ACE ft difficulty

Similar Messages

• Importing HA 2 ACE 4710 into ANM 4.1

  I am New to ACe Loadbalancers. We have just installed the ANM4.1 and we are trying to import both appliances into the ANM4.1. Is there somthing I sould be aware off before I do the Install.? The question is when O do the Import does the ANM will have my config from the aces AS IS untouched. I am making sure that the ANM will not delete my config on the ACES
  Thanks

  Hi Hussaini,
  As per best practice I would like you to make sure that you have taken the backup of all the context of ACE using running config and saved it separately other then the device itself so at any point of contingency your hard work for configuring the box should not go in vain and you be ready for any kind of situation post import into ANM.
  When you install ANM for the first time you need to add a license from the command line before you can access ANM.
  ANM requires licenses to manage virtual devices and to run the ANM server or servers.
  ANM checks against the licensed Virtual Context count on each ACE.
  Thus if you have the ACE-VIRT-020 license on the ACE, to manage that ACE you must have an available ANM-AV-020 installed on the managing ANM. Even if that ACE to be managed has 5 or fewer defined Virtual Context or so.
  BTW..if at *any* time you get stuck in an operational bind due to ANM licensing, go to www.cisco.com/go/licensing, select the first link for evaluation licenses, and from there select to get evaluation license PAK for ANM. This will allow you to install the evaluation license that is *unlimited* for 90 days. Hopefully that is plenty of time to order the additional licensing you need for production operations.
  For each ACE with ACE-VIRT-020 ANM needs qty 1 of ANM-AV-020.
  Same for 050, 100, 250.
  ANM uses the following protocols for communication:
  For communication to an ACE module or appliance:
  –XML over HTTPS
  –SSHv2 (read and write)
  –SNMP V2C (read-only)
  –Syslog over User Datagram Protocol (UDP) (inbound notifications only)
  Enabling SSH Access and the HTTPS Interface on the ACE Module and Appliance
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/application_networking_manager/4.1/user/guide/UG_manage_devices.html#wp1362821If the ACE module or appliance is new and still has its factory settings, you do not need to perform the procedure in this section because SSH is enabled by default.
  If you are using ANM with an ACE module or ACE appliance and you configure a named object at the ACE CLI, keep in mind that ANM does not support all of the special characters that the ACE CLI allows you to use when configuring a named object. If you use special characters that ANM does not support, you may not be able to import or manage the ACE using ANM.
  The quickest and easiest way to add devices to ANM is to import them individually using the Add function available at Config > Devices. If you already know the device IP address, you can use this procedure to add your devices to ANM.
  Before you begin importing, you need to set up your network devices so that ANM can communicate and monitor them.
  Before importing a device, the ANM server pings the IP address of the device. If you have a firewall between the ANM server and the device that you want to import, your network administrator needs to modify the firewall to allow the ping traffic to reach the device or ACE.
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/application_networking_manager/4.1/user/guide/UG_manage_devices.html#wp1449529
  You can install the ANM server software on a standalone server or on a VMware virtual machine . The capabilities and functions of the ANM software are the same regardless of which application you use. The two ANM applications:
  ANM server: Dedicated server with ANM server software and Red Hat Enterprise Linux (RHEL) operating system installed on it. For information about installing this type of ANM application, see the Installation Guide for the Cisco Application Networking Manager 4.1.
  ANM Virtual Appliance: VMware virtual appliance with ANM server software and Cisco Application Delivery Engine Operating System (ADE OS) installed on it. Cisco distributes ANM Virtual Appliance in Open Virtual Appliance (.OVA) format. For information about installing this type of ANM application, see the Installation Guide for the Cisco Application Networking Manager 4.1 Virtual Appliance.
  So I am repeating again that please check the liscense as the ANM_AV license needed as it doesn't depend on the amount of contexts currently in use.
  If the ACE you are trying to import is using more contexts than the amount allowed by the ANM_AV license then you can face problem during import or only that much contexts will be imported and rest will fail to sync or face problem during import.
  You can check this value with the "ACE# show license status" command.
  Some times there may be chance for license mismatch between the ACE and the ANM.
  ANM uses TCP port 10444 for the ANM License Manager.
  For any other difficulty if you face even after this please write back to me.
  HTH
  Sachin Garg

