ASA Redundant Interfaces

Hi everybody,
and thanks for a great forum!
I have one asa and two switches, i would like the asa set up with a redundant interface consisting of one physical interface in each switch (vlan trunked across the two switches). Now... Is it possible to set a preferred active physical interface in this redundant interface bundle? Is there a way to make sure the same interface is always active (both interfaces a working as intented), even after a reboot?
More specifically, i need this so i can decide where to establish my stp root, and always have the most optimal path (again ofcourse unless one interface fails).
Cheers

Hi,
I see that you want to configure redundant interface on ASA and also need to ensure that same interface always remain active. Now, the interface which you will defined first using 'member-interface' command while configuring redundant interface will be the active one by default. If you already have it configured and you want to change the active interface, you can use following command:
To change the active interface, enter the following command:
hostname# redundant-interface redundantnumber active-member physical_interface
Now, if active interface goes down, second one will take over as expected.
Check this link for more info:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1045838
Hope this answers your question.
Sourav

Similar Messages

  • ASA Redundant interfaces with stack switches

    Hi All,
    we have two ASA 5510 connected in failover, and a pair of cisco 2960s switch connected in stack.
    Currently one interface of primary ASA is terminated on switch1 and a interface from standby is connected to switch2 as Inside, and switch1 and switch2 are in stack.
    for redundancy purpose i want to use multiple interfaces of ASA for inside , so first i thought to use etherchannel , but it has a limitation that , it cannot be terminated on stack switch(as per cisco document http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/interface_start.html ).
    So my question is :
    1. can we use redundant interface feature where  2 physical interfaces combined to a redundant interface (eg interface redundant 1) for inside redundancy purpose.
    2. Can these ports from primary/standby ASA terminated on stack switches (2960s), will this work (if the switch with active port goes down, will the other port take over in the redundant interface with the other switch).
    I have attached the nw diagram,
    Regards,
    Ashraf

    Hello Ashraf,
    1. can we use redundant interface feature where  2 physical interfaces combined to a redundant interface (eg interface redundant 1) for inside redundancy purpose.
    Sure, you can. That's the whole purpose of the feature.
    2. Can these ports from primary/standby ASA terminated on stack switches (2960s), will this work (if the switch with active port goes down, will the other port take over in the redundant interface with the other switch).
    It would make sense if that happens, as the status of the interface will be on a different state than up/up so failover to the other interface will be triggered,
    Regards,
    Julio

  • Cisco ASA Redundant interface

    Hello,
    We are looking at upgrading an aging firewall with a Cisco ASA.  I have used the ASA before. 
    We would like to use the ASA in a colocation facility that will have a few site to site vpns.  The ASA MUST be able to have redundant interfaces to our switches.  Reading through ASA documentation this is possible.  (http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1045838) Can the ASA have redundant links to the same vlans?  Will any of our configuration for VPN's, etc have to be setup twice?
    Thanks

    There are four types of redundancy that one can use on ASAs. The first one you cited, redundant interfaces on a single physical device is the least common in my experience.
    The second is failover - when the ASA is mated is a failover ASA in a high availability configuration. This is the most common usage for customers requiring high availability (HA). That is the most common implementation and has been around since ASA 7.0 software (i.e. a good many years).
    The third is to bond your interfaces from a given ASA (or sets of interfaces if you have an HA pair) into an Etherchannel. This has the added advantage of giving you potentially higher trhoughput. Etherchannel support was introduced in ASA software version 8.4(1).
    The fourth and newest method is clustering. It was introduced just last fall in ASA 9.0 and is not very widely adopted just yet. It is primarily for high throughput requirements exceeding a single device's capacity but also gives the added benefit of redundancy.
    None of them require you setup things twice configuration-wise. Some file operations (software upgrade, certificate management, VPN profiles (XML files)) need to be copied onto both members in a failover pair or all members in a cluster scenario.
    Edit - there is a fifth type specific to VPNs whereby one can configure a secondary VPN gateway for clients, usually at a alternate site. That approach does require settting up everything separately on the ASAs.

