Network technologies and trends


August 22, 2009  8:46 AM

Configuring Multiple SSIDs in Cisco 1250 Access Points Series 6

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

In this post I will just post the snap shots for SSIDS ADMIN and GUEST, where you can see the SSIDS are connected, they got an IP address and they can ping the default gateway as well. It’s just to confirm  connectivity.

ADMIN SSID Connectivity

The PC is getting an IP from the DHCP Server for the SSID ADMIN  and VLAN 101

The PC can ping the default gateway

GUEST SSID Connectivity

The PC is getting an IP from the DHCP Server for the SSID GUEST and VLAN 102

 The PC can ping the default gateway

So with this I will conclude this series. If any body have any comments please do comment.

August 18, 2009  7:47 AM

Configuring Multiple SSIDs in Cisco 1250 Access Points Series 5

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 

Dear all lets proceed further with the configuration of the Cisco Catalyst 3560 Switch

 

Configure the Cisco Catalyst 3560 Switch.

 

In this step we will configure the Cisco Catalyst 3560 Switch port which is connected to the Cisco Aironet 1250 Series Access Point to the wired network. We will configure the Cisco Catalyst 3560 Switch port, which is connected to the Cisco Aironet 1250 Series Access Point as trunk port because this port will carries traffic for all the VLANs on the wired network. In our case the VLANs are VLAN 101, 102 and the native VLAN 100.

When you configure the Cisco Catalyst 3560, which connects to the Cisco Aironet 1250 Series Access Point ,ensure that the native VLANs that you configure match the native VLAN on the Cisco Aironet 1250 Series Access Point. Otherwise, frames are dropped. In order to configure the trunk port on the Cisco Catalyst 3560 Switch, use the following commands from the CLI on the Cisco Catalyst 3560 switch:

Note: In our scenario the Cisco Aironet 1250 Series Access Point is connected to a Cisco Catalyst 3560 Switch to the port number Giga Ethernet 0/20

ITKE-Cisco(config)#interface interface gigabitEthernet 0/20

ITKE-Cisco(config-if)# switchport mode trunk

ITKE-Cisco(config-if)#switchport trunk encapsulation dot1q

ITKE-Cisco(config-if)#switchport trunk native vlan 100

ITKE-Cisco(config-if)#switchport trunk allowed vlan 101,102

ITKE-Cisco(config-if)#switchport nonegotiate

ITKE-Cisco(config-if)#

 

(The above commands configures the Giga Ethernet port 0/20  as trunk port, with a dot1q encapsulation , with VLAN 100 as a native trunk VLAN ).

 

Note: Cisco IOS Software-based Aironet wireless equipment does not support Dynamic Trunking Protocol (DTP). Therefore, the Cisco Catalyst 3560 must not try to negotiate DTP.

With this configuration we have successfully completed the configuration of multiple SSIDs in the Cisco Aironet 1250 Series Access Point . In the coming post I will post the snap shots for the connection established to SSIDS ADMIN and GUEST. Basically we will test the connectivity with the ping command.

 

 


August 17, 2009  5:40 AM

Configuring Multiple SSIDs in Cisco 1250 Access Points Series 4

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 

In the previous post we looked at configuration of the VLANs and SSIDS in a Cisco Aironet 1250 Series Access Point.  The final configuration in the Cisco Aironet 1250 Series Access Point should be as follows, I am just posting the complete running configuration from the Cisco Aironet 1250 Series Access Point

 

 

ITKE-AP-01# show running-config

Building configuration…

 

Current configuration : 2693 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ITKE-AP-01

!

enable secret 5 $1$d1hx$IvRMqYGHs0JXjIgy8/.Ms0

!

no aaa new-model

!

!

!

dot11 ssid ADMIN

   vlan 101

   authentication open

!

dot11 ssid GUEST

   vlan 102

   authentication open

   guest-mode

   mbssid guest-mode

!

power inline negotiation prestandard source

!

!

username Cisco password 7 00271A150754

!

bridge irb

!

