IPSEC issue in Cisco IAD 2431
Hello all,
I cam across something when i was troubleshooting IPSEC VPN connections between two Cisco IAD 2431s. Here is a snapshot of config on one of the routers:
crypto map vpnmap 6 ipsec-isakmp
description To_Grovecity
set peer X.X.X.X
set transform-set vpnset
match address To_Grovecity
crypto map vpnmap 10 ipsec-isakmp
description To_Datacenter
set peer Y.Y.Y.Y
set transform-set vpnset
match address To_Datacenter
qos pre-classify
ip access-list extended To_Grovecity
permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255
ip access-list extended To_Datacenter
permit ip 10.24.96.0 0.0.0.255 10.11.12.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 172.31.46.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 10.80.102.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 10.24.69.0 0.0.0.255
permit ip 10.24.96.0 0.0.0.255 192.168.15.0 0.0.0.255
From this router's LAN interface (10.24.96.1), I couldn't ping the router's LAN interface corresponding to the Grovecitypeer which is x.x.x.x. The LAN interface at Grovecity is 10.80.103.3
As soon as I removed the statement " permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255" which was unnecessarily present in the To_Datacenter ACL, things started working.
What confuses me is since the crypto map vpnmap for Grovecity is at sequence 6 and is before the vpnmap for Datacenter, the statement "
permit ip 10.24.96.0 0.0.0.255 10.80.103.0 0.0.0.255" under the To-Datacenter ACL would never be considered and it doesn't matter if that staement is present in the ACL or not but apparently it does. HAs anyone faced this before or am I missng something?
Thanks
Mukundh
Hi,
In order to successfully build a SA, the L2L peers need to exchange the same exact ACE (mirror of each other) along with other parameters like the transform-set, PFS group (if configured)...
Otherwise Phase II does not come up.
Thanks.
Portu.
Please rate any helpful posts.
Similar Messages
-
issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login
issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login
-
Calling issue with Cisco 7937 conference station
Hi Friends,
I am facing issue wiht Cisco 7937 conference station, our customer have various branch offices accross the world. All branches are connected over MPLS through service provider( SIP service provider) . there is a centralized CUCM and remote office have SIP Voice gateways .
When making calls from once remote site to another using Cisco 6921 phones calls working fine
When making calls from once remote site to another using Cisco 7937 conference station to make call any phone at remote office, calls are getting disconneted, remote phone rings when calls, but its gets fast busy tone when other party picks up the phone and not able to talk.
I suspect the issue with Codec but we have configured transcoders in VG and registered with CUCM
Please help me if any one experience such issue earlier.
Regards
Sivahi Basant,
1. Actually tow phones A and B are registerd with centralized CUCM, A and B are located in two different locations, RTP traffic between And B pass through service provider.
Call Flow --> Phone A ---->CUCMRouterpattern--> SIP trunk ----> Voice gateway--->Service provider cloud---> Respective Voice Gateway---> CUCM -- Phone B
Show Run
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.02.27 15:14:52 =~=~=~=~=~=~=~=~=~=~=~=
sh run
Building configuration...
Current configuration : 12139 bytes
! Last configuration change at 06:35:59 UTC Tue Feb 25 2014
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname eucamvgw01
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.151-4.M5.bin
boot-end-marker
card type e1 0 0
logging buffered 51200 warnings
no logging console
no aaa new-model
no network-clock-participate wic 0
no ipv6 cef
ip source-route
ip traffic-export profile cuecapture mode capture
bidirectional
ip cef
ip multicast-routing
ip domain name drreddys.eu
ip name-server 10.197.20.1
ip name-server 10.197.20.2
multilink bundle-name authenticated
stcapp ccm-group 2
stcapp
stcapp feature access-code
stcapp feature speed-dial
stcapp supplementary-services
port 0/1/0
fallback-dn 5428025
port 0/1/1
fallback-dn 5428008
port 0/1/2
fallback-dn 5421462
port 0/1/3
fallback-dn 5421463
isdn switch-type primary-net5
crypto pki token default removal timeout 0
voice-card 0
dsp services dspfarm
voice call send-alert
voice call disc-pi-off
voice call convert-discpi-to-prog
voice rtp send-recv
voice service voip
ip address trusted list
ipv4 10.198.0.0 255.255.255.0
ipv4 152.63.1.0 255.255.255.0
address-hiding
allow-connections sip to sip
no supplementary-service h225-notify cid-update
no supplementary-service sip moved-temporarily
no supplementary-service sip refer
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
fax-relay ans-disable
sip
rel1xx supported "track"
privacy pstn
no update-callerid
early-offer forced
call-route p-called-party-id
