802.1X single-host; workstation attached to non-cisco IP Phone

Hello everyone,
I am doing some design piece of work and I need to understand (because I couldn't find it clearly written anywhere) the following thing:
If I am using LLDP-MED in order to assign the VVID (Voice Vlan), instead of Cisco's CDP,  will that be just fine with the Single-Host mode? I want to bypass phone authentication, if it is recognized by the LLDP-MED, but to keep authenticating the workstation that is attached physically to the phone.
If that has any mater - the phones will be Avaya.
Cheers & thanks in advance!
Dani

Hi Danail,
In addition to the private message I replied to you, I think MAB is more feasible way to depoly VOIP in dot1x network environment than LLDP-MED for the following reason:
1. MAB complies with dot1x framework, it works in very simliar way as dot1x.
2. MAB has been widely deployed on Cisco switches and works fine.
3. MAB can be deployed for any kind of endpoints which doesn't support dot1x supplicant function in dot1x network environment.
While LLDP-MED IMO is a revision of LLDP, you may have the capablity to bypass the phone on switches of some vendors with LLDP-MED, but it will be higher risk on deployment than MAB on Cisco switches.
BTW, generate 2000 MAC for VOIP phone is not biggy as normally you can ask the vendor send you the list of MAC. The OUI check with wildcard is definitely doable but it is Radius software related. IMO these two questions actually are not design questions, they are more likely deployment questions which should be considered after your high level design.
Which can win the race: increasing bandwidth with new technologies VS QoS?

Similar Messages

  • Using 802.1X and non-Cisco IP Phones

    Hi there,
    Having some questions about an 802.1x/non-Cisco ip phone setup and was hoping to find some answers/user-experience with this setup.
    Main questions i'm facing:
    1) When using non-Cisco ip phones (eg Nortel or Siemens) and a previous authorized client connected behind this ip phone gets disconnected. What will this action do with the authorized state of 802.1X on the switch port? WIll it stay authorized until the reauth timer expires or does it reject communication from any other device?
    2) What about EAPOL-Logoff messages from the ip phone to the switch. Are these only used by Cisco phones when they experience a link-status change on data ports?
    Thanks for sharing your thoughts

    Overall, you need to try and deal with the fact that a machine can disappear from the network and the network may not know about it directly (i.e. Link doesn't go down).
    I have no idea what other phones do, but Cisco phones send an EAPOL-Logoff when something is unplugged. This lets the switch know directly, and 1X session start is torn down immediately, closing what would be a security hole.
    Fundamentally, re-auth is a workaround only, and this is not the reason to enable re-auth to begin with.
    If your phone doesn't send an EAPOL-Logoff in this case, the switch might be left thinking an attack is underway when someone else tries to plug in (with presumably a different MAC). You do NOT want this to occur.
    Hope this helps,

  • 802.1x problem with non-Cisco IP Phone, VVID enabled.

    I am testing with a 3750 PoE switch running 12.2(25)SEE1 and trying to configure 802.1x to work with Mitel IP phones.
    I have voice and data vlans configured on each port. Turning on 802.1x causes the phone to hang and timeout in DHCP Discovery. The port status from the switch is "Unauthorized".
    interface FastEthernet1/0/2
    switchport access vlan 1
    switchport mode access
    switchport voice vlan 2
    dot1x pae authenticator
    dot1x port-control auto
    no mdix auto
    spanning-tree portfast
    end
    Should anything be configured besides the Voice VLAN to let phones onto the network? There is no computer behind the phone right now. The only information I can find says I need a VVID, and any clients behind it will cross the PVID.
    Thanks.

    Yes it does.
    Apparently the Mitel phones (testing a 5215 dual-mode) we have support EAP-MD5, but we have a primarily PEAP/EAP-TTLS environment. Apparently the phones need to use a username/password entered on each phone before they will send that to a Radius server doing EAP-MD5. Our PEAP clients authenticate to a Microsoft Radius server, and our EAP-TTLS to a Funk box. Hopefully the Microsoft can support both EAP-MD5 phones and PEAP on the laptops, I'll have to find out.
    I was hoping this was a quick and easy Cisco configuration error... oh well.

