WAP4410N Help on to configure dhcp OR dhcp CLIENT
Help on the config. WAP4410N
WAP4410N Help on to configure
HI Guys,
I have 2 Wireless Access Points WAP4410N. Iam very new in Using these Wireless ACCESS points. initial configuration I have done with the help of Starting guide. Here i want to know few things
1) Is these can be configured By CLI mode as of now i used GUI mode.
2)i want to give connected users of wifi from the DHCP loop created in L3 switch (is a DHCP server). where wifi point is connected to a port of L3 switch.
3) How can i give connected wifi users from DHCP Pool with different ip adress subnet to internal users and guests. is this can be configured here on product i have or not?
if yes . can you please exlain me or gvve me detaiuled stuff.
4) I Want to give access to my employees internal server through WI-fi . where i have L3 switch connected to a server gi 1/0/1 (10.10.10.10) and wifi at port gi 1/0/2. how can segregate or seperate the internal user employees with access to servers and gust users directly access internet through gateway 10.10.11.1 connected to L3 switch. where wifi port has to be given a different VLAN no.
wifi-----------------------L3 switch--------------------------router
server
Hello all
I had an issue.
, added SSID with different VLan numbers. everything went good. i can access the WAP but couldnt connect to internet where i can ping from connected WAP to Gateway of our network . but couldnt connect to internet.
the status on the connected WAP says. Limited access. No internet access.......
Any help guys. is there any problem with my laptop searched through online restarted the Netsh service of TCP and all .. but lost couldnt connect to internet and the status still shows No internet access..\\
Really ****** on with WAP4410N working with it from 4days. atlast connected to WAP and the new issue arises with no internet access...
Thanks
srikanth
Similar Messages
-
HI Guys,
I have 2 Wireless Access Points WAP4410N. Iam very new in Using these Wireless ACCESS points. initial configuration I have done with the help of Starting guide. Here i want to know few things
1) Is these can be configured By CLI mode as of now i used GUI mode.
2)i want to give connected users of wifi from the DHCP loop created in L3 switch (is a DHCP server). where wifi point is connected to a port of L3 switch.
3) How can i give connected wifi users from DHCP Pool with different ip adress subnet to internal users and guests. is this can be configured here on product i have or not?
if yes . can you please exlain me or gvve me detaiuled stuff.
4) I Want to give access to my employees internal server through WI-fi . where i have L3 switch connected to a server gi 1/0/1 (10.10.10.10) and wifi at port gi 1/0/2. how can segregate or seperate the internal user employees with access to servers and gust users directly access internet through gateway 10.10.11.1 connected to L3 switch. where wifi port has to be given a different VLAN no.
wifi-----------------------L3 switch--------------------------router
serverI'll give it a go but I haven't configured these particular APs before.
1. I don't know but you can probably find out by searching cisco.com.
2. Configure an ip address on the VLAN SVI on your switch; Create a DHCP pool and use a network statement that matches the vlan subnet. Add the other DHCP parameters (default-router and dns-server list at a minimum). The 4410 supports VLANs so make sure your uplink is a dot1q trunk or configure one vlan per port. Configure the AP to use the switch's dhcp server for each vlan.
3. see point 2 - create a guest wlan and assign it to a vlan; use the switch to allocate ip addresses; use an ACL to prevent access to corporate resources; configure the dhcp server with an external dns server not your corporate ones.
4. use vlans and access control lists (ACLs).
for example (on the switch):
interface vlan XX
description internal users
ip address 10.10.10.x 255.255.255.0
ip access-group permit-corporate-in in
interface vlan XX
description guest users
ip address 10.10.11.x 255.255.255.0
ip access-group permit-guest-in in
access-list extended permit-guest-in deny 10.10.11.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list extended permit-guest-in permit ip any any
access-list extended permit-corporate-in deny 10.10.10.0 0.0.0.255 10.10.11.0 0.0.0.255
access-list extended permit-corporate-in permit ip any any
This is just an example. You may want to change that 'permit ip any any' at the end to match your corporate security policies. -
Failover configuration over 4 DHCP Servers
Hi,
Actually I have the following topology:
Site A with subnet 1,2,3 and 4, DHCP server DHCP-1 and DHCP-2 -> Services Site-A1 and Site-A2...I believe I have made a mess. I have an existing old Netware server currently running DNS. I have 3 OES11 servers all running DHCP with no issues...
