I've setup access via our ASA5510 portal which is working fine but I can't seem to connectto the ASA when there are two active connections. If there is only one, it's fine.
Problem - Unable to Connect More Than Three WEB VPN Users to PIX/ASAProblem :Only three WEB VPN clients can connect to ASA/PIX; the connection for the fourth client fails.
Solution :In most cases, this issue is related to a simultaneous login setting within the group policy.Use this illustration to configure the desired number of simultaneous logins. In this example, the desired value was 20.
ciscoasa(config)# group-policy Bryan attributes ciscoasa(config-group-policy)# vpn-simultaneous-logins 20Would this be the same thing?
If so how whould I check the existing setting in the GUI?
I bought this router to temporarily replace my firewall while I wait for it to be replaced. We have a training center that when running full tilt, we probably have 50 devices trying to get on the internet.
We are planning to use an ASA 5540 to terminate about 3000 IPSec connections. The maximum supported IPsec VPN Peers for this platform ist 5000, so this should be ok in theory.
What is a bit unclear to me is what exactly happens when (for whatever reason) all 3000 clients try to connect at once ? Perhaps it's not at once but depending on timers this could mean 3000 incoming IPsec connection within 10-20 seconds.
Will the the ASA cope with it ? I can't find any info regarding this on CCO. It's also not that easy to test/simulate.
I have a BT Home Hub 3 and quite often get messages "cannot connect to network". I have many (>20) devices connected. Have I reached the limit? With four kids in the house the pressure to connect even more devices is growing.
We have a PIX 535 with unlimited lisence, it has 1,048,953 in use connections because the timeouts have been changed to 24 hour. I am addressing this issue but was wondering why its so high when the max concurrent sessions is supposed to be 500,000 as listed in the product spec. Also when it reaches it max and cannot allocate a connection what PIX syslog error message number would it send?
We are having random issues of users not being able to connect to our wireless network consistently. The users will have successfully accessed the network previously but then will have difficulty associating to the network. After a period of time, the association appears successful again. My first thoughts were that there was a restriction on the number of clients that could associate to a given AP at any one time.This is the equipment we have:1x Cisco Wireless Control Server (WCS) 6.0.181.04x Cisco 5508 Wireless LAN Controllers 6.0.196.060x Aironet 1142N Lightweight Access Points (LAP) Is there a hard or recommended maximum number of clients per LAP? If so, where is this defined? From what I have read on these forums, Cisco apparently recommends about 25 clients per AP but I can not find any official documentation to support this.When I go to WCS Home > General > Top APs by Client Count, the top AP reports 20 clients. However, if I click on the AP Name and go to the Current Associated Clients tab, it is only listing 8 clients - why is this?
Is there a maximum number of licenses for connections to a 877?The reason I ask is that our routers are managed by a datacentre and when I asked for the login details I was told that I couldnt have them due to licensing reasons with no other explanation.
Purpose:From my Dell Inspiron 8200 laptop, I need to make this connection-A. Ethernet LAN port to connect to telecom transmission equipment for management and configuration purpose;B. Wireless USB module (150 Mbps) to connect to the internet.Problem:I cannot establish A & B connections simultaneously, as either A is busied out by B or vice versa.Question:How can I seamlessly connect to my transmission equipment (Via LAN) at same time connect to the internet (Via Wireless usb)?
WCS is reporting few AP's are not associated with it. While troubleshooting, AP conneceted switch interface shows UP/UP and show power inline output gives IEEE PD instead of AIR-LAP1131AG-E-K, after doing a shut/no shut on AP connected interface. Later after sometime AP comes up.
I have a WLC 4402 with many APs connected. Most of the APs are LAP1121 and LAP1131 and are working using 802.11b/g. I tried activating 802.11a but for some reason its not working. I see under the Monitor tab that the AP's "802.11a" interface is "down". I have enabled the radio under the "Wireless" tab. Under all the "WLAN" I have enabled all the radios but still not working. 802.11a" interface is still "down".
The AP Model is AIR-LAP1131AG-E-K9 meaning "ESTI" regulation. Under "Country" I "checked" IL.
I've a 2106 WLC and the software is upgrade to 184.108.40.206. There are 3 APs with external power adapter work normally on it. Here is the problem: There is another AP with external power adapter has join the the WLC successfully. But it can not enable the radio 802.11b. Following is the error message on CLI
(Cisco Controller) config>802.11b enable AP001d.a1ef.b5f4 Cisco AP has not enough in-line power to enable radio
Since few days the WLC 2100 series controller and 3x LAP1131AG are getting disconnected and the controller gets offline via the local ip address. At that point I have to reboot. To get anywhere and after I connect wirelessly to the AP before I know it it disconnects. It worked for 3 years straight no fuss. And now nothing. I reconfigured the WLC 10times and no diffference.