  • Difference between 802.1x multi-host and 802.1x multi-auth

    Hi,
    This is a bit confusing for me. Does someone has an easy explanation?
    What I understand and looked up for the moment (correct me if I'm wrong):
    802.1x multi-host: Good for an AP or a phone setup. Port becomes authorized as soon as one client is authenticated. In this situation the AP or the phone. Aftherwards pc's have access without any further 802.1x action.
    802.1x multi-auth: Multiple devices are allowed to independently authenticate through the same port. More secure? Is this good for next setup: I have a 802.1x port on the managed 24p switch, but the customer decides to plug in a non-managed 8p cheap switch on his desk where different pc's will be plugged in. So I have a 802.1x port on the Cisco switch connected to a non-managed 8p switch. I suppose 802.1x multi-host configuration is not a secure option here.
    I don't know if I am clear enough. Don't hesitate to ask if not.
    Thanks for your reply.

    You are right with your understanding.
    Multi-Host is a valid solution if a power-user for example is using many VMs on his PC. After authenticating initially, all VMs can communicate with the network.
    Multi-Auth is more secure because each MAC address accessing the network is controlled.
    A very good overview on 802.1x and the configuration can be found on the Cisco IOS Quick Reference Guide for IBNS.

  • Configuring Switch for CCA is behind non-Cisco phone, NAC OOB VGW Deployment

    Hi,
    I need to configure the edge switch port to keep serving non-Cisco IP phone on deploying NAC as OOB VGW.
    I appreciate your advise, but make sure 802.1x solution as the last option.
    Thanks
    Mike

    Hi,
    Please look at the config guide:
    http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_oob.html.
    HTH,
    Tiago
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • 3560G and 802.1X with Cisco IP Phone

    Hi,
    We have been doing some test on our 3560G switch with 802.1X. The switch port has a Cisco IP Phone 7940 connected and at the back of the IP Phone is the PC (802.1X client).
    The PC authenticates with the computer name or the username properly without any problems. However problem is that the port stays opened/authorized even after disconnecting the Laptop from the phone. Only disconnecting the phone from the switch disables the port and enforces authentication.
    This totally defeats the purpose for us.
    IOS: 12.2(20)SE3
    aaa new-model
    aaa authentication dot1x default group radius
    aaa authorization network default group radius
    dot1x system-auth-control
    interface GigabitEthernet0/40
    switchport access vlan 4
    switchport mode access
    switchport voice vlan 15
    dot1x port-control auto
    dot1x timeout quiet-period 15
    dot1x timeout reauth-period 30
    dot1x max-req 1
    dot1x reauthentication
    spanning-tree portfast
    spanning-tree link-type point-to-point
    Any ideas will be appreciated.
    Thanks,
    Cheers
    Kartik

    I believe the problem should be solved with the new phone firmware:
    Ref Cisco Document:
    http://www.cisco.com/en/US/products/hw/phones/ps379/prod_release_note09186a0080461f84.html
    "Firmware release 7.2(2) provides support for the Cisco IP Phone models 7960G and 7940G to monitor IEEE 802.1X messages between an authenticating switch and a connected PC (supplicant).
    When a PC is disconnected from the Cisco IP Phone, the phone issues an EAPOL-Logoff message on behalf of the PC to the authenticating switch.
    Hope This Helps
    Jarle Steffensen

  • 802.1x per host authentication under one port with multi-host access by hub

    Dear,
    While multi-host connect to one port by hub, it seems that in multi-host mode, after one host passed the authentication, the port change state to up, and the other hosts do not need to authenticate any more. And in single host mode, only one host could access to the network under one port.
    In the situation with multi-host access to one port by hub, is it possible that we could control per user access by authentication for each?
    We did some test on 3550, it seems that the 3550 doesnot support what we need. And what about 4506?
    Thanks!

