RV110w VLans
Hi, I'm looking to update our office network and replace our old wireless box.
I've been looking at the RV110w after a google search and need to find out some things before suggesting anything.
Currently our network is running a public IP address for each piece of equipment which we'd like to keep, mainly for ease. We have a wireless access point running in invisible mode for wireless client access to the entire network, and also a Netscreen firewall.
What I'd like to do is the following:
1. Keep public ip addresses for wired clients, complete with existing network/local server access/RDP.
2. Set up two VLans on private ip addresses - one to have full access as per the wired clients and the other only for guest Internet access.
Is this something the RV110w is able to do? If so how would I go about setting it up? If not, can anyone recommend another product that can do this?
Your help and advice would be greatly appreciated.
Many thanks in advance,
Paul
Dear Paul,
Thank you for reaching Cisco Small Business Support Community.
The RV110W is not capable of doing a One to One NAT so the only way to accomplish your public IP scheme would be by using static routes pointing to your wired RDP clients with public IP's, turning into a waste of public IP's in my opinion, so my suggestion is to look for another Small Business router like the RV220W that supports the One to One NAT feature to map every public IP to the particular LAN host IP. I also suggest you to look at the RV220W overview video and datasheet;
http://www.cisco.com/en/US/products/ps11025/index.html
VLAN support is not a problem with neither the RV110W (4 VlLAN's) or RV220W (16 VLAN's).
Please let me know if this answers your questions and/or if there is any further assistance we may help you with and thank you for your time and patience.
Kind regards,
Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer
*Please rate the Post so other will know when an answer has been found.
Similar Messages
-
I am trying to create a simple 2-VLAN configuration on an RV110W. After adding the VLANs, I am unsure how to specify whether the port traffic should be tagged, untagged or excluded.
On the VLAN Membership page, I want VLAN 3 associated with ports 1,2 and 3. I want VLAN 4 associated with port 4 only. I want both VLANs to have access to the internet, and I want the VLANs to be isolated from each other.
The VLAN Membership page looks like this:
VLANs Setting Table
Select
VLAN ID
Description
Port 1
Port 2
Port 3
Port 4
1
Default
Untagged
Untagged
Untagged
Untagged
3
WEI
Tagged
Tagged
Tagged
Excluded
4
JEM
Excluded
Excluded
Excluded
Tagged
Using these configuration options does not prevent computers on oneVLAN from accessing shares on the the other VLAN. What do I need to change? (The computers in this configuration are connected to dumb switches, which are connected to the LAN ports on the RV110W .)I am trying to create a simple 2-VLAN configuration on an RV110W. After adding the VLANs, I am unsure how to specify whether the port traffic should be tagged, untagged or excluded.
On the VLAN Membership page, I want VLAN 3 associated with ports 1,2 and 3. I want VLAN 4 associated with port 4 only. I want both VLANs to have access to the internet, and I want the VLANs to be isolated from each other.
The VLAN Membership page looks like this:
VLANs Setting Table
Select
VLAN ID
Description
Port 1
Port 2
Port 3
Port 4
1
Default
Untagged
Untagged
Untagged
Untagged
3
WEI
Tagged
Tagged
Tagged
Excluded
4
JEM
Excluded
Excluded
Excluded
Tagged
Using these configuration options does not prevent computers on oneVLAN from accessing shares on the the other VLAN. What do I need to change? (The computers in this configuration are connected to dumb switches, which are connected to the LAN ports on the RV110W .) -
RV110W - trying to set up 2 VLANS - are there docs / help for this?
I am trying to set up an RV110W router with 2 VLANs - 1 for guests to the office to just have internet access via wireless and another for employees to be able to access the LAN and internet wirelessly. I have not done anything with VLANs before, so please bear with me.
I thought this would be simple, but banging my head against the wall with all the terms in the docs:
http://www.cisco.com/en/US/docs/routers/csbr/rv110w/administration/guide/rv110w_admin.pdf
port 1 is connected to a wired LAN / unmanaged switch with office PCs. So these machines / nothing on this subnet tag the packets before they get to the router. This subnet is using 10.10.1.0/24
Port 2 is connected to an Engenius EAP 300, a wireless access point that can broadcast SSIDs and tie each SSID to a different VLAN.
SSID1 is called Private and is set to be VLAN 1. There's encryption on this SSID - only office staff would be able to log on.
SSID2 is called public and is set to be VLAN 10. There's no encryption on this SSID.
I know - the router also does this, but where the router is vs. where the wireless is needed, we need to have the Engenius at that remote location.
I have the RV110W set to give out 10.10.1.0/24 IPs when you connect to the SSID1 / VLAN1
And it gives out 10.10.10.0/24 IPs when you connect to the public SSID / VLAN10.
Both get on the internet fine. The only issue is how to set the VLAN membership for each port / and any other settings so that the wireless devices on VLAN 1 can get to the LAN devices on Port 1. (and the public / vlan 10 devices on the wireless network to NOT get to the devices on port 1, but i think that's working.
I played with tagged / untagged / excluded, for the port membership, but either the wireless VLAN 1 devices get blocked from even the web (when port 2 is set to untagged, since they ARE tagged VLAN1) or they can't get to port 1 when set to tagged, since the port 1 devices are all untagged and the reply packets get blocked?
the doc for this unit talks about inter-vlan routing but doesn't explain what that is. THe wireless isolation should be turned on for vlan 10, right? We don't want guests to be able to access other guest's machines?
I saw on page 71 on how to set up the guest network, but that's using the wireless built into the box, not a wireless access point.
Overall, what I want is:
VLAN 1: port 2 (with tagged VLAN1 packets) and port 1 (with untagged packets) can pass data between each other and access the internet
VLAN10: port 2 with tagged VLAN10 packets can only get to the internet.
Is that doable?
How?thanks. Still not working
For the vlan membership page
when set like this:
port1 port 2
vlan1 untagged untagged
vlan10 excluded tagged
connecting to the vlan1 wireless SSID on port 2, I can't even get an IP address from the router (the dhcp request can't even come through port 2 because it's saying vlan1 packets have to be untagged?
connecting to the vlan 10 wireless SSID on port 2 gets a DHCP address and can only get to the web, so that's good.
If I change the membership to:
port1 port 2
vlan1 untagged tagged
vlan10 excluded tagged
connecting to both SSIDs on port 2 will get you a dhcp address, and vlan1 devices can get into port 1, but trying to admin the wireless access device on port 2 or even pinging it, now fails - 'cause the router gatekeeper says if you want to come through port 2, your packets have to be tagged? and the packets from port 1 to port 2 are untagged?
If I change the membership to:
port1 port 2
vlan1 tagged tagged
vlan10 excluded tagged
connecting to both SSIDs on port 2 will get you a dhcp address, but replies from the wired PC on port 1 / vlan1 vlan1 can't get back out of port 1 'cause the router gatekeeper says if you want to leave through port 1, your packets have to be tagged? and the ping reply is coming form a device with untagged packets? although the devices on vlan1 / port 1 CAN get on the web with their untagged packets.
the wireless device says it supports 802.1q
http://www.engeniustech.com/resources/EAP300_DataSheet_v2.1.pdf
when they say port 2 / vlan 1 tagged, is it saying packets coming in FROM devices on that port have to be tagged? Or packets going TO devices on that port have to be tagged? or both directions?
Any advice? -
2 building VLAN setup; WLAN problems (RV110W)
Hi everyone,
I've set up a System consisting of two RV110W at one of our small sights. We use 3 separated networks for different purposes (security reasons).
- The first RV110W operates as a gateway connecting all the tree networks to the internet and is the DHCP server for all 3 networks.
- The second RV110W is in another building, connected to the first one over tagged VLAN Ethernet and has the function of an "access point".
Here the setup:
The problem is that WLAN access is not working properly (LAN works perfectly though):
- Often internet access over WLAN is not possible on "Guests network" (but connection to the network can mostly be established)
- The private networks can't be accessed at all. The client tries to connect but drops the attempt after a few seconds.
What is wrong?
Thank you very much for your helpThanks Marty for your reply.
I'm sorry I might have been a bit too imprecise on the VLANs. The numbers are wrong. Sorry, I just saw that now. Here the right ones:
Private 1: VLAN ID 1 (default) - is that ok from the security perspective? "fallback" into a private network? I read that VLAN ID 1 has special properties.
Private 2: VLAN ID 3
Guest: VLAN ID 5
As proposed by Marty I added VLAN ID 1 as untagged member on port 4 of router #1 and on port 1 of router #2. But it didn't change anything. The behavior is still exactly the same.
Could you elaborate a bit on your answer, so I could understand the mistake I did by setting all on tagged? Currently I don't.
Other suggestions to solve the problem?
I spotted "AP Management VLAN:" in the Wireless settings. It is currently set to VLAN 1. Is that ok? What is this setting for?
Thank you for your help!
Best wishes -
VLAN 101 basics for RV110W RV220W RV215W and others
I've been bashing my head against the wall trying to do, what I think are, basic things with a vlan with these boxes. I got it working once on a 110W a while ago, but not really sure how or why it is working / can't recreate it on the RV215W.
At its simplest, I have a server on port 1 of the router, with IP of 192.168.5.2. It and PCs are tied into a switch and working on the 192.168.5.0/24 subnet.
