|
ragzilla posted:You want to look at the release notes for the release (and everything back to the release you have a bug in) under the product support section. For the ASA 5500 series it's at: http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html Awesome thanks a lot I'll try out the bug toolkit this evening to check it out.
|
#
?
Mar 13, 2009 16:14
|
|
|
|
| # ? May 29, 2024 13:28 |
|
|
Who has an ACS appliance handy? I'm trying to figure out if they normally report 100% CPU utilization. Both of ours are suddenly reporting 100% CPU, but to be honest, we can't remember if it's just always been like that.
|
|
#
?
Mar 18, 2009 17:41
|
|
|
jwh posted:Who has an ACS appliance handy? I'm trying to figure out if they normally report 100% CPU utilization. Not normal.
|
|
#
?
Mar 18, 2009 17:50
|
|
|
Tremblay posted:Not normal. That's what I was afraid of. Uh oh. TAC case here I come. Thanks for your help.
|
|
#
?
Mar 18, 2009 19:01
|
|
|
Do you guys struggle with the language barriers with TAC? With the exception of one time, my issues get sorted out. But I feel it's taking much longer to get to the solution and that the language difference is a large part of that. An example of that would be when I explain a symptom to the engineer. I'll get a response of "yes" or "sorry to hear that" but I'm never really sure if they understood what I was saying.
|
|
#
?
Mar 18, 2009 19:32
|
|
|
InferiorWang posted:Do you guys struggle with the language barriers with TAC? With the exception of one time, my issues get sorted out. But I feel it's taking much longer to get to the solution and that the language difference is a large part of that. An example of that would be when I explain a symptom to the engineer. I'll get a response of "yes" or "sorry to hear that" but I'm never really sure if they understood what I was saying. This is always an issue, you just got to learn to time your calls into TAC when the Australian guys are working. They are the best to work with. But they might not even exist anymore as its been awhile since I opened a TAC case. You might find out that it is easier to deal strictly over email when language is an issue, or call back into TAC center and ask for a new engnieer
|
|
#
?
Mar 18, 2009 20:00
|
|
|
I prefer to have the TAC engineers use email, simply because it not only greatly helps with the language barrier (specifically dialect issues), but because it's also better for my work flow. I don't have to worry about missing someone's call, or trying to call somebody back.
|
|
#
?
Mar 18, 2009 20:15
|
|
|
I'm not sure if this is the right place to put it, but it is Cisco hardware.. I am having some problems with Cisco Unified CallManager Administration (or Cisco Unity, for short). A few of our voicemails are being truncated soundwise. The sound only lasts for 2 seconds; however, when it is emailed to the person's inbox, the wav file is long enough for the original voice message to fit. It was analyzed with some sound software; it is just dead silence for the rest of the clip. Has anyone run into this problem (and if this isn't the proper thread please let me know.) Thanks!
|
|
#
?
Mar 18, 2009 20:29
|
|
|
Tremblay posted:The market has dropped out on Sup2 because the things are end of life. SXF is going away soon too. So pretty soon you'll have no SW support. I'm currently sitting in a colo cage exploring the dark heart of the sup2. I need a particular IOS version to support the FWSM. I have it on a 64M flash card in the Sup. However there is a minimum rommon version required to boot from the 64M flash card. This is awful.
|
|
#
?
Mar 19, 2009 00:39
|
|
|
Nybble posted:I'm not sure if this is the right place to put it, but it is Cisco hardware.. Is there sound at all? It could be that the audios isn't coming through for some reason (codec mismatch possibly) and unity might be ending due to lack of audio. what version of Unity are you running?
|
|
#
?
Mar 19, 2009 01:55
|
|
|
Midnj posted:Is there sound at all? It could be that the audios isn't coming through for some reason (codec mismatch possibly) and unity might be ending due to lack of audio. There are actually 2 seconds of audio, then X-2 seconds of the original message with no audio at all (minus a little blip at the end). I believe it is version 4.x (I will confirm tomorrow at work, just a lowly intern, but everyone is doing more important stuff). It will not play on the phones either, and effects about 1 out of 12 voicemails. It is really odd. It is like the Unity server decides to just drop the audio when its recording, so it records nothing for the rest of the message. We don't believe they are just hitting mute buttons on the phones... I hope.
|
|
#
?
Mar 19, 2009 03:08
|
|
|
 FML...
|
|
#
?
Mar 19, 2009 03:29
|
|
|
Holy crap, that must have taken a mad tumble. Did it work after you popped it back in or was there permanent brain damage?
|
|
#
?
Mar 19, 2009 03:58
|
|
|
It was fine after I reseated, thank Joe Pesci.
|
|
#
?
