I try to use fe0 as outside, with dhcp from my ISP, and fe1-fe3 as inside on my Cisco 877. I have done this successfully before but now it just will not work. This has been a long weekend .
My ISP just forced DHCP on me (from static IP) and sent me this Xavi adsl modem. I successfully get IP addresses using DHCP from it with workstations, but not with my cisco. With current setup I get DHCP errors (DHCP: QScan: Timed out Selecting state%Unknown DHCP problem.). DHCP log is attached.
Setup is attached too, but the main parts are:
-----------------------
interface FastEthernet0
switchport access vlan 2
!
I am getting some weir behaviour in my LMS 4.2 setup. I am doing and Archiveupdate job and am receiving a partial success for roughly 1400 devices. Here is some output.
Execution Result: STARTUP CM0057 PRIMARY STARTUP Config fetch SUCCESS, archival failed for xxxxxx Cause: CM0210 Unable to generate processed config Action: Verify that archive exists for device. RUNNING
[code]...
I went on and checked the dcmaservice log file.I found the following entry at the same time of this particulair job
ERROR,[Thread-72920],com.cisco.nm.xms.xdi.pkgs.SharedDcmaIOS.analyzer.IOSConfigletRules,loadRules,42,Could not locate configlet rule file : com/cisco/nm/xms/xdi/pkgs/SharedDcmaIOS/analyzer/IOSConfigletRules.ser [ date taken out ],ERROR,[Thread-72920],com.cisco.nm.rmeng.dcma.configmanager.DeviceArchiveManager,archiveNewVersionIfNeeded,1115,CM0210 Unable to generate processed config
I then searched if I had the IOSConfigletRules.set file on the box. And no it is not there. My question is this the reasson that I have som manny partial sucess archive results?
I am interested to configure my slingbox with my ASA5505. I am currently able to use the device remotely when I connect via VPN. My concern is that the VPN uses too much bandwith and I would get better quality if I would able to forward the appropirate ports through the ASA5505 and connect directly from the outside.
WLC 5508: software version 7.0.98.0 Windows 7 Client Radius Server: Fedora Core 13 / Freeradius with LDAP storage backend
I have followed the guide at URL with respective to building the LDAP and free radius server. 802.1x authorization and authenication correctly work. The session keys are returned from the radius server and the wlc send the appropriate information for the client to generate the WEP key.
However, the WLC does not override the VLAN assignment, even though I was to believe I set everything up correctly. From the packet capture, you can see that verfication of client is authorized to use the WLAN returns the needed attributes:
Using ISE 1.1.1 and Switch 3650 12.2(55)SE6. I have a client (computer) that should be authenticated with MAB and then the switch port should be asigned a DACL and VLAN 90. I do get "Authorization succeeded" but directly after it fails and I can't figure out why. ISE only shows the successful authentication under "Live Authentications".
As you can se from the log below 802.1x fails, as it should, and then MAB succeed, asigns the VLAN and then fails:
Having no success with installing a wireless G+ router F5D7231-4, without any accompanying disc etc which I got second hand, neither can I complete Installation of a new Belkin wireless G USB adapter [with disc], keeps saying there's a missing shortcut that cant be found, my PC is Acer Aspire 5551 which has no wireless facility built in, all connected to a Virgin wired modem, is there a quick fix, I'm using windows 7 if that makes any difference,.
I'm trying to join a band new CSACS-1120 to our active directory without success. The process in it self should be pretty straigh forward, but so far no luck.
I've configured the relevant info under "Users and Identity Stores > External Identity Stores > Active Directory.
Active Directory Domain Name: xxx.com Username/Password : domain administrator account
When I test connection I get a info dialog "This machine is currently connected to domain xxx.com".After which I try to save changes which gives a reply ""This System Failure occurred: {0}. Your changes have not been saved. Click OK to return to the list page."
I've noticed that in the system log "show logging system tail" that I get a exception as soon as I enter the AD configuration page and subsequently every time I perform a action on that section.
Why the AD join keeps on failing and what the debug exception I'm getting means?
