Nexus 7010 Management interface (Mgmt 0) connectivity issue via OOB switch
Hi Team,
We have setup as follows:
[Nexus1]-----[Nexus2]
| |
[===SW-OOB===] --------------[5k] --[5k]
(172.16.1.254 - IP address on OOB switch L3 VLAN)
Nexus 1 has three VDC :
1. Default VDC, 2. Network VDC, 3. Common Srvices VDC
Similarly it is for Nexus 2 as well.
While we create VDC, by default Mgmt0 interface get added along with the vrf management.
in Default VDC and Network VDC, we have configured default gateway on VRF Management as 172.16.1.254 and ip address as 172.16.1.1 and 172.16.1.2 in each vdc on interface mgmt0. It is working fine.
But when i configure in Common Services VDC 172.16.1.3 on mgmt0 and default gateway as 172.16.1.254, i am unable to reach to OOB switch.
Is there any limitation on the nexus switch or some thing i am missing to configure. since there should not be a cable issue as these mgmt0 interface are logical in the VDC.
The same issue i am facing on both the nexus.
Also attached the show version of nexus for ref.
Please help in this case and as i find this is the abnormal behaviour.
I am facing issue only with these two nexus rest is working fine in accross campus.
Regards
Amit Marathe
Hi,
where your gateway resides?
can you try to connect with a PC on management VLAN and try to ping both WLC management and the gateway of the subnet?
I am suspecting the traffic is blocked somewhere. We need to isolate.
The WiSM look up and fine from the 6509 box. Service VLAN look find as well as the management.
Have you made any troubleshooting since posting this discussion?
Similar Messages
-
Syclo Work Manager 6.1 + SAP Connection Issue
Hello,
I have been trying to setup Syclo Work Manger 6.1 and testing the connection between Work Manager and SAP ERP System.
I have updated the connectTest.bat with the ERP login details uder test_user, I get an "caught exception null" and the test is not successful.
I get the following error:
I have my SMP3 and WM installed in the following path:
Any suggestions to get this tested successfully.
Regards,
NageshYour error states that something is null.
You may go inside the SAPCommon-133461.jar library under your Java folder -> com.syclo.sap.connectTest.class and decompile it using your favorite Java decompiler.
~~~~~from the code~~~~~~~
you will see something like:
_connection.openCustomConnection(clientNum, _userName, _password, "EN", host, sysNum, 1);
~~~~~end~~~~~~~~~~~~~~~
From the list above, it takes the data from your javaBE.ini for username, password, host and sysNum and hardcoding the "English - EN". Most likely the host might be the one at fault from your picture above. It does not know what your host name is under your JavaBE.ini. It is blank hence it does not know where to connect. May want to try making things Unencoded but you need to study the Java code by de-compiling it so you may know the rules.
Make sure you are also running the connectTest under the Configuration folder of your SMP 3.0. From your picture above: C:\SAP\WM610\..\configuration\com.sap.mobile.platform.server..\javaBE.ini <-- wondering if this is under your SMP 3.0 install configuration folder.
Hope this helps.
Regards,
Mark Pe
SAP Senior Support Engineer -
Service Manager Data Ware House Connection Issue
We have 3 virtual server for SCSM. The scenario of SCSM server are in below.
SCSM management server, Console and Management Server SQL database.
SCSM data Ware House Server, reporting server and data ware house & repporting SQl database.
SharePoint server, SCSM web server and SharePoint server SQL database.
Only SharePoint SQL server running on SQL Server 2008 and the other SQL server's are running on SQL 2012. Previously data warehouse connectivity was fine. But recently data warehouse connection is not working. When I try to unregister the data source connection
in showing error. I try to check the data source by powershell Get-SCDWSource, but it not showing any source. How can we unregister and re-register datasource also with dataware house connection.
Mithun Dey Web: http://cloudmithun.wordpress.com If this may give your necessary resolution please mark it as Answre.I've 2-3 error.