Mar 19, 2009 04:49
|
|
|
inignot posted:I'm currently sitting in a colo cage exploring the dark heart of the sup2. I need a particular IOS version to support the FWSM. I have it on a 64M flash card in the Sup. However there is a minimum rommon version required to boot from the 64M flash card. This is awful. Does the module support tftp boot? Just thinking of another way to get at the file on the flash card without directly mounting the file system for a boot. Edit: This is the closest thing I could find about the internal loopback addresses of the modules in 5 mins before coffee. But it would look more like: Loading myimage.bin from 127.0.0.7 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! OK Just in the interest of cisco product prosperity, of course.  This is talking about adding ACL's to deny access to these loopback addresses/devices. Not what address sup-slot0 uses at the moment. http://www.cisco.com/en/US/products/products_security_response09186a00808ca009.html In case I read it wrong, and it's just getting a better image on the sup, you will need a boot-image loaded from bootflash to get up enough to do the internal tftp download on the sup2. Pretty sure I used this to get out of a squeeze (not a flash card pun) in the past. Herv fucked around with this message at 12:48 on Mar 19, 2009 |
|
#
?
Mar 19, 2009 06:19
|
|
|
inignot posted:I'm currently sitting in a colo cage exploring the dark heart of the sup2. I need a particular IOS version to support the FWSM. I have it on a 64M flash card in the Sup. However there is a minimum rommon version required to boot from the 64M flash card. This is awful. Is it a CatOS or Hybrid sup? Because if it is, hooboy, are you in for a world of poo poo.
|
|
#
?
Mar 19, 2009 13:43
|
|
|
Powercrazy posted:Is it a CatOS or Hybrid sup? Because if it is, hooboy, are you in for a world of poo poo. If it's a hybrid, wouldn't the boot sequence be: Boot COS from sup-bootflash. Boot Skinny IOS from msfc's bootflash: (boot bootldr) Download full featured IOS from sup-slot0's EOBC addy: (boot system tftp) Or there's 32mb flash on the MSFC2 you can skip the skinny boot I am pretty sure. Boot full featured IOS. I got raked over the coals converting a sup2/msfc2 to native when the sup had a PFC1 processor instead of a PFC2 (suprise!). Pretty sure it worked after it reset the PFC1 and reloaded, been a while and I am prone to forgetting some nightmares, sorry. If it's native shouldn't it be: Boot IOS from sup-slot0: Transfer control to MSFC. Boot Skinny IOS from msfc-bootflash: Download and boot Full IOS from sup-slot0's internal EOBC IP address. Hybrid is a lot easier if you have 32mb bootflash on the MSFC2. If the first native boot from the sup-slot0:is where the rommon limitation resides I would try a skinny boot from the bootflash: and see if I could access the sup-slot0: from its loopback address.
|
|
#
?
Mar 19, 2009 14:25
|
|
|
The situation is as under control as it's going to get. The 6506 was running native IOS of some version too low to support the FWSM. The version to support the FWSM was too large to go on the internal flash, however it fit fine on the 64M flash card. The rommon version did not support booting from a 64m flash card. Which took a while to figure out because the existing IOS would happily read/write/format the card; however in rommon a dir disk0: would result in an "invalid magic number" error. http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/release/notes/OL_4164.html#wp2561255 "Some Supervisor Engine 2 Release 12.2SX images are larger than the bootflash device. Supervisor Engine 2 ROMMON version 7.1(1) or later supports the MEM-C6K-ATA-1-64M= (64 MB) PCMCIA ATA FlashDisk device." I had to upgrade rommon to get it to read the card: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/hardware/Config_Notes/78_13488.html#wp146316 Now it boots the proper IOS off the flash card. Yes, the sup2 is way EOL; however I discovered when attempting to install a spare Sup720 (which would have solved a variety of issues) that the Sup 720 requires a minimum power supply of 2500 watts. This chasis has 1300 watt power supplies installed. Of course, that's the compressed version of a month long knife fight. When does the hurting stop?
|
|
#
?
Mar 19, 2009 15:24
|
|
|
inignot posted:When does the hurting stop? I'm not sure that it does.
|
|
#
?
Mar 19, 2009 16:00
|
|
|
jwh posted:I'm not sure that it does. Seconding this. Its just as bad on this side of the fence.
|
|
#
?
Mar 19, 2009 18:20
|
|
|
On a 4400 WLAN controller, if you have aggressive load balancing enabled and the window set to zero, does load balancing between APs occur automatically? The docs aren't clear to me about this.
|
|
#
?
