• August 23, 2017, 09:49:44 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Recent Posts

Pages: [1] 2 3 ... 10
1
Nortel / Avaya Ethernet Switching / Re: ACL in Nortel BackBone
« Last post by TankII on Yesterday at 04:53:26 PM »
If you are truly running R or RS blades and running ACL/ACE, it is in hardware. 
If you are running E blades and running filters, that is in software.
TankII
2
Nortel / Avaya Ethernet Switching / SPBM Mac Address Tables
« Last post by eaprice2008 on Yesterday at 11:05:37 AM »
We are moving from MLTs and SMLTs for our access switches, and now using SPBM Fabric networking.

Problem I have now is that our network management tool is not able to view the new mac address tables, is there any way of copying this information back??

Lansweeper has been great and with the older generation of switches we can see what PC, Phone, Server ect is connected to which port, now we have lost that function and there is no way to add custom SNMP into lansweeper, their forum has also been unable to help.

3
Nortel / Avaya Ethernet Switching / Re: First time MLT setup questions
« Last post by eaprice2008 on Yesterday at 11:00:19 AM »
Need a lab to try it out first really, but I guess not a lot of people have that available to them...

When I'm doing something remotely I will set a switch restart off before doing any work, that way if there is any mis-configuration you only have to wait 30 minutes or whatever you set before it comes back to normal.

make sure autosave is turned off on the switch first though, or its not going to help!
4
AP7532

