RV320 DHCP server

Serial Number:
Firmware Version:
v1.1.1.06 (2013-12-06, 11:02:37)
PID VID:
RV320 V01
Dear sir,
I got a issues, I have configure 2 VLAN on RV-320, VLAN 1 i have disable the DHCP, VLAN 25 i have configure DHCP Server enabled, but it seem DHCP bind on VLAN 25 is not working, then i try to config the static IP on device testing the VLAN is working, successful separate broadcast domain. and i can pint the VLAN 25 IP address, on DHCP i have re-enable VLAN 1 DHCP Server, it also working, successful assign the ip address to dynamic host.
any advise on my issues?
Thanks,

echolai@califor,
i had vlan disabled and vlan untagged for my RV320 in the lab, which would not hand out ip address for a different vlan. At this point at your earliest convenience open a support case so an engineer can look at the configuration in your router. If you like i can take a look at your config. Just send config to PM.

Similar Messages

  • RV320 DHCP and WAN questions

    Hello all,
    So far I love the RV320 its super fast and works really good (with 2 WAN connections).          
    I though have a few questions hoping someone could tell me:
    1) Under DHCP Server it gives the option of to use DNS from ISP or DNS Proxy, what is the main difference between those two options?
    Right now I have this set to DNS from ISP.
    2) What are the pros and cons of enabling IPV6 DHCP and what is the best setting for that (Yes both ISPs I have suppor IPV6)?
    3) What is the best option to set as client lease time for DHCP? (its set to 1440 default).
    4) On the System Summary page I see both WAN1 and WAN2 connected (i set it to
    Load Balance (Auto Mode) but for WAN2 i always see: Connected (Inactive)
    Why does it say inactive?
    Thank you!

    Found answers to most things now except for:
    4) On the System Summary page I see both WAN1 and WAN2 connected (i set it to
    Load Balance (Auto Mode) but for WAN2 i always see: Connected (Inactive)
    Why does it say inactive?

  • RV320: DHCP Option 82 + DHCP relay at Ethernet switch

    We purchased a RV320 router and want to use the DHCP Option 82 IP Assignment in combination with a ZyXEL GS1910-24 Smart Managed Switch.
    The switch is able to insert Option 82 Circuit-IDs into DHCP requests, if they are relayed to a specific DHCP server. So there must be configured exactly one IP address of the DHCP server in the switch configuration (eg 192.168.1.1). The problem is, that the RV320 creates different IP subnets for different Circuit-IDs. So the RV320-router has multiple IPs, one unique IP per subnet (192.168.1.1, 192.168.2.1, 192.168.3.1, ...).
    How can I use the Option 82 IP assignment with this configuration?
    Is a routing/firewall rule at the RV320 a solution (to forward DHCP requests from subnet specific IP - eg 192.168.3.1 - to exactly one IP, eg 192.168.1.1)?

    mpyhala,
    seems not to work as the RV320 is restricted to 6 custom VLANs (+ 1 Management VLAN with ID 1).
    Maybe I should describe the whole scenario, which should be implemented:
    The configuration is like for a small hotel: each room should be logically seperated from each other (no inter-room traffic for security) and each rooms bandwidth should be managed.
    Bandwidth management at the RV320 relies on IP addresses. So I need to achieve somehow, that a room (= port number on switch) is always assigned a specific IP address.
    14 rooms should be covered in that way.
    The problem is currently the link IP<->Switch Port. I thought DHCP option 82 is the way to go, but VLANs (one VLAN for each room) may be also a solution. Unfortunately none of the two ways work.
    What can be a solution? Was the RV320 the wrong decision (not enough flexibility)?
    Thanks.

