Multiple SSIDs and NPS
I have a WLC setup with one ssid (ssid A) using Web auth tied back to NPS with the requirement be that you have to be in the domain users group to authenticate. It works fine. I have SSID B setup using eap-tls with the requirement of the pc having to be in the domain computers group. This work as a new user can login to the pc without having ever logging into it before. When I try and take my person pc and join ssid b it get an error as expected. But if I take my android phone and tell it to accept any certificate unspecified it will be allowed to join and i think its because it may be failing against the first match which may be the domain users requirement but matching on the domain users group requirement. It seems that the fail through is the issue.
You need to see how devices are passing via NPS. With webauth, it should only allow username and password and EAP-TLS should only allow machine. So when you create your NPS policy, webauth should point to only the OU and EAP-TLS should point to your domain computer OU.
Move SSID B before the SSID A policy. You can also add a called station id for the EAP-TLS SSID using something like:
..-..-..-..-.-..:SSIDB
The dot is a wildcard for the Mac address.
Sent from Cisco Technical Support iPhone App
Similar Messages
-
Multiple SSIDS and disappearing
We have Cisco 3602i access points for the most part, all of which advertise multiple SSIDs.
Very occasionally we see an SSID completely disappear from view, even though others remain solid (I can't say it's all devices as the majority of people who raise the issue have apple devices, but there are the odd one or two who use Windows laptops).
Also, the RSSI seems to fluctuate wildly.
I should add that we have disabled up to 11mbps data rates on the controller and we're running 7.6.100.0 currently, but plan to upgrade to 7.6.110.0 tonight.
I guess my question is how can an SSID just drop off the client view if others on the same AP are fine?
How does the AP deal with multiple SSIDs and does it prioritise?
I have to add that I've never had this issue and I'm just using a company standard HP laptop with an Intel chipset.Hello,
See my comments:
Also, the RSSI seems to fluctuate wildly.
A: This is often how a device hears the frames. Sometimes in high interference you can epxect this to jump around. I normally like to see if all the devices are doing this or just a select few. Sometimes poor clients jump around more than others.
I should add that we have disabled up to 11mbps data rates on the controller and we're running 7.6.100.0 currently, but plan to upgrade to 7.6.110.0 tonight.
A: I dont think turning off lower rates are bad unless your WiFi cant support the design. Good call get on the latest.
I guess my question is how can an SSID just drop off the client view if others on the same AP are fine?
A: Again, its a client missing frames like beacons.
How does the AP deal with multiple SSIDs and does it prioritise?
A: This SSIDs are virtualized. I blogged how this is done:
http://www.my80211.com/home/2011/5/2/wlc-how-cisco-virtualizes-the-base-radio-mac-address-on-the.html
I have to add that I've never had this issue and I'm just using a company standard HP laptop with an Intel chipset.
A: Again I think if you search you might see this is more around specific devices. I would do a packet capture and see what is going on. Recently had to troubleshoot an Android only to find out it was just bad wifi client. Always sending NULL frames and scanning and not passing traffic -
Multiple SSIDs/VLAN - NPS Authentication
I have recently set up a similar network using Ruckus equipment; however, need to do it now with Cisco...
I have a multiple SSIDs associated to different VLANs broadcasting. I would like to configure a single Radius server pointed to my NPS server and allow for authentication by group to each SSID.
With Ruckus I had to put in a vendor specific custom attribute and then use Roles to allow access by AD Security Group.
Does anyone know how to setup something similar with Cisco? I just need a single group to be able to autheticate to each SSID.
Josh PriceThis is pretty straightforward.
Just create a NPS policy for each SSID.
A simple policy could check 3 conditions.
Windows Groups = DOMAIN\GroupABC
Called Station ID = .*:SSIDNAME$
NAS Port ID = Wireless IEEE or Wireless Other
Just change SSIDNAME to whatever the specific SSID is, and obviously the group that you want mapped. The SSID condition uses regex.
Cheers
Peter -
Single access point with multiple ssids and single channel possible?
Hi everybody.
I have this silly question.
Let say we have three vlans, vlan1,2,3 and they are mapped to wlans as follows:
Vlan 1 ssid1
Vlan 2 ssid2
Vlan3 ssid 3
AP --------trunk------Switchted network.
Our Ap has mobile devices in three wlans, i.e ssid1ssid2 and ssid3
Since AP uses half duplex mode, mobile devices need positive ack from ap before they can send data, therefore once channel let say channel 3( assuming 802.11b is used) can be shared by all mobile devices in three wlans.
Is my understanding correct?
Thanks and have a great weekend.Hii ,
Yes ,that is pretty much possible as suggested by other experts on board. Depending on your access point you will have 1 (2.4 GHz) or both 2.4 & 5GHz radios.
You can configure multiple SSIDs (up to 16 ) known as MBSSID mode in autonomous environment. In Controller based architecture you can configure up to 512 WLAN (SSID) and transmit any 16 of them per AP (using AP group feature). However , it is recommended to keep multiple SSID count below 8 as for each SSID separate beacon will be sent on air which consumes more air time.
Hope this helps
Thanks
Vinay -
Is it possible to do multiple ssids and encryptions on an autonomous AP without vlans?
I got a customer who just has autonomous APs. They are upgrading from 1210s to 1262s. They are currently running a config that is wide open with no authentication or encryption and using a VPN tunnel on the wireless clients for security. They want to switch to using WPA2/PSK with the new APs. They have existing clients that have to continue to work during the upgrade to the new APs. They run 3 shifts so it is a 24 hr operation with no downtime. What I was thinking would be to configure the 1262 with multiple SSIDs, one with their existing settings and one with the new. Then I could swap the APs one at a time and it would only impact service for a short period of time while I was mounting the new AP. Then once all the new APs are installed I could transition the clients over to the new SSID and encryption then disable the old SSID once all the clients are switched over. I've done this before with a WLC but not with an autonomous APs. The only config examples I can find uses VLANs. This customer is not using VLANs. Is there anyway to use multiple SSIDs with different encryption on a single radio on an autonomous 1262 without VLANs?
The site has about 30 APs and 100 clients. Yes I know a controller would be preferred for a site of this size but that is a question for sales and why they didn't see them a controller. I just get stuck with what they sell them.
thanksHi Don,
Im afraid on the autonmous platform you can not map multiple WLANS to a single vlan.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection." -
Multiple SSIDs and renaming a SSID
Can there be multiple SSIDs pointing to the same vlan/mob grp?
Also can one 'rename' a SSID that is already created or should it be wiped out and a new one recreated?
I assume each SSID needs to be tied to a VLAN unless one is a guest SSID. Can one have 2 guest SSIDs, in other words no security, but different SSID names?You must include at least two profiles in the Auto Selected Profiles Box. The profiles must specify an SSID; otherwise, they cannot be selected in the Available Profiles box. Profiles cannot specify multiple SSIDs; otherwise, they cannot be selected in the Available Profiles box. Each profile that is included in auto profile selection must have a unique SSID. For example,
if Profile A and Profile B both have "ABCD" as their SSID, only Profile A or Profile B can be included in auto profile selection. -
Trying to setup 1131 in autonomous mode with multiple ssids and vlans
hi there,
I'm trying to setup an aironet 1131 in autonomous mode with a WLAN for each VLAN.
I can connect to the SSID "BLUGstaff" but I don't pick up a DHCP address and when I set a static IP I can't anything on the vlan so I can only assume I have made an error.
I have attached the config for the access point.
The switch port the access point connects to has the following config...
interface FastEthernet1/0/3
description ## Access Point ##
switchport trunk encapsulation dot1q
switchport trunk native vlan 121
switchport trunk allowed vlan 1,121-124
switchport mode trunk
spanning-tree portfast
end
Can anyone explain what I've done wrong? Thanks in advance for any help,
HuwHello Huw,
as i see in your confirguartion.
native VLAN is 121. so you have to correct following in your AP configuration
1) interface Dot11Radio0.121
encapsulation dot1Q 121 native
bridge-group 121 ->>>>>>>>>>>>>>>> change this to brige-group 1 , native always tied to bridge group 1
2)
interface FastEthernet0.121
encapsulation dot1Q 121
add also under this sub interface
bridge-group 1
please let me know how it goes.