!
! Configuration of AP7532 version 5.8.4.0-034R
!
!
version 2.5
!
!
ip snmp-access-list default
 permit any
!
firewall-policy default
 no ip dos tcp-sequence-past-window
!
!
mint-policy global-default
!
wlan-qos-policy default
 qos trust dscp
 qos trust wmm
!
radio-qos-policy default
!
aaa-policy esaf01_AAA
 authentication server 1 onboard controller
 authentication server 1 proxy-mode through-controller
 authentication server 1 dscp 46
 accounting server 1 onboard controller
!
aaa-policy esaffuncionarios
 authentication server 1 host 10.10.10.40 secret 0 XXXXXXXXXXXXXXXXXX
 authentication server 1 proxy-mode through-controller
 accounting server 1 host 10.10.10.40 secret 0 XXXXXXXXXXXXXXXXX
 accounting server 1 proxy-mode through-controller
!
dns-whitelist dns_listabranca
 permit XXXXXXXXXXXXX suffix
!
captive-portal Portal
 access-time 720
 inactivity-timeout 21600
 server host 10.195.40.10
 server mode centralized
 simultaneous-users 2000
 webpage internal org-name ESAF
 webpage internal org-signature ESAF
 webpage internal login footer Entre em contato com o administrador caso encontre algum problema.
 webpage internal login main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal login org-background-color #ffffff
 webpage internal login org-font-color #003300
 webpage internal login body-background-color #ffffff
 webpage internal welcome main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal welcome title Seja bem vindo
 webpage internal fail header O acesso foi negado.
 webpage internal fail main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal fail title Falha
 webpage internal agreement header Seja bem vindo
 webpage internal agreement main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal agreement title ESAF
 webpage internal acknowledgement main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal registration description Por favor encontre um momento para registrar-se.
 webpage internal registration header Bem vindo
 webpage internal registration main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal no-service main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 accounting radius
 use aaa-policy esaf01_AAA
 use dns-whitelist dns_listabranca
 webpage internal registration field city type text enable label "City" placeholder "Enter City"
 webpage internal registration field street type text enable label "Address" placeholder "123 Any Street"
 webpage internal registration field name type text enable label "Full Name" placeholder "Enter First Name, Last Name"
 webpage internal registration field zip type number enable label "Zip" placeholder "Zip"
 webpage internal registration field via-sms type checkbox enable title "SMS Preferred"
 webpage internal registration field mobile type number enable label "Mobile" placeholder "Mobile Number with Country code"
 webpage internal registration field age-range type dropdown-menu enable label "Age Range" title "Age Range"
 webpage internal registration field email type e-address enable mandatory label "Email" placeholder "youdomain.com"
 webpage internal registration field via-email type checkbox enable title "Email Preferred"
!
captive-portal PortalFuncionario
 access-time 720
 inactivity-timeout 21600
 server host 10.195.37.2
 server mode centralized
 simultaneous-users 200
 webpage internal org-name ESAF
 webpage internal org-signature ESAF
 webpage internal login description Conecte-se com nome e senha
 webpage internal login footer Conecte-se com nome e senha
 webpage internal login header Conecte-se com nome e senha
 webpage internal login main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal login main-logo use-as-banner
 accounting radius
 use aaa-policy esaffuncionarios
 use dns-whitelist dns_listabranca
 webpage internal registration field city type text enable label "City" placeholder "Enter City"
 webpage internal registration field street type text enable label "Address" placeholder "123 Any Street"
 webpage internal registration field name type text enable label "Full Name" placeholder "Enter First Name, Last Name"
 webpage internal registration field zip type number enable label "Zip" placeholder "Zip"
 webpage internal registration field via-sms type checkbox enable title "SMS Preferred"
 webpage internal registration field mobile type number enable label "Mobile" placeholder "Mobile Number with Country code"
 webpage internal registration field age-range type dropdown-menu enable label "Age Range" title "Age Range"
 webpage internal registration field email type e-address enable mandatory label "Email" placeholder "youdomain.com"
 webpage internal registration field via-email type checkbox enable title "Email Preferred"
!
wlan ESAF-01
 description ESAF-Visitantes
 shutdown
 ssid ESAF-Visitantes
 vlan 2074
 bridging-mode local
 encryption-type none
 authentication-type none
 no fast-bss-transition over-ds
 use captive-portal Portal
 captive-portal-enforcement
 ip dhcp trust
!
wlan ESAFFuncionarios
 description ESAF-Servidores
 ssid ESAF-Funcionarios
 vlan 2075
 bridging-mode local
 encryption-type none
 authentication-type none
 wireless-client inactivity-timeout 21600
 wireless-client cred-cache-ageout 43200
 wireless-client vlan-cache-ageout 43200
