Switch configuration for AP's

Similar Messages

• Switch configuration for LAPs

  A local mode LAP is broadcasting WLANs that use VLAN10, VLAN20, and VLAN30.  The switchport the LAP is connected to is configured in access mode.  Do VLANs 10, 20 & 30, need to be configured on the switch? 

  No,
  You need to configure the WLC port as trunk and allow these vlan to this port.
  Example:
  WLC:
  interface GigabitEthernet1/0/1
  description Trunk Port to Cisco WLC
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 10,20,30
  switchport mode trunk
  AP:
  interface GigabitEthernet1/0/22
  description Access Port Connection to Cisco Lightweight AP
  switchport access vlan 10 ------> in which vlan AP getting ip
  switchport mode access
  no shutdown
  Regards
  Dont forget to rate helpful posts

• Switch port configuration for 3500i AP

  Hi,
  We are due to install a brand new enterprise WLAN based on the WiSM2 platform, 3502i AP and WCS. The APs will be plugged into the 2960S-24TPS-L.
  I have scanned over all documentation and cannot for the life of me find a recommended switch port configuration for connecting the AP to the switch in terms of speed / duplex etc. For example, should I just configure the port to auto detect, or is forcing the speed / duplex the way to go. I could also do with knowing other best practice configurations for AP connectivity.
  Any help would be greatly appreciated.
  Chris.

  The AP comes online with just auto detect, but I want to know if there are any benefits to forcing this to 1Gbps / Full duplex, or even if this is the right way to go. I suspect auto detect is the best method.

• Cisco tool for building router/switch configurations

  Is there a tool on Cisco website that lets you build your own configurations of Cisco routers etc prior to you purchasing them? i.e. Giving you a complete list of part IDs ?

  Hi
  Your question is not clear , if you asked about a tool which can help you to do a configuration for your purchase order for routers , switches , any solution for Cisco . You can configure your chassis , cards , SFPs, Power , and so on. Please use the below link:-
  https://cisco-apps.cisco.com/cisco/psn/commerce
  Thank you
  please rate all useful infomration

• WAAS Configuration for 3750 Switch

  I am configuring a 3750 switch with 12.2(52)SE according to:
  (from https://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_52_se/configuration/guide/3750_scg.pdf )
  This example shows how to configure SVIs and how to enable the web cache service with a multicast group list. VLAN 299 is created and configured with an IP address of 175.20.20.10. Gigabit Ethernet port 1 is connected through the Internet to the web server and is configured as an access port in VLAN 299. VLAN 300 is created and configured with an IP address of 172.20.10.30. Gigabit Ethernet port 2 is connected to the application engine and is configured as an access port in VLAN 300. VLAN 301 is created and configured with an IP address of 175.20.30.50. Fast Ethernet ports 3 to 6, which are connected to the clients, are configured as access ports in VLAN 301. The switch redirects packets received from the client interfaces to the application engine.
  Note Only permit ACL entries are being used in the redirect-list; deny entries are unsupported.
  Switch# configure terminal
  Switch(config)# ip wccp web-cache 80 group-list 15
  Switch(config)# access-list 15 permit host 171.69.198.102
  Switch(config)# access-list 15 permit host 171.69.198.104
  Switch(config)# access-list 15 permit host 171.69.198.106
  Switch(config)# vlan 299      WEB  SERVER
  Switch(config-vlan)# exit
  Switch(config)# interface vlan 299
  Switch(config-if)# ip address 175.20.20.10 255.255.255.0
  Switch(config-if)# exit
  Switch(config)# interface gigabitethernet1/0/1
  Switch(config-if)# switchport mode access
  Switch(config-if)# switchport access vlan 299
  Switch(config)# vlan 300 WAE
  Switch(config-vlan)# exit
  Switch(config)# interface vlan 300
  Switch(config-if)# ip address 171.69.198.100 255.255.255.0
  Switch(config-if)# exit
  Switch(config)# interface gigabitethernet1/0/2
  Switch(config-if)# switchport mode access
  Switch(config-if)# switchport access vlan 300
  Switch(config-if)# exit
  Switch(config)# vlan 301 CLIENTS
  Switch(config-vlan)# exit
  Switch(config)# interface vlan 301
  Switch(config-if)# ip address 175.20.30.20 255.255.255.0
  Switch(config-if)# ip wccp web-cache redirect in
  Switch(config-if)# exit
  Switch(config)# interface gigabitethernet1/0/3 - 6
  Switch(config-if-range)# switchport mode access
  Switch(config-if-range)# switchport access vlan 301
  Switch(config-if-range)# exit
  ===================================================================
  Question:  How do I configure my WAE to play nicely with this switch?

