Dual Cat6k with Firewall module scenario

Similar Messages

• Firewall Module with HSRP switches

  Hello ,
  We have implemented HSRP configuration between the core switches for 20 VLANs, as the following:
  HSRP Configuration for switch 1;
  Interface Vlan4
  Description “VLAN Description”
  Ip address 192.168.8.2 255.255.255.0
  Standby 5 ip 192.168.8.1
  Standby 5 timer 5 15
  Standby 5 preempt
  HSRP Configuration for switch 2;
  Interface Vlan4
  Description “VLAN Description”
  Ip address 192.168.8.3 255.255.255.0
  Standby 5 ip 192.168.8.1
  Standby 5 timer 5 15
  Standby 5 priority 50
  Standby 5 preempt
  Now, Only on the active core switch we have inserted a firewall Module to protect VLANs communication to each other while we dont have firewall on the standby switch. Im planning to implement firewall only on one switch if the VLAN fail the traffic will be diverted on the second switch without firewalling.
  Would you please assist me on Firewall configuration when i have HSRP running as per my config.
  Regards,

  The transparent firewall feature greatly simplifies deployment in the data center for protecting hosts. The transparent firewalls also fit into existing networks with no Layer 3 changes and transparently pass Layer 3 traffic from routers, allowing interoperability with IP services such as Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Gateway Load Balancing Protocol (GLBP), Multicast, and non-IP traffic such as Internetwork Packet Exchange (IPX), Multiprotocol Label Switching (MPLS), and bridge protocol data units (BPDUs).

• Monitoring with dual-channel i/o modules.

  how can I read datas from a dual-channel i/o modules?
  i have the FP-DI-DC, FP--DI-AC120, FP-DI-AC240 discret input modules, but their values are bolean. i need reading the input signals from my LabVIEW program, but now i only can read the bolean values. how can I read the input signals intead of reading the bolean values?

  Omar,
  What sort of data do you want from the input signals?
  The dual channel modules that you have chosen are all Discrete input modules, thus they tell you when the input voltage is above or below some threshold value. That means that they tell you if the channel is ON or OFF, which is best represented as a boolean value. If you want to know what the voltage is, you need to use Analog Input type modules, which digitize the value of a signal.
  Regards,
  Aaron

• Firewall Module with Confiugured HSRP switches

  Hello ,
  We have implemented HSRP configuration between the core switches for 20 VLANs, as the following:
  HSRP Configuration for switch 1;
  Interface Vlan4
  Description “VLAN Description”
  Ip address 192.168.8.2 255.255.255.0
  Standby 5 ip 192.168.8.1
  Standby 5 timer 5 15
  Standby 5 preempt
  HSRP Configuration for switch 2;
  Interface Vlan4
  Description “VLAN Description”
  Ip address 192.168.8.3 255.255.255.0
  Standby 5 ip 192.168.8.1
  Standby 5 timer 5 15
  Standby 5 priority 50
  Standby 5 preempt
  Now, Only on the active core switch we have inserted a firewall Module to protect VLANs communication to each other while we dont have firewall on the standby switch. Im planning to implement firewall only on one switch if the VLAN fail the traffic will be diverted on the second switch without firewalling.
  Would you please assist me on Firewall configuration when i have HSRP running as per my config.
  Regards,

  HSRP provides two servicesIP redundancy and a Virtual IP (VIP) address. Each HSRP group may provide either or both of these services. Cisco IOS firewall stateful failover uses the IP redundancy services from only one HSRP standby group. It can use the VIP address from one or more HSRP groups. Use the following task to configure HSRP on the outside and inside interfaces of the router.
  http://cisco.com/en/US/products/ps6441/products_feature_guide09186a00806106ea.html#wp1149287

• How do I use Cisco MARS to monitor two ASA (active/stby) with IPS modules?

  Hi
  The two ASA with IPS modules are in active/standby mode. When I try to add both the two IP (active/standby) into the MARS, the MARS will complain duplicated hostnames.
  How to setup MARS to monitor ASA with IPS with active standby topology?
  Thanks!

  Hi,
  The fundamental problem with this scenario is that you have non-failover capable modules in a failover chassis - think of the ASA failover pair as one device and the IPS modules as two completely separate devices.
  Then, as already mentioned, add only the primary ASA. (The secondary will never be passing traffic in standby mode so it's not actually needed in MARS) Then, with the first IPS module you can add it as a module of the ASA or as a standalone device (MARS doesn't care). With the second IPS module the only option is to add it as a separate device anyway.
  In a failover scenario the ASA's swap IP's but the IPS's don't so whereas you'll only ever get messages from the active ASA you'll get messages from both IPS IP's depending on which one happens to be in the active ASA at the time.
  Don't forget that you have to manually replicate all IPS configuration every time you make a change.
  HTH
  Andrew.

