Question about live chat "Ask The Experts"

Similar Messages

• Ask the Experts Live Chat - Home Hub 4

  Hello,
  Stephanie and I are pleased to announce our next live discussion with some of our BT experts! It's about one of our latest new products, the Hub 4. This will be a great chance to get our Hub 4 experts onto the community to tell you a bit more about that and answer any questions you may have.
  We have added the Chat transcript below for any of you guys who missed this event.
  7:02
  JacquiBT: 
  Hello everyone.
  Thank for you joining our ‘Ask the Experts’ Live chat. I would like to introduce Dave, Sam and Emma who are our hub 4 experts and will be answering your questions tonight. I would like to invite you to ask your questions now.
  7:03
  [Comment From imjolly imjolly : ] 
  why are there no adsl stats available on the HH4
  7:04
  [Comment From DS DS : ] 
  evening all. Are the antennae omni directional?
  7:05
  Sean Donnelly: 
  Thanks for the question, Emma will respond
  to that question Imjolly
  7:05
  JacquiBT: 
  Thanks DS, Dave will respond to your question now
  7:05
  Dave: 
  Hi DS, yes they are
  7:05
  [Comment From Steve Steve : ] 
  Are there any plans for new firmware on the hub 4 to bring new features?
  7:06
  JacquiBT: 
  Thanks Steve, Dave is answering that question for you
  7:07
  Dave: 
  Hi Steve - yes there are. There will be more information available about this - and any new features - before each firmware drop.
  7:07
  [Comment From Steve Steve : ] 
  why can you not opt out of BT WIFI on the home hub 4?
  7:07
  Dave: 
  Hi Steve - you should have no problem doing this through the Hub Manager
  7:09
  JacquiBT: 
  Some great questions coming through, the experts are typing up responses now
  7:09
  [Comment From DS DS : ] 
  Personal testing - Why is the 2.4GHz range less than the HH3 when at a distance from the hub, but better close up than the HH3?
  7:10
  JacquiBT: 
  Thanks DS, Dave is answering this now for you
  7:10
  [Comment From George George : ] 
  Will the 'Home Network' page show a HH4 instead of the Current image of the HH3?
  7:11
  JacquiBT: 
  Thanks George, Sam will answer that for you
  7:11
  Sam: 
  Hi George, the HH4 image will be displayed in place of the HH3 in the next firmware release
  7:12
  Dave: 
  Thanks again DS - you shouldn't find that, but this can depend on a lot of different factors in the home. I've found mine to be a bit better actually! But it should be pretty much the same for most customers.
  7:12
  Sean Donnelly: 
  Did you know the Hub 4 has Smart Setup?
  Easy set up in just a few minutes. No CD or computer needed, it's all online and works on any device. Set up your Hub 4 router and access all your free extras like BT Cloud and BT Family Protection in just a few clicks.
  7:12
  [Comment From DS DS : ] 
  Is it possible for BT to allow us to move the BTWifi SSID's to another channel, leaving our own SSID on a less congested channel?
  7:12
  Dave: 
  Hi imjolly, sorry for the delay, Emma asked me to reply on her behalf. We have made the stats in the Hub manager simpler for customers to understand, we were reacting to feedback that it was too general for the wide range of customers and tech understandings.
  7:12
  JacquiBT: 
  Hi DS, Sam is replying to you now
  7:14
  [Comment From JamesS JamesS : ] 
  What speeds can I achieve over wifi, assuming I'm connected to 5ghz? Thanks.
  7:14
  Sean Donnelly: 
  Did you know the hub offers Easy Wireless?
  Connect wirelessly by selecting your BT Home Hub connection on any compatible device and just push a button on the Hub and you're connected. It's that simple. No passwords needed.
  7:14
  JacquiBT: 
  Hi JamesS. Dave will reply to your question
  7:14
  Emma: 
  Hi imjolly, we have made the stats in the Hub manager simpler for customers to understand, we were reacting to feedback that it was too general for the wide range of customers and tech understandings.
  7:15
  Sam: 
  Hi DS, moving BT Wifi SSID's to another channel is not possible on the HH4. However, we are looking closely at the wi-fi SSID's the hub broadcasts to see whether we can improve this experience.
  7:15
  Dave: 
  Hi James, 5GHz maximum data transfer rate of 300Mb/s; this will tend to translate as an optimal actual speeds of up to 100 Mb/s - depending on lots of factors in your home
  7:15
  [Comment From George George : ] 
  Why did you remove the built in plastic wireless info tab with a card?
  7:15
  JacquiBT: 
  Hi George, Dave is going to reply to that question
  7:16
  Dave: 
  Hi George - this was part of the design process, we've tried to make it even easier for customers to find their wireless information. Now it's not integrated it's a little bit more accessible.
  7:16
  [Comment From thebennyboy thebennyboy : ] 
  I currently have the HH3 and would like to know what noticable difference it will make having a HH4 over a HH3? We use the ethernet ports and the wireless.
  7:17
  JacquiBT: 
  Hi Bennyboy. Emma is going to reply to that question.
  7:17
  [Comment From Paul Paul : ] 
  How much faster is the processor in the home hub 4, compared to previous versions? how will this effect my online experience?
  7:18
  JacquiBT: 
  Hi Paul. Sam will answer that for you
  7:18
  Sam: 
  Hi Paul, the processor is a staggering 3x faster compared to the HH3
  7:19
  [Comment From Guest Guest : ] 
  Although opted out of BT wifi the hub still shows as being active
  7:19
  JacquiBT: 
  Hi Guest, could we ask that you post this on the community so the moderators can pick this up
  7:19
  Sean Donnelly: 
  Did you know that the hub 4 offers Dual band frequency which makes for a more reliable wireless connection?
  Smart dual-band technology reduces wireless interference and drop out’s giving you a reliable connection for all your devices.
  7:20
  [Comment From Guest Guest : ] 
  When you opt out of BT WIFI it appears to only opt out on the 2.4ghz channel and not the 5ghz channel. Are you looking into this?
  7:20
  JacquiBT: 
  Hi Guest. Dave will reply to your question
  7:21
  Dave: 
  Hi - thanks for this feedback, we'll definitely look in to it for you
  7:21
  Sean Donnelly: 
  Excellent questions coming through folks
  7:21
  Sean Donnelly: 
  Our experts are typing answers so please keep them coming
  7:22
  [Comment From Josh Josh : ] 
  Is it a known issue that the HomeHub 4 has problems identify the Xbox 360 as a media center extender when connected through a wired connection?
  7:23
  JacquiBT: 
  Hi Josh. Sam is replying to your question
  7:23
  [Comment From Winston Winston : ] 
  How much power does the home hub 4 use?
  7:24
  JacquiBT: 
  Hi Winston. Dave will respond to your question
  7:24
  Sam: 
  Hi Josh, we are aware of this issue. This is a problem with the Xbox rather than the HH4 but something we are reviewing together.
  7:24
  Emma: 
  Hi the bennyboy, the main advantages of the hub 4 are the faster processor (3 x faster) and 5 GHz wifi. There is no interference with 5GHz so you get better performance and as the range isn't as wide you dont have to share the bandwidth with neighbours etc. the hub still has 2.4 GHz so you still have the range you have withhub 3 too!
  7:24
  Dave: 
  Hi Winston, I am afraid there's no simple answer as it really depends on what features are in use. But the Hub 4 meets the latest Broadband Equipment Energy Code of Conduct targets for energy consumption.
  7:25
  [Comment From Mel Mel : ] 
  Why did you ignore your existing customers loyalty by charging them for a new hub, don't they pay enough already in their monthly fees?
  7:25
  JacquiBT: 
  Hi Mel, Dave will reply to your question
  7:25
  [Comment From Winston Winston : ] 
  How long did it take you to design and develop the home hub 4?
  7:26
  JacquiBT: 
  Hi Winston, Emma will reply to your question
  7:27
  [Comment From George George : ] 
  Will we get manual power save back?
  7:27
  JacquiBT: 
  Hi Gerorge. Sam will answer your question
  7:28
  [Comment From Jade Jade : ] 
  Does the home hub 4 support ip6 through a future upgrade?
  7:28
  Emma: 
  Hi Winston, It was about 2 years when we first started the project with the first ideas and concepts
  7:29
  JacquiBT: 
  Hi Jade. Emma will reply to your question.
  7:29
  Emma: 
  Hi Jade, thats something we are working on so yes something for the future
  7:30
  Sam: 
  Hi George. With regards to the manual power save feature, we have looked to make this automatic for all of our customers. However, you are able to change the brightness of the lights as an additional step.
  7:30
  Dave: 
  Hi Mel - we've made a lot of changes for our existing customers since the launch of the Hub 3 a couple of years ago. Our customer offer for the Hub 4 only £35 - a really big discount compared to the full price of £109! We've also created a range of recontracting deals that contain a Hub 4 for only the cost of delivery. If you're out of contract or in the last 3 months, you could take advantage of those offers as well. We really want all of our customers to be able to take advantage of these options!
  7:31
  Sean Donnelly: 
  Did you know the Hub 4 has a faster processor? Inside the BT Home Hub 4 router is our latest Broadband processor – the brains of your Hub. It allows you to pass information between connected devices quicker than ever. So if you are transferring files from one computer to another or watching a film streamed from another device, the BT Home Hub 4 won't slow you down.
  7:31
  [Comment From thebennyboy thebennyboy : ] 
  Our house has very thick stone walls and the wireless is weak in certain rooms. We have a few devices in our house that support 5Ghz Wi-Fi. Does the HH4 also work ok with home plugs that use your power cables to provide network connectivity?
  7:32
  JacquiBT: 
  Hi thebennyboy. Sam will respond to your question
  7:32
  [Comment From Calvin Calvin : ] 
  What future developments are in the works for home hub 4?
  7:33