I connect a ubiquiti unifi wireless access point on port 2. It can do 2 seperate SSIDs, each with its own vlan. So let's call the SSIDs 5 and 10. 5 has a password. If you know that password / you connect to ssid 5 and can get on the web AND access the machines on port 1 (and would get an IP address of 192.168.5.0/24). the public SSID of 10 would get IP of 192.168.10.0/24
So SSID / VLAN / subnet 5 is to for the office people to access the server
SSID / VLAN / Subnet 192.168.10.0 is for guests and to keep them from getting to the server.
How do you set up the RVxxxW to allow this?
For ubiqiiti unifi, there is a controller installed on the server (on the .5 subnet) that talks to the access points. So the untagged packets on port 1 have to get to port 2 to get to the WAP.
I had to enable interVlan routing. Doesn't that allow the .10 users (on port 2) to get to the .5 server on port 1?
In the instance I got working, I wound up having 3 VLANS - 1, 5, 10. The 1 VLAN gave out 1.0 subnet IPs and the acecss points show they have the .1 IPs. that is working but not sure how I came up with that and why there needs to be 3 subnets?
And on the RV215W I am working with no, it has intervlan check boxes for each VLAN. Which to check and which to uncheck?
I have locked myself out of / rebooted the RV215W too many times already : ).
How can I ensure not to lock myself out?
THANKS!!Kremena; Thanks for the reply.
Yes, I set up the 2 VLANs 5 and 10 in the lan configuration page.
Let's keep it simple and let the router do DHCP for both.
As for LAN membership, that's where I get confused.
Port 2 has the access point. Packets from that will be untagged and yes, we need to talk to it from devices on port 1. THe port 1 devices are untagged also, if I am not mistaken.
So on port 2 there are 3 types of data
untagged to / from the access point that should be able to get to port 1 devices
tagged vlan5 that should be able to get to the port 1 devices
tagged vlan10 that should NOT be able to get to port 1 devices.
Wth just 2 subnets / vlans, you can't have those 3 types of data, right?
because based on what you say -
port1 port 2
vlan 1 ?? ??
vlan 5 untag untag
vlan 10 block tag
packets from port 2 that are tagged vlan 5 can't get out of port 2 if it's set to untagged as you mention above?!
Is thatt why I came up with 3 subnets / 3 vlans on the other network?
vlan 1 is subnet 192.168.1.0
vlan 5 is subnet 192.168.5.0
vlan 10 is subnet 192.168.10.0 for guests and kept off port 1
Then
port1 port2
vlan1 untag untag
vlan 5 tag tag
vlan 10 block tag
then the access point gets a vlan 1 IP address, people with the password through the access point get a vlan 5 / 5.0 IP address and can talk to the hardware on the port1 devices (but wait? the devices on port 1 have 5.0 IP addresses. and are untagged. whill they get to talk to port 2's vlan 5 5.0 devices? Or is that where interVLAN routing comes into play?
My head is spinnging!! -
Is RV110W capable of "selective" VPN routing? Split tunneling?
Hello,
I'm trying to find an anwer to for a question whether the RV110W is capable of distinguish between traffic that should go to VPN tunnel and traffic that should not go thru the VPN tunnel - I think this is called split tunneling.
I've been requested to create a VPN Tunnel between an office that's using the RV110W and one corporate network where a VPN server is running. That is quite easy as I know that RV110W has VPN client mode, however there a requirement not to route all traffic through the VPN tunnel. Only traffic that directs to the corporate network (certain ragne of IP addresses) should be routed thru the VPN tunnel and the rest that directs elsewhere should not go to VPN tunnel.
Is this achievable with this device?
If not, could you recommend me a device that is capable to satisfy this requirement?
Thank you for your anwers.Ladislav,
When you create a site to site VPN tunnel, all devices on each side that are on the same VLAN in which the tunnel is created should have access to each other. It will be like they are on the same network but they will have different IP subnets. So the answer is yes, devices on the "server" side should be able to access devices on the RV110W side.
- Marty -
Hello,
I have connected 2 LAN devices on my RV110W and a PC all of them with DHCP local ip.
from the pc I can ping successfully the two devices if I know their ip address. But when I try to discover any accessible device
the result is zero.
All the devices as soon as I call them by ip and not try to discover them, are communicating successfully, even remotely via vpn.
Everything seems to be right, when I use a non-VPN router or a switch or even a simple hub and the system works great.
im using VLAN 1 with all ports untagged, firewall and other settings that could cause packet loss is disabled.
What is wrong in my setup?If you have any policy under access restrictions, disable those. If you have MAC address filtering enabled disable that. If you have static IP address on router remove it.
-
This is my lan configuration:
RV110W router connects to the internet (PPOE) through WAN
Unmanaged switch #1 connects to lan port of RV110W
6 machines connect to the switch directly
I want to isolate 2 machine from the rest of ther other machines without additional hardware. These machines should not be able to access the RV110 configuration web interface. I heard this is possible by creating a subnet. How would I do that on the RV110w?
Here is the router configuration page demo:
https://www.cisco.com/web/sbtg/gui_mockups/RV110W/default.asp.htm
Are these the correct steps (no additional hardware or cabling):
1) Create another VLAN #2
2) Change both VLAN #1 and VLAN #2 to tagged on Port #1 (exclude the other ports)
3) Goto "LAN Configuration" and put the local IP as 192.168.2.1 for VLAN #2 and then change the subnet mask to 255.255.255.128?Hi, My name is Eric Moyers. I am a Network Support Engineer in the Cisco Small Business Support Center. Thank you for using the Cisco Community Post Forums.
That should get you started in the right direction. Also remember to go to the Networking - Routing tab and make sure that Inter-Vlan Routing is disabled if you do not want the two vlans to be able to talk to each other.
Thanks
Eric Moyers .:|:.:|:.
Cisco Small Business US STAC Advanced Support Engineer
Wireless Subject Matter Expert
CCNA, CCNA-Wireless
*Please rate the Post so other will know when an answer has been found. -
On rv110w, I have 4 vlans.
vlan3 feeds a dumb switch and a Wireless AP. When looking at router DHCP leases, it shows devices connected that are not connected. Kinda like it doesn't refresh the list. Set to 50 leases. Questions: Is this normal? How often should it refresh? Is the DHCP time put in as minutes???
Many thanks for providing related info.When time was set for 5 minutes, after 10plus minutes, the Networking-LAN-DHCP Leased clients shows a total of 50 (max) clients for VLAN3 and there should have been only 2 connected.
I had to ping the AP to get that VLAN returned to life (showing up as connected devices under status tab). This VLAN3 connection does not appear to be stable as the wireless through the AP (and even the switch) is unreliable. The AP has a static IP of .3.50 which is less than the .3.100-.3.149 range. I assume this is the correct setup for the AP??
Thanks for the help. The devices that are connected to the switch don't always show up. Something is wrong here, just can't put my finger on it. -
I am looking to Cisco to pehaps add the following to the entire line of RV series VPN capable firewalls. (at least the RV110w)
Add EZ_VPN, with ability to store remote usename password for tunnel auth.
Add option 150 in the LAN DHCP config
Supporting multiple subnets across a site to site vlans
Voice vlan support?
It seems to me the RV series VPN capable devices would be great for teleworkers that use a Cisco UC phone system such as the UC500 series that support EZ_VPN, as the SSL vpn on the SPA525 is buggy and unusable in a lot of my installations. and installing the SA/SR endpoints (most of with are end of life) devices are costly. Also allows one to use lower cost SPA phones for remote users.
Since Cisco spent the time to add all the advanced IPSec options to allow one to connect to most any IPsec device, and are marketing this for teleworkers haveing the features listed above would really help.Hi mlemmo, you should call the small business support center to make a feature request.
Traditionally, the small business routers have not supported the Cisco VPN clients. The latest exceptions have been the SA500 and SRP500 series supporting the Cisco VPN client and the ISA supporting AnyConnect. Currently, the bigger brothers of the RV110 also do not support the Cisco VPN clients except for QVPN.
-Tom
Please mark answered for helpful posts -
How do I route multiple SB302 switches at different sites and their VLANs?
Hello Cisco Support Community,
First thank you for any replies.
The video posted today on 302's and multiple VLAN's on one switch was nice.
Thank you, I have that working but it's not really what I need.
Though pictures are worth a 1000 words so I hope someone will post something similar to my question.
I have 7 - SB 302-08 switches with the most recent firmware. (updated firmware today, thanks to the video, and TG for the CLI)
All 302's are configured for layer 3.
This is my first experience with the SMB line of switches.
I have a main office and several satellite branch offices.
All locations are connected back with a "Q to Q" circuit on individual ports to a vendor supplied switch at the main office.
I need to link all branch office 302 switches back to the main office 302 switch and allow traffic amongst them.
Mainly traffic between each branch office and the main office.
There maybe a future need to incorporate VoIP on them as well, but that is a back burner issue.
These locations will have an individual VLAN and 302 switch but need to receive data from the main VLAN and possibly others.
I have a "core" SB 302 setup at the main office with its own VLAN.
Each branch switch has its own VLAN.
I would also like to have a centralized management VLAN for the switches.
In trying to configure the core 302 I keep losing connectivity and having to reset it.
On the branch switches I end up getting them to only link to themselves with different IP's and not the core.
I'm assuming this is caused by my not configuring interconnectivity using ACL.
Please let me know if you need additional information.
ThanksAlllan,
Well first you want to make sure you are running latest firmware 1.1.1.8 I do believe
Next either console into the switch or you can turn on SSH/Telnet under Web gui (Security••àTCP/UDP services and make sure SSH/Telent is enabled)
Now we configure the switch via Cli
We need to enter global configuration mode.
