Help with Cisco Unified CME B-ACD

Similar Messages

• Cisco Unified CME B-ACD and Tcl

  Good afternoon,
  I have router Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(4)M6a, with app-b-acd-2.1.2.3.tcl (this i upload to router because i dont find the scripts or TAR archive in the system)
  I just need B-ACD to run the welcome greeting and then ask the user to dial option 1 to the extension or 0 for recepcionist.
  I don't want the B-ACD to pass the user to different queues.
  the audio files are in spanish.
  My application configuration is:
  application
   service aa flash0:/cme-b-acd/app-b-acd-aa-2.1.2.3.tcl
    paramspace english index 1
    param number-of-hunt-grps 1
    param menu-timeout 6
    param handoff-string aa
    param dial-by-extension-option 0
    paramspace english language en
    param aa-pilot XXXXXXX (public number)
    param max-extension-length 5
    paramspace english location flash0:/cme-b-acd/
    param second-greeting-time 120
    param welcome-prompt _bacd_welcome.au
    param call-retry-timer 30
    param voice-mail XXXXX (is this necesary?????)
    param max-time-call-retry 600
    param service-name queue
   service queue flash0:/cme-b-acd/app-b-acd-2.1.2.3.tcl
    param aa-hunt1 XXXXX (extension of receptionist)
    param number-of-hunt-grps 1
  Please can you help me and say if this correct ???????
  Other questions: i upload the audio files in the same directory that de aplications programs in my case:
  Directory of flash0:/cme-b-acd/
    431  -rw-       26087  Feb 11 2015 15:30:42 -03:00  app-b-acd-2.1.2.3.tcl
    432  -rw-       19191  Feb 11 2015 15:32:06 -03:00  app-b-acd-2.1.2.3-ReadMe.txt
    433  -rw-       37673  Feb 11 2015 15:32:30 -03:00  app-b-acd-aa-2.1.2.3.tcl
  Here?????
  Thanks and best regards.,
  Camilo
  mmxv

  Hello,
  Change this (dial-by-extension-option 1) and (param aa-hunt1) is an ephone hunt group that has operator's extension.
  Several complete examples with explanation can be found at the link below:
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/bacd/configuration/guide/cme40tcl/40bacd.html#wp1003141
  Thank you,
  Shadi

• Ask the Expert: C-Series Integration with Cisco Unified Computing System Manager

