Managing Routers running IOS Firewall

Similar Messages

• CSM 4.5 Event Manager for IOS firewall on routers?

  Hi,
  Can anyone confirm fo me whether it's possible to send syslog messages from routers running IOS firewall feature set to CSM, so that the events appear in CSM Event Manager, similar to the way that ASA's do?
  I've setup one of my routers to do this and have confirmed using wireshark that the syslog packets are received on the CSM 4.5 machine, but they don't seem to turn up in Event Manager.
  This would be an extremely useful feature if I can get it to work!
  Thanks,
  Matt                  

  Hello friends,
  Please, allow me to resurect this old post. 
  I have already installed CSM 4.4 and I am already managing an ASA through CSM. I have configured CSM according to next the User Guide.
  http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/security_manager/4-4/user/guide/CSMUserGuide_wrapper/evntchap.html
  I am not able to see the Events in the Event viewer client. Would you give me an advise about how to troublehoot that?
  Regards!

• Interworking between WCCP and IOS firewall on ISR and ASR routers?

  I ran into a problem last year when running WAAS WCCP and IOS firewall IP inspection on the same 3945 router. They couldn't function at the same time. Cisco indicated that router IOS firewall and WCCP were compatible only when IOS zone-based policy configuration was used. Back then I was using IOS 15.1(1)T1 on the 3945 router and WAAS was version 4.2.3.
  I now have some sites with 2921, 3945, and ASR1002 routers that need to be both IOS firewall and WCCP for WAAS. Now with newer IOS releases, does the IOS firewall estill have to be zone-based policy configuration? Because classic classic IOS firewall is easier to configure for WAAS, just "ip inspection waas enable" command, I'd prefer the easier configuration.
  What about ASR1002 router IOS firewall with WCCP? I have never implemented that before. I was trying to find some deployment examples or configuration guides from Cisco, but was not able to.
  Thanks for any help.
  Gary

  I'm assuming you placed service group 61 and 62 on the router LAN, WAN inbound directions. Did you apply inspection to LAN to WAN direction or WAN to LAN direction?
  Did you also used WCCP and IOS firewall on ASR routers?
  Thanks a lot

• HT201301 How do I back-up my iPad if it is currently running iOS 4.3.3?

  How do I back-up my iPad if it is currently running iOS 4.3.3?  I have a back-up of my photos, but want to back-up apps, etc before updating to the latest iOS.
  When I connect my iPad to my computer with the latest version of ITunes, it doesn't give me the option to back-up my iPad. Also, since my iPad has an older iOS, iCloud is not installed.
  Thank you

  After you backup.
  If you have an iPad 1, the max iOS is 5.1.1. For newer iPads, the current iOS is 6.0.1. For the iPad Mini the iOS is 6.0.2. The Settings>General>Software Update only appears if you have iOS 5.0 or higher currently installed.
  iOS 5: Updating your device to iOS 5 or Later
  http://support.apple.com/kb/HT4972
  How to install iOS 6
  http://www.macworld.com/article/2010061/hands-on-with-ios-6-installation.html
  iOS: How to update your iPhone, iPad, or iPod touch
  http://support.apple.com/kb/HT4623
  If you are currently running an iOS lower than 5.0, connect the iPad to the computer, open iTunes. Then select the iPad under the Devices heading on the left, click on the Summary tab and then click on Check for Update.
  Tip - If connected to your computer, you may need to disable your firewall and anitvirus software temporarily.  Then download and install the iOS update. Be sure and backup your iPad before the iOS update. After you update an iPad (except iPad 1) to iOS 6.x, the next update can be installed via wifi (i.e., not connected to your computer).
   Cheers, Tom

• I can see home sharing on my iPhone and iPad both running iOS 5 but when it loads the library is empty. Help!!