• Basic functionality and few steps for how to integrate with PS module

  HI Experts,
  I am very new to C-projects .
  So cn anybody put some light on what c-project is and how cn we integrate wth PS module step by step.
  Thanks In adv.
  Regards
  Ashis

  Hi,
  Please find some details about cProject below.
  Collaboration Projects (cProjects):
  SAP offers SAP Collaborative Project Management (cProjects). cProjects covers the entire range of project management activities in development and consultancy projects, from planning to implementation to project completion.
  Value Proposition
  cProjects supports organizations to grow their project management excellence by
  a) providing solid standalone project management core support
  b) offering a wide range of integration options
  Key Benefits Include:
  a) As single source of truth cProjects provides company-wide transparency of all projects.
  b) Complete functional support for project planning, execution and controlling
  c) Project structuring and scheduling
  d) Clear responsibilities based on project roles
  e) Well-defined handovers through approval protected phase gates
  f)  Effective Collaboration for all project stakeholders through web interface
  g) Effective use of resources through cProjects enterprise resource planning and tracking.
  h) Reduce project time to market and costs by implementing project templates
  i)  Timely and consistent status information based on dashboards, evaluations and alerts
  j)  Rapid access to all project related information in the entire SAP Business Suite.
  k) Governance through comprehensive authorizations
  l)  Tracking project history through status reports and versions
  Integration by Evolution
  cProjects supports organizations in evolving their project management maturity by constantly adding enterprise integration capabilities to their project management solutions. Many customers start with cProjects by deploying it in a stand-alone scenario with limited integration. cProjects offers a wide range of integration scenarios to increase project reach and effectiveness. A cProjects implementation growths with our customers.
  Integration Functions Include:
  1)Cross project reporting with SAP NetWeaver Business Intelligence
  2)Detailed Project Costing with SAP ERP Financials and Project System
  3)Enterprise Resource Management based on SAP ERP Human Capital Management
  4)Business object integration to the SAP Business Suite for example materials or sales orders
  5)Portfolio integration including strategic resource management with SAP xApp Resource and Portfolio Management
  6)Partner collaboration with SAP Collaboration Folders
  7)Enterprise Portal Deployment and Collaboration Room integration
  8)Confirmation of time and travel costs with SAP ERP Time and Travel
  9)SAP CRM opportunity management integration
  10)Powerful document management with SAP Document Management and SAP easyDMS.
  11)Early Project Costing with SAP ERP Easy Cost Planning
  Positioning
  Since cProjects birth as development project management for the automotive industry it has emerged to a flexible project management solution for all industries and focused on various project types, including
  new product development and introduction,consulting projects and IT projects.
  SAP cProjects and SAP Project System (SAP PS) are both part of SAP's offering for Project Management. Customers can use them independently or integrated depending on project requirements. If both are used integrated for the same projects cProjects manages project schedule and resources while cost and budget are managed in SAP PS.
  cProject integration with PS module
  With cProjects 4.0 multilevel controlling is possible. For the project type multilevel controlling (either automatic or manual) could be chosen. It can be either for the project elements or the for the project roles. Once you are on the accounting tab and by choosing account assignment you may notice that for every cProjects element a corresponding WBS element getting created in the Project system. We can do costing thereafter for the WBS elements in the Project systems
  Regards
  Award points for useful answer
  Edited by: Yogesh  Pande on Dec 9, 2008 2:02 PM

• Ciscoworks Firewall Module Support

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-parent:"";
  mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
  mso-para-margin-top:0cm;
  mso-para-margin-right:0cm;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0cm;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;
  mso-fareast-language:EN-US;}
  We are using Firewall Modules in our Cat6500(s) (WS-SVC-FWM with FWSM 4.0(4)) to provide centralized firewall services to our users. I have been asked if there is any support for these blades in Ciscoworks. I don’t think these types of blade services have been integrated into Ciscoworks yet. We have the same issue with our wireless blades (WiSM)
  I’m mostly interested on the ability to backup context configurations from the Firewall blades.
  LMS 3.2 with RME 4.3.1 among others.
  Thanks for any information.
  Jorge A Jiles

