MPLS end-peer
Good morning I'm writing you to ask a question that I don't find an answer, the question is below:
If between a MPLS path there's a hop that is not set to understand MPLS, what happens?
Any information that you can send me are welcomed.
Best Regards
sercopi
This would break your end to end LSP. MPLS applications such as l3vpn, l2vpn for instance would not work correctly in a scenario like this.
Hope this helps,
Similar Messages
-
MPLS pseudowire Up on one side Down on the other
Hello,
I'm trying to setup another pseudowire between a 6509-E 12.2(17r)S4 and a 7201 12.4(12.2r)T. The 6509 says the vc is up:
Switch#show mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
Gi4/1 Ethernet 172.29.255.7 77 UP
But on the 7201 I'm getting:
Router#show mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
Gi0/3 Ethernet 172.29.255.10 77 DOWN
When I run show mpls l2transport vc detail it looks like:
Switch:
VC statistics:
transit packet totals: receive 0, send 35308
transit byte totals: receive 0, send 2745983
transit packet drops: receive 0, send 0
Router:
VC statistics:
packet totals: receive 35414, send 0
byte totals: receive 2754295, send 0
packet drops: receive 0, seq error 0, send 1421389
Weird that the switch is sending but not receiving and the router is receiving but not sending.
The topoligy is:
[6509-E] <-> [7201transit] <-> [7201]
The transit router has mpls ip enabled and has another functional pseudowire running across it.
Thanks in advance I'm pretty new to MPLS, please let me know if you need more information, I can post configs etc.
--WillHey Negandra,
Thank you for your response! How do I know if I have SIP/ES/ES+ cards? The two types of cards I have in the chassis are:
48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX
24 CEF720 24 port 1000mb SFP
Are either of those capable?
--Will
*EDIT*
Also I have tried to terminate the pseudowire to a SVI on the 6509-E but I can't get it to come online.
CORE#show mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
Gi4/3 Ethernet 172.x.x.x 2 ADMIN DOWN
Gi3/46 Ethernet 172.x.x.x 123 UP
Gi4/48 Ethernet 172.x.x.x 1337 DOWN
Gi4/5 Ethernet 172.x.x.x 4 ADMIN DOWN
Vl7 Eth VLAN 7 172.x.x.x 7 DOWN
CORE#show run int vlan7
Building configuration...
Current configuration : 91 bytes
interface Vlan7
no ip address
xconnect 172.29.255.7 7 encapsulation mpls
end
If I configure the pseudowire on a physical interface on the switch it comes up, what am I missing? Hardware limitation?
Thanks in advance,
--Will -
MPLS migration from IPv4 and IPv6
Hello,
i have existing MPLS VPN setup using IPv4 between all devices (P,PE,CPE), i want to start to migrate to IPv6 but i want to start the migration for one link between P and PE and all other devices will be the same (IPv4). Can you please tell me how i can acheive this scenario without impcat the services because is life.
ThanksDear All,
when i configured IPv6 between PE and CPE the neighbor between them is idle the following the configuration between PE and CPE:
PE:
router bgp 100
bgp router-id 10.200.200.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor MPLS-Group peer-group
neighbor MPLS-Group remote-as 100
neighbor MPLS-Group update-source Loopback0
neighbor MPLS-Group-IPV6 peer-group
neighbor MPLS-Group-IPV6 remote-as 100
neighbor MPLS-Group-IPV6 update-source Loopback0
neighbor 10.200.200.5 peer-group MPLS-Group
neighbor 2002:10:200:200::5 peer-group MPLS-Group-IPV6
address-family ipv4
no synchronization
no auto-summary
exit-address-family
address-family vpnv4
neighbor MPLS-Group send-community both
neighbor MPLS-Group next-hop-self
neighbor 10.200.200.5 activate
exit-address-family
address-family vpnv6
neighbor MPLS-Group-IPV6 send-community both
neighbor MPLS-Group-IPV6 next-hop-self
neighbor 2002:10:200:200::5 activate
exit-address-family
address-family ipv4 vrf TEST
no synchronization
redistribute connected
neighbor 10.225.0.2 remote-as 101
neighbor 10.225.0.2 activate
exit-address-family
address-family ipv6 vrf TEST
redistribute connected
no synchronization
neighbor 2002:10:225::2 remote-as 101
neighbor 2002:10:225::2 activate
exit-address-family
ipv6 router ospf 200
router-id 10.200.200.3
log-adjacency-changes
mpls ldp router-id Loopback0
CPE:
interface Loopback0
ip address 10.225.100.1 255.255.255.255
ipv6 address 2002:10:225:100::1/128
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface GigabitEthernet1/0
ip address 10.225.0.2 255.255.255.252
negotiation auto
ipv6 address 2002:10:225::2/126
router bgp 101
no synchronization
bgp router-id 10.225.100.1
bgp log-neighbor-changes
network 10.225.100.1 mask 255.255.255.255
neighbor 10.225.0.1 remote-as 100
neighbor 2002:10:225::1 remote-as 100
no auto-summary
address-family ipv6
no synchronization
network 2002:10:225:100::1/128
neighbor 2002:10:225::1 activate
exit-address-family
CPE-1#show ip bgp summary
BGP router identifier 10.225.100.1, local AS number 101
BGP table version is 4, main routing table version 4
2 network entries using 242 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 228 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 598 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.225.0.1 4 100 6 5 4 0 0 00:01:50 1
2002:10:225::1 4 100 0 0 0 0 0 never Idle
and i received this error:
*Nov 24 15:40:17.715: %BGP-5-ADJCHANGE: neighbor 2002:10:225::2 vpn TEST Up
*Nov 24 15:40:19.079: %BGP-5-ADJCHANGE: neighbor 10.225.0.2 vpn vrf TEST Up
*Nov 24 15:40:23.067: %BGP-3-NOTIFICATION: sent to neighbor 2002:10:225::2 passi ve 2/8 (no supported AFI/SAFI) 3 bytes 000101
Thanks -
Hello, networkers!
