Does Cisco IPS appliance 4200 and 4300 series have whitelist?

Similar Messages

• Floppy Disk drives for Satellite Pro 4200 and 4300 series

  I have four Satellite Pro laptops - a 4340, a 4310, a 4270 and a 4280 and I'm having difficulty getting the 4310 and the 4270 to recognise a particular FDD. My understanding was that Mitsumi D353G FDDs were compatible with these 4200 and 4300 series laptops but I can't get the 4270 and the 4310 to "see" them. They will both however "see" an alternative FDD I have - a Pansonic JU-226A202FC but I only have one of them and two laptops needing a replacement FDD. I have tried a D353G that I know works (from my 4280) in both the 4310 and the 4270 but to no avail. I'm keeping an eye out for another Pansonic JU-226A202FC FDD on ebay but no luck so far. It's so frustrating as I'm sure a D353G FDD should work in the 4270 and 4310 and I have two spare ones which I wanted to use. I've looked in TSETUP.exe and can see no settings I can change to make these laptops see the D353G FDDs so any help or insight greatly appreciated. Does anyone out there have a 4270 or a 4310 successfully running a D353G FDD or, is this a quirk and these two particular models were only made to work with a Pansonic JU-226A202FC FDD not the D353G FDDs? Any clues?

  Hello
  Unfortunately I am not technician but I assume that there is obviously some problem with compatibility. It is possible that pin assignment is different and you can not use them. If you want to have a precise explanation you should contact technicians. I am pretty sure that they have motherboard schemes and can give you a proper explanation and advice how to handle with this problem.
  Good luck!

• What is the difference between Satellite Pro 4200 and 4300 series?

  As mentioned in another thread, I have a SP4220XCDT that died on me.
  I bought a mobo from ebay which was from a 4290, and today it arrived, but the problem was that it has a seemingly fixed CPU, which stands out much less from the board than the one on the 4220 board, and therefore does not connect with the cooling mechanism from my 4220.
  At least something comes on when I start up now, but unfortunately it doesn't get past the Toshiba screen which tells you to press F2 for boot sequence.
  Having also spent money on memory and a new cpu, I don't want to let this one go, and have seen a motherboard available suitable for a 4320/40/60 - anyone know if this will fit in with the rest of my 4220? It doesn't have a cpu so presumably will have the same mechanism as the 4220 mainboard.
  I'm assuming that these might be compatible since I have managed to find a pdf of a service manual which covers both the 4200 and 4300, although unfortunately the first page is missing so I dont' know if that highlights any differences.
  It's frustrating that there are no pdfs available for these older models, at least with specs on them, and it's very hard to find any info.
  As usual, thanks for any help!

  Hi
  As far as I know both series uses the Intel Mobile Pentium III microprocessor with MMX?Technology.
  I found out these details:
  Satellite 4260 Series: Mobile Pentium III 450MHz
  Satellite 4270 Series: Mobile Intel Celeron 500MHz
  Satellite 4280 Series: Mobile Pentium III 500MHz
  Satellite 4320 Series: Mobile Pentium III 600MHz featuring Intel SpeedStep Technology
  Satellite 4340 Series: Mobile Pentium III 650MHz featuring Intel SpeedStep Technology
  The notebooks measures should be also the same. So in my opinion it should be possible to use the same motherboard in Satellite Pro 4200 and 4300.

• IPS Appliance (4500 and 4300) interface redundancy

  Hello all,
  Around interface redundancy (A.K.A. interface bonding): our design actually includes a catalyst switch and a couple of IPS appliances 4500, an etherchannel configured with 2 SPF+ cables, one to each IPS. As you might know this are 10Gbps links. This as you see has a layer of resilience by having 2 IPS etherchanneled into the Catalyst.
  Now, if one cable fails or interface fails, can we configure any sort of interface bonding or semi-automatic setup with a extra link (in standby or not active) given that we might have spare 10Gbps ports on the switch AND on the IPS? Is there a best practise or something around this? I think the ASA firewalls have a command called "member-interface" which allow this type of redundancy but I think I have not seen this on the CR for the IPS OS. ( see http://yurisk.info/2010/08/23/redundant-interfaces-in-cisco-asa/)
  Cheers!
  Heber

