Cisco AAA/Identity/Nac :: ISE 1.1.0.665 Application Server Is Still Initializing
Sep 25, 2012
I had a working server running ISE version 1.1.0.665 but someone in the build room decided to pull the power out of the server rather than shutting it down correctly. I have booted the server back up however the web management page was not accessable. I have checked the server status and the end result is the Application Server in the "still initializing" stage. I have left the server for several hours and the status has not changed.
I know people have previously run into this issue but no one has posted any resolution or confirmed that a rebuild is the only solution. I have tried to create an on-demand backup but it seems to fail when attempting to provide the credentials (which are correct) for the FTP server.
View 1 Replies
ADVERTISEMENT
May 29, 2013
We upgraded a CSACS-1121 from ACS 5.2 to ACS 5.4 with CLI Application upgrade ACS_5.4.0.46.0a.tar.gz FTP After ACS reboot, services never start... After 15 hours, we always get same message:
ACS/admin# show application status acs
Application initializing...
Status is not yet available.
Please check again in a minute.
We installed patch 5-4-0-46-2.tar.gpg but we got same issue for 2 hours ...What could I do?
View 4 Replies
View Related
Jul 23, 2012
I put multiple rservers in multiple server farms?
So for example rserver1 and rserver2 are put in serverfarm production1 and are in use with particular sticky and load balancing settings.
Can I then create serverfarm test_production and put both rserver1 and rserver2 in it? Then play around with the sticky and load balancing settings as a test without affecting the production serverfarm.
View 1 Replies
View Related
Feb 16, 2012
I'm trying to design a CSS configuration that allows servers in the same vlan to be the source and destination of load-balanced traffic. My thought is to add two new vlans, one for the VIPs and one for the servers, then NAT the source IPs going from the LB to the servers.
Is this the right way to do it?I've never NATted using CSSs, so I wanted to verify what I'm thinking.Our current config trunks the vlans -
interface 1/1
trunk
vlan 1
default-vlan
vlan 555
[code]....
View 3 Replies
View Related
Jan 17, 2013
I have newly purchased Cisco 887 Router. I am trying to replace this router with the exisiting ISP provided modem I am facing an issue to bring the ATM0 port up.
Here is my router config
hostname Internet Router
!
boot-start-marker
boot-end-marker
!
!
no logging buffered
[code]....
View 5 Replies
View Related
Mar 4, 2012
I have 5 to 6 878 routers and in all these routers the ATM interface is stuck up with initializing mode. This is the IOS running on it c870- advipservicesk9-mz. 124-15.T9.bin
View 1 Replies
View Related
Jul 12, 2012
We did an upgrade from NX-OS 5.1.5 to 5.2.4 and found all M1 line card interfaces were stuck in initializing state for long time.'show module' status says ok. And we cannot execute shut/no shut command under the interface. N7K-M108X2-12L & N7K-M148GT-11 are the two M series cards. Only option was to downgrade back for the time being.
N7K01# sh int e1/1 | in down
Ethernet1/1 is down (initializing)
View 3 Replies
View Related
Apr 20, 2011
I have Cisco ACS 4.2 since few days users can not change their password, what could be the issue? Even after resetting the password I got error.
View 3 Replies
View Related
Jan 19, 2012
Is the ADSL line interface on Cisco 877W not initialising a known issue? This interface on my router has been in this state for more than one month, with the rest of the router seemingly operational. The interface was connected directly to my ADSL broadband and worked well for two years. But then, about a month ago, the interface went down. I saw the exact moment this happened recorded as a syslog message. The only information was that the interface status had changed to down.
Initially I thought this was a matter of reload the router and all will be well. Did not happen. Then I thought my broadband connection was to blame. However, this option was quickly ruled out. So I went on to exhaust all troubleshooting options, including reflashing the router with the saved image and totally changing the configuration. Still no change. I have had to go back to my old BT home hub for internet access. In terms of speed this actually works a lot better than the Cisco router. But I would still rather have the router connected to my broadband line. What can I do to bring the ADSL interface back to life?
