WS-C3750X-24S - FastEthernet0 question

Similar Messages

• SFP mofule for C3750X-24S-S

  I buy Cisco 3750X-24S-S. Whitch type SFP module I can use? 3750X will be connect with media convertor TP-LINK MC111CS and this media converter is connect wit Axis camera.

  Depending on your distance, you can use single mode SFP or Multimode SFP.  If your distance is up to 220 meters you can use GLC-SX-MM. If it is more than 220 meters you need GLC-LX-SM
  see table-4 in this link
  http://www.cisco.com/en/US/docs/interfaces_modules/transceiver_modules/installation/note/78_15160.html
  HTH

• 3750 product question

  I have basic product question on cisco 3750 series switches.
  I have a few different models here
  WS-C3750-24TS-E
  WS-C3750G-24PS-E
  WS-C3750G-24PS-S
  WS-C3750G-24TS-S1U
  WS-C3750G-48PS-S
  WS-C3750G-48TS-S
  WS-C3750X-48PF-S
  WS-C3750X-48T-S
  Questions
  1. What do the TS-E , PS-E, PS-S, PF-S, T-S etc stand for ?
  2. Also within the 48 port switches if i have to create a stack , would i be able to mix models in creating a stack ?

   show power inline and have taken the details of my second switch  ...
  Interface Admin  Oper       Power   Device              Class Max
  Gi2/0/1   auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/2   auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/3   auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/4   auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/5   auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/6   auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/7   auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/8   auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/9   auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/10  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/11  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/12  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/13  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/14  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/15  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/16  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/17  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/18  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/19  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/20  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/21  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/22  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/23  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/24  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/25  auto   on         15.4    Ieee PD             3     15.4
  Gi2/0/26  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/27  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/28  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/29  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/30  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/31  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/32  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/33  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/34  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/35  auto   on         10.5    IP Phone 7937       3     15.4
  Gi2/0/36  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/37  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/38  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/39  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/40  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/41  auto   on         6.3     IP Phone 7961       2     15.4
  Gi2/0/42  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/43  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/44  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/45  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/46  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/47  auto   off        0.0     n/a                 n/a   15.4
  Gi2/0/48  auto   off        0.0     n/a                 n/a   15.4

• Can I Stack Switches with differents Part Numbers? Is it possible??

  Hi,
  I have a doubt, I need to buy 4 Switches Cisco 3750-X, but 2 with UTP/RJ-45 Ports, and 2 with STP capability.
  My question is, for example, Can I stack 2 WS-C3750X-48T-E and 2 WS-C3750X-24S-E??

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  The only limitation of stacking different 3750X models is the feature set of the installed IOS.
  I.e.:  "The Cisco Catalyst 3750-X Series Switches with LAN Base feature set can only stack with other Cisco Catalyst 3750‑X Series LAN Base switches. A mixed stack of LAN Base switch with IP Base or IP Services features set is not supported."

• Small DC Switch Design

  Hello,
  I'm working on options for a small DC switch design.  This DC has 5
  virtual hosts with 10-20 guest vm's each.  Each server has two quad
  port gig nics with 6 of the 8 gig ports connected (3 for iSCSI and 3
  for data or management.  It also has two 3 node sans each with 2 gig
  ports per node, a host of other small servers including voice servers,
  management servers, asa firewall, and a few routers.  Total of 50-60
  ports as of right now.
  Connected to the DC is 7 other buildings each with there own 1 gig
  fiber connection serving about 3000 devices in total including
  desktops, laptops, ip phones, wireless ap's, building automation,
  alarm panels, etc....
  Right now in each of the 7 buildings has a 3560G as an aggregation
  switch connected back to the DC.  The DC also has a few 3560G's and
  3750G's for the sans and servers.  The system seems to work ok for the
  most part aside from micro bursts overwhelming the buffers on these
  switches and the etherchannel trunks between them dropping a minor
  amount of packets.  QOS is configured for the voice network and there
  are little to no complaints.
  What I would like to know (costs being the biggest factor) is what
  would be a better switch design for the current and future traffic in
  this network.  Some options I was thinking about are as follows:
  I would needs at least 96 ports.
  So option A is to go with a 4506-E bundle with 2 48 port line cards,
  sup 6l-e and a WS-X4712-SFP+E or something of the sorts.   And then
  upgrade to the enterprise services license and do all of the routing
  and switching for the DC on this one switch.  Means little redundancy
  and no failover.
  Option B was to go with the same 4506-E bundle, without the extra
  license and without the SFP line card and put in some sort of layer
  three aggregation switch, possibly an me3600x.
  Option C Is to go with the 4503-E, the SFP line card and the IP
  Enterprise services license.  And two top of rack switches, either
  2360's or 4948's.
  I would like to do some PBR on the aggregation switch, but I am unsure if the me3600x is capable of doing that.
  I have no experience in this matter so any other thoughts or
  suggestions would be appreciated.
  Thanks,
  Dan.