voice class uri 100 sip
host 41.206.187.71
voice class codec 10
codec preference 1 g711alaw
codec preference 2 g711ulaw
codec preference 3 ilbc
codec preference 4 g729r8
codec preference 5 g729br8
voice class codec 20
codec preference 1 g729br8
codec preference 2 g729r8
voice moh-group 1
moh flash:moh/Panjo.alaw.wav
description MOH G711 alaw
multicast moh 239.1.1.2 port 16384 route 10.198.2.9
voice translation-rule 1
rule 1 /^012237280\(..\)/ /54280\1/
rule 2 /^012236514\(..\)/ /54214\1/
rule 3 /^01223651081/ /5428010/
rule 4 /^01223506701/ /5428010/
voice translation-rule 2
rule 1 /^00\(.+\)/ /+\1/
rule 2 /^0\(.+\)/ /+44\1/
rule 3 /^\([0-9].+\)/ /+\1/
voice translation-rule 3
rule 1 /^9\(.+\)/ /\1/
rule 2 /^\+44\(.+\)/ /0\1/
rule 3 /^\+\(.+\)/ /00\1/
voice translation-rule 4
rule 1 /^54280\(..\)/ /12237280\1/
rule 2 /^54214\(..\)/ /12236514\1/
rule 3 /^\+44\(.+\)/ /\1/
rule 4 /^.54280\(..\)/ /12237280\1/
rule 5 /^.54214\(..\)/ /12236514\1/
voice translation-rule 9
rule 1 /^\(....\)/ /542\1/
voice translation-rule 10
voice translation-rule 11
rule 1 /^\+44122372\(....\)/ /542\1/
rule 2 /^\+44122365\(....\)/ /542\1/
voice translation-rule 12
voice translation-rule 13
rule 1 /^\([18]...\)/ /542\1/
voice translation-rule 14
voice translation-profile MPLS-incoming
translate calling 10
translate called 9
voice translation-profile MPLS-outgoing
translate calling 11
translate called 12
voice translation-profile PSTN-incoming
translate calling 2
translate called 1
voice translation-profile PSTN-outgoing
translate calling 4
translate called 3
voice translation-profile SRST-incoming
translate calling 14
translate called 13
license udi pid CISCO2921/K9 sn FGL145110RE
hw-module ism 0
hw-module pvdm 0/0
username administrator privilege 15 secret 5 $1$syu5$DsxdOgfS7Wltx78o4PV.60
redundancy
controller E1 0/0/0
ip tcp path-mtu-discovery
ip scp server enable
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description internal LAN
ip address 10.198.2.9 255.255.255.0
duplex auto
speed auto
interface ISM0/0
ip unnumbered GigabitEthernet0/0
service-module ip address 10.198.2.8 255.255.255.0
!Application: CUE Running on ISM
service-module ip default-gateway 10.198.2.9
interface GigabitEthernet0/1
description to TATA NGN
ip address 115.114.225.122 255.255.255.252
duplex auto
speed auto
interface GigabitEthernet0/2
description SIP Trunks external
ip address 79.121.254.83 255.255.255.248
ip access-group SIP-InBound in
ip traffic-export apply cuecapture size 8000000
duplex auto
speed auto
interface ISM0/1
description Internal switch interface connected to Internal Service Module
no ip address
shutdown
interface Vlan1
no ip address
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.198.2.1
ip route 10.198.2.8 255.255.255.255 ISM0/0
ip route 41.206.187.0 255.255.255.0 115.114.225.121
ip route 77.37.25.46 255.255.255.255 79.121.254.81
ip route 83.245.6.81 255.255.255.255 79.121.254.81
ip route 83.245.6.82 255.255.255.255 79.121.254.81
ip route 95.223.1.107 255.255.255.255 79.121.254.81
ip route 192.54.47.0 255.255.255.0 79.121.254.81
ip access-list extended SIP-InBound
permit ip host 77.37.25.46 any
permit ip host 83.245.6.81 any
permit ip host 83.245.6.82 any
permit ip 192.54.47.0 0.0.0.255 any
permit icmp any any
permit ip host 95.223.1.107 any
deny ip any any log
control-plane
voice-port 0/1/0
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/1
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/2
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/3
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
no ccm-manager fax protocol cisco
ccm-manager music-on-hold bind GigabitEthernet0/0
ccm-manager config server 152.63.1.19 152.63.1.100 172.27.210.5
ccm-manager sccp local GigabitEthernet0/0
ccm-manager sccp
mgcp profile default
sccp local GigabitEthernet0/0
sccp ccm 10.198.2.9 identifier 3 priority 3 version 7.0
sccp ccm 152.63.1.19 identifier 4 version 7.0
sccp ccm 152.63.1.100 identifier 5 version 7.0
sccp ccm 172.27.210.5 identifier 6 version 7.0
sccp
sccp ccm group 2
bind interface GigabitEthernet0/0
associate ccm 4 priority 1
associate ccm 5 priority 2
associate ccm 6 priority 3
associate ccm 3 priority 4
associate profile 1002 register CFB_UK_CAM_02
associate profile 1001 register XCODE_UK_CAM_02
associate profile 1000 register MTP_UK_CAM_02
dspfarm profile 1001 transcode
codec ilbc
codec g722-64
codec g729br8
codec g729r8
codec gsmamr-nb
codec pass-through
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
maximum sessions 18
associate application SCCP
dspfarm profile 1002 conference
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 2
associate application SCCP
dspfarm profile 1000 mtp
codec g711alaw
maximum sessions software 200
associate application SCCP
dial-peer cor custom
name SRSTMode
dial-peer cor list SRST
member SRSTMode
dial-peer voice 100 voip
description *** Inbound CUCM ***
translation-profile incoming PSTN-incoming
incoming called-number .
