Vlan passthrough
Dear experts,
I'm having trouble configuring my ASA 5510 firewall for passthough vlans.
I want to passtrough vlans from the "outside" interface to the "lan" interface.
The ISP provides VOIP as a service to our company on the same internet connection on the seperate Vlan.
The ASA has to filter the internet access (untagged traffic) but has to pass trough the voice traffic (tagged traffic)
to the lan interface. the ISP also provides DHCP for my ip phones, so the asa also has to passtrough dhcp requests.
do i need DHCP relay?
i'll tried to connect 1 vlan to multiple fysical interfaces but i get an error message that this is not posible
Is this posible using the ASDM interface or do i need to configure this by the CLI?
I attached a drawing how the environment must look like.
Hope someone can help me out here.
VLAN will not passthrough because the SLM2008 doesn't have trunking capability.
Similar Messages
-
NAC implementation wi thout DHCP Server
Dear Experts,
Is it possible to deploy NAC without having DHCP server in the network? We have some 300-400 users in the campus and want to enable NAC for them.
As per my understanding Cisco NAC cannot be deployed without DHCP server in the network, however it is not documented anywhere on the site. Currently all users' machines are configured with static IP.
We want to do user authentication, AV remediation and Patch deployment through NAC. Is it possible to deploy NAC without DHCP server??
Thanks in advance.
nayanHi,
Here is the basic flow of clean access for both inband and out of band: (http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_white_paper0900aecd802bdc42.html)
Figure 1. Laptop Attempts to Access the Internal Network
1. When the laptop first accesses the network, the Cisco Clean Access Server determines that the computer's MAC address is not in the list of certified devices, and that laptop is placed into an unauthenticated role. While in this role, only User Datagram Protocol (UDP) Port 53 (Domain Name System [DNS]) and Dynamic Host Control Protocol (DHCP) traffic (via DHCP and VLAN passthrough) is allowed.
2. The laptop gets an IP address from the DHCP server, but cannot get past the Clean Access Server acting as an IP filter.
3. The laptop user opens a browser and is redirected to an SSL-based Web login page where she enters her credentials, which in turn map her into the "employee" role.
4. As an "employee," she is asked to download the Clean Access Agent.
5. The Clean Access Agent performs the posture assessment and forwards the results to the Clean Access Server to make the network admissions decision.
Tarik Admani
*Please rate helpful posts* -
DHCP Passthrough on VLAN slm2008
Ok, so I have a Linksys SLM2008 off of a Cisco 3560. I use vlan 3 for PC's. The PC behind the Linksys will not pull a DHCP address even though the helper is defined in the VLAN of the 3560... Is this not possible with the SLM2008??
VLAN will not passthrough because the SLM2008 doesn't have trunking capability.
-
Guest Access with Inter-vlan Mobility
I have a setup as follows
Two datacenters each with one wlc5500, one guest access server and one internet circuit with firewall.
LWAPs connect to the data centres over a WAN.
Each LWAP has two SSIDs one guest with web auth and one private with 802.1x.
Site1 has 40 APs and site2 has 10 APs.
The best scenario would be to have 30 APs on each controller but this means that there would be a mix of APs centrally switched on different VLANs for the guest wlan.
Is there any way to anchor clients that intially associate to WLC1 so that if they roam on to WLC2 they keep the same IP address from datacentre 1. Similarly those that associate to WLC2 keep their IP from datacentre 2 if they roam to WLC1. Finally if either WLC1 or WLC2 fail then all clients re-associate to the active WLC at one DC. All the config guides so far only depict one internet circuit so I can't work out if this is possible yet. So far with both WLCs active the client changes address as they roam to the other WLC.
I would like to avoid creating a L2 link beween DCs if possibleThanks for looking
(Cisco Controller) >show wlan 3
WLAN Identifier.................................. 3
Profile Name..................................... guest
Network Name (SSID).............................. GUEST
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ guest-vlan
WLAN ACL......................................... unconfigured
DHCP Server...................................... 10.18.227.10
DHCP Address Assignment Required................. Enabled
--More-- or (q)uit
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... 802.11b and 802.11g only
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
--More-- or (q)uit
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Enabled
ACL............................................. Unconfigured
Web Authentication server precedence:
1............................................... local
2............................................... radius
3............................................... ldap
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
--More-- or (q)uit
Mobility Anchor List
WLAN ID IP Address Status
(Cisco Controller) >?
(Cisco Controller) >show wln 3
Incorrect usage. Use the '?' or key to list commands.
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >show wlan 3
WLAN Identifier.................................. 3
Profile Name..................................... guest
Network Name (SSID).............................. GUEST
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Number of Active Clients......................... 1
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ guest-vlan
WLAN ACL......................................... unconfigured
DHCP Server...................................... 10.253.128.10
DHCP Address Assignment Required................. Enabled
--More-- or (q)uit
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... 802.11b and 802.11g only
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
--More-- or (q)uit
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Enabled
ACL............................................. Unconfigured
Web Authentication server precedence:
1............................................... local
2............................................... radius
3............................................... ldap
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
--More-- or (q)uit
Mobility Anchor List
WLAN ID IP Address Status
(Cisco Controller) >? -
Is the following possible (to save the cost of 1 switch?)
[modem of ISP]
|--> [ISA 500]
|--> WAN port - vlan 1: dhcp
- vlan 2: mac passthrough (the device has to ask the ISP an IP which can be only done via the correct MAC address)
= 2 vlan on the WAN port
The goal is to have 2 vlan on the wan port of the ISA500 so 1 LAN port can be used for the internal network and 1 LAN port will be used to connect the device of vlan 2 so it can ask an IP address
Is this possible?Ok. I'm a little confused so let me see if I can get my arms back around this. To begin with, I'd recommend leaving DHCP Off on the SG and using the DHCP on the ISA.
You mentioned "I did the following on the ISA" twice
Did you try the first one and then tried the second one and neither worked?
Did you do both on the ISA?
Is this just a typo and the other should have been "I did the following on the SG"?
If this is the correct one, you mentioned that you created a VLAN5 on the SG. You shouldn't need to do that as it should detect it from the Trunk once you complete step 3 below and allow you to assign VLAN5 to a switch port. If it doesn't, try changing port 27 on the SG to a Trunk Port as well, after completing step 3 below. Either way, before proceeding, please delete the VLAN 5 you created on the SG.
After configuring WAN 2 (IP via MAC), did WAN 2 get the correct IP Assigned to it?
You mentioned adjusting GE2 and GE3 to be Trunk Ports, put VLAN1 in GE2 and VLAN5 in GE3 and connected both ports to the SG
You only need 1 Trunk Port and only one cable connecting that Trunk Port to the SG. Please do the following.
Disconnect the cable between GE3 on the ISA and port 28 on the SG
Change GE3 in the ISA back to an Access Port and put it back in VLAN1
Add VLAN5 to GE2 so that GE2 is still a Trunk Port and contains both VLAN1 and VLAN5
On the SG, you mentioned that you tagged port 28 to be VLAN5 and forbidden VLAN1.
If VLAN5 was deleted from the SG as I mentioned in step 1 above, please apply the auto-detected VLAN5 that should now exist in the SG to port 28. Otherwise, please leave the current configuration as is. Either way, please attach the DIGIBOX to port 28 on the SG.
Ensure the DIGIBOX gets an IP from the VLAN5 IP Pool.
If you are going to need to allow unsolicited traffic from the internet to the DIGIBOX, please configure the DIGIBOX with static IP, Gateway, DNS info for the VLAN5 IP Pool.
You'll also need to configure a Static NAT entry in the ISA to use the WAN2 IP for the Private Static IP you assign to the DIGIBOX.
You'll also need to create Access Rules in the ISA for any services that need to be allowed unsolicited to the DIGIBOX.
If the DIGIBOX just needs internet access, only needs to use the IP on WAN2, and supports DHCP, I'd recommend leaving it as DHCP.
Shawn Eftink
CCNA/CCDA
Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community. -
EA6500 - VPN interface and VLan configuration feature?
Does EA6500 has any kind of built-in VPN interface and also built-in VLan configuration feature??
This particular router has VPN passthrough and you may open ports when needed for VPN to work behind it. As for VLAN configuration, this router is not designed for that. Everything that you would like to know about the router just click here
-
How do I route multiple SB302 switches at different sites and their VLANs?
Hello Cisco Support Community,
First thank you for any replies.
The video posted today on 302's and multiple VLAN's on one switch was nice.
Thank you, I have that working but it's not really what I need.
Though pictures are worth a 1000 words so I hope someone will post something similar to my question.
I have 7 - SB 302-08 switches with the most recent firmware. (updated firmware today, thanks to the video, and TG for the CLI)
All 302's are configured for layer 3.
This is my first experience with the SMB line of switches.
I have a main office and several satellite branch offices.
All locations are connected back with a "Q to Q" circuit on individual ports to a vendor supplied switch at the main office.
I need to link all branch office 302 switches back to the main office 302 switch and allow traffic amongst them.
Mainly traffic between each branch office and the main office.
There maybe a future need to incorporate VoIP on them as well, but that is a back burner issue.
These locations will have an individual VLAN and 302 switch but need to receive data from the main VLAN and possibly others.
I have a "core" SB 302 setup at the main office with its own VLAN.
Each branch switch has its own VLAN.
I would also like to have a centralized management VLAN for the switches.
In trying to configure the core 302 I keep losing connectivity and having to reset it.
On the branch switches I end up getting them to only link to themselves with different IP's and not the core.
I'm assuming this is caused by my not configuring interconnectivity using ACL.
Please let me know if you need additional information.
ThanksAlllan,
Well first you want to make sure you are running latest firmware 1.1.1.8 I do believe
Next either console into the switch or you can turn on SSH/Telnet under Web gui (Security••àTCP/UDP services and make sure SSH/Telent is enabled)
Now we configure the switch via Cli
We need to enter global configuration mode.
Configure Terminal
(next add our vlans)
Vlan database
Vlan 10
Vlan 20
Vlan 30
Exit
(you can run show command to see your vlans)
do show vlan
(Now configure the port how you would like)
Interface GE1
Switchport mode access (this is making Gigabit port 1 an access port)
Switchport access vlan 20 (this command is changing access port vlan from 1 to 20)
(less configure a trunk port)
Interface GE2
Switchport mode trunk (this makes port 2 for trunking)
(Now less add our Vlans)
Switchport trunk native vlan 1
Switchport trunk allowed vlan add 10,20,30
Exit global configuration
(Use this command to copy your settings to startup)
Copy running-config startup-config
(Some screen shots attached)
I see you have a WRT54G router which i don't think support vlans unless you have 3rd party OS installed.
So currently is the SG300 swtich operating in layer 2 or layer 3 , guessing this is why you choose to move up to 300 series switch?
If the switch is not in layer 3 mode but in layer2 when setting it to layer3 the switch will default all pervious settings.
If the switch is set in layer 3 mode you might have forgot your default route
(Command setting default route)
configure terminal
ip route 0.0.0.0 0.0.0.0 192.168.1.1 (192.168.1.1 being address of your WRT54G)
Now you would need to set up ACL's to deny and allow what traffic you wanted to filter on the SG300
Also reading your post we would need you to call into support center SBSC @ 1-866-606-1866
This way we could get a better idea of your current configuration and assist with fixing or finding a solution for you.
you have 1 year phone support with this product
Thanks,
Jasbryan -
Is KVM VGA Passthrough Possible on Macbook Pro Mid 2014?
I've been using Arch on and off for a couple years on different hardware, and this time I'm trying to get it to work semi-flawlessly on my mid 2014 Macbook Pro. My Linux skills are meager, so I need some help understanding if VGA passthrough is possible on this machine, and if it is, how to set it up. I have hope that it might work after reading this blog and the Arch forums. An outline of my current setup follows. I will also document progress and research for anyone who might want to try this in the future.
