WAP4410N Help on to configure dhcp OR dhcp CLIENT

Similar Messages

• WAP4410N Help on to configure

  HI  Guys,
  I have 2 Wireless Access Points WAP4410N. Iam very new in Using these Wireless ACCESS points. initial configuration I have done with the help of Starting guide. Here i want to know few things
  1) Is these can be configured By CLI mode as of now i used GUI mode.
  2)i want to give connected users of wifi from the DHCP loop created in L3 switch (is a DHCP server). where wifi point is connected to a port of L3 switch.
  3) How can i give connected wifi users from  DHCP Pool with different ip adress subnet to internal users and guests. is this can be configured here on product i have or not?
  if yes . can you please exlain me or gvve me detaiuled stuff.
  4) I Want to give access to my employees internal server through WI-fi . where i  have L3 switch  connected  to a server gi 1/0/1 (10.10.10.10) and wifi at port gi 1/0/2. how can segregate or seperate the internal user employees with access to servers and gust users directly access internet through gateway 10.10.11.1 connected to L3 switch. where wifi port has to be given a different VLAN no.
  wifi-----------------------L3 switch--------------------------router
                           server

  I'll give it a go but I haven't configured these particular APs before.
  1. I don't know but you can probably find out by searching cisco.com.
  2. Configure an ip address on the VLAN SVI on your switch; Create a DHCP pool and use a network statement that matches the vlan subnet. Add the other DHCP parameters (default-router and dns-server list at a minimum). The 4410 supports VLANs so make sure your uplink is a dot1q trunk or configure one vlan per port. Configure the AP to use the switch's dhcp server for each vlan.
  3. see point 2 - create a guest wlan and assign it to a vlan; use the switch to allocate ip addresses; use an ACL to prevent access to corporate resources; configure the dhcp server with an external dns server not your corporate ones.
  4. use vlans and access control lists (ACLs).
  for example (on the switch):
  interface vlan XX
  description internal users
  ip address 10.10.10.x 255.255.255.0
  ip access-group permit-corporate-in in
  interface vlan XX
  description guest users
  ip address 10.10.11.x 255.255.255.0
  ip access-group permit-guest-in in
  access-list extended permit-guest-in deny 10.10.11.0 0.0.0.255 10.10.10.0 0.0.0.255
  access-list extended permit-guest-in permit ip any any
  access-list extended permit-corporate-in deny 10.10.10.0 0.0.0.255 10.10.11.0 0.0.0.255
  access-list extended permit-corporate-in permit ip any any
  This is just an example. You may want to change that 'permit ip any any' at the end to match your corporate security policies.

• Failover configuration over 4 DHCP Servers

  Hi,
  Actually I have the following topology:
  Site A with subnet 1,2,3 and 4, DHCP server DHCP-1 and DHCP-2 -> Services Site-A1 and Site-A2...

  I believe I have made a mess. I have an existing old Netware server currently running DNS. I have 3 OES11 servers all running DHCP with no issues...

• Please help me in configuring a Cisco 2800 series router!

  Hi! I have to configure a new router with a static route. No routing protocol will be used. I just have to set default route on it and NAT. My senior Network Engineer has asked me to configure this router. There's an apartment where our Overseas employees stay, earlier this apartment had a broadband connection which was further divided through the APs(Cisco Wireless Access Points) and made usable to around 20 users. Now, they have bought in their own lease line and I have to configure this router. We just have to connect it with the ISP using Ethernet (not serial link). I would be so so grateful if you can just type in complete configuration for this. Thanks a ton in advance!