  Disclaimer
  The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.
  Posting
  If cost is the biggest factor, and the only notable issue now is occasional packet drops due to insufficient buffers, perhaps some buffer tuning would be something to consider.
  A really important question to answer is how important redundancy. At lower port densities (3 to 4 stack members), the switch stack is less expensive than a chassis that supports redundancy.  At very low port densities (2 to 3 stack members) the stack might be less expensive than even a non-redundant chassis.
  BTW, the 3750-E/X offers much more performance than the original 3750 series.  If offers wire-speed PPS and fabric per switch, twice the ring bandwidth and uses the ring, for unicast, much "smarter".
  Perhaps a dual WS-C3750X-12S or WS-C3750X-24S for your core with dual MEC fiber etherchannl links to your aggregation switches?  In the DC itself, you might also use 2960s to provide DC edge ports.  For growth, a dual 3750-X stack would support four 10 gig ports which could be used with 10 gig servers or 10 gig SAN or as a 10gig link to other DC switches, such as the 2960S (which support their own stacking technology).

• Compatible between Cisco and Huawei

  Dear Expert
  We have purchased 7 units Huawei access switches, S2700-26TP-EI-AC & 1310 SFP modules from www.huanetwork.com now we plan to add a aggregation switches, for this part, we want to use Cisco WS-C3750X-24S-S, my question is with Huawei GE optical port (with 1310 SFP module), can it connect to Cisco 3750X GE ports (with GLC-LH-SMD). If not we may need to go for Huawei S5700.
  Thanks very much.

  I know the problem,When I change the native vlan of my  S5700-28C-EI ,it's just ok.

• Uplinks - Fiber to Ethernet converters

  Hi,
  I am planning to use Fiber to Ethernet converters for all 25 uplinks and will connect to WS-C3750X-48PF-S.
  I had  WS-C3750X-24S-E in mind but needed copper connections as well to connect the routers and a few other systems.
  Is it a good idea to use these converters for all the uplinks or should I consider WS-C4506-E?

  You may want to look at the 4500-X too. They work great as a distribution switch. Personally I would stay away from media convertors. It's just one more thing to fail and the majority of them have little visibility when something does go wrong. However if you do decide to go with them I would look at Transition Networks.

• GLC-T

  Hi Team,
  I have a customer who owns WS-C3750X-24S-S. All ports are fibre, but he wants to do copper patch cords on 10ports. Can GLC-T help achieve this? How can he achieve this?

  I have a customer who owns WS-C3750X-24S-S. All ports are fibre, but he wants to do copper patch cords on 10ports. Can GLC-T help achieve this? How can he achieve this?
  GLC-T is supported.
  That's one expensive solution, though. 

• Question on summarization

  Hi,
  I thought I understood summarization pretty well but I found an example on the Todd Lammle book which is confusing me and makes me think that I might be missing something.
  1. This first exercise asked to summarize 192.168.1.0/24 through 192.168.12.0/24
      My summarization was 192.168.0.0/20 which matches the result on the book. So far so good.
  2. Another exercise asked to summarize 172.16.1.0 through 172.16.7.0
      My summarization here doesn't match the result on the book.
      I summarized it as 172.16.0.0/21 however the book summarized it as 172.16.1.0/21
      I thought the address always had to be the first one in the block, in this case a block size of 8 starting from 0. This is what I did in exercise 1 which was correct and looks very similar to the second one.
  Any thoughts?
  Regards
  Lass

