Cisco EtherChannel and XServe G5

If you've connected your XServe G5 to a Cisco switch using EtherChannel (we have two Cisco 2970s), could you please share your experiences and gotchas.
I know that Etherchannel is not LACP. I'm interested in work arounds using Cisco equipment.
I'm thinking about link aggregation for my production server.
Thanks.

The other limitations are no optical drive in the cluster node, and a 10-client license which applies to file sharing via AFP and SMB.
If you're not using it as a file server and can live with one drive bay and no optical drive, then you can save $1000. A render farm is, as Camelot mentioned, a perfect fit for the cluster node.

Similar Messages

  • Layer 3 Etherchannel and MPLS MTU

    Greetings,
    If two 7609 are connected through layer 3 giga etherchannel and 7609-1 sends a frame with 1514 bytes plus two MPLS header to 7609-2, does the command “mpls mtu 1522” under the giga etherchannel interface on both routers is enough?
    Or it is necessary to add the global command “system jumbomtu 1522” and the interface command “mtu 1522” under physical gigainterfaces participating on the channel?
    Cisco docs say many platforms will accept frames higher than 1500 bytes (up to 24 bytes) to accommodate control flags; that is why I am considering just “mpls mtu xxx” is enough.
    Also, reading Cisco doc I understood that “system jumbomtu xxxx” and “mtu xxxx” should be used together. I tested sending frames higher than 1514 bytes (without MPLS tags) and “system jumbomtu xxxx” alone was not enough, ping failed; it was necessary to add “mtu xxxx” under the interface. Do you have a different experience?
    Thanks,
    Alaerte Gladston Vidali
    IBM Global Services - SO
    Tel.55+11+2121-2879 Fax:55+11+2121-2449

    Hi
    We had some peculiar exp with 7600 (7609/7606) boxes in which we did change the physical mtu of the interface instead of mpls mtu.
    Again that did the trick for us even in 7200 where we monitored the same kinda behaviour..
    regds

  • Etherchannel and STP on HP Blade Switches

    Hi Guys,
    I have a 6509 with and etherchannel connection to an HP Blade switch... the channel is made up of two phy ports between the two switches...
    When I try ti bring up the link, the 6509 ports go into err-disable and i get the message below.
    I have done all (I think?) checks that there is to ensure etherchannle compatibility and STP stuff but still no luck...
    can anyone suggest soemthing I do ro check that might shed light on this...
    thanks
    2005 Jun 26 02:53:06 AEDT +10:00 %ETHC-5-PORTTOSTP:Port 10/24 joined bridge port 10/24-25
    2005 Jun 26 02:53:06 AEDT +10:00 %SPANTREE-6-PORTLISTEN: Port 10/24-25 (agPort 14/45) state in VLAN 144 changed to listening
    2005 Jun 26 02:53:20 AEDT +10:00 %SPANTREE-6-PORTLEARN: Port 10/24-25 (agPort 14/45) state in VLAN 144 changed to learning
    2005 Jun 26 02:53:35 AEDT +10:00 %SPANTREE-6-PORTFWD: Port 10/24-25 (agPort 14/45) state in VLAN 144 changed to forwarding
    2005 Jun 26 02:54:23 AEDT +10:00 %SPANTREE-2-CHNMISCFG: STP loop - channel 10/24-25 is disabled in vlan/instance 144
    2005 Jun 26 02:54:23 AEDT +10:00 %SPANTREE-2-CHNMISCFG2: BPDU source mac addresses: 00-03-fe-af-d0-b5, 00-11-f9-21-56-00
    2005 Jun 26 02:54:23 AEDT +10:00 %ETHC-5-PORTFROMSTP:Port 10/24 left bridge port 10/24-25

    Hi ankur,
    thanks for your response. currently the etherchannel operatiosn mode on the 6509 is set to manual, which is the case globally for the 6509 and we have 50 pairs of this blade switch running on this 6509... I don't think that that is the cuase of this issue since this is the only one not forming the channel and goes into err-disable...
    the blades also have similar configs in them...
    the only thing I see different on ports 10/24-25 is that it has bpdu-guard set to disable while the rest are set to default... could this make a diffrence?
    also, does the order of enabling the cisco end and the HP blade end make a difference? i.e. should I bring up one first than the other?
    the thing is I cannot "experiment" fully as this is a full prod network...
    Any input si appreciated...