-
Please help me in configuring a Cisco 2800 series router!
Hi! I have to configure a new router with a static route. No routing protocol will be used. I just have to set default route on it and NAT. My senior Network Engineer has asked me to configure this router. There's an apartment where our Overseas employees stay, earlier this apartment had a broadband connection which was further divided through the APs(Cisco Wireless Access Points) and made usable to around 20 users. Now, they have bought in their own lease line and I have to configure this router. We just have to connect it with the ISP using Ethernet (not serial link). I would be so so grateful if you can just type in complete configuration for this. Thanks a ton in advance!
Hi There,
Thanks for your great help!
Below is the final template which my NE provided me:
Now I have to configure this router and then further need to connect various workstations with the same network. Please let me know what needs to be done further.
Thanks!
Configuration:::
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
ip domain-name CVT.net
logging buffered 128000 informational
logging console errors
logging monitor notifications
no aaa new-model
clock timezone IST 5 30
ip cef
no ip domain lookup
username aptadmin secret
enable secret
crypto key generate rsa
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
service dhcp
ip dhcp pool LAN-POOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 4.2.2.2
domain-name CVT.net
lease 1
interface FastEthernet0/0
description *********Spectranet WAN*********
ip address x.x.x.x 255.255.255.252
load-interval 30
duplex full
speed 100
ntp disable
no cdp enable
interface FastEthernet0/1
description Connect to LAN
ip address 192.168.1.0 255.255.255.0
no ip redirects
duplex auto
speed auto
ntp disable
ip forward-protocol nd
no ip http server
no ip https server
control-plane
banner exec $
Network Provided by CVT
This system is restricted to authorized individuals. Unauthorized access is a
criminal violation of the law and is subject to prosecution. Please disconnect
if you are not an authorized individual. Otherwise, you will be prosecuted
to the full extent of State and Federal law.
All connections and changes are logged.
************** Warning - Warning - Warning **************
$
banner login $
Authorized Associates only! Please disconnect your connection if
you are not an authorized Associate. Otherwise, you will be
prosecuted to the full extent of State and Federal law.
All connections and changes are logged.
$
line con 0
exec-timeout 15 0
password 7
login local
line aux 0
exec-timeout 15 0
password 7 C@pt
login local
line vty 0 4
access-class 50 in
exec-timeout 5 0
login local
transport preferred ssh
transport input ssh
line vty 5 15
access-class 50 in
exec-timeout 5 0
login local
transport preferred ssh
transport input ssh
end -
Ip source guard feature and dhcp DHCP scope exhaustion (client spoofs other clients)
Hi everybody.
A dhcp server assigns ip adress based on mac address carried by client hardware field in dhcp packets.
One potential attack is when a rogue host mimics different mac addresses and causes dhcp server to assign the ip addresses until no ip address is left for legitimate host.
For e.g a host h1 with mac1 has assigned ip address by dhcp server as:
199.199.199.1 mac1
Dhcp server has the above entry in its database.
Using hacking tools such as Yersinia or Gobbler one can create a dhcp discover messages each time creating a different mac for client hardware field in dhcp server thereby causing a dhcp server to assign ip addresses because to dhcp server , these are legitimate dhcp discover messages with each carrying a different mac in client hardware addresses.
You might say use dhcp snooping and it will prevent that ( dhcp scope exhaustion) and configure the switch to check if src mac matches the client hardware address in dhcp message. But still we can creat spoofed discover messages where src mac in ethernet header will match the client hardware address in dhcp discover message. We still did not overcome the problem.