  Hi There,
  Thanks for your great help! 
  Below is the final template which my NE provided me:
  Now I have to configure this router and then further need to connect various workstations with the same network. Please let me know what needs to be done further.
  Thanks!
  Configuration:::
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  ip domain-name CVT.net
  logging buffered 128000 informational
  logging console errors
  logging monitor notifications
  no aaa new-model
  clock timezone IST 5 30
  ip cef
  no ip domain lookup
  username aptadmin secret 
  enable secret 
  crypto key generate rsa
  ip ssh time-out 60
  ip ssh authentication-retries 2
  ip ssh version 2
  service dhcp
  ip dhcp pool LAN-POOL
  network 192.168.1.0 255.255.255.0
  default-router 192.168.1.1
  dns-server 8.8.8.8 4.2.2.2
  domain-name CVT.net
  lease 1
  interface FastEthernet0/0
   description *********Spectranet WAN*********
   ip address x.x.x.x 255.255.255.252
   load-interval 30
   duplex full
   speed 100
   ntp disable
   no cdp enable
  interface FastEthernet0/1
   description Connect to LAN 
   ip address 192.168.1.0 255.255.255.0
   no ip redirects
   duplex auto
   speed auto
   ntp disable
  ip forward-protocol nd
  no ip http server
  no ip https server
  control-plane
  banner exec $
                    Network Provided by CVT
  This system is restricted to authorized individuals. Unauthorized access is a
  criminal violation of the law and is subject to prosecution. Please disconnect
  if you are not an authorized individual. Otherwise, you will be prosecuted 
  to the full extent of State and Federal law.
  All connections and changes are logged.
  ************** Warning - Warning - Warning **************
  $
  banner login $
  Authorized Associates only! Please disconnect your connection if
  you are not an authorized Associate. Otherwise, you will be
  prosecuted to the full extent of State and Federal law.
  All connections and changes are logged.
  $
  line con 0
   exec-timeout 15 0
   password 7 
   login local
  line aux 0
   exec-timeout 15 0
   password 7 C@pt
   login local
  line vty 0 4
   access-class 50 in
   exec-timeout 5 0
   login local
   transport preferred ssh
   transport input ssh
  line vty 5 15
   access-class 50 in
   exec-timeout 5 0
   login local
   transport preferred ssh
   transport input ssh
  end

• Ip source guard feature and dhcp DHCP scope exhaustion (client spoofs other clients)

  Hi everybody.
  A dhcp server assigns ip adress based on mac address carried by client hardware field in dhcp packets.
  One potential attack is when a rogue host mimics different mac addresses and causes dhcp server to assign the ip addresses until no ip address is left for legitimate host.
  For e.g a host h1 with mac1 has assigned ip address by dhcp server as:
  199.199.199.1 mac1
  Dhcp server has the above entry in its database.
  Using hacking tools such as Yersinia or Gobbler one can create a dhcp discover messages each time creating a different mac for client hardware field in dhcp server thereby causing a dhcp server to assign ip addresses because to dhcp server , these are legitimate dhcp discover messages with each carrying a different mac in client hardware addresses.
  You might say use dhcp snooping and it will prevent that (  dhcp scope exhaustion) and configure the switch to check if src mac matches the client hardware address in dhcp message. But still we can creat spoofed discover messages where src mac in ethernet header will match the client hardware address in dhcp discover message. We still did not overcome the problem.
  You might say use IP source guard feature but will it really prevent that problem from happening?
  Let me illustrate it :
  h1---------f1/1SW---------DHCP server
  Let say we have configured dhcp snooping on sw1 and f1/1 is untrusted port.  The switch has following dhcp binding
  199.199.199.1    mac1   vlan1  f1/1
  Next we configure ip source guard to  validate both src mac and src ip against the dhcp bindings  . When  we configures ip source guard first  , it will allow dhcp communication only so a host can request ip address and a dhcp binding can be built. After that ip source guard will validate src ip or src mac or both against the dhcp binding.depending upon how we configure ip source guard.
  In our case we have configured ip source guard to validate both src mac and src ip against the dhcp binding.
  A dhcp binding is already created as:
  199.199.199.1 mac1 vlan 1 f1/1
  Now using the hacking tools Yersinia or Gobbler on h1, we create our first spoofed dhcp discover message  where src mac=mac2 in ethernet header and  client harware address= mac2 in dhcp discover message. Since switch is configured with ip source guard feature and therefore allows dhcp discover message to pass through. Dhcp server upon receiving the dhcp message assigns another ip address from the pool. Now the dhcp server has following entries:
  199.199.199.1 mac1
  199.199.199.2 mac2.
  We can continue to craft spoofed dhcp discover messages as mentioned above and have dhcp server keep assigning ip addresses until the whole pool is exhausted.
  So my question is how does  ip source guard in conjuction with dhcp snooping prevent this particular attack from happening? ( i.e DHCP scope exhaustion)
  I really appreciate your input.
  thanks and have a great week.

