simply the exchange of four "hello" type packets with no client or access point verification, to allow ease of connectivity. Shared key authentication uses a statically defined WEP key, known between the client and access point, for verification. This same key might or might not be used to encrypt the actual data passing between a wireless client and an access point based on user configuration.
  http://www.ciscopress.com/articles/article.asp?p=1156068&seqNum=3
  Cheers!
  Rob

• Lightroom running on PC and Laptop

  I am running Lr on two computers.  The image files are stored on a shared network drive.  Each copy of Lr has its own catalog.  Lightroom on my laptop is configured to always write sidecar XMP files.  Lr on my desktop is not configured to write sidecar files.  I have converted all my raw files to dng.  My understanding is that now that my files are in dng format, the Lr “develop” setting are written into the dng files (and in the case of work done on my laptop, the associated sidecar file). Forget about jpg, tif, and psd files.  I am only interested is how the two copies of Lr interact with the dng files on my network drive.  I have read Martin Evening’s Lr 4 book over and over concerning metadata “develop” data, in particular, his section concerning  “Where is the truth?”.  Reading Martin’s book, I am tempted to believe that the Lr catalog “develop” metadata on each computer will be selected despite the fact the “develop” metadata was changed (both in the dng file and, if the changes were made on my laptop, the sidecar file) by the other computer.  Is that correct?  Or, if I make changes to the image on one computer, will Lr alert me to the changes on the other computer?  If it does alert me to the changes, can I disregard the update and keep different “develop” settings of the same image file based on the differences between the Lr catalogs on each machine?

  For the changes you make on the laptop to make it to the desktop, you'll need to tell LR on the desktop machine to read the metadata from those images. Yes, you'll be given a warning that the image metadata doesn't match the catalogue metadata.
  That said, I wouldn't do it that way. There are just too many ways that you can mess yourself up. Two catalogues for one set of images is one catalogue too many.
  A much simpler, more bulletproof scheme would be to have both your catalogue and images on an external drive and plug it into the machine you want to do your work on. Or keep your images on the network and just have the catalogue on the external. Or pass the catalogue to the machine where you want to do your work.
  Hal

• Can't see all devices from one AccessPoint to another? What is best setup to extend wireless coverage?

  We have just moved into a new apartment with concrete walls, hence WiFi signal is quite weak in the other end of the apartment.  Not all devices can see each other depending on which AP i am associated to.
  Basically I want to have any wired/wireless devices be able to see my NAS/Office based components and keep the LivingRoom tidier.  Only device in LivingRoom will be ISP components and AppleTV.
  Some additional notes on current setup
  - LivingRoom has the ISP issued Router/AccessPoint
  - the ISP Router/AP is currently setup as a) AccessPoint b) DHCP server and c) default gateway to get to the Internet
  - LivingRoom AP SSID is 'LivingRoom'
  - DHCP pool is on the 192.168.1.0/24 range
  - Default GW is 192.168.1.254
  - in the LivingRoom i am also using the Router/AP ethernet ports for AppleTV
  - connected to the Router/AP is a long Ethernet cable to the other end of the apartment in the Office
  - on other end of the long Ethernet cable is an Airport Extreme in the Office on the WAN port
  - the AirportExtreme is setup in 'Bridge' mode
  - Connected to the Office_AirportExtreme is a) a NAS device physically in the Office via Ethernet cable b) WebCam in BedRoom2 via WiFi
  - Office_AirportExtreme SSID is 'Office'
  - all devices confirmed are assigned an IP from the LivingRoom Router/AccessPoint and on the 192.168.1.0 pool
  - at this time in only have WebCam and NAS however Plex and Desktop coming shortly as we are still unpacking
  Issue
  a) When my laptop is associated to SSID 'Office' i can see the NAS and WebCam; able to PING and hit via HTTP
  b) When my laptop is associated to SSID 'LivingRoom' i CANNOT see the NAS/WebCam;  I am unable to hit the two devices behind the Office_AirportExtreme via PING/HTTP and I am able to surf the Internet, however cannot see the NAS/WebCam
  Question
  a) is there some other config on the Office_AirportExtreme that must be done to disable any Firewall type capabilities that is limiting the ability for devices on other side of the Office_AirportExtreme from seeing the devices behing the Office_AirportExtreme?
  b) is this ideal config?
  c) is it typical to have different SSID?  would like to get to just single SSID for the apt, however not sure if there will be conflict i'm not aware of.
  Totally open to any suggestions on others that have done this before to avoid reinventing the wheel...
  See pic below... 
  Thx -Ray