  Cyrus,
  It kinda does, it is called Event action filters, where you can excempt host/subnets for triggering certain signatures.
  http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_event_action_rules.html
  Whatever you put on them, wont trigger the signatures you dont want it to trigger.
  Hope it helps.
  Mike

• Ask the Expert: Cisco Nexus 2000, 5000, and 6000 Series Switches

  with Cisco Expert Vinayak Sudame
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions how to configure and troubleshoot the Cisco Nexus 2000, 5000 and 6000 Series Switches with Cisco subject matter expert Vinayak Sudame. You can ask any question on configuration, troubleshooting, features, design and Fiber Channel over Ethernet (FCoE).
  Vinayak Sudame is a Technical Lead in Data Center Switching Support Team within Cisco's Technical Services in RTP, North Carolina. His current responsibilities include but are not limited to Troubleshooting Technical support problems and Escalations in the areas of Nexus 5000, Nexus 2000, FCoE. Vinayak is also involved in developing technical content for Cisco Internal as well as external. eg, Nexus 5000 Troubleshooting Guide (CCO), Nexus 5000 portal (partners), etc. This involves cross team collaboration and working with multiple different teams within Cisco. Vinayak has also contributed to training account teams and partners in CAE (Customer Assurance Engineering) bootcamp dealing with Nexus 5000 technologies. In the past, Vinayak's responsibilities included supporting MDS platform (Fiber Channel Technologies) and work with EMC support on Escalated MDS cases. Vinayak was the Subject Matter Expert for Santap Technologies before moving to Nexus 5000 support. Vinayak holds a Masters in Electrical Engineering with Specialization in Networking from Wichita State University, Kansas. He also holds Cisco Certification CCIE (#20672) in Routing and Switching.
  Remember to use the rating system to let Vinayak know if you have received an adequate response.
  Vinayak might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the  Data Center sub-community, Other Data Center Topics discussion forum shortly after the event.
  This event last through Friday July 12, 2013. Visit the community often to view responses to youe questions of other community members.