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 500 voip
description *** Inbound TATA MPLS ***
translation-profile incoming MPLS-incoming
session protocol sipv2
session target sip-server
incoming called-number ....
incoming uri from 100
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 510 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 54[013-9]....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 520 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 5[0-35-9].....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 200 voip
description *** Inbound M12 *** 01223651081, 01223651440 - 01223651489
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 0122365....
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 201 voip
description *** Inbound M12 *** 012237280XX
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 012237280..
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 202 voip
description *** Inbound M12 *** 01223506701
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 01223506701
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 210 voip
description *** Outbound M12 ***
translation-profile outgoing PSTN-outgoing
destination-pattern +...T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 211 voip
description *** Outbound ISDN for SRST and emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 9.T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 212 voip
description *** Outbound ISDN for emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 11[02]
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 2000 voip
description *** Outbound to CUCM Primary ***
preference 1
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.19
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2001 voip
description *** Outbound to CUCM Secondary ***
preference 2
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.100
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2002 voip
description *** Outbound to CUCM Teritiary ***
preference 3
destination-pattern 542....
session protocol sipv2
session target ipv4:172.27.210.5
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 999010 pots
service stcapp
port 0/1/0
dial-peer voice 999011 pots
service stcapp
port 0/1/1
dial-peer voice 999012 pots
service stcapp
port 0/1/2
dial-peer voice 999013 pots
service stcapp
port 0/1/3
sip-ua
no remote-party-id
gatekeeper
shutdown
call-manager-fallback
secondary-dialtone 9
max-conferences 4 gain -6
transfer-system full-consult
ip source-address 10.198.2.9 port 2000
max-ephones 110
max-dn 400 dual-line no-reg
translation-profile incoming SRST-incoming
moh flash:/moh/Panjo.ulaw.wav
multicast moh 239.1.1.1 port 16384 route 10.198.2.9
time-zone 22
time-format 24
date-format dd-mm-yy
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 131
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
line vty 5 15
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
scheduler allocate 20000 1000
ntp server 10.1.30.1
end
eucamvgw01#
Sh SCCP
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.03.03 17:57:44 =~=~=~=~=~=~=~=~=~=~=~=
SCCP Admin State: UP
Gateway Local Interface: GigabitEthernet0/0
IPv4 Address: 10.198.2.9
Port Number: 2000
IP Precedence: 5
User Masked Codec list: None
Call Manager: 10.198.2.9, Port Number: 2000
Priority: 3, Version: 7.0, Identifier: 3
Call Manager: 152.63.1.19, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 4
Trustpoint: N/A
Call Manager: 152.63.1.100, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 5
Trustpoint: N/A
Call Manager: 172.27.210.5, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 6
Trustpoint: N/A
MTP Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1000
Reported Max Streams: 400, Reported Max OOS Streams: 0
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Transcoding Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1001
Reported Max Streams: 36, Reported Max OOS Streams: 0
Supported Codec: ilbc, Maximum Packetization Period: 120
Supported Codec: g722r64, Maximum Packetization Period: 30
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: gsmamr-nb, Maximum Packetization Period: 60
Supported Codec: pass-thru, Maximum Packetization Period: N/A
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
Conferencing Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1002
Reported Max Streams: 16, Reported Max OOS Streams: 0
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070080
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070081
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070082
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070083
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
eucamvgw01# -
Directory Caching issue with Cisco Jabber client for Windows
Hi ,
I am facing cache issue with Cisco Jabber client for Windows. If I do any change related to modification or deletion of contacts in Active Directory/ Callmanager, it does not reflect in the Jabber. Because jabber takes the contacts from the locally stored cache file in the Windows system.
Every time I have to remove the cache file to overcome this issue, practically it's not possible to do the same with all the Widows users. As, if any employee leaves the company and still I can see his contact appears in the "Cisco Jabber client". I have not seen this issue with Android/Apple iOS.
Is there any automated way to remove the cache file?
Here is the detail of CUCM,Presence and Jabber.
CUCM version: 9.1.x
Presence : 9.1.X
Jabber : 10.5 and 10.6Hello
On our environment we had to install a dedicated Microsoft Certificate Authority "just for Cisco Jabber usage" to house the
Network Device Enrollment Service.