Here are the specifications for this machine:
Processor: 2.5 GHz Intel Core i7
Memory: 16 GB 1600 MHz DDR3
Graphics: Intel Iris Pro 1536 MB, Nvidia GT 750M 2 GB
I have successfully dual-booted Mac OS X Yosemite and Arch with EFI on a btrfs partition using this blog and the wiki as starting points. Somlo's research also helped. All the basic functionality works (networking, WiFi, etc.), and I am able to boot the physical Arch partition as a Virtualbox VM with the help of the wiki. However, I'm having trouble with getting the integrated Intel graphics to work. The following command:
lspci | grep VGA
prints the Nvidia card specifications, and nothing about the Intel graphics.
Reading this blog, it looks like someone had to apply a "grub gmux" patch to grub to disable the Nvidia card at boot. I feel uncomfortable installing anything other than the official Arch packages, so I have to know if installing a patched grub is still necessary, and if installing it would still allow me to use VGA passthrough in KVM.
My ambitious to-do list looks like this:
1. Dual-boot Mac OS X and Arch with btrfs. -done
2. Setup the physical Arch partition to boot in Virtualbox. -done
3. Get Intel graphics to work on Arch ideally with OpenGL support. -done
4. Get Enlightenment working as the desktop environment on Arch. -done
5. Get Qemu+KVM to boot off the physical Mac OS X partition. -tbd
6. Enable VGA passthrough for Mac OS X from Qemu+KVM. -tbd
7. Install Windows as a VM in Qemu+KVM. -tbd
8. Enable VGA passthrough for Windows from Qemu+KVM. -tbd
9. Work and do research on Mac OS X from Arch, play hardcore 3D games on WIndows from Arch, play around with Arch, and live happily ever after. -tbd
Can anyone help me with this? Thanks in advance for any hints/input.
Edit:
The Ubuntu forums has something about getting the two graphics cards to be recognised by using `refind` instead of `grub`. I was able to set up `refind` to boot using the `efi-stub`, but:
$ lspci
00:00.0 Host bridge: Intel Corporation Crystal Well DRAM Controller (rev 08)
00:01.0 PCI bridge: Intel Corporation Crystal Well PCI Express x16 Controller (rev 08)
00:01.1 PCI bridge: Intel Corporation Crystal Well PCI Express x8 Controller (rev 08)
00:14.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB xHCI (rev 05)
00:16.0 Communication controller: Intel Corporation 8 Series/C220 Series Chipset Family MEI Controller #1 (rev 04)
00:1b.0 Audio device: Intel Corporation 8 Series/C220 Series Chipset High Definition Audio Controller (rev 05)
00:1c.0 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #1 (rev d5)
00:1c.2 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #3 (rev d5)
00:1c.3 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #4 (rev d5)
00:1c.4 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #5 (rev d5)
00:1f.0 ISA bridge: Intel Corporation HM87 Express LPC Controller (rev 05)
00:1f.3 SMBus: Intel Corporation 8 Series/C220 Series Chipset Family SMBus Controller (rev 05)
01:00.0 VGA compatible controller: NVIDIA Corporation GK107M [GeForce GT 750M Mac Edition] (rev a1)
01:00.1 Audio device: NVIDIA Corporation GK107 HDMI Audio Controller (rev a1)
03:00.0 Network controller: Broadcom Corporation BCM4360 802.11ac Wireless Network Adapter (rev 03)
04:00.0 Multimedia controller: Broadcom Corporation 720p FaceTime HD Camera
05:00.0 SATA controller: Samsung Electronics Co Ltd Apple PCIe SSD (rev 01)
06:00.0 PCI bridge: Intel Corporation Device 156d
07:00.0 PCI bridge: Intel Corporation Device 156d
07:03.0 PCI bridge: Intel Corporation Device 156d
07:04.0 PCI bridge: Intel Corporation Device 156d
07:05.0 PCI bridge: Intel Corporation Device 156d
07:06.0 PCI bridge: Intel Corporation Device 156d
08:00.0 System peripheral: Intel Corporation Device 156c
still only shows the Nvidia card. The boot options suggested by this blog did not change anything. However, this very helpful discussion led me to this on-going project. I patched the kernel according the instructions in the said project's `readme`, and Arch is now able to see the two graphics cards and an extra Intel audio controller.
$ lspci
00:02.0 VGA compatible controller: Intel Corporation Crystal Well Integrated Graphics Controller (rev 08)[/bold]
00:03.0 Audio device: Intel Corporation Crystal Well HD Audio Controller (rev 08)
01:00.0 VGA compatible controller: NVIDIA Corporation GK107M [GeForce GT 750M Mac Edition] (rev a1)
Also, I was able to fire up Enlightenment using the Intel graphics card and `0xbb`'s `gpu-switch` script. After using some post-installation tips from this, the computer started getting hot. I followed this thread to get it back to normal.
Edit:
So I finally got some time to experiment on this. I ended up installing Gnome 3 after trying out Enlightenment, KDE Plasma 5, and Cinnamon. I thought Gnome 3 and Cinnamon had the best Hi-DPI support of those four. Cinnamon's look was too much trouble for me to configure, so I ended up choosing Gnome 3.
To achieve the graphics card passthrough, I tried setting up and starting a VM in `virt-manager`, but starting the VM would cause Arch to freeze. Finally, I tried following the instructions on the wiki, this thread, and the Arch forums. I haven't yet tried booting the Windows installer, but the following are the steps I took so far:
1. Uninstall all `nvidia` drivers from my system.
2. Blacklist the `nouveau` driver.
3. Add `pci-stub` to the modules array in `mkinitcpio.conf`.
4. Recreate the `initramfs`.
5. Add `intel_iommu=on pci-stub.ids=10de:0fe9,10de:0e1b,8086:156c` to the `refind.conf` `options` line.
- These three IDs are ones for the Nvidia graphics, Nvidia sound, and the "Intel Corporation Device" (probably the HDMI port, or something related to the
ethernet card), which belong to the same "IOMMU group". What was curious was that a Gigabit ethernet controller would appear in the IOMMU group iff I had
an ethernet cable connected to my thunderbolt port. I don't know if I have to add the ID for this, but so far there are no complaints about it in `dmesg`.
6. Install `ovmf-svn` from the AUR.
6. Follow the "Binding a device to vfio-pci" section documented at https://bbs.archlinux.org/viewtopic.php?id=162768.
7. Follow the "Testing if its working out" section documented at https://bbs.archlinux.org/viewtopic.php?id=162768.
So far, the test at step 7 is failing -- I get a `vfio-pci 0000:01:00.0: Invalid ROM contents` complaint in `dmesg`, and I see a prompt in the `qemu` window. I'm supposed to be getting a black `qemu` window, and a prompt on an external monitor which I haven't connected yet. I read the comments on this blog about graphics card ROM and EFI compatibility, and it looks like my graphics card ROM can't be read. I also read that the graphics card ROM would only be read once by qemu/KVM and saved as a file for later use, so all I need to do to get around that is pass a snapshot of the ROM of the Nvidia GT 750M card to qemu/KVM. Apparently, "You can download the 750m rom files directly from Lenovo's website on the support page" according to this thread, but all I see is this. I will continue hunting around for a ROM file for this graphics card.
Last edited by rb3 (2015-06-05 02:01:20)It`s not beacuse of the case. I have the same problem with a macbook pro retina 15 late 2013 (I7 - 2.3 Ghz, 16 GB, 512 SSD, GT750M) with windows 8.1 on bootcamp. The temperature is higher than yosemite. It gets easily at 80 celsius in a demanding game, while on yosemite it barely reaches 55-60 under heavy load. It`s beacuse of windows, and these are the temperatures, I got the same average 55-60 in windows and 45 celsius in yosemite. I read on the forums and I tried evend with a cooler pad. But it doesn`t seem to be any improvement with lowering the temperature in windows.
-
The difference between IEEE802.1Q Native VLAN sub-interface and Physical interface?
Hello
I think the following topologies are supported for Cisco Routers
And the Physical interface also can be using as Native VLAN interface right?
Topology 1.
R1 Gi0.1 ------ IEEE802.1Q Tunneling L2SW ------ Gi0 R2
R1 - configuration
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
ip address 10.0.0.1 255.255.255.0
Topology 2.
R1 Gi0 ------ IEEE802.1Q Tunneling L2SW ------ Gi0 R2
interface GigabitEthernet0
ip address 10.0.0.1 255.255.255.0
And is it ok to use the physical interface and sub-interface with dynamic routing such as EIGRP or OSPF etc?
R1 Gi 0 ---- Point to Multipoint EIGRP or OSPF ---- Gi0 R2 / R3
Gi 0.20--- Point to Point EIGRP or OSPF --- Gi0.10 R4 (same VLAN-ID)
R1 - configuration
interface GigabitEthernet0
ip address 10.0.0.1 255.255.255.0
interface GigabitEthernet8.20
encapsulation dot1Q 20
ip address 20.0.0.1 255.255.255.0
Any information is very appreciated. but if there is any CCO document please let me know.
Thank you very much and regards,
Masanobu HiyoshiHello,
The diagram is helpful.
If I am getting you correctly, you have three routers interconnected by a switch, and you want them to operate in a hub-and-spoke fashion even though the switch is capable of allowing direct communication between any of these routers.
Your first scenario is concerned with all three routers being in the same VLAN, and by using neighbor commands, you force these routers to establish targeted EIGRP adjacencies R1-R2 and R1-R3, with R1 being the hub.
Your second scenario is concerned with creating one VLAN per spoke, having subinterfaces for each spoke VLAN created on R1 as the router, and putting each spoke just in its own VLAN.
Your scenarios are not really concerned with the concept of native VLAN or the way it is configured, to be honest. Whether you use a native VLAN in either of your scenarios, or whether you configure the native VLAN on a subinterface or on the physical interface makes no difference. There is simply no difference to using or not using a native VLAN in any of your scenarios, and there is no difference to the native VLAN configuration being placed on a physical interface or a subinterface. It's as plain as that. Both your scenarios will work.
My personal opinion, though, is that forcing routers on a broadcast multi-access segment such as Ethernet to operate in a hub-and-spoke fashion is somewhat artificial. Why would you want to do this? Both scenarios have drawbacks: in the first scenario, you need to add a neighbor statement for each spoke to the hub, limiting the scalability. In the second scenario, you waste VLANs and IP subnets if there are many spokes. The primary question is, though: why would you want an Ethernet segment to operate as a hub-and-spoke network? Sure, these things are done but they are motivated by specific needs so I would like to know if you have any.
Even if you needed your network to operate in a hub-and-spoke mode, there are more efficient means of achieving that: Cisco switches support so-called protected ports that are prevented from talking to each other. By configuring the switch ports to spokes as protected, you will prevent the spokes from seeing each other. You would not need, then, to configure static neighbors in EIGRP, or to waste VLANs for individual spokes. What you would need to do would be deactivating the split horizon on R1's interface, and using the ip next-hop-self eigrp command on R1 to tweak the next hop information to point to R1 so that the spokes do not attempt to route packets to each other directly but rather route them over R1.
I do not believe I have seen any special CCO documents regarding the use of physical interfaces or subinterfaces for native VLAN or for your scenarios.
Best regards,
Peter -
Aggregates, VLAN's, Jumbo-Frames and cluster interconnect opinions
Hi All,
I'm reviewing my options for a new cluster configuration and would like the opinions of people with more expertise than myself out there.
What I have in mind as follows:
2 x X4170 servers with 8 x NIC's in each.
On each 4170 I was going to configure 2 aggregates with 3 nics in each aggregate as follows
igb0 device in aggr1
igb1 device in aggr1
igb2 device in aggr1
igb3 stand-alone device for iSCSI network
e1000g0 device in aggr2
e1000g1 device in aggr2
e1000g2 device in aggr3
e1000g3 stand-alone device of iSCSI network
Now, on top of these aggregates, I was planning on creating VLAN interfaces which will allow me to connect to our two "public" network segments and for the cluster heartbeat network.
I was then going to configure the vlan's in an IPMP group for failover. I know there are some questions around that configuration in the sense that IPMP will not detect a nic failure if a NIC goes offline in the aggregate, but I could monitor that in a different manner.
At this point, my questions are:
[1] Are vlan's, on top of aggregates, supported withing Solaris Cluster? I've not seen anything in the documentation to mention that it is, or is not for that matter. I see that vlan's are supported, inluding support for cluster interconnects over vlan's.