  The iPad is new today so pleeeease help! I have the latest version of iTunes and both iPhone and iPad are up to date. I have never had a problem with home sharing before 10.5 iTunes. Both mobile devices can eventually see the shared library but load it as though it is empty. This applies to movies as well. I have turned off home sharing on the mac and restarted it. I have also made sure that the username and password on both mobile devices are correct. Help!
  Mac mini ppc running 10.5.8
  iPhone 4 running iOS 5.0
  iPad 2 running iOS 5.0

  This has solved loads of people who have this issue and have used an alternate DNS setting.  Below are instructions for both iPhone OTA and on you Mac
  If you are getting the error message "Unable to check for update" when you try an OTA (over the air update)
  Change DNS Servers
  Settings -> Wi-Fi
  Click the blue arrow on your connected network
  Delete everything in DNS and replace it with 208.67.222.222, 208.67.220.220
  Try again
  If this works, you will probably want to remove the WiFi network using "Forget This Network" and then reconnect to it to get your original DNS servers back. Alternatively, make a note of the original DNS servers before deleting them and replace it after you are done.
  If you are getting the error message "Unable to check for update" when you try through iTunes
  On your Mac
  Choose Apple menu > System Preferences, and then click Network.
  Select the network connection service you want to use (such as Wi-Fi or Ethernet, unless you named it something else) from the list, and then click Advanced.
  Click DNS, and then click Add at the bottom of the DNS Servers list. Enter the IPv4 address for the DNS server.
  You can use OpenDNS
  208.67.222.222
  208.67.220.220
  or
  You can Google Public DNS if you want
  8.8.8.8
  8.8.4.4
  I have actually repointed my routers DNS so all my devices now point to OpenDNS servers

• XI 3.0 Installation Problem: no central managment server running

  Hi, I am totally new to BO our company just purchased the application and I have installed XI 3.0 on one of our server. I have setup the DB and the installation finished successfully. However I can't find CMS anywhere on the server. It seems like all the other XI 3.0 components are there Business view manager, central configuration manager, etc. they are all in the program list.
  The only thing I didn't install is Tomcat. In Central configuration Manager ther Server Intelligence Agent is running. When I try to connect to the server in Business view Manager I receive the following error "The system servername cannot be contacted, but there is no Central Managment Server running at port 6400."
  During the installation for "Web Application Server" part I checked the "other" option since I want to use IIS. I have a feeling I need to do some type of post configuration for IIS? Where do I perform this?
  Our setup is:
  Window Server 2003 SP2 with all the latest window updates
  The latest XI 3.0 (I downloaded it from the product page)
  My questions are:
  1. Does XI work with IIS at  all?
  2. Do I need to install Tomcat and run some kind of connector to have IIS work?
  3. What am I missing for my XI 3.0 it seem the core component is missing (CS)?
  Edited by: Amy Williams on Sep 24, 2008 11:18 AM
  Moved from Xcelsius forum to BOE Administration

  Hi Allan,
  In answer to your questions - XI 3.0 does not have an IIS interface right now.  You will need to install a java application components in order to access the end user interface for viewing reports (InfoView), the report viewers, the web services and SDKs and the management console (CMC).  The easiest way to do this is to choose the default Tomcat components in the installation and work from there.
  If you left everything else as default, then you will have all the necessary application components installed to get the system up and running.  It may just be that your CMS has not started for some reason.  Try stopping and restarting the Server Intelligence Agent (SIA) in the Central Config Manager (CCM) - found in the Start/Programs/Business Objects group.
  Once started, try clicking on the "Manage Servers" icon of the CCM (the one with a server and a check mark on it).  This should allow you connect to the system and see which servers have started.  IF you cannot connect, the next step would be to check the windows Event Log.  See if the CMS service started OK.  If it didn't the log should provide you with more information, which you can post here for further assistance.
  If it did, and you still cannot connect, you may need to review your network firewall settings and/or your DEP status (see the properties panel for My Computer, choose the Advanced tab, select the Performance settings button, then the Data Execution Prevention tab).
  Happy hunting.
  Derek.

