VIP telnet issue in CSM 6500
Not able to telnet to VIP address of CMS from 6500 switch.
Hi all
my Problem is that i have configured two real server in CSM Load balancer.
I m able to get the ping & telent response of VIP address of Load balacer IP,from both of the real server ..but when i telent to VIP address from 6500 switch its not happening ..
what can be the reason pls.
guide me .
thanks
Similar Messages
-
Cannot ping REAL server IP addresses from CSM 6500
I have a dual 6500/CSM routed topology in which the traffic from clients to the server VIP works fine. However, in preparation for some upcoming work, I find that I cannot ping the REAL server IP addresses. This would seem to be an important troubleshooting step. Any ideas why this wouldn't work?
Gilles, followup question. If I understand this, what you outlined above will allow traffic external coming into the 6500/CSM to be forwarded thru to the REAL server IPs. If it wasn't clear, I was trying to ping from the native-mode 6500 that contains the CSM. I've tried regular and extended pings using the CSM-configured server VLAN's IP and alias IP, but get no response back from any of the REAL server IP addresses.
Is what you've indicated required to ping even if I'm on the 6500 which contains the CSM? -
Hi All,
After adding the ACS in CSM ,I am unable to login the CSM with the ACS username and password and also the admin username and password.
Now i removed the csm server in ACS even then same status.How to login the csm ?Did you set up the authorization or just authentication through Tacacs+?
I recently had an issue with this, but I was able to login. I wasn't able to see the devices however. It turns out that the devices in CSM need to be the same exact display name as they show up in ACS.
This is the guide I followed.
http://www.cisco.com/en/US/products/ps6498/products_configuration_example09186a00808eada8.shtml
After some headache I just used ACS for authentication, and not authorization. To do this you choose "non-ACS" when you are setting it up just put the radio button in tacacs+. You then add the user in the local database for the authorazation piece. But it will authenticate against tacacs. -
Software issue with nokia 6500 slide handsets
Hi All
I have 2 nokia 6500 slide handsets that seem to have the same issue that driving me mad..
It seems no matter how many times i set a ringtone and screen saver, the phone reverts back to the standard nokia ringtone and a blank screensaver???
I have phoned my network provider who dont seem to be of any help at all and just keep advising me that i should try upgrading the software via the pc suite which ive done several times with no fix!
Im thinking this must be a fault with this handsets/ software as both my phones are doin it and also 3 of my friends phones also are doin the same thing!
Does anyone know why this keeps happening as im really getting fedup with having to reset my ringtone/ screen saver all the time..
Thanxs richI purchaced a nokia 6500 slide around christmas 08 and by janurary it was away getting fixed because of the phone whiting out resetting scrambling my contacts wouldnt take pictures wouldnt read my memory card because of the stupid clip on the back which you need so it will read it is now august 09 it has been away for repairs 3 times in total it has spent about 3 months away being repaired so i do not reccomend buying one waste of money and time thanks nokia job well done.
-
We are in the process of installing newly acquired CSM modules in order to load-balance internal traffic to a set of Telnet servers. The Telnet servers interact with other application servers hosting an in-house developed application that is causing an intermittent problem. When a user connects to a Telnet server, a Telnet sessions sometimes get established without a prompt. We are looking for a way to rectify this problem by using the probing feature on the CSMs. We would like to configure the CSMs to remove the Telnet servers that are experiencing this problem from service. This problem cannot be fixed by setting up a simple Telnet probe, because the badly behaving server will still respond to these probes although the prompt is not being displayed.
An HTTP application level problems can be probed by the CSMs using the HTTP Return Code Checking feature. This is due to the nature of the HTTP protocol where the error codes are displayed in the HTTP header. The CSMs are capable of parsing the HTTP packets and reading the error codes. This feature can be used to certain extent with FTP and Telnet. Could it be used to fix this particular problem? How? If not, do you have other suggestions?
Thanks,
Bachir NajmUsing a Tcl script as a health probe on the CSM allows you to open a connection to a host, send/receive data on that connection, and parse through the responses you receive.
So, you could write a Tcl script that opens a telnet connection to the server, and tries to match against the expected prompt string. If the match fails, you can set an error condition in the script.
Download the file 'c6slb-apc.3-1-9.tcl' from here:
http://www.cisco.com/cgi-bin/tablebuild.pl/cat6000-csm
It contains a set of sample scripts that can be used on the CSM.
~Zach -
Hello,
I'm experiencing issue with Telnet connections on my Cisco C3850-48P-S. The version is 3.3.3SE.
I haven't enabled Telnet on line VTY of my switch, but the switch is always available using telnet.
Here my configuration:
line vty 0 4
exec-timeout 20 0
logging synchronous
transport input ssh
Do you know if it's possible to disable telnet ?
