i got the problem with 1300 bridges,root bridge with omni antenna and non root with sector antenna , it can associate and can pin each other , but whenever i try to browse several web pages its get timed out and radio was down.
View 5 Replies
Can I associate the non-root bridge model 1310 to the root bridge model 1400? Is there any problems on the configuration I need to be aware of?
View 7 Replies View RelatedWe have a problem with a Cisco 1400 Bridge. This equipment can not bridge to the other root or not root mode. I can see a message "Interface Dot11Radio0 Radio transmit power out of range" and the MAC Address of Dot11Radio0 appears with 0000.0000.0000.I set the local power to 18 but the MAC Address is still in 0000.0000.0000.
View 1 Replies View RelatedAny working configuration between two BR1310's in Root/Non-root mode? The documentation is vary vague and i can't find anything more secure than WEP. Is it possible to use WPA with radius authentication?
View 1 Replies View RelatedI have a setup where - I have a cisco stack (4X SGE2010 Switches) trunking over to a 3COM switch. Both switches believe to be the "ROOT" of the network. Note The 3COM is running RSTP as opposed to the Cisco Stack which is running normal STP. To my understanding of STP - Essentially STP is not functioning! Both switches believe to be the "ROOT" so they don't shut ports down. (We are currently having major issues with ports going up and down for seconds at a time on both switches)
View 3 Replies View RelatedI have two locations DC and Corp connected to each other via Point to Point Circuit. I have forced the two core switches setup as GLBP pair to be primary and secondary for certain VLAN's including VLAN1.I have a switch in our Corporate office 3750 which is where the point to point circuit terminates. VLAN1 SVI is manually shut on that switch. Also the priority on VLAN1 is increased manually like this, "spanning-tree vlan 1 priority 28672".
Now the issue is that the Primarey Root Bridge in the DC is the root bridge for VLAN 1. But this other switch 3750 in our corporate office also is a root bridge for VLAN1. [code]
I have two Cisco 1300's acting as bridges only. I have created an infrastructure ssid on VLAN 2 and assigned this to the radio. I am carrying multiple VLANs between the bridges (using subinterfaces on the fastethernet and radio ports).I have enabled WPA-PSK, but how do I check that this is being used between the bridges? Also - I have a switch connected at each end of the bridge. When I make VTP changes, the remote switch does not pick these up - is this because VTP goes over VLAN1 regardless of the Native VLAN (2 in my case)? Do I have to carry VLAN1 over the bridge to get VTP working, or is there an alternative solution?
View 7 Replies View RelatedIs it possible to configure two 1300 series bridges at one location, each handling a bridge link to another location to BOTH backup and load balance for each other should one of them fail?
View 5 Replies View RelatedI am trying to configure repeater mode on an AP, but the authentication is not working.It seems the authentication is seen as EAP-TLS on the ACS 5.2, but im trying to do LEAP.
Relevant config root AP:
!
dot11 ssid Auto3
authentication open eap eap_methods
authentication network-eap eap_methods1
guest-mode
infrastructure-ssid
[code].....
if the Cisco 3502p AP can run as a root mesh access point ?
View 4 Replies View RelatedRegion : UnitedKingdom
Model : TD-W8968
Hardware Version : V1
Firmware Version :
ISP :
Another query regarding diagnostic test and Test DNS Root. It always fails why?
I want to connect two buildings. Let's call them Building A (main) and Building B.
„A“ is the main building and provides a wired LAN to an AAA server (192.168.1.2) and the WAN gateway (192.168.1.1). There I placed a 1262N with the IP 192.168.1.3 connected to the wired LAN and configured it as Root-Bridge. Let's call it AP01.
„B“ is a pretty large building and has a wired LAN from one end to the other end.
So I placed two 1262N there, each at one end.
The first 1262N is configured as non-root Bridge (AP02) and connects to the Root Bridge (AP01). The IP address of AP02 is 192.168.1.4.
The second 1262N is configured as Access Point (AP03) and connects to the non-root Bridge (AP02) via the wired LAN. The IP adress of AP03 is 192.168.1.5
My Questions:
1. Do I need tell AP02 about the AAA Server in Building A or acts AP01 like a AAA Proxy for AP02 because of it Root Bridge functionality?
