Are there any other RADIUS attributes being sent to the WLC for that client? AAA Override allows those attributes to be applied. So, for instance, if you want to assign a different QoS policy to the user, you can do that with ACS and AAA Override.
Jason Boyers, CCIE #26024 (Wireless) Blog: netboyers.wordpress.com On Sun, Jul 29, 2012 at 6:54 PM, Tariq Mahmood <[email protected]>wrote: > hi : > > I one question about aaa override feature. I have end filter configured > on the radius server and client vlan is not changing client is staying in > the same wlan mapped to same vlan. there is any benefit of configuring aaa > override ? > > *From:* "[email protected]" < > [email protected]> > *To:* [email protected] > *Sent:* Monday, June 25, 2012 1:28 PM > *Subject:* CCIE_Wireless Digest, Vol 38, Issue 20 > > Send CCIE_Wireless mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CCIE_Wireless digest..." > > > Today's Topics: > > 1. Re: 1242 capwap with poe module and switchport in vlan trunk > mode (Kristj?n ?lafur E?var?sson) > 2. Re: 1242 capwap with poe module and switchport in vlan trunk > mode (Kristj?n ?lafur E?var?sson) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 25 Jun 2012 17:08:15 +0000 > From: Kristj?n ?lafur E?var?sson <[email protected]> > To: Jason Boyers <[email protected]>, "Victor Platov (viplatov)" > <[email protected]> > Cc: "[email protected]" > <[email protected]> > Subject: Re: [OSL | CCIE_Wireless] 1242 capwap with poe module and > switchport in vlan trunk mode > Message-ID: <2426A68554621145BDCFB71806B8FB6F1F8B140B@EXCH> > Content-Type: text/plain; charset="iso-8859-1" > > I simply am managing to break this simply by changing from trunk to access > mode > and back again. The mac address disapears as soon as I change to trunk > mode. > > I checked all HREAP configuration for that AP and it is in native vlan 113. > > I just tested to set the AP to local mode with vlan trunk native on 113 on > the switch. > which should work but the same results. > > > From: Jason Boyers [mailto:[email protected]] > Sent: 25. j?n? 2012 16:18 > To: Victor Platov (viplatov) > Cc: Ron Marosko; Kristj?n ?lafur E?var?sson; > [email protected] > Subject: Re: [OSL | CCIE_Wireless] 1242 capwap with poe module and > switchport in vlan trunk mode > > True. Victor, that when connected to the power injector, he wouldn't be > able to check the WLC config. However, it appears to be working when in > access mode, so he can connect that way, then check the WLC config, > > The other show commands would be helpful as well. > > Jason Boyers, CCIE #26024 (Wireless) > Blog: netboyers.wordpress.com<http://netboyers.wordpress.com/> > > On Mon, Jun 25, 2012 at 11:52 AM, Victor Platov (viplatov) < > [email protected]<mailto:[email protected]>> wrote: > I've seen that due to power injector misconfiguration AP doesn't bring up > its radio interfaces but not being stuck. Moreover, It had being connected > to the WLC before, hence I think it's not the issue. > If the switch isn't showing the AP's MAC I suppose CAPWAP tunnel is > down...so I'm afraid Kristj?n could not check it through WLC. > > Kristj?n, > > What are the outputs of the following commands from the switch: > Show cdp neighb > Sh run intf ... > Sh int .... > Sh intf .... Switchport > Sh intf ... trunk > Sh vlan > > From: [email protected]<mailto: > [email protected]> [mailto: > [email protected]<mailto: > [email protected]>] On Behalf Of Jason Boyers > Sent: Monday, June 25, 2012 6:59 PM > To: Ron Marosko > Cc: Kristj?n ?lafur E?var?sson; [email protected]<mailto: > [email protected]> > Subject: Re: [OSL | CCIE_Wireless] 1242 capwap with poe module and > switchport in vlan trunk mode > > What does "show cdp neighbor" show from the console of the AP when > connected in the fashion you are describing? This may also be an issue in > terms of the WLC config of the AP. What do you have for the "Power > Injector State" and "Power Injector Selection" under the AP config Advanced > tab? > > Jason Boyers, CCIE #26024 (Wireless) > Blog: netboyers.wordpress.com<http://netboyers.wordpress.com/> > On Mon, Jun 25, 2012 at 9:31 AM, Ron Marosko <[email protected]<mailto: > [email protected]>> wrote: > Make sure you define "switchport trunk native vlan x" to define the vlan > upon which untagged packets should reside. By default, this will be vlan 1, > and if you are using a different vlan id in your access vlan command, then > that would be why the mac address isn't showing up in the expected vlan. > The access point in default or unconfigured mode has no idea about any vlan > tags, and thus is always sending untagged packets. Only when you configure > the access point in HREAP mode will it start to