Kind regards
Talal
==========
please rate answers that you find useful , and mark as answered - when it is :-) - so others can find it easily -
Multiple SSID with different Login Web authority pages
Our current setup is one Anchor control and then several WLC’s, I want to know if I can have multiple SSID and use different Web Auth pages form them, so I can have a SSID that requires a password to Authentication access and another SSID that requires pass through Authentication but they would have different web authentication pages and go to different pages once Authenticated.
Is this possible to ?Hi,
If you are running WLC software 4.2 and above then u can do this on per WLAN basis.. here is the link which tells on how to do it..
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008067489f.shtml#A1
Lemme know if this answered ur question and please dont forget to rate the usefull posts!!
Regards
Surendra -
NPS, wifi, multiple SSIDs - multiple policies?
We are setting up a new wireless network with multiple SSID's. We plan on having an internal network, a guest network, and a personal devices network. The questions is how do authenticate against multiple policies on the same NPS server? Our current NPS server authenticates against AD group AND AD user account for the internal network. If I want to authenticate the personal devices SSID against the NPS, can I set up a different policy for it only?
My understanding is that when a user/device queaeries the NPS, it goes down the policy until it finds a match and then allows access. Is this true? ThanksThanks,
Basically we want to use NPS to authenticate our wireless users and we also want to use NPS to regulate access into our switches/network devices. If I create a policy for example wireless that says If user is part of domain users, then grant access, how do I Create another policy that regulates who can log into my switches? Since the policy matches, it allows the user to log into the switch. Does this make any sense? Do I need a separate NPS/AAA server to authenticate my cisco switches/routers? THanks -
WAP200 and .1x/radius authentication with multiple SSIDs
Apparently it's not possible to define more than a single radius server when using multiple SSIDs with WAP200. Unfortunately WAP200 doesn't add the name of the SSID as a radius attribute, so it's not possible to make distinction whether the user is trying to log in to SSID A or B. Does anyone have any ideas or workarounds for this limitation? Of course the best solution would be if Cisco/Linksys fixed the firmware so that the SSID of the logging in user would be sent to the radius server as an extra attribute or appended to the client mac address.
Security option for an SSID can be unique and can be configured when you configure a SSID or under VLAN . Note that each vlan is uniquely mapped to induvidual SSID.
-
Setting up Multiple SSID's & VLAN
I have a Cisco 1230 AP along with a Sonic Wall TZ 210 and a Linksys SFE 2010P switch. On my AP I have created 2 SSID's. and 2 VLAN's. The first SSID is being broadcasted and has WPA encryption on it for our Corporate USers. The Second SSID is a Guest SSID and too is being broadcasted. I can make a laptop connect to the 1st SSID, but for some reason the 2nd SSID nothing will connect to it. The first SSID is associated to VLAN1 and the 2nd SSID is associated to VLAN2. VLAN1 has WPA encryption on it. VLAN2 is setup as Open and no Encryption. Any ideas?
My next question is how to I configure traffic on this AP with the other equipment mentioned? On my sonicwall we have segmented port6 on it to be a different subnet from the corporate subnet. On the Linksys switch I have enable VLANS on port2 and port48 which are on VLAN2. All other ports are on VLAN1. The AP connects to Ports 2 on the linksys switch and port 48 connects to port 6 on the Sonic Wall. When a corporate user connects to SSID1 I want them to be able to connect to the Corporate subnet. When a guest connects to SSID2 I want them to connect to the segmented guest network to only have Internet Access.
Hope this makes sense!
Below is my config on the AP. I am really only familiar with the IOS web interface so if you can explain it using that I'd appreciate it.
AP_WLAN_Bakery
Home Exec Configure
------------------ show version ------------------
Cisco IOS Software, C1200 Software (C1200-K9W7-M), Version 12.3(8)JEB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Fri 20-Jul-07 20:51 by dchih
ROM: Bootstrap program is C1200 boot loader
BOOTLDR: C1200 Boot Loader (C1200-BOOT-M) Version 12.2(8)JA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
AP_WLAN_Bakery uptime is 1 hour, 40 minutes
System returned to ROM by reload
System restarted at 10:52:05 -0400 Fri Oct 15 2010
System image file is "flash:/c1200-k9w7-mx.123-8.JEB1/c1200-k9w7-mx.123-8.JEB1"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-AP1231G-A-K9 (PowerPC405GP) processor (revision B0) with 15138K/1236K bytes of memory.
Processor board ID FOC0849218B
PowerPC405GP CPU at 196Mhz, revision number 0x0145
Last reset from reload
1 FastEthernet interface
1 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:12:D9:8B:09:93
Part Number : 73-8704-08
PCA Assembly Number : 800-23211-09
PCA Revision Number : A0
PCB Serial Number : FOC0849218B
Top Assembly Part Number : 800-23304-08
Top Assembly Serial Number : FTX0902R2V1
Top Revision Number : A0
Product/Model Number : AIR-AP1231G-A-K9
Configuration register is 0xF
------------------ show running-config ------------------
Building configuration...
Current configuration : 2544 bytes
! Last configuration change at 12:07:29 -0400 Fri Oct 15 2010 by admin
! NVRAM config last updated at 12:07:29 -0400 Fri Oct 15 2010 by admin
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname AP_WLAN_Bakery
clock timezone -0500 -5
clock summer-time -0400 recurring
ip subnet-zero
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
dot11 vlan-name VLAN_Corporate vlan 1
dot11 vlan-name VLAN_Guest vlan 2
dot11 ssid WLAN_Corporate
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 005740565C0C5C5F5C741F
dot11 ssid WLAN_HartKitGuest
vlan 2
authentication open
mbssid guest-mode
username admin privilege 15 password 7 <removed>
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm tkip
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
mbssid
speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
station-role root
no dot11 extension aironet
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
interface BVI1
ip address 192.168.2.240 255.255.255.0
no ip route-cache
ip default-gateway 192.168.2.1
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
sntp server 192.168.2.5
sntp broadcast client
end
------------------ show stacks ------------------
Minimum process stacks:
Free/Size Name
4572/5500 soap_flash init
10024/11000 DHCP Autoinstall
5160/5500 Autoinstall
11748/12000 Setup
10552/11000 BootP Resolver
5240/5500 dot11 platform init
8824/12000 Init
5088/5500 RADIUS INITCONFIG
2576/3000 Rom Random Update Process
5144/11000 HTTP CP
3084/5500 Soap Flash Save Variables
Interrupt level stacks:
Level Called Unused/Size Name
4 125707 8056/9000 dot11 radio interrupt
6 9783 8960/9000 NS16550 VECTOR
------------------ show interfaces ------------------
BVI1 is up, line protocol is up
Hardware is BVI, address is 0012.d98b.0993 (bia 0013.1973.8d50)
Internet address is 192.168.2.240/24
MTU 1500 bytes, BW 54000 Kbit, DLY 5000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
5 minute input rate 10000 bits/sec, 9 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
59436 packets input, 8310033 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
31826 packets output, 18823451 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:15:20, output 00:15:20, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 47
Queueing strategy: fifo
Output queue: 0/30 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
16093 packets input, 1696312 bytes, 0 no buffer
Received 1913 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
8367 packets output, 2930004 bytes, 0 underruns
13 output errors, 0 collisions, 37 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0.1 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Dot11Radio0.2 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, MII
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/160/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 13000 bits/sec, 10 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
75878 packets input, 12726627 bytes
Received 43517 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
38986 packets output, 19917202 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet0.1 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0.2 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
------------------ show controllers ------------------
interface Dot11Radio0
Radio AIR-MP31G, Base Address 0013.1973.8d50, BBlock version 0.00, Software version 6.11.1
Serial number: FOC0901D4S1
Number of supported simultaneous BSSID on Dot11Radio0: 8
Carrier Set: Americas (US )
Uniform Spreading Required: No
Current Frequency: 2412 MHz Channel 1
Allowed Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11)
Listen Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11) 2467(12) 2472(13) 2484(14)
Beacon Flags: 0; Beacons are enabled; Probes are enabled
Current CCK Power: 100 mW
Allowed CCK Power Levels: 1 5 10 20 30 50 100
Current OFDM Power: 30 mW
Allowed OFDM Power Levels: 1 5 10 20 30
Allowed Client Power Levels: 1 5 10 20 30 50 100
ERP settings: short slot time.
