How to implement Failover in VPN Router

Hi Everyone,
I have got Cisco 3845 VPN router which is currently running in our network. We have purchased one more Cisco 3845 router as a standby for VPN router.
I am planning to make the new router as a secondary router which should be connected on LIVE network. If primary router fails, secondary router should run automatically after certain period of time.
When i was looking for such kind of solution i came across of Implementing FAILOVER and LOAD BALANCING method for such kind of scenerio. As i am new to this kind of method, so i would suggest some help from the experts out here.
How do i implement Failover and Load Balancing with my TWO Cisco 3845 VPN router?
Helping hands are highly appreciated...
Thanks,
TashiBDFCL                  

hi ,
Please refere below link to get things clear.....
https://sites.google.com/site/amitsciscozone/home/security/load-balancing-with-2-isps
thanks

Similar Messages

  • How to implement my right angle routing strategy in Ultiboard?

    Hi,
     I want to design a PCB to save me from a lot of dirty work with SCB68 blocks. We are using many PCI-6225 cards to aquire 0-10V signals from a test rig. The signals are bundled together as 20 channels per cable including 20 signal wire and 1 AI_SENSE wire.
    So I need to convert two SCSI 68pin connector to four Dsub37 female connectors for each PCI-6225 card. I used Multisim to build the schematics and Ultiboard to draw PCB. First I cannot find PCI-6225 connector's information in multisim, so I used M_series 60x1's symbol in the library and modified it to meet the datasheet of PCI-6225. 
    Then when I transport the file to Utilboard, the auto routing algorithm gave me a spider web :-( So I want to use the following right angle routing strategy to get a simpler PCB. red line is in the copper_bottom, green line in the copper_top, and blue circles are vias. the rest of the board will be covered with GND.
    The only problem is: I do not know how to implement this alogrithm. Can anyone help me?
    P.S. I do not have strong EMI requirements. So I think this design should be fine in my low speed DAQ application.
    DI CHENG
    Attachments:
    设想.png ‏20 KB
    6225_2xSCSI68_4xD37F.zip ‏272 KB

    程迪,
    You could also route a bus - create all signals on the 68 pin connector as part of a bus group then press (Ctrl_B) and click on all signals that you want to route within the bus and then start routing away from the connector on your preferred layer.
    These best practices guides in Ultiboard should also help with routing techniques...
    https://decibel.ni.com/content/docs/DOC-26701
    Regards,
    Pat N

  • How to implement XP Cisco VPN client. Please help!!!

    Hi,
    I am trying to configure remote access for XP desktops using CVPN client software and a Cisco 805 router with IOS IPSec capable( authentication should be local). The remote desktops are behind adsl router wich does nat translations but allow IPSes passthrough.
    I have configured it but does not working.
    Can you please help me?
    Thanks in advance
    David

    Hi guys, Solved.
    This very useful link:
    http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Virtual%20Private%20Networks&topic=General&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1dd7d54c/0
    David