  Welcome to the Cisco Support Community Ask the Expert conversation. This conversation is an opportunity to learn and ask questions about Cisco C-Series Integration with Cisco Unified Computing System® Manager (Cisco UCS® Manager) with Cisco experts Vishal Mehta and Manuel Velasco.
  Cisco UCS C-Series Rack-Mount Servers are managed by the built-in standalone software, Cisco Integrated Management Controller (Cisco IMC). When a C-Series rack-mount server is integrated with Cisco UCS Manager, the IMC no longer manages the server. Instead you will manage the server using the Cisco UCS Manager GUI or Cisco UCS Manager command-line interface (CLI).
  Cisco UCS Manager 2.2 provides three connectivity modes for Cisco UCS C-Series Rack-Mount Server management. The following are the connectivity modes:
  Dual-wire management (shared LAN On Motherboard [LOM]): Shared LOM ports on the rack server are used exclusively for carrying management traffic.A separate cable connected to one of the ports on the Payment Card Industry Express (PCIe) card carries the data traffic.
  SingleConnect (Sideband): Using Network Controller Sideband Interface (NC-SI), the Cisco UCS Virtual Interface Card 1225 (VIC1225) connects one cable that can carry both data and management traffic.
  Direct Connect Mode: Cisco UCS Manager Version 2.2 introduces an additional rack server management mode using direct connection to the Fabric Interconnect.
  Vishal Mehta is a customer support engineer for Cisco’s Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in the TAC for the past 3 years with a primary focus on data center technologies such as Cisco Nexus® 5000, Cisco UCS, Cisco Nexus 1000V, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching and service provider.
  Manuel Velasco is a customer support engineer for Cisco’s Data Center Server Virtualization TAC team based in San Jose, California.  He has been working in the TAC for the past 3 years with a primary focus on data center technologies such as Cisco UCS, Cisco Nexus 1000V, and virtualization.  Manuel holds a master’s degree in electrical engineering from California Polytechnic State University (Cal Poly) and CCNA® and VMware VCP certifications. Remember to use the rating system to let Vishal and Manuel know if you have received an adequate response. 
  Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation in the Data Center, under subcommunity, Unified Computing, shortly after the event. This event lasts through May 23, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Sebastian,
  The different modes of connecting C-Series with UCSM come into play depending on the type of infrastructure you already have along with C-Series and NIC model.
  Cisco UCS C-Series Rack-Mount Servers are managed by the built-in standalone software, Cisco Integrated Management Controller (CIMC) .
  Powerful features provided by Cisco UCS Manager can be leveraged to manage C-Series server by integrating  C-Series Rack-Mount Server with UCSM.
  This not only gives you rich-feature set but also one management plane to operate UCS-B Series Chassis and UCS-C Series Rack Server.
  You will manage the server using the Cisco UCS Manager GUI or Cisco UCS Manager CLI.
  Cisco UCS Manager 2.2 provides three connectivity modes for Cisco UCS C-Series Rack-Mount Server management.
  The following are the connectivity modes:
  •  Dual-wire Management (Shared LOM):
  Shared LAN on Motherboard (LOM) ports on the rack server are used exclusively for carrying management traffic. A separate cable connected to one of the ports on the PCIe card carries the data traffic. Using two separate cables for managing data traffic and management traffic is also referred to as dual-wire management.
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_0100.html
  This mode is recommended when you have C-Server which does not  have or cannot support VIC 1225 card (such C-200 server)
  •  SingleConnect (Sideband):
  Using Network Controller Sideband Interface (NC-SI), Cisco UCS VIC1225 Virtual Interface Card (VIC) connects one cable that can carry both data traffic and management traffic.
  This feature is referred to as SingleConnect.
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_011.html
  This most recommended Integration model when using FEX and VIC 1225 card
  •  Direct Connect Mode:
  Cisco UCS Manager release version 2.2 introduces an additional rack server management mode using direct connection to the Fabric Interconnect.
  This mode will eliminate the need for FEX module as Servers are directly plugged into the base ports of Fabric Interconnect
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_0110.html
  Please let us know if you need more information. Thank you!
  Thanks,
  Vishal

• Camera for use with Cisco Unified Video advantage?

  Cisco is EOLing the Cisco Unified video advantage product that we thought would be a good fit for us to integrate video with some of our IP Phones.  I can still order the Video Advantage software until later in the year from Cisco but they have discontinued the Cisco VT Camera III that was previously used with this product. 
  They list the Logitech C920-C web cam as a replacement for this product, but it seems to be difficult to locate.  The realease notes say you can use a 3rd party camera but Cisco does not officially support it. 
  Has anyone used any third party cameras with Cisco Unified Video advantage and if so which would you recomend.  I was hoping to use the Logitech HD Pro Webcam C920 (the generic non Cisco version) but wasn't sure if it would work ok? 
  What do you think?  This will be using Unified Video Advantage 2.3. 
  Jim                   

  Hi,
  We have been using Video advantage v 2.1.2 with 7940 series phone since long, it works fine with almost all 3rd party camera`s and even with the inbuilt laptop cameras.
  v 2.3 is an enhanced version as compared the one which we are using. So i would suggest you to go ahead and try it with any good qaulity webcameras available in market.
  Further to add there are certain PC requirements which needs to be met, the same can be found in the below link.
  http://www.cisco.com/en/US/docs/video/cuva/2_3/release/notes/relnote_cuva23.html#wp1118706

• Ask the Expert : Call Recording with Cisco Unified Communication Manager (UCM)

