Firewall Module with HSRP switches
Hello ,
We have implemented HSRP configuration between the core switches for 20 VLANs, as the following:
HSRP Configuration for switch 1;
Interface Vlan4
Description âVLAN Descriptionâ
Ip address 192.168.8.2 255.255.255.0
Standby 5 ip 192.168.8.1
Standby 5 timer 5 15
Standby 5 preempt
HSRP Configuration for switch 2;
Interface Vlan4
Description âVLAN Descriptionâ
Ip address 192.168.8.3 255.255.255.0
Standby 5 ip 192.168.8.1
Standby 5 timer 5 15
Standby 5 priority 50
Standby 5 preempt
Now, Only on the active core switch we have inserted a firewall Module to protect VLANs communication to each other while we dont have firewall on the standby switch. Im planning to implement firewall only on one switch if the VLAN fail the traffic will be diverted on the second switch without firewalling.
Would you please assist me on Firewall configuration when i have HSRP running as per my config.
Regards,
The transparent firewall feature greatly simplifies deployment in the data center for protecting hosts. The transparent firewalls also fit into existing networks with no Layer 3 changes and transparently pass Layer 3 traffic from routers, allowing interoperability with IP services such as Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Gateway Load Balancing Protocol (GLBP), Multicast, and non-IP traffic such as Internetwork Packet Exchange (IPX), Multiprotocol Label Switching (MPLS), and bridge protocol data units (BPDUs).
Similar Messages
-
Firewall Module with Confiugured HSRP switches
Hello ,
We have implemented HSRP configuration between the core switches for 20 VLANs, as the following:
HSRP Configuration for switch 1;
Interface Vlan4
Description âVLAN Descriptionâ
Ip address 192.168.8.2 255.255.255.0
Standby 5 ip 192.168.8.1
Standby 5 timer 5 15
Standby 5 preempt
HSRP Configuration for switch 2;
Interface Vlan4
Description âVLAN Descriptionâ
Ip address 192.168.8.3 255.255.255.0
Standby 5 ip 192.168.8.1
Standby 5 timer 5 15
Standby 5 priority 50
Standby 5 preempt
Now, Only on the active core switch we have inserted a firewall Module to protect VLANs communication to each other while we dont have firewall on the standby switch. Im planning to implement firewall only on one switch if the VLAN fail the traffic will be diverted on the second switch without firewalling.
Would you please assist me on Firewall configuration when i have HSRP running as per my config.
Regards,HSRP provides two servicesIP redundancy and a Virtual IP (VIP) address. Each HSRP group may provide either or both of these services. Cisco IOS firewall stateful failover uses the IP redundancy services from only one HSRP standby group. It can use the VIP address from one or more HSRP groups. Use the following task to configure HSRP on the outside and inside interfaces of the router.
http://cisco.com/en/US/products/ps6441/products_feature_guide09186a00806106ea.html#wp1149287 -
dear
we are having firewall module in datacenter switch which is not in production i have a task to configure now there are total 80 server which are in difftrent zone
so plz help me how to connfigure using multi context & any documentation to refer and configure
thanksManaging Security Contexts
http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/contxt_f.html
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide, 3.1
http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/fwsm_cfg.html
Regards,
Arul -
Dual Cat6k with Firewall module scenario
Hi All,
Does anyone have design guides for Core Cat6k L2/L3 network with Firewall modules in two different chassis ?
Thanks,
PrafulTry:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008048e64c.html
http://www.cisco.com/en/US/products/hw/switches/ps708/products_installation_and_configuration_guide_chapter09186a00801c589c.html -
Powering APs from a 2911 with PoE switch module
Good Morning everyone!
I am hoping someone can shed some light on an issue I am having at a client site.
Client has purchased a 2911 ISR and an 8 port switch module with PoE card with the intention of running 4 2602i access points being managed by a 2504 WLC on the same switch card.
Problem we have is that the APs come up but do not power up radios or cleanair. If I plug an AP into switch port 0/0 it comes up and works fine but not on any of the other ports. We saw this on a separate router, (they are doing the same setup to two sites), yesterday. That's why I was called in, as they could only get one AP working at a time.
I believed this was a faulty poe card as it looks as though the APs are just not getting enough power and are placing the radios into RESET mode. Moved to the other ISR and everything worked fine, left it running overnight came in and all was fine and dandy.