• Looking for ACE Probe TCL script specific for LDAPS

  Hello Everyone,
  I have searched the forum, and i am having difficulty finding an example of how to modify the LDAP TCL probe from port 389 to secure LDAP port 636.
  Could someone kindly point me or provide me the modified TCL script if you happen to have it.
  During my search I also found a config that someone had provided, which contained the following probe:
  probe tcp LDAPS_Probe
    port 636
  probe tcp LDAP_Probe
    port 389
  I was trying to figure out if this a modified TCL script for LDAP or modifed TCP TCL script specific for port 636.
  This is how I applied the script for LDAP port 389.
  script file 1 LDAP_PROBE
  probe scripted LDAP_PROBE_389
  interval 5
  passdetect interval 30
  receive 5
  script LDAP_PROBE
  serverfarm host SF-LDAP-389
  description SF LDAP Port 389
  predictor leastconns
  probe LDAP_PROBE_389
  rserver LDAP-RS1-389
  inservice
  I will be more than glad to provide you any additional information that you need.
  As always thanks for your input.
  Raman Azizian
  SAIC/NISN Network services

  normally you would engage a TCL developer or ciso advanced services to develop a custom script for anything other than what Cisco provides in canned scripts. If you are comfortable with tcl you can do it yourself. Here is an example of the LDAP script modified to include initiation via ssl.  default port is 389 when you implement you would specify 636.
  #!name = LDAP_PROBE
  # Description:
  #    LDAP_PROBE opens a TCP connection to an LDAP server, sends a bind request. and
  #    determines whether the bind request succeeds.  LDAP_PROBE then closes the
  #    connection with a TCP RST.
  #    If a port is specified in the "probe scripted" configuration, the script probes
  #     each suspect on that port. If no port is specified, the default LDAP port 389
  #     is used.
  # Success:
  #   The script succeeds if the server returns a bind response indicating success
  #    (status code 0x0a0100) to the bind request.
  #   The script closes the TCP connection with a RST following a successful attempt.
  # Failure:
  #   The script fails due to timeout if the response is not returned.  This
  #    includes a failure to receive ARP resolution, a failure to create a TCP connection
  #    to the port, or a failure to return a response to the LDAP bind request.
  #   The script also fails if the server bind response does not indicate success.
  #    This specific error returns the 30002 error code.
  #   The script closes any attempted TCP connection, successful or not, with a RST.
  #  PLEASE NOTE:  This script expects the server LDAP bind response to specify length
  #   in ASN.1 short definite form.  Responses using other length forms (e.g., long
  #   definite length form) will require script modification to achieve success.
  # SCRIPT version: 1.0       April 1, 2008
  # Parameters:
  #   [DEBUG]
  #      username - user login name
  #      password - password
  #      DEBUG        - optional key word 'DEBUG'. default is off
  #         Do not enable this flag while multiple probe suspects are configured for this
  #         script.
  # Example config :
  #   probe scripted USE_LDAP_PROBE
  #         script LDAP_PROBE
  #   Values configured in the "probe scripted" configuration populate the
  #   scriptprobe_env array.  These may be accessed or manipulated if desired.
  # Documentation:
  #    A detailed discussion of the use of scripts on the ACE is included in
  #       "Using Toolkit Command Language (TCL) Scripts with the ACE"
  #    in the "Load-Balancing Configuration Guide" section of the ACE documentation set.
  # Copyright (c) 2005-2008 by Cisco Systems, Inc.
  # debug procedure
  # set the EXIT_MSG environment variable to help debug
  # also print the debug message when debug flag is on
  proc ace_debug { msg } {
      global debug ip port EXIT_MSG
      set EXIT_MSG $msg
      if { [ info exists ip ] && [ info exists port ] } {
       set EXIT_MSG "[ info script ]:$ip:$port: $EXIT_MSG "
      if { [ info exists debug ] && $debug } {
       puts $EXIT_MSG
  # main
  # parse cmd line args and initialize variables
  ## set debug value
  set debug 0
  if { [ regsub -nocase "DEBUG" $argv "" argv] } {
      set debug 1
  ace_debug "initializing variable"
  set EXIT_MSG "Error config:  script LDAP_PROBE \[DEBUG\]"
  set ip $scriptprobe_env(realIP)
  set port $scriptprobe_env(realPort)
  # if port is zero the use well known ldap port 389
  if { $port == 0 } {
      set port 389
  # PROBE START
  # open connection
  ace_debug "opening socket"
  set sock [  socket -sslversion all -sslcipher RSA_WITH_RC4_128_MD5 $ip $port ]
  fconfigure $sock -buffering line -translation binary
  # send a standard anonymous bind request
  ace_debug "sending ldap bind request"
  puts -nonewline $sock [ binary format "H*" 300c020101600702010304008000 ]
  flush $sock
  #  read string back from server
  ace_debug "receiving ldap bind result"
  set line [read $sock 14]
  binary scan $line H* res
  binary scan $line @7H6 code
  ace_debug "received $res with code $code"
  #  close connection
  ace_debug "closing socket"
  close $sock
  #  make probe fail by exit with 30002 if ldap reply code != success code  0x0a0100
  if {  $code != "0a0100" } {
      ace_debug " probe failed : expect response code \'0a0100\' but received \'$code\'"
      exit 30002
  ## make probe success by exit with 30001
  ace_debug "probe success"
  exit 30001

• Adobe InDesign ACE exam help!