Mar 23, 2009 18:38
|
|
|
InferiorWang posted:On a 4400 WLAN controller, if you have aggressive load balancing enabled and the window set to zero, does load balancing between APs occur automatically? The docs aren't clear to me about this. Why is your window set to zero? As far as I can tell, it should aggressively load balance, yes. You should be able to debug a client association to see if the load balancing is working. Also, what does show load-balancing say?
|
|
#
?
Mar 23, 2009 18:55
|
|
|
It says it's enabled. I thought zero might be the default. I didn't do the initial setup of the device myself, but I know nothing fancy was done when it was first setup.
|
|
#
?
Mar 23, 2009 19:09
|
|
|
I can debug an individual client, but I'm not sure where to find the controller debug information. According to this doc, I should be able to see load balancing information "obtained from debug on the controller". However, it doesn't say what debug option I should be using and there are about 30 options. edit: Found my answer, >debug dot11 load-balancing enable Boner Buffet fucked around with this message at 18:59 on Mar 24, 2009 |
|
#
?
Mar 24, 2009 18:42
|
|
|
What do you guys think is the best way to monitor many thousands of interfaces for CRC and input errors? We have been using Cacti ad-hoc so far, but its quite a hassle. I have been thinking about modifying a script that we have that dumps modules and chassis serials to also dump interfaces and then do some magic with that.. Im also looking at using some functionality in OpenView NNM. How do you guys do it?
|
|
#
?
Mar 26, 2009 18:54
|
|
|
If you're stat collecting the interfaces out of your NMS, you could probably both report and alert out of there. We track interface errors in Orion, and alert based on a crossing threshold. It seems to work okay. If you have OpenView in-house already, I bet that could do something similar.
|
|
#
?
Mar 26, 2009 19:48
|
|
|
I've never done any sort of policy routing before, but I think if what I want to do is possible that's probably the way to do it. Here's the scenario: I've got one global IP address, say 12.12.12.12, and two different domains pointing to it, say foo.com and bar.com. On my LAN I have two different web servers, both running on port 80. One serves foo.com and the other serves bar.com. Is there a way so that when someone navigates to foo.com, which resolves to 12.12.12.12, the router can see it is trying to go to foo.com and set the next-hop address to the internal address of my foo.com server? And the same with bar.com? On my test setup I've got everything going through NAT, where anything going to port 80 goes to server A. I'm trying to add a policy map on the external interface to catch everything going to bar.com and redirect it to server B, however it's not working. Here's the relevant part of the config for what I was experimenting with. Of course it doesn't work. code:Here's a pic that sums up what I'm trying to do:  Click here for the full 712x607 image. para fucked around with this message at 23:57 on Mar 26, 2009 |
|
#
?
Mar 26, 2009 23:43
|
|
|
Well, I normally don't put policies inbound on a nat outside interface, but in the interest of trying to help out here's a quick and dirty policy routing example: interface FastEthernet1/0.3 encapsulation dot1Q 3 ip address 151.xxx.xx.xxx 255.255.255.0 ip policy route-map foo.bar.com Apply the policy on the interface (fa4) you want it active on. In the interest of cleanliness I would try to get both policy routes into a class/policy map. To be honest I haven't tried to do this with NAT and what not. Try it out and see what you get if you can test safely. class-map match-all foo.com match protocol http url "foo.com" class-map match-all bar.com match protocol http url "bar.com" policy-map foo.com class foo.com policy-map bar.com class bar.com route-map foo.bar.com permit 10 match policy-list foo.com set ip next-hop 192.168.1.100 ! route-map foo.bar.com permit 20 match policy-list bar.com set ip next-hop 192.168.1.200 Send me beer if it works.
|
|
#
?
Mar 27, 2009 00:21
|
|
|
Guys. I'm still kind of scratching my head here. This is basically a continuation on my last help for router recommendations. I'm still building my CCNA lab but I've got an eye on CCNP in future so I want a few routers that will handle 12.4. The economical options are basically a Maxed out 3640 or a 2600XM. Is there any advantage to going with a 2600XM over a 3640? The prices certainly heavily favour going with a 3640 64/16 and upgrading the memory. I mean, for the price of one 2600XM I can buy two or even three baseline 3640s each loaded with a NM1E2W, judging by a quick ebay scan. Ciscokits seems to mix and match the 2600XM and 3640 in their Advanced CCNA/Starter CCNP kit. I've been trying to do as much research as I can, but for the life of me I can't find a good reason why I'd go with a single 2600XM over two or three 3640s + a little cash to upgrade at this point.
|
|
#
?
Mar 28, 2009 05:24
|
|
|
InferiorWang posted:Do you guys struggle with the language barriers with TAC? With the exception of one time, my issues get sorted out. But I feel it's taking much longer to get to the solution and that the language difference is a large part of that. An example of that would be when I explain a symptom to the engineer. I'll get a response of "yes" or "sorry to hear that" but I'm never really sure if they understood what I was saying. Funny, I just happened to see this... I work for CALO, TAC's lab staff (we run the cables, plug in the cards, etc.) and over half of our actual testing that uses hardware is done stateside in North Carolina. However, if you're on tier 1 support, it's likely that you're getting staff in Costa Rica or Bangalore, which would probably not have English as a first language. Most of my knowledge is about the in-lab work and not customer-facing employees, though. EDIT: And when I say the testing is done in North Carolina, I mean that the hardware is there - the actual TAC engineer could really be anywhere, so I guess it doesn't mean much. Eletriarnation fucked around with this message at 10:13 on Mar 28, 2009 |
|
#
?
Mar 28, 2009 09:56
|
|
|
Hooray for no search function.  Are there any free CCENT/CCNA practice exams or questions that are actually like the real thing? The stuff I can find is just simple multiple choice, factoid-based questions, but no simulations. I suppose a better question might be: Can anyone recommend some practice material that is as close to the real thing as possible? Here's the god-awful practice questions Cisco provides: https://cisco.hosted.jivesoftware.com/community/certifications/ccna/icnd1?view=overview#cisco_3
|
|
#
?
Mar 28, 2009 22:00
|
|
|
SalamiMonster posted:Hooray for no search function. I don't know about any simulations, but the questions in this book are pretty good last minute prep. http://www.amazon.com/CCNA-Practice-Questions-Exam-640-802/dp/0789737140/ref=sr_1_1?ie=UTF8&s=books&qid=1238274636&sr=8-1 If you score on the practice quetions from that book then you should be fine on the exam.
|
|
#
?
Mar 28, 2009 22:14
|
|
|
I have a really quick question. I have looked everywhere, and it has to be something simple. I have a cisco ASA 5505. I want all the private IPs to be static, listing the asa as the DNS server. I have the DNS set up inside the firewall, but it seems that the only way that will work is if I set up DHCP. Is there some trick I am missing?
|
|
#
?
Mar 28, 2009 22:42
|
|
|
SqueakovaPeep posted:I have a really quick question. I have looked everywhere, and it has to be something simple. Hrm, worst case set up a reverse pat/nat statement that takes all udp 53 (clients) tcp 53 (servers) on the inside interface and forward them to a public dns server? Only seen the inside ip address of the broadband interface listed as the dns server in home networking products. edit: wasn't sure if he had dns resolvers only or some server action Herv fucked around with this message at 07:03 on Mar 29, 2009 |
|
#
?
Mar 29, 2009 06:59
|
|
|
I'm using opendns.org's servers for the DNS. I just ended up manually setting the DNS on all the workstations. Apparently the ASA doesn't work like every other firewall in the world. This isn't even close to the first ASA I've configured, but most of them have been cool with dhcp, or used windows servers as their dns. (I'm the one that asked the question)
|
|
#
?
Mar 29, 2009 07:18
|
|
|
I'm looking at setting up a lab at home to start learning for a CCNA, and I am wondering about the best model of router to choose. I've found a Cisco 2621XM for sale which, if my limited knowledge is correct, should run the latest 12.4 IOS. It also has dual ethernet ports. The only thing I'd be missing is a "management cable" (RJ45-console I think). Would this model be suitable? I originally thought I could expect to find routers with 5 ports at least, as I am looking to route between 4 subnets in the lab, but I seem to have gathered that this is generally done with VLANs and trunking - is this correct? I may look into getting a decent switch as well if this is the case - although my current Netgear can apparetly handle trunking/tagging.
|
|
#
?
Mar 29, 2009 13:10
|
|
|
Use this: http://www.gns3.net/
|
|
#
?
Mar 29, 2009 13:22
|
|
|
inignot posted:Use this: I've played with GNS3 before, but you need an IOS image to use it - which I can't get hold of without having a Technical Support Services agreement with Cisco. At least that's how it's looking at the moment.
|
|
#
?
Mar 29, 2009 14:33
|
|
|
Where are you going to get the latest 12.4 IOS image for a Cisco 2621XM?
|
|
#
?
Mar 29, 2009 17:07
|
|
|
|
| # ? May 29, 2024 13:28 |
|
|
I didn't realise the support was non-transferable on these things. You my friend have just saved me a lot of money. Thanks
|
|
#
?
Mar 29, 2009 17:53
|
|