  • How to implement redundant with 1 CE router to 2 MPLS service providers

    Dear all,
    Our head-office are currently have 1 Cisco CPE 3825 router with 2 WAN connections to our branches. We are now using static routing protocol in our network infrastructure, we consider how to implement the redundancy for networks by the redundant circuits connection to 2 MPLS providers, only when the primary connection to the primary MPLS L3 provider fail, the backup link to the second MPLS Layer 2 provider automatically active. Anybody knows where can I find information, tips or examples, how we'd handle the routing for that?
    We are now have:
    1 G0/1 interface connect to primary MPLS L3 Provider (the 2nd G0/2 interface is a leased-line connection to our partner, and we not consider here)
    1 HWIC (layer 2) card, with 4 ports, which has interface F0/2/3 connected to the backup MPLS Layer 2 provider.
    Thanks in advance.
    PS: Current configuration : 3727 bytes
    version 12.3
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname Router
    boot-start-marker
    boot system flash c3825-entservicesk9-mz.123-11.T7.bin
    boot-end-marker
    logging buffered 4096 debugging
    logging monitor xml
    no aaa new-model
    ip subnet-zero
    ip cef
    no ftp-server write-enable
    no spanning-tree vlan 4
    no spanning-tree vlan 5
    interface GigabitEthernet0/1
    description connect to VDC MPLS$ETH-WAN$
    mtu 1480
    ip address 222.x.x.66 255.255.255.252
    ip flow ingress
    ip flow egress
    service-policy output SDM-QoS-Policy-1
    ip route-cache flow
    duplex auto
    speed auto
    media-type rj45
    fair-queue 64 256 256
    no cdp enable
    interface FastEthernet0/2/0
    switchport access vlan 2
    no cdp enable
    interface FastEthernet0/2/3
    description ToTBToverFPT
    switchport access vlan 5
    no cdp enable
    interface Vlan2
    description CONNECT TO MPLS_VDC
    ip address 192.168.201.9 255.255.248.0
    interface Vlan5
    description Connect to HoChiMinhCity
    ip address 172.16.1.5 255.255.255.252
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer1
    ip route 172.16.244.0 255.255.255.0 222.255.33.65
    ip route 192.168.0.0 255.255.248.0 222.255.33.65
    ip route 192.168.24.0 255.255.254.0 222.255.33.65
    ip route 192.168.30.0 255.255.254.0 222.255.33.65
    ip route 192.168.32.0 255.255.254.0 222.255.33.65
    ip route 222.x.x.68 255.255.255.252 222.255.33.65
    ip route 222.255.33.72 255.255.255.252 222.255.33.65
    ip route 222.x.x.196 255.255.255.252 222.255.33.65
    ip route 222.x.x.200 255.255.255.252 222.255.33.65
    ip http server
    ip http authentication local
    no ip http secure-server
    ip http max-connections 3
    control-plane
    line con 0
    logging synchronous
    stopbits 1
    line aux 0
    stopbits 1
    line vty 0 4
    password
    login
    transport input telnet
    line vty 5 14
    privilege level 15
    password
    login
    transport input telnet
    line vty 15
    privilege level 15
    password
    login
    transport input telnet
    parser view SDM_Monitor
    scheduler allocate 20000 1000
    end

    Hi Mr jianqu,
    Because of our customer now has 2 main central offices, and all other sub branches are now connected to each of these main central office via one primary full-meshed MPLS VPN of 1st Service Provider, so If I use the float static routes, and when there is a failure at one link at a CENTRAL CE Router to primary link to primary MPLS VPN Service Provider, but still there is no failure at the other site from a router CE sub branch with the the PE of the primary full-meshed MPLS VPN Layer 3 Service Provider,so It cannot cause a failover to a second redundant link of the 2nd Service Provider?
    So with our system, do we only have one solution like this:
    -Configure BGP as the routing protocol between the CE and the PE routers.
    -Use local preference and Multi Exit Discriminator (MED) when running BGP inside a our customer VPN to select the primary and backup links.
    -Use AS-override feature to support overlapping AS numbers between customer sites

  • How to make a VPN route permanent ?

    I have a VPN between my office and a lab on the east coast and I can use the following command from my Terminal to enable the route in my Leopard Server:
    route add -net 10.48.239.0 -netmask 255.255.255.0 192.168.1.254
    How can I make this a permanent route? At this time if I reboot the server I must get into the Terminal and use the following two lines to make everything work again:
    sudo su
    route add -net 10.48.239.0 -netmask 255.255.255.0 192.168.1.254
    Thanks for any information any of you may have.
    By the way within 6 months I will be doing the same task on a new Snow Leopard Server so if there are differences please feel free to chime in.

    If you're having to manually set VPN routes then you're doing something wrong.
    It isn't clear from your post where you're doing this. You say you set this 'in my Leopard Server', but it's not clear whether that server is the VPN server on the east coast, a server in your office, or another server anywhere else.
    Normally, the VPN server sends out a list of routes the client should use, so knowing the above will help narrow down where your problem lies.