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Perhaps your confusion lies in how summaries should be used.
  Hopefully, the following will (indirectly) answer your questions.
  Suppose we have four /24s, back to back, such as:
  192.168.0.0/24
  192.168.1.0/24
  192.168.2.0/24
  192.168.3.0/24
  All four of those blocks are "covered" by 192.168.0.0/22, which we could use to summarize them.
  But suppose we had:
  192.168.1.0/24
  192.168.2.0/24
  192.168.3.0/24
  192.168.4.0/24
  If we use 192.168.0.0/21, that actually covers:
  192.168.0.0/24
  192.168.1.0/24
  192.168.2.0/24
  192.168.3.0/24
  192.168.4.0/24
  192.168.5.0/24
  192.168.6.0/24
  192.168.7.0/24
  But is that a problem?
  Well it might be or might not be, it depends on what else is "happening" on the network.
  Further suppose, while you have 192.168.(1..4).0/24 I have 192.168.0.0/24 and 192.168.(5..7).0/24.  How do I summarize my /24s?  What if I too used 192.168.0.0/21?  If I did, we have conflicting summaries!
  So, to avoid the conflict, we could summarize your 192.168.(1..4).0/24 as:
  192.168.1.0/24
  192.168.2.0/23 (covers 2..3)
  192.168.4.0/24
  Basically, the above only summarizes two of your /24s, but the above also insures we don't summarize addresses we're not using or don't own.
  Of course, if we paid attention to bit boundaries, ideally your four /24s should all be covered by a /22, as would be for 192.168.0.0/22.

• DMVPN w/ Multicasting setup/questions

  Hello
  I have a lot of questions, so bare with me as i puke them out of my head.
  I have been doing some testing with DMVPN inconjuction with multicasting video (Hub and spoke, w/ no spoke to spoke). The test setup is using 2 cisco 2811 w/out the vpn module.  I understand the performance hit with not having the module. With that being said here are my questions.
  1. With encryption on both the HUB and spoke routers are using 90-97% cpu (8Mb multicast stream).  With encryption off, the Hub is around 60%, and spoke around 75%.  Here is where i'm confused.  If i send that same stream as a unicast stream, w/ encryption on, both the Hub and spoke are only using around 30-35% cpu.  Why is there so much more cpu need when its a multicast stream?
  2. In the current config i'm seeing input, throttles, and ignore errors on the Hub and spoke.  The Hub has these errors on the LAN interface, and the spoke has these errors on the WAN interface. All other interfaces are totally clean.  I have checked and there are no duplex or speed mismatches.  Any ideas?
  HUB:
  Current configuration : 1837 bytes
  version 12.4
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Hub
  boot-start-marker
  boot-end-marker
  logging message-counter syslog
  enable password
  no aaa new-model
  clock timezone Central -6
  dot11 syslog
  ip source-route
  ip cef
  no ip domain lookup
  ip name-server 8.8.8.8
  ip multicast-routing
  no ipv6 cef
  multilink bundle-name authenticated
  voice-card 0
  archive
  log config
    hidekeys
  interface Tunnel1
  bandwidth 100000
  ip address 192.168.11.1 255.255.255.0
  no ip redirects
  ip mtu 1400
  no ip next-hop-self eigrp 1
  ip pim sparse-mode
  ip nhrp map multicast dynamic
  ip nhrp network-id 1
  ip nhrp holdtime 450
  no ip route-cache cef
  ip tcp adjust-mss 1360
  no ip split-horizon eigrp 1
  delay 1000
  tunnel source FastEthernet0/0
  tunnel mode gre multipoint
  tunnel key 100000
  tunnel bandwidth transmit 100000
  tunnel bandwidth receive 100000
  interface FastEthernet0/0 (WAN)
  ip address 216.x.x.x 255.255.255.192
  ip pim sparse-mode
  load-interval 30
  duplex auto
  speed auto
  interface FastEthernet0/1 (LAN)
  ip address 128.112.64.5 255.255.248.0
  ip pim sparse-mode
  load-interval 30
  duplex auto
  speed auto
  router eigrp 1
  network 128.112.0.0
  network 192.168.11.0
  auto-summary
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 216.x.x.x
  ip http server
  ip http authentication local
  ip http secure-server
  ip pim rp-address 128.112.64.5 10
  access-list 10 permit 239.10.0.0 0.0.255.255
  snmp-server community public RO
  Spoke:
  Current configuration : 1857 bytes
  version 12.4
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Spoke
  boot-start-marker
  boot-end-marker
  logging message-counter syslog
  enable password
  no aaa new-model
  clock timezone central -6
  dot11 syslog
  ip source-route
  ip cef
  no ip domain lookup
  ip multicast-routing
  no ipv6 cef
  multilink bundle-name authenticated
  voice-card 0
  archive
  log config
    hidekeys
  interface Tunnel1
  bandwidth 100000
  ip address 192.168.11.2 255.255.255.0
  no ip redirects
  ip mtu 1400
  ip pim sparse-mode
  ip nhrp map 192.168.11.1 216.x.x.x
  ip nhrp map multicast 216.x.x.x
  ip nhrp network-id 1
  ip nhrp holdtime 450
  ip nhrp nhs 192.168.11.1
  no ip route-cache cef
  ip tcp adjust-mss 1360
  no ip split-horizon eigrp 1
  delay 1000
  tunnel source FastEthernet0/0
  tunnel destination 216.x.x.x
  tunnel key 100000
  tunnel bandwidth transmit 100000
  tunnel bandwidth receive 100000
  interface FastEthernet0/0 (WAN)
  ip address 65.x.x.x 255.255.255.192
  ip pim sparse-mode
  load-interval 30
  duplex auto
  speed auto
  interface FastEthernet0/1  (LAN)
  ip address 128.124.64.1 255.255.248.0
  ip pim sparse-mode
  ip igmp join-group 239.10.10.10
  load-interval 30
  duplex auto
  speed auto
  router eigrp 1
  network 128.124.0.0
  network 192.168.11.0
  auto-summary
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 65.x.x.x
  no ip http server
  no ip http secure-server
  ip pim rp-address 128.112.64.5 10
  access-list 10 permit 239.10.0.0 0.0.255.255
  snmp-server community public RO

