Snooping Issue
Hello-
I have a pair of Catalyst 4510s I'm looking to enable DHCP snooping on and looking for some expertise... I have all DCHP clients connected up to the 4k's. The 4k's are connected upstream to a pair of ASA's, then up upstream to a pair of Nexus 7ks. The DHCP servers sit on the 7k's. I have done the following, but am unable to pull an IP.
1. enabled snooping on both 4k's for vlans 1-4094 (ip dhcp snooping vlan 1-4094)
2. trusted the upstream port channel member interfaces (gi1/47 and gi1/48) and the port channel interface itself, by way of (ip dhcp snooping trust)
3. Issued the "no ip dhcp snooping information option" on both 4k's
I am able to pull an IP on my laptop, which I have a reservation created for, but I am not pulling an IP on any other true DHCP clients on the floor. Anyone able to shed some light?
Thanks in advance-
Brian
Hello-
I have a pair of Catalyst 4510s I'm looking to enable DHCP snooping on and looking for some expertise... I have all DCHP clients connected up to the 4k's. The 4k's are connected upstream to a pair of ASA's, then up upstream to a pair of Nexus 7ks. The DHCP servers sit on the 7k's. I have done the following, but am unable to pull an IP.
1. enabled snooping on both 4k's for vlans 1-4094 (ip dhcp snooping vlan 1-4094)
2. trusted the upstream port channel member interfaces (gi1/47 and gi1/48) and the port channel interface itself, by way of (ip dhcp snooping trust)
3. Issued the "no ip dhcp snooping information option" on both 4k's
I am able to pull an IP on my laptop, which I have a reservation created for, but I am not pulling an IP on any other true DHCP clients on the floor. Anyone able to shed some light?
Thanks in advance-
Brian
Similar Messages
-
Hi all,
I am having trouble getting the dhcp snooping to work on a stacked 3750 when a rogue DHCP server is plugged in to the network. I have configured dhcp snooping on one of our user switches with the following commands.
ip dhcp snooping
ip dhcp snooping vlan 11
no ip dhcp snooping information option
int range fa1/0/1 - 48
ip dhcp snooping limit rate 100
VLAN Name Status Ports
11 JKT_Net_DHCP_1
interface FastEthernet1/0/43
description DHCP Subnet 1
switchport access vlan 11
switchport mode access
switchport port-security maximum 3
switchport port-security aging time 1440
switchport port-security violation restrict
switchport port-security aging type inactivity
no logging event link-status
no snmp trap link-status
spanning-tree portfast
spanning-tree bpduguard enable
ip dhcp snooping limit rate 100
end
The configuration works in ther fact that users are still getting their IP address info from the DHCP server and i can see all the dhcp snooping bindings on the switch. But I'm having issues where when a rogue dhcp device is plugged in to one of the user ports i.e fa1/0/43 on the user subnet, and do an ipconfig /release /renew on a machine on the same VLAN, i am still getting a DHCPOFFER from the rogue device and the machine ends up with the wrong IP address.
Currrently the real DHCP server sits off a network behind the firewall, with a layer 3 link (running OSPF) between the user switch to the distribution switch. I have enabled the dhcp snooping on the link from the distribution switch to the real DHCP server (shown below).
DHCP snooping trusted interface
interface GigabitEthernet1/0/9
description JKTADC01 - LAC 1
switchport access vlan 21
switchport mode access
no snmp trap link-status
ip dhcp snooping trust
end
I have also attached a network diagram of the network setup.
I would like to stop the rogue server from being able to give out ip addresses.
Can someone shed some light on this topic please?
Kind regards,
PhilipPawan,
Based on the error messages it looks like you have a mis-configuration. Looks like
one of the trunks/ports does not have DHCP trust configured on it. Can you
track mac address 34dc.fde5.2c40 to what port it's connected to and verify
that it has DHCP trust enabled?.
Haihua -
1.3.0.59 firmware issue
I installed the 1.3.0.59 on a couple of SG300-28Ps. On the Status and Statistics page, the PoE indicators no longer lit. Physically, on the front of the switch, they did still light. I didn't yet reboot to factory defaults to see if that clears it, because I don't feel like entering the config again this early in the morning. But I am willing to test that, if needbe.
When reverting the image back to 1.2.9.44 (tested) or possibly earlier, the ip default gateway must be re-entered (if it was configured). Even if ip-default gateway x.x.x.x shows up correctly on a 'show run', the switch will not obey it, and on the IPv4 settings page it will report the operational default gateway as blank. This came as a surprise becauset he switch suddenly wouldn't talk to the VPN anymore. Logging onto the switch locally, going to the IPv4 settings, ticking the radio button back on User Defined and typing it back in cleared that up. It appears this cropped up because the syntax for specifying the default gateway changed in 1.3.x but it's still odd that the config shows correctly in console but not in the gui.I see that Cisco have today released new firmware for the SG300 switches.
http://software.cisco.com/download/release.html?mdfid=283019611&catid=268438038&softwareid=282463181&release=1.3.0.62&relind=AVAILABLE&rellifecycle=&reltype=latest
http://www.cisco.com/en/US/docs/switches/lan/csbms/sf30x_sg30x/release_notes/R_1.3.0.62_RN_78-21240-01.pdf
So soon after the last release, it’s obviously mainly a bugfix exercise.
Hopefully it will address some of the issues above, and some of my own which include some strange multicast (IGMP snooping) issues which affected UPnP discovery, etc. Also found that some other configurations got corrupted after upgrading to 1.3.0.59.
Would be good to know if 1.3.0.62 fixes things not mentioned in the release notes
Later edit:
Well - I've tried 1.3.0.62 and despite the claim in the release notes that one of the defects fixed is:
"After the firmware is upgraded from 1.2.9.44 to 1.3.0, the IP default gateway
changes to default route. (CQ146158)"
I am still finding in layer 2 mode that it is still stored as a route:
"ip route 0.0.0.0 /0 10.2.3.7 metric 1"
When you attempt to reload this config file, you get the error:
"Status:
Copy failed
Error Message:
Copy: Error in configuration download Line: 102 Command: ip route 0.0.0.0 /0 10.2.3.7 metric 1"
Strangely, in layer 3 mode, it saves it as a default gateway setting:
"ip default-gateway 10.2.3.7 " which loads with no errors, despite the fact that the manual states that there is no "default gateway" in the layer 3 mode.