  Thanks Karthikeyan.
  First of all, we gather all the information about the  locations of legitimate dhcp servers in our network. Once we have this information, we will configure the ports used to reach them as trusted. All the ports where end users will connect will be untrusted and therefore subject to dhcp snooping .
  it means if any of user connected in that switch/vlan runs a dhcp  services like vmware for eg. Snooping will prevent the dhcp/bootp  servers connected to that port will not be able to process.
  Yes that is correct. Because dhcp snooping feature will check these ports for the messages usually sent by dhcp server such as dhcp offer, etc. If the end user is running dhcp server using virtual machine, that port should be configured as trusted if it is dertermined  that end user is running a legitimate dhcp server using vm ware.
  When we have the dhcp snooping it prevents the 1st level of hacking  itself. I don't think so it will have any impact on dhcp address  releasing.
  I am sorry. You lost me here. What is 1 level of hacking?
  Dhcp snooping checks for dhcp messages such as dhcp release, dhcp decline.on untrusted port against the dhcp bindings.
  Here is why;
  h1---------SW1-------dhcp server
                 |
               h2
  Let say we don't have dhcp snooping in above attack and  h2 is a legitimate user has already assigned ip address 199.199.199.2 by dhcp server. Thus the dhcp server has an entry:
  199.199.199.2 mac2
  Next we connect rogue user and it gets ip address 199.199.199.1 now the dhcp server has entries:
  199.199.199. 1  mac1
  199.199.199.2   mac2
  Now using hacking tools, h1 create a fake dhcp release message  with  199.199.199.199.2   mac2
  Dhcp server upon receiving this message, will release the ip address and returns it to the pool.
  By using DHCP snooping, switch will peer inside dhcp release message and checks against the binding. If there is conflict, it will drop the message.
  IFor e.g
  If have dhcp snooping configured , then switch will have adhcp binding as:
  199.199.199.1    mac1    vlan 1   f1/1  lease time
  199.199.199.2     mac2    vlan 2    f1/2 lease time.
  If h1 tries to send fake dhcp release with ip address 199.199.199.2    mac2
  Switch will check ip address 199.199.199.2  and mac2 against the binding related to f1/1 . Sw will find a conflict and therefore drops the dhcp release packet.
  Thanks

• ASA 5512-X - VPN & local clients DHCP relaying (DHCP Proxy vs. DHCP Relay conflict)

  Hey all,
  I have ASA-5512-X serving as general firewall/router. It also serves as AnyConnect SSL VPN gateway (webvpn).
  It has ~10 VLANs connected over 1 trunk port. One of the VLANs has DHCP server that shall serve all the VLANs (192.168.16.2).
  I'm trying to have the ASA relay DHCP requests from all VLANs to the DHCP server and to also serve VPN clients.
  However, according to bug https://tools.cisco.com/bugsearch/bug/CSCsd22469 both DHCP Proxy (webvpn) and DHCP Relay (local interfaces) can't be enabled at the same time.
  As VPN clients connect to the same VLANs as local users (eg. VLAN 2 - 192.168.2.0/24) I want to have the very same DHCP server serving both, otherwise it's gonna become a mess.
  Note: if I configure DHCP Relay functionality and disable DHCP Proxy - local clients are served fine. If I configure DHCP Proxy (webvpn) and disable DHCP Relay VPN clients are served fine. I therefore consider setup to be correct, just the ASA limitation won't allow me to make it serve both.
  Can DHCP Relay also serve VPN clients (no DHCP Proxy enabled)? did I miss something?
  Thanks!