  • Reg. Redundant interfaces in ASA 8.0

    Hi
    In ASA 8.0,I have following queries related to redundant interfaces
    a)While configuring redundant interface can the redundant interface again be divided into logical interface like red1.1 , red1.2 ?
    b)Is Redundant interface supported in the Multiple context mode
    Regards
    Ankur

    Yes Ankur,it is possible.
    ##snippet##
    interface Ethernet0/0
    shutdown
    no nameif
    no security-level
    no ip address
    interface Ethernet0/1
    speed 100
    nameif inside
    security-level 100
    ip address 192.168.16.19 255.255.255.128
    ospf network point-to-point non-broadcast
    ospf message-digest-key 123 md5
    interface Ethernet0/2
    shutdown
    no nameif
    no security-level
    no ip address
    interface Ethernet0/3
    nameif null0
    security-level 50
    ip address 10.2.1.1 255.255.255.0
    interface Management0/0
    no nameif
    security-level 0
    no ip address
    interface Redundant1
    member-interface Ethernet0/0
    member-interface Ethernet0/2
    no nameif
    no security-level
    no ip address
    interface Redundant1.1
    vlan 32
    no nameif
    no security-level
    ip address 1.1.1.8 255.0.0.0
    Regards,
    Sushil

  • Redundant Interfaces with Management0/0 on ASA5510

    Readers,
    Is it possible to configure redundant interfaces on the Management port?
    Thanks,
    Timothy

    Timothy
    normal ASA boxes just have a single management interface.. I really dont feel the need for redundancy here.. If you need one, you can get a failver ASA box, and build up redundancy..
    in any case, you have other interaces like inside, through which you can enable management, like telnet, http etc, if required.. or any other DMZ interface (say network management DMZ)... its all flexible.. with all these, i really dont see any need for a redundant management port...
    Hope this helps.. all the best..
    Raj

  • ASA Redundant/Dual Connections to the SAME ISP

    Is it possible to connect two ports on an ASA to the same ISP for physical port redundancy?  I know it's possible to connect to two different ISPs with different subnets, but in this case it would be the same ISP, same subnet.  I'm expecting the answer to be 'no' and that I'd have to bring up a 'cold spare' interface should the primary interface go down.  The ASA model is either 5520 or 5512-X, and I'd have to go get the software versions if anyone would like that information.

    You can't give two ports an IP from the same subnet in the same context no.
    But you could either -
    1) use etherchannel
    or
    2) use the redundant interface feature where you use two ports but only one is active and if it fails the other takes over with the same IP address
    Jon

  • ASA redundant design questions

    Hi, thanks for your time and knowledge. 
    I have a topology like below in data center and plan to have a full redundant topology. Currently Primary/Scondary/ASA and another core switch at HQ are running EIGRP. Especially ASA is redistributing all IPsec tunnels (around 70 branches) and remote VPN (10.254.50.0/24) to EIGRP. Blue line is internal and red line is for DMZ, in terms of internal vlans, they are running through EIGRP which means that 
      default gateways for internal vlans are all primary/secondary through HSRP (Virtual IP)
     however for DMZ vlan, it is terminated to ASA interface. for example, from server's perspective, default gateway is not primary/secondary switch, but ASA dmz interface. so servers in DMZ are recognizing Primary/Secondary as L2 switch. 
    Question 1) According to my research, I need to have HSRP between two switches ====== ASAs. Is it right? I can't run EIGRP? If I can't run EIGRP between four devices, I need to make a lots of static route in ASA for branch offices (70 subnet) and remote VPN user (1 subnet)
    Q2) I like left topology because I don't need to setup redundant interface and less cables. Especially I don't need another IPS sensor (If I choose right topology, I need one more IPS sensor). Also, we don't have VSS between Primary and Secondary (jut trunk) Do you see any problem with left topology? I am ok for couple minutes of downtime due to device failure.
    Q3) Both ASA inside/DMZ/outside ip address should be identical? except failover interface?  i.e inside of interface ip is 10.254.5.4 now. then this will be both inside IP for Active/Standby? or I need different ip address for all interfaces? 
    Thanks. 