Now with the standalone interface I want to enable jumbo frames, but I've noticed that the igb.conf file has a global setting for all nic ports, whereas I can enable it for a single nic port in the e1000g.conf kernel driver. My questions are as follows:
[2] What is the general feeling with mixing mtu sizes on the same lan/vlan? Ive seen some comments that this is not a good idea, and some say that it doesnt cause a problem.
[3] If the underlying nic, igb0-2 (aggr1) for example, has 9k mtu enabled, I can force the mtu size (1500) for "normal" networks on the vlan interfaces pointing to my "public" network and cluster interconnect vlan. Does anyone have experience of this causing any issues?
Thanks in advance for all comments/suggestions.For 1) the question is really "Do I need to enable Jumbo Frames if I don't want to use them (neither public nore private network)" - the answer is no.
For 2) each cluster needs to have its own seperate set of VLANs.
Greets
Thorsten -
Can you help me with this ( vlan,accesslist,management )
here's the scenario I have two vlan 10 & 20
I have 2 switch and 1 router
the target of this setup is that vlan 10 can ping or reach vlan 20 but vlan 20 cannot be reach or ping vlan 10 it is that possible
Here's the setup
In SW0
vlan 10
name Management
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
interface FastEthernet0/2
switchport trunk allowed vlan 10
switchport mode trunk
In SW1
interface FastEthernet0/1
switchport trunk allowed vlan 20
switchport mode trunk
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
In Router
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
ip access-group 1 out
interface FastEthernet0/0.20
no ip address
interface FastEthernet0/1
no ip address
duplex auto
speed auto
interface FastEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip access-group 1 out
interface Vlan1
no ip address
shutdown
ip classless
access-list 1 deny 192.168.20.0 0.0.0.255
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 deny host 192.168.20.11
access-list 1 permit host 192.168.10.11
access-list 1 deny any
access-list 1 permit any
Im new so i dont know if my setup is correct ...
can any1 help me about this,,,
thanks.Hi,
let's suppose PC0(Vlan 10) wants to communicate with PC1(Vlan 20):
-traffic enters f0/0.10 with src 10.11 and dst 20.11 and it is forwarded out f0/1.20 where there is an egress ACL
-this is a standard ACL so it matches on source only and there is a hit for second entry permit 192.168.10.0 0.0.0.255
-now PC1 replies and traffic enters f0/1.20 and is forwarded out f0/0.10 where there is egress ACL
-there is a hit on first entry deny 192.168.20.0 0.0.0.255( packet src is 20.11 and dst 10.11)
So end result is that Vlan 10 cannot reach Vlan 20.
I don't think this is what you wanted
Now of course traffic sourced from any PC in Vlan 20 destined to PC0 is filtered as you wanted because it is filtered on f0/0.10 outbound as above.
ACLs are stateless and communication in TCP/IP is bidirectional so the best way to achieve what you want to do if you want to filter more than Pings would be to use CBAC or ZBF or reflexive ACLs
Regards
Alain
Don't forget to rate helpful posts. -
Setting up Multiple SSID's & VLAN
I have a Cisco 1230 AP along with a Sonic Wall TZ 210 and a Linksys SFE 2010P switch. On my AP I have created 2 SSID's. and 2 VLAN's. The first SSID is being broadcasted and has WPA encryption on it for our Corporate USers. The Second SSID is a Guest SSID and too is being broadcasted. I can make a laptop connect to the 1st SSID, but for some reason the 2nd SSID nothing will connect to it. The first SSID is associated to VLAN1 and the 2nd SSID is associated to VLAN2. VLAN1 has WPA encryption on it. VLAN2 is setup as Open and no Encryption. Any ideas?
My next question is how to I configure traffic on this AP with the other equipment mentioned? On my sonicwall we have segmented port6 on it to be a different subnet from the corporate subnet. On the Linksys switch I have enable VLANS on port2 and port48 which are on VLAN2. All other ports are on VLAN1. The AP connects to Ports 2 on the linksys switch and port 48 connects to port 6 on the Sonic Wall. When a corporate user connects to SSID1 I want them to be able to connect to the Corporate subnet. When a guest connects to SSID2 I want them to connect to the segmented guest network to only have Internet Access.
Hope this makes sense!
Below is my config on the AP. I am really only familiar with the IOS web interface so if you can explain it using that I'd appreciate it.
AP_WLAN_Bakery
Home Exec Configure
------------------ show version ------------------
Cisco IOS Software, C1200 Software (C1200-K9W7-M), Version 12.3(8)JEB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Fri 20-Jul-07 20:51 by dchih
ROM: Bootstrap program is C1200 boot loader
BOOTLDR: C1200 Boot Loader (C1200-BOOT-M) Version 12.2(8)JA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
AP_WLAN_Bakery uptime is 1 hour, 40 minutes
System returned to ROM by reload
System restarted at 10:52:05 -0400 Fri Oct 15 2010
System image file is "flash:/c1200-k9w7-mx.123-8.JEB1/c1200-k9w7-mx.123-8.JEB1"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-AP1231G-A-K9 (PowerPC405GP) processor (revision B0) with 15138K/1236K bytes of memory.
Processor board ID FOC0849218B
PowerPC405GP CPU at 196Mhz, revision number 0x0145
Last reset from reload
1 FastEthernet interface
1 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:12:D9:8B:09:93
Part Number : 73-8704-08
PCA Assembly Number : 800-23211-09
PCA Revision Number : A0
PCB Serial Number : FOC0849218B
Top Assembly Part Number : 800-23304-08
Top Assembly Serial Number : FTX0902R2V1
Top Revision Number : A0
Product/Model Number : AIR-AP1231G-A-K9
Configuration register is 0xF
------------------ show running-config ------------------
Building configuration...
Current configuration : 2544 bytes
! Last configuration change at 12:07:29 -0400 Fri Oct 15 2010 by admin
! NVRAM config last updated at 12:07:29 -0400 Fri Oct 15 2010 by admin
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname AP_WLAN_Bakery
clock timezone -0500 -5
clock summer-time -0400 recurring
ip subnet-zero
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
dot11 vlan-name VLAN_Corporate vlan 1
dot11 vlan-name VLAN_Guest vlan 2
dot11 ssid WLAN_Corporate
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 005740565C0C5C5F5C741F
dot11 ssid WLAN_HartKitGuest
vlan 2
authentication open
mbssid guest-mode
username admin privilege 15 password 7 <removed>
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm tkip
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
mbssid
speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
station-role root
no dot11 extension aironet
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
interface BVI1
ip address 192.168.2.240 255.255.255.0
no ip route-cache
ip default-gateway 192.168.2.1
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
sntp server 192.168.2.5
sntp broadcast client
end
------------------ show stacks ------------------
Minimum process stacks:
Free/Size Name
4572/5500 soap_flash init
10024/11000 DHCP Autoinstall
5160/5500 Autoinstall
11748/12000 Setup
10552/11000 BootP Resolver
5240/5500 dot11 platform init
8824/12000 Init
5088/5500 RADIUS INITCONFIG
2576/3000 Rom Random Update Process
5144/11000 HTTP CP
3084/5500 Soap Flash Save Variables
Interrupt level stacks:
Level Called Unused/Size Name
4 125707 8056/9000 dot11 radio interrupt
6 9783 8960/9000 NS16550 VECTOR
------------------ show interfaces ------------------
BVI1 is up, line protocol is up
Hardware is BVI, address is 0012.d98b.0993 (bia 0013.1973.8d50)
Internet address is 192.168.2.240/24
MTU 1500 bytes, BW 54000 Kbit, DLY 5000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
5 minute input rate 10000 bits/sec, 9 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
59436 packets input, 8310033 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
31826 packets output, 18823451 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:15:20, output 00:15:20, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 47
Queueing strategy: fifo
Output queue: 0/30 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
16093 packets input, 1696312 bytes, 0 no buffer
Received 1913 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
8367 packets output, 2930004 bytes, 0 underruns
13 output errors, 0 collisions, 37 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0.1 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Dot11Radio0.2 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, MII
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/160/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 13000 bits/sec, 10 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
75878 packets input, 12726627 bytes
Received 43517 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
38986 packets output, 19917202 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet0.1 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0.2 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
------------------ show controllers ------------------
interface Dot11Radio0
Radio AIR-MP31G, Base Address 0013.1973.8d50, BBlock version 0.00, Software version 6.11.1
Serial number: FOC0901D4S1
Number of supported simultaneous BSSID on Dot11Radio0: 8
Carrier Set: Americas (US )
Uniform Spreading Required: No
Current Frequency: 2412 MHz Channel 1
Allowed Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11)
Listen Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11) 2467(12) 2472(13) 2484(14)
Beacon Flags: 0; Beacons are enabled; Probes are enabled
Current CCK Power: 100 mW
Allowed CCK Power Levels: 1 5 10 20 30 50 100
Current OFDM Power: 30 mW
Allowed OFDM Power Levels: 1 5 10 20 30
Allowed Client Power Levels: 1 5 10 20 30 50 100
ERP settings: short slot time.