This is the same behaviour as firmware 1.3.0.59.
Incidentally, I have been told that the performance of the SG300 switches is better if set to layer 3 mode, but only used as layer 2 (i.e. no routing or multiple IP addresses set.) Anyone got any experience of this?
Certianly it seems that with v1.3 firmware, the only way to avoid an error when reloading a config file is to set the switch to router mode. -
Qtcreator-1.3.0 PKGBUILD
Just like the qt-doc 4.6. I've modified the PKGBUILD from abs tu build qtcreator-1.3.0.
http://kkrzewniak.gsoftware.pl/download … LD.tar.bz2
pkgname=qtcreator
pkgver=1.3.0
pkgrel=1
_qtver=4.6.0
pkgdesc="Lightweight, cross-platform integrated development environment"
arch=('i686' 'x86_64')
url="http://trolltech.com/developer/qt-creator"
license=('LGPL')
makedepends=()
depends=('qt>=4.5')
optdepends=('qt-doc: for the integrated Qt documentation'
'gdb: for the debugger')
options=(docs)
source=("http://download.qtsoftware.com/qtcreator/qt-creator-${pkgver}-src.tar.gz"
"http://get.qt.nokia.com/qt/source/qt-everywhere-opensource-src-${_qtver}.tar.gz"
paths.patch
qtcreator.desktop
qtcreator)
md5sums=('52abe3574b58db23dd875f64b125b841'
'2a7b5126f2450d8525af355fc4c12ad6'
'68663f1fa9fe5bb3825b28ac02a41eed'
'2c3ffbd66845b37be9804f2966815a10'
'53a02595008d842ca30c828640eb8f0c')
build() {
cd "${srcdir}/qt-everywhere-opensource-src-${_qtver}"
touch ".qmake.cache"
cd "${srcdir}/qt-creator-${pkgver}"
patch -Np1 -i ${srcdir}/paths.patch
export QTDIR="${srcdir}/qt-everywhere-opensource-src-${_qtver}"
if [ -d ${srcdir}/build ]; then
rm -rf ${srcdir}/build
fi
mkdir ${srcdir}/build
cd ${srcdir}/build
mkdir -p share/doc/qtcreator
touch share/doc/qtcreator/qtcreator.qch
qmake ${srcdir}/qt-creator-${pkgver}/qtcreator.pro -o Makefile || return 1
make || return 1
make INSTALL_ROOT="${pkgdir}/usr/" install || return 1
install -Dm755 ${srcdir}/qtcreator ${pkgdir}/usr/bin/qtcreator
install -Dm644 ${srcdir}/qtcreator.desktop ${pkgdir}/usr/share/applications/qtcreator.desktop
install -Dm644 ${srcdir}/qt-creator-${pkgver}/LGPL_EXCEPTION.TXT ${pkgdir}/usr/share/licenses/qtcreator/LGPL_EXCEPTION.TXTI see that Cisco have today released new firmware for the SG300 switches.
http://software.cisco.com/download/release.html?mdfid=283019611&catid=268438038&softwareid=282463181&release=1.3.0.62&relind=AVAILABLE&rellifecycle=&reltype=latest
http://www.cisco.com/en/US/docs/switches/lan/csbms/sf30x_sg30x/release_notes/R_1.3.0.62_RN_78-21240-01.pdf
So soon after the last release, it’s obviously mainly a bugfix exercise.
Hopefully it will address some of the issues above, and some of my own which include some strange multicast (IGMP snooping) issues which affected UPnP discovery, etc. Also found that some other configurations got corrupted after upgrading to 1.3.0.59.
Would be good to know if 1.3.0.62 fixes things not mentioned in the release notes
Later edit:
Well - I've tried 1.3.0.62 and despite the claim in the release notes that one of the defects fixed is:
"After the firmware is upgraded from 1.2.9.44 to 1.3.0, the IP default gateway
changes to default route. (CQ146158)"
I am still finding in layer 2 mode that it is still stored as a route:
"ip route 0.0.0.0 /0 10.2.3.7 metric 1"
When you attempt to reload this config file, you get the error:
"Status:
Copy failed
Error Message:
Copy: Error in configuration download Line: 102 Command: ip route 0.0.0.0 /0 10.2.3.7 metric 1"
Strangely, in layer 3 mode, it saves it as a default gateway setting:
"ip default-gateway 10.2.3.7 " which loads with no errors, despite the fact that the manual states that there is no "default gateway" in the layer 3 mode.
This is the same behaviour as firmware 1.3.0.59.
Incidentally, I have been told that the performance of the SG300 switches is better if set to layer 3 mode, but only used as layer 2 (i.e. no routing or multiple IP addresses set.) Anyone got any experience of this?
Certianly it seems that with v1.3 firmware, the only way to avoid an error when reloading a config file is to set the switch to router mode. -
Lync 2013 - Issue with Snooper and Centralized Logging files
I ran the AlwaysOn trace on 3 pools last night till this morning. When I run the search script and include the specific time I want I get a different time in the trace. For example....I want to see the traces from 3-3:30AM. This is what
I ran :
Search-CsClsLogging -Pools "X","Y","Z" -StartTime "12/27/2013 03:00:00 AM" -EndTime "12/27/2013 03:30:00 AM" -OutputFilePath \\file01\LyncShare\Traces\lync_trace122713.txt
When I open snooper the timestamp on the trace is from 8-8:30AM. I checked all the servers in the 3 pools and there are .hdr and .cache files from yesterday to this morning as seen here:
The timestamps on the servers are correct.
Not sure what the issue is. Suggestions? Thanks.Hi,
The issue may cause by the influence of the cache before.
Please try to run the cmdlet: Sync-CsClsLogging and then run the search cmdlet again to test the issue. The cmdlet
Sync-CsClsLogging will flush the cache used by searching before. Flushing the cache helps to ensure that there is a clean log and trace file capture buffer at the CLSController for the next search operation.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Connection issue on new infinity
Hi, would appreciate if anyone can shed some light on the issue I'm having.