  Hi,
  The only workaround for this issue is to configure the ASA itself to act as DHCP server for vpn clients. You also have the flexibility of using local pool and AAA server. Why exactly do you want to use the same DHCP server for both?
  AM

• Help for Cisco configuration

  Hi all,
  we brought a Cisco 881W-GN-E-K9 and we use it as main router.
  We have this network architecture:
  - the WAN (FastEthernet4 interface) is connected to the 192.168.0.x network
  - all the ethernet interfaces (FastEthernet 0-3) and the wlan are in 10.0.0.0 network using a VLan
  We have some problems:
  - we set static DNS entries in the Router:
  ip host Waters 10.0.0.1
  ip host Barrett 10.0.0.2
  ip host Mason 10.0.0.20
  ip host Wright 10.0.0.21
  However, the ping Mason it's not working....
  - we activate a NAT for the 8080 port on the 10.0.0.21 pc but it does not works:
  ip nat inside source static tcp 10.0.0.21 8080 A.B.C.D 8080 extendable
  someone can explain were we are falling?
  Following the router configuration:
  Current configuration : 6948 bytes
  version 15.1
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Waters
  boot-start-marker
  boot-end-marker
  logging buffered 51200 warnings
  no aaa new-model
  memory-size iomem 10
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-1382020822
  REMOVED!!!
  crypto pki certificate chain TP-self-signed-1382020822
  REMOVED!!!
  ip source-route
  ip dhcp excluded-address 10.0.0.1
  ip dhcp excluded-address 10.0.0.1 10.0.0.99
  ip dhcp pool DHCP
  import all
  network 10.0.0.0 255.0.0.0
  default-router 10.0.0.1
  dns-server 10.0.0.1
  lease 0 10
  ip cef
  ip host CiscoRouter 10.0.0.1
  ip host Mason 10.0.0.20
  ip host Wright 10.0.0.21
  ip host SamsungML3050 10.0.0.91
  ip host CiscoAP 10.0.0.2
  ip host EpsonSX440W 10.0.0.90
  ip host RouterAP 10.0.0.2
  ip host Waters 10.0.0.1
  ip host Router 10.0.0.1
  ip host Barrett 10.0.0.2
  ip name-server 192.168.0.1
  ip name-server 8.8.8.8
  ip name-server 10.0.0.1
  no ipv6 cef
  vpdn enable
  vpdn-group 1
  REMOVED!!!
  license udi pid CISCO881W-GN-E-K9 sn REMOVED!!!
  username routeradmin privilege 15 secret REMOVED!!!
  interface FastEthernet0
  no ip address
  interface FastEthernet1
  no ip address
  interface FastEthernet2
  no ip address
  interface FastEthernet3
  no ip address
  interface FastEthernet4
  ip address 192.168.0.253 255.255.255.0
  ip nat outside
  ip virtual-reassembly in
  duplex auto
  speed auto
  interface Virtual-Template1
  ip unnumbered Vlan1
  ip nat inside
  ip virtual-reassembly in
  peer default ip address dhcp-pool DHCP
  no keepalive
  ppp encrypt mppe 128
  ppp authentication ms-chap ms-chap-v2
  interface wlan-ap0
  description Service module interface to manage the embedded AP
  ip unnumbered Vlan1
  ip nat inside
  ip virtual-reassembly in
  arp timeout 0
  interface Wlan-GigabitEthernet0
  description Internal switch interface connecting to the embedded AP
  no ip address
  interface Vlan1
  description BLABLABLA
  ip address 10.0.0.1 255.0.0.0
  ip nat inside
  ip nat enable
  ip virtual-reassembly in
  ip tcp adjust-mss 1452
  ip local pool PPTP-Pool 10.0.1.10 10.0.1.99
  ip default-gateway 10.0.0.1
  ip forward-protocol nd
  no ip http server
  ip http access-class 23
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip dns server
  ip nat inside source list 1 interface FastEthernet4 overload
  ip nat inside source static tcp 10.0.0.21 8080 A.B.C.D 8080 extendable
  ip default-network 192.168.0.0
  ip route 0.0.0.0 0.0.0.0 192.168.0.1
  access-list 1 permit 10.0.0.0 0.255.255.255
  access-list 23 permit 10.0.0.0 0.255.255.255
  no cdp run