Long time no see ;-)
Straight on question now. Imagine a MPLS network with the following topology:
A B C D E
(X) --- (X) --- (X) --- (X) --- (X)
CE PE P PE CE
Router A & E are customer's routers.
Router B & D are PE routers
Let's say that we have created MPLS ATOM using Xconnect in between routers B and D. They are both using FastEthernet interfaces with sub-interfaces configured on. Router D is configured to RouterE in this way:
interface FastEthernet0/0.15
description ** RouterD->RouterE **
encapsulation dot1Q 15
no cdp enable
xconnect 2.2.2.2 666 encapsulation mpls
on the other end, router B is configured as follow:
interface FastEthernet0/0.26
description ** RouterB->RouterA **
encapsulation dot1Q 26
no cdp enable
xconnect 1.1.1.1 666 encapsulation mpls
end
Where 1.1.1.1 is RouterD loopback and 2.2.2.2 is Router B lo0.
What do you think about that scenario? Should it work with this configuration when the dot1q vlans differs? In my opinion this shouldn't work as expected as long as MPLS is doing just transparent transport of entire L2 frame (instead of using internetworking on IP level)
Can anyone, please explain how does Cisco handle this? I remember that I've read somewhere during my CCIE journey that there are different types of AtOM VC's which can either carry the dot1q tag or not.
Thank you in advance!
Kind regards,
Dani Petrov
P.p. I tried it in a few different configurations and the results are very interesting but please first share your thoughts ;-)Hi,
You can't force the vc-type and don't need to.
To summarize:
- switchport trunk mode and subinterfaces will always pop the outer tag
- EVC interfaces do nothing by default.
On top of that vc-type 4 will add a service-delimiter tag to the frame received from the AC. It's the responsibility of the egress router to know what to do with this tag (rewrite or remove it).
GSR and 7200 will negotiate a vc-type 4 if the AC is a subinterface. 7600 will always negotiate a vc-type 5 except if the peer wants a vc-type 4.
HTH
Laurent. -
[ios pw redundancy with xr mc-lag termination]
hi, all:
first of all, thanks in advance and please take a look at the attached diagram.
i'm trying to setup a pseudowire redundancy setup between an ME3800 and two ASR9000s that build a mlacp etherchannel towards a cat4500, 4500-2. when primary pseudowire is up, everything works as expected. the problem is that, when you cause a switchover scenario from the primary asr9k-1 (say by shutting down the link to the 4500-2) to the secondary asr9k-2, traffic does not pass from one end of the pw to the other. if we bring up the failed link back up, primary pw works.
all 'show' commands checkout and pw switches over as expected. as a test, i have a 3rd asr9k connected in parallel to the ME3800 and we have no problem with that. when we cause the exact same failure scenario, the primary pw switches over to the secondary and everything works exactly like i would expect. traffic passes in both pri and stby pws when using the parallel asr9k.
as you will be able to see from attached-configs, the pw's from ME3800 and asr9k are a little different. ME3800 pw is port-based and asr9k pw is vlan-based, but since both primary pws work i see no obvious problem with that.
now, i know both ends of the mc-lag work, because the asr9k pw redundancy setup works.
if i build a single pw (no redundancy) from ME3800 to asr9k-1 connecivity works AND if i build a single pw from me3800 to asr9k-2 on same exact vlan, connecivity works also.
hopefully, one of you will take the time to look at configs and let me know if you see something wrong (i think with the ME3800 config). please keep in mind that everything works perfectly when working with asr9k pw redundancy (xr on both ends of pw)
c.
============
ME3800 (pw-redundancy)
3800#show run | section pseudowire
pseudowire-class mpls
encapsulation mpls
status peer topology dual-homed
! tried it without above status command, didn't work either.
3800#show run int g0/24
Building configuration...