I live a fair distance from the local village, so I can't get full infinity, but I do have infinity to a certain point, then copper cable for the rest of the distance.
Well aware I'm not going to get amazing speeds, but I was estimated at getting between 11 and 18Mb (compared to my old 1.5Mb it's a huge upgrade).
Got switched on yesterday, and was slightly disappointed when I tried my first download. I registered max speeds of around 6Mb, so did a bit of snooping around looking at my settings etc, tried a router reset and looked at the connection speed. Something I also noticed was my upload speed is even worse than when I was just on normal BB, used to be circa 0.3Mb upload, now 0.16.
So I checked the connection status on the router, and it's showing a connection speed of 14.xxMb and upload was something daft like 0.18. So the upload speed marries up (even though it's rediculously slow) but the download speed doesn't make sense, considering I'm connected at 14Mb but I'm only getting download speeds of 6Mb (600kbps, whereas I surely should be seeing speeds of 1.4/5mbps)?
Am I right to think something is amiss here? To be fair I really don't mind the speed at the moment, I can finally stream youtube at 720, whereas 360 was pushing it before
There's a couple of thing's I'm going to try tonight, as I'm using a very old long run of cat4 to connect to the router at the moment. So I'll move the router close to the pc and try the cable that came with the hub. Also, haven't tried wireless speeds yet which would also show a problem with the wired connection.
I would phone up BT but really don't want to talk to India again as you just go round and round in circles.
Solved!
Go to Solution.Cat4 cable consists of four unshielded twisted-pair (UTP) copper wires with a data rate of 16 Mbit/s and performance of up to 20 MHz.
Can you post your helpdesk data from the HH5 please? These are in Troubleshooting/Helpdesk on the web interface at http://192.168.1.254 or http://bthomehub.home
Please miss out any data you don't want to post
If you found this post helpful, please click on the star on the left
If not, I'll try again -
An issue with authentication and authorization on ISE 1.2
Hi, I'm new to ISE.
I have an issue with authentication and authorization.
I have ISE 1.2 plus patch 6 installed on VMware.
I have built-in Windows XP supplicant and 2960 cisco switch with IOS c2960-lanbasek9-mz.150-2.SE5.bin
On supplicant I use EAP(PEAP) with EAP-MSCHAP v2.
I created authentication and authorization rules with Active Directory as External Identity Source. Also I applied authorization profile with DACL.I login on Windows XP machine under different Active Directory accounts. Everything works fine (authentication, authorization ), but only for several hours. After several hours passed , authentication and authorization stop working . I can see that ISE trying authenticate and authorize users, but ISE always use only one account for authentication and authorization . Even if I login under different accounts ISE continue to use only one last account.
I traied to reboot switch and PC,but it didn’t help. Only rebooting of ISE helps. After ISE rebooting, authentication and authorization start to work properly for several hours.
I don’t understand is it a glitch or I misconfigured ISE or switch, supplicant?
What should I do to resolve this issue?
Switch configuration:
testISE#sh runn
Building configuration...
Current configuration : 7103 bytes
! Last configuration change at 12:20:15Tue Apr 15 2014
! NVRAM config last updated at 10:35:02 Tue Apr 15 2014
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname testISE
boot-start-marker
boot-end-marker
no logging console
logging monitor informational
enable secret 5 ************
enable password ********
username radius-test password 0 ********
username admin privilege 15 secret 5 ******************
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting update periodic 5
aaa accounting dot1x default start-stop group radius
aaa server radius dynamic-author
client 172.16.0.90 server-key ********
aaa session-id common
clock timezone 4 0
system mtu routing 1500
authentication mac-move permit
ip dhcp snooping vlan 1,22
ip dhcp snooping
ip domain-name elauloks
ip device tracking probe use-svi
ip device tracking
epm logging
crypto pki trustpoint TP-self-signed-1888913408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1888913408
revocation-check none
rsakeypair TP-self-signed-1888913408
crypto pki certificate chain TP-self-signed-1888913408
dot1x system-auth-control
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
ip ssh version 2
interface FastEthernet0/5
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication open
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/6
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/7
interface Vlan1
ip address 172.16.0.204 255.255.240.0
no ip route-cache
ip default-gateway 172.16.0.1
ip http server
ip http secure-server
ip access-list extended ACL-ALLOW
deny icmp any host 172.16.0.1
permit ip any any
ip radius source-interface Vlan1
logging origin-id ip
logging source-interface Vlan1
logging host 172.16.0.90 transport udp port 20514
snmp-server community public RO
snmp-server community ciscoro RO
snmp-server trap-source Vlan1
snmp-server source-interface informs Vlan1
snmp-server enable traps snmp linkdown linkup
snmp-server enable traps mac-notification change move
snmp-server host 172.16.0.90 ciscoro
radius-server attribute 6 on-for-login-auth
radius-server attribute 6 support-multiple
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server dead-criteria time 5 tries 3
radius-server vsa send accounting
radius-server vsa send authentication
radius server ISE-Alex
address ipv4 172.16.0.90 auth-port 1812 acct-port 1813
automate-tester username radius-test idle-time 15
key ******
ntp server 172.16.0.1
ntp server 172.16.0.5
endYes. Tried that (several times) didn't work. 5 people in my office, all with vers. 6.0.1 couldn't access their gmail accounts. Kept getting error message that username and password invalid. Finally solved the issue by using Microsoft Exchange and "m.google.com" as server and domain and that the trick. Think there is an issue with imap.gmail.com and IOS 6.0.1. I'm sure the 5 of us suddently experiencing this issue aren't the only ones. Apple will figure it out. Thanks.
-
Issues with Hosted Exchange, UM and Lync 2013.
Hello everyone!
I am trying to deploy UM with Office 365 Hosted Exchange. We are using one Lync 2013 Standard Edition FE and have deployed one edge server. We have set up our firewall to host the Reverse Proxy.
We do not use wildcard certs. External DNS resolves the _sipfederation and sip._tls SRV records to the external face of the edge server. The edge server functions as it should for remote users and mobility.
I have tried to follow these instructions to the letter three times over to no avail.
http://y0av.me/2014/01/07/lyncum365/
Neither Snooper or Event Viewer show any particular issue, though when I try to dial out to voice mail I will get one to two rings and then 5 seconds of silence a fast busy, and finally "Call Unsuccessful".
