VLAN issue in BE6000
Hi
iam having BE6K Server, i am trying to configure CUCM , the BE6K is connected to Core Switch with VLANS for VM and VLAN for CIMC and Managment
Problem:- 1)I have configured CIMC and Managment in VLAN 100
2)VM(CUCM) in VLAN 1
BUt when i try to configure CUCM in VLAN 1(192.168.1.X/24) i am not able to get configure it the network connection settings Fail , i am able to ping the VLAN 1 gateway from BE6K but i am not able to ping the CUCM VM as it is not passing the Network Configration Test duing Installation
There is VLAN option but some how the BE6K does not support 2 VLANS
Can any one tell me is it possible to confgiure Managment and CIMc is one vlan and Virtual Machines(CUCM,Unity ) in another VLAN
Thanks in advance
The NIC that connects your CIMC needs to connect to an access port on the switch in the correct VLAN.
For your virtual machines (CUCM etc) if you want to use VLANs then you need to configure a trunk port on your switch and ensure you setup the VLANs correctly on your virtual network adapters.
Have a look here:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003806
Hope that helps!
Matty
Similar Messages
-
7936 not showing software version and vlan issue
I have a 7936 that does not show the software version. I have installed the newest load on the callmanager, but still cannot see what version it is running on the phone.
My main issue with the phone is that I have to set the switchport access vlan to the voice vlan, if I try to let the phone use the swithport voice vlan, it will pull an IP address off of the data vlan and not the voice vlan.
Any help with either of these issues would be greatly appreciated. I do rate all helpful posts.
Thanks,
RobertHi Robert,
Here is some info that may help;
Verifying Firmware Version Information
You can obtain information about the firmware version installed on the IP Conference Station.
Follow these steps to verify the firmware version on an IP Conference Station:
Step 1 Press the Menu button.
Step 2 Press the Up or Down scroll button to select the Admin Setup menu.
Step 3 Press the Select button.
Step 4 Enter the administrator password. (The default administrator password is **#.)
Step 5 Press the Enter softkey.
Step 6 Press the Up or Down scroll button to select System Information.
Step 7 Press the Select button.
Step 8 Press the Up or Down scroll button to select SW Version.
The firmware version number is displayed.
Or if that is not working try accessing this way;
Using the Web Interface
Follow these steps to access the Cisco IP Conference Station 7936 web interface:
Step 1 Open your web browser.
Step 2 In the address field enter:
http:// IP address of the IP Conference Station:
Configuration information applies to the specific IP Conference Station associated with the IP address you enter.
Note If you changed the HTTP port number, you need to use that number as a suffix to the IP address. If you did not change the HTTP port number, then you do not need to enter a suffix.
The web interface appears, and the initial login page is displayed.
Step 3 To log in as the administrator, enter the administrator password and click Login.
The default administrator password is **#.
Note When logged in to the IP Conference Station web pages, the web pages will time out after approximately 20 minutes of inactivity. You will then have to log back in.
Step 4 To log off, click Administrator Logout.
Information Available on All Web Pages
The top right portion of the Cisco IP Conference Station 7936 web interface includes a separate section that displays consistent information for all of the web pages.
This section contains the following information; example text appears next to each item in the list:
Software Version: 3.3(2.00)
Protocol Type: SCCP
Boot Load ID: PC0503031418
Application Load ID: CMTERM_7936.3-3-2-0
IP Address: 10.1.1.11
MAC Address: 00c742655892
Local Number: 2022
As far as the VLAN issue goes, this has always been the case for our 7935's as well and I'm sure the 7936 is the same.
Switchport mode access
Switchport access VLAN XXX
Hope this helps!
Rob
Please remember to rate helpful posts........ -
QoS / Native VLAN Issue - Please HELP! :)
I've purchased 10 Cisco Aironet 2600 AP’s (AIR-SAP2602I-E-K9 standalone rather than controller based).