    Multiauthentication Mode
    Available in Cisco IOS Release 12.2(33)SXI and later releases, multiauthentication (multiauth) mode allows one 802.1X/MAB client on the voice VLAN and multiple authenticated 802.1X/MAB/webauth clients on the data VLAN. When a hub or access point is connected to an 802.1X port (as shown in Figure 60-5), multiauth mode provides enhanced security over the multiple-hosts mode by requiring authentication of each connected client. For non-802.1X devices, MAB or web-based authentication can be used as the fallback method for individual host authentications, which allows different hosts to be authenticated through different methods on a single port.
    Multiauth also supports MDA functionality on the voice VLAN by assigning authenticated devices to either a data or voice VLAN depending on the data that the VSAs received from the authentication server.
    Release 12.2(33)SXJ and later releases support the assignment of a RADIUS server-supplied VLAN in multiauth mode, by using the existing commands and when these conditions occur:
    •The host is the first host authorized on the port, and the RADIUS server supplies VLAN information.
    •Subsequent hosts are authorized with a VLAN that matches the operational VLAN.
    •A host is authorized on the port with no VLAN assignment, and subsequent hosts either have no VLAN assignment, or their VLAN information matches the operational VLAN.
    •The first host authorized on the port has a group VLAN assignment, and subsequent hosts either have no VLAN assignment, or their group VLAN matches the group VLAN on the port. Subsequent hosts must use the same VLAN from the VLAN group as the first host. If a VLAN list is used, all hosts are subject to the conditions specified in the VLAN list.
    •After a VLAN is assigned to a host on the port, subsequent hosts must have matching VLAN information or be denied access to the port.
    •The behavior of the critical-auth VLAN is not changed for multiauth mode. When a host tries to authenticate and the server is not reachable, all authorized hosts are reinitialized in the configured VLAN.
    NOTE :
    •Only one voice VLAN is supported on a multiauth port.
    •You cannot configure a guest VLAN or an auth-fail VLAN in multiauth mode.
    for more information :
    http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/dot1x.html

  • Single Host for netweaver/xi & Idoc settings in ale

    HI,
    In the case of a single system which is the R/3 system as well as the xi system...what settings are to be done from ALE to enable idoc processing...is this the same as a dual system configuration..or ?
    I am pasting some of the steps suggested for the ale configuration.
    Can anyone re-organize this or format this so that it applies for a single system that is the db host, Xi Host, and r/3 host.
    There are several ways of doing it, all eventually leading to the same conclusion..but in the case of a non-distrubuted system, there are some differences..<b>Can someone put some clarity here</b>...as i have tried the steps and not all of them clearly apply in the case of a single host.
    link1) https://www.sdn.sap.com/irj/sdn/wiki?path=/display/xi/sapR3%28Idocs%29ToXI--Steps+Summarized&
    Link 2) /people/swaroopa.vishwanath/blog/2007/01/22/ale-configuration-for-pushing-idocs-from-sap-to-xi
    3) ALE settings.==> Author( Raghavesh Reddy  )
    SAP XI1) RFC Destination (SM59)
    a) Choose create.
    b) Specify the name of the RFC destination
    c) Select connection type as 3 and save
    d) In the technical settings tab enter the details SAP SID/URL and system number#.
    e) Enter the Gateway host as same details above SID/URL.
    f) Gateway service is 3300+system number#.
    g) In the Logon /Security tab, enter the client user & Password details of Destination system.
    h) Test the connection and remote logon.
    2) Create Port (IDX1)
    a) Select create new button
    b) Enter the port name as SAP+SID (The starting char should be SAP)
    c) Enter the destination client.
    d) Enter the RFC Destination created in SAP XI towards other system.
    e) Save
    3) Load Meta Data for IDOC (IDX2)
    a) Create new
    b) IDOC Message Type
    c) Enter port created in IDX1.
    SAP R/3
    1) RFC Destination (SM59)
    a) Choose create.
    b) Specify the name of the RFC destination
    c) Select connection type as 3 and save
    d) In the technical settings tab enter the details SAP SID/URL and system number#.
    e) Enter the Gateway host as same details above SID/URL.
    f) Gateway service is 3300+system number#.
    g) In the Logon /Security tab, enter the client user & Password details of Destination system.
    h) Test the connection and remote logon.
    2) Create Port (We21)
    a) First Select Transactional RFC and then click create button
    b) Enter the destination port name as SAP+SID (The starting char should be SAP)
    c) Enter the destination client.
    d) Enter the RFC Destination created in SAP R/3 towards other system.
    e) Save
    3) Create Partner Profile (WE20)
    a) Create New
    b) Create the Partner no. name as same the logical system name of the destination system.
    c) Select Partner type LS
    d) Enter details for Type: US/USER, Agent, and Lang.
    e) Click on the + button to select the message type.
    f) Select Partner no. and LS which ever create above.
    g) Select Message type
    h) Select Process code related to the Message type.
    I) save.
    In SLD – System Landscape Directory
    TS for R/3 (Logical system):-Assign the client name created in R/3 as Logical system Name.
    Ts for Third Party (Logical system):-
    BS for SAP R/3 (Logical system):- Assign the client name created in R/3 as Logical system Name.
    BS for Third Party (Logical system):-Enter the XI logical system name.
    In Transaction SALE
    Define and Assign the logical system name.