Our certificate for the CUPS were generated on this Certification Authority too.
I discussed this certificate matter with my colleagues this afternoon and nobody seems to remember how these certificates were deployed into the
Enterprise Trust store for the users.
But I think they asked all 400 users to accept the 3 certificates by answering "yes" to the popup instead of using a script deployed by GPO...
I wish you success with that deployment and really hope you have a technical partner that *Knows* this subject.
Our partner left us alone with that unfortunately.
Florent
EDIT: If the "Certutil script method" works, please let me know. This could be useful in our own deployment. -
Routing issue between Cisco Nexus and Cisco 4510 R+E Chassis
We have configured Cisco Nexus 7K9 as core and Cisco 4510 R+E as access switches for Server connectivity.
We are experiencing problem in terms of ARP learning and Ping issues between Cisco Nexus and end hosts.Hi,
So you have N7k acting as L3 with servers connected to 4510?.
Do you see the MAC associated with failing ARP in 4510?. Is it happening with all or few servers?. Just to verify if it is connectivity issue between N7k and 4510, you can configure an SVI on 4510 and assign address from same raneg (server/core range) and perform a ping.
This will help narrow down if issue is between server to 4510 or 4510 to N7k.
Thanks,
Nagendra -
MacBook and MacBook Pro with 10.6: Wireless Airport Issues with Cisco
Long Story but please bear with me:
Loaded SL on my daughters MacBook and my MacBook Pro. Internet worked flawlessly at our house (WEP encrypted) and on other public wifi. When my daughter went back to her sorority house at college 24 hours later, she could not access the internet using the sorority house network (Cisco Aironet 1800 router and Cisco Airo Access Points).
Her Airport on the MacBook appeared connected at full strength yet no internet. Two calls to Apple support (they were very nice) did not help. All the following were tried:
1. Reset PRAM
2. Deleted Airport and Safari plists
3. Edited locations
4. Removed Battery
5. Others I cannot now remember
Still no net. However, she could 'pirate' and hop on line with other identified public wifi adjacent to the sorority house. I drove to the sorority house today and tried to get on the network wirelessly using my MacBook Pro with SL. Same identical results to hers. Another MacBook without SL works great and gets right on the network.
Is this some SL influenced issue with the Airport card and the Cisco system? Weird that both of our laptops work great with several other wifi networks but not the one at the sorority house.
Could much of what we all our seeing with the internet access problem lie not with issues within our software or computers but with the routers and access points not being compatible? I have very little understanding of this stuff (as you all can probably tell) but the Apple Support people acted like it was a old firmware issue with Cisco and not with SL. Not actually what I wanted to hear.
Any ideas or suggestions?Your description there, particularly the last part, sounds like my problem. At home, we connect using Airport and ADSL which was OK, once SL had sorted out passwords.
At my office, where there are two wifi systems, I could not get on either, although did have IP numbers on both. The link to the outside world is via a proxy which uses a PAC file. Network Diagnostics reported each time (whatever I did) that the link to the server was OK, but the Internet was not.
I created a new Location with identical settings (typing them in and not copying) and the only visible difference is that the new location has no DNS numbers -- I had not noticed that before. The moment I pressed, Apply, the computer was online.
I was guessing that there was a conflict in a .plist file somewhere; but now I wonder if DNS might have been the reason (the DNS number usually used is the one from the router itself). -
Issue with cisco ONS 15310. Slot with Ethernet ports, designed for bridging.
Hi, guys. I’ve got an issue with cisco ONS 15310 sdh optical network. I’ve got a special slot with Ethernet ports, designed for bridging. Assume, we’ve got to multiplexers, named A and B with ports A0 and B0 respectively. The ios console of these slots says, the configuration is as follows:
no ip address set on these ports
Ports are administratively up
Auto mdix
Bridge groups are the same on these ports.
Dot1q tunnel.
I’m trying to monitor a device with an ip-address connected to port B0. It answers ping if I connect the notebook directly to a device. But if I connect the notebook to port A0 and ping the device pluged in port B0 through the optical network, it doesn’t answer. I tried connections with straight and cross cable.
Guys, who set the network said, it should work as a point to point bridge with no extra configuration. But it doesn’t. I used wireshark sniffer to lookup what’s happening on port A0. All I see is cdp-s from port A0 and self-announcements of the notebook.
Any suggestions? Thank you in advance.B
Building configuration...