I’ve configured the WAP’s (or the first WAP I’m going to configure and then pull the configuration from and push to the others) with 2 SSID’s. One providing access to our DATA VLAN (1000 – which I’ve set as native on the WAP) and one providing access to guest VLAN (1234). I’ve configured the connecting DELL switchport as a trunk and set the native VLAN to 1000 (DATA) and allowed trunk traffic for VLAN’s 1000 and 1234. Everything works fine, when connecting to the DATA SSID you get a DATA IP and when you connect to the GUEST SSID you lease a GUEST IP.
The problem starts when I create a QoS policy on the WAP (for Lync traffic DSCP 40 / CS5) and try to attach it to my VLAN’s. It won’t let me attach the policy to VLAN 1000 as it’s the native VLAN. If I change VLAN 1000 on the WAP to NOT be the native VLAN I can attach the policies however wireless clients can no longer attach to either SSID properly as they fail to lease an IP address and instead get a 169.x.x.x address.
I'm sure I'm missing something basic here so please forgive my ignorance.
This is driving me insane!
Thanks to anyone that provides assistance. Running config below and example of the error...
User Access Verification
Username: admin
Password:
LATHQWAP01#show run
Building configuration...
Current configuration : 3621 bytes
! Last configuration change at 02:37:59 UTC Mon Mar 1 1993 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LATHQWAP01
logging rate-limit console 9
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
no ip routing
dot11 syslog
dot11 vlan-name Data vlan 1000
dot11 vlan-name Guest vlan 1234
dot11 ssid LatitudeCorp
vlan 1000
authentication open
authentication key-management wpa version 2
wpa-psk ascii
dot11 ssid LatitudeGuest
vlan 1234
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii
crypto pki token default removal timeout 0
username admin privilege 15 password!
class-map match-all _class_Lync0
match ip dscp cs5
policy-map Lync
class _class_Lync0
set cos 6
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
stbc
station-role root
interface Dot11Radio0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
no dfs band block
stbc
channel dfs
station-role root
interface Dot11Radio1.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface GigabitEthernet0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
service-policy input Lync
service-policy output Lync
interface BVI1
ip address 10.10.1.190 255.255.254.0
no ip route-cache
ip default-gateway 10.10.1.202
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
transport input all
end
LATHQWAP01#conf
Configuring from terminal, memory, or network [terminal]? t
Enter configuration commands, one per line. End with CNTL/Z.
LATHQWAP01(config)#int dot11radio1.1000
LATHQWAP01(config-subif)#ser
LATHQWAP01(config-subif)#service-policy in
LATHQWAP01(config-subif)#service-policy input Lync
set cos is not supported on native vlan interface
LATHQWAP01(config-subif)#Hey Scott,
Thank you (again) for your assistance.
So I' ve done as instructed and reconfigured the WAP. I've added an additional VLAN (1200 our VOIP VLAN) and made this the native VLAN - so 1000 and 1234 are now tagged. I've configure the BVI interface with a VOIP IP address for management and can connect quite happily. I've configured the connecting Dell switchport as a trunk and to allow trunk vlans 1000 (my DATA SSID), 1200(native) and 1234 (MY GUEST SSID). I'm now back to the issue where when a wireless client attempts to connect to either of my SSID's (Guest or DATA) they are not getting a IP address / cannot connect.
Any ideas guys? Forgive my ignorance - this is a learning curve and one i'm enjoying.
LATHQWAP01#show run
Building configuration...
Current configuration : 4426 bytes
! Last configuration change at 20:33:19 UTC Mon Mar 1 1993 by Cisco
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LATHQWAP01
logging rate-limit console 9
enable secret 5
no aaa new-model
no ip source-route
no ip cef
dot11 syslog
dot11 vlan-name DATA vlan 1000
dot11 vlan-name GUEST vlan 1234
dot11 vlan-name VOICE vlan 1200
dot11 ssid LatitudeCorp
vlan 1000
authentication open
authentication key-management wpa version 2
mobility network-id 1000
wpa-psk ascii
dot11 ssid LatitudeGuest
vlan 1234
authentication open
authentication key-management wpa version 2
mbssid guest-mode
mobility network-id 1234
wpa-psk ascii
no ids mfp client
dot11 phone
username CISCO password
class-map match-all _class_Lync0
match ip dscp cs5
policy-map Lync
class _class_Lync0
set cos 6
bridge irb
interface Dot11Radio0
no ip address
encryption vlan 1000 mode ciphers aes-ccm
encryption vlan 1234 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
stbc
mbssid
station-role root
interface Dot11Radio0.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio0.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 spanning-disabled
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1
no ip address
encryption vlan 1000 mode ciphers aes-ccm
encryption vlan 1234 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
peakdetect
no dfs band block
stbc
mbssid
channel dfs
station-role root
interface Dot11Radio1.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 spanning-disabled
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0
no ip address
duplex full
speed auto
interface GigabitEthernet0.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 spanning-disabled
no bridge-group 254 source-learning
service-policy input Lync
service-policy output Lync
interface BVI1
mac-address 881d.fc46.c865
ip address 10.10. 255.255.254.0
ip default-gateway 10.10.
