English dropdown-ico

Cisco Systems C3850NM410G manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Cisco Systems C3850NM410G, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Cisco Systems C3850NM410G one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Cisco Systems C3850NM410G. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Cisco Systems C3850NM410G should contain:
- informations concerning technical data of Cisco Systems C3850NM410G
- name of the manufacturer and a year of construction of the Cisco Systems C3850NM410G item
- rules of operation, control and maintenance of the Cisco Systems C3850NM410G item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Cisco Systems C3850NM410G alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Cisco Systems C3850NM410G, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Cisco Systems service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Cisco Systems C3850NM410G.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Cisco Systems C3850NM410G item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 1 of 70 Cisco Catalyst 3850 Switch Services Guide April 2013 Guide[...]

  • Page 2

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 2 of 70 Contents Overview ................................................................................................................................................................... 3 Cisco Catal y st 3850 Security Policy ...........[...]

  • Page 3

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 3 of 70 Overview The Cisco ® Catalyst ® 3850 Switch is built on a unified access data plane (UADP) application-specific integrated circuit (ASIC). This is a state- of - the-art ASIC that has all services fully integrated in the chip and th[...]

  • Page 4

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 4 of 70 Figure 1. 802.1X with Converg ed Access The authentication, authorization, and accounting (AAA) group and RADIUS server are set up on the Cisco Catalyst 3850. The authentication and authorization are redirected to the ISE server. The[...]

  • Page 5

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 5 of 70 To define the Cisco Catalyst 3850, on the ISE screen, navigate to Administration  Network Resources  Network Devices as in Figure 2. Figure 2. Device Definition in ISE The dot1x needs to be enabled on the switch globally for wi[...]

  • Page 6

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 6 of 70 class-map type control subscriber match-all DOT1X_NO_RESP match method dot1x ! policy-map type control subscriber DOT1X event session-started match-all 1 class always do-until-failure 2 authenticate using dot1x retries 3 retry-time 6[...]

  • Page 7

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 7 of 70 I - Awaiting IIF ID allocation P - Pushed Session (non-transient state) R - Removing User Profile (multi-line status for details) U - Applying User Profile (multi-line status for details) X - Unknown Blocker The following output show[...]

  • Page 8

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 8 of 70 The following is the detailed output of the wired client session: Switch#sh access-session mac 0024.7eda.6440 details Interface: GigabitEthernet1/0/13 IIF-ID: 0x1092DC000000107 MAC Address: 0024.7eda.6440 IPv6 Address: Unknown IPv4 A[...]

  • Page 9

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 9 of 70 After defining ACL in ISE, it can be associated with an authoriz ation profile, as shown in Figure 4. Figure 4. Authorization Pro file Note: If a named authentication method-list is in place fo r AAA, an attribute needs to be set fro[...]

  • Page 10

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 10 of 70 The total capacity of the ACEs is an aggregate number that constitutes all types of ACEs. O ne type of ACE, however, can scale up to 1500. For example, the total numbe r of Port ACL (PACL) access control entries cannot exceed 1500. [...]

  • Page 11

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 11 of 70 Unlike wired, wireless is considered untrusted on the Cisco Catalyst 3850. The default trust setting for wireless target is untrust : that is, the packets are marked down to 0 in the absence of SSID-based policy. The startup configu[...]

  • Page 12

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 12 of 70 permit udp any any eq 1214 ip access-list extended SIGNALING remark SCCP permit tcp any any range 2000 2002 remark SIP permit tcp any any range 5060 5061 permit udp any any range 5060 5061 ip access-list extended TRANSACTIONAL-DATA [...]

  • Page 13

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 13 of 70 W ith t able-maps, one can create a map of values that can be used between the same or dif ferent markings such as DSCP, CoS, and so on. The values that can be mapped are from 0 through 9 9 in deci mal. Table-map also has a default [...]

  • Page 14

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 14 of 70 Applying Ingress Policies Like other Cisco Catalyst platforms, Cisco Catalyst 3850 Switches offer two simplified methods to apply service policies. Depending on the deployment model, either of the following methods may b e used: ●[...]

  • Page 15

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 15 of 70 class-map CALL-SIG match dscp cs3 class-map CRITICAL-DATA match dscp af21 af22 af23 class-map VIDEO-STREAM match dscp af31 af32 af33 class-map Scavenger-Q match dscp cs1 After traffic is identified using DSCP, policy bases can be ap[...]

  • Page 16

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 16 of 70 Wireless: Ingress Qua lity of Service Ingress Marking and Policing on Wireless Client In the ingress direction, traffic can be marked and policed at client level. The following ex ample provides differentiated marking and policing f[...]

  • Page 17

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 17 of 70 The applied policy can be show n with the follow ing CLI: Switch# sh policy-map interface wireless client Client 000A.CC10.0001 Service-policy input: Standard-Employee Class-map: Voice (match-all) Match: access-group name Voice poli[...]