  Hi Vinayak,
  Output of "show cfs internal ethernet-peer database"
  Switch 1
  ETH Fabric
  Switch WWN              logical-if_index
  20:00:54:7f:ee:b7:c2:80 [Local]
  20:00:54:7f:ee:b6:3f:80 16000005
  Total number of entries = 2
  Switch 2
  ETH Fabric
  Switch WWN              logical-if_index
  20:00:54:7f:ee:b6:3f:80 [Local]
  20:00:54:7f:ee:b7:c2:80 16000005
  Total number of entries = 2
  Output of "show system internal csm info trace"
  Switch 1 in which "show cfs peers" show proper output
  Mon Jul  1 05:46:19.145339  (CSM_T) csm_sp_buf_cmd_tbl_expand_range(8604): No range command in buf_cmd_tbl.
  Mon Jul  1 05:46:19.145280  (CSM_T) csm_set_sync_status(6257): Peer RT status PSSed
  Mon Jul  1 05:46:19.145188  (CSM_T) csm_sp_handle_local_verify_commit(4291):
  Mon Jul  1 05:46:19.145131  csm_continue_verify_ac[597]: peer is not reachable over CFS so continuing with local verify/commit
  Mon Jul  1 05:46:19.145071  csm_tl_lock(766): Peer information not found for IP address: '172.16.1.54'
  Mon Jul  1 05:46:19.145011  csm_tl_lock(737):
  Mon Jul  1 05:46:19.144955  (CSM_EV) csm_sp_build_tl_lock_req_n_send(941): sending lock-request for CONF_SYNC_TL_SESSION_TYPE_VERIFY subtype 0 to Peer ip = (172.16.1.54)
  Mon Jul  1 05:46:19.143819  (CSM_T) csm_copy_image_and_internal_versions(788): sw_img_ver: 5.2(1)N1(2a), int_rev: 1
  Mon Jul  1 05:46:19.143761  (CSM_T) csm_sp_get_peer_sync_rev(329): found the peer with address=172.16.1.54 and sync_rev=78
  Mon Jul  1 05:46:19.143699  (CSM_T) csm_sp_get_peer_sync_rev(315):
  Mon Jul  1 05:46:19.143641  (CSM_EV) csm_sp_build_tl_lock_req_n_send(838): Entered fn
  Mon Jul  1 05:46:19.143582  (CSM_T) csm_set_sync_status(6257): Peer RT status PSSed
  Switch 2 in which "show cfs peers" does not show proper output
  Mon Jul  1 06:13:11.885354  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport mode trunk, cmd pseq 77 seq 482
  Mon Jul  1 06:13:11.884992  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd channel-group 51 mode active, cmd pseq 357 seq 369
  Mon Jul  1 06:13:11.884932  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport trunk allowed vlan 2, 11, cmd pseq 357 seq 368
  Mon Jul  1 06:13:11.884872  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport mode trunk, cmd pseq 357 seq 367
  Mon Jul  1 06:13:11.884811  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd description process_vpc, cmd pseq 357 seq 366
  Mon Jul  1 06:13:11.884750  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd channel-group 51 mode active, cmd pseq 352 seq 365
  Mon Jul  1 06:13:11.884690  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport trunk allowed vlan 2, 11, cmd pseq 352 seq 364
  Mon Jul  1 06:13:11.884630  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport mode trunk, cmd pseq 352 seq 363
  Mon Jul  1 06:13:11.884568  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd description process_vpc, cmd pseq 352 seq 362
  Mon Jul  1 06:13:11.884207  (CSM_EV) csm_sp_acfg_gen_handler(3011):  Preparing config into /tmp/csm_sp_acfg_1733916569.txt
  Mon Jul  1 06:13:11.878695  csm_get_locked_ssn_ctxt[539]: Lock not yet taken.
  Mon Jul  1 06:13:11.878638  (CSM_EV) csm_sp_acfg_gen_handler(2937): Recieved sp acfg merge request for type: running cfg
  Mon Jul  1 06:12:29.527840  (CSM_T) csm_pss_del_seq_tbl(1989): Freeing seq tbl data
  Mon Jul  1 06:12:29.513255  (CSM_T) csm_sp_acfg_gen_handler(3106): Done acfg file write
  Mon Jul  1 06:12:29.513179  (CSM_EV) csm_sp_acfg_gen_handler(3011):  Preparing config into /tmp/csm_sp_acfg_1733911262.txt
  Mon Jul  1 06:12:29.508859  csm_get_locked_ssn_ctxt[539]: Lock not yet taken.
  Mon Jul  1 06:12:29.508803  (CSM_EV) csm_sp_acfg_gen_handler(2937): Recieved sp acfg merge request for type: running cfg
  Mon Jul  1 05:53:17.651236  Collecting peer info
  Mon Jul  1 05:53:17.651181  Failed to get the argumentvalue for 'ip-address'
  Mon Jul  1 05:40:59.262736  DB Unlocked Successfully
  Mon Jul  1 05:40:59.262654  Unlocking DB, Lock Owner Details:Client:1 ID:1
  Mon Jul  1 05:40:59.262570  (CSM_T) csm_sp_del_buf_cmd(1713): Deleting comand with Id = 1
  Mon Jul  1 05:40:59.262513  DB Lock Successful by Client:1 ID:1
  Mon Jul  1 05:40:59.262435  Recieved lock request by Client:1 ID:1
  Mon Jul  1 05:40:41.741224  ssnmgr_ssn_handle_create_get: Session FSM already present, ID:1
  Mon Jul  1 05:40:41.741167  ssnmgr_handle_mgmt_request: Create/Get request received for session[process_n5kprof]
  show cfs lock gives no output.
  Just to further clarify, we have 4 5548UP switches in the same management vlan. 2 switches are in one location lets say location A and they are CFS peers and are working fine.
  These two switches which are having problem are in location B. All the switches are in the same vlan. Essentially the all CFS multicast messages will be seen by all 5548 switches as they are in the same vlan. I am assuming that this might not create any problems as we specify the peers in the respective configurations. Or do we have to change the CFSoIPv4 multicast addresses in location B or may be configure a different region.
  Regards.

• When i buy a mac does iLife last some time and then i have to buy it or how doesit work?

  when i buy a mac does iLife last some time and then i have to buy it or how doesit work?

  iLife lasts as long as youuse the Mac - it is possible (Probable) that upgrades will become available for purchase and that certain items like print products will eventually be unavailable without an upgrade - but the software will continue to work - some people still use iPhoto 2 which is over ten years old
  LN

• Does Cisco NAC Appliance deployment require CS-ACS?

