LACP with a Cisco 2960G and an IBM I7 Server

Similar Messages

• Cisco CSM and WCS on same server

  Hi,
  Currently we are running Cisco CSM and Cisco WCS applications on different servers.
  Please let me know can it possible to install Cisco CSM and Cisco WCS on one server.
  Regards,

  As per their datasheet, both CSM and WCS support VMware or can run as virtual servers. So it should be possible to implement both as virtual servers and run on the same physical server.

• Ip nat pool no-overload prefix 22 (just starting out with the cisco training and wanted to know )

  Above is the command ip nat pool no  overload prefix 22
  Does anyone know what the prefix 22 does and why it is added.  I also and new at learning and currently studying and wanted to know any recommendations for taking the CCNA or CCNP and what online routers (emulators) can i play on to learn commands and prepare for exams

  Hi,
  It is just describing the prefix length for the network or Subnet Mask in general terms.
  Check this:-
  http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i3.html#wp6064781280
  Thanks and Regards,
  Vibhor Amrodia

• Issue with using openAM/openSSO and wrong FQDN on server

  Hi,
  Does anyone made a configuration with SSO and OpenAM.
  I did some configuration according to document : oam90-cucm8586-cuc86-sso.pdf
  A COMPLETE GUIDE FOR
  THE INSTALLATION, CONFIGURATION, AND INTEGRATION OF
  OPEN ACCESS MANAGER 9.0 WITH
  CISCO UNIFIED COMMUNICATIONS MANAGER 8.5/8.6,
  CISCO UNITY CONNECTION 8.6, AND ACTIVE
  DIRECTORY FOR SINGLE SIGN-ON
  But it looks like we have choosen the wrong server name when installing/configuring the openSSO software.
  The server redirects to the server name instead of the FQDN.
  This will cause an error when using 'utils sso enable', because the certificate is incorrect.
  Error: Open Access Manager (OpenAM) not configured based on FQDN
  I can find it on several places in the configuration, but don't know where to change.
  We also removed the software (Java, Tomcat and openAM) but the configuration is still present.
  We are using a windows server.
  In documentation it says you have to remove the .openssocfg file somewhere but we can't find it.
  any hints or help is much appreciated.
  kind regards,
  Jos de Bruin

  I had this problem and fixed it. We were absolutely positive that the FQDN configuration on the OpenAM server was correct. Certainly verify that first on your server, but it's not the ONLY thing that throws this error.
  Looking at the OpenAM debug logs set at the Message level in the Authentication file, I was able to see numerous failed authentication attempts for the "demo" user when I tried to enable SSO.
  We had earlier removed the demo user because it shouldn't be really needed for any production OpenAM deployments.
  We were wrong.
  I added the demo user back to the OpenDJ embedded database "Access Control > Top Level Realm > Subjects" and then I was able to enable SSO on my CUCM server.
  The UserID is "demo" the password is "changeit" and all fields are mandatory, even thought First Name doesn't always have the * that indicates it is mandatory.
  Hopefully there will be either a documentation defect or a code defect coming out of this recent discovery.

• WLC with ISE as radius and also external web server

  Hi friends,
  I am biulding a wireless network with 5508 WLC and trying to use ISE as radius server and also to redirect the web-login to it.
  I was trying to understand that to achieve the external web-login, do i need to use the raduius-nac option under advanced on the guest wireless where i am trying this out. and if not, where do i actually use it?
  So far what i have understood that i do need to have preauth ACL on the Layer 3 security, but the issue is there is no hit reaching the ISE.
  any suggestions would be higly appreciated guys!
  Regards,
  Mohit

  Hi mohit,
  Please make sure the below steps for guest auth thru ISE,
  1)Add the WLC in your ISE as netork devices.
  2)In Guest SSID you need to choose the pre authentication acl.That acl should allow the below traffic
      a. any to ISE
      b.ISE to any
      c.any to dns server
      d.dns to any
  3)The external redirect url will be 
  https://ip address:8443/guestportal/Login.action
  4)AAA server for that SSId would be your ISE ip with port number 1812.
  5)In advanced tab please choose the AAA override. No need of radius nac.
  6)Create appropriate authorization profile in ISE for guest.Example is below ,

• Install Oracle 11G, RAC with VMWare, APPS R12, and OBIEE on one server?

