标签 cisco 下的文章

简单说说替换下来的部分网络设备(201906)

先从交换机说起
网件M7100
网件M7100
M7100是网件目前型号序列里最高等级的万兆电口交换机,推出有十来年了
没有使用的原因是,机房设备,噪音太大


网件M4300
网件M4300
M4300是网件在2016年推出的高级万兆电口交换机,海淘自美国,被税,参考之前的文章
替换原因是,设计散热不佳,功率大


思科2504
思科cap3702i
思科wlc 2504和cap3702i,使用了一年时间
替换原因wifi 802.1ac是第一代,而且思科2.4g下速度太慢,配置不直观,信号倒是不错


ccr1009
mikrotik的ccr系列最低端 被动散热
替换原因cpu的加密解密性能太弱,对比软路由的routeros chr版速度差太多


最后是合影
合影

cisco交换机与netgear交换机配置链路聚合

以思科WS-C3560X-24P和网件GS116Ev2为例,由于GS116Ev2只支持static lag,所以以下为trunk的静态链路聚合。trunk可以理解为传递vlan的链接。如果只是某个vlan的链路聚合的话修改trunk为access。
思科配置

ssh -oHostKeyAlgorithms=+ssh-dss -oKexAlgorithms=+diffie-hellman-group1-sha1 cisco@ip
Password: 
Core_Switch>enable
Password: 
Core_Switch#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Core_Switch(config)#interface Port-Channel 4
Core_Switch(config-if)#description To_GS116Ev2
Core_Switch(config-if)#switchport trunk encapsulation dot1q
Core_Switch(config-if)#switchport mode trunk
Core_Switch(config-if)#interface GigabitEthernet0/1
Core_Switch(config-if)#switchport trunk encapsulation dot1q
Core_Switch(config-if)#switchport mode trunk
Core_Switch(config-if)#channel-group 4 mode on
Core_Switch(config-if)#interface GigabitEthernet0/2
Core_Switch(config-if)#switchport trunk encapsulation dot1q
Core_Switch(config-if)#switchport mode trunk
Core_Switch(config-if)#channel-group 4 mode on
Core_Switch(config-if)#exit
Core_Switch(config)#exit
Core_Switch#

网件配置
1,选择需要聚合的端口,按图勾选配置,然后apply
网件1
2,启用聚合,如图,然后点击apply
网件2

至此,两台交换机配置完毕,连接两根网线,等待几分钟后完成。
思科交换机查看链路聚合状态方法

Core_Switch#show etherchannel summary 
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 4
Number of aggregators:           4

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)          -        Gi0/21(P)   Gi0/22(P)   
2      Po2(SU)          -        Gi0/19(P)   Gi0/20(P)   
3      Po3(SU)          -        Gi0/17(P)   Gi0/18(P)   
4      Po4(SD)          -        Gi0/11(D)   Gi0/12(D)   

网件由于是简单网管交换机,没有状态显示。需要注意的是网件启用lag的admin后需要等几分钟才会生效。

cisco 无线系统折腾续,瘦ap在控制器离线情况下继续工作

家里布了两个3702i+2504wlc控制器,使用wlc控制器配置ap比胖ap配置方便很多,可是wlc有风扇,放在弱电箱里用泡沫封住还是太吵了,而且封住后温度直线上升,想是不是有方法可以让控制器离线情况下ap继续工作,ap只起一个认证和交换的作用,这样一来没有控制器的噪音还能省电。
搜索得知,使用flexconnect模式可以实现上面的需求,gui配置不难,但是有一点被困住了,在flexconnet组里不能添加ap,导致wlan开了flexconnect也不能实现ap继续工作,最后在ap配置页面找到ap工作模式,选择为flexconnct后,flexconnet组自动出现了ap,wlc关闭电源测试,果然成功。
重点是所有文档都没说要把ap模式调成flexconnct,坑了我几个小时。

cisco ap2702i胖ap关闭led指示灯

ap指示灯对家用来说有点多余,而且亮度不低,正常状态下又是蓝光,晚上影响睡眠,所以决定关闭。搜索到的方法大部分是针对ac的,要不就是设置led状态的,没有说胖ap怎么关的,试了一下成功了,记录下来。
方法:
telnet管理员登陆ap

config
led display off


User Access Verification

Username: admin
Password:
ap#?
Exec commands:
  <1-99>           Session number to resume
  access-enable    Create a temporary Access-List entry
  access-profile   Apply user-profile to interface
  access-template  Create a temporary Access-List entry
  archive          manage archive files
  cd               Change current directory
  clear            Reset functions
  clock            Manage the system clock
  configure        Enter configuration mode
  connect          Open a terminal connection
  copy             Copy from one file to another
  crypto           Encryption related commands.
  debug            Debugging functions (see also 'undebug')
  delete           Delete a file
  dir              List files on a filesystem
  disable          Turn off privileged commands
  disconnect       Disconnect an existing network connection
  do-exec          Mode-independent "do-exec" prefix support
  dot11            IEEE 802.11 commands
  dot1x            IEEE 802.1X Exec Commands
  eap              EAP Exec Commands
  enable           Turn on privileged commands
  erase            Erase a filesystem
  exit             Exit from the EXEC
  format           Format a filesystem
  fsck             Fsck a filesystem
  help             Description of the interactive help system
  if-mgr           IF-MGR operations
  ip               Exec commands for IP features
  led              LED functions
  lock             Lock the terminal
  logging          Handles logging operations
  login            Log in as a particular user
  logout           Exit from the EXEC
  mkdir            Create new directory
  monitor          Monitoring different system events
  more             Display the contents of a file
  name-connection  Name an existing network connection
  no               Disable debugging functions
  ping             Send echo messages
  pwd              Display current working directory
  radius           radius exec commands
  release          Release a resource
  reload           Halt and perform a cold restart
  rename           Rename a file
  renew            Renew a resource
  resume           Resume an active network connection
  rmdir            Remove existing directory
  routing-context  Routing Context
  rsh              Execute a remote command
  save             Start to save raise_interrupt_level stack
  send             Send a message to other tty lines
  set              Set system parameter (not config)
  show             Show running system information
  ssh              Open a secure shell client connection
  systat           Display information about terminal lines
  telnet           Open a telnet connection
  terminal         Set terminal line parameters
  test             Test subsystems, memory, and interfaces
  traceroute       Trace route to destination
  tunnel           Open a tunnel connection
  undebug          Disable debugging functions (see also 'debug')
  verify           Verify a file
  where            List active connections
  write            Write running configuration to memory, network, or terminal
  xconnect         Xconnect EXEC commands

ap#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
ap(config)#led?
led

ap(config)#led
% Incomplete command.

ap(config)#led-stat
              ^
% Invalid input detected at '^' marker.

ap(config)#led display
% Incomplete command.

ap(config)#led display?
display

ap(config)#led display ?
  dim  Turn LED display dim.
  off  Turn LED display off.

ap(config)#led display off

思科ap 2702 折腾继续20160610

困扰了一个多月的问题终于解决了
问题描述:ap下两个客户端之间单独一个ping另一个不通,两个同时互ping能通,没有打开客户端隔离功能(pspf)其他功能正常。
解决办法:经指点是arp问题,打开arp caching功能,问题解决。
还是对计算机网络理解不够深入,应该早就想到是arp问题的。。。

还有个小问题,web页面一直提示cannot clear credential 什么的,也没查到解决办法。。。