View 3 Replies
View Related
Apr 28, 2012
Although, ACS states its installed, after going through the startup. However when I do show application nothing comes up. When I do a application start acs, %Application failed to start.
View 7 Replies
View Related
Jan 8, 2013
I have an ACS 5.4 which is integrated with AD and a RSA. Is there any possibility to Stop the ACS Application automatically if either of these devices are down.
View 2 Replies
View Related
May 4, 2011
procedure to apply the 5-2-0-26-4.tar.gpg patch. I don't know how to get the patch file into the ACS server.The procedure in the "Read me" for the patch does not indicate anything about how to this:
1. open CLI console2. define new repository in which the 5-2-0-26-4.tar.gpg resides3. issue: 'acs patch install 5-2-0-26-4.tar.gpg repository YOUR_REPOSITORY'4. verify installation by getting the following version information via CLI by issuing:#show application version acs I don't know how to put the patch file from my local machine to the repository created in the GUI (if there is where the actual place to creat the repository).
View 3 Replies
View Related
Oct 27, 2012
I'm trying to upgrade my ACS 5.3 (patch 7) to ACS 5.4 and I've downloaded the application bundle from Cisco. I'm transferring the app bundle via FTP towards the VM containing ACS, yet I ALWAYS get %Manifest File not found in bundle. I've opened the bundle and found the manifest .xml inside.
I've double verified MD5 checks, size files, re-downloaded everything, even copied it to the local disk of the appliance. Also browsed through this forum to see that there are people having the same problem with other ACS version upgrades and besides re-downloading and using FTP there isn't a specific solution. I'm always getting this error. I know that it must be possible to do upgrade, but I'm stuck. I do see on the FTP server logs that the file gets transferred, but as pretty much as soon as it finishes transferring (not enough time in my view to extract a 1.2 GB file) I get an error
I'm doing the:
application upgrade ACS_5.4.0.46.tar.gz FTP
(...)
%Manifest file not found in the bundle
View 16 Replies
View Related
Nov 7, 2012
I have a couple of 3560 switches running c3560-advipservicesk9-mz.122-44 and they are randomly experiencing the following:
- The switch locks up with no preceding error message in the log (I am forwarding syslog to Splunk).
- Upon reboot, the switch goes through the normal startup sequence with no error messages, then for some reason reloads the flash and starts all over again. (refer to doc)
This could happen after days or weeks. Sometimes they will go through two of these reloads on boot and be fine for awhile, and other times they will be stuck in the loop infinitely. I am using this same image with all of our 3560s, but am only having this issue with two of them.
View 2 Replies
View Related
Apr 12, 2011
what the "ACS 5.2 application upgrade package" is? I've seen this package on the download software area but couldn't find any document on this.
View 2 Replies
View Related
Apr 11, 2012
I have a very unusual issue with my installation of ISE on my VMWare ESXi 5.0 environment. but whenever I issue the command "show application statuse ise" I get the following output:
ISE Database listener is running, PID: 13675
ISE Database is running, number of processes: 27
ISE Application Server is running, PID: 15163
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Session Database is not running.
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Log Collector is running, PID: 15379
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Log Processor is running, PID: 15457
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Alert Process is running, PID: 15296
View 6 Replies
View Related
Mar 22, 2011
how can we rename an existing username on ACS 4.2 Application.I don't want to rename the group just the username.
View 3 Replies
View Related
May 7, 2012
We are currently running ANM server version 4.1. I am trying to upgrade to version 5.1. But when I run the "application upgrade anm-va-5.1.ova Upgrade" command, I receive an error that states: "Manifest file not found in the bundle".I then tried to run the install command with the same error.
View 2 Replies
View Related
Apr 6, 2011
This is the error message I am getting on our ACS 5.1 appliance - is there anyway to purge the database or compact the file?
View 1 Replies
View Related
Mar 22, 2012
I want to learn how to make application server?I have Windows server 2008 enterprise edition and it is connected to 10 Client Machines. I want to install software programes only on server and use them on client machines without knowing server password.