!

interface Dot11Radio0

 no ip address

 no ip route-cache

 !

 ssid ADMIN

 !

 ssid GUEST

 !

 mbssid

 station-role root

!

interface Dot11Radio0.100

 no ip route-cache

!

interface Dot11Radio0.101

 encapsulation dot1Q 101

 no ip route-cache

 bridge-group 101

 bridge-group 101 subscriber-loop-control

 bridge-group 101 block-unknown-source

 no bridge-group 101 source-learning

 no bridge-group 101 unicast-flooding

 bridge-group 101 spanning-disabled

!

interface Dot11Radio0.102

 encapsulation dot1Q 102

 no ip route-cache

 bridge-group 102

 bridge-group 102 subscriber-loop-control

 bridge-group 102 block-unknown-source

 no bridge-group 102 source-learning

 no bridge-group 102 unicast-flooding

 bridge-group 102 spanning-disabled

!

interface Dot11Radio0.100

 encapsulation dot1Q 100 native

 no ip route-cache

 bridge-group 1

 bridge-group 1 subscriber-loop-control

 bridge-group 1 block-unknown-source

 no bridge-group 1 source-learning

 no bridge-group 1 unicast-flooding

 bridge-group 1 spanning-disabled

!

interface Dot11Radio1

 no ip address

 no ip route-cache

 !

 ssid ADMIN

 !

 dfs band 3 block

 channel dfs

 station-role root

 bridge-group 1

 bridge-group 1 subscriber-loop-control

 bridge-group 1 block-unknown-source

 no bridge-group 1 source-learning

 no bridge-group 1 unicast-flooding

 bridge-group 1 spanning-disabled

!

interface GigabitEthernet0

 no ip address

 no ip route-cache

 duplex auto

 speed auto

!

interface GigabitEthernet0.101

 encapsulation dot1Q 101

 no ip route-cache

 bridge-group 101

 no bridge-group 101 source-learning

 bridge-group 101 spanning-disabled

!

interface GigabitEthernet0.102

 encapsulation dot1Q 102

 no ip route-cache

 bridge-group 102

 no bridge-group 102 source-learning

 bridge-group 102 spanning-disabled

!

interface GigabitEthernet0.100

 encapsulation dot1Q 100 native

 no ip route-cache

 bridge-group 1

 no bridge-group 1 source-learning

 bridge-group 1 spanning-disabled

!

interface BVI1

 ip address 10.0.0.99 255.255.254.0

 no ip route-cache

!

ip default-gateway 10.0.0.1

ip http server

no ip http secure-server

bridge 1 route ip

!

!

!

line con 0

line vty 0 4

 login local

!

end

 

ITKE-AP-01#

 

In my next post as promised I will post the configuraton for the Cisco Catalyst 3560 Switch.


August 16, 2009  4:53 AM

Configuring Multiple SSIDs in Cisco 1250 Access Points Series 3

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 

In today’s entry we will focus on configuration of VLANs and SSIDs in a Cisco Aironet 1250 Series Access Point. The procedure is as follows.

 

Configure

 

In this section, you will see the configuration steps required to complete the above mentioned scenario.

 

1st Step: Configure the Native VLAN on the Cisco Aironet 1250 Series Access Point

The Native VLAN is a VLAN to which the Cisco Aironet 1250 Series Access Point and the Cisco Catalyst 3560 Switch are connected. Native VLAN of the Cisco Aironet 1250 Series Access Point is usually different from the other VLANS configured in the Cisco Aironet 1250 Series Access Point (In our case VLAN 101 and VLAN 102). The IP address used for the management of the Cisco Aironet 1250 Series Access Point is assigned to its BVI Interface and the IP address assigned is in the native VLAN. (In our case VLAN 100). . The traffic, for example, management traffic, sent to and by the Point itself assumes the native VLAN (VLAN 100), and it is untagged. All untagged traffic that is received on an IEEE 802.1Q (dot1q) trunk port is forwarded with the native VLAN (VLAN 100) that is configured for the port. If a packet has a VLAN ID that is the same as the native VLAN ID of the sending port, the Cisco Catalyst 3560 Switch sends the packet without a tag. Otherwise, the switch sends the packet with a tag.

In order to configure a native VLAN on a Cisco Aironet 1250 Series Access Point, issue the following commands in the global configuration mode on the Cisco Aironet 1250 Series Access Point

 

ITKE-AP-01(config)#interface gigabitEthernet 0.100

ITKE-AP-01(config-subif)# encapsulation dot1Q 100 native

ITKE-AP-01(config-subif)#exit

 

(The above commands will configure the encapsulation as dot1q and assign VLAN 100 as the native VLAN on the Giga Ethernet interface.)

 

ITKE-AP-01(config)#interface dot11radio 0.100

ITKE-AP-01(config-subif)# encapsulation dot1Q 100 native

ITKE-AP-01(config-subif)#exit

 

(The above commands will configure the encapsulation as dot1q and assign VLAN 100 as the native VLAN on the radio interface.)

 

 

2nd Step: Configure the SSIDs on the Cisco Aironet 1250 Series Access Point

In this step we will configure two VLANs (VLAN 101 & VLAN 102) one for the ITKE administration department and other for the guest users only with an internet access.  The SSIDs are also need to be associated with specific VLANS as shown below.

 

·         VLAN 101 for the ITKE administration department and uses the SSID ADMIN.

·         VLAN 102 for the guest users and uses the SSID GUEST.

 

In order to configure a VLAN101 and 102 on a Cisco Aironet 1250 Series Access Point, issue the following commands in the global configuration mode on the Cisco Aironet 1250 Series Access Point

 

ITKE-AP-01(config)#dot11 ssid ADMIN

ITKE-AP-01(config-ssid)#authentication open

ITKE-AP-01(config-ssid)#vlan 101

 (The above commands will create an ssid ADMIN, assigned to VLAN 101 and with an open authentication.)

 

ITKE-AP-01(config)#dot11 ssid GUEST

ITKE-AP-01(config-ssid)#authentication open

ITKE-AP-01(config-ssid)#vlan 102

(The above commands will create an ssid GUEST, assigned to VLAN 102 and with an open authentication).

 

ITKE-AP-01(config)#interface gigabitEthernet 0.101

ITKE-AP-01(config-subif)#encapsulation dot1Q 101

ITKE-AP-01(config-subif)#bridge-group 101

ITKE-AP-01(config-subif)#exit

ITKE-AP-01(config)#

(The above commands will set the encapsulation dot1q for VLAN 101 and assigns the sub interface to bridge group 101 to the giga Ethernet).

 

ITKE-AP-01(config)#interface dot11Radio 0.101

ITKE-AP-01(config-subif)#encapsulation dot1Q 101

ITKE-AP-01(config-subif)#bridge-group 101

ITKE-AP-01(config-subif)#exit

ITKE-AP-01(config)#

 

(The above commands will set the encapsulation dot1q for VLAN 101 and assigns the sub interface to bridge group 101 to the sub interface on the radio interface).

 

 

ITKE-AP-01(config)#interface gigabitEthernet 0.102

ITKE-AP-01(config-subif)#encapsulation dot1Q 102

ITKE-AP-01(config-subif)#bridge-group 102

ITKE-AP-01(config-subif)#exit

ITKE-AP-01(config)#

(The above commands will set the encapsulation dot1q for VLAN 102 and assigns the sub interface to bridge group 102 to the giga Ethernet).

 

ITKE-AP-01(config)#interface dot11Radio 0.102

ITKE-AP-01(config-subif)#encapsulation dot1Q 102

ITKE-AP-01(config-subif)#bridge-group 102

ITKE-AP-01(config-subif)#exit

ITKE-AP-01(config)#

(The above commands will set the encapsulation dot1q for VLAN 101 and assigns the sub interface to bridge group 101 to the sub interface on the radio interface).

 

3rd Step: Assign the multiple SSIDs to the radio interface on the Cisco Aironet 1250 Series Access Point

 

ITKE-AP-01(config)#interface dot11Radio 0

ITKE-AP-01(config-if)#ssid ADMIN

ITKE-AP-01(config-if)#ssid GUEST

ITKE-AP-01(config-if)#mbssid

(The above commands assigns the multiple SSIDs ADMIN and GUEST  to the radio interface dot11radio 0 ).

 

Note: The SSIDs ADMIN and GUEST are configured for open authentication, For information on how to configure different authentication types on the Cisco Aironet 1250 Series Access Point , refer the Cisco document “Configuring Authentication Types”.

In next post we will look at the configuration for the Cisco 3560 Switch .


