H - HARVEST in central auth and local switching has any backup auth method?
Hello
In REAP: solution with central authentication and local switching, do we have any fallback, authentication method in the case of the controller failure or WAN link to controller fails. As authentication WPA/WPA2 PSK for LWAPP REAP H in stand-alone mode.
Thank you
Arun
What guarantees do you intend to use?
If you are using PSK, you're fine as the live keys on the AP. So if you lose the controller, customers will always authenticate. If you use 802. 1 X, it's another story.
Tags: Cisco Wireless
Similar Questions
-
H - HARVEST and local switching issue (LAN)
Cisco documentation indicates that H-REAP is designed for WAN environments, but I'm interested in the use of REAP H and local switching in a LAN environment. Basically want to control and data + auth traffic are separated.
Also because the controller is local that I have to use H-REAP, I can just do local switching?
Does anyone have experience with this? All suggestions, feedback will be much appreciated.
Hi Mohammed;
Yes, local switching is a sub-feature of REAP H so it must be HREAP to local switching.
The only advantage that you find using the local switching without WAN is that you don't need a big connection to the WLC since it will not process the data traffic, so you can plug a port of the WLC only. Depending on how your network look like, enlighten you really the network between APs and WLC, because traffic goes directly from AP to the destination, without transiting by for WLC.
On the other hand, you lose the advantage of having a roaming and similar advantage brought by the WLC couche3 WLC.
-
Backup and restore cannot find any backup sets.
I had to reinstall windows 7 prof 64 using the original recovery partition and want to restore my data files that I had backed up using the backup and restore windows. The files are on a network drive. "When I run the restore I have 'Browse' the network choose the folder labeled" backup files aaaa-mm-jj xxxxxx "but it comes back with the error message: Windows could not find the backup sets on \\xxxxx please select a different location.
Early research indicated it could be a permissions problem and the network drive is not a Microsoft Windows type disk I copied the folder and all the files on my C: drive and checked that they were all showing all permissions to all the users/system/everyone etc. I tried again. Same result. I tried now selection of locations right differnet down the folder hierarchy (for example: in 'Catalogue' records and individual records date) but still get the same message.
I realize that I could go in the individual zip files and restore everything manually, but the backup set has 9 different files and 525 zip datr files each with a tree long through the files of the hard disk C: before getting to the part of My Documents with data.
It would be so much easier than Microsofts back/restore program does what it is supposed to do. The only references I found in the web site of Support MS concerned questions of authorisation and in ensuring that the original folder is in the format "Yyyy-mm-dd of backup files xxxxxx" I've done both.
Any help gratefully received.
Larry Gru
Original title: restoration of Windows can't find the backup sets
I solved the problem. It seems that, for a new installation (reinstallation of the operating system), it is necessary to set up a backup to the location of the original backup. After saving the new facility in the same place as the old backups, older backups are available to be applied.
-
WLC5508 problem with dhcp and flexconnect local switching
Hello
I have a new WLC 5508 with firmware 8.0.133.0 (suggested one right now) and I'm trying to set up a WLAN with flexconnect and local switching, but when I try to connect a client it is not getting an IP address.Here's what I did:
-put the AP mode flexconnect
-support vlan in the AP has allowed
-local switching license and only in wlan
-spread the vlan from AP to the local gateway
-put the IP helper on local and pointed the wlc management ip gateway
-set up a scope for the vlan Server dhcp internal WLC
-set up a working group with the vlan-wlan association flexconnectHere is what I checked:
-l'AP obtains an IP address in dhcp in the vlan, and a lease for that appear in the DHCP Server internal to the WLC
-If I put the interface vlan on a switch in DHCP it gets the ip address of the same way
-If I set the static IP address in the wireless client it ping the local gateway and navigate normally
-J' tried the deactivation/activation proxy DHCP in the management connected to the WLAN interface, but nothing happened
-J' tried Central DHCP activation of treatment with no luckIt seems a dhcpdump on the wireless client client ask for an IP address, but get no response, as if it were the DHCP request is be filtered or diverted somehow.
All you other ideas?
DHCP on the controller is not a real dhcp server, see it that way. The management interface is used when defining aid ip and proxy dhcp must be enabled for internal dhcp. In your configuration, dhcp only works for the AP and should not work for any cable customer. You should be able to use the IP helper pointing to your WLC management interface but also make sure that you create an interface on the WLC for the local subnet and assign the interface to a correct address, even if it is not actually using it. Then in the new dynamic interface of this local subnet, you create, make sure that the primary dhcp is the ip address of the controller management. I think it works.
I would really use a true if possible dhcp server or even put a dhcp scope on the interface of L3 on the production site.
-Scott
Please evaluate the useful messages *.
-
Question about router 72XX and LAN switching
Hello 2Tous
There is a 7204VXR/NPE-G2 router, our client wishes to ensure the transparent flow of about three hundred vlan via the router, switch functionality as trunking switchport allowed vlan xxx, yyy, zzz. Given that the router is not broadcast a vlan and for the 72xx series, I have found no commuting port adapter, is it possible to meet the demand of customers without having to install additional standalone switch.
Hello Sultanov,
> our customer wants to make sure that the transparent flow of about three hundred vlan via the router,
You can use vlan based on IP with L2TPv3 transport
See
http://www.Cisco.com/en/us/docs/iOS/12_3t/12_3t2/feature/guide/gtl2tpv3.html#wp1043064
However, I'm seriously worried about the amount of traffic that the customer is supposed to move around on the links:
a NPE - G2 can handle 500 Mbps of traffic full suplex between two GE ports.
And sharing 300 VLAN between two sites look as inappropriate.
Be aware of this, L2TPv3 should be able to carry the frames of the 300 VLAN between two sites on an IP network, but traffic levels must be controlled in some way or the router the Wan link can be submerged
Edit:
If the customer wants to take over the 300 VLAN locally within a single site, it is a work of lan switch and I would use one (C4500 or better) with a link routed to the C7204 that act as router WAN
L2TPv3 could support local switching but this has an impact on performance (traffic not called twice by the router)
Hope to help
Giuseppe
-
NSX design with cisco UCS/fabric interconnects and Nexus switches
Hi Experts
I am new to NSX design and deployment and working on a project. We deploy NSX for applications of level 4 (web, app, db, DC). I use logic, DLR, ESG and DFW switches. I next we intend to use roads static confusion..
1. do we cover all the VLAN from the virtual to the physical environment? for example mgmt VLAN, level vlans(web,app,db), vxlan transport vlan or it should be only a VLAN specific? which means would be I have set all the VLANS in environment NSX in my physical switching environment?
2 vds? don't we create not only 1 vds initially during the deployment of vcenter or more? Should we take any special consideration while deploying to the deployment of the NSX?
3 static routes - we configure static routes on the DLR and the GSS? Should I use the default routes upstream? on the physical router should we be routing all subnets from virtual environment to the GSS.
4. where and who should create virtual machines? Via vCenter or before the deployment of the nsx NSX?
5. we have a level of domain controller. Should it be part of 3 or separate applications with allow any any rule on DFW?
Thank you
Sam
(1) the VLANs which exist for physical Machines span the logical switch VXLAN NSX in the following cases:
- If the current deployment there are physical Machines in the same Vlan and subnet IP with Virtual Machines. If this common Port Vlan group is migrated to a switch logic VXLAN Backed port group and not possible to change the IP addresses of the virtual machines, and then a bridge DLR (Distributed logical router) works as the conversion between Vlan physical and virtual VXLAN
- If Conversion of P-to-V of the physical Machines continue on this Vlan
VLAN which cover only the virtual machines or virtual local networks which cover only physical Machines must not be delayed.
(2) for the deployment of the NSX, there may be more than 1 dVS or only 1 vDS according to the design. There may be another type of traffic other VXLAN base of virtual machines such as backup, storage, VMotion and the overall design, management, best practices apply here as well. A requirement of the NSX is a common VDS that spans the entire Cluster. For each Cluster, this "common VDS' may be different. Yet once this VDS maybe a separate VDS dedicated VTEP or VTEP features functionality can be added to the existing VDS. It may be best to separate the VTEP vDS.
(3) for the DLR, a default gateway is usually sufficient. If static routes are used, the GSS must then drive by default upstream and the static routes with the next hop of the DLR downstream for the subnets in the subnets IP VM logical switch. On the physical router static route to the VM, but also DLR - ESG logical subnets Subnet switch is required. Management of static routes is easier if route summarization is possible, or if necessary, close to the IP subnets, so it may be a good idea to use the dynamic routing such as Ospf or BGP protocol. There are also features of IP address management in Vrealize and other IPAM solutions if Automation is necessary for large and dynamic environments.
(4) NSX has no functionality in the creation of the VM, it only creates Services network such as switches, routers, Firewalls, Load Balancing. The creation of the part VM continiues the same way as before. A point to note is maybe the logic is created appear as VXLAN named port groups on the VDS. NSX Manager creates groups of ports on the VDS, the only difference is that the name includes VXLAN. The virtual machine is like before added to this group of VXLAN Backed Port settings, or added to the logical switch from NSX Manager interface that appears again as a Plugin for VCenter. VCENTER is so point to create virtual machines and add these VMs to the logic is.
(5) level of domain controller can be a separate layer, or other third party, may be preferable to upgrade separated except 3 applications. Usually, it's the same design without NSX. dFW rules can help protect the domain controller with allowing only ports of the virtual machine or physical Machines being admitted. dFW rules can apply to VXLAN based logical switches NSX so that VLAN based DVS Port groups because it's the kernel module.
-
In regard to the global inventory and local inventory
Hello
What are the inventory we need to define before installing R12.1.1 on any platform.
IAM describing how I installed the R12.1.1 applicatain on linux dilated.
I PUT one PLACE of the INVENTORY IN THE /etc/oraInst.loc
THE OWNER OF THESE PREMISES, THE INVENTORY IS ORAPROD (ORACLE USER).
I GAVE THE 777 PERMISSIONS TO THE FOLDER OF THE INVENTORY.
I STARTED THE FAST OF THE ROOT USER INSTALLL.
OWNER OF DATABASE SPEICFYING - ORAPROD LEVEL.
SPECIFICATION OF APPLICATION TIER OWNER - APPLPROD.
I FINISHED THE INSTALLATION.
EVERTHING WORKS FINE.
WHEN IAM TRYING TO RUN THE OPatch lsinvneotry of the AS10.1.3 House.
HIS WATCH IS NO INVENOTRY.
Show that I JOINED THE NEW INVENTORY in the/etc/oraInst.loc.
I run the runinstaller to join the House of AS10.1.3 House.
the same process as I did to the AS10.1.2 House.
the location of the inventory is the same for the AS10.1.2 and the AS10.1.3.
I mean that's my confusion
What is the use of the global inventory.
What is the need of local stocks.
When and where we need to put the local inventory.
When and where we need to put the global inventory.
HOW MANY LOCAL INVENTORY MUST SET UP DURING THE INSTALLATION THE INSTALLATION OF R12.1.1.
Please provide information about the local inventory and the overall invenotry.WHEN IAM TRYING TO RUN THE OPatch lsinvneotry of the AS10.1.3 House.
HIS WATCH IS NO INVENOTRY.
This patch you are trying to apply?
Did you source the file correct env? What is "echo $ORACLE_HOME" returns?
What is the use of the global inventory.
What is the need of local stocks.
When and where we need to put the local inventory.
When and where we need to put the global inventory.
HOW MANY LOCAL INVENTORY MUST SET UP DURING THE INSTALLATION THE INSTALLATION OF R12.1.1.
Please provide information about the local inventory and the overall invenotry.
All you questions are answered in these documents.
How to find the location of the GLOBAL stock and LOCAL stock on R12.x? Need for clarification Oracle inventory [ID 878717.1]
How to create, update or re-create the central inventory of the Applications R12 [742477.1 ID]
Global and Local inventory explained [360079.1 ID]Thank you
Hussein -
Impossible to find contacts and local mail after Windows 10 re - install
I have upgraded to Windows 10. Due to the age of the PC, I chose to do a clean install, keeping all my data etc. I reinstalled Firefox without any problems - all bookmarks etc are here. I then installed Thunderbird. The address books and local e-mail were not imported nor find a tab drop-down that would allow me to do.
You make it difficult when there is an add-on. (see Matt the link)
-
Firefox is not fully load site Barclaycard of authentication. It load regarding the demand for certain letters in my password but does not load the button 'Submit', so I can't continue with my purchase and I switch to IE8 browser to buy anything on the internet. Clues?
This has happened
A few times a week
Is a few weeks ago
Your UserAgent string in Firefox is totally messed up by another program that you have installed and Barclays does not know you use Firefox 3.6.6 - it is probably similar to IE 6.0 on this site.
http://en.Wikipedia.org/wiki/USER_AGENTtype of topic: config in the URL bar and press ENTER.
If you see the warning, you can confirm that you want to access this page.
Filter = general.useragent.
Preferences are "BOLD", a line at a time, and then select reset, right click
Then restart Firefox -
Switch issues. Help, please.
How is it that a computer which works very well with a direct Ethernet connection won't work with a switch, however any other computer using the same port, cable, ect, and so on, can? We already checked the firewall as a question, that it was not, and now, we are puzzled.Well, I know that the issue is long-term... believe me, it's a long, but as they say, the devil is in the details. Anywho, the question is, my grandfather has a HP laptop, which for two years has been able to run through a Linksys switch to his router and connect its printers to his laptop. About two months ago it suddenly doesn't work like that. Now, it works fine if it plugs directly into the router/Ethernet. My uncle suggested that the switch was bad, but after testing the same port, cable and all, the switch worked well for him. ' GRAMPS really needs this answered, but someone else, it is called can not understand and now I, in turn, ask you all for what you can offer. Here are the ideas that we have already discredited.
-Switch bad: as above, is that this particular laptop, even under identical conditions, the works of my uncle very well.
-Bad NIC: debunked through the fact we connected to the computer directly to the router and it worked fine.
-Bad configuration of the firewall: we have disabled the firewall (please do not notice, he wasn't the smartest idea, we already know) and even if she recorded the switch exists, the internet is always triggered when you are connected with the switch.Thanks in advance for any assistance that you can provide and Merry Christmas to you all.
It would be useful to consult the results of the ipconfig/all command both when it is connected to the switch and when it is connected directly to the router. In addition, what is the model of the switch?
To save the manual copy and the new hits of the ipconfig/all command output-
First connect through switch.
Open a command prompt window (start > run > cmd > OK)
Type the following lines in the black command prompt window and press ENTER after each lineecho "Connected via the button" > "% UserProfile%\Desktop\ipinfo.txt".
ipconfig/all > "% UserProfile%\Desktop\ipinfo.txt".Now connect directly to the router, type the following lines in the command prompt window and press ENTER after each line
echo "Connected to the router" > "% UserProfile%\Desktop\ipinfo.txt".
ipconfig/all > "% UserProfile%\Desktop\ipinfo.txt".
Notepad '% UserProfile%\Desktop\ipinfo.txt '.
outputCopy the contents of the Notepad window in your response (if you use the laptop when it is connected directly to the router) or close the Notepad window, and then copy ipinfo.txt of the laptop to the Gramps in a USB FlashDrive you can connect to any computer allows you to answer.
You can delete ipinfo.txt on the desktop when you are finished.
-
What are the networkservice and Local service folder in Windows XP
Original title:networkservice.nt instants
I had a few Win XP Pro SP3 which has 'documents and settings' folder with the name 'networkservice.nt instants' or 'localservice.nt instants.
What is this folder used for and can I delete them?
Hello
The network service and local service record are system files that are hidden.
The Network Service file is and hidden in Windows XP Documents and settings folder and it's a case of temporary storage for network services.
For more information on the local service file click on the link below.
http://msdn.Microsoft.com/en-us/library/ms684188
Note:
Serious problems can occur if you modify the registry incorrectly. Therefore, make sure that you proceed with caution. For added protection, back up the registry before you edit it. Then you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click on the number below to view the article in the Microsoft Knowledge Base:
How to back up and restore the registry in Windows
-
3 local network connection and local network connection
I have a Dell with Netgear router wireless. On my computer, I have two connections to the LAN. 3 local network connection and local area connection. When I activate 3 internet works on the computer, but the wifi does not work. When I activate the connection to the internet LAN doesn't work at all. someone know how to fix the wifi?
What else shows in network connections (start > run > ncpa.cpl > OK)? Please list all icons.
On the Local network connection, right click and select Properties. Which shows in the 'Général' tab in the box under "connect using"?
On Local Area Connection 3, right-click and select Properties. Which shows in the 'Général' tab in the box under "connect using"?
- With both items enabled, open a command prompt window (start > run > cmd > OK).
- Type the following command in the black command prompt window and press ENTER after each line
ipconfig/all > "% userprofile%\Desktop\ipinfo.txt".
Notepad '% userprofile%\Desktop\ipinfo.txt '.- Copy the contents of the Notepad window and paste it into your reply here
- Close Notepad and windows command prompt and remove the file ipinfo.txt to your desktop
-
GANYMEDE + and local access connection
Basic summary is that I want to have GANYMEDE + and local connection to access router on the vty lines. So, I did the two groups below. Goody obviously is what will use GANYMEDE and Console uses the local connections. I divide them between 0-4 and 5-15. It seems that whoever is more get first priority for authentication. If I move the Console to 0-4, knit then the local users and GANYMEDE do not. If I have Goody at 0-4, then GANYMEDE works, but local doesn't work. I know I'm missing something simple. Have two RADIUS servers, I doubt that the two will never back down, but in case I want user names Local to work. If I apply an access list to 4-0 and use SSH, as well as a list of different access to 5 15 and use telnet, it seems to work that way but doesn't help me if the internet goes down and I am trying to access the router via SSH on-site.