Current configuration : 3712 bytes
! Last configuration change at
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname B
boot-start-marker
boot-end-marker
enable password -
clock timezone -
ip subnet-zero
no ip domain-lookup
no mpls traffic-eng auto-bw timers frequency 0
bridge 100 protocol ieee
bridge 140 protocol ieee
bridge 141 protocol ieee
bridge 142 protocol ieee
bridge 143 protocol ieee
bridge 144 protocol ieee
interface Loopback0
ip address 192.x.0.x 255.255.255.255
interface FastEthernet0
description -
no ip address
mode dot1q-tunnel
bridge-group 140
bridge-group 140 spanning-disabled
interface FastEthernet1
description --- B0 ---
no ip address
mode dot1q-tunnel
bridge-group 141
bridge-group 141 spanning-disabled
interface FastEthernet2
description -
no ip address
mode dot1q-tunnel
bridge-group 142
bridge-group 142 spanning-disabled
interface FastEthernet3
description -
no ip address
mode dot1q-tunnel
bridge-group 143
bridge-group 143 spanning-disabled
interface FastEthernet4
description -
no ip address
mode dot1q-tunnel
bridge-group 144
bridge-group 144 spanning-disabled
interface FastEthernet5
no ip address
shutdown
interface FastEthernet6
no ip address
shutdown
interface FastEthernet7
description -
no ip address
shutdown
mode dot1q-tunnel
bridge-group 100
bridge-group 100 spanning-disabled
interface POS0
description -
no ip address
crc 32
interface POS0.1
encapsulation dot1Q 141
no snmp trap link-status
bridge-group 141
interface POS0.2
encapsulation dot1Q 142
no snmp trap link-status
bridge-group 142
interface POS0.3
encapsulation dot1Q 143
no snmp trap link-status
bridge-group 143
interface POS0.4
encapsulation dot1Q 144
no snmp trap link-status
bridge-group 144
interface POS0.5
description -
encapsulation dot1Q 140
no snmp trap link-status
bridge-group 140
interface POS1
no ip address
crc 32
interface POS1.1
encapsulation dot1Q 100
no snmp trap link-status
bridge-group 100
router ospf 100
log-adjacency-changes
network 192.x.0.x 0.0.0.0 area 0
ip default-gateway [x.x.x.x]
ip classless
no ip http server
snmp-server community public RO
snmp-server ifindex persist
snmp-server trap link ietf
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps config
snmp-server enable traps cpu threshold
snmp-server enable traps entity
snmp-server enable traps syslog
snmp-server enable traps hsrp
snmp-server enable traps config-copy
snmp-server enable traps bridge
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps bgp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps ipmulticast
snmp-server enable traps rtr
snmp-server enable traps mpls traffic-eng
snmp-server enable traps mpls ldp
snmp-server enable traps rsvp
snmp-server enable traps l2tun session
snmp-server enable traps mpls vpn
snmp-server host x.x.x.x public
control-plane
line con 0
line vty 0 4
password -
logging synchronous level 4
login
end -
LAG configuration issue on Cisco SG300 52 Switch
Hi everybody,
I am having an issue with LAG configuration on a Cisco SG300 52 switch. I have connected four Ge ports on the switch to the four NICs of a Dell R710 Server on which I installed Windows Server 2008 R2. Without LAG configured, these ports would forward traffic to and from the Dell server fine. However, if I configure LAG on the ports with LACP enabled, then they would not forward any network traffic. Debugging shows that the ports are up but their forwarding status show N/A. Am I missing any configuration? Can I configure LAG on edgeports? Or is there any compatibility issue?
Any help from you guys will be greatly appreciated.
Thank you.
VishalHi Dave,
Thank you for your quick response and sorry to have looked at it late. Well, I already resolved the issue and like you pointed out, it was the configuration of the Dell NICs. I had to configure NIC teaming and there was a bug with the Broadcom NIC management software. I had to download this piece of software again and I was then able to configure NIC teaming on it. I initially thought that it was already configured because we got the Dell server "pre-installed with pretty much everything".
Anyway thank you for your assistance. Oh I have a question though if you don't mind clearing my doubt. We have bought 7 of these SG300 Switches and I would like to use all of them
in a hierarchical design as core, distribution and access layer switches because I believe this switch has got all the qualities to be used at all the three layers. We have about 100 users in our company at the moment but expecting growth of about 10-20 employees per year. Would you think a hierarchical network design for a 100 users is a bit of an overkill? Would you think these SG300 switches can handle network traffic at the distribution and core layers? I worked out the average daily traffic is only about 4 Mbps.
Thank you for your valuable guidance.
Kind regards,
Vishal
Date: Mon, 12 Sep 2011 08:09:40 -0600
From: [email protected]
To: [email protected]
Subject: - Re: LAG configuration issue on Cisco SG300 52 Switch
Cisco Support Community
Re: LAG configuration issue on Cisco SG300 52 Switch created by David Hornstein in Small Business Switches - View the full discussion
Hi Chundunsing,
Thank you for the purchase of my switch.
Chundunsing, I love the way you worded your question ; "I am having an issue with LAG configuration on a Cisco SG300 52 switch." ,but seriously you are having a problem with interfacing the dell with my switch.
You have LAG working to the Dell R710 teamed NICs and god knows what NICs or drivers you are using to acheive this.