You might say use IP source guard feature but will it really prevent that problem from happening?
Let me illustrate it :
h1---------f1/1SW---------DHCP server
Let say we have configured dhcp snooping on sw1 and f1/1 is untrusted port. The switch has following dhcp binding
199.199.199.1 mac1 vlan1 f1/1
Next we configure ip source guard to validate both src mac and src ip against the dhcp bindings . When we configures ip source guard first , it will allow dhcp communication only so a host can request ip address and a dhcp binding can be built. After that ip source guard will validate src ip or src mac or both against the dhcp binding.depending upon how we configure ip source guard.
In our case we have configured ip source guard to validate both src mac and src ip against the dhcp binding.
A dhcp binding is already created as:
199.199.199.1 mac1 vlan 1 f1/1
Now using the hacking tools Yersinia or Gobbler on h1, we create our first spoofed dhcp discover message where src mac=mac2 in ethernet header and client harware address= mac2 in dhcp discover message. Since switch is configured with ip source guard feature and therefore allows dhcp discover message to pass through. Dhcp server upon receiving the dhcp message assigns another ip address from the pool. Now the dhcp server has following entries:
199.199.199.1 mac1
199.199.199.2 mac2.
We can continue to craft spoofed dhcp discover messages as mentioned above and have dhcp server keep assigning ip addresses until the whole pool is exhausted.
So my question is how does ip source guard in conjuction with dhcp snooping prevent this particular attack from happening? ( i.e DHCP scope exhaustion)
I really appreciate your input.
thanks and have a great week.Thanks Karthikeyan.
First of all, we gather all the information about the locations of legitimate dhcp servers in our network. Once we have this information, we will configure the ports used to reach them as trusted. All the ports where end users will connect will be untrusted and therefore subject to dhcp snooping .
it means if any of user connected in that switch/vlan runs a dhcp services like vmware for eg. Snooping will prevent the dhcp/bootp servers connected to that port will not be able to process.
Yes that is correct. Because dhcp snooping feature will check these ports for the messages usually sent by dhcp server such as dhcp offer, etc. If the end user is running dhcp server using virtual machine, that port should be configured as trusted if it is dertermined that end user is running a legitimate dhcp server using vm ware.
When we have the dhcp snooping it prevents the 1st level of hacking itself. I don't think so it will have any impact on dhcp address releasing.
I am sorry. You lost me here. What is 1 level of hacking?
Dhcp snooping checks for dhcp messages such as dhcp release, dhcp decline.on untrusted port against the dhcp bindings.
Here is why;
h1---------SW1-------dhcp server
|
h2
Let say we don't have dhcp snooping in above attack and h2 is a legitimate user has already assigned ip address 199.199.199.2 by dhcp server. Thus the dhcp server has an entry:
199.199.199.2 mac2
Next we connect rogue user and it gets ip address 199.199.199.1 now the dhcp server has entries:
199.199.199. 1 mac1
199.199.199.2 mac2
Now using hacking tools, h1 create a fake dhcp release message with 199.199.199.199.2 mac2
Dhcp server upon receiving this message, will release the ip address and returns it to the pool.
By using DHCP snooping, switch will peer inside dhcp release message and checks against the binding. If there is conflict, it will drop the message.
IFor e.g
If have dhcp snooping configured , then switch will have adhcp binding as:
199.199.199.1 mac1 vlan 1 f1/1 lease time
199.199.199.2 mac2 vlan 2 f1/2 lease time.
If h1 tries to send fake dhcp release with ip address 199.199.199.2 mac2
Switch will check ip address 199.199.199.2 and mac2 against the binding related to f1/1 . Sw will find a conflict and therefore drops the dhcp release packet.
Thanks -
ASA 5512-X - VPN & local clients DHCP relaying (DHCP Proxy vs. DHCP Relay conflict)
Hey all,
I have ASA-5512-X serving as general firewall/router. It also serves as AnyConnect SSL VPN gateway (webvpn).
