Cisco Wireless :: How To Prevent Certain APs From Associating With WLC 8.1.185
Mar 29, 2012
We have 9 WLCs around a corporate network. Each of the WLCs was in the same mobility group for failover purposes, and to permit APs to reconnect back to their primary WLC in the event of a failover.
However one of the sites has now been sold and pending separation of the LAN infrastructure the APs need to be isolated and prevented from associating with any WLC other than their primary (on site). From our experience once the APs know about other WLCs they retain this list in NVRAM even if the secondary WLC is removed from the configuration they will still associate with one of the known APs if possible (Cisco document this). WLC v 8.1.185.
View 14 Replies
ADVERTISEMENT
Dec 20, 2009
AP = AIR-LAP1131G-E-K9
WLC = WS-C3750G-24WS-S25
Total 6 floors building, 2AP on each floor.Problem Statement:- Eg: Wireless Clients from ground floor are associating with AP on the 3rd floor.This happens throughout the whole building.I would expect that ground floor clients would be connected to ground floor AP.Is there a way to force clients on specific floors to connect to their designated floor APs?A thorough check indicate that, ground floor AP is not congested and only a few clients are connected to it.
View 11 Replies
View Related
Apr 16, 2013
We have a Cisco 5508 controller with 1142 LWAP's running version 7.4.100.We have several Dell laptops which will not associate to the access point UNLESS you stand directly underneath it, power off the wireless, turn it back on then eventually the PC will associate to the AP.Once the PC is associated to the AP and user is authenticated then all is well.
Have tried updating the wireless drivers downloaded from both Dell or INTEL. This does not happen to all of our laptops. However, without making any changes to the WLC or the PC's, we have begun to expirence this problem with laptop which previously did not have this issue.
View 4 Replies
View Related
Dec 25, 2012
I have a WLC 5508 and several 1142 access points. The APs are not showing up in the WLC. When i console into the APs, im getting the following errors,
*Dec 26 23:04:28.035: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 65.125.15.212:5246
*Dec 26 23:04:28.074: %CAPWAP-5-CHANGED: CAPWAP changed state to
[Code]....
Ive tried resetting the WLC, reloading the APs. I even factory defaulted one of the APs and still getting the same message.Ive verified that the WLC is set to accept MICs and SSCs.
View 6 Replies
View Related
Feb 11, 2013
At the present, we have two WLCs (5508). There are a total of 84 LAPs (1242AG). One controller is configured as the master controller in which all our APs associate to. It's currently running software version 7.0.116.0 and some of our BYODs using Windows 8 are unable to connect to the wireless. The fix for this is to upgrade the software of the WLC so that the LAPs can obtain the update to solve this problem. Simple! However, before rolling this out into the production wireless network, I would like to test it out on our second WLC which has no LAP associations, a test WLAN configured, and a newer software image loaded (7.4.100.0). I have a spare LAP that was previously associated with the master controller running the same software version (7.0.116.0). What I'm looking to do is associate this LAP to the 2nd WLC instead of the master so that I can ensure that the LAP gets the newest software. Then, I would like to test a Windows 8 device to make sure it connects.So far, I have done the following:
1. Disabled the 1st WLC from using Master Controller Mode and rebooted AP - result was unsuccessful; still associated to 1st WLC.
2. Reset LAP configuration excluding static IP info and reset AP - result was unsuccessful; still associated to 1st WLC.
3. Compared config for both WLC but since I'm new to these devices, I'm not sure what needs to be configured/changed.
View 4 Replies
View Related
Aug 3, 2011
I am using wire less internet in a public space with my personnel lap top, my question is how to stop unauthorized access to my lap top desk top, drives and other files.
View 1 Replies
View Related
Jan 16, 2012
Just bought myself an 825. I've got it set up and working, but how do I prevent wireless users from accessing the setup pages for the router?
I only wish wired access to the setup pages. I'm used to doing this on my old linksys, but can't find the setting on the new router.
View 3 Replies
View Related
May 23, 2011
Dropped VPN connections.I experienced a similar issue a few years ago with my LinkSys WRT54G router with dropped connections to my corporate network using the Cisco VPN Client. To make a long story short the problem was the result of the following:
1. The default ""Client Lease Time" on LinkSys routers is 0 which means 1 day or 24 hours.
2. By DHCP Protocol definition, DHCP clients must renew the DHCP client IP address lease at the 1/2 life cycle of the lease (12 hours if using the router's default setting). This is deadly for VPN clients as the short period of time when the client IP address is no longer valid, the VPN client considers this a loss of network connection. The LinkSys E-series routers further aggravate the situation by randomly assigning new IP addresses to DHCP clients instead of reassigning the client's previous IP address and tends to favor higher host IP addresses in the defined range.