  Note that after additional poking around and disabling Wi-Fi all together confirmed that when wired to either the ISP Router/AP or the Office_AE, i am able to see both NAS and WebCam behind the Office_AE. 
  The issue seems to be with the ISP Router/AP where by there is a difference in behavior when connected via Wi-Fi vs Wired.  All is well with the AirportExtreme from what i can gather.
  i'm just going to pickup a separate Wi-Fi access point to provide coverage for the LivingRoom area instead of trying to figure this out further.  
  FYI.  I am in Singapore using SingTel Fiber service and the ISP Router/AP i am using is Aztech DSL7000GRV(S)

• Cannot Roam/Extend with WAP54G and WRT54G

  I purchased a WRT54G wireless router originally and found that the signal was quite weak on the other side of my 4000sf home on adjoining floors. So I purchased a WAP54G to *extend* my network. I have never gotten this to extend the range as claimed by Linksys. This is entirely frustrating. The manual is fairly useless as a troubleshooting guide.
  Further, the manual differs from advice on this forum! The manuals says to make sure the SSID, channel and security settings are identical. When I tried this configuration, my laptop did not associate with the better signal of the WAP54G, but still connected to the worse signal of the main WRT54G. So then I saw a post on this forum that said the channels should be different. I tried setting the WRT54G to channel 6 and WAP54G to channel 1. Same results. The laptop is associating with the main router. I have disabled security through the process. I only use MAC addresses to restrict access to cients.
  Then I wondered if my laptop's wireless adaptor firmware could be the problem. I found a post somewhere that said one should try changing the "roaming aggressiveness" parameter in the driver. I played with this an it had no effect either. It still associates with the main WRT54G router.
  I am totally confused and disappointed. I am getting the feeling that Linksys doesn't really have a viable solution here. I would appreciate someone from Linksys/Cisco providing a thorough post on how to make this work properly.
  Thanks.

  HI , the one point that interested me was that even though your laptop was able to see the signal of the AP , it was still connecting to the SSID of the router.
  One suggestion here....try and remove all networks from under the preferred network list on your PC..(from the wireless connection properties). then add the preferred networks and define the preference list.
  Let me know if this works for you.

• WLC 5508 - Clients disconnecting

  I am running WLC 5508 7.2.111.3 with some 2602i AP.
  Last week one user reported his new macbook pro 2013 was encountering connectivity issues.His older macbook pro 2009 was working perfectly.
  The user is sitting in the middle of 2nd floor having equal distance from second's floor access points.
  The problem is that his Macbook pro 2013 was persistently trying to associate with 3rd's floor Access Points. Whatever i tried to do (deauthenticate user,rebooting 2nd & 3rd floor APs) the connection was persistent to 3rd floor Access Point. Even when i tried to install an Access Point in the user's office his Macbook Pro 2013 refused (!!!) to leave 3rd's floor Access Points.However his Macbook pro 2009 was always connected to the nearest Access Point (either to 2nd floor Access Points or to the newly installed access point in his office).
  This week i had two visitors in 4th floor reporting that their Laptops (Sony Vaio) were doing very slow with the wireless.
  When i tried to troubleshoot i found in the controller that their laptops were associating with 4th floor Access Points and after a minute they were disconnected and trying to associate to Ground Floor (!) Access Points. Of course they couldn't establish a connection and then associated again with 4th floor access points and after a while disconnected and trying to associate to Ground Floor Access Points
  I tried to debug client with Sony Vaio and saw in the controller the following message
  *apfMsConnTask_7: Mar 24 10:42:15.473: %APF-4-INVALID_ACTION_CATEGORY: apf_wme_utils.c:5481 Could not process 802.11 Action. Received Action frame with invalid category field(not supported by controller) from client. Mobile:*********, Category:7.
  I also see a lot of these messages for other clients.
  *apfMsConnTask_3: Mar 19 12:03:54.243: %APF-4-ASSOCREQ_PROC_FAILED: apf_80211.c:5275 Failed to process an association request from c8:6f:1d:24:0e:7d. WLAN:5, SSID:************. mobile in database timed out.
  Am i hitting any bug similar or equal to CSCue53980?