  Welcome to the Cisco Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about Cisco Unified CM call recording solution that provides the ability to record customer conversations for compliance purpose. This topic will cover an overview, configuration and troubleshooting of the call recording feature.
  Monday, January 19th, 2015 to Friday, January 30th, 2015
  Harmit Singh is a technical leader with the High Touch Technical Services (HTTS) and Technical Assistance Center (TAC) Unified Communications teams based in Bangalore. He has broad experience in Cisco Unified Communications infrastructure solutions. He has 10 years of experience working with large enterprise and service provider networks. He also holds CCIE certifications (#20012) in Voice and Collaboration as well as Red Hat and VMware certifications.
  Mohammed Noorulla Khan is a customer support engineer in High-Touch Technical Services (HTTS)  Unified Communications teams based in Bangalore. His areas of expertise include Cisco Unified Communications Manager, Gateways, and Jabber. He has over 6 years of industry experience working with large enterprise and service provider networks. He also holds CCIE certifications (#35741) in Voice and VMware certifications.
  ** Remember to use the rating system to let Mohammed and Harmit know if you've received an adequate response.  **
  Because of the volume expected during this event, the experts might not be able to answer every question. Remember that you can continue the conversation in the Collaboration, Voice and Video  community, subcommunity, IP Telephony, shortly after the event. This event lasts through January 30th 2015. Visit this forum often to view responses to your questions and those of other Cisco Support Community members.

  Hi Maheshwar,
  Thank you for your query. Please find my response below:
  1> Do we support recording with HCS environment and which 3rd party vendors are validated with HCS based call control 10.1.1?
  Answer: Whether you use a standalone UCM cluster, UCCE or HCS, call recording would be supported across the board in the same manner.
  Please refer to the following link:
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/hcs-cc/10_0_1/Install_and_Config/CHCS_BK_ICC270D0_00_installing-and-configuring-cisco-hcs/CHCS_BK_ICC270D0_00_installing-and-configuring-cisco-hcs_chapter_011.html#CHCS_RF_T1105284_00
  Option
  Notes
  Recording
  All Recording applications that are supported by Unified CCE are supported on HCS for CC. For details, see Recording section in Agent and Supervisor Capabilities.
  With respect to which 3rd party vendors have been validated, marketplace.cisco.com is a good place to crosscheck this info. You will find a Cisco Compatible Logo against the partners listed there. The logo is used to signify that the PARTNER product has undergone technical interoperability testing with the Cisco product specified. The interoperability testing is conducted by a third party laboratory based on testing criteria set forth by Cisco. PARTNER is solely responsible for the support and warranty of its product. Placement of the PARTNER product or information pertaining thereto, on the Cisco Marketplace website does not constitute an offer to sell the PARTNER product in any way. For further information on the PARTNER products, please visit the PARTNER company website.
  Please refer to the following link and use the search field under Collaboration Technology:
  https://marketplace.cisco.com/catalog/search?utf8=%E2%9C%93&search[q]=&search[technology_category_ids]=23%2C24%2C197%2C1940%2C1941%2C1921%2C1576%2C1897%2C1983%2C2418%2C26%2C198%2C1904&search[order]=tier&per_page=20&_=1421663854257&ts=1421663855441
  2> Which end points are supported for recording via HCS call control?
  Answer: The following link should help clarify this:
  http://solutionpartner.cisco.com/web/sip/wiki/-/wiki/Main/Unified+CM+Silent+Monitoring+Recording+Supported+Device+Matrix
  Please let us know if you have any follow up questions. Hope this is helpful.
  Regards,
  Harmit Singh.

• Callmanager Express with Cisco Unified CallManager

  Dear people,
  I'm new to the whole voice thing, and we have a new requirement at work.
  We have a cluster implementation of Cisco Unified CallManager at the head office, 2 nodes, and recently we need to integrate a branch office that has Callmanager Express...
  My question starts with... Where should we start, and what should be the possible scenario
  Regards

  Hello Saladin211,
  Besides Java's nice reference, here you have another valuable info that might help you:
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/srnd/design/guide/intcmecm.html
  Hope it helps, if it does please rate.
  Kind regards,
  - Adrian

• Help with Cisco Output Interpreter tool!!

  Hi All,
  I am experiencing a problem with Cisco Output Interpreter tool.
  While the tool is working fine and displaying the "CONFIGURATION COMMAND REFERENCE  NOTIFICATIONS (if any)" very effectively but I am unable to use the hyperlink to get an understanding about a particular command.
  When I click on a particular command(hyperlink) it pops up another window and the below error is displayed.
  Not Found
  The requested URL /cgi-bin/Support/Cmdlookup/ios-command-lookup.pl was not found on this server.
  Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
  Anyone else had/have this particular error. Could you please help me with this.
  Apologies if  this topic does not belong to this group.
  Thanks in advance
  Sam

  Noone to help me on this?