  • MIBS to Monitor Etherchannel and trunks via SNMP

    I would like to monitor the status of etherchannel and trunk configurations in 6500 Catalyst switches running both CATOS and IOS. I would like to understand the specific mibs/OIDS that should be monitored for etherchannels and trunks. I am trying to get a better handle on tracking the etherchannels and trunk dynamically and then understanding when the ports are having issues (up/down and errors). I need to understand how to differentiate these type of ports from regular access ports.
    Thanks,
    Tim

    Hi Tim,
    what exactly do you want to query via SNMP?
    For an (PAgP) Etherchannel, the member-interfaces might be interesting:
    https://supportforums.cisco.com/message/3957914#3957914
    For a trunk, you could start with the operational mode, depending on the platform you can use:
    vlanTrunkPortDynamicStatus (CISCO-VTP-MIB):
    vlanTrunkPortDynamicStatus.49 = notTrunking
    vlanTrunkPortDynamicStatus.50 = trunking
    vlanPortIslOperStatus (CISCO-STACK-MIB):
    vlanPortIslOperStatus.13.43 = notTrunking
    vlanPortIslOperStatus.13.44 = trunking
    Hope that helps
    Rolf

  • Etherchannel and link aggregation

    Hi!
    I'm a bit confused now, Sun Trunking supports Cisco Etherchannel, but link aggregation doesn't (if I understand correctly, a with the results of my quick tests).
    Sun Trunking seems to be supporting a certain set of drivers and link aggregation another set.
    Right now I've got a T2000 with 4 X e1000g and 4 X nxge, does anyone knows, if I can use these interfaces with Cisco Etherchannel, or do I absolutely need to use LACP with link aggregation??? The problem is that the network guys don't want us to use LACP (for whatever reason they have)...
    Thank you very much.
    Martin

    I don't know any cisco term referring to "pure" etherchannel, so I don't know how to answer that. Both LACP and PAgP are link management protocols that cisco can use. I'm supposing that you're asking if the cards will work with PAgP management, but I'm not sure.
    This FAQ:
    http://www.sun.com/products/networking/ethernet/suntrunking/faq.xml
    suggests that I've been incorrect about 802.3ad being a "new" thing and that SunTrunking 1.3 also uses it.
    The SunTrunking 1.3 docs here:
    http://docs.sun.com/source/817-3374-11/index.html
    in chapter 1 (Overview) list six cards. I don't think yours are any of them, so SunTrunking is out.
    Because LACP "only" manages the link configuration rather than driving the data, it seems to me that both the link-aggregation and cisco sides could work without LACP being present, but the management of the links might be wonky.
    So without LACP, the links have to be configured manually, but I don't yet see anything that states that the two sides will not communicate if that is done.
    Further, the 'dladm' man page says that one valid lacp mode on the Solaris is "off", so it must have some functionality without LACP. I would imagine that will required some sort of manual link configuration on the cisco side. (The solaris side is not going to do PAgP).
    See also:
    http://www.kabewm.com/2007/02/22/solaris-10-lacp-trunking-w-cisco-6509/
    When the www.opensolaris.org boards come back up, I would recommend posting this question in the "networking" discussion group.
    Darren