Configure Terminal
(next add our vlans)
Vlan database
Vlan 10
Vlan 20
Vlan 30
Exit
(you can run show command to see your vlans)
do show vlan
(Now configure the port how you would like)
Interface GE1
Switchport mode access (this is making Gigabit port 1 an access port)
Switchport access vlan 20 (this command is changing access port vlan from 1 to 20)
(less configure a trunk port)
Interface GE2
Switchport mode trunk (this makes port 2 for trunking)
(Now less add our Vlans)
Switchport trunk native vlan 1
Switchport trunk allowed vlan add 10,20,30
Exit global configuration
(Use this command to copy your settings to startup)
Copy running-config startup-config
(Some screen shots attached)
I see you have a WRT54G router which i don't think support vlans unless you have 3rd party OS installed.
So currently is the SG300 swtich operating in layer 2 or layer 3 , guessing this is why you choose to move up to 300 series switch?
If the switch is not in layer 3 mode but in layer2 when setting it to layer3 the switch will default all pervious settings.
If the switch is set in layer 3 mode you might have forgot your default route
(Command setting default route)
configure terminal
ip route 0.0.0.0 0.0.0.0 192.168.1.1 (192.168.1.1 being address of your WRT54G)
Now you would need to set up ACL's to deny and allow what traffic you wanted to filter on the SG300
Also reading your post we would need you to call into support center SBSC @ 1-866-606-1866
This way we could get a better idea of your current configuration and assist with fixing or finding a solution for you.
you have 1 year phone support with this product
Thanks,
Jasbryan -
The difference between IEEE802.1Q Native VLAN sub-interface and Physical interface?
Hello
I think the following topologies are supported for Cisco Routers
And the Physical interface also can be using as Native VLAN interface right?
Topology 1.
R1 Gi0.1 ------ IEEE802.1Q Tunneling L2SW ------ Gi0 R2
R1 - configuration
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
ip address 10.0.0.1 255.255.255.0
Topology 2.
R1 Gi0 ------ IEEE802.1Q Tunneling L2SW ------ Gi0 R2
interface GigabitEthernet0
ip address 10.0.0.1 255.255.255.0
And is it ok to use the physical interface and sub-interface with dynamic routing such as EIGRP or OSPF etc?
R1 Gi 0 ---- Point to Multipoint EIGRP or OSPF ---- Gi0 R2 / R3
Gi 0.20--- Point to Point EIGRP or OSPF --- Gi0.10 R4 (same VLAN-ID)
R1 - configuration
interface GigabitEthernet0
ip address 10.0.0.1 255.255.255.0
interface GigabitEthernet8.20
encapsulation dot1Q 20
ip address 20.0.0.1 255.255.255.0
Any information is very appreciated. but if there is any CCO document please let me know.
Thank you very much and regards,
Masanobu HiyoshiHello,
The diagram is helpful.
If I am getting you correctly, you have three routers interconnected by a switch, and you want them to operate in a hub-and-spoke fashion even though the switch is capable of allowing direct communication between any of these routers.
Your first scenario is concerned with all three routers being in the same VLAN, and by using neighbor commands, you force these routers to establish targeted EIGRP adjacencies R1-R2 and R1-R3, with R1 being the hub.
Your second scenario is concerned with creating one VLAN per spoke, having subinterfaces for each spoke VLAN created on R1 as the router, and putting each spoke just in its own VLAN.
Your scenarios are not really concerned with the concept of native VLAN or the way it is configured, to be honest. Whether you use a native VLAN in either of your scenarios, or whether you configure the native VLAN on a subinterface or on the physical interface makes no difference. There is simply no difference to using or not using a native VLAN in any of your scenarios, and there is no difference to the native VLAN configuration being placed on a physical interface or a subinterface. It's as plain as that. Both your scenarios will work.
My personal opinion, though, is that forcing routers on a broadcast multi-access segment such as Ethernet to operate in a hub-and-spoke fashion is somewhat artificial. Why would you want to do this? Both scenarios have drawbacks: in the first scenario, you need to add a neighbor statement for each spoke to the hub, limiting the scalability. In the second scenario, you waste VLANs and IP subnets if there are many spokes. The primary question is, though: why would you want an Ethernet segment to operate as a hub-and-spoke network? Sure, these things are done but they are motivated by specific needs so I would like to know if you have any.
Even if you needed your network to operate in a hub-and-spoke mode, there are more efficient means of achieving that: Cisco switches support so-called protected ports that are prevented from talking to each other. By configuring the switch ports to spokes as protected, you will prevent the spokes from seeing each other. You would not need, then, to configure static neighbors in EIGRP, or to waste VLANs for individual spokes. What you would need to do would be deactivating the split horizon on R1's interface, and using the ip next-hop-self eigrp command on R1 to tweak the next hop information to point to R1 so that the spokes do not attempt to route packets to each other directly but rather route them over R1.
I do not believe I have seen any special CCO documents regarding the use of physical interfaces or subinterfaces for native VLAN or for your scenarios.
Best regards,
Peter -
Aggregates, VLAN's, Jumbo-Frames and cluster interconnect opinions
Hi All,
I'm reviewing my options for a new cluster configuration and would like the opinions of people with more expertise than myself out there.
What I have in mind as follows:
2 x X4170 servers with 8 x NIC's in each.
On each 4170 I was going to configure 2 aggregates with 3 nics in each aggregate as follows
igb0 device in aggr1
igb1 device in aggr1
igb2 device in aggr1
igb3 stand-alone device for iSCSI network
e1000g0 device in aggr2
e1000g1 device in aggr2
e1000g2 device in aggr3
e1000g3 stand-alone device of iSCSI network
Now, on top of these aggregates, I was planning on creating VLAN interfaces which will allow me to connect to our two "public" network segments and for the cluster heartbeat network.
I was then going to configure the vlan's in an IPMP group for failover. I know there are some questions around that configuration in the sense that IPMP will not detect a nic failure if a NIC goes offline in the aggregate, but I could monitor that in a different manner.
At this point, my questions are:
[1] Are vlan's, on top of aggregates, supported withing Solaris Cluster? I've not seen anything in the documentation to mention that it is, or is not for that matter. I see that vlan's are supported, inluding support for cluster interconnects over vlan's.
Now with the standalone interface I want to enable jumbo frames, but I've noticed that the igb.conf file has a global setting for all nic ports, whereas I can enable it for a single nic port in the e1000g.conf kernel driver. My questions are as follows:
[2] What is the general feeling with mixing mtu sizes on the same lan/vlan? Ive seen some comments that this is not a good idea, and some say that it doesnt cause a problem.
[3] If the underlying nic, igb0-2 (aggr1) for example, has 9k mtu enabled, I can force the mtu size (1500) for "normal" networks on the vlan interfaces pointing to my "public" network and cluster interconnect vlan. Does anyone have experience of this causing any issues?
Thanks in advance for all comments/suggestions.For 1) the question is really "Do I need to enable Jumbo Frames if I don't want to use them (neither public nore private network)" - the answer is no.
For 2) each cluster needs to have its own seperate set of VLANs.
Greets
Thorsten -
Can you help me with this ( vlan,accesslist,management )
here's the scenario I have two vlan 10 & 20
I have 2 switch and 1 router
the target of this setup is that vlan 10 can ping or reach vlan 20 but vlan 20 cannot be reach or ping vlan 10 it is that possible
Here's the setup
In SW0
vlan 10
name Management
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
interface FastEthernet0/2
switchport trunk allowed vlan 10
switchport mode trunk
In SW1
interface FastEthernet0/1
switchport trunk allowed vlan 20
switchport mode trunk
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
In Router
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
ip access-group 1 out
interface FastEthernet0/0.20
no ip address
interface FastEthernet0/1
no ip address
duplex auto
speed auto
interface FastEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip access-group 1 out
interface Vlan1
no ip address
shutdown
ip classless
access-list 1 deny 192.168.20.0 0.0.0.255
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 deny host 192.168.20.11
access-list 1 permit host 192.168.10.11
access-list 1 deny any
access-list 1 permit any
Im new so i dont know if my setup is correct ...
can any1 help me about this,,,
thanks.Hi,
let's suppose PC0(Vlan 10) wants to communicate with PC1(Vlan 20):
-traffic enters f0/0.10 with src 10.11 and dst 20.11 and it is forwarded out f0/1.20 where there is an egress ACL
-this is a standard ACL so it matches on source only and there is a hit for second entry permit 192.168.10.0 0.0.0.255
-now PC1 replies and traffic enters f0/1.20 and is forwarded out f0/0.10 where there is egress ACL
-there is a hit on first entry deny 192.168.20.0 0.0.0.255( packet src is 20.11 and dst 10.11)
So end result is that Vlan 10 cannot reach Vlan 20.
I don't think this is what you wanted
Now of course traffic sourced from any PC in Vlan 20 destined to PC0 is filtered as you wanted because it is filtered on f0/0.10 outbound as above.
ACLs are stateless and communication in TCP/IP is bidirectional so the best way to achieve what you want to do if you want to filter more than Pings would be to use CBAC or ZBF or reflexive ACLs
Regards
Alain
Don't forget to rate helpful posts. -
Setting up Multiple SSID's & VLAN
I have a Cisco 1230 AP along with a Sonic Wall TZ 210 and a Linksys SFE 2010P switch. On my AP I have created 2 SSID's. and 2 VLAN's. The first SSID is being broadcasted and has WPA encryption on it for our Corporate USers. The Second SSID is a Guest SSID and too is being broadcasted. I can make a laptop connect to the 1st SSID, but for some reason the 2nd SSID nothing will connect to it. The first SSID is associated to VLAN1 and the 2nd SSID is associated to VLAN2. VLAN1 has WPA encryption on it. VLAN2 is setup as Open and no Encryption. Any ideas?