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
login local
transport input all
sntp server ntp2c.mcc.ac.uk
sntp broadcast client
end
LATHQWAP01# -
Strange VLAN issue on aironet access points
I'm setting up some access points for WPA. I've ran into a strange issue. The client VLAN (VLAN that the users will be put into) is 1, and the native VLAN is 10. The RADIUS server is in VLAN 1 (but I have a test RADIUS server in VLAN 10 as well). I can connect from the access point to a RADIUS server in either VLAN, and from the RADIUS servers to the access point as well. When I point to a RADIUS server in VLAN10 authentication works fine. If I point to a RADIUS server that is located in VLAN1, and I put the wireless clients in VLAN10 it works fine. But for some reason when I have the RADIUS server and the clients in VLAN (1) and the native (BVI1) interface in VLAN 10 the authentication packets never seem to get to the RADIUS server. It is as if the authentication is being sources out of the wrong VLAN. I can?t find any docs to say that this isn?t a supported configuration.
Hi Shannon,
have a look here:
http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml#apconfig
- - - Snipp - - -
Significance of Native VLAN
When you use an IEEE 802.1Q trunk port, all frames are tagged except those on the VLAN configured as the "native VLAN" for the port. Frames on the native VLAN are always transmitted untagged and are normally received untagged. Therefore, when an AP is connected to the switchport, the native VLAN configured on the AP must match the native VLAN configured on the switchport.
Note: If there is a mismatch in the native VLANs, the frames are dropped.
This scenario is better explained with an example. If the native VLAN on the switchport is configured as VLAN 12 and on the AP, the native VLAN is configured as VLAN 1, then when the AP sends a frame on its native VLAN to the switch, the switch considers the frame as belonging to VLAN 12 since the frames from the native VLAN of the AP are untagged. This causes confusion in the network and results in connectivity problems. The same happens when the switchport forwards a frame from its native VLAN to the AP.
- - - Snapp - - -
Best regards,
Frank -
The device doing the routing between the vlans should know how to get to each vlan, either by explicit or dynamic routes being set to the ingress/egress point of this vlan. Or by being directly connected, so the routing device would Ideally in a small network on one site would have an IP in vlan 200 and be the default gateway, and ip for communication on the original network and an ip to communicate with the firewall or if firewall is inbuilt on the internet. You should have a route for 0.0.0.0 set to the external next hop. Start from the device doing the routing and see if it can ping devices in each subnet.
From there ensure the default gateway for the devices are on the same vlan and in the same subnet as the vlan interface for the device doing the routingOk, so I have asked vlans questions before and I thank you all for your help.My issue today is odd. I've scratched my brain for awhile on this.Here is the scenario.I added VLAN 200 to our router and all switches in the house.Gateway is the router at 10.20.x.1Only thing that has changed hardware wise is I added a HP 2920 for a SAN/Vmware implementation.I am not able to ping/communicate with devices in VLAN 200 from other VLANs.If I try from my PC which is in VLAN122, I can only ping the router/gateway 10.20.x.1If I setup a laptop in VLAN200 and plug into our "main switch" which the router is connected to directly, I can ping the VLAN200 devices, but I CANNOT ping the router interface of 10.20.x.1It makes no sense to me at all, and I have had a reliable IT contact look at the issue as well, and it's been a hassle.I need to access VLAN200...