IN SCSM Management Server
Event ID: 34152
The description for Event ID 34152 from source Data Connectors cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
Domain Connector
Error resolving user with domain PRIMEBANK and name as040121. Exception: System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): The user name or password is incorrect.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.PropertyValueCollection.PopulateList()
at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)
at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)
at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer()
at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit()
at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize()
at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx()
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate)
at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue)
at Microsoft.EnterpriseManagement.ServiceManager.Sdk.Connectors.Lfx.Workflows.ADGroupExpander.MarkDeletions()
In DATAWAREHOUSE
Event ID: 33519
The description for Event ID 33519 from source Data Warehouse cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
bd773a44-6c16-1ad9-fe59-344395587b6d
ServiceManager.ServiceCatalog.Cubes.Library
7.5.2905.0
SM Management Group
Either the MP has failed deployment Or any of its references has failed deployment
Mithun Dey Web: http://cloudmithun.wordpress.com If this may give your necessary resolution please mark it as Answre. -
BTFORN/OPENZONE Connection issue via laptop (ok on...
Hi all, I know there are a few issues about connetcign to the hotspots - But I am able to conenct via the wireless on my iphone via a hotspot, but on my laptop I get the yellow circle with explantaion mark when trying to connect via my laptop (I am away from home for a few weeks) any suggestions, its says I'm connected to the hotspot but not the internet.
Thanks allAlso look at this:
https://supportforums.cisco.com/docs/DOC-17314
Issues with IPSEC-VPN client and Verizon VZ4G LTE network
VERSION 2
Introduction
Core Issue
Resolution
Introduction
This document explains why IPSEC VPN clients don't work on Verizon 4g network.
Core Issue
The Cisco IPSEC VPN client is able to connect to VPN gateways without any issues over the Verizon 4g network. However once connected, the client is not able to pass any traffic at all. The counters on the client indicate that the client is encrypting data however, there are no increments to the decrypt counters. This issue is seen on the entire gamut of windows OSs. One of the deal breakers with the new Verizon 4g network is that the new LG VL600 and Pantech UML290 run a privately routed IP (10.) address that ONLY allows outbound traffic - no inbound traffic can be passed through. This means that if you have a need for remote access to a device, Verizon's new 3G/4G-capable devices will not allow you to access them like you could with a 3G-only modem.
Resolution
Based on suggestions made by Verizons it seems as though the following things need to be attempted:
1. enable Nat-T. For more information regarding nat-traversal please refer to the following documents:
a. IPSEC over NAT-T on IOS devices
b. IPSEC over NAT-T on ASA
2. enable IPSEC-over-TCP. For more information regarding enabling IPSEC over TCP please refer to the following documents:
a. IPSEC over TCP on IOS devices
b. Enabling IPSEC over TCP on ASA
3. Use Anyconnect rather than IPSEC
4. The other option is to go with the Sprint 4g network instead which apparently does support remote access to applications. -
IPad connection issues via USB to xbox360
Hello, I have an iPad 1st gen and am connecting it to my xbox360 via USB, But it won't connect. Where the little battery icon is ,in the top right corner, it just says "Not charging" For some weird reason I can't get my xbox360 to see my iPad. Yes I have tryed all the USB ports. Any ideas?
That's not really a valid analogy. After all, many devices will recognize an iPad/iPod/iPhone and play music from it, and the xbox 360 will recognize and play music/media from a Zune, so it's not a crazy thought to try and hook in an iPad. Unfortunately, I think MS wan't the 360 to only work well with the Zune (just like Apple only wants iTunes to work well with their products).
-
Cisco IPS ASA SSM-10 Connectivity Issues
I am having trouble with connectivity and the IPS Module. The IPS management interface is plugged into a dell powerconnect switch using a straight cable and it shows a link. However I cannot ping the ip address i have assigned the management interface. Its almost like the interface is shutdown. Could this be the case? Can the management interfacee shutdown? If so how do I bring it up? If not what would be some troubleshooting techniques with the IPS Module?
First of all issue the command:
"show module 1 details"
To check if your module is in UP state.