When checking the firewall logs I notice a seemingly random 10.x.x.x address being sent to the firewall by the external leg of the edge server. Wireshark captures it as STUN packets on port 3478 being sent to port 3478. These are being dropped by our firewall.
I believe them to be RTP packets but I do not know if this is normal behavior. Has anyone any ideas?My mistake. Here is the snooper result.
TL_INFO(TF_PROTOCOL) [edge\edge]0C4C.05E4::06/18/2014-15:43:34.153.0000000C (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(265)) [3770767507]
Trace-Correlation-Id: 3770767507
Instance-Id: 2E5A
Direction: incoming;source="external edge";destination="internal edge"
Peer: exap.um.outlook.com:5061
Message-Type: response
Start-Line: SIP/2.0 488 Compression algorithm refused
From: sip:sip.domain.net;tag=08FB9ED133BA396696FE6546EA6F3031
To: sip:exap.um.outlook.com;tag=B8FFE4E9267ED6ECB78ADCC60126B53F
Call-ID: 66602CE1F9980BFA94AD
CSeq: 1 NEGOTIATE
Via: SIP/2.0/TLS 10.11.11.23:50752;branch=z9hG4bK2132316E.5B3AF52DE2753A36;branched=FALSE;received=207.46.5.9;ms-received-port=50752;ms-received-cid=60172700
Content-Length: 0
Server: RTC/5.0
TL_INFO(TF_NETWORK) [edge\edge]0C4C.05E4: :06/18/2014-15:43:34.153.0000000D (SIPStack,NegotiateLogic::SetCompressionType:NegotiateLogic.cpp(2701)) [559249495]( 00000079B1274FB8 ) Compression type is now CompOff
TL_INFO(TF_NETWORK) [edge\edge]0C4C.05E4: :06/18/2014-15:43:34.153.0000000E (SIPStack,NegotiateLogic::ProcessCompressionResponse:NegotiateLogic.cpp(2217)) [559249495]( 00000079B1274FB8 ) Peer refused [488] our request for compression
TL_INFO(TF_NETWORK) [edge\edge]0C4C.05E4: :06/18/2014-15:43:34.153.0000000F (SIPStack,NegotiateLogic::AdvanceOutboundNegotiation:NegotiateLogic.cpp(910)) [559249495]( 00000079B1274FB8 ) Outbound negotiation sequence is complete
$$end_record
And finally..
TL_INFO(TF_PROTOCOL) [edge\edge0C4C.05E4::06/18/2014-15:43:49.379.0000002E (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(265)) [962697980]
Trace-Correlation-Id: 962697980
Instance-Id: 2E61
Direction: incoming;source="internal edge";destination="external edge"
Peer: fe1.domain.net:61254
Message-Type: request
Start-Line: BYE sip:uminternal.um.prod.outlook.com:5066;transport=Tls;ms-fe=CO1PR02MB111.namprd02.prod.outlook.com SIP/2.0
From: <sip:[email protected]>;tag=b736386270;epid=9bcee72318
To: <sip:[email protected];opaque=app:voicemail>;tag=eced411395;epid=07C3F2A933
Call-ID: 4266a095bdef8280d67c7e7df58446fc
CSeq: 2 BYE
Via: SIP/2.0/TLS 10.10.10.25:61254;branch=z9hG4bKC848F11A.A88BCA6858661A50;branched=FALSE
Via: SIP/2.0/TLS 10.10.10.125:49156;ms-received-port=49156;ms-received-cid=401200
Route: <sip:edge.domain.net:5061;transport=tls;opaque=state:Si;lr>
Route: <sip:exap.um.outlook.com:5061;transport=tls;epid=07C3F2A933;lr;ms-key-info=AAEAARc45bIQE6UJAYvPAR8eV4QTvCH3EE2Kxtie7I2PMCSj-2aArKHP8dStYlJe-9jphIkz_mDEkCD_v8hY-mghQEHD6-F12E7E14YG-TJ2gEcQE0Bx2r_rDB3LrzRZzgQ0WVvxreLPWGI80elWF-xfbc_X3JE8mOR2OB9KQM8-e9WOjfq2kj6CnDGeL0yzgz4OB8zm-ao03Yo4gMZ-BpwaxC3BNuvvVDJo9wqrYftq_Z3MIVewWrqcDt5Td4vxCsMiXdwEqtEIRKVvQoqboleBJAyQl-C3qGgfEoSkUnApFuTSnQYRa4kbZ1iPaACpdKT-VTQGjc9HXfps48YJCsIXW0Ab_NSM2uvhUyw900men1ukXSmoZoWZbwqe5siuWVUcFoQl1h1Jcy4lCyZUfDZoqPzDioLqTk9iUmS8fa-PAJjsq72yGjVB_y1aJSxtHVsw7MiDqOGOPqT3dmF-sINkeyuokCy8UCf_cQHmEHwVzZLUJqaVccr3QNCLsBzhcWSypnC60ZZphOKuwl6RvUXWICPf0ubLTL2ppC3tWEgFdUUWOPVd84uGlMcqRLKGb1qrmpj8Nu6Lte7t5n2pMEBCfgAe79t4GO0C5KScdKT_XBM1iIBRXdNkPKHfSgC-wPQgRikdw7vRD-hOWlN5Lay7-zkQ4Ag6rauszFTAwbft99OieAOxKIsgYcxXxcG6;ms-route-sig=fiEMuzbN4_PyEz_I5gG3g8FtqNAonwgZCoRnOq-ByfYEtywTZp-Hk_eAAA>
Max-Forwards: 69
Content-Length: 0
ms-client-diagnostics: 22; reason="Call failed to establish due to a media connectivity failure when both endpoints are internal";CallerMediaDebug="audio:ICEWarn=0x40003a0,LocalSite=10.10.10.125:6735,LocalMR=10.11.11.23:51430,RemoteSite=10.27.46.15:5286,RemoteMR=207.46.5.80:54106,PortRange=1025:65000,LocalMRTCPPort=51430,RemoteMRTCPPort=54106,LocalLocation=2,RemoteLocation=2,FederationType=0"
$$end_record -
Can I use DHCP snooping and IOS DHCP server on the same switch stack
Hello,
I am shortly going to be deploying a Cisco CallManager solution for a customer whose network comprises stacks of Catalyst 3850 switches.
