Due to lack of address space, I have to go to NAT for our wireless guest users.Are there any limitation with WLC/NGS when comes to NAT?I have four 5500 WLCs, should I put them in 1 mobility group, at 2 different locations?
View 1 Replies
Does the limitation on ASR 1000 series RP1 with regard to maximum number of match statements per class-map?. I have more than 30 match statements under my class-maps but when I apply the service policy on the interface, I get the error "cannot configure more than 16 matching statements per class-map for the interface”.I am running 3.1.0 S on an RP1. Is it a hardware limitation just like the older Cisco 10Ks?
View 1 Replies View RelatedI have a 1262 that will be setup as a WGB and wirelessly connect to a Cisco MESH AP. A switch and clients will hang off of the 1262 WGB. How many clients can a 1262 WGB support?
View 4 Replies View Relatedi have few questions about MAC adress limitation. We have in our network cisco RV042 router, SLM2048 switch and WAP4410n AP.
My 1. question: is it possible to disable internet connection for concrete mac adress based on scheduling?
For example: between 23:00 - 5:00 this mac adress will not connect to internet.
If yes how i could do that?
My 2. question: is it possible that if this "mac adress" is connected for 5 hours than disconnect it for 6 hours?
I have a NMWLC6 module connected to a 3825 ISR using 1140N APs. Latest (but one) code. I had two SSIDs configured and deployed in the default AP group. Last week I needed to deploy a third SSID for unencrypted webauth, I created the interface and WLAN associated with the interface and the sub interface/svi on the WLAN-controller 0/1 with dot1q. All created with no problem and enabled, however the SSID was not available to clients and did not show up as available WLANs under AP groups menu. Out of desperation I created a new AP group and added an AP to it and hey presto all three WLANs were available and the third is now visible to clients! Is this normal behaviour? Is the default AP group limited to two SSIDs? (a quick google failed to find any documented limitation!) or is something weird going on?
View 2 Replies View RelatedWe have a deployment of 400 store. Each of those have 2 GRE tunnels running over MPLS & 2 GRE Tunnels running over Internet leading to our 2 data-centers. At each Data-Center, we have 1 ASR-1002 connecting both MPLS & Internet MPLS tunnels (800 total per router).
I saw in the documentation that OER & PfR cannot support more than 20 external interface (in our case GRE tunnels) per MC. Does it means that we need to have 20 routers acting as MC to be able to use PfR for our Internet GRE tunnels ?
Is there any more scalable solution for this ? How big company address this issue when they have a lot of interface to run PfR ?
I have LMS3.2 running and have set up daily log rotation of my SYSLOG file via Common Services-Server-Admin-Log Rotation. In LMS2.6 I set this up from the command line and was able to set the number of rotations to 120. I found in LMS3.2 setting up the rotation via the GUI that the number of rotations is limited to 90.
View 1 Replies View RelatedI have
MLS : C6509-E
SUP : VS-S720-10G
PFC : VS-F6K-PFC3CXL
I'm trying to find out what is its limitation for encrypted traffic via SVTI there .
I don't have a SPA for the ip sec .
Looking to link up to 6513 chassis via 6704 10 gig cards.
I have a 6513 on the 8th floor and one on the 3rd floor in same building. Distance would be approx 150' max. New 10 gig cabling was installed between these floors.
I would like to use 2 10 gig ints on each 6704 to form a port channel (LACP) between the 2 environments.
So far I have been unable to get the links up between 6704's.
Customer wants to place a single 1552E to cover a particular area in his campus, and it will be placed on a tower, and the question is concerning the height. I can not find any particular height limitation such as 5 meters, 10 meters, etc. I understand this will influence the sign propagation as well as throughtput to the users, but can not find a matrix or a best practice guide for that.
View 1 Replies View RelatedI want to use a subnet mask of 255.255.254.0. The setup window doesn't allow me to type in that mask, rather it only allows me to choose from options on a drop down menu (which doesn't include that mask). Is there a way to do this?
View 2 Replies View Relatedour WAN is connected via L2WAN and using EIGRP to connect the sites. Currently there are 35 EIGRP neighbors over L2WAN and we are to install 15 more sites and will be connected to the same L2WAN. Some sites are still using Cisco 2651XM and we would like to know if it can still handle another 15 EIGRP neighbors. Some sites are 2800 and 2900 routers. And is there any other things to consider for EIGRP over L2WAN?
