VIP telnet issue in CSM 6500

Not able to telnet to VIP address of CMS from 6500 switch.

Hi all
my Problem is that i have configured two real server in CSM Load balancer.
I m able to get the ping & telent response of VIP address of Load balacer IP,from both of the real server ..but when i telent to VIP address from 6500 switch its not happening ..
what can be the reason pls.
guide me .
thanks

Similar Messages

  • Cannot ping REAL server IP addresses from CSM 6500

    I have a dual 6500/CSM routed topology in which the traffic from clients to the server VIP works fine. However, in preparation for some upcoming work, I find that I cannot ping the REAL server IP addresses. This would seem to be an important troubleshooting step. Any ideas why this wouldn't work?

    Gilles, followup question. If I understand this, what you outlined above will allow traffic external coming into the 6500/CSM to be forwarded thru to the REAL server IPs. If it wasn't clear, I was trying to ping from the native-mode 6500 that contains the CSM. I've tried regular and extended pings using the CSM-configured server VLAN's IP and alias IP, but get no response back from any of the REAL server IP addresses.
    Is what you've indicated required to ping even if I'm on the 6500 which contains the CSM?

  • Login issue in CSM

    Hi All,
    After adding the ACS in CSM ,I am unable to login the CSM with the ACS username and password and also the admin username and password.
    Now i removed the csm server in ACS even then same status.How to login the csm ?

    Did you set up the authorization or just authentication through Tacacs+?
    I recently had an issue with this, but I was able to login. I wasn't able to see the devices however. It turns out that the devices in CSM need to be the same exact display name as they show up in ACS.
    This is the guide I followed.
    http://www.cisco.com/en/US/products/ps6498/products_configuration_example09186a00808eada8.shtml
    After some headache I just used ACS for authentication, and not authorization. To do this you choose "non-ACS" when you are setting it up just put the radio button in tacacs+. You then add the user in the local database for the authorazation piece. But it will authenticate against tacacs.

  • Software issue with nokia 6500 slide handsets

    Hi All
    I have 2 nokia 6500 slide handsets that seem to have the same issue that driving me mad..
    It seems no matter how many times i set a ringtone and screen saver, the phone reverts back to the standard nokia ringtone and a blank screensaver???
    I have phoned my network provider who dont seem to be of any help at all and just keep advising me that i should try upgrading the software via the pc suite which ive done several times with no fix!
    Im thinking this must be a fault with this handsets/ software as both my phones are doin it and also 3 of my friends phones also are doin the same thing!
    Does anyone know why this keeps happening as im really getting fedup with having to reset my ringtone/ screen saver all the time..
    Thanxs rich

    I purchaced a nokia 6500 slide around christmas 08 and by janurary it was away getting fixed because of the phone whiting out resetting scrambling my contacts wouldnt take pictures wouldnt read my memory card because of the stupid clip on the back which you need so it will read it is now august 09 it has been away for repairs 3 times in total it has spent about 3 months away being repaired so i do not reccomend buying one waste of money and time thanks nokia job well done. 

  • Telnet Prompt and CSM Probing

    We are in the process of installing newly acquired CSM modules in order to load-balance internal traffic to a set of Telnet servers. The Telnet servers interact with other application servers hosting an in-house developed application that is causing an intermittent problem. When a user connects to a Telnet server, a Telnet sessions sometimes get established without a prompt. We are looking for a way to rectify this problem by using the probing feature on the CSMs. We would like to configure the CSMs to remove the Telnet servers that are experiencing this problem from service. This problem cannot be fixed by setting up a simple Telnet probe, because the badly behaving server will still respond to these probes although the prompt is not being displayed.
    An HTTP application level problems can be probed by the CSMs using the HTTP Return Code Checking feature. This is due to the nature of the HTTP protocol where the error codes are displayed in the HTTP header. The CSMs are capable of parsing the HTTP packets and reading the error codes. This feature can be used to certain extent with FTP and Telnet. Could it be used to fix this particular problem? How? If not, do you have other suggestions?
    Thanks,
    Bachir Najm