There is no separate core/server farm switch so the CallManager servers, voice gateways and IP phones will all plug into the same stack and be in the same VLAN (not my choice!).
For security we want to enable DHCP snooping and were planning on using the IOS DHCP server on the Catalyst switch stack.
Will this work? - when I enable DHCP snooping in networks with separate access layer switches I set the uplinks to the core as trusted links.
I am not sure whether DHCP snooping will work in this case. Do I need to set the VLAN interface on the switch as trusted, is this even possible?
Unfortunately I do not have access to a layer 3 switch to test this at the moment.
ThanksNope. That's the issue.
They'll sync on a third device acting as a hotspot, but the device sending a signal is not "on" the network it creates so the airport is all by itself on that network. At least that is what it looks like to me. Anyone have another take on it? Seems pretty silly that an iPad can put out a wifi signal, an Airport Express can receive a wifi signal, and yet there is no simple way to get them to communicate under this particular condition. -
The battery only last 6hrs complete with basic normal usage . I tried all the suggestions and nothing was helping. I finally tried switching off the 3G to EDGE and what a major difference in battery life . My phones last more than a day . I got so far 8 hrs usages And 25 hours standby . But that's phones were created to handle lte and 3 g why is it killing the battery life ?? How can I resolve this issue ?
Thanks for the replies. It took a while not hearing anything so thought I was alone. I have done many of the suggestions already. The key here is that it occurs on both phones with apps, and phones still packaged in a box.
A Genius Bar supervisor also checked his Verizon data usage log and found the same 6 hour incremental use. Suprisingly, he did not express much intrigue over that. Maybe he did, but did not show it.
I think the 6 hour incremental usage is the main issue here. I spoke with Verizon (again) and they confirmed that all they do is log exactly when the phone connected to the tower and used data. The time it records is when the usage started. I also found out that the time recorded is GMT.
What is using data, unsolicited, every 6 hours?
Why does it change?
Why does it only happen on the iPhone 5 series and not the 4?
Since no one from Apple seems to be chiming in on this, and I have not received the promised calls from Apple tech support that the Genius Bar staff said I was suppose to receive, it is starting to feel like something is being swept under the rug.
I woke up the other day with another thought ... What application would use such large amounts of data? Well ... music, video, sound and pictures of course. Well ... what would someone set automatically that is of any use to them? hmmm ... video, pictures, sound. Is the iPhone 5 succeptible to snooping? Can an app be buried in the IOS that automatically turns on video and sound recording, and send it somewhere ... every 6 hours? Chilling. I noted that the smallest data usage is during the night when nothing is going on, then it peaks during the day. The Genius Bar tech and I looked at each other when I drew this sine wave graph on the log print outs during an appointment ... -
Having Issues with High CPU Usage with fluxbox & pekwm
Greetings,
I have searched for this issue and it seems that something similar has happened in the past with an old xorg, and it seems that someone is having a similar issue that they can point to kde as being the culrpit. However in my case, this is a fresh install and is not using any kde libs. Please allow me to explain the issue.
The power supply on my main computer finally gave out, and being incredibly poor at the moment I can not yet replace it. So, I pull out an older computer that I had once set up for my kids, but took it away from them when they were abusing it. I always make backup dvds and such monthly so I didn't have to worry about any lose of data, however I desired to keep my larger hard drives from my main computer. After testing to ensure that the hard drives were fine, I did some minor surgery, and did a fresh install of arch linux onto my back up computer. Since I prefer pekwm, I installed pekwm as my wm of choice, and outfitted it quickly with mpd+sonata, firefox, pcmanfm, and tint2. Then I rebooted into my pekwm 'desktop'.
It was running sluggish. Firefox was easily maxing the cpu up and beyond 100% and it felt ten times worse than any heavy DE I used in the past. I checked to make sure I had the right video driver installed. As this computer runs a 64MB nVidia GeForce2 MX with TV out video card, I searched nvidia's page and the arch wiki, noting that the driver needed is nvidia-96xx. Well I had already suspected that during install, and thus had installed such driver. I double checked my xorg.config and it has the right driver listed.
So I checked out some lighter browsers. I tried both Midori and Iron (which is similar to Chrome but without google spyware or whatever). Well both run better than firefox, Midori being the lightest one, but Iron quickly being my favorite. Still, the problem remained. Moving windows caused cpu spikes, opening more than one tab, or more than one program caused cpu spikes and the computer to slow down and sputter, freezing at times.
So I tried out another wm, fluxbos, which is another of my favorites. Seemed somewhat better but only fractionally, which I consider odd because pekwm has always seemed snappier than fluxbox to me in the past. Running lxtask (still mouse dependent, sorry lol), I was able to take note of the following...
FLUXBOX
lxtask 6% CPU usage average
PCManFM 5% CPU Average
Fluxbox 1% to 2% cpu usage
gksu 3% cpu usage
pidgin 3% to 7% cpu usage
firefox up to 62% cpu usage
midori up to 38% cpu usage
iron up to 50% cpu usage
mpd 11% cpu uage
Xorg (with no window movement) 2% cpu usage
Xorg (moving windows around) up to 80% cpu usage
PEKWM
lxtask 6% CPU
pidgin 7% cpu
tint2 1% cpu
pekwm 1% to 5% cpu
pcmanfm 7% cpu
firefox up to 85% cpu
python 1% cpu
midori up to 38% cpu
iron up to 25% cpu (odd...)