 use aaa-policy esaffuncionarios
 use captive-portal PortalFuncionario
 captive-portal-enforcement
 relay-agent dhcp-option82
!
wlan ESAFVISITANTES
 ssid ESAF-Visitantes
 vlan 2074
 bridging-mode tunnel
 encryption-type none
 authentication-type none
 wireless-client inactivity-timeout 21600
 wireless-client cred-cache-ageout 43200
 wireless-client vlan-cache-ageout 43200
 wing-extensions move-command
 wing-extensions scan-assist
 wing-extensions ft-over-ds-aggregate
 use aaa-policy esaf01_AAA
 use captive-portal Portal
 captive-portal-enforcement
!
smart-rf-policy smartrfbasico
 group-by area
!
radius-group Esaf01
 guest
 policy vlan 2074
 policy ssid ESAF-Visitantes
 policy day mo
 policy day tu
 policy day we
 policy day th
 policy day fr
 policy day sa
 policy day su
!
radius-group Esaf02
 policy vlan 2074
!
radius-group helpdesk
 policy access web
 policy role helpdesk
!
radius-user-pool-policy visitante
 user Esaf password 0 esaf group Esaf02
 user helpdesk password 0 helpdesk group helpdesk
 user esaf password 0 esaf group Esaf02
!
radius-server-policy radius-esaf
 use radius-user-pool-policy visitante
 use radius-group Esaf01
!
dhcp-server-policy DHCP-ESAF
 dhcp-pool APS
  network 10.195.11.0/24
  address range 10.195.11.111 10.195.11.130
  default-router 10.195.11.1
  dns-server  10.12.1.16
 dhcp-pool ge
  network 192.168.0.0/24
  address range 192.168.0.100 192.168.0.120
 dhcp-pool ESAF
  network 10.195.37.0/24
  address range 10.195.37.10 10.195.37.254
  lease 0 14 26 40
  default-router 10.195.37.1
  dns-server  200.198.205.242 161.48.25.38
 dhcp-pool ESAF-VISITANTES
  network 10.195.40.0/22
  address range 10.195.40.50 10.195.43.254
  lease 0 14 26 40
  default-router 10.195.40.1
  dns-server  200.198.205.242 161.48.25.38
!
!
management-policy default
 telnet
 no http server
 https server
 no ftp
 ssh
 user admin password 1 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX role superuser access all
 user teste password 1 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX role web-user-admin
 user helpdesk password 1 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX role helpdesk access web
 snmp-server community 0 private rw
 snmp-server community 0 public ro
 snmp-server user snmptrap v3 encrypted des auth md5 0 senha00
 snmp-server user snmpmanager v3 encrypted des auth md5 0 senha00
 idle-session-timeout 300
!
profile ap7532 AP-7532
 bridge vlan 1
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
 bridge vlan 10
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
 bridge vlan 100
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
 ip name-server 10.12.1.16
 ip name-server 8.8.8.8
 ip name-server 4.2.2.2
 ip default-gateway 10.195.40.1
 no autoinstall configuration
 no autoinstall firmware
 use radius-server-policy radius-esaf
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 crypto load-management
 crypto remote-vpn-client
 interface radio1
  wlan ESAF-01 bss 1 primary
  wlan ESAFVISITANTES bss 2 primary
  wlan ESAFFuncionarios bss 3 primary
  max-clients 256
 interface radio2
  wlan ESAF-01 bss 1 primary
  wlan ESAFVISITANTES bss 2 primary
  wlan ESAFFuncionarios bss 3 primary
  max-clients 256
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 1
  switchport trunk native tagged
  switchport trunk allowed vlan 1,11,2074-2075
 interface vlan1
 interface vlan11
  description Gerencia
  ip address dhcp
 interface vlan2074
  description Vlan_rede_visitantes
 interface vlan2075
  description Vlan_rede_funcionarios
 interface pppoe1
 use dhcp-server-policy DHCP-ESAF
 use firewall-policy default
 use captive-portal server Portal
 use captive-portal server PortalFuncionario
 rf-domain-manager capable
 logging on
 controller host 10.195.11.100 pool 1 level 1
 service pm sys-restart
 router ospf
!
rf-domain RF-SERPRO
 location ESAF
 contact Serpro
 timezone America/Sao_Paulo
 country-code br
 use smart-rf-policy smartrfbasico
 controller-managed
!
ap7532 74-67-F7-03-26-44
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-032644
 controller host 10.195.11.100 pool 1 level 1
!
!
end
5
auto-provisioning-policy aps-7532
 adopt ap7532 precedence 1 profile AP-7532 rf-domain RF-SERPRO any 
!
radius-group Esaf01
 guest
 policy vlan 2074
 policy ssid ESAF-Visitantes
 policy day mo
 policy day tu
 policy day we
 policy day th
 policy day fr
 policy day sa
 policy day su
!
radius-group Esaf02
 policy vlan 2074
!
radius-group helpdesk
 policy access web
 policy role helpdesk
!
radius-user-pool-policy visitante
 user Esaf password 0 esaf group Esaf02
 user helpdesk password 0 helpdesk group helpdesk
 user esaf password 0 esaf group Esaf02
!
radius-server-policy radius-esaf
 use radius-user-pool-policy visitante
 use radius-group Esaf01
!
dhcp-server-policy DHCP-ESAF
 dhcp-pool ESAF-VISITANTES
  network 10.195.40.0/22
  address range 10.195.40.50 10.195.43.254
  lease 0 14 26 40
  default-router 10.195.40.1
  dns-server  200.198.205.242 161.48.25.38
 dhcp-pool ge
  network 192.168.0.0/24
  address range 192.168.0.100 192.168.0.120
 dhcp-pool ESAF
  network 10.195.37.0/24
  address range 10.195.37.10 10.195.37.254
  lease 0 14 26 40
  default-router 10.195.37.1
  dns-server  200.198.205.242 161.48.25.38
 dhcp-pool APS