It has ~10 VLANs connected over 1 trunk port. One of the VLANs has DHCP server that shall serve all the VLANs (192.168.16.2).
I'm trying to have the ASA relay DHCP requests from all VLANs to the DHCP server and to also serve VPN clients.
However, according to bug https://tools.cisco.com/bugsearch/bug/CSCsd22469 both DHCP Proxy (webvpn) and DHCP Relay (local interfaces) can't be enabled at the same time.
As VPN clients connect to the same VLANs as local users (eg. VLAN 2 - 192.168.2.0/24) I want to have the very same DHCP server serving both, otherwise it's gonna become a mess.
Note: if I configure DHCP Relay functionality and disable DHCP Proxy - local clients are served fine. If I configure DHCP Proxy (webvpn) and disable DHCP Relay VPN clients are served fine. I therefore consider setup to be correct, just the ASA limitation won't allow me to make it serve both.
Can DHCP Relay also serve VPN clients (no DHCP Proxy enabled)? did I miss something?
Thanks!Hi,
The only workaround for this issue is to configure the ASA itself to act as DHCP server for vpn clients. You also have the flexibility of using local pool and AAA server. Why exactly do you want to use the same DHCP server for both?
AM -
Hi all,
we brought a Cisco 881W-GN-E-K9 and we use it as main router.
We have this network architecture:
- the WAN (FastEthernet4 interface) is connected to the 192.168.0.x network
- all the ethernet interfaces (FastEthernet 0-3) and the wlan are in 10.0.0.0 network using a VLan
We have some problems:
- we set static DNS entries in the Router:
ip host Waters 10.0.0.1
ip host Barrett 10.0.0.2
ip host Mason 10.0.0.20
ip host Wright 10.0.0.21
However, the ping Mason it's not working....
- we activate a NAT for the 8080 port on the 10.0.0.21 pc but it does not works:
ip nat inside source static tcp 10.0.0.21 8080 A.B.C.D 8080 extendable
someone can explain were we are falling?
Following the router configuration:
Current configuration : 6948 bytes
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Waters
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
no aaa new-model
memory-size iomem 10
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-1382020822
REMOVED!!!
crypto pki certificate chain TP-self-signed-1382020822
REMOVED!!!
ip source-route
ip dhcp excluded-address 10.0.0.1
ip dhcp excluded-address 10.0.0.1 10.0.0.99
ip dhcp pool DHCP
import all
network 10.0.0.0 255.0.0.0
default-router 10.0.0.1
dns-server 10.0.0.1
lease 0 10
ip cef
ip host CiscoRouter 10.0.0.1
ip host Mason 10.0.0.20
ip host Wright 10.0.0.21
ip host SamsungML3050 10.0.0.91
ip host CiscoAP 10.0.0.2
ip host EpsonSX440W 10.0.0.90
ip host RouterAP 10.0.0.2
ip host Waters 10.0.0.1
ip host Router 10.0.0.1
ip host Barrett 10.0.0.2
ip name-server 192.168.0.1
ip name-server 8.8.8.8
ip name-server 10.0.0.1
no ipv6 cef
vpdn enable
vpdn-group 1
REMOVED!!!
license udi pid CISCO881W-GN-E-K9 sn REMOVED!!!
username routeradmin privilege 15 secret REMOVED!!!
