About stevebohrer

stevebohrer · 11-04-2013

I have a working site-to-site IPsec VPN (created with the ASDM wizard), where the remote hosts come into our network through the range 172.16.203.0/24, and they can access some hosts in our local DMZ at addresses 172.168.1.74.But, I don't have a good...

stevebohrer · 09-19-2013

I currently have separate VLANs for faculty, staff, and students, with ACLs allowing access to different internal resources. We have a Catalyst 4507 as our L2/L3 core switch, and all our access switches are L2 only, with trunk ports to the core, and ...

stevebohrer · 03-02-2012

On our WCS reports, most authenticated users have their correct user names (which are required for 802.1x authentication) as their "Client User Name", but a few users show up in the WCS reports as "anonymous" or with other arbitrary names.We are r...

stevebohrer · 03-01-2012

I'm not sure if this is a recent issue for our setup, but I've only just noticed it. Although most authenticated users are shown by their correct user names (which are required for 802.1x authentication), a few users show up in the WCS reports as "an...

stevebohrer · 05-23-2011

This is an issue I'm currently exploring with TAC, but I'd like a quick reality check. We have a pair of ASA 5510s in Active/Standby stateful failover mode. In some tests failing over from the active to the standby system breaks SSH connections from ...

stevebohrer · 10-03-2014

Thanks for the clarification: the AP and WLC can't see the inner identity directly. The workaround was to have our RADIUS server return the client name to our WLCs, which is apparently possible, because my sysadmin made it work; as I recall, once he ...

stevebohrer · 09-20-2013

Thanks Richard. I didn't know if this would be a routing issue, or just a layer 2 ARP issue. "sh arp" on my 4500 shows that it knows the MAC, IP address, and VLAN of every device on our network, so I thought that might be enough.But, I guess it is ac...

stevebohrer · 09-27-2012

We have had trouble getting Windows shares to appear across differenet VLAN subnets, even just on our wired network, and for both Windows and Mac clients. Our workaround (which is manual rather than automatic) is to explicitly enter the server and sh...

stevebohrer · 09-27-2012

FWIW, in the release notes for the two recent updates for the 4402, 7.0.235.0 and 7.0.235.3, the release notes have said something like:What's New in This Release?There are no new features or enhancements in this release. This release addresses only ...

stevebohrer · 09-27-2012

If money is very tight, you can still find used and refurbished WLC 4402 systems at many places online. Of course, they are coming to End Of Life where they will no longer get software updates from Cisco, but if you feel they work well enough, and th...

Member Since	‎02-15-2010 08:12 AM
Date Last Visited	‎08-18-2017 04:03 AM
Posts	34

User Statistics

User Activity

ASDM packet-trace VPN connections?

Same Secondary ip range in two different VLANs for "local" VoIP phones?

Can I make WCS ignore outer identity and use only the authenticated username?

WCS user names sometimes incorrect with 802.1x FreeRadius

Should SSH sessions from Inside hosts to DMZ hosts survive ASA statefull failover?

Thanks for the clarification:

Re: Same Secondary ip range in two different VLANs for "local" V

Apple issue with not seeing windows servers over the wireless

Is there a WCS 7.0.235.0 ?

Recommendation