If it is not UP, have a look at:
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00808908d5.shtml
Also check if the port is UP/UP on the switch.
Please also note that in order for the IPS IP to be pingable. the SOURCE pinging should be Permitted in the access-list of the IPS (which can be done using the 'setup' command or under service host). A better approach would be to ping the machine from the IPS itself, as this is not dependent on the Access List on the IPS.
Regards
Farrukh -
Connect Nexus 5548UP-L3 to Catalyst 3750G-24T-E Layer 3 Switch
Please help!
Could anyone out there please assist me with basic configuration between Nexus Switch and Catalyst Switch, so that devices connected on the catalyst switch can talk to devices connected on nexus switch and vice-versa? In my current setup all servers on VLAN 40 are connected on the Catalyst Switch A as shown in the diagram below, and all desktops and all other peripherals are connected on the Catalyst Switch B. I am required to implement/add a new Nexus Switch 5548 that in the future will replace the Switch A. From now I just need to connect both switches together and start moving the server from Switch A to the Nexus Switch.
The current network setup is shown as per diagram below:
SWITCH A – this is a layer 3 switch. All servers are connected to this switch on the VLAN 40.
SWITCH B – all desktops, VoIP telephones, and printers are connected on tis switch. This switch is also a layer 3 switch.
I have connected together the Nexus 5548UP and SWITCH A (3750G) using the GLC-T= 1000BASE-T SFP transceiver module for Category 5 copper wire. The new network is shown as per diagram below:
Below is the configuration I have created in both Switches:
SWITCH A - 3750G
interface Vlan40
description ** Server VLAN **
ip address 10.144.40.2 255.255.255.128
ip helper-address 10.144.40.39
ip helper-address 10.144.40.40
interface Vlan122
description connection to N5K-C5548UP Switch mgmt0
ip address 172.16.0.1 255.255.255.128
no ip redirects
interface Port-channel1
description UpLink to N5K-C5548UP Switch e1/1-2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,30,40,100,101,122
switchport mode trunk
interface GigabitEthernet1/0/3
description **Connected to server A**
switchport access vlan 40
no mdix auto
spanning-tree portfast
interface GigabitEthernet1/0/20
description connection to N5K-C5548UP Switch mgmt0
switchport access vlan 122
switchport mode access
spanning-tree portfast
interface GigabitEthernet1/0/23
description UpLink to N5K-C5548UP Switch e1/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,30,40,100,101,122
switchport mode trunk
channel-group 1 mode active
interface GigabitEthernet1/0/24
description UpLink to N5K-C5548UP Switch e1/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,30,40,100,101,122
switchport mode trunk
channel-group 1 mode active
N5K-C5548UP Switch
feature interface-vlan
feature lacp
feature dhcp
feature lldp
vrf context management
ip route 0.0.0.0/0 172.16.0.1
vlan 1
vlan 100
service dhcp
ip dhcp relay
interface Vlan1
no shutdown
interface Vlan40
description ** Server VLAN **
no shutdown
ip address 10.144.40.3/25
ip dhcp relay address 10.144.40.39
ip dhcp relay address 10.144.40.40
interface port-channel1
description ** Trunk Link to Switch A g1/0/23-24 **
switchport mode trunk
switchport trunk allowed vlan 1,30,40,100-101,122
speed 1000
interface Ethernet1/1
description ** Trunk Link to Switch A g1/0/23**
switchport mode trunk
switchport trunk allowed vlan 1,30,40,100-101,12
speed 1000
channel-group 1 mode active
interface Ethernet1/2
description ** Trunk Link to Switch A g1/0/24**
switchport mode trunk
switchport trunk allowed vlan 1,30,40,100-101,122
speed 1000
channel-group 1 mode active
interface Ethernet1/3
description **Connected to server B**
switchport access vlan 40
speed 1000
interface mgmt0
description connection to Switch A g2/0/20
no ip redirects
ip address 172.16.0.2/25
I get a successful response from Server A when I ping the N5K-C5548UP Switch (VLAN 40 interface (10.144.40.3) .But if I try to ping from Server A to Server B or vice-versa the ping fails. From N5K-C5548UP I can ping successful either Server A or Server B. What am I doing wrong here? Is there any additional configuration that I need to add on the Nexus Switch? Please Help. Thank you.no, no secret aukhadiev