Current configuration : 175 bytes
interface GigabitEthernet0/24
no switchport
no ip address
xconnect 207.x.y.9 1100 encapsulation mpls pw-class mpls
backup peer 207.x.y.17 1101 pw-class mpls
end
3800#
3800#show xconnect all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby HS=Hot Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP pri ac Gi0/24:78(Ethernet) UP mpls 207.x.y.9:1100 UP
IA sec ac Gi0/24:78(Ethernet) UP mpls 207.x.y.17:1101 DN
3800_sw_pruebas#
============
ASR-3 (pw-redundancy)
RP/0/RSP1/CPU0:ASR-3#show run l2vpn
Sat Jun 15 09:07:10.183 CST
l2vpn
xconnect group PRUEBAS-XXXX
p2p ESC-MTZ
interface Bundle-Ether1000.28
neighbor 207.x.y.9 pw-id 1128
backup neighbor 207.x.y.17 pw-id 1228
RP/0/RSP1/CPU0:ASR-3#show l2vpn xconnect
Sat Jun 15 09:20:26.183 CST
Legend: ST = State, UP = Up, DN = Down, AD = Admin Down, UR = Unresolved,
SB = Standby, SR = Standby Ready
XConnect Segment 1 Segment 2
Group Name ST Description ST Description ST
PRUEBAS-XXXX
to4500-2 UP BE1000.28 UP 207.x.y.9 1128 UP
Backup
207.x.y.17 1228 DN
RP/0/RSP1/CPU0:ASR-3#
============
asr9k-1 (pw-termination)
RP/0/RSP0/CPU0:asr9k-1#show run l2vpn
Sat Jun 15 09:09:10.555 CST
l2vpn
pw-status
pw-class mpls
encapsulation mpls
redundancy
one-way
xconnect group PRUEBAS-XXXX
p2p toASR-3
interface Bundle-Ether1000.28
neighbor 207.x.y.1 pw-id 1128
p2p toME3800
interface Bundle-Ether1000.26
neighbor 207.x.y.30 pw-id 1100
RP/0/RSP0/CPU0:asr9k-1#show run redundancy
Sat Jun 15 09:09:16.659 CST
redundancy
iccp
group 1000
mlacp node 1
mlacp system mac 000d.000e.000f
mlacp system priority 1
member
neighbor 207.x.y.17
backbone
interface Bundle-Ether1
============
RP/0/RSP0/CPU0:asr9k-2#show run l2vpn
Sat Jun 15 09:13:39.908 CST
l2vpn
pw-status
pw-class mpls
encapsulation mpls
redundancy
one-way
xconnect group PRUEBAS-XXXX
p2p toASR-3
interface Bundle-Ether1000.28
neighbor 207.x.y.1 pw-id 1228
p2p toME3800
interface Bundle-Ether1000.26
neighbor 207.x.y.30 pw-id 1101
RP/0/RSP0/CPU0:asr9k-2#show run redundancy
Sat Jun 15 09:13:43.656 CST
redundancy
iccp
group 1000
mlacp node 2
mlacp system mac 000d.000e.000f
mlacp system priority 1
member
neighbor 207.x.y.9
backbone
interface Bundle-Ether1hard to tell where and why the traffic gets dropped if I were to guess the me might send traff still down the wrong PW
due to mac learning so it might need to get flushed.
I thought however that as part of the pw switchover the mac flush is instantiated.
either case you want to set up a stream of say 1000 pps so it is easy to verify and check the np counters to see where and why these paks are getting dropped and if it is the 9k or the me in that regard.
suspect a pw signaling and mac flushing issue here.
xander -
Xconnect on SVI interface ES Cards on 7606
Is it possible to configure xconnect from an SVI interface, when your core facing cards are RSP-720?
I have configured it:
interface Vlan290
no ip address
xconnect 10.10.136.129 37123712 encapsulation mpls
end
It does not come up:
PE4#sh mpl l2transport vc
Local intf Local circuit Dest address VC ID Status
Vl290 Eth VLAN 290 10.10.136.129 37123712 DOWN
PE4#sh mpl l2transport vc 37123712 det
PE4#sh mpl l2transport vc 37123712 detail
Local interface: Vl290 up, line protocol up, Eth VLAN 290 up
Interworking type is Ethernet
Destination address: 10.10.136.129, VC ID: 37123712, VC status: down
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
Create time: 00:00:49, last status change time: 00:00:03
Signaling protocol: LDP, peer 10.10.136.129:0 up
Targeted Hello: 10.10.136.131(LDP Id) -> 10.10.136.129
Status TLV support (local/remote) : enabled/not supported
Label/status state machine : remote ready, LndRru
Last local dataplane status rcvd: no fault
Last local SSS circuit status rcvd: AC DOWN(rx,tx faults)
Last local SSS circuit status sent: no fault
Last local LDP TLV status sent: no fault (withdrawn)
Last remote LDP TLV status rcvd: not sent
MPLS VC labels: local unassigned, remote 340
Group ID: local unknown, remote 0
MTU: local unknown, remote 1500
Remote interface description: ** Test PW with PE4 ES SVI int **
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 0, send 0
byte totals: receive 0, send 0
packet drops: receive 0, seq error 0, send 0
Although when I use a physical interface it comes up?
RSp720 does not support it??I moved my core facing link to ES card instead of RSP 720 and it works.
PE4#sh mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
Vl290 Eth VLAN 290 10.10.136.129 37123712 UP
but now i am thinking what we can use the RSP-720 gige ports for. -
Still having problems with VPN access
Hello!
I am having problems with my VPN clients getting access to the networks over a MPLS infrastruture. I can reach these resources form my Core network (172.17.1.0/24) and my Wifi (172.17.100.0/24) but not from my VPN network (172.17.200.0/24). From the VPN I can reach the Wifi network (which is behind a router) and the rule that allows that also allows access to the other networks but for some reason it is not working.
When I ping inside the core network from VPN I can connect and get responses. When I ping to the Wifi network, I can get responses and connect to resources there. A tracert to the wifi network shows it hitting the core switch (a 3750 stack) @ 172.17.1.1, then the Wifi router (172.17.1.3) and then the host. A tracert to a resource on the MPLS network from the VPN shows a single entry (the destination host) and then 29 time outs but will not ping that resource nor connect.
I've posted all the info I can think of below. Any help appreciated.
*** Here is a tracert from a core network machine to the resource we need on the MPLS:
C:\Windows\system32>tracert 10.2.0.125
Tracing route to **************** [10.2.0.125]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms 172.17.1.1
2 1 ms <1 ms <1 ms 172.17.1.10
3 5 ms 5 ms 5 ms 192.168.0.13
4 31 ms 30 ms 31 ms 192.168.0.5
5 29 ms 30 ms 29 ms 192.168.0.6
6 29 ms 29 ms 29 ms 192.168.20.4
7 29 ms 29 ms 29 ms RV-TPA-CRMPROD [10.2.0.125]
Trace complete.
172.17.1.10 is the mpls router.
