Re: [enterasys] Fw: diffserv mixed C2/C3 stack
Hi Joshua, On 05/10/16 11:30, jsand...@westernmutual.com wrote: > I asked this 4 years ago and don't remember if I ever received a > response. Can anyone answer this? Is this board even still active? It is still working, but you might have more luck asking on the official community website: https://community.extremenetworks.com/extreme -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
[enterasys] No support for 3600 series APs in v10 firmware
Hi all, I was wondering how many of you still had 3600 series APs, as it's just been revealed that they won't be supported in v10 EWC firmware, due out at the end of the year: https://community.extremenetworks.com/extreme/topics/wireless-firmware-10-x We're fortunate enough to just have 3710s and 3825s, but I imagine there's still a pretty big installed base out there. -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
[enterasys] eduroam and NAC
Hi all, Has anyone here done eduroam with NAC? It looks pretty straightforward but I thought I'd ask to see if there's any gotchas, eg with domain stripping or similar. Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] eduroam and NAC
On 12/05/15 09:54, James Andrewartha wrote: Has anyone here done eduroam with NAC? It looks pretty straightforward but I thought I'd ask to see if there's any gotchas, eg with domain stripping or similar. Of course, seconds after posting I find http://extrcdn.extremenetworks.com/wp-content/uploads/2014/07/IdentiFi-and-Eduroam-Roaming-Wireless-Service-Integration.pdf however I'm still interested in hearing from anyone who's done it in production. Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Switch B3 - VLANs
On 11/09/14 01:10, Johannsb wrote: I have two switches Enterasys and four computers as below: switch 1 - Enterasys B3 with: Computer A in port ge.1.1 Computer B in port ge.1.2 switch 2 - Entreasys B3 with: Computer C in port ge.1.1 Computer D in port ge.1.2 The two switches are linked by port ge.1.48. All computers are in same network 10.0.0.X/255.255.255.0. I need this result: Among Computer A, B and D: comunication it's permited Between Computer A and C: comunication it's permited too But among Computer B, C and D: no comunication it's permited In ohter words: If in machine A I type ping 10.0.0.A or ping 10.0.0.B or ping 10.0.0.D or ping 10.0.0.C, the result must to be a answer If in machine A or B or D, I type ping 10.0.0.C, the result must to be no answer If in machine C I type ping 10.0.0.A, the result must to be a answer If in machine C I type ping 10.0.0.B or ping 10.0.0.D, the result must to be no answer The question: I tried to create a VLAN for machines A, B e D and other for C, but the result it isn't the above. What I have to type in each switch for get the objective with success? If it was just on one switch, you might be able to use protected ports, however it doesn't work across multiple switches: Ports that are configured to be protected cannot forward traffic to other protected ports in the same group, regardless of having the same VLAN membership. However, protected ports can forward traffic to ports which are unprotected (not listed in any group). Protected ports can also forward traffic to protected ports in a different group, if they are in the same VLAN. Unprotected ports can forward traffic to both protected and unprotected ports. A port may belong to only one group of protected ports. This feature only applies to ports within a switch or a stack. It does not apply across multiple switches in a network. Because of this, policy is probably your best bet, however buying policy licenses for B3s is quite hard these days. You could maybe also experiment with having multiple untagged egress VLANs, but that's probably not going to work without policy anyway. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: AW: AW: [enterasys] client communication issue on C5G