I made a mistake without realising and the interface e1/3 was showing "Interface Ethernet1/3 is down (Inactive)". After spending sometime trying to figure out what was wrong with that interface or switch, it turned out to be that i forgot to add the vlan 40. Now the config looks like this:
N5K-C5548UP Switch
feature interface-vlan
feature lacp
feature dhcp
feature lldp
vrf context management
ip route 0.0.0.0/0 172.16.0.1
vlan 1
vlan 40
vlan 100
service dhcp
ip dhcp relay
interface Vlan1
no shutdown
interface Vlan40
description ** Server VLAN **
no shutdown
ip address 10.144.40.3/25
ip dhcp relay address 10.144.40.39
ip dhcp relay address 10.144.40.40
interface port-channel1
description ** Trunk Link to Switch A g1/0/23-24 **
switchport mode trunk
switchport trunk allowed vlan 1,30,40,100-101,122
speed 1000
interface Ethernet1/1
description ** Trunk Link to Switch A g1/0/23**
switchport mode trunk
switchport trunk allowed vlan 1,30,40,100-101,12
speed 1000
channel-group 1 mode active
interface Ethernet1/2
description ** Trunk Link to Switch A g1/0/24**
switchport mode trunk
switchport trunk allowed vlan 1,30,40,100-101,122
speed 1000
channel-group 1 mode active
interface Ethernet1/3
description **Connected to server B**
switchport access vlan 40
speed 1000
interface mgmt0
description connection to Switch A g2/0/20
no ip redirects
ip address 172.16.0.2/25
Thank you,
JN -
Is it possible to access the http web interface over the fa1 management interface?
Hello All,
I am remotely connected into a Cat 4500 + Supervisor V module via console cable and point to point connection from laptop to fa1 management interface on SupV. SupV module is running IOS 15.0(2)SG8.
I am not able to physically change the patch cable from fa1 management interface to gi2/3 or any other switch port for a couple days and would like to see if it is possible to access the http server through this fa1 port since I am working remotely. I can ping the laptop from fa1 and tftp ok but cannot access the http/https server. Is this even possible without connecting the laptop into a regular switch port like gi 2/3 gi 2/4 etc..? The reason I ask is I would like to use Cisco Networking Assistant gui for some things but need access to https server first over the fa1 link.
Any suggestions would be much appreciated.
Thanks!
-SHere is the ACL list. I have not made any entries into this list and all of these are default at this time. Do I need to make an explicit allow ACL for http?
Thanks!
-S
#show access-list
Extended IP access list system-cpp-all-routers-on-subnet
10 permit ip any host 224.0.0.2
Extended IP access list system-cpp-all-systems-on-subnet
10 permit ip any host 224.0.0.1
Extended IP access list system-cpp-dhcp-cs
10 permit udp any eq bootpc any eq bootps
Extended IP access list system-cpp-dhcp-sc
10 permit udp any eq bootps any eq bootpc
Extended IP access list system-cpp-dhcp-ss
10 permit udp any eq bootps any eq bootps
Extended IP access list system-cpp-energywise-disc
10 permit udp any eq any eq 0
Extended IP access list system-cpp-hsrpv2
10 permit udp any host 224.0.0.102
Extended IP access list system-cpp-igmp
10 permit igmp any 224.0.0.0 31.255.255.255
Extended IP access list system-cpp-ip-mcast-linklocal
10 permit ip any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ospf
10 permit ospf any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-pim
10 permit pim any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ripv2
10 permit ip any host 224.0.0.9
Extended MAC access list system-cpp-bpdu-range
permit any 0180.c200.0000 0000.0000.000c
Extended MAC access list system-cpp-cdp
permit any host 0100.0ccc.cccc
Extended MAC access list system-cpp-cgmp
permit any host 0100.0cdd.dddd
Extended MAC access list system-cpp-dot1x
permit any host 0180.c200.0003
Extended MAC access list system-cpp-lldp
permit any host 0180.c200.000e
Extended MAC access list system-cpp-mcast-cfm
permit any 0180.c200.0030 0000.0000.000f
Extended MAC access list system-cpp-pppoe-disc
permit any any protocol-family pppoe-disc
Extended MAC access list system-cpp-sstp
permit any host 0100.0ccc.cccd
Extended MAC access list system-cpp-ucast-cfm
permit any host 000d.6558.d5fd -
Connection doctor and connection issues
I have nothing blocking my internet connection, however mail is a nightmare for me. I continually receive connection issues via the connection doctor for imaps, pops, and icloud.