  DS wrote:
  Not many of my Q's are showing either. Could be busy I guess......
  yeah I can tell, I know your quesitons are pretty good but if you notice that JacquiBT is deliberately choosing the questions she wants to go through. The whole chat is based around the fact that they have added 5ghz. I am appauled as I was hoping to at least ask one question. 

• Ask-The-Expert (ATE) Questions and Demos

  You can quickly access many of the answers and demos held during our Support Model for the Channel and Their Customers Ask the Expert (ATE) session for the Business ByDesign version of FP2.6
  You can access the demo recording here; https://sap.na.pgiconnect.com/p10867840/
  Below is a time stamp (MM:SS) of the start of a question or key topic during the session.
  05:15 u2013 what are the different ways to request support and creating incidents in the system during an implementation project ?
  8:45 u2013 How to create a support incident when the Business ByDesign system is down?
  11:20 - What is the role of a key user in ByD and to get to get access as a Key User in Business ByDesign?
  13:50 u2013 Demonstration u2013 How to log a new incident in ByD?
  15:43 u2013 who dies the user gets notified if there is any issue in the system with automatic job runs ex: if the Invoice run fails?
  21:40 u2013 How to take over an incident and forward it to support in ByD?
  33:50 u2013 what is the system provisioning process for partners and how partners can request a test, prod or data migration system?
  Edited by: Imtiyaz Mohammed on Sep 19, 2011 4:09 PM

  I want to Identify the Creator of RFQ in MM Module, Please Suggest.
  Thanks

• Ask the Expert: Single-Site and Multisite FlexPod Infrastructure

  With Haseeb Niazi and Chris O'Brien 
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Single-Site and Multisite FlexPod Infrastructure with experts Haseeb Niazi and Chris O'Brien.
  This is a continuation of the live webcast.
  FlexPod is a predesigned and prevalidated base data center configuration built on Cisco Unified Computing System, Cisco Nexus data center switches, NetApp FAS storage components, and a number of software infrastructure options supporting a range of IT initiatives. FlexPod is the result of deep technology collaboration between Cisco and NetApp, leading to the creation of an integrated, tested, and validated data center platform that has been thoroughly documented in a best practices design guide. In many cases, the availability of Cisco Validated Design guides has reduced the time to deployment of mission-critical applications by 30 percent.
  The FlexPod portfolio includes a number of validated design options that can be deployed in a single site to support both physical and virtual workloads or across metro sites for supporting high availability and disaster avoidance. This session covers various design options available to customers and partners, including the latest MetroCluster FlexPod design to support a VMware Metro Storage Cluster (vMSC) configuration.
  Haseeb Niazi is a technical marketing engineer in the Data Center Group specializing in security and data center technologies. His areas of expertise also include VPN and security, the Cisco Nexus product line, and FlexPod. Prior to joining the Data Center Group, he worked as a technical leader in the Solution Development Unit and as a solutions architect in Advanced Services. Haseeb holds a master of science degree in computer engineering from the University of Southern California. He’s CCIE certified (number 7848) and has 14 years of industry experience.   
  Chris O'Brien is a technical marketing manager with Cisco’s Computing Systems Product Group.  He is currently focused on developing infrastructure best practices and solutions that are designed, tested, and documented to facilitate and improve customer deployments. Previously, O'Brien was an application developer and has worked in the IT industry for more than 20 years.
  Remember to use the rating system to let Haseeb and Chris know if you have received an adequate response. 
  Because of the volume expected during this event, Haseeb and Chris might not be able to answer every question. Remember that you can continue the conversation in the Data Center community, subcommunity Unified Computing shortly after the event. This event lasts through September 27, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
  Webcast related links:
  Single-Site and Multisite FlexPod Infrastructure - Slides from live webcast
  Single-Site and Multisite FlexPod Infrastructure: FAQ from live webcast
  Single-Site and Multisite FlexPod Infrastructure - Video from live webcast

  I would suggest you read this white paper which details the pros and cons of direct connect storage. 
  http://www.cisco.com/en/US/partner/prod/collateral/ps10265/ps10276/whitepaper_c11-702584.html   This paper captures all the major design points for Ethernet and FC  protocols.
  I would only add that in FlexPod we are trying to create a highly  available solution and "flexible" solution; Nexus switching helps us  deliver on both with vPC and unified ports.
  NPV equats  to end-host mode which allows the system to present all of the servers  as N ports to the external fabric.  In this mode, the vHBAs are pinned  to the egress interfaces of the fabric interconnects.  This pinning  removes the potential of loops in the SAN fabric.  Host based multipathing of the  vHBAs account for potential uplink failures.  The NPV mode (end-host  mode) simplifies the attachment of UCS into the SAN fabric and that is  why it is in NPV mode by default.
  So for your last question, I will have to put my  Product Manager hat on so bear with me.   First off there is no drawback  to enabling the NPIV feature (none that I am aware of) the Nexus 5000  platform simply offers you a choice to design and support multiple FC  initiators (N-Ports) per F-Port via NPIV.  This allows for the  integration of the FI end-host mode described above.  I  imagine being a  unfied access layer switch, the Nexus team enabled standard Fibre  Channel switching capability and features first.  The implementatin of  NPIV is a customer choice based on their specific access layer  requirements.
  /Chris