    What are your devices?  Router/switches/ASAs?  Your pictures are kind of cut off so it hard to understand your topology.
    You need to have two Layer3 devices to run HSRP one will be Primary and one would be Standby.  You should be able to run EIGRP on all the devices.

  • VPN ASA inside Interface and ip pool are one same Subnet

    Hi Everyone,
    I have configured RA VPN full tunnel.
    Inside interface of ASA is
    Vlan1                    inside                 10.0.0.1        255.255.255.0   CONFIG
    ip local pool 10-pool 10.0.0.51-10.0.0.100 mask 255.255.255.0
    Need to know is it good design to have both on same subnet?
    When i access the Switch  connecting to VPN ASA  inside interface via--https://10.0.0.2
    which has IP 10.0.0.2  while using Remote VPN connection to ASA it does not work gives error
    message as below
    Jan 19 2014 19:42:46: %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.0.0.51/51077(LOCAL\ipsec-user) dst inside:10.0.0.2/443 denied due to NAT reverse path failure.
    Jan 19 2014 19:42:57: %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.0.0.51/51078(LOCAL\ipsec-user) dst inside:10.0.0.2/443 denied due to NAT reverse path failure
    Jan 19 2014 19:42:59: %ASA-6-302014: Teardown TCP connection 22418 for outside:10.0.0.51/51069(LOCAL\ipsec-user) to identity:10.0.0.1/443 duration 0:01:08 bytes 1035 TCP Reset-O (ipsec-user)
    Jan 19 2014 19:42:59: %ASA-6-106015: Deny TCP (no connection) from 10.0.0.51/51069 to 10.0.0.1/443 flags FIN ACK  on interface outside
    Current NAT config is
    nat (inside,outside) source dynamic any interface
    Regards
    MAhesh
    Message was edited by: mahesh parmar

    Hi Mahesh,
    It should work but I generally would not suggest having the same network on the LAN and also configured partially as a VPN Pool network.
    Your problem at the moment is simply lacking the NAT0 configuration for the traffic between LAN and VPN Pool.
    I would suggest changing the VPN Pool first and then configuring this
    object network LAN
    subnet 10.0.0.0 255.255.255.0
    object network VPN-POOL
    subnet
    nat (inside,outside) 1 source static LAN LAN destination static VPN-POOL VPN-POOL
    We have to use the line number "1" in the above command so that it gets moved to the top since your current Dynamic PAT would otherwise override it.
    In the future it would be best if you changed your current Dynamic PAT configuration to this
    nat (inside,outside) after-auto source dynamic any interface
    We simply add the "after-auto" to this Dynamic PAT configuration so that it gets moved down in priority. The "after-auto" refers to the fact that this NAT will be inserted after Auto NAT (after Section 2). Your current rule is Manual NAT (Sectiom 1). The new rule will be Manual NAT (Section 3)
    - Jouni

  • SVC WebVPN (clientless) uses IP pool addressing or ASA inside interface IP

    I'm trying to design something which requires ASA to uniquely assign one IP per clientless VPN user. it seems like all these web requests coming through the ASA are proxied via the ASA's inside IP for the source address of the Web request. Does ASA proxy requests through it by changing the VPN client request IP's from a POOL configuration. Or is it always going to use the ASA inside interface IP? Assuming a two NIC configuration (inside/outside)
    NOTE: I'm not talking about AnyConnect, IKEV1/2 client based VPN's. I'm specifically talking about the client-free login connection method.
    thx in advance,
    Will

    Hi Will,
    Pls move your thread to here
    https://supportforums.cisco.com/community/6001/vpn
    HTH
    Rasika

  • Redundancy Interface for Content Server Release 6.x

    Third-generation Content Server is UCS C220 (Not Vmware).
    I see from TCS Release 6.x Quick Start which cannot use LAN2.
    I'm not sure. How to connect LAN for redundancy interface or not because it have many NIC card.
    Dual 1-Gb Ethernet ports:
    LAN1 (Arrow 7, left pointer)— Use this port to connect the Content Server to the network (also see Figure 3)
    LAN2 (Arrow 7, right pointer)— Not used