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
ip address 192.168.0.253 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface Virtual-Template1
ip unnumbered Vlan1
ip nat inside
ip virtual-reassembly in
peer default ip address dhcp-pool DHCP
no keepalive
ppp encrypt mppe 128
ppp authentication ms-chap ms-chap-v2
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
ip nat inside
ip virtual-reassembly in
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
no ip address
interface Vlan1
description BLABLABLA
ip address 10.0.0.1 255.0.0.0
ip nat inside
ip nat enable
ip virtual-reassembly in
ip tcp adjust-mss 1452
ip local pool PPTP-Pool 10.0.1.10 10.0.1.99
ip default-gateway 10.0.0.1
ip forward-protocol nd
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 10.0.0.21 8080 A.B.C.D 8080 extendable
ip default-network 192.168.0.0
ip route 0.0.0.0 0.0.0.0 192.168.0.1
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 23 permit 10.0.0.0 0.255.255.255
no cdp runHi mfurnival,
thank for your answer...
inline my outlines:
What do you mean when you say the static entry for Mason is not working? Do you mean that when you type "ping Mason" it times out? What happens when you try and ping the actual IP address of Mason ( 10.0.0.20 ) - does that work?
yes, the ping to 10.0.0.20 works ok while ping mason times out....
Regarding the NAT - I assume that the outside address (removed from config above) is in the 192.168.0.x range?
hooo... thanks, this issue was solved: i was mapping the outside ip address (156.x.y.z) and not the 192.168.0.x... thank you.
Leonardo -
Hello Friends,
I need your help to configure my voice setup.I have two location connected with a point-to-point leased line. Both the ends have different brand pbx installed. One is connected with R1 with the help pf a T1 voice card and Other is connected with R2 with the help of a E1 card. I am giving an attachment of the scnerio. Please help me to configure the cisco 3640 routers with H.323 gateway. I will be very thankful to you.My bosses has given me this work to do. Now I need your help. I have some exerience to configure E1 and T1 cards also have some knowledge of configuring dial pears.
Thanks.Ok, this was the 2nd thing I was just about to recommend, and that was to not Trunk due to the E1/T1 limitation and just terminate and route everything H323. Both sides are CAS, just one is E&M Immediate and the other is R2-Digital. Unlike the 1st document I linked you are not trunking the connections you are using a PLAR to a voice-port. Essentially you are using a H323 dialplan to do this in a limited fashion.
Unfortunately CAS doesn't support ANI unless you use FGD or FGD-EANA on the T1 side Router and PBX. Not totally sure on the R2 side but I believe you need to configure your PBX and R2 router to use R2-Digital Compelled, non-compelled or semi-compelled to get ANI information on that side.
Reference these documents.
http://www.cisco.com/en/US/tech/tk652/tk653/technologies_tech_note09186a00800e2560.shtml
http://www.cisco.com/en/US/tech/tk652/tk653/technologies_tech_note09186a00800943c2.shtml
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcr/tdia_r/dia_d2ht.htm#wp1010243
Please rate any helpful posts
Thanks
Fred -
Help in the configuration of SAPCRM BP to EP 6.0 SP2
Hi all,
Need some Help on the configuration of the CRM Business Package 6.0.2.2. to EP 6.0 SP2. I am following the guide for the same given on SAP HELP. I have activated the required BSP Services : crm_bsp_frame etc.
And i have assigned the Account Manager role to one of the portal users. I have also configured the backend role to the backend user to which the portal user is mapped.
Now, iam able to see the Account Manager's top and detail level navigation in the portal, but iam not able to see the iviews in it. The error is as below:
Portal Runtime Error
An exception occurred while processing a request for :
iView : N/A
Component Name : N/A
Application URL 'http:///sap/bc/bsp/sap/crm_bsp_frame/entrypoint.do' is not valid! Please check the protocol and host entries for system 'SAP_CRM'..
See the details for the exception ID in the log file
The SAP_CRM system that i have defined is fine. SInce iam able to create an SAP Transaction iview out of it successfully.
Any pointers regarding this will be very useful. ThanksHello Mr. Ramaya,
Your SAP_CRM system definition is missing the entries for web application server. Check your system definition. This is why in following url your host and port are missing.
<b>'http:///sap/bc/bsp/sap/crm_bsp_frame/entrypoint.do'</b> -
Help required in configuring telnet
Hi,
We have two PIX 515E firewalls working in HA mode.
I wanted to configure telnet access to firewalls from outside interface.