**** Here is the routing table (sh ip route) from the 3750 @ 172.17.1.1
Gateway of last resort is 172.17.1.2 to network 0.0.0.0
S 192.168.30.0/24 [1/0] via 172.17.1.10
172.17.0.0/24 is subnetted, 3 subnets
S 172.17.200.0 [1/0] via 172.17.1.2
C 172.17.1.0 is directly connected, Vlan20
S 172.17.100.0 [1/0] via 172.17.1.3
172.18.0.0/24 is subnetted, 1 subnets
S 172.18.1.0 [1/0] via 172.17.1.10
S 192.168.11.0/24 [1/0] via 172.17.1.10
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
S 10.2.0.0/24 [1/0] via 172.17.1.10
S 10.10.10.0/24 [1/0] via 172.17.1.10
S 10.20.0.0/24 [1/0] via 172.17.1.10
S 10.3.0.128/25 [1/0] via 172.17.1.10
S 192.168.1.0/24 [1/0] via 172.17.1.10
S* 0.0.0.0/0 [1/0] via 172.17.1.2
*** Here is the firewall config (5510):
ASA Version 8.4(1)
hostname RVGW
domain-name ************
enable password b5aqRk/6.KRmypWW encrypted
passwd 1ems91jznlfZHhfU encrypted
names
interface Ethernet0/0
nameif Outside
security-level 10
ip address 5.29.79.10 255.255.255.248
interface Ethernet0/1
nameif Inside
security-level 100
ip address 172.17.1.2 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif management
security-level 100
ip address 172.19.1.1 255.255.255.0
management-only
banner login RedV GW
ftp mode passive
dns server-group DefaultDNS
domain-name RedVector.com
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network WiFi
subnet 172.17.100.0 255.255.255.0
description WiFi
object network inside-net
subnet 172.17.1.0 255.255.255.0
object network NOSPAM
host 172.17.1.60
object network BH2
host 172.17.1.60
object network EX2
host 172.17.1.61
description Internal Exchange / Outbound SMTP
object network Mail2
host 5.29.79.11
description Ext EX2
object network NETWORK_OBJ_172.17.1.240_28
subnet 172.17.1.240 255.255.255.240
object network NETWORK_OBJ_172.17.200.0_24
subnet 172.17.200.0 255.255.255.0
object network VPN-CLIENT
subnet 172.17.200.0 255.255.255.0
object-group service DM_INLINE_TCP_1 tcp
port-object eq www
port-object eq https
object-group network DM_INLINE_NETWORK_1
network-object object BH2
network-object object NOSPAM
object-group network VPN-CLIENT-PAT-SOURCE
description VPN-CLIENT-PAT-SOURCE
network-object object VPN-CLIENT
object-group network LAN-NETWORKS
network-object 10.10.10.0 255.255.255.0
network-object 10.2.0.0 255.255.255.0
network-object 10.3.0.0 255.255.255.0
network-object 172.17.100.0 255.255.255.0
network-object 172.18.1.0 255.255.255.0
network-object 192.168.1.0 255.255.255.0
network-object 192.168.11.0 255.255.255.0
network-object 192.168.30.0 255.255.255.0
object-group network VPN-POOL
network-object 172.17.200.0 255.255.255.0
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object ip
protocol-object icmp
access-list Outside_access_in extended permit tcp any object-group DM_INLINE_NETWORK_1 eq smtp
access-list Outside_access_in extended permit tcp any object BH2 object-group DM_INLINE_TCP_1
access-list global_mpc extended permit ip any any
access-list Inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any any
pager lines 24
logging enable
logging asdm informational
no logging message 106015
no logging message 313001
no logging message 313008
no logging message 106023
no logging message 710003
no logging message 106100
no logging message 302015
no logging message 302014
no logging message 302013
no logging message 302018
no logging message 302017
no logging message 302016
no logging message 302021
no logging message 302020
flow-export destination Inside 172.17.1.52 9996
mtu Outside 1500
mtu Inside 1500
mtu management 1500
ip local pool VPN 172.17.1.240-172.17.1.250 mask 255.255.255.0
ip local pool VPN2 172.17.200.100-172.17.200.200 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (Inside,Outside) source static EX2 Mail2
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_172.17.1.240_28 NETWORK_OBJ_172.17.1.240_28
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_172.17.200.0_24 NETWORK_OBJ_172.17.200.0_24
nat (Inside,Outside) source static inside-net inside-net destination static NETWORK_OBJ_172.17.1.240_28 NETWORK_OBJ_172.17.1.240_28
nat (Inside,Outside) source static LAN-NETWORKS LAN-NETWORKS destination static VPN-POOL VPN-POOL
object network inside-net
nat (Inside,Outside) dynamic interface
object network NOSPAM
nat (Inside,Outside) static 5.29.79.12
nat (Outside,Outside) after-auto source dynamic VPN-CLIENT-PAT-SOURCE interface
access-group Outside_access_in in interface Outside
access-group Inside_access_in in interface Inside
route Outside 0.0.0.0 0.0.0.0 5.29.79.9 1
route Inside 10.2.0.0 255.255.255.0 172.17.1.1 1
route Inside 10.3.0.0 255.255.255.128 172.17.1.1 1
route Inside 10.10.10.0 255.255.255.0 172.17.1.1 1
route Inside 172.17.100.0 255.255.255.0 172.17.1.3 1
route Inside 172.18.1.0 255.255.255.0 172.17.1.1 1
route Inside 192.168.1.0 255.255.255.0 172.17.1.1 1
route Inside 192.168.11.0 255.255.255.0 172.17.1.1 1