Neighbors in non-erp mode:
Current Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Active Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Allowed Rates: 1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Range Rates: basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Throughput Rates: basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Default Rates: basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
Current Voice Rates: 5.5 6.0 11.0 12.0 24.0 [disabled until voice packet-discard enabled]
Default Voice Rates: 5.5 6.0 11.0 12.0 24.0
Channel / Max Power Table
1 O=15 D=20, 2 O=15 D=20, 3 O=15 D=20, 4 O=15 D=20, 5 O=15 D=20
6 O=15 D=20, 7 O=15 D=20, 8 O=15 D=20, 9 O=15 D=20, 10 O=15 D=20
11 O=15 D=20
Data Rate Sensitivity (rate, SNR dB, Contention dBm)
( 1.0, 1, -98) ( 2.0, 7, -94) ( 5.5, 9, -92) (11.0, 16, -86)
( 6.0, 7, -92) ( 9.0, 14, -87) (12.0, 12, -87) (18.0, 15, -84)
(24.0, 17, -82) (36.0, 24, -76) (48.0, 29, -73) (54.0, 33, -69)
Radio Management (RM) Configuration:
Regular AP RM Mode 1 Temp Setting Disabled
Temp Settings: AP Tx Power 0 AP Tx Channel 0 Client Tx Power 0
Rates:
Saved Settings: AP Tx Power 0 AP Tx Channel 1 Client Tx Power 0
Rates:
MCST RSCs: [0]0x0 [1]0x0 [2]0x0 [3]0x0 [4]0x0
TKIP Cum Stats: STA MIC-L-Errs MIC-R-Errs Replay C-Measure
0000.0000.0000 00000000 00000000 00000000 00000000
AES-CCMP Cum Stats: 00000000 replays discarded
QBSS Load: 0x0
Policing Stats:Rx downgardes 0, Tx downgrades 0
Configured Local Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 6 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 1 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 1 admission-control Off txop 1504
Configured Cell Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 10 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 2 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 2 admission-control Off txop 1504
Transmit queues: Active 0 In Progress 0
---- Active --- In-Progress --------------- Counts --------------
Cnt Quo Bas Max Cnt Quo Bas Sent Discard Fail Retry Multi
Uplink 0 0 0 0 0 0 0 0 0 0 0 0
Voice 0 0 0 0 0 0 0 55 0 0 1 1
Video 0 0 0 0 0 0 0 0 0 0 0 0
Best 0 3 70 3 0 3 24 7937 0 0 127 12
Mcast 0 0 0 0 0 0 0 329 0 0 0 0
Mcast 0 0 0 0 0 0 0 30 0 0 0 0
Back 0 0 0 0 0 0 0 329 0 0 0 0
BSSIDS Index Flags State Next Held Defer NonDefer Clients Tsf Dtim Txq
8D50 0 20 0 0 0 0 0 0 200 2 0
8D51 1 20 0 0 0 0 0 0 150 2 1
UP ClientQAged AcQAged PacketAged Drop Retry/Thresh Timeout CQMax
7 0 0 0 3/100 0/500 35 4
6 0 0 0 3/100 0/500 35 4
5 0 0 0 3/100 0/500 35 4
4 0 0 0 3/100 0/500 35 4
3 0 0 0 3/100 0/500 35 4
2 0 0 0 3/100 0/500 35 4
1 0 0 0 3/100 0/500 35 4
Driver TX blocks: in use 0, high 10, at reset 0, fail 0, reclaim 0
Clients: 8021x auth in prog 0 allowed 0
Vlan BSSID Clients PSP Pri Encr Key0 Key1 Key2 Key3 SSIDs
0 8D50 0 0 0 0 234 x128
1n 8D50 0 0 0 0 234 x128 WLAN_Corporate
2 8D51 1 0 0 0 0 WLAN_HartKitGuest
0 0 flags 3
1 1 flags 3
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
17 0 flags 0
18 0 flags 0
Registers: io E8000000 mem 80000000 aux A0000000
0000 FF50 0000 0000 0021 0000 0000 0000
0001 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0500 0007 0000 0000 0808 09E8 0000 0504
0000 0000 0000 0000 0424 0059 E2ED 2D9D
00000000 00000200 20000200 FFFFFFFF F7FFFFFF 00000000 00000000 00200000
FFFFFFE2 00000FFF 72ED14BD 4A040401 00000000 00000000 00008000 00008080
00000000 00000000 00000000 00000000 00008F78 000012DC 00000000 0000C0EA
Radio running: temp 0 C tx_power 100 bb_code 0x0
rssi_threshold 0x0 gain offset 0
Antenna: external , gain 20 (platform 0, domain class A)
PCI sys_id: 0xA506 subsys_id 0x5100 (0x5101)
Unicast ciphers 0x1 mcast ciphers 0x1
Rid Ring:
A0000970: 009C8000 20ED1EA0 * n
Rx Ring:
A0000950: 893E0002 20ED3478 v, 893E0002 20EDEE60 v
A0000960: 893E0002 20EE4B54 v, 893E0002 20EDB068 * v
Tx Ring:
A0000800: 06108000 20ECFCE4 n, 009A8000 20ECD764 n
A0000810: 00AE8000 20ECF064 n, 010C8000 20ECD124 n
A0000820: 010C8000 20ECCE04 n, 010C8000 20ECE0C4 n
A0000830: 010C8000 20ECED44 n, 00668000 20ECB174 n
A0000840: 006A8000 20ECCA64 n, 010C8000 20ECDDA4 n
A0000850: 010C8000 20ECF6A4 n, 01848000 20ECF9C4 n
A0000860: 022A8000 20ECCE04 n, 01848000 20ECF9C4 n
A0000870: 06158000 20ED113C n, 01848000 20ECE3E4 n
A0000880: 022A8000 20ECF064 * n, 01188000 20ECD124 n
A0000890: 05688000 20ED0A74 n, 057C8000 20ED03AC n
A00008A0: 010C8000 20ECED44 n, 010C8000 20ECDDA4 n
A00008B0: 010C8000 20ECF6A4 n, 010C8000 20ECF9C4 n
A00008C0: 00748000 20ECB054 n, 05FC8000 20ED1804 n
TxDn Ring:
A0000930: 802C0000 20ED26A0 v, 802C0000 20ED2778 v
A0000940: 802C0000 20ED2850 * v, 802C0000 20ED2928 v
Multicast counters:
Internal MC counts:
28 (28) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0)
Log Buffer:
PowerPC405GP Ethernet unit 0
PHY Hardware is Intel LXT971 rev. 2 (id_register: 0x13, 0x78E2)
rx_intr: 0 tx_intr: 0 mac_err_isr: 0 phy_link_isr:0
Current station address 0012.d98b.0993, default address 0012.d98b.0993
MAL register dump:
malcr 0x0007C082 0x180
malesr 0x00000000 0x181
malier 0x0000000F 0x182
maltxcasr 0x80000000 0x184
maltxcarr 0x80000000 0x185
maltxeobisr 0x00000000 0x186
maltxdeir 0x00000000 0x187
malrxcasr 0x80000000 0x190
malrxcarr 0x80000000 0x191
malrxeobisr 0x00000000 0x192
malrxdeir 0x00000000 0x193
maltxctp0r 0x00EE6120 0x1A0
