The problem is that one of the clients loses the connection to the network time to time ,The error in the WLC logg is
*Dot1x_NW_MsgTask_0: Jul 06 17:42:38.934: %DOT1X-3-INVALID_WPA_KEY_MSG_STATE: 1x_eapkey.c:843 Received EAPOL-key M2 msg has invalid information when mobile is in START state - invalid secure bit; KeyLen 24, Key type 1, client 00:21:6a:af:be:70
We have installed a number of Cisco Wireless 3502-07 in China and i can not get the Clean Air Oper status to change to UP. At the meoment i have ERROR. I have have tried to disable and enable the the Clean Admin Status from the Access Point 802.11b/g/n and then select the AP and change configuration.
Just bought first wireless router, when i insert CD and start setup, after a few seconds i get Error 301: internal error. i have rebooted and still no luck. I've tried going to 192.168.1.1, i got in one time but didn't understand half the stuff. now i can't go back into that page.
I've recently installed ssl certificates for our web auth guest interface on our WLC's. I discoverd the they required a Level 2 certificae to work properly. We are getting an untrusted certicate on our 802.1x ssids that authenicate against a 5500 ASA..A certificate was insatlled and has an error, show the certificate as untrusted, my questionis, does the 5500 ASA require a level 2 certifate as well?
Up to today I used Verizoon 4G to a Windows Visata box running Internet connection Sharing to get my home lab connected to the Internet . All was working well.
Today I had Hughesnet come and installl their service and I can no longer get access to the Internet from my PC netowrk. my VPN to my office for my IP phone coomes up an works just fine. At the router I do have Internet access which then leads me to believe that my problem is NAT related.
My router is a 2851.
When I enter PING 4.2.2.2 I get !!!!! but when i enter PING 4.2.2.2 SOURCE 192.168.69.3 I get .....
I have tried Intel tools and latest drivers ( w/ and w/o pro wireless utility) but cannot pass thru code 10 error. Tried uninstall and install....as earlier card 4965 agn worked fine but seems like some conflict is stopping successful 5300 agn driver install.
I had been working on our client servers through Cisco VPN using internet datacard. But from past 3 weeks after logging into Cisco VPN using my username/password, when I try to connect to any of the servers, it is giving connection timed out error.
Whereas, my team members across other locations are able to connect to the servers using my VPN username/password.
I thought there might be some issue with my laptop or internet datacard. I got my laptop formatted, even tried out with fresh new laptops & new internet datacards, but the issue remains same.
I have tried using vpn_5.0.06.0160-k9 & vpnclient-5.0.05.0290-k9 to connect but issue did not get resolved.
i m trying to connect two routers a Cisco DPC3825 (r1) and DIR-655 (r2) and at the end getting the error. i have disabled the SPI firewall on r1 and connected an ethernet cable lan to lan between the two. i don't want to confuse with whatever the mess i have done previously,Tell step by step what i should do to connect these two routers.PS: in addition, the gateway ip of r1 is 192.168.0.1 with subnet mask of 255.255.254.0 and the gateway ip of r2 is 192.168.0.2 with subnet mask of 255.255.255.0. r1 has a ip range of 192.168.0.10 to 192.168.0.128 while r2 has range of 192.168.0.100 to 192.168.0.199.
After a successfull installation of NCS 1.2 into a vmware environment and run the setup I have the following error while trying to start or to have a status for NCS (ncs start ot ncs status):sh: /opt/CSCOlumos/bin/wcsadmin.sh No such file or directory
I have a WiFi printer connected to an CWAPP Cisco AP AP1250. I am using WPA2-PSK to connect to this AP. I find that the printer connects to the AP at times and at times it does not. I got an error message from the Capture an error on the backend controller of the network."Authentication Request received invalid RSN IE Mismatch WP2 algorithm"
I am currently on Time Warner Cable 10 mbps packge, and am using their wireless DOCIS3 modem/router. It is connected in my bedroom to the main computer. That computer stays connected. However, throughout the rest of the house (we have a two story townhome) it will drop completely or give limited connection...constantly. Sometimes I can have my laptop next to me and it will go out or give limited connection. The connection speed never drops, it just goes completely to no connection. Not for sure what is going on, if its on my end or time warner. Has been doing this for quite some time, the cable company comes out and changes the modem, but that's it, couple days later, goes back to doing it again.