Neighbors in non-erp mode:
Current Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Active Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Allowed Rates: 1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Range Rates: basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Throughput Rates: basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Default Rates: basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
Current Voice Rates: 5.5 6.0 11.0 12.0 24.0 [disabled until voice packet-discard enabled]
Default Voice Rates: 5.5 6.0 11.0 12.0 24.0
Channel / Max Power Table
1 O=15 D=20, 2 O=15 D=20, 3 O=15 D=20, 4 O=15 D=20, 5 O=15 D=20
6 O=15 D=20, 7 O=15 D=20, 8 O=15 D=20, 9 O=15 D=20, 10 O=15 D=20
11 O=15 D=20
Data Rate Sensitivity (rate, SNR dB, Contention dBm)
( 1.0, 1, -98) ( 2.0, 7, -94) ( 5.5, 9, -92) (11.0, 16, -86)
( 6.0, 7, -92) ( 9.0, 14, -87) (12.0, 12, -87) (18.0, 15, -84)
(24.0, 17, -82) (36.0, 24, -76) (48.0, 29, -73) (54.0, 33, -69)
Radio Management (RM) Configuration:
Regular AP RM Mode 1 Temp Setting Disabled
Temp Settings: AP Tx Power 0 AP Tx Channel 0 Client Tx Power 0
Rates:
Saved Settings: AP Tx Power 0 AP Tx Channel 1 Client Tx Power 0
Rates:
MCST RSCs: [0]0x0 [1]0x0 [2]0x0 [3]0x0 [4]0x0
TKIP Cum Stats: STA MIC-L-Errs MIC-R-Errs Replay C-Measure
0000.0000.0000 00000000 00000000 00000000 00000000
AES-CCMP Cum Stats: 00000000 replays discarded
QBSS Load: 0x0
Policing Stats:Rx downgardes 0, Tx downgrades 0
Configured Local Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 6 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 1 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 1 admission-control Off txop 1504
Configured Cell Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 10 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 2 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 2 admission-control Off txop 1504
Transmit queues: Active 0 In Progress 0
---- Active --- In-Progress --------------- Counts --------------
Cnt Quo Bas Max Cnt Quo Bas Sent Discard Fail Retry Multi
Uplink 0 0 0 0 0 0 0 0 0 0 0 0
Voice 0 0 0 0 0 0 0 55 0 0 1 1
Video 0 0 0 0 0 0 0 0 0 0 0 0
Best 0 3 70 3 0 3 24 7937 0 0 127 12
Mcast 0 0 0 0 0 0 0 329 0 0 0 0
Mcast 0 0 0 0 0 0 0 30 0 0 0 0
Back 0 0 0 0 0 0 0 329 0 0 0 0
BSSIDS Index Flags State Next Held Defer NonDefer Clients Tsf Dtim Txq
8D50 0 20 0 0 0 0 0 0 200 2 0
8D51 1 20 0 0 0 0 0 0 150 2 1
UP ClientQAged AcQAged PacketAged Drop Retry/Thresh Timeout CQMax
7 0 0 0 3/100 0/500 35 4
6 0 0 0 3/100 0/500 35 4
5 0 0 0 3/100 0/500 35 4
4 0 0 0 3/100 0/500 35 4
3 0 0 0 3/100 0/500 35 4
2 0 0 0 3/100 0/500 35 4
1 0 0 0 3/100 0/500 35 4
Driver TX blocks: in use 0, high 10, at reset 0, fail 0, reclaim 0
Clients: 8021x auth in prog 0 allowed 0
Vlan BSSID Clients PSP Pri Encr Key0 Key1 Key2 Key3 SSIDs
0 8D50 0 0 0 0 234 x128
1n 8D50 0 0 0 0 234 x128 WLAN_Corporate
2 8D51 1 0 0 0 0 WLAN_HartKitGuest
0 0 flags 3
1 1 flags 3
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
17 0 flags 0
18 0 flags 0
Registers: io E8000000 mem 80000000 aux A0000000
0000 FF50 0000 0000 0021 0000 0000 0000
0001 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0500 0007 0000 0000 0808 09E8 0000 0504
0000 0000 0000 0000 0424 0059 E2ED 2D9D
00000000 00000200 20000200 FFFFFFFF F7FFFFFF 00000000 00000000 00200000
FFFFFFE2 00000FFF 72ED14BD 4A040401 00000000 00000000 00008000 00008080
00000000 00000000 00000000 00000000 00008F78 000012DC 00000000 0000C0EA
Radio running: temp 0 C tx_power 100 bb_code 0x0
rssi_threshold 0x0 gain offset 0
Antenna: external , gain 20 (platform 0, domain class A)
PCI sys_id: 0xA506 subsys_id 0x5100 (0x5101)
Unicast ciphers 0x1 mcast ciphers 0x1
Rid Ring:
A0000970: 009C8000 20ED1EA0 * n
Rx Ring:
A0000950: 893E0002 20ED3478 v, 893E0002 20EDEE60 v
A0000960: 893E0002 20EE4B54 v, 893E0002 20EDB068 * v
Tx Ring:
A0000800: 06108000 20ECFCE4 n, 009A8000 20ECD764 n
A0000810: 00AE8000 20ECF064 n, 010C8000 20ECD124 n
A0000820: 010C8000 20ECCE04 n, 010C8000 20ECE0C4 n
A0000830: 010C8000 20ECED44 n, 00668000 20ECB174 n
A0000840: 006A8000 20ECCA64 n, 010C8000 20ECDDA4 n
A0000850: 010C8000 20ECF6A4 n, 01848000 20ECF9C4 n
A0000860: 022A8000 20ECCE04 n, 01848000 20ECF9C4 n
A0000870: 06158000 20ED113C n, 01848000 20ECE3E4 n
A0000880: 022A8000 20ECF064 * n, 01188000 20ECD124 n
A0000890: 05688000 20ED0A74 n, 057C8000 20ED03AC n
A00008A0: 010C8000 20ECED44 n, 010C8000 20ECDDA4 n
A00008B0: 010C8000 20ECF6A4 n, 010C8000 20ECF9C4 n
A00008C0: 00748000 20ECB054 n, 05FC8000 20ED1804 n
TxDn Ring:
A0000930: 802C0000 20ED26A0 v, 802C0000 20ED2778 v
A0000940: 802C0000 20ED2850 * v, 802C0000 20ED2928 v
Multicast counters:
Internal MC counts:
28 (28) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0)
Log Buffer:
PowerPC405GP Ethernet unit 0
PHY Hardware is Intel LXT971 rev. 2 (id_register: 0x13, 0x78E2)
rx_intr: 0 tx_intr: 0 mac_err_isr: 0 phy_link_isr:0
Current station address 0012.d98b.0993, default address 0012.d98b.0993
MAL register dump:
malcr 0x0007C082 0x180
malesr 0x00000000 0x181
malier 0x0000000F 0x182
maltxcasr 0x80000000 0x184
maltxcarr 0x80000000 0x185
maltxeobisr 0x00000000 0x186
maltxdeir 0x00000000 0x187
malrxcasr 0x80000000 0x190
malrxcarr 0x80000000 0x191
malrxeobisr 0x00000000 0x192
malrxdeir 0x00000000 0x193
maltxctp0r 0x00EE6120 0x1A0
malrxctp0r 0x00EE6020 0x1C0
malrcbs0 0x00000060 0x1E0
EMAC register dump:
emacmr0 0x18000000 0x00
emacmr1 0xA1788000 0x04
emactmr0 0x00000000 0x08
emactmr1 0x380F0000 0x0C
emacrmr 0x7D180000 0x10
emacisr 0x00000002 0x14
emacier 0x00000001 0x18
emaciah 0x00000012 0x1C
emacial 0xD98B0993 0x20
emacptr 0x0000FFFF 0x2C
emaclsah 0x00000040 0x50
emaclsal 0x2B637E9B 0x54
emacipgr 0x00000004 0x58
emacstacr 0x47808011 0x5C
emactrtr 0x18000000 0x60
emacrwmr 0x0F002000 0x64
emacoctx 0x0132EA47 0x68
emacocrx 0x00C72D8B 0x6C
UIC register dump:
uicsr 0x00001FA3 0xC0
uicer 0x803F0048 0xC2
uicmsr 0x00000000 0xC6
PHY register dump:
3100 782D 0013 78E2 01E1 41E1 0007 2001 0000 0000 0000 0000 0000 0000 0000 0000
0384 4780 0032 0000 0422 0000 0000 0000 0000 0000 08C8 0000 0000 0000 0000
RX ring with 16 entries at 0xEE6020, Buffer size 1528
Rxhead = 0xEE6048 (5), Rxp = 0xB67360 (5)
00 pak=0x0B6D644 buf=0x0EF2BDC status=9C00 pak_size=0
01 pak=0x0B6CCA8 buf=0x0EF17A8 status=9C00 pak_size=0
02 pak=0x0B68C98 buf=0x0EE90F8 status=9C00 pak_size=0
03 pak=0x0B6BCA4 buf=0x0EEF5FC status=9C00 pak_size=0
04 pak=0x0B6DFE0 buf=0x0EF4010 status=9C00 pak_size=0
05 pak=0x0B6CFDC buf=0x0EF1E64 status=9C00 pak_size=0
06 pak=0x0B6C640 buf=0x0EF0A30 status=9C00 pak_size=0
07 pak=0x0B682FC buf=0x0EE7CC4 status=9C00 pak_size=0
08 pak=0x0B6E648 buf=0x0EF4D88 status=9C00 pak_size=0
09 pak=0x0B6E97C buf=0x0EF5444 status=9C00 pak_size=0
10 pak=0x0B6ECB0 buf=0x0EF5B00 status=9C00 pak_size=0
11 pak=0x0B6ACA0 buf=0x0EED450 status=9C00 pak_size=0
12 pak=0x0B68630 buf=0x0EE8380 status=9C00 pak_size=0
13 pak=0x0B6D310 buf=0x0EF2520 status=9C00 pak_size=0
14 pak=0x0B6C974 buf=0x0EF10EC status=9C00 pak_size=0
15 pak=0x0B6B63C buf=0x0EEE884 status=DC00 pak_size=0
TX ring with 8 entries at 0xEE6120, tx_count = 0
tx_head = 0xEE6148 (5), head_txp = 0xB673BC (5)
tx_tail = 0xEE6148 (5), tail_txp = 0xB673BC (5)
00 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
01 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
02 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
03 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
04 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
05 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
06 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
07 pak=0x0000000 buf=0x0000000 status=5400 pak_size=0
0 missed datagrams, 0 overruns
0 transmitter underruns, 0 excessive collisions
0 single collisions, 0 multiple collisions
0 dma memory errors, 0 CRC errors
0 alignment errors, 0 runts, 0 giants
emac/mal specific errors:
0 rx in range, 0 rx out range
0 mal_rx_serr, 0 mal_tx_serr
0 mal_rx_de, 0 mal_tx_de
0 emac_int
0 mal_err_isr
0 SQE errors, 0 tx CRC errors
0 output queue fail
------------------ show data-corruption ------------------
No data inconsistency errors have been recorded.
------------------ show file systems ------------------
File Systems:
Size(b) Free(b) Type Flags Prefixes
* 7741440 2734080 flash rw flash:
- - opaque rw bs:
7741440 2734080 unknown rw zflash:
- - opaque rw archive:
- - opaque rw system:
32768 29138 nvram rw nvram:
- - network rw tftp:
- - opaque rw null:
- - opaque ro xmodem:
- - opaque ro ymodem:
- - network rw rcp:
- - network rw ftp:
- - network rw http:
- - network rw scp:
- - network rw https:
------------------ show flash: ------------------
Directory of flash:/
2 -rwx 1048 Oct 15 2010 12:07:29 -04:00 private-multiple-fs
5 drwx 512 Oct 15 2010 10:36:30 -04:00 c1200-k9w7-mx.123-8.JEB1
4 -rwx 716 Feb 28 2002 19:06:22 -05:00 env_vars
146 -rwx 2549 Oct 15 2010 12:07:29 -04:00 config.txt
148 -rwx 5 Oct 15 2010 12:07:29 -04:00 private-config
7741440 bytes total (2734080 bytes free)
------------------ dir nvram: ------------------
Directory of nvram:/
30 -rw- 2549 <no date> startup-config
31 ---- 5 <no date> private-config
1 -rw- 0 <no date> ifIndex-table
32768 bytes total (29138 bytes free)
------------------ show memory statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431436 2278064 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show process memory ------------------
Total: 5975164, Used: 2899444, Free: 3075720
PID TTY Allocated Freed Holding Getbufs Retbufs Process
0 0 3373064 827724 1898920 0 0 *Init*
0 0 11804 7372856 11804 0 0 *Sched*
0 0 66125428 65999528 293168 434276 0 *Dead*
1 0 0 0 6416 0 0 Chunk Manager
2 0 188 188 3916 0 0 Load Meter
3 0 448120 443220 18392 0 0 HTTP CP
4 0 19548 0 25964 0 0 Check heaps