• Problems managing Messages in ios 8

  My wife is using an iPhone 5C 32Gb, running iOS 8.1.  Apart from calling, she uses her iPhone primarily for Mail and Messages.  She likes to keep those apps clean, so she is constantly deleting unwanted messages, etc.. Ever since we upgraded to iOS 8, however, she has problems cleaning up and managing Messages.  She will mark a bunch of messages, but eventually the trash can icon disappears, and the only option left is to delete the entire conversation.  She then needs to start over, just a few at a time, until that doesn't work either.  Then she quits (swipes off) Messages and opens it again.  If that doesn't work, she shuts off the iPhone and restarts it.  Then she is back to trying to do a few at a time only. This can get very tedious.  I never manage my messages, so I don't have that issue, but for her it is very important.  Any ideas?
  Now a new thing seems to be happening: She goes to add a photo to a Message and the keyboard does not go away, so she presses cancel and then the whole app seems to lock up.  I don't know if this is related to the deleting problem, but it is driving her — and therefore me — a bit crazy.
  Any help is appreciated!

  Miguel Muelle wrote:
  My wife is using an iPhone 5C 32Gb, running iOS 8.1.  Apart from calling, she uses her iPhone primarily for Mail and Messages.  She likes to keep those apps clean, so she is constantly deleting unwanted messages, etc.. Ever since we upgraded to iOS 8, however, she has problems cleaning up and managing Messages.  She will mark a bunch of messages, but eventually the trash can icon disappears, and the only option left is to delete the entire conversation.  She then needs to start over, just a few at a time, until that doesn't work either.  Then she quits (swipes off) Messages and opens it again.  If that doesn't work, she shuts off the iPhone and restarts it.  Then she is back to trying to do a few at a time only. This can get very tedious.  I never manage my messages, so I don't have that issue, but for her it is very important.  Any ideas?
  Now a new thing seems to be happening: She goes to add a photo to a Message and the keyboard does not go away, so she presses cancel and then the whole app seems to lock up.  I don't know if this is related to the deleting problem, but it is driving her — and therefore me — a bit crazy.
  Any help is appreciated!
  I just tested this out on my 5S on 8.1.  Open a group message - scrolled all the way to the top, Oct 28 held down on said text - more - then click on said text and then I went down the line and check every message up until today, my trash icon was still there, I delete 120 text conversation in that group message.
  Is that how your wife is deleting the message?

• "Device Manager is running in read-only mode because you are running it on a remote computer" when local

  Hello - since configuring a Windows Web Server 2008 R2 x64 to be hardened for an internet-facing deployment I receive this:
  "Device Manager is running in read-only mode because you are running it on a remote computer."
  when entering Device Manager.
  I have tried reversing the changes I have made, such as:
  - Re-adding Client for Microsoft Networks
  - Re-enabling NetBIOS over TCP-IP
  - Re-adding File and Printer Sharing
  - Disabling the Windows Firewall in all profiles (public, domain, private)
  I get no joy. It looks like a Microsoft ballsup. I'll try and use Process Monitor to have a look. Google returns only 1 page for this error.
  Luke

  Got it.
  After my changes to DHCP and static IPs the machine picked up the IP address of another server on my little home LAN. The hostname in IPCONFIG was different to the actual server computer name and so this led Device Manager to think the connection and the
  local machine were different.
  What an odd and infuriating problem. My thoughts on this are that Microsoft should be more verbose with error messages and their causes. For example, displaying the values of the assertion would help diagnose a problem; "The host-name www02.farm.brand.com
  that you are connecting from does not match the local host-name rest01.dev.farm.brand.com. Connections from remote computers can only use Device Manager in read-only mode; some options will be disabled."
  When troubleshooting, the main thing on an engineer's mind is "what has led Windows to its [unexpected] conclusion?"
  Luke

