Wirless VLAN and DHCP

Similar Questions

• Several VLANS and DHCP relay on two stacked switch SGE2000-G5

  We were put to the task of securing a small desktop system managed that is currently set up with a standard switch for each of the offices (with different companies) to see each other and in some cases, access to each of the other documents on the network.

  Obviously, this is far from adequate set up and our goal is to isolate each office using VIRTUAL networks, but share a common internet connection provided by managed offices.  We have two switches for layer 3 Cisco SGE2000-G5, but we are new on Cisco equipment and VLAN, so we are not quite sure on how to implement this.  DHCP must be provided by a router, there is no server.  We are open to suggestions on the router as we still buy a.

  I hope that someone may be useful.

  Thank you very much

  Jim

  Hi Jim,.

  SGE2000 switches you are using must be able to handle this without issue. What type of router you are using? As long as you have a router that will take in charge VLAN / several subnets, it should be a simple configuration.

  Here's a quick run down of the measures to be implemented. (using vlan1 and vlan2)

  On the router, create a vlan / subnet 2 and set the port to connect to your shared resources with the two VLAN 1 and 2 switch. (it will be untagged, two will be marked)

  On the switch, create vlan2 and do the same for the port connected to the router. (vlan1 marked and tagged vlan2)

  Now for each switch port that you want to assign the port access and vlan1 and vlan2. (this vlan will be without a label)

  If your router allows, disable routing inter - vlan. If this isn't the case, you must create rules to block traffic from one network to the other.

  All this happens under the assumption that your router can support VLAN and can also make DHCP for this VLAN.

  Hope this information helps

• Cisco 1921 & SG500 VLAN and DHCP problem

  Dear all,

  Thank you in advance for taking the time to read this.

  A little history:

  I want to install a project for an athlete, which is unfortunately on a budget pretty tight with a potentially large quantity of network users (~ 200 without public WIFI). I need to separate the 5 groups of users and to give them all access to internet without see each other. 5 user groups also share the same bandwidth to the internet and VLANs must be controlled bandwidth.

  To do this, I had planned to use Cisco devices built-in functions and buy a 1921 Cisco router as a switch of SG500.

  I have configured the router for 8 subinterfaces is internal NIC with 8 VLAN. I also configured DHCP Pools 8 on the 1921 and set up NAT and firewall.

  What I want to do now is have the SG500 to recognize the VLAN ID, I configured on the router (as well as on the switch using the same VLAN ID numbers), and then assign ports to the VLAN on the switch, and depending on where I plug into the switch, the device receives different IP addresses from DHCP.

  However, I can't get this to work. The router works fine, the 'intact' if left switch gives me an IP address from the DHCP server on the IP address of higher network VLAN (I.e. 168.8.0). but I can not configure the switch ports correctly so that it works. I was also confused, is that dhcp pools that I have configured on the command-line command on the router do not appear in professional CP in the mask of the pool.

  Can someone kindly check the configuration of the router and throw some guidance on how I need to configure the Ports on the SG500? I must say that I have had too many nights and I seem to confuse tagging, untagging, to exclusion and prohibiting the ;.)

  I have the router for you here:

  Thanks again and good night!

  W.

  Hi Wolfgang, for the sx500 configuration can be something like this

  config t

  database of VLAN

  VLAN 2-8

  int item in gi1/1/1

  switchport mode general

  switchport trunk allowed vlan add 2-8 tag

  switchport General disable filtering of capture

  For any client that connects must be no tagged coelio

  So if you want a client access port then you should do something like 5 unidentified to this port

  config t

  int item in gi1/1/2

  switchport mode access

  switchport access vlan 5

  -Tom
  Please mark replied messages useful

• L3 - SG300 - 28 p and DHCP

  Hi all

  I'm having a bit of difficulty up a SG300 - 28 p to L3 and DHCP. I will attach a basic network diagram and a very short list of my needs.

  I'm building a temporary network for a company event 1 day that I can't make it work in our office "Lab".