I have Linksys WRT54G2 V1 it suddenly died yesterday. I does not broadcast any wifi, I tried connecting via cable but there is no LAN, "Network Cable Unplugged". I also tried to do 30 sec reset even the 30/30/30 reset but no success. The front lights and power supply are blinking exept the Wifi and Power indicators.
I have a customer whom has six LAP1131AG-K9 but no controller and they are interested in one of the new 2500 series, specifically a AIR-CT2504-5-K9 with a 5 AP add-on license to bring total AP capacity to 10. I can't determine clearly if this controller will work for these older AP's prior to them making the jump to 802.11n via the 3500 or 3600 series, looking to the community to confirm.
I have a 1841 router with two wan access from two different ISP:throught dialer with fixed ip obtained from dhcp - ATM interface,thought fastethernet 0/1 with fixed ip and a specific gateway - can be use for Internet traffic if dialer is down.I can't manage to make them accessible at the same time (ping and ssh).In a second time I would like to have a VPN client access on one wan and site to site VPN on the other, instead of having the two on one wan.
We have about 70 AIR-1131AG-A-K9 APs that were installed about 5 years ago. The controller we use is a 4404 WLC, with software 220.127.116.11. This provides us our wireless network. We use Cisco switches as access, distribution, and core switches.
We have two guest networks, one for visiting physicians and another for patients and their guests. Each of these guest networks use a 4402 WLC as an anchor controller, with software 18.104.22.168. They use the same APs as our business network.
According to my understanding of the guest networks is that a tunnel (I don't know if it is encrypted or or encapsulated) is created between the APs/Guest WLAN to the anchor controllers, so this guest traffic is isolated from our business traffic. Futhermore, these guest controllers connect directly to our firewall, which only allows them access to the Internet, and not our Internal LAN.
Our Problem ========================= Well, we've been having problems with our wireless system, specifcally with patient guest access. It has gotten bad enough that they are looking to replace the Cisco APs on the south side of the hospital. We've been told that "you can get better guest access at McDonalds" : ( . I think part of our problem is that our controller code is so very old and we are have a our patient guest network open and "restrict" the number of clients attached to it by limiting our DHCP scope. The biggest complaint we get regarding the patient/guest wireless is people saying "I can't connect to the wireless", which we almost always identify as an issue caused by us running our of DHCP leases (we have about 200). These DHCP lease are used quickly, by an devices that comes into range that is set to automatically connect to any network that is in range. A lot of our staff is connected to our patient guest network and don't even realize it.
We are interested in Meraki APs because they are magaged using a cloud controller (we won't have the added expense of another controller) and they seem really easy to manage. Our biggest concern regarding Mearki is security. They make use of NAT, a Layer 3 firewall, and LAN isolation (a firewall rule that only allows clients Internet access) in each AP as a means of isolating the guest traffic from the business traffic. Does this seem like a secure way to accomplish this or are the Layer 2 tunnels that Cisco and from what I've been told recently Aruba and Juniper make use of a more secure approach?
We've been working with a Meraki vendor, who also happens to sell Aruba and Juniper wireless networks. It seems like don't suggest Meraki if we are concerned with security. They said they are good for situations where you have many geographically seperated sites. They suggested we use Juniper and Aruba, specifically because they use Layer 2 tunnels and that they used technologies like clear air (APs self adjust channels and power, which Meraki claims to do too). I thought that, hey does Cisco that too, why wouldn't we just go with Cisco if those are your selling points for Juniper and Aruba?
I have 10 AIR-LAP1131AG-A-K9 connected to a 4402 controller. I have a couple of questions:
- When I go into CONFIGURE/ACCESS POINT, one of the AP's has the message "**Configuration is different on the Device**". How do I connect directly to the device to check the settings? I tried to telnet but that didn't work.
- Are these access points capable of acting as a DHCP server? If so, where can I check this setting? I have workstations that are unable to pull an IP address from my DHCP server running on a Windows server. I want to make sure the AP's and/or the controller are not the issue. The clients see the SSID and the signal is strong, but when they connect they get limited network connectivity message and the IP addr is 169.254.97.123 (which is wrong).