Help for Cisco configuration
Hi all,
we brought a Cisco 881W-GN-E-K9 and we use it as main router.
We have this network architecture:
- the WAN (FastEthernet4 interface) is connected to the 192.168.0.x network
- all the ethernet interfaces (FastEthernet 0-3) and the wlan are in 10.0.0.0 network using a VLan
We have some problems:
- we set static DNS entries in the Router:
ip host Waters 10.0.0.1
ip host Barrett 10.0.0.2
ip host Mason 10.0.0.20
ip host Wright 10.0.0.21
However, the ping Mason it's not working....
- we activate a NAT for the 8080 port on the 10.0.0.21 pc but it does not works:
ip nat inside source static tcp 10.0.0.21 8080 A.B.C.D 8080 extendable
someone can explain were we are falling?
Following the router configuration:
Current configuration : 6948 bytes
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Waters
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
no aaa new-model
memory-size iomem 10
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-1382020822
REMOVED!!!
crypto pki certificate chain TP-self-signed-1382020822
REMOVED!!!
ip source-route
ip dhcp excluded-address 10.0.0.1
ip dhcp excluded-address 10.0.0.1 10.0.0.99
ip dhcp pool DHCP
import all
network 10.0.0.0 255.0.0.0
default-router 10.0.0.1
dns-server 10.0.0.1
lease 0 10
ip cef
ip host CiscoRouter 10.0.0.1
ip host Mason 10.0.0.20
ip host Wright 10.0.0.21
ip host SamsungML3050 10.0.0.91
ip host CiscoAP 10.0.0.2
ip host EpsonSX440W 10.0.0.90
ip host RouterAP 10.0.0.2
ip host Waters 10.0.0.1
ip host Router 10.0.0.1
ip host Barrett 10.0.0.2
ip name-server 192.168.0.1
ip name-server 8.8.8.8
ip name-server 10.0.0.1
no ipv6 cef
vpdn enable
vpdn-group 1
REMOVED!!!
license udi pid CISCO881W-GN-E-K9 sn REMOVED!!!
username routeradmin privilege 15 secret REMOVED!!!
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
ip address 192.168.0.253 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface Virtual-Template1
ip unnumbered Vlan1
ip nat inside
ip virtual-reassembly in
peer default ip address dhcp-pool DHCP
no keepalive
ppp encrypt mppe 128
ppp authentication ms-chap ms-chap-v2
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
ip nat inside
ip virtual-reassembly in
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
no ip address
interface Vlan1
description BLABLABLA
ip address 10.0.0.1 255.0.0.0
ip nat inside
ip nat enable
ip virtual-reassembly in
ip tcp adjust-mss 1452
ip local pool PPTP-Pool 10.0.1.10 10.0.1.99
ip default-gateway 10.0.0.1
ip forward-protocol nd
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 10.0.0.21 8080 A.B.C.D 8080 extendable
ip default-network 192.168.0.0
ip route 0.0.0.0 0.0.0.0 192.168.0.1
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 23 permit 10.0.0.0 0.255.255.255
no cdp run
Hi mfurnival,
thank for your answer...
inline my outlines:
What do you mean when you say the static entry for Mason is not working? Do you mean that when you type "ping Mason" it times out? What happens when you try and ping the actual IP address of Mason ( 10.0.0.20 ) - does that work?
yes, the ping to 10.0.0.20 works ok while ping mason times out....
Regarding the NAT - I assume that the outside address (removed from config above) is in the 192.168.0.x range?
hooo... thanks, this issue was solved: i was mapping the outside ip address (156.x.y.z) and not the 192.168.0.x... thank you.
Leonardo
Similar Messages
-
Help for Cisco 2960 48port switch not working
I had downloaded the template from the wiki for Cisco 48 port switch,unfortunately, it seems doesn't work.Are there other places where i can find WS-C2960S-48TS-L switch ? I also search the internet to find most people like to buy cisco product at Router-Switch.com with reliable quality and competitive price.Can give me the advice if i want to buy switch on this website ?