My next question is how to I configure traffic on this AP with the other equipment mentioned? On my sonicwall we have segmented port6 on it to be a different subnet from the corporate subnet. On the Linksys switch I have enable VLANS on port2 and port48 which are on VLAN2. All other ports are on VLAN1. The AP connects to Ports 2 on the linksys switch and port 48 connects to port 6 on the Sonic Wall. When a corporate user connects to SSID1 I want them to be able to connect to the Corporate subnet. When a guest connects to SSID2 I want them to connect to the segmented guest network to only have Internet Access.
Hope this makes sense!
Below is my config on the AP. I am really only familiar with the IOS web interface so if you can explain it using that I'd appreciate it.
AP_WLAN_Bakery
Home Exec Configure
------------------ show version ------------------
Cisco IOS Software, C1200 Software (C1200-K9W7-M), Version 12.3(8)JEB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Fri 20-Jul-07 20:51 by dchih
ROM: Bootstrap program is C1200 boot loader
BOOTLDR: C1200 Boot Loader (C1200-BOOT-M) Version 12.2(8)JA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
AP_WLAN_Bakery uptime is 1 hour, 40 minutes
System returned to ROM by reload
System restarted at 10:52:05 -0400 Fri Oct 15 2010
System image file is "flash:/c1200-k9w7-mx.123-8.JEB1/c1200-k9w7-mx.123-8.JEB1"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-AP1231G-A-K9 (PowerPC405GP) processor (revision B0) with 15138K/1236K bytes of memory.
Processor board ID FOC0849218B
PowerPC405GP CPU at 196Mhz, revision number 0x0145
Last reset from reload
1 FastEthernet interface
1 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:12:D9:8B:09:93
Part Number : 73-8704-08
PCA Assembly Number : 800-23211-09
PCA Revision Number : A0
PCB Serial Number : FOC0849218B
Top Assembly Part Number : 800-23304-08
Top Assembly Serial Number : FTX0902R2V1
Top Revision Number : A0
Product/Model Number : AIR-AP1231G-A-K9
Configuration register is 0xF
------------------ show running-config ------------------
Building configuration...
Current configuration : 2544 bytes
! Last configuration change at 12:07:29 -0400 Fri Oct 15 2010 by admin
! NVRAM config last updated at 12:07:29 -0400 Fri Oct 15 2010 by admin
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname AP_WLAN_Bakery
clock timezone -0500 -5
clock summer-time -0400 recurring
ip subnet-zero
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
dot11 vlan-name VLAN_Corporate vlan 1
dot11 vlan-name VLAN_Guest vlan 2
dot11 ssid WLAN_Corporate
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 005740565C0C5C5F5C741F
dot11 ssid WLAN_HartKitGuest
vlan 2
authentication open
mbssid guest-mode
username admin privilege 15 password 7 <removed>
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm tkip
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
mbssid
speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
station-role root
no dot11 extension aironet
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
interface BVI1
ip address 192.168.2.240 255.255.255.0
no ip route-cache
ip default-gateway 192.168.2.1
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
sntp server 192.168.2.5
sntp broadcast client
end
------------------ show stacks ------------------
Minimum process stacks:
Free/Size Name
4572/5500 soap_flash init
10024/11000 DHCP Autoinstall
5160/5500 Autoinstall
11748/12000 Setup
10552/11000 BootP Resolver
5240/5500 dot11 platform init
8824/12000 Init
5088/5500 RADIUS INITCONFIG
2576/3000 Rom Random Update Process
5144/11000 HTTP CP
3084/5500 Soap Flash Save Variables
Interrupt level stacks:
Level Called Unused/Size Name
4 125707 8056/9000 dot11 radio interrupt
6 9783 8960/9000 NS16550 VECTOR
------------------ show interfaces ------------------
BVI1 is up, line protocol is up
Hardware is BVI, address is 0012.d98b.0993 (bia 0013.1973.8d50)
Internet address is 192.168.2.240/24
MTU 1500 bytes, BW 54000 Kbit, DLY 5000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
5 minute input rate 10000 bits/sec, 9 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
59436 packets input, 8310033 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
31826 packets output, 18823451 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:15:20, output 00:15:20, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 47
Queueing strategy: fifo
Output queue: 0/30 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
16093 packets input, 1696312 bytes, 0 no buffer
Received 1913 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
8367 packets output, 2930004 bytes, 0 underruns
13 output errors, 0 collisions, 37 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0.1 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Dot11Radio0.2 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, MII
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/160/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 13000 bits/sec, 10 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
75878 packets input, 12726627 bytes
Received 43517 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
38986 packets output, 19917202 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet0.1 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0.2 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
------------------ show controllers ------------------
interface Dot11Radio0
Radio AIR-MP31G, Base Address 0013.1973.8d50, BBlock version 0.00, Software version 6.11.1
Serial number: FOC0901D4S1
Number of supported simultaneous BSSID on Dot11Radio0: 8
Carrier Set: Americas (US )
Uniform Spreading Required: No
Current Frequency: 2412 MHz Channel 1
Allowed Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11)
Listen Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11) 2467(12) 2472(13) 2484(14)
Beacon Flags: 0; Beacons are enabled; Probes are enabled
Current CCK Power: 100 mW
Allowed CCK Power Levels: 1 5 10 20 30 50 100
Current OFDM Power: 30 mW
Allowed OFDM Power Levels: 1 5 10 20 30
Allowed Client Power Levels: 1 5 10 20 30 50 100
ERP settings: short slot time.
Neighbors in non-erp mode:
Current Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Active Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Allowed Rates: 1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Range Rates: basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Throughput Rates: basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Default Rates: basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
Current Voice Rates: 5.5 6.0 11.0 12.0 24.0 [disabled until voice packet-discard enabled]
Default Voice Rates: 5.5 6.0 11.0 12.0 24.0
Channel / Max Power Table
1 O=15 D=20, 2 O=15 D=20, 3 O=15 D=20, 4 O=15 D=20, 5 O=15 D=20
6 O=15 D=20, 7 O=15 D=20, 8 O=15 D=20, 9 O=15 D=20, 10 O=15 D=20
11 O=15 D=20
Data Rate Sensitivity (rate, SNR dB, Contention dBm)
( 1.0, 1, -98) ( 2.0, 7, -94) ( 5.5, 9, -92) (11.0, 16, -86)
( 6.0, 7, -92) ( 9.0, 14, -87) (12.0, 12, -87) (18.0, 15, -84)
(24.0, 17, -82) (36.0, 24, -76) (48.0, 29, -73) (54.0, 33, -69)
Radio Management (RM) Configuration:
Regular AP RM Mode 1 Temp Setting Disabled
Temp Settings: AP Tx Power 0 AP Tx Channel 0 Client Tx Power 0
Rates:
Saved Settings: AP Tx Power 0 AP Tx Channel 1 Client Tx Power 0
Rates:
MCST RSCs: [0]0x0 [1]0x0 [2]0x0 [3]0x0 [4]0x0
TKIP Cum Stats: STA MIC-L-Errs MIC-R-Errs Replay C-Measure
0000.0000.0000 00000000 00000000 00000000 00000000
AES-CCMP Cum Stats: 00000000 replays discarded
QBSS Load: 0x0
Policing Stats:Rx downgardes 0, Tx downgrades 0
Configured Local Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 6 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 1 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 1 admission-control Off txop 1504
Configured Cell Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 10 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 2 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 2 admission-control Off txop 1504
Transmit queues: Active 0 In Progress 0
---- Active --- In-Progress --------------- Counts --------------
Cnt Quo Bas Max Cnt Quo Bas Sent Discard Fail Retry Multi
Uplink 0 0 0 0 0 0 0 0 0 0 0 0
Voice 0 0 0 0 0 0 0 55 0 0 1 1
Video 0 0 0 0 0 0 0 0 0 0 0 0
Best 0 3 70 3 0 3 24 7937 0 0 127 12
Mcast 0 0 0 0 0 0 0 329 0 0 0 0
Mcast 0 0 0 0 0 0 0 30 0 0 0 0
Back 0 0 0 0 0 0 0 329 0 0 0 0
BSSIDS Index Flags State Next Held Defer NonDefer Clients Tsf Dtim Txq
8D50 0 20 0 0 0 0 0 0 200 2 0
8D51 1 20 0 0 0 0 0 0 150 2 1
UP ClientQAged AcQAged PacketAged Drop Retry/Thresh Timeout CQMax
7 0 0 0 3/100 0/500 35 4
6 0 0 0 3/100 0/500 35 4
5 0 0 0 3/100 0/500 35 4
4 0 0 0 3/100 0/500 35 4
3 0 0 0 3/100 0/500 35 4
2 0 0 0 3/100 0/500 35 4
1 0 0 0 3/100 0/500 35 4
Driver TX blocks: in use 0, high 10, at reset 0, fail 0, reclaim 0
Clients: 8021x auth in prog 0 allowed 0
Vlan BSSID Clients PSP Pri Encr Key0 Key1 Key2 Key3 SSIDs
0 8D50 0 0 0 0 234 x128
1n 8D50 0 0 0 0 234 x128 WLAN_Corporate
2 8D51 1 0 0 0 0 WLAN_HartKitGuest
0 0 flags 3
1 1 flags 3
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
17 0 flags 0
18 0 flags 0
Registers: io E8000000 mem 80000000 aux A0000000
0000 FF50 0000 0000 0021 0000 0000 0000
0001 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0500 0007 0000 0000 0808 09E8 0000 0504
0000 0000 0000 0000 0424 0059 E2ED 2D9D
00000000 00000200 20000200 FFFFFFFF F7FFFFFF 00000000 00000000 00200000
FFFFFFE2 00000FFF 72ED14BD 4A040401 00000000 00000000 00008000 00008080
00000000 00000000 00000000 00000000 00008F78 000012DC 00000000 0000C0EA
Radio running: temp 0 C tx_power 100 bb_code 0x0
rssi_threshold 0x0 gain offset 0
Antenna: external , gain 20 (platform 0, domain class A)
PCI sys_id: 0xA506 subsys_id 0x5100 (0x5101)
Unicast ciphers 0x1 mcast ciphers 0x1
Rid Ring:
A0000970: 009C8000 20ED1EA0 * n
Rx Ring:
A0000950: 893E0002 20ED3478 v, 893E0002 20EDEE60 v
A0000960: 893E0002 20EE4B54 v, 893E0002 20EDB068 * v
Tx Ring:
A0000800: 06108000 20ECFCE4 n, 009A8000 20ECD764 n
A0000810: 00AE8000 20ECF064 n, 010C8000 20ECD124 n
A0000820: 010C8000 20ECCE04 n, 010C8000 20ECE0C4 n
A0000830: 010C8000 20ECED44 n, 00668000 20ECB174 n
A0000840: 006A8000 20ECCA64 n, 010C8000 20ECDDA4 n
A0000850: 010C8000 20ECF6A4 n, 01848000 20ECF9C4 n
A0000860: 022A8000 20ECCE04 n, 01848000 20ECF9C4 n
A0000870: 06158000 20ED113C n, 01848000 20ECE3E4 n
A0000880: 022A8000 20ECF064 * n, 01188000 20ECD124 n
A0000890: 05688000 20ED0A74 n, 057C8000 20ED03AC n
A00008A0: 010C8000 20ECED44 n, 010C8000 20ECDDA4 n
A00008B0: 010C8000 20ECF6A4 n, 010C8000 20ECF9C4 n
A00008C0: 00748000 20ECB054 n, 05FC8000 20ED1804 n
TxDn Ring:
A0000930: 802C0000 20ED26A0 v, 802C0000 20ED2778 v
A0000940: 802C0000 20ED2850 * v, 802C0000 20ED2928 v
Multicast counters:
Internal MC counts:
28 (28) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0)
Log Buffer:
PowerPC405GP Ethernet unit 0
PHY Hardware is Intel LXT971 rev. 2 (id_register: 0x13, 0x78E2)
rx_intr: 0 tx_intr: 0 mac_err_isr: 0 phy_link_isr:0
Current station address 0012.d98b.0993, default address 0012.d98b.0993
MAL register dump:
malcr 0x0007C082 0x180
malesr 0x00000000 0x181
malier 0x0000000F 0x182
maltxcasr 0x80000000 0x184
maltxcarr 0x80000000 0x185
maltxeobisr 0x00000000 0x186
maltxdeir 0x00000000 0x187
malrxcasr 0x80000000 0x190
malrxcarr 0x80000000 0x191
malrxeobisr 0x00000000 0x192
malrxdeir 0x00000000 0x193
maltxctp0r 0x00EE6120 0x1A0
malrxctp0r 0x00EE6020 0x1C0
malrcbs0 0x00000060 0x1E0
EMAC register dump:
emacmr0 0x18000000 0x00
emacmr1 0xA1788000 0x04
emactmr0 0x00000000 0x08
emactmr1 0x380F0000 0x0C
emacrmr 0x7D180000 0x10
emacisr 0x00000002 0x14
emacier 0x00000001 0x18
emaciah 0x00000012 0x1C
emacial 0xD98B0993 0x20
emacptr 0x0000FFFF 0x2C
emaclsah 0x00000040 0x50
emaclsal 0x2B637E9B 0x54
emacipgr 0x00000004 0x58
emacstacr 0x47808011 0x5C
emactrtr 0x18000000 0x60
emacrwmr 0x0F002000 0x64
emacoctx 0x0132EA47 0x68
emacocrx 0x00C72D8B 0x6C
UIC register dump:
uicsr 0x00001FA3 0xC0
uicer 0x803F0048 0xC2
uicmsr 0x00000000 0xC6
PHY register dump:
3100 782D 0013 78E2 01E1 41E1 0007 2001 0000 0000 0000 0000 0000 0000 0000 0000
0384 4780 0032 0000 0422 0000 0000 0000 0000 0000 08C8 0000 0000 0000 0000
RX ring with 16 entries at 0xEE6020, Buffer size 1528
Rxhead = 0xEE6048 (5), Rxp = 0xB67360 (5)
00 pak=0x0B6D644 buf=0x0EF2BDC status=9C00 pak_size=0
01 pak=0x0B6CCA8 buf=0x0EF17A8 status=9C00 pak_size=0
02 pak=0x0B68C98 buf=0x0EE90F8 status=9C00 pak_size=0
03 pak=0x0B6BCA4 buf=0x0EEF5FC status=9C00 pak_size=0
04 pak=0x0B6DFE0 buf=0x0EF4010 status=9C00 pak_size=0
05 pak=0x0B6CFDC buf=0x0EF1E64 status=9C00 pak_size=0
06 pak=0x0B6C640 buf=0x0EF0A30 status=9C00 pak_size=0
07 pak=0x0B682FC buf=0x0EE7CC4 status=9C00 pak_size=0
08 pak=0x0B6E648 buf=0x0EF4D88 status=9C00 pak_size=0
09 pak=0x0B6E97C buf=0x0EF5444 status=9C00 pak_size=0
10 pak=0x0B6ECB0 buf=0x0EF5B00 status=9C00 pak_size=0
11 pak=0x0B6ACA0 buf=0x0EED450 status=9C00 pak_size=0
12 pak=0x0B68630 buf=0x0EE8380 status=9C00 pak_size=0
13 pak=0x0B6D310 buf=0x0EF2520 status=9C00 pak_size=0
14 pak=0x0B6C974 buf=0x0EF10EC status=9C00 pak_size=0
15 pak=0x0B6B63C buf=0x0EEE884 status=DC00 pak_size=0
TX ring with 8 entries at 0xEE6120, tx_count = 0
tx_head = 0xEE6148 (5), head_txp = 0xB673BC (5)
tx_tail = 0xEE6148 (5), tail_txp = 0xB673BC (5)
00 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
01 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
02 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
03 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
04 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
05 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
06 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
07 pak=0x0000000 buf=0x0000000 status=5400 pak_size=0
0 missed datagrams, 0 overruns
0 transmitter underruns, 0 excessive collisions
0 single collisions, 0 multiple collisions
0 dma memory errors, 0 CRC errors
0 alignment errors, 0 runts, 0 giants
emac/mal specific errors:
0 rx in range, 0 rx out range
0 mal_rx_serr, 0 mal_tx_serr
0 mal_rx_de, 0 mal_tx_de
0 emac_int
0 mal_err_isr
0 SQE errors, 0 tx CRC errors
0 output queue fail
------------------ show data-corruption ------------------
No data inconsistency errors have been recorded.