Are my settings wrong? I have checked with each of the settings and they are set per instructions provided. Some are google, some yahoo, icloud, etc.
This is really annoying and I could really use some help.
Here is a typical message: Could not connect to this Google IMAP server. Check your network connection and that you entered the correct information in the Account preferences. Also verify that the server supports SSL. If it does not, deselect the 'Use SSL" checkbox in the Advanced tab of Account Preference"
I have done all of this and am still having troubles.
I am also receiving SMTP connection issues - "Trying to log into this SMTP account failed. Verufy that the username and password are correct."
I have checked and all are correct. Even more confusing, these issues are not present all the time - however I have not changed anything between when times are good and bad.
Sigh - I hope someone has an idea to help me out.
Thanks in advance for your time and thoughts.
Patti
I am running osx 10.8 mail 6.2 and use xfinity for my internet (as I mentioned, I disabled their firewall trying to fix this)Hi there Japps1,
You may find the troubleshooting steps in the article below helpful.
OS X Mail: Troubleshooting sending and receiving email messages
http://support.apple.com/kb/TS3276
-Griff W. -
Anyone else still having iOS 8.1 Bluetooth Connection issues.
Hi there just wanted to see if anyone is still having the Vehicle "Hands Free" Connection issues via Bluetooth on the iPhone 6? I drive a 2009 Acura TL and I am still having the connection issue. Oddly enough before the 8.1 update I was running 8.0.2 and it worked fine. Now when I get in my car and the phone connects it cripples the entire system. It won't allow me to change to the USB mode for my connected iPod and when I try to place a call via the "Hands Free" system it beeps as if it is activating and then does nothing.
I have tried everything that I can think of with no results. I was hoping there was someone out there with the same car or similar having the same problem that might have found a fix. Chime in and let me know.I am having similar problems with Bluetooth connectivity but not with a car. I use a Planatronics Legend. Everytime that a call comes in, my Legend announces the call then immediately disconnects from my iPhone. All of this started after upgrading to ios 8.1.
Apple should not advertise fixes to problems without truly confirming the repairs. -
Hi all.
The problem.
Today I updated my Nexus 7010 sup1 from 6.1.4a to 6.2.8.
I want did it in ISSU mode, but after impact check I got this:
Compatibility check is done:
Module bootable Impact Install-type Reason
1 yes non-disruptive rolling
2 yes non-disruptive rolling
3 yes non-disruptive rolling
4 yes non-disruptive rolling
5 yes disruptive reset Some LACP ports not in steady state or operating in 'rate fast' mode.
6 yes disruptive reset Some LACP ports not in steady state or operating in 'rate fast' mode.
7 yes non-disruptive rolling
8 yes non-disruptive rolling
9 yes non-disruptive rolling
10 yes non-disruptive rolling
Additional info for this installation:
Service "lacp" in vdc 1: LACP: Upgrade will be disruptive as 6 switch ports and 0 fex ports are not upgrade ready!!
Issue the "show lacp issu-impact" cli for more details.
(modified the impact to <Hitful> for module <6>)
Do you want to continue with the installation (y/n)? [n] y
I went on with yes and update script reboot both sups after updated all modules.