• Ask the Expert: Scaling Data Center Networks with Cisco FabricPath

  With Hatim Badr and Iqbal Syed
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about the Cisco FabricPath with Cisco technical support experts Hatim Badr and Iqbal Syed. Cisco FabricPath is a Cisco NX-OS Software innovation combining the plug-and-play simplicity of Ethernet with the reliability and scalability of Layer 3 routing. Cisco FabricPath uses many of the best characteristics of traditional Layer 2 and Layer 3 technologies, combining them into a new control-plane and data-plane implementation that combines the immediately operational "plug-and-play" deployment model of a bridged spanning-tree environment with the stability, re-convergence characteristics, and ability to use multiple parallel paths typical of a Layer 3 routed environment. The result is a scalable, flexible, and highly available Ethernet fabric suitable for even the most demanding data center environments. Using FabricPath, you can build highly scalable Layer 2 multipath networks without the Spanning Tree Protocol. Such networks are particularly suitable for large virtualization deployments, private clouds, and high-performance computing (HPC) environments.
  This event will focus on technical support questions related to the benefits of Cisco FabricPath over STP or VPC based architectures, design options with FabricPath, migration to FabricPath from STP/VPC based networks and FabricPath design and implementation best practices.
  Hatim Badr is a Solutions Architect for Cisco Advanced Services in Toronto, where he supports Cisco customers across Canada as a specialist in Data Center architecture, design, and optimization projects. He has more than 12 years of experience in the networking industry. He holds CCIE (#14847) in Routing & Switching, CCDP and Cisco Data Center certifications.
  Iqbal Syed is a Technical Marketing Engineer for the Cisco Nexus 7000 Series of switches. He is responsible for product road-mapping and marketing the Nexus 7000 line of products with a focus on L2 technologies such as VPC & Cisco FabricPath and also helps customers with DC design and training. He also focuses on SP customers worldwide and helps promote N7K business within different SP segments. Syed has been with Cisco for more than 10 years, which includes experience in Cisco Advanced Services and the Cisco Technical Assistance Center. His experience ranges from reactive technical support to proactive engineering, design, and optimization. He holds CCIE (#24192) in Routing & Switching, CCDP, Cisco Data Center, and TOGAF (v9) certifications.
  Remember to use the rating system to let Hatim and Iqbal know if you have received an adequate response.  
  They might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Data Center sub-community Unified Computing discussion forum shortly after the event. This event lasts through Dec 7, 2012.. Visit this support forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Sarah,
  Thank you for your question.
  Spanning Tree Protocol is used to build a loop-free topology. Although Spanning Tree Protocol serves a critical function in these Layer 2 networks, it is also frequently the cause of a variety of problems, both operational and architectural.
  One important aspect of Spanning Tree Protocol behavior is its inability to use parallel forwarding paths. Spanning Tree Protocol forms a forwarding tree, rooted at a single device, along which all data-plane traffic must flow. The addition of parallel paths serves as a redundancy mechanism, but adding more than one such path has little benefit because Spanning Tree Protocol blocks any additional paths
  In addition, rooting the forwarding path at a single device results in suboptimal forwarding paths, as shown below, Although a direct connection may exist, it cannot be used because only one active forwarding path is allowed.
  Virtual PortChannel (vPC) technology partially mitigates the limitations of Spanning Tree Protocol. vPC allows a single Ethernet device to connect simultaneously to two discrete Cisco Nexus switches while treating these parallel connections as a single logical PortChannel interface. The result is active-active forwarding paths and the removal of Spanning Tree Protocol blocked links, delivering an effective way to use two parallel paths in the typical Layer 2 topologies used with Spanning Tree Protocol.
  vPC provides several benefits over a standard Spanning Tree Protocol such as elimination of blocker ports and both vPC switches can behave as active default gateway for first-hop redundancy protocols such as Hot Standby Router Protocol (HSRP): that is, traffic can be routed by either vPC peer switch.
  At the same time, however, many of the overall design constraints of a Spanning Tree Protocol network remain even when you deploy vPC such as
  1.     Although vPC provides active-active forwarding, only two active parallel paths are possible.
  2.     vPC offers no means by which VLANs can be extended, a critical limitation of traditional Spanning Tree Protocol designs.
  With Cisco FabricPath, you can create a flexible Ethernet fabric that eliminates many of the constraints of Spanning Tree Protocol. At the control plane, Cisco FabricPath uses a Shortest-Path First (SPF) routing protocol to determine reachability and selects the best path or paths to any given destination in the Cisco FabricPath domain. In addition, the Cisco FabricPath data plane introduces capabilities that help ensure that the network remains stable, and it provides scalable, hardware-based learning and forwarding capabilities not bound by software or CPU capacity.
  Benefits of deploying an Ethernet fabric based on Cisco FabricPath include:
  • Simplicity, reducing operating expenses
  – Cisco FabricPath is extremely simple to configure. In fact, the only necessary configuration consists of distinguishing the core ports, which link the switches, from the edge ports, where end devices are attached. There is no need to tune any parameter to get an optimal configuration, and switch addresses are assigned automatically.
  – A single control protocol is used for unicast forwarding, multicast forwarding, and VLAN pruning. The Cisco FabricPath solution requires less combined configuration than an equivalent Spanning Tree Protocol-based network, further reducing the overall management cost.
  – A device that does not support Cisco FabricPath can be attached redundantly to two separate Cisco FabricPath bridges with enhanced virtual PortChannel (vPC+) technology, providing an easy migration path. Just like vPC, vPC+ relies on PortChannel technology to provide multipathing and redundancy without resorting to Spanning Tree Protocol.
  Scalability based on proven technology
  – Cisco FabricPath uses a control protocol built on top of the powerful Intermediate System-to-Intermediate System (IS-IS) routing protocol, an industry standard that provides fast convergence and that has been proven to scale up to the largest service provider environments. Nevertheless, no specific knowledge of IS-IS is required in order to operate a Cisco FabricPath network.
  – Loop prevention and mitigation is available in the data plane, helping ensure safe forwarding that cannot be matched by any transparent bridging technology. The Cisco FabricPath frames include a time-to-live (TTL) field similar to the one used in IP, and a Reverse Path Forwarding (RPF) check is also applied.
  • Efficiency and high performance
  – Because equal-cost multipath (ECMP) can be used the data plane, the network can use all the links available between any two devices. The first-generation hardware supporting Cisco FabricPath can perform 16-way ECMP, which, when combined with 16-port 10-Gbps port channels, represents a potential bandwidth of 2.56 terabits per second (Tbps) between switches.
  – Frames are forwarded along the shortest path to their destination, reducing the latency of the exchanges between end stations compared to a spanning tree-based solution.
      – MAC addresses are learned selectively at the edge, allowing to scale the network beyond the limits of the MAC addr

• Ask the Expert: One Management with Prime Infrastructure 1.2

  With Tejas Shah
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions from Cisco expert Tejas Shah on One Management with Prime Infrastructure 1.2 Combining the wireless functionality of Cisco Prime Network Control System (NCS) with the wired functionality of Cisco Prime LAN Management Solution (LMS),  Cisco Prime Infrastructure simplifies and automates many of the day-to-day tasks associated with maintaining and managing the end-to-end network infrastructure from a single pane of glass. The new converged solution delivers all of the existing wireless capabilities for RF management, user access visibility, reporting, and troubleshooting along with wired lifecycle functions such as discovery, inventory, configuration and image management, automated deployment, compliance reporting, integrated best practices, and reporting.
  Tejas Shah is a senior technical marketing engineer for Cisco Prime Infrastructure and Collaboration products. He has deployed Cisco Prime Collaboration Manager at various customer sites to help customers monitor and troubleshoot their video infrastructure. In addition, he is part of the Network Operations Center team at Cisco Live events for six years. Shah joined Cisco in 1995 and was in the Technical Assistance Center team supporting various network management system products for more than six years.
  Remember to use the rating system to let Tejas know if you have received an adequate response. 
  Tejas might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Wireless Mobility sub-community discussion forum shortly after the event. This event lasts through Sept 21, 2012. Visit this forum often to view responses to your questions and the questions of other community members.