  • Page 18

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 18 of 70 If the policy name is downloaded from the ISE server, the server needs to be configured as shown in Figure 6, with the AV pair ip:sub-qos-policy-in=Standard-Employee. Figure 6. Authentication Pro file The same policy can be applied [...]

  • Page 19

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 19 of 70 table-map dscp2dscp default copy Policy-map TRUST Table Map dscp2dscp default copy The QoS policy is applied under the W LAN configuration. The SSID policy is applied as sh own in the following example. This results in “trusted”[...]

  • Page 20

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 20 of 70 The following is the default behavior of the four queues: Q0 (RT1): Control traffic Q1 (RT2): None Q2 (NRT): Everything other than multicast NRT and control traffic Q3 (multicast NRT): Multicast and nonclient traffic Default QoS pol[...]

  • Page 21

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 21 of 70 bandwidth remaining ratio 10 Class-map: class-default (match-any) Match: any (total drops) 0 (bytes output) 0 The “port_child_policy” can be modified by the user to queue different application traffic at t he SSID level. This tr[...]

  • Page 22

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 22 of 70 Match: any shape (average) cir 200000000, bc 800000, be 800000 target shape rate 200000000 Radio dot11a iifid: 0x104F10000000011.0xCF8F4000000005 Service-policy output: def-11an Class-map: class-default (match-any) Match: any shape [...]

  • Page 23

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 23 of 70 Policy-map guest-ssid Class class-default Shape average percent 20 On the enterprise SSID class-map voice and video, the policer enforces the aggregate unicast traffic at the BSSID level. The class default is configured to provide a[...]

  • Page 24

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 24 of 70 Cisco Catalyst 38 50 NetFlow Architecture (Wired and Wireless) NetFlow Cisco Catal yst 3850 Ov erview The Cisco Catalyst 3850 supports both ingress and egress FnF on all ports of the sw itch at line rate. Switch raw scalability is u[...]

  • Page 25

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 25 of 70 Configuring a Flow Record (Egress) flow record v4out match ipv4 protocol match ipv4 tos match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface output col[...]

  • Page 26

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 26 of 70 flow monitor v4 exporter Collector exporter Collector 1 cache timeout active 60 cache timeout inactive 20 record v4 Attaching a Flow Monitor to Supported Po rt Types Wired Port interface GigabitEthernet1/0/1 description Interface fo[...]

  • Page 27

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 27 of 70 Flexible NetFlow Outputs To display the status and statistics for a flexible NetFlow flow monitor, use the “Show Flow monitor” command in privileged EXEC mode. Switch# show flow monitor Flow Monitor v4: Description: User defined[...]

  • Page 28

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 28 of 70 19:52:12.755 10.1.22.101 10.1.1.22 51524 5060 Gi1/0/3 LIIN0 1038 3 19:52:10.755 19:52:10.755 To display top N destination aggregated flow statistics from a flow monitor cache, use the following command. Switch# show flow monitor v4 [...]

  • Page 29

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 29 of 70 IPV6 SRC ADDR IPV6 DST ADDR TRNS SRC PORT TRNS DST PROT bytes long pkts long ============================================= ================== 2322::2 FF02::1:FF00:1 0 34560 58 72 1 2322::2 2201::2 1024 1026 17 9166290 43649 2322::2 [...]

  • Page 30

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 30 of 70 Multicast Overv iew (Tradition al and Converged M ulticast) Efficient and intelligent use of bandwidth is paramount, particularly w ith the advent of video, mobility, and cloud technologies. It is also critical considering the surge[...]

  • Page 31

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 31 of 70 The videostream mode is a further enhancement of the preceding. Instead of sending the m ultic a st as broadcast at the lowest data rate, the access point converts the original m ulticast packet as unicast and sends it only to the i[...]

  • Page 32

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 32 of 70 Following is the basic configuration of wireless multicast: ● Configure IGMP snooping and querier: Switch(config)#ip igmp snooping Switch(config)#ip igmp snooping querier ● Configure wireless multicast and access point CAP W AP [...]

  • Page 33

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 33 of 70 To display all (S,V,G) list and the corresponding M GID value, use the “Show wireless multicast group summary” command in privileged EXEC mode. Switch#show wireless multicast group summary IPv4 groups ------------- MGID Source G[...]

  • Page 34

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 34 of 70 Group: 239.255.67.250 Vlan: 412 Source: 0.0.0.0 blacklisted: no SGV to Client mappings ---------------------- Group: 224.0.1.60 Source: 0.0.0.0 Vlan: 412 Client: 10.33.170.101 Port: Ca10 Blacklisted : no Group: 239.255.67.250 Source[...]