  • RV320 DHCP

    Hi,
    I have configured LAN port 4 to VLAN 4 and disabled the DHCP for this VLAN, after setting the DNS server to "Use DNS from ISP".
    I can't use DHCP relay, as I don't know the DHCP server from the service provider.
    The objective is to get the device connected to LAN port 4 an IP address from the service provider (WAN1) while devices on the other LAN ports are served by router's DHCP (which works fine by the way).
    Although I have excluded LAN 4 from the default VLAN (1), the device is still getting an IP address from the routers DHCP.
    What am I doing wrong ?
    Christophe

    > basically bridging LAN4 to the WAN...
    yes, but I am afraid that RV320 doesn't support such thing. simply you have to use switch ( 5-8 ports non managable switch is enough) and connect it between ISP and RV320. And put your TV to that switch so it can reach ISP network directly and receive desired address.
    > I can't use DHCP relay, as I don't know the DHCP server from the service provider.
    Even if you know IP of ISP DHCP server, DHCP relay function will not work like you expected and you will not receive any IP address for TV box. The reason is that DHCP relay is adding gateway IP (i.e. it's own IP address of receiving interface) into DHCP request (giaddr field of the DHCP packet) which point DHCP server to look for free IP from correct DHCP IP address pool. And because of that giaddr field, DHCP request did not match any existing IP pool (yes, because DHCP server did not recognize your internal subnet in it's own database) and no any DHCP offer will be provided...

  • Can I use DHCP snooping and IOS DHCP server on the same switch stack

    Hello,
    I am shortly going to be deploying a Cisco CallManager solution for a customer whose network comprises stacks of Catalyst 3850 switches.
    There is no separate core/server farm switch so the CallManager servers, voice gateways and IP phones will all plug into the same stack and be in the same VLAN (not my choice!).
    For security we want to enable DHCP snooping and were planning on using the IOS DHCP server on the Catalyst switch stack.
    Will this work? - when I enable DHCP snooping in networks with separate access layer switches I set the uplinks to the core as trusted links.
    I am not sure whether DHCP snooping will work in this case. Do I need to set the VLAN interface on the switch as trusted, is this even possible?
    Unfortunately I do not have access to a layer 3 switch to test this at the moment.
    Thanks

    Nope.  That's the issue.
    They'll sync on a third device acting as a hotspot, but the device sending a signal is not "on" the network it creates so the airport is all by itself on that network.  At least that is what it looks like to me.  Anyone have another take on it?  Seems pretty silly that an iPad can put out a wifi signal, an Airport Express can receive a wifi signal, and yet there is no simple way to get them to communicate under this particular condition.

  • Can I use ASA to be a DHCP Server use in WLC wireless Client

    I want to use ASA to be a DHCP Server for Wireless Client not it can't.
    I check the debug log in WLC, I confirm the WLC have send the request to ASA.
    In the ASA, it don't have any hits in the rule when the WLC send the DHCP relay request.
    I have try don't use dhcp relay in WLC but don't success. Anybody have the same case with me? And Is the ASA can't support DHCP relay agent to request to get the IP Addr.
    P.S. In the Network Design limitation so I can't use WLC to be DHCP Server.
    Equipment:
    ASA5510
    WLC4402
    How can I fix it.
    Thank you very much

    The issue is that the ASA doesn't accept DHCP requests from a relay agent, only broadcast DHCP requests. In the 4.2 version for the controllers there is now an option so you can change the way the controller forwards DHCP requests so that it is sent as a broadcast and not from a relay agent.