As the other router had only a basic config on we did the config which involved some ACLs and a few port configurations but nothing on the switch card and nothing pertaining to power. I am a wireless guy, not a router specialist so am a bit stymied. Sometime later we noticed that all of the APs had all radios in RESET state.
Next I wiped the config on the ISR and rebooted everything and everything came up fine so points towards not a hardware issue but configuration.
Where should I be looking?
I can't paste a full running config due to client constraints but if someone could point me in the direction I can clean parts of the config for sharing...I believed this was a faulty poe card as it looks as though the APs are just not getting enough power and are placing the radios into RESET mode.
I haven't played with those modules for a long time, but what do you get when you run the command "sh power inline"?
2600 APs require a minimum of 15.4w PoE but the recommended is 20.0w PoE. -
Has anyone deployed converged access with 3850 switches and 5760 WLCs?
Has anyone deployed a converged access network architecture with 3850 switches and 5760 WLCs? I have done lots of projects with the 5508 WLCs In a centralized deployment. Basically with this design, I manage 2 logical networks as the wireless network is an overlay over the wired network. I can design firewall to segregate traffic between the wired and wireless hence I can carry both staff and guest traffic.
Now Cisco is telling us that there is new design such that the dats plane traffic can be dropped locally through the 3850 switched. I am not sold on this and have not found any recommended best practices on when should we use a converged access architecture.
Pros
With converged access, data traffic is terminated at the MA which is on the switches, hence the WLC will not be a bottleneck? This is to prepare adoption for 802.11ac?
Less hops for voice calls from user A to user B as data control traffic is dropped locally.
Cons
Now how do I segregate guest and staff traffic if my security folks say I need a firewall?
Troubleshooting wireless client mobility will be a nightmare as the 3850 switches are MA.
Pushing and upgrading code for the Code will mean upgrading the stack of switches in the LAN riser. This will be painful in a huge campus environment like an university.
Can someone convince me why would a customer choose converged access?
Sent from Cisco Technical Support iPad AppThey choose CA because of the capwap termination at the switch. You can still use a 5508 and tunnel guest to a DMZ segment if you wish. You will need a 5508 though is you want to tunnel traffic to an anchor WLC.
Sent from Cisco Technical Support iPhone App -
Cisco ISE Vs Cisco Anyconnect Posture module with Advanced Endpoint Protection
We are planning to use cisco Anyconnect posture module with Adv Endpoint protection to examine the VPN users- This can check whether they a antivirus/anti spyware software installed on their work station and can force to update def file if its older than specified number of days, it can also check the firewall status on their workstation and enable if its not already.This can detect keylogger and emulation softwares also.
Do we get any additional advantages in using ISE compared to Anyconnect posture module ......
SiddharthaThese are good questions. We had them last year before we decided to purchase ISE, specifically for our VPN users.
I will be watching this thread to see what kind of responses you get.
As of right now, I can verify the ISE can indeed check if specific Anti-Virus is installed (i.e., your corporate AntiVirus), or if ANY (supported by Cisco within ISE) antivirus is installed, and it can force an update process for the AV if it detects that the DAT files are older than a admin specified amount of time.
Our issue at the moment (if you haven't searched the forums) is ISE detected the proper WSUS updates are indeed installed on the users systems and allowing the users system to talk to our internal WSUS server.
We are now wondering if the Advanced Endpoint licensing on the ASA would have been a better way to go.
Wishing you luck in finding your answers for us all.
Dirk -
Hi Cisco experts,
My name is Kumagai and I need your expert opinions below.
I am trying to configure one VLAN1 support multiple network segments as below.
(this should be a very straight forward configuration and should be OK, I think ? )
interface Vlan1
ip address 172.30.0.0 255.255.128.0
ip address 172.30.31.253 255.255.254.0 secondary
ip address 172.30.61.253 255.255.254.0 secondary
ip address 172.30.71.253 255.255.254.0 secondary
ip address 172.30.4.253 255.255.255.0 secondary
The only issue that is eating me is the above network segments are using HSRP too
and I am not sure is this possible with a combination of VLAN1 supporting multiples which are
further supported with HSRP settings in Cisco environment.
!example of HSRP:
interface Vlan4
ip address 172.30.4.253 255.255.255.0
no ip redirects
standby 4 ip 172.30.4.254
standby 4 priority 105
standby 4 preempt
<<< what will happen if I add the HSRP configuration as below into the above VLAN1 with multiple Network segment ??)
I would like to summarize my "Combined" configurations as below but I need your expert opinions on
whether the configuration below is workable without any problem ??