  have you tried with open authentication ( no security ) ? Check if client is able to associate then

• Internal Web Authentication + Local Net User

  Hi all,
  I'm trying to setup the WLC with internal web authentication + local net user account. I've setup a WLAN for this local net user configure the user profile map to this WLAN.
  When the laptop get associated with the designated WLAN, and user tried to browse to the internet, the internal web authentication page doesn't appear on the browser.
  I'm just curious is there any DNS server require in order to direct the user entered URL request to the virtual interface?
  regards.

  Well if you are using webauth for guest users, you really want to have an open ssid and wither have a username and password on the wlc or use a passthrough webauth where the guest users just have to click submit or accept. If you are using this for internal users, then you really shouldn't use webauth since this will not be single sign on. Again, you can if you want your internal users to sign on again. There is wpa/wpa2 PSK and then there is wpa/wpa2 8021.x in which this will require either using local EAP or a Radius Server. Ther radius server will either have the local user accounts or you can point this to AD. Depending on if you use EAP-PEAP (certificate on the radius server only) or EAP-TLS (certificate on both the radius and clinet) you will need a certificate.
  For webauth only, you do not need a certificate on the user or radius server, a certificate will be required on the wlc if you don't want users to be promted with a certifcate error message. 5.1 supports unchained certificates, but I always use RapiddSSL for a root ca cert just to make deployment mush simpler for the client. So webauth and EAP will require certifcates with webauth being optional.

• Repeater does not forward data packets

  Hello all!
  I have following setup:
  A root access-point ap1, model AIR-AP1231G-E-K9 with IOS 12.3(8)JEE, is configured with one SSID on VLAN 1 (native) and working fine.
  Now I would like to add a 2nd access-point ap2 of the same model with the same IOS version as a repeater to extend the WLAN coverage of the overall network.
  I managed to configure the 2nd access-point successfully as repeater (same SSID settings, infrastructure ssid set, parent 1 mac-address set) and it associates successfully with the main root access-point.
  Now I observe following effect: As soon I leave the coverage area of the first AP and enter the area of the repeater, the client (iPhone, Laptop or any other WLAN device) associates successfully to the repeater (confirmed with "show dot11 ass" and due to the log entries of the repeater) but the data packets are not forwarded to the main access-point. There is no IP connectivity to the root AP or internet anymore.
  Another example which might lead to the solution is following observation:
  I have my laptop connected to the wireless network with two console sessions open. In one I run a ping to the first AP, ap1 (10.200.3.5) and in the other console I run a ping to the repeater ap2 (10.200.3.6). Both access-points reply.
  Now if I enter the coverage area of the repeater, my laptop gets associated to it and the ping to the first AP ap1 times out.
  Again, it looks like that the repeater denies to forward traffic to the main root AP.
  I have no clue why this happens, nor are there any log messages available which might explain this issue.
  I hope someone can help me finding the problem.
  The configuration of the working root access-point ap1 as the repeater ap2 is attached.
  Thank you!
  Best regards,
  Bernhard

