When authenticating l2tp-ipsec users against the local database on an ASA, you must use the mschap keyword when creating the user accounts:
username l2tp password secret mschap
When authenticating l2tp-ipsec users against the local database on an ASA, you must use the mschap keyword when creating the user accounts:
username l2tp password secret mschap
I was working on a CUWN deployment in a healthcare environment with the following Charcteristics :
The Site also had existing 1242 AP’s connected to the controller, however these where geographically seperate from the new deployment.
Everything was installed, configured and appeared to be running correctly, until after several days the 7921’s were having issues connecting. The following Symptoms were displayed:
Once a 1252 was affected the only way to rectify the issue was to perform one of the following:
It should be noted that merly rebooting the AP would not fix the issue.
OK, time to call TAC.
With TAC’s assistance I took the following action:
I always found it odd that I couldn’t negate terminal commands in IOS like other commands.
Eg; no Terminal Monitor
I just assumed it wasn’t there, until I saw another engineer execute to disable term mon.
Router# terminal no monitor
It seems in IOS the terminal commands are special in that they require the terminal key word before the no keyword to negate sub-commands.
I have been involved with a CUWN deployment using 1252 AP’s in a healthcare environment. Several of the Access-points were making buzzing noises whilst operating but for all intents and purposes were functioning ok.
I knew these units probably needed to be replaced but I hadn’t had the time to report the issue to TAC and get a replacement.
Well apparently I’m not alone. Jeremy at ciscoblog.com has mentioned the same issue showing up in a TAC Field notice. There is even a web tool for checking your serial numbers if they are affected.
The Field notice mentions issues with radio communication whilst buzzing, however I haven’t experienced these issues.
Thanks Jeremy!
If you are using a Cisco Wireless Lan Controller and want to Authenticate your phones using PEAP, make sure you adjust the eap request-timeout with the following command on the CLI of the controller :
config advanced eap request-timeout 20
make sure you type “save config” to write the change to flash.
I had a need to be able to quickly turn the wireless interface on/off on a 1231G Access point.
I wrote this simple Perl Script to logon too the AP via telnet and issue a “No shutdown” on the interface. To Sutdown the interface I use an identical script to perform a “Shutdown”.
You could then have both scripts on your desktop to easily toggle the state of the wireless, or you could do what I do and put the scripts in the start menu and use Launchy to run the scripts.
The Script uses Net::Telnet::Cisco , which can be installed with Perl Package Manager using the following command:
ppm install Net-Telnet-Cisco
APWirelessOn.pl
##
# Filename – APWirelessOn.pl
# Version – 0.1
# Creator – reloadin10
# contact – reloadin10.wordpress.com
# Description – Performs a no shutdown on a specified Cisco AP Interface
##
use Net::Telnet::Cisco;
# Define your variables here
$host=’1.1.1.1′;
$user=’username’;
$pass=’password’;
$enable=”enablePassword”;
#CODE
my $session = Net::Telnet::Cisco->new(Host => $host);
$session->login($user,$pass);
if ($session->enable($enable) ) {
$session->cmd(‘config terminal’);
$session->cmd(‘interface dot11Radio0’);
$session->cmd(‘no shutdown’);
} else {
warn “Can’t enable: ” . $session->errmsg;
}
$session->close;
Bit off topic for this blog but anyway….
If you are setting up a server with an Intel S5000PAL and have an unknown PCI device in the device manager, with the following Device Instance ID:
PCI\VEN_8086&DEV_2681&SUBSYS_346C8086&REV_09\3&11583659&0&FA
The driver you want is the S5000 Based Server AHCI SATA Storage Driver for Windows
When configuring a PIX 6.x to use the PPPoE client on the outside interface, if you recieve the following error :
“PPPoE: Unsolicited PADO, Invalid session state”
It probably means you’re as dumb as I am and didn’t specify a vpdn username with the following command :
pix(config)#vpdn username <username from ISP> password <Password>
One of our clients recently rolled out a series of VG224 voice gateways to provide analogue services in a residential deployment. Everything was running smoothly until one of the tenants wanted to know how to forward all his calls out to a mobile phone.
I remembered reading that this is supported if the VG224 is registering using Skinny, but couldn’t find any documentation on what the codes were.
I ended up finding the answer on an archived post from the [cisco-voip] mailing list.
To Enable Call Forward All on a VG224 you require the following command :
VG224(Config)#stcapp feature access-code
To View the Access Codes use the following Command:
VG224#sh stcapp feature codes
VG224 Output:
stcapp feature access-code
prefix **
call forward all **1
call forward cancel **2
pickup local group **3
pickup different group **4
pickup direct **6
stcapp feature speed-dial disabled
It is possible to use 3rd party SFP’s in a Cisco 3750 with the following commands:
Switch(config)#service unsupported-transceiver
and
Switch(config)#no errdisable detect cause gbic-invalid
The first command will generate the following warning from cisco :
” Warning: When Cisco determines that a fault or defect can be traced to
the use of third-party transceivers installed by a customer or reseller,
then, at Cisco’s discretion, Cisco may withhold support under warranty or
a Cisco support program. In the course of providing support for a Cisco
networking product Cisco may require that the end user install Cisco
transceivers if Cisco determines that removing third-party parts will
assist Cisco in diagnosing the cause of a support issue.”
I wouldn’t recommend using non-Cisco SFP’s in production environments, but for a lab save the bucks and go for it.