  Hi James,
  Here is the link to WCCP config part on WAE:
  http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v441/configuration/guide/traffic.html#wp1041742
  In your case, if my understanding is right, VLAN300 is where you want to connect WAE and WAE is also L2 adjacent. if that is true, here is the config you need on WAE:
  wccp router-list 1 171.69.198.100
  wccp tcp-promiscuous router-list-num 1 l2-redirect mask-assign l2-return
  wccp version 2
  Please note that 3750 supports L2 redirection only with redirect IN statements on 3750 interfaces connected to servers and clients.
  Hope this helps.
  Regards.

• Is it possible to run TWO parellel configurations for one Object??

  SAP Gurus,
  We have a strange requirement from the client to have to configurations established in the system for one configuration object.
  Without taking much of your time let me paraphrase the requirements.
  The client is having two different types of putaway strategies in their current business process. And they toggle between these putaway strategies by reaching out to their production support group and they make configuration changes to have the other put away strategy
  One Step Putaway: GR area --> High Rack Storage
  Two Step Putaway: GR area --> Interim storage (area at the end of each aisle of high rack storage) --> High Rack
  Client wants to have two parallel configurations for both of these put away strategies and needs an ability to switch from one to another. This switching ability should be accessed from SAP screen without any IT intervention (no configuration)
  -  Switching ability should allow the warehouse manager to change from one step to two step put away strategies without any IT intervention.
  -  Switching ability should be accessed my SAP Screen (Z-transaction or something with a radio button to toggle around)
  Is it possible to have two configuration made for Putaway Strategies and switch them on/off depending on the warehouse needs??
  Your invaluable feedback on this will be highly appreciated.
  Thanks again folks,
  Dhaval
  Edited by: Dhaval Joshi on Mar 4, 2008 12:09 PM

  Q1--I don't believe it is possible. An organization can have multiple licenses tied to its main email address, for example, but then they are assigned to the individual users.
  Q2--Yes, you would just need to log out of your account within the CC desktop app prior to logging in on the other account.
  If you have any questions, feel free to reach out.

• "Server either does not have a virtual switch configured or none of the configured virtual switches have an IP address assigned" error driving me nuts!

  OK; have been trying to setup a test VM based RDS deployment for a few days now with no luck.
  this error mentioned above:
  "Server <server name> either does not have a virtual switch configured or none of the configured virtual switches have an IP address assigned" error is driving me nuts!
  I have removed and re-added the RD Virtualization Host role numerous times, each time having the "create a virtual switch" checkbox selected, but it did NOT create any virtual switch.
  I created the external virtual switch manually and tried to create the desktop collection again, no luck with the same error.
  a few questions:
  1. you don't assign IP to a switch! you assign IP to Network Interfaces. why does the error puts it like this?! it is technically wrong.(yeah yeah I know all about how you'd assign IP to managed switches in real world to telnet into them and manage them.
  you know better than me that it is not the case here!)
  2.the RDS Virtualization hosts are using their wifi card as the card for the virtual switch. could that be the reason? I even disabled their unplugged wired NIC just to make sure that the wifi is the only available option for the RDS wizard to use for the
  virtual switch creation; but it didn't use it and it didn't create any virtual switch automatically.
  3.if WIFI nic is indeed the reason, is it your suspension or an official documents is there somewhere stating so (that the WIFI NICS on a Virtualization hosts are not supported as the hub for a virtual switch).
  4.what are the properties of the virtual switch the RDS requires? does it have to be external? why can't it work even with my manually created external switch?
  5.how would I fix it?
  P.S: the environment is made up of 2 laptops, having windows 2012 R2 trial installed on them, using their wifi to connect to the out world. no cable is plugged into their wired NIC card.