    Hi,
    The TCS server supports only single NIC in a deployment. That particular NIC value is used to generate the checksum, which needs to be passed along with the Release keys to bring up the content engine. That is the reason if you connect any other NIC to the network, the content engine will not start.
    Also, when the release keys are generated on the license server, it uses the NIC with the lowest value (always the first NIC on the server).
    I know its a complete waste to have so many NICs and use only one. But what can I say, thats the way Cisco designed the server..!!!
    Regards,
    -Deepti

  • Why do we configure the Redundant Interface in CSS Public Face

    Hi,
    I have a question : Why do we configure the redundant interface in a CSS facing the public side of a CSS.
    I understand the need for the interface in the server side though. Please refer to the URL below;
    http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_810/redundgd/vipredun.htm#wp1063393

    this is not a requirement if your vips belong to the public vlan subnet.
    But if your vip addresses are from a different subnet, then the upstream router needs a route pointing to the CSS redundant interface ip.
    Gilles.

  • Ability to ping redundant interface IP address

    Hi,
    I have this setup for our content switches.
    Primary F/W --> Primary CSS --> Local Switches
    | |
    | |
    Secondary F/W --> Secondary CSS --> Local Switches
    This is the relevant configuration.
    Primary CSS
    circuit VLAN4
    ip address 192.168.76.4 255.255.255.0
    ip virtual-router 4 priority 101 preempt
    ip redundant-interface 4 192.168.76.254
    Secondary CSS
    circuit VLAN4
    ip address 192.168.76.5 255.255.255.0
    ip virtual-router 4 priority 90
    ip redundant-interface 4 192.168.76.254
    The problem is that the Secondary F/W can not ping the redundant interface IP address via the secondary path when all devices are in normal mode.
    Is this normal?
    The ping is occuring for firewall failover checking.
    Thanks,
    Ben

    it should work.
    Your diagram does not display very well, so I don't know where are the | links.
    What should be the path of traffic from secondary firewall redundant-interface ?
    Is the traffic going to 1 CSS and being bridge to the 2nd CSS ?
    If that's the case, you need the command 'ip uncond-bridging' on both CSS to force CSS to bridge first and then route.
    Regards,
    Gilles.

  • CSS redundant-interface ping response

    Hi,
    I just wan't to make a simple question:
    Should the css11151 respond to ping requests made to a redundant-interface?
    If yes, what can be the reason for the redundant interface, not being responding to ping requests?
    Thanks in advance,
    Regards,
    LR

    Hi,
    Did you ever find solution to the issue.
    I have 11503 and I have same problem, I cannot ping the redundant-interface address from the directly connected switch.
    It works for first few seconds when the CSS reboots or interface bounces then stops.
    Any ideas?
    Thanks

  • CSS redundant interface and DNS server

    We're attempting to implement a pair of CSS's using redundant ASR and GSLB where the CSS's act as DNS servers.
    But I'm not sure if the 2 features are compatible. The CSS's answer DNS queries to their direct interface but not the redundant interface.
    Does anyone have any suggestions or work-arounds? We're running version 8.20.
    TIA,
    Dan

    Dan doing some research I can see that the option to configure redundant-interface to resolve dns queries is not included on CSS 11500 series, this from the documentation.
    On the document for CSS 11000 series that I provided before shows:
    Configuration Requirements and Restrictions
    The following requirements and restrictions apply to the configuration of this feature.
    •You can configure this feature only on Cisco 11000 series CSSs (not 11500)
    If I look at the redundant-interface configuration on old CSS 11000 series I see the option for dns:
    http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11000series/v6.10/configuration/advanced/guide/VIPRedun.html#wp1067528
    Look at this line:
    dns-server - Keyword that enables the CSS to respond to DNS queries destined for the redundant interface IP address. For more information, see the "Configuring a Redundant Virtual Interface to Respond to DNS Requests" section.
    On new CSS 11500 series this option is not available:
    http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20_v8.10/configuration/redundancy/guide/VIPRedun.html#wp1067528
    I am trying to find if there is any workaround but so far semms that is expected to miss this feature on CSS11500.