  You  have configured sub-interface on radio interface & not in ethernet interface at Root AP end. change the config like below & see.
  dot11 ssid Internet Las 3 Marias
     vlan 1
     authentication open
     authentication key-management wpa
     guest-mode
     infrastructure-ssid
     wpa-psk ascii 7 xxxx
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption vlan 1 mode ciphers aes-ccm tkip
  encryption mode ciphers aes-ccm tkip
  bridge-group 1
  ssid Internet Las 3 Marias
  speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
  channel 2412
  station-role root access-point
  world-mode dot11d country-code US both
  interface Dot11Radio0.1
  encapsulation dot1Q 1 native
  bridge-group 1
  Here is a reference post for a similar setup (vlan 110 is native vlan though)
  http://mrncciew.com/2013/01/20/autonomous-ap-repeater/
  Also suggest to configure WPA2/AES (instead of WPA/TKIP), if it is supporting in this AP model, command syntax is like below.
  dot11 ssid xx
  authentication key-management wpa version 2
  int d0
  encryption mode ciphers aes-ccm
  Let us know how it goes
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Car Mains Invertor for powering a Qosmio G10 -133

  Is there a car adapter compatible with the G10 & if so could you provide details - I read the thread relating to the F10 car adapter but could not find the car adaptor referred to therein.
  I read in http://www.laptopbits.co.uk/Database_files/Mains_Invertors.htm
  that mains invertors are preferable & intend purchasing a Powerpack 200 from Halfords which can power up to 300 watt items like laptops. Is this preferable to a car adapter & what if any dangers to my laptop are associated with using this means of powering the G10 133

  Thanks but as the PX1188E-1NPO car adaptor costs 90, I bought the Portable Power Pack 200 referenced above for 70 which has additional functions which I need. The question remains however, about whether the power invertor (300W 12v-240v )may damage my laptop when used with the Toshiba mains adaptor?
  PS I re-registered using doc 1 as I couldn't log in easily using my original details.

• WLC5508 Interface Configuration

  I have the 5508 up and can access GUI. However, I'm having trouble with the management interface and the dynamic ap management interfaces.
  I have 4 physical ports connected.
  Port 1 - Management Interface -untagged- 3750 Switch 10.3.1.24 vlan 31 - dynamic ap management turned on
  Port 2 - ap-management-port2 -untagged- 3750 Switch 10.3.30.20 vlan 330 - dynamic ap management turned on
  Port 3 - ap-management-port3 -untagged- 3750 stack sw1 10.3.30.21 vlan 330 - dynamic ap management turned on
  Port 4 - ap-management-port4 -untagged- 3750 stack sw2 10.3.25.20 vlan 325 - dynamic ap management turned on
  I have the switch ports configured as trunks with native vlans as shown above. Is that right?
  Also, I have messages in the logs stating that the controller is getting join requests on ports 2, 3, 4 on non-management interface...?
  The interfaces that I have my AP connected to are set as trunks also with their corresponding VLANs.
  Our goal is to have the port 1 management interface on a different vlan same as our server farm, used for GUI only. The other interfaces/ports 2-4 are going to be the ones that the APs talk to...Or so I think...
  Would it just be easier to put my Port1 management interface on the same subnet (10.3.30.19) as my other ports 2-3? I'm going to eventually move port 4 to the 10.3.30 subnet after i reconfigure my APs to point to the new ap-manager ip once i figure out what thats going to be...

  It's configured as Non-LAG.
  I went ahead and changed all my ports including the management port which resides on port1 with backup port2 to the same VLAN. So now it's as follows:
  Port1-management-dynamic-ap-enabled-10.3.30.20 untagged on WLC
  Port2-dynamic-ap-enabled-10.3.30.22 untagged on WLC
  Port3-dynamic-ap-enabled-10.3.30.23 untagged on WLC
  Port4-dynamic-ap-enabled-10.3.30.24 untagged on WLC
  The ports from the WLC is connected to two different switches in different rooms. The switchports that the WLC are connected to are configured like this:
  description description 003-5508WLC-1 Port 4
  switchport trunk encapsulation dot1q
  switchport trunk native vlan 330
  switchport mode trunk
  speed 1000
  duplex full
  no mdix auto
  I currently have access to the GUI via the Management address 10.3.30.20, so that works, I also have 5 joined APs on different ports, so thats ok...
  There is only 1 laptop configured with the new SSID and that laptop is associated and authenticated, it did get an IP address from DHCP using the subnet that the interfaces for that SSID (APGroup WLAN) was assigned. So I think it's working, i'm just not sure if this is the best meathod.
  Someone else said that youre not supposed to have your management address on the same subnet as your other AP manager interfaces/ports, but it's working fine.