This topic first appeared in the Spiceworks Community -
Nexus 1010 + 1000v control vlan issue
Hi,
I have Nexus 1000v installed on nexus 1010. The nexus 1010 is in cluster and working fine. I have made network uplink option 3.
My VSM is configured to be on L3 mode. Hence I set control and packet vlan to 1 (on vsm). while creating the VSB too I have choosen control and packet vlan to be 1 (keeping in mind my mode will be L3).
Now The vsm is not coming up in HA. The redandancy log says degraded mode is true.
Is it because, the control packet coming from VSM after reaching the N1010, the packets are getting tagged with vlan 1. Since I have not set any native vlan on 1010, might be control vlan 1 is also tagged one. Is it this the case ?
help needed on this issue.
regards
Prasad KControl vlan is a totally seperate VLAN then your System Console. The VLAN just needs to be available to the ESX host through the upstream physical switch and then make sure the VLAN is passed on the uplink port-profile that you assign the ESX host to.
We only need an interface on the ESX host if you decide to use L3 control. In that instance you would create or use an existing VMK interface on the ESX host. -
1532 Autonomous Outdoor link DFS and vlans issue
Hi all,
I have a fresh installation of a Point to Point (1km distance) link using autonomous Aps 1532 and directional antennas 14dbi.
The regulatory domain is Europe and the only usable channels are 100 104 108 112 116 132 136 140 (DFS channels).
The link is near military area and DFS is triggered very often which causes frequent disconnections near every minute.
From the logs i see that there is no available channel:
%DOT11-6-DFS_TRIGGERED: DFS: triggered on frequency 5540 MHz
%DOT11-2-NO_CHAN_AVAIL_NON_OCCP: Interface Dot11Radio1, no channel available.
So if all channels are occupied by the radars why carrier busy test does show anything?
ROOT#dot11 dot11Radio 1 carr bu
Frequency Carrier Busy %
5500 0
5520 0
5540 0
5560 0
5580 0
5660 0
5680 0
5700 0
The second issue is regarding vlans.
3 Vlans: Data vlan 1 ,Voice vlan 2 , Management vlan 100 (native vlan for bridging).
After rebooting the non-root bridge data vlan 1 doesn't works even though management and voice are ok.
The workaround i found is to manually change the bridge group to different number.
After the change connectivity is comes back... (maybe bug???)
interface Dot11Radio1.2
encapsulation dot1Q 2
bridge-group 2
bridge-group 2 spanning-disabled
interface Dot11Radio1.4
encapsulation dot1Q 1
bridge-group 4
bridge-group 4 spanning-disabled
interface Dot11Radio1.100
encapsulation dot1Q 100 native
bridge-group 1
bridge-group 1 spanning-disabled
Any thoughts?
Best regards,
Christos.Below is the output from one of my APs in the -E regulatory domain:
Carrier Set: ETSI (OFDM) (EU) (-E)
Uniform Spreading Required: Yes
Configured Frequency: 0 MHz Channel 0
Allowed Frequencies: 5180(36) 5200(40) 5220(44) 5240(48) 5260(52) 5280(56) 5300(60) 5320(64) 5500(100) 5520(104) 5540(108) 5560(112) 5580(116) 5660(132) 5680(136) 5700(140)
Listen Frequencies: 5180(36) 5200(40) 5220(44) 5240(48) 5260(52) 5280(56) 5300(60) 5320(64) 5500(100) 5520(104) 5540(108) 5560(112) 5580(116) 5660(132) 5680(136) 5700(140) 5745(149) 5765(153) 5785(157) 5805(161) 5825(165)
It seems to be a limitation of the 1530 series:
http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-1530-series/data_sheet_c78-728356.html
Frequency Band and 20-MHz Operating Channels
-E Domain:
● 2.401 to 2.4835 GHz; 13 channels
● 5.470 to 5.725 GHz; 8 channels
Regarding your issue with vlan 1, I can't see anything wrong in your configuration. This could indeed be a bug. I made a little research in the bug tool, but couldn't find anything related.