  I've gone through all the partner training on the Cisco NAC appliance and mgmt station, and CiscoSecure ACS 4.0+ is mentioned just about everywhere in the user verification steps.
  If a customer does not have CSACS, or AAA for that matter (say in just a MS Exchange environment), the NAC appliances can still be used, correct?
  I'm assuming they can, but that leads to if any functionality/checks would be lost in that case, and if so, what?
  Anybody have any ideas on that?
  Thanks!

  Yes, you could use NAC with the local database for a client demonstration. This is actually my preferred method.
  Of course, you would lose the central management functionality which comes with ACS or a hook to Active Directory via KTPass (This command-line tool enables an administrator to configure a non-Windows Server 2003 Kerberos service as a security principal in the Windows Server 2003 Active Directory).
  Though by all means deploy NAC, even if you are simply want to demonstrate its functionality. Configure the authentication portion last, after your customer is happy with the demonstrated results.
  Hope this helps.

• Unable to email photos, receive a statement that the server does not recognize my username and or password, have checked multiple times that these are correct

  I am unable to e-mail  photos, receive a statement saying that the werever does not recognize my username and or password. I have checked multiple times and these are correct.

  The box comes up that says "server does not recognize username or password".
  That error message usually will pop up, when there is a conflict between the "From" setting for the mail account you are sending from and the selected outgoing mail server. Probably the outgoing Mail server is receiving a user name and password it does not understand. When the mail returns unsent, do you see the "Try again" panel with the option to select a different outgoing mail server?
  If you do not see this panel, change the Mail "Preferences > General" to "If Outgoing server is unavailable: Show a list of alternate servers". This way, you will know, which server Mail is trying to send from.
  Have you tried to set "From"  pop-up menu to one of your other email addresses?  If that works, change your settings in Mail to always send from this address. You can set this option in the Mail "Preferences > Composing: Send New Messages from". I have my "Send New Messages from" set to "iCloud". That is working best for me with iPhoto.

• Does the HP Photosmart Premium Model C310 Series have the capability to do two side printing?

  Is my printer capable of doing two sided printing without manual intervention?

  Hi fildawg,
  First, check to see that the two-sided printing accessory is showing as installed:
  1. Click the Apple icon on the top bar, to the far left
  2. Click System Preferences
  3. Click Print & Fax (10.6.8 and Earlier) or Print & Scan (10.7.x)
  4. Click to select your printer (HP Photosmart C310) from the list on the left
  5. Click the Options & Supplies button on the right
  6. Click the Driver tab
  7. Look for a line item that says "HP Two-sided Printing Accessory (Duplexer)", and make sure it has a check mark to the left of it.
  Next, here are the steps to print two-sided:
  The following is an example of the print workflow I use - it is just the order of menus/buttons/settings that you go through when setting up a print job.
  1. Open a document to print
  2. Click File --> Page Setup (If Page Setup is available, Safari doesn't usually have this option).
  3. Under Format For: select the specific printer (Sometimes this will default to "Last Used Printer").
  **By specifying the printer, you enable the driver-specific options for that product.
  4. Select the Paper Size, then Click Ok
  5. Click File --> Print
  **Depending on the application, you may see a condensed driver window. Look for a down arrow or show details button to expand to the full size driver window.
  6. Depending on which version of Mac OS X you are using, the two-sided option will either be:
  - A check box towards the top of the driver window (or alternately, a selection within the Layout menu where you select the binding style).
  - A menu item located in the drop down menu that is just below Orientation.
  7. Click the Paper Type/Quality menu item, and ensure that these settings are correct for the media being printed on.
  8. Click Print.
  Please let me know if you need further assistance with this, or more detail.
  Thanks! 
  I am an HP Employee
  Click the KUDOS Star to say "Thanks"
  Please mark the post that solves your problem as "Accepted Solution"

• I'm deciding to buy the one year plan, after one year, does the plan go away and I would have to re buy it?

  I'm thinking about buying adobe photoshop cc and the plan says to buy it for one year. Does that mean I can only have adobe photoshop for one year?

  Yes, that's correct, it's a subscription service.  You will have to pay every year (or every month after the first year) to continue to use the software.
  -Noel

• I want to reset the security questions, but the email it sends it to does not belong to me, and I only have one email registered.

  I went to purchase a book and it asked me 2 security questions that I do not even remember setting up. I went to click "send reset email", but I did not recognize the email. The email was f********@yahoo.com, and I even checked to make sure that I had only one email, i*****@rocketmail.com. Where did this other email come from and how do I fix it?

