Cisco Wireless :: 6509 - WiSM Version 6 Cannot Modify Service Interface
Jun 19, 2009
although cisco sw advisor said that the best IOS for my hardware 6509 Sup720 IOS: (s72033_rp-IPSERVICESK9_WAN-M), Version 12.2(18)SXF16 suits the WiSM; And I tested it already with WiSM version 5.0 but when I've upgraded the WiSM to version 6.0 the service interface from the switch side says:
B5_Noc2_CS1(config)#int gig 4/9
% This interface cannot be modified
as the customer refuse to upgrade the switch IOS & He wants to use the latest ED WiSM sw 6.0;
WiSM WLAN Service Module WS-SVC-WISM-1-K9 in 6509e running VSS IOs s72033-ipservicesk9_wan-mz.122-33.SXI2a.bin having trouble to get the IP from service-vlan DHCP.The pertinent config is as follows.
! vlan 300 name WiSM_Service_Vlan !interface Vlan300 description *** WiSM Service-Vlan ip address 192.168.200.1 255.255.255.0
[code]....
The service IP is supposed to have been populated with an address from the dhcp pool. I am also unable to connect to it by doing a session switch 1 slot 4 processor 1. I get the following upon attempting to do so:
HO2NET0001##session switch 1 slot 4 proc 1
The default escape character is Ctrl-^, then x. You can also type 'exit' at the remote prompt to end the session Trying 0.0.0.0 ...
I am getting an alarm on WCS where a one controller is down, unreachable from WCS, while the other one is reachable on the same WiSM module. Upon investigation, Status of controller is shown as "Oper-Up" for all controllers on Supervisory engine. Hardware platform is Cisco 6509-E.
WLAN Slot Controller Service IP Management IP SW Version Status ----+-----------+----------------+----------------+-----------+--------------- 2 1 192.167.10.11 172.19.47.65 6.0.196.0 Oper-Up 2 2 192.167.10.12 172.19.47.66 6.0.196.0 Oper-Up
However, I can not ping the managment interface of the down controller while the other controller management interface is pingable. All these interfaces are in the same VLAN.
ping 172.19.47.65 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.19.47.65, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
Problem is fixed when I reboot the problematic Controller. However, this problem re-appears after some time. I am not able to figure out why controller is not able to ping its default-gateway which is an SVI interface on Supervisory card on the same chassis, and showing status UP/UP. Is it a software bug or backplane fault or any other reason ?
We have a WISM in a 6509. The 6509 lost power (the UPS failed) and upon reboot the WISM isn't allowing AP's to connect. The WISM is blade 4. Upon consoling in, I get this error message for all 8 ports: 42w6d: %EC-SP-5-CANNOT_BUNDLE2: Gi4/1 is not compatible with Po407 and will be suspended (trunk mode of Gi4/1 is dynamic, Po407 is trunk)
I have a WiSM installed in WS-6504E, vesion 6.0.182. It can't function normally after upgrading to version7.0.220.When it was unstable, I found three strange condition 1. A lot of log looks like this*osapiReaper: Mar 10 14:53:39.282: %OSAPI-3-FILE_OPEN_FAILED: osapi_file.c:370 Failed to open the file : /proc/1059/stat.(erno 24)*osapiReaper: Mar 10 14:53:39.282: %OSAPI-3-TASK_GETTIME_FAILED: osapi_task.c:3431 Failed to retrieve statistics (/proc/<pid>/stats) for task 'fmcHsTask'2. Internal Temperature was showed "sensor failed"3. CPU User load is Zero?
I have been having some issues trying to stand up an older WiSM that has been incorrectly configured by my predecesssor and has a bad Mgt IP so I am unable to telnet or SSH into it, nor can I console or session into it.
What I would like to do is to change the Mgt address for the WiSM controllers (1 and 2) by way of the Sup (not sure that is possible) because as it stands they are set to 169.254.1.1 and are unreachable even when directly consoled into them.
Core-A#sh wism status
Service Vlan : 52, Service IP Subnet : 10.104.52.2/255.255.255.0 WLAN Slot Controller Service IP Management IP SW Version Status ------------------------------------------------------------------------------------------------------- 3 1 10.104.52.3 169.254.1.1 4.0.217.0 Oper-Up 3 2 10.104.52.4 169.254.1.1 4.0.217.0 Oper-Up
Core-B#sh wism status
Service Vlan : 52, Service IP Subnet : 10.104.52.1/255.255.255.0 WLAN Slot Controller Service IP Management IP SW Version Status ------------------------------------------------------------------------------------------------------- 3 1 10.104.52.50 10.104.30.254 7.0.116.0 Oper-Up 3 2 10.104.52.51 10.104.30.250 7.0.116.0 Oper-Up
I hope to get this WiSM setup on Core A and get it configured like I have my Core B and then run them in a dual failover design with load balancing between the two.