Please read over this FAQ and see if any of it might apply to you.
http://www.blackberryfaq.com/index.php/Errors_syncing_the_BB_with_Desktop_Manager
1. If any post helps you please click the below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code -
Help for Cisco Security Manager
Hi All,
Please help me how cisco security manger is managing logs from different devices.
For example cisco security manager can manage FWSM, ASA, IPS devices.
Does it stores logs from this devices into some central location where CSM is being installed in some database or some file.
Can I be able to read logs for all those devices including CSM from one single point. Please help me.Hi Bidyut,
When CSM services are running, Event Viewer can show the events in real time.
You are right about backup. When CSM application backup is running, its services on the server are stopped. So, there is a risk of loosing logging events that are sent to CSM server during the period of backup. By scheduling backup out of user-activity hours, risk of losing important events can be minimized.
On the other hand, events on IPS devices have to be polled from the device. So, there is no loss of IPS events in case of CSM application backup.
Thanks & Regards,
Chetan -
Help for STO Configuration & STO TB Tally_excise & non excise zone
Dear All,
I have done the config for the STO ( stock transfer order ) scenario in Same Company code , Transaction betn two plants is done trhough STO. one Plant in Excise zone ( excise is Applicable ) while other in non excise zone.
We are doing transactions from excise zone to non excise zone.
By doing the Same scenario as below , my Account candidates can't tally the plants. they not able to do the unit wise TB for such plants.
Its kind request to help me for correction in scenario.
Vl10B Outbond plant 2002 = 641 ( Stock issue ) H Credited
next plant 2004 = 641( Stock receipt ) S Debited
Vf01 Billing No Account Doc
Apply the Excise duty Conditions & Give total excise duty Discount
J1iin Excise Entry CENVAT Suspense S Debited
SECESS payable H Credited
BED payable Kudalwad H Credited
ECS payable H Credited
Migo GIN
No Accounting Doc generated
Gin Without Excise Duty
Miro Miro
NO Doc
Regard,
AnkushHi Experts ,
Plz reply for the Same .
Regards,
Ankush -
We have four internet line. Two are dial up using with PPPOE 5 mbps each. And two more of 5 and 2.5 mbps respectively coming out from BSNL modem and can directly connect to LAN port. Now we would like to connect all lines with RV 042 load balancing router to have optimum speed. Pl. guide how to do it?
Stoyan,
Post limit more specific questions so we can assist. This router is really straight forward if you get stuck at a point please post a question. Forwarding rules are under setup tab, if you plan on using one to one nat its right beside forwarding and for DHCP/DNS for lan. The next tab over. If you are going to be using dual wan load balancing then you want to set up protocol binding/outbound for HTTP and HTTPS.
Thanks
Jasbryan
Cisco Support Engineer
.:|:.:|:. -
Need help for access list problem
Cisco 2901 ISR
I need help for my configuration.... although it is working fine but it is not secured cause everybody can access the internet
I want to deny this IP range and permit only TMG server to have internet connection. My DHCP server is the 4500 switch.
Anybody can help?
DENY 10.25.0.1 – 10.25.0.255
10.25.1.1 – 10.25.1.255
Permit only 1 host for Internet
10.25.7.136 255.255.255.192 ------ TMG Server
Using access-list.