  Raun, please see my responses inline:
  Can you go over the licensing method with Prime Infrastructure 1.2 please? 
  Raun, you can check out the following link for ordering guide at
  http://www.cisco.com/en/US/products/ps12239/products_data_sheets_list.html
  I currently have NCS and do NOT currently have LMS.  I know I can move to Prime Infrastructure through Cisco Product Upgrade Tool.  However, what I am confused about is do I still have to buy LMS to have LMS functionality in Prime Infrastructure 1.2? 
  ==> Not at all.  The converged product will give you basic management capability for routers and switches that LMS provided in this release.   Feature/Functionality will keep on growing with upcoming releases.
  If not, do the licenses I transfer into Prime Infrastructure 1.2 from NCS also work for devices to work under LMS? 
  ==> Licensing is different than NCS or LMS.  You don't have to transfer the license.  Each install of Prime Infrastructure will have a unique UID string on which the licenses are based.  A new license will be applied to the product.
  Mean, can my currently 350 licenses be used for AP's as in NCS and routers in the LMS portion of Prime Infrastructure 1.2?
  ==> I would recommend getting a total count of your wired and wireless devices and match the right SKU based on that.
  Hope this helps.. Let me know if you have any further questions,
  Tejas

• Ask the Expert: Plan, Design, and Implement Mobile Remote Access, the Cisco Collaboration Edge Architecture

  Welcome to the Cisco® Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about planning, designing, and implementing mobile remote access (Cisco Collaboration Edge Architecture) with Cisco subject matter experts Aashish Jolly and Abhijit Anand.
  Cisco Collaboration Edge Architecture is an architecture that provides VPN-less access of Cisco Unified Communications resources to Cisco Jabber® users. This discussion is dedicated to addressing questions about design best practices while implementing mobile remote access.
  For more information, refer to the Unified Communications Mobile and Remote Access via Cisco VCS deployment guide. 
  Aashish Jolly is a network consulting engineer who is currently serving as the Cisco Unified Communications consultant for the ExxonMobil Global account. Earlier at Cisco, he was part of the Cisco Technical Assistance Center (TAC), where he helped Cisco partners with installation, configuring, and troubleshooting Cisco Unified Communications products such as Cisco Unified Communications Manager and Manager Express, Cisco Unity® solutions, Cisco Unified Border Element, voice gateways and gatekeepers, and more. He has been associated with Cisco Unified Communications for more than seven years. He holds a bachelor of technology degree as well as Cisco CCIE® Voice (#18500), CCNP® Voice, and CCNA® certifications and VMware VCP5 and Red Hat RHCE certifications.
  Abhijit Singh Anand is a network consulting engineer with the Cisco Advanced Services field delivery team in New Delhi. His current role involves designing, implementing, and optimizing large-scale collaboration solutions for enterprise and defense customers. He has also been an engineer at the Cisco TAC. Having worked on multiple technologies including wireless and LAN switching, he has been associated with Cisco Unified Communications technologies since 2006. He holds a master’s degree in computer applications and multiple certifications, including CCIE Voice (#19590), RHCE, and CWSP and CWNP.
  Remember to use the rating system to let Aashish and Abhijit know if you have received an adequate response. 
  Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation on the Cisco Support Community Collaboration, Voice and Video page, in the Jabber Clients subcommunity, shortly after the event. This event lasts through June 20, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Marcelo,
     Yes, there are some requirements for certificates in Expressway.
  Expressway Core (Exp-C)
  - Can be signed by either External or Internal CA
  - Better to use a cluster name even if you start with 1 peer in Exp-C cluster. In the future, if more peers are added, changes would be minimal.
  - Better to use FQDN of cluster as CN of certificate, this way the traversal zone configuration on Expressway-E won't require any change even if new peers are added to Exp-C cluster.
  - If CUCM is mixed mode, include security profile names (in FQDN format) as Subject Alternate Names
  - The Chat Node Aliases that are configured on the IM and Presence servers. They will be required only for Unified Communications XMPP federation deployments that intend to use both TLS and group chat. (Note that Unified Communications XMPP federation will be supported in a future Expressway release). The Expressway-C automatically includes the chat node aliases in the CSR, providing it has discovered a set of IM&P servers.
  - For TLS b/w CUCM, IM-P & Exp-C
    + If using self-signed certificates on CUCM, IM/P. Load Cisco Tomcat, cup, cup-xmpp certificates from IM-P on Exp-C. Load callmanager, Cisco Tomcat certificates from CUCM on Exp-C.
    + If using Internal CA signed certificates on CUCM, IM/P. Load Root CA certificates on Exp-C.
    + Load CA certificate under tomcat-trust, cup-trust, cup-xmpp-trust on IM-P.
    + Load CA certificate under tomcat-trust, callmanager-trust on CUCM.
  Expressway Edge (Exp-E)
  - Signed by External CA
  - Configured Unified Communications domain as Subject Alternate Name
  - If using a cluster, select FQDN of this peer as CN and FQDN of Cluster + this peer as Subject Alternate Name.
  - If XMPP federation is being deployed, enter the same Chat Node Aliases as entered in Exp-C.
  For more details, please refer to the Certificate Creation Guide for Cisco Expressway x8.1.1
  http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Cisco-Expressway-Certificate-Creation-and-Use-Deployment-Guide-X8-1.pdf
  - Aashish

• Ask the Expert: Upgrading Cisco Unified Communications Manager (CUCM) to Version 9.1 (Drive to 9)

  Welcome to the Cisco Support Community Ask the Expert conversation. Learn from experts Vijay Rao and Amit Singh about simplified upgrade process and focused support from Cisco to migrate to version 9.1. 
  This is a continuation of the live Webcast
  Drive to 9 is a comprehensive and holistic program designed to help you upgrade the current Cisco® Unified Communications Manager installed base to version 9.1 or higher. This upgrade will enable customers to have next-generation collaboration experiences.
  During the live event, Cisco subject matter experts Vijay Rao and Amit Singh focussed on the simplified upgrade process and focused support from Cisco to migrate to version 9.1. They also talked about the changes made to the licensing model of User Connect Licensing and Cisco Unified Workspace Licensing.
  Vijay Rao is a Network Consulting Engineer and is currently a unified communications (UC) consultant for Bank of America. He has been providing consulting assistance to the bank for the past 6 years. He helps design complex UC networks for large enterprise customers. He was previously part of Cisco IT in the Asia Pacific, Japan, and China (APJC) region and was instrumental in designing and implementing the Bangalore campus. He has been working with Cisco for 9 years and has 12 years of UC experience. He has a Cisco CCVP® certification. 
  Amit Singh is a customer support engineer at the Cisco Technical Assistance Center in Bangalore, India. He has 7 years of experience in his areas of expertise: wireless, Cisco Unified Communications Manager, multiservices, Cisco Unity®, and Cisco Unified Contact Center Express. He has been involved in various escalation requests from India, Singapore, and Australia and is currently working as a technical lead for the Voice team in Bangalore, India. He is a computer science graduate.
  Remember to use the rating system to let Vijay and Amit know if you have received an adequate response.  
  Vijay and Amit might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Collaboration, Voice and Video sub-community   forum shortly after the event. This event lasts through July 19, 2013. Visit this forum often to view responses to your questions and the questions of other community members.
  Webcast related links:
  Webcast Video
  FAQ from the live webcast
  Slides from the live webcast