    Using a Tcl script as a health probe on the CSM allows you to open a connection to a host, send/receive data on that connection, and parse through the responses you receive.
    So, you could write a Tcl script that opens a telnet connection to the server, and tries to match against the expected prompt string. If the match fails, you can set an error condition in the script.
    Download the file 'c6slb-apc.3-1-9.tcl' from here:
    http://www.cisco.com/cgi-bin/tablebuild.pl/cat6000-csm
    It contains a set of sample scripts that can be used on the CSM.
    ~Zach

  • Telnet Issue on Cisco 3850

    Hello,
    I'm experiencing issue with Telnet connections on my Cisco C3850-48P-S. The version is 3.3.3SE.
    I haven't enabled Telnet on line VTY of my switch, but the switch is always available using telnet.
    Here my configuration:
    line vty 0 4
     exec-timeout 20 0
     logging synchronous
     transport input ssh
    Do you know if it's possible to disable telnet ?
    Thanks in advance.
    Regards
    Nicolas

    Hello Frank;
    Thank for the reply.
    Here below more informations about the issue:
    - It does work sometimes, but it did never worked properly.
    - the problem is there for both sending and receiving.
    - for the PSTN transport, i have no idea.   
    - I tried to change the ATA by another, still the same problem.
    - ATAs work properly for voice communication.
    - when i call this fax number internally the signal comes along.
    - the problem is when faxing internally, it isn't used for external faxing.
    - the call flow for internal faxing is like this:
    Analog fax (in site A) > ATA (in site A) > access switch (in site A) > core switch (in site A) > cucm (in site A) > Core switch (in site A) > router (in site A) > optical fiber > router (in site B) > core switch (in site B) > cucm (in site B) > core switch (in site B) > voice gateway 248 (in site B) > Analog fax (in site B).
    the problem occures when sending internal fax between these two sites A and B, when calling site B from site A, the ringing tone comes aloso the fax signal, but when i try the send the paper the stange tone come along and only half of it pass and it get to the site B as a blank paper or a half blank paper.
    for any more explanation, don't hesitate to ask me.
    thanks again for your time.
    Regards.

  • VIP address issues

    Hi Gilles
    Could you please help with the following?
    If I have defined 2 VIP addresses and each of the VIP address has the same set of real servers then will there be a problem. This is specific to DNS servers.
    Your help would be of great help
    Thank you
    Regards
    Aiyappa

    There might be an issue.
    For UDP traffic you have to configure a group to nat the server response back into the vip address.
    If the servers are the same for both vip, on the way back to the client the CSS will not know which vip address to use - a server can only be in one group at a time.
    A solution could be to do client nat. This might force the CSS to remember the vip address on the way back. Not sure as I did not try it.
    Gilles.

  • What is VIP list on cordless BT 6500 phone ?

    I have caller display on my BT 6500 phone and I have blocked withheld numbers and No caller ID calls because i was getting so many nuisance calls about PPI and boilers. Unfortunately, my hospital uses the number withheld system and I was wondering if I can unblock them or do I need to put NHS numbers on the  the VIP list ?

    Don't think thats going to work when you have blocked withheld numbers.
    The only way around it with this  would be to let all withheld go through to an answermachine and pick up if and when needed.
    maybe some one will come up with other answers.
    [edit]
    Do you have a mobile number that you can give hospital/doctors so that they can use that and then leave the landline blocking withheld numbers.
    toekneem
    http://www.no2nuisancecalls.net
    (EASBF)

  • VRF Issue on a 6500

    I have a 6500 with one VRF. I want traffic to pass from the VRF to the global switch through an IPS so I set up a point to point link through the IPS using two GBIC ports each assigned with an IP out of the same /30. One port is in the VRF and the other is not.
    While the VRF and global routing table both show the subnet directly connected, I cannot ping from one side to the other. I replaced the IPS with a cross over cable to rule out the IPS without any change.
    Is this traffic trying to pass over the bus?