( Current configuration )
object-group network IP
description Block_IP
range 10.25.0.2 10.25.0.255
range 10.25.1.2 10.25.1.255
interface GigabitEthernet0/0
ip address 192.168.2.3 255.255.255.0
ip nat inside
ip virtual-reassembly in max-fragments 64 max-reassemblies 256
duplex auto
speed auto
interface GigabitEthernet0/1
description ### ADSL WAN Interface ###
no ip address
pppoe enable group global
pppoe-client dial-pool-number 1
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
interface Dialer1
description ### ADSL WAN Dialer ###
ip address negotiated
ip mtu 1492
ip nat outside
no ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username xxxxxxx password 7 xxxxxxxxx
ip nat inside source list 101 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.25.0.0 255.255.0.0 192.168.2.1
access-list 101 permit ip 10.25.0.0 0.0.255.255 any
access-list 105 deny ip object-group IP any
From the 4500 Catalyst switch
( Current Configuration )
interface GigabitEthernet0/48
no switchport
ip address 192.168.2.1 255.255.255.0 interface GigabitEthernet2/42
ip route 0.0.0.0 0.0.0.0 192.168.2.3Hello,
Host will can't get internet connection
I remove this configuration...... access-list 101 permit ip 10.25.0.0 0.0.255.255 any
and change the configuration .... ip access-list extended 101
5 permit ip host 10.25.7.136 any
In this case I will allow only host 10.25.7.136 but it isn't work.
No internet connection from the TMG Server. -
Hi All,
Our problem is, we have Cisco Works LMS 3.0.1. cannot archieve configuration for cisco 3000 series vpn concentrator.
Any help would be greatly appreciated.
Thanks in advance.
SamirMake sure you have filled out all of the HTTP/HTTPS credential data in DCR for these devices. RME will only use HTTPS to fetch VPN concentrator configurations.
-
Cisco works LMS 3.0.1 does not archiever configuration for cisco 7201 router
Hi All,
We have Cisco works LMS 3.0.1 and it does not archiever configuration for cisco 7201 router.
Any help would be appriciated.
Thanks in advance
SamirHi,
*** Device Details for d0151-100 ***
Protocol ==> Unknown / Not Applicable
Selected Protocols with order ==> TFTP,SSH,HTTPS
Execution Result:
Unable to get results of job execution for device. Retry the job after increasing the job result wait time using the option:Resource Manager Essentials -> Admin -> Config Mgmt -> Archive Mgmt ->Fetch Settings
This is the error while doing syn archieve.
I am not sure about Rtr7000 version but we have latest Rtr7000.
Waiting for your kind reply.
Samir -
How we archieve configuration for Cisco ASA 5500 series appliances
Hi,
We need to archieve configuration for Cisco ASA 5500 series appliances.
We have Cisco works LMS 3.0.1.
Device package installed is 4.2
Any help would be appricated.
Thanks in advance.
SamirHi ,
Thanks for your answer.
Right now we are using TACAS to login in to the ASA. That means we need single username and password to login via
Cisoworks. Am I correct ?
Waiting for your reply.
thanks,
Samir -
RAID Configurations for Cisco servers
Hi All,
What is the RAID configuration for Cisco Appliance(Version 8.5) like CUCM, CUPS, CUIC, Unity etc?RAID Configuration will be done while installtion itself or we need to do it explicitly?
Regards,
AdithyaHi Geoff,
Thanks for the reply. Just wanted to know whether if this RAID configuartion is similar to the other server RAID where we install Cisco applications.(Like OS & Application Software is RAID 1 and Database is RAID10).
Regards,
Adithya -
What's "SAVE" configuration command for Cisco switch/ router?
What's "SAVE" configuration command for Cisco switch / router? I know Switch#copy running-config startup-config works well,
but so long, any other command that easy to remenber?What's "SAVE" configuration command for Cisco switch / router? I know Switch#copy running-config startup-config works well, but so long,
any other command that easy to remenber?
yes, here: Switch#write,and want to know more about the Cisco switch, please visit:http://www.3anetwork.com/cisco-switches-price_c1 -
Help for configuring Data Guard Broker
Hi All,
Can any body help me in configuring data guard broker for oracle 9i on windows.
What are all requirements needed. I already configured physical standby database.
I did this is on my laptop using vm-ware. One node is having Primary database and
second node is having standby database. Now I am planning to use DG broker on primary node.
Regards
KiranHere's the help you need:
http://tahiti.oracle.com.
Without version information (what does 9i mean?) no further help is possible.