And here's the base64 decoded version: On 15/05/14 22:59, Gradelain Ngouni wrote: Hey John, here an update of what I’m actually facing: this the configuration of my SVI: interesting will be the lines after this: ##Primary: interface vlan.0.22 ip address 10.40.22.253 255.255.255.0 primary vrrp create 22 v2-IPv4 vrrp address 22 10.40.22.254 vrrp priority 22 200 vrrp advertise-interval 22 seconds 5 vrrp accept-mode 22 vrrp fabric-route-mode 22 vrrp enable 22 ip helper-address 10.10.20.21 ip helper-address 10.10.20.30 ip helper-address 10.40.20.99 ip helper-address 10.40.20.100 no ip proxy-arp no ip redirects ipv6 forwarding no shutdown ##secondary: interface vlan.0.22 ip address 10.40.22.252 255.255.255.0 primary vrrp create 22 v2-IPv4 vrrp address 22 10.40.22.254 vrrp priority 22 150 vrrp advertise-interval 22 seconds 5 vrrp accept-mode 22 vrrp fabric-route-mode 22 vrrp enable 22 ip helper-address 10.10.20.21 ip helper-address 10.10.20.30 ip helper-address 10.40.20.99 ip helper-address 10.40.20.100 no ip proxy-arp no ip redirects ipv6 forwarding no shutdown exit On the S3 Interface vlan.0.22, I ONCE AGAIN apply “shut” and “no shut” With this commands set, the client were able to reach their Gateway and beyond. Her’s were it gets once again complicated: Client_1 with IP 10.40.22.10 is connected on port ge.1.25 on the S3. NAC only apply the policy to the user and the VLAN 22 is manually configured on the user switch port. Client 2 with IP 10.40.22.11 is connected on port ge.1.11 on the C5G. NAC Apply the Policy and Dynamically the vlan to the user switch port. 1) Shutdown the port of Client_1 and enable it again == the client is once again reachable 2) Shutdown the port of Client_1 and enable it again == client no more reachable! a. Shot down the interface vlan.0.22 and enable it again, then clients once again reachable. I’m reporting to GTAC…. The behavior is a wee bit strange. Cheers Gradelain -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] IPv6 = bridged@HWC ?
On 10/07/13 12:14, James Andrewartha wrote: On 29/06/13 03:43, excel...@gmx.com wrote: Well, 8.31 has been released. Unfortunately there´s no sign of CAPWAP+IPv6 within the release notes :( Even worse, I read the 8.31 CLI guide and in the filter section on matching ethernet typees it says On the controller the Ethertype=IPv6 rule is ignored. The controller always drops IPv6 traffic. The rule is applied on Bridged At AP topologies. These sentences are still in the the 9.01 CLI guide. On the plus side, topologies and certain management operations (copy, backup, syslog, NTP) have IPv6 support now. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Apple TV with 5110 controller
Hi Randy, On 19/03/14 09:41, Randy Boehler wrote: Has anyone seen disconnect problems with the following – Ipad 2 connects to Apple TV (wireless) either it will connect and only stay connected for 8 – 10 minutes. Or it will just not connect . We have 40 Apple Tv ‘s in 40 separate rooms. Wireless signal is great. Other network connections work fine( email, internet…….) Yes, we've seen this too. I haven't been able to get a trace when it occurs, it's frustratingly transient. I do have a GTAC case open (01009042), but it's been a low priority. Do you have any Macs available? If so, could you run dns-sd -B _airplay in a terminal and see if the services disappear and reappear? I don't know if it's directly related to Airplay disconnecting though. Our environment is 08.32.04.0006 on V2110, 3710 APs. Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Apple TV with 5110 controller
On 19/03/14 09:55, Ian Lyons wrote: http://www.macrumors.com/2013/04/15/apple-initiates-replacement-program-for-3rd-generation-apple-tvs-with-wifi-connectivity-issues/ Validate that your apple tv ' s don't have a bad chip in them. Generation 3 (which is model A1469) The glitch is known. But we just bought a dozen and had 2 with bad serials. Symptoms are dropping connections etc. Hmm, the serial numbers of a few of ours don't match that (they seem to mostly be JL), and are plugged in via Ethernet anyway. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Apple TV with 5110 controller
On 19/03/14 09:57, James Andrewartha wrote: Our environment is 08.32.04.0006 on V2110, 3710 APs. Actually, we've been running a debug build for another problem (which is why this one has been a low priority) and the Airplay problem has gone away (although Bonjour service still disappear, but I guess that shows it's not related). The AP internal build number is 08.32.09.9005. 8.32.05.0007 was just released, and no doubt GTAC will ask you to upgrade to that version first. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Wireless 8.31 Bridging at AP unexpectedly
