Cisco :: To Decide Where To Point For DNS - 5508 WLC
Jul 3, 2011
During our implementation of Guest Wireless (currently ongoing), we are trying to decide where to point to for DNS.We have a 5508 WLC in our Internet DMZ and it acts as the Anchor WLC. This WLC is also used as the DHCP server for the Guest Wireless clients.We are debating whether to point the clients internally to our primary DNS servers, or externally to the public service provider DNS servers. The only DNS servers in the DMZ are external forwarders.rom a network standpoint, I think either solution would work. But from a security standpoint, which is better? Or is there another option? Any standard or best practice design when it comes to DNS for Guest Wireless?
I am working on a QoS design which I hope to test at some point, but at this stage its from the books.My question is how to decide which queue and threshold to use for video traffic, then lower priority traffic.I understand the shaping and sharing commands, its the queuing and threshold bit I'm not clear on.The plan is to use the priority-queue for EF marked voice, this will be policed on ingress to provide an upper limit to EF traffic levels, then my second priority traffic will be video. Which queue will get serviced first once the priority queue is empty, and how do I decide which threshold to allocate my video traffic to? The document ion is not at all clear, I want to prioritse my traffic in the following order:
1 voice, use the priority queue 2 video, this to get serviced ahead of data, after voice. 3 interactive data 4 Bulk data 5 Best effort
So Q1 settings are ignored due to priority queue. Q2 gets 70%, Q3 25% etc.Is it as simple as putting video into Q2 T1, then interactive data into Q2 T2, will Q2T1 get a higher priority over Q2 T2 once the PQ is serviced?
each time that for what ever reason my access point goes down(not that my access point resets by itself, if i have to move it), the setting in the vlan mapping resets to whatever my native vlan is, in this case 30.
We are currently running WCS but have built a new Prime Infrastructure 1.3 system from scratch on a brand new server, we have sucessfully migrated the old WCS database on to the new Prime server and as a test I have pointed 1 anchor controller to it. Possible to point the WLC's to both WCS and Prime Infrastructure concurrently - I was thinking that it would be a quick fallback if we has any problems with Prime (I know there have been some!) We are not running MSE but we do have mobility groups, the WLC's are 5508 running 7.0.235.3 .
I moved 1242 access point to my new buliding which i have 5508 wlc and 3500 acess point are working. i connected 1242 ap in network it got registered and download new ios and downlaoded the configuration and working fine. But i open the WLC tha 1242 ap are not visible in ap list.
Subject: FlexConnect compatibility with Access Point? We have today one Cisco 5508 and those access point on remote sites
o CISCO AIR-LAP-1131AG-E-K9 o CISCO AIR-LAP-1231G-E-K9 o CISCO AIR-LAP-1142N-E-K9
We plan to use redundancy on the controller and implement Flexconnect on the remote site. What we need to know is if I can implement Flexconnect on all actual access point - I think it is possible on 1142N + 1131G but do not know on 1231AG - is it correct or I'm wrong ? We plan to install the latest SW version for 5508 controller.
I have problems with an AP AIR-CAP1552C-E-K9 (MAC: 2c:36:f8:73:e8:a0 )this AP cannot join to WLC 5508 software version 7.2.110.0.The AP ever gets associated to WLC.
I saw timeout messages and this error message:
%CAPWAP-3-ECHO_ERR: capwap_ac_sm.c:5656 Did not receive heartbeat reply; AP: 2c:36:f8:73:e8:a0
I don´t see any connectivity issues between the AP and WLC thorugh HFC network.One time the AP join to WLC and I saw this messages in debug CAPWAP:
*spamApTask1: Nov 27 09:01:06.316: 2c:36:f8:73:e8:a0 Change State Event Response sent to 10.64.128.165:16012 *spamApTask1: Nov 27 09:01:06.316: 2c:36:f8:73:e8:a0 CAPWAP State: Run *spamApTask1: Nov 27 09:01:06.316: 2c:36:f8:73:e8:a0 Sending the remaining config to AP 10.64.128.165:16012
In our current Setup we have one WLC 4404 with 100 Access point license, now we have bought 3 number of 5508 WLC each supporting 100 Access point. Our plan is to Migrate all the Access point assosiation from 4404 to 5508. [code]
I know there were a few post about users losing their access point config after a power loss to the ap. I wanted to share that I can confirm and reproduce this same issue with a number of access points that I have. I opened a tac case and will update this tread as the case progresses.
I have 50 WAP connected to a WLC 5508. When I backup the config I don't see the custom settings I put in some WAP. Where are the WAP settings saved at ?
I have Cisco AIR-LAP1310G-E-K9 access point and 5508 wlan controller with version 7.0.220 and it is joining to the WLAN controller. I have enabled dhcp in the lan controller and i dont have external dns server. How to fix this issue? Can this LAN controller version will support this access point? My Lan Controller Management IP Address is 10.10.10.5 find the below configuration of 1300 access point.
AP001d.4513.dd68#reloadProceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.%LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is available.flashfs[0]: 4 files, 2 directoriesflashfs[0]: 0 orphaned files, 0 orphaned directoriesflashfs[0]: Total bytes: 7741440flashfs[0]: Bytes used: 2052608flashfs[0]: Bytes available: 5688832flashfs[0]: flashfs fsck took 14 seconds.Base ethernet MAC Address: 00:1d:45:13:dd:68Initializing ethernet port 0...Reset ethernet port 0...Reset done!ethernet link up, 100 mbps,
I have the wireless controller 5508 and many AP1261 registered on site. It detects a lot of rogue access points around. I would like to find out geographic location of these rogue access points. Is it possible?
i have a wlc 5508 and 40 access point 1141n there are 1500 users connected with this controller 5508. but when i ping at my gateway ,there is a disturbance in the temp response. [code]
How would I bridge a wireless connection with a distance of 400 feet? Would twoAP1262N-A-K9 be able to make this happen? Or is there another wireless bridge that you all can think of?I would be connecting one AP1262 of off a 3750g switch and at the far end (400 ft aproximately) another AP1262N-A-K9.
I have 2 cisco 1941/K9 vpn router. I have configured both with LAN ip address given by our vpn provider which is 172.10.10.1 and the other is 172.10.20.1. Both IP addresses are configured to GigabitEthernet port 0/0 on both routers.
1. Is it possible to configure our own set of ip address like 10.71.10.1 and 10.71.50.1 on the GE 0/0 port?
2. Or can we configure our own set of ip addresses (10.71.10.1 and 10.71.50.1) to GigabitEthernet port 0/1 and maintain the other ip addresses on port 0/0?
The first purpose is to have our own set of ip addresses for LAN connection and I will be able to connect or telnet whichever ip address or port is up.
Currently in place ISP WISP Point to Point network would like some pointers to exceed in doing it right. Here are some issues.ISP Fiber 50 Megs down and 50 Megs up ( Working )What Router do I use? Looking at Cisco RVS4000 at JDT Site as main router I have routers at others towers using the 10.1.19.xxx address as wans setup.Do I pull out all routers and use only one from the JDT Site?
a. Due to Port forwarding
b. Lets say main Wan is 74.144.55.159 Lan 10.1.19.1
1. Site BTT router is assign address 10.1.19.33 Lan 192.168.6.1
a. Can I setup 74.144.55.159:85 to see 10.1.19.33?
My Point ot Point radio use different IP address to separate from lan address (10.1.19.xxx) Radios (10.1.119.xxx)1. Everything is working just want to re-design everything never thought I would grow this fast with in 2 years. Hope I explain this well enought. 90% of users are out in the country without high speed internet.
I have a point to point 100mb line connecting SG500x switches at 2 locations, with these ports in a vlan together. I use layer 3 on the SG500x's to route between the two sites. I also have RIP protocol enabled to allow for automatic failover if the point to point fails (this works well).
I upgraded the ios to 1.30.59, and the connection now runs at a fraction of the speed. I have hard-coded the ports to run at 100mb full duplex, but I still only get around 12mb of throughput between the switches. I used to get about 90mb before. The provider also hard-coded the circuit to 100mb full duplex. The provider has checked the circuit remotely, and everything looks fine. I tested with a laptop at each side, and did get almost 70mb throughput. I would think this indicates some type of setting mismatch, but i cannot find anything.
I am using a backup vpn for now as some things look flaky as well (on vpn, I can use the web interface to access the SG500x on the opposite side, but on the point to point I cannot - I can ping the device though).
I have seen some references on here to shutting off STP on these 2 ports.
recently i just connected a non cisco ip phone(from panasonic) to Cisco 2960 POE switch at site A. The PABX system is located at site B,Site A and site B are connected using MetroE Point to point.I would like to apply QoS for voice vlan. I want to assign 2MB to the point to point connection for voice vlan.
I have 2 Cisco Catalyst 6509 switches connected directly using direct point to point link.The OSPF is configured for point - point link.The currently the interface is down administratively.I will unshut the port . After that i would like to know how much time will it take for the ospf to establish the neighbour relation.
I have two Cisco AP 1242G and i'm trying to configurate a Point-to-Point Bridge Configuration to connect two wired LAN. Figure 1.8 [URL] I would connect two wired networks.
I tryed two configurations: Root and Non-Root AP. This way every wired PC on the Root AP can connect to the Access points, but cannot connect to the wired PC on the Non-Root AP.AP and WGB. Even this way the wired computers on one AP cannot connect to the wired PC on the WGB. This way only the wireless client can connect to the wired network. This is my network:
Root Bridge Non Root Bridge 10.0.0.1 10.0.0.2 Wired clients on the RB Wired clients on the Non RB 10.0.0.100 10.0.0.200
We have a MWR2941 (running 12.4(20)MR) router on site A and one in site B which will be connected over a Service provider L2VPN Ethernet over MPLS (EoMPLS) Network, with 10Mb Bandwidth allocated by the ISP. I have simulated this in the lab by directly connecting the two MWR's back-to-back via the Gig0/0 interface with configurable bandwidth of 10Mb on the Trunk interface.
The E1 TDM pseudowire end to end is working fine, with PTP configured for E1 timing/clocking. In addition I have a 2960-24PC-L switch connected on G0/2 of the MWR (on each end) configured with dot1q trunking. The switch will be used to connect two user groups in two seperate vlans (VlanA and vlanb) and transported across the same 10MB wan Link. Below are the requirements
1) Classify and mark Psuedowire packets E1-DATA coming from a E1/CEM interface and give it priority treatment over the WAN Link with reserved bandwidth of at least 4MB 2) Classify and mark Signalling/Timing PTP packets coming from PTP Vlan and give it strict bandwidth reservation over the WAN Link of 1MB 3) Classify and mark vlan A traffic coming from the 2960 Switch Trunk port (Connected to G0/2 on MWR) and give it bandwidth reservation over the WAN Link of 2MB 4) Classify and mark vlan B traffic coming from the 2960 Switch Trunk port (Connected to G0/2 on MWR) and give it bandwidth reservation over the WAN Link of 2MB
It is important that the E1 Traffic and the Signalling/Timing PTP packets are given priority and strict reservation so that it is not dropped in times of congestion. At the same time Vlan A and Vlan B need bandwidth reservation to give them their guaranteed bandwidth.
Currently I have tried applying policy map to the CEM interface. However, I am having trouble matching anything on the CEM input. Also I am having trouble applying a service-policy outbound on the gig0/0 (WAN Link). Also I can’t apply a service-policy inbound on the Gig0/2 interface with match statement. I have tried configuring input policy map to classify and mark PTP traffic (Vlan 902), but the MWR does not also allow me to attach a service-policy to the vlan interface. how to configure the MWR and have a workable QOS solution.
Is any one can configure basic Point-toPoint wireless bridge. I need to connect two simple LAN with Cisco Aironet1310 AP. I required basic configuration with basic authentication between these two devices which is on IOS "123-8.JEA3".
We have two locations 10 miles apart and need connectivity between them. A local provider can run a 30MB fiber connection between the 2 sites at a very reasonable cost. We would have to provide the routers however. I have worked with Cisco routers before with T1 channelized connections but am unsure how the the fiber would connect to a Cisco router in this scenerio. I need to know how such a connection to the routers at each end would take place, specifically what WIC or whatever else would be needed. I currently have a 1760 router at each site but realize that they are old and I m,ay have to replace them with newer models.
I have problems with a vpn configuration for point to point ipsec tunnel.Communication stops randomly, I have the ability to view any record or log of court?