------------------ show file systems ------------------
File Systems:
Size(b) Free(b) Type Flags Prefixes
* 7741440 2734080 flash rw flash:
- - opaque rw bs:
7741440 2734080 unknown rw zflash:
- - opaque rw archive:
- - opaque rw system:
32768 29138 nvram rw nvram:
- - network rw tftp:
- - opaque rw null:
- - opaque ro xmodem:
- - opaque ro ymodem:
- - network rw rcp:
- - network rw ftp:
- - network rw http:
- - network rw scp:
- - network rw https:
------------------ show flash: ------------------
Directory of flash:/
2 -rwx 1048 Oct 15 2010 12:07:29 -04:00 private-multiple-fs
5 drwx 512 Oct 15 2010 10:36:30 -04:00 c1200-k9w7-mx.123-8.JEB1
4 -rwx 716 Feb 28 2002 19:06:22 -05:00 env_vars
146 -rwx 2549 Oct 15 2010 12:07:29 -04:00 config.txt
148 -rwx 5 Oct 15 2010 12:07:29 -04:00 private-config
7741440 bytes total (2734080 bytes free)
------------------ dir nvram: ------------------
Directory of nvram:/
30 -rw- 2549 <no date> startup-config
31 ---- 5 <no date> private-config
1 -rw- 0 <no date> ifIndex-table
32768 bytes total (29138 bytes free)
------------------ show memory statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431436 2278064 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show process memory ------------------
Total: 5975164, Used: 2899444, Free: 3075720
PID TTY Allocated Freed Holding Getbufs Retbufs Process
0 0 3373064 827724 1898920 0 0 *Init*
0 0 11804 7372856 11804 0 0 *Sched*
0 0 66125428 65999528 293168 434276 0 *Dead*
1 0 0 0 6416 0 0 Chunk Manager
2 0 188 188 3916 0 0 Load Meter
3 0 448120 443220 18392 0 0 HTTP CP
4 0 19548 0 25964 0 0 Check heaps
5 0 86364 207192 37368 49920 137052 Pool Manager
6 0 0 0 6416 0 0 AAA_SERVER_DEADT
7 0 188 188 6416 0 0 Timers
8 0 188 188 6416 0 0 AAA high-capacit
9 0 488 0 6904 0 0 SNTP
10 0 76 0 6492 0 0 ARP Input
11 0 3232 540 9108 0 0 Entity MIB API
12 0 0 0 6416 0 0 HC Counter Timer
13 0 188 188 6416 0 0 GraphIt
14 0 0 0 6416 0 0 Net Input
15 0 0 0 6416 0 0 Critical Bkgnd
16 0 19648 136 12180 0 0 Net Background
17 0 188 188 11916 0 0 Logger
18 0 188 188 6416 0 0 TTY Background
19 0 0 0 9916 0 0 Per-Second Jobs
20 0 188 188 6416 0 0 Compute load avg
21 0 0 0 6416 0 0 Per-minute Jobs
22 0 125880 59144 52956 0 0 Dot11 driver
23 0 188 188 6416 0 0 Dot11 driver log
24 0 0 0 6416 0 0 Voice Metrics Ta
25 0 0 0 6416 0 0 SOAP LED Process
26 0 188 188 6416 0 0 AAA Server
27 0 0 0 6416 0 0 AAA ACCT Proc
28 0 0 0 6416 0 0 ACCT Periodic Pr
29 0 2343100 10891400 16904 0 7173144 IP Input
30 0 0 0 6416 0 0 ICMP event handl
31 0 188 188 6416 0 0 AAA Dictionary R
32 0 47124 44272 9200 0 0 CDP Protocol
33 0 0 0 6416 0 0 linktest
34 0 964 964 9916 0 0 Dot11 aaa proces
35 0 0 0 9916 0 0 pmkid
36 0 188 6404 6416 0 0 Dot11 Mgmt & Ass
37 0 1636 1224 6644 0 0 AiroIAPP Protoco
38 0 188 188 6416 0 0 Triggered events
39 0 188 188 9916 0 0 Dot11 auth Dot1x
40 0 0 0 6416 0 0 Dot11 Mac Auth
41 0 1276 0 7692 0 0 Dot11CACprocess
42 0 0 1285716 11916 0 0 TCP Timer
43 0 0 0 11916 0 0 TCP Protocols
44 0 0 0 6416 0 0 Socket Timers
45 0 41144 11308 23364 0 0 DHCPD Receive
46 0 58666708 40499364 31400 6957504 101520 HTTP CORE
47 0 1072 188 12800 0 0 Soap Upgrade fet
48 0 10608 188 16836 0 0 DDP
49 0 344168 1754412 6416 0 0 LOCAL AAA
50 0 188 188 6416 0 0 AAA Cached Serve
51 0 188 188 6416 0 0 ENABLE AAA
52 0 188 188 6416 0 0 LINE AAA
54 0 2056 188 8284 0 0 TPLUS
55 0 604 188 9332 0 0 Crypto WUI
56 0 0 0 6416 0 0 EM Background Pr
57 0 188 308 6416 0 0 Soap Consoleless
58 0 72384 66968 14332 0 0 Crypto CA
59 0 0 0 8916 0 0 Crypto PKI-CRL
60 0 0 0 8916 0 0 Crypto SSL
61 0 2056 15044 6416 0 0 AAA SEND STOP EV
62 0 188 188 6416 0 0 Dot11 LBS Proc
63 0 0 0 6416 0 0 Syslog Traps
65 0 0 0 6416 0 0 DHCPD Timer
66 0 76 484 9992 0 0 DHCP Client
67 0 636960 188 22156 421308 0 HyBridge Input P
68 0 344 188 6588 0 0 Tbridge Monitor
69 0 344 188 6572 0 0 Spanning Tree
70 0 156 0 6628 0 0 DHCPD Database
2897284 Total
------------------ show process cpu ------------------
CPU utilization for five seconds: 16%/0%; one minute: 4%; five minutes: 1%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 0 1 0 0.00% 0.00% 0.00% 0 Chunk Manager
2 4 1196 3 0.00% 0.00% 0.00% 0 Load Meter
3 369 40 9225 0.00% 0.00% 0.00% 0 HTTP CP
4 764 611 1250 0.00% 0.00% 0.00% 0 Check heaps
5 9 44 204 0.00% 0.00% 0.00% 0 Pool Manager
6 0 1 0 0.00% 0.00% 0.00% 0 AAA_SERVER_DEADT
7 0 2 0 0.00% 0.00% 0.00% 0 Timers
8 0 9 0 0.00% 0.00% 0.00% 0 AAA high-capacit
9 8 158 50 0.00% 0.00% 0.00% 0 SNTP
10 1034 5268 196 0.00% 0.02% 0.00% 0 ARP Input
11 2 2 1000 0.00% 0.00% 0.00% 0 Entity MIB API
12 2 1494 1 0.00% 0.00% 0.00% 0 HC Counter Timer
13 2 5973 0 0.00% 0.00% 0.00% 0 GraphIt
14 0 11 0 0.00% 0.00% 0.00% 0 Net Input
15 0 1 0 0.00% 0.00% 0.00% 0 Critical Bkgnd
16 34 1906 17 0.00% 0.00% 0.00% 0 Net Background
17 4 101 39 0.00% 0.00% 0.00% 0 Logger
18 24 5969 4 0.00% 0.00% 0.00% 0 TTY Background
19 5 5998 0 0.00% 0.00% 0.00% 0 Per-Second Jobs
20 0 1196 0 0.00% 0.00% 0.00% 0 Compute load avg
21 433 127 3409 0.00% 0.00% 0.00% 0 Per-minute Jobs
22 587 181376 3 0.00% 0.00% 0.00% 0 Dot11 driver
23 0 2 0 0.00% 0.00% 0.00% 0 Dot11 driver log
24 2 1200 1 0.00% 0.00% 0.00% 0 Voice Metrics Ta
25 44 39944 1 0.00% 0.00% 0.00% 0 SOAP LED Process
26 238 3309 71 0.00% 0.00% 0.00% 0 AAA Server
27 0 1 0 0.00% 0.00% 0.00% 0 AAA ACCT Proc
28 0 1 0 0.00% 0.00% 0.00% 0 ACCT Periodic Pr
29 10607 39208 270 0.31% 0.16% 0.09% 0 IP Input
30 0 1 0 0.00% 0.00% 0.00% 0 ICMP event handl
31 0 2 0 0.00% 0.00% 0.00% 0 AAA Dictionary R
32 96 999 96 0.00% 0.00% 0.00% 0 CDP Protocol
33 2 5997 0 0.00% 0.00% 0.00% 0 linktest
34 14 115 121 0.00% 0.00% 0.00% 0 Dot11 aaa proces
35 1 100 10 0.00% 0.00% 0.00% 0 pmkid
36 116 2261 51 0.00% 0.00% 0.00% 0 Dot11 Mgmt & Ass
37 18 7228 2 0.00% 0.00% 0.00% 0 AiroIAPP Protoco
38 0 2 0 0.00% 0.00% 0.00% 0 Triggered events
39 0 2 0 0.00% 0.00% 0.00% 0 Dot11 auth Dot1x
40 0 1 0 0.00% 0.00% 0.00% 0 Dot11 Mac Auth
41 2 1200 1 0.00% 0.00% 0.00% 0 Dot11CACprocess
42 59 2009 29 0.00% 0.00% 0.00% 0 TCP Timer
43 0 1 0 0.00% 0.00% 0.00% 0 TCP Protocols
44 0 1 0 0.00% 0.00% 0.00% 0 Socket Timers
45 14 54 259 0.00% 0.00% 0.00% 0 DHCPD Receive
46 48468 30304 1599 9.35% 1.66% 0.36% 0 HTTP CORE
47 0 2 0 0.00% 0.00% 0.00% 0 Soap Upgrade fet
48 0 2 0 0.00% 0.00% 0.00% 0 DDP
49 707 3309 213 0.00% 0.02% 0.00% 0 LOCAL AAA
50 1 2 500 0.00% 0.00% 0.00% 0 AAA Cached Serve
51 0 2 0 0.00% 0.00% 0.00% 0 ENABLE AAA
52 0 2 0 0.00% 0.00% 0.00% 0 LINE AAA
54 0 2 0 0.00% 0.00% 0.00% 0 TPLUS
55 0 3 0 0.00% 0.00% 0.00% 0 Crypto WUI
56 0 1 0 0.00% 0.00% 0.00% 0 EM Background Pr
57 1 3 333 0.00% 0.00% 0.00% 0 Soap Consoleless
58 6 4 1500 0.00% 0.00% 0.00% 0 Crypto CA
59 0 1 0 0.00% 0.00% 0.00% 0 Crypto PKI-CRL
60 0 1 0 0.00% 0.00% 0.00% 0 Crypto SSL
61 3 16 187 0.00% 0.00% 0.00% 0 AAA SEND STOP EV
62 0 2 0 0.00% 0.00% 0.00% 0 Dot11 LBS Proc
63 0 1 0 0.00% 0.00% 0.00% 0 Syslog Traps
65 0 50 0 0.00% 0.00% 0.00% 0 DHCPD Timer
66 8 6027 1 0.00% 0.00% 0.00% 0 DHCP Client
67 8349 84826 98 0.55% 0.17% 0.10% 0 HyBridge Input P
68 14 6744 2 0.00% 0.00% 0.00% 0 Tbridge Monitor
69 0 2 0 0.00% 0.00% 0.00% 0 Spanning Tree
70 0 1690 0 0.00% 0.00% 0.00% 0 DHCPD Database
------------------ show process cpu history ------------------
AP_WLAN_Bakery 12:32:06 PM Friday Oct 15 2010 -0400
1133333
667777766666
100
90
80
70
60
50
40 *****
30 *****
20 *******
10 ************
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per second (last 60 seconds)
7 37 78 7 8
11 121961 87 1 3 1 1
100
90 *
80 ** *
70 * * ** * *
60 * * ** * *
50 * * ** * *
40 * ** ** * *
30 * ** ** * *
20 * ** #* * *
10 #*## ## # #
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%
8
8
100
90 *
80 *
70 *
60 *
50 *
40 *
30 *
20 *
10 *
0....5....1....1....2....2....3....3....4....4....5....5....6....6....7.
