Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1772
Views
0
Helpful
4
Replies

AP1242AG and roku

Go to solution
1_1
Level 1
Level 1

‎02-06-2013 10:22 AM - edited ‎07-03-2021 11:29 PM

                   I have a AP1242AG access point at home with my 3745 router and 2960G switch and I want to be able to use the roku android app

http://sdkdocs.roku.com/display/RokuSDKv48/External+Control+Guide

So as it can't discover it, does anyone know of a setting on the AP that might block broadcast packets or frames?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
David Watkins
Level 4
Level 4

‎02-06-2013 10:47 AM

There shouldn't be anything on the AP to "block" this traffic.  Since ROKU is using a multicast communication method for your Android App, can you confirm you are either

A. Android/Remote app is on Wireless connection on the "same VLAN" as your Roku?

or

B. You have PEM routing configured/enabled to properly route this traffic between subnets

It doesn't appear to be a "link-local" multicast range, but you will need to enable PEM routing if going between VLANs.

Also, do you know if you have IGMP snooping enabled/disabled at your Switch?

View solution in original post

0 Helpful
4 Replies 4

Go to solution
David Watkins
Level 4
Level 4

‎02-06-2013 10:47 AM

There shouldn't be anything on the AP to "block" this traffic.  Since ROKU is using a multicast communication method for your Android App, can you confirm you are either

A. Android/Remote app is on Wireless connection on the "same VLAN" as your Roku?

or

B. You have PEM routing configured/enabled to properly route this traffic between subnets

It doesn't appear to be a "link-local" multicast range, but you will need to enable PEM routing if going between VLANs.

Also, do you know if you have IGMP snooping enabled/disabled at your Switch?

0 Helpful

Go to solution
1_1
Level 1
Level 1
In response to David Watkins

‎02-06-2013 10:54 AM

They're both connected to the same ssid (same vlan)

I can ping the roku from the android (Nexus 7)

I do not think I have ICMP snooping enabled, I can post a sanitized copy of the AP's config.

and I will get the switch's config tonight.

The intervlan routing is handeled by a NME-16ES-1G-p that is linked to the 2960G via 1x gig, the AP is plugged directly into the etherswitch so it can be powered via POE.

if it'll help I can post the etherswitch's and the switch's config tonight.

0 Helpful

Go to solution
1_1
Level 1
Level 1
In response to 1_1

‎02-06-2013 10:56 AM

Current configuration : 6050 bytes

!

! No configuration change since last restart

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

!

hostname RLH_AP

!

aaa new-model

!

!

aaa group server radius rad_eap

!

aaa group server radius rad_mac

!

aaa group server radius rad_acct

!

aaa group server radius rad_admin

!

aaa group server tacacs+ tac_admin

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authorization exec default local

aaa accounting network acct_methods start-stop group rad_acct

!

aaa session-id common

clock timezone Central -6

clock summer-time -0500 recurring

ip domain name Mydomain.net

ip name-server 10.0.2.5

!

!

!

dot11 ssid Entertainment

   vlan 3

   authentication open

   authentication key-management wpa version 2

   wpa-psk ascii 7 061E4B6676140F333F2E02290D583C6D06706A6375

   information-element ssidl

!

dot11 ssid Secure

   vlan 4

   authentication open

   authentication key-management wpa

   wpa-psk ascii 7 00205D163E63303D40620C6328494B0F2A3E3255671D1D2C071D7B1B29373F285C715B06113D0C010C565F4569004B7057161523544C4E24154559574038260D

!

dot11 network-map

dot11 arp-cache

dot11 adjacent-ap age-timeout 2

power inline negotiation injector 0021.d786.b497

!

!

username root privilege 15 password 7 ####

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption vlan 4 mode ciphers aes-ccm

!

encryption vlan 3 mode ciphers aes-ccm

!

broadcast-key vlan 4 change 10

!

broadcast-key vlan 3 change 10

!