malrxctp0r 0x00EE6020 0x1C0
malrcbs0 0x00000060 0x1E0
EMAC register dump:
emacmr0 0x18000000 0x00
emacmr1 0xA1788000 0x04
emactmr0 0x00000000 0x08
emactmr1 0x380F0000 0x0C
emacrmr 0x7D180000 0x10
emacisr 0x00000002 0x14
emacier 0x00000001 0x18
emaciah 0x00000012 0x1C
emacial 0xD98B0993 0x20
emacptr 0x0000FFFF 0x2C
emaclsah 0x00000040 0x50
emaclsal 0x2B637E9B 0x54
emacipgr 0x00000004 0x58
emacstacr 0x47808011 0x5C
emactrtr 0x18000000 0x60
emacrwmr 0x0F002000 0x64
emacoctx 0x0132EA47 0x68
emacocrx 0x00C72D8B 0x6C
UIC register dump:
uicsr 0x00001FA3 0xC0
uicer 0x803F0048 0xC2
uicmsr 0x00000000 0xC6
PHY register dump:
3100 782D 0013 78E2 01E1 41E1 0007 2001 0000 0000 0000 0000 0000 0000 0000 0000
0384 4780 0032 0000 0422 0000 0000 0000 0000 0000 08C8 0000 0000 0000 0000
RX ring with 16 entries at 0xEE6020, Buffer size 1528
Rxhead = 0xEE6048 (5), Rxp = 0xB67360 (5)
00 pak=0x0B6D644 buf=0x0EF2BDC status=9C00 pak_size=0
01 pak=0x0B6CCA8 buf=0x0EF17A8 status=9C00 pak_size=0
02 pak=0x0B68C98 buf=0x0EE90F8 status=9C00 pak_size=0
03 pak=0x0B6BCA4 buf=0x0EEF5FC status=9C00 pak_size=0
04 pak=0x0B6DFE0 buf=0x0EF4010 status=9C00 pak_size=0
05 pak=0x0B6CFDC buf=0x0EF1E64 status=9C00 pak_size=0
06 pak=0x0B6C640 buf=0x0EF0A30 status=9C00 pak_size=0
07 pak=0x0B682FC buf=0x0EE7CC4 status=9C00 pak_size=0
08 pak=0x0B6E648 buf=0x0EF4D88 status=9C00 pak_size=0
09 pak=0x0B6E97C buf=0x0EF5444 status=9C00 pak_size=0
10 pak=0x0B6ECB0 buf=0x0EF5B00 status=9C00 pak_size=0
11 pak=0x0B6ACA0 buf=0x0EED450 status=9C00 pak_size=0
12 pak=0x0B68630 buf=0x0EE8380 status=9C00 pak_size=0
13 pak=0x0B6D310 buf=0x0EF2520 status=9C00 pak_size=0
14 pak=0x0B6C974 buf=0x0EF10EC status=9C00 pak_size=0
15 pak=0x0B6B63C buf=0x0EEE884 status=DC00 pak_size=0
TX ring with 8 entries at 0xEE6120, tx_count = 0
tx_head = 0xEE6148 (5), head_txp = 0xB673BC (5)
tx_tail = 0xEE6148 (5), tail_txp = 0xB673BC (5)
00 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
01 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
02 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
03 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
04 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
05 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
06 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
07 pak=0x0000000 buf=0x0000000 status=5400 pak_size=0
0 missed datagrams, 0 overruns
0 transmitter underruns, 0 excessive collisions
0 single collisions, 0 multiple collisions
0 dma memory errors, 0 CRC errors
0 alignment errors, 0 runts, 0 giants
emac/mal specific errors:
0 rx in range, 0 rx out range
0 mal_rx_serr, 0 mal_tx_serr
0 mal_rx_de, 0 mal_tx_de
0 emac_int
0 mal_err_isr
0 SQE errors, 0 tx CRC errors
0 output queue fail
------------------ show data-corruption ------------------
No data inconsistency errors have been recorded.
------------------ show file systems ------------------
File Systems:
Size(b) Free(b) Type Flags Prefixes
* 7741440 2734080 flash rw flash:
- - opaque rw bs:
7741440 2734080 unknown rw zflash:
- - opaque rw archive:
- - opaque rw system:
32768 29138 nvram rw nvram:
- - network rw tftp:
- - opaque rw null:
- - opaque ro xmodem:
- - opaque ro ymodem:
- - network rw rcp:
- - network rw ftp:
- - network rw http:
- - network rw scp:
- - network rw https:
------------------ show flash: ------------------
Directory of flash:/
2 -rwx 1048 Oct 15 2010 12:07:29 -04:00 private-multiple-fs
5 drwx 512 Oct 15 2010 10:36:30 -04:00 c1200-k9w7-mx.123-8.JEB1
4 -rwx 716 Feb 28 2002 19:06:22 -05:00 env_vars
146 -rwx 2549 Oct 15 2010 12:07:29 -04:00 config.txt
148 -rwx 5 Oct 15 2010 12:07:29 -04:00 private-config
7741440 bytes total (2734080 bytes free)
------------------ dir nvram: ------------------
Directory of nvram:/
30 -rw- 2549 <no date> startup-config
31 ---- 5 <no date> private-config
1 -rw- 0 <no date> ifIndex-table
32768 bytes total (29138 bytes free)
------------------ show memory statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431436 2278064 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show process memory ------------------
Total: 5975164, Used: 2899444, Free: 3075720
PID TTY Allocated Freed Holding Getbufs Retbufs Process
0 0 3373064 827724 1898920 0 0 *Init*
0 0 11804 7372856 11804 0 0 *Sched*
0 0 66125428 65999528 293168 434276 0 *Dead*
1 0 0 0 6416 0 0 Chunk Manager
2 0 188 188 3916 0 0 Load Meter
3 0 448120 443220 18392 0 0 HTTP CP
4 0 19548 0 25964 0 0 Check heaps
5 0 86364 207192 37368 49920 137052 Pool Manager
6 0 0 0 6416 0 0 AAA_SERVER_DEADT
7 0 188 188 6416 0 0 Timers
8 0 188 188 6416 0 0 AAA high-capacit
9 0 488 0 6904 0 0 SNTP
10 0 76 0 6492 0 0 ARP Input
11 0 3232 540 9108 0 0 Entity MIB API
12 0 0 0 6416 0 0 HC Counter Timer
13 0 188 188 6416 0 0 GraphIt
14 0 0 0 6416 0 0 Net Input
15 0 0 0 6416 0 0 Critical Bkgnd
16 0 19648 136 12180 0 0 Net Background
17 0 188 188 11916 0 0 Logger
18 0 188 188 6416 0 0 TTY Background
19 0 0 0 9916 0 0 Per-Second Jobs
20 0 188 188 6416 0 0 Compute load avg
21 0 0 0 6416 0 0 Per-minute Jobs
22 0 125880 59144 52956 0 0 Dot11 driver
23 0 188 188 6416 0 0 Dot11 driver log
24 0 0 0 6416 0 0 Voice Metrics Ta
25 0 0 0 6416 0 0 SOAP LED Process
26 0 188 188 6416 0 0 AAA Server
27 0 0 0 6416 0 0 AAA ACCT Proc
28 0 0 0 6416 0 0 ACCT Periodic Pr