Thanks in advance.
David
AAA authentication login Goody group Ganymede + local
local authentication AAA Console connectionLine con 0
the Console connection authentication
line to 0
line vty 0 4
session-timeout 7
exec-timeout 5 0
authentication of connection Goody
entry ssh transport
line vty 5 15
session-timeout 7
exec-timeout 5 0
the Console connection authentication
entry ssh transportHi David -.
Correct me if I'm not understanding this correctly, but you want to use RADIUS servers for authentication ssh/console type and if they fail, you want the network device to use its local database.
If that is correct you should not need dividing lines and assign authentication lists. The first tribute that you have:
AAA authentication login Goody group Ganymede + local
Lists the Ganymede + and the local database as a possible authentication methods. They will be processed in the order they are configured so that the device will be:
1. use your servers GANYMEDE +.
2. If the GANYMEDE servers + inaccessible then the local database is used
You can test this by assigning 'Goody' to all your vty lines and then do your servers GANYMEDE + unavailable. To do as possible you can:
-Restart the server
-Stop the server interface
-Disconnect the device its uplink network
-Create a list of access on the uplink interface and connection block to the IP addresses of the servers GANYMEDE +.
I hope that helps!
Thank you for evaluating useful messages!
-
Defining a router and 2 switches in a network
Hello!
I have a question, please reply as soon as possbile.
Look, I'm new in routing, just lerning, CCNA Discovery course, there is the problem:
well, I'll put in place a ROUTER and 2 switches, I have set up in terminal:
the end result, we have:
ETH 0/0 (from where internet is coming) - IP - 192.168.100.200
ETH 0/1 (inside the network) - IP - 192.168.80.1Also, I configured the same way ARP:
Slash rip router (config) #.
slash network (config - router) # 192.168.100.0 / / IF I understand ARP allows data transffer beetween networks and make it visible on the otherslash network (config - router) # 192.168.80.0
now, if the two devices end network (PC), I ping the ping works and the package was sent and received.
!!!! THE PROBLEM IS > why I can't ping (PC0) 192.168.100.201 the 192.168.80.2 (PC1)
the INVESTIGATION period was made.There are in tie my tracert schema package. Thx for the reply and attention!
you have the default gateway configured on the two PCs?
-
If I switch to MUSE with responsiveness, my many sites of MUSE since versions Tablet and phone still has open in the program?
The statement speaks for itself, so I still have to update because I can't find any data, saying that it is acceptable to use old versions of MUSE site structure in the new face.
Do not worry!
Existing Web sites will open initially as 'fixed' (unfounded) and the only difference that you will discover is that your Adaptive for office, Tablet and phone versions are now called 'alternative layouts' and can be found under the menu on the Page. (The familiar buttons in the map view will be displayed only if there is already an Adaptive provision, be careful not to confuse users who want just a reactive trace.) In fact, you can combine presentations reactive and adaptive, fluid and all! Just beware that as of now, the effects of roll and some widgets may not be used in a fluid page.
Maybe you are looking for
-
Change of FG and background color of the individual elements in the array
Is it possible to change the color of foreground and background of the individual elements of the array? According to the the link below it is not. But that was 4 years ago and I wonder if it's possible with the new version of Labview. http://forums
-
The sign in page for gmail on my computer is in a foreign language. How can I change?
The sign in page for gmail on my computer is in a foreign language. How can I change?
-
HP deskjet f4140 prints in Vista, but the pages are distorted
I am trying to print a document with a HP Deskjet F4140 printer, but the page is distorted. Can I do to solve this problem?
-
Some programs to fill only a part of the space available on the monitor (maybe 25%). The size is too small to use more easily. I notice it especially with some of the online training programs.
-
Desktop OptiPlex 9020 8.1 of Windows x 64
I just installed Windows 8.1 x 64 on an OptiPlex 9020 and had graphics using IE11 display problems using the latest drivers from Dell. The problem was that graphics had a large "X" on the whole of the image. I was using these drivers: Intel 9.18.10.