August 15, 2009  5:41 AM

With Cisco’s Telepresence you can win 3000 $!

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 

Why do want Cisco TelePresence ?  Answer this question in a video format, and submit your entries before 8th of September 2009 and win 3000 $.

 

 Amazing right!  Cisco TelePresence recently launched a video contest “Why I Want Cisco TelePresence”

The video contest is designed to entice individuals from around the world to submit their ideas about why or how they would like to use Cisco TelePresence in their work lives – how they might connect to co-workers or peers in other locations; the benefits they would uniquely reap; why they would be the ideal person to use a Cisco TelePresence system. Winners in two categories, Productivity and Shaping the Future, have a chance to win $3,000 each.

[kml_flashembed movie=”http://www.youtube.com/v/FMqB88AsqDM” width=”425″ height=”350″ wmode=”transparent” /] 

 

The Contest is open to individuals who: (1) are at least 21 years of age as of the Contest start date and (2) work or have worked within a professional organization that uses technology. Submission period ends at September 8, 2009 at 11:59 p.m.


August 13, 2009  8:56 AM

Configuring Multiple SSIDs in Cisco 1250 Access Points Series 2

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

In order to configure multiple SSIDs in a Cisco Aironet 1250 Series Access Point, we will follow the following scenario,

 

The Scenario is based on following hardware and software versions.

 

Cisco Aironet 1250 Series Access Point runs with an IOS Version 12.4(10b) JDA3.

Cisco Catalyst 3560 Switch runs with an IOS version 12.2(44) SE1.

Cisco Catalyst 6500 Series Switch runs with an IOS version 12.2(18) SXF14.

 

The Cisco Aironet 1250 Series Access Point has three VLANs, – VLAN 100, VLAN 101 and VLAN 102. VLAN 100 will be the native VLAN, VLAN 101 for the ITKE admin department and VLAN 102 for the guest users. The Wireless users who belong to ITKE admin department must connect to the Cisco Aironet 1250 Series Access Point and should be able to connect the ITKE admin department users on the wired network which is VLAN 101.

 

The wireless guest users should be able to connect to the Internet Gateway or web server which is on the wired segment of VLAN 102.

A Cisco Catalyst 3560 Switch is connected to the Cisco Aironet 1250 Series Access Point at the access layer and the Cisco Catalyst 3560 Switch is also connected to the Cisco Catalyst 6500 Switch at the Core/Distribution layer). All VLANs are created in the Cisco Catalyst 6500 Switch which is beyond the scope of this document. (If any one feels he or she needs the sample configuration for the VLANs in the Cisco Catalyst 6500 switch it can be provided in the comments section of this blog entry).

 

A windows 2003 Server is used as a DHCP server which provides the IP address for both the VLANs VLAN 101 and VLAN 102. A DHCP scope has to be configured for both VLANS in the windows 2003 Server which is also beyond the scope of this document. But I am just adding the snap shot from the DHCP Server.

 

The following IP Address Scheme is applied for the VLANs

 

VLAN 100– 10.0.0.0 /23 (NATIVE VLAN)

VLAN 101 – 10.2.0.0/23

VLAN 102– 10.4.0.0/23

 

Following are the IP address used for the devices in this document.

 

·         The Cisco Aironet 1250 Series Access Point Bridge-Group Virtual Interface (BVI) IP Address (VLAN 100) 10.0.0.99.

 

·         Windows 2003 DHCP Server with an IP address 10.0.1.100 with VLAN scopes configured

 

·         Web Server with an IP Address 10.4.0.100.

 

·         Wireless Clients (SSID ITKE) gets connected to VLAN 101 gets an IP address from the Windows 2003 DHCP Server from the subnet 10.2.0.0.

 

·         Wireless Clients (SSID Guest) gets connected to VLAN 102 gets an IP Address from the Windows 2003 DHCP Server from the subnet 10.4.0.0.

In my next post I will post the configuration steps required to carry out the above motioned task. Until then do leave your comments for any future improvements or suggestions.


August 11, 2009  6:40 AM

Manage Engine releases Netflow Analyzer 7.5

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 

In one of my past posts, I mentioned about the Scrutinizer netflow analyzer, still I am testing some more netflow analyzers . Manage Engine recently released the latest version of its Manage Engine Netflow Analyzer 7.5.