PIX version is 6.3(5)
I kept PC outside to outside interfaces.
PIX outside IP is 10.10.200.3, inside IP is 10.10.202.5 corresponding virtual IPs are 10.10.200.2 and 10.10.202.7
I have tried following configurations:
pix(config)#telnet 0 0 inside
pix(config)#telnet 0 0 outside
pix(config)#telnet 10.10.200.0 255.255.255.0 outside
pix(config)#telnet 10.10.202.0 255.255.255.0 inside
pix(config)#telnet 10.10.200.200 255.255.255.255 outside
I am able to telnet from internal interface side using inside ip address.
But from outside test pc with IP 10.10.200.200 I am not able to telnet to PIX.
I enabled logging console 5.
when I tried to telnet to outside virtual IP it is not showing any traffic to firewall.
If I try to outside interface I am able to see the traffic like
packets received from source 10.10.200.200 to 10.10.200.3
any help in this configuration. I wanted to telnet firewall from test pc.
Regards
SKRAOHI SKRAO,
from security reasons is not possible to telnet to outside interface there is no way how to permit this you need you ssh instead of telnet
here is more info about setting ssh
http://www.ciscopress.com/articles/article.asp?p=25342&seqNum=3&rl=1
M.
Hope that helps rate if it does -
Help required in configuring counting rule
I have limited experience in SAP-HR configuration. Kindly help me quota configuration. The client has only absence type u2013 Earned Leave. The leave rule is the same for all the employees. The leave rules are:
1. The employees are credited with earned Leave on Jan 1 every year, for the attendance days put in during the previous calendar year.
2. The employee is eligible for Earned Leave only if he has attendance for at least 240 days during the previous year. If the employee has joined the company during the middle of the previous year, then he should have attendance for at least 2/3 of the remaining working days during the year.
3. The employee should be credited with 1 day EL for every 20 working days. If the employee, for example, has worked for 268 days during the year then he should be credited with 13 days EL (268/20=13, with 8 days as remainder). The remainder days, if any, should be carried forward to the next year and considered at that point as added to the number of working days. E.g. employee has worked for 268 days in year 2010. He will be credited with 13 days EL on 1 Jan 2011. Assume he has worked for 256 days in year 2011. Then while creating the absence quota for EL on 1 Jan 2012, the system should consider working days as 256 (from year 2011) + 8 (remainder from year 2010) = 264. Hence the employee should be credited with 13 days of EL on 1 Jan 2012 (264/20 = 13 days; 4 days remainder).
4. Leave carry forward rules: The employee is allowed to carry forward the EL balance to the next year. However, after carry forward the total balance should not go beyond 30 days. Any thing in excess of 30 days will get lapsed, if it is not encashed.
Kindly let me know how to configure the counting rule & the deduction rule for the above scenario.Hi
Configuring of EL need PCR Calculation and Standard Configuration with time Types
000010 D VARSTCURMO
000020 ** COLOP*
000030 04 D VARSTFDYPP
000040 04 N
000050 04 Y D HRS=0 HRS=FR11C HRS?300
000060 04 Y *
000070 04 Y < D HRS-300 HRS*-1 ADDDB9509 ADDDB9558 HRS?15
000080 04 Y < * Z HRS=0 HRS=M9500 GCY ZAC2
000090 04 Y < < Z GCY ZAC3
this when u go for GCY ZAC2
D HRS?10
D HRS/10 ROUNDH<60HHRS?CELACR
* D HRS-CELACRHRS?0
* * HRS*-1 ADDDB9501
* > HRS=0 ADDDB9500ZADDMB9500ZADDDB9501ZADDMB9501Z
> HRS=0 ADDDB9500ZADDMB9500ZADDDB9501ZADDMB9501Z
< HRS=0 HRS=CELACRADDDB9501 HRS=0 ADDDB9500ZNEXTR A
< A ADDMB9500Z
This when u click ZAC3
000010 D HRS=0 HRS=M9500 HRS?10
000020 * HRS/10 ROUNDH<60HADDDB9557 HRS-D9509 ADDDB9556 NEXTR A
000030 * A D HRS*-1 HRS?0
000040 * * COLOP*
000050 * > ADDDB9501 HRS=0 ADDDB9500ZADDMB9500ZADDDB9509ZNEXTR A
000060 * > A ADDMB9509Z
000070 < HRS=0 HRS=M9509 ADDDB9501 HRS=0 ADDDB9500ZNEXTR A
000080 < A ADDMB9500ZADDDB9509ZADDMB9509Z
This PCR is for EL with 300 Limit
Regards
Raja Sekhar -
Please help me to configure 2504 WLC as secondary in N+1 HA mode. My primary WLC is 5508 and both have 50 AP license. I want to deploy the AP in the same location.