29 0 2343100 10891400 16904 0 7173144 IP Input
30 0 0 0 6416 0 0 ICMP event handl
31 0 188 188 6416 0 0 AAA Dictionary R
32 0 47124 44272 9200 0 0 CDP Protocol
33 0 0 0 6416 0 0 linktest
34 0 964 964 9916 0 0 Dot11 aaa proces
35 0 0 0 9916 0 0 pmkid
36 0 188 6404 6416 0 0 Dot11 Mgmt & Ass
37 0 1636 1224 6644 0 0 AiroIAPP Protoco
38 0 188 188 6416 0 0 Triggered events
39 0 188 188 9916 0 0 Dot11 auth Dot1x
40 0 0 0 6416 0 0 Dot11 Mac Auth
41 0 1276 0 7692 0 0 Dot11CACprocess
42 0 0 1285716 11916 0 0 TCP Timer
43 0 0 0 11916 0 0 TCP Protocols
44 0 0 0 6416 0 0 Socket Timers
45 0 41144 11308 23364 0 0 DHCPD Receive
46 0 58666708 40499364 31400 6957504 101520 HTTP CORE
47 0 1072 188 12800 0 0 Soap Upgrade fet
48 0 10608 188 16836 0 0 DDP
49 0 344168 1754412 6416 0 0 LOCAL AAA
50 0 188 188 6416 0 0 AAA Cached Serve
51 0 188 188 6416 0 0 ENABLE AAA
52 0 188 188 6416 0 0 LINE AAA
54 0 2056 188 8284 0 0 TPLUS
55 0 604 188 9332 0 0 Crypto WUI
56 0 0 0 6416 0 0 EM Background Pr
57 0 188 308 6416 0 0 Soap Consoleless
58 0 72384 66968 14332 0 0 Crypto CA
59 0 0 0 8916 0 0 Crypto PKI-CRL
60 0 0 0 8916 0 0 Crypto SSL
61 0 2056 15044 6416 0 0 AAA SEND STOP EV
62 0 188 188 6416 0 0 Dot11 LBS Proc
63 0 0 0 6416 0 0 Syslog Traps
65 0 0 0 6416 0 0 DHCPD Timer
66 0 76 484 9992 0 0 DHCP Client
67 0 636960 188 22156 421308 0 HyBridge Input P
68 0 344 188 6588 0 0 Tbridge Monitor
69 0 344 188 6572 0 0 Spanning Tree
70 0 156 0 6628 0 0 DHCPD Database
2897284 Total
------------------ show process cpu ------------------
CPU utilization for five seconds: 16%/0%; one minute: 4%; five minutes: 1%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 0 1 0 0.00% 0.00% 0.00% 0 Chunk Manager
2 4 1196 3 0.00% 0.00% 0.00% 0 Load Meter
3 369 40 9225 0.00% 0.00% 0.00% 0 HTTP CP
4 764 611 1250 0.00% 0.00% 0.00% 0 Check heaps
5 9 44 204 0.00% 0.00% 0.00% 0 Pool Manager
6 0 1 0 0.00% 0.00% 0.00% 0 AAA_SERVER_DEADT
7 0 2 0 0.00% 0.00% 0.00% 0 Timers
8 0 9 0 0.00% 0.00% 0.00% 0 AAA high-capacit
9 8 158 50 0.00% 0.00% 0.00% 0 SNTP
10 1034 5268 196 0.00% 0.02% 0.00% 0 ARP Input
11 2 2 1000 0.00% 0.00% 0.00% 0 Entity MIB API
12 2 1494 1 0.00% 0.00% 0.00% 0 HC Counter Timer
13 2 5973 0 0.00% 0.00% 0.00% 0 GraphIt
14 0 11 0 0.00% 0.00% 0.00% 0 Net Input
15 0 1 0 0.00% 0.00% 0.00% 0 Critical Bkgnd
16 34 1906 17 0.00% 0.00% 0.00% 0 Net Background
17 4 101 39 0.00% 0.00% 0.00% 0 Logger
18 24 5969 4 0.00% 0.00% 0.00% 0 TTY Background
19 5 5998 0 0.00% 0.00% 0.00% 0 Per-Second Jobs
20 0 1196 0 0.00% 0.00% 0.00% 0 Compute load avg
21 433 127 3409 0.00% 0.00% 0.00% 0 Per-minute Jobs
22 587 181376 3 0.00% 0.00% 0.00% 0 Dot11 driver
23 0 2 0 0.00% 0.00% 0.00% 0 Dot11 driver log
24 2 1200 1 0.00% 0.00% 0.00% 0 Voice Metrics Ta
25 44 39944 1 0.00% 0.00% 0.00% 0 SOAP LED Process
26 238 3309 71 0.00% 0.00% 0.00% 0 AAA Server
27 0 1 0 0.00% 0.00% 0.00% 0 AAA ACCT Proc
28 0 1 0 0.00% 0.00% 0.00% 0 ACCT Periodic Pr
29 10607 39208 270 0.31% 0.16% 0.09% 0 IP Input
30 0 1 0 0.00% 0.00% 0.00% 0 ICMP event handl
31 0 2 0 0.00% 0.00% 0.00% 0 AAA Dictionary R
32 96 999 96 0.00% 0.00% 0.00% 0 CDP Protocol
33 2 5997 0 0.00% 0.00% 0.00% 0 linktest
34 14 115 121 0.00% 0.00% 0.00% 0 Dot11 aaa proces
35 1 100 10 0.00% 0.00% 0.00% 0 pmkid
36 116 2261 51 0.00% 0.00% 0.00% 0 Dot11 Mgmt & Ass
37 18 7228 2 0.00% 0.00% 0.00% 0 AiroIAPP Protoco
38 0 2 0 0.00% 0.00% 0.00% 0 Triggered events
39 0 2 0 0.00% 0.00% 0.00% 0 Dot11 auth Dot1x
40 0 1 0 0.00% 0.00% 0.00% 0 Dot11 Mac Auth
41 2 1200 1 0.00% 0.00% 0.00% 0 Dot11CACprocess
42 59 2009 29 0.00% 0.00% 0.00% 0 TCP Timer
43 0 1 0 0.00% 0.00% 0.00% 0 TCP Protocols
44 0 1 0 0.00% 0.00% 0.00% 0 Socket Timers
45 14 54 259 0.00% 0.00% 0.00% 0 DHCPD Receive
46 48468 30304 1599 9.35% 1.66% 0.36% 0 HTTP CORE
47 0 2 0 0.00% 0.00% 0.00% 0 Soap Upgrade fet
48 0 2 0 0.00% 0.00% 0.00% 0 DDP
49 707 3309 213 0.00% 0.02% 0.00% 0 LOCAL AAA
50 1 2 500 0.00% 0.00% 0.00% 0 AAA Cached Serve
51 0 2 0 0.00% 0.00% 0.00% 0 ENABLE AAA
52 0 2 0 0.00% 0.00% 0.00% 0 LINE AAA
54 0 2 0 0.00% 0.00% 0.00% 0 TPLUS
55 0 3 0 0.00% 0.00% 0.00% 0 Crypto WUI
56 0 1 0 0.00% 0.00% 0.00% 0 EM Background Pr
57 1 3 333 0.00% 0.00% 0.00% 0 Soap Consoleless
58 6 4 1500 0.00% 0.00% 0.00% 0 Crypto CA
59 0 1 0 0.00% 0.00% 0.00% 0 Crypto PKI-CRL
60 0 1 0 0.00% 0.00% 0.00% 0 Crypto SSL
61 3 16 187 0.00% 0.00% 0.00% 0 AAA SEND STOP EV
62 0 2 0 0.00% 0.00% 0.00% 0 Dot11 LBS Proc
63 0 1 0 0.00% 0.00% 0.00% 0 Syslog Traps
65 0 50 0 0.00% 0.00% 0.00% 0 DHCPD Timer
66 8 6027 1 0.00% 0.00% 0.00% 0 DHCP Client
67 8349 84826 98 0.55% 0.17% 0.10% 0 HyBridge Input P
68 14 6744 2 0.00% 0.00% 0.00% 0 Tbridge Monitor
69 0 2 0 0.00% 0.00% 0.00% 0 Spanning Tree
70 0 1690 0 0.00% 0.00% 0.00% 0 DHCPD Database
------------------ show process cpu history ------------------
AP_WLAN_Bakery 12:32:06 PM Friday Oct 15 2010 -0400
1133333
667777766666
100
90
80
70
60
50
40 *****
30 *****
20 *******
10 ************
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per second (last 60 seconds)
7 37 78 7 8
11 121961 87 1 3 1 1
100
90 *
80 ** *
70 * * ** * *
60 * * ** * *
50 * * ** * *
40 * ** ** * *
30 * ** ** * *
20 * ** #* * *
10 #*## ## # #
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%
8
8
100
90 *
80 *
70 *
60 *
50 *
40 *
30 *
20 *
10 *
0....5....1....1....2....2....3....3....4....4....5....5....6....6....7.