  My question is targeted towards the InDesign ACE exam. I am based in the UK and experiencing difficulty gaining answers to some questions.
  Can somebody advise:
  A) How much longer the CS6 exams will be available for?
  B) When the CC exam will be available and what version it will be as I notice on the Adobe website there are 2 different manuals for this; the 9.2 release and the 2014 release?
  Thank you

  Try this page:
  https://store1.adobe.com/cfusion/store/html/index.cfm?event=displayStoreSelector <https://store1.adobe.com/cfusion/store/html/index.cfm?event=displayStoreSelector&nr=1> &nr=1
  Bob

• HTTP 404 Error on Apache, behind ACE 4710

  Hello All,
  I am having a difficulty loadbalancing my web servers.
  I have the ACE appliance setup and the real servers area all setup and running (IIS 6.0 with Apache Tomcat 4.1.8). I need to load balance these web servers, but at intervals requests for server pages get returned with the HTTP: 404 Error from Apache., when I check my ports (80, 8080), from my Virtual Server -VIP, The services are all running. Any clues why I keep getting this Apache error so often ..?

  I've my application public. When user enter https://mySite.org then it should automatically take him/her to https://mySite.org/apex401/f?p=MYAPP:HOME_.
  I'm using OHS and below is the configuration in my dads.conf file:
  <Location /apex401>
  Order deny,allow
  PlsqlDocumentPath docs
  AllowOverride None
  PlsqlDocumentProcedure wwv_flow_file_manager.process_download
  PlsqlDatabaseConnectString myApex.in01.qwer.org:1689:DEMOTEST ServiceNameFormat
  PlsqlNLSLanguage AMERICAN_AMERICA.WE8ISO8859P15
  PlsqlAuthenticationMode Basic
  SetHandler pls_handler
  PlsqlDocumentTablename wwv_flow_file_objects$
  PlsqlDatabaseUsername APEX_PUBLIC_USER
  PlsqlDefaultPage htmldb
  PlsqlDatabasePassword ******************************
  Allow from all
  </Location>
  And I tried to add below in my httpd.conf:
  <VirtualHost *:80>
  ServerName mySite.org
  DocumentRoot <<document root directory path>>
  #ErrorDocument 404 http://stage.purduehcp.com/
  #Redirect permanent /index.html http://stage.purduehcp.com/hcpportal/f?p=HCP:HOME
  RewriteEngine On
  RewriteCond %{QUERY_STRING} ^((.*&)?)p=([0-9]+):(.+)$
  # Redirect to app when hitting the URL
  RewriteRule ^/$ /apex401/f?p=MY_APP:HOME [NE,R=302,L]
  </VirtualHost>
  Can anyone please advice on where I might have gone wrong?

• HT5012 I am having difficulty XMIT/REC text messages to family members using Android phones?  I have a 3GB data plan and all switches and buttons are set properly.  Any suggestions?

  I am having difficulty XMIT/REC text messages to family members using Android phones?  I have a 3GB data plan and all switches and buttons are set properly.  Any suggestions?

      Hello APVzW, we absolutely want the best path to resolution. My apologies for multiple attempts of replacing the device. We'd like to verify the order information and see if we can locate the tracking number. Please send a direct message with the order number so we can dive deeper. Here's steps to send a direct message: http://vz.to/1b8XnPy We look forward to hearing from you soon.
  WiltonA_VZW
  VZW Support
  Follow us on twitter @VZWSupport

• Difficulty downloding Adobe Reader and Error 1327. Invalid Drive H:\

  I am having a difficulty downloading Adobe reader on my laptop. For some reasons, I am getting error 1327. Invalid Drive H:\ notification. I have followed the tips on how to resolve this issue from Adobe's help and FAQ pages, but I am still not able to download Adobe reader. This issue begun short while after I installed a Tuneup software from AVG. I contacted this Tuneup company, and one of it's representative guided me through the steps on how to resolve the problem; unfortunately, the correction attempt did not make any difference. Adobe tech support team can fix my issue, but at a cost of $ 40. I do not want to pay it. Hence, I am trying to solve this problem myself. Could any one, who has the knowledge to deal with this issue, please respond to my request?
  Thank you in advance for your assistance. I look forward to hearing from you.
  Best regards,
  Peter VK Mayangi

  Have you tried both solutions on the link from the earlier poster?  Microsoft Fixit did not fixit?
  If so, you will have to search the registry manually for your invalid drive H:\
  Please post back if you are unsure what to do when you find that registry entry.
  P.S. please do not post your email address and other private data in this public forum!

• Need help to Configure Cisco ACE 4710 Cluster Deployment

  Dear Experts,
  I'm newbie for Cisco ACE 4710, and still I'm in learning stage. Meanwhile I got chance at my work place to deploy a Cisco ACE 4710 cluster which should load balance the traffic between  two Application Servers based on HTTP and HTTPS traffic. So I was looking for good deployment guide in Cisco SBA knowledge base then finall found this guide.
  http://www.cisco.com/en/US/docs/solutions/SBA/February2013/Cisco_SBA_DC_AdvancedServer-LoadBalancingDeploymentGuide-Feb2013.pdf
  This guide totally fine with my required deployment model. I have same deployment environment as this guide contains with ACE cluster that connects to two Cisco 3750X (Stack) switches. But I have some confusion places in this guide
  This guide follow the "One-armed mode" as a deployment method. But when I go through it further I have noticed that they have configured server VLAN as a 10.4.49.0/24 (all servers reside in it) and Client side VIP also in same VLAN which is 10.4.49.100/24 (even NAT pool also).
  My confusion is, as I have learned about Cisco ACE 4710 one-armed mode deployment method, it should has two VLAN segments, one for Client side which client request come and hit the VIP and then second one for Server side. which means besically two VLANs. So please be kind enough to go through above document then tell me where is wrong, what shoud I need to do for the best. Please this is an urgent, so need your help quickly.
  Thanks....!
  -Amal-