  • Remote access VPN with ASA 5510 using DHCP server

    Hi,
    Can someone please share your knowledge to help me find why I am not able to receive an IP address on remote access VPN connection while I can get an IP address on local DHCP pool?
    I am trying to setup remote access VPN with ASA 5510. It works with local dhcp pool but doesn't seem to work when I tried using an existing DHCP server. It is being tested in an internal network as follows:
    ASA Version 8.2(5)
    interface Ethernet0/1
    nameif inside
    security-level 100
    ip address 10.6.0.12 255.255.254.0
    ip local pool testpool 10.6.240.150-10.6.240.159 mask 255.255.248.0 !(worked with this)
    route inside 0.0.0.0 0.0.0.0 10.6.0.1 1
    crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map dyn1 1 set transform-set FirstSet
    crypto map mymap 1 ipsec-isakmp dynamic dyn1
    crypto map mymap interface inside
    crypto isakmp enable inside
    crypto isakmp policy 1
      authentication pre-share
      encryption 3des
      hash sha
      group 2
      lifetime 43200
    vpn-addr-assign aaa
    vpn-addr-assign dhcp
    group-policy testgroup internal
    group-policy testgroup attributes
    dhcp-network-scope 10.6.192.1
    ipsec-udp enable
    ipsec-udp-port 10000
    username testlay password *********** encrypted
    tunnel-group testgroup type remote-access
    tunnel-group testgroup general-attributes
    default-group-policy testgroup
    dhcp-server 10.6.20.3
    tunnel-group testgroup ipsec-attributes
    pre-shared-key *****
    I got following output when I test connect to ASA with Cisco VPN client 5.0
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDO
    4024 bytesR copied in 3.41 0 secs (1341 by(tes/sec)13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 853
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing SA payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ke payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ISA_KE payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing nonce payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received xauth V6 VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received DPD VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Fragmentation VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, IKE Peer included IKE fragmentation capability flags:  Main Mode:        True  Aggressive Mode:  False
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received NAT-Traversal ver 02 VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Cisco Unity client VID
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, Connection landed on tunnel_group testgroup
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing IKE SA payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, IKE SA Proposal # 1, Transform # 9 acceptable  Matches global IKE entry # 1
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ISAKMP SA payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ke payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing nonce payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Generating keys for Responder...
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing hash payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Cisco Unity VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing xauth V6 VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing dpd vid payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Traversal VID ver 02 payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Fragmentation VID + extended capabilities payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 440
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing hash payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing notify payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Received Cisco Unity client VID
    Jan 16 15:39:21 [IKEv1]: Group = testgroup, I
    [OK]
    kens-mgmt-012# P = 10.15.200.108, Automatic NAT Detection Status:     Remote end is NOT behind a NAT device     This   end is NOT behind a NAT device
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing blank hash payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing qm hash payload
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72
    Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 87
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, process_attr(): Enter!
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing MODE_CFG Reply attributes.
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary DNS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary DNS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary WINS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary WINS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: IP Compression = disabled
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Split Tunneling Policy = Disabled
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Setting = no-modify
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Bypass Local = disable
    Jan 16 15:39:26 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, User (testlay) authenticated.
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
    Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64
    Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 60
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg ACK attributes
    Jan 16 15:39:27 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=49ae1bb8) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 182
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg Request attributes
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 address!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 net mask!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DNS server address!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for WINS server address!
    Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Received unsupported transaction mode attribute: 5
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Banner!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Save PW setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Default Domain Name!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split Tunnel List!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split DNS!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for PFS setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Browser Proxy Setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for backup ip-sec peer list!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Smartcard Removal Disconnect Setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Application Version!
    Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Client Type: WinNT  Client Application Version: 5.0.07.0440
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for FWTYPE!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DHCP hostname for DDNS is: DEC20128!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for UDP Port!
    Jan 16 15:39:32 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected.  No last packet to retransmit.
    Jan 16 15:39:37 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=b04e830f) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 84
    Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing hash payload
    Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing notify payload
    Jan 16 15:39:37 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected.  No last packet to retransmit.
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE received response of type [] to a request from the IP address utility
    Jan 16 15:39:39 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Cannot obtain an IP address for remote peer
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE TM V6 FSM error history (struct &0xd8030048)  <state>, <event>:  TM_DONE, EV_ERROR-->TM_BLD_REPLY, EV_IP_FAIL-->TM_BLD_REPLY, NullEvent-->TM_BLD_REPLY, EV_GET_IP-->TM_BLD_REPLY, EV_NEED_IP-->TM_WAIT_REQ, EV_PROC_MSG-->TM_WAIT_REQ, EV_HASH_OK-->TM_WAIT_REQ, NullEvent
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE AM Responder FSM error history (struct &0xd82b6740)  <state>, <event>:  AM_DONE, EV_ERROR-->AM_TM_INIT_MODECFG_V6H, EV_TM_FAIL-->AM_TM_INIT_MODECFG_V6H, NullEvent-->AM_TM_INIT_MODECFG, EV_WAIT-->AM_TM_INIT_XAUTH_V6H, EV_CHECK_QM_MSG-->AM_TM_INIT_XAUTH_V6H, EV_TM_XAUTH_OK-->AM_TM_INIT_XAUTH_V6H, NullEvent-->AM_TM_INIT_XAUTH_V6H, EV_ACTIVATE_NEW_SA
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE SA AM:bd3a9a4b terminating:  flags 0x0945c001, refcnt 0, tuncnt 0
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, sending delete/delete with reason message
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing IKE delete payload
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
    Jan 16 15:39:39 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=9de30522) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
    Regards,
    Lay

