I am triing to migrate my old ACS to the new one. I am using ACS 5.3 on appliance CSACS-1121. Sometime, i loose the connection to the appliance and i could not connect to the appliance with SSH, i could not start the GUI and the authentication is switched to the secondary instance. As soon as I have traffic, the connection is restored.
View 3 RepliesQuestion on two ethernet cables
But I am wondering will my overall connection speed decrease if I have multiple devices on? I am just curious as to if I have both say an xbox 360 and my computer on.
I was examining my router's logs the other day and I noticed a recurring entry stating that my PC's IP address was sending packets to the IP 172.16.30.115 on port 80, and that the router was dropping them.Except for the fact that my home LAN uses the 192.168.1.0/24 network EXCLUSIVELY. That is all it has ever used since this router was set up, and the only other networks we have EVER used are 192.168.0.0/24 and 192.168.2.0/24. So why, I wondered, is my PC repeatedly sending (presumably) HTTP traffic to a private IP that is not and never has been on my network?I wasn't worried about what these connections might be doing, since I figured they couldn't do anything, but I was kind of concerned about what was generating this traffic in the first place. So I downloaded Wireshark and ran a capture for 30 minutes. Upon completion, I filtered results to show only packets that contained the IP 172.16.30.115, as either the source or destination IP.Based on the router logs, I expected to see three packets with my PC's source IP address and a random source port sent to 172.16.30.115, port 80 every 10 minutes.And I did see that. These are TCP packets, and they appear to be completely empty. The only thing I noticed about them is that the SYN flag is set. I don't know what the significance of that is, if any, but that's what I noticed.
What I DIDN'T expect to see were the packets that had a source IP of 172.16.30.115. These packets (also TCP) had the ACK and RST flags set, and they contained the text "Go away, we're not home." So not only are there packets being sent to an IP that cannot possibly exist within my network, but there are also packets coming FROM the impossible IP telling me to go away.All of that is scary enough on its own. But then I hopped on Google and did a search for the phrase "go away, we're not home," and almost every result was related to the decline of the Storm worm. After reading about Storm, I was more confused, not less. In its heyday, Storm used UDP traffic to communicate between peers, and my mystery traffic was TCP. Storm usually did not use well-known port numbers, such as 80, which I read was part of what made it so resilient. Not to mention that the most recent posts I could find regarding the Storm worm were dated 2010 and were about the possibility of a second Storm, and I didn't get this PC until May 2011. Plus, even if we ignore all of this and operate under the assumption that I have the Storm worm on my PC, that still doesn't explain the fact that the traffic from my computer is heading to a private IP that is NOT, I repeat, NOT being used on my network, my router says it's dropping this traffic, but my PC is still somehow receiving a response from an IP address that 1) isn't on the network and 2) can't be having any packets forwarded to it, since the router says it's dropping the traffic.So, operating under the worst-case scenario assumption, I used two different virus scanners (not simultaneously, of course) to do the deepest scans they are capable of doing. They both turned up completely clean. In fact, I've had AVG Free installed on my computer since I got it, and even if you look at my virus history you only see a few tracking cookies, a corrupted EXE from the Skype setup folder, and a Trojan dropper that I never even ran because I thought the file properties seemed fishy so I scanned it and promptly deleted it. So I now have to go back to operating under the assumption that I do NOT have the Storm worm, and I am back to the drawing board.
During the last month or so my internet connection keeps stalling and will not work until I repair the connection, however I am still connected to the network, I just can't send or receive packets. In particular when I am downloading things, it will stop after 2MB is downloaded or 300MB, it just random. After sending/receiving 7,000 packets or 700,00. This only happens to my computer with the wifi adapter. Prior to this I didn't have any issues for over two years. My phone and laptop still connect via wifi to the internet. And the xbox and blu ray player are connected via ethernet and have not had any problems. The log for my router states "deauthenticate reason 3", which I have found to mean "The access point went offline, deauthenticating the client". So, I figured that the issue could be the wifi adapter which I installed on the laptop and that too never had an issue. I used inSSIDer 2.0 to see the close by networks and changed channels to get away from the strongest ones. I tried switching to wireless n only instead of g and n, the problem still persists.
Then I figured the issue must be my computer and no malware, spyware, adware nor any virus was found. The same thing happened while in safe mode. I also tried the winsock fix to no avail, reinstalled the wifi adapter and made sure all firmware for the router and adapter were up to date as well as XP. I also tried with my firewall shutdown but I still loose the connection. So I then reluctantly did a clean install and even with the bare essentials it still stopped working. I also bought a 15ft USB extension to get a better signal but still, even though I have a good or excellent signal I still have problems. My latest thought was this was the only machine running firefox 4 so I went back to 3 and that didn't either. I checked my usage with my ISP and I am no where near the 250GB a month.
