Radius traffic is no loner SNAT'd after a failover, CSS-CSS

Similar Messages

• Layer2 security 802.1x radius traffic will be sent from foreign WLC or anchor WLC?

  Wireless Design with foreign WLC or anchor WLC, understood that after WIFI client associated with WLC, all traffic should be tunneled to anchor WLC including DHCP request or any layer3 security such as web auth.
  What if we are using layer2 security 802.1x using ACS for authentication, which WLC will be sending radius traffic to ACS, foreign WLC or anchor WLC? This impacts our firewall rules.

  Authentication and all L2 encryptions will happen at the "foreign" WLC.
  HTH
  Steve

• CSS VIPs use old MAC address after firewall failover

  We have our CSS load balancers behind our firewalls in a DMZ and when the firewall fails over the physical interface changes the MAC address to the new address of the now active firewall but the VIP's do not and all traffic to those VIPs are broken. Has anyone experienced an issue like this before? Any help would be appreciated.
  Thanks.

  I understand you have CSS load balancers behind firewalls in a DMZ,  could you clarify what interface changes the MAC address  to the new address of the now active firewall after firewall failover? are you expecting VIPS failing over too?
  If firewall failed over, depends on types of firewall, for some firewall, mac will change, new Active Firewall sends a 'gratituous' arp which makes the neighboring devices to save the new mac address of the Active firewall with the ip address. It seems to be your case. If for some reason, that is not happening (gratituous arp missing), it could cause issues like VIPS on CSS broken.
  The failover of the firewall should be transparent to CSS VIPS. Did you take a capture to see what is happening? did CSS receive requests properly? is CSS load balance to server properly?
  If you require CSS failover when firewall failover, then you can define critical service (layer 3) or critical physical interface(layer 2), and if that detect link to firewall down, then it could fail over.

• After disabling failover can't configure interfaces

  I had a pair of ASA 5510s in failover and needed to move one so I disabled failover. Now I can't configure any of the interfaces. When I put an IP on an interface and then show interface ip brief, it shows as unassigned.
  What else do I have to do after disabling failover to be able to configure the interfaces again?

  Hi,
  Are you not able to assign ip address on both the devices? If i am not wrong, you should be able to assign the ip address to the active one but not to the stand by one. There are two ways to assign ip address to the standby device. One is to reload the stand by so that it comes out of the stand by state.
  Second way is to configure the standby ip address on the interface. For ex on the interface configure:
  ip address 172.16.1.1 255.255.0.0 standby 172.16.1.2
  The stand by device will take the standby ip address.
  Rahul

• Why do i have to keep pressing f5 after every change in CSS to see liveview?

  I have to click/F5 on live view button  after making changes in CSS every time i change anything. is there a way to make live view automatic?

  Luis, I import the clip from a folder on my hard disk that does replicate the file on the camera card, and the clip does have a little camera icon in the bottom left corner of the screen (see the images below).

• Error with OCISESSIONEND after a failover

  Hi everyone,
  In an application, after a failover (using TAF) we receive a failover error calling OCISESSIONEND. Is it normal? It seems to me that calling OCISESSIONEND after a failover should return success.
  Regards.
  Carl

  simple restart fixed it

• FXO traffic is going over Wan link after enabling QoS

  Hi,
  We have CCM 5.0,2811 voice gateway,1 4FXO and 1 g.shdsl card on it. 4 Telco lines are on 4FXO card.CCM is at the other side of g.shdsl line.Topology like that,
  2811 ---------------- CCM
  4fxo g.shdsl
  When a call receives from FXO port, system is working normally without QoS. When we enable QoS traffic,traffic is going over wan link then return again.Because of that,delays and timeouts occuring.Router's config is at the attachment. Please Help!
  Thank you

  Check your H323 gateway config in CCM to be sure the Media Termination Point Required box is unchecked. Using MTP forces the call to terminate on the closest MTP resource which is likely at your CCM site.
  Please rate helpful posts.
  Dave