0 5 0 5 0 5 0 5 0 5 0 5 0
CPU% per hour (last 72 hours)
* = maximum CPU% # = average CPU%
------------------ show dot11 associations all-client ------------------
------------------ show wlccp ap mobility traffic ------------------
------------------ show wlccp ap mobility forwarding ------------------
------------------ show inventory ------------------
NAME: "AP1210", DESCR: "Cisco Aironet 1200 Series Access Point"
PID: ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ, VID: ÿÿÿ, SN: FTX0902R2V1
------------------ Mempool statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431000 2278500 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show memory summary -----------------
Processor memory
Alloc PC Size Blocks Bytes What
0x4790 0000000080 0000000001 0000000080 ACL Header
0x47A4 0000000024 0000000001 0000000024 Init
0x9FD4 0000000036 0000000001 0000000036 Init
0x9FFC 0000000040 0000000001 0000000040 Init
0xA018 0000000024 0000000001 0000000024 Init
0xA040 0000000036 0000000001 0000000036 Init
0xA134 0000000060 0000000001 0000000060 Init
0xF9D0 0000000024 0000000001 0000000024 HTTP CP
0xFAF8 0000000024 0000000001 0000000024 HTTP CP
0xFB6C 0000000076 0000000001 0000000076 HTTP CP
0xFC04 0000000024 0000000001 0000000024 HTTP CP
0xFC60 0000000028 0000000001 0000000028 HTTP CP
0xFD58 0000000024 0000000001 0000000024 Init
0xFDC4 0000000024 0000000001 0000000024 Init
0xFF2C 0000000036 0000000001 0000000036 HTTP CP
0xFF2C 0000000044 0000000001 0000000044 HTTP CP
0x11034 0000000024 0000000001 0000000024 Init
0x15750 0000004096 0000000001 0000004096 Init
0x1DD08 0000000120 0000000001 0000000120 Ion New Block
0x1F474 0000000024 0000000001 0000000024 LOGIN UNC PW
0x1F474 0000000056 0000000001 0000000056 LOGIN PWC (Free Blocks)
0x1F610 0000000080 0000000001 0000000080 local_aaa_authen2 (Free Blocks)
0x24F64 0000004784 0000000001 0000004784 (coalesced) (Free Blocks)
0x24F64 0000013956 0000000001 0000013956 (coalesced) (Free Blocks)
0x264F4 0000000512 0000000001 0000000512 Init
0x2CDF8 0000004312 0000000001 0000004312 TTY data
0x2E994 0000001500 0000000001 0000001500 String-DB entries
0x2E9BC 0000001500 0000000001 0000001500 String-DB owners
0x2E9E4 0000000776 0000000001 0000000776 String-DB handles
0x2E9FC 0000001024 0000000001 0000001024 String DB Hash Table
0x2F154 0000000024 0000000002 0000000048 SDB String
0x2F714 0000000176 0000000001 0000000176 SDB Owner info
0x2FF28 0000004312 0000000006 0000025872 TTY data
0x336E8 0000002000 0000000001 0000002000 TTY Input Buf
0x33720 0000000512 0000000001 0000000512 TTY Output Buf
0x3E6C0 0000000052 0000000003 0000000156 MAC ADDR subblock
0x40DA8 0000003000 0000000002 0000006000 keepalive sb chunk
0x42490 0000065536 0000000001 0000065536 Parseinfo Blocks
0x424B8 0000000364 0000000001 0000000364 tokenQ node
0x424E0 0000000432 0000000001 0000000432 Chain Cache Nodes
0x42508 0000032768 0000000001 0000032768 Parse Nodes
0x46E18 0000000120 0000000001 0000000120 Init
0x47028 0000000060 0000000001 0000000060 Init
0x47458 0000000024 0000000034 0000000816 Init
0x4755C 0000010000 0000000001 0000010000 Parser Linkage
0x47938 0000000056 0000000053 0000002968 Parser Mode
0x47938 0000000108 0000000001 0000000108 Parser Mode
0x479A4 0000000024 0000000054 0000001296 Parser Mode Q1
0x479C8 0000000024 0000000054 0000001296 Parser Mode Q2
0x49FA8 0000000432 0000000001 0000000432 Chain Cache No
0x4A070 0000000432 0000000009 0000003888 Chain Cache No
0x4A070 0000000432 0000000001 0000000432 Chain Cache No (Free Blocks)
0x4A070 0000000548 0000000001 0000000548 (coalesced) (Free Blocks)
0x4A160 0000000432 0000000001 0000000432 Chain Cache No
0x4FCD4 0000000256 0000000001 0000000256 HTTP CP
0x548F4 0000000032 0000000016 0000000512 Parser Alias
0x54924 0000000024 0000000016 0000000384 Init
0x5C338 0000004616 0000000001 0000004616 (coalesced) (Free Blocks)
0x5D464 0000000024 0000000001 0000000024 HTTP CP
0x5D4E4 0000000024 0000000001 0000000024 HTTP CP
0x65394 0000000024 0000000008 0000000192 Cond Debug definition
0x698F0 0000000068 0000000003 0000000204 GraphIt Data
0x6990C 0000001316 0000000003 0000003948 Graphit Client
0x69920 0000000024 0000000002 0000000048 Init
0x69920 0000000032 0000000001 0000000032 Init
0x73254 0000000164 0000000002 0000000328 Init
0x73278 0000000164 0000000002 0000000328 Init
0x7329C 0000000164 0000000002 0000000328 Init
0x7B12C 0000000164 0000000001 0000000164 Init
0x7B150 0000000164 0000000001 0000000164 Init
0x7B174 0000000164 0000000001 0000000164 Init
0x83E48 0000000060 0000000001 0000000060 HTTP CP
0x842C0 0000000044 0000000001 0000000044 HTTP CP
0x86C40 0000032772 0000000001 0000032772 Init
0x8AD2C 0000000024 0000000002 0000000048 AAA Secrettype
0x8AD64 0000000024 0000000002 0000000048 AAA Secrettype encrypt
0x8ADD0 0000000024 0000000002 0000000048 AAA_Secrettype pw
0x8B254 0000000192 0000000002 0000000384 AAA SG HEAD
0x8B294 0000000024 0000000002 0000000048 AAA SG NAME
0x8BFA8 0000000060 0000000001 0000000060 AAA MI SG NAME
0x8D1AC 0000003200 0000000001 0000003200 AAA attr list handle IDs
0x8DBA8 0000001024 0000000001 0000001024 AAA attr list handle IDs
0x9AE18 0000004096 0000000001 0000004096 AAA Unique Id Hash Table
0x9AED8 0000065536 0000000001 0000065536 AAA DB Chunk
0x9EFE8 0000020000 0000000001 0000020000 AAA Acct DB chunk
0xA0EA0 0000016336 0000000001 0000016336 AAA Acct Rec chunk
0xAFBC4 0000002048 0000000001 0000002048 AAA SG ID table
0xAFE78 0000001024 0000000003 0000003072 AAA SG ID table
0xB3D68 0000000032 0000000001 0000000032 Init
0xB4388 0000000024 0000000001 0000000024 AAA nvgend sg elt
0xB4388 0000000052 0000000001 0000000052 AAA nvgend sg elt
0xB43C0 0000000132 0000000002 0000000264 AAA Public Server Group
0xB4400 0000000028 0000000002 0000000056 AAA Public Server Group wrapper
0xB4448 0000000024 0000000002 0000000048 AAA pub SG servers
0xB44CC 0000000024 0000000002 0000000048 AAA pub SG wrap name
0xB4510 0000000024 0000000002 0000000048 AAA pub SG name
0xBC014 0000000776 0000000275 0000213400 *Free Packet Header*
0xBC014 0000000788 0000000001 0000000788 *Free Packet Header*
0xBC014 0000000804 0000000001 0000000804 *Free Packet Header*
0xBC014 0000000828 0000000001 0000000828 *Free Packet Header*
0xBC014 0000001408 0000000001 0000001408 (coalesced) (Free Blocks)
0xBC014 0000008480 0000000001 0000008480 (coalesced) (Free Blocks)
0xBCA88 0000000776 0000000003 0000002328 *In-use Packet Header*
0xC1274 0000004000 0000000001 0000004000 Packet Elements
0xC3B00 0000000184 0000000001 0000000184 IRB/CRB rxtypes
0xC3EE4 0000004712 0000000005 0000023560 *Hardware IDB*
0xC3EFC 0000001400 0000000005 0000007000 *Software IDB*
0xC4440 0000000024 0000000003 0000000072 HTTP CP
0xC4440 0000000076 0000000001 0000000076 HTTP CP
0xC4494 0000000024 0000000003 0000000072 HTTP CP
0xC4494 0000000080 0000000001 0000000080 HTTP CP
0xC4580 0000000184 0000000004 0000000736 IRB/CRB rxtypes
0xC4948 0000000048 0000000001 0000000048 HTTP CP
0xC4948 0000000052 0000000001 0000000052 HTTP CP
0xC4CB8 0000001400 0000000004 0000005600 *Software IDB*