However, you should check the following before opening a case with the TAC:
check the logs from the AP immediately after a reboot
check your switch port status on each side
Is the bridge setting a loop in your network? I have worked on architectures with redundant wireless bridge uplinks using STP. A STP blocked port for vlan 1 could be a lead in that case.
Moreover, in your configuration, I can't see the usual bridge-group configuration under your subinterfaces. Not sure if this is of any use here as you have a 1532 AP, but I would try to add it for each subinterface:
interface GigabitEthernet0.100
encapsulation dot1Q 100 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface Dot11Radio0.100
encapsulation dot1Q 100 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled -
Hi
I have different vlans spread out edge switches, recently i had issues with a specific vlan. some switchports that are assigned to this vlan stop working, they appear connected ( green ) but don't respond to ping requests even with clients on the same vlan, actually they are access control readers also they can't communicate with their controller. I tried my laptop on the same switchports with ip of the same vlan i still cannot ping to any thing except my gateway ( virtual interface) on core switch. when i use these switchports with another vlan they just working normally !!
any help ?Hi saad.mahmoud,
I'm trying to understand the issue you're having and need some clarification. What do you mean by the switchports stopped working? Can a host connected to one of these edge switches, assigned to the specific VLAN, ping the SVI on the same edge switch?
Are only some switchports assigned to this specific VLAN are having problems, or is it all ports assigned to the VLAN? -
i have only 2 ports on my 1811 and I am already using 1 so can i still do VLAN thing and inter vlan using that single port. Plus i have 1 issu that is i have 2 2960 if i will stack both and than user 2 trunk port on each router than how am i going to connect those trunk ports on the router
I want to set up like this
Internet
|
|(Outer)
1841
|(Inner)
|
2960----2960
I just wanted to know can i use 1 port on any switch as a trunk and will able to terminate it on to 1841 and can make virtual interfaces. Is this possiblehttp://www.cisco.com/warp/public/473/50.shtml
it should be possible. i've heard of some IOS versions (on the router side) not supporting interface trunking though.
You will need to trunk your two switches together. Then trunk the router to one of the switches. Subinterfaces on the router will do the inter-vlan routing. It's usually referred to as a "router on a stick". -
VLAN issues when creating/modifying vNIC Templates
Sort of an odd issue, all of the VLANs that have been created do not show up when creating/modifying a vNIC Template. All of the VLANs have been created globally under the LAN Cloud as well as Appliances.
I have 9 VLANs total, yet UCS Manager will only display 5 when modifying or creating a vNIC Template.
I'm running UCS Manager 1.4(1m) and am experiencing the same issue on another suite of UCS gear that is running 1.4(1i). Anyone else experiencing the same?I have seen odd issues with templates as they do not verify the values you are giving it.
Real world example:
You have 3 major deployment sites. If someone scripts the configuration at site 1, folks in site 2 may have used a different ascii name on their vlan naming. When you deploy the template, you give it VLAN_MGMT. However, the device running that script for the templates has the same vlan BUT was named VLAN-MGMT. Therefore, the templates will not show all the vlans.
To correct this, you could create the vlan necessary based on the naming convention and the template MAY reference it correctly.
Let us know if all the T's are crossed and I's are dotted. :-) -
WLAN Controller 2125 VLAN issue
Hello,
i purchased a WLan Controller 2125.
this is my first time with Cisco's Wireless Controller :-)
previously i have worked with Motorola WLan Controller. configuring Vlan was easy.
now coming back to cisco Controller
i have installed and completed the initial configuration such as management console and 1st SSID working fine.
according to Company's requirement there should be 3 SSID's
1) management VLAN-1 identifier subnet 15.15.x.x (SSID - VLAN-1)(interface1)
2) Guest VLAN-20 identifier subnet 192.168.10.0 (SSID - VLAN-20)(interface2)
3) employees VLAN-30 identifier subnet 20.20.x.x (SSID - VLAN-30)(interface3)
now the issue is only the SSID VLAN-1 is working. i beleive it is because its under the VLAN1 and management interface.
as for fulfilling network requirement i have connected controller with L3 switch as below
controller's interface1 connected to trunking interface on the switch
controller's interface2 connected to interface vlan-20 on the switch
controller's interface3 connected to interface vlan-30 on the switch
i have also configured DHCP on controller for each SSID(interface)
I CANT EVEN PING the GATEWAY FROM THE SSID VLAN-20 & VLAN-30.