  Dear Experts,
  I'm looking to upgrade my skills, and want to learn more of:
  Oracle 11G, RAC, VMWare, APPS R12, and OBIEE
  My server has two quad cores (8 CPU altogether) and 16 gigs of RAM.
  Years ago, I took a shots at installing RAC on multiple servers and firewire.
  One thing I remember was that after I installed RAC, I was not able to use the database unless I enabled all the RAC processes on the server. So, I was not able to just boot the database and use it in the traditional single server manner.
  Which I will also want to do.
  1) Does this symptom/aspect/characteristic of RAC install still exist?
  2) Is it realistic to install all this software on one server?
  If so, what is the order of operations for the install?
  3) If I have to prioritize, I'd like to install
  Oracle 11G, OBIEE, and APPS R12,
  Would installing R12 and OBIEE on the same server present any conflicts or issues?
  If not, what is the order of operations for the install?
  11G, R12, then OBIEE?
  Thanks a lot!

  Hi,
  1) Does this symptom/aspect/characteristic of RAC install still exist?No.
  2) Is it realistic to install all this software on one server?
  If so, what is the order of operations for the install?For learning/traning/demonstration purpose you can Install all these software on same machine.
  3) If I have to prioritize, I'd like to install
  Oracle 11G, OBIEE, and APPS R12,
  Would installing R12 and OBIEE on the same server present any conflicts or issues?
  If not, what is the order of operations for the install?
  11G, R12, then OBIEE?There will not be any conflicts. I would suggest you to select vmware or virtual box in order to configure all these sw's.
  I have done such a configuration on my laptop with i7 Quad processor, 16GB RAM and 640 GB HDD.
  I have Installed 2 node RAC, 2 Node ERP and all are running smoothly without any issues.
  Refer:
  http://appsdbaworkshop.blogspot.com/2011/10/11gr2-rac-on-linux-56-using-vmware.html
  thanks,
  X A H E E R

• Oracle 10g rac installation on IBM power server

  Dear Gurus,
  I am installing Oracle 10g RAC on IBM power server but while running CRS getting the following errors. Please help to resolve this issue.
  OUTPUT from Installation log:
  INFO: Start output from spawned process:
  INFO: INFO:
  INFO: /oracle/app/oracle/product/crs/bin/genclntsh
  INFO: /usr/bin/ld: cannot find -lxl
  INFO: collect2: ld returned 1 exit status
  INFO: genclntsh: Failed to link libclntsh.so.10.1
  INFO: make:
  INFO: *** [client_sharedlib] Error 1
  INFO: End output from spawned process.
  INFO: INFO: Exception thrown from action: make
  Exception Name: MakefileException
  Exception String: Error in invoking target 'client_sharedlib' of makefile '/oracle/app/oracle/product/crs/network/lib/ins_net_client.mk'. See '/oracle/app/oracle/oraInventory/logs/installActions2011-12-26_04-40-48PM.log' for details.
  Exception Severity: 1
  INFO: Exception handling set to prompt user with options to Retry Ignore
  SYSTEM:
  IBM power server
  Linux 5.3
  I have already tried changing ORACLE_HOME,CRS_HOME,LD_LIBRARY_PATH but nothing worked.
  Regards,
  Prajash

  Those errors remind me on errors I encountered when I was trying to do installation that was not certified,
  so try to check if installation you are doing is actually supported.
  In the meantime , visit metalink and read document [ID 460969.1] , */usr/bin/ld: Cannot Find -lxml10, Genclntsh: Failed To Link Libclntsh.so.10.1*

• Nexus 5548UP lacp with IBM AIX P740

  We are currently working in a lab to configure our first pair of 5548UP(with a 2232PP on each) with FCoE to an IBM p740 AIX server.  On the Nexus side I have confugured the physical port e100/1/1 (2232pp) to be in a channel-group that will be part of a vpc with the other 5548UP switch, I am trunking all vlans in the etherchannel with the IBM server.  Everything is working, i have the port-channel UP, the vfc and vpc when I use ''channel-group x mode ON'' on the physical ports and on the server side the 803.2ad is not active, it's configured ''roundRobin''. 
  Suppose I want to use LACP for the connections with the server should I configure the Nexus switch port with ''channel-group x mode active'' or ''channel-group x mode passive''?  When the server is configured with ''802.3ad'' enabled and when I have ''channel-group x mode active'' or ''passive'' it doesn't work, the port-channel x does not come UP.
  Does anyone have an explenation of how I should be configure?
  Thanks