  • How to Implement Management Chain in External routing Service

    hi,
    I am using External Routing Service to Assign & route the tasks.
    I will get the authorisation workflow in our external Routing class , Now I am suppose to implement that workflow in BPM worklist for that human task.
    One way is to know the way to implement management chain in the External Routing Service.
    I have found some BPEL classes for doing the same eg. ParticipantsType.ManagementChain, objFactory.createParticipantsTypeManagementChain().
    But not able to find any sample code to implement.
    Does any body knows how to implement the same.
    Is their any other way to resolve this issue.
    you can also refer the following thread to understand the problem statement: PROGRAMMATICALLY PERSISTING THE APPROVAL WORKFLOW FOR A HUMAN TASK.
    thanks
    Jagdish

    I have tried the below mentioned code for implemnting management chain...
         private Participants createParticipant() {
              System.out.println("1");
              String user = users[numberOfApprovals++];
              ObjectFactory objFactory = new ObjectFactory();
              Participants participants = objFactory.createParticipants();
              participants.setIsAdhocRoutingSupported(false);
                   StageType stage = objFactory.createParticipantsTypeStage();
                   stage.setName("Stage1");
                   System.out.println("2");
                   SequentialParticipant seqParticipant = objFactory.createParticipantsTypeSequentialParticipant();
                   seqParticipant.setName("Stage1.Participant1");
                   System.out.println("3");
                   ListType listType = objFactory.createList();
                   ManagementChainListType managementListType = objFactory.createManagementChainListType();
                   // adding Resource in the management chain
                   ResourceType resourceChain = objFactory.createResourceType("fkafka");
                   resourceChain.setIsGroup(false);
                   resourceChain.setType("STATIC");
                   resourceChain.setIdentityType("user");
                   managementListType.getResource().add(resourceChain);
                   System.out.println("4");
                   // adding levels in the management chain
                   ParameterType levelParameterType = objFactory.createParameterType("2");
                   levelParameterType.setType("STATIC");
              managementListType.setLevels(levelParameterType);
                   System.out.println("5");
                   // adding title in the management chain                    
                   ParameterType titleParameterType = objFactory.createParameterType("Vice President");
                   titleParameterType.setType("STATIC");
                   managementListType.setTitle(titleParameterType);
                   System.out.println("6");
                   listType.setManagementChain(managementListType);
                   System.out.println("7");
                   seqParticipant.setList(listType);
                   System.out.println("8");
                   stage.getParticipantOrSequentialParticipantOrAdhoc().add(seqParticipant);
                   System.out.println("9");
              participants.getParticipantOrSequentialParticipantOrAdhoc().add(stage);
              System.out.println("10");
              return participants;
    The above code doesnot give error during execution but It doesnot work, what It's suppose to be...
    what It does is..It calls onInitiation method number of times [equal to the number of levels given in hierachy +1] at one shot. without being assigned to anybody and come out of the human task.
    please let me know..If am missing something...
    thanks
    Jagdish Khera

  • How to implement route cipher using java?

    Hi guys,,,
    I really got a headache solving how to implement route cipher using java lang,,i already got the concept but i really dont get how to implement it using java actually i want to make a presentation of how route cipher works using "adobe flash" but first i will implement it using java coz flash actionscripts are closer to java lang.
    Hope you could post some examples or ideas...i would really appreciate it!
    thank you so much...