  network 10.195.11.0/24
  address range 10.195.11.111 10.195.11.130
  default-router 10.195.11.1
  dns-server  10.12.1.16
!
!
management-policy default
 telnet
 no http server
 https server
 ssh
 user admin password 1 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx role superuser access all
 user teste password 1 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx role web-user-admin
 user helpdesk password 1 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx role helpdesk access web
 snmp-server community 0 private rw
 snmp-server community 0 public ro
 snmp-server user snmptrap v3 encrypted des auth md5 0 senha00
 snmp-server user snmpmanager v3 encrypted des auth md5 0 senha00
 t5 snmp-server community public ro 192.168.0.1
 t5 snmp-server community private rw 192.168.0.1
 idle-session-timeout 300
!
ex3500-management-policy default
 snmp-server community public ro
 snmp-server community private rw
 snmp-server notify-filter 1 remote 127.0.0.1
 snmp-server view defaultview 1 included
!
ex3500-qos-class-map-policy default
!
ex3500-qos-policy-map default
!
l2tpv3 policy default
!
profile rfs7000 default-rfs7000
 bridge vlan 100
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
 ip default-gateway 10.195.40.1
 autoinstall configuration
 autoinstall firmware
 use radius-server-policy radius-esaf
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 crypto remote-vpn-client
 interface me1
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 1
  switchport trunk native tagged
  switchport trunk allowed vlan 1,100
 interface ge2
  switchport mode access
  switchport access vlan 100
 interface ge3
 interface ge4
 interface vlan1
  description Esaf01
 interface pppoe1
 use dhcp-server-policy DHCP-ESAF
 use firewall-policy default
 use auto-provisioning-policy aps-7532
 use captive-portal server Portal
 logging on
 service pm sys-restart
 router ospf
!
profile ap8533 default-ap8533
 autoinstall configuration
 autoinstall firmware
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 crypto load-management
 crypto remote-vpn-client
 interface radio1
 interface radio2
 interface radio3
 interface bluetooth1
  shutdown
 interface ge1
 interface ge2
 interface vlan1
  ip address dhcp
  ip address zeroconf secondary
  ip dhcp client request options all
 interface pppoe1
 use firewall-policy default
 use client-identity-group default
 logging on
 service pm sys-restart
 router ospf
!
profile ap82xx default-ap82xx
 autoinstall configuration
 autoinstall firmware
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 crypto remote-vpn-client
 interface radio1
 interface radio2
 interface radio3
 interface ge1
 interface ge2
 interface vlan1
  ip address dhcp
  ip address zeroconf secondary
  ip dhcp client request options all
 interface wwan1
 interface pppoe1
 use firewall-policy default
 use client-identity-group default
 logging on
 service pm sys-restart
 router ospf
!
profile ap81xx default-ap81xx
 autoinstall configuration
 autoinstall firmware
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 crypto remote-vpn-client
 interface radio1
 interface radio2
 interface radio3
 interface bluetooth1
  shutdown
 interface ge1
 interface ge2
 interface vlan1
  ip address dhcp
  ip address zeroconf secondary
  ip dhcp client request options all
 interface wwan1
 interface pppoe1
 use firewall-policy default
 use client-identity-group default
 logging on
 service pm sys-restart
 router ospf
!
profile ap7532 AP-7532
 bridge vlan 1
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
 bridge vlan 10
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
 bridge vlan 100
  use captive-portal Portal
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
 ip name-server 10.12.1.16
 ip name-server 8.8.8.8
 ip name-server 4.2.2.2
 ip default-gateway 10.195.40.1
 no autoinstall configuration
 no autoinstall firmware
 use radius-server-policy radius-esaf
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 crypto load-management
 crypto remote-vpn-client
 interface radio1
  wlan ESAF-01 bss 1 primary
  wlan ESAFVISITANTES bss 2 primary
  wlan ESAFFuncionarios bss 3 primary
 interface radio2
  wlan ESAF-01 bss 1 primary
  wlan ESAFVISITANTES bss 2 primary
  wlan ESAFFuncionarios bss 3 primary
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 1
  switchport trunk native tagged
  switchport trunk allowed vlan 1,11,2074-2075
 interface vlan1
 interface vlan11
  description Gerencia
  ip address dhcp
 interface vlan2074
  description Vlan_rede_visitantes
 interface vlan2075
  description Vlan_rede_funcionarios
 interface pppoe1
 use dhcp-server-policy DHCP-ESAF
 use firewall-policy default
 use captive-portal server Portal
 use captive-portal server PortalFuncionario
 logging on
 controller host 10.195.11.100 pool 1 level 1
 service pm sys-restart
 router ospf
!
profile ap7532 PROFILE-AP7532
 no autoinstall configuration
 no autoinstall firmware
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 crypto load-management
 crypto remote-vpn-client
 interface radio1
 interface radio2
 interface ge1
 interface vlan11
  ip address dhcp
 interface pppoe1
 use firewall-policy default
 controller host 10.195.11.100
 service pm sys-restart
 router ospf
!