 

So I though let me try the demo version of Manage Engine Netflow Analyzer 7.5, the new version features a customizable administrator dashboards allows an IT administrator to monitor the critical parts of the network infrastructure.

 

The new  Manage Engine Netflow Analyzer 7.5 ‘s Site-to-Site traffic monitoring capability helps businesses track network traffic patterns between separate physical locations, ensuring business-critical applications have the right amount of bandwidth allocated for maximum performance. This level of understanding is vital for the day-to-day performance of existing applications, as well as for planning infrastructure growth. It is also key to IT departments that chargeback business units for the volume of network traffic generated, and for service providers who bill customers based on volume and speed.

 

Some of the features of Manage Engine  Netflow Analyzer 7.5 are as follows

Network Bandwidth Monitoring

Bandwidth Reporting

Netflow Monitoring

Network Traffic Analysis

Site to site traffic monitoring

Application Performance Optimization

Network Security

Netflow Reporting

Automating Reports

Customizable Dashboard

 

 

The Manage Engine Netflow Analyzer 7.5 is worth trying the demo version for 30 days.  The good thing about the Manage Engine Netflow Analyzer 7.5 is the enhanced reporting tool, customizable dash board and ease to manage and install.


August 8, 2009  6:18 AM

Configuring Multiple SSIDs in Cisco 1250 Access Points Series 1

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 

Recently we purchased plenty of Cisco Aironet 1250 Series Access Points, unfortunately we don’t have any Wireless LAN controllers to manage the Cisco Aironet 1250 Series Access Points.  Previously we were using HP Procurve 503 and 420 access points with multiple SSIDs with different VLANS, which was quite simple and easy to manage.

Whereas with the Cisco Aironet 1250 Series Access Points, configuring multiple SSIDs was an uphill task. As there was no proper documentation or configuration scenarios available particularly for Cisco Aironet 1250 Series Access Points in the Cisco Web Site.   I did some research and  tried few things and finally managed to configure the Cisco Aironet 1250 Series Access Points, with multiple SSIDs. In my next post I will come up the scenario and sample configuration which can be used to create multiple SSIDs in a Cisco Aironet 1250 Series Access Point.


August 4, 2009  4:58 AM

Webinar “Guide to CCNA Wireless Certification” on 5th of August

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 

Cisco Press author Brandon Carroll is offering a CCNA Wireless Intro Webinar Aug of August 2009, the details of the Webinar is as follows, it’s good for the individuals who are aiming at CCNA Wireless Certification (IUWNE 640-721).

Topic:   Guide to CCNA Wireless Certification

Session dates:  

11:30 am, Pacific Daylight Time (San Francisco, GMT-07:00)

Duration:   30 minutes

 Presenters:   Ascolta 2

Description:   This webinar provides information on other resources recommended for CCNA Wireless study as well as a look at what one can expect if taking a self-study path, a self-study path with some practice using production equipment, or an instructor-led course with dedicated lab equipment.

Who Should Attend: Those beginning the CCNA Wireless or considering the CCNA Wireless Certification track would benefit from attending as well as those that want a look at the technical content in the IUWNE v1.0 course.

Instructor Name: Brandon Carroll

Host’s name:   Ascolta 2

Register now


August 1, 2009  6:19 AM

Chance to win a Flip Video Camcorder from Cisco!

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Starting 3rd of August, 2009, Cisco Systems is giving away 15 Flip Video Camcorders on twitter. The Flip Video Camcorders could be yours by following the three simple steps.


Watch!
Every business day for 3 weeks, Cisco will ask a different question from
http://www.twitter.com/DigitalCribs  about the new Digital Cribs webisodes featuring Paul Van Dyk, Graham Hill, and Martha Lane Fox. Watch the videos, tweet the answer to the daily question, and follow @DigitalCribs to find out if The Flip is yours!

Tweet!
To enter the contest, tweet the correct answer via @reply and include the hashtag #DigitalCribs.

Win!
Cisco will randomly choose one winner per day to win a new Flip VideoTM camcorder. Winners will be listed there and announced via our Twitter account, @DigitalCribs, every day before they post the next question.

 


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: