Posted on

Subordinate Controlling of 1562E Wireless AP with 1850 AP

What do you do when it’s time to upgrade your wireless access point infrastructure? In many ways an upgrade that has basic wireless access point functions plus a few extra functions that you should need if you really want to upgrade.

“I am purchasing 1850 wireless AP series indoor AP so I can use it as an AP and controller at the same time, and I also need an outdoor 1562e wireless AP. But in the data sheet of 1562e AP it says that it supports Cisco mobility express solution, but in the mobility solution subordinate list the 1562e is not mentioned.

So question that came across my mind is that can1562e AP be controlled by 1850 AP or not?”

Discussion with experts revealed that:

Subordinate controlling depends on the firmware the Master AP is running on.  1562e AP is supported starting from 8.3.112.0.  So this means the Master AP must be running, at least, Mobility Express firmware version 8.3.112.0.

Cisco Mobility Express Solution Release Notes states, “all the APs that are supported as Master APs are also supported as subordinate APs”.  Since 1562e AP is supported as Master AP it then also means that the 1562e AP will also be supported as a Subordinate AP.

Posted on

Identification of FRAMES for VOICE and VIDEO over WiFi Multimedia (VMM)

Now a days users are experiencing the convenience of wireless connectivity and they are demanding support for the same applications they ran over wired networks. Quality of service is increasingly important in 802.11 networks because wireless bandwidth availability is restricted.

To support bandwidth-sensitive applications like voice and video, IEEE proposed a new standard 802.11e. The Wi-Fi Multimedia (WMM) specification is a subset of 802.11e. Makers of wireless access points as well as wireless client devices such as laptops, phones, and consumer electronics products have started to incorporate support for WMM into their products. WMM stipulates different fixed and random wait times for the four prioritization categories (voice, video, best effort, and background) to provide more favorable network access for applications that are less tolerant of packet delays. Devices that have less time to wait have a better chance of being able to transmit than those that have a longer wait.

In this wireless scenario service providers need a facility if they can identify which frames are voice, video or others just also like wired network, to let the service provider to mark it when send it. Now the question is how is it possible?

The solution is service providers can use AVC to identify and remark traffic after it enters the AP. For example, if a video packet was sent unmarked with a WMM UP Value (Access Category – AC) of 0 and no DSCP markings at the AP level (in newer version of 8.0) identify the traffic as say Facetime traffic. The AP can set the outer DSCP markings of that packet to whatever is chosen let say 34. It will be sent via the wired network encapsulated in CAPWAP to the controller. The controller can then mark the return traffic with 34 as it sends data to the AP. The AP will then use its DSCP to UP Value lookup table to mark the traffic with an UP Value of 4 or 5. The effect of this is the AP will queue this frame in a higher priority queue and therefore will have a lower cw min and cw max value.

A service provider would have to mark his own traffic he wants to transmit to the AP to ensure he gets the priority he needs. Some service providers just don’t mark traffic. Another issue is a service provider on Free Wi-Fi can choose to set his WMM value to 6 or 7 and take priority away for his more important clients. Luckily service provider can change the markings on the return traffic to whatever he wants.

Posted on

Cisco ACS Server MAC address authentication or MAC filters

The existence of any organization is definitely on the computer networks it holds. Today, not even a single organization could be found without computers in them. Each and every bit of work is done on computers. The man power is almost taken by computers now and one should be very careful about Network Support for Computer Network Security. Network Support in fact is the main thing in Computer Network Security. Apart from many other methods of network security MAC authentication or MAC address filters are also used for this purpose.

MAC authentication or MAC address filters allow or disallow the forwarding of unicast and multicast packets either sent from or addressed to specific MAC addresses. You can create a filter that passes traffic to all MAC addresses except those you specify, or you can create a filter that blocks traffic to all MAC addresses except those you specify. You can apply the filters you create to either or both the Ethernet and radio ports and to either or both incoming and outgoing packets.

Here question arises that how many MAC authentication or MAC address filters can be configured?