    For RADIUS you need a aaa-server-definition:
    aaa-server NPS-RADIUS protocol radius
    aaa-server NPS-RADIUS (inside) host 10.10.18.12
      key *****   
      authentication-port 1812
      accounting-port 1813
    and tell your tunnel-group to ask that server:
    tunnel-group VPN general-attributes
      authentication-server-group NPS-RADIUS LOCAL
    Don't stop after you've improved your network! Improve the world by lending money to the working poor:
    http://www.kiva.org/invitedby/karsteni

  • Can you use the Airport Express A1264 as an AP and a DHCP server at the same time?

    Can you use the Airport Express A1264 as an Access Point and a DHCP server at the same time?
    I would like to use it as a DHCP server and AP at the same time in my LAN (no internet, just local machines through a few switches). I was lead to belive this could be the case from a few networking friends that haven't been friendly enough to help me out setting it up.

    I need it to act as a dLink/Cisco/Linksys/etc basic wifi router, in the fact that you can access it via wifi, and it will spit out DHCP addresses (192.168.1.xxx) to everything wired downstream of it.
    I want to simultaniously provide a Wifi connection and a LAN connection at the same time
    Thanks,
    BRad

  • Can I use my WRT54G as a DHCP server only? I've got 5 dynamic IP's from Time Warner..

    Hi everyone, I'm wondering if I can use my WRT54G as a DHCP server only only my network, without having to have any of my PC's plugged into it's router ports?  I looked at the settings but I couldn't get it to work.
    Here's why:  I just got Time Warner Business Class cable internet which comes with 5 dynamic IP's.  I want each computer, well 4 of them at least and 1 for the WRT54G, to have a unique IP when accessing the internet, and the other computers (5 more computers) to use the DHCP server in the WRT54G to get a NAT IP for use on the internet.
    We play Diablo II on the internet and only 4 computers can be connected through 1 IP, so that limits us in my current configuration.
    Current Equipment: One WRT54G, one Netgear GS116 16 port gigabit non-managed switch.  One Time Warner Cable modem.  Also attached to the network is one HP network printer, a Buffalo LinkStation NAS and a Zensonic Network DVD player.
    Current config:  Cable modem -->  WRT54G --> Netgear switch.
    Ideal config: Cable modem -->  Netgear switch -->  WRT54G.
    With my current config, I am not taking advantage of the 5 dynamic IP's, but all the computers connected to the Netgear switch or the WRT54G can connect to the internet and the NAS. 
    So my ideal config (where I don't have to buy anything and where all the computers can print and access the NAS) is to connect all the computers and devices to the Netgear Switch and somehow force 4 of the computers and the WRT54G to get a dynamic IP from the cable modem, while the other computers and devices use the DHCP server on the WRT54G to get to the internet. 
    Is this possible?
    I called Time Warner Cable and they weren't any help.  I called the Linksys sales department and they weren't of much help either. 
    I suppose that I could purchase a new 8 port switch and attach 4 computers, the cable modem and the WRT54G to it.  Then attach the Netgear to the WRT54G to accomodate the printer, NAS, and the other 5 computers.  But in that senario, the 4  computers connected to the new switch can't print and can't reach the NAS.  And geez, some computers would have to go through 3 devices to reach the internet, which has got to slow them down.
    I did read about the Linksys EFG120 which has a DHCP server, but at $400 and only 120 gigs, it doesn't work for me. 
    I called Time Warner and the cost of more dynamic IP's is prohibitive, I'm already paying $79 a month for this internet and they want another $50 a month for 7 more dynamic IP's and that wouldn't help my NAS or my printer.
    The cost of a 16 port gigabit switch with DHCP is an amazing $800 or so, which is out of the question. 
    Sorry for being so long winded and thanks for reading this far.  I'm looking forward to any replies. 