!

ssid Entertainment

!

ssid Secure

!

no preamble-short

channel 2412

station-role root

bridge-group 1

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio0.2

encapsulation dot1Q 2

no ip route-cache

bridge-group 2

bridge-group 2 subscriber-loop-control

bridge-group 2 block-unknown-source

no bridge-group 2 source-learning

no bridge-group 2 unicast-flooding

bridge-group 2 spanning-disabled

!

interface Dot11Radio0.3

encapsulation dot1Q 3

no ip route-cache

bridge-group 3

bridge-group 3 subscriber-loop-control

bridge-group 3 block-unknown-source

no bridge-group 3 source-learning

no bridge-group 3 unicast-flooding

bridge-group 3 spanning-disabled

!

interface Dot11Radio0.4

encapsulation dot1Q 4

no ip route-cache

bridge-group 4

bridge-group 4 subscriber-loop-control

bridge-group 4 block-unknown-source

no bridge-group 4 source-learning

no bridge-group 4 unicast-flooding

bridge-group 4 spanning-disabled

!

interface Dot11Radio0.5

encapsulation dot1Q 5

no ip route-cache

bridge-group 5

bridge-group 5 subscriber-loop-control

bridge-group 5 block-unknown-source

no bridge-group 5 source-learning

no bridge-group 5 unicast-flooding

bridge-group 5 spanning-disabled

!

interface Dot11Radio1

no ip address

no ip route-cache

!

encryption vlan 4 mode ciphers aes-ccm

!

encryption vlan 3 mode ciphers aes-ccm

!

broadcast-key vlan 4 change 10

!

broadcast-key vlan 3 change 10

!

!

ssid Entertainment

!

ssid Secure

!

dfs band 3 block

channel 5180

station-role root

bridge-group 1

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio1.2

encapsulation dot1Q 2

no ip route-cache

bridge-group 2

bridge-group 2 subscriber-loop-control

bridge-group 2 block-unknown-source

no bridge-group 2 source-learning

no bridge-group 2 unicast-flooding

bridge-group 2 spanning-disabled

!

interface Dot11Radio1.3

encapsulation dot1Q 3

no ip route-cache

bridge-group 3

bridge-group 3 subscriber-loop-control

bridge-group 3 block-unknown-source

no bridge-group 3 source-learning

no bridge-group 3 unicast-flooding

bridge-group 3 spanning-disabled

!

interface Dot11Radio1.4

encapsulation dot1Q 4

no ip route-cache

bridge-group 4

bridge-group 4 subscriber-loop-control

bridge-group 4 block-unknown-source

no bridge-group 4 source-learning

no bridge-group 4 unicast-flooding

bridge-group 4 spanning-disabled

!

interface Dot11Radio1.5

encapsulation dot1Q 5

no ip route-cache

bridge-group 5

bridge-group 5 subscriber-loop-control

bridge-group 5 block-unknown-source

no bridge-group 5 source-learning

no bridge-group 5 unicast-flooding

bridge-group 5 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

!

interface FastEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface FastEthernet0.2

encapsulation dot1Q 2

no ip route-cache

bridge-group 2

no bridge-group 2 source-learning

bridge-group 2 spanning-disabled

!

interface FastEthernet0.3

encapsulation dot1Q 3

no ip route-cache

bridge-group 3

no bridge-group 3 source-learning

bridge-group 3 spanning-disabled

!

interface FastEthernet0.4

encapsulation dot1Q 4

no ip route-cache

bridge-group 4

no bridge-group 4 source-learning

bridge-group 4 spanning-disabled

!

interface FastEthernet0.5

encapsulation dot1Q 5

no ip route-cache

bridge-group 5

no bridge-group 5 source-learning

bridge-group 5 spanning-disabled

!

interface BVI1

ip address 10.0.0.4 255.255.255.0

no ip route-cache

!

ip default-gateway 10.0.0.1

ip http server

ip http port 1025

ip http authentication local

no ip http secure-server

ip http help-path

http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

access-list 50 permit 10.0.1.11

access-list 50 permit 10.0.0.0 0.0.0.255

access-list 50 deny   any

snmp-server community ##### RW

radius-server local

!

radius-server attribute 32 include-in-access-req format %h

radius-server vsa send accounting

bridge 1 route ip

!

!

!

line con 0

line vty 0 4

transport input ssh

line vty 5 15

transport input ssh

!

sntp server 10.254.254.1

end

0 Helpful

Go to solution
1_1
Level 1
Level 1
In response to 1_1

‎02-10-2013 02:47 PM

I had thought I didn't have IGMP snooping on because it wasn't listed in the running config, but on research I found that its on by default.

From some more research the 1242AG doesn't let multicast cross from wireless to wired with IGMP on.

and did a wireshark capture with a monitor session of the ap to ethswitch port.

the capture didn't show any traffic from the roku or the nexus 7

so from the capture and some multicast research I found the olution to be to do "no IP IGMP snooping" on the ap.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card