I currently have a vlan/SVI on my 6506 for the WiSM service-port. The WiSM has an address on the same subnet. To manage the WiSM, I either https to the Management interface address or use 'session slot X proc Y' from the the 6506. Since I am essentially only using two addresses from a subnet for this service-port I would like to free up the subnet. Can I keep my current functionality by having a vlan only (with the wism service-vlan XX command) with no SVI?
I have issue to access one of the wism on 6509 switch however other wism is ok both wism on switch are up and functional how to enable remote access on wism.
we have two ASA (ASA2) with 8.3 version and ASA 7.2 (ASA1) , we have SNMP service active on ASA2 with 8.3 ASA version.Usually we do SNMP request from devices behind NAT on the ASA1 to the ASA2 SNMP service , two weeks ago suddenly we could not do request from devices behind NAT.
We check process (Sh process) from ASA2 and SNMP is running, we run "no snmp server" , and we reconfigure it on ASA2, ACLs to access SNMP seems well, and shun table seems ok too, to finish we check with packet tracer from ASA1 to ASA2 in ASA2 wizard and it seems well.We check SNMP UDP request from ASA1 to ASA2 in ASA1 wizard with packet tracer and it seems OK.Are there any automatic traffic rule ACL on ASA to protect to from multiple request ?
I m planning to implement VSS in core but want some inputs on IOS as i have FWSM as a service module Core :- Ii am running 12.2(33)SXH2a on my Core 6509 and i checkd cisco sites and Fwsm release notes but it states only I-Train of IOS while mine is H-Train so can I directly upgrade to I-Train or I was thinking of SXH8b IOS.
interface Vlan24 description Internal Wireless Internet ip address 10.x.0.1 255.255.254.0
[Code]....
So, I am trying to limit the bandwidth used by this vlan. The service-policy output statement works, the service-policy input statement does not. My test is to get on that vlan and go to speedtest.net. My download speeds are about 3.5Mb/s, my upload speeds are about 20Mb/s.
it has something to do with this:
sh mls qos ip QoS Summary [IPv4]: (* - shared aggregates, Mod - switch module Sid - Switch Id) Int Sid Mod Dir Class-map DSCP Agg Trust Fl AgForward-By AgPoliced-By
I just need to upgrade existing FWSM of 6509.FWSM Firewall Version 2.3(1)is it possible to upgrade to the version of 4.X .If not to which version is safe?And also I need to steps of doing FWSM upgrade.
Is there a way I can check the version of each device on two Cisco 6509 if they are Virtually connected (VSS)? When I enter the command show version, it only shows one result, unlike show module, you have an option to choose which switch by entering 1 or 2.
I have several controllers, including a 4402 running 6.0.188.0 software and I need to modify the Radius servers that it uses. Currently I have three servers listed;
I would like to delete server 1 which is being retired and replace it with a new server 1. I suspect, once i get servwe 1 deleted, the server 1 option would become available when I create a new server. I went into the controller and disabled server one, but every time I try and delete it, I get the "Server in use either on a specific WLAN or Mesh Radius Server Configuration" error. I can't find anywhere this server is still in service and being used, either by a WLAN or a Mesh. I've tried several different variances to modify this. What I hope to avoid is the need to reset the controller. I have a total of seven controllers that I need to make this modification to, and It will be ugly if I have to reboot these units. Hospital mission critical stuff.
Sure this is a simple one. New to the 1900 series routers, have a 1921 with IOS 15.1. Noticed that there is a standard interface labeled Embedded-Service-Engine0/0. What the purpose of this is? Cannot seem to find any detail on it. See extract from default config below.
How to change or modify the auto generated network key? I am trying to work around but no luck. Is there a way to do this or once you generate a network key it is a default.
I have removed an embbedded service engine modole from an 2951 router, after reboot the rouiter. the service engine interface still appears; any command can I use to completely remove it.
We acquired recentlty a new Cisco 6509 with Sup-2T supervisor card
My question is the following : we have a management subnet on a Copper-based switch; we manage all equipments through this network. I planned to configure the management interface on the 6509 to connect this switch & monitor the VSS through it However, since it is a CMP interface, most of the actions (SNMP, IOS upgrade.. won't be possible through this link) Moreover, I don't think LMS would be able to get the configuration through it (except by configuring a script running "attach" command & show run
Is there something I miss or must I add another interface of the Catalyst to this network (the problem being that I have no copper line card)
I have a 6509 with SUP2 w/msfc2 at home, I am currently have dsl for internet with static IP addresses. Due to AT&T not wanting to support faster speeds in my area, I have to look at another option. All of these will be dynamic IP addresses, cable, uverse, etc.