Xorg (with no window movement) 1% cpu
Xorg (when moving windows around) up to 80% cpu
Both were using around 118 MB RAm and weren't yet touching swap. As I see it I am thinking xorg or video driver related, yet I already made sure that I had the correct video driver. Here's my Xorg.conf
# nvidia-xconfig: X configuration file generated by nvidia-xconfig
# nvidia-xconfig: version 1.0 (buildmeister@builder63) Thu Jun 25 18:57:07 PDT 2009
Section "ServerLayout"
Identifier "Layout0"
Screen 0 "Screen0" 0 0
InputDevice "Keyboard0" "CoreKeyboard"
InputDevice "Mouse0" "CorePointer"
EndSection
Section "Files"
EndSection
Section "InputDevice"
# generated from default
Identifier "Mouse0"
Driver "mouse"
Option "Protocol" "auto"
Option "Device" "/dev/psaux"
Option "Emulate3Buttons" "no"
Option "ZAxisMapping" "4 5"
EndSection
Section "InputDevice"
# generated from default
Identifier "Keyboard0"
Driver "kbd"
EndSection
Section "Monitor"
Identifier "Monitor0"
VendorName "Unknown"
ModelName "Unknown"
HorizSync 30.0 - 110.0
VertRefresh 50.0 - 150.0
Option "DPMS"
EndSection
Section "Device"
Identifier "Device0"
Driver "nvidia"
VendorName "NVIDIA Corporation"
EndSection
Section "Screen"
Identifier "Screen0"
Device "Device0"
Monitor "Monitor0"
DefaultDepth 24
SubSection "Display"
Depth 24
Modes "1600x900" "1024x768" "800x600" "640x480"
EndSubSection
EndSection
Here's some specs on this computer, including video cards and such...
Computer
Summary
Computer
Processor Intel(R) Pentium(R) 4 CPU 1.60GHz
Memory 1034MB (239MB used)
Operating System Arch Linux
User Name mythus (Travis K. Randall)
Date/Time Thu 08 Oct 2009 05:24:52 PM CDT
Display
Resolution 1600x900 pixels
OpenGL Renderer GeForce2 MX/AGP/SSE2
X11 Vendor The X.Org Foundation
Multimedia
Audio Adapter ICH - Intel 82801BA-ICH2
Input Devices
Macintosh mouse button emulation
AT Translated Set 2 keyboard
Power Button
Power Button
PC Speaker
Logitech USB Optical Mouse
Printers
No printers found
SCSI Disks
ATA ST3160212A
ATA IC35L090AVV207-0
LITE-ON LTR-16102B
TSSTcorp CD/DVDW TS-H552D
Operating System
Version
Kernel Linux 2.6.30-ARCH (i686)
Compiled #1 SMP PREEMPT Wed Sep 9 12:37:32 UTC 2009
C Library GNU C Library version 2.10.1 (stable)
Default C Compiler GNU C Compiler version 4.4.1 (GCC)
Distribution Arch Linux
Current Session
Computer Name norova
User Name mythus (Travis K. Randall)
Home Directory /home/mythus
Desktop Environment Unknown (Window Manager: Fluxbox)
Misc
Uptime 11 hours, 38 minutes
Load Average 0.20, 0.38, 0.34
Kernel Modules
Loaded Modules
ipv6 IPv6 protocol stack for Linux
reiserfs ReiserFS journaled filesystem
usbhid USB HID core driver
hid
arc4 ARC4 Cipher Algorithm
ecb ECB block cipher algorithm
snd_seq_dummy ALSA sequencer MIDI-through client
rt2500pci Ralink RT2500 PCI & PCMCIA Wireless LAN driver.
snd_seq_oss OSS-compatible sequencer module
rt2x00pci rt2x00 pci library
snd_seq_midi_event MIDI byte <-> sequencer event coder
rt2x00lib rt2x00 library
snd_seq Advanced Linux Sound Architecture sequencer.
led_class LED Class Interface
snd_seq_device ALSA sequencer device management
input_polldev Generic implementation of a polled input device
mac80211 IEEE 802.11 subsystem
snd_intel8x0 Intel 82801AA,82901AB,i810,i820,i830,i840,i845,MX440; SiS 7012; Ali 5455
uhci_hcd USB Universal Host Controller Interface driver
snd_pcm_oss PCM OSS emulation for ALSA.
fan ACPI Fan Driver
cfg80211 wireless configuration support
ppdev
ehci_hcd USB 2.0 'Enhanced' Host Controller (EHCI) Driver
snd_mixer_oss Mixer OSS emulation for ALSA.
snd_ac97_codec Universal interface for Audio Codec '97
nvidia
lp
eeprom_93cx6 EEPROM 93cx6 chip driver
parport_pc PC-style parallel port driver
ohci1394 Driver for PCI OHCI IEEE-1394 controllers
parport
psmouse PS/2 mouse driver
ac97_bus
ieee1394
serio_raw Raw serio driver
8139too RealTek RTL-8139 Fast Ethernet driver
e100 Intel(R) PRO/100 Network Driver
snd_pcm Midlevel PCM code for ALSA.
pcspkr PC Speaker beeper driver
battery ACPI Battery Driver
8139cp RealTek RTL-8139C+ series 10/100 PCI Ethernet driver
snd_timer ALSA timer interface
i2c_core I2C-Bus main module
iTCO_wdt Intel TCO WatchDog Timer Driver
mii MII hardware support library
evdev Input driver event char devices
snd Advanced Linux Sound Architecture driver for soundcards.
ac ACPI AC Adapter Driver
iTCO_vendor_support Intel TCO Vendor Specific WatchDog Timer Driver Support
usbcore
soundcore Core sound module
sg SCSI generic (sg) driver
shpchp Standard Hot Plug PCI Controller Driver
snd_page_alloc Memory allocator for ALSA system.