    That is a hell of a setup. I don't know if it would be easier and cheaper to either buy a real router like a Cisco, get fixed IP addresses and a RV042, or buy 4 network cards for the four of the five computers which need the internet access for gaming.
    O.K. First your setup:
    1. You wire the modem to the 6-port switch.
    2. You connect the remaining 5 ports with the WAN ports of 5 WRTs with DHCP on the WAN interface.
    3. You configure each WRT with unique LAN IP addresses in the same subnet, e.g. 192.168.1.1/255.255.255.0, 192.168.1.2, 192.168.1.3, 192.168.1.4, 192.168.1.5.
    4. You turn off all DHCP servers except on one, e.g. 192.168.1.1. That router will be the default router and internet connection for any client which gets dynamic LAN addresses (as fallback or guests, I would not configure the NAS or printer with DHCP addresses if you have everything else on static IP addresses). You can certainly disable all DHCP servers if you want, too.
    5. Now you connect all WRTs with each other.
    5a. You connect port 1 of the 1st WRT with port 1 of the 2nd.
    You connect port 2 of the 2nd with port 1 of the 3rd.
    Port 2 of the 3rd with port 1 of the 4th.
    Port 2 of the 4th with port 1 of the 5th.
    (Do not create a loop connecting port 2 of the 5th with port 2 of the 1st!!)
    5b. You buy another switch and connect each port 1 of each router with this switch. This has the advantage that you don't have a long cascade between the 1st and the 5th router like in 5a.
    6. You connect all devices to the LAN.
    6a. If you did 5a, you will probably put each computer to the router which internet connection it uses. The NAS and printer could go anywhere.
    6b. If you did 5b, you hopefully bought a 16 or 24 port switch. Then you plug simply everything into that switch. Otherwise you can certainly use the free ports of the WRTs like in 6a.
    7. You configure all your devices with static IP addresses. For instance,
    IP 192.168.1.11
    netmask 255.255.255.0
    gateway 192.168.1.1
    For the DNS servers I would highly recommend to use the DNS servers of your ISP directly and not use the relay on 192.168.1.1.
    The gateway address defines through which router the computer connects to the internet.
    8. You may still have to configure port forwardings on the router to the game computer if required for the game.
    An interesting alternative to this setup might be to buy 4/5 network cards for the 4/5 computers with direct internet access. Then you use the one network card to connect to your single LAN behind your single WRT. The other network card goes into the switch behind the modem and has direct internet access. You then have to tell Windows which of the network cards has the default gateway for the internet connection (to prevent routing all traffic through the LAN and the WRT to the internet). One game computer would have to be behind the WRT.

  • Can some one translate these instructions D-Link DI-524: installation as wireless HUB/Bridge   General  ON ALL TYPES OF ROUTERS DHCP SERVER HAS TO BE DISABLED ON ALL TYPES OF ROUTERS UPnP ALSO HAS TO BE DISABLED OTHERWISE YOU CAN SEVERELY HINDER OTHER USE

    D-Link DI-524: installation as wireless HUB/Bridge
    General
    ON ALL TYPES OF ROUTERS DHCP SERVER HAS TO BE DISABLED
    ON ALL TYPES OF ROUTERS UPnP ALSO HAS TO BE DISABLED
    OTHERWISE YOU CAN SEVERELY HINDER OTHER USERS IN YOUR NEIGHBOURHOOD!
    Practical example: D-Link DI-524
    The DI-524 is a wireless router.Although the manufacturer doesn't mention this, you can also install this device as a wireless hub.Of course this is not supported by the manufacturer. Therefor you have nowhere to go in case of any problems Plug in the power cord of the DI-524. Do not yet connect the network cable!Search for existing wireless networks with your computer. Connect with the router.This can for example be done like this:
    Click the start-button (at the bottom in the left corner of your screen).
    Go to control panel
    Go to internet connections (you may have to choose classic representation first)
    You can now see your wireless network card, among other things. Right-click and 'View available Wireless networks'.
    Connect to the router. In most cases the router will be called 'default'.Check your IP-address: you get an IP address from the DI-524
    Go to the start-button
    Go to 'Run'
    Type 'cmd' and press enter
    type 'ipconfig' and press enter
    your IP address starts with 192.
    Surf to your router with your regular browser. For this you need the address and a password, which you can find in the documentation.
    In this case the address is 192.168.0.1
    Now you must secure the router. For this it is best to use WPA-PSK
    Your key is a randomly chosen sentence. Don't make this sentence too short.
    Warning: Case sensitive!
    You cannot reach the router anymore now.
    Go back to your network card via "make connection". Search for your wireless network again and make a new connection
    You are asked for a key. Supply this key the way you configured it in your router.
    Surf back to the router.
    Disable the DHCP server.
    !! YOU HAVE TO DISABLE UPnP ON ALL TYPES OF ROUTERS
    OTHERWISE YOU CAN SEVERELY HINDER OTHER USERS IN YOUR NEIGHBOURHOOD!
    for this, go to Tools, Misc and switch off UPnP
    Save these settings.
    If you do not have a D-link router, look up in the manual or somewhere else where you can disable UPnP
    Now you cannot reach the router anymore again.
    It is only from this moment that you can connect the router to the modem.
    Important: Use one of the 4 LAN ports. Never use the WAN port!
    Go to your network card via the control panel. Right-click and "Repair"
    Now you should get an IP-address in the range of 10.nnn.nnn.nnn
    If you still don't have 192... you've made an error. The DI-524 still functions as a router and this is not allowed!

    There are no Mac based instructions. The router is accessed and adjusted the same way whether you are using a Mac OS X, Windows or Linux. As noted in the other post it is done through your web browser which works the same from any computer. Even a Chrome Book.
    akertrav wrote:
    Thank you for that what I have been trying to do is extend the range of my wifi witha second dilink router. I was hoping for some mac based directions to achive this rather than the PC based as presented. Thank you for your ireply Paul

  • Two questions about SG300 DHCP server

    Hi,
    I have two questions about the DHCP server on the SG300:
    On the Address Binding page, what does the "Declined" state mean? I have a NAS device that won't pull an address, and I think that the entry with a state of "Declined" corresponds to this device. It was previously pulling an address from a RV180, so the only difference is that it is now connected to the SG300. I worked around this by manually setting the address on the NAS device, but this won't scale if I run into a lot of other devices that can't pull an address.
    I configured a static address binding for a WAP321 and found that instead of pulling the configured address that it pulled a dynamic address. I checked the Address Binding page and see that the dynamic entry that corresponds with the WAP321 has a Client Identifier rather than a MAC address. I changed the static entry for the WAP321 to use the client identifier displayed in the dynamic entry, and now the WAP321 pulls the configured static address. Is this expected behavior?
    Thanks,
    Bob

    With the SX300/500 it is required the client identifier, it doesn't automatically insert it. If static DHCP is made on the switch and you didn't need client identifier, that is more or less fortunate behavior for you
    So to answer this question, the expected behavior is to configure client identifier for static DHCP entry.
    -Tom
    Please mark answered for helpful posts
    http://blogs.cisco.com/smallbusiness/

  • How do I find where my DHCP server is on my network?

    I have a home network, a BT server, with an iMac, a MACBook Pro, two back-ups (Airports) and a Squeezebox (for internet radio).  The problem is that the Squeezebox keeps dropping out and informing me that it cannot find the DHCP server.  This did not used to be a problem, has happened failry recently, for no obvious reason.  Any help is much appreciated.

    start
    system information
    click network
    click Wi-FI or ethernet depending how you get your network on the mac
    scroll to the DHCP Server responses:
    look under it's Server Identifier

  • Cisco 1702i WAP: how to get an interface in a non-native bridge group/ VLAN to be recognized by the internal DHCP server