route Inside 192.168.30.0 255.255.255.0 172.17.1.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server RedVec protocol ldap
aaa-server RedVec (Inside) host 172.17.1.41
ldap-base-dn DC=adrs1,DC=net
ldap-group-base-dn DC=adrs,DC=net
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *****
ldap-login-dn CN=Hanna\, Roger,OU=Humans,OU=WPLAdministrator,DC=adrs1,DC=net
server-type microsoft
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
http 172.17.1.0 255.255.255.0 Inside
http 24.32.208.223 255.255.255.255 Outside
snmp-server host Inside 172.17.1.52 community *****
snmp-server location Server Room 3010
snmp-server contact Roger Hanna
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map Outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map Outside_map interface Outside
crypto ikev1 enable Outside
crypto ikev1 policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
telnet 172.17.1.0 255.255.255.0 Inside
telnet timeout 5
ssh 172.17.1.0 255.255.255.0 Inside
ssh timeout 5
console timeout 0
dhcpd address 172.17.1.100-172.17.1.200 Inside
dhcpd dns 172.17.1.41 172.17.1.42 interface Inside
dhcpd lease 100000 interface Inside
dhcpd domain adrs1.net interface Inside
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
webvpn
group-policy RedV internal
group-policy RedV attributes
wins-server value 172.17.1.41
dns-server value 172.17.1.41 172.17.1.42
vpn-tunnel-protocol ikev1
default-domain value ADRS1.NET
group-policy RedV_1 internal
group-policy RedV_1 attributes
wins-server value 172.17.1.41
dns-server value 172.17.1.41 172.17.1.42
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
default-domain value adrs1.net
username rparker password FnbvAdOZxk4r40E5 encrypted privilege 15
username rparker attributes
vpn-group-policy RedV
username mhale password 2reWKpsLC5em3o1P encrypted privilege 0
username mhale attributes
vpn-group-policy RedV
username dcoletto password g53yRiEqpcYkSyYS encrypted privilege 0
username dcoletto attributes
vpn-group-policy RedV
username rhanna password Pd3E3vqnGmV84Ds2 encrypted privilege 15
username rhanna attributes
vpn-group-policy RedV
tunnel-group RedV type remote-access
tunnel-group RedV general-attributes
address-pool VPN2
authentication-server-group RedVec
default-group-policy RedV
tunnel-group RedV ipsec-attributes
ikev1 pre-shared-key *****
class-map global-class
match access-list global_mpc
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
class global-class
flow-export event-type all destination 172.17.1.52
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
hpm topN enable
Cryptochecksum:202ad58ba009fb24cbd119ed6d7237a9Hi Roger,
I bet you already checked it, but does the MPLS end router has route to VPN client subnet 172.17.200.x (or default) pointing to core rtr)?
Also, if the MPLS link has any /30 subnet assigned, you may need to include that as well in Object group LAN-NETWORKS.
Thx
MS -
PTP (Precision Time Protocol) configuration
Hi,
Is there anyone has configured PTP on IE-3000 switches? I have some problems with the configuration and operation. Below is the summary of what I've done and the porblems.
There are two IE-3000 switches with ip services 15.0 (2) SE4 IOS. One has configured in the boundary mode to become master clock and the other one has left in the e2etransparent mode. There are two inter-connection links (via Cat6 ethernet cable) on Gi1/1 and Gi1/2 interfaces on both switches. All inter-connect ports are up and running. Both switches have same IOS, same hardware almost identical except IP configuration etc. Main problem is SW2 is not able to sync with SW1 as master clock (this is my understanding), and also it seems PTP on SW1 has wrong reading of local clock time. But in fact I have NTP server in the network and NTP is syncd. I've included some of the configuration and output here, if someone has experience in configuring and running PTP I would be thankful to give me some help here.
Regards,
Tohid
Configuration on SW1:
ptp mode boundary
ptp priority1 10
ptp priority2 128
ptp time-property persist 300
SW1#show ptp clock
PTP CLOCK INFO
PTP Device Type: Boundary clock
Clock Identity: 0x8:CC:68:FF:FE:7F:73:80
Clock Domain: 0
Number of PTP ports: 10
Priority1: 10
Priority2: 128
Clock Quality:
Class: 248
Accuracy: Unknown
Offset (log variance): N/A
Offset From Master: 0
Mean Path Delay: 0
Steps Removed: 0
Local clock time: 00:30:30 UTC Mar 1 1993
SW1#sh clock
16:18:10.856 UTC Thu Feb 27 2014
SW1#sh ntp status
Clock is synchronized, stratum 3, reference is 10.1.1.1
nominal freq is 119.2092 Hz, actual freq is 119.2091 Hz, precision is 2**17
reference time is D6B9E25E.3EAA5D0E (16:12:14.244 UTC Thu Feb 27 2014)
clock offset is 45.5794 msec, root delay is 1.42 msec
root dispersion is 57.46 msec, peer dispersion is 5.25 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000985 s/s
system poll interval is 64, last update was 423 sec ago.