• I have an iMac, an iPhone, and a MacBook Pro.  My full iTunes library is on the iMac and iPhone, but only a handful of songs are on my MacBook.  They are all associated with the same Apple ID.  How do I get all of my music on the laptop?

  I have an iMac, an iPhone, and a MacBook Pro.  My full iTunes library is on the iMac and iPhone, but only a handful of songs are on my MacBook.  They are all associated with the same Apple ID.  When I try to sync, I get a warning message stating that I will lose songs on my phone which aren't on the laptop.  How transfer my music from my phone to the laptop?

  Hey kbert73
  I would do a transfer of purchases from the phone and not sync. If you sync then it will want to start over and sync music that is on the MacBook Pro. If you want to transfer the music, check out the article below that will give you multiple options on how to move. I have also provided on how to sync with multiple computers.
  iTunes: How to move your music to a new computer
  http://support.apple.com/kb/ht4527
  Using iPhone, iPad, or iPod with multiple computers
  http://support.apple.com/kb/ht1202
  Thanks for using Apple Support Communities.
  Regards,
  -Norm G.

• My friend wants to put music on their iPhone 5C but they do not have a laptop with iTunes that hasn't been associated with another iPhone/iPod. Is there any way they can skip linking their phone to the iTunes and JUST get the music?

  The iPhone has not been associated with any iTunes as I was a little scard to connect it to mine as I do not want all my friend's apps on my phone. Also, we use different apple IDs so would we be able to have two apple IDs associated with one computer?
  SO CONFUSED.
  Please help!

  Your friend can get a new Apple Id for themselves, and create a different account on one of the laptops. Then put all their music in a separate iTunes library, and sync the phone to that particular library.
  This will keep there music separate from your library and their brother's library.
  Just make another User on your computer for your friend to store their music in.

• How to download music from an ipod that has someone elses apple Id associated with it to my laptop

  How to download music from an ipod that has someone elses apple Id associated with it to my laptop?

  BigG13 wrote:
  How to download music from an ipod that has someone elses apple Id associated with it to my laptop?
  You cannot... that is called Stealing. If you want the Music... Purchase it.

• Have Spotfy, Facebook App on home computer, trying to open on laptop and get this ERROR CODE: Firefox doesn't know how to open this address, because the protocol (spotify) isn't associated with any program. How can I fix?

  I have used Spotfy Music App on Facebook on my home computer, now trying to use on laptop, and i get this ERROR CODE: Firefox doesn't know how to open this address, because the protocol (spotify) isn't associated with any program. How can I fix this? Thanks in advance for any help

  Hi,
  You may have to install the Spotify application on the laptop to get Spotify protocols recognized.

• I recently updated my new iPhone by plugging it in to my laptop. However, it erased all of the texts, contacts and pictures associated with my phone prior to the update. How do I get that information back?

  I owned an iPhone 4s a year ago before I unfortunately lost it. I have since then bought the iPhone 5 but had not plugged it in to my computer yet to download any music. I plugged in my iPhone today to my laptop and my iTunes store stated that it registered that it was a new iPhone and asked if I wanted to restore or update my new iPhone with the information that was backed up on my old one. I chose yes, that I did want to restore the old information in to my new iPhone. However, now that I did that, my new iPhone does not have any of the contacts, texts or pictures that I had already on my new iPhone.
  I desperately want my information back that was lost on my new iPhone when I updated the phone. Is there any way to get those pictures and information back? I logged in to my iCloud account and it still did not help get my pictures, contacts or texts back.

  BarnsleyMif wrote:
  I have recently updated my software on the new iPhone and when it backed up it backed up to the old iPhone
  No such thing has occurred.  iPhones do not backup to one another.
  It is not possible to backup a different iPhone from the one being updated.
  If the iPhone was restored with a backup from a different device, restore it again from the correct backup.
  BarnsleyMif wrote:
  how can I get all my new stuff back and stop it from happening again?
  Pay attention when restoring the iPhone and select the correct backup to restore from.