  • Page 35

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 35 of 70 To display the multicast groups that are directly connected to the switch and that were learn ed through IGMP, use the “show ip igmp groups” command in privileged EXEC mode. Switch#show ip igmp groups IGMP Connected Group Member[...]

  • Page 36

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 36 of 70 To display the IP IGMP membership status of all multicast groups on a sw itch, use the “show ip igmp membership all” command in privileged EXEC mode. Switch#show ip igmp membership all Flags: A - aggregate, T - tracked L - Local[...]

  • Page 37

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 37 of 70 Converged Acces s with the Ci sco Catalyst 3850 The Cisco Catalyst 3850 Switch offers scalable, resilient, and future-proofed wired and wireless services. It serves as an integrated wireless LAN controller for up to 50 Cisco ac cess[...]

  • Page 38

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 38 of 70 The mobility controller’s area of responsibility lies in the mobil ity subdomain it controls. All the mobility agents in the subdomain form CAPWAP mobility tunnels to the mobility controller and report local and roamed client st a[...]

  • Page 39

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 39 of 70 Figure 8. Hierarchical Role s in Conver ged Acces s The SPGs are designed as a group of mobility agent switches to w here the users frequently roam. It is important that roams within an SPG are local to the SPG and need not involve [...]

  • Page 40

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 40 of 70 Figure 9. Single Cisco Cataly st 3850 S tack for Wired/ Wireless in Small Bran ch If the wireless deployment consists of only a Cisco Catalyst 3850 Switch running as a mobility controller with several other switches operating as mob[...]

  • Page 41

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 41 of 70 For medium campus wireless deployments scaling up to 250 Cisco access points and 16,000 clients, 7 mobility controller switches (with other mobility agent switches operating as mobility agents in their SPG ) can be grouped together [...]

  • Page 42

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 42 of 70 Figure 12. 5508/WiSM2/576 0 Controller Appliances w ith Cisco Cata lyst 3850 Sw itches for Large Ca mpus Configuring Conv erged Access w ith Cisco Catal y st 3850 This section explains how to configure the wireless services on the C[...]

  • Page 43

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 43 of 70 The Cisco access points must be connected directly to the Cisco Catalyst 3850 Sw itch. O ne Cisco Catalyst 3850 Switch forms the access layer. The distribution in this example is made of the Cis co Catalyst 4500E Supervisor 7 - E sy[...]

  • Page 44

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 44 of 70 Relevant excerpts from outputs regarding wireless configuration on the Cisco Catalyst 3850 are shown in the following: MC1#show wireless mobility summary Mobility Controller Summary: Mobility Role : Mobility Controller Mobility Prot[...]

  • Page 45

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 45 of 70 Figure 14. Configuring M obility Agents and Sw itch Peer Group on Cis co Catalyst 38 50 In this case the additional Cisco Catalyst 3850 Switches can be added and configured as mobility agents with the previously configured switch ac[...]

  • Page 46

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 46 of 70 wireless mobility controller ip 20.1.3.2 public-ip 20.1.3.2 wireless management interface Vlan602 wlan Predator 1 Predator aaa-override client association limit 2000 client vlan 500 security wpa wpa2 ciphers tkip security dot1x auth[...]

  • Page 47

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 47 of 70 Figure 15. Configuring M obility Group on M ultiple Mob ility Controller s on Cisco Catalyst 385 0 Assume that there was an acquisition of the company nex t door, and now the two networks have to be integrated in the current network[...]

  • Page 48

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 48 of 70 Relevant configurations done on the M A3 switch in this case are given in the following: wireless mobility controller ip 20.1.3.2 public-ip 20.1.3.2 wireless management interface Vlan604 wlan Predator 1 Predator aaa-override client [...]

  • Page 49

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 49 of 70 These two mobility controller switches can be grouped together in one mobility group to ena ble fast roaming between clients of each respective subdomain. Relevant configuration that needs to be done on the existing mobility control[...]

  • Page 50

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 50 of 70 Point of attachment (PoA) moves with user mobility and is def ined as the access point to which the user joins or roams. There are two types of roams within the wireless network: intracontroller roams and interco ntroller roams: ●[...]

  • Page 51

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 51 of 70 The previous controller does not hold any state of the client that has roamed to another controller. In this case the client traffic is CAPWAP encapsulated by the access point and terminated at the n ew controller with which access [...]

  • Page 52

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 52 of 70 Understandin g Roams in Con verged Access Since roams in Cisco Unified Wireless Network are explained earlier, this section explains the roams as they occur in converged access mode. It w ill be clear that the roams in converged acc[...]

  • Page 53

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 53 of 70 There is a provision per W LAN that the administrator can con figure, if they want a L2 roam like the Cisco Unified W irele ss Network, where both the PoP and PoA of the user moves. This is the nontunnel ed (nonsticky) L2 roam. The [...]