SW2#sh ptp clock
PTP CLOCK INFO
PTP Device Type: End to End transparent clock
Clock Identity: 0x3C:E:23:FF:FE:44:92:80
Clock Domain: 0
Number of PTP ports: 10
Delay Mechanism: End to End
Local clock time: 01:08:13 UTC Mar 4 1993
SW2#sh ptp port gi 1/1
PTP PORT DATASET: GigabitEthernet1/1
Port identity: clock identity: 0x3C:E:23:FF:FE:44:92:80
Port identity: port number: 9
PTP version: 2
Port state FAULTY: FALSE
SW1#sh ptp port gi 1/1
PTP PORT DATASET: GigabitEthernet1/1
Port identity: clock identity: 0x8:CC:68:FF:FE:7F:73:80
Port identity: port number: 9
PTP version: 2
Port state: MASTER
Delay request interval(log mean): 5
Announce receipt time out: 3
Peer mean path delay: 0
Announce interval(log mean): 1
Sync interval(log mean): 0
Delay Mechanism: End to End
Peer delay request interval(log mean): 0
Sync fault limit: 5000000004271-NET-001#sh ptp port gi 1/1
PTP PORT DATASET: GigabitEthernet1/1
Port identity: clock identity: 0x8:CC:68:FF:FE:7F:73:80
Port identity: port number: 9
PTP version: 2
Port state: MASTER
Delay request interval(log mean): 5
Announce receipt time out: 3
Peer mean path delay: 0
Announce interval(log mean): 1
Sync interval(log mean): 0
Delay Mechanism: End to End
Peer delay request interval(log mean): 0
Sync fault limit: 500000000So if I have a L2 network consisting of severall access switches connected via trunks to a distribution, with PTP clients in differing VLAN's, as long as each VLAN has a connection to the PTP source then the client will receive the PTP timestamp allthough subject to switching delays?
-
CAPWAP APs drop off the 7500 controller
I have a multiple 7500 flex controller deployed with over 2000 APs each on them and I notice that APs occasionally drop off. When I find these APs I am able to telnet to them and I have found a fix for getting them back on the controller, but I want to know why this happens and if there is a way to avoid the problem.
Observed:
The APs have telnet enabled so I can get to the CLI. Once in I do a dir command and see that there is little to no memory available (512 bytes to 0 bytes) in the flash memory. I see that there are 5 large log files, file names are in the commands below. When I do a show logging command I see the following over and over again
*Oct 3 20:31:44.102: %CAPWAP-3-ERRORLOG: Certificate verification failed!
*Oct 3 20:31:44.102: DTLS_CLIENT_ERROR: ../capwap/base_capwap/capwap/base_capwap_wtp_dtls.c:447 Certificate verified failed!
*Oct 3 20:31:44.102: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to 10.128.5.5:5246
*Oct 3 20:31:44.102: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.128.5.5:5246
*Oct 3 20:31:44.103: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination.
*Oct 3 20:32:48.999: %CAPWAP-3-ERRORLOG: Selected MWAR 'tc-cl-wlc01'(index 0).
*Oct 3 20:32:48.999: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Oct 3 20:31:44.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.128.5.5 peer_port: 5246
*Oct 3 20:31:44.125: CRYPTO_PKI: New CRL Not Valid - expired (router time not synched to CA?)
*Oct 3 20:31:44.125: CRL expires: 05:29:39 UTC Mar 3 2012
*Oct 3 20:31:44.125: Router time: 20:31:44 UTC Oct 3 2013
*Oct 3 20:31:44.125: %PKI-4-CRLINSERTFAIL: Trustpoint "Trustpool2" unknown (error 1804:E_VALIDITY : validity period start later than end)Peer certificate verification failed 0059
To resolve:
The working theory is that the flash gets filled up with log files and is unable to download the certificate from the controller during the join process. I delete the logs with the commands below and then do a wr mem and a copy run start and then reload. This will fix the problem every time.
delete /force flash:ap_log_r0_0.log
delete /force flash:ap_log_r1_0.log
delete /force flash:ap_log_r0_1.log
delete /force flash:ap_log_r0_2.log
delete /force flash:ap_log_r1_1.log
delete /force flash:ap_log_r1_2.log
Other info
- currently running an engineering code of 7.3.113.12 on one 7500 and 7.4.110 on another, both seem to be having this issue. I do not have this issue on a 5508 running 7.5 code. Currently getting 7.4 vetted for deployment.
Good luck with this oneI have seen this issue, but only with older model access points and it doesn't have to be flexconnect and it doesn't matter what WLC code version your running. Problamatic access points, I always check the flash to verify if there are logs or not, and do delete them in order to get the AP back up. Again, I have only seen this with older non-802.11n access points.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
L2VPN between ASR9000 and ME3800x
Hi,
I'm trying to set up a L2VPN(Vlan Mode) between a trunk port on an ASR9000, and an ME3800x.
The ASR is set up with an EFP:
interface GigabitEthernet0/0/0/19.912 l2transport
encapsulation dot1q 912
rewrite ingress tag pop 1 symmetric
mtu 1618
l2vpn
pw-class VlanMode
encapsulation mpls
transport-mode vlan
xconnect group orkide
p2p OrkideSurnadal
interface GigabitEthernet0/0/0/19.912
neighbor xxx.xxx.xxx.75 pw-id 912
pw-class VlanMode
On the other side I have terminated the xconnect on an ME3800x:
interface Vlan912
mtu 1600
no ip address
xconnect xxx.xxx.xxx.82 912 encapsulation mpls
end
The VC is UP:
Local intf Local circuit Dest address VC ID Status
Vl912 Eth VLAN 912 xxx.xxx.xxx.82 912 UP
Is this the correct way to to do this?
I can't get this to work like it should. If I should do this with switches, I would just configure a vlan from end-to-end.
Thanks in advance,
Jan Ove GregerHi,
I'm sorry for the confusion, but there is an MPLS network between them.
I tried using VC5/Ethernet mode, and the xconnect is UP again:
Group orkide, XC OrkideSurnadal, state is up; Interworking none
AC: GigabitEthernet0/0/0/19.912, state is up
Type VLAN; Num Ranges: 1
VLAN ranges: [912, 912]
MTU 1600; XC ID 0x40011; interworking none
Statistics:
packets: received 134, sent 12
bytes: received 9112, sent 816
drops: illegal VLAN 0, illegal length 0
PW: neighbor 85.93.224.75, PW ID 912, state is up ( established )
PW class not set, XC ID 0x40011
Encapsulation MPLS, protocol LDP
PW type Ethernet, control word disabled, interworking none
PW backup disable delay 0 sec
Sequencing not set
MPLS Local Remote
Label 16003 20
Group ID 0x5c0 0x0
Interface GigabitEthernet0/0/0/19.912 unknown
MTU 1600 1600
Control word disabled disabled
PW type Ethernet Ethernet
VCCV CV type 0x2 0x2
(LSP ping verification) (LSP ping verification)
VCCV CC type 0x6 0x2
(router alert label) (router alert label)
(TTL expiry)
MIB cpwVcIndex: 0
Create time: 30/01/2012 19:52:07 (00:04:34 ago)
Last time status changed: 30/01/2012 19:52:07 (00:04:34 ago)
Statistics:
packets: received 12, sent 134
bytes: received 816, sent 9112
But still no connection or mac-adresses on vlan 912 on the trunk of the ME3800x.
For testing we have setup a network 10.33.33.1/24 on vlan 912 of the AC on the ASR. On the trunk port of the ME3800x we have a 3560 where we also have configured 10.33.33.10/24 on vlan 912.
So they should be able to see each other, but they don't...
Regards,
JoG -
Frame structure after bgp send-label
refer to the artical of the link:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080110be9.html
I need some infomation about the data plane. when a packet go frome one side to the other,how did the frame format changed.Mohammed,
To cut the confusion short here....the orginal post was about the data plane so the explanation should not give rise to any confusion...infact fits the bill well.
Infact giving reference to standard Inter-AS configuration or RFC would be termed inappropriate in this specific scenario.
The logic behind giving an explanation was to elaborate on data flow where as standards only describe the control plane of the flow. The explanation would answer the question would be frame format change, No it doesnt.. Inter-AS is only means of advertising IGP and VPN labels across AS's, as MPLS end of the day is bothered only about labels to switch data.
Hope I have been clear.
Xiao,
The book by Ivan is a good resource. Since you would like to know when LDP is replaced by BGP, and what is the data plane for the same. I would suggest rather than going by the standard CCO documents or RFC, you may want to try a small lab excercise below. This will help you understand the concept inside out.
1) Form IGP adjacency between your ASBR's and enable LDP and everything will work fine.
2) Or mutual Redistribution of IGP into local BGP and advertise to other AS and do vice versa, and run LDP on the link between both ASBR's. This will work still.
Here the point you will note is, in real world the ISP wont allow each other to run IGP with each other (unless both the AS's are controlled by the single entity) or neither perform a IGP<->BGP mutual redistrbution.
So exchanging the topmost labels with IPV4 BGP which supports exchange of routes with labels to be used to reach those routes is implemented.
PS: Do note that labels are not generated by LDP for BGP routes, that is the main reason this whole jugglery is done.
HTH-Cheers,
Swaroop -
I'm having trouble connecting via VPN to my Mac Mini running OSX Lion Server
I have a host name setup with dyndns
I can ping both the domain name and external IP address fine from another machine, but trying to connect using ANYTHING except the internal IP address gives no result whatsoever
Suggestions?Hi Roger,
I bet you already checked it, but does the MPLS end router has route to VPN client subnet 172.17.200.x (or default) pointing to core rtr)?
Also, if the MPLS link has any /30 subnet assigned, you may need to include that as well in Object group LAN-NETWORKS.
Thx
MS -
MST BPDU via EoMPLS Pseudowire Connections
Hi All,
I've been trying to change the STP mode of my MPLS aggrigation switches to MST due to many reasons but without success. (Currently all switches are working on PVST+.)
Below given my sample network topology, configurations on both switches and pseudowire configurations and error message.
ME3750(SW1) --- 7609 (EoMPLS pseudowire - VLAN 2500) 12406 -- ME3750(SW2)
Configurations
==========
ME3750(SW1)
=============
spanning-tree mode mst
spanning-tree extend system-id
spanning-tree mst configuration
name MPLS
revision 10
instance 10 vlan 2-99
instance 20 vlan 100-1999
instance 30 vlan 2000-4094
spanning-tree mst 0,10,20,30 priority 24576
vlan 3,100,850,2500,3030
7609-PE
=======
interface GigabitEthernet0/1.2500
description *** MST_TEST ***
encapsulation dot1Q 2500
xconnect 10.2.0.5 2500 encapsulation mpls
end
ME3750(SW2)
===========
spanning-tree mode mst
spanning-tree extend system-id
spanning-tree mst configuration
name MPLS
revision 10
instance 10 vlan 2-99
instance 20 vlan 100-1999
instance 30 vlan 2000-4094
12406-PE
=======
interface GigabitEthernet2/1/0.2500
description *** MST_TEST ***
encapsulation dot1Q 2500
xconnect 10.1.0.8 2500 encapsulation mpls
end
There is a VLAN bsed EoMPLS configuration on VLAN 2500 on MPLS edges.
When the MST configuration done; the uplink trunk port of the ME3750(SW1) blocked with following erroe.
*Mar 1 02:45:11.920: %SPANTREE-2-PVSTSIM_FAIL: Blocking designated port Gi0/1: Inconsitent superior PVST BPDU received on VLAN 2500, claiming root 24576:001a.a2b5.7d00
While I googled, i found one post saying to change the priority of the MST regions to higher, hence forcing one switch to become ROOT. Accordingly I changed the priority of ME3750(SW1) but still problem remains.
Can anyone of you experts help me out to get this sorted?
Note: I've not enabled native VLAN on both switches towards MPLE PEs and also hasn't enable any L2 protocols via speudowire connection.
Thank you all,
ChamindaHi Laurant,
Thanks for your reply.
Actually my requirement is to have local MST reigions per MPLS PE. That is why I psecificaly block native VLAN passing through the PW and did not enable any L2 protocols via PW.( believe this is a good practice.. ;-) )
BTW I'll clear STP protocol as you suggested and see the results.
Also I can not configure port mode PW, since all my L2 & L3 customers interface with MPLS PE via this Gig interface.
My understanding on MST BPDUs are passing through native VLAN. Hence in my scenarion, if i'm not passing native VLAN throught the PW, what could be the reason for blocking the entire port due to the "inconsistance superior BPDU receive via VLAN 2500"?
Do I need to block STP on 7609 box itself? (read on one blog asking to disable STP on SUP720 on 7609)
Pl clarify.
Thank You,
Chaminda -
In the diagram i have 2 sites. In site 1 i have 2 PE devices with Vlan 3,33 in VTP database and couple of servers in both vlans. Need to extend both vlans broadcast domain to site 2 access layer switches. MPLS/LDP enable on PE's. I am assuming that without another access layer attached to PE3/PE4 with a tunk interface i cannot enable psedowire on PE3/PE3! since i need an (L3 - without an ip address) interface to enable xconnect on. Will vlan-base psedowire work? but will need a SIP card on the PE's since they are 6509!!
Any comment? Let me know you need more clarification..
Francisco.Hi Francisco,
You're right. You need a SIP card for your uplinks if you want to apply the xconnect to an SVI interface.
You could try creating a trunk for VLAN 3 and 33 between PE3 and PE4. Assuming all the servers are connected to PE3 (there are 2x PE3 on your drawing ;-) ), you could apply the xconnect on PE4 trunk interface only to PE1 as primary and PE2 as secondary:
xconnect 192.168.124.1 10 encapsulation mpls
backup peer 192.168.124.2 20
HTH
Laurent. -
Can't get L2L VPN up between ASA and Fortinet (IKEv2)
Hi,
I'm having issues getting a L2L tunnel up between a Cisco ASA and a Fortinet. This is the first tunnel being setup with IKEv2. The ASA is complaining that it can't find a matching policy.
The Fortinet device is configured by other party and I have confirmed that they are using the agreed settings.
Configuration from the ASA:
crypto ipsec ikev2 ipsec-proposal AES-3DES-SHA1
protocol esp encryption 3des
protocol esp integrity sha-1
crypto map VPN 100 match address ABC
crypto map VPN 100 set pfs group5
crypto map VPN 100 set peer x.x.x.x
crypto map VPN 100 set ikev2 ipsec-proposal AES-3DES-SHA1
crypto map VPN 100 set security-association lifetime seconds 28800
crypto map VPN interface outside
crypto ikev2 policy 10
encryption aes-256 3des
integrity sha256 sha
group 5
prf sha256
lifetime seconds 86400
crypto ikev2 enable outside
tunnel-group x.x.x.x type ipsec-l2l
tunnel-group x.x.x.x ipsec-attributes
ikev2 remote-authentication pre-shared-key blablabla
ikev2 local-authentication pre-shared-key blablabla
Debugs say that there is no matching policy:
IKEv2-PROTO-3: (97): Get peer authentication method
IKEv2-PROTO-3: (97): Get peer's preshared key for x.x.x.x
IKEv2-PROTO-3: (97): Verify authentication data
IKEv2-PROTO-3: (97): Use preshared key for id x.x.x.x, key len 15
IKEv2-PROTO-2: (97): Processing auth message
IKEv2-PROTO-1: (97): Failed to find a matching policy
IKEv2-PROTO-1: (97): Received Policies:
ESP: Proposal 1: 3DES SHA96
IKEv2-PROTO-1: (97): Failed to find a matching policy
IKEv2-PROTO-1: (97): Expected Policies:
IKEv2-PROTO-5: (97): Failed to verify the proposed policies
IKEv2-PROTO-1: (97): Failed to find a matching policyDear Robert,
The above error from ASA indicates there may be a problem with your preshared key..Both Local and remotre sites...or an Out of Synce problem to the remote end/peer. Give more details about ur Watchguard version with what application it is running..Send the complete log of
1. sh crypto ipsec sa
2. sh crypto isakmp sa
3. debug crypto isa 255
4. debug crypto ipsec 255
Maybe you are looking for
-
Remote update service on sony ericsson G502 does not work
I have a Sony Ericsson G502. The phone has a problem which causes it to restart when I am on a call. Sometimes it just restarts on its own. I searched on the net and found that other people have also seen the same issue and I believe a software u
-
Cisco 9971 Not Registering on CUCM 8.6
Hey, Ive run into some trouble with a 9971 phone running on CUCM 8.6. The phone has been registered with the server before with its settings locked down so the access to the settings menu via the phone has been disabled. Around a few weeks later the
-
Hello everybody, After my upgrade to OS 10.3.1 in my Q10 smartphone I have a problem with my BB ID. I can acces to my BB ID perfectly from my PC but I can´t acces or use it in BB World in my Q10 and now even in my Playbook. What can I do? Thanks.
-
Your Session has Expired - iPhone SDK 3.1.2
I am new in development. I had my activation done. I try to download from my Mac - Safari and Firefox and I have this error. Your session has expired. Please return to the ADC Member Site and attempt to download the file again. If you feel you receiv
-
Good day people. I have been very happy with Solaris zone technology until tonight. I have a fairly critical system with 3 zones + 1 dev zone configured on it. (64bit) I am trying to install patch 119043-09 to be able to install the latest KU update