View 29 Replies
View Related
Jun 2, 2011
If we use an ACE4710 to load balance two real servers, obviously it will use health checks to determine if a server is down.When it detects a server is down, it will not send it any more traffic.But can we also have it take any other action? For example maybe email an admin, or send an SNMP trap? Or better yet, can we use a custom TCL script to do other things, like launch some custom activities?
View 2 Replies
View Related
Aug 7, 2012
I have a Cisco ACE 4710 A5(1.2). Scenario: Inbound call from PSTN to SIP Phone. Call comes into the VIP and then load balances to sip server, the server then routes the call out via WAN to the SIP phone as below:
PSTN SIP Providor >(router)> ACE4710 > sip_server(s) > ACE4710 > (router) >SIP Phone
Note: Router is Cisco 3925 with "ip nat service sip udp port 5060" and Port 5060 mapped to the VIP of the ACE.If I put the sip server directly behind the router it works fine. From behind the ACE:
If I turn on sip inspect on the VIP the call setup (INVITE) and termination (BYE) work fine but the audio loops on the PSTN side from the mic to the speaker.If I turn OFF sip inspect then the audio is fine and mapped correctly but the call terminaton (SIP BYE) hits the VIP from the PSTN but never reaches the sip server.For ease and dianostics, I have turned off all sip servers except one meaning the load-balancer has only one server to choose from.SIP Call_id sticky is setup and seems to work, though irrelevent with one server only on test.How do I get the ACE to accept 'server initiated traffic' with sip inspect so it knows about the pending BYE when it comes back from the IP phone via the VIP?Config below, image attached. Bridged mode (also get the same result in routed mode)
access-list everyone line 8 extended permit ip any anyaccess-list everyone line 16 extended permit icmp any any
probe sip udp 1 description SIP Health Monitor interval 30 expect status 200 200
rserver host server1 description Production SIP Server ip address 10.44.56.172 conn-limit max 980 min 980 probe 1 inservice
serverfarm host sip failaction purge probe 1 rserver server1 inservice
[code].....
View 7 Replies
View Related
Oct 3, 2012
configure Cisco Ace 4710 ?Note :- Just a testing face I need to access my one server(192.168.1.11 : 80) through VIP :- 10.13.77.10 , I have only one Cisco Router 2800 and One L2 Cisco Switch 2960 and Cisco Ace 4710 . So I already configured 2 Different VLANS in Switch (Vlan 10 & Vlan 100) and by router I given the ip address of that Vlans with Inter Routing Vlan. My Connectivity is like this :-- Router Ethernet 0/0 --- 10.13.77.1/24 with vlan 10) & Router Ethernet 0/1 ---- 192.168.1.1/24 with vlan 100 ) connected with switch after that I configured ACE LB and connect the ACE interface with switch Like that ---- Connect to ACE Interface 2/3 vlan10 with switch vlan10(Ethernet port 2-12) and Connect to ACE Interface 3/3 vlan100 with switch vlan100(Ethernet port 13-24) .Testing to access server from Switch Vlan10 to Vlan 100 where my server is there.
Configuration :---
ACE> client side Vlan10 (10.13.77.4/24) , VIP :- 10.13.77.10, SM-- 255.255.255.255
ACE> server side Vlan100 (192.168.1.5/24), Web server -- 192.168.1.11 with 80 port
ACE> Managment Vlan 1000 (172.16.6.5/24) ,
ip route 0.0.0.0 0.0.0.0 10.13.77.1
I already Configured in Routed mode but From Vlan10 ip subnet example like 10.13.77.12(Client or User PC) tried to access server 192.168.1.11 with VIP http://10.13.77.10 but not responding , if i access server with real IP then accessible (why boz there is inter vlan routing)?
View 22 Replies
View Related
Oct 30, 2012
Access Server through VIP (ACE 4710) but very slow
Accessing the server very slow.., check my real configuration... this configuration is for application server and after this i have to configure more serverfarm for different server like webmail etc. in this ACE 4710. I have only one ACE 4710 .
ACE Version A4(2.0) = is there supports Probe with this version? without probe server will work but very slow.
VIP :-- 172.16.15.8
LB/Admin# sh run
Generating configuration....
[Code].....
