Cisco :: 4400 Not Allowing Management Port Interface Designation?

Apr 7, 2011

We recently reset a 4400 controller in a school.  Although all access points associated, clients could not get the Internet.  On investigating we suddenly lost connection to the web interface.  We tried hyperterminal connections to reset, but found that the managament interface had the ports "unconfigured".  We finally reset the configuration, and when we tried to start from scratch it now does not allow a port designation.  It asks for 1 or 0 but says both are invalid when entered. 

View 2 Replies


ADVERTISEMENT

Cisco Wireless :: 5508 / WLC Management Interface Not Bound To Port

May 6, 2013

I have 2 x 5508 Wireless Controllers, 1 mgmt port on each as standard. I noticied something different between these controllers running the same code.I can bound a physical port to the mgmt interface on one controller but not the other (both interfaces are untagged)see below, this config appears on one controller but not the other? Is this something to do with the initial setup? How can I add Phyiscal information to the other controller mgmt interface, I cannot delete the mgmt interface. Physical InformationPort Number Backup Port Active Port Enable Dynamic AP Management?

View 2 Replies View Related

Cisco :: Configure A Secondary Port For Management Interface WLC 2112

Oct 16, 2011

how to configure the backup port for the management interface for a WLC 2112.  I see in the documentation that it states:
 
"Each interface is mapped to at least one primary port, and some interfaces (management and dynamic) can be mapped to an optional secondary (or backup) port. If the primary port for an interface fails, the interface automatically moves to the backup port. In addition, multiple interfaces can be mapped to a single controller port."
 
But nowhere can I find where it says how exactly to do it.  Google seaches have come up empty as well.  I am connecting the WLC to a 3750 stack, and would like to have a secondary port from the WLC connected to the second node of the 3750 stack.  So far I have connected port 1 (management) of the WLC to a port on node 1 of the stack which is configured as a trunk and everything is workign fine.  I have also connected port 2 from the WLC to a port on node 2 in the stack that is configured the same as the port on node one. how to tell the WLC to use port 2 as the management backup if needed.
 
[URL]

View 2 Replies View Related

Cisco Routers :: RVS 4000 HTTP Management Interface Hangs At Port 80 And DHCP Stops Working

Dec 1, 2012

This is the RVS 4000

Firmware version 1.3.3.5
STAR 9202 Chipset
64 MB DRAM
8MB Flash
 DOS, Block WAN Rq, Remote mgmt all OFF
IPSec Tunnel none used

[code].....
 
Every day or so the Router becomes unresponsive to the HTTP mgmt interface, as well as it no longer offers DHCP services.then this happens the only remedy is to power reboot.

Everything comes back online just fine, however, the LOGS are initilaized so no data to figure out what`s going on.My next step is to setuo a syslog server and have the logs copied out.(  No, I have no Torrents running at all, but I do have several devices like AppleTV, PS3s etc that run streaming Video plus I have the SPA3102  )

View 1 Replies View Related

Cisco Application :: ACE30 Running But Not Allowing Management Access

Sep 9, 2012

We've got pairs of ACE30s in our data centers set up with active/standby FT.  Some time yesterday the active ACE in one data center started refusing management traffic - it accepts SSH connections but fails authentication (local password, no RADIUS/TACACS is configured); and ANM reports it as down (no XML connectivity),We haven't opened a TAC case yet - someone's on his way over to see whether we can get in through the serial port first - but I'm wondering whether there are any other diagnostics we can gather (will resetting the module form the Sup force a coredump?) before we do.

View 2 Replies View Related

Cisco :: 4400 - Guest Wlan Access To Wlc Management

May 11, 2011

I have my wlc 4400 configured with a secure wlan and a guest wlan.  The guest wlan is switching traffic at the wlc to a separate guest-wlan interface.  When a guest is associated and authenticated, they can access the management console of the wlc which is in a different subnet.  As I understand, the wlc does not route traffic.  So how could this be happening?  the guest subnet and the subnet the wlc management interface is in are different and separated by a firewall.  I have also tried applying access lists in the wlc to each interface without luck.  How can i stop the wlc from providing access to guest wlan users?