0xC5864 0000000024 0000000004 0000000096 Init
0xC58E0 0000000024 0000000004 0000000096 Init
0xC8118 0000000032 0000000004 0000000128 IP Input
0xED1F0 0000035292 0000000001 0000035292 IDB List Element Chunks
0xFF3C0 0000000024 0000000059 0000001416 Init
0xFF7C4 0000000104 0000000008 0000000832 Init
0xFF7D4 0000000024 0000000006 0000000144 Init
0xFF7D4 0000000076 0000000001 0000000076 Init
0xFF7D4 0000000080 0000000001 0000000080 Init
0xFF8F4 0000000024 0000000001 0000000024 Init
0xFF9A4 0000000024 0000000007 0000000168 Init
0x102F38 0000010000 0000000001 0000010000 AAA chunk
0x103140 0000004616 0000000001 0000004616 AAA Acct AVLnode chunk
0x107F7C 0000000100 0000000001 0000000100 AAA MLIST
0x1081E8 0000000092 0000000001 0000000092 AAA MLIST
0x108A7C 0000001024 0000000002 0000002048 AAA mlist ID table
0x118430 0000001500 0000000007 0000010500 List Elements
0x119688 0000001500 0000000001 0000001500 List Elements
0x1196C8 0000005000 0000000001 0000005000 List Headers
0x11D7D4 0000001032 0000000001 0000001032 Process Array
0x11F5B0 0000000640 0000000068 0000043520 Process
0x11F5B0 0000000856 0000000001 0000000856 (coalesced) (Free Blocks)
0x1213A8 0000001500 0000000001 0000001500 Watched Semaph
0x1219A4 0000000144 0000000064 0000009216 Process Events
0x1219A4 0000000160 0000000002 0000000320 Process Events
0x1219A4 0000000172 0000000001 0000000172 Process Events
0x1219A4 0000000200 0000000001 0000000200 Process Events
0x1219A4 0000000208 0000000001 0000000208 Process Events
0x1219A4 0000000256 0000000001 0000000256 (coalesced) (Free Blocks)
0x1219A4 0000000432 0000000001 0000000432 (coalesced) (Free Blocks)
0x1219A4 0000000556 0000000001 0000000556 (coalesced) (Free Blocks)
0x123C24 0000001500 0000000001 0000001500 messages
0x123C50 0000001500 0000000001 0000001500 Watched messages
0x123C7C 0000010000 0000000001 0000010000 Watched Queue
0x123CA4 0000005000 0000000001 0000005000 Watched Boolean
0x123CCC 0000005000 0000000001 0000005000 Watched Bitfield
0x123CF4 0000001500 0000000001 0000001500 Watched Semaphore
0x123D18 0000005000 0000000001 0000005000 Watcher Info
0x123D40 0000000500 0000000001 0000000500 Watched Message Queue
0x123D68 0000001500 0000000001 0000001500 Watcher Message Queue
0x123D90 0000003000 0000000001 0000003000 Read/Write Locks
0x126050 0000002000 0000000001 0000002000 Reg Function 12
0x126078 0000001500 0000000001 0000001500 Reg Function iList
0x1260A0 0000001500 0000000001 0000001500 Reg Function Caselist
0x126118 0000002000 0000000005 0000010000 Reg Function 1
0x12657C 0000002000 0000000001 0000002000 Reg Function 1
0x129F50 0000000024 0000000002 0000000048 *Sched*
0x129F50 0000000032 0000000001 0000000032 *Sched*
0x129F50 0000000044 0000000008 0000000352 *Sched*
0x12A228 0000000256 0000000001 0000000256 Init
0x12C5F8 0000003000 0000000001 0000003000 CCA CCB chunks
0x12CDBC 0000000048 0000000008 0000000384 CCA Component
0x12CE24 0000000024 0000000007 0000000168 CCA Notification Flags
0x12CE24 0000000048 0000000001 0000000048 CCA Notification Flags
0x12CE84 0000003000 0000000008 0000024000 Keepalive
0x12CFF4 0000000024 0000000003 0000000072 CCA UserType
0x12D0A8 0000003000 0000000001 0000003000 CCA CLA chunks
0x1301C0 0000000024 0000000001 0000000024 TW Wheels
0x130200 0000016384 0000000003 0000049152 TW Buckets
0x13AA18 0000000112 0000000006 0000000672 Process Signals
0x13B01C 0000003000 0000000001 0000003000 Process Stack
0x13B01C 0000005500 0000000049 0000269500 Process Stack
0x13B01C 0000008000 0000000004 0000032000 Process Stack
0x13B01C 0000009000 0000000006 0000054000 Process Stack
0x13B01C 0000011000 0000000009 0000099000 Scheduler Stack
0x13B01C 0000018000 0000000001 0000018000 Interrupt Stack
0x13B01C 0002125900 0000000001 0002125900 (coalesced) (Free Blocks)
0x14F6BC 0000020000 0000000001 0000020000 Managed Chunk Queue Elements
0x151870 0000000068 0000000001 0000000068 (fragment) (Free Blocks)
0x1559A8 0000000296 0000000008 0000002368 Pool Info
0x155F84 0000000032 0000000001 0000000032 Pool Cache
0x15AF2C 0000000264 0000000001 0000000264 CLASSMAP_MODULE
0x15B7B0 0000000104 0000000001 0000000104 CLASSMAP_MODULE
0x15B8D0 0000000136 0000000001 0000000136 CLASSMAP_MODULE
0x15B8F0 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x15BA20 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x1826A8 0000000256 0000000001 0000000256 Init
0x182B78 0000000256 0000000001 0000000256 Init
0x1875C0 0000000776 0000000002 0000001552 *In-use Packet Header*
0x188DF4 0000000288 0000000003 0000000864 SNTP
0x188DF4 0000000332 0000000001 0000000332 DDP
0x1904D0 0000000776 0000000001 0000000776 *In-use Packet Header*
0x193CB8 0000001184 0000000005 0000005920 TCP CB
0x193CB8 0000000728 0000000001 0000000728 (fragment) (Free Blocks)
0x1A86AC 0000003000 0000000001 0000003000 IP Addresses
0x1AE490 0000000024 0000000004 0000000096 HTTP CP
0x1AE490 0000000032 0000000001 0000000032 Dot11 driver
0x1AE490 0000000048 0000000001 0000000048 AiroIAPP Protocol
0x1AE490 0000000068 0000000001 0000000068 HTTP CP
0x1CDDA0 0000000280 0000000004 0000001120 Init
0x1CDDAC 0000000068 0000000004 0000000272 Init
0x1EB928 0000005000 0000000001 0000005000 ip localpool
0x1EFFC4 0000000024 0000000001 0000000024 Init
0x1F9E40 0000001652 0000000003 0000004956 HTTP CORE
0x1F9EC8 0000000128 0000000003 0000000384 DHCPD Receive
0x1FBF20 0000000172 0000000002 0000000344 DHCPD Receive
0x1FBF20 0000000232 0000000001 0000000232 HTTP CORE
0x1FBF20 0000000500 0000000001 0000000500 (coalesced) (Free Blocks)
0x1FF2DC 0000000040 0000000001 0000000040 DHCPD Receive
0x206B78 0000000024 0000000003 0000000072 Init
0x206BA8 0000000024 0000000003 0000000072 Init
0x20BE88 0000001500 0000000001 0000001500 Syslogd Messages chunk
0x20FEF0 0000000024 0000000001 0000000024 Init
0x221B18 0000010000 0000000001 0000010000 Time Range Entry Chunks
0x221B40 0000003000 0000000001 0000003000 Time Range Item Chunks
0x221B68 0000001500 0000000001 0000001500 Time Range User Chunks
0x2221E4 0000000036 0000000016 0000000576 Init
0x222214 0000000040 0000000016 0000000640 Init
0x2233CCHi,
if you remove "encryption mode ciphers aes-ccm tkip" from the radio interface does it help?
it should remain like this:
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it. -
Multiple SSID's on the same subnet?
Can you have Multiple SSID's on the same subnet?
SSID1 authenticates clients via radius.
Our corporation bought printers with wireless cards that only support WPA-PSK so we created SSID2 for the printers. We can connect to both SSID's and ping from SSID1 to SSID2 but we can not perform other functions such as view the printer management interface with a browser. Should it be possibe to communicate between SSID1 and SSID2 on the same subnet?Yes you should have no issue, but the only thing is that you are using a lower security method... so either you put them on different subnets so you can control the traffic via acl's or might as well use the same security method to make it easier. The fact that you can ping sounds like you should be able to http to the device.