View 2 Replies
View Related
Aug 31, 2011
We recently configured a setup to loadbalance 2 application server using ACE4710. Initially the configuration was to link two app servers directly to ACE4710 without connecting to a Switch, but later, it was advised that ACE4710 is not able to work without connecting to a switch.
1. ACE4710 is not able to link directly to APP/WEB server, but it must go through a network Switch.
2. If item-1 above is true. We used to have a older Cisco Loadbalancer which is able to link directly to WEB/APP servers. What is the reason or advantage of removing this feature?
View 7 Replies
View Related
Oct 25, 2011
I've been running into an issue with Cisco CSM for a number of years, but always found a way around it. Im attempting to get to the bottom of this to find out once and for all, if this is infact a limitation of the device, or a config issue/work around is possible.
Here is my situation. My CSM's are configured in bridging mode. Traffic works great, traffic bridges across vlans correctly. Everything works and have many instances of smilar configurations running in production. Every once and a while, a client requests that a "real" server (ie LWCMW-021)
cannot ping its VIP address (10.95.88.68). I am assuming this is related to the NAT Server, but not 100% sure. Clients have requested this functionality for some type of application based purpose, but Im unaware if CSM in bridging mode can provide this or not.
real LWCMW-021
address 10.95.88.59
inservice
!
real LWCMW-022
[Code]....
View 5 Replies
View Related
May 23, 2012
After upgrade from ACE20 with A2(3.5) to ACE30 with A5(1.2) I get failures in a number of server farm's, where before upgrade the number was zero. No drops in VIP and logs from applications do not notice any new errors.
View 2 Replies
View Related
Nov 25, 2012
I'm trying to set up a load balancer within an OVH (hoster) infrastrcture, I've followed their instructions [URL] I'm using a RIPE block (5.135.193.xxx/28) and would like the first 8(5.135.193.xxx/29) to be used as the virtual server.vlan 2676 is the local one, and vlan 1227 is the public one.After all the config steps, none of these IPs are responding to a ping, nor a direct http request.
the full configuration is :
=============================================
ssh maxsessions 1
access-list ANY line 8 extended permit icmp any any
access-list ANY line 16 extended permit ip any any
probe tcp PROBE_TCP
passdetect interval 30
[code]....
View 5 Replies
View Related
Feb 2, 2012
Is there a way to rename a server farm, health probe, real server or virtual service without having to completely rebuild it? I'm running 3.0(A3).
View 2 Replies
View Related
Jul 7, 2012
We have two Cisco ACE 4710 and we want to install both of the devices in HA with load balancing mode.While i have done HA mode configuration between ACE 4710.But unable to configure load balancing configuration between them.i want to tell you connectivity between server,client & loadbalancer.Our Web servers are connected to VLAN 152 on the L3 (3750) switch.Which are alreday working in redundancy between other L3.And ACE 4710 it is also connected to vlan 150 which are connected to same L3 (3750) switches and users are also connected to vlan 6 on the same L3 itself.
View 2 Replies
View Related
Feb 11, 2011
How do you access an application that is in the server? Like what extra steps you gotta make? Are they software related or do I have to do some configuration on the router or switch? Heres a little example:
Assume you have a group of computer connecter to a switch, this switch is connected to a router which has the connection to your ISP. On the router, you also have connected a server farm for your network and all the apps are stored there, say MS Word, Excel and such.Now, you have your network running, every ping comes out successful, so you know you did that part right, so the next part is to get the host use the MS Word or any other app in that server. How do you do that? Is there something that need to be configured on router/switch or is it with a software on your host? If its a software, whats the name of it and how you make it work?
View 2 Replies
View Related
Dec 16, 2012
We have a CSS11503 that is currently being used to accept incoming HTTPS and SSH connections on a specific VIP and then PAT those client connections. I understand that it also PATs the server initiated connections. [code]
View 1 Replies
View Related
May 24, 2012
Had setup my ACE ,to send traps to SNMP server .but dont see any logs on the SNMP server from ACE.
SNMP configuration on ACE
logging enable
logging buffered 6
logging host 10.12.40.12 udp/514
[code].....
View 1 Replies
View Related