I keep getting disconnected and blocked from using even LAN on my computer. This happens whenever I visit certain websites. For instance, I registered on a website that has me "kept signed in", and whenever I click to view that website, it partially loads and then for precisely 1 minute any network activity I try (like visiting my router configuration page, or clicking refresh or home to load google) will not go through. Only after that one minute is over with, I can resume browsing that website; however, if I leave it for too long, and then return, the same thing happens.
I've also noticed that if I sign out of that website and then visit it, that disconnect issue won't happen.But that isn't the case with other websites, as they require no accounts and are just pages with news and other stuff.I tried uninstalling and reinstalling my ethernet drivers, tried flushing dns, renewing ip, releasing and some other /cmd stuff that I found online.This also doesn't happen on any of the computers connected to my router (although, they are all using wireless - I am using cable to router).I'm on windows 7 x64, using a realtek ethernet card, Nod32 security suite (think it may be the settings on this thing? I set everything to super safe settings so I don't get any dumb viruses). Windows is updated (well, at least 3-4 months ago it was updated). I have no idea what is causing this, and why the precise 60 second interval until I regain access to the internet.I'm using Firefox, but this also happens on IE8 or 9 or whatever I have installed, so I don't think it's a browser issue.Things like facebook, youtube, pennyarcade and other junk work, but as soon as I go to google looking for, say, apartment rentals and open some pages, one of the links in the search results is bound to make my connection freeze.
Is there any way to hide my activity on the network? My network administrator monitors our network activity, specifically chat.
View 1 Replies View RelatedI wonder if there is a free programme that will let me look at network traffic/activity on my network, i'm having real issues with with access and the slow down of the network. Unfortunately my switches are not managed.
View 2 Replies View Related I have used this WRT54gl for several years and it's performed flawlessly both wireless and wired. Recently I've extended the reach of my home network by adding a second WRT54g cabled to the network. I also added another PC in a nearby home with a wireless dongle attachment to the network. In setting all this up I've just noticed that the 'Traceroute' and 'Ping' functions in the original WRT54gl do not work. That is, when in the Administration, Diagnostics window and select either function I get a 'Network is unreachable' message instead of the ping/traceroute information.
All other functions on the network seem to work fine, ie..., I can ping the router from anywhere. Both wireless and ethernet connections work fine through it. The newer WRT54G addition to the lan is setup identical and the ping/ trace router work fine with it.Both routers have DHCP disabled. My modem handles it.
what is the ideal timeout for users when no activity is performed while connected to network via wireless
-WLC model 5500
-AP model 1200 series
users get disconnected every 15mins when machine is Ideal and where do i see this option.
how to decrease high ping
View 1 Replies View RelatedAbout a week ago i started experiencing very slow download speeds... things like streaming online videos and having to wait which i have not had to do for the last 4 years. I did a speed test on multiple sites and my download speed comes out at about .2mbps and my upload is still where it should be at .6-.8mbps. I have a 12mbps connection so this does not make sense at all. Originally thinking it was malware, I formatted both my hard drives and did a clean install of windows 7 and it did nothing to resolve the issue. Could it be that my wireless card's radio is failing?
View 8 Replies View RelatedI would like to know if it is possible in dir655 ver 1.30 to limit bandwith in QoS using mac address?because in QoS Engine Name i can only see this opt. no opt for MAC, what if the user use DHCP?
View 1 Replies View Relatedtell me the reasons that could cause the decreasing of the bandwidth in the TP cables? just 3 or 4 (main) reasons.
View 4 Replies View RelatedI have a such setup:Code:
View 3 Replies View RelatedWe have a WDS connection between two AP541 access points, where one AP is connected to a SA540 with cable. The AP in the other end of the WDS does just act as a repeater, broadcasting using the same SSID and channel with WPA-PSK, as the cabled AP. For the WDS channel, we have tried WPA/WEP/none encryption without any difference. Spanning tree is enabled. 802.11 mode is 'bgn'.
Sitting physically beside the remote AP (the "other" and uncabled end of WDS) with a laptop using Intel 802.11bg adapter, we get a speed in the range 5-7Mbit/sec connecting to the cabled AP (3 of 5 bars signal strength in the traybar icon on Win7). But switching to the remote AP, which is beeing feed by the WDS from the same cabled AP previously being connected to, we do just get a measured bandwidth of 1-2Mbit/sec. I understand that some throughput is lost using WDS, but this does still look like a big decrease?Any experience using WDS with AP541, who can comment on if this is expected or not, and eventually any thing we can do to increase the speed?