HELP PlsFirst at all, test those other 2 vlans fromthe switch side just to make sure are working.
If it is working and not wirelessly, then I would need the show run-config and show arp switch
from the switch side, show cdp nei detail and show run and show arp -
Hi there,
I am having an issue with my VLAN configuration on my RV220W router. I want a default VLAN for all office users, and a guest VLAN for non-office workers that visit, and a mobile VLAN for phones to connect to. Currently all devices attached to the default VLAN have WAN access and access to printers etc. that are on the same VLAN. However any device that connects to the guest VLAN has no WAN access at all.
I have setup the router as below:Good morning
Thanks for using our forum
Hi mate, my name is Johnnatan and I am part of the Small business Support community. To add to Tom´s post you could “Isolate”, your networks enabling this feature, and disabling the Broadcast SSID of your Network1.
I hope you find this answer useful, *Please mark the question as Answered or rate the answer so other will know when an answer has been found.
Greetings,
Johnnatan Rodriguez Miranda.
Cisco network support engineer. -
Hi,
I have a 302-08Mp attached to my network, it is plugged directly into a C3560G, however when i plug a phone into this switch i get a 'configuring ip' message up on the phone. The voice vlan is set identical to the 3560 but in the logs i get an error message stating
%CDP-W-VOICE_VLAN_MISMATCH: voice VLAN mismatch detected on interface gi1.
Can anyone help me solve this issue?
Thanks in advanceTom,
Sorry for teh delay i needed to get someone at the remote location i could trust to reboot the unit. The voice vlan is 20 and the rest run on vlan 1
the 302 is set as
interface gigabitethernet1
macro description "switch | no_switch | switch | no_switch | switch | no_switch
| switch | no_switch | switch | no_switch | switch | no_switch"
exit
macro auto disabled
macro auto processing type host enabled
macro auto built-in parameters ip_phone_desktop $max_hosts 10 $native_vlan 1
and runs sw version 1.1.2.0
the 3560 is set
interface GigabitEthernet0/3
description Link to SW3
power inline never
switchport trunk encapsulation dot1q
switchport mode trunk
switchport voice vlan 20
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
mls qos trust cos
auto qos voip trust interface GigabitEthernet0/3
description Link to SW3
power inline never
switchport trunk encapsulation dot1q
switchport mode trunk
switchport voice vlan 20
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
mls qos trust cos
auto qos voip trust
Thanks -
IDS Addressing /VLAN issue
We have an IDS ver 4.1 in a cat 6k, and initially addressed it in a lab in vlan 1 as such:
vlan 1: 161.220.60.1 /24
IDS: 161.220.60.10 /24
the IDS gateway is Vlan 1 ip.
this has worked fine, able to ping and telnet btw. the 6k and the IDS. but in getting ready for deployment, we have decided that we would rather not use vlan 1, and created a new vlan for our IDS and NAM, say VLAN 100. we removed the addressing from VLAN 1 and shut it down. Addressed VLAN 100 in the say way, but now no longer to even ping the IDS from the cat 6k. I even added a static route:
ip route 161.220.60.10 255.255.255.255. vlan 100
still unable to ping the IDS. It seems that the vlan 1 info is cached in some way, preventing any access through the new vlan 100. we cleared the arp, is there anything else that needs cleared so the IDS can be part of vlan 100 as it was in vlan 1.
Also, is there any known issue if we were to decide to put the IDS and NAM back into vlan 1 ?The IDSM-2's command and control port is in vlan 1 by default so you did not need to execute a special command to move it to vlan 1.
BUT, If you want to move it to vlan 100, then you will need to execute the switch command to move the IDSM-2's command and control port to vlan 100.
Examples for a module in slot 5
For Cat OS:
set vlan 100 5/2
For Native IOS
intrusion-detection module 5 management-port access-vlan 100
(Similar changes would be needed for NAM as well).