• NME-NAM with Cisco Prime 5.1.2 and IOS Firewall

  Hello,
  I have installed and configured the Cisco NME-NAM with Prime 5.1.2 and have access to the NAM via a web browser. It is not picking up any data even though I havew configured the following:
  internal data source
  network site 10.10.16.0/20
  All reports show "No data for selected time interval"
  I am running IOS 15.1 on a 2811 with IOS firewall enabled.
  Do I need to create a FW rule to allow traffic to be monitored by the NME-NAM?
  Thank you,
  Matthew

  Hi rajeeshp,
  Currently I am not allowed to upgrade it because of internal procedures involved in upgrading a specific piece of software (obtaining permissions from various departments). Is it free to upgrade from 1.2 to 1.3 or there is a specific charge for that.
  Predrag Petrovic

• IPad 1 running IOS 5.1.1 not working with home WIFI, but everywhere else

  I have an iPad 1 supporting 3G and WIFI running IOS 5.1.1 and up to now it has worked great.  We recently had the cable modem in the house upgraded and the box included a better WIFI system than we had before.  After installation, all the laptops in the house worked great except my iPad.  One of the kickers is that when my wife came home with her iPad 1 running IOS 4, it worked great too.  And when I've gone to a hotspot, it also gets connected well.
  The symptoms are that the WIFI menu will see my home network as an option.  When I select it, I get a spinner and the left side bar will indicate that it is using that network, but the spinner never completes.  The upper left will mostly stay as 3G and will occasionally go to a WIFI setting, but nothing will connect.  If I tap on the details, I usually don't get DHCP connection and get an IP address.  Once in a great while, I can connect up and have access, but it is incredibly slow and usually fades off in a minute.
  I have tried turning off the iPad, resetting network settings, telling it to forget the network and try again and reset the iPad.  I have removed all security from the router, reduced down the encryption to WEP like the old wireless router and still nothing.  Of course the Cable company says it is the iPad problem and I tend to agree. 
  My next step is to erase and start over, which I do not wish to do if I don't have to.
  Any ideas?