  The answer is yes, RME 4.3.1 support configuration management with the WS-SVC-FWM
  Please refer to this link for a complete list of supported devices and modules.
  http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/3.2/device_support/table/lms32sdt.html
  However, there is a enhancement bug opened as well that I think you will be interested in based on
  the ability to backup context configurations from the Firewall blades.
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl65838
  CSCsl65838            Bug Details
  Multicontext Firewalls should have ALL contexts archived from admin
  Symptom:For firewalls that support multiple  contexts, RME does not archive all the context configs if just the admin  context IP is in the seedfile.
  Conditions:Firewalls that support multiple contexts.
  Workaround:Manage each context configuration as an individual, separate device in RME.
  Further Problem Description:This  capability should be added to RME so that the customer is not required  to have IP reachability to each context and individually put that  context into RME.All the contexts can be accessed from the Admin  context by changeto context system.  Then either fetch the configs from  the file system (dir) or changeto each context and get its config.

• Dual-head with Radeon HD 2400LE not working/behaving strangely

  I have a Radeon HD 2400LE video card. and I'm attempting to set up dual-head with a 17" (1280x1024) scree and a 24" (1920x1200) screen.  I originally tried fglrx, and it worked mostly, but caused partial lockups every few hours (the mouse cursor would move, but didn't seem to pass any events to anything - even hover wouldn't work).  I'd like to use the radeonhd driver in any case, and I'm currently trying it from git/AUR, version 20090116-1.  I'll post my xorg.conf here shortly, once I've cleaned it up a bit.  Anyhow, I'm running KDE 4.2, and the display settings list VGA (my second monitor), DVI-digital (my first monitor), DVI-analog (the same port), and TV (S-Video - not used).  However, clicking "Identify Outputs" displays the VGA output properly, but the DVI-digital output indicator is shown halfway off the top-left corner of the VGA-connected screen.  Enabling the DVI monitor's output does something, because the monitor recognizes that it's connected, but it won't display anything, and changing the DVI settings causes various weird issues with the VGA-connected screen.  I'm not using Xinerama, as I was planning on doing the whole thing with KDE and the help of XRandR.  I could really use some help with this, as I've been fighting with dual-head all week.
  Thanks

  Here is my xorg.conf, it sounds like you are trying to acheive a similar setup to what I have, maybe you'll find this helpful
  let me know if you have anyquestions on it.
  Section "Module"
  Load "dbe"
  SubSection "extmod"
  Option "omit xfree86-DGA"
  EndSubSection
  Load "glx"
  Load "freetype"
  #Load "type1"
  Load "dri"
  Load "drm"
  EndSection
  Section "Files"
  FontPath "/usr/share/fonts/misc"
  FontPath "/usr/share/fonts/100dpi:unscaled"
  FontPath "/usr/share/fonts/75dpi:unscaled"
  FontPath "/usr/share/fonts/TTF"
  FontPath "/usr/share/fonts/Type1"
  EndSection
  Section "Server Flags"
  Option "AutoAddDevices" "false"
  EndSection
  Section "Input Device"
  Identifier "Keyboard1"
  Driver "kbd"
  Option "AutoRepeat" "500 30"
  Option "XkbRules" "xorg"
  Option "XkbModel" "microsoft"
  Option "XkbLayout" "us"
  EndSection
  Section "Input Device"
  Identifier "Mouse1"
  Driver "mouse"
  Option "Protocol" "Auto"
  Option "Device" "/dev/input/mice"
  Option "ZAxisMapping" "4 5 6 7"
  Option "Emulate3Buttons"
  EndSection
  Section "Monitor"
  Identifier "monitor0"
  Option "DPMS" "true"
  EndSection
  Section "Monitor"
  Identifier "monitor1"
  Option "DPMS" "true"
  Option "RightOf" "monitor0"
  EndSection
  Section "Device"
  Identifier "device0"
  Driver "radeonhd"
  BusID "PCI:1:5:0"
  Option "monitor-DVI-D_1" "monitor0"
  Option "monitor-VGA_1" "monitor1"
  Option "RROutputOrder" "DVI-D_1"
  EndSection
  Section "Screen"
  Identifier "Screen0"
  Device "device0"
  DefaultDepth 24
  SubSection "Display"
  Depth 24
  EndSubSection
  EndSection
  Section "ServerLayout"
  Identifier "Multihead Layout"
  Screen "Screen0" 0 0
  InputDevice "Mouse1" "CorePointer"
  InputDevice "Keyboard1" "CoreKeyboard"
  EndSection
  Section "DRI"
  Group "video"
  Mode 0666
  EndSection
  Last edited by Cyrusm (2009-01-25 04:34:14)