Or it is a total flop because Cisco does not support the configuration below !!!
interface Vlan1
ip address 172.30.0.0 255.255.128.0
ip address 172.30.31.253 255.255.254.0 secondary
ip address 172.30.61.253 255.255.254.0 secondary
ip address 172.30.71.253 255.255.254.0 secondary
ip address 172.30.4.253 255.255.255.0 secondary
standby 30 ip 172.30.31.254
standby 30 priority 105
standby 30 preempt
standby 60 ip 172.30.61.254
standby 60 priority 105
standby 60 preempt
standby 70 ip 172.30.71.254
standby 70 priority 105
standby 70 preempt
standby 4 ip 172.30.4.254
standby 4 priority 105
standby 4 preempt
Thanking you in advance !!!!!Hi,
As far as i know we dont set the ip helper address on the radio interface. It should be on the L3 interface of corresposding VLANs i.e.
int vlan 20
ip helper-address 192.168.33.xxx
int vlan 60
ip helper-address 130.20.1.xxx
I'm assuming that your using SVI's (int Vlan 20 and int Vlan 60) rahter than physical interfaces. Also hope you have configured switch port as trunk where this AP is connected.
Modify the AP config as below since you are using data vlan as the native vlan
interface Dot11Radio0.20
encapsulation dot1Q 20 native
interface FastEthernet0.20
encapsulation dot1Q 20 native
Ideally your AP fastethernet configuration should looks like below and not sure how you missed this as this comes by default when you have multiple vlans for multiple ssids.
interface FastEthernet0.20
encapsulation dot1Q 20 native
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
interface FastEthernet0.60
encapsulation dot1Q 60
no ip route-cache
bridge-group 60
no bridge-group 60 source-learning
bridge-group 60 spanning-disabled
Hope this helps.
Regards
Najaf -
Ciscoworks Firewall Module Support
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;
mso-fareast-language:EN-US;}
We are using Firewall Modules in our Cat6500(s) (WS-SVC-FWM with FWSM 4.0(4)) to provide centralized firewall services to our users. I have been asked if there is any support for these blades in Ciscoworks. I don’t think these types of blade services have been integrated into Ciscoworks yet. We have the same issue with our wireless blades (WiSM)
I’m mostly interested on the ability to backup context configurations from the Firewall blades.
LMS 3.2 with RME 4.3.1 among others.
Thanks for any information.
Jorge A JilesThe answer is yes, RME 4.3.1 support configuration management with the WS-SVC-FWM
Please refer to this link for a complete list of supported devices and modules.
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/3.2/device_support/table/lms32sdt.html
However, there is a enhancement bug opened as well that I think you will be interested in based on
the ability to backup context configurations from the Firewall blades.
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl65838
CSCsl65838 Bug Details
Multicontext Firewalls should have ALL contexts archived from admin
Symptom:For firewalls that support multiple contexts, RME does not archive all the context configs if just the admin context IP is in the seedfile.
Conditions:Firewalls that support multiple contexts.
Workaround:Manage each context configuration as an individual, separate device in RME.
Further Problem Description:This capability should be added to RME so that the customer is not required to have IP reachability to each context and individually put that context into RME.All the contexts can be accessed from the Admin context by changeto context system. Then either fetch the configs from the file system (dir) or changeto each context and get its config. -
Intervlan Routing with 6500 switch
I am designing an upgrade to our current network that will contain a 6500 switch and i wanted to setup vlans with the switch. I know that this switch has the ability to perform routing on its own so i do not need an external router to route between the vlans but if that is the case what default gateway do i give each vlan? Do i give the vlan ip address as the default gateway for the end devices or do i use an IP address in the switch somehow as the default gateway?
Thanks.
PeteHi,
Think of the MSFC as a router with many different interfaces. Your router itself would only have one default gateway for all those interfaces. For the clients, they will sit in each VLAN that you create. The clients default gateway will be the VLAN IP address (or HSRP address) on the 6500 that they sit. So, if you create vlan100 and put an IP address of 10.10.10.1 on the vlan100 interface..the 10.10.10.1 address would be the gateway for the clients in vlan 100. If you create a vlan200 and put an IP address of 10.11.11.1 on that interface..all the clients that are in vlan200 would have the gateway address of 10.11.11.1.
Hope that helps. -
Handshaking DMM with multiple Switch devices - DAQmx error
Hi.