Now LAG is providing , load balancing between the LAG ports.
Now LAG is providing , link redundancy for connectibity to the Dell R710.
If there is a configuration issue , it sure seems the way you have it configured without LACP is still working. But you have the option when you create a LAP group to enable LACP. You can see this as a tick box in the LAG group.
But might i also install, recently firmware version 1.1.1.8, just came out.
Please be sure to;
Step 1. update the firmware on the switch and
Step 2. select it as the 'active image.'
Step 3 rebbot the switch to utilize this active image.
If you are having any trouble doing this the admin guide references how to achieve this. for your concenience I have atteched the guide to this posting.
regards Dave
Reply to this message by going to Cisco Support Community
Start a new discussion in Small Business Switches at Cisco Support Community -
Is there any known issues with Cisco Meraki APs with client devices which publish PMF support in probe requests ? We are seeing connectivity issues with Cisco Meraki MR12,MR16 and MX80 models . Please update if there are any known issue with these APs.
Thanks for your thoughts, Nathan. We do actually have the "Enable Fast Reconnect" option selected on our wireless profile. Good idea, though.
We did also (originally) have 2 RADIUS servers defined within our wireless network. What we discovered was that each Meraki AP will try each one in order, top-to-bottom, and then primarily use the server that responded to it first. So, if for any reason you have a short-lived issue with your local RADIUS server responding to requests, and the AP is able to talk to a remote RADIUS server (in our case, one on the other side of the world) instead, the AP will elect to use the remote RADIUS server instead. In our case, the latency is high enough between these APs and this remote RADIUS server that while a client is roaming between APs, and having to re-authenticate, the entire process breaks down because (1) the client is moving between APs faster than the remote RADIUS server can authenticate the client, and (2) the entire exchange and communication ends up timing out -- thus forcing a manual re-connect. This is not a common occurrence by any means, but I just wanted to share what made us later choose to define only 1 RADIUS server, in the network settings. Surely our circumstance here is rather unique, but I thought it might be worth mentioning. Having only 1 RADIUS server defined forces ALL of our APs to use the same RADIUS server, regardless of anything else. It has resulted in a much smoother re-auth process for our clients.
I appreciate the link you sent, however. If I come across anything else that is helpful, I'll certainly post it back here. I appreciate your input once again! -
Cisco IAD 2432 - hookflash issue
Hello experts,
we where testing IAD2432 with SIP and it seems we can not make it to support hook-flash functionality. When I dial first number and press flash button I get a second dial tone and first phone conversation is on hold, after dialing a second number when I press flash button I get a third dial tone not a 3-way add hock conference as with traditional PBX like feature and first call gets dropped.
Bellow is the documentation I used to configure those features with SIP:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/vvfax_c/callc_c/sip_c/sipc1_c/centrex.htm#wp998956
http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a0080783aba.html
Any suggestion on making this working will be welcome. Thank you in advance.
The config is attached.Could you porvide "debug ccsip messages " with SIP configured and hookflash attempted
-
OK,
Trying to get a 2431 IAD to work with an ATM T-1. Interface comes up, PVCs come up, but no IP connectivity. Traffic counters on the interface and PVCs increment, but no IP (ping) connectivity. Can't even ping myself.
Config below
version 12.4
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
hostname Router
boot-start-marker
boot-end-marker
card type t1 1
logging buffered 51384 debugging
enable password cstc
no aaa new-model
clock timezone EST -5
clock summer-time EDT recurring
network-clock-participate T1 1/0
network-clock-participate T1 1/1
network-clock-select 1 T1 1/0
ip arp gratuitous local
voice-card 0
controller T1 1/0
mode atm
framing esf
linecode b8zs
controller T1 1/1
framing esf
linecode b8zs
interface FastEthernet0/0
ip address 24.97.148.116 255.255.255.240
duplex full
speed auto
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface ATM1/0
ip address 10.33.1.1 255.255.255.0
no atm ilmi-keepalive
atm uni-version 3.1
arp arpa
arp timeout 900
pvc VoicePVC 5/185
vbr-rt 106 64 11
encapsulation aal2
pvc DataPVC 5/189
vbr-nrt 96 96 1
encapsulation aal5snap
protocol ip inarp
pppoe max-sessions 5
pppoe-client dial-pool-number 1
ip default-gateway 24.97.148.xxx
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 24.97.148.xxx
access-list 101 permit ip any any log
control-plane
line con 0
line aux 0
line vty 0 4
access-class 3 in
password cisco
login
ntp server 64.246.130.xxx
sho int atm 1/0
ATM1/0 is up, line protocol is up
Hardware is NetGX ATM TC
Internet address is 10.33.1.1/24
MTU 1500 bytes, sub MTU 1500, BW 1536 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ATM, loopback not set
ARP type: ARPA, ARP Timeout 00:15:00
Encapsulation(s):, PVC mode
511 maximum active VCs, 2 current VCCs
VC Auto Creation Disabled.