Go HERE: https://supportforums.cisco.com/discussion/12219106/high-availibility-2500
-
WLC 2006 INTERNAL DHCP FOR GUESTS CLIENTS
I would like to use the internal DHCP to issue ipaddress to the guest wireless clients.
However; when i setup the wlc internal DCHP scope and try to connect to the wireless guest vlan the WLC debug DHCP reads ...forwarding to 192.168.255.2 which i have listed as the gateway to the pix
any examples on how to do this would be great.
here is what i have for the dhcp scope:
Dhcp Scope Info
Scope: Guest.Data.DHCP
Enabled.......................................... Yes
Lease Time....................................... 86400 (1 day )
Pool Start....................................... 192.168.255.17
Pool End......................................... 192.168.255.30
Network.......................................... 192.168.255.0
Netmask.......................................... 255.255.255.0
Default Routers.................................. 192.168.255.2 0.0.0.0 0.0.0.0
DNS Domain.......................................
DNS.............................................. 0.0.0.0 0.0.0.0 0.0.0.0
Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0
Here is what i have for the wlan
WLAN Identifier.................................. 2
Network Name (SSID).............................. Guest.Data
Status........................................... Disabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. Infinity
Interface........................................ guest.data
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Quality of Service............................... Silver (best effort)
WMM.............................................. Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
--More-- or (q)uit
Radio Policy..................................... All
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
IP Security Passthru.......................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
Management Frame Protection................... Ewhen i try to assocate the dhcp scope to wireless.guest.data interface using 192.168.255.1 which is the ip of the that interface it will not let me. I would have thought since i was using the interal dhcp that the .1 address would be the dhcp scope address also. i can assign 192.168.255.0 or 192.168.255.2(gateway)if i use .0 or .2 the dhcp request (discovery) process starts and then will forward to .2 (gateway) and never assign an address. the only thing that happens is that the client wireless interface will get 255.255.255.255 for a few seconds then go away.
what i am trying to accomplish is to connect the wlc port 2 directly to a pix 506 which goes to the internet so the guest traffice is not on our vlan.
any other suggestions on guest vlans would be appricated....
Tom
Interface Name................................... wireless.guest.data
IP Address....................................... 192.168.255.1
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 192.168.255.2
VLAN............................................. 150
Quarantine-vlan.................................. no
Physical Port.................................... 2
Primary DHCP Server.............................. Unconfigured
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... No
Scope: wireless.guest.data.dhcp.server
Enabled.......................................... Yes
Lease Time....................................... 86400 (1 day )
Pool Start....................................... 192.168.255.17
Pool End......................................... 192.168.255.30
Network.......................................... 192.168.255.0
Netmask.......................................... 255.255.255.0
Default Routers.................................. 192.168.255.2 0.0.0.0 0.0.0.0
DNS Domain.......................................
DNS.............................................. 0.0.0.0 0.0.0.0 0.0.0.0
Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0 -
Can anyone help me in configuring the reports server
Can any one help me in configuring report server to personal web server on Windows NT 4.0 sp4 environment.
Hi.