  L3 - SG300 - 28 p connects to our provider using a connection of the SFP.

  I have to be able to address IP DHCP 300 + using the SG300 - 28 p

  My problem is that I can ping my 2 machines test (manually configured IP) about 172.16.0.3 and 172.16.0.4, but cannot ping after the (internet) referral. Also DHCP distributes no intellectual property for the range 172.16.0.10 - 172.16.1.200

  VLAN 1 is set to 10.2.2.20 access port (to the provider through a connection on port 28 FPS)

  VLAN 100 is 172.16.0.2 access port (ports 1-26)

  I have the WLC and WAP tri...

  Is the set of even possible? I know that the EQ network is a bit budget for users, but for a one day business event I just do not have a budget for the purchase of switches better.

  Please excuse the gross chart.

  Thank you in advance.

  -RJ

  Thanks for the reply.

  With the information that you have provided, it seems the only part missing is the way return the unit for service providers. Unfortunately there is no way around that, and no, you will not be able to put anything between the two, because the device doing the NATting is unity of suppliers.

  I think that what is happening is that traffic is actually the side provider, but there is no way to do so as soon as the provider is not a route for the subnet in 172.16.x.x.

  Out of curiosity, why do you use a VLAN for the devices connected to the SG300? Could you use the 10 subnet Ip addresses? If you do this, you will not need to have a route back from the supplier, as all devices will be on the same subnet.

• function of guard of source IP and dhcp DHCP scope of exhaustion (customer parodies other customers)

  Hello world.

  A dhcp server assigns ip address based on the mac address by equipment of the customer field in the dhcp packets.

  A potential attack is when a crowd of thugs mimics different mac addresses and causes the dhcp server to assign ip addresses until no ip address is left for legitimate host.

  For example, a host with mac1 h1 is designated by the ip address of the dhcp server as:

  199.199.199.1 mac1

  DHCP server has this entry in its database.

  Using hacking tools such as Yersinia or Gobbler can create a DHCP discover messages every time that create another mac for material scope of the client to the dhcp server, thereby causing a dhcp server to assign ip addresses because they are of legitimate dhcp to dhcp server discover messages with matching each another Mac in hardware of client addresses.

  You could use dhcp snooping and it will avoid that (exhaustion of dhcp scope) and configure the switch to check if the CBC mac fits the hardware address of the client in the dhcp message. But when even we can creat spoofed discover messages where mac src in the ethernet header will match the client hardware address in dhcp discovery message. It did not always overcome the problem.

  You might say use IP source guard characteristic but it really will prevent this problem from happening?

  Let me illustrate:

  H1 - f1/1SW - DHCP server

  Let's say that we have configured dhcp snooping on sw1 and f1/1 is untrusted port.  Switch a suite dhcp binding

  199.199.199.1 mac1 vlan1 f1/1

  Then, we configure source ip guard in order to validate the mac src and src ip against the dhcp bindings. When you configure keep source ip first, it will allow dhcp only if a host can request ip address and dhcp binding can be built. After that IP keep source will validate ip or mac src src or both against the binding.depending dhcp on how configure us source ip guard.

  In our case, we have configured source ip guard in order to validate the mac src and src ip against the dhcp binding.

  A dhcp connection is already created as:

  199.199.199.1 mac1 vlan 1 f1/1

  Now, using hacking tools Yersinia or Gobbler on h1, we create our first spoofed dhcp discovery message where mac src = mac2 ethernet header and client harware address = mac2 in dhcp discovery message. As the switch is configured with the function of guard of source ip and therefore allows dhcp discover message to pass through. DHCP server after you receive the message dhcp assigns another IP from the pool. The dhcp server has now after the entries:

  199.199.199.1 mac1

  199.199.199.2 mac2.

  We continue to spoofed dhcp to craft discover messages as described above and are dhcp server keep ip address assignment until exhausts the entire pool.

  So my question is how ip source guard in conjunction with dhcp snooping doesn't stop this attack does not happen? (IE DHCP scope exhaustion)

  I really appreciate your comments.

  Thank you and have a week.

  Hi Sara,.

  Ask was quite interesting. As far as I know that whatever it is port snooping untrusted won't let your fake dhcp server.

  You can take this query in the Sub forum of experts mentioned that is specific for dhcp snooping and source of guard.

  https://supportforums.Cisco.com/message/3689811#3689811

  Please assess whether the information provided is useful.

  By

  Knockaert

• SGE2010 - traffic relay and DHCP configuration

  Hei

  We bought just a switch SGE2010 we want to use to replace the switches in the control panel of our office. So far I managed to access the switch and assigned a static ip.adress on our net, but I can't get to our entry point switch relay traffic. I have a test machine that is configured with a static IP as well and tried the ok sign, but as soon as I put the switch between traffic is not relayed.

  The idea was to use this switch as a DHCP as well. But I thought it would be a start to get at least the traffic relayed before starting the dhcp part.

  Only configuration settings I have done factory settings are the following: (note that the IP is slightly adjusted, but consistent for reasons of confidentiality)

  Configuration of the IP4

  1. Assigned to a static ip address: 95.59.69.148
  2. Assigned a subpattern: 255.255.255.192
  3. Assigned to a user-defined gateway: 95.59.69.129

  DNS configuration

  1. Assigned to an ip address dns address: active 95.59.0.100
  2. Assigned to a dns ip address: 95.59.0.200

  All these settings are the default settings that we use when we assign a server with a static ip address, so it is not a pick up of our filtration dhcp server. So my main question is why on earth isn't it relay traffic?

  In addition, we are interested to kill the former (with stones, I hope) dhcp server and dhcp on the sge2010 configuration. The current dhcp is an operating system. X dhcp server (Yes a mac) with the following configuration:

  • (Dynamic ip) subnet
    From ip: 95.59.69.179
    Ending ip: 95.59.69.190
    Subnet: 255.255.255.192
  • Router ip: 95.59.69.129
    Rental time: 3 hours
  • The range 95.59.69.130 to 95.59.69.149 we set up manually on the servers, hardware, etc.
  • DNS server: 95.59.0.100 & 95.59.0.200
    Default search domain: No. - dns - available.example.com
  • And then we have a group of static mappings to Mac-addresses
    ip address: 95.59.69.150
    IP: 95.59.69.178

  I tried to see in the configuration where I could the mappings static spesify range etc, but I can't say it got me anywhere. So my second question is how to install a server dhcp of Eric as a designated above?

  It's nice to finally convince the CEO to move the dhcp to a better metal, but it's not as nice having a hard time setting up. I would apprecitate every possible leeds and suggestions since I'm kinda stuck.

  Thanks in advance

  Rafn.R

  Hello

  My SGE2000P forwards DHCP requests on my DHCP server.

  I used my default VLAN1 as an interface routed to unicast request DHCP relay on my server (router ISR UC520) that resides on that VLAN 1.

  My interface Vlan 1 on my SGE2000P has an IP 192.168.10.254.

  My gateway address for potential hosts in VLAN 2 IP will be the ADDRESS IP I AI ASSIGNES to VLAN 2, because the PC or the IP hosts connected to VLAN2 will use IP VLAN2 interface as the gateway. It's just how it works!

  Hosts of PC on VLAN 2 need of a default route and they use the IP I assigned to VLAN2 as their next jump out VLAN2 on the real world.

  This address can be seen below.

  

  DHCP relay is enabled with the option 82

  

  I chose VLAN2 as an interface VLAN, as shown below.

  

  I have two ports not signposted in the VLAN2, and I joined an IP host to G1 so that I can test the DHCP relay.

  

  I get the following debug output from my dhcp server, so I know the relay is working.

  002624: 19:40:08.575 Dec 5: DHCPD: looking for expiry of the leases.