  • EtherChannel and Vlan trunk

    I am trying to have 3 group of 4 GigE ports on the 3560G as a etherchannel and connect to 4 dells.
    On gi0/7 - 10 the trunk config seems to work but I am not able to route between the switches. Here is the config ...
    Can anyone take a look tell me what's missing? Much appreciated!
    Building configuration...
    Current configuration : 3422 bytes
    ! Last configuration change at 00:35:24 UTC Sat Jul 9 2005
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    hostname cisco_switch_b
    enable secret xxxx
    enable password xxx
    ip subnet-zero
    ip routing
    spanning-tree mode pvst
    no spanning-tree optimize bpdu transmission
    spanning-tree extend system-id
    interface Port-channel1
    switchport access vlan 5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    interface GigabitEthernet0/1
    description To Internet Router
    no switchport
    ip address 10.1.1.2 255.255.255.0
    ip helper-address 10.1.1.8
    interface GigabitEthernet0/2
    interface GigabitEthernet0/3
    interface GigabitEthernet0/4
    interface GigabitEthernet0/5
    interface GigabitEthernet0/6
    interface GigabitEthernet0/7
    description To Dell_switch_1
    switchport access vlan 5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    channel-group 1 mode on
    spanning-tree portfast
    interface GigabitEthernet0/8
    switchport access vlan 5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    channel-group 1 mode on
    spanning-tree portfast
    interface GigabitEthernet0/9
    switchport access vlan 5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    channel-group 1 mode on
    spanning-tree portfast
    interface GigabitEthernet0/10
    switchport access vlan 5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    channel-group 1 mode on
    spanning-tree portfast
    interface GigabitEthernet0/11
    description To Dell_switch_2
    switchport access vlan 6
    spanning-tree portfast
    interface GigabitEthernet0/12
    switchport access vlan 6
    spanning-tree portfast
    interface GigabitEthernet0/13
    switchport access vlan 6
    spanning-tree portfast
    interface GigabitEthernet0/14
    switchport access vlan 6
    spanning-tree portfast
    interface GigabitEthernet0/15
    description To Dell_switch_3
    switchport access vlan 7
    switchport mode access
    spanning-tree portfast
    interface GigabitEthernet0/16
    switchport access vlan 7
    switchport mode access
    spanning-tree portfast
    interface GigabitEthernet0/17
    switchport access vlan 7
    switchport mode access
    spanning-tree portfast
    interface GigabitEthernet0/18
    switchport access vlan 7
    switchport mode access
    spanning-tree portfast
    interface GigabitEthernet0/19
    interface GigabitEthernet0/20
    interface GigabitEthernet0/21
    interface GigabitEthernet0/22
    interface GigabitEthernet0/23
    interface GigabitEthernet0/24
    interface GigabitEthernet0/25
    interface GigabitEthernet0/26
    interface GigabitEthernet0/27
    interface GigabitEthernet0/28
    interface Vlan1
    no ip address
    shutdown
    interface Vlan5
    ip address 10.1.5.1 255.255.255.0
    interface Vlan6
    ip address 10.1.6.1 x.x.255.0
    ip helper-address 10.1.5.7
    interface Vlan7
    ip address 10.1.7.1 x.x.x.0
    ip helper-address 10.1.5.7
    ip default-gateway 10.1.1.1
    ip classless
    ip http server
    access-list 100 permit ip host 0.0.0.0 host 255.255.255.255
    access-list 100 permit udp host 10.1.5.1 host 10.1.5.7 eq bootps
    access-list 100 permit udp host 10.1.5.1 host 10.1.5.7 eq bootpc
    access-list 100 permit udp host 10.1.5.7 host 10.1.5.1 eq bootps
    access-list 100 permit udp host 10.1.5.7 host 10.1.5.1 eq bootpc
    access-list 100 permit ip host 0.0.0.0 host 255.255.255.0
    control-plane
    line con 0
    exec-timeout 0 0
    line vty 0 4
    password xxx
    no login
    line vty 5 15
    password xxx
    no login
    ntp server 10.1.5.7
    end

    Here is an example to configure EtherChannel:
    Cisco Catalyst 3560 Switch Configuration
    Set MDIX automatic – To enable cisco catalyst to accept cross cable and straight cable connection
    # config t
    # int range g0/1 – 28
    # switchport mode access - Configure Cisco catalyst to normal switch port
    # speed auto
    # duplex auto
    # mdix auto
    # end
    # show controllers Ethernet-controller
    # copy running-config startup-config
    Configure Etherchannels – support redundancy and network load balancing
    # config t
    # int range g0/23 – 24
    # switchport mode access
    # switchport mode vlan 1
    # channel-group 5 mode active
    # exit
    Configure Etherchannels load balancing
    # config t
    # port-channel load-balance src-dst-mac
    # exit
    Configure IP Address:
    # config t
    # int vlan 1
    # ip address 10.xx.xx.xx 255.255.252.0
    # ip default-gateway 10.xx.xx.1
    # config t
    # int range g0/19-20
    # channel-group 2 mode active
    # config t
    # int range g0/17-18
    # channel-group 3 mode active
    # channel-group mode 3 desirable
    # int port-channel 3
    # switchport mode access
    # config t
    # int range g0/15-16
    # channel-group 4 mode active
    # show etherchannel summary – to check Etherchannel port status
    Regards,
    Junhan
    IT Specialist