VC idle disconnect time: 300 seconds
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: Per VC Queueing
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
721 packets input, 40376 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
919 packets output, 54482 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
sho atm pvc
Router#sho atm pvc
VCD / Peak Avg/Min Burst
Interface Name VPI VCI Type Encaps SC Kbps Kbps Cells Sts
1/0 VoicePVC 5 185 PVC AAL2 VBR 106 64 11 UP
( 64)
1/0 DataPVC 5 189 PVC SNAP VBR 96 96 1 UP
( 96)
sho ip route
Gateway of last resort is 24.97.148.113 to network 0.0.0.0
24.0.0.0/28 is subnetted, 1 subnets
C 24.97.148.112 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.33.1.0 is directly connected, ATM1/0
S* 0.0.0.0/0 [1/0] via 24.97.148.113
Ping to 10.33.1.254 results in an "Incomplete" entry in the arp table.1. Saving the configuration and reload the router.
2. Do a "shut" and "no shut" to the interface after config. -
Credential windows issue on CISCO VPN 5.0.07.0410
Hi,
i have 2 laptop same HW with windows XP ( last OS update released ) on both laptop installed CISCO VPN 5.0.07.410 with same installation pack and procedure, both laptop work under 3G connection when try to connect with VPN,
On one laptop when put my credential on connection windows ( windows popuped after pressed "connect" on VPN CLIENT ) no receive any errors on screen, but CISCO VPN Client prompt me again a credential windows and reprompt this windows again and again everytime i put my credential on it.
If try on other laptop all work fine, no credential windows loop.
I tried to repair and reinstall CISCO VPN client but receive same issue
Any one have same helps for me?
ThanksInstall Citrix Deterministic Network Enhancer to solve Cisco IPSec VPN issue with Windows 8/8.1. Check below guide,
http://www.vmwareandme.com/2013/12/solved-windows-8-and-windows-81-cisco.html
www.mytricks.in -
Issues with cisco 1242 aironets
We are currently experiencing and issue with the 1242 AG Wireless Access Points. We have have them configured as 1 Root Access point and 3 Repeaters. The repeaters seem to be experiencing frequency interference issues. The Root AP is using antenna model 2506 and the repeaters 1728's.
What happens is when the repeaters are first started up, they see / communicate to the root access point fine, but within 5 minutes they stop communicating. If we manually set the channel to something different, they see each other for 5 - 10 minutes then eventually disappear and cannot be ping'd or seen with a sh cdp nei.
We have tried various combinations of settings so far. Have tried channel 1 - 13 and the least conjested frequency mode. It usually settles on channel 8 when we put it in that mode. But it is the same sceneario each time. All 3 repeaters show up almost instantly after a channel change, but slowly disappear in less than 10 minutes.
Here is our config:
Version
Cisco IOS Software, C1240 Software (C1240-K9W7-M), Version 12.4(21a)JA1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 16-Sep-09 19:06 by prod_rel_team
ROM: Bootstrap program is C1240 boot loader
BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.3(7)JA1, RELEASE SOFTWARE (fc1)
ROOTAP uptime is 2 days, 3 hours, 14 minutes
System returned to ROM by power-on
System image file is "flash:/c1240-k9w7-mx.124-21a.JA1/c1240-k9w7-mx.124-21a.JA1"
cisco AIR-AP1242AG-E-K9 (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
Processor board ID FCZ112782K9
PowerPCElvis CPU at 262Mhz, revision number 0x0950
Last reset from power-on
1 FastEthernet interface
2 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:1C:58:B1:72:2E
Part Number : 73-10256-06
PCA Assembly Number : 800-26918-05
PCA Revision Number : A0
PCB Serial Number : FOC11262N5Z
Top Assembly Part Number : 800-29233-01
Top Assembly Serial Number : FCZ112782K9
Top Revision Number : A0
Product/Model Number : AIR-AP1242AG-E-K9
Configuration register is 0xF
Root AP Config
Current configuration : 1987 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ROOTAP
no aaa new-model
dot11 syslog
dot11 activity-timeout client maximum 120
dot11 activity-timeout repeater maximum 300
dot11 ssid WIRELESS
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid
username user privilege 15 secret 5 password
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers tkip
ssid WIRELESS
antenna gain 5
parent timeout 10000
channel 2417
station-role root access-point
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
no dfs band block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 192.168.2.10 255.255.255.0
no ip route-cache
ip default-gateway 192.168.2.1
ip http server
ip http authentication local
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
privilege level 15
logging synchronous
login local
stopbits 1
line vty 0 4
privilege level 15
logging synchronous
login local
stopbits 1
line vty 5 15
privilege level 15
logging synchronous
login local
stopbits 1
end
Repeater Config
Current configuration : 1764 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname REPEATER03
no aaa new-model
dot11 syslog
dot11 ssid WIRELESS
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid
username user privilege 15 secret 5 password
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers tkip
ssid WIRELESS
antenna gain 5
parent timeout 10000
station-role repeater
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
no dfs band block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 192.168.2.13 255.255.255.0
no ip route-cache
ip default-gateway 192.168.2.1
ip http server
ip http authentication local
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
privilege level 15
logging synchronous
login local
stopbits 1
line vty 0 4
privilege level 15
logging synchronous
login local
stopbits 1
end
We are wondering if you have any tips to get around this.