5 0 86364 207192 37368 49920 137052 Pool Manager
6 0 0 0 6416 0 0 AAA_SERVER_DEADT
7 0 188 188 6416 0 0 Timers
8 0 188 188 6416 0 0 AAA high-capacit
9 0 488 0 6904 0 0 SNTP
10 0 76 0 6492 0 0 ARP Input
11 0 3232 540 9108 0 0 Entity MIB API
12 0 0 0 6416 0 0 HC Counter Timer
13 0 188 188 6416 0 0 GraphIt
14 0 0 0 6416 0 0 Net Input
15 0 0 0 6416 0 0 Critical Bkgnd
16 0 19648 136 12180 0 0 Net Background
17 0 188 188 11916 0 0 Logger
18 0 188 188 6416 0 0 TTY Background
19 0 0 0 9916 0 0 Per-Second Jobs
20 0 188 188 6416 0 0 Compute load avg
21 0 0 0 6416 0 0 Per-minute Jobs
22 0 125880 59144 52956 0 0 Dot11 driver
23 0 188 188 6416 0 0 Dot11 driver log
24 0 0 0 6416 0 0 Voice Metrics Ta
25 0 0 0 6416 0 0 SOAP LED Process
26 0 188 188 6416 0 0 AAA Server
27 0 0 0 6416 0 0 AAA ACCT Proc
28 0 0 0 6416 0 0 ACCT Periodic Pr
29 0 2343100 10891400 16904 0 7173144 IP Input
30 0 0 0 6416 0 0 ICMP event handl
31 0 188 188 6416 0 0 AAA Dictionary R
32 0 47124 44272 9200 0 0 CDP Protocol
33 0 0 0 6416 0 0 linktest
34 0 964 964 9916 0 0 Dot11 aaa proces
35 0 0 0 9916 0 0 pmkid
36 0 188 6404 6416 0 0 Dot11 Mgmt & Ass
37 0 1636 1224 6644 0 0 AiroIAPP Protoco
38 0 188 188 6416 0 0 Triggered events
39 0 188 188 9916 0 0 Dot11 auth Dot1x
40 0 0 0 6416 0 0 Dot11 Mac Auth
41 0 1276 0 7692 0 0 Dot11CACprocess
42 0 0 1285716 11916 0 0 TCP Timer
43 0 0 0 11916 0 0 TCP Protocols
44 0 0 0 6416 0 0 Socket Timers
45 0 41144 11308 23364 0 0 DHCPD Receive
46 0 58666708 40499364 31400 6957504 101520 HTTP CORE
47 0 1072 188 12800 0 0 Soap Upgrade fet
48 0 10608 188 16836 0 0 DDP
49 0 344168 1754412 6416 0 0 LOCAL AAA
50 0 188 188 6416 0 0 AAA Cached Serve
51 0 188 188 6416 0 0 ENABLE AAA
52 0 188 188 6416 0 0 LINE AAA
54 0 2056 188 8284 0 0 TPLUS
55 0 604 188 9332 0 0 Crypto WUI
56 0 0 0 6416 0 0 EM Background Pr
57 0 188 308 6416 0 0 Soap Consoleless
58 0 72384 66968 14332 0 0 Crypto CA
59 0 0 0 8916 0 0 Crypto PKI-CRL
60 0 0 0 8916 0 0 Crypto SSL
61 0 2056 15044 6416 0 0 AAA SEND STOP EV
62 0 188 188 6416 0 0 Dot11 LBS Proc
63 0 0 0 6416 0 0 Syslog Traps
65 0 0 0 6416 0 0 DHCPD Timer
66 0 76 484 9992 0 0 DHCP Client
67 0 636960 188 22156 421308 0 HyBridge Input P
68 0 344 188 6588 0 0 Tbridge Monitor
69 0 344 188 6572 0 0 Spanning Tree
70 0 156 0 6628 0 0 DHCPD Database
2897284 Total
------------------ show process cpu ------------------
CPU utilization for five seconds: 16%/0%; one minute: 4%; five minutes: 1%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 0 1 0 0.00% 0.00% 0.00% 0 Chunk Manager
2 4 1196 3 0.00% 0.00% 0.00% 0 Load Meter
3 369 40 9225 0.00% 0.00% 0.00% 0 HTTP CP
4 764 611 1250 0.00% 0.00% 0.00% 0 Check heaps
5 9 44 204 0.00% 0.00% 0.00% 0 Pool Manager
6 0 1 0 0.00% 0.00% 0.00% 0 AAA_SERVER_DEADT
7 0 2 0 0.00% 0.00% 0.00% 0 Timers
8 0 9 0 0.00% 0.00% 0.00% 0 AAA high-capacit
9 8 158 50 0.00% 0.00% 0.00% 0 SNTP
10 1034 5268 196 0.00% 0.02% 0.00% 0 ARP Input
11 2 2 1000 0.00% 0.00% 0.00% 0 Entity MIB API
12 2 1494 1 0.00% 0.00% 0.00% 0 HC Counter Timer
13 2 5973 0 0.00% 0.00% 0.00% 0 GraphIt
14 0 11 0 0.00% 0.00% 0.00% 0 Net Input
15 0 1 0 0.00% 0.00% 0.00% 0 Critical Bkgnd
16 34 1906 17 0.00% 0.00% 0.00% 0 Net Background
17 4 101 39 0.00% 0.00% 0.00% 0 Logger
18 24 5969 4 0.00% 0.00% 0.00% 0 TTY Background
19 5 5998 0 0.00% 0.00% 0.00% 0 Per-Second Jobs
20 0 1196 0 0.00% 0.00% 0.00% 0 Compute load avg
21 433 127 3409 0.00% 0.00% 0.00% 0 Per-minute Jobs
22 587 181376 3 0.00% 0.00% 0.00% 0 Dot11 driver
23 0 2 0 0.00% 0.00% 0.00% 0 Dot11 driver log
24 2 1200 1 0.00% 0.00% 0.00% 0 Voice Metrics Ta
25 44 39944 1 0.00% 0.00% 0.00% 0 SOAP LED Process
26 238 3309 71 0.00% 0.00% 0.00% 0 AAA Server
27 0 1 0 0.00% 0.00% 0.00% 0 AAA ACCT Proc
28 0 1 0 0.00% 0.00% 0.00% 0 ACCT Periodic Pr
29 10607 39208 270 0.31% 0.16% 0.09% 0 IP Input
30 0 1 0 0.00% 0.00% 0.00% 0 ICMP event handl
31 0 2 0 0.00% 0.00% 0.00% 0 AAA Dictionary R
32 96 999 96 0.00% 0.00% 0.00% 0 CDP Protocol
33 2 5997 0 0.00% 0.00% 0.00% 0 linktest
34 14 115 121 0.00% 0.00% 0.00% 0 Dot11 aaa proces
35 1 100 10 0.00% 0.00% 0.00% 0 pmkid
36 116 2261 51 0.00% 0.00% 0.00% 0 Dot11 Mgmt & Ass
37 18 7228 2 0.00% 0.00% 0.00% 0 AiroIAPP Protoco
38 0 2 0 0.00% 0.00% 0.00% 0 Triggered events
39 0 2 0 0.00% 0.00% 0.00% 0 Dot11 auth Dot1x
40 0 1 0 0.00% 0.00% 0.00% 0 Dot11 Mac Auth
41 2 1200 1 0.00% 0.00% 0.00% 0 Dot11CACprocess
42 59 2009 29 0.00% 0.00% 0.00% 0 TCP Timer
43 0 1 0 0.00% 0.00% 0.00% 0 TCP Protocols
44 0 1 0 0.00% 0.00% 0.00% 0 Socket Timers
45 14 54 259 0.00% 0.00% 0.00% 0 DHCPD Receive
46 48468 30304 1599 9.35% 1.66% 0.36% 0 HTTP CORE
47 0 2 0 0.00% 0.00% 0.00% 0 Soap Upgrade fet
48 0 2 0 0.00% 0.00% 0.00% 0 DDP
49 707 3309 213 0.00% 0.02% 0.00% 0 LOCAL AAA
50 1 2 500 0.00% 0.00% 0.00% 0 AAA Cached Serve
51 0 2 0 0.00% 0.00% 0.00% 0 ENABLE AAA
52 0 2 0 0.00% 0.00% 0.00% 0 LINE AAA
54 0 2 0 0.00% 0.00% 0.00% 0 TPLUS
55 0 3 0 0.00% 0.00% 0.00% 0 Crypto WUI
56 0 1 0 0.00% 0.00% 0.00% 0 EM Background Pr
57 1 3 333 0.00% 0.00% 0.00% 0 Soap Consoleless
58 6 4 1500 0.00% 0.00% 0.00% 0 Crypto CA
59 0 1 0 0.00% 0.00% 0.00% 0 Crypto PKI-CRL
60 0 1 0 0.00% 0.00% 0.00% 0 Crypto SSL
61 3 16 187 0.00% 0.00% 0.00% 0 AAA SEND STOP EV
62 0 2 0 0.00% 0.00% 0.00% 0 Dot11 LBS Proc
63 0 1 0 0.00% 0.00% 0.00% 0 Syslog Traps
65 0 50 0 0.00% 0.00% 0.00% 0 DHCPD Timer
66 8 6027 1 0.00% 0.00% 0.00% 0 DHCP Client
67 8349 84826 98 0.55% 0.17% 0.10% 0 HyBridge Input P
68 14 6744 2 0.00% 0.00% 0.00% 0 Tbridge Monitor
69 0 2 0 0.00% 0.00% 0.00% 0 Spanning Tree
70 0 1690 0 0.00% 0.00% 0.00% 0 DHCPD Database
------------------ show process cpu history ------------------
AP_WLAN_Bakery 12:32:06 PM Friday Oct 15 2010 -0400
1133333
667777766666
100
90
80
70
60
50
40 *****
30 *****
20 *******
10 ************
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per second (last 60 seconds)
7 37 78 7 8
11 121961 87 1 3 1 1
100
90 *
80 ** *
70 * * ** * *
60 * * ** * *
50 * * ** * *
40 * ** ** * *
30 * ** ** * *
20 * ** #* * *
10 #*## ## # #
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%
8
8
100
90 *
80 *
70 *
60 *
50 *
40 *
30 *
20 *
10 *
0....5....1....1....2....2....3....3....4....4....5....5....6....6....7.
0 5 0 5 0 5 0 5 0 5 0 5 0
CPU% per hour (last 72 hours)
* = maximum CPU% # = average CPU%
------------------ show dot11 associations all-client ------------------
------------------ show wlccp ap mobility traffic ------------------
------------------ show wlccp ap mobility forwarding ------------------
------------------ show inventory ------------------
NAME: "AP1210", DESCR: "Cisco Aironet 1200 Series Access Point"
PID: ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ, VID: ÿÿÿ, SN: FTX0902R2V1
------------------ Mempool statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431000 2278500 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show memory summary -----------------
Processor memory
Alloc PC Size Blocks Bytes What
0x4790 0000000080 0000000001 0000000080 ACL Header
0x47A4 0000000024 0000000001 0000000024 Init
0x9FD4 0000000036 0000000001 0000000036 Init
0x9FFC 0000000040 0000000001 0000000040 Init
0xA018 0000000024 0000000001 0000000024 Init
0xA040 0000000036 0000000001 0000000036 Init
0xA134 0000000060 0000000001 0000000060 Init
0xF9D0 0000000024 0000000001 0000000024 HTTP CP
0xFAF8 0000000024 0000000001 0000000024 HTTP CP
0xFB6C 0000000076 0000000001 0000000076 HTTP CP
0xFC04 0000000024 0000000001 0000000024 HTTP CP
0xFC60 0000000028 0000000001 0000000028 HTTP CP
0xFD58 0000000024 0000000001 0000000024 Init
0xFDC4 0000000024 0000000001 0000000024 Init
0xFF2C 0000000036 0000000001 0000000036 HTTP CP
0xFF2C 0000000044 0000000001 0000000044 HTTP CP
0x11034 0000000024 0000000001 0000000024 Init
0x15750 0000004096 0000000001 0000004096 Init
0x1DD08 0000000120 0000000001 0000000120 Ion New Block
0x1F474 0000000024 0000000001 0000000024 LOGIN UNC PW
0x1F474 0000000056 0000000001 0000000056 LOGIN PWC (Free Blocks)
0x1F610 0000000080 0000000001 0000000080 local_aaa_authen2 (Free Blocks)
0x24F64 0000004784 0000000001 0000004784 (coalesced) (Free Blocks)
0x24F64 0000013956 0000000001 0000013956 (coalesced) (Free Blocks)
0x264F4 0000000512 0000000001 0000000512 Init
0x2CDF8 0000004312 0000000001 0000004312 TTY data
0x2E994 0000001500 0000000001 0000001500 String-DB entries
0x2E9BC 0000001500 0000000001 0000001500 String-DB owners
0x2E9E4 0000000776 0000000001 0000000776 String-DB handles
0x2E9FC 0000001024 0000000001 0000001024 String DB Hash Table
0x2F154 0000000024 0000000002 0000000048 SDB String
0x2F714 0000000176 0000000001 0000000176 SDB Owner info
0x2FF28 0000004312 0000000006 0000025872 TTY data
0x336E8 0000002000 0000000001 0000002000 TTY Input Buf
0x33720 0000000512 0000000001 0000000512 TTY Output Buf
0x3E6C0 0000000052 0000000003 0000000156 MAC ADDR subblock
0x40DA8 0000003000 0000000002 0000006000 keepalive sb chunk
0x42490 0000065536 0000000001 0000065536 Parseinfo Blocks
0x424B8 0000000364 0000000001 0000000364 tokenQ node
0x424E0 0000000432 0000000001 0000000432 Chain Cache Nodes
0x42508 0000032768 0000000001 0000032768 Parse Nodes
0x46E18 0000000120 0000000001 0000000120 Init
0x47028 0000000060 0000000001 0000000060 Init
0x47458 0000000024 0000000034 0000000816 Init
0x4755C 0000010000 0000000001 0000010000 Parser Linkage
0x47938 0000000056 0000000053 0000002968 Parser Mode
0x47938 0000000108 0000000001 0000000108 Parser Mode
0x479A4 0000000024 0000000054 0000001296 Parser Mode Q1
0x479C8 0000000024 0000000054 0000001296 Parser Mode Q2
0x49FA8 0000000432 0000000001 0000000432 Chain Cache No
0x4A070 0000000432 0000000009 0000003888 Chain Cache No
0x4A070 0000000432 0000000001 0000000432 Chain Cache No (Free Blocks)
0x4A070 0000000548 0000000001 0000000548 (coalesced) (Free Blocks)