    If you want to configure your R/3 system to send IDocs to XI the first thing you have to do is configure the basic ALE:
    <b>Logical System</b>
    -Representation of a system R/3 will communicate with
    -Every R/3 client used in ALE must have a logical system associated
    -BD54 – change logical systems (add), SCC4 – change clients (attach logical system)
    -Stored in tables TBDLS and TBDLST
    <b>Ports</b>
    -Logical representation of a communication channel
    -How you refer tie together RFC destinations with partner system
    -WE21 or WEDI
    <b>Partner Profile</b>
    -Ties together many pieces of the ALE puzzle
    -Message types, IDoc types, process codes, partner functions, application identifiers, message function, output type, and port
    -Maintain inbound and outbound parameters (partner type, port, transfer immediately or collect IDocs)
    -WE20, WEDI, or SALE
    -Viewed as a gateway, routes a particular message of a specific IDoc type to the given port and invoking the appropriate function modules
    The next thing you have to do is configure the IDoc adapter in XI to prepare the system to accept IDoc's into the integration builder from other SAP systems.
    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/d19fe210-0d01-0010-4094-a6fba344e098

  • 9.0.2 portal on NT/Win2k - single host for infrastructure and midtier

    We're having myriad problems/bugs with a 9.0.2 portal implementation on Windows 2000. We've implemented both the infrastructure and mid-tier on the same host, a hefty new Compaq.
    Has anybody had any luck with this type of OS/single host deployment of portal 9.0.2?