  Hi mfurnival,
  thank for your answer...
  inline my outlines:
  What do you mean when you say the static entry for Mason is not working? Do you mean that when you type "ping Mason" it times out? What happens when you try and ping the actual IP address of Mason ( 10.0.0.20 ) - does that work?
  yes, the ping to 10.0.0.20 works ok while ping mason times out....
  Regarding the NAT - I assume that the outside address (removed from config above) is in the 192.168.0.x range?
  hooo... thanks, this issue was solved: i was mapping the outside ip address (156.x.y.z) and not the 192.168.0.x... thank you.
  Leonardo

• PLease help me to configure

  Hello Friends,
  I need your help to configure my voice setup.I have two location connected with a point-to-point leased line. Both the ends have different brand pbx installed. One is connected with R1 with the help pf a T1 voice card and Other is connected with R2 with the help of a E1 card. I am giving an attachment of the scnerio. Please help me to configure the cisco 3640 routers with H.323 gateway. I will be very thankful to you.My bosses has given me this work to do. Now I need your help. I have some exerience to configure E1 and T1 cards also have some knowledge of configuring dial pears.
  Thanks.

  Ok, this was the 2nd thing I was just about to recommend, and that was to not Trunk due to the E1/T1 limitation and just terminate and route everything H323. Both sides are CAS, just one is E&M Immediate and the other is R2-Digital. Unlike the 1st document I linked you are not trunking the connections you are using a PLAR to a voice-port. Essentially you are using a H323 dialplan to do this in a limited fashion.
  Unfortunately CAS doesn't support ANI unless you use FGD or FGD-EANA on the T1 side Router and PBX. Not totally sure on the R2 side but I believe you need to configure your PBX and R2 router to use R2-Digital Compelled, non-compelled or semi-compelled to get ANI information on that side.
  Reference these documents.
  http://www.cisco.com/en/US/tech/tk652/tk653/technologies_tech_note09186a00800e2560.shtml
  http://www.cisco.com/en/US/tech/tk652/tk653/technologies_tech_note09186a00800943c2.shtml
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcr/tdia_r/dia_d2ht.htm#wp1010243
  Please rate any helpful posts
  Thanks
  Fred

• Help in the configuration of SAPCRM BP to EP 6.0 SP2

  Hi all,
  Need some Help on the configuration  of the CRM Business Package 6.0.2.2. to EP 6.0 SP2. I am following the guide for the same given on SAP HELP. I have activated the required BSP Services : crm_bsp_frame etc.
  And i have assigned the Account Manager role to one of the portal users. I have also configured the backend role to the backend user to which the portal user is mapped.
  Now, iam able to see the Account Manager's top and detail level navigation in the portal, but iam not able to see the iviews in it. The error is as below:
  Portal Runtime Error
  An exception occurred while processing a request for :
  iView : N/A
  Component Name : N/A
  Application URL 'http:///sap/bc/bsp/sap/crm_bsp_frame/entrypoint.do' is not valid! Please check the protocol and host entries for system 'SAP_CRM'..
  See the details for the exception ID in the log file
  The SAP_CRM system that i have defined is fine. SInce iam able to create an SAP Transaction iview out of it successfully.
  Any pointers regarding this will be very useful. Thanks

  Hello Mr. Ramaya,
            Your SAP_CRM system definition is missing the entries for web application server. Check your system definition.  This is why in following url your host and port are missing.
  <b>'http:///sap/bc/bsp/sap/crm_bsp_frame/entrypoint.do'</b>