• Messages Stuck in Submission Queue after Database failover to DR site

  Hi Everyone,
  Yesterday Night we had a Database failover to DR site but emails were stuck in the submission queue to resolve we failed back the Database. We have Exchange 2010 SP3 Ru4 with Active-Active DAG across 2 AD sites.
  After checking the connectivity logs on the Transport server i found out that the Transport server was trying to connect to the mailbox server where this database was residing directly instead of using the Transport servers in the 2nd site.
  We have 4 more databases on the same server but for those databases there was no issues and the mail flow was working fine.
  Only thing i checked is that we have about 700 GB of log files for this database. Could that can cause this issue.

  Hi,
  Thanks for your response.
  I did not restart transport service. I assume restarting transport service might have resolved the issue.
  But, i want to know the reason why this happened as we have stretch DAG so this can cause major outage in case more mailbox database fails over.
  Removing the logs files is what i am thinking to do maybe within this week.

• RDP Services do not accept connection after cluster failover

  Hi guys,
  i am having weird behaviour on my Windows Server 2012 R2. 
  server 1
  - 10.100.1.201
  server 2   - 10.100.1.203
  VIP - 10.100.1.202
  when i perform remote desktop session to server 1 and server 2 after both servers are being rebooted, they are working perfectly fine. during the remote desktop session, i perform a cluster node failover switching node to server 2. immediately i perform
  the task, my server 1 connection will hang and not able to login anymore.
  strangely, when i am connection from the same server zone and perform remote desktop, they work perfectly fine and will not disconnect me from neither of the server 1 and 2. 
  i am suspecting the network routing mess up during the cluster failover, but from the route print, there are identical and has no problem with it.
  any one here has the same problem i experience?
  zhiyuan

  Hi,
  sorry if i lose you ... here is the story
  node 1 - 10.100.1.201
  node 2 - 10.100.1.203
  vip - 10.100.1.202
  when both server restarted, i can remote to both servers, no problem.
  1. RDP to both node 1 and 2 together on their physical IP. Connected successfully. 
  2. checked the Active node on node 1. Perform fail over from node 1 to 2, node 1 RDP session loss connection immediately. checked on node 2, cluster node active on node 2. no errors.
  3. perform node 2 to node 1 fail over. Node 2 RDP session loss connection immediately, node 1 session came back. checked cluster node active on node 1. no errors.
  4. in order to have both can continue to rdp, perform restart on node 2 (the node cannot reconnect), after reboot, rdp back to normal. 
  5. firewall team confirm connection has reach server, server not responding to rdp apparently. 

• Outlook looses connectivity after DAG Failover

  Hi team,
  Im running a lab environment with 2xCAS (WNLB) and 2xMBX (DAG) servers. Since it's a lab environment I've set the DC as my FSW. All Virtual Directories are pointing to 'mail.contoso.com' pointing to the two CASs which is WNLB'ed.
  To test the DAG Failover I set up a Database(MDB01) on MBX Server 1 which is active, made a passive replica on MBX Server 2. I shut down Server 01, which holds the active databases mounted. meanwhile two clients were running and both were connected. Once
  the server got shutdown, both clients(Outlook 2013) went to 'Trying to connect to server' status.
  Meanwhile checking the powershell on the Mbx Server 02, i noticed that the database was mounted. Went back to clients and open'ed up OWA, working as normal. However, the outlook client is still stuck in the 'Trying to connect to server' status. And
  i opened up the 'Connection Status' and tried to 'Reconnect' but still no luck. I had to close and open up outlook to get back into the 'Connected' mode.
  Any idea why this might be happening? 
  *Since unlike Exchange 2010's CAS Array architecture is no more there I didn't made any changes to any RPCClientAccess.... attribute. Both mail.contoso.com and autodiscover.contoso.com are pointed to the VIP of the CAS WNLB.
  Cheers!