Thanks in advance.
Regards
NicolasHello Frank;
Thank for the reply.
Here below more informations about the issue:
- It does work sometimes, but it did never worked properly.
- the problem is there for both sending and receiving.
- for the PSTN transport, i have no idea.
- I tried to change the ATA by another, still the same problem.
- ATAs work properly for voice communication.
- when i call this fax number internally the signal comes along.
- the problem is when faxing internally, it isn't used for external faxing.
- the call flow for internal faxing is like this:
Analog fax (in site A) > ATA (in site A) > access switch (in site A) > core switch (in site A) > cucm (in site A) > Core switch (in site A) > router (in site A) > optical fiber > router (in site B) > core switch (in site B) > cucm (in site B) > core switch (in site B) > voice gateway 248 (in site B) > Analog fax (in site B).
the problem occures when sending internal fax between these two sites A and B, when calling site B from site A, the ringing tone comes aloso the fax signal, but when i try the send the paper the stange tone come along and only half of it pass and it get to the site B as a blank paper or a half blank paper.
for any more explanation, don't hesitate to ask me.
thanks again for your time.
Regards. -
Hi Gilles
Could you please help with the following?
If I have defined 2 VIP addresses and each of the VIP address has the same set of real servers then will there be a problem. This is specific to DNS servers.
Your help would be of great help
Thank you
Regards
AiyappaThere might be an issue.
For UDP traffic you have to configure a group to nat the server response back into the vip address.
If the servers are the same for both vip, on the way back to the client the CSS will not know which vip address to use - a server can only be in one group at a time.
A solution could be to do client nat. This might force the CSS to remember the vip address on the way back. Not sure as I did not try it.
Gilles. -
What is VIP list on cordless BT 6500 phone ?
I have caller display on my BT 6500 phone and I have blocked withheld numbers and No caller ID calls because i was getting so many nuisance calls about PPI and boilers. Unfortunately, my hospital uses the number withheld system and I was wondering if I can unblock them or do I need to put NHS numbers on the the VIP list ?
Don't think thats going to work when you have blocked withheld numbers.
The only way around it with this would be to let all withheld go through to an answermachine and pick up if and when needed.
maybe some one will come up with other answers.
[edit]
Do you have a mobile number that you can give hospital/doctors so that they can use that and then leave the landline blocking withheld numbers.
toekneem
http://www.no2nuisancecalls.net
(EASBF) -
I have a 6500 with one VRF. I want traffic to pass from the VRF to the global switch through an IPS so I set up a point to point link through the IPS using two GBIC ports each assigned with an IP out of the same /30. One port is in the VRF and the other is not.
While the VRF and global routing table both show the subnet directly connected, I cannot ping from one side to the other. I replaced the IPS with a cross over cable to rule out the IPS without any change.
Is this traffic trying to pass over the bus?these r the 3 tables which r connected to ur view - T882,T001,T001Z
if u want data based on some join on these 3 tables then put a join in ur code on these 3 tables and then fetch ur record..if u want datra specific to one table only then u can directly select tht frm a single table..
amit -
Cisco AIR-CAP1602I-E-K9 Telnet issue
Hi Team, I have installed new cisco AIR-CAP1602I-E-K9 in the remote site LAN however the access point received the ip address through central DHCP helper address. I am able to ping the access point through LAN but I am unable to telenet the device to configure.
Also when Field enginner visited on site to connect physical he connected through console but we were not able get into configure mode though we had full privilege access.
Please advice.
AP0006.f618.26f5#sh version
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 11-Dec-12 04:52 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
AP0006.f618.26f5 uptime is 3 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602I-E-K9 (PowerPC) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID FGL1703ZA3E
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.4.1.37
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:06:F6:18:26:F5
Part Number : 73-14671-04
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC164971SY
Top Assembly Part Number : 800-38552-01
Top Assembly Serial Number : FGL1703ZA3E
Top Revision Number : A0
Product/Model Number : AIR-CAP1602I-E-K9
Configuration register is 0xFThanks,
1. Does it mean I should not be able to telnet also into the AP though I can ping from Router LAN ( AP is connected directly to router ethernet interface).
2. I am also not able to discover controller when running in controller-based IOS. getting below errors.
Thanks to advice on above points.
Mar 1 00:03:04.038: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:04.038: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:04.038: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:04.038: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:03:04.038: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
*Mar 1 00:03:04.042: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:04.042: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:04.042: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:04.042: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
AP0006.f618.26f5#
*Mar 1 00:03:14.038: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:14.038: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:14.038: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:14.038: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:03:14.038: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.1
AP0006.f618.26f5#1.13
*Mar 1 00:03:14.042: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:14.042: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:14.042: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:14.042: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:03:24.029: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:24.029: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:24.029: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
*Mar 1 00:03:24.033: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:24.033: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:24.033: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:03:34.041: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
Not in Bound state.
*Mar 1 00:03:49.505: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Mar 1 00:03:53.393: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar 1 00:03:53.477: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.110.93.22, mask 255.255.255.128, hostname AP0006.f618.26f5
en
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.50.1.235) (10.50.1.236)
*Mar 1 00:04:00.505: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar 1 00:04:00.565: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 1 00:04:00.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:00.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
*Mar 1 00:04:00.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:00.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:10.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:10.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:10.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:04:10.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:04:10.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
*Mar 1 00:04:10.597: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:10.597: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:10.597: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:04:10.597: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:04:20.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:20.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:20.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:04:20.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:04:20.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
*Mar 1 00:04:20.597: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:20.597: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:20.597: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:04:20.597: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:04:30.593: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:30.593: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:30.593: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:04:30.593: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 1 00:04:30.593: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 172.25.11.13
*Mar 1 00:04:30.597: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'Cisco_d6:f5:c0'running version 6.0.196.0 is rejected.
*Mar 1 00:04:30.597: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 00:04:30.597: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Mar 1 00:04:30.597: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
Not in Bound state.
*Mar 1 00:04:46.069: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Mar 1 00:04:49.161: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar 1 00:04:49.273: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.110.115.20, mask 255.255.255.128, hostname AP0006.f618.26f5
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.50.1.235)
*Mar 1 00:04:57.069: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP. (10.50.1.236)
*Mar 1 00:05:15.068: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Not in Bound state.
*Mar 1 00:06:00.568: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Mar 1 00:06:04.396: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar 1 00:06:04.412: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.110.93.22, mask 255.255.255.128, hostname AP0006.f618.26f5
en
AP0006.f618.26f5#
AP0006.f618.26f5#sh
Writing out the event log to flash:/event.log ...
ip int
*Mar 1 00:06:11.668: %SYS-5-RELOAD: Reload requested by CAPWAP CLIENT. Reload Reason: Could not discover WLC using DHCP IP address, Reload to use static IP. -
FTP/telnet issue on OL 5 64bit
I am trying to enable FTP/Telnet on Oracle Linux server (64bit), i am still getting same error.
I installed required RPM's
[root@apps xinetd.d]# rpm -qa|grep telnet
telnet-0.17-38.el5
[root@apps xinetd.d]# rpm -qa|grep ftp
lftp-3.5.1-2.fc6
tftp-0.42-3.1
ftp-0.17-33.fc6
[root@apps xinetd.d]# chkconfig telnet on
error reading information on service telnet: No such file or directory
[root@apps xinetd.d]#FTP and Telnet are really obsolete and considered a security risk. Both were replaced by the SSH2 package many years ago. Btw, you should use YUM and not install some very old Fedora software using RPM under Enterprise Linux, which can break your system beyond repair.
If you really need a FTP server, simply do the following without the need to install any additional software.
cd /etc/xinetd.d/
vi gssftp
Change the following:
disable = yes to disable = no.
remove the –a option in the server_args line.
/etc/init.d/xinetd restart
You should now be able to FTP to your server.What was the outcome of your previous post here?
how to reassign disk space from root on OL 5
Although feedback is not mandatory, it increases your chance to continue to receive answers. Leaving posts orphaned without a conclusion, even if you abandon the thread, does not add value to the community and is considered bad etiquette. -
We have a Exchange Server 2013 CU3 and are trying to make a connection from the internet. The netowork seems to be NATing the packets correctly for the Exchange server but when we try to telnet in to the public IP for the server, it says waits a
while and says "connection to host lost" No banner. No other useful info. I am trying to determine if the smtp taffic is getting to the server and the server is just discarding it or if the packets are lost in the network path.
Is there a log that shows all smpt connections to the server? I did protocol logging on the default recieve connector and there doesn't seem to be anything for the attempts. Does anyone have some advice. I am out of ideas. Thank you
in advance.Our Exchange server only has configured an ip for the internal network. I guess that I don't understand the relay connectors to well. The server has both roles for CAS and Mailbox installed and so has the 5 connectors created by default.
This should allow a telnet connection from outside the network by default right?
I don't understand what you mean by having a recieve connector for that IP. With only one server I assumed that all connectors have to do with that one Ip. I assume that the server works the same with external emails getting picked up by the
recieve connector for the CAS server. This doesn't have any differentiation for IPs other than covering all incoming server addresses for ports 25 and 2525.
Like I previously mentioned, the NATing seems to work. When tracking packets through the firewall the NATing and unNATing show good.
What my boss who comes from an Exim and Zimbra linux background wants is a list of all smtp connections to the server. Be they emails or telnet connections. I am having a hard time meeting that expectation. Do you have any thoughts. -
Hit the VIP from the server side behind the CSM in L2?
We have a CSM w/ 4.1.6 and would like our RIPS to be able to access a VIP on the same CSM they are on the same subnet but different vlans in L2 design. Any ideas to make this work?
According to DE, the SSL blade will apply its local subnet mask to the incoming packet's source IP. In your case, you had a /24 subnet mask configured on the SSL's vlan, so addresses that end with .0 or .255 would be discarded since the blade treated them as network or broadcast addresses.
The workaround is to configure the lowest subnet mask on the SSL proxy vlan where traffic is received (like a /8).
Configure ssl-proxy vlan with lowest mask to receive traffic or configure ssl-proxy vlan where traffic received to lowest mask (ie,. /8 mask) or load next maintenance release image 2.1(2) -
Load Balancing FTP Server thru CSM using a single Client IP
Hello,
We have a need to load balance 3 FTP servers. These servers are reached only from a single client IP which is a database server. The FTP method that is being used is currently passive. Our configuration is currently unidirectional, ie, the FTP client (the one database server) sends to the VIP and the FTP Servers then talk directly back to the FTP client and the traffic does not go back through the CSM. The problem is that because FTP negotiates another port to talk on, we have to use sticky so that the connection is sent back to the original FTP server that sent the FTP data port to talk on. But, since we only have a single client IP that is ever used we are not load balancing appropriately across the FTP servers.
Traffic flow goes something like this, tcp port followed after colon as an example
1. FTP Client ----> VIP:21
2. CSM ---------> FTP Server:21
3. FTP Server --------> FTP Client(FTP server says come talk to me on port 1700)
4. FTP Client ---------> VIP:1700
5. CSM ---------> FTP Server:1700
6. FTP Server:1700 ---------> FTP Client
repeat steps 4 thru 6
Here's our hardware and software:
WS-X6066-SLB-APC running 4.2(2)
Config is as follows
module ContentSwitchingModule 9
ft group 101 vlan 9
priority 10
vlan 216 client
ip address 10.209.16.31 255.255.252.0
gateway 10.209.16.1
vlan 20 server
ip address 10.209.0.31 255.255.252.0
alias 10.209.0.11 255.255.252.0
probe ICMP1 icmp
interval 3
failed 3
receive 3
serverfarm FHEPRT
no nat server
no nat client
real 10.209.0.72
inservice
real 10.209.0.73
inservice
real 10.209.0.71
inservice
probe ICMP1
sticky 106 netmask 255.255.255.255 address source timeout 3
policy FHEPRT_POL1
sticky-group 106
serverfarm FHEPRT
vserver FHEPRT1
virtual 10.209.16.71 any
vlan 216
unidirectional
serverfarm FHEPRT
replicate csrp connection
no persistent rebalance
slb-policy FHEPRT_POL1
inserviceYou are missing "service ftp" config in the Vip definition. Try the following
vserver FHEPRT1
virtual 10.209.16.71 tcp ftp service ftp
Syed Iftekhar Ahmed -
6500 VSS Chassis in unknown state
Hi,
we have 6500 chassises in our set up. But using CWLMS 4.0 , we are unable to manage VSS feature of 6500.Also
User tracking for Nexus 7K Switches subnets are not working.
Please guide.
Rgrds,
Soumik.Hi,
Would you mind posting some more information about the VSS problem. (Exact steps or maybe a screenshot of what you are doing). I didn't have any major issues configuring Cisco 6500 VSS in LMS or NCS. Minor ones were some SNMP MIBs which you can simply ignore.
Predrag Petrovic
Maybe you are looking for
-
my 5th generation ipod won't sync anymore to my PowerMac G4. It worked fine, but when I installed a new hard drive it won't work anymore. I've re-installed iTunes, the latest version for Tiger, I've reset and restored my iPod. The ipod shows up fi
-
CD/DVD drive not recognized in hp pavilion dv6500
I have a problem with my CD/DVD drive. My hp pavilion dv6500 laptop is not recognize the drive, dos not show up in the device manager, I right click on the IDE adapters to scan for changes, I hold down the F9 to see the start up order of the drives i
-
I am working on a site in wordpress and realized that it's visible in all browsers except Firefox. Could you give me some info on how to fix this issue?
-
Font Issue??? Odd font shows on occasion. Included image.
Hello all I know this is probably a simple issue but I'm confused about this strange font showing up at various times. (On Program Intro screens, various web pages etc.) http://picasaweb.google.com/mikexpix/MyScreen It's probably a simple fix but it
-
Enter Key Event in Editable ALV Grid
Hi all, I am trying to create and editable ALV grid using the REUSE ALV FM. On the grid after changing a value, if I press enter key the pai is not triggered. I have tried the various example programs (BCALV*) but could not find anything relevant. Ba