  Hi,
  Thank you for posting in Windows Server Forum.
  The simplest short term solution was to connect each computer to a small switch that had no other connectivity. This brought up the link light on the external NIC and allowed the creation of the collection to complete. You need to use an external switch. You
  can create one external switch which might fix the problem.
  Please check below article for information.
  VDI Deployment Error About Virtual Switch
  In addition please referthis article for information regarding virtual switch.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• ISE 1.2, Supplicant configured for 802.1x but need to MAB

  I posted this yesterday but deleted the thread thinking I had fixed the issue - alas I was wrong. In summary I have a scenario where I am doing wired 802.1x and also wired MAB/CWA. The issue is that a certain number of external/BYOD hosts have supplicants configured for 802.1x at their "home" organisations which for obvious reasons can't authenticate on this network. The idea is that MAB and CWA become a fallback but these hosts in question don't efficiently fail to MAB.
  If the host has validate server certificates enabled (and doesn't have our root selected) then 802.1x fails and goes to MAB as per the tx timers etc. Hosts that don't validate certificates essentially fail authentication, abandon the EAP session and start new... this process seems to continue for a very long time.
  Does anyone have any similoar experiences and if so can you provide some info? I am looking into tweaking 802.1x port timers to make this fail quicker/better but am not confident this will fix the issue.
  Thanks in advance

  Maybe the held-period and quite-period parameters would help.  I would not change the TX period to anything shorter than 10 seconds.  Every cisco doc that I have ever seen has said this same recomendation and I can tell you from experience you will have devices at times that will authenticate via MAB when you dont want them to if you decrease lower than 10 seconds. 
  Read this doc for best pratices including the timers listed below.  
  I hope this link works.  http://d2zmdbbm9feqrf.cloudfront.net/2014/eur/pdf/BRKSEC-3698.pdf
  If not goto www.ciscolive365.com (signup if you havn't already) and search for
  "BRKSEC-3698 - Advanced ISE and Secure Access Deployment (2014 Milan) - 2 Hours"
  Change the dot1x hold, quiet, and ratelimit-period to 300. 
  held-period seconds
  Configures the time, in seconds for which a supplicant will stay in the HELD state (that is, the length of time it will wait before trying to send the credentials again after a failed attempt). The range is from 1 to 65535. The default is 60.
  quiet-period seconds
  Configures the time, in seconds, that the authenticator (server) remains quiet (in the HELD state)
  following a failed authentication exchange before trying to reauthenticate the client. For all platforms except the Cisco 7600 series Switch, the range is from 1 to 65535. The default is 120.
  ratelimit-period seconds
  Throttles the EAP-START packets that are sent from misbehaving client PCs (for example, PCs that send EAP-START packets that result in the wasting of switch processing power). The authenticator ignores EAPOL-Start packets from clients that have successfully authenticated For the rate-limit period duration. The range is from 1 to 65535. By default, rate limiting is disabled.

• Dynamic configuration for the application

  I'm a newbie and trying to evaluate JSF. I took part in a project with struts framework and i could say i don't like struts cause of some limitation and i suspect that JSF has the same limitation. First of all, there are JSP pages. I can't use JSP pages/templates stored somewhere else except web application. I'd like to store my templates in the database. This will give me ability to add/change/remove jsp page without redeploying war-archive. Yes, i can use exploded war-archive and add JSP pages straight into file system, but i don't like this way. Next problem is the configuration file like struts-config (faces-config, whatever). I have to write down all my navigation logic and beans mapping to this file and it's really annoying me. This kind of project requires dynamic configuration for the all web application and i'd like to add/change/remove pages, beans, actions without restarting/reconfiguring webapp. Today, I looked thru documentation and source code and found that FactoryFinder class could use my own classes but i'm not sure it will be enough for the dynamic configuration for the beans. In any case, it's a huge problem with the templates.
  Right now i'm thinking about 1(one) JSP with XML/XSLT rendered HTML content and JSF for event/action handling. I mean, i'll use XSLT to render dynamic content and JSF for dispatching events. In that case i have to render form tag names in the HTML as JSF engine (i'm not sure if it possible). If it will take a lot of time to do this i'll have to switch a home-grown framework.
  So, i really need advices how to implement this sort of dynamic behavior in the web application.
  regars,
  anton