• Need help with Cisco Interface Cards???/

  Hi, I purchased 4 WIC-1AM cards for my cisco 1760 gateway to use with cisco call manager server. I'm trying to figure out if I can even use these cards for voice cards to make calls inbound and outbound. I'm seing that the cards that CM gives me are all VIC cards listed and i don't see any WIC cards listed in the endpoint list on the CM for the gatway. So can I even use these cards for what I'm trying to do??? Please help???
  Thanks

  If i got the vontage sip account how would i hook it up to my CM Sever?
  I'm using a 1760 gatway, what is a DSP resource?
  When i do show diag I get this from my router:
  show diag
  Slot 0:
  C1760 1FE VE 4SLOT DV Mainboard Port adapter, 3 ports
  Port adapter is analyzed
  Port adapter insertion time unknown
  EEPROM contents at hardware discovery:
  Hardware Revision : 5.0
  PCB Serial Number : FOC08077JDP
  Part Number : 73-7167-05
  Board Revision : B0
  Fab Version : 04
  Product (FRU) Number : CISCO1760
  EEPROM format version 4
  EEPROM contents (hex):
  0x00: 04 FF 40 03 16 41 05 00 C1 8B 46 4F 43 30 38 30
  0x10: 37 37 4A 44 50 82 49 1B FF 05 42 42 30 02 04 FF
  0x20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
  0x30: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
  0x40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
  0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
  0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
  0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
  Packet Voice DSP Module Slot 0:
  Not populated
  Packet Voice DSP Module Slot 1:
  Not populated
  WIC/VIC Slot 0:
  One Port Modem WIC
  Hardware revision 1.0 Board revision H0
  Serial number 0034764142 Part number 800-08823-01
  FRU Part Number WIC-1AM=
  Test history 0x00 RMA number 00-00-00
  Connector type WAN Module
  EEPROM format version 1
  EEPROM contents (hex):
  0x20: 01 38 01 00 02 12 75 6E 50 22 77 01 00 00 00 00
  0x30: 88 00 00 00 06 02 10 01 FF FF FF FF FF FF FF FF
  WIC/VIC Slot 1:
  One Port Modem WIC
  Hardware revision 1.0 Board revision H0
  Serial number 0034764050 Part number 800-08823-01
  FRU Part Number WIC-1AM=
  Test history 0x00 RMA number 00-00-00
  Connector type WAN Module
  EEPROM format version 1
  EEPROM contents (hex):
  0x20: 01 38 01 00 02 12 75 12 50 22 77 01 00 00 00 00
  0x30: 88 00 00 00 06 02 10 01 FF FF FF FF FF FF FF FF
  What do you think?

• Cisco Unified CME on ISR 2821 Problem

  Hello Guys,
  I've got a question about configuring the telephony-service on a ISR 2821. Is it possible to connect the CUCME to an ldap-based directory. I want to search in the ldap-directory as a telephone-book for names and numbers.
  I hope you understand my question and you can help me.

  Hello Sebestian
  CME does not have a way to work directly with any LDAP v3 server, a workaround could be to confige ae URL of that button to point to a server that  would parse the XML request and interface with the LDAP directory

• Cannot reset user vmail password with Cisco Unified CM Administration

  We are using Cisco Unified CM Administration ver 7.1 with Cisco 7945 IP phones. I have a user who came to me saying that they could no longer access voice mail, getting invalid pin. Ichanged the pin with the Cisco Unified CM Administration which accepts the new pin no problem but when we try it from the phone it doesn't work. Any ideas... Thanks Don

  Hey Don,
  Well, that's no good
  There should be no correlation between resetting the user PIN
  and the forwarding to voicemail.
  Let's say that the user is @ DN/extension 5999.
  In CUCM admin go to;
  Device>Phone>Find List by Directory number> find 5999
  on the DN config page look at the Call Forward sections (all, no answer, busy)
  and make sure they are set to forward to VM (usually by using the VM checkbox)
  If you need to, have a look at a working phone/DN for comparison
  Cheers!
  Rob
  "Spend your life waiting,
  for a moment that just don't come,
  Well, don't waste your time waiting" 
  -Springsteen

• Problem with Cisco Unified Meeting Place Express

          the user is unable to get connected to the Meeting Bridge set up in the Cisco Unified Meeting Place Express on the scheduled time.