It was quite a surprise for me (yes I know I must see word "disruptive" opposite my sups 5 and 6). Because I already had done two ISSU updates on two nexuses (from 5.1.* ->5.2.7 and 5.2.7 -> 6.1.4a) and didn`t have any trouble with LACP timers. Is it a new feature of the 6.* train?
I have another Nexus that I want to update. And it also has same problem with LACP timers.
show install all impact give me the same disruptive result because of LACP.
Can I somehow suppress such ISSU behavior? In case of LACP. I don`t have vPC, just ordinal PC.
It is a way better if some LACP interfaces flap in process, than an almost 14 minutes of all 7010 chassis reboot that I had.
Although problem with LACP timers is that they must be the same on the switch side and on the other side. And in case of switches, linux boxes or HP VCs changing LACP timers isn`t a big problem. IT is a biggg problem in case of the Windows Server.
sh lacp interface ethernet 8/13
Interface Ethernet8/13 is up
Channel group is 13 port channel is Po13
Local Port: Eth8/13 MAC Address= 40-55-39-23-1e-c1
System Identifier=0x8000, Port Identifier=0x8000,0x80d
Operational key=12
LACP_Activity=active
LACP_Timeout=Long Timeout (30s)
Neighbor: 0x1
MAC Address= ac-16-2d-a4-f2-54
System Identifier=0xffff, Port Identifier=0xff,0x1
Operational key=17
LACP_Activity=active
LACP_Timeout=short Timeout (1s)
They must be the same and equal 30s for successful ISSUYou probably need to dig a little deeper to get a definitive answer (sup1 or 2, type of cards, etc..) but here is a diagram in the release notes for 6.1 found here:
http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/release/notes/61_nx-os_release_note.html
If this posts answers your question or is helpful, please consider rating it and/or marking as answered. -
Cisco Nexus 3K Layer 3 Connectivity Issue while using Optical SFP
Dear All,
Am facing L3 reachability issue between N3k switched, even in same subnet. Also checked that VLAN is allowed under trunk port.
I can able to see the switch details as CDP neighbour.
We are using SVI, and found all the SVI and Interface protocol status is up/up. So to test I use a host to directly connect N3k with Optical SFP in access port, found failure on reachability, but while replacing with SFP ethernet module instead of SFP optical module reachability is okay.
Please help me to resolve this issue.
Thanks,
Kannan,Hello Amit,
Pls find the following details..
We use SFP-10G-LR Modules on both end, we also replaced and checked with SFP-10G-SR modules as well..
Software
BIOS: version 1.9.0
loader: version N/A
kickstart: version 6.0(2)A1(1b)
system: version 6.0(2)A1(1b)
Power Sequencer Firmware:
Module 1: version v3.1
BIOS compile time: 10/13/2012
kickstart image file is: bootflash:///n3500-uk9-kickstart.6.0.2.A1.1b.bin
kickstart compile time: 9/5/2013 14:00:00 [09/05/2013 22:37:16]
system image file is: bootflash:///n3500-uk9.6.0.2.A1.1b.bin
system compile time: 9/5/2013 14:00:00 [09/06/2013 02:25:01]
Hardware
cisco Nexus 3548 Chassis ("48x10GE Supervisor")
Thanks for the reply,and sry for my delayed response.. -
Solution manager Remote Connection issues
Hi
I'm currently in the process of setting up Solution Manager 7.1 on windows Server 2008r2 using central system.
I did the prerequisite check & the Solman installation and i'm actuallly working on the post-installation steps.
I'm experiencing difficulty with the step : "Configure Remote Connection to SAP".
I followed the informations provided on : http://service.sap.com/remoteconnection
In the technical prerequesite you have to set up a connection to sap support.
So i have to choose a connection type : I selected Internet connection so my first question is : do we need "VPN with SNC" or "VPN OR SNC" ?
I personnaly understood VPN or SNC.
So from here i decided to use SNC.