I have an 1841 that was working fine - I could SSH to it with my Radius login and console into it with local credentials ("Fred").I added another use ("Mike") with priv 15 so the end user could log in locally via console if needed.After that, we can both log in via console, but when we try to enter privileged mode we get "% Error in Authentication", before even entering the password.I can still log in via Radius SSH with no problems and access privilege mode via SSH.What am I missing so we can have two different users be able to log in locally with different credentials and access privileged mode, and keep my ssh radius working?
We're seeing "OutDiscard" error on a LAN switch connected to newly migrated Cisco IP phones. All the other error counters are clean except for the OutDiscard. (please see attached "show int count err" output.) [URL].
According to the link above, the common cause of such discards can be to free up buffer space.(Am I seeing a switch buffer issue?) How to identify/resolve the cause of the OutDiscard.The switch is 3750-E running c3750e-universalk9-mz.122-44.SE6.bin
I was using my internet on my Acer Windows 7 operating system wireless just fine on Monday. I tried to use it on Tuesday and could not connect to the internet wireless any longer. I get an error message next to my network stating ""The settings [COLOR=green ! important][COLOR=green ! important]saved[/COLOR][/COLOR] on this computer do not match the requirements of the network"I have never encotured this kind of problem before. I proceeded to call Comcast who did all kinds of trivial beginner troubleshooting such as restart the router, restart the modem turn on and off the computer.
I 've got some problem with my Mail Server since I've migrated to an ASA5510.Actually the server is in a DMZ with a private Ip ( 10.x.x.2) and it is translated to a Public IP ( 194.x.x.65).Some Users received in there mailbox a system administor error message :Object : Impossible to deliver : testYour message could not be deliver to one or more of its recipients: 421 SMTP connection went away!When they try to re sent it some times later, message is sent whithout problem.
I have 2 datacenters running same equipement (two Nexu 5596 with FEX).I just took a look at the log just to see if everything is ok and I saw that I have the same error message (a lot of times) at both location :
%SYSMGR-FEX100-5-HEARTBEAT_LOSS: Service "satctrl" heartbeat loss 2 ,max 7,I though it was a problem with my peerklink-keepalive connection but I see the word FEX ....so i'm not sure...
Note that at both locations, my Nexus are connected back to back through the management port using transceivers. So it's a copper cable from the first nexus, going into a transceiver, going to another transceiver in fiber and then back to copper to the other nexus.
We find ourselves in a difficult situation with the Cisco VPN Client version 5.0.07.0290 where it keeps giving us an
"Error 42: Unable to create certificate enrollment request"
When we attempt to use the Online enrollment method to create and enroll a new certificate. There is no additional information in the VPN client logs where we have set 3-High for all logs. In addition, Wire shark does not show any packets sent from the machine running the client to the Cisco 3825 router which runs the Cisco CA.
To create and enroll a certificate we do the following:
1. Click on the Enroll button to show the Certificate Enrollment dialog 2. Select Online 3. Select <New> for Certificate Authority 4. Enter http://192.168.120.1 as CA URL (note, 192.168.120.1 is the IP of the Cisco 3825) 5. Click Next to display the dialog where we can enter certificate details 6. Enter details in all fields except IP Address and Domain 7. Click Enroll which shows a dialog with the Error 42 ... message in it.
If we attempt to create a request by using the File method, all works fine, that is, the client creates a file with the enrollment request. The fact that the client does not send any messages to the Cisco CA leads us to believe that we have a problem on the client machine. However, the client does not write any information in the logs, so it is a bit hard to fix the problem. I can provide additional configuration information if required for both the client and the Cisco CA. Note that we have not modified any client configuration. Basically, we installed the client on a Windows 7 64bit machine and attempted the steps listed above.
Trying to connect two systems together but was giving error that contact network administrator,one system is laptop with wireless and other is desktop but connect through cable but running windows XPSamson
I bought belkin N150 recently. I tried to configure with my ISP. They are surprised how I don't have DHCP option in the wifi configuration and asked me to upgrade my firmware. When I tried to upgrade. I downloaded the firmware from [URL] tried to upgrade. It is showing file format error.