  002625: 19:40:58.408 Dec 5: DHCPD: DISCOVER notification to:

  002626: 19:40:58.408 Dec 5: DHCPD: htype 1 CHADRR 0025.84d8.d008

  002627: 19:40:58.408 Dec 5: DHCPD: id remote 020a0000c0a80a0101080001

  002628: 19:40:58.408 Dec 5: DHCPD: id circuit 00000000

  002629: 19:40:58.408 Dec 5: DHCPD: see if there is a specified internal pool class:

  But I must confess that I have opened a case on it with the Small Business Support Center, because I think I can see something wrong on my DHCP server debugging.

  But the key is that I see the router WAN/DHCP server, see the query from DHCP.

  The only way to the broadcast DHCP requests can get to the DHCP server, if the switch SGE2000P takes these DHCP broadcast requests and unicast these or relay to my server DHCP IP address 192.168.10.1.

  So in other words he tries to relay DHCP.

  I would ask you to please check the SGE2010 Administrator's guide because it clearly shows how to configure the DHCP on the SGE2010 relay.

  Even if the screen capture shows and the old version of the code below.  I have day my SGE2000P tonight at the generally available (GA) version of the code.

  

  Just outa interest, if you telnet to the switch, is your mode of layer 3 or Layer 2 switch.

  I can also say from your screenshot that your uplink ports are in overlay mode.

  Maybe if you don't use stacking, you can set your switch to the layer 3 mode and standalone mode

  Best regards, Dave

• Mapping VLAN and probe Inline

  Hello

  I'm doing all my traffic flow of SSL VPN clients through a traffic Inline probe. From what I see, I should use the mapping feature VLAN. But I can't understand how the function works. ASA not very informative or extensive documentation.

  Currently my ASA has a network of interconnection on a VLAN to my router base, and all my internal network is routed to the base IP address. Default gateway of the router of my Core is the ASA. My ASA provides IP addresses to remote VPN SSL clients and is the default router for them. Remote traffic follows the remote client to the ASA, then through the interconnection to my internal networks. My only ASA works as my perimeter firewall and SSL VPN concentrator.

  I have map VLAN undestand will make all traffic from the remote clients to abandon the vehicle on a VLAN individual. So, I created a new VLAN and that added to a trunk on the SAA. Then I activated "restrict access to VLAN" and set it to my VIRTUAL LAN. My traffic Inline probe is connected to the VLAN and can provide DHCP.

  If it were a classic network, I'd Inline traffic probe the gateway by default for this VLAN and provide IP addresses and gateway with its DHCP server. But how does it work with ASA? I can in captivity the evacuation to this VLAN, but cannot find a way to make the traffic passes through the screen. As ASA does not support routing based on the source can't make the jump next to the probe traffic.

  I can do the bridge of the probe (L2) network for interconnection and the remote client VLAN. But the IP address of the ASA on the VLAN does not fall within the same range as the interconnection, so I can't understand if and how it worked.

  Can someone help me with the configuration or explaing me better how works the mapping VLAN?

  Thank you.

  What you are trying to reach is configurable through the "tunnel" default route, and it would force all traffic of VPN with this default route special.

  for example:

  If your traffic probe Inline between the ASA inside your heart and the interface, you can configure:

  Route inside 0.0.0.0 0.0.0.0 in tunnel

  Requiring all VPN traffic route to IP CORE that would go through your online traffic probe

  Here's the order for your info reference:

  http://www.Cisco.com/en/us/docs/security/ASA/asa83/command/reference/QR.html#wp1840612

  Hope that helps.

• Requirement of DNS and DHCP Server Essentials 2012 home

  I have a Server Windows Essentials 2012 acting as DNS and DHCP server with a domain name for backups etc on my home network. It's that everything works fine, no errors, no problem. Works well actually, telling me when the children did not install updates or restarted.

  I have two groups of users. My sons step, 10 and 12, which I want to use OpenDNS as a provider external DNS with a policy very, very limited and my wife and me who want to use indications of root or Google DNS or any other DNS provider. Others, specific devices no user (box of the xBox, WII, Satellite, TV, CCTV etc.) can use.