The first step was to set up & configure the SAProuter. I decided to do it on an another computer on the same domain ( not on the same computer where Solution Manager is installed ) but i'm not sure it is necesary
I assume I can install Saprouter on the same location as the Solution manager? do you recommend it ?
The Basic Functions testing with niping is working.
The next step is : "establish Internet Connections"
So now i can choose between SNC or VPN : my goal is to establish the connection as fast as possible.
I actually don't have a switch available ( i can get one if necesary but time is running ... ) so i'm opting for the SNC solution.
I tryed to get the certificate for the saprouter but i don't have a register SAProuter, but when i opened a customer messager for component XX-SER-NET, SAP answered about the impossibility to access SAP service Backbone with an SNC , saying that i will need to register a VPN site to site connection to SAP => i don't get it .... Can someone explain it to me ?
So please can one of you guru's tell me how to set this remote connection :
-which materials ( server / switch / firewalls ) ?
-where to get the right documentation ?
-What about DMZ ?
-I have a single IP Address is that enough ? ( setting up nat for port 3299 )
- do i have to contact a service provider ?
My idea was initially to set up the SAProuter on the same computer as the SOLMAN setup & use SNC communication to communicate with SAP but it doesn't seems that easy. Do i need separate installation for Saprouter <=> Solution Manager. ?
What's the minimal infrastructure to establish this connection ?
In addition to that, after configuring the SAProuter, i had trouble with the SAPMMC : on my system , on the instance 0 , the process disp+work.EXE won't run ( yellow light )and i can't find where i made a mistake if you have suggestions ...
Really need your help, i'm on a short deadline ... Any help, even incomplete, would be appreciated.
Thanks a lot.Thx for the answer.
I actually managed to register my saprouter with SAP and was granted with CN/OU & connection informations.
I followed this guide : http://service.sap.com/saprouter-sncdoc with the addition of this guide : http://wiki.sdn.sap.com/wiki/display/Basis/SAProuterviaSNC.
My first issue : I'm running with a Windows server 2008 r2 enterprise edition 64 bits with a processor Intel Xeon 2.4ghz ( dualcore). so i decided to use the crypto folder "nt-x86_64"
For the environment variable i set as System variables SECUDIR = C:\usr\sap\saprouter and SNC_LIB = C:\usr\sap\saprouter\nt-x86_64\sapcrypto.dll
The generation/install of the certificate is alright ( sapgenpse get_my_name -v -n Issuer is OK )
using the command :saprouter -r -K "p:CN=mycn, OU=myOUnbr, OU=SAProuter, O=SAP, C=DE" i have
I get the following message : trc file dev_rout
no ligging active
Its strange cause it looks like its running but when i check the services running on windows saprouter isn't started .... How to know if SAProuter is running right ?
If i folow the SAP procedure : Step 3 : test of the ip connection by the customer : SAP Remote Services : technical preparation ( see SAP Note 812386 ) : it's ask in the note to implement note 766505 via SNOTE : i get the following error msg : Error in remote connection to destination SAPOSS : Error when opening an RFC connection ( LB: Hostname or service of the message server unknown#DEST = SA
What's wrong ?
If i use T oss1 in parameter => technical setting => i set my saprouter info in SAProuter 1 ( at customer site ) with instance no. 99 and if SAProuter and SAPNet Message Server at SAP i put the following : Name : sapserv2 / IP Address 194.39.131.34 intance no. 99 and message server name oss001/ DB Name 001/ Instance no.01.
When trying to "Logon to SAPNet" i have an error Unable to connect to SAPNet message server ( default connection will be used ... )
and followed by the error screen : "partner '80.15.173.168:sapdp99' not reached WSAECONNREFUSED : Connection refused. do you want to see the detailed error description ? "
Details : module nixxi.cpp / line 3286 / Method : NipConnect2:80.15.173.168:3299 / Return code : -10 / System call : connect / Error No : 10061 / Error Text WSAECONNREFUSED: Connection refused / Counter : 10
Any idea ?
when doing niping.exe -c -H /H/mylocalSR/H/194.39.131.34/H/194/39.131.34 i obtain :
Wed Dec 07 21:20:09 2011
connect to server o.k
Wed Dec 07 21:20:09 2011
send and receive 10 messages (len 1000)
times -
avg 122.148 ms
max 193.731 ms
min 81.564 ms
tr 15.990 kB/s
excluding max and min :
av2 118.273 ms
tr2 16.514 kB/s
Is it the expected output ?