Please also be advised that VMware is unsupported so if you run into issues you are on your own. -
LMS 3.2 - unknow SNMP error for Cisco XR12406
Hi ,
I got a RME job alert which describes SNMP RW community verification failure in Device Credentials Verification for Cisco XR12406 router, I have double checked on the credential configured in LMS and it is correct.
The configuration that i tried in XR12406:
snmp-server community T3lBruRW RW <acl> ---> not working
snmp-server community T3lBruRW RW SystemOwner <acl> ---> not working
Anyone can help!!!Hi Nael, here it is:
#sh ver
Sun Nov 28 15:43:14.648 BNT
Cisco IOS XR Software, Version 3.8.2[00]
Copyright (c) 2009 by Cisco Systems, Inc.
ROM: System Bootstrap, Version 12.0(20060713:113510) [sunnaik-31s5th 1.16dev(0.1)] DEVELOPMENT SOFTWARE
Copyright (c) 1994-2006 by cisco Systems, Inc.
CRTH uptime is 8 weeks, 2 days, 20 hours, 45 minutes
System image file is "disk0:c12k-os-mbi-3.8.2/mbiprp-rp.vm"
cisco 12406/PRP (7457) processor with 2097152K bytes of memory.
7457 processor at 1266Mhz, Revision 1.2
3 Cisco 12000 Series SPA Interface Processor-601/501/401
2 Cisco 12000 Series Performance Route Processors
6 Management Ethernet
12 PLIM_QOS
4 TenGigE
15 GigabitEthernet/IEEE 802.3 interface(s)
1018k bytes of non-volatile configuration memory.
1998M bytes of compact flash card.
2048800k bytes of disk0: (Sector size 512 bytes).
65536k bytes of Flash internal SIMM (Sector size 256k).
Boot device on node 0/0/CPU0 is mem:
Package active on node 0/0/CPU0:
c12k-k9sec, V 3.8.2[00], Cisco Systems, at disk0:c12k-k9sec-3.8.2
Built on Wed Oct 28 19:00:47 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-lc, V 3.8.2[00], Cisco Systems, at disk0:c12k-lc-3.8.2
Built on Wed Oct 28 16:27:50 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-fwdg, V 3.8.2[00], Cisco Systems, at disk0:c12k-fwdg-3.8.2
Built on Wed Oct 28 16:26:44 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-admin, V 3.8.2[00], Cisco Systems, at disk0:c12k-admin-3.8.2
Built on Wed Oct 28 16:25:55 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-base, V 3.8.2[00], Cisco Systems, at disk0:c12k-base-3.8.2
Built on Wed Oct 28 16:24:15 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-os-mbi, V 3.8.2[00], Cisco Systems, at disk0:c12k-os-mbi-3.8.2
Built on Wed Oct 28 16:19:12 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
Boot device on node 0/1/CPU0 is mem:
Package active on node 0/1/CPU0:
c12k-k9sec, V 3.8.2[00], Cisco Systems, at disk0:c12k-k9sec-3.8.2
Built on Wed Oct 28 19:00:47 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-lc, V 3.8.2[00], Cisco Systems, at disk0:c12k-lc-3.8.2
Built on Wed Oct 28 16:27:50 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-fwdg, V 3.8.2[00], Cisco Systems, at disk0:c12k-fwdg-3.8.2
Built on Wed Oct 28 16:26:44 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-admin, V 3.8.2[00], Cisco Systems, at disk0:c12k-admin-3.8.2
Built on Wed Oct 28 16:25:55 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-base, V 3.8.2[00], Cisco Systems, at disk0:c12k-base-3.8.2
Built on Wed Oct 28 16:24:15 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-os-mbi, V 3.8.2[00], Cisco Systems, at disk0:c12k-os-mbi-3.8.2
Built on Wed Oct 28 16:19:12 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
Boot device on node 0/2/CPU0 is mem:
Package active on node 0/2/CPU0:
c12k-k9sec, V 3.8.2[00], Cisco Systems, at disk0:c12k-k9sec-3.8.2
Built on Wed Oct 28 19:00:47 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-lc, V 3.8.2[00], Cisco Systems, at disk0:c12k-lc-3.8.2
Built on Wed Oct 28 16:27:50 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-fwdg, V 3.8.2[00], Cisco Systems, at disk0:c12k-fwdg-3.8.2
Built on Wed Oct 28 16:26:44 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-admin, V 3.8.2[00], Cisco Systems, at disk0:c12k-admin-3.8.2
Built on Wed Oct 28 16:25:55 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-base, V 3.8.2[00], Cisco Systems, at disk0:c12k-base-3.8.2
Built on Wed Oct 28 16:24:15 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-os-mbi, V 3.8.2[00], Cisco Systems, at disk0:c12k-os-mbi-3.8.2
Built on Wed Oct 28 16:19:12 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
Configuration register on node 0/4/CPU0 is 0x2102
Boot device on node 0/4/CPU0 is disk0:
Package active on node 0/4/CPU0:
c12k-k9sec, V 3.8.2[00], Cisco Systems, at disk0:c12k-k9sec-3.8.2
Built on Wed Oct 28 19:00:47 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-rout-3.8.2.CSCti62211, V 1.0.0[SMU], Cisco Systems, at disk0:c12k-rout-3.8.2.CSCti62211-1.0.0
Built on Sat Aug 28 15:36:26 BNT 2010
By edde-bld1 in /vws/afz/builds/smu_r38x_3_8_2/workspace for c4.2.1-p0
c12k-rout, V 3.8.2[00], Cisco Systems, at disk0:c12k-rout-3.8.2
Built on Wed Oct 28 16:28:36 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-lc, V 3.8.2[00], Cisco Systems, at disk0:c12k-lc-3.8.2
Built on Wed Oct 28 16:27:50 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-fwdg, V 3.8.2[00], Cisco Systems, at disk0:c12k-fwdg-3.8.2
Built on Wed Oct 28 16:26:44 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-admin, V 3.8.2[00], Cisco Systems, at disk0:c12k-admin-3.8.2
Built on Wed Oct 28 16:25:55 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-base, V 3.8.2[00], Cisco Systems, at disk0:c12k-base-3.8.2
Built on Wed Oct 28 16:24:15 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-os-mbi, V 3.8.2[00], Cisco Systems, at disk0:c12k-os-mbi-3.8.2
Built on Wed Oct 28 16:19:12 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
Configuration register on node 0/5/CPU0 is 0x2102
Boot device on node 0/5/CPU0 is disk0:
Package active on node 0/5/CPU0:
c12k-k9sec, V 3.8.2[00], Cisco Systems, at disk0:c12k-k9sec-3.8.2
Built on Wed Oct 28 19:00:47 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-rout-3.8.2.CSCti62211, V 1.0.0[SMU], Cisco Systems, at disk0:c12k-rout-3.8.2.CSCti62211-1.0.0
Built on Sat Aug 28 15:36:26 BNT 2010
By edde-bld1 in /vws/afz/builds/smu_r38x_3_8_2/workspace for c4.2.1-p0
c12k-rout, V 3.8.2[00], Cisco Systems, at disk0:c12k-rout-3.8.2
Built on Wed Oct 28 16:28:36 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-lc, V 3.8.2[00], Cisco Systems, at disk0:c12k-lc-3.8.2
Built on Wed Oct 28 16:27:50 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-fwdg, V 3.8.2[00], Cisco Systems, at disk0:c12k-fwdg-3.8.2
Built on Wed Oct 28 16:26:44 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-admin, V 3.8.2[00], Cisco Systems, at disk0:c12k-admin-3.8.2
Built on Wed Oct 28 16:25:55 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-base, V 3.8.2[00], Cisco Systems, at disk0:c12k-base-3.8.2
Built on Wed Oct 28 16:24:15 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0
c12k-os-mbi, V 3.8.2[00], Cisco Systems, at disk0:c12k-os-mbi-3.8.2
Built on Wed Oct 28 16:19:12 BNT 2009
By edde-bld1 in /auto/srcarchive3/production/3.8.2/c12k/workspace for c4.2.1-p0 -
Questioned status in Fault Management for Cisco Prime 4.2
Hi all,
Need help in Cisco Prime 4.2. My device is stuck in Questioned state in Fault Management. The device though can be pinged from the server. Actually, I can already manage the device and have archived its configuration. Problem is, on Fault Monitoring Device Administration, its on Questioned state even though I already tried to rediscover the device several times.