  A lot of what you're seeing are genuine limitations, but happily, JSF is so pluggable that you can overcome them.
  JSPs are problematic in exactly the way you describe - unless your app server has support for pulling JSPs out of a database, etc., you're SOL. JSF, however, lets you use something other than JSPs by replacing the ViewHandler. That's a fair bit of work, but it is doable.
  For navigation logic, you'd replace the NavigationHandler. As long as you're willing to write the code that can pull navigation rules from an external source, life is good.
  For managed beans, all you need to replace is the VariableResolver - again, if you can pull the rules from an external source, you have full control.
  This is all far from easy - and it's a huge amount of work for one person - but I'd imagine these pieces will become available from various sources. A core goal of JSF 1.0 was making the framework as a whole pluggable so that others can innovate on top of the framework.
  -- Adam Winer (EG member)

• Switch configuration urgent help (edge and core)

  hi
  i have new project in with the bellow product :
  20 X WS-C2960-24TC-S
  2 X WS-C3750X-48T-S
  2 X WS-C2960S-24TS-S
  i need to configure this switch in order to work without having vlan, first the 2 core switch for redundancy, then each catalyst switch 2960(edge Switch) connected to the two core with 2 uplink each uplink will be connected to single core switch(i have 2 core switch and i want to configure it in stack mode redundancy) 
  i need help to configure this switch to work perfectly with each other in best redundancy mode any configuration for this switch will be very helpfull for me
  thank you

  Hey,
  This is a very open question but i believe the document below is a good point to start:
  http://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Small_Enterprise_Design_Profile/chap2sba.pdf
  HTH.
  Regards,
  RS.

• Optimal configuration for Cisco E3000 Router

  Hi All,
  Following are the details of my current home network setup, I would like to hear more recommendations and drawbacks of this setup.
  ISP has provided with a Cisco  DPC3825 DOCSIS 3.0 Gateway which has 4 Ethernet ports and a wireless networking but only 2.4 GHz.. This router is connected to the cable CPE box to internet. I have enabled the Firewall features of this router and disabled the Wireless network. This has also the DHCP server running. 
  The Second router is a Cisco E3000 which supports 2.4 GHz / GHz wireless networking. Connection to gateway is made via the 1st Ethernet port of gateway and then to the Internet port of E3000 router. I have connected my wireless devices to E3000 with GHz wifi lan. This router also has the firewall activated and DHCP server running as well.
  Both routers have WEP2 Personal / AES security configured. Currently these two devices are on two different IP ranges ..etc gateway is 192.168.0.1 and e3000 is 192.168.1.1.
  The E3000 is primarily configured for my online video for TV (Panasonic Vireacast). Please let me know if this is the best configuration or any other possible options.
  Thanks,
  RG

  This configuration is called LAN to WAN configuration and this is the best configuration considering that you want to behave both the router as a router.
  Because the other confiuration would be LAN to LAN then you can only use 1 router as a router and 2nd router as a switch.
  http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&docid=529c188bc0ee4f7da79ffc22f2be33ec_4579.xml&pid=80&r...
  The first configuration in the article is is LAN to LAN, scroll down the window for LAN to WAN configuration.

• Switch support for NAC CCA for 6500 series switch

  per the 4.0 document "switch support for Cisco NAC" there is a note that says
  Catalyst 6000/6500 on IOS do not support mac-notification
  Does this mean you cannot deploy layer 2 OOB mode, as snmp notification to the CAM will not happen with the 6k platform?

  Probably, the configuration guide will give you better idea about your problem.
  http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_book09186a00803f5611.html

• Invalid configuration for device 3

  Hi all,
  I have set up a nested lab with three esxi hosts and two datastores connected with Microsoft iscsi target server. I know nested vm's are not supported but I am trying to set up this lab because I am supporting a real VMware environment and I would like to be able to test certain things before I break anything so it is important. I get this error when trying to create a VM "invalid configuration for device 3".  Anyone know how I can find out where the problem is?
  Thanks

  Please provide some more details about the environment, i.e. nested on what (VMware Workstation, ESXi, ...) Which version (host OS, guest OS, Hypervisors) do you use? How did you configure  networking for the nested hosts (stanard vSwitch, Distributed switches)? What may help are the configuration (.vmx) files for the nested ESXi hosts, so please attach them to a reply post.
  André
  Note: Discussion moved from vSphere Newbie to Nested Virtualization