    Does anyone know how the internal DHCP server in these access points connects to virtual interfaces and bridges in the unit?
    Is there some sort of default connection that connects the DHCP server to the native bridge group or VLAN?
    In a test case, with an SSID in the native VLAN and bridge group, the 1702i serves an IP address to a wireless client no problem. But with a second SSID in a non native VLAN and bridge group, no IP gets served. My only guess is that since the bvi1 defaults to the native bridge group and VLAN, sub-interfaces also in this group are assumed to be in the same subnet as bvi1, or in this case:
    interface bvi1
      ip address 192.168.1.205 255.255.255.0
      no ip route-cache
      exit
    It would be the ..1. subnet.
    Since the dhcp pool is set as:
    ip dhcp pool GeneralWiFi
      network 192.168.1.0 255.255.255.0
      lease 1
      default-router 192.168.1.1
      dns-server 8.8.8.8
      exit
    There may be an assumption that anything bvi1 can talk to is in the ..1. subnet, so the above pool gets activated on a request coming through bvi1.
    Is the DHCP server just hanging out waiting for a request from an "area" that is assumed to be on the same subnet as the given pool?
    Do I need to somehow show the device what subnet the 2nd SSID/ subinterfaces are in so the internal DHCP server can decide it needs to go to work, or is there some sort of bridging between the DHCP server and the interfaces that needs to be done? I am trying to use the same DHCP pool for the second subnet at this point, since I assume I will need another router to service an additional subnet and DHCP pool.

    Keep in mind that DHCP is a broadcast packet to start. So the AP can only listen in the subnet that it has an IP address for.
    Now, for any other subnet you can use the AP for DHCP but you have to have an IP helper address on your L3 pointing back to the AP.
    That being said, I wouldn't use the DHCP server on the AP as it is limited. You'd be better off using a Microsoft server or some other device that is designed for DHCP.
    HTH,
    Steve

  • DHCP Setup across multiple VLANs on RV325 - DHCP Server only working on VLAN 1

    I have multiple VLAN subnets defined on my RV325 - when I try and utilize a DHCP Server on each VLAN, it only seems to be issuing IP Addresses to clients on VLAN ID 1.  When I first set this up months ago, I thought I had tested it providing IP Addresses via the other subnets.  Now that I am trying to do so, it isn't working "as expected".  Example - I am using VLAN 25 as the GuestWireless subnet utilizing a separate 802.11n WAP that is set to Bridge connections to the IP Address of the VLAN interface.  Devices are able to connect to the WAP, but end up with a self-assigned IP Address 169.x.x.x address.  There has to be an easy fix to this, but I seem to be "stuck" figuring out what it is…pointers/redirects appreciated.  Thanks!

    Thanks - I've already reviewed that information before I posted.  I've been working with DHCP since the mid-90's, so I'm comfortable with the settings/configuration I need to leverage to make this work via other means using various Network-based OSes.
    I'm wondering if there are other options in configuring this device that can impact the ability to dynamically serve IP addresses on a VLAN/subnet-by-VLAN/subnet basis.
    As I did more testing, I discovered when I reserved an IP Address via the IP & MAC Binding option within the DHCP Settings, those devices would receive their static reservations and work as expected, so the problem seems to be leveraging the DHCP Pool for devices connecting to VLANs other that VLAN 1.
    Any ideas as to why the DHCP Pool's are "non-functioning" for the other VLANs is greatly appreciated...
    Each VLAN is setup with a separate DHCP Server configuration as shown below:
    VLAN ID = 1 (Default, Inter VLAN Routing = Enabled, LAN1-6 = Untagged, LAN7=Tagged, LAN8=Excluded, LAN9-14 Untagged)
    Device IP Address = 172.16.xxx.1
    Subnet Mask = 255.255.255.0
    DHCP Mode = DHCP Server
    Remote DHCP Server = 0.0.0.0
    Client Lease Time = 1440 min
    Range Start = 172.16.xxx.100
    Range End = 172.16.xxx.199
    DNS Server = Use DNS as Below
    Static DNS 1 = 208.67.222.222
    Static DNS 2 = 208.67.220.220
    WINS Server = 0.0.0.0
    Correctly serving IP Addresses via DHCP (both static and dynamic) to Wired devices & Wireless devices connecting through WAP (set to Bridge)
    VLAN ID = 25 (GuestWireless, Inter VLAN Routing = Disabled, LAN1-LAN7 = Excluded, LAN8 = Untagged, LAN9-14 = Excluded)
    Device IP Address = 172.16.yyy.1
    Subnet Mask = 255.255.255.0
    DHCP Mode = DHCP Server
    Remote DHCP Server = 0.0.0.0
    Client Lease Time = 1440 min
    Range Start = 172.16.yyy.100
    Range End = 172.16.yyy.199
    DNS Server = Use DNS as Below
    Static DNS 1 = 208.67.222.222
    Static DNS 2 = 208.67.220.220
    WINS Server = 0.0.0.0
    NOT serving dynamic IP Addresses via DHCP to Wired devices & Wireless devices connecting through WAP (set to Bridge)
    Static DHCP Reservations setup via IP & MAC Binding settings DO WORK in terms of providing the assigned static IP Address to the client.  Inbound/Outbound traffic to Internet works for devices with Static DHCP Reservations.
    VLAN ID = 100 (Voice, Inter VLAN Routing = Disabled, LAN1-6 Excluded, LAN7 = Untagged, LAN8-14 = Excluded)
    Device IP Address = 192.168.zzz.1
    Subnet Mask = 255.255.255.0
    DHCP Mode = DHCP Server
    Remote DHCP Server = 0.0.0.0
    Client Lease Time = 1440 min
    Range Start = 192.168.zzz.100
    Range End = 192.168.zzz.199
    DNS Server = Use DNS as Below
    Static DNS 1 = 208.67.222.222
    Static DNS 2 = 208.67.220.220
    WINS Server = 0.0.0.0
    NOT serving dynamic IP Addresses via DHCP to Wired devices & Wireless devices connecting through WAP set to Bridge
    Static DHCP Reservations setup via IP & MAC Binding settings DO WORK in terms of providing the assigned static IP Address to the client.  Inbound/Outbound traffic to Internet works for devices with Static DHCP Reservations.