  Joe,
  You ask the right question.
  CPU ultization = CPU consumed by processes + IO operations (in a huge simplification - CEF) 
  Typically when a packet is processed by router we expect it to be be processed by CEF, i.e. very fast.
  Packet is not processed by CEF:
  - when there is something missing to route the packet properly (think missing ARP/CAM entry) i.e. additional lookup needs to be done.
  - a feature requests that a packet is for processing/mangling
  - Packet is destined to the router
  (And several other, but those are the major ones).
  When a packet is recived, but cannot be processed by CEF, we "punt the packet to CPU" this in turn will cause the CPU for processes to go up.
  Now on the spoke this seems to be the problem:
  Spoke#show ip cef switching stati       Reason                          Drop       Punt  Punt2HostRP LES Packet destined for us             0       1723          0RP LES Encapsulation resource             0    1068275          0
  There were also some failures on one of the buffer outputs you've attached.
  Typically at this stage I would suggest:
  1) "Upgrade" the device to 15.0(1)M6 or 12.4(15)T (latest image in this branch) and check if the problem persists there.
  2) If it does, swing it by TAC. I don't see any obvious mistakes, but I'm just a guy in a chair same as you ;-)
  Marcin

• 2 questions about PPTP VPN on 878

  Hello,
  I've configured my 878 router as a PPTP VPN server. It works very fine and very quickly. Using the XP VPN client from a remote site, I can "see" all servers in my network.
  2 questions
  1) When doing telnet on the 878 through the VPN, it is very slow.
  2) I would have to get access to the internet through the VPN. But this does not work.
  What should I change in this config :
  Thanks in advance,
  Guy
  version 12.3
  no service pad
  service timestamps debug datetime localtime show-timezone
  service timestamps log datetime localtime show-timezone
  service password-encryption
  service linenumber
  service sequence-numbers
  hostname ineo-21029
  boot-start-marker
  boot-end-marker
  no logging buffered
  enable secret 5 .....
  username ...
  aaa new-model
  aaa authentication login default local
  aaa authorization exec default local
  aaa session-id common
  ip subnet-zero
  no ip cef
  no ip dhcp use class
  ip name-server 212.100.160.51
  ip name-server 212.100.160.52
  ip port-map ms-sql port 1433
  vpdn enable
  vpdn-group 1
  ! Default PPTP VPDN group
  accept-dialin
  protocol pptp
  virtual-template 1
  no ftp-server write-enable
  isdn switch-type basic-net3
  controller DSL 0
  mode atm
  line-term cpe
  line-mode 2-wire line-zero
  dsl-mode shdsl symmetric annex B
  line-rate auto
  interface BRI0
  no ip address
  shutdown
  isdn switch-type basic-net3
  interface ATM0
  description === to PE/Router ====
  no ip address
  ip accounting output-packets
  load-interval 30
  no atm ilmi-keepalive
  interface ATM0.1 point-to-point
  description $ES_WAN$
  pvc 8/35
  oam-pvc manage 5
  oam-pvc manage cc end direction both
  oam retry 3 3 1
  oam retry cc end 3 3 30
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
  interface FastEthernet0
  no ip address
  interface FastEthernet1
  no ip address
  interface FastEthernet2
  no ip address
  interface FastEthernet3
  no ip address
  interface Virtual-Template1
  ip unnumbered Vlan1
  peer default ip address pool test
  no keepalive
  ppp encrypt mppe auto
  ppp authentication pap chap ms-chap ms-chap-v2
  interface Vlan1
  description $FW_INSIDE$
  ip address 192.168.2.2 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  interface Dialer1
  description $FW_OUTSIDE$
  ip address negotiated
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  no cdp enable
  ppp chap hostname ....
  ppp chap password ....
  ppp pap sent-username ....
  ip local pool test 192.168.2.240 192.168.2.250
  ip classless
  ip route 0.0.0.0 0.0.0.0 Dialer1
  ip http server
  no ip http secure-server
  ip nat inside source list 101 interface Dialer1 overload
  access-list 101 permit ip 192.168.2.0 0.0.0.255 any
  dialer-list 1 protocol ip permit
  control-plane
  line con 0
  exec-timeout 120 0
  no modem enable
  transport preferred all
  transport output all
  stopbits 1
  line aux 0
  transport preferred all
  transport output all
  line vty 0 4
  access-class 113 in
  exec-timeout 0 0
  transport preferred all
  transport input all
  transport output all
  scheduler max-task-time 5000