Have you executed the above switch command to move the command and control of the IDSM-2 to vlan 100? -
I have eight C3550 switches connected to a C6509 (gig ports). About every 5 days the C3550 switches have very spotty pings to the VLAN 102 segment and basically all the PC's connected to those switches loose network access to VLAN 102. It seems when this issue happens I can ping the Vlan 100 just fine from the C3550's.
Also the 6509 Cannot ping the vlan 102 when this issue happens even if the server sits on the 6509.
any suggestions?I'm not seeing any increased error counters on the Gigabit truck interface. the 6509 is running Version 12.2(17a)SX1 and the 3550's are running (C3550-IPBASE-M), Version 12.2(25)SEB2
thanks!!!! Adam
Here is the 3550 config,
Password:
Password:
6509>en
Password:
6509#shwo ru ow run
Building configuration...
Current configuration : 27499 bytes
! Last configuration change at 08:06:06 EST Sat Jun 18 2005
! NVRAM config last updated at 07:53:44 EST Sat Jun 18 2005
here is the 3550 config,
show run
Building configuration...
Current configuration : 7124 bytes
! No configuration change since last restart
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname upstairs_10.175.102.8
logging console critical
logging monitor critical
enable secret 5
no aaa new-model
clock timezone EST -5
ip subnet-zero
ip domain-name xxxxxx
ip name-server 10.175.102.16
ip name-server 10.175.102.17
--More-- !
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
interface FastEthernet0/1
switchport access vlan 102
switchport mode access
spanning-tree portfast
interface FastEthernet0/47
switchport access vlan 102
switchport mode access
spanning-tree portfast
interface FastEthernet0/48
switchport access vlan 102
switchport mode access
--More-- duplex full
spanning-tree portfast
interface GigabitEthernet0/1
switchport access vlan 102
switchport mode access
interface GigabitEthernet0/2
switchport mode dynamic desirable
interface Vlan1
no ip address
shutdown
interface Vlan102
ip address 10.175.102.8 255.255.255.0
ip default-gateway 10.175.102.1
ip classless
ip http server
logging trap notifications
logging 10.175.100.71
--More-- snmp-server community xxxxxx RW
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps cluster
snmp-server enable traps entity
snmp-server enable traps envmon
snmp-server enable traps cpu threshold
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps flash insertion removal
snmp-server enable traps port-security
snmp-server enable traps MAC-Notification
snmp-server enable traps copy-config
snmp-server enable traps config
snmp-server enable traps hsrp
snmp-server enable traps rtr
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps vlan-membership
--More-- control-plane
line con 0
password 7
login
line vty 0 4
password 7
login
line vty 5 15
password 7
login
ntp clock-period 17180206
ntp server 128.10.252.10
end
upstairs_10.175.102.8#
Maybe you are looking for
-
Report download to power point doesn't show all records
dear experts, I have a report with a tape deck below, so it shows only records 1-25. When I click download to excel, every record is downloaded (1-all rows) and this is fine. But, if I download to power point, only the records shown on the dashboard
-
ITunes v7.3.1 freezes, crashes to blue screen when downloading video pcasts
iTunes 7.3.1 in Windows Vista is uploading audio only podcasts fine, but is choking on all video podcasts. The software freezes up when it tries to file away the completely downloaded video podcast, then crashes to the Blue Screen of Death and memory
-
JDBC Communication channel : Error establishing socket
Dear friends, Im using JDBC comm channel. JDBC driver has been insatlled for SQL Server 2000 (SP3) . However for the JDBC comm. channel i get an error "SQLException: [Microsoft][SQLServer 2000 Driver for JDBC]Error establishing socket.' following par
-
What resolution is my book being uploaded at?
Hi, I've read on a few forums that all books uploaded from iPhoto are now uploaded at 300dpi. Previous versions of iPhoto were reported to only upload the small books at 300dpi and the medium and large books at a lower resolution. Can someone please
-
Windows server domain group membership with functional level 2003 - windows API
Hello, I am a programmer trying to get members of a global domain group using windows server 2008 enterprise edition, in the past there wasn't a functional level 2003 on windows server, but when 2003 functional level appeared a new features were adde