  Hit up [email protected] and ask. They'll either say 'no' or give you hand; either way that's your answer.

• Help with cisco ISE 1.1.2.145 patch-3 to ISE 1.2.0.899-2-85601 upgrade procedure

  Need help from ISE experts/gurus in this forum.
  Due to a nasty bug in Cisco ISE (bug ID CSCue38827 ISE Adclient daemon not initializing on leave/join), this bug will make the ISE stopping working completely and a reboot is required (very nice bug from cisco) .  This leaves me no choice but to upgrade to version 1.2.0.899-2-85601. 
  Scenario: 
  - 4 nodes in the environment running ISE version 1.1.2.145 patch 3
  - node 1 is Primary Admin and Secondary Monitoring - hostname is node1
  - node 2 is Secondary Admin and Primary Monitoring - hostname is node2
  - node 3 is Policy service node - hostname is node3
  - node 4 is Policy service node - hostname is node4
  Objective:  Upgrade the ISE environment to ISE version 1.2 with patch version 1.2.0.899-2-85601.
  My understand  is that I have to upgrade the existing environment from ISE version 1.1.2.145 patch 3
  to ISE version 1.1.2.145 patch 10 (patch 10 was released on 10/04/2013) before I can proceed with
  upgrading to ISE version 1.2 and patch it with 1.2.0.899-2-85601. 
  Can I patch my exsiting environment from 1.1.2 patch 3 to patch 10 prior to upgrading to version 1.2.0.899-2-85601?
  I look at Cisco website and patch 10 was released on 10/04/2013 while version 1.2 was released back in 07/05/2013.
  I am trying to get a definite answer from Cisco TAC but it seems like they don't know either. 
  Question #1:  How do I proceed with upgrading the current ISE environment from 1.1.2.145 patch 3 to 1.1.2.145 patch 10?
  Propose solution: 
  step #1: make ISE node1 to be both Primary Admin and Primary monitoring.  ISE node2 is now Secondary Admin and Secondary Monitoring. 
           Then go ahead and apply ISE version 1.1.2.145 patch 10 to ISE node2 via the GUI,
  step #2: Once ISE node2 patch 10 is completed, make node2 Primary Admin and Primary Monitoring.  At this point, apply ISE 1.1.2.145 patch 10
           to ISE node1 via the GUI,
  step #3: Once ISE node1 patch 10 is completed, make node1 Primary Admin and Secondary Monitoring and node2 Secondary Admin and Primary Monitoring,
  step #4: apply ISE 1.1.2.145 patch 10 to ISE Policy Service node3.  Once that is completed, verify that node2 is working and accepting traffics,
  step #5: apply ISE 1.1.2.145 patch 10 to ISE Policy Service node4.  Once that is completed, verify that node2 is working and accepting traffics,
  Question #2: How do I proceed with upgrading the current ISE environment from 1.1.2.145 patch 10 to ISE version 1.2 with patch version 1.2.0.899-2-85601?
  Propose solution:
  step #1:  Make ISE node1 the Primary Admin and Primary monitoring.  At this point ISE node2 will become Secondary Admin and Secondary Monitoring
  step #2:  Perform upgrade on the ISE node2 via the command line "application upgrade <app-bundle> <repository>".  Once ISE node2 upgrade is completed, it will
            form a new ISE 1.2 cluster independent of the old cluster,
  step #3:  Perform upgrade on the ISE Policy Service node3 via the command line "application upgrade <app-bundle> <repository>".  After the upgrade the ISE
            Policy Service Node3 will automatically joins the ISE node2 which is already in version 1.2
  step #4:  Perform upgrade on the ISE Policy Service node4 via the command line "application upgrade <app-bundle> <repository>".  After the upgrade the ISE
            Policy Service Node4 will automatically joins the ISE node2 which is already in version 1.2
  step #5:  At this point the only node remaining in the 1.1.2.145 patch 10 is the ISE node1 Primary Admin and Primary Monitoring
  step #6:  Check and see if there are any more PSN's registered in ISE node1 (there should not be any)
  step #7:  Perform the upgrade on the ISE node1 from command line  "application upgrade <app-bundle> <repository>"
  step #8:  Once upgrade on ISE node1 is complete, ISE node1 will automatically join the new ISE 1.2 cluster,
  step #9:  Make ISE node1 Primary Admin and Secondary and ISE node2 Secondary Admin and Primary Monitoring,
  Question #3:  How do I proceed with upgrading the current ISE environment from 1.2 patch0 to 1.2.0.899-2-85601?
  Propose solution: 
  step #1: make ISE node1 to be both Primary Admin and Primary monitoring.  ISE node2 is now Secondary Admin and Secondary Monitoring. 
           Then go ahead and apply ISE 1.2.0.899-2-85601 to ISE node2 via the GUI,
  step #2: Once ISE node2 1.2.0.899-2-85601 is completed, make node2 Primary Admin and Primary Monitoring.  At this point, apply 1.2.0.899-2-85601
           to ISE node1 via the GUI,
  step #3: Once ISE node1 patch 10 is completed, make node1 Primary Admin and Secondary Monitoring and node2 Secondary Admin and Primary Monitoring,
  step #4: apply ISE 1.2.0.899-2-85601 to ISE Policy Service node3.  Once that is completed, verify that node2 is working and accepting traffics,
  step #5: apply ISE 1.2.0.899-2-85601 to ISE Policy Service node4.  Once that is completed, verify that node2 is working and accepting traffics,
  does these steps make sense to you?
  Thanks in advance.

  David,
  A few answers to your questions -
  Question 1: My recommendation is to follow vivek's blog since most fixes and upgrade steps are provided there - I would recommend installing the patch that was release prior to the 1.2 release date since the directions to "install the latest patch" would put you at the version of when the ISE 1.2 was released
  https://supportforums.cisco.com/community/netpro/security/aaa/blog/2013/07/19/upgrading-to-identity-services-engine-ise-12
  You do not have the ability to install ISE patch through the GUI on any of the "non-primary" nodes (you can use the cli commmand to achieve this), the current patching process was designed so you can install the patch on the primary admin node and it will then roll the patches out to the entire deployment (one node at at time). I painfully verified this by watching the services on each node and when a node was up and operational the next node would start the patching process. First the admin nodes then the PSNs.
  Every ISE upgrade that I have attempted as not been flawless and I can assure you that I have done an upgrade on 1.1.2 patch 3 and this worked fine, however I used the following process. You will need the service account information that is used to join your ISE to AD.
  I picked the secondary admin/monitoring node and made it a standalone node by deregistering (much like the old procedure) in your case this will be node2.
  I backed up the certificates from the UI and the database from the CLI (pick the local disk or ftp-your choice).
  I reset the database and ran the upgrade script (since I did not have access to the vsphere console or at the location of the non UCS hardware [for a 1.1.4 upgrade]).
  Once the upgrade was completed I then restored the 1.1.x database, ISE 1.2 now has the ability to detect the version of the database that is restored and will perform the migration for you.
  Once the restore finished, I then restored the certificate and picked one of the PSNs
  backup the cert,
  Had the AD join user account handy
  reset-db,
  and run the upgrade script.
  Once that is done I then restore the cert
  Join the PSN to the new deployment
  Join both nodes to AD through primary admin node
  Monitor for a few days (seperate consoles to make sure everything runs smooth)
  If anything doesnt look or feel right, you can shut down the 1.2 PSN and force everything through the existing 1.1.2 setup and perform some investigation, if it all goes smooth you can then follow the above step for the other two nodes, starting with the last PSN and the the last admin node.
  Thanks and I hope that helps,
  Tarik Admani
  *Please rate helpful posts*

• Help with CISCO-887VA adsl over pots and PPPoE with dynamic IP

  Hi
  I've got problem trying to connect the CISCO-887VDSL/ADSL OVER POTS ROUTER to internet. Only got the LAN part working.
  I'm trying to setup PPPoE with dynamic IP
  Followed CISCO's documentations but the commands used were not recognized by the router. Any simple working config for me to follow will be enough.
  I'll appreciate any help. Thanks a lot!
  here's  my config.
  ! Last configuration change at 08:31:51 UTC Sat Feb 11 2012
  version 15.1
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname router
  boot-start-marker
  boot-end-marker
  no aaa new-model
  memory-size iomem 10
  crypto pki token default removal timeout 0
  ip source-route
  ip dhcp excluded-address 10.0.0.1 10.0.0.149
  ip dhcp excluded-address 10.0.0.199 10.0.0.254
  ip dhcp pool sdm-pool
  import all
  network 10.0.0.0 255.255.255.0
  default-router 10.0.0.1
  dns-server x.x.x.x x.x.x.x.x
  lease 0 2
  ip cef
  no ipv6 cef
  license udi pid CISCO887VA-K9 sn FGLxxxxxxx
  controller VDSL 0
  ip ftp username cisco
  ip ftp password cisco
  interface Ethernet0
  pppoe enable group global
  pppoe-client dial-pool-number 1
  no ip address
  shutdown
  interface ATM0
  no ip address
  no atm ilmi-keepalive
  pvc 0/35
  pppoe-client dial-pool-number 1
  interface FastEthernet0
  no ip address
  interface FastEthernet1
  no ip address
  interface FastEthernet2
  no ip address
  interface FastEthernet3
  no ip address
  interface Vlan1
  ip address 10.0.0.1 255.255.255.0
  ip nat inside
  ip directed-broadcast
  ip virtual-reassembly in
  ip tcp adjust-mss 1452
  interface Dialer1
  mtu 1492
  ip address negotiated
  ip nat outside
  ip virtual-reassembly in
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  ppp authentication chap pap callin
  ppp chap hostname xxxx
  ppp chap password 0 xxxx
  ppp pap sent-username xxxx password 0 xxxx
  ip forward-protocol nd
  no ip http server
  no ip http secure-server
  ip nat inside source list 1 interface Dialer1 overload
  ip route 0.0.0.0 0.0.0.0 Dialer1
  ip access-list standard 1
  permit 10.0.0.0 0.0.0.255
  no cdp run
  line con 0
  line aux 0
  line vty 0 4
  login
  transport input all
  end

  Try to check with your ISP the modem string to use for VDSL
  and some ISP support direct dhcp on Ethernet0 without PPPoE.
  An equivalent config is working for me in Switzerland with Swisscom.
  N.B. "modem" under VDSL controller is enable using service internal !
  service internal
  controller VDSL 0
  operating mode vdsl2
  modem co5
  ip source-route
  ip cef
  ip dhcp excluded-address 10.0.0.1 10.0.0.149
  ip dhcp excluded-address 10.0.0.199 10.0.0.254
  ip dhcp pool sdm-pool
  import all
  network 10.0.0.0 255.255.255.0
  default-router 10.0.0.1
  dns-server 8.8.8.8
  lease 0 2
  interface Ethernet0
  ip address dhcp
  ip nat outside
  interface Vlan1
  ip address 10.0.0.1 255.255.255.0
  ip nat inside
  ip tcp adjust-mss 1452
  ip nat inside source list 23 interface Ethernet0 overload
  access-list 23 permit 10.0.0.0 0.0.0.255
  end

• Help with Cisco ASA 5500 and NAS drives

  Hello:
  I have 2 My Book World Edition II NAS drives. They both are configured to use a static IP address and both are on the same workgroup.
  One of them is supposed to be replaced with a newer one that I just installed yesterday.
  What I am trying to do is to transfer all the information from NAS1 to NAS2.
  Both are connected to a Cisco VPN router.
  I created a batch file that was basically several xcopy commands to copy all the information from NAS1 to NAS2.
  As this process was going to take like 8 hours I ran the batch file yesterday at 4:00PM when everyone was logged off the NAS drives.
  To my surprise this morning I found out that only a portion of the files were copied from the NAS1 to the NAS2.
  After reading the system logs of the NAS1 drive I found a lot of errors.For example:
  getpeername failed. Error was Transport endpoint is not connected
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer
  getpeername failed. Error was Transport endpoint is not connected
  Someone suggested that the problem has to do with the network configuration.
  The suggestion was to change from "auto-negotiate" to  Full Duplex 100 on the Cisco VPN router configuration.
  What do you think? Could this be the problem?
  Thanks and help is greatly appreciated.