I'm trying to create a handshaking loop with DMM (PXI-4071), SWITCH (PXI-2569) and MUX (PXI-2575). All three instruments are in segment 2 of PXI-1045 chassis (slots 8, 9 and 10) and I am using PXI trigger lanes to route triggers.
I followed the NI article 'Multi-module Scanning with National Instruments Switches' - I modified the NI SWITCH example 'niSwitchDMMSwitchHandshaking' to configure the other SWITCH but when I tried to run the example, I got an error:
0xbffa6b9a - No registered lines could be found between the device in the route. (pop-up screenshot is in the attachment). It is the niSwitch_InitiateScan function for the second Switch that returned the error.
Changing PIX trigger lanes has no effect.
I tried both CVI and LabVIEW examples with the same result.
I even tried to use two 2575 MUXes - same result.
Can anybody tell me what am I doing wrong?
Solved!
Go to Solution.
Attachments:
errror1.JPG 26 KBHi Pavel,
For the purposes of this post, I'll define
the measurement complete signal (sent by the DMM to the switch modules
after each measurement) as 'MC' and place it on TTL0.
For the
purposes of this post, I'll define the scan advanced signal (sent by the
switch module(s) to the DMM once the relays have settled) as 'SA' and place
it on TTL1.
You mentioned you're using NI-Switch, which is NI's IVI
compliant switch API. Since the IVI Foundation regulates the behavior
of IVI compliant software, we must adhere to their rules when
implementing our API. Unfortunately, the IVI switch standard doesn't
provide a method to control arbiting of triggers between multiple switch modules
simultaneously.
Let's
look at what happens when we setup a system with multiple switch
modules handshaking with a single DMM. The DMM is going to take a
measurement and then send MC on TTL0. Meanwhile, each switch is listening to TTL0,
waiting for the MC pulse. When the MC pulse is received, each switch sets
the relays according to its next scan list entry, waits for debounce,
and then sends SA on TTL1. The problem we run into here is that depending on the switch module, number of relays connected simultaneously, jitter, etc, it's possible that one module will send the SA trigger on TTL1 before the other. Since the IVI spec doesn't provide any way to implement a 'master' switch or an arbitor, it's impossible to implement a system such that only the last switch that settles sends a trigger. Therefore, what happens is we get a whole bunch of switch modules sending triggers at slightly different times onto TTL1. If one switch is driving TTL1 high while the others are driving TTL1 lo, it's remotely possible that we could damage the TTL circuitry on the PXI backplane.
To date, NI hasn't seen any failures due to simultaneously driving the TTL lines high and low at the same time with NI switch hardware, but it is theoretically possible that damage could occur. For this reason, NI implemented a change in DAQmx
9.0.0, 9.0.1, and
9.0.2 that prevents a user from setting up handshaking with multiple switch modules while using NI-Switch. What does DAQmx have to do with this, you might ask? A component installed with DAQmx is responsible for verifying the triggers are valid.
Customers with existing NI-Switch multi-module handshaking applications will find that upon upgrading to any of the above three versions of DAQmx, the error you observed will occur. We've evaluated this customer feedback and have decided to revert to the previous functionality in a yet-to-be released version of DAQmx. Please note that NI does not advise driving the same TTL line with multiple sources due to the chance that we'll double-drive the line. Therefore, it goes with out saying that NI does not advise using NI-Switch in multi-module handshaking applications. We do, however, still recommend NI-Switch for Syncrhonous triggering because the switches never send triggers (in synchronous mode, the DMM just waits a predefined amount of time before switching).
Note that if you use the DAQmx Switch API, we're no longer bound to the IVI spec, which means we have an arbitor that ensures only one switch module drives the SA trigger on TTL1. NI highly recommends that customers evaluate using the DAQmx switching API for multi-switch handshaking applications. An example DAQmx handshaking application for the DAQmx Switch API is located in Example Finder»Hardware Input and Output»DAQmx»Switches»Switch Scanning with DMM - Handshaking.vi.
Note that in DAQmx, we'll only have one scan list, regardless of the number of switches we have. Note that the syntax in DAQmx scanning is different than NI-Switch. I'll defer a detailed explanation of the differences to the DAQmx and NI-Switch Help (search for 'scan list'), but in short, we'll need to include the DAQmx Device name prior to each connection. For example, in NI-Switch, if we want to connect CH1 to Com1:
CH1->Com1;
In DAQmx, we'll need to include the Device name:
Dev1\CH1->Com1;
Note that to add additional switch modules in the DAQmx API, we simply
call the Set Topology and Reset VI multiple times:
DAQmx keeps the
session loaded in memory and as I noted above; we define which switch
does the action as part of the scan list entry.
