|
On a similar topic of CrazyLittle's last issue, can I use a voice card in all of the slots of a 1760 router? I've got three fxo cards I need to install in a router. The last two slots are marked for voice only, but I wasn't quite sure if I could use the second slot for the remaining VIC.
|
# ¿ Feb 25, 2008 16:34 |
|
|
# ¿ May 15, 2024 13:43 |
|
CrazyLittle posted:What're the requirements for using the voice features on a card? Could I just toss a VWIC-2MFT-T1 in an 1841 router and use one of the channels as a PRI? Sorry, I'm not sure if you're asking your own question or making a suggestion! If it's the latter, we have a T1/PRI VWIC card in the first slot of the 1760. I have three FXO 2 port vics just sitting around from a previous build that whoever did it never used. My boss wants to add 6 analog lines for call manager to expand the amount of channels and avoid the possibility of a rapid busy.
|
# ¿ Feb 27, 2008 03:26 |
|
Do we have a CallManager M.D. in the house? Can anyone explain to me how partitions and calling search spaces relate to translation patterns?
|
# ¿ Mar 12, 2008 14:57 |
|
I haven't taken it, but I am working through the material via the Sybex CCNA book instead of any Cisco press books. You can purchase a special set which comes with a net sim. I believe it's pretty much restricted to the labs, but it probably has some use. If you're looking for real equipment, a couple of 2940/2950/2960 switches plus a few lower end routers with two ethernet ports per router and capable of doing EIGRP should be sufficient for most of the material I'm working through. Again, I'm not using the Cisco press books so I'm not sure how that might effect requirements.
|
# ¿ Mar 28, 2008 22:51 |
|
Reefer Inc. posted:Obviously you're not going to get the performance of a real router, but it's a million times better than any simulator. I'm pretty sure there's some discussion about it earlier in this thread. As was mentioned earlier in this thread, there is no switch emulation. You can add a switch to your topology, but that's about it.
|
# ¿ Apr 1, 2008 17:46 |
|
We're looking to buy an rear end load of mobile computer labs(laptop carts) and by the grace of god it looks like we're going to buy cisco wireless APs and a WLAN controller instead of a stack of dlink access points or something along those lines. Any suggestion on books/websites to get up to speed with Cisco's wireless environment?
|
# ¿ Apr 9, 2008 02:39 |
|
jwh posted:Can you have somebody fund a pilot ahead of time? We just got a lot of Cisco's lightweight wireless stuff in a few months back, and I haven't been very impressed. If you're only buying a single controller, be advised the 2106 will only support 5 AP's I think, and only provides PoE on two of it's 8 ports. As what jbusbysack said, I was under the impression that I can inegrate the WLAN controller into my LAN, and run the APs off of POE switches. If there's one thing we have now, we have a poo poo ton of available POE ports. We really have to go wireless with these laptop carts, regardless of manufacturer, so that's the scope of this wireless project. We're not doing all of our schools, or even all of the school where these carts will live. In essence, this is almost like a pilot program. I'd prefer to stick with Cisco instead of rolling out cheap consumer grade APs and management seems to agree. According to what is being spec'ed out(which I wasn't involved with at any high level, but will of course be tasked to maintain) is a 4400 series controller and 1131 APs.
|
# ¿ Apr 9, 2008 18:18 |
|
Here's a dumbass moment, courtesy of myself. I needed to daisy chain two 2950 switches via the gig ports. I could not get a link light. I tried changing the port configurations over and over. I tried wiping the switches to factory defaults. I even considered there was a bug in IOS and almost upgraded that. In all I spent about an hour trying to trouble shoot the issue. Turns out I was using a standard patch cable when I really needed a crossover. The worst part was that I knew I needed the cross over.
|
# ¿ Apr 17, 2008 16:47 |
|
The funny thing is the cheapest bunch of switches they have, the express switches, do just that. Or maybe they don't and ether/port channel handles that....
|
# ¿ Apr 17, 2008 17:35 |
|
How does everyone here use to keep track of your configs? CVS? Does cisco have any tools to make archiving configs more stream lined that cutting and pasting?
Boner Buffet fucked around with this message at 13:47 on Apr 29, 2008 |
# ¿ Apr 29, 2008 13:24 |
|
Well then, I guess you all wouldn't mind if I brought this up then? I've been working on trying to get rancid running on a SLES 10 box and I'm getting this error in rancid/var/logs: code:
|
# ¿ Apr 29, 2008 17:01 |
|
Just got rancid running after a half a day of irritation and swearing. I like dicking around with *nix, but it can really drive me up a wall with some of the vague documentation. Also, I hate pipermail!
|
# ¿ Apr 29, 2008 20:30 |
|
I have a question that might not necessarily be cisco specific but I figured you all are the people who would answer it anyway. We have had issues with our internet access lately. Unfortunately, dumping the provider is not a possibility due to political reasons. To cut to the chase, I want to be able to either load balance or use another service to eliminate downtime. I'd like to possibly leverage some of the more "consumer" oriented connections that we get for free, to maintain our ability to access the web. I'm under the understanding that without using BGP and creating an AS, email and other internet services would go to poo poo, but I'd like to be able to maintain web traffic without having to go reconfigure anything manually in the event of a failure with our main ISP. Is this possible?
|
# ¿ May 21, 2008 15:40 |
|
By the time the end of the summer rolls around, in our server room where most of these connections will terminate, I'll have the following available: - 4507R - ASA 5510 - 2800 Series router which is going to be a voice gateway between our Voip and legacy PBX phone systems. It will also be taking a PRI or two in the near future as we eliminate the legacy PBX system. - A stack of unused Catalyst 2950s - A linksys router.
|
# ¿ May 21, 2008 16:17 |
|
I'm under the impression that I needed to use BGP to create an autonomous system which would allow to build redundancy into my network as far as internet access, inbound and outbound, is concerned. So our mail server, webserver, and a few other services are registered in DNS with public IP addresses provided by the ISP. If I up and switch the ISP, those public IP addresses will no longer "be ours". But I can still use the new connection to outbound web requests for internet surfing. Am I wrong in this line of thought?
|
# ¿ May 21, 2008 23:18 |
|
H110Hawk posted:Or, you know, just throw a pile of 6500 series chassis into a room with various sups and line cards, then see what they can get routing! Why would you suggest that? They're cheap pieces of crap!
|
# ¿ Jun 19, 2008 21:24 |
|
Does anyone use putty for serial connections? When you "sh run" and space through on a switch with lots of ports and settings putty will choke on itself and lock up. From what I've read so far, it's a known problem but apparently fixed in 0.60.0.
|
# ¿ Aug 26, 2008 17:57 |
|
jwh posted:This is not the IP address on the 2600's Fa0/0, and I didn't think the 2960 could act as a layer-3 router. I thought the SVI interfaces on the 2960 were mostly for management purposes. I could be wrong about this. I don't think it can either. I might be off with this, but this might be a router on a stick situation. I'd think he wants the gateways to be the router's sub interfaces. Just a question though, why both RIP and EIGRP?
|
# ¿ Sep 5, 2008 03:56 |
|
jwh posted:Yerp- default int se0/0 poo poo! I can't believe I didn't know or never bothered to look for this command. Thanks!
|
# ¿ Sep 25, 2008 20:54 |
|
I'll preface this by stating that this is a really nebulous question/situation, but I thought I might get an idea or two of how to start attacking this issue. The hardware involved is an ASA 5510. I set up a VPN account for one of our vendors to access some internal server for support reasons. I have tested it from an internet connection outside of our network and even at home and everything works fine. The vendor, however, cannot connect properly. They can attach to our network via the VPN, but once they are attached, they are not able to RDP to the servers they would be supporting. Originally I set up access lists so that they would only have direct access to those servers. My next step when they claimed they couldn't connect was to take the ACLs off. That didn't help matters either. Seeing as I have no problems accessing the resources via the VPN connection and the vendor can even attach to the VPN(just not the resources), I'm at a bit of a loss on how I can start to trouble shoot this... help!
|
# ¿ Nov 6, 2008 21:07 |
|
inignot, they cannot ping the servers. Again, I can ping them when I test it. I can't help but wonder if something on their end is butchering the packets. They claim that they have no problems with other clients.
|
# ¿ Nov 6, 2008 22:33 |
|
Syano posted:We only have about 10 total routers in our organization and really cannot fit in our budget tools like Solarwinds. Does anyone have any suggestions on something that could help us backup configs and reload them if necessary? I'm not sure about reloading routers, but I figure that's not something you're doing often. For backup purposes, check out Rancid: http://www.shrubbery.net/rancid/
|
# ¿ Jan 14, 2009 16:06 |
|
jwh posted:1131AGs are hot little radios- they're picking stuff up at over -90 rssi that's far, far away. They literally run hot too!
|
# ¿ Jan 20, 2009 21:53 |
|
Speaking of load balancing, does port-channel(lacp) automatically load balance or are they in some sort of active/standby mode? I'm having trouble finding an explanation in the docs.
|
# ¿ Feb 5, 2009 21:50 |
|
para posted:I think that LACP and PAgP just negotiate the etherchannel. Once a channel is up then it's a standard 'port channel' link and they automatically "load balance", if I recall correctly, but it's not a true bit for bit load balancing. It does some type of weird load balancing where it can use bits from the source mac, dest mac, or source and dest IP address. It then can XOR those bits to determine what link in the group to use. It's explained in the Cisco Press BCMSN book in chapter 7, if you have it. Good find. Thanks for the link.
|
# ¿ Feb 6, 2009 04:50 |
|
How do you guys work your vlans in regards to servers? Do you have dedicated server vlan(s)? Do you let your server talk outside of their vlan unabated or even get out to the internet unabated?
|
# ¿ Feb 11, 2009 20:41 |
|
Powercrazy posted:Whats the point of Vlans? Just run layer 3 everywhere. What?
|
# ¿ Feb 12, 2009 16:01 |
|
bort posted:What's to not understand? Awesome. My network is much faster now. I should probably run layer 3 on my VWICs too.
|
# ¿ Feb 12, 2009 18:41 |
|
Using a WLAN 4400 series controller, what's the difference between using a GUEST-LAN WLAN and a normal WLAN? I'm under the impression that for the GUEST-LAN I'll still have to build the ACLs for the VLAN just as I would with a normal WLAN? Is it just a matter of having the web authentication presented?
|
# ¿ Feb 13, 2009 21:58 |
|
I'm working on building a "guest" WLAN. The WLAN has it's own subnet and associated VLAN. Would you all suggest building the ACLs on the controller or on our core switch?
|
# ¿ Feb 17, 2009 17:46 |
|
Syano posted:Speaking of controllers, at what point does one make sense and where do you put it? Physically? I have ours racked in the same rack as our 4507R core. It's linked up to a gig port on the core. Yes, a controller can handle that many APs, but you have to make sure you get one that will support that many. Our 4400 supports up to 25 with multiple SSIDs and all that. jwh posted:Well, I assume you're using Cisco LWAPP gear- are you talking about the pre-authentication ACL, or the post-authentication ACL? The WLCs have the ability to provide for both. Post authentication...I think. I'm thinking a simple WEP key for the guest wlan and an ACL that will only let the clients get outbound to ports 80/443/53 for simple web browsing. Whe we have auditors or presenters, many want internet access and I thought a locked down VLAN would be the best bet. The WEP is merely in place to stop any accidental connections since a couple of our building are within close distance to residential areas.
|
# ¿ Feb 17, 2009 19:04 |
|
routenull0 posted:At least run WPA. Good call. WPA2 is a no go because it seems that some versions of Windows will not support that. Most have plain WPA support.
|
# ¿ Feb 17, 2009 19:21 |
|
jwh posted:I'd build your access control where it's easiest for your to administer. That might be the controller, or it might not. We have few instances where we actually need guest access, but enough to make my life easier if I come up with a straight forward way to authorize certain people using some sort of basic authentication. I'm mucking around with web authentication using a 'local net user' I entered into the WLC's web tool. I have a couple of questions if you have a spare moment: - If I use web authentication and just have a generic local net user, I'm assuming then that I don't need to put encryption on the GUEST wireless lan as it won't let me do anything outside of DNS lookups before I authenticate via the web? If that's the case, I'm not understanding what the preauthentication ACL would be used for then. If the user can't do anything after associating with a WLAN but before web authentication, then why would you need the preauthentication ACL? - From then, I really want to set the ACL at the interface I created? That would be consider post-authentication at that point. - Is what I'm proposing any different than creating a WLAN with the "Guest LAN" option checked? Thanks
|
# ¿ Feb 17, 2009 22:02 |
|
jwh posted:My lab SSID is actually WEP+Webauth currently, just because I wanted to broadcast the SSID, but I didn't want people joining it by accident. That is one of my aims as well. quote:Well, that's what depends- as near as I can tell, if you're doing an external portal, you need to craft the preauth acl to allow that traffic to make it to that destination, otherwise the WLC will stomp it. I've never tested an external authentication portal though, and have no idea how it works. I guess you could craft a preauthentication ACL to also allow for some traffic unauthenticated, if you wanted. To answer your question, however, you don't "need it". The WLC onboard portal works fine without specifying a preauthentication ACL. That makes sense. I'm sticking with the onboard portal. quote:Right, if you go into your WLC, under Controller -> Interfaces, you'll have the option of applying an ACL to an interface. You need to build the ACL first in Security -> Access Control Lists -> Access Control Lists. Whether or not you want to manage your ACL on the controller is up to you. Personally, I think the way the WLCs craft ACLs is kind of wonky, but if you don't need a lot of ACLs, it could work for you. The other WLANs, all one other thus far anyway, are considered trusted so I'll rely on switch level access lists for those. The guest wlan is a bit of an oddball so I'm going to try and leave the ACLs at the controller. Sounds good in my own head anyway. quote:Not really, I guess. The onboard guest portal is pretty nice, so I'd use it if you can. No sense reinventing the wheel, right? There's a guest lan check box when you create a new interface on the controller. I'm still not clear on what that option does. The doc I read didn't make it entirely clear. Guess I have to do some more digging.
|
# ¿ Feb 18, 2009 00:15 |
|
Yes, you can use the 350 at home. Other than being an older card, there's nothing really special about it as far as I know. WPA2 might not work however. If that's what you're running on the AP/router at home, that could be the issue. The data sheet mentions WPA but nothing about WPA2. Someone else here might have a better answer for you though. https://www.cisco.com/en/US/prod/collateral/wireless/ps6442/ps4555/ps448/product_data_sheet09186a0080088828.html
|
# ¿ Mar 2, 2009 03:57 |
|
Here's a strange one I'm scratching my head with. I want to configure one of our 4507s to grab it's time via NTP from an outside time source. From there, I'll configure ntp on all my servers to pull from the 4507. Name resolution is up and working on the 4507. When I enter the following command: 4507<config>#ntp server otc1.psu.edu source vlan 1 I receive the following error: %ERROR: Standby doesn't support this command % Incomplete command. The switch has redundant supervisors, which I think standby is referring to. I can't find the error mentioned on cisco.com or as a plain google search. Anyone have any ideas?
|
# ¿ Mar 10, 2009 23:07 |
|
I'm configuring it via telnet, so it just hits the active supervisor. The error occurs when I put the command in, not when I save the config, which in hindsight would probably mean the standby supervisor doesn't have anything to do with it. Just for the hell of it, I just grabbed the IP for otc1.psu.edu and it allowed me to complete the command. I would think it would be able to resolve that hostname. The error I posted about wouldn't lead me to believe there's a resolution error.
|
# ¿ Mar 10, 2009 23:23 |
|
Do you guys struggle with the language barriers with TAC? With the exception of one time, my issues get sorted out. But I feel it's taking much longer to get to the solution and that the language difference is a large part of that. An example of that would be when I explain a symptom to the engineer. I'll get a response of "yes" or "sorry to hear that" but I'm never really sure if they understood what I was saying.
|
# ¿ Mar 18, 2009 19:32 |
|
On a 4400 WLAN controller, if you have aggressive load balancing enabled and the window set to zero, does load balancing between APs occur automatically? The docs aren't clear to me about this.
|
# ¿ Mar 23, 2009 18:38 |
|
|
# ¿ May 15, 2024 13:43 |
|
It says it's enabled. I thought zero might be the default. I didn't do the initial setup of the device myself, but I know nothing fancy was done when it was first setup.
|
# ¿ Mar 23, 2009 19:09 |