I would like to use IPSK and I undestrood it works like this: -I will configure one only common SSID -user who will connect to IPSK_SSID and use PSK_123 will be connected to VLAN 123 -user who will connect to IPSK_SSID and use PSK_456 will be connected to VLAN 456 -user who will connect to IPSK_SSID and use PSK_789 will be connected to VLAN 789 And this will be great. What is not clear to me is: before any user will be able to use PSK_XXX do I need to know his MAC address? Is it really mandatory to know their mac address before they will be able to connect to the IPSK SSID ? Is there any way to bypass this with a wildcard that acceprt any mac and checks only PSK to decide to admit or not the clients? My goal is to admit all clients that have the correct PSK because (for many reasons) I'm not able to produce a coplete database of all mac address they have now and particularly I'm not able to foresee what mac they will have in the future. Thank you in advance for your help
... View more
Thanks for your answer but unfortunately it is not related to my question. I've already read document you've posted regarding Aironet extensions and it seems strange to me the fact an optional feature that Best Practice suggests to disable, it is enabled by default when you create a new SSID instead. Anyway I need to understand if it is possible to detect if any client is currently using it and seeing that we have more then 10K clients on various sites and WLCs it won't be so easy to check all of them. "Do not disable this if supporting Cisco voice devices (8821/792x, etc) or WGB" I simply would d like to have a command showing me if these kind of clients are currently in use or not. Emiliano
... View more
After we upgraded WLC from rel 8.2 to 8.5 we had a bunch of WiFi printers not able to associate anymore to our Cisco APs. Seeing that these printer are very important for the production flow, we had to perform a downgrade to the previous release and luckily the roll back solved the issue. Anyway for more then one reason we ought to perform this upgrade, so we prepared a lab to better understand what happened and find a solution. TAC eng confirmed the different behavior but, using debug, he saw AP replied to every Probe Request with the relative Probe Response, so for him all seemed to be fine and was not able to undestand the reason for the missing association by the printer. We didn't give up and using a WiFi sniffer and capturing traffic between APs and Printers with both releases, we discovered "Probe Response" packets from AP to client had different sizes: the 8.5 rel. adds indeed 4 new TAGs in the IEEE 802.11 portion of the frame and Wireshark was even not able to decode one of them marking it as "unknown". Probably printer considers the AP's response as a malformed packet due to this "unknown" field and discards it.
We guessed these TAGs are sent for compatibility with Aironet clients and in the lab enviroment we tried to disable the feature in the SSID configuration on WLC. At this point lab printer was able to associate normally to AP. Now we would like to disable this features in the production env. but before to do that we would like to check if any clients currently associated is using it and could have issue without it. Is there any show and/or debug command able to show us if Aironet Extension is used by any client connected to our WLC ? PS the issue has been tested on 2500 3500 and 5500 WLCs with same behavior.
We have to admit printer is a very old model but is working fine with 8.2 and also with 8.5 after "workaround".
... View more
i was looking a way to get via SNMP the "real Bandwidth" for large number of WAN CPEs. I don't need to know the load but the max available transmit rate .
I had a look at CEs config and noticed that ISP does not use "bandwidth xxxx" command in WAN interface configuration that will be easy to get via SNMP, but due to the fact in many cases it involves shaped links on Fast or Giga interfaces and to reserve 9Kbps for telnet and ssh for management pourpose they always configure a policy-map and COS.
For exaples a 20 Mbit link has a FastEthernet as phisical interface on router limited to 20 Mbps with a COS/policy-map (see examples below about a 20Mbit )
Is there a MIB/OID to get the "shape average" value for show running or "cir" for show policy-map commands?
Could anyone link me the right one ?
Is there any other method to get the real bandwidth value for WAN interfaces ?
Thank you in advance for help
ROUTER A (20Mbit link)
OUTPUT from "show running" on ISP CE
policy-map BLAHBLAH class ce_ef_input class ce_af4_input class class-default kadhakdhkasd alkdsaldjalj shape average 19800000 198000 !
OUTPUT from "show policy-map" on ISP CE policy-map BLAHBLAH
blah blah blah
blah blah blah Class class-default Average Rate Traffic Shaping cir 19800000 (bps) bc 198000 (bits)
... View more
My Hardware is: Dell Server PER210II CPU Inetl Xeon 3.30 GHz RAM 4GB 8GB Paging File OS Windows 2008 R2 Standard. All windows update patches has been installed. Hard Disk has 2 partition C: for OS and D: dedicated for CiscoWorks I've Installed CiscoWorks LMS 4.0 (via patch for Win2008 R2 servers downloaded from http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.0/install/guide/instl.html#wp1616849 I found it googling untill I found this http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.0/install/guide/instl.html ) After that I've updated CiscoWorks LMS to 4.0.1. *****ISSUE 1 *********** When I open with browser the login page (with IE9 or Firefox8 the result is the same) it opens a box with this error: "You are using an unsupported version." well.. an unsopported version OF WHAT??? Browser? Java? OS? LMS? Anyway I can go on with login and everything seems to fine. I suppose is related to browser version but can anyone confirm it is not a blocking issue ? ****ISSUE 2 ******** The real issue is when I want to manage devices and I go to Inventory > Device Administration > Add / Import / Manage Devices And all i got in the display is: Error Error in communicating with DCR Server. DCR Server may be down. Please start the DCR Server and then refresh the page. and if I go to Admin > Dashboards > System In the Box "Critical Message Window" I read this: Ciscoworks Drive Utilization D:/CSCWORKS 7% DCR Server is down or inaccessible Processes IPMProcess, UPMProcess are down But if I enter in the Process Management page , in the list of processes I read: DCRServer Running normally ******************************************** Now, I read a lot of posts in this forum with same error and tried to follow steps suggested there but with no solution for me. I've already check DHCP issue and I have both interfaces statically configured and server rebooted...no way ...same error. I've already disabled Windows Firewall. I've setup file hosts to resolve localhost and server name as 127.0.0.1. PLS tell me what log files are necessary for you to give me some help. TNX in advance Emiliano Luca
... View more