If you'd still like to use NI-Switch, you could roll back to DAQmx 8.9.5 or previous, or if you want to stick with 9.0.x, I highly recommend that we daisy chain the triggers as follows:
DMM Measurement Complete to Advance Trigger on Switch1 via TTL0
Scan Advance from Switch1 to Advance Trigger on Switch2 via TTL1
Scan Advance from Switch2 to Trigger Source on DMM via TTL2
Note that we'll need an additional TTL line for each switch module. Also note that some switch modules allow front panel triggers, which reduces the number of TTL lines we'll need on the backplane, but which requires external wiring between switch modules.
Message Edited by Knights Who Say NI on 06-11-2010 05:25 PM
Message Edited by Knights Who Say NI on 06-11-2010 05:30 PM
Message Edited by Knights Who Say NI on 06-11-2010 05:30 PM
Message Edited by Knights Who Say NI on 06-11-2010 05:31 PM
-John Sullivan
Analog Engineer -
Cisco ACE Module with Bluecoat Cache Proxy, Transparent and spoofing client IP
Hello Dears,
I'm trying to implement Cache loadbalancing through Cisco ACE Module.
I have 2 Bluecoat cache proxies, when i do configure transparent proxy without spoofing client IP, everything work properly, but when I enable spoofing client IP (reflect client IP address), clients are not able to access internet, although they are going to cache servers, I can see their sessions.
I'm afraid that I have a problem in the returned traffic PBR.
can anyone help please.
ThanksHi Ibrahim
I ahve reviewed the config. The ACE config is all god but I do see some issue with the switch side. If you are doing ip spoofing, then "match ip address" in pbr should be the client ip address. However, what you did is ip address between the ACE and MSFC. Try to configure the test client ip address into the below access-list.
msfc---vlan 265---ACE--vlan 264----CE farm
interface vlan 265
description Interface_With_MSFC_SUBS_2_INTERNET
ip address 168.168.1.52 255.255.255.248
access-group input PERMIT_ALL
service-policy input L3L4_PM
no shutdown
ip route 0.0.0.0 0.0.0.0 168.168.1.50
ip access-list extended HSDPA_2_CACHE
permit tcp 168.168.0.0 0.0.255.255 any eq www <<<-- wrong
ip access-list extended Internet_2_CACHE
permit tcp any eq www 168.168.0.0 0.0.255.255 <<<---wrong
interface Vlan 265
description Interface_With_ACE
ip address 168.168.1.50 255.255.255.248
route-map INTERNET_2_HSDPA permit 10
description "PBR for Response HTTP Traffic"
match ip address Internet_2_CACHE
set ip next-hop 168.168.1.52
route-map HSDPA_2_INTERNET permit 10
match ip address HSDPA_2_CACHE
set ip next-hop 168.168.1.52
regards
Andrew -
Experincing issues with 2960X switch
Hi there.
We are experincing issues with 2960X switch losing the ability to recognise the modules that are inserted in SFP ports.
Initially, the modules are recognised, usable and will happily participate in cross-stack etherchannels. However, after a period of time - and this ranges from a couple of hours to a few days, the links go down on the 2960X-side but are still registered as up on at the other end of the etherchannel.
2960X stack 1 Po1(SD) LACP Gi3/0/49(D) Gi3/0/51(D)
3750G stack 2 Po2(SD) LACP Gi1/0/23(I) Gi2/0/22(I)
When the link fails, the member switch loses the ability to identify modules inserted - it knows they are there, but it cannot identify them. Having a look at the controller for one of them and it's having trouble,see below:-
sh controllers ethernet-controller gi3/0/49 phy detail
GigabitEthernet3/0/49 (gpn: 457, port-number: 49)
hulc_sfp_iic_intf_read_eeprom sfp _index 0 yeti_iic_read_retry fail
hulc_sfp_iic_intf_read_eeprom sfp _index 0 yeti_iic_read_retry fail
hulc_sfp_iic_intf_read_eeprom sfp _index 0 yeti_iic_read_retry fail
A 'sh int' gives:-
Auto-duplex, Auto-speed, link type is auto, media type is unknown.
Reboot the stack or just the member and everything resets and works again - for a period of time. I've swapped from compatible to Cisco-brand modules inbetween restarts and it doesn't prevent the issue reoccuring.