  Hello,
  Using LACP passive or active mode should not make much of a difference as long as one of the sides of the port-channel actively negotiates LACP.  In most cases, we just configure both sides to be LACP active.
  When you say the port-channel is not working when using LACP, what are the symptoms?
  Are the physical ports in "I" state?'
  'show port-channel summary' will show this
  What does the output of "show lacp counters interface port-channel X"  show?
  This command will tell you if the Nexus 5K/2K is receiving LACPDUs from the IBM device (and if we are sending them).  I would suggest to collect the LACP counters to verify that we are receiving the LACP packets from IBM, otherwise Nexus will not bring up the port-channel.  Here is an example output from my lab switch:
  5548-2019# show lacp counters interface port-channel 500
                      LACPDUs         Marker      Marker Response    LACPDUs
  Port              Sent   Recv     Sent   Recv     Sent   Recv      Pkts Err
  port-channel500
  Ethernet1/15       16401  16399    0      0        0      0        0
  Ethernet1/16       16400  16399    0      0        0      0        0
  Regards,
  Steven

• PLEASE HELP! Problems with Cisco WLAN and WPA encryption

  I checked the threads and didn't see this posted.  I have a Cisco WLAN card in my T42_2373_C88.  It's a very unfortunate thing that this wireless LAN card/wireless config. utitlity doesn't support WPA encryption.  I'm not entirely sure that it's the problem with the WLAN card, and the reason for this is that I initially set up a network through the Windows config. utility bypassing the IBM utility (which I can no longer do).  I wasn't actually able to connect to my local network until I completely removed the profile for my home network in the access connections, only then was I able to connect (WPA-PSK (TKIP)).  I saw some drivers available for my make and model on the lenovo.com driver site.  I downloaded the drivers and went through device manager specifying the folder where the drivers were located and the drivers were not recognized by windows as valid drivers.  Unless specifically told otherwise, I don't want to manually override and load these drivers.  This is a business machine, and this specific wireless function is VERY critical. 
  Thanks

  try using URLConnection instead of HTTPConnection.

• Mavericks VPN dropouts with native VPN client and Cisco IPSec

  Since update to Maverics I am experiencing VPN dropouts with native VPN client and Cisco IPSec
  I am connecting via a WIFI router to a remote VPN server
  The conenction is good for a while but eventually it drops out.
  I had Zero issues in mountain lion and only have issues since the update to 10.9
  I had similar issues in teh past with an unrelaibel wifi router but i am using a Verizon Fios router and it has worked impecably until mavericks
  My thoughts are:
  1 -issue with mavericks  ( maybe the app sleep funciton affecting eithe VPN or WIFI daemons)
  2- Issue with  cisco router compaitibility or timing with Cisco IPSEC
  3- Issue with WIFI itself on mavericks - some sort of WIFI software bug
  Any thousuggestions?

  Since update to Maverics I am experiencing VPN dropouts with native VPN client and Cisco IPSec
  I am connecting via a WIFI router to a remote VPN server
  The conenction is good for a while but eventually it drops out.
  I had Zero issues in mountain lion and only have issues since the update to 10.9
  I had similar issues in teh past with an unrelaibel wifi router but i am using a Verizon Fios router and it has worked impecably until mavericks
  My thoughts are:
  1 -issue with mavericks  ( maybe the app sleep funciton affecting eithe VPN or WIFI daemons)
  2- Issue with  cisco router compaitibility or timing with Cisco IPSEC
  3- Issue with WIFI itself on mavericks - some sort of WIFI software bug
  Any thousuggestions?

• Cisco ISE FlexAuth with 802.1X PCs and IP Phones as MAB multi-domain Q?

  Cisco ISE FlexAuth with 802.1X PCs and IP Phones as MAB multi-domain Q?
  Im trying to follow the trustsec 2.1 guide on IP Phones into LowImpact mode.
  I can get a PC on its own to authenticate via dot1x/tls
  I can get a Cisco IP Phone on its own to authenticate via MAB.
  When the two are on the same switchport, the phone will authenticate but not the PC.  ISE logs EAP timeouts.
  The switchport has the LowImpact port ACL of
  ip access-group ACL-DEFAULT in
  The IP Phone gets a dACL that allows it ok.
  I assume MAB phone and dot1x PC is supported?  Any ideas?
  Thanks in advance.