  • Routing issue between Cisco Nexus and Cisco 4510 R+E Chassis

    We have configured Cisco Nexus 7K9 as core and Cisco 4510 R+E as access switches for Server connectivity.
    We are experiencing problem in terms of ARP learning and Ping issues between Cisco Nexus and end hosts.

    Hi,
    So you have N7k acting as L3 with servers connected to 4510?.
    Do you see the MAC associated with failing ARP in 4510?. Is it happening with all or few servers?. Just to verify if it is connectivity issue between N7k and 4510, you can configure an SVI on 4510 and assign address from same raneg (server/core range) and perform a ping.
    This will help narrow down if issue is between server to 4510 or 4510 to N7k.
    Thanks,
    Nagendra

  • Communication problem between Cisco 3560 and Cisco SG300.

    Dear Support,
    I have a Cisco SG300 and Cisco 3560 switches.
    3560 is my Core Switch and SG300 is access switch.
    From 3560 VLAN information is not passed to SG300.
    3560 Configuration:
    interface GigabitEthernet0/23
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 1,2,10,11
    switchport mode trunk
    SG300 Configuration:
    interface gigabitethernet49
    spanning-tree link-type point-to-point
    switchport mode general
    switchport general allowed vlan add 2,10-11 tagged
    macro description switch
    Please suggest how this issue is resolve.
    Regards,
    JItesh Mahajan.

    Dear Aleksandra,
    Below Configuration is right or wrong for 3560 and SG300.
    3560 Configuration:
    interface GigabitEthernet0/23
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan remove VLAN 1
    switchport native vlan 1
    switchport trunk allowed vlan 1,2,10,11
    switchport mode trunk
    SG300 Configuration:
    interface gigabitethernet49
    spanning-tree link-type point-to-point
    switchport mode general
    switchport general allowed vlan add 2,10-11 tagged
    macro description switch
    Regards,
    JItesh Mahajan.

  • How to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

    how to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

    Hi ,
     Have you got any additional public IP Address from your service provider , If yes on router you can have static route for those additional IP Address pointing to your ASA  outside interface . 
    Accordingly you can configure NAT 
    HTH
    Sandy . 

  • Cisco wireless and Apple Mac woes

    Hello all,
    I've been working with Cisco wireless and WLC's for a couple of years now but the recent onslaught of Apple Mac's is giving me heart burn.  I've seen this at numerous sites now and need to throw it to eht community for guidance.
    Basically we have had a number of instances where the Macs just fall off the wifi.  Sometimes it's when they wake from sleep and other times when roaming between AP's (1131s with same SSID's).  Our standard install is WPA2 and per ap local authentication.  PC's work fine and never an issue.
    We have completed a survey with a spectrum analyser and no RF interefence is present nor errors on the radio interface.
    Questions:
    - Is there a preferred Cisco config/setup for Mac's to work reliably?  I've heard loads of rumors but nothing concrete and nor can I find anything specific.
    - Should I be setting up WDS in case there is an authenticating issue.
    - For those who are Mac gurus and happen to be reading. What Mac options we should look at?
    This has all come to a head because the clients IT company who recommended the Macs (different from us doing the network infrastructure) are insisting that the problem is Cisco incompatibility and that we should rip out the Cisco kit and install airports (what tha!!!).
    Thanks in advance for any pointers.
    For those who like a config here it is .... Vanilla stuff really
    Building configuration...
    Current configuration : 2236 bytes
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname AP4
    no logging console
    enable secret xxxxxxxxxxxxxxxxx
    no aaa new-model
    dot11 syslog
    dot11 ssid Home
       vlan 1
       authentication open
       authentication key-management wpa
       guest-mode
       mbssid guest-mode
       wpa-psk ascii xxxxxxxxxxxx
    dot11 ssid avnet
       vlan 2
       authentication open
       authentication key-management wpa
       mbssid guest-mode
       wpa-psk ascii xxxxxxxxxxxxxxxx
    username abcd password 1234
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption vlan 1 mode ciphers tkip
    encryption vlan 2 mode ciphers tkip
    ssid Home
    mbssid
    speed  basic-1.0 basic-2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0
    channel 2412
    station-role root
    interface Dot11Radio0.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.2
    encapsulation dot1Q 2
    no ip route-cache
    bridge-group 2
    bridge-group 2 subscriber-loop-control
    bridge-group 2 block-unknown-source
    no bridge-group 2 source-learning
    no bridge-group 2 unicast-flooding
    bridge-group 2 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    hold-queue 80 in
    interface FastEthernet0.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface FastEthernet0.2
    encapsulation dot1Q 2
    no ip route-cache
    bridge-group 2
    no bridge-group 2 source-learning
    bridge-group 2 spanning-disabled
    interface BVI1
    ip address 192.168.10.54 255.255.255.0
    no ip route-cache
    ip default-gateway 192.168.10.1
    no ip http server
    no ip http secure-server
    bridge 1 route ip
    line con 0
    line vty 0 4
    login local
    end

    Yeah!! even i have come across multiple issue with MAC and Cisco.. these are the below settings which i normally do on the cisco gears and most of the times this solved the issue..
    on the IOS AP disable Aironet Extentions and set the poer local and ofdm to max
    no dot11 extension aironet
    power local cck max
    power local ofdm max
    end
    On the WLC, disable Aironet IE..
    lemme know if this answered your question..
    Regards
    Surendra
    ====
    Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull

  • The difference of the IEEE802.1x Auth between Cisco Routers and Catalyst switches

    Hello
    I am investigating the difference of the IEEE802.1x Auth between Routers and Switches.
    Basically dot1x auth is availlable on Catalyst Switches. however if I want to check to
    PortBased Multi-Auth , MAC address Auth and any certification Auth with this feature,
    Is it possible to integrate into Cisco Router such as Cisco 891F ?
    In my opinion Cisco891F is also available to use basic IEEE802.1x but if it compares with Catalyst switches such as Cat3560X
    I think there might be any unsupported feature on Cisco 891F.
    I appreciate any information. thank you very much in advance.
    Best Regards,
    Masanobu Hiyoshi

    Many time in interviews asked comaprison between cisco  routers and switches that i was answerless bcoz i dont have much knowledge about that.Can anyone provide me the compariosin sheet of the same.how are the cisco devices differ with each other how much Bandwidth each routres support and Etc...
    Ummmm ... The most common question I get is "what is the difference between a router and a switch".
    However, if you get a question like this, then my impression to this line of questioning are:
    1.  The candidate they are looking for has in-depth knowledge of routers and switches.  And I mean IN-DEPTH!;
    2.  They are not looking for a candidate.  They just want to stroke their ego.  There is not alot of people who can give you the "names and numbers" of routers and switches at a snap of a finger.  And if you do happen to know the answer, then and there, then expect a tougher follow-up question. 

  • Urgent!!! Cisco ACE and asymetric routing assistance needed

    I am wondering if someone can give me pointers on the cisco ACE
    and asymetric routes. I've attached the diagram:
    -Cisco IOS IP address is 192.168.15.4/24 and 4.1.1.4/24
    -Firewall External interface is 192.168.15.1/24,
    -Firewall Internal interface is 192.168.192.1/24,
    -F5_BigIP External interface is 192.168.192.4/24,
    -F5_BigIP Internal interface is 192.168.196.1/24 and 192.168.197.1/24,
    -host_y has IP addresses of 192.168.196.10/24 and 192.168.197.10/24,
    -Checkpoint has static route for 192.168.196.0/24 and 192.168.197.0/24
    pointing to the F5_BigIP,
    -host_y is dual-home to both VLAN_A and VLAN_B with the default
    gateway on host_y pointing to VLAN_A which is 192.168.196.1,
    -host_x CAN ssh/telnet/http/https to both of host_y IP addresses
    of 192.168.196.10 and 192.168.197.10.
    In other words, from host_x, when I try to connect to host_y
    via IP address of 192.168.197.10, the traffics will go through VLAN_B
    but the return traffics will go through VLAN_A. Everything
    is working perfectly for me so far.
    Now customer just replaces the F5_BigIP with Cisco ACE. Now,
    I could not get it to work with Asymetric route with Cisco ACE. In
    other words, from host_x, I can no longer ssh or telnet to host_y
    via IP address of 192.168.197.10.
    Anyone knows how to get asymetric route to work on Cisco ACE?
    Thanks in advance.