View 3 Replies View Related

Cisco Firewall :: 2811 Not Allowing ICMP To PBX Through Same Interface

May 31, 2013

Attached is our network diagram showing the details of our remote office and the corporate side which are connected via private fiber. The workstation (10.10.102.84) can ping the 10.20.0.31 IP address of the PBX but not the .30 address and I know if we can’t ping it we can’t remotely manage it. The 2811 router, ASA 5510 and the 6509-E can ping both IP addresses on the PBX. The ASA logs the error "Denied ICMP type=0, from laddr 10.20.0.30 on interface inside to 10.10.102.84: no matching session" when the workstation pings the .30 address.
 
We changed the default gateway of the PBX from 10.20.0.2 to 10.20.0.1 (2811 router) and we were able to ping both IP addresses from the workstation but the SIP trunks from the Internet stopped working (they NAT to the .30 address). Because calls may be forwarded from the PBX to the corporate network (via IP phones) we will eventually need to change the default gateway to10.20.0.1 and still need the Internet SIP trunks.
 
My two questions are, how do we resolve the issue of pinging the .30 address from the workstation and then when the time comes how do we resolve the issue with the SIP traffic reaching the .30 address when we change the default GW of the PBX to the 10.20.0.1 address of the 2811 router.

View 9 Replies View Related

Cisco Firewall :: ASA 5510 Allowing ICMP Unreachable On Outside Interface

Oct 25, 2011

I am having some issues with my ASA 5510 (running ASA 8.2) dropping ICMP unreachable-fragmentation-required-but-df-bit-set type messages coming in on the outside interface. I have the following entry in the ACL for the outside interface:access-list outside_acl extended permit icmp any interface outside and there are no other entries in that list that should take precedence and drop the packet. Pings from outside to the ASA work when this ACE is present and do no when it is absent so it is clearly taking effect. I see the following entries in the debug log when sending a large non-fragmentable packet (that would cause an intermediate router to send back this ICMP response) out to the internet through the ASa,As far as I can tell I am not running ICMP inspection; I don't want it to do any stateful magic here since the outgoing traffic would have been ordinary data from another protocol and would not have caused an outgoing ICMP connection to be built to match against.

View 12 Replies View Related

Cisco Wireless :: 4400 Series Controller Blocking 802.11a/n Radio Interface Of 1250 AP

Dec 19, 2009

We are facing an issue with a customer where a Cisco 4400 Series controller is blocking the 802.11a/n Radio Interface of a 1250 AP. The radio shows as down on the controller GUI. The error message on the GUI is that the 'Regulatory Domain' is not supported. This can be seen from the attached screenshot. Also relevant parts of the WLC configs are attached. WLC: Cisco 4402  WirelessWLC Country: SADevice: Cisco Lightweight Access Point 1250 (LAP) is controlled through the 4402 Cisco Wireless LAN Controller (WLC)The operating system version of the LAP: c1250-k9w8-mx.124-18a.JA version of the WLC: Software Version 5.2.178.0 The problem is that the controller shows that the 802.11a/n Radio Interface in Radio Slot # 1 is always down ,  the customer tried to manually 'no shut' the AP interface from the console and it worked , but obviously this solution would not work as the configuration cannot be saved (LW AP).

View 12 Replies View Related

Cisco Switching / Routing :: 3560 - Management Port Used As Regular Port?

Jan 30, 2012

I have an all gigE  3560.  I don't use the management FE0 port on the back.  I was thinking to use that for a 100Mbps WAN connection. 

Seems to work just fine when I plugged in an test.  But I am not routing across that link yet as I still need to setup the far end.

Is there any reason this would not work?  I would like to not burn a gig port if the max throughput of the circuit is 100Mbps.

View 1 Replies View Related

Cisco Firewall :: 5520 - Use Management Port As Normal Port On ASA

Jan 2, 2012

I have got ASA 5520. How to use the management port as a normal port on ASA. What are the basic reqirements for that.

View 3 Replies View Related

Cisco WAN :: 7606 Allowing Multiple Vlans On Access Port

Sep 27, 2010

I have the following configurations in cisco CISCO7606 (R7000). Its meaningful to have the below configuration, wherein , we are allowing multiple vlans on the access port?

interface FastEthernet4/45
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 124-127,423,478,493,578,699,751,787,895,987,1981
switchport mode access
end
interface FastEthernet4/46switchportswitchport trunk allowed vlan 124-127,423,478,493,578,699,751,787,895,987,1981switchport mode accessend

View 3 Replies View Related

Cisco - ASA5510 Port - Allowing RDP From One Subnet To Those Protected By Firewall

Aug 7, 2011

I am using an ASA5510 for internal firewalling in my QA environment. How do I allow RDP from one subnet to those protected by the firewall? Preferably using the ASDM.