    I have managed to get it to "work" - though not on that OS. We are using Solaris 8 for this and it took me a little over three weeks to get it to a "workable" state.
    I found a couple of things that may help though:
    order of install is very important. As the documentations says install the infrastructure first then the mid-tier. What it doesn't mention (at least not where I was reading) was to configrue the oem reporting website after the infrastructure install and BEFORE the mid-tier install. I overcame a number of problems doing it this way.
    Also, after each install exit OUI. It's strange but it works. Oracle makes some mention that they do not support multiple installs in the same session. It's in only one of the many documents I read on this website.
    Edit the httpd.conf to auto start Jserv and hard code the ports for the sucker. Don't depend on it doing itself manually.
    Also, make sure the jserv.conf line in httpd.conf is uncommented.
    Also, under unix before each install explicitly indicate which ORACLE_HOME you are installing into (I guess this may mean to manually enter the ORACLE_HOME values in the Windows registry). Do not unset the ORACLE_HOME value as the Oracle documentation states when doing the second install - hard code it yourself.
    Check on the DISPLAY value in jserv.properties (for both mid-tier and infrastructure - I am guessing that you may not need to do this but for Unix it's a big thing and causes a huge number of errors).
    Uncomment the following line in jserv.properties if your version of the jdk is higher than 1.2.2a:
    #wrapper.env=JAVA_COMPILER=NONE
    verify that the cgi-bin virtual directory is set properly in oem.conf found in /db/d01/oracle/ora9ias/oem_webstage if the following sections is found in oem.conf (it points to the Apache cgi-bin directory):
    DirectoryIndex emwebsite.html
    ScriptAlias /cgi-bin/ "/db/d01/oracle/ora9ias/Apache/cgi-bin/"
    ScriptAlias /oem_webstage/cgi-bin/ "/db/d01/oracle/ora9ias/Apache/cgi-bin/"
    Alias /oem_webstage/ "/db/d01/oracle/ora9ias/oem_webstage/"
    Change it to reflect the cgi-bin of the oem website
    DirectoryIndex emwebsite.html
    ScriptAlias /cgi-bin/ "/db/d01/oracle/ora9ias/oem_webstage/cgi-bin/"
    ScriptAlias /oem_webstage/cgi-bin/ "/db/d01/oracle/ora9ias/oem_webstage/cgi-bin/"
    Alias /oem_webstage/ "/db/d01/oracle/ora9ias/oem_webstage/"
    When the infrastructure in installed always, always start dcmctl (the Oracle http server) before starting the Enterprise manager during the startup of the server else you will get passwords that are not synced. Same for when you need to restart the httd server - shutdown the enterprise manager website down first, make your changes, shutdown the httd server, start it up and then restart the enterprise manager.
    Just some things that I can think of off the top of my head right now.
    Now if only the mid-tier would have installed the Portal to the default port rather than one I did not choose. That's a whole nuther story.
    Good luck.

  • Multiple Oracle 9ias instances on single host

    hi all
    i tried installing more than 1 instances on a single host, under different oracle home......but i am facing certaing strange errors. Can anyone tell me what are the things that we have to specifically take care of while installing multiple instances on single host, i mean any port issues or anything else??
    please help
    thanks

    hi all,
    i have almost the same prolem here.
    i have created two instances other then OC4J home. i have also deployed two different applications on the two different instances. but when i try to run the application it gives Page not found exception! for both the applications.
    now when i stop one instance then the other instance runs properly and doesnt throw any error!
    there is definately no problem with the ports as internally the ports allocated to both the applications are different!
    if anybody has got any idea what might be the problem then it will be very helpful for me!
    thanks in advance!!
    Piyush

  • Multiple Oracle databases on Single host

    Hi Gurus,
    I am new to SAP World. We are planning to install multiple SAP systems (ECC/BW/SRM/XI) on a single host with Oracle 11.2.0.2. As per SAP instguide, the Oracle RDBMS software should be owned by ora<SID>:dba. So we are planning to install the oracle software for the first dev system ERD under 'oraerd:dba' id. And the next will be under 'orabwd:dba' and the third under 'orasrd:dba'.
    My questions is, instead of having multiple ORACLE_HOME's owned by individual id's, can I have one consolidated Oracle_Home owned by 'oracle:dba' which then controls all the oracle db's and its datafiles.
    I know there is a SAP Note to do this for Oracle RAC (prd is being planned this way), but can we do the same for Single instance also.
    Best Regards
    Shiv