  Hello Robert,
  Apologies for a delayed response, some days get very hectic.
  In CallManager, we only define the SRST reference, and CUCM version and SRST version are independent of each other.
  The only thing, which is related and will change with CUCM upgrade is Phone F/w version.
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/compat/ccmcompmatr1.pdf
  You may just want to check your, phone f/w compatibility with the SRST version running on your ISR G1 Gateways:
  http://www.cisco.com/en/US/products/sw/voicesw/ps2169/products_device_support_tables_list.html
  For Example: SRST version 7.1
  http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/vcallcon/ps2169/data_sheet_c78-520521.html
  You may want to do some lab testing with CUCM 9.1 and an SRST supported f/w on your phones.
  If you decide to run the old Phone/F/w to support the SRST version, you may not be able to take advantage of new features.
  Also, you can try and upgrade your phones(Wih CUCM 9.1) and test them with your SRST version.
  It should work fine, but from a troubleshooting perspective, TAC may request you to come into a Cisco Supported combination.
  Please, let me know if this clarifies your doubt or we can have a quick phone call.
  Regards
  Amit Singh

• Ask the Expert: Cisco TelePresence for the Enterprise

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about Cisco Telepresence® for the enterprise. 
  Cisco experts Jaret, Fernando, and Fred will be covering all Cisco TelePresence products.  Topics include Cisco TelePresence endpoints and TelePresence infrastructure such as the Cisco TelePresence Video Communication Server (VCS), Cisco Expressway Series, Cisco Unified Communication Manager (CallManager), Cisco TelePresence Servers (MSE 8710, on Virtual Machine, etc.), MCU (MSE 8510, etc.), Cisco TelePresence Management Suite (TMS), and all other Cisco TelePresence related devices.
  Jaret Osborne is an 8-year Cisco Advanced Services veteran.  In his Advanced Services tour, Jaret has covered all aspects of Cisco Unified Communications and TelePresence products, including both enterprise and service provider verticals. Most recently Jaret has been working with global service providers supporting their Cisco TelePresence as a Service offerings while also incubating new cloud services at Cisco.
  Fernando Rivas is a Cisco Advanced Services NCE, starting in the Cisco Technical Assistance Center (TAC), 2007, on the Collaboration Technology Team mastering the Cisco Unified Communication  technologies and specialized in call control CUCM,VCS) and  conferencing (MeetingPlace, Telepresence). In 2011, he joined Cisco Advanced Services as a member of the Cisco Collaboration team and participated in several Cisco TelePresence and video-related technologies deployments. Currently he is a member of the Video Cloud Technology Team, supporting video exchanges in several and architecting new private video cloud solutions for large enterprises. Fernando holds a routing and switching CCIE® certification (22975).
  Fred Mollenkopf  is a Cisco Advanced Services Network consulting engineer working at Cisco for the last 7 years. Fred has led some of the largest Cisco Unified Communication and Collaboration deployments done for Cisco customers and partners. Over 15 years’ experience in data networking with a specialization in Cisco Unified Communications in 2004. Currently he is a member of the SP Video Advanced Services Team, supporting SP video exchanges and the Cisco Telepresence solutions.  Fred maintains an active CCIE® in Voice (17521).
  Remember to use the rating system to let Jaret, Fernando, and Fred know if you have received an adequate response. 
  Because of the volume expected during this event, Jaret, Fred, and Fernando might not be able to answer every question. Remember that you can continue the conversation in the Collaboration, Voice and Video Community, under the sub-community TelePresence, shortly after the event. This event lasts through August 15, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Tenaro,
  Additionally here are the most common login issues.  Unfortunately this includes items related to Presence implementation but I commented where we did not use these in our lab setup for CUCM Phone Capabilities only.  
  Login Issues
  Problem:
  Jabber Unable to Sign-in Through MRA
  Solution
  This can be caused by a number of things, a few of which are outlined below.
   1.  Collaboration Edge SRV record not created and/or port 8443 unreachable
  For a jabber client to be able to login successfully using MRA, a specific collaboration edge SRV record must be created and accessible externally. When a jabber client is initially started it will make server DNS SRV queries:
  _cisco-uds : this SRV record is used to determine if a CUCM server is available.
  _cuplogin : this SRV record is used to determine if an IM&P server is available.
  _collab-edge : this SRV record is used to determine if MRA is available.
  If the jabber client is started and does not receive an SRV answer for _cisco-uds and _cuplogin, and does receive an answer for _collab-edge then it will use this answer to try to contact the Expressway-E listed in the SRV answer.
  The _collab-edge SRV record should point to the FQDN of the Expressway-E using port 8443. If the _collab-edge SRV is not created, or is not externally available,  or if it is available, but port 8443 is not reachable, then the jabber client will fail to login.
   2.  Unacceptable or No Available Certificate on VCS Expressway
  After the jabber client has received an answer for _collab-edge, it will then contact the expressway using TLS over port 8443 to try to retrieve the certificate from the expressway to setup TLS for communication between the jabber client and the expressway.
  If the Expressway does not have a valid signed certificate that contains either the FQDN or domain of the Expressway, then this will fail and the jabber client will fail to login.
  If this is occurring, the you should use the CSR tool on the Expressway, which will automatically include the FQDN of the expressway as a Subject Alternative Name.
  MRA requires secure communication between the Expressway-C and Expressway-E, and between the Expressway-E and external endpoints.
  Expressway-C Server Certificate Requirements:
  The Chat Node Aliases configured on the IM&P servers. This is required if you are doing XMPP federation.  The Expressway-C should automatically include these in the CSR provided that an IM&P server has already been discovered on the Expressway-C.
  The names in FQDN format of all Phone Security Profiles in CUCM configured for TLS and used on devices configured for MRA. This allows for secure communication between the CUCM and Expressway-C  for the devices using those Phone Security Profiles.
  Expressway-E Server Certificate Requirements:
  All domains configured for Unified Communications. This includes the domain of the Expressway-E and C, e-mail address domain configured for Jabber, and any presence domains.
  The Chat Node Aliases configured on the IM&P servers. This is required if you are doing XMPP federation. 
  The MRA Deployment guide describes this in greater detail on pages 17-18. (http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Mobile-Remote-Ac...
  Note: In our lab for testing Phone Capabilities only, we did not include the Chat Node Aliases in the certificate as we were not using IM&P.
   3.  No UDS Servers Found in Edge Config
  After the Jabber client successfully establishes a secure connection with the Expressway-E, it will ask for its edge config. This edge config will contain the SRV records for _cuplogin and _cisco-uds. If these SRV records are not returned in the edge config, then the jabber client will not be able to proceed with trying to login.
  To fix this, make sure that _cisco-uds and _cuplogin SRV records are created internally and resolvable by the Expressway-C
  More information on the DNS SRV records can be found on page 10 of the MRA deployment guide for X8.1.1 (http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Mobile-Remote-Access-via-Expressway-Deployment-Guide-X8-1-1.pdf)
  Note: In our lab for testing Phone Capabilities only, we did not include the DNS SRV for _cuplogin.
   4.  The Expressway-C logs will indicate the following error: XCP_JABBERD  Detail="Unable to connect to host '%IP%', port 7400:(111) Connection  refused"
  If Expressway-E NIC is incorrectly configured, this can cause the XCP server to not be updated. If the Expressway-E meets the following criteria, then you will likely have this issue:
  Using a single NIC
  Advanced Networking Option Key is installed
  Use Dual Network Interfaces option is set to “Yes”
  To correct this problem, change the “Use Dual Network Interfaces” option to “No”
  The reason this is a problem is because the Expressway-E will be listening for the XCP session on the wrong network interface, which will cause the connection to fail/timeout. The Expressway-E listens on TCP port 7400 for the XCP session. You can verify this by using the netstat command from the VCS as root.
  Note: We used a Dual Network Interface Expressway for testing but were not using XCP, so this was not applicable to us.
   5.  VCE-E Server hostname/domain name does not match what is configured in the _collab-edge SRV.
  If the Expressway-E Server hostname/domain name does not match what was received in the _collab-edge SRV answer, the jabber client will not be able to communicate to the Expressway-E. The Jabber client uses the xmppEdgeServer/Address element in the get_edge_config response to establish the XMPP connection to the Expressway-E.
  This is an example of what the xmppEdgeServer/Address would look like in the get_edge_config response from the Expressway-E to the Jabber client:
  <xmppEdgeServer>
  <server>
  <address>ott-vcse1.vcx.cisco.com</address>
  <tlsPort>5222</tlsPort>
  </server>
  </xmppEdgeServer>
  To avoid this, make sure that the _collab-edge SRV record matches the Expressway-E hostname/domain name. Enhancement CSCuo83458 has been filed for this. 
  Note: This was one of our issues when we first setup.  We adjusted our Expressway-E to insure the below:
  System > Administration > System Name this was the FQDN
  System > DNS > System Host Name was the host portion of the FQDN
  System > DNS > Domain Name was the domain portion of the FQDN
  System > Clustering > Cluster Name (FQDN for Provisioning) was the FQDN
   6. Unable to log into certain IM&P servers. VCS logs say "No realm found for host cups-example.domain.com, check connect auth configuration"
  From the Expressway-E, go to Configuration -> Unified Communications -> IM&P Servers. Open each server and click "Save" again. Not sure exactly why this happens.
  Note:  This was N/A to our test and can be ignored with Phone Capabilities only.
  Thanks
  Fred