    That won't work because ACE uses the vlan id to distinguish between flows.
    So when the response comes back on a different vlan, ACE can't find the flow it belongs to and it drops it.
    Even if we could force it to accept the packet, ACE would then try to create a new flow for this packet and it will collide with the flow already existing on the frontend.
    You would need to force your host to respond on the same vlan the traffic came in.
    This could be done with client nat on ACE using different nat pool.
    Gilles.

  • Cisco ISE and SecurID Integration Questions

    I'm looking for some clarity trying to understand something conceptually. I want to integrate Cisco ISE with RSA SecurID, the idea being that if the user authenticates with RSA SecurID they end up on one VLAN, however, if they don't authenticate with (or don't use, or don't have) SecurID they'll end up on another VLAN. Note that I'm not using SecurID for wireless access...all PCs are wired to Ethernet.
    We have been using RSA SecurID for a while and are currently on version 8.0. Our users are authenticating via the RSA Agent typically on Windows 8.1. Instead of the usual Windows login prompt, the RSA Agent first prompts for the username and passcode (they use an app on their smartphones to get the passcode), then after a moment or two, it prompts for their Windows domain password.
    We have recently installed Cisco ISE version 1.3. With the help of a local Cisco engineer and going through the "Cisco Identity Services Engine User Guide", I have it set up and running along with a few 'test' ports on our Cisco 6809 switch, it basically works...as a test it's simply set up that if they authenticate they're on one VLAN, if not, they end up on another (this is currently without using RSA...just out-of-the-box Windows authentication).
    The Cisco engineer was unable to help me with RSA SecurID, so pressing on without him, out of the same user guide I have followed the directions for "RSA Identity Sources" under the "Managing Users and External Identity Sources", and that went well as far as ISE is concerned; I am now ready to get serious about getting ISE and SecurID working together.
    My mistake in this design so far was assuming that the RSA agent on the Windows client PCs would communicate with Cisco ISE...there doesn't seem to be a way to have them point to a non-RSA SecurID server for authentication. The concept I'm missing is what, or how, the end-user machine is supposed to authenticate taking advantage of both ISE and SecurID.
    I have dug deeper into the Cisco ISE documentation but it seems heavily biased towards Wi-Fi and BYOD implementations and it's not clear to me what applies to wired vs wireless. Perhaps it's a case that I'm not seeing the forest for the trees, but I'm not understanding what the end-user authentication looks like. It apears that as I learn more about ISE, it should become the primary SSO source, that SecurID becomes just an identity source and the PC clients would no-longer directly communicate with the SecurID servers. That being the case, do I need to replace the SecurID client on the PCs and something else Cisco-ish fills this role? An agent for ISE? How do they continue to use their passcode without the RSA agent?
    Thanks!

    The external db not operation indicates that there is no communication between ACS and RSA. Did you fetch the package.cab file to analyse the auth.log file?
    Have you already gone through the below listed link?
    http://www.security-solutions.co.za/cisco-CSACS-1113-SE-4.2-RSA-Authentication-Manager-Integration-Configuration-Example.html
    Regards,
    Jatin Katyal
    - Do rate helpful posts -

  • Uploading YouTube videos/urls into Cisco Show and Share

    We've just purchased the DMM 5.2 and the Show and Share appliance to host internal company videos but there are some YouTube videos out there that we want to pull into our Show and Share system as well. How can we do this? I've tried every possible combination of youtube url and embedded url that is out there, at least nothing that I've tried has worked thus far. I'm able to pull in other internal URLs of different videos (wmv format) without any trouble. Is this an issue with YouTube or perhaps with flv formatted video that YouTube uses (which should work according to the manual).
    I know this is a new product, but is there anyone that can help?
    Thank you in advance,
    Chris

    Chris,
    The YouTube videos are typically Flash content.
    The key here is that you need to download the Flash content
    yourself and then Upload to the Show and Share.
    Use the DIRECT URL of the Flash Content on YouTube to download
    the FLV to you Personal device.  After file successfully download, simply
    upload the file to Show and Share.
    For example:
    Cisco Show and Share Flash Demo
    http://www.youtube.com/watch?v=ZzquCVvS0qQ
    * this link is the actual Dashboard URL not the video link
    http://v4.lscache8.c.youtube.com/videoplayback?ip=0.0.0.0&sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Calgorithm%2Cburst%2Cfactor%2Coc%3AU0dWRlRRVF9FSkNNNl9MS1hB&fexp=904405%2C901902&algorithm=throttle-factor&itag=34&ipbits=0&burst=40&sver=3&expire=1271466000&key=yt1&signature=1E65C92607546EA03DE0D1082884574D3F58AD0F.93FF9FDB00B10B44BBB52F31AADF3EB50FCEB7CC&factor=1.25&id=673aae095bd2d2a4&
    * Actual URL of Video Content
    ========================================================
    FOR THOSE THAT ARE USING OSX & SAFARI:
    ======================================
    If you need to download FLASH Content for TESTING in your DMS Solution, You
    can download Flash Videos from YouTube.
    Note: The Video Quality is NOT HD or even SD...  it is ID (Internet Definition)
          Also, the downloaded file will be a .flv Flash File.
    1. Open a Video on YouTube, Google Video etc.
    2. Press "Alt+Cmd(Apple-Key)+A" - A window opens named "Activity".
    3. Select the ".flv" file (looking on filesize helps) and press "Cmd(Apple-Key)+C" to copy.
       Paste with "Cmd(Apple-Key)+V" the URL to your Adress Bar and press Enter.
    4. If you need a different video format such as MPEG, WMV, or SWF; you will need to convert
       the downloaded ".flv" file with VisualHub or VLC
    If this answers your question, Please take time to mark this
    discussion answered & rate the response. 
    Thank You!
    T.

  • Cisco 891 and Vitek DVR via iPhone

    Fellow Cisco Experts,
    I have pretty much googled my brains out trying to figure out why we can't access our Vitek DVR on our iPhones.  It seems as if the TCP ports for 554 and 8081 work, but UDP ports do not. The public IP is 70.175.15.103 and the private DVR ip is 192.168.43.96. I'm fairly new to Cisco CLI, and I've opened ports on normal routers with ease. This, however, has got me beat. Can someone please help me out? The config is attached. 
    Thanks
    Kris

    Hi kris
    dont see any access list entries mentioning UDP.
    test to see if access list is the issue , by removing the access list from fastEthernet 8
    no ip access-group wan-in in
    do this for a couple and see if you can then access the DVR.
    regard Dave

Maybe you are looking for

  • How can I buy an iPad antivirus?

    Hi, I'd like to protect my iPad from virus and malwares. Where can I buy a solid antivirus for iPad?

  • Why don't  movies Previously purchased in iTunes via my PC show up in purchased view in iTune on my iPad?

    I had previously purchased movies via my PC iTunes which don't appear in iTunes on my iPad.  Previously purchased music and TV shows do appear in the iPad iTunes in my account?  Any ideas what I'm doing wrong?  Thanks.

  • Lost iwork apps

    My hard drive recently died on my MacBook Pro.  In the process of restoring everything from Time Capsule, I lost all my iWork apps.  Still have the files, but I can't open them.  Any ideas? Thanks!

  • Cad title block cofig docs required

    Hi All. I am also working on the integration of CAD integration with mySAP PLM. I am using AutoCAD 2007. As per the settings suggested in this thread, I have already completed it. Still, I am facing the problem with Title Block field Mapping. In this

  • Different Asset Value Dates for each Asset

    Hi, A very interesting and unique requirement. We are attaching multiple assets in the settlement rule of wbs elements and run CJ88, but as per standard SAP, all assets under each WBS Element are capitalized on the same Asset Value Date. My client wa