  Thanks for this message.
  Finding no solution to my problem, i've switched to other tools : Easy VPN server in the router + Cisco VPN client. My 2 questions have now received a positive answer.
  I was very important for me to get Internet acess through the VPN. Because we rent a dedicated server, located somewhere, and the access to this server is firewall-protected on our public IP address. Thus, when i'm outside and want to manage this serveur, i've to connect via VPN at our central office first.
  Best regards,
  Guy

• 802.1x Dynamic VLAN Switching Question

  Trying to set up 802.1x dynamic VLAN switching, and have a question. I think I've gotten it working except for one part. The VLAN on a protected interface is never getting switched. I can see an entry in the ACS stating that it applied the appropriate VLAN via RADIUS response, but it never changes on the switch.
  Environment:
  ACS Express 5.0.1
  C3550 running c3550-ipbasek9-mz.122-44.SE6.bin
  Switch config:
  aaa new-model
  aaa group server radius dot1x
  server-private 10.10.1.4 auth-port 1645 acct-port 1646 key 7 071C244F5C0C0D544541
  aaa authentication dot1x default group dot1x
  dot1x system-auth-control
  dot1x guest-vlan supplicant
  interface FastEthernet0/3
  switchport access vlan 3
  switchport mode access
  speed 100
  duplex full
  dot1x pae authenticator
  dot1x port-control auto
  dot1x violation-mode protect
  dot1x timeout tx-period 5
  dot1x timeout supp-timeout 5
  spanning-tree portfast
  ip radius source-interface FastEthernet0/1 vrf default!
  radius-server host 10.10.1.4 auth-port 1645 acct-port 1646 key 7 01000307490E125E731F
  Am I missing something easy?

  It looks like "aaa authorization network default group dot1x" was the missing command I needed to get this working.
  The only issue I'm having now is that if the client fails to meet the authentication requirements, the line status gets set as "down"

• FlexConnect Question

  Hey guys,
  I am currently studying for CCNA Wireless exams, and I have several questions regarding FlexConnect.
  In my lab, I have ROAS setup and my router is providing DHCP for my laptops and AP at branch. The 5508 WLC is not connected to this network.
  This is my switch config on my 2950 switch interface:
  interface FastEthernet0/1
  description ***LINK TO 1142-AP01***
  switchport trunk native vlan 221
  switchport mode trunk
  spanning-tree portfast
  end
  interface FastEthernet0/2
  description ***LINK TO 3602-AP02
  switchport trunk native vlan 221
  switchport mode trunk
  end
  interface FastEthernet0/16
  description ***TRUNK PORT TO 2620 Fa0/0***
  switchport trunk native vlan 96
  switchport mode trunk
  speed 100
  duplex full
  end
  My controller is 5508 with 7.4 code. I configure my both 1142 and 3602 APs from local to FlexConnect (then they reboots), but when I went to FlexConnect tab on 1142 and tick the "VLAN Support" and entered the native vlan then Apply. I don't get the WLAN I configure for Flexconnect.
  This is what I have with 3602 AP. From here I do see the two WLAN I made for flexconnect.
  At this point, I am not sure why the 1142 is not showing the two WLANs I created, but it works on 3602 AP.
  I can see the the flexconnet SSIDs, but I can't join either one. I followed this guide  https://supportforums.cisco.com/docs/DOC-24082
  Also, What is the difference between using "Enable OfficeExtend AP" and "VLAN Support" in FlexConnect tab?
  How would I know which one to use? Can you please give an example where and when to use Office Extend and VLAN Support?
  Thank you in advance