• Ask the Experts: IOS-XR Fundamentals and Architecture

  Welcome to the Cisco Support Community Ask the Expert conversation. 
  Learn and ask questions about IOS-XR Fundamentals and Architecture.
  November 18, 2014 through November 28, 2014.
  Cisco IOS XR Software is a modular and fully distributed network operating system for service provider networks. Cisco IOS XR creates a highly available, highly secure routing platform.
  It distributes processes across the control, data, and management planes with their own access controls and delivers routing-system scalability, service isolation, and manageability.
  This is a Q&A extension of the Live expert Webcast.
  Cisco subject matter experts Sudeep, Raj, and Sudhir, will focus on IOS-XR fundamentals.
  Including:-
  High-Level Overview of Cisco IOS XR
  Cisco IOS XR Infrastructure
  Configuration Management
  Cisco IOS XR Monitoring and Operations
  Cisco IOS XR Security
  Introduction to different IOS-XR platforms
  Sudeep Valengattil is a customer support engineer in High-Touch Technical Services at Cisco specializing in service provider technologies and platforms. Sudeep has got experience on XR platform like ASR9000, CRS, NCS and GSR. Sudeep has more than 9 years of experience in the IT industry and holds CCIE certification (36098) in Service provider.
  Sudhir Kumar is a customer support engineer in High-Touch Technical Services at Cisco specializing in service provider technologies and platforms. His areas of expertise include Cisco CRS, ASR 9K and Cisco XR 12000 Series Routers. Sudhir has more than 10 years of experience in the IT industry and holds CCIE certification (35219) in Service provider and Routing and switching.
  Raj Pathak is a customer support engineer in High-Touch Technical Services at Cisco specializing in service provider technologies and platforms. He serves as a support engineer for technical issues supporting Cisco IOS XR Software customers on Cisco CRS and Cisco XR 12000 Series Routers. Raj has more than 8 years of experience in the IT industry and holds CCIE certification (38760) in routing and switching.
  For more information about this topic, visit the Expert Corner > Knowledge Sharing
  Remember to use the rating system to let the experts know if you have received an adequate response.

  Hi Charles,
  To answer your question,
  LPTS would be acting only on packet/traffic which is ingressing the router and destined for the router itself (for-us packets).  It provides an internal forwarding table to route control/management protocol packets destined to local router to the right application for further processing.  Once we have a packet entering the interface, the network processor would be performing a lookup to determine, if this packet is destined for us.  Based on which, it will forward to LPTS.  For eg, the ICMP packets coming in on an interface with destination IP of router itself, would be processed by LPTS.  It also provides policing function for this traffic transparently.
  Key facts about LPTS
  1. LPTS is an always on feature.  No user configuration needed to enable it.
  2. LPTS is only applicable for traffic entring to the router and destined to the local router. Applies for control-plane and management plane traffic.
  3. Packets originated by router and transit traffic is not processed by LPTS
  4. LPTS polices the incoming traffic based on the pre-defined policer rates.
  Here is an o/p snip to view the LPTS entries.
  RP/0/RP0/CPU0:CRS-C#sh lpts pifib hard police loc 0/0/cpu0
  Tue Nov 25 23:32:10.666 EDT
  Node 0/0/CPU0:
  Burst = 100ms for all flow types
  FlowType Policer Type Cur. Rate Def. Rate Accepted Dropped
  unconfigured-default 100 Static 500 500 0 0
  L2TPv2-fragment 185 Static 700 700 0 0
  Fragment 106 Static 1000 1000 0 0
  OSPF-mc-known 107 Static 20000 20000 44818 0
  OSPF-mc-default 111 Static 5000 5000 11366 0
  Do let us know if you have any further queries.
  Regards,
  Sudeep Valengattil

• Ask the Expert: Integrating Cisco Identity Service Engine (ISE) 1.2 for BYOD

  With Eric Yu and Todd Pula 
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions  about integrating Cisco ISE 1.2 for BYOD with experts Eric Yu and Todd Pula.
  Cisco Bring Your Own Device (BYOD) is an end-to-end architecture that orchestrates the integration of Cisco's mobile and security architectures to various third-party components. The session takes a deep dive into the available tools and methodologies for troubleshooting the Cisco BYOD solution to identify root causes for problems that stem from mobile device manager integration, Microsoft Active Directory and certificate authority services, and Cisco Enterprise Mobility integration to the Cisco Identity Services Engine (ISE). 
  Todd and Eric recently delivered a technical workshop that helps network designers and network engineers understand integration of the various Cisco BYOD components by taking a deep dive to analyze best practice configurations and time-saving troubleshooting methodologies. The content consisted of common troubleshooting scenarios in which TAC engineers help customers address operational challenges as seen in real Cisco BYOD deployments.
  Eric Yu is a technical leader at Cisco responsible for supporting our leading-edge borderless network solutions. He has 10 years of experience in the telecommunications industry designing data and voice networks. Previous to his current role, he worked as a network consulting engineer for Cisco Advance Services, responsible for designing and implementing Cisco Unified Communications for Fortune 500 enterprises. Before joining Cisco, he worked at Verizon Business as an integration engineer responsible for developing a managed services solution for Cisco Unified Communications. Eric holds CCIE certification in routing and switching no. 14590 and has two patents pending related to Cisco's medianet.   
  Todd Pula is a member of the TAC Security and NMS Technical Leadership team supporting the ISE and intrusion prevention system (IPS) product lines. Todd has 15 years of experience in the networking and information security industries, with 6 years of experience working in Cisco's TAC organization. Previous to his current role, Todd was a TAC team lead providing focused technical support on Cisco's wide array of VPN products. Before joining Cisco, he worked at Stanley Black & Decker as a network engineer responsible for the design, configuration, and support of an expansive global network infrastructure. Todd holds his CCIE in routing and switching no. 19383 and an MS degree in IT from Capella University.
  Remember to use the rating system to let Eric and Todd know if you have received an adequate response.
  Because of the volume expected during this event, Eric and Todd might not be able to answer every question. Remember that you can continue the conversation in the Security community, subcommunity AAA, Identity and NAC, shortly after the event. This event lasts through November 15, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Antonio,
  Many great questions to start this series.  For the situation that you are observing with your FlexConnect configuration, is the problem 100% reproducible or is it intermittent?  Does the problem happen for one WLAN but not another?  As it stands today, the CoA-Ack needs to be initiated by the management interface.  This limitation is documented in bug CSCuj42870.  I have provided a link for your reference below.  If the problem happens 100% of the time, the two configuration areas that I would check first include:
  On the WLC, navigate to Security > RADIUS > Authentication.  Click on the server index number for the associated ISE node.  On the edit screen, verify that the Support for RFC 3576 option is enabled.
  On the WLC, navigate to the WLANs tab and click on the WLAN ID for the WLAN in question.  On the edit screen, navigate to Security > AAA and make sure the Radius Server Overwrite interface is unchecked.  When this option is checked, the WLC will attemp to send client authentication requests and the CoA-Ack/Nak via the dynamic interface assigned to the WLAN vs. the management interface.  Because of the below referenced bug, all RADIUS packets except the CoA-Ack/Nak will actually be transmitted via the dynamic interface.  As a general rule of thumb, if using the Radius NAC option on a WLAN, you should not configure the Radius Server Overwrite interface feature.
  Bug Info:  https://tools.cisco.com/bugsearch/bug/CSCuj42870
  For your second question, you raise a very valid point which I am going to turn into a documentation enhancement request.  We don't currently have a document that lists the possible supplicant provisioning wizard errors that may be encountered.  Please feel free to post specific errors that you have questions about in this chat and we will try to get you answers.  For most Android devices, the wizard log file can be found at /sdcards/downloads/spw.log.
  As for product roadmap questions, we won't be able to discuss this here due to NDA.  Both are popular asks from the field so it will be interesting to see what the product marketing team comes up with for the next iterration of ISE.
  Related Info:
  Wireless BYOD for FlexConnect Deployment Guide