Suggestions to prevent lost VPN client connections:
1. Change the "Client Lease Time" on the router to 8640 minutes (6 days 00:00:00).
2. Prior to establishing a VPN client connection, use the Windows Command Prompt to issue the "ipconfig /renew"
command to obtain a new IP address from the router that will be good for 3 days (72 hours).
3. Configure your E-series router to use the <DHCP Reservation> option to pre-assign IP addresses to your systems making sure they are outside the range of the dynamically assigned DHCP addresses. Using default settings,these would be in the range of 192.168.1.2 thru 192.168.1.99 as the router starts at 192.168.1.100 thru 192.168.1.149.
View 1 Replies
View Related
Mar 23, 2013
Region : Others
Model : TD-W8968
Hardware Version : V1
Firmware Version : 0.6.0 1.1 v0005.0 Build 120926 Rel.27100n
ISP : Telkom
I haven't played with network and firewall configs for a number of years now, but I want to configure my new TD-W8968 to block all unsolicited internet traffic/hacks.
View 1 Replies
View Related
Apr 9, 2012
I share my internet connection with my roommate who is very tech savvy. I found out yesterday that he has been hacking into my gmail account and reading my emails. I didn't think it was quite possible and I'm very surprised. He manages the internet connection and has full access/control over it.what can I do to prevent him from accessing my information?
View 3 Replies
View Related
Feb 21, 2012
I live in a shared flat. And all 20 rooms are connected to this switch I believe. Is there any method to prevent the landlord/tech guy monitoring our internet activity (e.g. bandwidith activity, websites we looked at, etc.
View 5 Replies
View Related
Sep 2, 2011
I have high speed wifi at home and the wifi is WPA-PSK protected. My neighbour will be coming to my home to work with me and I will be keying my wifi password into his Windows XP laptop for him to access my wifi.
This is one time access only, after that he is not allowed to access my wifi. To prevent him from accessing my wifi, I will have to delete the password that I keyed into his laptop.
Where do I find this wifi password in the Windows XP? What folder and what filename?
View 14 Replies
View Related
Apr 26, 2012
I often have to change switch ports to different VLANs. Regardless of whether I find the ports myself or if someone tells me what the ports are, I'll always perform additional verification steps to make sure that the port I'm changing doesn't connect to a switch, a router, a server, or something else that's equally important. But mistakes happen, and I have accidentally changed the wrong port to a different VLAN, thereby disconnecting the end node.
Is there a way to configure a port so that it will not allow you to change its VLAN (or make any configuration changes to it)? I'm imaging a command that when applied to a port would not allow you to make config changes to the port until you remove that command from that port, at which point you'll be able to change its VLAN, shut it, etc. If there isn't such capability, what strategy do you use to minimize the possibility of accidentally changing trunks, routed ports, or important access ports to different VLANs (other than labeling and verify)?
View 1 Replies
View Related
Aug 5, 2011
I'm trying to perform ping to another network segment using nat to those devices but the ipaddress i assigned are the same as the segment i am trying to monitor is there anyway to overcome this?
View 4 Replies
View Related
Nov 29, 2012
how to prevent one network fro accessing another network by iptable
View 1 Replies
View Related
Sep 5, 2012
Is there any software that will prevent my internet connection from getting disconnected no matter the cause ?
View 5 Replies
View Related
Oct 3, 2012
I'm wondering if anyone knows to set up the switch so that when I'm connecting via SSH, the switch doesn't prompt for a username if I supply one in the initial connect request? For example, we usually connect by typing something like the following at a command prompt:
ssh johndoe@10.10.10.10
Then the switch would prompt for a password. I've tried this on the Cisco SF302 but it still prompts for a username, and then the password.
View 7 Replies
View Related
Jul 1, 2011
I've tried a few things to get around this, some kids where I work keep changing the wallpaper, sometimes to quite disgusting things. Since groups of them all use the same login with roaming profiles, everyone gets to look and laugh at the annoying wallpaper.
I've tried enabling active desktop local policy and preventing users changing wallpaper but as far as I could tell active desktop didn't even come on, I refereshed the policy.
Does anyone know a good efficient way of simply setting a wallpaper for all users in an ad ou and preventing them changing it? I've got rid of all ways to set a desktop wallpaper apart from the right click menu on an image which has the "set as backgound" option, that's what they are using to do it.
I don't really mind how it's done, could be a registry hack to remove that option from the right click context menu when clicking on an image, I could then deploy it with group policy.
View 5 Replies
View Related
Aug 3, 2012
Wifi says connection is available and that it is full strength yet every 15-30 minutes it disconnects and a box pops up saying click to reconnect, yet it will not reconnect.... I have to totally reboot the computer to get back on wifi and I lose whatever I have done are am in the middle of
View 1 Replies
View Related
Aug 18, 2012
My wife is moving into an apartment complex for school and she has a Brother HL-2270DW printer. Since she only has a laptop and moves around the apartment, I would like to use the wireless on the printer. Unfortunately, the internet for the building is just through wireless APs. I have the printer installed on the network, but my concern is that anyone can just search for network printers and install it. While printing on it won't be useful for them, it could be a good way to waste her paper/toner. Is there a way to prevent users from installing it without being able to change the router settings? I did not see any option in the web configuration.