They have an ASA-5510 with version 8.2(5). They just upgraded their Internet bandwidth to 30 Mb both ways.If we do a speed test in front of the ASA, we get 28 Mb/s upload and download, with a ping of about 5 to 10 ms.If we go behind the ASA, the download is about the same, the upload is decreased to about 12 Mb/s and the ping goes to 260 ms The license is base, there are no additionnal function added to the firewall (no IPS). I've check the speed and duplex and everything is fine.There are no drops on the interfaces or rules of the firewall, no drops on the Interface of the ISP router either. All interfaces are configured at 100Mb full duplex.I saw a couple of discussions on this in the forums, but they don't seem to come up with anything and they look like they end in the middle of the whole story, like once the problem is solved, they don't update their discussion.
View 6 Replies View RelatedI've had the E3000 installed for several years and a few days ago saw my download speed drop by 80%. Trouble shooting with the Cable provider ended up with connecting directly from the PC to the modem and the speed issue was corrected. I don't see any recent changes in firmware, no new programs.
View 2 Replies View RelatedI've been having this problem for quite some time, mostly since my mother bought her first Asus Laptop that came with an Asus WL-530g V2 wireless router.Problem is sometimes I get a random disconnect where Local Area Connection is identifying. On some occasions it reconnects on it's own after a few seconds, other times I have to diagnose the problem and I get a "Windows doesn't have a valid IP config" problem but it fixes that.The other problem, and I don't know if the two are related is that very often, for short/long periods of time I get a drastic reduction of internet speed. From what I can tell, it's got to be something to do with the network configuration or the actual router itself, it's very old and Asus stopped making firmware for it in '09. Useful data Basically I have a wired connection from my desktop to the wireless router.
>>>Asus WL-530g V2 Wireless router
>>>Atheros ar8151 pci-e gigabit ethernet controller (driver up to date)
>>>ISP RCS RDS
>>>DSL connection
>>>ESET nod32 Antivirus
[code]....
After reconfiguring my LMS 4.1 from snmp v2 to snmp v3 the endhost aren't reachable anymore. Before configuring the snmp v3 I have purged the endhost database in order to repopulate it. After the jobs run no endhost could be added to repository. It just says unreachable.
Could it really be a snmpv3 issue? Everytihng else is working as before. I'll have to go back to snmp v2.
So we have a cisco asa 5505. Once a day now (random times) it will suddenly be unreachable along with the hosts connected. If I console in and ping a host from the asa, suddenly it becomes reachable from the outside world again. My job prohibits me from posting the configuration online.
View 10 Replies View RelatedI any running Cisco Works LMS 4.0 on Windows 2008 Enterperise Edition with SP2.I am facing 2 issue which are below:
1. Get message "You are using unsupported Version". As per Cisco document Windows 2008 Ent edition is support by LMS 4.0
2. All of my devices are showing unreachable. I already double check the Devices Credential include SNMP (Read and Write community) and Username and passwords.I can accessble all devices via telnet from the same Cisco Works Machine.
I have discovered my switches in LMS but it is showing unreachable what can be the reason ?
View 5 Replies View RelatedWe presently have a guest wireless solution in place using 4400/5508 WLC controllers authenticating guests via a NAC Guest server. This has functioned well for the last year or so, but now our security team has requested that we begin logging guest activity. I already have RADIUS accounting set up on the WLAN configuration pointing to the NGS,I have added the NGS to the syslog set up on the controller (I have tried various syslog levels) but I am not receiving any guest activity info in the reports on the NGS. Any way for getting this data?
View 2 Replies View Relatedwe recently purchased a sg300-52. i was told i would need to setup a port trunk to connect it our main catalyst. However, i was able to connect a patch cable on the two devices and ping endpoint devices on both switches. I also noticed that the activity lights are constantly blinking. I'm not sure why. Is there something i can do to slow the activity light? it blicks constantly even in times of very low activity by the endpoint.
View 2 Replies View Relatedin my test LAB i have used a 5505 running 9.1.1.I have setup a DC (2008R2) and then AD Agent.I have configured and used Identity firewall rules which worked like a charm.I have also used LDAP Auth which also worked fine.I then disabled all the rules but kept the identity firewall checked.Since it was a lab environment, i had to remove the DC for other tests.A few hours later the ASA initially was stuck.I used the console and i saw it could ping noone! not even directly attached PCs or defgw (i was able to ping them before it stucked).No arp table also!the asa did no NATing so no xlate entries were vavailable.Then i sshed to it.I got a blank screen and from console i could see cpu-usage from ssh to 20%I opened a second ssh: nothing. Blank Screen again. cpu-usage from ssh to 40% (overall ~50%)I opened a third ssh: nothing. Blank Screen again. cpu-usage from ssh to 65% (overall ~75%)I issued reload from console! Nothing! it was trying to shut down!I issued reload quick-> that is when console was lost!!I have to unplug it.