  Before the 2012 server, I had a 2 k 3 server running in a virtual machine for DHCP, alone and put my wife and my devices on static reservations with the just and external DNS provider used OpenDNS as the default scope, DNS. Unfortunately different bits of domain services 2012 don't seem to work unless the server of 2012 is the first DNS server listed on client machines (backups failed. Impossible to find other local computers). Currently, this means that we are all using OpenDNS.

  What I would like is a way to say 2012 to send adult group DNS queries to another DNS provider and leave the rest at default to OpenDNS, while still having them register in the original DNS domain. Any suggestions?

  This issue is beyond the scope of this site and must be placed on Technet or MSDN
  http://social.technet.Microsoft.com/forums/en-us/home

  http://social.msdn.Microsoft.com/forums/en-us/home

• LRT214 VLAN and site to site vpn

  Hello everyone, I am a bit new to the network of this aspect and was looking for some advice.  I am looking for several routers LRT214 to configure VPN site to site to our main office at 4 locations.  There are 2 VLANS and subnets - one for the network secure (vlan native 1) and one for comments wireless (vlan 2).  It is very good and works well for lan segregation locally.

  IPSEC tunnels do not pass the tags vlan, my question because I will be able to restrict traffic through the vpn tunnel to vlan 1 and deny traffic to vlan 2?

  It appears in the documentation that VPN traffic can be limited by IP address or the local subnet.  My concern is that if there is no way to bind or bridge to the VLAN selected, an adjustable static IP address on a device on the vlan 2 were part of the traffic permitted (vlan 1 range), and therefore cross the tunnel for devices vlan 1 on remote sites.

  Thanks for any input you can offer.

  Hi, seedtech. The VLAN used for the VPN is the default VLAN. So if a tunnel is created, it will cross through the default VLAN.

  Jay-15354

  Linksys technical support

• Implementation of VLAN and QoS for VOIP on SG200-18

  We recently purchased the smart switch SG200-18 to replace a Netgear switch. We are moving our phone service to VOIP through our local ISP as well.

  I currently have the VOIP phone plugged into Port 17 on SG200-18 (it is a Grandstream Cordless VOIP phone).

  I want to put the VOIP phone on one VLAN separate from the rest of the network and optimize QoS parameters so that the VOIP phone has exceptional audio quality even during network traffic.

  Here are my questions:

  1. do I need to set anything on the type of port to Port 17 (because it resembles a shape any Combo port)?

  2. How can I do to isolate VOIP telephone it's own VLAN (I see the parameters VLANS and VLAN voice, not sure that one to use;) I've tried to set a VLAN and broke the Internet connectivity on the phone until I went and removed)?

  3. do I need to adjust the QoS settings to switch to better optimize the VOIP phone?

  Some additional questions about the GS200-18 in general:

  1. do I need to adjust the parameters of the system on the switch time? I am in the Central time.

  2. do I need to adjust the Green Ethernet/Energy Saving parameters or should I stay with the default settings?

  In addition, a couple of "getting started" questions for Cisco:

  1. I registered an account My Cisco. What should I do to register my switch with Cisco and associate with my My Cisco account?

  2. What are the benefits of purchasing a contract of Cisco Small Business support, and how much would it cost the SG200-18 (I ordered it from Provantage)? I'm curious to see if it's worth the money.

  Here's my 'features ':

  Switch: SG200-18

  VOIP phone: Grandstream DP715 and 710 handsets

  Plugged in: Port 17 on SG200-18

  Services: Internet Local (Direclynx)

  Type of connection: 3 m down / 500 k up DSL move to a future wireless connection that will give us higher speeds

  Backend VOIP provider: VOIP Innovations

  Router: Apple Airport Extreme AC model (all Macs and iOS devices and the OS X Server on the network, so I use the Apple router facilitates installation, because is not QoS, trying to QoS and VLAN in the switch)

  Thank you all!

  Hello

  I'll just go to the list again:

  1. sounds good in the port from the drop-down list. So can I just connect the VOIP phone and go with it, correct?