0 5 0 5 0 5 0 5 0 5 0 5 0
CPU% per hour (last 72 hours)
* = maximum CPU% # = average CPU%
------------------ show dot11 associations all-client ------------------
------------------ show wlccp ap mobility traffic ------------------
------------------ show wlccp ap mobility forwarding ------------------
------------------ show inventory ------------------
NAME: "AP1210", DESCR: "Cisco Aironet 1200 Series Access Point"
PID: ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ, VID: ÿÿÿ, SN: FTX0902R2V1
------------------ Mempool statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431000 2278500 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show memory summary -----------------
Processor memory
Alloc PC Size Blocks Bytes What
0x4790 0000000080 0000000001 0000000080 ACL Header
0x47A4 0000000024 0000000001 0000000024 Init
0x9FD4 0000000036 0000000001 0000000036 Init
0x9FFC 0000000040 0000000001 0000000040 Init
0xA018 0000000024 0000000001 0000000024 Init
0xA040 0000000036 0000000001 0000000036 Init
0xA134 0000000060 0000000001 0000000060 Init
0xF9D0 0000000024 0000000001 0000000024 HTTP CP
0xFAF8 0000000024 0000000001 0000000024 HTTP CP
0xFB6C 0000000076 0000000001 0000000076 HTTP CP
0xFC04 0000000024 0000000001 0000000024 HTTP CP
0xFC60 0000000028 0000000001 0000000028 HTTP CP
0xFD58 0000000024 0000000001 0000000024 Init
0xFDC4 0000000024 0000000001 0000000024 Init
0xFF2C 0000000036 0000000001 0000000036 HTTP CP
0xFF2C 0000000044 0000000001 0000000044 HTTP CP
0x11034 0000000024 0000000001 0000000024 Init
0x15750 0000004096 0000000001 0000004096 Init
0x1DD08 0000000120 0000000001 0000000120 Ion New Block
0x1F474 0000000024 0000000001 0000000024 LOGIN UNC PW
0x1F474 0000000056 0000000001 0000000056 LOGIN PWC (Free Blocks)
0x1F610 0000000080 0000000001 0000000080 local_aaa_authen2 (Free Blocks)
0x24F64 0000004784 0000000001 0000004784 (coalesced) (Free Blocks)
0x24F64 0000013956 0000000001 0000013956 (coalesced) (Free Blocks)
0x264F4 0000000512 0000000001 0000000512 Init
0x2CDF8 0000004312 0000000001 0000004312 TTY data
0x2E994 0000001500 0000000001 0000001500 String-DB entries
0x2E9BC 0000001500 0000000001 0000001500 String-DB owners
0x2E9E4 0000000776 0000000001 0000000776 String-DB handles
0x2E9FC 0000001024 0000000001 0000001024 String DB Hash Table
0x2F154 0000000024 0000000002 0000000048 SDB String
0x2F714 0000000176 0000000001 0000000176 SDB Owner info
0x2FF28 0000004312 0000000006 0000025872 TTY data
0x336E8 0000002000 0000000001 0000002000 TTY Input Buf
0x33720 0000000512 0000000001 0000000512 TTY Output Buf
0x3E6C0 0000000052 0000000003 0000000156 MAC ADDR subblock
0x40DA8 0000003000 0000000002 0000006000 keepalive sb chunk
0x42490 0000065536 0000000001 0000065536 Parseinfo Blocks
0x424B8 0000000364 0000000001 0000000364 tokenQ node
0x424E0 0000000432 0000000001 0000000432 Chain Cache Nodes
0x42508 0000032768 0000000001 0000032768 Parse Nodes
0x46E18 0000000120 0000000001 0000000120 Init
0x47028 0000000060 0000000001 0000000060 Init
0x47458 0000000024 0000000034 0000000816 Init
0x4755C 0000010000 0000000001 0000010000 Parser Linkage
0x47938 0000000056 0000000053 0000002968 Parser Mode
0x47938 0000000108 0000000001 0000000108 Parser Mode
0x479A4 0000000024 0000000054 0000001296 Parser Mode Q1
0x479C8 0000000024 0000000054 0000001296 Parser Mode Q2
0x49FA8 0000000432 0000000001 0000000432 Chain Cache No
0x4A070 0000000432 0000000009 0000003888 Chain Cache No
0x4A070 0000000432 0000000001 0000000432 Chain Cache No (Free Blocks)
0x4A070 0000000548 0000000001 0000000548 (coalesced) (Free Blocks)
0x4A160 0000000432 0000000001 0000000432 Chain Cache No
0x4FCD4 0000000256 0000000001 0000000256 HTTP CP
0x548F4 0000000032 0000000016 0000000512 Parser Alias
0x54924 0000000024 0000000016 0000000384 Init
0x5C338 0000004616 0000000001 0000004616 (coalesced) (Free Blocks)
0x5D464 0000000024 0000000001 0000000024 HTTP CP
0x5D4E4 0000000024 0000000001 0000000024 HTTP CP
0x65394 0000000024 0000000008 0000000192 Cond Debug definition
0x698F0 0000000068 0000000003 0000000204 GraphIt Data
0x6990C 0000001316 0000000003 0000003948 Graphit Client
0x69920 0000000024 0000000002 0000000048 Init
0x69920 0000000032 0000000001 0000000032 Init
0x73254 0000000164 0000000002 0000000328 Init
0x73278 0000000164 0000000002 0000000328 Init
0x7329C 0000000164 0000000002 0000000328 Init
0x7B12C 0000000164 0000000001 0000000164 Init
0x7B150 0000000164 0000000001 0000000164 Init
0x7B174 0000000164 0000000001 0000000164 Init
0x83E48 0000000060 0000000001 0000000060 HTTP CP
0x842C0 0000000044 0000000001 0000000044 HTTP CP
0x86C40 0000032772 0000000001 0000032772 Init
0x8AD2C 0000000024 0000000002 0000000048 AAA Secrettype
0x8AD64 0000000024 0000000002 0000000048 AAA Secrettype encrypt
0x8ADD0 0000000024 0000000002 0000000048 AAA_Secrettype pw
0x8B254 0000000192 0000000002 0000000384 AAA SG HEAD
0x8B294 0000000024 0000000002 0000000048 AAA SG NAME
0x8BFA8 0000000060 0000000001 0000000060 AAA MI SG NAME
0x8D1AC 0000003200 0000000001 0000003200 AAA attr list handle IDs
0x8DBA8 0000001024 0000000001 0000001024 AAA attr list handle IDs
0x9AE18 0000004096 0000000001 0000004096 AAA Unique Id Hash Table
0x9AED8 0000065536 0000000001 0000065536 AAA DB Chunk
0x9EFE8 0000020000 0000000001 0000020000 AAA Acct DB chunk
0xA0EA0 0000016336 0000000001 0000016336 AAA Acct Rec chunk
0xAFBC4 0000002048 0000000001 0000002048 AAA SG ID table
0xAFE78 0000001024 0000000003 0000003072 AAA SG ID table
0xB3D68 0000000032 0000000001 0000000032 Init
0xB4388 0000000024 0000000001 0000000024 AAA nvgend sg elt
0xB4388 0000000052 0000000001 0000000052 AAA nvgend sg elt
0xB43C0 0000000132 0000000002 0000000264 AAA Public Server Group
0xB4400 0000000028 0000000002 0000000056 AAA Public Server Group wrapper
0xB4448 0000000024 0000000002 0000000048 AAA pub SG servers
0xB44CC 0000000024 0000000002 0000000048 AAA pub SG wrap name
0xB4510 0000000024 0000000002 0000000048 AAA pub SG name
0xBC014 0000000776 0000000275 0000213400 *Free Packet Header*
0xBC014 0000000788 0000000001 0000000788 *Free Packet Header*
0xBC014 0000000804 0000000001 0000000804 *Free Packet Header*
0xBC014 0000000828 0000000001 0000000828 *Free Packet Header*
0xBC014 0000001408 0000000001 0000001408 (coalesced) (Free Blocks)
0xBC014 0000008480 0000000001 0000008480 (coalesced) (Free Blocks)
0xBCA88 0000000776 0000000003 0000002328 *In-use Packet Header*
0xC1274 0000004000 0000000001 0000004000 Packet Elements
0xC3B00 0000000184 0000000001 0000000184 IRB/CRB rxtypes
0xC3EE4 0000004712 0000000005 0000023560 *Hardware IDB*
0xC3EFC 0000001400 0000000005 0000007000 *Software IDB*
0xC4440 0000000024 0000000003 0000000072 HTTP CP
0xC4440 0000000076 0000000001 0000000076 HTTP CP
0xC4494 0000000024 0000000003 0000000072 HTTP CP
0xC4494 0000000080 0000000001 0000000080 HTTP CP
0xC4580 0000000184 0000000004 0000000736 IRB/CRB rxtypes
0xC4948 0000000048 0000000001 0000000048 HTTP CP
0xC4948 0000000052 0000000001 0000000052 HTTP CP
0xC4CB8 0000001400 0000000004 0000005600 *Software IDB*
0xC5864 0000000024 0000000004 0000000096 Init
0xC58E0 0000000024 0000000004 0000000096 Init
0xC8118 0000000032 0000000004 0000000128 IP Input
0xED1F0 0000035292 0000000001 0000035292 IDB List Element Chunks
0xFF3C0 0000000024 0000000059 0000001416 Init
0xFF7C4 0000000104 0000000008 0000000832 Init
0xFF7D4 0000000024 0000000006 0000000144 Init