2. How Do I tell AP03 that it should use AP02 as a gateway to building A?
We have a root AP whose status light is showing solid red. We power cycled it and it still shows solid red. According to the Cisco documentation, this indicates a firmware failure. Unfortunately, we did not get Smartnet with this access points and instead opted for the limited lifetime warranty.
My question is: is there any way to fix the firmware via console? Whether it be through xmodem or what not. I ran debugs on the controller and can confirm that the AP is not communcating with the controller.
It is also weird that the mesh APs that were previously connected to this root AP show a solid red on their status lights and green for their RF LEDs. Shouldn't the status LED be flashing green-amber-red?
i have 2 1260 Access points one is in root mode , one is wgb mode. Authentication is EAPFAST. There are 5 devices connected via WGB bridge to the rest of the network.
- If clients are sending some data , then WGB AP announces this client mac via IAPP to root AP and rest of the network sees them correctly
- If clients are "passive" , then after WBG AP announces them to root AP , they timeout after 6 minutes on root AP and obviously they are not pingable from the rest of the network. The only way to restore connectivity is to ping that device from WGB AP, then WGB AP announces via IAPP to root AP , then and only then they become visible from the rest of the network.
My question is related to this 6 minute timeout on root AP . Is it normal behaviour ?
how to configure Cisco 1252-AG-A-K9 Access Point Root and Repeater?
View 9 Replies View RelatedA customer has a wireless PTP bridge using a pair of 1410 bridges. The non-root bridge event log shows the RSSI polling information message indicating the link's signal strength; ie. -42 dBm. It updates every few seconds or so. The root bridge does not show this information in the event log. Both bridges have the event log configuration options set identically, all messages types are enabled. I can't find any reference to this in the documents. Is this by design? I thought that maybe a root bridge if it was set up as a multi-point might be overwhelmed if it was showing/scrolling RSSI from multiple non-roots.
View 3 Replies View RelatedI have installed Windows Server 2008R2 on a virtual machine and have setup AD and a domain name called nuggetlab.com and is the first DC. I've created another VM and again installed Windows Server2008r2 and want to add a second DC to the forest root domain. When i run dcpromo and at the option 'Choose deployment conifiguration' wizard i select Existig forest >Add a domain controller to an existing domain > Next, the next screen appears and i type in the domain as nuggetlab.com but when i enter the credentials under 'Alternatate credentials' and enter the admin username and password, i receive an error saying that it cannot be contacted. When i press the details button i can see the description[CODE]
View 5 Replies View Relatedhow can I root my Toshiba thrive 31.5.003 without messing anything up cuz I'm tablet eleterate an its brand new
View 1 Replies View Relatedis it possible to join the ACS 5.1 to a rootdomain (AD) with a subdomain and to authenticate against the subdomain? Or do I need different ACS' for the root and the subdomain?
View 2 Replies View RelatedI am currently working on an example for a CCNP Spanning Tree Protocol example.I have some lectures on video and getting confused with an example they have provided. It has me baffled as I have compared it against numerous other websites, trawled forums and tried to get other examples to compare it against.Anyway, I have posted screenshots of the topology. They are as follows:
1) topology showing links so can assign costs (100mbps = STP cost 19, 1000mbps = STP cost 4)
2) topology show priority and MAC addresses (priority left at default so root bridge elected by lowest MAC address)
3) topology showing elected root ports **which I do not agree with for switches E & F**
4) topology showing subsequent blocked ports **which I do not agree with for switches D & F, even if I accepted the previous given root port election*** I understand for same cost paths to root bridge that lowest bridge ID wins. So here are my queries:
1) switch E has 2 equal cost paths to root bridge (A):
-via: E > D > A (4 + 19)
-via: E > C > A (4 + 19)
so I think pick the next hop switch with lower bridge ID. Switch C right? In this example it says pick port going to switch D. I am confused! Why pick port going toward switch D?
2) switch F has 2 equal cost paths to root bridge (A):
-via: F > C > A (4 + 19)
-via: F > D > A (4 + 19)
so I think pick the next hop switch with lower bridge ID. Switch C right? In this example it says pick port going to switch D. I am confused! Why pick port going toward switch? tell if the example in the diagram (topology 3) is wrong? If it is correct explain why?Now on to issue number 2...If I accept the root port election given in the topology, I go through the process of assigning designated ports and blocked ports.I understand for each link there is at least 1 designated port. If it is a redundant link, one side will be designated, one side blocked. The designated port will be on the side of the lowest bridge ID (priority + MAC address). So here are my queries:
1) there is a redundant link between switch C and switch F
-one side must be designated
-one side must be blocked
-pick the side with lowest bridge ID (priority + MAC address) for designated port
-switch C has same priority as switch F, so based off MAC address, switch C wins i.e. designated port on switch C side, blocked port switch F side.
-In this example it says port from switch C is blocked and port from switch F designated. I am confused! Why pick port going from switch F as designated?
2) there is a redundant link between switch D and switch C
-one side must be designated
-one side must be blocked
-pick the side with lowest bridge ID (priority + MAC address) for designated port
-switch C has same priority as switch D, so based off MAC address, switch C wins i.e. designated port on switch C side, blocked port switch D side.
-In this example it says port from switch C is blocked and port from switch D designated. I am confused! Why pick port going from switch D as designated?
I have a very problematic situation here.I have configure on a Cisco 2960 the vty line in a wrong manner and now I am stock.To configure those vty to enable ssh I have typed :
line vty 0 4
login local
password xxxx
line vty 5 15
login local
password xxxx
exit
Problem, I work remotely (I was on telnet while doing this). I have no username configure as I thought that root user would work.Now when I issue an ssh to my switch, I always failed authentication.how I could recover access to my switch without being physically there ? I have write the config in memory, otherwise it would have been too easy.
I'm currently trying to set up a new infrasturcture with PEAP.
So, i've got redundant CA routers (c1921), an ACS server and 1262 AP's. Everything is working fine and as i want it to.Certificates are autoenrolled and so on, but if the CA root certificate expires, how to tell the AP to get the new root CA cert.
The root-certs are made by auto-rollover, and rolled on the CA router, but I got no change to get this root-cert on the AP.Is there a way to get them in an automated way, like rollover or enrollment?
I've not found much detail regarding election of a root port other than "The root port is the switch port with the lowest path cost to the root bridge" they also expand on this a bit more for the case below, (italics)." When there are two switch ports that have the same path cost to the root bridge and both are the lowest path costs on the switch, the switch needs to determine which switch port is the root port. The switch uses the customizable port priority value, or the lowest port ID if both port priority values are the same".They explain that on S2, F0/1 is root port because it's lower than F0/2 but don't go beyond this.My understanding is that the following order is true with regards to priority of criteria (in this case), am I right?:
1. Lowest cumulative path cost back to the root bridge
2. In case of tie, the device with lowest Bridge ID
3. In case of tie, the port with the lowest received priority #
4. In case of tie, the port with the lowest local ID #
So, shouldn't this demonstration factor in the BIDs of S3 and S4 before the port priority and IDs of S2 ? For instance, if the BID of S3 was lower than that of S4, wouldn't F0/2 on S2 become the root port? I'm hoping I'm correct in this? Also I've not actually seen these four bullets in any of my official material for STP which I thought was a bit odd. I wondering if anyone else who has seen this before, considered the bridge ID aspect.
I am trying to confirm which of my cisco switch is the spanning-tree root. I know which I prefer to hold the spanning-tree and I ran the command spanning-tree vlan 1 root on this switch,I would now like to check that this command has worked and so I ran the command 'show spanning-tree root active' and received the detail below.To make sense of this and determine which port the mac address references (From this I take it that 00b0.d0f5.cf31 is the root, how can I determine which port this is).
View 15 Replies View RelatedI have been getting overrun errors on 3 different ASA 5550 HA pairs with traffic rates less than 100Mbps total. I was told by one TAC guy to split the traffic between the two slots so that traffic comes in one and exits the other to maximize throughput because the 5550 was designed to work that way. Another TAC guy told me to enable ethernet flow control to alleviate the overrun errors because the traffic was bursty, but this doesn't seem to address the root cause of the problem to either. TCP traffic is bursty by nature and has it own flow control mechanism. I can't seem to find any detailed info on why traffic needs to be split for 100Mbps when the marketting throughput number is 1.2G. Is this a design flaw or limitation? Is there a way to alleviate overrun errors?