  Hello,
  After you configure a single namespace, you need to restart outlook to connect the newly configured namespace.
  Before DAG Failover, I recommend you use netstat -ano | findstr ":80" command to check your outlook connect to CAS server.
  In order to check the issue, please do DAG failover again, and then use netstat -ano | findstr ":80" command to check your outlook connect to CAS server.
  Additional article for your reference. (Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft
  cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.)
  http://exchangeserverpro.com/exchange-2013-client-access-server-high-availability/
  If you have any feedback on our support, please click
  here
  Cara Chen
  TechNet Community Support
  Hi Cara,
  Yes, here's the result from the query.
  [IMG]http://i57.tinypic.com/im01na.png[/IMG]
  But whenever i restart the client it gets connected in no time. I'm confused in why after a manual DAG failover this happens.
  Manual failover - I shut the active copy, the passive copy was also down for around 15 mins, booted up the passive server, it said Databases as Disconnected and Active Manager error in getting them mounted up and had a 99234343231 of CQL. So
  to mark the server active did a 'net start clussvc /forcequorum'. This got the databases mounted up. But clients, they doesn't get connected automatically :(
  UPDATE - The client got connected after like
  15 mins. :s

• Outlook not connect to mailbox after DAG failover

  Hi,
  I have very annoying problem with Exchange Server 2013
  on my production servers.
  Below is my setup
  DC – Windows Server 2012
  CASHUB1 – Windows Sever 2012 (Exchange 2013 Standard)
  CASHUB2 – Windows Sever 2012 (Exchange 2013 Standard + Witness Server)
  MBX1 – Windows Sever 2012 (Exchange 2013 Standard)
  MBX2 – Windows Sever 2012 (Exchange 2013 Standard)
  So what's happening? After I move user's mailbox database from MBX1 to MBX2, Outlook (2007 with latest update and 2010 with latest update)
  is being redirected to the server that holds the mailbox, and it’s ok. But, the problem arises when I turn off MBX1 and leave only MBX2 running - users are not able to connect to the MBX2. The moment the operating system on MBX1 is started, users connect to
  MBX2 smoothly and everything works fine.
  My DAG is working fine because when I turn off MBX1, MBX2 detects that change, and in a few seconds the database becomes active on MBX2.
  So, DAG works perfectly, but since the MBX1 is turned off no Outlook client can connect to MBX2.
  Also, if my Mailbox database is mounted on MBX2 and if
  turn of MBX2 in a few seconds the database becomes active on MBX1 and Outlook client get connected on MBX1.
  Thanks

  Hi,
  As far as I know, in Exchange 2013,  Outlook clients don’t rely on the value stamped in the “RPCClientAccessServer”.
  According to the error, we can try to Disable IPv6 & Change Hosts file:
  http://www.julianben.com/2013/04/22/the-rpc_s_server_unavailable-error-0x6ba-was-thrown-by-the-rpc-runtime-process/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
  sure that you completely understand the risk before retrieving any suggestions from the above link.
  Thanks,
  Angela Shi
  TechNet Community Support

• Why changes are not made in login screen after changes in logon.css in OBIE

  Hi,
  I need to change the login screen with my own logo.and i referred the below links.I have made all the cahanges as mentioned in this link.
  The heading is changing but the backgroundimage and colours are not changing.I have made all the changes as mentioned in this link.
  can anyone help what is wrong and why i'm not getting the backgroung image and colour changed..Is there any other changes in logon.css or instanceconfig.xml
  other than mentioned in this link.
  http://santoshbidw.wordpress.com/2011/08/16/obiee-logon-screen-customization/
  http://santoshbidw.wordpress.com/category/obiee-10g/obiee-10g-answers/customize-obiee-logon-image/
  Thanks in advance