I just installed a DIR-601 cascaded with a WiFi G Netgear router. The D-Link is handling DHCP. I am having varying degrees of success with the WiFi signal. One XP laptop gets anything between 80Mbps and 150Mbps (can change while sitting in the same location), while another Win7 netbook does slightly worse. My Son's MacBook Pro never seems to do any better than 72Mbps.
I dedicated the D-Link to 802.11N and only allow these 3 devices to connect to it as N devices. All other WiFi devices are G and use the Netgear G router. I am using WPA2-Personal/AES and Auto bandwidth (40 does not seem to be a choice).Didn't experience such performance fluctuations with the Netgear G router.
I have a cisco 870 router which I'm trying to connect to my ISP all the interfaces are in a up, up state. But I'm unable to ping any IP address on the internet. When I do a debug ppp I can see that the username and password are correct with the dialer 1 interface as there is no errors and I can see success. But when I shutdown the atm0 interface and then do a no shutdown I see a message called authentication failed.How does the atm0 interface work with the dialer,Also I spoke to the ISP and they can't see any connection being made but the debug shows success. I also get a default gateway via the ISP but it is the incorrect default gateway as I can't ping the internet and the ISP confirms that the default gateway is incorrect.
I try to connect two switch Catalyst 3750G without success.switch1 (192.168.2.10 vlan 2) <=> (192.168.2.11 vlan2) switch2.I use this configuration for swich1 [code]
We are trying to isolate the fault. From Aggregator a router, we are receiving MAC address of distant end ethernet interface of a SDH box and vice versa is also possible. However ther is no packet received. My question is does ping test is must to see if the path is through or just receiving MAC adress at both ends would mean that packets have to go over the path.
I purchased an E2500 wireless router. I am trying to replace a Netgear wilreless router with no success. During installation my laptop reaches about 25% and I get an error message. In short my laptop asks for an IP address with a password. Once I enter that information I receive an error message to call for assistance.
I just installed WRT54GH and wireless was working fine, after almost 3 hours passed I lost connection with it.I tried to connect using wireless with 3 different notebooks without success. Just using cable it works.I upgraded firmware from v1.0.010 to v1.0.01 but still not working.
I have some DHCP trouble since I subnetted my network with a 2921. My clinets are in 172.16.2.0/23 and DHCP servers are in 172.16.5.0/24.Sometimes, randomly I guess, I get NACK from my DHCP server, and if I look into DHCP logs I got something like this:
Have a client wanting to hand out public ip addresses to all clients from a PFSense Firewall terminating the internet connection.
How do I allow the Cisco Switches currently in place, configured with private ip addresses in the 10.10.x.x ranges and Vlans, where the main 3550 layer 3 has defined dhcp scopes for each vlan, to relay dhcp requests from all vlans to the PFSense firewall?
I assume I would take off the currently defined dhcp scopes for the vlans and configure each vlan/switch with the ip helper address and specify the PFSense firewall and that Nat would have to be disabled onthe firewall?
I have a Cisco ASA 5500 as the main router with a DIR-655 as a wireless access point behind it. DHCP is turned off on the 655 as the ASA is providing DHCP. This worked great for about a year and now suddenly, without any changes, I'm having problems. The only thing that connects without a problem is a laptop, which shows up on the device list with an IP. Other devices have problems. iPhones connect, show an IP on the device itself, but when listed in the connected list on the 655 show no IP. The connection is super slow. An Airport Express will connect, but again, shows no IP in the connected list on the 655. Using the ethernet cable from the Airport Express, nothing can get an IP. I can live with the iPhone not connecting, but the Airport Express not connecting is a major problem. Any reason why this would just stop working one day?
setting up a DHCP server on a Cisco Layer 3 Switch. How would I set the pool up to issue the lowest available IP address all the time. At the moment it counts up even if a lease has expired.
I have a cisco 850 that is not getting a WAN ip address thorugh DHCP. I have FE4 (The WAN port) set to get an ip address via DHCP, but when I do a test connection from CCP I get this error: Checking interface IP address…failed.No Ip Address for the interface has been obtained. The interface is configured to obtain an ip address through dhcp. The remote end may not be configured with a dhcp server or the dhcp pool may be empty.