  The ISE log detailed steps are as follows:
  Steps
  11001  Received RADIUS Access-Request
  11017  RADIUS created a new session
  Evaluating Service Selection Policy
  15048  Queried PIP
  15048  Queried PIP
  15004  Matched rule
  11507  Extracted EAP-Response/Identity
  12300  Prepared EAP-Request proposing PEAP with challenge
  12625  Valid EAP-Key-Name attribute received
  11006  Returned RADIUS Access-Challenge
  11001  Received RADIUS Access-Request
  11018  RADIUS is re-using an existing session
  12501  Extracted EAP-Response/NAK requesting to use EAP-TLS instead
  12500  Prepared EAP-Request proposing EAP-TLS with challenge
  12625  Valid EAP-Key-Name attribute received
  11006  Returned RADIUS Access-Challenge
  11001  Received RADIUS Access-Request
  11018  RADIUS is re-using an existing session
  12502  Extracted EAP-Response containing EAP-TLS challenge-response and accepting EAP-TLS as negotiated
  12800  Extracted first TLS record; TLS handshake started
  12805  Extracted TLS ClientHello message
  12806  Prepared TLS ServerHello message
  12807  Prepared TLS Certificate message
  12809  Prepared TLS CertificateRequest message
  12505  Prepared EAP-Request with another EAP-TLS challenge
  11006  Returned RADIUS Access-Challenge
  11001  Received RADIUS Access-Request
  11018  RADIUS is re-using an existing session
  12504  Extracted EAP-Response containing EAP-TLS challenge-response
  12505  Prepared EAP-Request with another EAP-TLS challenge
  11006  Returned RADIUS Access-Challenge
  11001  Received RADIUS Access-Request
  11018  RADIUS is re-using an existing session
  12504  Extracted EAP-Response containing EAP-TLS challenge-response
  12505  Prepared EAP-Request with another EAP-TLS challenge
  11006  Returned RADIUS Access-Challenge
  5411  No response received during 120 seconds on last EAP message sent to the client

• Strange behavior with Cisco AP and Intel 3945 wireles card

  Hi,
  I have an interesting problem with an Intel 3945 A/G card, and my cisco APs.
  1. Given:
  Cisco 1100 and 1200 AP running IOS 12.3.8-JEA
  Two laptop, one with Intel 2200 MPCI Card, the other with Intel 3945 MPCI Card
  Microsoft AD with IAS radius server
  a. 1 SSID with Simple EAP-TLS configuration Enterprise WPA/TKIP, no vlans, broadcast SSID. both card associate correctly and operate normally.
  b. 2 SSID, 1 with simple EAP-TLS configuration Enterprise WPA/TKIP (broadcast), and 2nd SSID Open/No encryption/No authentication (not broadcasted), both cards associate correctly and operate normally.
  c. 2 SSID, 1 with simple EAP-TLS configuration Enterprise WPA/TKIP (broadcast), and 2nd SSID WPS-PSK (not broadcasted), both cards operate normally.
  Now it gets interesting:
  c. 2 SSID, 1 with EAP-TLS/WPA Enterprise on its own VLAN 102, 2nd SSID Open/No Encryption/No authentication on a separate VLAN 105, VLAN 1 is used for admin and radius backhaul to IAS.
  If both SSID are broadcasted via mbssid guest-mode both Intel cards work as expected
  If neither SSID are broadcasted, both Intel cards work as expected
  If either SSID is broadcasted via normal guest-mode command, the Intel 2200 associates and works correctly, but the Intel 3945 refuses to assocate to the AP.
  Has anyone heard of side-effect?
  Alan

  I'm seeing a similar issue with the 3945 right now. However in my example the following is the case;
  APs are 1200 series IOS upgraded running 802.11b interfaces only. There are multiple SSIDs NONE of which are broadcasting.
  We've got a few different client types. The Cisco CB21ABG cards are fine, as are the Intel 2200 and 7920 phones. It's only the 3945 that has a problem and it's running Intel's 10.5.1.68 driver which is the latest. I'm considering downgrading it to an older driver.
  Anybody got a definate fix for this Intel card???