0x4A160 0000000432 0000000001 0000000432 Chain Cache No
0x4FCD4 0000000256 0000000001 0000000256 HTTP CP
0x548F4 0000000032 0000000016 0000000512 Parser Alias
0x54924 0000000024 0000000016 0000000384 Init
0x5C338 0000004616 0000000001 0000004616 (coalesced) (Free Blocks)
0x5D464 0000000024 0000000001 0000000024 HTTP CP
0x5D4E4 0000000024 0000000001 0000000024 HTTP CP
0x65394 0000000024 0000000008 0000000192 Cond Debug definition
0x698F0 0000000068 0000000003 0000000204 GraphIt Data
0x6990C 0000001316 0000000003 0000003948 Graphit Client
0x69920 0000000024 0000000002 0000000048 Init
0x69920 0000000032 0000000001 0000000032 Init
0x73254 0000000164 0000000002 0000000328 Init
0x73278 0000000164 0000000002 0000000328 Init
0x7329C 0000000164 0000000002 0000000328 Init
0x7B12C 0000000164 0000000001 0000000164 Init
0x7B150 0000000164 0000000001 0000000164 Init
0x7B174 0000000164 0000000001 0000000164 Init
0x83E48 0000000060 0000000001 0000000060 HTTP CP
0x842C0 0000000044 0000000001 0000000044 HTTP CP
0x86C40 0000032772 0000000001 0000032772 Init
0x8AD2C 0000000024 0000000002 0000000048 AAA Secrettype
0x8AD64 0000000024 0000000002 0000000048 AAA Secrettype encrypt
0x8ADD0 0000000024 0000000002 0000000048 AAA_Secrettype pw
0x8B254 0000000192 0000000002 0000000384 AAA SG HEAD
0x8B294 0000000024 0000000002 0000000048 AAA SG NAME
0x8BFA8 0000000060 0000000001 0000000060 AAA MI SG NAME
0x8D1AC 0000003200 0000000001 0000003200 AAA attr list handle IDs
0x8DBA8 0000001024 0000000001 0000001024 AAA attr list handle IDs
0x9AE18 0000004096 0000000001 0000004096 AAA Unique Id Hash Table
0x9AED8 0000065536 0000000001 0000065536 AAA DB Chunk
0x9EFE8 0000020000 0000000001 0000020000 AAA Acct DB chunk
0xA0EA0 0000016336 0000000001 0000016336 AAA Acct Rec chunk
0xAFBC4 0000002048 0000000001 0000002048 AAA SG ID table
0xAFE78 0000001024 0000000003 0000003072 AAA SG ID table
0xB3D68 0000000032 0000000001 0000000032 Init
0xB4388 0000000024 0000000001 0000000024 AAA nvgend sg elt
0xB4388 0000000052 0000000001 0000000052 AAA nvgend sg elt
0xB43C0 0000000132 0000000002 0000000264 AAA Public Server Group
0xB4400 0000000028 0000000002 0000000056 AAA Public Server Group wrapper
0xB4448 0000000024 0000000002 0000000048 AAA pub SG servers
0xB44CC 0000000024 0000000002 0000000048 AAA pub SG wrap name
0xB4510 0000000024 0000000002 0000000048 AAA pub SG name
0xBC014 0000000776 0000000275 0000213400 *Free Packet Header*
0xBC014 0000000788 0000000001 0000000788 *Free Packet Header*
0xBC014 0000000804 0000000001 0000000804 *Free Packet Header*
0xBC014 0000000828 0000000001 0000000828 *Free Packet Header*
0xBC014 0000001408 0000000001 0000001408 (coalesced) (Free Blocks)
0xBC014 0000008480 0000000001 0000008480 (coalesced) (Free Blocks)
0xBCA88 0000000776 0000000003 0000002328 *In-use Packet Header*
0xC1274 0000004000 0000000001 0000004000 Packet Elements
0xC3B00 0000000184 0000000001 0000000184 IRB/CRB rxtypes
0xC3EE4 0000004712 0000000005 0000023560 *Hardware IDB*
0xC3EFC 0000001400 0000000005 0000007000 *Software IDB*
0xC4440 0000000024 0000000003 0000000072 HTTP CP
0xC4440 0000000076 0000000001 0000000076 HTTP CP
0xC4494 0000000024 0000000003 0000000072 HTTP CP
0xC4494 0000000080 0000000001 0000000080 HTTP CP
0xC4580 0000000184 0000000004 0000000736 IRB/CRB rxtypes
0xC4948 0000000048 0000000001 0000000048 HTTP CP
0xC4948 0000000052 0000000001 0000000052 HTTP CP
0xC4CB8 0000001400 0000000004 0000005600 *Software IDB*
0xC5864 0000000024 0000000004 0000000096 Init
0xC58E0 0000000024 0000000004 0000000096 Init
0xC8118 0000000032 0000000004 0000000128 IP Input
0xED1F0 0000035292 0000000001 0000035292 IDB List Element Chunks
0xFF3C0 0000000024 0000000059 0000001416 Init
0xFF7C4 0000000104 0000000008 0000000832 Init
0xFF7D4 0000000024 0000000006 0000000144 Init
0xFF7D4 0000000076 0000000001 0000000076 Init
0xFF7D4 0000000080 0000000001 0000000080 Init
0xFF8F4 0000000024 0000000001 0000000024 Init
0xFF9A4 0000000024 0000000007 0000000168 Init
0x102F38 0000010000 0000000001 0000010000 AAA chunk
0x103140 0000004616 0000000001 0000004616 AAA Acct AVLnode chunk
0x107F7C 0000000100 0000000001 0000000100 AAA MLIST
0x1081E8 0000000092 0000000001 0000000092 AAA MLIST
0x108A7C 0000001024 0000000002 0000002048 AAA mlist ID table
0x118430 0000001500 0000000007 0000010500 List Elements
0x119688 0000001500 0000000001 0000001500 List Elements
0x1196C8 0000005000 0000000001 0000005000 List Headers
0x11D7D4 0000001032 0000000001 0000001032 Process Array
0x11F5B0 0000000640 0000000068 0000043520 Process
0x11F5B0 0000000856 0000000001 0000000856 (coalesced) (Free Blocks)
0x1213A8 0000001500 0000000001 0000001500 Watched Semaph
0x1219A4 0000000144 0000000064 0000009216 Process Events
0x1219A4 0000000160 0000000002 0000000320 Process Events
0x1219A4 0000000172 0000000001 0000000172 Process Events
0x1219A4 0000000200 0000000001 0000000200 Process Events
0x1219A4 0000000208 0000000001 0000000208 Process Events
0x1219A4 0000000256 0000000001 0000000256 (coalesced) (Free Blocks)
0x1219A4 0000000432 0000000001 0000000432 (coalesced) (Free Blocks)
0x1219A4 0000000556 0000000001 0000000556 (coalesced) (Free Blocks)
0x123C24 0000001500 0000000001 0000001500 messages
0x123C50 0000001500 0000000001 0000001500 Watched messages
0x123C7C 0000010000 0000000001 0000010000 Watched Queue
0x123CA4 0000005000 0000000001 0000005000 Watched Boolean
0x123CCC 0000005000 0000000001 0000005000 Watched Bitfield
0x123CF4 0000001500 0000000001 0000001500 Watched Semaphore
0x123D18 0000005000 0000000001 0000005000 Watcher Info
0x123D40 0000000500 0000000001 0000000500 Watched Message Queue
0x123D68 0000001500 0000000001 0000001500 Watcher Message Queue
0x123D90 0000003000 0000000001 0000003000 Read/Write Locks
0x126050 0000002000 0000000001 0000002000 Reg Function 12
0x126078 0000001500 0000000001 0000001500 Reg Function iList
0x1260A0 0000001500 0000000001 0000001500 Reg Function Caselist
0x126118 0000002000 0000000005 0000010000 Reg Function 1
0x12657C 0000002000 0000000001 0000002000 Reg Function 1
0x129F50 0000000024 0000000002 0000000048 *Sched*
0x129F50 0000000032 0000000001 0000000032 *Sched*
0x129F50 0000000044 0000000008 0000000352 *Sched*
0x12A228 0000000256 0000000001 0000000256 Init
0x12C5F8 0000003000 0000000001 0000003000 CCA CCB chunks
0x12CDBC 0000000048 0000000008 0000000384 CCA Component
0x12CE24 0000000024 0000000007 0000000168 CCA Notification Flags
0x12CE24 0000000048 0000000001 0000000048 CCA Notification Flags
0x12CE84 0000003000 0000000008 0000024000 Keepalive
0x12CFF4 0000000024 0000000003 0000000072 CCA UserType
0x12D0A8 0000003000 0000000001 0000003000 CCA CLA chunks
0x1301C0 0000000024 0000000001 0000000024 TW Wheels
0x130200 0000016384 0000000003 0000049152 TW Buckets
0x13AA18 0000000112 0000000006 0000000672 Process Signals
0x13B01C 0000003000 0000000001 0000003000 Process Stack
0x13B01C 0000005500 0000000049 0000269500 Process Stack
0x13B01C 0000008000 0000000004 0000032000 Process Stack
0x13B01C 0000009000 0000000006 0000054000 Process Stack
0x13B01C 0000011000 0000000009 0000099000 Scheduler Stack
0x13B01C 0000018000 0000000001 0000018000 Interrupt Stack
0x13B01C 0002125900 0000000001 0002125900 (coalesced) (Free Blocks)
0x14F6BC 0000020000 0000000001 0000020000 Managed Chunk Queue Elements
0x151870 0000000068 0000000001 0000000068 (fragment) (Free Blocks)
0x1559A8 0000000296 0000000008 0000002368 Pool Info
0x155F84 0000000032 0000000001 0000000032 Pool Cache
0x15AF2C 0000000264 0000000001 0000000264 CLASSMAP_MODULE
0x15B7B0 0000000104 0000000001 0000000104 CLASSMAP_MODULE
0x15B8D0 0000000136 0000000001 0000000136 CLASSMAP_MODULE
0x15B8F0 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x15BA20 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x1826A8 0000000256 0000000001 0000000256 Init
0x182B78 0000000256 0000000001 0000000256 Init
0x1875C0 0000000776 0000000002 0000001552 *In-use Packet Header*
0x188DF4 0000000288 0000000003 0000000864 SNTP
0x188DF4 0000000332 0000000001 0000000332 DDP
0x1904D0 0000000776 0000000001 0000000776 *In-use Packet Header*
0x193CB8 0000001184 0000000005 0000005920 TCP CB
0x193CB8 0000000728 0000000001 0000000728 (fragment) (Free Blocks)
0x1A86AC 0000003000 0000000001 0000003000 IP Addresses
0x1AE490 0000000024 0000000004 0000000096 HTTP CP
0x1AE490 0000000032 0000000001 0000000032 Dot11 driver
0x1AE490 0000000048 0000000001 0000000048 AiroIAPP Protocol
0x1AE490 0000000068 0000000001 0000000068 HTTP CP
0x1CDDA0 0000000280 0000000004 0000001120 Init
0x1CDDAC 0000000068 0000000004 0000000272 Init
0x1EB928 0000005000 0000000001 0000005000 ip localpool
0x1EFFC4 0000000024 0000000001 0000000024 Init
0x1F9E40 0000001652 0000000003 0000004956 HTTP CORE
0x1F9EC8 0000000128 0000000003 0000000384 DHCPD Receive
0x1FBF20 0000000172 0000000002 0000000344 DHCPD Receive
0x1FBF20 0000000232 0000000001 0000000232 HTTP CORE
0x1FBF20 0000000500 0000000001 0000000500 (coalesced) (Free Blocks)
0x1FF2DC 0000000040 0000000001 0000000040 DHCPD Receive
0x206B78 0000000024 0000000003 0000000072 Init
0x206BA8 0000000024 0000000003 0000000072 Init
0x20BE88 0000001500 0000000001 0000001500 Syslogd Messages chunk
0x20FEF0 0000000024 0000000001 0000000024 Init
0x221B18 0000010000 0000000001 0000010000 Time Range Entry Chunks
0x221B40 0000003000 0000000001 0000003000 Time Range Item Chunks
0x221B68 0000001500 0000000001 0000001500 Time Range User Chunks
0x2221E4 0000000036 0000000016 0000000576 Init
0x222214 0000000040 0000000016 0000000640 Init
0x2233CCHi,
if you remove "encryption mode ciphers aes-ccm tkip" from the radio interface does it help?
it should remain like this:
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it. -
I have a Problem with Romming Between SSIDs withing the same WLC but with deferent VLAN .