I've maintained system data in service.sap.com/system-data ( selecting the sap router ) then i tryed to use the SAP service connection, downloaded the .exe but i can't find the stfk.oez. I realized that in my maintain connection screen i have no space for entering any routestring. Seems wrong ?
Do i have to use the SAO?
i've made nat redirection from my router as this : from my public ip to my lan ip ( 192.168.x.x) what should i enter in the routestring : /H/public or lan or hostname ?/S/3299 ?
Hoping you can help me ! ( the goal of all this is to set up RFC connection for postinst step of Solution manager ).
Edited by: BLANCHARD Guillaume on Dec 7, 2011 10:47 PM -
MGTM0 Interface only in Admin VDC in Nexus 7010
Hi guys,
I created two new VDCs in a Nexus 7010 (NX-OS 6.2.6) and I can see the MGTM0 interface only in the Admin VDC
I wanted to see the MGTM0 in all VDCs.
Does someone get this problem too ?
My Best Regards,
Andre Gustavo LomonacoHi Reza,
Thanks for your reply.
If the user run the setup wizard, the interface mgtm0 will be created in VDC.
If the user don't run the setup wizard, the interface mgtm0 will not be created and you will need
to only use the interface mgtm 0 command to create the interface.
Thanks a lot -
WLC 5508 Management Interface Connection
I'm setting up a new 5508. I've used the config from a 4402, have successfully connected to the Service port to manage the device, but for some reason cannot connect to the Management interface. In this case, port 1.
The service port is connected to a Catalyst switch and grabbed an ip address (10.2.x.x subnet) no problem. I can access the 5508 via https using the SP. However, port 1 is connected to the same Catalyst switch, but on a different vlan (subnet 10.20.x.x). Both ends show that the interfaces are up, I can ping the interface from any other host on the network, but when I try to manage the device via https I cannot connect. We are using WCS and I cannot add the device from the WCS. About all I can do is ping that interface.
I've probably overlooked something very basic, but I'm baffled.Thanks for the reply.
No, definitely not that. I have all of those enabled. I have the SP connected to another vlan on the same switch and can manage through that port(https, telnet). I've tried about every combination of trunk port, access port, etc. I'm beginning to suspect the GBICs (10baseT), but both ends show that I am connected at 1000 and I can ping the ip address of the management interface.
Maybe you are looking for
-
In your experience what are the best audio units to use
I hope that some of you folks are open to sharing some of your presets with others who aren't quite as good at toggling the audio unit section of garageband. I'm actually surprised that no site has sprouted up offering file downloads of presets for t
-
CurrencyString in JSP-page based on a sql-only ViewObject
I have made a JSP-page based on a sql-only ViewObject against the hr employees table, and the currencyString on the page doesn't work! The <c:out value="${Row.currencyString}"/> makes a "*" on every row. How come that this only happens to sql-only Vi
-
Is there a way to adjust the Auto Page Size
Hi, When selecting the "Auto" size option in the InDesign print dialog, it makes the page .6667" bigger than the document page size. I would like to adjust that amount to an even 1" bigger than the document page size. Is there a way to change this se
-
Password Sync from Active Directory Locking Accounts
Hello, We recently set up Active Directory as a resource and are synching passwords. We are using IDM 7.1.1.11. We are noticing that when actions in IDM push the password out to AD, and they sync comes back to IDM, the sync workflow is locking up the
-
It says I don't have enuf storage in iCloud acct ($100) 4all my devices?
It says that I don not have enuf storage space 2back up all of my devices on iCloud even tho I purchased the max ($100) for a year? What do I need 2do?