• What is the recommenden access port QoS configuration for 8900/9900 video enabled phones

  Hi all,
  we are currently starting to roll out some video enabled 9900 and 8900 phones in our network. In the past we did not use video and configured the access ports on our Catalyst 2960 switches with "auto qos voip ciscp-phone". This however creates a policy which does not include a class-map to correctly handle the AF41 video traffic coming from those phones. I have thougth about extending the autoqos policy with a AF41 class-map but am not sure if this is the right way to do it. 
  That's what I have in mind:
  class-map match-all AUTOQOS_VIDEO_DATA_CLASS
    match ip dscp af41
  class-map match-all AUTOQOS_VOIP_DATA_CLASS
    match ip dscp ef
  class-map match-all AUTOQOS_DEFAULT_CLASS
    match access-group name AUTOQOS-ACL-DEFAULT
  class-map match-all AUTOQOS_VOIP_SIGNAL_CLASS
    match ip dscp cs3
  policy-map AUTOQOS-SRND4-CISCOPHONE-POLICY
   class AUTOQOS_VOIP_DATA_CLASS
     set dscp ef
    police 128000 8000 exceed-action policed-dscp-transmit
   class AUTOQOS_VIDEO_DATA_CLASS
     set dscp af41
    police 1500000 8000 exceed-action policed-dscp-transmit
   class AUTOQOS_VOIP_SIGNAL_CLASS
     set dscp cs3
    police 32000 8000 exceed-action policed-dscp-transmit
   class AUTOQOS_DEFAULT_CLASS
     set dscp default
    police 10000000 8000 exceed-action policed-dscp-transmit
  How do you guys do it ? Is there some documentation for this ? 
  Thank you for your kind help
  best regards
  Andreas

  Hi
  You have to keep this table on your mind. Your configuration is fine if your configuration for SD video , but if for HD video , it is not ok you have to change video bandwidth at least 5M.
  Traffic Type
  Layer 2 CoS
  Layer 3 IP Precedence
  Layer 3 DSCP
  Voice RTP1
  5
  5
  EF
  Voice control
  3
  3
  AF31
  Video conference
  4
  4
  AF41
  Streaming video (IP/TV)
  1
  1
  AF13
  Data
  0-2
  0-2
  0-AF23
  *Interactive Video "AF41"- Sensitive but can tolerate packet loss of about 1% and latency almost same as voice.
  *Streaming Video "AF13" - Less sensitive - can tolerate about 4-5% packet loss and latency of about 4-5 seconds.
  *HD video conference will require between 5M to 16M , but SD video conference will use 384K to 1 M
  Note:-Video QOS , if you will assume that your video conference will use around 384K , you have to add 20% because video conference include voice so the total bandwidth 460K.
  Kindly check the below link
  http://www.sdcug.com/wp-content/uploads/2011/04/Campus-QoS-for-Voice-and-Video.pdf
  Thanks
  please rate all useful information

• QoS Configuration for NME-AIR-WLC

  Hello,
  I have a question on the correct QoS configuration for a VoIP deployment. I have followed the steps referenced here but have two questions..
  1) The last recommendation in the list is to set DCA channel sensitivity to High to avoid changes during business hours. I think this should be Low? The manual states "Low—The DCA algorithm is not particularly sensitive to environmental changes."
  2) The recommendation is to trust dscp on AP uplinks and to trust cos on the WLC uplink. However I can't find any configuration guidelines for configuring QoS if the WLC in question is an NME hosted in a 2921.
  2a) The link between the switch and the 2921 is an 802.1q trunk so should I trust cos on this link rather than dscp?
  2b) What configuration should be on the 2921? Create a policy-map and apply it to the uplink port?
  2c) Should there be a service policy assigned to the In1/0 interface for the WLC itself?
  Any thoughts appreciated.
  Thanks,
  Dave

  Well I appear to have answered question 2 after I stopped being lazy and did some packet captures.
  No configuration required on 2921 as packets captured from In1/0 and Gi0/0 show correct DSCP markings on RTP and SCCP packets.
  Would still be interested to know on question 1 though.