processor ACPI Processor Driver
thermal ACPI Thermal Zone Driver
pci_hotplug PCI Hot Plug PCI Core
intel_agp
button ACPI Button Driver
agpgart AGP GART driver
rtc_cmos Driver for PC-style 'CMOS' RTCs
rtc_core RTC class support
rtc_lib
ext4 Fourth Extended Filesystem
mbcache Meta block cache (for extended attributes)
jbd2
crc16 CRC16 calculations
sr_mod SCSI cdrom (sr) driver
cdrom
sd_mod SCSI disk (sd) driver
ata_piix SCSI low-level driver for Intel PIIX/ICH ATA controllers
ata_generic low-level driver for generic ATA
pata_acpi SCSI low-level driver for ATA in ACPI mode
libata Library module for ATA devices
floppy
scsi_mod SCSI core
Display
Display
Display
Resolution 1600x900 pixels
Vendor The X.Org Foundation
Version 1.6.3.901
Monitors
Monitor 0 1600x900 pixels
Extensions
BIG-REQUESTS
Composite
DAMAGE
DOUBLE-BUFFER
DPMS
DRI2
GLX
Generic Event Extension
MIT-SCREEN-SAVER
MIT-SHM
NV-CONTROL
NV-GLX
RANDR
RECORD
RENDER
SECURITY
SHAPE
SYNC
X-Resource
XC-MISC
XFIXES
XFree86-DGA
XFree86-VidModeExtension
XINERAMA
XInputExtension
XKEYBOARD
XTEST
XVideo
OpenGL
Vendor NVIDIA Corporation
Renderer GeForce2 MX/AGP/SSE2
Version 1.5.8 NVIDIA 96.43.13
Direct Rendering Yes
Processor
Processor
Processor
Name Intel(R) Pentium(R) 4 CPU 1.60GHz
Family, model, stepping 15, 1, 2 (Pentium 4)
Vendor Intel
Configuration
Cache Size 256kb
Frequency 1594.77MHz
BogoMIPS 3190.44
Byte Order Little Endian
Features
FDIV Bug no
HLT Bug no
F00F Bug no
Coma Bug no
Has FPU yes
Cache
Cache information not available
Capabilities
fpu Floating Point Unit
vme Virtual 86 Mode Extension
de Debug Extensions - I/O breakpoints
pse Page Size Extensions (4MB pages)
tsc Time Stamp Counter and RDTSC instruction
msr Model Specific Registers
pae Physical Address Extensions
mce Machine Check Architeture
cx8 CMPXCHG8 instruction
apic Advanced Programmable Interrupt Controller
sep Fast System Call (SYSENTER/SYSEXIT)
mtrr Memory Type Range Registers
pge Page Global Enable
mca Machine Check Architecture
cmov Conditional Move instruction
pat Page Attribute Table
pse36 36bit Page Size Extensions
clflush Cache Line Flush instruction
dts Debug Store
acpi Thermal Monitor and Software Controlled Clock
mmx MMX technology
fxsr FXSAVE and FXRSTOR instructions
sse SSE instructions
sse2 SSE2 (WNI) instructions
ss Self Snoop
ht HyperThreading
tm Thermal Monitor
up smp kernel running on up
pebs Precise-Event Based Sampling
bts Branch Trace Store
Memory
Memory
Total Memory 1034084 kB
Free Memory 94276 kB
Buffers 40536 kB
Cached 700112 kB
Cached Swap 0 kB
Active 170788 kB
Inactive 726844 kB
Active(anon) 74112 kB
Inactive(anon) 88348 kB
Active(file) 96676 kB
Inactive(file) 638496 kB
Unevictable 12 kB
Mlocked 12 kB
High Memory 139144 kB
Free High Memory 252 kB
Low Memory 894940 kB
Free Low Memory 94024 kB
Virtual Memory 2931852 kB
Free Virtual Memory 2931852 kB
Dirty 12 kB
Writeback 0 kB
AnonPages 156996 kB
Mapped 57392 kB
Slab 24260 kB
SReclaimable 18864 kB
SUnreclaim 5396 kB
PageTables 1376 kB
NFS_Unstable 0 kB
Bounce 0 kB
WritebackTmp 0 kB
CommitLimit 3448892 kB
Committed_AS 404212 kB
VmallocTotal 122880 kB
VmallocUsed 27648 kB
VmallocChunk 52368 kB
DirectMap4k 32760 kB
DirectMap4M 876544 kB
Benchmarks
CPU Blowfish
CPU Blowfish
This Machine 1595 MHz 50.176
Intel(R) Celeron(R) M processor 1.50GHz (null) 26.1876862
PowerPC 740/750 (280.00MHz) (null) 172.816713
CPU CryptoHash
CPU CryptoHash
This Machine 1595 MHz 11.071
CPU Fibonacci
CPU Fibonacci
This Machine 1595 MHz 74.202
Intel(R) Celeron(R) M processor 1.50GHz (null) 8.1375674
PowerPC 740/750 (280.00MHz) (null) 58.07682
CPU N-Queens
CPU N-Queens
This Machine 1595 MHz 132.704
FPU FFT
FPU FFT
This Machine 1595 MHz 104.630
FPU Raytracing
FPU Raytracing
This Machine 1595 MHz 212.639
Intel(R) Celeron(R) M processor 1.50GHz (null) 40.8816714
PowerPC 740/750 (280.00MHz) (null) 161.312647
So what I am wanting help with is finding the solution to the cpu usage so that I can use this computer at least until I can afford a new power supply or whatever. I am open to any good suggestions, though I must state I am not really interested in tiling wm's at the moment. I am just not a true minimalist.
Thanks in advance for any and all help. I understand that there is a lot of info in this post, but it is my hope that with this info the problem can be solved. If there is info I didn't provide that is needed, please let me know.also check that you have
session.screen0.opaqueMove false
in your .fluxbox/init this will probably help a bit if it is currently true,
Last edited by Cyrusm (2009-01-26 13:52:13) -
Reading/snooping through backed up files
Hi all - I backed up my Blackberry using BB Desktop software to my Mac about two months ago. I'm giving my Mac to a family member, who is NOSY and I want to make sure they can't recover /snoop through my personal information (backed up texts, MMS's, etc). Is there a way to delete the backed up texts before I give the Mac to them? I don't want them seeing my personal messages/backed up info. Thanks!
Hiya!
no they cannot view it... the backup file... is one file, only actually readable by the desktop software. they cannot simply open the file and browse around it.
1). Please thank those who help you by clicking the beside the 'Reply' button.
2). If your issue has been solved, please resolve it by marking "Accept as Solution" on the correct post!
3). Remember to have fun! We are all in this together!
4). Follow me on -
Solaris 9 U7 (2004/09) MultiLayered Flash Archive issue + solution ?
In Solaris 9 Update 7 (2004/09) the multilayered flash archive installation feature is broken.
