Cisco Wireless :: How To Forward DHCP Requests Through 1140N AP
Oct 30, 2012
We have an 1140N AP connected to a switch and our "network partner" controls the router and will hand out DHCP and do the NAT for this WLAN. How can I configure the AP to forward DCHP requests through.
I have WPA2 PSK (TKIP) setup and the client is able to authenticate however we fail to get an address. In this case the Ethernet interface was left alone so it has the default config and it gets a DHCP address fine. How can I configure this AP to enable the rest of the WiFI clients to get an IP?
View 6 Replies
ADVERTISEMENT
Nov 23, 2011
Goal: To forward requests over port 80 from my LAN to an external server on a specific port, that is I would like to forward all requests over http to an external proxy.
I know that this can be done with IP-Tables, but I would like to do the same thing with my D-Link. I have looked at Advanced --> Routing, but that seems to be specifically for inbound requests. I want to do this for outbound requests. This can be achieved with the D-Link DIR-655?
View 13 Replies
View Related
Mar 29, 2012
We are in a planning phase of adding another service to our DMZ. The DMZ has a singe publicly accessible IP. We are running Citrix inside our network externally accessible via w121eb https (443). Another service will be added to the DMZ (Exchange/O365) requiring ADFS & and ADFS proxy also using port 443 as well. Both services (the Citrix secure gateway & ADFS) will have separate subdomains but directed to that same IP, each with its own cert.
Now, I guess the question is: How (if possible) can we forward the public requests to the two services that hit our network on the same port (can't change the port on either), to two separate appliances with their own internal IP's internally?Our current appliance on the DMZ is an ASA 5505. Also could use a PIX
View 5 Replies
View Related
Mar 3, 2012
I have added an ASA 5510 to my network between the Internet and a Windows 2008R2 server running ForeFront TMG. Before the ASA was added, vpn clients using Microsoft Windows 7 vpn client using L2TP/IPsec connected to our vpn. After ASA was added, clients can no longer connect. I would like to know how to configure the ASA to forward the vpn requests to the ForeFront TMG server for authentication and access to internal network resources. Mail is forwarded appropriately through the ASA to internal mail server and Internet access for LAN users works just fine.
Topology:
ASA 5510 (outside interface is ISP IP address, inside interface is 192.168.1.1)................Forefront TMG (outside nic 192.168.1.2, inside nic is LAN gateway IP address).
I have altered the registry key of the client vpn pc's per Microsoft Technet URL
View 1 Replies
View Related
Jun 10, 2010
I have 2 1242AG APs setup with one SSID and no vlans configured. The APs are connected to a switch along with my DHCP server. Clients are able to connect to the SSID but are unable to get an IP from the server. Clients can plug into the switch and get an IP. If I configure a static IP on the wireless card, the client works fine.
Is there something I'm missing on the AP to allow DHCP requests to pass through? IPhelper?
Here is the AP info: AIR-AP1242AG-A-K9 12.4(21a)JA1
View 7 Replies
View Related
Feb 15, 2013
I have a school with 550 iPads. We are using two 5508 WLCs sharing the number of APs. The DHCP server and the default gateway for the network are on the firewall. The clients are able to get a DCHP. After some time, maybe about longer than a month, the clients are no longer able to get DCHP addresses. A reboot of both controllers takes care of this. Presently we are runing 7.2.110 OS. I am going to upgrade to the latest 7.4.100, and reload tonight.
View 1 Replies
View Related
Feb 15, 2012
I have a Linksys WAP200 Wireless-G Access Point problem. It is SW version 2.0.4.0. I have it configured for a small network and the problem seems to be that it is not forwarding DHCP requests onto my DHCP server. I know that it is not a SSID or Key issue as when I give my devices static IP addresses, they communicate fine within my system. The only issue seems to be when the devices make DHCP client requests. I also know that the problem is not my DHCP server as it has the device's IP / mac addresses in its configuration file and other wired devices are able to communicate with it to get their IP address through DHCP.
I have seen that there was talk in some blogs about WAP200 no forwarding DHCP requests and I was hoping that updating the device to the latest release would have resolved the problems.
View 3 Replies
View Related
Dec 15, 2010
We have setup a bridge between two of our offices using two WET200's in adhoc mode. Everything is connected fine and the signal strengh is good. All traffic pass's over the bridge correctly but DHCP requsts/replys seem to be failing to traverse the bridge. Our DHCP server is hosted on site A and the computers on site B fail to obtain thiers IP's from the dhcp over the bridge requiring us to use static IP's.Firmware is currently the latest.
View 1 Replies
View Related
Dec 7, 2011
I am trying out a DAP-1513 unit but there is no forum section for this? My question seems to be general and might cover the other models also. Do the DHCP request, from the attached LAN devices on the DAP, get pass to the DHCP "server?"
View 6 Replies
View Related
Dec 14, 2011
Cisco Small Business Switch POE ESW-520-24P with a Wireless Access Point Cisco Aironet AP1141. Both the devices are upgraded to the latest firmware.
Connected to the ESW-520-24P is a Windows 2008 SBS 2011 with DCHP and Domain Controller. Along with the server I have a number of wired computers connected to the switch which do not have any issues and connect to the DHCP server without any problems.
When connecting two wireless devices to the AP1141, they get the IP address and DHCP from the server; but when connecting other devices apart the first two they will fail to connect to the DHCP server and do not get any IP Address. They manage to connect to the Wireless access point but they cannot contact the DHCP server.
View 17 Replies
View Related
May 30, 2013
I have a sg200-18 connected via one of the ports to my ISP's router/modem. Using an unmanaged switch everything works as expected, but after a few days on my sg200 my two computers fail to get assigned IP's and cannot connect to anything. I also have a couple printers that seem to have no problems getting their IP's passed through to the router as I can use them fine from my machines when connected to the unmanaged switch.
Is there a possibility I don't have my switch setup properly to know that all outgoing data must go to the router, or UDP traffic is being dropped somehow?
View 7 Replies
View Related
Nov 18, 2012
We've got 5 remote offices with cisco 881 routers, Win Clients behind them and all routers connected via vpn site-to-site to central software router.
Mostly all clients recieve ip addresses from routers in their subnets 192.168.x.024
We have Win DHCP Server in subnet 192.168.181.024
The problem is that some of clients,physically sutuated in 192.168.10.024 subnet, recieve ip addresses from Win DHCP server from 192.168.181.024 subnet.
Here's part of cisco cfg:
interface FastEthernet0
no ip address
!
interface FastEthernet1
[Code].....
View 3 Replies
View Related
Apr 18, 2013
I'll start out with the fact I work mostly with Wi-Fi and not a lot in the security realm... If I plug my workstation into the 3560, my wired client adapter can get an IP address. But the WLAN adapter will not when associated to WLAN.Usually this is not a problem since you may only have two access points on the controller and a dozen or so hosts. In my case, however, I want to put a few of the ports on the 3560 into the same VLAN as the WLAN on the 2106 so I can give them the same guest access as the WLAN. The hosts plugged into the 3560 get an IP address without issue from the ASA. When I disable dhcp proxy, the WLAN clients get an IP address, but then the APs cannot get an IP address from the internal DHCP server on the WLAN controller, and cease to function when rebooted since they cannot get to the controller without an IP address.
Any way to configure the ASA to accept the modified DHCP packets from the WLAN controller? It appears to me that the ASA is not able to accept DHCP relayed packets.
View 21 Replies
View Related
Jan 10, 2012
I have two 3560x Catalyst switches setup between two different locations. They link via a PTP line (Layer 2). I have setup Intervlan routing between the switches and that works fine.Each location has a separate subnet and a Windows DHCP server for each subnet.I want to block any DHCP requests to be sent from hosts on one subnet to the DHCP server on the other side (i.e across the PTP link) What is the best method to do this?
View 5 Replies
View Related
Jul 18, 2012
I have several Cata 3500XL switches connected to one 1 HP L3 switch which is connected Sonicwall router. Vlan1 has subnet of 10.10.0.0/24 and Microsoft DCHP server lays inside VLAN1.
Now i want to add VLAN11 (192.168.10.0/24) as second data VLAN but DHCP requests should go to microsoft DCHP server.
This is what i did:
Configured VLAN11 IP on each cisco switch
IP default gateway with IP from other subnet (i guess this is bad since maybe it should be IP of VLAN11 on HP L3 switch?)
Trunk ports are configured to pass everything on cisco switches
On VLAN11 i configured IPhelper IP to be MS DHCP server on each Cisco switch
I haven't tested this yet but i have problem in process.I can't ping VLAN11 IPs between switches (i configured VLAN1 and VLAN11 with IP). When client plugs computer to a port that belongs to VLAN11 will i be sure that client will get IP from the 192.168 range or there is possiblity that he gets IP from the management VLAN range?
View 4 Replies
View Related
Dec 15, 2012
Setting up a stand-alone WDS/PXE server.Current we have helper addresses setup to forward the DHCP requests from the different VLAN's to the DHCP server. The WDS/PXE server we are setting up is on its server. How do we craft the helper addresses so DHCP requests go to the proper server hosting DHCP and PXE requests go the WDS server?
Everything I seen on Microsoft Technet, lists using Helper Address as the recommended way, but assume both services are on the same server. Our helper address is as follows on each VLAN interface in router: ip helper-address X.X.X..This is a Cisco 3750.
View 6 Replies
View Related
Feb 18, 2012
dhcp setting and port forward
View 3 Replies
View Related
Mar 29, 2012
I faced with issue on ME3800. [code] With that configuration there is no problem with DHCP Relay packets.But if I add on interface #xconnect 82.199.1 19.1 77 encapsulation mpls it will stop forward DHCP relay packets immediately. All other traffic transfers without problem.
View 2 Replies
View Related
Mar 18, 2013
I'm working on a project where a wi-fi client is tracked and located using RADIUS authentication requests. The problem I'm running into is that the WLC (5508) sends an RADIUS authentication request to my freeradiusd, which is ok so far, but if the client roams to another accesspoint (3602AG, 1131AG, 1252AG), the WLC does not send a further RADIUS auth. request - and the client is allowed to connect to the next ap.Is there an option like RADIUS-cache which I can disable, so that the WLC sends everytime an authentication request when a client tries to connect to an ap or roams from one ap to another one?
View 4 Replies
View Related
Jul 12, 2012
I am having connectivity/stability problems with wifi clients, using 14 accesspoints (Cisco AP1252). All wifi clients are impacted, no matter which AP they are associated with.
Symptoms :
------------------
- client associates to a ssid, everything runs fine
- all of a sudden, the client begins having problems contacting certain LAN servers, while others still work.
- after a little while, situation comes back to normal
After hours (and days..) of testing and troubleshooting, I have nailed the problem to be at the AP1252 level. When the client experiences problems, he does not receive Broadcast traffic (thus, he cannot respond to the ARP requests from the server he is trying to contact).
While the client was experiencing the problem, I have configured a port on same switch, to act as a monitor port for the AP he was associated to at the time : it seems to me that the accesspoint DOES receive the broadcasts ARP at all times. Only sometimes it prevents them from reaching the wireless clients.. I did a tcpdump on 2 different clients who were associated to the same accesspoint : both were not getting the broadcasts from the lan.
Tcpdump arp from a wireless client (172.30.2.32) :
View 2 Replies
View Related
Jul 5, 2012
I have 5x WAP4410N Cisco access points, the wireless is not responding to join request from wireless clients and i can only access the admin page from the LAN side.
reboot does not work the only way to make it accept join requests is by changing parameters in the AP and save it, it will work for few hours then stops again.
I cant seem to be able to open a TAC case.
View 1 Replies
View Related
Jul 23, 2012
I am using a linksys wrt600N with easylink advisor version 1.6.0042. I am trying to install a video camera and the instruction manual says under "known issues": LinkSys routers have a factory default setting in the firewall menu called "filter anonymous internet requests". If you want to access your camera from the internet you have to uncheck this option."I see this option in the WRT600N manual, but it references a software choice that I don't have.I have gone to the website and downloaded the latest compatible software version, and I still don't have the choice to uncheck this option.
View 2 Replies
View Related
Apr 18, 2013
I am looking at buying the EA6500 router. However, before I make the investment into buying this router, I need to know some basic information first.
1. I want to setup the EA6500 to accept FTP requests to my Windows Home Server. Yes or No?
2. Remote access to the EA6500, Yes or No? i am aware of the security risks
3. I need to setup Port forwarding on the EA6500. I assume I can?
4. Manage a Kindle Fire and other wireless devices?
View 5 Replies
View Related
Jan 4, 2012
client is unable to establish a connection to the backend servers via the vip on port 389 ,636 configured that servers are listening on these ports .even the probe is successful on port 389 but not getting any response back from the servers. [code]
View 1 Replies
View Related
May 14, 2012
We have a router (7206) which connected to client device in /30 IP segment, but this device is a switch which connected to many more devices. Doing packet capture on our router interface unravel many ARP requests whcih comes from the client switch. Is there any feature or command which we can stop this?
View 4 Replies
View Related
May 14, 2012
We have a router (7206) which connected to client device in /30 IP segment, but this device is a switch which connected to many more devices. Doing packet capture on our router interface unravel many ARP requests which comes from the client switch.Is there any feature or command which we can stop this?
View 3 Replies
View Related
Jul 17, 2012
how many clients simultaneously associate with Cisco AP 1252G.. right now when I try to connect more thn 25 rest unable to access the AP. Clients (smart phones plus laptops) are using 802.11b/g standard.
View 11 Replies
View Related
Jun 5, 2013
Please find attached a simple BYOD/ISE document I uploaded to kick start my new Wireless setup. Its all configured on my ISE sever and Controller as per doc.My setup:
-3600 AP's
-Internal 5508 Controller
-DMZ 5508 Controller (acts as a DHCP server for wireless clients)
Controllers have established connectivity (mobility acnhors), as a client I can connect fine to my new SSID get a DHCP IP address back from DMZ WLC and at the moment can connect out to the Internet fine (using no WLAN Security as a test). So this part is working.I have now followed the document configured ISE, enabled AAA on the Internal WLC only and used the AAA override setting on WLAN as in the attached document.I connect to SSID expecting to be redirected to my ISE Guest Portal, nothing happens other than connecting to Internet WebPages.My question is, if I have followed this document correctly why is the Internal WLC not redirecting client requests to ISE, is this because my mobility anchors need to be re-configured, perhaps the AAA/ISE config needs to be applied to my DMZ WLC not internal WLC?
I would prefer the Internal WLC to redirect the login to ISE, doesn't make sense to traverse through the DMZ Firewall onto DMZ WLC back into the Internal Network again to the ISE to authenticate.Or am I missing something additionally to this document to make sure clients are directed to the ISE Guest portal login.
View 3 Replies
View Related
Apr 4, 2012
We have a 25Mbit connection comming in through a cable in the basement, going through a modem that is connected to a RVS4000 small buisness router on the first floor, that acts as the single NAT. Connected to that in parallel we have 4 wireless b/g or b/g/n routers of various cisco/linksys models, one for each floor, each with DHCP disabled.Over the last few months there have been some issues with the router and I'm curious if there is anything that can be done to solve them.The firmware of the router is the latest at the time of this writing, V2.0.2.7
1. The router will occasionally lock up and completely stop responding to DNS requests. Attempting to open a website will result in browsers giving their standard 'DNS Lookup Failure' messages. The router will also become completely non-responsive when trying to access it via its IP address (standard 192.168.1.1). No username/password dialog appears.However oddly enough IRC and other chats like skype will still work fine.Restoring Factory settings has not worked. This issue has gotten to the point where this happens about once a day. Restarting the router will fix the issue. While I think the issue may sometimes resolve itself, it could also just be one of the other people in the house restarting it manually.I'm assuming that the router is to blame here and not the cable modem in the basement or the DNS server of our ISP, mostly due to the fact that the router becomes unresponsive and won't let me log in as admin when this happens. also restarting the router, not the modem, seems to fix the issue.
2. The router's log is always empty Specifically I have enabled 'Output' and 'Local Log' as you can see here:
3. Issues with some people hogging bandwidth With 25 people and a 25Mbit connection each person in the house should effectively get about 125KB/s of download speed, especially since not everyone is always using bandwidth. However it can happen where one person is, often without knowing it, hogging a large chunk of bandwidth and slowing the network down for everyone, such as downloading multiple large files from different sites, streaming high-quality video, etc.I would like to know if any of the following might be possible to do with this router: See the bandwidth usage per individual MAC or IP address on the network over timeLimit the amount of bandwidth a specific MAC or IP address can use. Make the distribution of bandwidth more fair when a few people are using far more of it than other people.
I have at times resorted to limiting P2P via IPS in the past, and of-course that does work somewhat, but that's not ideal. I'd much rather just know who is doing it, and specifically by how much they are slowing other people down. While the IPS page will list the IP addresses of those trying to use P2P when it's disabled, there is no way for me to really quantify how much bandwidth they'd be using otherwise, and this doesn't at all include things straight-up HTTP downloads.In any case, this router should easily be able to handle ~25 simultaneous connections, right? Are there any settings that I should make sure to enable or set to distribute bandwidth more fairly, given the setup we have?
4. The IPS report chart is not readable.This is a bit of a nit-pick, but the IPS report chart is basically not readable because the colors used in the key are identical in color. Can you tell the difference between the colors of 'Network Traffic' and 'Attack Counts' in the key at the top? They could have used any two colors that are at least somewhat distinguishable, even light grey and dark grey would have been better, not magenta and another magenta.
View 7 Replies
View Related
Mar 17, 2011
I am using ACS5.1 connected to WLC (v7.x) and frequently see host auth requests in the ACS logs. I am not interested in seeing host auth requests at all. Is there anyway just to ignore these.The issue is that these will always fail. If I enable the lock out facility within WLC and a host continually tries to auth the WLC will lock-out that mac address meaning that when the user is ready to connect with their own credentials they are unable to as the WLC is blocking that mac address from connecting to the wireless network.I tried disabling the 'process host lookup' option, but this apparently only changes the type of request to appear like a standard PAP auth request which again fails, filling up my RADIUS logs and stopping me from enabling the WLC lookout feature.So, as I say, I want to simply ignore host requests. I have no control over the end points so am unable to go and update config etc of these devices.
View 4 Replies
View Related
Oct 30, 2011
I'm using Cisco VPN client 5.0.7 and Cisco ASA 5510 (7.4 and 8.4.2) VPN RAS solution. Clients are authenticated using certificates and AAA RADIUS (ACS 3.3) and AD.Each time, when client connects, ASA issues 2 RADIUS requests, first - correct one which is successfully authenticated by ACS and immediately - second which always fails. I couldn't find any information related to this strange behaivor. "Double authentication" feature (most likeable to its name) is accessible only to Anyconnect clients which we don't use. When I'm authenicated using group password, there is only one RADIUS request.What is the source of such behavior?The negative impact is that my logs are filled with spurious failed auth attempts, and users are incrementig failed attemps counter in AD.
Debug from ASA:
----First request----
RDS 10/24/2011 16:16:01 D 0232 14884 Request from host 172.16.8.1:1645 code=1, id=22, length=145 on port 1025
RDS 10/24/2011 16:16:01 I 2519 14884 [001] User-Name value: user1
RDS 10/24/2011 16:16:01 I 2519 14884 [002] User-Password value: B2 A9 D0 2D 15 5F B8 BB DB 1E 3A 38 F5 24 72 B5
RDS 10/24/2011 16:16:01 I 2538 14884 [005] NAS-Port value: -1072693248
RDS 10/24/2011 16:16:01 I 2538 14884 [006] Service-Type value: 2
[code]....
View 2 Replies
View Related
May 24, 2011
My friend is invisible to ping requests. I know he is online because he is on my Gtalk friend's list. This is because he is using Windows 7. Earlier, when he was on Win XP, he responded to ping requests. He said that he didn't mess with the firewall settings. Therefore this feature comes default with 7.I'm using XP and I don't want to change to 7 right now. Can I get this feature?
View 5 Replies
View Related
Aug 4, 2011
I have Cisco 881g with 3g.I can;'t find any documentation about sending USSD requests from 3g module.is it possible to send USSD request ?
View 0 Replies
View Related