  You have customised the skins/themes folder
  $OBI_HOME/web/app/res/*
  Depending on what webserver you are using you will also need to customise the skins/themes for the web application that is already deployed.
  These are where you can find them:
  OC4J: $OBI_HOME/oc4j_bi/j2ee/home/applications/analytics/analytics/res/*
  WebLogic: $OBI_HOME/web/analytics/res/*
  You will need to restart the presentation services to see the changes.
  If you are manually deploying the application to the web server you will need to make your changes to the original app folder '$OBI_HOME/web/app/res/*' and then follow the below guide to create the web archive to deploy to the presentation server i.e. oc4j or WebLogic.
  http://download.oracle.com/docs/cd/E12096_01/books/AnyInConfig/AnyInConfigSAW4.html#wp1119340

• QFS don�t update File System space after a failover

  When I do a fail-over (get down a master node of device QFS) while I delete a file the space on it (FS) is inconsistent (df command show mayor space than du command) and I have to do a file System Check on it to get free space.

  Thanks,
  The version of QFS is VERSION.4.6
  SUN Cluster version 3.2
  Solaris 10 8/07
  The file "mcf" is
  # Equipment Eq Eq Family Device Additional
  # Identifier Ord Type Set State Parameters
  kml 1 ms kml on shared
  /dev/did/dsk/d7s0 10 md kml on
  /dev/did/dsk/d8s0 11 md kml on
  /dev/did/dsk/d9s0 12 md kml on
  /dev/did/dsk/d10s0 13 md kml on
  /dev/did/dsk/d11s0 14 md kml on
  /dev/did/dsk/d12s0 15 md kml on
  /dev/did/dsk/d13s0 16 md kml on
  /dev/did/dsk/d14s0 17 md kml on
  /dev/did/dsk/d15s0 18 md kml on
  /dev/did/dsk/d16s0 19 md kml on
  /dev/did/dsk/d21s0 20 md kml on
  /dev/did/dsk/d22s0 21 md kml on
  /dev/did/dsk/d23s0 22 md kml on
  /dev/did/dsk/d24s0 23 md kml on
  /dev/did/dsk/d25s0 24 md kml on
  /dev/did/dsk/d26s0 25 md kml on
  /dev/did/dsk/d27s0 26 md kml on
  /dev/did/dsk/d28s0 27 md kml on
  /dev/did/dsk/d29s0 28 md kml on
  /dev/did/dsk/d30s0 29 md kml on
  # samfsinfo kml
  samfsinfo: filesystem kml is mounted.
  name: kml version: 2 shared
  time: Thursday, April 10, 2008 4:48:05 PM PYT
  count: 20
  capacity: 000000003d064400 DAU: 64
  space: 000000003d04e480
  ord eq capacity space device
  0 10 00000000030d1d00 00000000030d0580 /dev/did/dsk/d7s0
  1 11 00000000030d1d00 00000000030d1c00 /dev/did/dsk/d8s0
  2 12 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d9s0
  3 13 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d10s0
  4 14 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d11s0
  5 15 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d12s0
  6 16 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d13s0
  7 17 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d14s0
  8 18 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d15s0
  9 19 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d16s0
  10 20 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d21s0
  11 21 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d22s0
  12 22 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d23s0
  13 23 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d24s0
  14 24 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d25s0
  15 25 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d26s0
  16 26 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d27s0
  17 27 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d28s0
  18 28 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d29s0
  19 29 00000000030d1d00 00000000030d1c40 /dev/did/dsk/d30s0
  #df -k |grep kml
  kml 1023820800 5384 1023815416 1% /oradata_kml1
  #clrs status -g qfs-kml-rg +
  Cluster Resources ===
  Resource Name Node Name State Status Message
  qfs-kml-rs m9ka Online Online - Service is online.
  m9kb Offline Offline
  Best regasts,
  Ivan

• Lifet After HTML/XHTML and CSS

  Since I could not afford going to college for web design, I
  relied on books, articles and this forum to jump start my knowledge
  on web development. I will never be an "expert" on web development.
  I say this because the web language and technology is constantly
  changing and one must keep up with today's craving for digital
  supremacy.
  Few months ago I was unable to create a web page with out
  Dreamweaver design view but now, I hate design view. I sit and
  create web pages in note pad all day and I love it! I love writing
  raw codes and my dream is to become one of the best web developer
  some day.
  Anyway, I have learned a lot about CSS/XHTML to at least
  create basic websites but I want to take the next step since I can
  now afford to take college classes.
  What do I learn next? I want to learn another language that
  will enhanced my design/developer technical knowledge. Do I go
  JavaScript? Flash/Actionscript?
  I want to learn a technology that can create interactivity on
  the web but with all the different languages, I'm confused as to
  where to start.
  Any advise?
  Patrick