• Help required in configuring telnet

  Hi,
  We have two PIX 515E firewalls working in HA mode.
  I wanted to configure telnet access to firewalls from outside interface.
  PIX version is 6.3(5)
  I kept PC outside to outside interfaces.
  PIX outside IP is 10.10.200.3, inside IP is 10.10.202.5 corresponding virtual IPs are 10.10.200.2 and 10.10.202.7
  I have tried following configurations:
  pix(config)#telnet 0 0 inside
  pix(config)#telnet 0 0 outside
  pix(config)#telnet 10.10.200.0 255.255.255.0 outside
  pix(config)#telnet 10.10.202.0 255.255.255.0 inside
  pix(config)#telnet 10.10.200.200 255.255.255.255 outside
  I am able to telnet from internal interface side using inside ip address.
  But from outside test pc with IP 10.10.200.200 I am not able to telnet to PIX.
  I enabled logging console 5.
  when I tried to telnet to outside virtual IP it is not showing any traffic to firewall.
  If I try to outside interface I am able to see the traffic like
  packets received from source 10.10.200.200 to 10.10.200.3
  any help in this configuration. I wanted to telnet firewall from test pc.
  Regards
  SKRAO

  HI SKRAO,
  from security reasons is not possible to telnet to outside interface there is no way how to permit this you need you ssh instead of telnet
  here is more info about setting ssh
  http://www.ciscopress.com/articles/article.asp?p=25342&seqNum=3&rl=1
  M.
  Hope that helps rate if it does

• Help required in configuring counting rule

  I have limited experience in SAP-HR configuration. Kindly help me quota configuration. The client has only absence type u2013 Earned Leave. The leave rule is the same for all the employees. The leave rules are:
  1.     The employees are credited with earned Leave on Jan 1 every year, for the attendance days put in during the previous calendar year.
  2.     The employee is eligible for Earned Leave only if he has attendance for at least 240 days during the previous year. If the employee has joined the company during the middle of the previous year, then he should have attendance for at least 2/3 of the remaining working days during the year.
  3.     The employee should be credited with 1 day EL for every 20 working days. If the employee, for example, has worked for 268 days during the year then he should be credited with 13 days EL (268/20=13, with 8 days as remainder). The remainder days, if any, should be carried forward to the next year and considered at that point as added to the number of working days. E.g. employee has worked for 268 days in year 2010. He will be credited with 13 days EL on 1 Jan 2011. Assume he has worked for 256 days in year 2011. Then while creating the absence quota for EL on 1 Jan 2012, the system should consider working days as 256 (from year 2011) + 8 (remainder from year 2010) = 264. Hence the employee should be credited with 13 days of EL on 1 Jan 2012 (264/20 = 13 days; 4 days remainder).
  4.     Leave carry forward rules: The employee is allowed to carry forward the EL balance to the next year. However, after carry forward the total balance should not go beyond 30 days. Any thing in excess of 30 days will get lapsed, if it is not encashed.
  Kindly let me know how to configure the counting rule & the deduction rule for the above scenario.

  Hi
  Configuring of EL need PCR Calculation and Standard Configuration with time Types
  000010            D VARSTCURMO
  000020 **           COLOP*
  000030 04         D VARSTFDYPP
  000040 04 N
  000050 04 Y       D HRS=0     HRS=FR11C HRS?300
  000060 04 Y *
  000070 04 Y <     D HRS-300   HRS*-1    ADDDB9509 ADDDB9558 HRS?15
  000080 04 Y < *   Z HRS=0     HRS=M9500 GCY ZAC2
  000090 04 Y < <   Z GCY ZAC3
  this when u go for GCY ZAC2
             D HRS?10
           D HRS/10    ROUNDH<60HHRS?CELACR
  *        D HRS-CELACRHRS?0
  * *        HRS*-1    ADDDB9501
  * >        HRS=0     ADDDB9500ZADDMB9500ZADDDB9501ZADDMB9501Z
  >          HRS=0     ADDDB9500ZADDMB9500ZADDDB9501ZADDMB9501Z
  <            HRS=0     HRS=CELACRADDDB9501 HRS=0     ADDDB9500ZNEXTR A
  <        A   ADDMB9500Z
  This when u click ZAC3
  000010            D HRS=0     HRS=M9500 HRS?10
  000020 *            HRS/10    ROUNDH<60HADDDB9557 HRS-D9509 ADDDB9556 NEXTR A
  000030 *        A D HRS*-1    HRS?0
  000040 * *          COLOP*
  000050 * >          ADDDB9501 HRS=0     ADDDB9500ZADDMB9500ZADDDB9509ZNEXTR A
  000060 * >      A   ADDMB9509Z
  000070 <            HRS=0     HRS=M9509 ADDDB9501 HRS=0     ADDDB9500ZNEXTR A
  000080 <        A   ADDMB9500ZADDDB9509ZADDMB9509Z
  This PCR is for EL with 300 Limit
  Regards
  Raja Sekhar