The DC that was removed was also the DNS for the ASA.The only log message i could see, before it stuck was "AD Agent is out of reach".i have ttried this 4 times. Always the same. 100% reproducible.I disabled the identity firewall-> no problem! it worked for days.100% reproducable.I downgraded to 8.4.5--> the same for both above actions.
I'm having an issue where when I upgrade from 8.2(5) to 8.4(2) on an active/passive asa 5585 running in transparent mode I can no longer reach the standby ip. The BVI interface appears to be created properly, the device IP and standby IP are listed in the config under the BVI interface and my inside and outside interfaces are both joined to BVI1-group.
View 1 Replies View RelatedI have a strange behavior and a simple proble . I configured the following static route
ip route 10.84.22.0 255.255.254.0 10.84.23.254
That I advertsied in eBGP :
router bgp 65000
network 10.84.22.0 mask 255.255.254.0
the IP next hop 10.84.23.254 is cascaded on my customer LAN . At nominal time the router advertsed the route in BGP
pjnb1376#sh ip bgp nei 57.213.169.169 ad
Next Hop Metric LocPrf Weight Path
*> 10.84.22.0/23 10.84.23.254 0 32768 i
When the lan interface of the router goes down , the router still advertise the route !!! Even if the IP next hop
10.84.23.254 is not reacheable anymore ....
The box is a Cisco 1941 using
1900-universalk9-mz.SPA.151-4.M1
The problem is that that the routers are not reachable form the corporate LAN after some time. Pinging the routers IP is not working anymore. When the network cable is unplugged and plugged in again the routers are responding again. The same applies when I connect my Laptop to the router. The interface is responsive right after I connect the cable. Also other devices on the network can ping the router. But after a few hours or sometimes 1,5 day the router is unreachable form the corporate network.
The problem first started a few weeks ago. The configuration did not change. The router 878 was not responsing and after changing all the cables and conncting it to another swith the problem remained. So I suspected a hardware failure and bought a replacement 888. After configuring the 888 it showed the same behaviour as the 878 router. The DSL connection is working all the time. I can even set up a vpn connection to the router and start a telnet session. than I can ping the internap IP of the router but pinging another device is not working.
What I noticed after the command sh int vlan1 is that the last input counter keeps increasing.whats causing this or how to debug?
I have one instance of WCS 7.0.172.0 (on a Linux host) and a fleet of WiSMs that I'm upgrading from 7.0.98.0 to 7.0.116.0. Every time I run thru the upgrade process from within WCS (scheduled to run overnight, off peak hours) all of the controllers that were upgraded then show as "unreachable". Grepping thru wcs-0-0.log shows messages that the controllers are unreachable via SNMP but running an "snmpget" from the command line to any of the affected controllers works just fine. The only way I've found to remedy this is to stop and restart the WCS service. Considering how long that takes with my deployment...I'd rather not do that every time .
View 2 Replies View RelatedI added Cisco AIR-1142 AP which is registered with WLC 5508 in to LMS 4.1. After restarting AP, the status in LMS showing as unreachable. I am not able to save the configuration in AP and also not able to add SNMP parameters . what is the issue or what are the normal procedure to add a LWAPP in LMS.
View 4 Replies View RelatedIs it really the case that the ASA will not generate ICMP Host Unreachable messages for sub nets connected to any of its interfaces (in breach of RFC1812) as claimed here: [URL]
I'm investigating a situation where an organization uses ASAs to control traffic between different v lans in their internal production systems as well as Internet traffic. They are having problems with internal load balancing because the ASAs do not (as currently configured) generate Host Unreachable packets. Can this be changed in the configuration or not? I have to say, if it can't then I'd urge them to find something else to route between their internal sub nets.
i have my 9 computers 1 prolink modem/router h5200 and tplink switch...for 3 months my connection is quite good..but in the 4th month its starting to Reply 192.168.1.1 Destination net Unreachable..i called up a technician from the network..He changed my modem/router with the same model and it runs for an hour... 5-6 hrs..the problem starts again it begins to ping Reply 192.168.1.1 Destination net Unreachable...b4 my TCP/IP i configured it automatically but now i try to put it manually...my modem/router starts with 192.168.1.1 my first unit starts in 192.168.1.2 and so on.
View 1 Replies View Relateddetect botnet acitivity from network point of view.
View 15 Replies View Related