View 25 Replies View Related

Cisco :: 4400 Controller / Accessing Web GUI From Port 0?

Jun 7, 2011

I know how to access the GUI from the service port.  However, I am not able to access from Port 0.  IPs have all been properly set.  We have a management VLAN in our enterprise.  I have configured the WLC management interface for an ip on that subnet.  Port 0 is connected to a 3560G switch.  I have set the switch port to be an access port to the management vlan and I have tried to set the switch port as a trunk, with the native vlan set to the management vlan.  I am not able to ping nor access the web GUI remotely via the management vlan.

View 3 Replies View Related

Cisco Switching/Routing :: 3560 / Allowing Etherchannel Or Port Channel?

Mar 3, 2012

I am using 3560.IP rouitng is being turned off on this.Curious to know if I will create etherchannel or port channel.I think etherchannel.Correct me if I am wrong.On connecting switches I have vlan10,20,30 to be allowed.I am sure I need to allow these all vlan in 10,20,30 which are on the trunk port on each side switch.Post that will add channel-port lacp and make it in active mode.Is that correct.This way traffic will be load-balanced/aggregated on minimum 2 ports who are the part of this.

View 2 Replies View Related

Cisco :: Separate Interface For Management On ASA

Nov 5, 2012

I'm trying to separate my management traffic from regular traffic by splitting the management and "outside" interface to separate vlans but I'm hitting a routing issue. Say I have have a management network of 192.168.1.0 255.255.255.0 running across vlan 1 and I want to use 192.168.2.0 255.255.255.0 running across vlan 2 for the outside interface to send all the other traffic excluding the management traffic across. Tag both vlans on the external interface, say Eth0/0 Default route of route outside 0.0.0.0 0.0.0.0 192.168.2.1, With this, you can not hit the management interface because there is no route defined for the 192.168.1.0 network. However of course if you try to set one, you'll get the "connected route exists" error. How can I set the default route or gateway of the 192.168.1.0 network on the ASA. Switches just don't complain like the ASA does.

View 8 Replies View Related

Cisco :: 6509 Sup-2T Management Through CMP Interface

Dec 3, 2012

We acquired recentlty a new Cisco 6509 with Sup-2T supervisor card
 
My question is the following : we have a management subnet on a Copper-based switch; we manage all equipments through this network. I planned to configure the management interface on the 6509 to connect this switch & monitor the VSS through it However, since it is a CMP interface, most of the actions (SNMP, IOS upgrade.. won't be possible through this link)  Moreover, I don't think LMS would be able to get the configuration through it (except by configuring a script running "attach" command & show run
 
Is there something I miss or must I add another interface of the Catalyst to this network (the problem being that I have no copper line card)

View 2 Replies View Related

Cisco Wireless :: WLC 4400 Adding Static Route For Service Port?

May 9, 2008

I am attempting to access the service port from a client pc on another network.
 
Service port = 10.100.2.1/16
Client IP = 10.1.1.10/16
 
I know you cannot put a default gateway on the service port, but the documentation says you can add a static route for remote management. So I tried...
 
config route add 10.1.0.0 255.255.0.0 <gateway.ip>
 
It does not take the command and says something to the effect of. "ip address/netmask conflicts with the configured ip address of the service port"

View 11 Replies View Related

Cisco Wireless :: 4400 How To Configure Controller In Case Ethernet Port Goes Down

Oct 7, 2012

I want to configure a Cisco Wireless Lan Controller (4400 and 5500 series) with to data ports for failover?  I think the primary and secondary ethernet connections should be configured as trunks.  I cannot find anything on CCO about this or on the internet per se.  I know how to configure for failover with APs but cannot find anything on how to configure the controller in case an the ethernet port goes down.