View 25 Replies View RelatedThe upgrade process for ANM virtual appliance 4.2 involves doing a backup and restore as root user. I have looked through the documentation and have even reinstalled the virtual appliance to see if the install script gives away the root password for the OS but without luck.
How to set/find the root password?
On a production 6509, I am seeing this:
RTR-01#sh spanning-tree int gi2/3 rootVLAN0001 0VLAN0010 0VLAN0011 0VLAN0012 0VLAN0013 0VLAN0014 0VLAN0015 [ code]....
Now I thought the command "sh spanning-tree int gi2/3 root" showed cost to the root bridge. So with everything being zero, its implied this the root, which it is but not for vlan 111 and actually all 1XX Vlans have a different root. Why does vlan111 show its root as out int gi 2/3 but the root cost shows zero?
Issue is we have a issue where a 2950 is acting as root bridge for our wireless vlans, wrong....it should be the 6509, but before I change it over, was wondering about the root port/cost question.
This is troubling and I don't know why it is happening. For some odd reason files seemingly related to my DIR-655 are being put in the root directory of my hard drive on my Power Mac G5 running Leopard 10.5.8. Two preference files and a folder named ''D-Link'' and another folder named ''Shareport.''Why is this happening? I have given D-Link/DIR-655 no access to my hard drive.Furthermore, why this is only happening on that machine while my MacBook Pro running Snow Leopard 10.6.7 is not being ''invaded.''
View 12 Replies View RelatedI config vlans 21-23 on 3750 A and B switches.I config B switch to be Root Bridge for all vlansspanning-tree vlan 1,21-23, priority 4096 sh span tree on B switch 3750B# sh spanning-tree.
View 18 Replies View RelatedI have two 6509s both with single FWSMs running in transparent mode with bridged Inside and Outside VLANs.I have my Core A set to STP priority of 8192 and Core B set to 16,384 to make Core A the root for all VLANs.Problem I have is when I look at spanning-tree on Core A for Inside VLAN 324 it states to get to the Root go via PO100 (Cost of 9) and that the Root also has a Priority of 8192, but as the designated Root has a lower MAC address it's pointing to the etherchannel. PO100 is L2 Etherchannel between the Cores.Moving accross PO100 to Core B and running the show spanning-tree command I can see that to get to the Root Bridge I need to go via PO272. PO272 is the internal Etherchannel to get to the FWSM on the Core B Switch. This shows a cost of 6 to get to the Root and a mac address of the Root Bridge which resides on Core A (Outside VLAN 124)To give some perspectibe,theoutside VLAN of the pair has it's STP ROOT on the Core A switch as intended?
View 1 Replies View RelatedI have an Extremely Old switch that I need to connect to my network. Because it is so old I don't want it to become the Root Switch.
what is the command to change the priority. (Honestly I don't remember if it has to be a lower number 1 or a higher number ). Always get that mixed up. I've read about root guard, but I would like to prevent it manually. (It is a small network after all)It is a Cisco 2950.
I have 2 3550 12G switches that I use as core fiber switches. Switch 1 is the primary for 1/2 the V LANs and Switch 2 is the primary for the others using MST with 2 instances (I am not including the default 0 instance). I am using HSRP to provide redundancy. So far so good.
Recently a tenant in my building would like to use their own switch for data but still needs access to a V LAN on mine for voice. Again not a problem as I can configure a trunk port and give them what they need. My concern is that if they try to configure STP on their switch can they take down mine. Are there some preventions that I can put into place, such as root guard, that work with MST? What happens if they too set up MST can they kill mine?
Switch 1 is the root for 1/2 the v lans and Switch 2 is the backup root. The scenario is flipped for the other 1/2.
in my LAN the all access layer switchs/stacks are connected directly to core backbone switch (cisco 6509) via sfp fiber-optic, i want to protect my spanning tree setup with the "root guard" command.
1. where would i set this ? on uplink ports on access layer switches ? or on core backbone ports to which the access layer swithes connect to?.
2. can this be set on active (production) ports without downtime?