    just add an action listener (either keypressed or keytyped) to the frame that you want to record. I did this in NetBeans in about 2 seconds. I can simplify it if you need. As for loging it just write the characters to a file output stream.
    public class test extends javax.swing.JFrame {
        /** Creates new form test */
        public test() {
            initComponents();
        /** This method is called from within the constructor to
         * initialize the form.
         * WARNING: Do NOT modify this code. The content of this method is
         * always regenerated by the Form Editor.
        // <editor-fold defaultstate="collapsed" desc=" Generated Code ">
        private void initComponents() {
            setDefaultCloseOperation(javax.swing.WindowConstants.EXIT_ON_CLOSE);
            addKeyListener(new java.awt.event.KeyAdapter() {
                public void keyTyped(java.awt.event.KeyEvent evt) {
                    formKeyTyped(evt);
            pack();
        // </editor-fold>
        private void formKeyTyped(java.awt.event.KeyEvent evt) {
            System.out.println(evt.getKeyChar());
         * @param args the command line arguments
        public static void main(String args[]) {
            java.awt.EventQueue.invokeLater(new Runnable() {
                public void run() {
                    new test().setVisible(true);
        // Variables declaration - do not modify
        // End of variables declaration
    }

  • How to implement Disaster Recovery in TimesTen?

    hello, chris:
    we have a requirement to implement disaster recovery from remote when the master and standby nodes are failover in local. how to implement it in timesten? Can master standby pairs with subscribers mode caryy out it? when the master and standby nodes are fail, can subscriber node take over the application?? thank you.

    The best, and recommended, solution for this is to have an active/standby pair located locally as the primary mechanism for high-availability and to configure a remote readonly subscriber datastore. In the event that the primary site completely fails, the remote subscriber can be easily (few seconds) promoted to an active to form the basis of a new active/standby pair at the remote site.
    It is not supported to split an active/standby pair across a network connection that is anything less than LAN grade but a remote subscriber can be located across any reasonable network connection (WAN, VPN etc.) as long as there is sufficient bandwidth and the latency is not too high.
    Chris

  • RV042 not annoucing vpn routes over rip v2

    Problem: RV042 is not announcing a class C VPN route via RIP to other routers. It announces the gateway public address via rip, but not the VPN route.
    I am attempting to use a pair of RV042 as a redundant links between our home office and a branch. The home office and branch is already connected via a T1. Each location also has an additional cable internet connection with public IP address and a cisco 1921 router controlling the traffic.
    The 1921 routers are using OSPF to route traffic over the T1 and have RIPv2 enabled to talk to their local respective RV042s. Here is a description of how the network is set up.
    MainRouter - cisco 1921
       Eth0 - Network is 192.168.41.0/24
                 IP address is 192.168.41.20
       Eth0/1 - Network 10.1.1.1 255.255.255.254
                T1 connection to branch router
    MainRV - RV042 v3 with fw 4.2.1.02
       Wan1 - Public IP A X.X.X.X
        LAN- Network 192.168.41.0/24
                  IP 192.168.41.11 255.255.255.0
    BranchRouter - cisco 1921
      Eth0/0 - Network is 192.168.46.0/24
                   IP address is 192.168.46.10
      Eth0/1 - Network 10.1.1.2 255.255.255.254
                T1 connection to main router
    BranchRV - RV042 v3 with fw 4.2.1.02
      Wan1 - Public IP B Y.Y.Y.Y
        LAN - Network 192.168.46.0/24
                  IP 192.168.46.11 255.255.255.0
    I have established a VPN from BranchRV to MainRV and it passes traffic correctly. My "MainRouter "
    rip database looks like this....
    192.168.41.0/24    auto-summary
    192.168.41.0/24    directly connected, GigabitEthernet0/0
    X.X.X.X/24    auto-summary
    X.X.X.Z/30
        [1] via 192.168.46.11, 00:00:01, GigabitEthernet0/0
    Notice that there is no route to 192.168.46.0/24 in there....
    Now here is the kicker, just messing around, I changed the VPN settings to use subnets 10.0.10.0/24 on MainRV and 10.0.11.0/24 on BranchRV instead of 192.168.41.0/24 and 192.168.46.0/24 respectivly. After I tried that the routes for the 10.0.3.0 were announced via RIP
    Here is what the MainRouter's rip database looked like after I tried that
    10.0.0.0/8    auto-summary
    10.0.11.0/24
        [2] via 192.168.41.11, 00:00:18, GigabitEthernet0/0
    192.168.41.0/24    auto-summary
    192.168.41.0/24    directly connected, GigabitEthernet0/0
    X.X.X.X/24    auto-summary
    X.X.X.Y/30
        [1] via 192.168.41.11, 00:00:18, GigabitEthernet0/0
    What gives? This really looks like a bug to me...
    Anyhow I'm thinking a workaround might be to set up a GRE tunnel across those 10.0.X.X subnets to the other side so I can at least dynamically route traffic accross.... Without the RIP routes being announced I don't have automatic failover!
    Thanks for your help,
       Curtis