• Ask the Expert: Introduction to Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features)

  With Namit Agarwal and Rahul Govindan 
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features) with experts Namit Agarwal and Rahul Govindan.
  This is a continuation of the live webcast.
  Cisco ASA CX (Context-Aware) is a next generation firewall service that serves as an extension to the Cisco Adaptive Security Appliance (ASA) firewall platform. In addition to the proven stateful inspection firewall capabilities, it provides us with next-generation capabilities and a host of additional network-based security controls for end-to-end network intelligence and streamlined security operations.
  Namit Agarwal is a customer support engineer at the Cisco Technical Assistance Center in Bangalore, India. He has more than four years of experience in the security domain. His areas of expertise include ASA firewalls, IPS, and ASA content-aware security (ASA CX). He has been involved in various escalation requests from around the world. He holds CCIE certification (number 33795) in security.   
  Rahul Govindan has been an engineer with the Security Technical Assistance Center team in Bangalore for more than three years. He works on security technologies such as VPN; Cisco ASA firewalls; and authentication, authorization, and accounting. His particular expertise is in Secure Sockets Layer VPN and IP security VPN technologies. He holds CCIE certification (number 29948) in security.
  Remember to use the rating system to let Namit and Govindan know if you have received an adequate response. 
  Because of the volume expected during this event, Namit and Govindan might not be able to answer every question. Remember that you can continue the conversation in the Security community, subcommunity VPN shortly after the event. This event lasts through November 1, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
  Webcast related links:
  Slides from the live webcast
  Video Recording of the live webcast
  Introduction to Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features): FAQ from live webcast

  Hello Namit and Rahul,
  Here are few questions that came in directly during your live webcast hence posting them here so that users can benifit:
  1)      How is ASA CX different from other UTM solutions ?
  2)      How is dynamic application inspection of CX better than other inspection engines  ?
  3)      What features or functionalities on the CX are available by default ?
  4)      what are the different ways we can run or install CX on the ASA platform ?
  5)      What VPN features are supported with multi context ASA in the 9.x release ?
  6)      What are the IPv6 Enhancements in the ASA version 9.x ?
  Request you to please provide your responses to them individually.
  Thanks.

• Ask the Expert: C-Series Integration with Cisco Unified Computing System Manager

  Welcome to the Cisco Support Community Ask the Expert conversation. This conversation is an opportunity to learn and ask questions about Cisco C-Series Integration with Cisco Unified Computing System® Manager (Cisco UCS® Manager) with Cisco experts Vishal Mehta and Manuel Velasco.
  Cisco UCS C-Series Rack-Mount Servers are managed by the built-in standalone software, Cisco Integrated Management Controller (Cisco IMC). When a C-Series rack-mount server is integrated with Cisco UCS Manager, the IMC no longer manages the server. Instead you will manage the server using the Cisco UCS Manager GUI or Cisco UCS Manager command-line interface (CLI).
  Cisco UCS Manager 2.2 provides three connectivity modes for Cisco UCS C-Series Rack-Mount Server management. The following are the connectivity modes:
  Dual-wire management (shared LAN On Motherboard [LOM]): Shared LOM ports on the rack server are used exclusively for carrying management traffic.A separate cable connected to one of the ports on the Payment Card Industry Express (PCIe) card carries the data traffic.
  SingleConnect (Sideband): Using Network Controller Sideband Interface (NC-SI), the Cisco UCS Virtual Interface Card 1225 (VIC1225) connects one cable that can carry both data and management traffic.
  Direct Connect Mode: Cisco UCS Manager Version 2.2 introduces an additional rack server management mode using direct connection to the Fabric Interconnect.
  Vishal Mehta is a customer support engineer for Cisco’s Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in the TAC for the past 3 years with a primary focus on data center technologies such as Cisco Nexus® 5000, Cisco UCS, Cisco Nexus 1000V, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching and service provider.
  Manuel Velasco is a customer support engineer for Cisco’s Data Center Server Virtualization TAC team based in San Jose, California.  He has been working in the TAC for the past 3 years with a primary focus on data center technologies such as Cisco UCS, Cisco Nexus 1000V, and virtualization.  Manuel holds a master’s degree in electrical engineering from California Polytechnic State University (Cal Poly) and CCNA® and VMware VCP certifications. Remember to use the rating system to let Vishal and Manuel know if you have received an adequate response. 
  Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation in the Data Center, under subcommunity, Unified Computing, shortly after the event. This event lasts through May 23, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Sebastian,
  The different modes of connecting C-Series with UCSM come into play depending on the type of infrastructure you already have along with C-Series and NIC model.
  Cisco UCS C-Series Rack-Mount Servers are managed by the built-in standalone software, Cisco Integrated Management Controller (CIMC) .
  Powerful features provided by Cisco UCS Manager can be leveraged to manage C-Series server by integrating  C-Series Rack-Mount Server with UCSM.
  This not only gives you rich-feature set but also one management plane to operate UCS-B Series Chassis and UCS-C Series Rack Server.
  You will manage the server using the Cisco UCS Manager GUI or Cisco UCS Manager CLI.
  Cisco UCS Manager 2.2 provides three connectivity modes for Cisco UCS C-Series Rack-Mount Server management.
  The following are the connectivity modes:
  •  Dual-wire Management (Shared LOM):
  Shared LAN on Motherboard (LOM) ports on the rack server are used exclusively for carrying management traffic. A separate cable connected to one of the ports on the PCIe card carries the data traffic. Using two separate cables for managing data traffic and management traffic is also referred to as dual-wire management.
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_0100.html
  This mode is recommended when you have C-Server which does not  have or cannot support VIC 1225 card (such C-200 server)
  •  SingleConnect (Sideband):
  Using Network Controller Sideband Interface (NC-SI), Cisco UCS VIC1225 Virtual Interface Card (VIC) connects one cable that can carry both data traffic and management traffic.
  This feature is referred to as SingleConnect.
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_011.html
  This most recommended Integration model when using FEX and VIC 1225 card
  •  Direct Connect Mode:
  Cisco UCS Manager release version 2.2 introduces an additional rack server management mode using direct connection to the Fabric Interconnect.
  This mode will eliminate the need for FEX module as Servers are directly plugged into the base ports of Fabric Interconnect
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_0110.html
  Please let us know if you need more information. Thank you!
  Thanks,
  Vishal