Also, should these access points be able to handle ~200 clients? How close to the root access point should the repeaters be placed? I basically just go until my signal gets low and put a repeater within that range. Could vary from 30-60 meters away.
ThanksAlso, should these access points be able to handle ~200 clients?
APs, in theory, can handle >1,200 clients. In theory. In practice, Cisco recommends between 12-25 clients. Imagine if you have, say, 50 clients and they are trying to access the network on a 100 Mbps FastEthernet connection. That slows them down, right? But consider wireless as a broadcast. One talks and the rest listens. -
Issues with Cisco Prime LMS 4.2.3
Hi,
I'm trailing Cisco Prime LMS 4.2.3 Soft appliance on ESXi before I deploy it into a live environment and am having some issues.
I've upgraded to version 4.2.3 and the box was working fine after the upgrade however on power it up today the Apache service will not start.
If I look at the LMS application I see this for the Apache service.
"Apache Administrator has shut down this server 0 "
I have tried to starting it.
CiscoLMS42/admin# application start Apache
% Application failed to start
CiscoLMS42/admin#
If I run an application operation debug at the same time I get the following output.
CiscoLMS42/admin# 6 [5343]: application:operation cars_install.c[1145] [admin]: Application initialization initiated for appname: Apache, operation: 0
7 [5343]: application:operation cars_install.c[1146] [admin]: Operations: O-APP_START, 1-APP_STOP, 2-APP_STATUS
6 [5343]: application:operation cars_install.c[1150] [admin]: Verifying app (Apache) is installed ...
3 [5343]: application:operation cars_install.c[1152] [admin]: App (Apache) is not installed.
3 [5343]: application:operation install_cli.c[281] [admin]: Error while starting application - Application: Apache ErrorCode: -999
I'm at a complete lose as to where to look next, failing anything else I'll have to rebuild it, but it would be nice to know how to get the Apache up and running again.
regards
RichHi Richard,
I see the following:
[ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor After gettingAJPPort : ajpPort = 9009 and host =CiscoLMS42
[ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor theMgr constructor successful.
[ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor Inside whileloop
[ Thu Apr 18 20:53:11 GMT 2013 ] TomcatMonitor Tomcat is not ready, it's coming up Connection refused
It looks like the hostname cannot be resolved. Can you try to add a static entry in /etc/hosts for the IP of the server and CiscoLMS42?
Restart the daemon manager and it should work.
Regards,
Vlad
==========
NMS Team
Krakow, Poland
Cisco TAC -
Driver issue with Cisco HD Precision / JFV 4.4
Hi,
Just to installed Jabber for Video4.4 on my laptop ( win7 64bits)
all works fine except the video!! i use a Cisco HD precision wih Jabber, may be a driver issue, the camera is not recognized.
When i selected my integreted camera from laptop, the video is going up.
i've already the same issue with Jabber Video 4.3.
Does anyone has got the same issue? Any idea?
ThanksThread back from the dead...
I have this exact scenario playing out today trying to use a PrecisionHD USB camera with Windows 7. Completed the 1.5 update listed here and following the update I see the results in the picture. The LibUSB device is present, and it looks like a Tandberg HD camera is known to the system, but not accessible/usable.
Anybody have success with this issue or have any additional ideas to try?
Maybe you are looking for
-
Releasing Sales Orders from SNP to DP at correct levels
We have a requirement where we want to do month to date tracking of sales orders in DP compared with the forecast. We have three important characteristics in DP at which we want the data to be released - Product, Location and Customer. Is there a way
-
Problem arise while running a appln
Starting WLS with line: C:\Oracle\MIDDLE~1\JDK160~1\bin\java -client -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m -XX:MaxPermSize=512m -Dweblogic.Name=DefaultServer -Djava.security.policy=C:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\w
-
Runtime error and unable to create new web application
Hi when i create new web application i faced this error Runtime error and unable to create new web application. in this farm we have 2 wfe servers 2 application servers. adil
-
There are photos in my trash directory which i want to restore to their proper albums but I can't view them in order to drag them to the place they belong. Is there a way to view these photos by album or individually and is there a way to move them
-
Creative Suite 6 installation stuck on windows 7
Bought creative suite 6 Design and Web Premium and started the installation on windows 7 Went with default installation and selected all (default).. After around 20 min or so it keeps accessing CD drive while installing acrobat X. Looks like it go