View 7 Replies View Related

Cisco WAN :: SRP 527W Web Management Interface Inaccessible

Jan 27, 2011

We have recently purchased a Cisco Small Business Pro SRP 527W router, all seems good and it is running smoothly, no disconnections or sync issues like our last router. However, after a certain amount of time the web management interface is unavailable through the browser (accessing it via 192.168.1.254 or the alternative we set-up 1.1.1.1) It is totally unavailable and timeouts in the browser yet there is still internet access and network is still alive. The web management interface was accessible before though and the only solution I have been able to do to access it again is to reboot this router.Could it be possible that because port 80 is forwarded to a different IP it interferes with the Web management interface? And how wcould the interface port access be changed?

View 2 Replies View Related

Cisco :: WLC 2006 - AP Connecting To Management Interface?

Jun 7, 2011

I have running a Wireless LAN Controller Cisco 2006.Today my management IP its public with Internet access. I am thinking in use a private IP without internet access. I have certains Access-Points in other building, that connect to AP Manager interface using Internet . When i see the tcp connections, i look that the access-point not only have TCP connections to AP Manager interfaces, it have TCP connections to Management interface too!!!.If i shutdown the connection between Management interface and Access-Points (mantaining the connection between Access-Point and AP Manager interfaces)?

View 1 Replies View Related

Cisco Application :: ACE 4710 - Management Only Interface?

Apr 25, 2012

Am trying to replicate the managment interface functionality of a CSS on ACE 4710 but have problem with it being treated as a general routed interface.
 
Scenario
On ACE 4710 I have a front-end interface for client facing VIPS and a back-end interface facing a server farm, taking care of load balancing flows
 
Non load-balance system traffic for the back-end servers also flows through these two ACE interfaces, following a default route path (the back-ends use the ACE as default gateway) i.e. dns requests from the servers flow through the ACE egressing the front-end interface to hit a firewall and route to an internal dns server.
 
Issue
If I add a "management interface" to the ACE 4710 and give it an IP address for management access, the interface by default assumes 'routed' mode and as the ACE treats this as a general interface it will route traffic out of it. For example if the IP address of this management interface is on the same network as the internal dns server, it breaks that connectivity. This as the ACE will see the "management" interface as best route to directly connected network and send traffic to dns server over that, however dns server response traffic will follow its defult route path via firewall and ACE front-end interface to get reply to back-end server. The firewall will block this traffic as traffic is asymmetrically routed and firewall not seen the initial dns request packet.
 
Question
Is there a way of making an ACE interface a 'non routed' management only interface for out of band management use? That is ACE will not attempt to route general traffic through the interface
 
I realise I could achieve this with multiple contexts but want to have a single context for various reasons - i.e. to have a kind of like for like CSS replacement using ACE 4710

View 3 Replies View Related

Cisco Firewall :: ASA 5510 - Management Interface

Feb 13, 2012

I am having issues with the ASA 5510 management interface. I can't communicate with this interface. It is showing DOWN/DWON even if I type NO SHUT several times.
 
My existing config is as follows 
our-asa-01# sh run
Saved
ASA Version 7.2(5)
hostname our-asa-01
names
dns-guard
interface Ethernet0/0
[code]....

View 5 Replies View Related

Cisco WAN :: Configuring SSH On ASR1002 / Apply To Management Interface?

Jun 30, 2010

How to configure SSH on a ASR 1002 and apply it to the Management Interface?

View 3 Replies View Related

Cisco :: 2028 WLC Management Interface / Unexpected Traffic

Apr 16, 2012

I have a number of WLCs/WiSM2 running 7.0.230.0 (still using WCS for management). The management interfaces for the controllers are on a purely private subnet. While going through the intenet edge ASA logs I noticed some traffic drops for the controllers on the Inside interface. I took a packet capture from the controllers and found that they were sending TCP traffic to a number of IP addresses (Microsoft, Hotmail and Google) - always with a src port 2028 (submitserver) with the ACK/FIN flags set. Why this traffic is coming from the management interfaces? The management interface is not used by any wireless clients and is not the default interface for any of the SSIDs.

View 4 Replies View Related

Cisco :: WLC Management Interface Unexpected Traffic 2028

May 22, 2013

I have a number of WLCs/WiSM2 running 7.0.230.0 (still using WCS for management). The management interfaces for the controllers are on a purely private subnet. While going through the intenet edge ASA logs I noticed some traffic drops for the controllers on the Inside interface. I took a packet capture from the controllers and found that they were sending TCP traffic to a number of IP addresses (Microsoft, Hotmail and Google) - always with a src port 2028 (submitserver) with the ACK/FIN flags set.