even attempt to use 802.1q > tags, if appropriately configured. > > Regards, > Ron > > -- > Ron Marosko, Jr. > . . . . . . . . . . . . . . . . . . . . . . . . . . > CCIE No. 4526 (R/S), CWNA, ACMA, NN5DX > Consulting Network Architect > Global Technology Resources,Inc. > 1108 West Dickinson Blvd, Suite A > Fort Stockton, TX 79735 USA > o: +1 432 336 5600 x110<tel:%2B1%20432%20336%205600%20x110> > c: +1 720 233 3147<tel:%2B1%20720%20233%203147> > e: [email protected]<mailto:[email protected]> > pgp pubkey: 0x58AB8B5C > "To know me is to fly with me." > > > > -----Original Message----- > From: [email protected]<mailto: > [email protected]> [mailto: > [email protected]<mailto: > [email protected]>] On Behalf Of Kristj?n ?lafur > E?var?sson > Sent: Monday, June 25, 2012 8:16 AM > To: [email protected]<mailto: > [email protected]> > Subject: [OSL | CCIE_Wireless] 1242 capwap with poe module and switchport > in vlan trunk mode > > I have been troubleshooting a capwap ap connectivity. > The ap is 1242 with poe injector (if it is relevant) and works fine on a > access vlan. > Now puting the port to trunk mode (native vlan correct and the same as it > was on access) However when I change to trunk mode the AP Mac address > disapears from the interface mac table and I cant communicate get an DHCP > or whatever. > > Has anyone seen something like that ? > > I tried clear capwap private config, > reload the switch, > shut un shut ports. > > Still the MAC address just isn?t learned and this is the core of the > problem. Its a 3560 switch. > As soon as I change to access mode the mac is learned instantly. > > I have never seen this issue before, wonder if someone knows anything. > > regards. Kristjan > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com<http://www.ipexpert.com/> > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com<http://www.platinumplacement.com/> > This message contains confidential information and is intended only for > the individual named. Please notify the sender immediately by e-mail if you > have received this e-mail by mistake and delete this e-mail from your > system. Any opinions presented in this email are solely those of the author > and do not necessarily represent those of the company. E-mail transmission > cannot be guaranteed to be secure or error-free; the sender therefore does > not accept liability for any errors or omissions in the contents of this > message, which arise as a result of e-mail transmission. > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com<http://www.ipexpert.com/> > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com<http://www.platinumplacement.com/> > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > </archives/ccie_wireless/attachments/20120625/7e6964a5/attachment-0001.html> > > ------------------------------ > > Message: 2 > Date: Mon, 25 Jun 2012 17:28:44 +0000 > From: Kristj?n ?lafur E?var?sson <[email protected]> > To: Jason Boyers <[email protected]>, "Victor Platov (viplatov)" > <[email protected]> > Cc: "[email protected]" > <[email protected]> > Subject: Re: [OSL | CCIE_Wireless] 1242 capwap with poe module and > switchport in vlan trunk mode > Message-ID: <2426A68554621145BDCFB71806B8FB6F1F8B145E@EXCH> > Content-Type: text/plain; charset="iso-8859-1" > > Guys I have found the problem. > > no vlan dot1q tag native > it was configured on my switch before ! > so the AP wants to send untagged packets on vlan113 > but the switch tags native vlan packets so this way the communication > doesn?t work. > > it was a tricky one :D > > regards. Kristjan > > From: Jason Boyers [mailto:[email protected]] > Sent: 25. j?n? 2012 16:18 > To: Victor Platov (viplatov) > Cc: Ron Marosko; Kristj?n ?lafur E?var?sson; > [email protected] > Subject: Re: [OSL | CCIE_Wireless] 1242 capwap with poe module and > switchport in vlan trunk mode > > True. Victor, that when connected to the power injector, he wouldn't be > able to check the WLC config. However, it appears to be working when in > access mode, so he can connect that way, then check the WLC config, > > The other show commands would be helpful as well. > > Jason Boyers, CCIE #26024 (Wireless) > Blog: netboyers.wordpress.com<http://netboyers.wordpress.com/> > > On Mon, Jun 25, 2012 at 11:52 AM, Victor Platov (viplatov) < > [email protected]<mailto:[email protected]>> wrote: > I've seen that due to power injector misconfiguration AP doesn't bring up > its radio interfaces but not being stuck. Moreover, It had being connected > to the WLC before, hence I think it's not the issue. > If the switch isn't showing the AP's MAC I suppose CAPWAP tunnel is > down...so I'm afraid Kristj?n could not check it through WLC. > > Kristj?n, > > What