HI All,
I have a Problem with Romming Between SSIDs withing the same WLC but with deferent VLAN . the WLC are providing the HQ and one of the Branches the Wireless services .
Am using all the available 9 SSIDs at the HQ , and am using only 4 of it at the Brnche.
The problem that i have are happening only at the Branch office as i cant room between the SSIDs within Diferent VLANs but i can do it with the one that pointing to the same VLAN. Once the client ( Laptop/Phone ) connected to one of the SSIDs. it imposiible to have him connected to the other ones with Different VLAN. meanwhile, It says its connected to the other SSID but its not getting IP from that pool.
here is the Show Run-Config from my WLC .. and the Problem happening between the SSID AMOBILE and ASTAFF. i have the Debug while am switching between the SSIDs if needed .
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.11.04 10:20:47 =~=~=~=~=~=~=~=~=~=~=~=
show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "Cisco 5500 Series Wireless LAN Controller"
PID: AIR-CT5508-K9, VID: V01, SN: FCW1535L01G
Burned-in MAC Address............................ 30:E4:DB:1B:99:80
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 12
Press Enter to continue or <ctrl-z> to abort
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.235.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLAN Controller 5508
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 10.125.18.15
Last Reset....................................... Software reset
System Up Time................................... 41 days 5 hrs 14 mins 42 secs
System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada)
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... US - United States
--More or (q)uit current module or <ctrl-z> to abort
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +36 C
External Temperature............................. +20 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 10
Number of Active Clients......................... 61
Burned-in MAC Address............................ 30:E4:DB:1B:99:80
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 12
Press Enter to continue or <ctrl-z> to abort
AP Bundle Information
Primary AP Image Size
ap3g1 5804
ap801 5192
ap802 5232
c1100 3096
c1130 4972
c1140 4992
c1200 3364
c1240 4812
c1250 5512
c1310 3136
c1520 6412
c3201 4324
c602i 3716
Secondary AP Image Size
ap801 4964
c1100 3036
--More or (q)uit current module or <ctrl-z> to abort
c1130 4884
c1140 4492
c1200 3316
c1240 4712
c1250 5064
c1310 3084
c1520 5244
c3201 4264
Press Enter to continue or <ctrl-z> to abort
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Strong Password Check Features:
case-check ...........Enabled
consecutive-check ....Enabled
default-check .......Enabled
username-check ......Enabled
Press Enter to continue or <ctrl-z> to abort
Network Information
RF-Network Name............................. OGR
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Unicast
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Enabled
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
--More or (q)uit current module or <ctrl-z> to abort
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect ................... Disable
Fast SSID Change ........................... Enabled
AP Discovery - NAT IP Only ................. Enabled
IP/MAC Addr Binding Check .................. Enabled
Press Enter to continue or <ctrl-z> to abort
Port Summary
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE SFPType
1 Normal Forw Enable Auto 1000 Full Up Enable N/A 1000BaseTX
2 Normal Disa Enable Auto Auto Down Enable N/A Not Present
3 Normal Disa Enable Auto Auto Down Enable N/A Not Present
4 Normal Disa Enable Auto Auto Down Enable N/A Not Present
5 Normal Disa Enable Auto Auto Down Enable N/A Not Present
6 Normal Disa Enable Auto Auto Down Enable N/A Not Present
7 Normal Disa Enable Auto Auto Down Enable N/A Not Present
8 Normal Disa Enable Auto Auto Down Enable N/A Not Present
Press Enter to continue or <ctrl-z> to abort
AP Summary
Number of APs.................................... 8
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
KNOWLOGY_DC01 2 AIR-LAP1131AG-A-K9 00:1d:45:86:ed:4e KNOWLOGY_DC_Serv 1 US 1
KNOWLOGY_DC02 2 AIR-LAP1131AG-A-K9 00:21:d8:36:c5:c4 KNOWLOGY_DC_Serv 1 US 1
KN1252_AP01 2 AIR-LAP1252AG-A-K9 00:21:d8:ef:06:50 Knowlogy Confere 1 US 1
KN1252_AP02 2 AIR-LAP1252AG-A-K9 00:22:55:8e:2e:d4 Server Room Side 1 US 1
Anham_AP03 2 AIR-LAP1142N-A-K9 70:81:05:88:15:b5 default location 1 US 1
ANHAM_AP01 2 AIR-LAP1142N-A-K9 70:81:05:b0:e4:62 Small Conference 1 US 1
ANHAM_AP04 2 AIR-LAP1131AG-A-K9 00:1d:45:86:e1:b8 Conference room 1 US 1
ANHAM_AP02 2 AIR-LAP1142N-A-K9 70:81:05:96:7a:49 Copy Room 1 US 1
AP Tcp-Mss-Adjust Info
AP Name TCP State MSS Size
KNOWLOGY_DC01 disabled -
KNOWLOGY_DC02 disabled -
--More or (q)uit current module or <ctrl-z> to abort
KN1252_AP01 disabled -
KN1252_AP02 disabled -
Anham_AP03 disabled -
ANHAM_AP01 disabled -
ANHAM_AP04 disabled -
ANHAM_AP02 disabled -
Press Enter to continue or <ctrl-z> to abort
AP Location
Total Number of AP Groups........................ 3
Site Name........................................ ANHAM8075
Site Description................................. ANHAM 8075 Location
WLAN ID Interface Network Admission Control Radio Policy
1 knowlogy_ogr Disabled None
6 knowlogy_ogr Disabled None
9 knowlogy_ogr Disabled None
7 knowlogy_ogr Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
Anham_AP03 2 AIR-LAP1142N-A-K9 70:81:05:88:15:b5 default location 1 US 1
ANHAM_AP01 2 AIR-LAP1142N-A-K9 70:81:05:b0:e4:62 Small Conference 1 US 1
ANHAM_AP04 2 AIR-LAP1131AG-A-K9 00:1d:45:86:e1:b8 Conference room 1 US 1
ANHAM_AP02 2 AIR-LAP1142N-A-K9 70:81:05:96:7a:49 Copy Room 1 US 1
Site Name........................................ Knowlogy_DC
--More or (q)uit current module or <ctrl-z> to abort
Site Description................................. DC Center Access points
WLAN ID Interface Network Admission Control Radio Policy
2 knowlogy_ogr Disabled None
4 knowlogy_ogr Disabled None
3 knowlogy_ogr Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
KNOWLOGY_DC01 2 AIR-LAP1131AG-A-K9 00:1d:45:86:ed:4e KNOWLOGY_DC_Serv 1 US 1
KNOWLOGY_DC02 2 AIR-LAP1131AG-A-K9 00:21:d8:36:c5:c4 KNOWLOGY_DC_Serv 1 US 1
Site Name........................................ OGR
Site Description................................. 1934 OGR Office
WLAN ID Interface Network Admission Control Radio Policy
1 knowlogy_ogr Disabled None
2 knowlogy_ogr Disabled None
4 knowlogy_ogr Disabled None
6 knowlogy_ogr Disabled None
--More or (q)uit current module or <ctrl-z> to abort
7 knowlogy_ogr Disabled None
9 knowlogy_ogr Disabled None
8 knowlogy_ogr Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
KN1252_AP01 2 AIR-LAP1252AG-A-K9 00:21:d8:ef:06:50 Knowlogy Confere 1 US 1
KN1252_AP02 2 AIR-LAP1252AG-A-K9 00:22:55:8e:2e:d4 Server Room Side 1 US 1
Site Name........................................ default-group
Site Description................................. <none>
WLAN ID Interface Network Admission Control Radio Policy
1 knowlogy_ogr Disabled None
2 knowlogy_ogr Disabled None
3 knowlogy_ogr Disabled None
4 knowlogy_ogr Disabled None
5 knowlogy_ogr Disabled None
6 knowlogy_ogr Disabled None
7 knowlogy_ogr Disabled None
8 knowlogy_ogr Disabled None
--More or (q)uit current module or <ctrl-z> to abort
9 knowlogy_ogr Disabled None
10 management Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
Press Enter to continue or <ctrl-z> to abort
AP Config
Cisco AP Identifier.............................. 6
Cisco AP Name.................................... KNOWLOGY_DC01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:1d:45:86:ed:4e
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.100
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................ wireless.knowlogy.com
Primary Cisco Switch IP Address.................. 10.125.18.15
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or <ctrl-z> to abortIP Address.................. 10.125.18.15
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
--More or (q)uit current module or <ctrl-z> to abort
Reset Button..................................... Enabled
AP Serial Number................................. FTX1134T0QG
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 48 days, 20 h 19 m 18 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:33 2013
Join Taken Time.................................. 0 days, 00 h 10 m 47 s
--More or (q)uit current module or <ctrl-z> to abort
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211b
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:1d:71:09:8f:90
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
--More or (q)uit current module or <ctrl-z> to abort
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Level 6 .......................... 5 dBm
Tx Power Level 7 .......................... 2 dBm
Tx Power Level 8 .......................... -1 dBm
--More or (q)uit current module or <ctrl-z> to abort
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy DSSS parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 11
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11
Current CCA Mode .......................... 0
ED Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
--More or (q)uit current module or <ctrl-z> to abort
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Cisco AP Identifier.............................. 6
Cisco AP Name.................................... KNOWLOGY_DC01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:1d:45:86:ed:4e
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.100
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
--More or (q)uit current module or <ctrl-z> to abort
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................ wireless.knowlogy.com
Primary Cisco Switch Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
--More or (q)uit current module or <ctrl-z> to abort
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
Reset Button..................................... Enabled
AP Serial Number................................. FTX1134T0QG
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
--More or (q)uit current module or <ctrl-z> to abort
AP Up Time....................................... 48 days, 20 h 19 m 18 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:33 2013
Join Taken Time.................................. 0 days, 00 h 10 m 47 s
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211a
Radio Subband................................ RADIO_SUBBAND_ALL
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:1d:71:09:8f:90
Operation Rate Set
6000 Kilo Bits........................... MANDATORY
--More or (q)uit current module or <ctrl-z> to abort
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 20
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
--More or (q)uit current module or <ctrl-z> to abort
Tx Power
Num Of Supported Power Levels ............. 7
Tx Power Level 1 .......................... 15 dBm
Tx Power Level 2 .......................... 14 dBm
Tx Power Level 3 .......................... 11 dBm
Tx Power Level 4 .......................... 8 dBm
Tx Power Level 5 .......................... 5 dBm
Tx Power Level 6 .......................... 2 dBm
Tx Power Level 7 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 44
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 36,40,44,48,52,56,60,64,100,
......................................... 104,108,112,116,132,136,140,
......................................... 149,153,157,161
TI Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
--More or (q)uit current module or <ctrl-z> to abort
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Press Enter to continue or <ctrl-z> to abort
Cisco AP Identifier.............................. 3
Cisco AP Name.................................... KNOWLOGY_DC02
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:21:d8:36:c5:c4
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.101
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
--More or (q)uit current module or <ctrl-z> to abort
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Enabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
Reset Button..................................... Enabled
--More or (q)uit current module or <ctrl-z> to abort
AP Serial Number................................. FTX1230T24F
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 48 days, 20 h 24 m 41 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:35 2013
Join Taken Time.................................. 0 days, 00 h 10 m 48 s
--More or (q)uit current module or <ctrl-z> to abort
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211b
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:22:55:a5:0c:30
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
--More or (q)uit current module or <ctrl-z> to abort
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Level 6 .......................... 5 dBm
Tx Power Level 7 .......................... 2 dBm
Tx Power Level 8 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
--More or (q)uit current module or <ctrl-z> to abort
Current Tx Power Level .................... 1
Phy DSSS parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 1
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11
Current CCA Mode .......................... 0
ED Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
Coverage exception level................... 25 %
--More or (q)uit current module or <ctrl-z> to abort
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Cisco AP Identifier.............................. 3
Cisco AP Name.................................... KNOWLOGY_DC02
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:21:d8:36:c5:c4
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.101
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