• Please help me to configure 2504 WLC as secondary in N+1 HA mode. My primary WLC is 5508 and both have 50 AP license.

  Please help me to configure 2504 WLC as secondary in N+1 HA mode. My primary WLC is 5508 and both have 50 AP license. I want to deploy the AP in the same location.

  Go HERE:  https://supportforums.cisco.com/discussion/12219106/high-availibility-2500

• WLC 2006 INTERNAL DHCP FOR GUESTS CLIENTS

  I would like to use the internal DHCP to issue ipaddress to the guest wireless clients.
  However; when i setup the wlc internal DCHP scope and try to connect to the wireless guest vlan the WLC debug DHCP reads ...forwarding to 192.168.255.2 which i have listed as the gateway to the pix
  any examples on how to do this would be great.
  here is what i have for the dhcp scope:
  Dhcp Scope Info
  Scope: Guest.Data.DHCP
  Enabled.......................................... Yes
  Lease Time....................................... 86400 (1 day )
  Pool Start....................................... 192.168.255.17
  Pool End......................................... 192.168.255.30
  Network.......................................... 192.168.255.0
  Netmask.......................................... 255.255.255.0
  Default Routers.................................. 192.168.255.2 0.0.0.0 0.0.0.0
  DNS Domain.......................................
  DNS.............................................. 0.0.0.0 0.0.0.0 0.0.0.0
  Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0
  Here is what i have for the wlan
  WLAN Identifier.................................. 2
  Network Name (SSID).............................. Guest.Data
  Status........................................... Disabled
  MAC Filtering.................................... Disabled
  Broadcast SSID................................... Enabled
  AAA Policy Override.............................. Disabled
  Number of Active Clients......................... 0
  Exclusionlist Timeout............................ 60 seconds
  Session Timeout.................................. Infinity
  Interface........................................ guest.data
  WLAN ACL......................................... unconfigured
  DHCP Server...................................... Default
  DHCP Address Assignment Required................. Enabled
  Quality of Service............................... Silver (best effort)
  WMM.............................................. Disabled
  CCX - AironetIe Support.......................... Enabled
  CCX - Gratuitous ProbeResponse (GPR)............. Disabled
  Dot11-Phone Mode (7920).......................... Disabled
  Wired Protocol................................... None
  IPv6 Support..................................... Disabled
  --More-- or (q)uit
  Radio Policy..................................... All
  Security
  802.11 Authentication:........................ Open System
  Static WEP Keys............................... Disabled
  802.1X........................................ Disabled
  Wi-Fi Protected Access (WPA/WPA2)............. Disabled
  CKIP ......................................... Disabled
  IP Security Passthru.......................... Disabled
  Web Based Authentication...................... Disabled
  Web-Passthrough............................... Disabled
  Auto Anchor................................... Disabled
  H-REAP Local Switching........................ Disabled
  Management Frame Protection................... E