View 5 Replies View RelatedFor the past week, I have tried to setup the PPTP VPN server on the RV180. The setup was straight forward, but I could not log-on no matter what I tried. I decided to call Cisco small business support, and as I was talking to the engineer, it mysteriously started to work. I was puzzled and somewhat embarrassed because I'd hate to admit it was an id10t problem on my part. As I tried a few different configurations, I began to realize there might be a limitation in the RV180 PPTP VPN server with the current firmware (1.0.1.9).
In short, the RV180 PPTP only works with 192.168.xxx.xxx/24 subnet. My setup has 3 vlans: vlan1 in 172.xxx.xxx.xxx/24 subnet, vlan2 192.168.0.xxx/24, and vlan3 10.xxx.xxx.xxx/24. My originally plan was to keep vlan3 isolated by disabling inter-vlan routing, but I needed a way to manage a couple of devices on vlan3 remotely, thus I wanted to setup a VPN in the 10.xxx.xxx.xxx/24 subnet. This turned out to be the reason why it never worked before. Today when I called Cisco support, I assigned the PPTP VPN server a 192.168.0.xxx ip range, and it worked. Later, I tried assigning 172.xxx or 10.xxx ip addresses to the PPTP VPN server, and they both failed to work. I created another test vlan4 with 192.168.2.xxx/24 subnet, and assigned the PPTP VPN server to that vlan, and it worked again.
I'd like to mention that I already configured the 10.xxx.xxx.xxx/24 subnet with a few devices before I replaced my router with RV180, and I don't want to have to change and test the setup of all the devices. Another reason I want to have my VPN server outside the 192.168.xxx.xxx range is that it's way too commonly used by wifi hotspots that it increases the chance of wifi and vpn in the same subnet.
I can test a few more configurations, but I think the results will be the same. Perhaps Cisco should test the RV180 in the lab to confirm what I found.
following about a limitation on the ASA5505.I have a client that has a number of branch offices on a Gen-I OneOffice network. For complex and political reasons, we can’t trust all nodes on that OneOffice network. We need to put a firewall at each branch office between their local network and the OneOffice router.
To avoid having to either readdress the OneOffice routers (politically difficult) or readdress each branch office (logistically difficult) we’ve suggested using a transparent mode ASA5505 firewall between each sites OneOffice router LAN switch.
Recently I’ve discovered the client is deploying Avaya VOIP phones into the offices using QOS/DSCP over the OneOffice network from Avaya units in some offices. I figured I’d need to trust DSCP on the way though the ASA and went about looking at how to achieve that.
I found the following document relating to configuring QOS on the ASA: url...
This suggests in the DSCP and Diffserv Preservation section that “DSCP markings are preserved on all traffic passing through the ASA.” However, in the Guidelines and Limitations section it suggests QOS isn’t supported in transparent mode.I’m a bit worried that the DSCP markings won’t pass through the ASA5505 in transparent mode.
any information regarding height limitation for installing the above ceiling mounted antennas. And is there a separation between the 2 antennas when mounted in the ceiling.
View 6 Replies View RelatedI need to know it the adsl router SRP547w or SRP546 permits to set class B subnetting ( or class A) on the Lan interface. I read the model SRP527 has a limitation to set ip address on the lan interface but I did not find any information about 547 or 546.
View 0 Replies View Relatedaccess point and the limitation on the users connected to the SSID using a wireless lan controller. From the installation guide I see an incredible thing:
Supported User Count Only fifteen users are allowed to connect on the WLAN Controller WLANs provided on the 600 series at any one time. A sixteenth user cannot authenticate until one of the first clients de-authenticates or a timeout occurred on the controller. Note: This number is cumulative across the controller WLANs on the 600 series. For example, if two controller WLANs are configured and there are fifteen users on one of the WLANs, no users will be able to join the other WLAN on the 600 series at that time. This limit does not apply to the local private WLANs that the end user configures on the 600 series designed for personal use and clients connected on these private WLANs or on the wired ports do not affect these limits.
Is it possible a terrible limitation like this ?