Please contact your ISP or WAN administrator and check if the server has been configured to lease ip addresses to the client’s connection through DHCP. Retest connection.I know that the modem is providing an ip address via dchp, because I can plug my computer directly into the modem and get an ip address, so I think I may have missed a setting on the router. Here is he running config: [code] I think the problem may be the Firewall is not letting dhcp through (even tough I haven't set it up yet, and there are no rules in the firewall yet). But I'm not 100% sure about that.
I'm still having bad time with the basic configuration I'm trying to make 2 VLANS: voice and data and run DHCP server on router hoping it will give the Ip Phone an IP address but I don't know where the problem is.
i'm having troubles with a DHCP server, which is unable to give IPs to hosts that are on a different VLAN than the server.I have this little scenario, one L3 switch (SGE2010-48 without PoE) with 7 different VLANs configured in[CODE]
I have 1 core Switch(4503E) and 1 L2(2960) Switch, i created 4 Vlans on L2, DHCP is configured on Core Switch, Which configurations i need to make in L2 to get ip for my specific Vlans
why my switch is not picking up a reserved address from the second pool below?console output with dhcp debugging on.ps. I have also tried 'hardware-address 0024.f769.bf40 1' which is hardware type 'other'
Config
ip dhcp excluded-address 172.23.23.1 172.23.23.49 ! ip dhcp pool main import all network 172.23.23.0 255.255.255.0
I have a Cisco 3750 running DHCP. We have a lot of guest users on the network, so the DHCP conflict table fills up quickly, and when it does, users can not get on the wireless network. I have to go in and clear the DHCP conflict log. (clear ip dhcp conflict *) and the problem is resolved. I see in the Cisco documentation if you don't have a DHCP database agent configured you should disable that log. I just want to make sure what the steps are and the ramifications are of disabling that log. Would IP address's still be freed up to use on the network? It also said about enabling 'ip dhcp ping' so DHCP will ping the address first to see if it's available.
ON ASA, I understand that we can assign a static IP for a specific VPN client, or we can use a DHCP pool to assign IP. Now if I want to create DHCP pools, say pool_A and pool_B, for user A, B and C they use the IP from Pool_A, and user D, E, and F they get the IP from pool_B. Is there a way to do this in ASA?
I cant to obtain DHCP-address on WAN interface. All over hardware can (windows-based systems and Asus RT-N10), but not Cisco 881 Also i cant to obtain ip even from Asus RT-N10 with this configuration:! version 15.1 service config no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Router ! boot-start-marker boot-end-marker ! ! ! no aaa new-model memory-size iomem 10 ip source-route ! ! ip cef no ipv6 cef ! ! crypto pki token default removal timeout 0 ! ! license udi pid CISCO881-K9 sn FCZ1523C3RR ! ! username admin privilege 15 secret 5 $1$0H8v$xx/HtPJIllcFvEWFjzI5t/ ! ! ! ! ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ip address dhcp ip broadcast-address 0.0.0.0 duplex auto speed auto ! interface Vlan1 ip address 192.168.4.1 255.255.255.0 ip broadcast-address 0.0.0.0 ! ip forward-protocol nd no ip http server no ip http secure-server ! ! logging esm config ! ! ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 logging synchronous login local no modem enable line aux 0 line vty 0 4 exec-timeout 0 0 logging synchronous login local transport input all ! end After thousands experiments next configuration started to obtain ip from Asus RT-N10 , but not from ISP ! ! Last configuration change at 12:22:25 UTC Tue Sep 13 2011 by admin ! version 15.1 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Router ! boot-start-marker boot system flash c880data-universalk9-mz.151-3.T.bin boot-end-marker ! ! ! no aaa new-model memory-size iomem 10 ip source-route ! ! ! ip dhcp relay information trust-all ip dhcp compatibility suboption link-selection standard ! ! ip cef no ip dhcp-client broadcast-flag no ipv6 cef ! ! crypto pki token default removal timeout 0 ! ! license udi pid CISCO881-K9 sn FCZ1523C3RR ! ! username admin privilege 15 secret 5 $1$3bFL$y/cxqQLd.8cixPrtETEJ4. ! ! ! ! ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ip dhcp relay information trusted ip dhcp relay information check-reply none no ip dhcp client request tftp-server-address no ip dhcp client request netbios-nameserver no ip dhcp client request vendor-specific no ip dhcp client request static-route ip address dhcp ip broadcast-address 0.0.0.0 duplex auto speed auto ! interface Vlan1 no ip address ip broadcast-address 0.0.0.0 ! ip forward-protocol nd no ip http server no ip http secure-server ! ! logging esm config ! ! ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 logging synchronous login local no modem enable line aux 0 line vty 0 4 exec-timeout 0 0 logging synchronous login local transport input all ! end ISP's hardware based on Juniper.What else must I switch of/on to start DHCP-client?!
I'm having a problem getting DHCP working with an ASR9k as shown in this document. I've successfully implemented very similar setups with some Cisco IOS routers, but the IOS XR on the ASR seems to be defeating me. Router A (happens to be a 3750)A DHCP/BOOTP/TFTP server, connected to router ARouter B - this is the ASR, running software version 4.0.3.Router A and B are connected by a layer-3 link.Router C (happens to be a Broadcom embedded router). It's connected to Router B by a VLAN trunk link.Device 1, this one needs to get its configuration by DHCP/BOOTP/TFTP. It's connected to Router C by a VLAN trunk link.Device 2, this one doesn't need any DHCP/BOOTP/TFTP. It's connected to Router C by a VLAN trunk link (its port is the same as Device 1's) Device 2 works great - it can ping the DHCP/BOOTP/TFTP server (and vice versa) and everything else it needs.
I configured a Cisco 881 as a vpn-client.When I configure the wan-interface with ip add dhcp , it never gets an IP-address.When I remove the crypto map from the wan-interface , the interface gets an IP-address without any problem.According to examples in the Cisco documentation, I should work; and it works on a 831.
I have a 2801 with dual ISP connections, and I have configured route-maps to direct voice traffic over ISP1 (working just fine), and I'm attempting send all other traffic over ISP2 (traffic is load-balancing instead). The connection to ISP2 is DHCP, and I have configured a route-map to route this traffic using the 'ip next-hop dynamic dhcp' command, but when I look at the route-map, it states the following: ip next-hop dynamic dhcp - current value is UNKNOWN..Is there something that I need to enable in order to see the next-hop, and properly send traffic over the ISP2 connection? [code]
I have a fresh install of LMS 4.0 on Windows Server 2008 Standart SP2. I have one NIC with static IP configuration. I also disabled DHCP client.The problem is follows: when I go to Inventory - Device Administration - Add/Import/Manage Devices, I always get this error:Error in communicating with DCR Server. DCR Server may be down. Please start the DCR Server and then refresh the page.Reload server/ Daemon Manager dont solve this.I try to beat this problem 2 days already. Second uninstall also doesnt solve the problem..
About a week ago I tried to clear log files which was 270gb (syslog.log) and after that restarted the server. And all inventory devices suddenly disappear! I could find it from search menu but cant access - cisco works said that there is no such a device in Device Repository or I havent enough right to view it (but i logged as admin). And after this i failed to add any device in Inventory. So I reinstall Cisco Works and get that DCR error..
I need support for wap4400n and I did not find it in the user guide and the administration guid.Is it possible to disable DHCP in this product? I want the wap4400n Access Point to distribute DHCP from the windows server.
I have an ASA 5505 configured to get a DHCP'd IP address from the ISP on it's outside interface. The problem I am seeing is when the ISP renews their IP address, the ASA 5505 is still holding on to the old IP address information. I have to either manually renew the IP or reload the ASA. I have the potential of rolling out hundreds of these devices and I would not like my customers to have to reboot their ASA everytime the ISP's DHCP lease experies. I am using an easy vpn autoconnecting to an ASA 5520. Static IP's are not an option on the outside interface of the ASA 5505's.