  Dear Kanwal,
  I need quick help for you. Following are the Application LB requirements which I received from my clinet side.
  Following detail required for configuring Oracle EBS Apps tier on HA:
  LBR IP and Name required to configure EBS APPS Tier (i.e, ap1ebs & ap2ebs nodes)
  Suggested IP and Name for LBR:
  IP : 172.25.45.x [should be on same 172.25.45 subnet of ap1ebs & ap2ebs nodes]
  ebiz.xxxx.lk [on port 80 for http protocol accessibility]
  This LBR IP & name must be resolve and respond on DNS network
  Server Farm detail for LBR Setup
  Following detail will be use for configuring the LBR:
  LBR IP and Name :
  IP : 172.25.45.x [should be on same 172.25.45 subnet of ap1ebs & ap2ebs nodes]
  ebiz.xxxx.lk [on port 80 for http protocol accessibility]
  This LBR IP & name must be resolve and respond on DNS network
  Server Farm Detail for LBR setup:
  Server 1 (EBS App1 Node, ap1ebs):
  IP : 172.25.45.19
  Server Name: ap1ebs.xxxx.lk [ap1ebs hostname is an example, actual hostname will be use]
  Protocol: http
  Port: 8000
  Server 2 (EBS App2 Node, ap2ebs):
  IP : 172.25.45.20
  Server Name: ap2ebs.xxxx.lk [ap2ebs hostname is an example, actual hostname will be use]
  Protocol: http
  Port: 8000
  Since my client needs to access URL ebiz.xxxx.lk which should be resolved by IP 172.25.45.21 (virtual IP) via http (80) before they deploy the app on the two servers I just ran web service on both servers (Linux) and was trying to access http://172.25.45.21 it was working fine and gave me index.html page. Now after my client has deployed the application then when he tries to access the page http://172.25.45.21 he cannot see his main login page. But still my testing web servers are there on both servers when I type http://172.25.45.21 it will get index.html page, but not my client web login page. What can I do for this ?
  Following are my latest config :
  probe http Get-Method
    description Check to url access /OA_HTML/OAInfo.jsp
    interval 10
    faildetect 2
    passdetect interval 30
    request method get url /OA_HTML/OAInfo.jsp
    expect status 200 200
  probe udp http-8000-iRDMI
    description IRDMI (HTTP - 8000)
    port 8000
  probe http http-probe
    description HTTP Probes
    interval 10
    faildetect 2
    passdetect interval 30
    passdetect count 2
    request method get url /index.html
    expect status 200 200
  probe https https-probe
    description HTTPS traffic
    interval 10
    faildetect 2
    passdetect interval 30
    passdetect count 2
    ssl version all
    request method get url /index.html
  probe icmp icmp-probe
    description ICMP PROBE FOR TO CHECK ICMP SERVICE
  rserver host ebsapp1
    description ebsapp1.xxxx.lk
    ip address 172.25.45.19
    conn-limit max 4000000 min 4000000
    probe icmp-probe
    probe http-probe
    inservice
  rserver host ebsapp2
    description ebsapp2.xxxx.lk
    ip address 172.25.45.20
    conn-limit max 4000000 min 4000000
    probe icmp-probe
    probe http-probe
    inservice
  serverfarm host ebsppsvrfarm
    description ebsapp server farm
    failaction purge
    predictor response app-req-to-resp samples 4
    probe http-probe
    probe icmp-probe
    inband-health check log 5 reset 500
    retcode 404 404 check log 1 reset 3
    rserver ebsapp1 80
      conn-limit max 4000000 min 4000000
      probe icmp-probe
      inservice
    rserver ebsapp2 80
      conn-limit max 4000000 min 4000000
      probe icmp-probe
      inservice
  sticky http-cookie jsessionid HTTP-COOKIE
    cookie insert browser-expire
    replicate sticky
    serverfarm ebsppsvrfarm
  class-map type http loadbalance match-any default-compression-exclusion-mime-type
    description DM generated classmap for default LB compression exclusion mime types.
    2 match http url .*gif
    3 match http url .*css
    4 match http url .*js
    5 match http url .*class
    6 match http url .*jar
    7 match http url .*cab
    8 match http url .*txt
    9 match http url .*ps
    10 match http url .*vbs
    11 match http url .*xsl
    12 match http url .*xml
    13 match http url .*pdf
    14 match http url .*swf
    15 match http url .*jpg
    16 match http url .*jpeg
    17 match http url .*jpe
    18 match http url .*png
  class-map match-all ebsapp-vip
    2 match virtual-address 172.25.45.21 tcp eq www
  class-map type management match-any remote_access
    2 match protocol xml-https any
    3 match protocol icmp any
    4 match protocol telnet any
    5 match protocol ssh any
    6 match protocol http any
    7 match protocol https any
    8 match protocol snmp any
  policy-map type management first-match remote_mgmt_allow_policy
    class remote_access
      permit
  policy-map type loadbalance first-match ebsapp-vip-l7slb
    class default-compression-exclusion-mime-type
      serverfarm ebsppsvrfarm
    class class-default
      compress default-method deflate
      sticky-serverfarm HTTP-COOKIE
  policy-map multi-match int455
    class ebsapp-vip
      loadbalance vip inservice
      loadbalance policy ebsapp-vip-l7slb
      loadbalance vip icmp-reply active
      nat dynamic 1 vlan 455
  interface vlan 455
    ip address 172.25.45.36 255.255.255.0
    peer ip address 172.25.45.35 255.255.255.0
    access-group input ALL
    nat-pool 1 172.25.45.22 172.25.45.22 netmask 255.255.255.0 pat
    service-policy input remote_mgmt_allow_policy
    service-policy input int455
    no shutdown
  ft interface vlan 999
    ip address 10.1.1.1 255.255.255.0
    peer ip address 10.1.1.2 255.255.255.0
    no shutdown
  ft peer 1
    heartbeat interval 300
    heartbeat count 10
    ft-interface vlan 999
  ft group 1
    peer 1
    no preempt
    priority 110
    associate-context Admin
    inservice
  ip route 0.0.0.0 0.0.0.0 172.25.45.1
  Hope you will reply me soon
  Thanks....!
  -Amal-