    these r the 3 tables which r connected to ur view - T882,T001,T001Z
    if u want data based on some join on these 3 tables then put a join in ur code on these 3 tables and then fetch ur record..if u want datra specific to one table only then u can directly select tht frm a single table..
    amit

  • Cisco AIR-CAP1602I-E-K9 Telnet issue

      Hi Team, I have installed new cisco AIR-CAP1602I-E-K9 in the remote site LAN however the access point received the ip address through central DHCP helper address. I am able to ping the access point through LAN but I am unable to telenet the device to configure.
    Also when Field enginner visited on site to connect physical he connected through console but we were not able get into configure mode though we had full privilege access.
    Please advice.    
    AP0006.f618.26f5#sh version
    Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2012 by Cisco Systems, Inc.
    Compiled Tue 11-Dec-12 04:52 by prod_rel_team
    ROM: Bootstrap program is C1600 boot loader
    BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
    AP0006.f618.26f5 uptime is 3 minutes
    System returned to ROM by power-on
    System image file is "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx"
    Last reload reason:
    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are unable
    to comply with U.S. and local laws, return this product immediately.
    A summary of U.S. laws governing Cisco cryptographic products may be found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
    If you require further assistance please contact us by sending email to
    [email protected].
    cisco AIR-CAP1602I-E-K9    (PowerPC) processor (revision A0) with 98294K/32768K bytes of memory.
    Processor board ID FGL1703ZA3E
    PowerPC CPU at 533Mhz, revision number 0x2151
    Last reset from power-on
    LWAPP image version 7.4.1.37
    1 Gigabit Ethernet interface
    32K bytes of flash-simulated non-volatile configuration memory.
    Base ethernet MAC Address: 00:06:F6:18:26:F5
    Part Number                          : 73-14671-04
    PCA Assembly Number                  : 000-00000-00
    PCA Revision Number                  :
    PCB Serial Number                    : FOC164971SY
    Top Assembly Part Number             : 800-38552-01
    Top Assembly Serial Number           : FGL1703ZA3E
    Top Revision Number                  : A0
    Product/Model Number                 : AIR-CAP1602I-E-K9
    Configuration register is 0xF

    Thanks,
    1. Does it mean I should not be able to telnet also into the AP though I can ping from Router LAN ( AP is connected directly to router ethernet interface).
    2. I am also not able to discover controller when running in controller-based IOS. getting below errors.
    Thanks to advice on above points.
    Mar  1 00:03:04.038: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:04.038: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:04.038: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:04.038: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:03:04.038: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
    *Mar  1 00:03:04.042: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:04.042: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:04.042: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:04.042: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    AP0006.f618.26f5#
    *Mar  1 00:03:14.038: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:14.038: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:14.038: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:14.038: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:03:14.038: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.1
    AP0006.f618.26f5#1.13
    *Mar  1 00:03:14.042: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:14.042: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:14.042: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:14.042: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:03:24.029: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:24.029: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:24.029: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
    *Mar  1 00:03:24.033: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:24.033: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    Not in Bound state.
    *Mar  1 00:03:49.505: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
    *Mar  1 00:03:53.393: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
    *Mar  1 00:03:53.477: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.110.93.22, mask 255.255.255.128, hostname AP0006.f618.26f5
    en
    Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.50.1.235) (10.50.1.236)
    *Mar  1 00:04:00.505: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
    *Mar  1 00:04:00.565: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
    *Mar  1 00:04:00.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:00.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
    *Mar  1 00:04:00.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:10.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:10.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:10.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:04:10.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:04:10.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
    *Mar  1 00:04:10.597: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:10.597: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:10.597: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:04:10.597: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:04:20.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:20.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:20.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:04:20.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:04:20.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
    *Mar  1 00:04:20.597: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:20.597: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:20.597: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:04:20.597: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:04:30.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:30.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:30.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:04:30.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    *Mar  1 00:04:30.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
    *Mar  1 00:04:30.597: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
    *Mar  1 00:04:30.597: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
    *Mar  1 00:04:30.597: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
    *Mar  1 00:04:30.597: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
    Not in Bound state.
    *Mar  1 00:04:46.069: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
    *Mar  1 00:04:49.161: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
    *Mar  1 00:04:49.273: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.110.115.20, mask 255.255.255.128, hostname AP0006.f618.26f5
    Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.50.1.235)
    *Mar  1 00:04:57.069: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP. (10.50.1.236)
    *Mar  1 00:05:15.068: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
    Not in Bound state.
    *Mar  1 00:06:00.568: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
    *Mar  1 00:06:04.396: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
    *Mar  1 00:06:04.412: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.110.93.22, mask 255.255.255.128, hostname AP0006.f618.26f5
    en
    AP0006.f618.26f5#
    AP0006.f618.26f5#sh
    Writing out the event log to flash:/event.log ...
    ip int
    *Mar  1 00:06:11.668: %SYS-5-RELOAD: Reload requested by CAPWAP CLIENT. Reload Reason: Could not discover WLC using DHCP IP address, Reload to use static IP.

  • FTP/telnet issue on OL 5 64bit

    I am trying to enable FTP/Telnet on Oracle Linux server (64bit), i am still getting same error.
    I installed required RPM's
    [root@apps xinetd.d]# rpm -qa|grep telnet
    telnet-0.17-38.el5
    [root@apps xinetd.d]# rpm -qa|grep ftp
    lftp-3.5.1-2.fc6
    tftp-0.42-3.1
    ftp-0.17-33.fc6
    [root@apps xinetd.d]# chkconfig telnet on
    error reading information on service telnet: No such file or directory
    [root@apps xinetd.d]#

    FTP and Telnet are really obsolete and considered a security risk. Both were replaced by the SSH2 package many years ago. Btw, you should use YUM and not install some very old Fedora software using RPM under Enterprise Linux, which can break your system beyond repair.
    If you really need a FTP server, simply do the following without the need to install any additional software.
    cd /etc/xinetd.d/ 
    vi gssftp
    Change the following:
    disable = yes to disable = no.
    remove the –a option in the server_args line.
    /etc/init.d/xinetd restart
    You should now be able to FTP to your server.What was the outcome of your previous post here?
    how to reassign disk space from root on OL 5
    Although feedback is not mandatory, it increases your chance to continue to receive answers. Leaving posts orphaned without a conclusion, even if you abandon the thread, does not add value to the community and is considered bad etiquette.

  • Telnet issues

    We have a Exchange Server 2013 CU3 and are trying to make a connection from the internet.  The netowork seems to be NATing the packets correctly for the Exchange server but when we try to telnet in to the public IP for the server, it says waits a
    while and says "connection to host lost"  No banner.  No other useful info.  I am trying to determine if the smtp taffic is getting to the server and the server is just discarding it or if the packets are lost in the network path. 
    Is there a log that shows all smpt connections to the server?  I did protocol logging on the default recieve connector and there doesn't seem to be anything for the attempts.  Does anyone have some advice.  I am out of ideas.  Thank you
    in advance.

    Our Exchange server only has configured an ip for the internal network.  I guess that I don't understand the relay connectors to well.  The server has both roles for CAS and Mailbox installed and so has the 5 connectors created by default. 
    This should allow a telnet connection from outside the network by default right?
    I don't understand what you mean by having a recieve connector for that IP.  With only one server I assumed that all connectors have to do with that one Ip.  I assume that the server works the same with external emails getting picked up by the
    recieve connector for the CAS server.  This doesn't have any differentiation for IPs other than covering all incoming server addresses for ports 25 and 2525.
    Like I previously mentioned, the NATing seems to work.  When tracking packets through the firewall the NATing and unNATing show good.
    What my boss who comes from an Exim and Zimbra linux background wants is a list of all smtp connections to the server.  Be they emails or telnet connections.  I am having a hard time meeting that expectation.  Do you have any thoughts.

  • Hit the VIP from the server side behind the CSM in L2?

    We have a CSM w/ 4.1.6 and would like our RIPS to be able to access a VIP on the same CSM they are on the same subnet but different vlans in L2 design. Any ideas to make this work?

    According to DE, the SSL blade will apply its local subnet mask to the incoming packet's source IP. In your case, you had a /24 subnet mask configured on the SSL's vlan, so addresses that end with .0 or .255 would be discarded since the blade treated them as network or broadcast addresses.
    The workaround is to configure the lowest subnet mask on the SSL proxy vlan where traffic is received (like a /8).
    Configure ssl-proxy vlan with lowest mask to receive traffic or configure ssl-proxy vlan where traffic received to lowest mask (ie,. /8 mask) or load next maintenance release image 2.1(2)

  • Load Balancing FTP Server thru CSM using a single Client IP

    Hello,
    We have a need to load balance 3 FTP servers. These servers are reached only from a single client IP which is a database server. The FTP method that is being used is currently passive. Our configuration is currently unidirectional, ie, the FTP client (the one database server) sends to the VIP and the FTP Servers then talk directly back to the FTP client and the traffic does not go back through the CSM. The problem is that because FTP negotiates another port to talk on, we have to use sticky so that the connection is sent back to the original FTP server that sent the FTP data port to talk on. But, since we only have a single client IP that is ever used we are not load balancing appropriately across the FTP servers.
    Traffic flow goes something like this, tcp port followed after colon as an example
    1. FTP Client ----> VIP:21
    2. CSM ---------> FTP Server:21
    3. FTP Server --------> FTP Client(FTP server says come talk to me on port 1700)
    4. FTP Client ---------> VIP:1700
    5. CSM ---------> FTP Server:1700
    6. FTP Server:1700 ---------> FTP Client
    repeat steps 4 thru 6
    Here's our hardware and software:
    WS-X6066-SLB-APC running 4.2(2)
    Config is as follows
    module ContentSwitchingModule 9
    ft group 101 vlan 9
    priority 10
    vlan 216 client
    ip address 10.209.16.31 255.255.252.0
    gateway 10.209.16.1
    vlan 20 server
    ip address 10.209.0.31 255.255.252.0
    alias 10.209.0.11 255.255.252.0
    probe ICMP1 icmp
    interval 3
    failed 3
    receive 3
    serverfarm FHEPRT
    no nat server
    no nat client
    real 10.209.0.72
    inservice
    real 10.209.0.73
    inservice
    real 10.209.0.71
    inservice
    probe ICMP1
    sticky 106 netmask 255.255.255.255 address source timeout 3
    policy FHEPRT_POL1
    sticky-group 106
    serverfarm FHEPRT
    vserver FHEPRT1
    virtual 10.209.16.71 any
    vlan 216
    unidirectional
    serverfarm FHEPRT
    replicate csrp connection
    no persistent rebalance
    slb-policy FHEPRT_POL1
    inservice

    You are missing "service ftp" config in the Vip definition. Try the following
    vserver FHEPRT1
    virtual 10.209.16.71 tcp ftp service ftp
    Syed Iftekhar Ahmed

  • 6500 VSS Chassis in unknown state

    Hi,
    we have 6500 chassises in our set up. But using CWLMS 4.0 , we are unable to manage VSS feature of 6500.Also
    User tracking for Nexus 7K Switches subnets are not working.
    Please guide.
    Rgrds,
    Soumik.

    Hi,
    Would you mind posting some more information about the VSS problem. (Exact steps or maybe a screenshot of what you are doing). I didn't have any major issues configuring Cisco 6500 VSS in LMS or NCS. Minor ones were some SNMP MIBs which you can simply ignore.
    Predrag Petrovic

Maybe you are looking for