  • Page 54

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 54 of 70 Traffic Paths in Co nver ged Access This section explains the traffic path (profile) for local and roamed wireless clients across the different SPGs and mobility controllers. (See Figure 21.) Figure 21. Client Roams Within an SPG in[...]

  • Page 55

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 55 of 70 Figure 22. Client Roams A cross Mobility Controller in Converg ed Access In the preceding scenario, an intersubdomain (intermobility c ontroller) roam is explained. The initial client join happens at MA1 in SPG1. The w ireless traff[...]

  • Page 56

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 56 of 70 Table 3 is a list of switch names, IP addresses, their roles in SPG, and mobility group that form part of the example network. Understanding this will help explain the client roams as they roa m from one switch to another. Table 3. [...]

  • Page 57

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 57 of 70 Initial client join on MA1, as seen in CLI on the switch, w here it shows the client MAC address, t o which access point it is connected, and the WLAN and 11n on 5GHz: MA1#show wcdb database all Total Number of Wireless Clients = 2 [...]

  • Page 58

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 58 of 70 MC1#sh wireless mobility controller client summary Number of Clients : 2 State is the Sub-Domain state of the client. * indicates IP of the associated Sub-domain Associated Time in hours:minutes:seconds MAC Address State Anchor IP A[...]

  • Page 59

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 59 of 70 The following are the relevant outputs displaying the client roam. In this case, M A1 becomes the anchor switch, while MC1 becomes the foreign switch. MC1#show wireless client summary Number of Local Clients : 2 MAC Address AP Name [...]

  • Page 60

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 60 of 70 Comparing the preceding output with the one in the initial clie nt join, notice that the access point name changes to the switch IP address to where the clients roamed (switch/wireless management IP address of MC1 in this case), and[...]

  • Page 61

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 61 of 70 where the mobility state is “anchor,” and the access point name is the switch/wireless management IP address of the foreign switch (MC1): 20.1.3.2. (See Figure 25.) Figure 25. Client Roams A cross SPG in Co nve rged Access In th[...]

  • Page 62

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 62 of 70 Mac Address VlanId IP Address Src If Auth Mob -------------- ------ --------------- ------------------ -------- ------- b065.bdbf.77a3 701 20.1.1.53 0x00C9D9C000000004 RUN FOREIGN b065.bdb0.a1ad 701 20.1.1.52 0x00C9D9C000000004 RUN [...]

  • Page 63

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 63 of 70 Mac Address VlanId IP Address Src If Auth Mob -------------- ------ --------------- ------------------ -------- ------- b065.bdbf.77a3 500 20.1.1.53 0x00D03BC000000002 RUN ANCHOR b065.bdb0.a1ad 500 20.1.1.52 0x00D03BC000000002 RUN A[...]

  • Page 64

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 64 of 70 Total Number of Wireless Clients = 2 Clients Waiting to Join = 0 Foreign Clients = 2 MTE Clients = 0 Mac Address VlanId IP Address Src If Auth Mob -------------- ------ --------------- ------------------ -------- ------- b065.bdbf.7[...]

  • Page 65

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 65 of 70 wlan Predator shutdown no mobility anchor sticky no shutdown Tracking the initial client join on MA1: MA1#show wireless client summary Number of Local Clients : 2 MAC Address AP Name WLAN State Protocol -----------------------------[...]

  • Page 66

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 66 of 70 MA1 #show wcdb database all Total Number of Wireless Clients = 0 Mac Address VlanId IP Address Src If Auth Mob -------------- ------ --------------- ------------------ -------- ------- The switch where the clients initially joined h[...]

  • Page 67

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 67 of 70 Tunnel Roles in Converged Access This section explains what function each CAPWAP tunnel plays in the converged access deployment. The following outputs are from an MA1: MA1#show capwap summary CAPWAP Tunnels General Statistics: Numb[...]

  • Page 68

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 68 of 70 Ca5 3502E_G2/0/25_83A9 data Gi2/0/25 unicast - Ca4 3602I_G2/0/1_3A04 data Gi2/0/1 unicast - Name SrcIP SrcPort DestIP DstPort DtlsEn MTU ------ --------------- ------- --------------- ------- ------ ----- Ca1 20.1.3.2 16667 20.1.5.2[...]

  • Page 69

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 69 of 70 Field L2 In L2 Out IPv4 In IPV4 Out IPv6 In IPv6 Out Notes mac source addre ss output - - - - - - mac destination address input Yes - Yes - Yes - mac destination address output - Yes - Yes - Yes ipv4 version - - Yes Yes Yes Yes ipv4[...]

  • Page 70

    © 2013 Cisco and/o r its affiliates. All ri ghts reserved. Thi s document is Cisco Public Information. Page 70 of 70 Printed in USA C07-727066- 00 04/13[...]