  Look at iOS Troubleshooting Wi-Fi networks and connections  http://support.apple.com/kb/TS1398
  iPad: Issues connecting to Wi-Fi networks  http://support.apple.com/kb/ts3304
  iOS: Recommended settings for Wi-Fi routers and access points  http://support.apple.com/kb/HT4199
  Additional things to try.
  Try this first. Turn Off your iPad. Then turn Off (disconnect power cord) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
  Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
  Change the channel on your wireless router. Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
  Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
  How to Quickly Fix iPad 3 Wi-Fi Reception Problems
  http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
  If none of the above suggestions work, look at this link.
  iPad Wi-Fi Problems: Comprehensive List of Fixes
  http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
  Fix iPad Wifi Connection and Signal Issues  http://www.youtube.com/watch?v=uwWtIG5jUxE
  Unable to Connect After iOS Update - saw this solution on another post.
  https://discussions.apple.com/thread/4010130?tstart=60
  Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
  ~~~~~~~~~~~~~~~
  If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
   Cheers, Tom

• Enable Web gui on Cisco 2901 ISR running IOS 15...

  I have recently purchased a Cisco 2901 Integrated Service Router that is running IOS 15... and need some help activating the WEB GUI Interface. I have read some documentation and have not had any luck. Some detailed instructions for the command line would be great if someone has the time to help.
  Thanks

  Hi,
  It looks as though there is not a Web GUI available for the 2901. However, Cisco does provide a tool called Cisco Configuration Professional, which provides tools to configure routers. It provides options for configuring many different functions in Cisco routers. You can follow the steps laid out in this article: http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_configuration_professional/guides/CiscoCPqsg.html
  This gives a great overview of how to install and start using Configuration Professional. I hope this helps, and please feel free to respond with any further questions. I will certainly do my best to answer them!
  Garrett

• Hey everybody i have an ipad 2 running ios 5.1.1 but itunes does not transfers music or apps to my pad but it transfers it to my ipod 4g running ios 6 pls help me guys

  hey guys please help me itunes is not transfering music or apps to my ipad 2 running ios 5.1.1 but transfers to my ipod touch 4g running ios 6 please help me

  Are you selecting the music to sync to the iPad? Try it this way.
  Connect the iPad to the computer and launch iTunes.
  Click on the iPad name on the left side under devices.
  Click on the Music Tab on the right.
  Click on all of the albums or playlists that you want to sync - or the entire library if you like.
  Click on the Sync Music Heading.
  Click on Apply in the lower right corner of iTunes
  Do you have your sync preferences set to Manually Manage Music And Videos in the Summary Tab of iTunes? If you do, deselect that and try again.

• IOS Firewall vs. ASA

  Is there a document that compares the security funtionaly and features of the ASA and the IOS firewall. I need to document why I would want to deploy ASA's at branch locations versus the firewall feature set on the WAN routers.                  

  Hello Sonepar,
  It really depends on the engineer’s viewpoint. Some prefer to have a single device do their routing and their security, while others prefer to have dedicated security devices. This reasoning, however, does not really determine what the “best” solution for your network is.
  One difference is that the IOS router starts out by allowing all traffic [on your untrusted interfaces], where as the ASA starts by denying all traffic. Consequently you have to configure the actual hardening of your IOS router. I will say the ASA typically offers faster performance, but that’s partially because the ASA is sort of a 1 trick pony and not doing any dynamic routing.
  I think one of the main things to consider is the complexity of VPN features desired. The ASA’s feature set is relatively limited in this respect. If you want to leverage more advanced features like DMVPN or GET VPN, and IOS router is your only option as the firewall does not support those. Of course by default, the ASA performs a little faster on VPN tunnels.
  If you’re looking for an appliance to just do traffic inspection, predominantly for a web DMZ or publicly accessible network, probably the ASA is your best bet. If however you have a highly decentralized -internal- network where branch offices frequently talk to each other, then you would benefit from something like DMVPN, thus your deployment would be greatly simplified using something like a 2800.
  Policy Base Routing on ASA is not supported since it is a security device it only routes traffic through one active default gateway and it can not classify packets based on source/service like router does.
  In my personal preference, I find myself moving away from the philosophy of this specialized device for routing and this specialized device for security. I prefer to simplify my deployments, and believe me w/ NAT, VPNs, Firewall, IPS, having an ASA sitting behind your border router…it can add a significant amount of complexity to your design…and ultimately, your troubleshooting.
  Again; at the end all depends on your company requirements and what are you looking for.
  Regards,
  Juan Lombana
  Please rate helpful posts.

• Do I need IOS firewall feature set on Catalyst 6500 for FW blade?

  Hi all,
  If I install a FW blade in Cat6500, should I need to have the IOS firewall feature set on Cat6500 itself?
  Thanks and Regards,
  mak

  Nope.
  The FWSM uses it's own OS based on PIX OS. While it uses SVIs configured in the MSFC, it otherwise runs autonomously from the Sup and MSFC, even in Native mode.
  Let me know if this helps by rating the post.
  Michael

• If I buy a iPhone 5 at the store, will it still be running iOS 6 or 7?

  I want to buy the iPhone 5 (not the iPhone 5s or c) because it has iOS 6 on it instead of iOS 7 (which I do not like) and wondering if the people at the store still have the iPhones that run iOS 6 on them. Thanks!

  It is unlikely that you will find an iPhone 5 in any store for sale.
  The iPhone 5 has not been available for sale since November of 2013 when the 5S and 5C were replaced.
  The only way to acquire an iPhone 5 at this point is via the used/refurbished market.  Unless you buy a used iPhone that was never upgraded, you will not find one running iOS6.