rf-domain RF-SERPRO
 location ESAF
 contact Serpro
 timezone America/Sao_Paulo
 country-code br
 use smart-rf-policy smartrfbasico
 controller-managed
!
rfs7000 5C-0E-8B-1A-45-26
 use profile default-rfs7000
 use rf-domain RF-SERPRO
 hostname rfs7000-1A4526
 layout-coordinates 3.0 2.5
 license AP 65b47071ef2b3f0237c8f5ff63b4589f1cff782846631007ef3878466f287e8a4745e462a14cae5d
 ip default-gateway 10.195.11.1
 interface me1
  ip address dhcp
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 1
  switchport trunk native tagged
  switchport trunk allowed vlan 1,10-11,2074-2075
 interface ge2
  switchport mode access
  switchport access vlan 11
 interface vlan1
  ip address 192.168.10.1/24
 interface vlan11
  description Gerencia
  ip address 10.195.11.100/24
 interface vlan2074
  description wifi_visitantes
  ip address 10.195.40.10/22
 interface vlan2075
  description wifi_funcionarios
  ip address 10.195.37.2/24
 logging syslog debugging
!
ap7532 74-67-F7-03-26-44
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-032644
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-26-48
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-032648
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 1
  switchport trunk native tagged
  switchport trunk allowed vlan 1,11,2074-2075
 controller host 10.195.11.100 pool 1 level 1
 controller vlan 11
!
ap7532 74-67-F7-03-26-9C
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-03269C
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-26-A4
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-0326A4
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-26-B4
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-0326B4
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-28-78
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-032878
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-28-B0
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-0328B0
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-28-D8
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-0328D8
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-37-18
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033718
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-37-1C
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-03371C
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-37-20
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033720
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-37-C0
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-0337C0
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-37-E0
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-0337E0
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-37-E8
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-0337E8
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-38-08
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033808
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-38-34
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033834
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-38-54
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033854
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-38-80
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033880
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-3D-BC
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033DBC
 controller host 10.195.11.100 pool 1 level 1
!
ap7532 74-67-F7-03-3E-F0
 use profile AP-7532
 use rf-domain RF-SERPRO
 hostname ap7532-033EF0
 interface vlan11
  ip address 10.195.11.110/24
 controller host 10.195.11.100 pool 1 level 1
!
!
end
6
Hello,

I'm learning about as much wireless network as zebra equipments and I configured one network with 2 ssid. After a long time I finally made it. The users connect on both SSID, they go to internet and so on, but sometimes, during not only roaming, they are disconnected and the system ask for another authentication via Captive Portal.

What could be wrong?
Thanks a lot.

!
! Configuration of RFS7000 version 5.8.4.0-034R
!
!
version 2.5
!
!
client-identity-group default
 load default-fingerprints
!
ip access-list BROADCAST-MULTICAST-CONTROL
 permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
 permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
 deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
 deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
 deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
 permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
 permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
 permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
ip snmp-access-list default
 permit any
!
firewall-policy default
 no ip dos tcp-sequence-past-window
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
 qos trust dscp
 qos trust wmm
!
radio-qos-policy default
!
aaa-policy esaf01_AAA
 authentication server 1 onboard controller
 authentication server 1 proxy-mode through-controller
 authentication server 1 dscp 46
 accounting server 1 onboard controller
!
aaa-policy esaffuncionarios
 authentication server 1 host 10.10.10.40 secret 0 XXXXXXXXXXX
 authentication server 1 proxy-mode through-controller
 accounting server 1 host 10.10.10.40 secret 0 XXXXXXXXXXX
 accounting server 1 proxy-mode through-controller
!
dns-whitelist dns_listabranca
 permit XXXXXXXXXXX.gov.br suffix
!
captive-portal Portal
 access-time 720
 inactivity-timeout 21600
 server host 10.195.40.10
 server mode centralized
 simultaneous-users 2000
 webpage internal org-name ESAF
 webpage internal org-signature ESAF
 webpage internal login footer Entre em contato com o administrador caso encontre algum problema.
 webpage internal login main-logo XXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal login org-background-color #ffffff
 webpage internal login org-font-color #003300
 webpage internal login body-background-color #ffffff
 webpage internal welcome main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal welcome title Seja bem vindo
 webpage internal fail header O acesso foi negado.
 webpage internal fail main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal fail title Falha
 webpage internal agreement header Seja bem vindo
 webpage internal agreement main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal agreement title ESAF
 webpage internal acknowledgement main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal registration description Por favor encontre um momento para registrar-se.
 webpage internal registration header Bem vindo
 webpage internal registration main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal no-service main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 accounting radius
 use aaa-policy esaf01_AAA
 use dns-whitelist dns_listabranca
 webpage internal registration field city type text enable label "City" placeholder "Enter City"
 webpage internal registration field street type text enable label "Address" placeholder "123 Any Street"
 webpage internal registration field name type text enable label "Full Name" placeholder "Enter First Name, Last Name"
 webpage internal registration field zip type number enable label "Zip" placeholder "Zip"
 webpage internal registration field via-sms type checkbox enable title "SMS Preferred"
 webpage internal registration field mobile type number enable label "Mobile" placeholder "Mobile Number with Country code"
 webpage internal registration field age-range type dropdown-menu enable label "Age Range" title "Age Range"
 webpage internal registration field email type e-address enable mandatory label "Email" placeholder
 webpage internal registration field via-email type checkbox enable title "Email Preferred"
!
captive-portal PortalFuncionario
 access-time 720
 inactivity-timeout 21600
 server host 10.195.37.2
 server mode centralized
 simultaneous-users 200
 webpage internal org-name ESAF
 webpage internal org-signature ESAF
 webpage internal login description Conecte-se com nome e senha
 webpage internal login footer Conecte-se com nome e senha
 webpage internal login header Conecte-se com nome e senha
 webpage internal login main-logo XXXXXXXXXXXXX.br/imagens/logoesafidg.jpg
 webpage internal login main-logo use-as-banner
 accounting radius
 use aaa-policy esaffuncionarios
 use dns-whitelist dns_listabranca
 webpage internal registration field city type text enable label "City" placeholder "Enter City"
 webpage internal registration field street type text enable label "Address" placeholder "123 Any Street"
 webpage internal registration field name type text enable label "Full Name" placeholder "Enter First Name, Last Name"
 webpage internal registration field zip type number enable label "Zip" placeholder "Zip"
 webpage internal registration field via-sms type checkbox enable title "SMS Preferred"
 webpage internal registration field mobile type number enable label "Mobile" placeholder "Mobile Number with Country code"
 webpage internal registration field age-range type dropdown-menu enable label "Age Range" title "Age Range"
 webpage internal registration field email type e-address enable mandatory label "Email" placeholder
 webpage internal registration field via-email type checkbox enable title "Email Preferred"
!
wlan ESAF-01
 description ESAF-Visitantes
 shutdown
 ssid ESAF-Visitantes
 vlan 2074
 bridging-mode local
 encryption-type none
 authentication-type none
 no fast-bss-transition over-ds
 use captive-portal Portal
 captive-portal-enforcement
 ip dhcp trust
!
wlan ESAFFuncionarios
 description ESAF-Servidores
 ssid ESAF-Funcionarios
 vlan 2075
 bridging-mode local
 encryption-type none
 authentication-type none
 wireless-client inactivity-timeout 21600
 wireless-client cred-cache-ageout 43200
 wireless-client vlan-cache-ageout 43200
 use aaa-policy esaffuncionarios
 use captive-portal PortalFuncionario
 captive-portal-enforcement
 relay-agent dhcp-option82
!
wlan ESAFVISITANTES
 ssid ESAF-Visitantes
 vlan 2074
 bridging-mode tunnel
 encryption-type none
 authentication-type none
 wireless-client inactivity-timeout 21600
 wireless-client cred-cache-ageout 43200
 wireless-client vlan-cache-ageout 43200
 wing-extensions move-command
 wing-extensions scan-assist
 wing-extensions ft-over-ds-aggregate
 use aaa-policy esaf01_AAA
 use captive-portal Portal
 captive-portal-enforcement
!
smart-rf-policy smartrfbasico
 group-by area
!
7
I understand management is much easier when you put them in the same vlan, done that with most of the other rollouts of ap's in combination with the rfs7000.

But in this specific case the requirement is to separete them . Only for rf domain manager purposes they have to be visible for each other. That's why i was thinking of placing all ap's in a separate vlan for rf-domain control purposes only.
8
There's no need to have the APs themselves on separate subnets. You'll find things much easier to manage if you put them all in the same vlan, and then manage them by setting their areas and profiles.
9
Hi Guys,

Been struggling with getting the right setup/ configuration for a mixed environment of ap6532 and ap7532 both on differtent subnets.
 
the situation is :
local floor all ap6532 ap's subnet A / ap6532 profile (vlan 1 untagged / others tagged)
first floor and second floor all ap7232 ap's subnet B / ap7532 profile (vlan 3 untagged/ others tagged)
Both are adopted by an rfs7000 in a Datacenter and are doing smart-rf per floor.

Following the documentation i needed to configure one rf-domain but for mint2 links to work right i need to configure a control vlan otherwise all ap's are adopted by the adoption controller wich is then the rf-domain manager for this RF-domain (current situation, but in case of line failure not future proof). But since both ap's are on differtent subnets segementated by vlan's how am i able to archieve this??

Was thinking of creating a separate vlan voor control purposes , on the other hand is this really the way to go?
10
Hi,

FYI I was able to reproduce the issue and fix it:

set the LACP keys once more on the ports.

So my normal procedure was - with a fully configured and working LACP trunk as starting point:
no lacp aggr enable
add new vlans to the ports
lacp aggr enable



Last weekend we had to add some more VLANs on our backbone links (2x10g between the two stacks) and yes, the show mlt output stopped even listing those two.
Out of paranoia I re-did some of the LACP settings, including the LACP admin key.

4526GTX(config)#interface fastEthernet 1/25-26
4526GTX(config-if)#lacp aggregation enable
4526GTX(config-if)#lacp key 42
4526GTX(config-if)#lacp mode active
4526GTX(config-if)#lacp timeout-time short


With that extra step the bug is avoided.
For clarity - in a show running-config you'd still see the LACP key. but something was off, and re-configuring the same key does fix it.
Pages: [1] 2 3 ... 10