• 'we had difficulty reading this feed. host parameter is null' I am getting no where here, help!?

  I've had an RSS feed created for an online video podcast but keep getting the message: 'we had difficulty reading this feed. host parameter is null' i've looked at the forums but none of them make any sense. My IT team say the RSS feed is valid and it should work and that is more like down to an itunes error, any help?

  This will be our first podcast so do not currently have a page. Below is the feed.
  Thank you Roger.
  <?xml version="1.0" encoding="utf-8"?>
  <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
  <atom:link href="http://dmsukltd.com/rss/rss.xml" rel="self" type="application/rss+xml" />
  <title>The Big Picture</title>
  <link>http://www.dmsukltd.com/hawk/dms_big_picture/</link>
  <description>A brand new monthly movie show produced by DMS</description>
  <language>en-gb</language>
  <item>
  <title>The Big Picture: Mission: Impossible-Ghost Protocol first podcast</title>
  <link>http://dmsukltd.com/dl/paramount/tbp_mi4gp_uk_premiere_v1_qt_hires.mov</link>
  <guid>http://dmsukltd.com/dl/paramount/tbp_mi4gp_uk_premiere_v1_qt_hires.mov</guid>
  <pubDate>15 Dec 2011 12:00:00 GMT</pubDate>
  <description>[CDATA[The cast of Mission Impossible - Ghost Protocol joined The Big Picture on the red carpet for the films UK Premiere! Tom Cruise, Simon Pegg, Paula Patton and Samuli Edelmann were on hand to talk about this latest chapter of the popular series!]]</description>
  </item>
  </channel>
  </rss>

• "We had difficulty reading this feed. null" Atom feeds no longer work?

  Hi - our Audioboo feeds used to work fine when submitting as a podcast (eg http://audioboo.fm/users/4705/boos.atom). It seems like they stopped working recently - maybe in the past couple of days - and just report "We had difficulty reading this feed. null" when you try to submit them.
  I'm beginning to suspect that the use of atom rather than rss is the cause. Can anyone confirm?
  -Jonathan

  This feed can be subscribed to manually in iTunes (from the 'Advanced' menu) - actually I'm rather surprised it works because it isn't a valid podcast feed (though it is a valid Atom feed).
  It has the iTunes 'declaration' and some itunes tags, although the former is contained in a 'feed' tag whereas it should be a 'rss' tag: there is no 'channel' tag enclosing the podcast data, no 'item' tags enclosing each episode, and no 'enclosure' tags within each episode containing the media URL. I'm not surprised you can't submit it as a podcast, and as I say it's a but surprising that the iTunes application recognizes it.
  In order to get it accepted in the iTunes Store you need to create a feed in the correct format: this page contains a sample basic feed so you can see how it should look:
  http://www.wilmut.org.uk/pc
  If the feed contains the valid iTunes format it can also contain atom tags, which iTunes will ignore.

• Difficulty detecting SATA disk, adding a second SATA disk, memory conflict, etc

  I resolved the SATA problem in the middle of writing this post, but for others’ benefit in the future, I am still describing it here.  But there are still some unresolved problems.
  ========================================================
  I have an Intel P4 2.4 GHz CPU.
  My MSI motherboard has the words 865PE Neon 2P on it.
  BIOS is AmiBIOS 3.31a.
  I cannot tell what display card I have.  I do not see any brand printed on the card.
  I have an (internal) 37 GB IDE hard disk (I cannot see the brand and I am too lazy to un-mount it) as the C drive.
  About 3 years ago I added another internal disk, 150GB Western Digital WD 1600, SATA as the E drive.
  I have a copy of Windows XP Pro SP2 on each of these two hard drives but I always boot on C.
  I also have 2 DVD drives (Drives D and G) and 6 (2 at the side and 4 at the back) USB ports.
  A shop installed everything for me and things have been well.  I did not record the BIOS settings so I do not know how it was set up.  My nightmare started about 2 weeks ago when my PC suddenly did not detect E, i.e. the SATA drive.  I had not done anything to the BIOS setting or otherwise, so I have no idea why the E drive suddenly disappeared. 
  At that time, the Standard CMOS Features in the BIOS setting was:
  Primary IDE Master - Not Installed
  Primary IDE Slave - IC35L060AVV207-0
  Secondary IDE Master - Pioneer DVD ROM
  Secondary IDE Slave - Lite On DVD ROM
  Third IDE Master - Not Installed
  Third IDE Slave - Not Installed
  Fourth IDE Master - Not Installed
  Fourth IDE Slave - Not Installed
  I tried many things and finally bought a hard disk enclosure and put that SATA in it and connect it to one of the USB ports.  It works.
  This morning I stumbled on this article "Motherboard can't detect SATA hard disk" at http://forum.msi.com.tw/index.php?topic=119738.0 and also “Q: How to enable both SATA and PATA? “ on “NEO Boards Unofficial FAQ rev 4/05/2004 - two lights on "P" series” at https://forum-en.msi.com/index.php?topic=21469.0 taking about the On-Chip IDE Configuration section of  the BIOS menu and I decided to give it a try, so that I can get rid of that hard disk enclosure.
  It works, kind of.  I saw that it was set to Legacy Mode, P-ATA Only, SATA Keep Enabled=No, PATA Keep Enabled=No, PATA Channel Selection=Both, Combined Mode Option=PATA 1st Channel, SATA Ports Definition= P0-3rd/P1-4th. So following the advice on the article and the FAQ, I reset it to Legacy Mode, P-ATA + S-ATA, SATA Keep Enabled=No, PATA Keep Enabled=No, PATA Channel Selection=Both, Combined Mode Option=PATA 1st Channel, SATA Ports Definition= P0-Master/P1-Slave.  Now my PC could detect the SATA drive and set it as the D drive (and the IDE remained as Drive C) but my two DVD ROMs disappeared.  The Standard CMOS Features in the BIOS setting was:
  Primary IDE Slave - IC35L060AVV207-0
  Secondary IDE Master - WDC WD1600JD-00HBB
  The rest is Not Installed.
  So, I (only) changed Combined Mode Option to SATA 1st Channel. So apparently my PC now booted using the WinXP copy on the SATA disk (recall that I have WinXP on both hard disks).  And now the SATA disk is C, and both DVD ROMs are visible.  My IDE disk disappeared.
  Now I went back to the BIOS menu and switched back to PATA 1st Channel, reset it back to P-ATA Only, and changed SATA Keep Enabled=Yes.  Voila.  Now I can see my IDE disk as Drive C, SATA disk as Drive D, the two DVD ROMs as Drives E and G.  Everything looks fine except that some of the start-up programs no longer start up apparently because their paths used to be E:\.... but now the disk they are on was renamed from E to D so the operating system cannot locate them.  And the Standard CMOS Features menu reads:
  Primary IDE Master - Not Installed
  Primary IDE Slave - IC35L060AVV207-0
  Secondary IDE Master - Pioneer DVD ROM
  Secondary IDE Slave - Lite On DVD ROM
  Third IDE Master - Not Installed
  Third IDE Slave - Not Installed
  Fourth IDE Master - WDC WD1600JD-00HBB
  Fourth IDE Slave - Not Installed
  Problem 1 (the main problem): Difficulty detecting SATA disk – Resolved.  If anyone is kind enough, maybe you can tell me and others why suddenly the BIOS setting was changed by itself causing all these problems, and why “P-ATA Only, SATA Keep Enabled=Yes” works but “P-ATA + S-ATA, SATA Keep Enabled=No” does not.  Should I now tweak the Windows registry to change the drive letter of the SATA disk from D to E? 
  Problem 2: I just bought an internal Hitachi Deskstar 640GB SATA disk.  And I have a vacant orange SATA connector on my mobo.  Can I add it together with the existing 2?  Would it be set up as Third IDE Master, Fourth IDE Slave, or something else?
  Problem 3: I used to have a Samsung DDR PC2700 512MB memory module and during the last week I added a Corsair DDR PC3200 1GB memory module, both on the green slots (not the purple slots).  It caused my PC to freeze (keyboard and mouse not responsive) every now and then.  So I pulled out the Samsung one and it has been working fine.  Some said one has to use memory from the same manufacturer with the same size and same everything.  The sticky thread titled “NEO Boards Unofficial FAQ rev 4/05/2004 - two lights on "P" series” in this forum has a question “I have this RAM xxxx but it does not work with my board. Can MSI update the BIOS to fix this?” and the answer points to a Product Info page and I don’t know where that is. Any advice on how to make both work together?  Can I use the purple slots?
  Problem 4: The “usable” space on my Dell M991 CRT monitor has shrunk.  That is, the black areas on both sides, mostly RHS, have intermittently enlarged.  It only happened in these 2 weeks. I tried Control Panel – Display – Settings – Advanced – Displays – Adjustments to no avail.  I don’t have another monitor to try in order to test whether it has to do with the CRT.  Just in case you happen to know anything, please jot a line.
  Problem 5: Some of my USB ports do not work or only work intermittently.  For example I plugged in my wireless adaptor into one of them and it sometimes would say “USB Device Not Recognized”.

  Quote
  If anyone is kind enough, maybe you can tell me and others why suddenly the BIOS setting was changed by itself causing all these problems, and why “P-ATA Only, SATA Keep Enabled=Yes” works but “P-ATA + S-ATA, SATA Keep Enabled=No” does not.
  Maybe your CMOS Battery is running low and it is time to replace it.
  Quote
  Should I now tweak the Windows registry to change the drive letter of the SATA disk from D to E? 
  Try to change drive letters via the Windows Drive Manager:
  http://www.mvps.org/marksxp/WindowsXP/driveltr.php
  Quote
  Problem 2: I just bought an internal Hitachi Deskstar 640GB SATA disk.  And I have a vacant orange SATA connector on my mobo.  Can I add it together with the existing 2?
  If it is a SATA-II Drive, you will probably have to force it into SATA-I Compatibility mode first (check the hard drive user manual for jumper settings or firmware switches).
  Quote
  I used to have a Samsung DDR PC2700 512MB memory module and during the last week I added a Corsair DDR PC3200 1GB memory module, both on the green slots (not the purple slots).  It caused my PC to freeze (keyboard and mouse not responsive) every now and then.  So I pulled out the Samsung one and it has been working fine.  Some said one has to use memory from the same manufacturer with the same size and same everything.
  Exactly.  Mixing different memory modules causes problems in many cases because the exact same settings will apply to both modules at the same time.  What works for the one module may not work so well for the other one.
  Quote
  Just in case you happen to know anything, please jot a line.
  That is either related to the monitor itself or to the video card.  It may also be related to a problem with the driver or improper screen resolution settings.
  Quote
  Problem 5: Some of my USB ports do not work or only work intermittently.  For example I plugged in my wireless adaptor into one of them and it sometimes would say “USB Device Not Recognized”.
  What ports? Front Panel or Back Panel?

• Cisco ACE - Firewall load balancing

  I am using two sets of ACE load balancers for load balancing traffic across two firewalls (firewall load balancing).
  The solution works fine. I have a virtual address of 0.0.0.0 in either direction to match traffci going from the internal users to the internet and vice versa.
  The problem is that when I try to manage the load-balanced firewalls (either using SSH (or) HTTPS) from outside, then that connection also gets load balanced and when I try to connect to FW1 then sometimes this connection ends up on FW2 and vice versa and the connection gets dropped. I have a workaround in place where i am using a virtual address per firewall to connect to the real IP address of the firewall.
  Is there any other way of managing firewalls (which are defined as real-servers) in a FWLB setup.
  Attached is the configuration of the external ACE which has the two firewalls defined as the real-servers.
  access-list ALL line 8 extended permit ip any any
  probe icmp ICMP-Probe
    interval 15
    passdetect interval 60
  rserver host FW1-ASA
    ip address 10.11.71.10
    inservice
  rserver host FW2
    ip address 10.11.71.11
    inservice
  serverfarm host Firewalls
    transparent
    predictor leastconns
    rserver FW1-ASA
      inservice
    rserver FW2
      inservice
  serverfarm host Firewalls-NO-LB
    rserver FW1-ASA
      inservice
  serverfarm host Firewalls-NO-LB1
    rserver FW2
      inservice
  sticky ip-netmask 255.255.255.255 address source new-sticky
    timeout activeconns
    serverfarm Firewalls
  This is my workaround for connection to the IP address of the firewalls (for management)
  class-map match-any FW-Real
    2 match virtual-address 10.11.71.254 any
  class-map match-any FW-Real2
    2 match virtual-address 10.11.71.253 any
  class-map type management match-any Remote-Access
    201 match protocol telnet any
    202 match protocol http any
    203 match protocol https any
    204 match protocol ssh any
    205 match protocol snmp any
    206 match protocol icmp any
  class-map match-any fwlb
    2 match virtual-address 0.0.0.0 0.0.0.0 any
  policy-map type management first-match Remote-Management-Policy
    class Remote-Access
      permit
  policy-map type loadbalance first-match FWLB-No-LB
    class class-default
      serverfarm Firewalls-NO-LB
  policy-map type loadbalance first-match FWLB-No-LB1
    class class-default
      serverfarm Firewalls-NO-LB1
  policy-map type loadbalance first-match FWLB-l7slb
    class class-default
      serverfarm Firewalls
  policy-map multi-match Firewall-No-LB
    class FW-Real
      loadbalance vip inservice
      loadbalance policy FWLB-No-LB
  policy-map multi-match Firewall-No-LB1
    class FW-Real2
      loadbalance vip inservice
      loadbalance policy FWLB-No-LB1
  policy-map multi-match int70
    class fwlb
      loadbalance vip inservice
      loadbalance policy FWLB-l7slb
  interface vlan 70
    description "Client side"
    ip address 10.11.70.2 255.255.255.0
    no icmp-guard
    access-group input ALL
    access-group output ALL
    service-policy input Remote-Management-Policy
    service-policy input Firewall-No-LB --> connect to the real IP address of the firewall for management
    service-policy input Firewall-No-LB1  --> connect to the real IP address of the firewall for management
    service-policy input int70
    no shutdown
  interface vlan 71
    description "Firewall side"
    ip address 10.11.71.2 255.255.255.0
    mac-sticky enable
    no icmp-guard
    access-group input ALL
    access-group output ALL
    service-policy input Remote-Management-Policy
    no shutdown