I think that this is a known issue:
4945516 Failure of multi-layered archive with Solaris 9 4/03 on Postdeployment process
I manage to flash my archives by changing the following statement found at line 24 of the file
../Solaris_9/Tools/Boot/usr/lib/flash/postdeployment_processing
from
if [ ! -L $FLASH_ROOT/etc/rc2.d/S98flash_reboot ] ; then
to
if [ -L $FLASH_ROOT/etc/rc2.d/S98flash_reboot ] ; then
This issue is addressed in the patch 113434-22
113434-22/SUNWinst/reloc/usr/lib/flash/postdeployment_processing
But the if statement is not the good one.
Is this correct ?
Coco D.Ideas.. Hmm, none which seems that correct, but you could try some things.
If it gets the wrong IP that could explain why it fails to copy the sysidcfg file.
First you could try and do a snoop on the ethernet address;
snoop ether 0:3:ba:14:c6:cd
(you could also try the -v flag to increase the verbosity).
The things you should look for are arp/rarp requests, the jumpstart client will use arp/rarp to determine its IP address, snoop will show you which server that responds, and what address it gets, futher more its a good idea to verify that the response to the bootparams requests comes from the correct server.
Of course there might be other oddnesses as well.
Was the data you provided extracts? If it was you should check the /etc/ethers and /etc/bootparams for duplicates entries, so there are no other occourances of the clients ehternet address in /etc/ethers, and no bogus entries starting with * or the same hostname in /etc/bootparams.
If you added the client manually you could always try and use the Tools/rm_install_client and Tools/add_install_client scripts to add it again, these script sometimes detect problems with the configuration.
Lastly you didn't show us your /etc/nsswitch.conf file, but i assume that it has "files" first for the ethers, hosts and bootparams entries?
Good luck
//Magnus -
Vwlc 7.3.101.0 DHCP issue ?
Hello all,
a wireless client can't get an IP address via DHCP.
The controler is configured as "DHCP bridging mode", the DHCP server is a 3750 on the same L2 segment.
The security part is done by ISE 1.1.3, the client get authenticated successfully and debug on the vwlc says :
(Cisco Controller) >*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP processing DHCP REQUEST (3)
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP xid: 0x7f6910ce (2137592014), secs: 0, flags: 0
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP chaddr: 00:26:4a:fd:ed:a4
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP requested ip: 192.168.10.4
*DHCP Socket Task: Apr 22 17:50:13.445: 00:26:4a:fd:ed:a4 DHCP successfully bridged packet to DS
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP received op BOOTREPLY (2) (len 308,vlan 0, port 1, encap 0xec00)
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP processing DHCP ACK (5)
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP xid: 0x7f6910ce (2137592014), secs: 0, flags: 80
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP chaddr: 00:26:4a:fd:ed:a4
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP ciaddr: 0.0.0.0, yiaddr: 192.168.10.4
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP server id: 192.168.10.1 rcvd server id: 192.168.10.1
*DHCP Socket Task: Apr 22 17:50:13.447: 00:26:4a:fd:ed:a4 DHCP successfully bridged packet to STA
however, the wireless client never get the IP address.
See attached .jpg, the IP address seems to be attached to the wireless client.....
Is anyone could help me please ?
Regards.
TMOk DHCP Snooping was the issue....
The DHCP message response seems to enter back the switch (from the vwlc to the AP ) on the same port it came from.
(the Sw acts as a DHCP server)
Now I have an IP address assign by DHCP but no connectivity though !!! -
WLC 5508 7.0.98.0 has vpn client connection issues
Hi
my guest ssid is set to L2 security none and L3 Web policy and authentication local. clients that need to connect to some vpn server (internet) are reporting disconnection issues with the vpn session but not the wireless network. as soon as they get connected via another wireless internet connection the vpn connection gets stable. that makes me thing is in deed the my wireless network the one causing issues. is there a know issues with the web authentication WLAN and vpn clients? no firewall in the middle.
Exclusionlist.................................... Disabled
Session Timeout.................................. Infinity
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ xxxxxxxxxxxxxxxx
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
--More or (q)uit current module or <ctrl-z> to abort
Quality of Service............................... Bronze (background)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Disabled
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Enabled
ACL............................................. Unconfigured
Web Authentication server precedence:
1............................................... local
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
Band Select...................................... Disabled
Load Balancing................................... DisabledThanks Scott,
We have two controllers and all the APs (50) are associated with the primary Controller,what is the best path to follow for the upgrade.
we don't have Field recoversy image installed on our controller, do we have to do the FSU upgrade?
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.98.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... N/A
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... Airespace_01
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 10.0.0.201
Last Reset....................................... Power on reset
System Up Time................................... 9 days 2 hrs 57 mins 21 secs
System Timezone Location......................... (GMT -6:00) Central Time (US and Canada)
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... Multiple Countries:US,CN,DE,TW,HK
Is the below Upgrade Path make sense ?
1. Upgrade the Primary controller and reboot- wait till all APs associate with primary controller and download the new image
2. Upgrade the secondary controller and reboot
3. Failover the APs to secondary controller and test
Siddhartha
Maybe you are looking for
-
CIN process to enter Excise Invoice for Return Delivery
Folks I would like to know How to process excise invoice for return delivery. We have return sales order, return delivery created and product is received into inventory Customer return Blocked stock (movement 657). Where and How can i enter Excise in
-
How much ram can you put in a Macbook Pro 7,1?
I have what I thought was 2011 macbook pro, but when I just looked it up the 7,1 appears to be a 2010. Anyway, I want to max out the ram. OWC says you can put in 16GB of the DDR3 1066MHz SO-DIMM; here is the link: http://eshop.macsales.com/item/OWC/8
-
IDoc to csv file with required fields
All, I have a source IDoc going to XI. For example it contains source fields SF1 (required), SF2 (required), SF3(optional) and SF4(optional). I want to produce a target file using file content conversion. I want to produce target fields TF1(require
-
Leave Maximum size for messages at default 10MB?
Is that a best practice? 10MB seems small since it as been that size with us for at least 5 years and file sizes and mailboxes are getting larger. I wonder about the time wasted finding other ways send files to external users that may be any size fro
-
Yahoo email not automatically downloading
I've noticed that yahoo emails don't automatically download on my phone anymore - when I launch the mail app (the built-in apple one, NOT the yahoo mail app), then it downloads all new messages, but other than that, they're not getting pushed automat