I need to be able to enable dhcp on the wan interface so I can connect directly into one of the gig ports (either on SUP2 or 6316) or on a 10/100 port on a 6348.
I have the following image installed s222-adventerprisek9_wan-mz.122-18.SXF13.bin, according to Cisco's feature tool, it is supported.
I have tried "ip address dhcp" on the interfaces but they will only accept "ip address x.x.x.x", I looked at "ip dhcp" as well and only get the option for "relay".
I would hate to have to put something else in the mix to handle the dhcp portion. I may be keeping the adsl for my mail server traffic and backup in case of an outage on the new provider. So I need to be able to track if a link is up.
I am trying to determine a problem with flapping interface on a router not showing up in log buffer if Cisco IOS. I've included the config on the switch that pertains to the logging and can't seem to figure what is going on. The SNMP trap is being sent to our Central Management trap server and that is reporting the interface flapping but the flap doesn't show up in the log messages.
hstir1#sh int desc | inc 8/33 Gi8/33 up up hstir1#sh int desc | inc 8/33 Gi8/33 down down
I have just started to discover the power of EEM and am already monitoring config changes on our switches with EEM.I would like to be notified of any interface going up and possibly down. on our 6509's and 3750's This is just to be aware of anyone patching anything in.
I was wondering if an interface numbering scheme is available for the 6509-E switch equipped with SUP-2T and includes 16Port X 10GE DFC4, 48 x 1GE SFP and RJ 45 line cards. Would like to understand:
How the slots are addressed Interface Addressing On board SUP-2T 10G and 1G port addressing
I've got email logging for a few specific syslog messages working and sending to an email server on the inside network. However, the source IP ends up being the DMZ interface. Is there a way to force it to use the inside IP instead?
ASA Code Version 7.22 Inside Interface IP: 10.104.36.4 Mask:255.255.255.0 DMZ IP: 10.100.20.1 Mask:255.255.255.0 SMTP Server IP: 10.100.10.100
Logging commands in config:
logging enable logging list email-alerts message 106100 logging mail email-alerts logging from-address ASA@xyz.com logging recipient-address tgw@xyz.com level debugging
I have a 10Mbps connection link which I will like to reduce to 5Mbps on a 6509 switch as indicated in the config below. [code] After applying the service policy on the vlan interface, i got this "match vlan is not supported for this interface". I actually tried the rate limit command but I cant see the effect using the speedtest.
I have attached a pdf of an example of a FWSM configuration with shared interfaces. Now what I dont get is (please refer to the link) url...Is there any difference between the natting that they have done on page B-4 on Context A.as opposed to configuring a static NAT for processing traffic to correct context nat(inside,outside) 209.165.201.0 10.1.2.0.The other question is on page B-2 (diagram) Context A has a customer A network linked to the inside interface. Is it possible to put a default route towards that "Network 2" cloud and restrict traffic from the 6509 switch towards the context A?
I have problem with traffic coming from GRE interface and going further through FWSM on the same 6509-E chassis.It's very interesting and confusing. If packets are fragmented, I can go through, however, if I use normal packets (usual ping for example) traffic goes from outside to inside and stops on it's way back.
Here is the detailed info: WS-C6509-E with WS-SUP720-3B FWSM HW 4.0, SW 4.1(4)
GRE is done in hardware (source is loopback interface - only one loopback per GRE tunnel).
I have used the following basic configuration to do rate limiting on a vlan interface on a 6509:
access-list 100 permit ip any any class-map match-all ratelimit match access-group 100 policy-map ratelimit-10Mb class ratelimit police 10000000 428750 conform-action transmit exceed-action drop
[code]....
How do I combine the two correctly to give me a vlan port rate limited at 10Mb up and down, but still setting aside (dynamically) 2Mb for voice?
We are looking for a solution that to use Sub-interface on a routed port on 6509, instead of using a SVI on it.Are there any different when using Sub-interface?
I am getting alarms on Solarwind indicating interface down on "GigabitEthernet 4/7 - Gi4/d1" and "GigabitEthernet 4/8 - Gi4/d2" from our core switch 6509.Remote login to the switch does not show the interfaces when I do the "sh run" command. Now I am at site trying to identify and diagnose this fault.Looking at the numbering on the switch, it indicates to me the card where these alarms come from is from the 'intrusion dectection module'
how I may login and identify this interfaces and rectify these alarms.