View 3 Replies
View Related
Feb 21, 2013
looking to equip the office with a hardware firewall. Just want to confirm its ability of fending of viruses before getting to the end user and/or spreading once there. Had an issue with a Alureon virus a few days ago, would like to prevent this from happening again.
Office Setup:
3x Windows 7 PC's
Synology DS712+ Server
E4200 w/DD-WRT
8-Port Cisco Gigabit switch
View 6 Replies
View Related
Nov 3, 2011
What the command to prevent a telnet session to the 4400 controller from timing out is?
View 1 Replies
View Related
Feb 1, 2013
i just need to know is is there any way to prevent network from MACflap.The best way will be when switch will disable the interface where the macflap was detected.I need to set this security feature on 2960s.
View 7 Replies
View Related
Apr 15, 2012
We have a couple of switches with a L3 Vlan 238 interface which runs PIM SM and OSPF, and HSRP. We have connected to this same segment telemetry processors which have raw socket interfaces configured - which means it picks up all IP packets which hit the interface and forwards them along.So we dont want the processor to recevie any of the 224.x.x.x switch housekeeping traffic? is there anyway to prevent that ?
View 1 Replies
View Related
May 21, 2011
how to disable certain ports - 25,53,25,138, & 445 - except internet to prevent hacking (can u explain in a way as a novice like me can understand pls)
View 1 Replies
View Related
Apr 12, 2011
My IPTV connection works fine so far but as soon as I start watching TV I can't use my WiFi connection anymore. My router is an "Alice Modem 1121" (SIEMENS S1621-Z220-A) with 4 LAN ports and a WiFi interface (4th LAN port provides the IPTV). It is directly connected by wire to my PC's ethernet card for the IPTV and the internet is provided via the WiFi. When I activate the LAN connection the WiFi and internet connction stays up and requests can be sent but nothing returns anymore. Another device (iPod) has no problems with accessing the internet while IPTV is in use. I also have a Netgear WNR1000v3 router which I tried to use as AP instead but it's exactly the same problem. Unlucky the Netgear router is not supported to use dd-wrt firmware yet (I've found a step by step guide to prevent multicast floods with dd-wrt/ebtables). But maybe the Alice Modem can handle this problem on its own. I read some stuff about VLANs and splitting them but I have no clue how that would look like.
The "nas_0_1_34" is for the IPTV.
View 4 Replies
View Related
Jan 10, 2011
I am using Vista and have only one user accounts.Now I want to prevent changing the DNS server IP. I can prevent changing the DNS server IP or disable the LAN Properties.
View 4 Replies
View Related
Feb 15, 2012
How do I change my password to prevent unauthorized access by other people?
View 2 Replies
View Related
Mar 17, 2011
I am having some trouble understanding extended control lists. I am trying to prevent a certain host on LAN1 from accessing a server on LAN2, while still allowing the host access to the rest of LAN2.This is what I thought the command should be:
access-list 100 deny ip 175.16.1.2 0.0.0.0 175.17.2.2 0.0.0.0
My understanding was that:
Green = source & mask
Red = destination & mask
However this seems to stop all my other hosts on LAN1 from pinging the server also.
View 11 Replies
View Related
Jan 1, 2013
i got trouble for this ipv4 & ipv6 fragment trafic prob/attack.how do i prevent it from comming in to my network? is it way to prevent it in cisco router part?
View 2 Replies
View Related
May 9, 2012
At the core of my network I have two Nexus 5548's with the routing/L3 daughter installed. They have a default route that points to my ASA 5520 for Internet access. I have configured a VLAN that I do not want to have access to the Internet. What is the best way of preventing this access? ACL on the Nexus or Firewall rules on the ASA?
View 1 Replies
View Related
May 5, 2011
Currently in my office have a TPlink wireless router (WR1043N), and Dlink 615 router.Below is my office's network organization.Internet-->TPLinkRouter(192.168.2.0)-->DlinkRouter(192.168.0.0)We want to host a demo website but we are afraid our network being attacked. So we wish to implement a DMZ network to hide our internal network from outside. My question is can i setup a dmz network with the above capabilities by using home routers?
View 5 Replies
View Related
Nov 27, 2012
I want to know what is the best way to black traffic inside the same VLAN, this VLAN is a user VLAN, it means that I am talking about access layer.I wanted to use private vlan, but C2960S doesn't support this feature. Any other way to prevent any to any traffic in the user vlan, this vlan only have to speak at the Layer 3.
View 2 Replies
View Related