I have a Cisco Wireless LAN Controller AIR-CT5508-K9 running Software Version 7.0.98.218. This WLC has registered ten AP model 1240.Now I have configured fiive CAP3502 with static capwapp commands, when I connect the CAP-3502 in the network, in the WLC I see the status "downloading" then the CAP restart, and the console show the message *Mar 1 00:15:39.033: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER, and never the CAP3502 is registered in the WLC. [code]
i have 2504 controller with 7.0.116.0 software and some 3502 APs. I also using 5 APs now and few days ago I bought some additional 3502 APs and I can't get them connected to the controller. My company admins decided to using DNS controller discovery instead of using DHCP option 43. I'm connecting APs to access ports of Linksys switches and APs not in the same subnet as ap-manager interface of controller. AP succesfully get IP and DNS from DHCP and could ping cisco-capwap-controller. However, I have such messages.
*Mar 1 00:12:32.014: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.Not in Bound state. *Mar 1 00:12:40.533: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
I can succesfully ping controller from AP AP30f7.0d2e.9a58#ping cisco-capwap-controller Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.23.16.30, timeout is 2 seconds:
There are a total of 25 Cisco 3502 APs installed. 24 APs were discovered except for 1 AP. I run SH CDP NE on the switch and the AP was discovered by the switch but it does not have an IP address. On the output of the SH CDP NE DE, I noticed that on the AP that is not joining, the Platform is "cisco AIR-SAP3502E-E-K9" while the APs that joined the WLC, the Platform is "cisco AIR-CAP3502E-E-K9". The software versions are also different but this could be because the WLC already upgraded the IOS when the APs joined.Why is the Platform "SAP3502E" for the AP that did not join.
Just a basic question regarding MAC based authentication of AP with ACS. The scenario is - If I have a ACS installed and I want all my Cisco 3502 APs to be authenticated on MAC basis via ACS. I know that AP mac is used as a username and password at ACS so that whenever we plugin the new AP in the network, it gets authenticated via ACS first and if the AP is authorized to be used in network then only it gets the IP address from DHCP.
My question is - What will happen, if the AP is connected in local mode on a remote location and the WLC, ACS & DHCP are in Data center. The traffic coming from remote location will pass through the Remote-site router and during that pass, it will remove the source mac address of AP and put the router interface MAC address as source, so how will the ACS authenticate the AP in that case.
When working in a LAN I know its possible, but how will it work over the WAN.
Using WISM with 7.0.220 and 1240 and 3502 APs. Just found that some of our 3502 AP didn't enbale their clean air and CDP when installed. This only happened on a few new APs. But the area these APs where we seem to have had a few problems with PCs. The only PCs effected where Computer On Wheels (COWs), Dell 780 Desktop with a Cisco Wireless Card.
Using an interl wireless card and others in thes areas worked.Once I enabled the CDP and Clean Air, the COWs worked.My question is with the APs not having CDP enabled, could this affect the cisco wirelss card in the COWs?
I have a Cisco WLC5508 controller which I recently upgraded to software 7.0.98.0 because I tried to add a Aironet 3502 and it gave me an invalid software. After the upgrade this is the error I get from the AP when I try to add. [code]
Our newly installed WAP's are constantly downloading code and seem to lose contact with our wism 1 version 7.0.235.3, causing them to restart the downloading process, over and over.
We have a secure ssid and a guest ssid. Is the a way to prompt for a single username and password and if that name is guest it will automatically connect to the guest ssid? If active directory user and password it will automatically use the secure ssid? we are using Microsoft NPS/Radius, 3502 ap's, and 5508 controller.
I have got a 3502 setup and functioning in Office Extend mode. I have found one issue though. I have to set the checkbox on the my Management Interface to Enable NAT Address and put the external address in the box. Once this occurs no internal APs can join the controller.
Need setting this up with a single controller behind a router and not having to set the NAT Address for the Management interface? Should I setup a second interface on the controller to be for external management?
I have a 3502 AP that I am attempting to set back to factory default including clearing the username and password. It is going to work off of 4400 controllers. I have read numerous documents no how to clear the config and password but so far nothing has worked. I can get it into ap: mode but not sure what to enter here. When I do a dir there doesnt seem to be any files. It will pull an IP address via the local router but cannot communicate with WLC.
I am trying to configure a 1242 or 3502 WGB with PEAP. There is not ACS server involved as Windows RADIUS is used. I can get the WGB to work with OPEN Authentication but when I attempt to add in the authentication/security piece I get "no association." Below is my current config. The WLAN is set to use WPA/WPA2 802.1x + CCKM.
Current configuration : 1812 bytes ! ! Last configuration change at 00:56:39 CST Tue Mar 2 1993 version 15.2