  • ASA 5505 Interface Security Level Question

    I am wondering if someone can shed some light on this for me. I have a new ASA 5505 with a somewhat simple config. I want to set up a guest VLAN on it for a guest wireless connection.
    I set up the ASA with the VLAN, made a trunk port, set up DHCP (on the ASA) on the guest VLAN, configured NAT, etc. Everything seem to be working with that. Guests are getting address on the correct subnet, etc.
    The only issue I have is that the Guest VLAN (192.168.22.0) can get to the secure (VLAN1 - 172.16.0.0). I set up the guest VLAN (VLAN 5) with a security level of 10, the secure with a level of 100. I figured that would be enough. To stop the guest from accessing the secure, I had to throw on an ACL (access-list Guest-VLAN_access_in line 1 extended deny ip any 172.16.0.0 255.255.255.0)
    Can someone  show me what I did wrong?
    Thank you for any help!
    To create the VLAN, I did the following:
    int vlan5
    nameif Guest-VLAN
    security-level 10
    ip address 192.168.22.1 255.255.255.0
    no shutdown
    int Ethernet0/1
    switchport trunk allowed vlan 1 5
    switchport trunk native vlan 1
    switchport mode trunk
    no shutdown
    below is the whole config.
    Result of the command: "sho run"
    : Saved
    ASA Version 9.1(3)
    hostname ciscoasa
    enable password zGs7.eQ/0VxLuSIs encrypted
    xlate per-session deny tcp any4 any4
    xlate per-session deny tcp any4 any6
    xlate per-session deny tcp any6 any4
    xlate per-session deny tcp any6 any6
    xlate per-session deny udp any4 any4 eq domain
    xlate per-session deny udp any4 any6 eq domain
    xlate per-session deny udp any6 any4 eq domain
    xlate per-session deny udp any6 any6 eq domain
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    switchport trunk allowed vlan 1,5
    switchport trunk native vlan 1
    switchport mode trunk
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address 172.16.0.1 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address <External IP/Mask>
    interface Vlan5
    nameif Guest-VLAN
    security-level 10
    ip address 192.168.22.1 255.255.255.0
    boot system disk0:/asa913-k8.bin
    ftp mode passive
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network Inside_Server1_80
    host <Inside_server1_IP>
    object network Inside_Server1_25
    host <Inside_server1_IP>
    object network Inside_Server1_443
    host <Inside_server1_IP>
    object network Inside_Server1_RDP
    host <Inside_server1_IP>
    object service RDP
    service tcp destination eq 3389
    object network Outside_Network1
    host <Outside_Network_IP>
    object network Outside_Network2
    host <Outside_Network_IP>
    object network Outside_Network2
    host <Outside_Network_IP>
    object network TERMINALSRV_RDP
    host <Inside_server2_IP>
    object network Inside_Server2_RDP
    host <Inside_Server2_IP>
    object-group network Outside_Network
    network-object object Outside_Network1
    network-object object Outside_Network2
    object-group network RDP_Allowed
    description Group used for hosts allowed to RDP to Inside_Server1
    network-object object <Outside_Network_3>
    group-object Outside_Network
    object-group network SBS_Services
    network-object object Inside_Server1_25
    network-object object Inside_Server1_443
    network-object object Inside_Server1_80
    object-group service SBS_Service_Ports
    service-object tcp destination eq www
    service-object tcp destination eq https
    service-object tcp destination eq smtp
    access-list inside_access_in extended permit ip any any
    access-list outside_access_in extended permit object-group SBS_Service_Ports any object-group SBS_Services
    access-list outside_access_in extended permit object RDP any object TERMINALSRV_RDP
    access-list outside_access_in extended permit object RDP object-group RDP_Allowed object Inside_Server1_RDP
    access-list outside_access_in extended permit object RDP object-group RDP_Allowed object Inside_Server2_RDP
    access-list Guest-VLAN_access_in extended deny ip any 172.16.0.0 255.255.255.0
    access-list Guest-VLAN_access_in extended permit ip any any
    pager lines 24
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu Guest-VLAN 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-714.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    object network obj_any
    nat (inside,outside) dynamic interface
    object network Inside_Server1_80
    nat (inside,outside) static interface service tcp www www
    object network Inside_Server1_25
    nat (inside,outside) static interface service tcp smtp smtp
    object network Inside_Server1_443
    nat (inside,outside) static interface service tcp https https
    object network Inside_Server1_RDP
    nat (inside,outside) static interface service tcp 3389 3389
    object network TERMINALSRV_RDP
    nat (inside,outside) static <TerminalSRV_outside)IP> service tcp 3389 3389
    object network Inside_Server2_RDP
    nat (inside,outside) static interface service tcp 3389 3390
    nat (Guest-VLAN,outside) after-auto source dynamic obj_any interface
    access-group inside_access_in in interface inside
    access-group outside_access_in in interface outside
    access-group Guest-VLAN_access_in in interface Guest-VLAN
    route outside 0.0.0.0 0.0.0.0 <Public_GW> 1
    timeout xlate 3:00:00
    timeout pat-xlate 0:00:30
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    user-identity default-domain LOCAL
    aaa authentication ssh console LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    http 172.16.0.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec security-association pmtu-aging infinite
    crypto ca trustpool policy
    telnet timeout 5
    ssh timeout 5
    ssh key-exchange group dh-group1-sha1
    console timeout 0
    dhcpd auto_config outside
    dhcpd address 192.168.22.50-192.168.22.100 Guest-VLAN
    dhcpd dns 8.8.8.8 4.2.2.2 interface Guest-VLAN
    dhcpd lease 43200 interface Guest-VLAN
    dhcpd enable Guest-VLAN
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    ntp server 129.6.15.30 prefer
    username <Username> VAn7VeaGHX/c7zWW encrypted privilege 15
    class-map global-class
    match default-inspection-traffic
    policy-map global-policy
    class global-class
      inspect icmp
      inspect icmp error
      inspect pptp
    service-policy global-policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:7f5d70668ebeb94f49f312612f76c943
    : end

    Hi,
    To my understanding they should not be able to connect to the more secure network IF you DONT have an interface ACL configured.
    One very important thing to notice and which I think is the most likely reason this happened is the fact that as soon as you attach an interface ACL to an interface then the "security-level" looses its meaning. The "security-level" has meaning as long as the interface is without an ACL. This makes the "security-level" only usable in very simple setups.
    What I think happend is that you have "permit ip any any" ACL on the interface that allowed all the traffic.
    Your option is to either remove the interface ACL completely or have the ACL configured like you have now. I mean first block traffic to your secure LAN and then allow all other traffic which would allow the traffic to Internet
    Hope this helps
    Please do remember to mark a reply as the correct answer if it answered your question.
    Feel free to ask more if needed.
    - Jouni

Maybe you are looking for

  • Probably a stupid question, but humor me.

    My MacBook Pro is currently on its way here, and odd little questions keep popping into my head. The latest of which being: Should I worry about the MagSafe magnets messing with my Nano? When using my iBook, I tend to keep my iPod on the left side of

  • How to include case stmt in group by clause

    Hi i have a question, How do i include a case statement in the group by clause? For example: Select (case when x.ctry is null then y.ctry else x.ctry end) as coo, sum (x.in_amt) from tbl1 x, tbl2 y where x.id = y.id group by (case when x.ctry is null

  • Can't change RAM configuration without ConstantSecure complaints

    Basically we bought a T400 off ebay and wanted to up the RAM from 2 X 2gb sticks, to 2 x 4gb sticks.  As soon as we change the RAM we get  "binary modules which failed authentication: TRSF" , which prompts you to go into bios, and bios says something

  • Slowly but surely..finally approved for BofA

    I'm new to this forum, but I have been following for several years. I really want to thank everybody for sharing their experiences and advice. I hope that my story will help others just the same as you have all helped me...n I'd like to apologize ahe

  • Export keynotes to iCloud so that presentations retain their images/fonts?

    I am trying to use my Cloud to grab at presentations when I need them during lunch meetings, but the fonts and images become distorted. Is there a way to save the keynote and preserve the images?