    Yes as was explained to me previously.... by Jason Nickle multicast does not cross a site-to-site tunnel.
    That is not what I want to have happen. What I want is for my RV042 to announce it's VPN routes to other routers on the same physical network. Which it currently is not doing.
    Site 1
        Cisco IOS Router X - main router, local network traffic runs across this
         RVO42 X - has VPN link to RVO42 Y at Site 2
    Site 2
      Cisco IOS Router Y - main router, local newtok traffic runs acress this
       RVO42 Y - has VPN link to RVO42 X at Site 1
    The problem is that RV042 Y doesn't tell Router Y that it has a route to Site 1. And RV042 X doesn't tell Router X that it has a route to Site 2. So they are not locally announcing via RIP, the routes they have TO the respective remote sites.
    What I was trying to say in my original post, is that the router will announce VPN routes if the vpn subnets are a class A 10.X.X.X subnet, but it doesn't announce them if they are a class C 192.168.X.X subnet. So what I am doing should be working, however it is not.

  • Could somebody explain to me how to set up a VPN on my iMac and access it on iPhone and computer?

    I'm mainly using it to bypass an internet block. Could you explain in detail how to set up a vpn that will also work on iPhone? Do you have any recommended applications for me to install? Thank you

    To run a public VPN server behind an NAT gateway, you need to do the following:
    1. Give the gateway either a static external address or a dynamic DNS name. The latter must be a DNS record on a public DNS registrar, not on the server itself. Also in the latter case, you must run a background process to keep the DNS record up to date when your IP address changes.
    2. Give the VPN server a static address on the local network, and a hostname that is not in the top-level domain "local" (which is reserved for Bonjour.)
    3. Forward external UDP ports 500, 1701, and 4500 (for L2TP) and TCP port 1723 (for PPTP) to the corresponding ports on the VPN server.
    If your router is an Apple device, select the Network tab in AirPort Utility and click Network Options. In the sheet that opens, check the box marked
    Allow incoming IPSec authentication
    if it's not already checked, and save the change.
    With a third-party router, there may be a similar setting.
    4. Configure any firewall in use to pass this traffic.
    5. Each client must have an address on a netblock that doesn't overlap the one assigned by the VPN endpoint. For example, if the endpoint assigns addresses in the 10.0.0.0/24 range, and the client has an address on a local network in the 10.0.1.0/24 range, that's OK, but if the local network is 10.0.1.0/16, there will be a conflict. To lessen the chance of such conflicts, it's best to assign addresses in a random sub-block of 10.0.0.0./0 with a 24-bit netmask.
    6. "Back to My Mac" on the server is incompatible with the VPN service.
    If the server is directly connected to the Internet, see this blog post.

  • How to implement OracleAS Portal Clustering ?

    Dear all,
    Can anybody pls point me to the docs about how to implement OracleAS Portal Cluster (version 10.1.4) ?
    Also, about deploying Portal from development server to production server (using Export Import) , do we have to deploy it to all nodes , or can we just deploy it once to the cluster ?
    Thank you,
    xtanto

    Hello Xtanto,
    The Oracle documentation provides instructions for setting up Oracle Portal in a 'cluster'. For 10.1.2.0.2 and 10.1.4 :
    [5.3|http://download.oracle.com/docs/cd/B14099_19/portal.1014/b19305/cg_advnc.htm#i1046354] Configuring Multiple Middle Tiers with a Load Balancing Router
    Oracle® Application Server Portal Configuration Guide
    10g Release 2 (10.1.4)
    B19305-03
    Alternatively you can also check the enterprise deployment guide :
    [7|http://download.oracle.com/docs/cd/B14099_19/core.1012/b13998/portal.htm#CACHEECD] Installing and Configuring the myPortalCompany Application Infrastructure
    Oracle® Application Server Enterprise Deployment Guide
    10g Release 2 (10.1.2)
    B13998-07
    For deployment from development to production, transport sets can be used :
    [10|http://download.oracle.com/docs/cd/B14099_19/portal.1014/b19305/cg_imex.htm#i1030999] Exporting and Importing Content
    Oracle® Application Server Portal Configuration Guide
    10g Release 2 (10.1.4)
    B19305-03
    Thanks,
    EJ

  • Accessing device attached to VPN router

    Hi.  We have a VPN router, RV180, that was installed to allow us to access data on a PLC which is physically attached to the router via ethernet cable. We are able to establish a VPN connection from a remote laptop using QuickVPN. However, we cannot figure out how to browse to the PLC using Internet Explorer. The IP address we have for the PLC is identical to an external IP address and our browser simply loads the page from the Internet. How do we browse to the PLC using the VPN connection?
    Thanks
    Mike

    Hello.  If I may reactivate an old string I have a bit of an ironic question.  The Mac connection which seemed so difficult is now the only one that works.  To be clear, The Windows folks can still create a VPN connection.  However, they cannot access the PLC on the other side.  This wasn't obvious when I last posted because we didn't have the correct login info for the PLC so none of us could get in.  Now, my VPN connection allows me to log in to the PLC.  The Windows VPN connection cannot see the PLC log in page.  Can anyone suggest some areas to check in the administration pages of the router to find the difference between the PPTP protocol which works and the QuickVPN protocol which doesn't?
    Mike

  • PIX 501 and Linksys VPN Router (WRV200)

    I have inherited a job where we have a Cisco PIX 501 firewall at one site, and Linksys WRV200 VPN Router on two other
    sites. I have been asked to connect these Linksys routers to the PIX firewall via VPN.
    I believe the Linksys vpn routers can only connect via IPSec VPN, so i am looking for help on configuring the PIX 501 to allow the linksys to connect with the following parameters, if possible.
    Key Exchange Method: Auto (IKE)
    Encryption: Auto, 3DES, AES128, AES192, AES256
    Authentication: MD5
    Pre-Shared Key: xxx
    PFS: Enabled/Disabled
    ISAKMP Key Lifetime: 28800
    IPSec Key Lifetime: 3600
    On the PIX i have the PDM installed and i have tried using the VPN Wizard to no avail.
    I chose the following settings when doing the VPN Wizard:
    Type of VPN: Remote Access VPN
    Interface: Outside
    Type of VPN Client Device used: Cisco VPN Client
    (can choose Cisco VPN 3000 Client, MS Windows Client using PPTP, MS Windows client using L2TP)
    VPN Client Group
    Group Name: RabyEstates
    Pre Shared Key: rabytest
    Extended Client Authentication: Disabled
    Address Pool
    Pool Name: VPN-LAN
    Range Start: 192.168.2.200
    Range End: 192.168.2.250
    DNS/WINS/Default Domain: None
    IKE Policy
    Encryption: 3DES
    Authentication: MD5
    DH Group: Group 2 (1024-bit)
    Transform Set
    Encryption: 3DES
    Authentication: MD5
    I have attached the VPN log from the Linksys VPN Router.
    This is the first time i've ever worked with PIX so i'm still trying to figure the thing out, but i'm confident with CCNA level networking.
    Thanks for your help!

    Hi again,
    I believe the pix has a 3des license because of the following parts of the "show version"
    Licensed Features:
    Failover: Disabled
    VPN-DES: Enabled
    VPN-3DES-AES: Enabled
    This PIX has a Restricted (R) license.
    I've tried reconnecting the VPN tunnel with debugging on the PIX and get the output as shown in the attached file "vpndebug.txt"
    As for the other show commands they give:
    pixfirewall# show crypto isakmp sa
    Total : 0
    Embryonic : 0
    dst src state pending created
    pixfirewall# show crypto ipsec sa
    interface: outside
    Crypto map tag: transam, local addr. 10.0.0.1
    local ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)
    remote ident (addr/mask/prot/port): (192.168.101.0/255.255.255.0/0/0)
    current_peer: 10.0.0.2:0
    PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0
    local crypto endpt.: 10.0.0.1, remote crypto endpt.: 10.0.0.2
    path mtu 1500, ipsec overhead 0, media mtu 1500
    current outbound spi: 0
    inbound esp sas:
    inbound ah sas:
    inbound pcp sas:
    outbound esp sas:
    outbound ah sas:
    outbound pcp sas:
    pixfirewall#
    Thanks again Daniel, i really appreciate your help on this matter.

  • First time vpn router

                       First time with a vpn router and need advice getting everything running with my current vpn provider.
    router: 887vag vdsl2/adsl2+ POTS with 3g.
    question: Do i need to flash the router with dd-wrt?
    Are there any step by step guides you can give for this
    thnx

    Hi again,
    I believe the pix has a 3des license because of the following parts of the "show version"
    Licensed Features:
    Failover: Disabled
    VPN-DES: Enabled
    VPN-3DES-AES: Enabled
    This PIX has a Restricted (R) license.
    I've tried reconnecting the VPN tunnel with debugging on the PIX and get the output as shown in the attached file "vpndebug.txt"
    As for the other show commands they give:
    pixfirewall# show crypto isakmp sa
    Total : 0
    Embryonic : 0
    dst src state pending created
    pixfirewall# show crypto ipsec sa
    interface: outside
    Crypto map tag: transam, local addr. 10.0.0.1
    local ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)
    remote ident (addr/mask/prot/port): (192.168.101.0/255.255.255.0/0/0)
    current_peer: 10.0.0.2:0
    PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0
    local crypto endpt.: 10.0.0.1, remote crypto endpt.: 10.0.0.2
    path mtu 1500, ipsec overhead 0, media mtu 1500
    current outbound spi: 0
    inbound esp sas:
    inbound ah sas:
    inbound pcp sas:
    outbound esp sas:
    outbound ah sas:
    outbound pcp sas:
    pixfirewall#
    Thanks again Daniel, i really appreciate your help on this matter.

  • How to Implement BW in IT Service Desk/IT Help Desk /IT Complain Surveillance Dept/IT Customer Support Dept?

    Hi
    If a organization have 200 to 300 daily complains of there IT equipment/Software/Network e.t.c.
    How to Implement BW in IT Service Desk/IT Help Desk /IT Complain Surveillance Dept/IT Customer Support Dept?
    Is there any standard DataSources/InfoObjects/DSOs/InfoCubes etc. available in SAP BI Content?

    Imran,
    The point I think was to ensure that you knew exactly what was required. A customer service desk can have many interpretations from a BI perspective.
    You could have :
    1. Operational reports - calls attended per shift , Average number of calls per person , Seasonality in the calls coming in etc
    2. Analytic views - Utilization of resources , Average call time and trending , customer satisfaction , average wait time
    3. Strategic - Call volumes corresponding to campaigns etc , Employee churn and related call times
    Based on these you would then have to construct your models which would be populated by data from the MySQL instance for you to report.
    Else if you have BWA you could have data discovery instead or if you have HANA - you could do even more and if you have a HANA sidecar - you technically dont need BW. The possibilities are virtually endless - it depends on how you want to drive it and how the end user ( client ) sees value in the same.

Maybe you are looking for