0xFF7D4 0000000076 0000000001 0000000076 Init
0xFF7D4 0000000080 0000000001 0000000080 Init
0xFF8F4 0000000024 0000000001 0000000024 Init
0xFF9A4 0000000024 0000000007 0000000168 Init
0x102F38 0000010000 0000000001 0000010000 AAA chunk
0x103140 0000004616 0000000001 0000004616 AAA Acct AVLnode chunk
0x107F7C 0000000100 0000000001 0000000100 AAA MLIST
0x1081E8 0000000092 0000000001 0000000092 AAA MLIST
0x108A7C 0000001024 0000000002 0000002048 AAA mlist ID table
0x118430 0000001500 0000000007 0000010500 List Elements
0x119688 0000001500 0000000001 0000001500 List Elements
0x1196C8 0000005000 0000000001 0000005000 List Headers
0x11D7D4 0000001032 0000000001 0000001032 Process Array
0x11F5B0 0000000640 0000000068 0000043520 Process
0x11F5B0 0000000856 0000000001 0000000856 (coalesced) (Free Blocks)
0x1213A8 0000001500 0000000001 0000001500 Watched Semaph
0x1219A4 0000000144 0000000064 0000009216 Process Events
0x1219A4 0000000160 0000000002 0000000320 Process Events
0x1219A4 0000000172 0000000001 0000000172 Process Events
0x1219A4 0000000200 0000000001 0000000200 Process Events
0x1219A4 0000000208 0000000001 0000000208 Process Events
0x1219A4 0000000256 0000000001 0000000256 (coalesced) (Free Blocks)
0x1219A4 0000000432 0000000001 0000000432 (coalesced) (Free Blocks)
0x1219A4 0000000556 0000000001 0000000556 (coalesced) (Free Blocks)
0x123C24 0000001500 0000000001 0000001500 messages
0x123C50 0000001500 0000000001 0000001500 Watched messages
0x123C7C 0000010000 0000000001 0000010000 Watched Queue
0x123CA4 0000005000 0000000001 0000005000 Watched Boolean
0x123CCC 0000005000 0000000001 0000005000 Watched Bitfield
0x123CF4 0000001500 0000000001 0000001500 Watched Semaphore
0x123D18 0000005000 0000000001 0000005000 Watcher Info
0x123D40 0000000500 0000000001 0000000500 Watched Message Queue
0x123D68 0000001500 0000000001 0000001500 Watcher Message Queue
0x123D90 0000003000 0000000001 0000003000 Read/Write Locks
0x126050 0000002000 0000000001 0000002000 Reg Function 12
0x126078 0000001500 0000000001 0000001500 Reg Function iList
0x1260A0 0000001500 0000000001 0000001500 Reg Function Caselist
0x126118 0000002000 0000000005 0000010000 Reg Function 1
0x12657C 0000002000 0000000001 0000002000 Reg Function 1
0x129F50 0000000024 0000000002 0000000048 *Sched*
0x129F50 0000000032 0000000001 0000000032 *Sched*
0x129F50 0000000044 0000000008 0000000352 *Sched*
0x12A228 0000000256 0000000001 0000000256 Init
0x12C5F8 0000003000 0000000001 0000003000 CCA CCB chunks
0x12CDBC 0000000048 0000000008 0000000384 CCA Component
0x12CE24 0000000024 0000000007 0000000168 CCA Notification Flags
0x12CE24 0000000048 0000000001 0000000048 CCA Notification Flags
0x12CE84 0000003000 0000000008 0000024000 Keepalive
0x12CFF4 0000000024 0000000003 0000000072 CCA UserType
0x12D0A8 0000003000 0000000001 0000003000 CCA CLA chunks
0x1301C0 0000000024 0000000001 0000000024 TW Wheels
0x130200 0000016384 0000000003 0000049152 TW Buckets
0x13AA18 0000000112 0000000006 0000000672 Process Signals
0x13B01C 0000003000 0000000001 0000003000 Process Stack
0x13B01C 0000005500 0000000049 0000269500 Process Stack
0x13B01C 0000008000 0000000004 0000032000 Process Stack
0x13B01C 0000009000 0000000006 0000054000 Process Stack
0x13B01C 0000011000 0000000009 0000099000 Scheduler Stack
0x13B01C 0000018000 0000000001 0000018000 Interrupt Stack
0x13B01C 0002125900 0000000001 0002125900 (coalesced) (Free Blocks)
0x14F6BC 0000020000 0000000001 0000020000 Managed Chunk Queue Elements
0x151870 0000000068 0000000001 0000000068 (fragment) (Free Blocks)
0x1559A8 0000000296 0000000008 0000002368 Pool Info
0x155F84 0000000032 0000000001 0000000032 Pool Cache
0x15AF2C 0000000264 0000000001 0000000264 CLASSMAP_MODULE
0x15B7B0 0000000104 0000000001 0000000104 CLASSMAP_MODULE
0x15B8D0 0000000136 0000000001 0000000136 CLASSMAP_MODULE
0x15B8F0 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x15BA20 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x1826A8 0000000256 0000000001 0000000256 Init
0x182B78 0000000256 0000000001 0000000256 Init
0x1875C0 0000000776 0000000002 0000001552 *In-use Packet Header*
0x188DF4 0000000288 0000000003 0000000864 SNTP
0x188DF4 0000000332 0000000001 0000000332 DDP
0x1904D0 0000000776 0000000001 0000000776 *In-use Packet Header*
0x193CB8 0000001184 0000000005 0000005920 TCP CB
0x193CB8 0000000728 0000000001 0000000728 (fragment) (Free Blocks)
0x1A86AC 0000003000 0000000001 0000003000 IP Addresses
0x1AE490 0000000024 0000000004 0000000096 HTTP CP
0x1AE490 0000000032 0000000001 0000000032 Dot11 driver
0x1AE490 0000000048 0000000001 0000000048 AiroIAPP Protocol
0x1AE490 0000000068 0000000001 0000000068 HTTP CP
0x1CDDA0 0000000280 0000000004 0000001120 Init
0x1CDDAC 0000000068 0000000004 0000000272 Init
0x1EB928 0000005000 0000000001 0000005000 ip localpool
0x1EFFC4 0000000024 0000000001 0000000024 Init
0x1F9E40 0000001652 0000000003 0000004956 HTTP CORE
0x1F9EC8 0000000128 0000000003 0000000384 DHCPD Receive
0x1FBF20 0000000172 0000000002 0000000344 DHCPD Receive
0x1FBF20 0000000232 0000000001 0000000232 HTTP CORE
0x1FBF20 0000000500 0000000001 0000000500 (coalesced) (Free Blocks)
0x1FF2DC 0000000040 0000000001 0000000040 DHCPD Receive
0x206B78 0000000024 0000000003 0000000072 Init
0x206BA8 0000000024 0000000003 0000000072 Init
0x20BE88 0000001500 0000000001 0000001500 Syslogd Messages chunk
0x20FEF0 0000000024 0000000001 0000000024 Init
0x221B18 0000010000 0000000001 0000010000 Time Range Entry Chunks
0x221B40 0000003000 0000000001 0000003000 Time Range Item Chunks
0x221B68 0000001500 0000000001 0000001500 Time Range User Chunks
0x2221E4 0000000036 0000000016 0000000576 Init
0x222214 0000000040 0000000016 0000000640 Init
0x2233CCHi,
if you remove "encryption mode ciphers aes-ccm tkip" from the radio interface does it help?
it should remain like this:
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
Maybe you are looking for
-
ISE 1.2 Guest Access for EAP(Dot1x) Authentication
Hi. I want to use encryption for guest access. In order to use the "RADIUS-NAC" in the WLC, you can not use or "Open + MAC" only "WPA + dot1". (Specification of the WLC) When the "Open + MAC", return from the ISE at the time of the "Web Authentica
-
Windows 7 home premium installing SP1
After alot of tries I have now got to the stage,where I can install SP1 on to my PC but when it tries to configure SP1 at 10% it fails and reverts back, in the update area it says that, error code 80070490 has caused the problem. Any ideas onto how
-
How to improve performance(insert,delete and search) of table with large data.
Hi, I am having a table which is used for maintaining history and have a large data and that keeps on increasing or decreasing based on the business rules. I am getting performance issues with this table which searching for any records or while inser
-
How to make accounts display only via authorizations?
Has anyone setup CRM 2007 to get the account page to be display only? We don't want to allow certain users to manage accounts directly in CRM and would like to lock this down via authorization objects. We can't seem to figure out what authorization o
-
In Safari, my iMac sometimes zooms way too much and will not zoom back. I have a wireless mouse set to zoom in and out on double tap, but the excessive zooms happen with no taps. A page zooms in so less than 1/4 of the page is visible and nothing I