On 13/01/14 13:29, James Andrewartha wrote: On 14/11/13 05:52, Mark Lamond wrote: I have seen this on C4110¹s with 3610 AP¹s on various 8.x software levels. It caused no end of head scratching! I've just seen something similar when a client switches from one SSID to another, where the previous role didn't have any access control set, whereas the new one had contain to VLAN - the client would initially DHCP on the previous VLAN before the role change took effect. This was on a 3710 controlled by a V2110 running 08.32.03.0002. I'm only just seeing it now because I'm moving from a basic SSID:VLAN map to one involving roles/policies (including guest Whoops, I didn't finish my thought here. Anyway, GTAC contacted me and pointed out the Discard Unauthenticated Traffic option in WLAN Service/Advanced... which solved my problem. Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Wireless 8.31 Bridging at AP unexpectedly
unexpectedly Hello: We have upgraded to 8.31 and are now managing our policy from PM. We are having issues with some APs bridging some clients at the AP. I assume that is what is happening because clients are getting on the same network that the APs are on. This should not be the case because all of my VNS topologies are bridging at the controller. It is pretty darn freaky since that setting is set a the WLAN Service\Role level. Has anyone else seen this issue? I'm freaking. This causes big problems as security is bypassed as well as the wireless clients are eating up all of the IPs on the LAN network and my wired clients cannot connect. -- John Kaftan IT Infrastructure Manager Utica College * --To unsubscribe from enterasys, send email to lists...@unc.edu mailto:lists...@unc.edu with the body: unsubscribe enterasys m...@marklamond.co.uk * --To unsubscribe from enterasys, send email to lists...@unc.edu mailto:lists...@unc.edu with the body: unsubscribe enterasys jandrewar...@ccgs.wa.edu.au -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Wireless 8.31 Bridging at AP unexpectedly
Let's try that with rest of the formatting fixed: On 27/11/13 15:26, James Andrewartha wrote: I was reading the 8.32.02.0006 release notes and noticed the following which sounds like what you were experiencing: wns0007074-Info A partially specified policy is one that has “No change” selected for filters, default topology or default qos. When a partially specified policy is assigned to a station the “no change” settings are replaced by the elements from another policy applied to the station. When a station successfully authenticates and is assigned a partially specified policy, the “No change” elements of the policy are replaced with the corresponding elements of the WLAN Service’s default authenticated policy. Consider the following example. Suppose a VNS is defined that uses policy P1 for its default non-authenticated policy and policy P2 for its default authenticated policy. Policy P1 assigns the station to topology T1 and policy P2 assigns the station to topology T2. Suppose there is a policy P3, that has no change set for its topology A client on the VNS will be assigned to P1 with topology T1 when he first associates to the VNS. Now suppose the station is assigned P3 by the RADIUS server when the station authenticates. Even though the station is on T1 and P3 has no change set for the topology, the station will be assigned to T2. When the client is authenticated, internally on the controller, the client is first assigned to P2 then P3 is applied. A similar scenario exists when the hybrid mode policy feature is set to use tunnel-private-group-id to assign both policy and topology but for some reason the VLAN-id-to-Policy mapping table does not contain a mapping for the returned tunnel private group id. In this case a station that successfully authenticates would be assigned the filters and default QoS of the WLAN Service’s default authenticated policy and the topology with the VLANID contained in the Tunnel-Private-Group-ID of the ACCESS-ACCEPT response. If this is not the desired behavior, then 1. Avoid using partially specified policies. 2. When the controller is configured to map the VLAN ID in the Tunnel-Private-Group-ID response to a policy using the mapping table, ensure that there is a policy mapping for each VLAN ID that can be returned to the controller by the RADIUS server. On 14/11/13 05:52, Mark Lamond wrote: Hi there, This is my experience: I have seen this on C4110’s with 3610 AP’s on various 8.x software levels. It caused no end of head scratching! If no default topology is set on your VNS, the default policy (under “Global”) is applied. As I understand it the default policy can come into play for a number of reasons – failed Auth etc, and sometimes, very occasionally for no obvious reason at all when a client connects. By default the global policy is to bridge at AP untagged and the associated filter rules allow all traffic. It’s dangerous default behaviour in my opinion! Deny would be safer because this leakage of traffic would have gone un-noticed had we not been running DHCP in the AP VLAN. Be sure to change the HWC and AP filter rules to deny all on all controllers as a safeguard, if you do not want to use the default policy. On a basic VNS, where no dynamic policy is occuring we are always sure to assign the default topology on the WLAN service to be the same as that in the associated policy. That way should something odd happen as the controller processes the client’s request to connect, clients will always stay in the correct topology. Also, if you are dynamically changing policy using NAC/RADIUS etc the problem is more likely to occur. There appears to be a transition stage in the process where your client has the default policy applied. With an unrestricted default policy in place if the client happens to perform a DHCP request during that time it may end up with an address from the VLAN your AP resides in. To add more confusion, by the time you look at the reporting screen it will show the correct policy applied - yet the client has an invalid IP it has obtained from the AP VLAN! And because the client has what it thinks is a valid IP, when the policy finally does change the client does not request another DHCP address and happily sits there, unable to communicate. Very confusing – a wireshark capture taken from the AP radio and Ethernet interfaces (great feature by the way) proved what was going on. This all happens in a very short time window, but it is enough for a DHCP server to answer back and reply to the DHCP request. I’m glad Charles has described exactly the same behaviour and solution. Mark. *From:*John Kaftan [mailto:jkaf...@utica.edu] *Sent:* 12 November 2013 8:35 PM *To:* Enterasys Customer Mailing List *Subject:* [enterasys
[enterasys] LAG vs MSTP for redundant switch links
Hi list, I'm setting up dual fibre links between our core and edge switches, and was pondering whether to set up link aggregation or use MSTP to balance the traffic across the links. My primary concern is for redundancy, not extra bandwidth (I just checked cacti, and most don't sustain 100Mb/s). How do MSTP and LACP compare for failover times? The other thing about LACP is the config overhead of having to set the aadminkey on the physical and LAG ports plus ensuring the VLANs match. Whereas with MSTP I don't have to worry about the LAG port, and can just set a port priority on the SID to balance the traffic if required. I'm leaning towards MSTP, but every man and his dog seems to have a spanning-tree meltdown story. All the switches will be Enterasys (S4 at the core, B3/B5 at the edge) so you'd think it should all work fine. Opinions? Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] RADIUS Rejects
On 08/11/13 11:22, John Kaftan wrote: I have had some users having trouble getting connected to our 802.1x wireless network. In the log I see these entries. Authentication request became stale, challenge sent, no response received from client (switch 10.0.5.11/end-system http://10.0.5.11/end-system). I've seen about 65 of these on the last hour. This is unfortunately a rather generic error - it generally means the client gave up on the request. The first thing to check is if the client has the correct time/has your certificate expired. Beyond that I'd start looking at logs on the client, checking signal strength/interference etc. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] IPv6 = bridged@HWC ?
On 13/05/13 01:34, excel...@gmx.com wrote: till now I added VLANs for each building/floor a user needed IPv6 and bridged that traffic locally. It works but it´s kind of ugly. To cut a long story short: does anyone have any news about CAPWAP+IPv6 support? http://www.excivity.com/ComputeCycle/late-ipv6-at-shmoocon-but-why/ suggests it'll be in 8.31, which is a month or two away I believe. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
[enterasys] Passive Twinax SFP+ cables
Hi all, Has anyone had any problems with passive Twinax direct attach cables? In particular, Dell and IBM. I'm getting some new servers and both vendors are saying to check compatibility. I reckon they should work find but thought I'd ask just to make sure. Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] DHCP relay on S4
On 09/03/12 21:32, jason.rear...@uticanational.com wrote: I just looked through the S-series CLI reference document and it's the same as the N-Series code. This is the command which should be entered under each layer three interface needing the DHCP relay *ip helper-address */DHCP Server address/ Hmm, I've done that but it's not working. I'm trying to use the debug packet filter commands to see if the S4 can actually see the DHCP requests, but that's not working either. I can definitely ping the IP address of the interface though. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
[enterasys] DHCP relay with Mac BSDP protocol
Hi all, Has anyone done BSDP relay? I've configured our S4 to be a relay, or so I hope, but I'm not seeing any packets being directed towards the BSDP server. My config is as follows: core-s4(su-config)-sh run configure terminal ! interface vlan.0.1 ip address 172.20.254.5 255.255.255.0 primary no ip proxy-arp no ip forwarding no shutdown exit interface vlan.0.500 ip address 10.50.0.5 255.255.255.0 primary no shutdown exit interface vlan.0.517 ip address 10.50.17.5 255.255.255.0 primary ip helper-address 10.50.0.40 no shutdown exit ! # Static routes configured on non-routed interfaces ip route 0.0.0.0/0 172.20.254.254 interface vlan.0.1 1 ! no ip forward-protocol udp time no ip forward-protocol udp nameserver no ip forward-protocol udp tacacs no ip forward-protocol udp domain no ip forward-protocol udp tftp no ip forward-protocol udp netbios-ns no ip forward-protocol udp netbios-dgm ! ip dhcp relay information option vpn ! exit Is there anything obvious I've missed? There is a DHCP server on that subnet as well, so maybe that's the problem? I'm using the JAMF NetBoot appliance https://jamfnation.jamfsoftware.com/viewProduct.html?id=180 Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] ...any Enterasys customers running VoIP?
On 28/07/11 21:20, Barron Hulver wrote: We are looking at converting from our traditional PBX, a Nortel CS1000 system, to a voice over IP solution. If you are running a VoIP solution over an Enterasys layer-2 network, I would be interested in the following: 1) Which VoIP vendor are you using? Cisco CUCM. 2) How many Enterasys switches do you have? ~30, mostly B2/3/5 stacks but a few C2/3, one G3, one S4 3) How many VoIP phones do you have? 250 4) How long have you been running VoIP? 9 months 5) Have there been any major interoperability issues? Nope 6) Could I contact you directly to follow-up if I have more questions? Yes. -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] 64bit SNMP interface counters on B5 switches
On 22/07/11 01:01, Michael Votaw - VTI wrote: You need to use the high-speed OIDs, but I think that they are only available in SNMPv2c or SNMPv3. That was it - for some reason Cacti was set to use SNMPv1 for that switch, even though it used v2 for the S4. Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
[enterasys] 64bit SNMP interface counters on B5 switches
Hi, I have some B5Ks which I'd like to graph with cacti. I can get them working with 32bit SNMP counters, but the 10Gb ports overflow this with a 5 minute polling interval. I tried selecting 64bit counters in cacti, but now I'm not getting any data. Are 64bit interface counters supported on B5 switches? -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
[enterasys] VLAN configuration on S-Series
Hi all, I'm configuring up our new S4 before putting it in to production, and I'm getting a bit confused by the VLAN configuration. Firstly, show vlan portinfo is missing, which is a giant pain as it gives a nice overview, but also commands like show vlan 1 and show port egress only work for ports that have link. Is there any way to get an overview of the vlan configuration for all ports, whether they have link or not? The S4 is running firmware 7.21.01. Thanks, -- James Andrewartha Network Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com