--More or (q)uit current module or <ctrl-z> to abort
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Enabled
PoE Power Injector MAC Addr...................... Disabled
--More or (q)uit current module or <ctrl-z> to abort
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
Reset Button..................................... Enabled
AP Serial Number................................. FTX1230T24F
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
--More or (q)uit current module or <ctrl-z> to abort
AP Up Time....................................... 48 days, 20 h 24 m 41 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:35 2013
Join Taken Time.................................. 0 days, 00 h 10 m 48 s
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211a
Radio Subband................................ RADIO_SUBBAND_ALL
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:22:55:a5:0c:30
Operation Rate Set
6000 Kilo Bits........................... MANDATORY
--More or (q)uit current module or <ctrl-z> to abort
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 20
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
--More or (q)uit current module or <ctrl-z> to abort
Tx Power
Num Of Supported Power Levels ............. 7
Tx Power Level 1 .......................... 15 dBm
Tx Power Level 2 .......................... 14 dBm
Tx Power Level 3 .......................... 11 dBm
Tx Power Level 4 .......................... 8 dBm
Tx Power Level 5 .......................... 5 dBm
Tx Power Level 6 .......................... 2 dBm
Tx Power Level 7 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 36
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 36,40,44,48,52,56,60,64,100,
......................................... 104,108,112,116,132,136,140,
......................................... 149,153,157,161
TI Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
--More or (q)uit current module or <ctrl-z> to abort
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Press Enter to continue or <ctrl-z> to abort
Cisco AP Identifier.............................. 5
Cisco AP Name.................................... KN1252_AP01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:21:d8:ef:06:50
IP Address Configuration......................... DHCP
IP Address....................................... 10.125.18.101
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 10.125.18.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Enabled
Ssh State........................................ Disabled
Cisco AP Location................................ Knowlogy Conference Rooms Side
Cisco AP Group Name.............................. OGR
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or <ctrl-z> to abort
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.4.10.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. PoE/Medium Power (15.4 W)
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1252AG-A-K9
AP Image......................................... C1250-K9W8-M
IOS Version...................................... 12.4(23c)JA5
--More or (q)uit current module or <ctrl-z> to abort
Reset Button..................................... Enabled
AP Serial Number................................. FTX122990L5
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 118
WLAN 1 :........................................ 111
WLAN 2 :........................................ 111
WLAN 4 :........................................ 112
WLAN 6 :........................................ 112
WLAN 7 :........................................ 111
WLAN 9 :........................................ 112
WLAN 8 :........................................ 112
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 26 days, 00 h 24 m 39 s
--More or (q)uit current module or <ctrl-z> to abort
AP LWAPP Up Time................................. 26 days, 00 h 23 m 48 s
Join Date and Time............................... Wed Oct 9 10:59:07 2013
Join Taken Time.................................. 0 days, 00 h 00 m 50 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211n-2.4
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 7
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:22:55:df:a5:90
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
--More or (q)uit current module or <ctrl-z> to abort
11000 Kilo Bits.......................... MANDATORY
MCS Set
MCS 0.................................... SUPPORTED
MCS 1.................................... SUPPORTED
MCS 2.................................... SUPPORTED
MCS 3.................................... SUPPORTED
MCS 4.................................... SUPPORTED
MCS 5.................................... SUPPORTED
MCS 6.................................... SUPPORTED
MCS 7.................................... SUPPORTED
MCS 8.................................... SUPPORTED
MCS 9.................................... SUPPORTED
MCS 10................................... SUPPORTED
MCS 11................................... SUPPORTED
MCS 12................................... SUPPORTED
MCS 13................................... SUPPORTED
MCS 14................................... SUPPORTED
MCS 15................................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
--More or (q)uit current module or <ctrl-z> to abort
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 ..........Well you need to understand the behavior of h-reap or what it's called now, FlexConnect. In this mode, the clients are still remembers on the WLC until the session timer/idle timer expires. So switching between SSID's in h-reap will not be the same when switching when the AP's are in local mode.
Take a look at the client when connected in FlexConnect in the WLC GUI monitor tab. Thus will show you what ssid and vlan the client is on. Now switch to a different ssid and compare this. It's probably the same because the client has not timed out. Now go back to the other ssid and look again. Now on the WLC, remove or delete the client and then switch to the other ssid at the same time. Or switch SSID's and then remove the client. The client will join the new ssid and in the monitor tab, you should see the info.
There is no need to have clients have multiple SSID's unless your testing. Devices should only have one ssid profile configured to eliminate any connectivity issues from the device wanting to switch SSID's.
Sent from Cisco Technical Support iPhone App -
Issues with CWLMS 3.2 RME 4.3.1 cannot fetch vlan.dat off a VSS and 4510.
Hi,
I am having a major headache with RME collecting the vlan.dat from a VSS and 4510, the device and credentials work fine, however when archiving the config i get partial success due to vlan failing. You can see in the IC_Services log that it attempts to TFTP the .dat file off which it fails with, i believe vlan fetch is only supported by SSH or telnet
when you do a CDA test both devices pass on everything..managed to log on and please see below, tftp on one device works fine but from the 4510 or vss still fails
GRA_CHUB_CR_01#copy cat4000_flash: tftp:
Source filename []? vlan.dat
Address or name of remote host []? 172.20.220.10
Destination filename [vlan.dat]?
%Error opening tftp://172.20.220.10/vlan.dat (Timed out)
GRA_CHUB_CR_01#
DAR_R002_AS_01#
DAR_R002_AS_01#copy flash:vlan.dat tftp:
Address or name of remote host []? 172.20.220.10
Destination filename [vlan.dat]?
616 bytes copied in 0.009 secs (68444 bytes/sec)
DAR_R002_AS_01# -
My apologies if this has been asked before, but I have some questions regarding the setup of my new switch and network. I have never worked with switches before, so this is quite a learning experience. The picture above describes the current layout of my network. Here is how I have tried to set it up, so far.
VLAN 1 [Ports 1-4, Untagged, Trunk] (172.16.1.1/24)
Workstation A (Wired)
172.16.1.2/24
Server B (Wired)
172.16.1.3/24
VLAN 2 [Ports 5-8, Untagged, Trunk] (172.16.2.1/24)
Server C (Wired)
172.16.2.2/24
Server D (Wired)
172.16.2.3/24
Server E (Wired)
172.16.2.4/24
Server F (Wired)
172.16.2.5/24
VLAN 3 [Ports 9-10, Untagged, Trunk] (192.168.1.1/24)
Laptop G (Wireless)
DHCP via Router
Laptop H (Wireless)
DHCP via Router
Laptop I (Wireless)
DHCP via Router
Wireless Router
192.168.1.254/24
Now, my goal is to have all 3 VLANs be able to talk to each other but also have VLAN 1 access the internet, through the wireless router. In the future I would also like Server B to be able to expose services (http & ssh) to the outside. VLAN 2 shouldn't have internet access at all. I know I can add static routes to the wireless router, if need be. All three laptops, can access the internet through the wireless router, without any problems.
So my questions are:
1) Is there anything inherently wrong with the design of this network? If so, what could be changed?
2) Is VLAN 3 really necessary?
3) What would I need to do, to get the 3 VLANs communicating with each other?
4) What should the gateway be, to get VLAN 1 internet access?
5) What would I need to do, to expose Server B services to the outside?
6) What static routes do I need to add?
Thanks in advance!
JerHello Jeremy,
Thank you for your interest and patience.
You are on the right track here. However, several important changes must be made. Consider the following concepts:
The concept of a native VLAN. The link between the router and the switch must be part of VLAN 1. Otherwise, information from the router will not be distributed correctly on the switch due to the current PVID of 3.
The VLAN IP Interface (VLAN IP Address) identifies the subnet for the VLAN. Therefore, thinking of the switch as a router, you are correct that the default gateway for each client should be the respective VLAN interface on the switch. The switch will automatically route between directly connected IP Interfaces and their subnets.
However, in order for your clients to get to network that the switch doesn't know about, (the internet), there must be a default route to the router.
Additionally, in order for the router to forward information from the internet back to the VLANs on the switch, the router must know how to reach the different VLANs.
The folloing linked figure (Fig. 1) describes an appropriate sample setup. See here.
In this scenario, a SG300-10 is configured with 3 VLANs:
VLAN 1 - Default VLAN, used for management - 192.168.1.x/24 - Ports 9-10 - 1U - Trunk Mode
VLAN 2 - Servers - 192.168.2.x/24 - Ports 5-8 - 2U - Trunk Mode
VLAN 3 - Workstations - 192.168.3.x/24 - Ports 1-4 - 3U - Trunk Mode
VLAN 1 is used to communicate to the router. Therefore, the following default route must be added to the switch's configuration:
ip route 0.0.0.0 0.0.0.0 192.168.1.1
The switch will automatically build the routes between the VLANs local to the switch. Visualize Server C going togoogle.com. Its IP address is 192.168.2.2. Its default gateway should be the VLAN 2 IP Interface on the switch (192.168.2.254 in this example). Because the default route is configured, the switch will forward the internet request to the router. The router will then forward the request to your ISP out the WAN where it will eventually reach Google.
However, when the request comes back into the router, the router must know to route it to the 192.168.2.x subnet. So, in order for this to work, routes that accomplish the following must be configured on your router:
Subnet IP Mask Gateway Interface
192.168.2.1 255.255.255.0 192.168.1.254 (SG-300 IP Interface) LAN
192.168.3.1 255.255.255.0 192.168.1.254 (SG-300 IP Interface) LAN
As you have already discovered, there are several limitation to using a router that does not support 802.1Q tagging. Chiefly, your clients will not receive either DHCP or DNS automatically from the router. To mitigate this, you can do either of the following:
Run a DHCP server with multiple DHCP scopes on a device connected to your switch. You can then use Option 82 on the switch to route DHCP requests and DNS info between VLANs on the switch.
Statically configure IP and DNS information. You could enter Open DNS Servers or Google's DNS servers on your clients.
Ideally, you would want to use a router that supports 802.1Q tagging. In this figure here (Fig. 2), you can see the VLANconfiguration page for a Cisco RV180W, a very capable and affordable small business router that I highly recommend. Port 1 on the RV180W is configured as a trunk port and carries VLANs 1-3 to the switch. The clients automatically receive IP addresses and DNS information from the correct DHCP pool on the router.
Do not hesitate to contact us. We are always happy to help.
All the best,
-David Aguilar
Cisco Small Business Support Center
1-866-606-1866
Maybe you are looking for
-
I've been using Desktop Manager for quite some time. I use the app all the time, probably 50 times a day. Even though I like Leopard, it screwed up my Desktop Manager app. I NEED to use ALL apps in ALL SPACES, not just one space per app, which is com
-
Is it possible to clone 9.2.0.3 OEM (database) with a repository from one Windows 2003 server (prod) to another WIndow 2003 server (test). And I do not loose any defined node, jobs/events, etc. Thanks Apps11i
-
Need small help in data retriving
Hi ALL... I have the ship_to_party no. In this ship to party no i have multiple deliviries. In the deliveries i have mutiple material numbers. These ship to party and delivery no are populating form these strctures. VBDPL-MATNR (Material Number) -- i
-
How do you import photos into iPhoto from an iPhone?
how do you import photos into iPhoto from an iPhone?
-
Duplicate ISDN chap accounts on RAS server
Hey, I have a very strange one here and it's got me beat. I have a 3945 with a PRI and digital modems and everything works fine. Users can connect via ISDN or PSTN ok, but I've noticed a very funny quirk with the setup. If different folks dial in via