-
i am deploying (1) 1242ag as root-bridge with multiple vlans and ssids but have left the key the same for each ssid/vlan. the remote (4) 1242ag's will be configured as work-group bridges with 1 vlan & 1 ssid for each. The key will be the same on all devices.
Is this recommended? how would it be better set up? or is it fine this way.Are you referring to the WEP key. Using this method is not scalable and also not secure. Use a authentication mechanism like EAP which will generate per session keys.
-
Multiple routers and subnets - can't access across subnets
Hey all, I'm having an issue with multiple routers and subnets on my FIOS connection. Here's how everything is setup:
Primary router:
ActionTec MI424WR Rev D (from Verizon)
WAN IP: From ISP
WAN NETMASK: From ISP
LAN IP: 192.168.1.1LAN NETMASK: 255.255.255.0
Secondary router (WAN connected to ActionTec LAN):
Belkin N750 gigabit w/ 802.11n
WAN IP: 192.168.1.2
WAN NETMASK: 255.255.255.0
LAN IP: 192.168.2.1
LAN NETMASK: 255.255.255.0
With this setup, I have the secondary router's WAN port connected to a LAN port on the primary router. Each are broadcasting an SSID and each are running DHCP to assign address to their respective subnets. Everything was well and good, except that I could reach 192.168.1.* systems from 192.168.2.*, but not vice versa -- anything connected to the Primary router was blind to systems connected to Secondary. Also, I could not ping anything on .2 from .1.
So, I added the following static route to the primary router:
DESTINATION: 192.168.2.0
NETMASK: 255.255.255.0
GATEWAY: 192.168.1.2
Once this was added to the router, I could ping everything, so that was good. However, even though .1 can now ping .2, I can't access certain things such as the web interface of my NAS (192.168.2.2). I can ping it, but accessing it in the browser from .1 doesn't work; however, accessing from .2 does work.
I think the ActionTec router might be blocking it, but that's just a guess. The firewall on this thing has me thoroughly confused. Currently, I have 192.168.1.2 in the DMZ on the ActionTec, but that didn't make a difference. I've also completely disabled the firewall on the secondary Belkin router, but still nothing.
Any help from the pros here? Much appreciated!
Solved!
Go to Solution.Ok, I figured it out and everything is now working. The issue appears to be that the ActionTec router doesn't recognize traffic from Subnet 1 to Subnet 2 as internal traffic -- it treats it as external traffic and closes it off. To fix this, it required some Advanced Firewall Filters that were far from unituitive and took a lot of testing to get it just right. If anyone runs into a similar situation in the future, here's a rundown of what I did to make it all work:
Primary Router:
ActionTec, MI424WR Rev D
WAN IP/NETMASK:Assigned by ISP
LAN IP/NETMASK:192.168.1.1 / 255.255.255.0
Secondary Router:
Belkin N750 Gigabit w/ 802.11n
WAN IP/NETMASK:192.168.1.2 / 255.255.255.0
LAN IP/NETMASK:192.168.2.1 / 255.255.255.0
Plug Secondary router's WAN port into a LAN port on the Primary router.
Setup Secondary router to have static LAN address (192.168.1.2)
At this point, you should have 2 separate subnets: Subnet 1 (192.168.1.*) and Subnet 2 (192.168.2.*).
Systems on both subnets should be able to reach the internet. Also, Subnet 2 should be able to ping and reach systems on Subnet 1; however, systems on Subnet 1 should not be able to ping or reach systems on Subnet 2. For this, we need to create a static route so Subnet 1 can reach Subnet 2.
Create and apply the following static route in the Primary router: (Advanced > Routing)
RULE NAME:Network (Home/Office)
DESTINATION:192.168.2.0(your secondary subnet)
GATEWAY:192.168.1.2(secondary router's WAN IP)
NETMASK:255.255.255.0
METRIC:1
The router now has a route between Subnet 1 (192.168.1.*) and Subnet 2 (192.168.2.*). You should be able to ping systems on Subnet 1 from 2, and ping systems on Subnet 2 from 1. You should not be able to access any systems, though -- the firewall is still blocking all but ping traffic from Subnet 1 to Subnet 2. We need to create some firewall rules to allow this communication.
Make sure Primary firewall is set to at least typical/medium (Firewall Settings > General).
We need to create some network objects to make it easier to manage the rules we'll create. Go to Advanced > Network Objects and do the following:
1.Click Add. You are now on Edit Network Object screen.
2.Set Description to 'Subnet 1'.
3.In Items section below, click Add.
4.Set Network Object Type to 'IP Subnet'.
5.Set Subnet IP Address to 192.168.1.0.
6.Set Subnet Mask to 255.255.255.0.
7.Click Apply. You are now back on Edit Network Object screen.
8.Click Apply. You are now back on Network Objects Screen.
9.Repeat the above steps again, but this time creating a second network object called 'Subnet 2':
Nameubnet 2
IP Subnet:192.168.2.0
Subnet Mask:255.255.255.0
Now we create the firewall rules. Go to Firewall Settings > Advanced Filtering.
In the Inbound/Input rules section, click the Add link next to Network (Home/Office) Rules.
Create the following Advanced Filter:
SOURCE ADDRESSelect 'Subnet 1'
DEST. ADDRESSelect 'Subnet 2'
PROTOCOL:'Any'
OPERATION:'Accept Packet'
OCCUR:'Always'
Click Apply. You will now be back on the Advanced Filtering page.
In the Outbound rules section, click the Add link next to Network (Home/Office) Rules.
Create the following Advanced Filter:
SOURCE ADDRESSelect 'Subnet 1'
DEST. ADDRESSelect 'Subnet 2'
PROTOCOL:'Any'
OPERATION:'Accept Packet'
OCCUR:'Always'
Click Apply. You will now be back on the Advanced Filtering page.
Click Apply.
You're all done. You should now have internet access on both subnets, be able to ping across subnets and also be able to access services across subnets (local webservers, SSH, telnet, mail, etc). You will not be able to see network file shares across subnets in Windows, however, as this requires a WINS server (which is well outside the scope of this post). For instance, I have a Western Digital NAS on the 192.168.2.0 subnet that I can access as \\Mybooklive\ from within Subnet 2; on Subnet 1, however, I have to access it by its IP \\192.168.2.10\. -
Configuring ssid and vlans on autonomous access point ?
here is an a demonstration of how to configure vlans and ssid on a auto-ap , what i dont understand is when i configure the ssid under (interface dot11radio0) and the vlan under that command , why do i need to configure sub-interfaces for the "fastethernet" and the "dot11radio0" if i already configured it under the "interface dot11radio0" , why do i need the "encapsulation dotq x" ? and what is bridge-group ?
If you want to use multiple SSID with multiple vlan, then you have to configure subinterfaces on Radio interfaces (in both Radio 0 & Radio 1 if you want to use both 2.4GHz & 5GHz band) & Ethernet interfaces.
AP simply bridge wireless traffic to wired interface using these sub-interfaces. To specify which radio sub-interface traffic to map to ethernet sub-interface, a Bridge-Group number (1-255) is used.
Bridge-Group 1 always used for native vlan traffic & usually used for AP management.
HTH
Rasika
**** Pls rate all useful responses ****
Maybe you are looking for
-
Hi Team, Can you help me in preparing a presentation of htmldb, this presentation will be for around 300 persons. I need any help, document ... on this. Thank you very much Marie.
-
Multi Mapping to multi receiver
Hello all, I having a req that incoming IDoc hac multiple files say, <IDoc Name> <IDoc> <Field1> <Field2> <IDoc> <Field1> <Field2> <IDoc> <Field1> <Field2> Based on field 2 i
-
SOME (not all) sent mail disappearing
This is a strange one. As of a couple of days ago, if I send a new message it doesn't appear in my Sent mail. But if I reply to someone else's message, it does. The only thing I had changed was the email address on my account to match the ISP server
-
Hi. I have a question about SQL Server 2008 Standard. On my computer I have SQL Server 2005 and 2008 Standard full version. A couple months ago i install SQL 2008 r2 on my computer for test, but now it's not working becouse of expired license. I uins
-
IOS 7 and Photoshop touch not getting along well.
Hello adobe people, is anyone else experiencing the total instability of Photoshop touch for iPad on the new iOS 7? for some reason each time I launch he app it cycles to the screen where you decide between new projects or existing, when a project i