View 2 Replies View Related

Cisco Wireless :: WLC 5508 Management Interface Connection

Aug 1, 2010

I'm setting up a new 5508.  I've used the config from a 4402, have successfully connected to the Service port to manage the device, but for some reason cannot connect to the Management interface.  In this case, port 1.
 
The service port is connected to a Catalyst switch and grabbed an ip address (10.2.x.x subnet) no problem.  I can access the 5508 via https using the SP.  However, port 1 is connected to the same Catalyst switch, but on a different vlan (subnet 10.20.x.x).  Both ends show that the interfaces are up, I can ping the interface from any other host on the network, but when I try to manage the device via https I cannot connect.  We are using WCS and I cannot add the device from the WCS.  About all I can do is ping that interface.

View 6 Replies View Related

Cisco Firewall :: ASA5512-X Setup Using Management Interface

Jun 28, 2012

I have a brand new ASA5512-X running 8.6.1, and am trying to do an initial setup using the Quick Start Guide that came with it.  However, the Management Interface is not working.  I have a PC connected and set to use DHCP, but the port is not active. I connected a console cable and can see in the config that the interface is shutdown.  So I set it to active, and the port is now active, but is not giving out a DHCP address as the guide says it should.I would like to use the ASDM Startup Wizard to configure this device, so how do I get it to work the way the instructions say it should?

View 2 Replies View Related

Cisco Firewall :: ASA5540 Management Interface IP Addressing?

May 9, 2011

How does one allow /31 mask for an management interface on an ASA5540 using version 8.3(1)?
 
I need to configure a 192.168.x.y /31 on the management 0/0 interface of a ASA5540 and it is providing me with the following error:ERROR: /31 mask is not allowed

View 1 Replies View Related

Cisco :: 1130AG - Block Management Interface Webpage

Mar 29, 2012

I'm working on creating an open wireless scheme and we are simply going to use WPA with a key.  What I'm getting a little stuck on is preventing access, by the guests that will connect to the WAPs, to the gateway/management webpage.  I've been looking into seperating with VLANs and trunks (internal with management access and external for guests) but having a hard time with the configuration scheme. 
 
Not sure if there is an easy way to just block that in the config or what.

View 1 Replies View Related

Cisco Firewall :: 5520 - Configuring ASA Management On Sub-interface

Jul 27, 2010

I have two ASA 5520 with 4 Giga interfaces and 1 management interface.
 
I need to use 4 interfaces four data traffic
 
1- Inside
2- Outside
3- dmz-1
4- dmz-2
 
The remaining will be the management interface only.How can I configure the Statefull failover and Management?
 
1- I used the management0/0 for The stateful failover.
 
2- I used gig 0 for outside
 
3- I used gig 1 for inside
 
4- I used gig 2 for dmz-1
 
5- I divided the gig 3 to two sub interfaces
a- gig0/3.1 for dmz-2
b- gig0/3.2 for Management and I defined it as a management-only

View 6 Replies View Related

Cisco Switches :: Accessing SG300-28P Via Management Interface?

Dec 21, 2012

I have a new SG300-28P, and have had occasional issues with being unable to connect to it via anything other than the serial port.  I have connectivity between my machine and the switch (tested with ping each way), and in fact, have the same problem if I take a laptop to the switch and connect them directly.What happens is that though the switch is operating normally, http, https, ssh and telnet attempts to access all fail in one way or another.  Ssh and telnet either yields no response or a refused connection (even though those services are enabled).  For http and https, I'll occasionally get enough of the web page to be able to tell what it is ... but attempts to log in just don't work.While this is happening, the CPU and packet load on the switch is very, very low.Rebooting didn't work entirely, though it may have made it better.  Resetting to factory defaults and then reconfiguring makes it work.This is using the latest firmware: 1.2.7.76.

View 3 Replies View Related

Cisco Wireless :: WLC 5508 7.3 Management Interface Access To GUI?

Jan 16, 2013

After I've upgraded software to the v7.3 and applied AP-SSO it made imposible to access the controller's gui via Service-port. So we tried to access it by management-port, but there is some problem too. It is not working from another subnets. But default gateway on management vlan is set correctly and I even tried to turn of all acl's on switch. WLC is only accessible from the same network. But at the same time wlc is replying on ping fine.All other protocols cannot connect to the controller.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved