Block adding domain from the catalyst 4500 switch

Similar Messages

• How to remove the WiSM2 from the Catalyst 6500 series switch?

  Hello, can you explain to me how to safely remove the WiSM2 from the Catalyst 6500 series switch?
  According to the documentation "Catalyst 6500 Series Wireless Services Module 2 Installation and Verification Note":
  To remove the WiSM2, perform these steps:
  Step1     Shut down the module by one of these methods:
  In privileged mode from the router prompt, enter the hw-mod module mod shutdown command. NoteIf you enter this command to shut down the module, you must enter the following commands in global configuration mode to restart (power down, and then power up) the module:
  Router# no power enable module modRouter# power enable module mod
  If the module does not respond to any commands, press the SHUTDOWN button located on the front panel of the module.
  Step2     Verify that the WiSM2 shuts down. Do not remove the module from the switch until the POWER LEDis off.
  But, in the case of Step1 (1st methods) I do not see a option "shutdown"  in the command "hw-mod module 3"...
  All I prompted to enter is:
  c6500#hw-module module 3 ?
  boot           Specify boot options for the module through Power Management Bus control register
  reset          Reset specified component
  simulate  Simulate options for the module
  Is it hidden options? IOS version of c6500 is 12.2(33)SXJ1
  In the case of Step2 (2nd methods) there is not any button on the front panel of the module?
  And yet, it is better to remove the module configuration manually or use the command module clear-config prior to removing the module?

  Good catch.
  Which one is true, will get back to you on this if i've something soon.
  http://www.cisco.com/en/US/docs/wireless/module/wism2/installation/note/WiSM_2.html#wp34727
  The above link is procedure to remove wism2. This procedure doesn’t look like wism2 is hot swapable.
  http://www.cisco.com/en/US/docs/wireless/module/wism2/installation/note/WiSM_2.html#wp34621
  All modules, including the supervisor engine (if you have redundant supervisor engines), support hot swapping. You can add, replace, or remove modules without interrupting the system power or causing other software or interfaces to shut down. For more information about hot-swapping modules, see the Catalyst 6500 Series Switch Module Installation Guide.

• Configuring the Catalyst 6500 Switch for IPS Inline Operation of the IDSM

  I understand how to configure the Catalyst 6500 switch so that the monitoring ports are access ports in two separate VLAN's for inline operation.
  However, I don't see any documentation that describes how the desired VLAN traffic gets forced through the IPS.
  In promiscuous mode, you can use VACL's to copy/capture and forward the desired traffic to the IDSM for analysis. I'm not seeing how to get the desired traffic through the IPS.
  Note that the host 6500 is running native IOS 12.2(18)SXE.
  Thanks for any assistance.

  A tranparent firewall is a fairly good comparison.
  Let's say you have vlan 10 with 100 PCs and 1 Router for the network.
  If you want to apply a transparent firewall on that vlan you can not simply put one interface of the firewall on vlan 10. Nothing would go through the firewall.
  Instead you have to create a new vlan, let's say 1010. Now you place one interface of the firewall on vlan 10 and the other on vlan 1010. Still nothing is going through the firewall. So now you move that Router from vlan 10 to vlan 1010. All you do is change the vlan, the IP Address and netmask of the router stay the same.
  The transparent firewall bridges vlan 10 and vlan 1010. The PCs on vlan 10 ae still able to communicate to and through the router, but must go through the transparent firewall to do so.
  The firewall is transparent because it does not IP Route between 2 vlans, instead the same IP subnet exists on both vlans and the firewall transparently beidges traffic between the 2 vlans.
  The transparent firewall can do firewalling between the PCs on vlan 10 and the Router on vlan 1010. But is PC A on vlan 10 talks to PC B on vlan 10, then the transparent firewall does not see and can not block that traffic.
  An InLine sensor is very similar to the transparent firewall and will bridge between the 2 vlans. And similarly an InLine sensor is able to InLine monitor traffic between PCs on vlan 10 and the Router on vlan 1010, but will not be able to monitor traffic between 2 PCs on vlan 10.
  Now the router on one vlan and the PCs on the other vlan is a typical deployment for inline sensors, but your vlans do not Have to be divided that way. You could choose to place some servers in one vlan, and desktop PCs in the other vlan. You subdivide the vlans in what ever method makes sense for your deployment.
  Now for monitoring multiple vlans the same principle still applies. You can't monitor traffic between machines on the same vlan. So for each of the vlans you want to monitor you will need to create a new vlan and split the machines between the 2 vlans.
  In your case with Native IOS you are limited to only 1 pair of vlans for InLine monitoring, but your desired deployment would require 20 vlan pairs.
  The 5.1 IPS software has now the capability to handle the 20 pairs, but the Native IOS software does not have the capability to send the 40 vlans (20 pairs) to the IDSM-2.
  The Native IOS changes are in testing right now, but I have not heard a release date for those changes.
  Now Cat OS has already made these changes. So here is a basic breakdown of what you could do in Cat OS and you can use in preparation for a Native IOS deployment when it gets released.
  For vlans 10-20, and 300-310 that you want monitored you will need to break each of those vlans in to 2 vlans.
  Let's say we make it simple and add 500 to each vlan in order to create the new vlan for each pair.
  So you have the following pairs:
  10/510, 11/511, 12/512, etc...
  300/800, 301/801, 302/802, etc....
  You set up the sensor port to trunk all 40 vlans:
  set trunk 5/7 10-20,300-310,510-520,800-810
  (Then clear all other vlans off that trunk to keep things clean)
  In the IDSM-2 configuration create the 20 inline vlan pairs on interface GigabitEthernet0/7
  Nw on each of the 20 original vlans move the default router for each vlan from the original vlan to the 500+ vlan.
  At this point you should ordinarily be good to go. The IDSM-2 won't be monitoring traffic that stays within each of the original 20 vlans, but Would monitor traffic getting routed in and out of each of the 20 vlans.
  Because of a switch bug you may have to have an additional PC moved to the same vlan as the router if the switch/MSFC is being used as the router and you are deploying with an IDSM-2.

• How to save only newly added elements from the trailing list

  Dear,
  I have a shuttle bean with left and right trailing lists.
  At some point I save the right trailing list content to DB. Then I add additinal elements to the trailing list. Trying to save again gives me oracle.jbo.TooManyObjectsException: JBO-25013: Too many objects match the primary key oracle.jbo.Key
  exception.
  What is the approach I can take to only save newly added elements from the shuttle?
  I am wondering if I can put the extra logic (what logic would that be - do I need to check the PK value that is already in the database?) in the AM method with which I save the shuttle like here (TicketID and ResponsibilityID are primary key)
  if (items != null)
  Object ia[] = items.toArray();
  for(int i=1; i<ia.length; i++)
  Row rowApproval = vo.createRow();
  vo.insertRow(rowApproval);
  rowApproval.setNewRowState(Row.STATUS_INITIALIZED);
  Row row = vo.getCurrentRow();
  row.setAttribute("TicketId",items.get(0));
  row.setAttribute("ResponsibilityId",items.get(i) );
  row.setAttribute("Status",items.get(i));
  or should I do something in the EO?
  Thank you
  Anatoliy

  Hi,
  Can you please clarify - do I have to make a loop? I mean for every record/element in the trailing list
  I run the VO (that I will create) VO.executeQuery?Yes you do need to execute the VO for every record....by passing the different parameter in each iteration.
  Regards,
  Gyan

• Deleted the recently added section from the source area how can i add back

  how can i add back the recently added section from the source without reinstalling itunes thanks in advance....
  insp 8100   Windows XP  

  Ok that is easy.
  1) File > New Smart Playlist.
  2) Make sure match the following rule is checked
  3)The first drop down change to date added.
  4)Set the second drop down setting
  5) Enter the number you want based on step 4
  The rest of the check marks are up to you but make sure "Live Updating" is checked.
  Take some time playing around with the smartlists. I love them!! I have a 2 level smartlist at work, I hardly use the regular playlists.

• Create domain from the console?

  Is the any way to create a new domain from the console? Any on-line
  documents?
  Thanks.
  Cheers - Wei

  This should be in the documentation for the management console by General
  availability.
  Michael Girdley
  BEA Systems Inc
  "Wei Guan" <[email protected]> wrote in message
  news:3a22bd13$[email protected]..
  Is the any way to create a new domain from the console? Any on-line
  documents?
  Thanks.
  Cheers - Wei

• HT1688 Is there an "easy" way to either 1) cut and paste a large block of text from the Messages app or 2) access this text through a computer?

  Is there an "easy" way to either 1) cut and paste a large block of text from the Messages app or 2) access this text through a computer?

  Tap and hold the text you want to copy, then tap Copy.

• TS3899 iPhone 6   Junk box and blocking junk email from the inbox?

  iPhone 6 when I flag my email as junk it will not move into the junk box, instead it stays in the inbox. Also is there any way of blocking junk email from the inbox?

  What if you are connected to another wifi network assuming your are using that when in the office.

• Active Directory : Replication Issue - "Disconnected" sub-domain from the Forest

  Hello everyone,
  I'm managing a multi-domain forest (with 7 sub-domain).  All are working fine except for one.  Throught repadmin (Repadmin /replsum /bysrc /bydest /sort:delta), I noticed I got both domain controllers of a subdomain (there are only 2 DCs in that
  subdomain), who hadn't replicated with the rest of the forest for more than 60 days.
  According to my research, it's usually recommended to Depromote and repromote the problematic DC to avoid the issue of lingering objects.  In this case, it's both DC of a sub-domain.  Of course, on the others DCs in the forest, I got the event
  ID 2012 "it has been too long since this machine last replicated with the named source machine....". 
   HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication With Divergent and Corrupt Partner
  to a value of 1. 
  As I understand it, this may cause lingering objects to appear (they can be removed with repadmin /removelingeringobjects command with the DSA GUID, naming context, etc..).  So far, I haven't used that registry key yet because of the associated risks.
  I didn't noticed any other issue so far.  Users in the problematic sub-domain are fine, and the problematic sub-domain seems to be able to pull replication data from the others DCs in the forests. (at least, I'm not getting any error in the A.D. Sites
  and Services)
  I added two new DCs for the affected sub-domains, so the number of DCs for that domain went from 2 to 4 DCs.  The two old DCs that hadn't replicated for 60 days are windows Server 2003 and the two new DCs are Server 2008 R2. 
  Unfortunately (and I was half expecting this, but did it anyway since I must eventually replace the old DCs), that didn't solve my issue, since the rest of the forest "doesn't see" the two new DCs of the sub-domain.  By that, I mean that I
  cannot add an Active Directory Domain Services Connection in Sites & Services console (from a DC in another domain of the forest or even the root domain).  I see all the DCs, including the two old DCs that are server 2003, but not the new ones. 
  I believe it's because the others DCs doesn't pull/replicate the information from the old DCs anymore, so they aren't "aware" of the two new DCs for that problematic sub-domain.
  I was wondering what is the best course of action. Is it worthwhilte to use the registry key force replication with the old DCs ?  (and hopefully, the new DCs will get their AD Services connection/replication vector created, so I can depromote
  the old DCs.
  Since the Old DCs from the problematic sub-domain seems to be able to pull the replication from the rest of the forest, does the risk of Lingering object isn't that great ?
  Or is it too risky and I must create a new sub-domain and migrate one way or another the users ? (which would be time-consuming)
  Thanks in advance,
  Adam

  Thanks for the reply.  One of the link had another link to a good article about the use of repadmin :
  So, I ran the command "repadmin /removinglingerobjects " on one of the problematic DCs ().
  For clarity purpose, let's say I used the domain :
  domain = main domain
  subdomain = the domain whose DC are problematic (all of them).
  AnotherSubDomain = Just another subdomain I used as a "reference" DC to cleanup the appropriate partition.
  Command (the DSA guid is from a DC "clean" in another domain)
  repadmin /removelingeringobjects adrec01.mysubdomain.domain.ca C4081E00-921A-480D-9FDE-C4C34F96E7AC dc=ANOTHERsubdomain,dc=domain,dc=ca /advisory_mode
  I got the following message in the event viewer :
  Active Directory Domain Services has completed the verification of lingering objects on the local domain controller in advisory mode. All objects on this domain controller have had their existence verified on the following source domain controller.
  Source domain controller:
  c4081e00-921a-480d-9fde-c4c34f96e7ac._msdcs.mydomain.ca
  Number of objects examined and verified:
  0
  Objects that have been deleted and garbage collected on the source domain controller yet still exist on this domain controller have been listed in past event log entries. To permanently delete the lingering objects, restart this procedure without using the
  advisory mode option.
  How should I interpret the message "number of objects examined and verified 0".  Does it mean it just didn't find any object to compare ? (which would be odd IMHO)  Or there is another problem ?
  Thanks in advance,
  Adam

• When I click on a link in an email, the comoputer locks p and the screen goes black, requiring a shut down from the on-off switch. My version of Firefox is up-to-date.

  The on-off switch is the only way I can turn off the computer, because the screen is black. Then I turn on the computer again to reboot, and when I click on Firefox again it takes from 30 to 90 seconds before Firefox opens, at which point I get a message asking if I want to begin a new session. Then I open emails and don't click on any links. If I check my email using Internet Explorer, the problem does not occur. Your help would be appreciated. After 50 years of operating comoputers, I have never seen this problem. Regards----Lloyd Schultz

  Fred...thanks, but this is not about one site. The same thing happens often, with many sites, when i click a link that has come up in Google search, or on Twitter or Facebook or within a story I'm reading. The link takes me to the url of what it was supposed to take me too, then within a second or so it switches to that Yahoo 'error handler' url, a page that offers search for similar sites.
  Again, thank you.

• Run 2 Weblogic domains from the same console

  Hi
  I have a question.
  Currently now i have 2 domains, each domain was installed with Admin server and managed servers.
  I have 1 nodemanager.
  During the installation of the domains i had to provide different ports for the weblogic instances, so i have 2 different consoles to access the WL to manage domains.
  The question:
  Is there any way to handle and admin 2 different domains (which running on the same machine) from same WL console ?
  Thanks

  We do not have a way to administer two weblogic domains from same console.
  But,I think you can install Oracle Enterprise Manager to manage your middleware infrastructure.

• How can I see the history of Team Members added & removed from the Project

  Dear Folks,
     Would like to know,  if there is a  report / change document report, on the History of Team members
  being added / removed from an active project.
  Regards,
  Owais...

  Hi Owais,
  Try using CN60 report to see added & removed team members from the project.
  Regards,
  Sandeep

• Catalyst 4500 switch loses startup-config

  I have a Catalyst 4503 switch. When I reset the switch it boots to new configuartion wizard.
  I am writing the configuration to NVRAM using the wr mem command. I believe it may be to do with the config register:
  Cat4503#sh bootvar
  BOOT variable does not exist
  CONFIG_FILE variable does not exist
  BOOTLDR variable does not exist
  Configuration register is 0x8101

  You are right change it to 0x2101 or 0x2102 and you should be fine . 0x2102 will require a boot statement to boot correctly where 0x2101 will just find the first image in bootflash and load that .

• Delete a manually added item from the Dashboard...

  I wanted to delete an item i placed in the dashboard but i don't know how to do it, searching in the preferences but cannot find anything and the delete button does not seem to do the trick...

  From My Mac's Help File:
  To remove a widget:
  To open Dashboard, press the Dashboard key (pictured below).If your keyboard doesn’t have a Dashboard key, press Fn-F12. If your keyboard doesn’t have an Fn key, press F12.
  Click the Open button to open the widget bar.
  Click Manage Widgets.
  Do one of the following:
  To remove a widget’s name from the widget bar, deselect it in the list.
  To remove a widget from your computer, click its Remove button, and then click OK. Widgets that are preinstalled with Mac OS X don’t have Remove buttons.

• Connecting FI to Catalyst 4500 switch

  Hello Experts,
  We are planning to connect Cisco UCS Fabric Interconnect to (WS-X4648-RJ45-E) module on 4500 Catalyst Switch.
  What SFP module do we need to install on the Fabric Interconnect for this connection ?
  Thank you,
  Mohammad

  Hi Mohammad,
  Following is the URL to the datasheet for the fabric interconnects:
  http://www.cisco.com/en/US/prod/collateral/ps10265/ps10276/data_sheet_c78-524724_ps10280_Products_Data_Sheet.html
  It has a section for all the supported SFPs on the FIs.
  Hope this helps!
  ./Abhinav