One way of searching for tables that contains specific fields is use transaction ST05 (Performance Analysis) and then turn on the trace function.
If you know some program that has a component (textbox, select-option, parameter, label, radiobutton, etc) that reffers to the field desired (or even just use it in the internal logic), in your case 'charg', you'll be able to check in a report what tables were used while the trace was on.
Search about ST05 and its trace function. It's very simple and very useful to find tables.
Edited by: Fabio Luiz Esperati Pagoti on Sep 29, 2009 7:40 PM -
Need help on struts configuration with ColdFusion 10 using IIS
We need help on struts configuration with ColdFusion 10 using IIS.
Earlier we were using ColdFusion 8 with IIS 6 for one of our application. This application internally calls struts. After upgrading to ColdFusion 10 struts calls are not loading. We get 404 error.
In ColdFusion 8 struts were configured using actions extension .do in IIS from this file-
C:\ColdFusion8\runtime\lib\wsconfig\jrun_iis6.dll.
But in ColdFusion 10 this file is not present as ColdFusion 10 uses Tomcat in place of Jrun.
Also there is no information in ColdFusion log file.Duane wrote:
doctormirabilis, Welcome to the discussion area!
1) how can i configure the time capsule in order to operate as a remote base station synchronizing with the relay using the ethernet port?
Configure the Time Capsule to act as a bridge (not distributing IP addresses). Also configure the Time Capsule to create an 802.11n wireless network with a unique network name (SSID). That's it.
2) how can i avoid that my powerbook while accessing my wireless network does connect through the relay station instead of using the time capsule?
Configure the Time Capsule to use a different network name than the WDS link between the 2 AirPort Express (AX). Configure the PowerBook to use the Time Capsule network.
There are 2 pieces of information that you should be aware of...
(1) None of the PowerBooks are capable of 802.11n.
(2) The WDS link cuts your available bandwidth in half. So the wireless link to your neighbor's has a maximum potential of 27 Mbps.
Let's for a minute assume that you have a Mac compatible with 802.11n. In your configuration the time you could take advantage of the 802.11n speed is when the Mac is sending/recieving data directly from/to the Time Capsule.
There would be NO speed increase in Internet access. The speed of Internet access is going to be controlled by the slowest link in the path to the Internet. That is probably the connection to the ISP. The next slowest path is the WDS link to your neighbor's.
Duane,
I am in a similar situation, sharing internet with my neighbor. Do you think it would be plausible to hook up a vonage phone adapter to time capsule's ethernet port if time capsule is bridging from my neighbor's router in the configuration you have described? A check of my upload speed shows 1.67Mbps (powerbookG4 w/ airport extreme). Vonage reccommends 90kbps minimum upload speed. Am I going to lose some speed putting the Vonag adapter behind time capsule?
Thank you
Maybe you are looking for
-
I created two iTunes libraries on my mac mini back in the day. I would like to consolidate them into one iTunes library. What is the easiest method to do this? I do use i-Match to access all my music from iCloud, if that makes any difference. Thank
-
BPM Scenario: Error in SXMB_MONI
hi, I am using a File- XI(BPM) - File scenario. After completing all the mappings and carrying out the necessary steps for configuration, when I go and see the message in SXMB_MONI - it gives me the following error: " During the application mapping c
-
Where can I find hi-res wallpaper for the new ipad?
just got the new ipad and cant find good wallpaper anywhere, when set the to higher res only a few pic come up.
-
File Export is grayed out in QuickTime Pro!
I am scheduled to perform some songs on Saturday, so I need to learn them. I planned to purchase the songs through iTunes, but they are available only as video clips--not as audio files. I thought I would buy the videos and export them with QuickTime
-
Switch between (windows 7 and OS X) partitions?
Hi everybody. I have OS X mountain lion installed on my 13 inch Macbook Pro (late 2012). I just made a partition and installed windows 7 on it because I want to game some on my machine. But now that I wanna go back to OS X I don't know how to? P.S. I