  when i try to assocate the dhcp scope to wireless.guest.data interface using 192.168.255.1 which is the ip of the that interface it will not let me. I would have thought since i was using the interal dhcp that the .1 address would be the dhcp scope address also. i can assign 192.168.255.0 or 192.168.255.2(gateway)if i use .0 or .2 the dhcp request (discovery) process starts and then will forward to .2 (gateway) and never assign an address. the only thing that happens is that the client wireless interface will get 255.255.255.255 for a few seconds then go away.
  what i am trying to accomplish is to connect the wlc port 2 directly to a pix 506 which goes to the internet so the guest traffice is not on our vlan.
  any other suggestions on guest vlans would be appricated....
  Tom
  Interface Name................................... wireless.guest.data
  IP Address....................................... 192.168.255.1
  IP Netmask....................................... 255.255.255.0
  IP Gateway....................................... 192.168.255.2
  VLAN............................................. 150
  Quarantine-vlan.................................. no
  Physical Port.................................... 2
  Primary DHCP Server.............................. Unconfigured
  Secondary DHCP Server............................ Unconfigured
  DHCP Option 82................................... Disabled
  ACL.............................................. Unconfigured
  AP Manager....................................... No
  Scope: wireless.guest.data.dhcp.server
  Enabled.......................................... Yes
  Lease Time....................................... 86400 (1 day )
  Pool Start....................................... 192.168.255.17
  Pool End......................................... 192.168.255.30
  Network.......................................... 192.168.255.0
  Netmask.......................................... 255.255.255.0
  Default Routers.................................. 192.168.255.2 0.0.0.0 0.0.0.0
  DNS Domain.......................................
  DNS.............................................. 0.0.0.0 0.0.0.0 0.0.0.0
  Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0

• Can anyone help me in configuring the reports server

  Can any one help me in configuring report server to personal web server on Windows NT 4.0 sp4 environment.

  Hi.
  One way of searching for tables that contains specific fields is use transaction ST05 (Performance Analysis) and then turn on the trace function.
  If you know some program that has a component (textbox, select-option, parameter, label, radiobutton, etc) that reffers to the field desired (or even just use it in the internal logic), in your case 'charg', you'll be able to check in a report what tables were used while the trace was on.
  Search about ST05 and its trace function. It's very simple and very useful to find tables.
  Edited by: Fabio Luiz Esperati Pagoti on Sep 29, 2009 7:40 PM

• Need help on struts configuration with ColdFusion 10 using IIS

  We need help on struts configuration with ColdFusion 10 using IIS.
  Earlier we were using ColdFusion 8 with IIS 6 for one of our application.  This application internally calls struts. After upgrading to ColdFusion 10 struts calls are not loading. We get 404 error.
  In ColdFusion 8 struts were configured using  actions extension .do in IIS from this file-
  C:\ColdFusion8\runtime\lib\wsconfig\jrun_iis6.dll.
  But in ColdFusion 10 this file is not present as ColdFusion 10 uses Tomcat in place of Jrun.
  Also there is no information in ColdFusion log file.

  Duane wrote:
  doctormirabilis, Welcome to the discussion area!
  1) how can i configure the time capsule in order to operate as a remote base station synchronizing with the relay using the ethernet port?
  Configure the Time Capsule to act as a bridge (not distributing IP addresses). Also configure the Time Capsule to create an 802.11n wireless network with a unique network name (SSID). That's it.
  2) how can i avoid that my powerbook while accessing my wireless network does connect through the relay station instead of using the time capsule?
  Configure the Time Capsule to use a different network name than the WDS link between the 2 AirPort Express (AX). Configure the PowerBook to use the Time Capsule network.
  There are 2 pieces of information that you should be aware of...
  (1) None of the PowerBooks are capable of 802.11n.
  (2) The WDS link cuts your available bandwidth in half. So the wireless link to your neighbor's has a maximum potential of 27 Mbps.
  Let's for a minute assume that you have a Mac compatible with 802.11n. In your configuration the time you could take advantage of the 802.11n speed is when the Mac is sending/recieving data directly from/to the Time Capsule.
  There would be NO speed increase in Internet access. The speed of Internet access is going to be controlled by the slowest link in the path to the Internet. That is probably the connection to the ISP. The next slowest path is the WDS link to your neighbor's.
  Duane,
  I am in a similar situation, sharing internet with my neighbor. Do you think it would be plausible to hook up a vonage phone adapter to time capsule's ethernet port if time capsule is bridging from my neighbor's router in the configuration you have described? A check of my upload speed shows 1.67Mbps (powerbookG4 w/ airport extreme). Vonage reccommends 90kbps minimum upload speed. Am I going to lose some speed putting the Vonag adapter behind time capsule?
  Thank you