Do I need to configure something on the server like put in the IP address and hostname of the device in the host file of Windows Server 2008?
Thanks in advance for your help!Hi ,
Is this happenning for just one particular device or for all of them ?
If for a particular device then Are you using SNMPv2 or SNMPv3 on your device ?
Disable the Windows Firewall and ANTI-Virus on the serevr and Rediscover the device again.
Thanks
Afroz -
Certificate authentication for Cisco VPN client
I am trying to configure the cisco VPN client for certificate authentication on my ASA 5512-X. I have it setup currently for group authentication with shared pass. This works fine. But in order for you to pass pci compliance you cannot allow aggresive mode for ikev1. the only way to disable aggresive mode (and use main mode) is to use certificate authentication for the vpn client. I know that some one out there must being doing this already. I am goign round and round with this. I am missing some thing.
I have tried as I might and all I can get are some cryptic error messages from the client and nothing on the firewall. IE failed to genterate signature, invalid remote signature id. I have tried using different signatures (one built on ASA and bought from Godaddy, and one built from Windows CA, and one self signed).
Can some one provide the instructions on seting this up (asdm or cli). Can this even be done? I would love to just use the AnyConnect client but I believe you need licensing for that since our system states only 2 allowed. Thank you for your help.Dear Doug ,
What is asa code your are running on ASA hardware , for cisco anyconnect you need have Code 8.0 on your hardware with cisco anyconnect essential license enabled .Paste your me show version i will help you whether you need to procure license for your hardware . By default your hardware will be shipped with any connect essential license when you have order your hardware with asa code above 8.0 .
With Any connect essential you are allowed to use upto total VPN peers allowed based on your hardware
1) What is the AnyConnect Essentials License?
The Anyconnect Essentials is a license that allows you to connect up to your 'Total VPN Peers" platform limit with AnyConnect. Without an AnyConnect Essentials license, you are limited to the 'SSLVPN Peers' limit on your device. With the Anyconnect Essentials License, you can only use Anyconnect for SSL - other features such as CSD (Cisco Secure Desktop) and using the SSLVPN portal page for anything other than launching AnyConnect are restricted.
You can see your limits for the various licensing by issuing the 'show version' command on your ASA.
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
SSL VPN Peers : 2
Total VPN Peers : 750
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
SSL VPN Peers : 2
Total VPN Peers : 750
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials : Enabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
Any connect VPN Configuration .
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808efbd2.shtml
Maybe you are looking for
-
I am trying to download a movie, but it stopped with an unknown error, (-50). What is this and how do I stop it?
-
Hoe to pass String to Date object
Guys, I want to convert the String 01/03/07 09:15:26 to a Date object. Pls guide me.
-
Using CE 7.1 ESR with ABAP based web services requires java development?
Hi All, When developing a web service in ABAP, what java development must I do to make the web services available in an ESR that is located on CE 7.1? Thanks, Regards, Mel Calucin Bentley Systems, Inc.
-
Spotlight / search entire message stopped working!?
Hi, whenever I type anything into the search bar, and I have 'entire message' selected, it ALWAYS returns 0 results. Even when it blatantly should. Any ideas folks? thanks in advance Gwyn xxxxxxxx
-
Hi there, When invoking my BPEL process an error is raised due to not finding the soapAction binding. Has anybody seen something like this? Here is the error message: <2006-01-17 19:16:02,028> <DEBUG> <keller.collaxa.cube.ws> <CXSOAPProvider::process