  On 01 Aug 2008 in macromedia.dreamweaver, Webethics wrote:
  > Since I could not afford going to college for web
  design, I relied
  > on books, articles and this forum to jump start my
  knowledge on web
  > development. I will never be an "expert" on web
  development.
  Many of us have backgrounds in areas other than web
  development, and
  learned it the same way you did.
  > I say this because the web language and technology is
  constantly
  > changing and one must keep up with today's craving for
  digital
  > supremacy.
  However - (X)HTML and CSS are the backbone of web
  development, and will
  remain so for the forseeable future. (Like until
  October...)[1]
  > Few months ago I was unable to create a web page with
  out
  > Dreamweaver design view but now, I hate design view. I
  sit and
  > create web pages in note pad all day and I love it! I
  love writing
  > raw codes and my dream is to become one of the best web
  developer
  > some day.
  I can - and do - some development in a text editor. However,
  the
  conveniences Dreamweaver adds - things like tag completion
  and file
  management - mean that I do most of my work in DW's code
  view.
  > Anyway, I have learned a lot about CSS/XHTML to at least
  create
  > basic websites but I want to take the next step since I
  can now
  > afford to take college classes.
  >
  > What do I learn next? I want to learn another language
  that will
  > enhanced my design/developer technical knowledge. Do I
  go
  > JavaScript? Flash/Actionscript?
  >
  > I want to learn a technology that can create
  interactivity on the
  > web but with all the different languages, I'm confused
  as to where
  > to start .
  Learn serverside scripting, either PHP or ASP.Net/C# or maybe
  .Net/jscript. Check the want ads or online job boards for
  what
  companies are looking for in the area you want to work.
  There is some work out there for Flash developers, either as
  part of a
  team or as a subcontractor, doing parts of sites. A lot of
  sites I see
  use a Flash header to add some interest to a page. But the
  number of
  straight Flash sites is limited, and I suspect will be for a
  while.
  Javascript is good too, and some people make a living from
  creating
  javascript widgets for web development. See, for example,
  Project
  Seven (
  http://projectseven.com/) or
  Michael Brandt (Diva HTML
  http://www.divahtml.com/).
  And a competent web developer should have a
  passing familiarity with it. But I'd guess that you're
  unlikely to
  land a local development job based on your javascript
  abilities.
  [1] For the humor impaired - I'm kidding. It will be November
  at
  least. I'm not sure what the year will be, though.
  Joe Makowiec
  http://makowiec.net/
  Email:
  http://makowiec.net/contact.php

• Traffic light showing the red colour in vl10g after all status completed

  Hi Team,
  My client facing one issue regarding the vl10g traffic light it show red colour after all document status is completed so please let me know I have to used which oss note / I have to debug the program(this is the standard T.code) or which way i have to used for resolved this issue so please replay argentely this great help to me and I am very thankful for corporation.
  Regrads,
  Ravi SAP SD

  RaviSAPSD wrote:
  it show's the error i.e. "No delivery-relevant items in order 0527087193, order type OR"
  With this in mind, I'd doubt the previous statement that the order status is 'completed'. Such orders wouldn't be picked up for the Delivery Due list. It is possible that either there is a line item that is not relevant to delivery yet it makes the order header status incomplete. Thus Delivery Due list picks up the order # based on the header status but when it checks the line items, there is nothing relevant for delivery.
  Check again the order statuses, not just on screen but in the tables VBUK/VBUP. Additionally, you can search for the notes yourself using the message ID/number (e.g. VL 001, which you should see, along with the long text, when you double-click on the message).