  Hello steelinquisitor,
  Thank you for contacting the Sales Acceleration Center (SAC) regarding your recent inquiry, Case Number 80884
  Case Description:
  FlexConnect Question
  Case Solution:
  Please use the ap management as the native vlan
  As per your confirmation, I am going to close the case for this specific inquiry. We strive to provide you with excellent service. Please feel free to reach out to me or any member of the SAC team if we can be of any further assistance or if you have any other related questions in the future. We value your input and look forward to serving you moving forward. Hello steelinquisitor,
  Thank you for contacting the Sales Acceleration Center (SAC) regarding your recent inquiry, Case Number 80884
  Case Description:
  FlexConnect Question
  Case Solution:
  Please use the ap management as the native vlan
  As per your confirmation, I am going to close the case for this specific inquiry. We strive to provide you with excellent service. Please feel free to reach out to me or any member of the SAC team if we can be of any further assistance or if you have any other related questions in the future. We value your input and look forward to serving you moving forward.

• Bgp neighborship question

  Hi.
  one question.
  why  bgp neighborship doesn"t establish when no dynamic routing protocol is enabled?
  there four router.
  A--------B-------C-------D
  they all can ping. 
  No dynamic routing
  static routing only enabled.
  Configured bgp as 100 with A and D but bgp neighborshi didn"t establish.
  am i missing something??

  From A side :
  R1#ping 1.1.34.4
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 1.1.34.4, timeout is 2 seconds:
  Success rate is 100 percent (5/5), round-trip min/avg/max = 80/127/164 ms
  R1#show ip route
       1.0.0.0/24 is subnetted, 1 subnets
  C       1.1.12.0 is directly connected, FastEthernet0/0
  S*   0.0.0.0/0 [1/0] via 1.1.12.2
  R1#ping 1.1.34.4
  R1#sh ip bgp summary
  BGP router identifier 1.1.12.1, local AS number 10
  BGP table version is 1, main routing table version 1
  Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
  1.1.34.4        4    10       0       0        0    0    0 never    Active
  =======================================================
  From D side :
  R4#sh ip bgp summary
  BGP router identifier 1.1.34.4, local AS number 10
  BGP table version is 1, main routing table version 1
  Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
  1.1.12.1        4    10       0       0        0    0    0 never    Active
  R4#
  there's no special log. i tested in my GNS3 and i can open 179 both side by using telnet
  weird thing is that when i enabled ospf for all of this topology, BGP neighborship was established.  that's why i asked this question. 
  router ospf 1
  net 0.0.0.0 0.0.0.0 a 0

• Hi, I have a question about CISCO 1841 router.

  I have 4 devices which are named 1841.
  But, I have trouble handling these..
  To help my question, I suppose that router's name is set A, B respectively.
  A (DCE) ------- (DTE) B (slot0 ,1 --> WIC-1T)
  Now, I connected routers upper contents.
  But WIC-1T's CONN LED does not shining...
  I did below following steps...
  1. I did commands in the routers : no shutdown, encapsulation ppp, clock rate 115200 (In this case, I designated at DCE)
  2. Change another cable which was NEW one.
  3. Change another router (Of course WIC-1T is put in)
  I really don't know what can I do...to perform it.....
  Ah... plz response my question...
  Thank you.
  Regards,

  And I did "show ip interface brief" command.
  Router#show ip int b
  Interface                    IP-Address      OK? Method Status                Protocol
  FastEthernet0/0        unassigned      YES NVRAM  up                     down
  FastEthernet0/1        unassigned      YES NVRAM  up                     down
  Serial0/0/0                unassigned      YES unset      down                 down
  Serial0/1/0                unassigned      YES unset      down                 down
  Router#
  I definitely "show down" at f0/0, f0/1, s0/0/0, s0/1/0
  But, only f0/0, f0/1 were up. 
  I don't know why Serial does not changed down to up
  Hmmm....
  It is really difficult to me ...
  The harder study in network, the more difficult...
  Anyway! 
  Please reply me!
  Regards,