• Ask the Expert: Cisco UCS Troubleshooting Boot from SAN with FC and iSCSI

  Welcome to this Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco UCS Troubleshooting Boot from SAN with FC and iSCSI with Vishal Mehta and Manuel Velasco.
  The current industry trend is to use SAN (FC/FCoE/iSCSI) for booting operating systems instead of using local storage.
  Boot from SAN offers many benefits, including:
  Server without local storage can run cooler and use the extra space for other components.
  Redeployment of servers caused by hardware failures becomes easier with boot from SAN servers.
  SAN storage allows the administrator to use storage more efficiently.
  Boot from SAN offers reliability because the user can access the boot disk through multiple paths, which protects the disk from being a single point of failure.
  Cisco UCS takes away much of the complexity with its service profiles and associated boot policies to make boot from SAN deployment an easy task.
  Vishal Mehta is a customer support engineer for Cisco’s Data Center Server Virtualization TAC team based in San Jose, California. He has been working in the TAC for the past three years with a primary focus on data center technologies such as Cisco Nexus 5000, Cisco UCS, Cisco Nexus 1000v, and virtualization. He has presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE certification (number 37139) in routing and switching and service provider.
  Manuel Velasco is a customer support engineer for Cisco’s Data Center Server Virtualization TAC team based in San Jose, California. He has been working in the TAC for the past three years with a primary focus on data center technologies such as Cisco UCS, Cisco Nexus 1000v, and virtualization. Manuel holds a master’s degree in electrical engineering from California Polytechnic State University (Cal Poly) and VMware VCP and CCNA certifications.
  Remember to use the rating system to let Vishal and Manuel know if you have received an adequate response. 
  Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation in the Data Center community, under subcommunity Unified Computing, shortly after the event. This event lasts through April 25, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Evan
  Thank you for asking this question. Most common TAC cases that we have seen on Boot-from-SAN failures are due to misconfiguration.
  So our methodology is to verify configuration and troubleshoot from server to storage switches to storage array.
  Before diving into troubleshooting, make sure there is clear understanding of this topology. This is very vital with any troubleshooting scenario. Know what devices you have and how they are connected, how many paths are connected, Switch/NPV mode and so on.
  Always try to troubleshoot one path at a time and verify that the setup is in complaint with the SW/HW interop matrix tested by Cisco.
  Step 1: Check at server
  a. make sure to have uniform firmware version across all components of UCS
  b. Verify if VSAN is created and FC uplinks are configured correctly. VSANs/FCoE-vlan should be unique per fabric
  c. Verify at service profile level for configuration of vHBAs - vHBA per Fabric should have unique VSAN number
  Note down the WWPN of your vhba. This will be needed in step 2 for zoning on the SAN switch and step 3 for LUN masking on the storage array.
  d. verify if Boot Policy of the service profile is configured to Boot From SAN - the Boot Order and its parameters such as Lun ID and WWN are extremely important
  e. finally at UCS CLI - verify the flogi of vHBAs (for NPV mode, command is (from nxos) – show npv flogi-table)
  Step 2: Check at Storage Switch
  a. Verify the mode (by default UCS is in FC end-host mode, so storage switch has to be in NPIV mode; unless UCS is in FC Switch mode)
  b. Verify the switch port connecting to UCS is UP as an F-Port and is configured for correct VSAN
  c. Check if both the initiator (Server) and the target (Storage) are logged into the fabric switch (command for MDS/N5k - show flogi database vsan X)
  d. Once confirmed that initiator and target devices are logged into the fabric, query the name server to see if they have registered themselves correctly. (command - show fcns database vsan X)
  e. Most important configuration to check on Storage Switch is the zoning
  Zoning is basically access control for our initiator to  targets. Most common design is to configure one zone per initiator and target.
  Zoning will require you to configure a zone, put that zone into your current zonset, then ACTIVATE it. (command - show zoneset active vsan X)
  Step 3: Check at Storage Array
  When the Storage array logs into the SAN fabric, it queries the name server to see which devices it can communicate.
  LUN masking is crucial step on Storage Array which gives particular host (server) access to specific LUN
  Assuming that both the storage and initiator have FLOGI’d into the fabric and the zoning is correct (as per Step 1 & 2)
  Following needs to be verified at Storage Array level
  a. Are the wwpn of the initiators (vhba of the hosts) visible on the storage array?
  b. If above is yes then Is LUN Masking applied?
  c. What LUN number is presented to the host - this is the number that we see in Lun ID on the 'Boot Order' of Step 1
  Below document has details and troubleshooting outputs:
  http://www.cisco.com/c/en/us/support/docs/servers-unified-computing/ucs-b-series-blade-servers/115764-ucs-san-tshoot-00.html
  Hope this answers your question.
  Thanks,
  Vishal 

• Ask the Expert: Configuration, Design, and Troubleshooting of Cisco Nexus 1000

  With Louis Watta
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about design, configuration, and troubleshooting of Cisco Nexus 1000V Series Switches operating inside VMware ESXi and Hyper-V with Cisco expert Louis Watta. Cisco Nexus 1000V Series Switches deliver highly secure, multitenant services by adding virtualization intelligence to the data center network. With Cisco Nexus 1000V Series Switches, you can have a consistent networking feature set and provisioning process all the way from the virtual machine access layer to the core of the data center network infrastructure.
  This is a continuation of the live Webcast.
  Louis Watta is a technical leader in the services organization for Cisco. Watta's primary background is in data center technologies: servers (UNIX, Windows, Linux), switches (MDS, Brocade), storage arrays (EMC, NetApp, HP), network switches (Cisco Catalyst and Cisco Nexus), and enterprise service hypervisors (VMware ESX, Hyper-V, KVM, XEN). As a Technical Leader in Technical Services, Louis currently supports beta and early field trials (EFTs) on new Cisco software and hardware. He has more than 15 years of experience in a wide variety of data center applications and is interested in data center technologies oriented toward data center virtualization and orchestration. Prior to Cisco, Louis was a system administrator for GTE Government Systems. He has a bachelor of science degree in computer science from North Carolina State University. .
  Remember to use the rating system to let Louis know if you have received an adequate response.
  Louis might not be able to answer each question because of the volume expected during this event. Remember that you can continue the conversation on the Data Center community Unified Computing shortly after the event.
  This event lasts through Friday, JUne 14, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
  Webcast related links:
  Slides
  FAQ
  Webcast Video Recording

  Right now there is only a few features that are not supported on N1Kv on Hyper-V
  They are VXLAN and QOS Fair Weighted Queuing. We are currently demoing VXLAN functionality at Microsoft TechEd Conference this week in New Orleans. So VXLAN support should be coming soon. I can't give you a specific timeline.
  For Fair Weighted Queuing I'm not sure. In the VMware world we take advantage of NETIOC infrastructure. In the MS world they do not have a NETIOC infrastructure that we can use to create a similar feature.
  Code base parity (as in VMware and Hyper-V VSMs running NXOS 5.x) will happen with the next major N1KV release for ESX.
  Let me know if that doesn't answer your question.
  thanks
  louis