    Shivaspo wrote:
    Hi Orkun,
    > Thanks for your reply. Its a must or its just better to have under individual O_H. The reason we were looking to out all under 'oracle' was that our DR site for the prod is going to be single instance physical standby using DG. SAP recommends to have the OS user on the DR host to be oracle, so that there are no issues with permissios for log shipping.
    > So we will end up having multiple db's system running under 'oracl' on the DR site.
    >
    > -Shiv
    Hi Shiv,
    Technically, there's no restriction to configure your system, by this way. But from SAP point of view; at the first step, because the the installation is not completed as referred by SAP installation guide, you will not able to get support by SAP. For the instance, if you face with a problem during the productive, SAP may not support your installation.
    Secondly, you may face with the problems at the database upgrades and applying patches. For example, you need to stop all the databases when you decided to patch one of them.
    I can count many restrictions about this issue. As a summary, from technical way, it is possible to have one Oracle home, but it is strongly recommended to have different Oracle home folders for each Oracle installation.
    Best regards,
    Orkun Gedik

  • Having multiple Node manger process in a single host machine.

    I am using weblogic server(portal)10.2.
    I am running the Node Manager to start the admin server.I have installed Java based Node manager in the host machine .Created a unix id ND1 and started the Node Manager utiliy with this id.
    I keep on creating domain for my new applicaitons and add this ND1 in each new domain group,so that ND1 will access the new domain's admin folder.
    Now when I add this ND1 in more than 16 domain groups,I got trouble in accessing the domain folder.In unix OS there is group membership limitation where a unix id cannot be in more than 16 groups.
    Anyone came acroos this issue?
    Possible options.
    1) Can we have multiple node manager ids(ND1,ND2,ND3..etc) for a single Node manager utility in single host?
    2) While starting the server,will node manager look only the nm_password.properties file in domain folder?

    You can boot multiple Node Managers if you change the NodeManager home. To do that, create a directory for each NodeManager and copy the startNodeManager script to it. Then edit the NODEMGR_HOME, LISTEN_ADDRESS, and LISTEN_PORT

  • Db2 multiple instances in a single host

    Hi,
    os - windows 2008 db - db2 9.1 fp7
    if i want to install 2 sap instances in a single machine in windows how to proceed?
    1) I have read the documents where installation doc saying default db s/w path is /db2/db2sid/db2_software.is this the s/w path in windows? some where i read it saying default path is drive:/program files/IBM/sqllib.what is actually the difference?
    2) and also read in the forum and also in the note 978555 and 930487,it says multiple instance is not possible in db2 ie we can have only 1 defalut copy of db2 so we cant have multiple instances with the different copies of db2(up to kernel version 7.0) .is this correct? for 1st instance it is /db2/db2sid1/db2_software and for 2nd instance it is /db2/db2sid2/db2_software right?so how we cant have 2 instances with 2 different db2 copies?
    pls expain me.
    Thanks

    Hi Rajesh,
    if i want to install 2 sap instances in a single machine in windows how to proceed?
    1) I have read the documents where installation doc saying default db s/w path is /db2/db2sid/db2_software.is this the s/w path in windows? some where i read it saying default path is drive:/program files/IBM/sqllib.what is actually the difference?
    sqllib is only the links. The actual database is not this path.
    2) and also read in the forum and also in the note 978555 and 930487,it says multiple instance is not possible in db2 ie we can have only 1 defalut copy of db2 so we cant have multiple instances with the different copies of db2(up to kernel version 7.0) .is this correct? for 1st instance it is /db2/db2sid1/db2_software and for 2nd instance it is /db2/db2sid2/db2_software right?so how we cant have 2 instances with 2 different db2 copies?
    Multiple instances on a single host is only supported as of 9.7 you would have to upgrade to that release.
    You can technically have two instances as of 9.1 but as per the sap note s you have mentioned, this is not supported by SAP
    For more information on 9.7 see:
    http://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/901b4314-9851-2c10-1c8f-b0ddd38d6e75
    SAP note: 1351160 DB6: Using DB2 9.7 with SAP Software
    Hope this answers your query,
    Paul

  • 802.1x per host authentication under one port with multi-host access by switch

    In the situation with multi-host access to one port of Cisco 2960 Lan Lite by another simple L2 switch, is it possible that we could control per user access by authentication for each?
    What happens if I connect to the switch (which already has some trusted devices) a untrusted device?
    What happens if I connect to the switch (which already has some untrusted device) a trusted device?
    If I use "authentication violation protect" traffic will be blocked only by an untrusted device or all devices connected via a simple L2 switch?
    I read the manual, but it is not made ​​detailed clarity.
    Please tell me the right way.
    I will be very grateful for your advice!

    Hello,
    In the situation with multi-host access to one port of Cisco 2960 Lan Lite by another simple L2 switch, is it possible that we could control per user access by authentication for each?
    Yes, that's why multi-host mode exists
    What happens if I connect to the switch (which already has some trusted devices) a untrusted device? If it's on single host the port will go into error-disabled as the violation of just one client per port has been triggered.
    What happens if I connect to the switch (which already has some untrusted device) a trusted device?Same thing than before if being on single mode.
    If I use "authentication violation protect" traffic will be blocked only by an untrusted device or all devices connected via a simple L2 switch?
    Only for the unknown client MAC address, the trusted devices will be able to comunicate.
    For more information about Core and Security Networking follow my website at http://laguiadelnetworking.
    Any question contact me at [email protected]
    Cheers,
    Julio Carvajal Segura

  • Multiple OHS in single host?

    I am newbie to Oracle AS, will like to test the web cache with load balancing to 2 OHS. Can I have mutiple OHS in single host? Do I have to install sepearate binary for each OHS?
    What about install web cache standalone? If I use the Oracle CD it will install J2EE and Web Cache. How to install just Web Cache?

    Hi,
    The error message is correct. When you want to map the same Web cache to 2 servers, you can do one of the following:
    Consider the servers to be called s1 and s2.
    Option 1:
    If you want Web Cache to communicate with s1 and s2 through the same port, then do the following:
    1) Open Web cach's Admin UI
    2) Go to 'Site-to-Server Mapping' page
    3) Select the mapping you have currently
    4) Click 'Edit Selected'
    5) In the 'Edit/Add Site-to-Server Mapping' pop-up that appears, you can see a section titled ' Select Application Web Servers'. Under this, you will be able to see both s1 and s2 (if you have added them through the Origin Servers page). Select both s1 and s2.
    6) Click 'Submit'
    7) 'Apply Changes'
    8) Restart Web cache
    And there you go!
    Option 2:
    1) Add some unused port as the 'Listen port' of Web Cache through the 'Listen Ports' page
    2) Then in 'Site Definitions' page, add the host_name:new_listen_port as a site
    3) In 'Site to Server mapping' page, select some existing mapping, then click 'Insert above/below' and do the mapping between the new site and the second server.
    4) apply changes
    5) restart web cache
    and that's it!
    Regards,
    Priya G S
    Oracle Web Cache Team

Maybe you are looking for

  • I have a long list of gibberish files, in Preferences, in my Library. What are they? How did they get there? Can I delete them?

    I have a long list of gibberish files, in Preferences, in my Library. What are they? How did they get there? Can I delete them without causing a problem?

  • How to update Camera Raw?

    I have Bridge CS5 v4.1.0.54 (on a PC) and can't figure out how to view or update what version of Raw I have. I am trying to view images show with a D610 and a D810 and get the error message that my current version of Raw does not support these files,

  • HT1338 Trouble Updating Software

    Every time we go to update our software (from OS X 10.6.5) an error message comes up at the end of the downloading process that says that the update may be corrupted and could not be saved. Has anyone else had this issue? What can we do to get our sy

  • Something's Messed Up

    I recently acquired a Powerbook 17 to go with my PowerMac G4 DP 1.25. At the same time I upgraded the OS to 10.4.5 on both machines. I used Migration Assistant to move my Docs and 3rd party apps over to the PB. I use an Ethernet LAN with a DSL Router

  • Ituneshelper missing

    At first, after installing and running Lion, my iTunes was working as it should, but then one day the Devices dissappeared from the Playlist area, so I had to reinstall iTunes. Now, the iTunesHelper is missing and when I plug in a device such as an i