The slots all fail at the same time and once they're in the error state, that switch has to be restarted before it will recongnise anything inserted in any slot.
I have this issue on two seperate stacks in two different sites. We're running 15.0(2)EX4.
Has anyone seen anything like this? Particularly interested in this which I've seen using the sh controllers cmd and on the console once after a reboot. hulc_sfp_iic_intf_read_eeprom sfp _index 0 yeti_iic_read_retry fail
Any thoughts would be greatly appreciated.
AidHi Team
We happen case GLC-T with Catalyst 2960 Hang , It can't work
We was reload switch but same ( GLC-T with Catalyst 2960 Hang)
and use command bellow
Switch97#
Switch97#
Switch97#sh int gi 1/0/26 transceiver 5 transceiver de
Switch97#sh int gi 1/0/25 transceiver detail
hulc_sfp_iic_intf_read_eeprom sfp _index 0 yeti_iic_read_retry fail
hulc_sfp_iic_intf_read_eeprom sfp _index 0 yeti_iic_read_retry fail
hulc_sfp_iic_intf_read_eeprom sfp _index 0 yeti_iic_read_retry failDiagnostic Monitoring is not implemented.
Switch97#
Switch97#
Switch97#sh int gi 1/0/25 transceiver detail 6 transceiver de
Switch97#sh int gi 1/0/26 transceiver detail
hulc_sfp_iic_intf_read_eeprom sfp _index 1 yeti_iic_read_retry fail
hulc_sfp_iic_intf_read_eeprom sfp _index 1 yeti_iic_read_retry fail
hulc_sfp_iic_intf_read_eeprom sfp _index 1 yeti_iic_read_retry failDiagnostic Monitoring is not implemented.
We try IOS Software EX3, EX4, EX5 and 15-2.2 but can't problem
Please suggest case to me -
How to check for a function module with its description and functionality
Hi all,
How to check for a function module,with its description and its functionality,in detail how can I know the purpose of a particular function module,how to search for a function module which suits my requirement .Hi,
You can search a FM of your requirement by putting in the Key words and searching for a FM. Like * KEYWORD * and then pressing F4.
Say for example you need to search something regarding converstion.
Search for * CONVERT * and press F4.
If there is something specfic like converting date to something you can give
DATE * CONVERT *
OR
CONVERT * DATE * and press F4.
Once you narrow down your search you will have a Function module documentation inside the Function module. Please note that all the FMs willl not have documentation.
Regards,
Pramod -
How to create a custom function module with the records in SAP R/3?
Hi All,
How to create a custom function module with the records in SAP R/3? Using RFC Adapter I have to fetch the custom function module records.
Regards
SaraHi
goto se37...here u need to create a function group... then u need to create a function module. inside assign import/export parameters. assign tables/exceptions. activate the same. now write ur code within the function module
http://help.sap.com/saphelp_nw04/helpdata/en/9f/db98fc35c111d1829f0000e829fbfe/content.htm
Look at the below SAP HELP links, These links will show you the way to create a Function Module
http://help.sap.com/saphelp_nw04/helpdata/en/26/64f623fa8911d386e70000e82011b8/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/9f/db98fc35c111d1829f0000e829fbfe/content.htm
Maybe you are looking for
-
Can anyone help me with the 'unexpectedly quit' error message I now get when opening an image in Photoshop elements 8?
-
Bridge CS 6 preview problem with video files
Hey Community, I have a problem with the preview in Adobe Bridge Cs 6. With the pictures and photos everything is fine, but every kind of video format is not displayed as a preview in the preview window, so that I have to open each video manually by
-
Formatting Bex queries output with WAD Script WebItem
Hi All, We have a requirement of displaying some text for a key figure value in WAD. Scenario: We have one input enabled query lets say Q1, in that a KF1 can have either 10 or 0 value. If user input 10, then in other report lets say Q2(which is displ
-
How to keep track of the status of a spry slide effect from page to page.
Hi All, I'm using a spry slide effect on a simple menu system. Lets say I have a home, gallery and about us page. I currently have the spry effect occurring with "body onload" only on the Gallery page to slide down extra sub menus only when the user
-
Exe created with labview 2012 won't run using LVRTE2013
I created an exe using Labview 2012. I had the user install the latest rte (lvrte2013). The exe would not run and told the user it needed 2012 rte. Do users have to have the same rte for each exe? Solved! Go to Solution.