  Are you sure that you never set up a rescue email address on your account ? I'm not sure where you checked as that is the only place that the rescue email address appears on your account (apart from if you answer the 2 questions, in which case you can then edit/remove it).
  If you don't recognise the email address then see if this user-tip helps for getting the questions reset : https://discussions.apple.com/docs/DOC-4551

• Error: Cannot connect to NTP server or NTP server is not running - Cisco IPS

  This is different scenario here:
  I have two Cisco IPS 4260-k9 and both are in production now.
  One of the IPSs is configured with NTP and works fines, but another one is not.
  When tried to configure when the device is ON and live in production and got the following error,
  Error from CLI:
  " Error: Cannot connect to NTP server or NTP server is not running "
  Error from IME:
  " Delivery failed.
  err Unaccepable Value - cannot connect to the NTP server or NTP server is not running"
  I am able to reach the NTP server, also the same NTP is working fine with other devices....
  Am I doing anything wrong?
  Please advise

  Hi,
  Now the error has changed:
  Session.connect: java.net.SocketTimeoutException: Read timed out
  I have increased the pooling interval to 1 Hr from 1 Min. Waiting for the next pooling interval result.
  Guide me if I am heading right.... or anything else needs to be done.
  Regards,
  Krishna Chauhan

• Installation of Cisco ISE 1.1.4 on Cisco NAC Appliance 3315

  Hi,
  I am re-imaging the Cisco NAC Appliance 3315 and installing the Cisco ISE 1.1.4...
  After finishing the Installation, when i type "SETUP"... It gives me the below Error;
  # ERROR:  INPUT/OUTPUT ERRORS FOUND DURING THE INSTALLATION!        #
  # PLEASE REIMAGE THE APPLIANCE OR VM FROM THE INSTALLATION MEDIA.   #
  Please advise....
  I tried to change the Time/Date as per UTC/GMT accordingly... But, i didn't find the RAID in CLI... see the link below
  (http://www.cisco.com/en/US/docs/security/ise/1.1.1/installation_guide/ise_app_f-installing_on_NAC-AC.html)
  any idea...
  Regards,
  Mubasher Sultan

  Where did you get the recovery media? Did you download from cisco.com?
  Please download the image from CCO and ensure the ISE image is valid by checking the MD5 checksum of the downloaded image is matching to CCO image.You will then need to burn this ISO image onto bootable DVD.
  Supporting link:
  http://www.cisco.com/en/US/docs/security/ise/1.1/installation_guide/ise_ins.html#wp1134146
  Jatin Katyal
  - Do rate helpful posts -

• Cisco IPS 4200 Series Feature

  Does the Cisco IPS 4200 can support RADIUS for user authentication?
  Does the Cisco IPS 4200 can support SYSLOG for sending logging to outside?

  Are you kidding me? Then how do you explain
  the fact that security devices such as
  checkpoint and ASA firewalls are allowed
  authentication via tacacs/radius and you can
  send syslog back to a syslog server. Normally
  the information is got sent back via the
  Command and Control (C&C) interface which
  should be on a secure network in the first
  place.
  This is a limitation of the of the IDS itself.
  I have not tried version 5.x or 6.x yet but
  if they are similar to version 4.1, then
  they are nothing but a Linux box. You can
  "shell" into the box and install PAM on it
  so that you can use external authentication
  such as radius/tacacs or even LDAP.

• Cisco IPS Concurrent session support in ips 4260 and 4270 sensor

  I am wondring that no document from Cisco IPS data sheets mention the concurrent session support in Cisco IPS 4200 series sensor. I am looking forward to any one who can advise about the subject.
  Thanks
  Nouman

  Hi.
  with IPS devices it's difficult to measure performance by # of connections per second since several factors count to the performance limit, including:
  1- packet size.
  2- object sizes per transaction
  3- transactions per second
  4- signatures enabled
  5- features enabled
  that why public documents try to make it more realistic by mentioning the transactional performance.
  here is a link mentioning concurrent connections for 4270:
  http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/prod_white_paper0900aecd806e7283.html
  although the link mentiones 100k and 200k, but we've seen situations where we had a lot more connections with a smaller amount of signatures enabled.
  for the 4260 the public document only mentions the transactional performance.
  Regards,
  Fadi.
  If this answers your question please mark the thread as resolved.