  • VPN no longer working after moving DHCP server to router

    I am preparing my SBS 2008 environment for migration to Server 2012 R2 Essentials.  I moved the DHCP server to the router (a Netgear R7000 with standard firmware).  I am able to access RWW and CompanyWeb via the router from external locations. 
    With the VPN, however, I can only connect but cannot access any network resource (including file shares).  The VPN is supported by the SBS server with RRAS.  I didn't change any of the configuration because I didn't think any of it needed to be changed.  The
    router just needs to get it's reservations from a different DHCP server, right?  Anyway, would appreciate if someone can shed some light on what's going on here.
    JeHarry

    Hello JeHarry,
    I would recommend you to follow the TechNet to migrate SBS 2008 to 2012 R2 Essentials. Don't skip any part.
    https://technet.microsoft.com/en-us/library/jj200141.aspx
    Troubleshooting VPN Issues on 2012
    http://blogs.technet.com/b/sbs/archive/2014/06/11/troubleshooting-common-vpn-issues-on-windows-server-2012-r2-essentials.aspx
    Binu Kumar - MCP, MCITP, MCTS , MBA - IT , Director Aarbin Technology Pvt Ltd - Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Maybe you are looking for

  • Keynote and Microsoft Powerpoint crash when opening a downloaded ppt.

    Hello, I am having a problem that only is affecting my Macbook Pro. both Microsoft Powerpoint and Keynote crashes when I open a ppt. I download from a work site. Same thing happens when trying to open the same file with Microsoft powerpoint.These sam

  • How to find list of locked users & unlock them?

    Hello, Is there any method in portal to find the list of locked users? and unlock them. we can unlock single user at a time.  but if we want to unlock a group of users (for Ex:- 20 locked users), how can we unlock al the 20 locked users? Thanks in ad

  • UPerform - Login failed for uPerformSystem

    Hi, I'm working with SAP Productivity Pack and Ancile uPerfom 5.10 and I'm having an issue, while trying to publish a document, the document cannot be seen by the end user. Checking the logs I found the following errors, CollabConsole: [16-Sep-2014 1

  • Lock on iPhone 5 photos

    Adding photos from iPhone to computer. They downloaded with a lock on them, which didn't stop me from editing them, but am wondering why... iPhone 5 and just put a pass code on it for protection. Is this why?

  • Why is my ipod stuck at the spinning circle?

    my ipod touch 5th gen has been stuck at the circular/ spinning circle loading screen for almost 3 hours. if theres any thing i need to try let me know