So in our DMVPN network, we have this Cisco 3845 hub router that is connected via a DS3 to the Internet, and our spoke sites usually have a broadband connection that typically have a maximum of 1Mbps upload capacity. We are getting ready to add a few more sites to our network that are connected to the Internet with 10Mbps upload speeds (and 50Mbps download). Spoke site routers are usually 800 series ISRs. We have seen spikes of 8-10Mbps on the hub router so far. So the question is that a site with 10Mbps upload speed transmit to the full capacity over a DMVPN tunnel or is it limited by other factors? What are those factors?
View 4 Replies View RelatedI want to clear following things regarding Cisco 3750 switch.
1. Can I configure Multiple DHCP pool on C3750?
2. Performance effect due to same?
3. Can I resrve IP addrese from DHCP pool for specific MAC address.
4. Can I Exempt IP address from DHCP pool ?
We have a Cisco 2505 WLC which can support 5 Ap's based on license. Is there any limitation on the no. of ssid's that can be configured on a wlc, how to determine that detail.
View 5 Replies View RelatedI've learned recently that the Nexus 7000 only allows the configuration of a maximum of 2 Monitor sessions for spanning traffic. I only have one monitor session left and I need to do the following. 2 Core Nexus 7000 boxes with 2 different traffic probes/sniffers to each nexus( eg Sniffer 1 connects to Switch A on interface eth 1 and to Switch B on eth 1 ; Sniffer 2 connects to Switch A on eth 2 and to Switch B on eth 2.) My plan was to setup a standard session with multiple sources and destinations then on the interfaces connecting to the sniffers run a trunk and do 'sw trunk allowed xxxxx' and filter what I need to go to each sniffer box. However I've recently found out that some of my source traffic is coming from Port-Channel interfaces. Is there a way I can get around this and still do the filtering within only 1 monitor session ?
View 1 Replies View RelatedWe have 2 Hubs (Cisco 7200 - 2 for redudancy). Every customer have a Spoke (Cisco 881). The Spokes are 24/24 connected to the 2 hubs (2 dmvpn tunnels) to give us the access to our equipments of monitoring and for support. Every Spoke have a NAT table with a specific NAT range for every Spoke. Like this we can reach every devices with a unique IP inside the VPN.For example:
- Spoke_001 have a NAT IP range of 10.80.0.0 255.255.254.0
- Spoke_002 have a NAT IP range of 10.80.2.0 255.255.254.0
...
To connect to the hubs with our laptops, we are using the Cisco VPN client. We have different profiles created in the hubs:
- Admin profile with an ACL that allow the connectivity to every Spoke
- Integrator profiles: that allow the connectivity of one integrator to some defined Spokes.
So the integrator profile looks like this in the hub
crypto isakmp client configuration group [NAME]
key [PASSWORD]
domain [DOMAIN]
pool [NAME]
acl [NAME_VPN_Split]
[code]....
The problem is that if we can't summarize an ACL in less than 50 lines, we will have to create a second profile and to know wich one to use for wich network...
Version:
ROM: System Bootstrap, Version 12.3(4r)T3, RELEASE SOFTWARE (fc1)
BOOTLDR: 7200 Software (C7200-KBOOT-M), Version 12.3(15), RELEASE SOFTWARE (fc3)
System image file is "disk2:c7200-advsecurityk9-mz.151-4.M2.bin"
I have the following setup:
Cisco 1921 is my core router and connected to it is a 30 Mbit fiberline
VLAN1
VLAN2
Now, the thing is that i want VLAN2 to have a 5 Mbit bandwidth limit to Internet but full speed to VLAN1.
I have played around with Rate limit without success.
I also have access to cisco switches that can limit the bandwidth.
We have an ASA 5520 using for VPN & would like make use ASA's local CA to manage certificate.Do you know if there's any limitation on number of certificates that the local CA supports ?
View 6 Replies View Relatedi used my 610N v2 for 2 years and recently i upgraded my network from 100mb to fiber 500mb , however, if i directly plug the lan cable to my computer , i can get full speed , but with 610N, the speed is limited to 130 for both upload and download .i had already upgrade my firmware and did factory reset, none of them work. Is it the limitation of the router ?
View 1 Replies View RelatedWhy does My N750 F1103 (f/w 1.10.16) MAS filter only allow 20, my old Belkin router allowed far more
View 3 Replies View RelatedWe have a customer who is evaluating a Cisco Vs. Motorla wirless solution. He says that a Motorola AP can only work in standalone mode for 48 hrs. after it lost communication to the controller. Is there any limitation like this with a 2500 controller and 1140 series access points solution?. Is there any reference to show?
View 3 Replies View RelatedWe phace disconnections when having a dozen open connections.Does the Cisco devices have a documented limitation on the buffer size or the number of telnet connections?
View 1 Replies View RelatedWe have 9 x 3750x switches with 5-nonPOE and 5-POE. There is a limitation with 4 POE per stack with Stack Power.
Can we combine all 9 to one stack since there are only 4 POE?
Or, is the 4-switch limitation applied regardless if they are mixed with POE and non-POE?
I have a cisco 2950 switch, connected with 4Mbps of internet and number of users will access the internet. There is no restraction on bandwidth limit for users, if any body use high download the remaining users are facing the slow browsing problems.
So, if i can put a bandwidth limitation for every users the problem will be solved. how to restract the bandwidth on user bases.
I'm intending to purchase a switch for work,and I need to limit the bandwidth of one of the ports to 25 Mbit upload and 25 Mbit download (we have 100/100 Mbit connection and the customer is only paying for 25). I been trying to find information on how this could be "properly" done and what kind of switch I need to buy. As far as I have understood, most L2+ switches support outbound rate limiting, but not inbound, and as I only want the customer to have 25 mbit up and down, I need both.
I been looking at a Cisco Catalyst 3560 switch, and I'm first and foremost wondering if I can limit the inbound AND outbound bandwidth on this switch? Perhaps it can even be done on a simpler, cheaper, switch - as I rather not spend more money then necessary?
Lastly, how to do it, limit the inbound and outbound bandwidth on a single port (perhaps on the above mentioned switch, if possible), to 25 Mbit?
I am just browsing and looking for a solution to converge my multi-vendor switched network and bring some redundancy to it as recently
we managed to get a redundant links. I have a need to change core switch to Cat3750G, which has Per-V LAN-RSTP+ on board, but tests have shown that it won't be compatible with some other proprietary per-V LAN RSTP solution other vendor's switches use currently.
So, I thought maybe standard-based MSTP design might do the trick. I've made some tests and got some weird and unstable switching result. I have two topology rings with a core switch in the center. Every ring has about 10 switches, so practically network diameter may vary from 5 switches (when spanning-tree converges in the center and I have a blocking port somewhere int the middle of the ring) to about 10-11 switches (if a I have link failure on any of ports right at the core switch). I disconnected one port from core switch to eliminate a possible switching loop while I will be configuring new MSTP design. Then I started enabling MSTP on all the switches staring from core Cat3750G to MSTP, one by one, placing all switches to the same MSTP region, and placing all V LAN's to default MSTI0(CIST) cause I don't need to organize any separate MSTP instances for every V LAN or for group of V LAN s. When I turned MSTP on on 7th or 8th switch in the chain (cause I had a physical chain when I disconnected one port out of redundant ring) I got all switches "flapping", storming and flooding the network with broadcasts. Even when I had one redundant port disabled.
I have no idea what I am doing wrong. I noticed that Cat3750G has an option that defines a possible network diameter which actually automatically changes some hello, max age etc. attributes according to diameter specified. When I defined a maximum network diameter of 7, if didn't change anything: I still have hello timer of 2 sec etc. I've been wondering if the maximum network diameter has something more than just a "variable" to fine tune hello timers etc? Maybe I won't be able to use MSTP in my network which might have diameter more that 7 switches. Or maybe it was a mistake of placing all the switches to the same region and all the v LAN s to the default MSTI0 (CIST) and I should configure one MSTI per V LAN or per some group of V LANs and subdivide my switches to few MSTP regions?
My topology briefly looks like this:
+--SW1----SW2----SW3---CORE---SW4---SW5--SW6---+
| | | |
+---SWxx---SWxx-----------+ +------SWxx-----SWxx----+
As I said, each "ring" has about 10 switches connected side by side.
if Linksys will be increasing the size limitation of the E4200 USB storage devices? Will the next firmware allow larger drive sizes? I only bought the thing to share via the router my digital content that is stored on an 8TB external device. What is the perpose to the limit in the first place? Is this a hardware or software limitation of the device?
View 2 Replies View Related