• ISDN dial-in with Cisco 1721 and WIC-1B-S/T

  Hi there,
  we use a Cisco 1721 with a WIC-1B-S/T interface for ISDN backup purposes. I configured the Cisco 1721 and connected the BRI-WIC to a ISDN channel. When I try to test the ISDN connection, I always get the error that the line protocol is down. The WIC is connected to the ISDN correctly. I do not understand why the line protocol is always down. Could anybody help? The chosen encapsulation is PPP, the ISDN Switch Type is basic-1tr6 (I think thats the right one for Germany). The IOS version is 12.4 (1c).
  Regards, J. Schroeder

  Hi there,
  the BRI interface is connected to a telephone system and not directly to a NTBA. The hostname matches the username, is this right? When I try to dial out, I get this messages:
  *Mar 9 16:28:11.804: ISDN BR0 **ERROR**: host_disconnect_ack: Unfound B-channel on Disconnect_Ack call id 0x8003
  *Mar 9 16:28:33.792: ISDN BR0 **ERROR**: CCBRI_Go: NO CCB Src->HOST call id 0x8003, event 0x5 ces 1
  *Mar 9 16:29:47.324: ISDN BR0 **ERROR**: host_disconnect_ack: Unfound B-channel on Disconnect_Ack call id 0x8004
  *Mar 9 16:30:09.312: ISDN BR0 **ERROR**: CCBRI_Go: NO CCB Src->HOST call id 0x8004, event 0x5 ces 1
  *Mar 9 16:30:12.952: ISDN BR0 **ERROR**: host_disconnect_ack: Unfound B-channel on Disconnect_Ack call id 0x8005
  *Mar 9 16:30:34.940: ISDN BR0 **ERROR**: CCBRI_Go: NO CCB Src->HOST call id 0x8005, event 0x5 ces 1

• Voip with hipath siemens 3800 and cisco router 2951

  Hi all,
  we have a projet with a Customer, we must must implement solution voip in theire structure, they have siemens hipath 3800 and i want to know if it work with Cisco 2951? if yes how? and there is a special configuration for this? and this solution support all features of voip ?
  thanks for your attention.
  Walid zahri

  Hello, walidit01. 
  Check this link (http://cs.co/9000qMpY) for interoperability updates for CUCM Express. Are you already working with any Cisco partner or vendor for your client project?
  Let me know if you have other concerns or e-mail ([email protected]) me directly. 
  Kind regards. 

• CISCO Load Balancer with SAP on Unix and Oracle

  Hello Experts,
  Explain me the steps How CISCO Load balancing Mechanism works with SAP Enterprise Portal?
  If anyone implemented and achieved the same,please explain me the steps to follow from Initial Stage to end of implementation.
  Or If you have any documentation on this just share with me or point me to the particular link.
  I have seen the below SAP help which is somewhat helpful.
  http://help.sap.com/saphelp_nw04s/helpdata/en/d3/e12840d89d185de10000000a1550b0/frameset.htm
  I would like to know how CISCO will connect to M/essage Server /Java Dispatcher.
  And explain me the steps to follow to implement External Facing Portal using Cisco Loadbalancer.
  This should be achieved in Unix environment.
  Any help would be greatly appreciated.
  Regards,
  Karthick Eswaran
  *Points will be rewarded for helpful suggestions

  We use F5 for loadbalancing, but all hardware loadbalancing solutions should similar. They offer multiple algorithms, we use simple round robin (SAP's webdispatcher has better options for load balancing). You create virtual IP to your CISCO loadbalancer. You then configure Cisco to route traffic to each portal application server. If you have CI + 2 appservers, you configure the loadbalancer to send traffic to cihost:port, appserver1:port, appserver2:port. You also create a DNS alias to the virtual IP of the loadbalancer. End users will use the DNS alias to connect your portal. Typically you use standard ports (80 & 443) on Cisco, so that end user URL does not contain any ports (so http traffic goes to port 80, https goes to port 443). You also need to enable cookie persistence on the load balancer for session persistence.
  For external facing portal, you need to have your loadbalancer in DMZ and you want to use SSL. You also need to setup firewall rules for your portal and backend servers.
  -RK