  Hello,
  as i know, there is no others ways.
  You can only reduce your configuration by puting all your class undert the same policy-map:
  policy-map multi-match int70
    class FW-Real
      loadbalance vip inservice
      loadbalance policy FWLB-No-LB
    class FW-Real2
      loadbalance vip inservice
      loadbalance policy FWLB-No-LB1
    class fwlb
      loadbalance vip inservice
      loadbalance policy FWLB-l7slb
  interface vlan 70
    description "Client side"
    ip address 10.11.70.2 255.255.255.0
    no icmp-guard
    access-group input ALL
    access-group output ALL
    service-policy input Remote-Management-Policy
    service-policy input int70
    no shutdown

• Problem with ACE and Internet Explorer 8

  I have a problem with ACE (system A2(1.1)) and Internet Explorer 8.
  exactly:
  ACE is configured as end-to-end ssl with 2 rserver and with the sticky source address. When user is opening the virtual address from IEv7, the web portal (On Microsoft IIS) works fine.
  If user opens the same web portal but using IEv8, the session is suspended after 60 seconds.
  I think, that the reason is http keep-allive, which is sending every 60 seconds from the user's internet browser.
  Here is some information about this. http://en.wikipedia.org/wiki/HTTP_persistent_connection
  Do you have any idea how to resolve this problem: upgrade ACE, change the configuration on IIS or ACE ??
  Please help.

  Hi Kazik,
  Using a persistent connection or HTTP keepalives should not have any negative effect on the ACE, so, giving you a straight-forward answer to fix it is not going to be easy.
  I would recommend you to open a TAC case to have this investigated further. When you do, please, provide the following data:
  A showtech from the Admin context of the ACE
  A traffic capture taken on the TenGig interface connecting the switch with the ACE backplane while doing a test connection (preferably one with IE7 and one with IE8 to compare)
  If possible, a copy of the SSL private key. Being able to decrypt the traffic capture to look inside the HTTP flow would really make troubleshooting much easier.
  Regards
  Daniel

• A problem with ACL in the class-map on the ACE module

                    Hi all,
  I configured the following on the ACE module:
  object-group network test
    host 192.168.1.21
    host 192.168.1.22
    host 192.168.1.23
  object-group service port
    tcp eq www
    tcp eq 8080
  access-list T line 8 extended permit object-group port object-group test any
  I tried to configure a class-map for matching this ACL:
  ACE-4710-2/Lab-OPT-11(config)# class-map match-any TEST_C
  ACE-4710-2/Lab-OPT-11(config-cmap)# match access-list T
  Error: Cannot associate acl having object-group ACEs in class-map.
  So couldn't I  configure the class-map by using ACL with object-groups involved? Is it the bug or the normal behaviour? Because the customer uses object-groups in ACLs and he has to configure ACL without object-groups for the traffic classification. It is horrible.
  Thank you
  Roman

  Hi Roman,
  I'm afraid it's the expected behavior. You cannot use an ACL with object-groups inside a class-map.
  Regards
  Daniel

• I am having difficulty: we are running a windows server 2003 - mail and outlook support 2007 and upwards, how do I get the brand new apple machines to work with the 2003 version of server

  I am having difficulty: we are running a windows server 2003 - mail and outlook support 2007 and upwards, how do I get the brand new apple machines to work with the 2003 version of server

  I may be way out, but do you know about this product, would it help integrate the Macs for you.
  https://www.thursby.com/sites/default/files/images/ADmitMacv8_SPD.pdf