  Yes, just plug in ethernet combo port and it will work.

  2. is not an issue, but I agree, Apple likely isn't compatible QoS or VLAN.

  3. thanks for the info on time/NTP settings. If I wanted to go there and try to configure NTP, how much is it and what I have to do? I want to I can give it a quick try.

  To Setup NTP on the switch is quite simple.  Go to Administration > Time Settings > time system and check the boxes to activate the main clock Source (SNTP)

  Then go to the settings of the SNTP page and add a new entry with the IP address of an NTP server.  There is a list of available NTP servers here:

  http://www.pool.ntp.org/en/

  You must also ensure that the switches Administrative default gateway is set correctly (it must be set the to the default gateway, probably the most convenient airport) so the switch can contact the NTP server.  That option is set under Administration > Interface Management > Interface IPv4.  Change the user-defined default gateway and enter the IP address of your airport (or whatever your default gateway for your network)

  4 sounds good on the Green Ethernet settings. I'll leave it as default value.

  Yes, better to just let those unless you have weird problems with ports disconnect, who can sometimes be caused by Green Ethernet, but if there's nothing like leave it on and save a few watts.

  5 sounds good on does not need to attach my passage to my Cisco account. Should I fill out a form any registration of the product with Cisco before calling support?

  It is not a record for support.  The only thing we need you to do is to create a Cisco account, but you have already done this, so if/when you call in support, you just need your ID for Cisco (also called a CCOID sometimes) and the serial number of your switch.

  6. thanks for the info on the Service contract. Is it something that I would need to order directly from Cisco or I who would get my Cisco partner (Provantage)? After the three years is up, treat yourself to renewal or it just falls? Is there a certain amount of time I have to buy the Service Contract forward make me ineligible?

  Support contracts are purchased through a partner Cisco, or you can get them online for the CDW or Newegg for example.  Basically, you have until the expiry of your current aid for the purchase of a new contract.  For example, right now your switch comes with 1 year of technical support.  You can only buy a contract while it is still active.  Once your three-year contract is about to run out, you're in the same situation.  You can renew it before it expires, however if you leave is up, you will not be able to put a contract on it.  Contracts are not my specialty, however, so you can check with your partner for complete details.

  7. sounds good to how data use VOIP calls. His dislikes too. :-)

  I agree, a voice call is not much traffic.  What you have described you probably don't have problems, although of course I can't guarantee that.

  8. because it is from your provider and they specifically mentioned the VOIP, I would say that you'll be fine here.

  You had also placed on your airport using access point behind a router in small businesses.  I would like to say that it is possible, a large number of wireless routers have an option to put access point only mode or something like that, but you should check with Apple on how to do it.

  Insofar as a Small Business router if you decide to upgrade for the options VLAN or QoS, I would recommend the RV180, or perhaps the RV320.  Two of these models are available with or without wire depending on what you decide to do with the airport.

  I think I got all the questions, but if not just let me know,

  Christopher Ebert - Network Support Engineer

  Cisco Small Business Support Center

  * Please note the useful messages *.

• SNMP and DHCP requests on collector

  Hello world

  I want to see the SNMP and DHCP requests on the interface of collector.

  How can I see these queries?

  Y at - it logs through which we can see or some CLI to run on systems CASE.

  Please help me on this and suggest.

  Thank you

  Abuzar

  Hello

  a newspaper would be quickly filled if she provided details on all packages.

  The easiest way is to run a tcpdump on the collector.

  tcpdump for example eth0-i

  You can use tcpdump - help for more info.

  Hope this helps,

  Nicolas

  ===

  Please note the answers that will help you

• Series of unmanaged switches 100 and DHCP

  Hi all, we have a router RV082 switch 8 ethernet ports, it is actually 8 lan with a DHCP address assignment devices (router is used as switch/router and DHCP server).

  Now we need to increase the number of attached LAN devices (other pc, printers, etc.), and we think buy Cisco 100 ethernet switch Series 16 or 24 ports to connect to RV082.