• Time dependency in HR & Diff betn BW HR with other modules

  Hi BWers,
  Could you please let me know the Time Dependency in HR and what is the major difference between BW HR with other modules.
  Points will be awarded.
  Thanks,
  Abhi

  hi abhi...
  check
  BW HR Docs
  BW-HR Implementation
  Please go through following links for information on HR-BW
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/174b9990-0201-0010-2abe-86a515869fbe
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/7e3f9990-0201-0010-9a97-e971112aa2b2
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/e1cba990-0201-0010-43ae-af579aee7a73
  For HR related scenarios, go to link
  http://help.sap.com/bp_biv235/BI_EN/html/bw.htm
  Here under, "Human Capital Management" , you will find HR scenarios.
  Also go through SAP help link
  http://help.sap.com/saphelp_nw04/helpdata/en/2a/77eb3cad744026e10000000a11405a/frameset.htm
  hope this helps..

• Integration of SD with other modules

  Hi experts,
    Can somebody kindly tell me some good links or documents regarding the integration of SD with other modules, with respect to STOCK TRANSFER, CROSS COMPANY FUNCTIONONG, PROCESSING OF COMPLAINTS, SPECIAL ORDER TYPES and BASIS IN INTEGRATION (project experience or participation in case study)
  Thanks,
  Viji

  the integration of SD with other modules, with respect to STOCK TRANSFER, CROSS COMPANY FUNCTIONONG, PROCESSING OF COMPLAINTS, SPECIAL ORDER TYPES and BASIS IN INTEGRATION
  <a href="http://www.sap-img.com/sap-sd/link-between-sap-sd-mm-and-fi.htm">SD MM FI integration</a>
  <a href="http://www.sap-img.com/sap-sd/configure-intercompany-stock-transport-order.htm">STO</a>
  <b>Complaints Processing</b>
  Implementation Considerations
  You can process complaints in the following ways:
  Example 1: The customer returns the goods. You create a return to process the transaction.
  - If the customer wants a refund for the amount, enter a credit memo with reference to the return.
  - If the customer wants a replacement product, enter a free-of-charge subsequent delivery with reference to the return.
  Example 2: The customer does not send the goods back.
  - If the customer wants a refund, you enter a credit memo request with reference to the sales order or the invoice.
  - If the customer wants a replacement product, you create a free of charge subsequent delivery with reference to the sales order.
  Example 3: The price is wrong.
  For example, the discount was forgotten or the scaled prices were miscalculated. You then enter an invoice correction request with reference to the invoice.
  Example 1
  You sent the customer 100 pieces. The customer sends 30 back because they were damaged during transport. You create a return for 30 pieces and then either a credit memo or a free-of-charge delivery with reference to the return.
  Example 2
  The customer reports that a further 10 units were so damaged that they threw them away. You enter either a credit memo request or a free of charge subsequent delivery with reference to the sales order or invoice.
  Example 3
  100 units were calculated at 10 USD per unit for the customer. However, due to a promotion they should have been calculated at 9 USD per unit. You enter an invoice correction request with reference to the invoice and enter the price as 9 USD per unit.
  Prerequisites
  Process Flow
  You decide which one of the above scenarios is most similar to the type of complaint you are processing.
  Enter the appropriate sales document, with or without reference to an order or invoice.
  You can change the settings in Customizing so that the sales document is automatically blocked for a delivery or billing. This means that the system does not create a free-of-charge delivery or a credit memo until you have had the opportunity to check the goods or clarify the complaint.
  Once you have checked the goods or clarified the situation, you can:
  - Approve the complaint by releasing the sales document.
  - Reject the complaint by entering a reason for rejection in the sales document.
  If you do not need any release procedures for credit memo requests, you can also create a credit memo with reference to an invoice. In this case, you do not need either the credit memo request or its release.
  <b>Result</b>
  Once you have released the sales document, you can create a delivery or a credit memo.
  <b>Special Order types</b>
  <b>Cash sales</b> is an order type for when the customer orders, picks up and pays for the goods immediately. The delivery is processed as soon as the order has been entered. A cash invoice can be printed immediately from the order and billing is related to the order. Receivables do not occur for the customer as they do for rush or standard orders, because the invoice amount is posted directly to a cash account.
  In a <b>rush order</b> transaction, the customer picks up the goods or you deliver the goods on the same day as the order is placed. In the standard system, when you save this sales document type, a delivery is automatically created and billing is related to the delivery.
  <b>Basis</b> guys help in configuring the landscape, moving the request, scheduling and maintainence of batch jobs which run in the background, server maintenance. Basis is kind of heart for any project and they work 24*7 continuous.
  Hope you have the required info now. Pl reward if helpful.
  Thanks,
  Sadhu Kishore

• What happens if 3700 with WSSI module is connected to 802.3af PoE port?

  I know that the 3700 itself will drop to 3x4 MIMO if it only gets 15.4W of power (takes 16.8 with 4x4).  If I add in a WSSI module, I know that is not enough power to run the WSSI module.  We'd like to deploy our APs with the module installed and light up WSSI only as we get 802.3at power available.  What I don't know is if the AP will light up as 3x4 with WSSI disabled, or if the AP will just completely fail.   I should get a chance to test this soon, but if you happen to know, please tell!  
  Thanks!
  Gary Hahn

  If you have enough power to the AP, you can look at the GUI and under the main screen under Access Point Summary, you will see Dual-Band Radios... the WSSI or WSM will show up there.
  Please rate helpful post and Cisco Support Community will donate to Kiva
  Scotty

• Upgrading my G4 MDD dual 867 with Gigadesigns dual 1.33 upgrade; worth it?

  I am updgrading my PowerMac G4 dual 867 and doing most of the usual; ATI Radeon 9800 Pro 256MB AGP video card, more internal hard drives, still debating on SCSI hard drive; then maxing out memory at 2GB (missing anything else to upgrade?)
  I am also considering on upgrading the processor to Gigadesigns dual 1.33 processor upgrade (btw, is this the only processor upgrade available for me?). First, is it worth it? Second, will this force me to change out my PC 2100 DDR SDRAM memory modules? Any other foreseen problems with upgrading to the dual 1.33 processor?
  I am hoping to get a response from someone who has actually upgraded their MDD dual 867 with Gigadesigns processor and see what they have to say about it.

  MDD upgrades were complex, challenging, and there are 6 different configurations and versions of MDDs out there. And the supply of 7455Bs may be a limiting factor.
  If you need OS 9 or don't want a G5 (2.0's for $1699 making it affordable "upgrade") and $499 seems acceptable, and your applications will benefit, AND you don't need more than 2GB RAM (which is limiting also)...
  The 9800 Radeon adds more heat and noise and $249 to costs, and the fan is loud but also can fail (poor designed product?).
  yes for SATA 10K Raptor over SCSI! Less heat, fast, SATA cables are easy to use and don't cost $100 for good stuff.
  But you want to spend how much? $1000 - 1200? a pair of Raptors or something? Seriously, get a G5 from Apple Specials. Your MDD can offset the cost later too.

• Dual Booting with Windows 8 and 7 Pro in a G6 - 2235us Notebook

  I have a G6 - 2235us Notebook 64 bit  that came with Windows 8.0  installed.
  I would like to install Windows 7 Pro and make it dual book with Windows 8.0 with 7 as the default to start.
  Would you please give me steps as to how to proceed and also the drivers, etc I would need to download.
  Thank you.
  This question was solved.
  View Solution.

  Thank you Paul. I understad  I just have one more question:
  I found this page that gives info about dual booting:
  http://www.pagestart.com/win8dbwin701181301.html
  From your expertise, would you say the steps suggested on that
  page could succeed for making Win 8 and 7 dual boot in this particular machine?

• Using a different user(other than default PI user) with adapter module

  Hi,
  We are having a custom adapter module built to interact with a Hardware Security Module(HSM). This custom adapter module by default uses a PI user configured in the system. However, we are not able to pass commands to HSM because of insufficient authorizations to this PI user. Now, we do not exactly know the permissions required for the user to access HSM. We have asked the HSM support team about the same. However, I wanted to explore the possibility of using a different PI user to work with the adapter module and eventually pass commands to HSM.
  We have an admin user configured which has all the necessary authorizations. Is it possible to use this admin user created on PI system to work with adapter module so that it passes commands to HSM?
  Thanks,
  Ravi Desai

  We have given the necessary authorizations to PI user.

• How can I see shared pc with firewall set to allow only essential services?

  How can I see shared pc with firewall set to allow only essential services?
  So far if I set it as above then shared does not show up? I have to set the firewall to set access to specific applications and services to get access to my windows based hard drive.
  Cheers
  Mike R

  Ok I solved it myself. Not an ideal solution as I have to connect it manually each time but it will do... Unless anyone has a way to have it auto connect when I start the mac.
  Cheers
  Mike R