are the outputs of the following commands from the switch: > Show cdp neighb > Sh run intf ... > Sh int .... > Sh intf .... Switchport > Sh intf ... trunk > Sh vlan > > From: [email protected]<mailto: > [email protected]> [mailto: > [email protected]<mailto: > [email protected]>] On Behalf Of Jason Boyers > Sent: Monday, June 25, 2012 6:59 PM > To: Ron Marosko > Cc: Kristj?n ?lafur E?var?sson; [email protected]<mailto: > [email protected]> > Subject: Re: [OSL | CCIE_Wireless] 1242 capwap with poe module and > switchport in vlan trunk mode > > What does "show cdp neighbor" show from the console of the AP when > connected in the fashion you are describing? This may also be an issue in > terms of the WLC config of the AP. What do you have for the "Power > Injector State" and "Power Injector Selection" under the AP config Advanced > tab? > > Jason Boyers, CCIE #26024 (Wireless) > Blog: netboyers.wordpress.com<http://netboyers.wordpress.com/> > On Mon, Jun 25, 2012 at 9:31 AM, Ron Marosko <[email protected]<mailto: > [email protected]>> wrote: > Make sure you define "switchport trunk native vlan x" to define the vlan > upon which untagged packets should reside. By default, this will be vlan 1, > and if you are using a different vlan id in your access vlan command, then > that would be why the mac address isn't showing up in the expected vlan. > The access point in default or unconfigured mode has no idea about any vlan > tags, and thus is always sending untagged packets. Only when you configure > the access point in HREAP mode will it start to even attempt to use 802.1q > tags, if appropriately configured. > > Regards, > Ron > > -- > Ron Marosko, Jr. > . . . . . . . . . . . . . . . . . . . . . . . . . . > CCIE No. 4526 (R/S), CWNA, ACMA, NN5DX > Consulting Network Architect > Global Technology Resources,Inc. > 1108 West Dickinson Blvd, Suite A > Fort Stockton, TX 79735 USA > o: +1 432 336 5600 x110<tel:%2B1%20432%20336%205600%20x110> > c: +1 720 233 3147<tel:%2B1%20720%20233%203147> > e: [email protected]<mailto:[email protected]> > pgp pubkey: 0x58AB8B5C > "To know me is to fly with me." > > > > -----Original Message----- > From: [email protected]<mailto: > [email protected]> [mailto: > [email protected]<mailto: > [email protected]>] On Behalf Of Kristj?n ?lafur > E?var?sson > Sent: Monday, June 25, 2012 8:16 AM > To: [email protected]<mailto: > [email protected]> > Subject: [OSL | CCIE_Wireless] 1242 capwap with poe module and switchport > in vlan trunk mode > > I have been troubleshooting a capwap ap connectivity. > The ap is 1242 with poe injector (if it is relevant) and works fine on a > access vlan. > Now puting the port to trunk mode (native vlan correct and the same as it > was on access) However when I change to trunk mode the AP Mac address > disapears from the interface mac table and I cant communicate get an DHCP > or whatever. > > Has anyone seen something like that ? > > I tried clear capwap private config, > reload the switch, > shut un shut ports. > > Still the MAC address just isn?t learned and this is the core of the > problem. Its a 3560 switch. > As soon as I change to access mode the mac is learned instantly. > > I have never seen this issue before, wonder if someone knows anything. > > regards. Kristjan > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com<http://www.ipexpert.com/> > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com<http://www.platinumplacement.com/> > This message contains confidential information and is intended only for > the individual named. Please notify the sender immediately by e-mail if you > have received this e-mail by mistake and delete this e-mail from your > system. Any opinions presented in this email are solely those of the author > and do not necessarily represent those of the company. E-mail transmission > cannot be guaranteed to be secure or error-free; the sender therefore does > not accept liability for any errors or omissions in the contents of this > message, which arise as a result of e-mail transmission. > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com<http://www.ipexpert.com/> > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com<http://www.platinumplacement.com/> > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > </archives/ccie_wireless/attachments/20120625/bf42828c/attachment.html> > > ------------------------------ > > _______________________________________________ > CCIE_Wireless mailing list > [email protected] > http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless > > > End of CCIE_Wireless Digest, Vol 38, Issue 20 > ********************************************* > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