  In this case RV082 will be able to assign DHCP addresses for devices connected to the eth switch ports?

  Thanks in advance.

  Hi Loris, yes it is not a problem. You should be able to switch on a lan port, connect computers to the switch and things should be OK.

  -Tom
  Please mark replied messages useful

• SGE2010 switches, VLAN and a port blocked by spanning tree

  People,

  I have 2 groups of switch.

  SGE2010 2 with VLANS is defined as 10,20 and 30

  VLAN 10 is the management VLAN and it uplinks to our border router.

  VLAN 20 is the workstation VLAN, and all workstations are pointing to the switch as their default GW

  VLAN 30 is the ip phone VLANS, and all phones use this as a gateway.

  I have a GAP between the switches said, we have a few servers on the ip phone switch that must be accessed by the clients of the workstation and the unique link of 100 MB through the router probably won't be enough.

  If I understand correctly, because the switches have different networks on them, a simple shift will not work. I did create a gap and addresses on each side, but it does not appear in this mode, I can block vlan 10 transit to the LAG, with this block I'll end with a logic loop and spanning tree will block the uplinks or LAG itself.

  I have attached a picture with a diagram of our current put in place.

  Any help/advice would be much appreciated.

  John, the 802 standard. 1 initial q indicates there isn't only global tree covering weight independently of belonging to a vlan. It's why you run into problems. Cisco has developed PVST to run on circuits of the ISL. BPMH was originally defined as 802. 1s, which is a combination of 802. 1 q + RSTP. The 802. 1s were later modified to become part of the 802. 1 q.

  The person is incorrect, because they cite "because spanning tree is construction by vlan. They are incorrect, because you have to set the properties of tree cover to allow the spanning tree protocols by vlan. Small business switches do not support the owner Cisco PVST and PVST +. However, the SB switches support BPMH which is a standard of the IEEE.

  How works the BPMH, it's that you have called proceeding, i.e. each construction covering tree. Then you have the region, SB switches support only 1 region. The region maintains the instances. Basically how it works, you activate the EMU at the global level. Then, you specify the instance. As an example, the vlan 1 is instance 1. VLAN 2 is 2.  This will allow you to run 2 physical wires between switches vlan different without looping. If you use classic STP or RSTP, the least costly path will go to the State to block/cast who works as expected.

  -Tom

• VLAN and the SSID does not not in the Web Interface

  We have a couple of APs which do not show the VLAN and via the web interface of AP SSID.  If you go to the SSID Manager page in the web interface, the page rises but doesn't show any SSID configured.  It goes the same for Services - Vlan.  This page appears but does not show in any VLANS configured.  If you telnet to the APs, you see the mssid listed and all the SSID interfaces.  The SSID on the access point is functional and working.  It is just so hard to use the web interface for these APs.  I tried to compare configs running on APs where the web interface does not show this and APs that it shows, but cannot see any differences.

  Thank you.

  Have you tried with different browsers?

  Nicolas

• Create a vlan and conf coelio

  Hello

  I need create 2 VLAN (vlan 10 and vlan 30) to the Cisco 300 series switch.

  VLAN 10 must be default VLAN (no tag).

  After that I wish to associate VLAN10 1 and 2 to 30 port of VLAN. The two ports must be access.

  If anyone can give a step by step to do this?

  Best regards.

  Hi Andre,

  Make a fiour minute video to show you how create two VLANS and I think answering your question.

  After making the changes, I suggested, be sure to save the configuration to the switch.

  (the audio is dead as I began to save the running configuration to the startup configuration)

  In addition, it is not stated clearly, but in the page of "port of VLAN" make sure that you select go after selecting a VLAN to change. See the go button circled in the screenshot below.

  Click here to view the 4-minute video or on the link below;

  https://ciscosales.WebEx.com/ciscosales/LDR.php?at=PB&SP=MC&rID=51454237&RKEY=4f26434b104275a8

  Best regards, Dave