  Hello:
  I have 2 My Book World Edition II NAS drives. They both are configured to use a static IP address and both are on the same workgroup.
  One of them is supposed to be replaced with a newer one that I just installed yesterday.
  What I am trying to do is to transfer all the information from NAS1 to NAS2.
  Both are connected to a Cisco VPN router.
  I created a batch file that was basically several xcopy commands to copy all the information from NAS1 to NAS2.
  As this process was going to take like 8 hours I ran the batch file yesterday at 4:00PM when everyone was logged off the NAS drives.
  To my surprise this morning I found out that only a portion of the files were copied from the NAS1 to the NAS2.
  After reading the system logs of the NAS1 drive I found a lot of errors.For example:
  getpeername failed. Error was Transport endpoint is not connected
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  Error writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 192.168.10.105. Error Connection reset by peer
  writing 4 bytes to client. -1. (Connection reset by peer)
  write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer
  getpeername failed. Error was Transport endpoint is not connected
  Someone suggested that the problem has to do with the network configuration.
  The suggestion was to change from "auto-negotiate" to  Full Duplex 100 on the Cisco VPN router configuration.
  What do you think? Could this be the problem?
  Thanks and help is greatly appreciated.

• Help with Cisco RV180 VPN

  I have installed the Cisco RV180 VPN at a customer location.
  Because this customer makes credit card transactions over the Internet, their merchant account requires a third-party to perform a security scan on the gateway.  When scanning, the third-party states they are not in compliance with this report:
  THREAT REFERENCE
  Summary:
  TLS Protocol Session Renegotiation Security Vulnerability
  Risk: High (3)
  Port: 443
  Protocol: TCP
  Threat ID: misc_opensslrenegotiation
  Details: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
  06/11/12
  CVE 2009-3555
  Multiple vendors TLS protocol implementations are prone to a  security vulnerability related to the session-renegotiation process  which allows man-in-the-middle attackers to insert data into HTTPS  sessions, and possibly other types of sessions protected by TLS or SSL, by  sending an unauthenticated request that is processed retroactively by a  server in a post-renegotiation context.
  Information From Target:
  Service: 443:TCP
  Session Renegotiation succeeded on 443:TCP
  They are using the QuickVPN Client to connect and must be able to connect from anywhere in the world.  From my understanding, port 443 must be opened for the QuickVPN Client to function.  How do I block port 443 from everyone except the QuickVPN Client?  Or how do I configure the RV180 to satisfy the above threat?
  Thanks in advance for any information you can provide.

  Hi,
  following config is for cisco VPN client access with dynamic allocation and split-tunnel.
  Hope this helps, please rate post if it does!
  aaa new-model
  aaa authentication login userauthen local
  aaa authorization network groupauthor local
  username vpnc password 0 userpass
  crypto isakmp client configuration group vpncg
  key grouppass
  dns 4.2.2.1
  wins 10.59.2.10
  domain domain.com
  pool ip-pool
  acl 108
  crypto ipsec transform-set myset esp-aes esp-sha-hmac
  crypto dynamic-map dynmap 10
  set transform-set myset
  crypto map clientmap client authentication list userauthen
  crypto map clientmap isakmp authorization list groupauthor
  crypto map clientmap client configuration address respond
  crypto map clientmap 10 ipsec-isakmp dynamic dynmap
  interface FastEthernet0/0
  ip nat outside
  crypto map clientmap
  interface vlan1
  ip address 10.59.2.1 255.255.255.0
  ip nat inside
  ip local pool ip-pool 10.0.230.1 10.0.230.20
  access-list 108 remark VPN client split tunnel
  access-list 108 permit ip 10.59.2.0 0.0.0.255 10.0.230.0 0.0.0.255