The steps to configure MAC authentication on the ACS server and AP are:

  1. Go to Server Manager

In the Corporate Servers –>Current Server List

  • Select the Radius Server in the drop down.
  • Specify the Server IP address in the Server: field
  • Specify the Shared Secret in the Shared Secret: field
  • Set the Authentication Port (optional): 1645 and the Accounting Port (optional): 1646
  • Click on Apply
  • In the Default Server Priorities and under MAC Authentication
  • In the drop down Priority 1: select the IP address of the ACS server and click on Apply
  1. Go to SSID Manager

Select the SSID, in case a new SSID needs to be created create a new SSID.

  • In Authentication Settings –> Methods Accepted: –> check on Open Authentication:
  • Select with Mac Authentication from the drop down menu.
  • Click on the Apply all button to save this setting
  1. Go to Advanced Security
  • In the MAC Address Authentication –>MAC Addresses Authenticated by:
  • Select Authentication Server Only and click on Apply

On the ACS server Create Users with user names and password set to the MAC address of the clients. These user names/passwords should NOT have any spaces or dots in between them.

Note: Using the CLI, you can configure up to 2,048 MAC addresses for filtering. Using the web-browser interface, however, you can configure only up to 43 MAC addresses for filtering.

Posted on

Network Devices Management Interface setup

Where are your most important files located? The network! So that these files can be accessed from anywhere. Most employees in a business know where to find what they use on a regular basis, but what if a key point on network is blocked? VLAN management is an important aspect of managing a business network.

Consider you are using IP addresses of the Native VLAN for your networking devices. Now you are not able to access from other VLAN and want to enable Internet Traffic to your Management interface. What will you do?

The tips below are as a starting point for enabling Internet Traffic to your Management interface:

Management interface is segregated from the current routing control plane so if there is an issue and the device goes into a spin say with a loop or CPU hog you can still access the router through a backdoor management (MGMT) port that’s physically separate and built for that purpose

But if the device goes haywire that port would also go offline, leaving you without any access, MGMT ports are like another form of console port basically with a few extra options, you have them in use but use them as a parallel network for the purpose of reachability when there’s a major issue to a device

The actual physical separate MGMT port is not a full routable port, it is a stripped down Layer 3 port with only certain MGMT functions, it can’t be used for routing production traffic. It is in its own dedicated interface separate from the control plane of production traffic

The Ethernet management port supports these features:

  • Express Setup (only in switch stacks)
  • Network Assistant
  • Telnet with passwords
  • TFTP
  • Secure Shell (SSH)
  • DHCP-based auto configuration
  • SMNP (only the ENTITY-MIB and the IF-MIB)
  • IP ping
  • Interface features
    • Speed—10 Mb/s, 100 Mb/s, and auto negotiation
    • Duplex mode—Full, half, and auto negotiation
    • Loopback detection
  • Cisco Discovery Protocol (CDP)
  • DHCP relay agent
  • IPv4 access control lists (ACLs)

Hope you would have got an over view on usage of management interface or port through this article.

Posted on

SIP UDP 5060 issue with Cisco 1921 Router

Have you ever run into a situation where your router just won’t work as you expected or configured it and you don’t know why? It’s irritating when that happens to you, but it is potentially disastrous if it happens to a business network.

While your IT team should be able to handle most network problems, you can save a lot of time and money by handling these matters yourself. Presented here is an uncommon network problem and its possible solution.

Networking is a terrific way to make sure that your clients are able to move freely over the network while maintaining access to all their business requirements. However, you may face problem on cisco 1921 router where primarily voice traffic was going over UDP port 5060 before configuration but after re-routing / reconfiguration of voice traffic through t1 card of router, the traffic is flowing through different ports.

If you encounter this problem, try using this command “no ip nat service sip udp port 5060 ” to force the router to forward traffic on only selected number of UDP port. If by default this command is not available on router then add this command and see the difference.

Using this command might solve this problem, but it is also possible that you may need to use policy-based routing (PBR) technique or replace the hardware entirely.

Posted on

Executive Assistant | CHANDIGARH Location | Work from Home option available

Our company “Spooster IT Services” is looking for a responsible Assistant to the manager, to provide personalized secretarial and administrative support in a well-organized and timely manner. You will work on a one-to-one basis on a variety of tasks related to managers work and communication.

The associate would be required to work in an team environment in delivering the administrative needs of the senior management and other requirements that may arise on need basis.

Essential Functions of the Job: The primary role and responsibility of this position will be to work in a team environment and deliver admin services including, but not limited to:

Administrative Skills:
Administrative
Correspondence
Implementing Procedures
Maintaining Schedules
Office Management
Project Management
Research
Scheduling
Taking Messages
Taking Notes

Communications Skills:
Answer Phone
Communication
Email
Handling Inquiries
Networking
Screening Calls
Verbal Communications
Written Communications

Financial Skills:
Accounting
Budgeting
Purchasing

Technology Skills:
Computer (PC, Mac, tablet)
Microsoft Office
Reports

Salary:INR 1,50,000 – 4,00,000 P.A.
Industry: IT-Software / Software Services
Functional Area: Strategy , Management Consulting , Corporate Planning
Role Category:Corporate Planning/Consulting/Strategy
Role:Corporate Planning/Strategy Manager

Interested candidates can share profiles at support@spooster.com

Posted on

Screening Round for network engineer Job Opening

spooster job hiring

APPLICATION PROCESS

Congratulations for making it this far!

There are going to be five rounds of interview. The first round is the basic screening round where you will be judged on the following criteria:

  • Technical ability
  • Written English
  • Instructions following ability

 

 

Procedure to clear the first interview round:

1) Login to Cisco support forum using your Cisco ID.

https://supportforums.cisco.com/

If you do not have a Cisco ID yet, you can still go to the website and register for a new one free of cost.

 

2) Find Unanswered Questions:
Once you have logged in, you need to look at the Unanswered Questions on the website and try to answer at least one of them.

 

3) Submit your answer:
At the end of your answer, you will write your name and the words ‘Spooster IT Services’, and then submit your answer. This will enable us to track down your answer.

Here is an example. The candidate has gone through the question carefully and provided the correct answer. And ended the answer with his name and the words “Spooster IT Services” and then click on ‘Submit’.

cisco support forum answer

 

4) Email us the link:
After you have answered a question, you need to identify the URL of that page and email it to support@spooster.com

It will be picked up by one of our technical team members for evaluation.

We will then get back to you for further discussion and interview.

At any stage if you have questions, feel free to comment below or send us an email.

Or check our FAQ

Posted on

How to copy IOS from one Access Point to another?

How to copy IOS from one AP to another?

 

  1. First of we have to connect standalone AP with the PC through console cable and Ethernet cable.
  2. Then provide ip address to both PC(10.0.0.50) and to the interface of the AP(10.0.0.51).
  3. Check the connectivity between PC and AP.
  4. Then install TFTP server software on the PC.
  5. Open TFTP server and assign path to the TFTP files.
  6. Then on AP we have to check the name of the file of the IOS in the flash memory by using the following command:

show flash

  1. Then we have to run the below command on AP to take backup of the IOS:

                 archive upload-sw tftp://10.0.0.50/images/image-name.tar 

  1. After taking backup we have to connect other AP with the same AP through console cable and Ethernet cable.
  2. Reload the AP and while booting we have press “Escape” then it will enter into the ROMMON Mode.
  3. Then we have to assign ip address, subnet mask and default gateway to the AP by using the following commands:

    ap: set IP_ADDR 10.0.0.57

    ap: set NETMASK 255.255.255.0

    ap: set DEFAULT_GATEWAY 10.0.0.57

  1. After this we have to initialize tftp, flash and Ethernet port by using the following commands:

    ap: tftp_init

    ap: ether_init

    ap: flash_init

  1. Then assign the path through tftp to copy IOS image to the flash memory of the AP by using the following command:

    ap: tar -xtract tftp://10.0.0.50/images/image-name.tar flash:

  1. It will start copying the IOS in the flash memory of AP. We have to press space bar to continue it.
  2. After it will complete the copying process we have to set the default boot image by using the following command:

    ap: set BOOT flash:/ap1g2-k9w7-mx.152-4.JB6/ap1g2-k9w7-mx.152-4.JB6

  1. Then boot the AP by using the following command:

ap: boot

  1. Now the AP will boot with the New IOS image.
Posted on

Why STP

1 why  STP ?
->  we use stp  as our network is getting extended we have to face problem regarding it
eg:- if in our network there our four switches connected and b/w these four switches one switch or more get connection failure or any debug in the network will make a 
     effect on a communication b/w the end points.
                                                  so for resolving it we need redundancy means a one or more path for communication ,if one links fails with other 
link we can reach to the destination. But if we adopt redundancy Loops are been created through which Broadcast storms may cause means if loops takes rounds again & again 
and send data multiple times it will  destroy our network,Second create multiple frame transmissions in which frames are reaching to the destination host 2 times with it 
wastage of memory get place,in last inconsistent CAM table means in the switch CAM table the entry of the ports get clash and switch gets in trouble that from which port 
the request is coming can't able to feed the correct data in the table.
                                                                       so STP comes which helps us as it provide us the redundancy but without loops , selects one path at a 
time to communicate,and second path gets in a blocking form in which its is ready to come in forwarding state when its needed and done quickly.

2 STP working ?
-> STP spanning tree protocol 802.1D is mainly used in the large switch networks. STP prevents the layer 2 switching loops and broadcast storms . STP allows redundancy but selects 
   one path at a time for communication but if one path fails it selects the another path for communication .IN this switch sends probes into the network called BPDUs 
   to look for the loops . BPDU also helps to elect the root bridge in the network by checking the bridge id  and the mac address of the switch. so in STP there is root port ,
   designated port and blocking port. Root port is the port which is selected via  Bridge id  or the least link cost of the path .Designated port is the port through which the 
   data is been forwarded each and every switch contains the one designated port snd those which will have least cost of interface connected with switches becomes forwarding state  
, root port does'nt have designated port. Blocking port is the port in which the trees fell and blocks the link for a time.blocked port watches all the trafficking which is happening 
  automatically.IN STP there is a process of changing the state from forwarding to blocking which is as follows:-
  Listening -> Learning -> Forwarding -> Blocking 
 The Blocking takes 20 sec to process to change into listening state then it goes in the Listening state which takes 15 sec to process and then into learning state which also takes 15 sec 
to process to change into forwarding state and this is mainly the disadvantage of STP it takes time in processing.so it takes total 50 seconds for changing the state this was the big problem 
as we know  today modern pc takes only 30 seconds to boot.so then the RSTP 802.1WD Rapid Spanning tree protocol introduced for the convergence time of legacy of STP .

One more thing STP also done the enhancement before the RSTP that is PVST  pre-VLAN Spanning protocol in which we can configure one root brigde for per VLAN .So there is no blocking state
on the behalf of blocking state there is alternate blocking state which takes the backup of the traffic.

RSTP Rapid Spanning tree protocol is used for the gap issue between the STP spanning tree protocol .  (RSTP) enables STP Root Ports and STP Designated Ports to change from blocking state to 
forwarding  state in a few seconds.
Posted on

Cisco Voice Gateway Troubleshooting Commands

 

 

Troubleshooting commands:

1)to check active voice :It will show the calls which are initiating from one point to another and will show how
many packets are flowing, drop packets.

#show active voice

2)To check whether IOS device (gateway) is placing Voip packets within proper queues or not following command can be run.

#show priority

3)To view pots voice ports that has been configured in the device

show voice port summary

4)Since we are using sip protocol so we can check active user agent client and server information for sip calls:

show sip-ua calls
(this will show src ip,called number,calling number)

5)To start sip related debugging :

debug ccsip all

6)Since sip involves signalling for communication initiation so to enable tracing of sip service provider following command can be run.

#debug ccsip messages

7)This command will enable tracing of sip call media stream whether the stream flow is flowing from the desired path.

#debug ccsip media

8)To check whether in sip the call and packets send is failed or there is any connection failure .

#show sip-ua connections udp detail/tcp detail
#show sip-ua connections udp brief

9)The following command will display sip user agent status whether the call redirection is enabled or not.

#show sip-ua status

10)To check voice translation rule:the voice translation rule that we have made for eg. rule 1,11 and 10
for voip, we can check if translation profile is translating the number or not.

#test voice translation-rule _____
____ -> indicates rule number

11)Verifying that the time is synchronized :To check whether ntp is synchronizing between ntp server and ntp client the
following command can be used.

#show ntp associate/association
#show ntp status