Cisco Application :: Does ACE Service Module Support SHA2(256) Certificates

Sep 1, 2010

Does ACE service module support SHA2(256) certificates? I see that private key generation defaults to SHA1 and does not provide any option, also the cipher suites in SSL parameters map do not show SHA2 options. Can it handle SHA2 in any software release? I am currently running A2(2.3) build 3.00

View 6 Replies


ADVERTISEMENT

Cisco Application :: Password Recovery For ACE Service Module 6500

Dec 27, 2011

I have an ACE10-6500-K9 (Application Control Engine service module for Catalyst 6500) but I can't access it because I lost the admin password.I would like to know how to perform a Password Recovery Procedure on this device.Is it similar to the password recovery procedure on an ACE 4700 appliance?

View 2 Replies View Related

Cisco Application :: ACE30-MOD-K9 Module Crash Due To Service Cfgmgr

Dec 2, 2012

My ACE module ACE30-MOD-K9 crashed today, and at the show ver output i see  "last boot reason:  Service "cfgmgr" ".the curent version we running is Version A5(1.2) [build 3.0(0)A5(1.2).

After doing some research i found known bug that supposed to be fixed in this version: CSCtu36146
 
CSCtu36146—The ACE becomes unresponsive due to a configuration manager (Cfgmgr) process failure with the last boot reason: Service "cfgmgr."

View 2 Replies View Related

Cisco Application :: Update SSL Certificates To 2048 Bit Key Certificates?

Sep 17, 2012

I'm working on task to update the SSL certificate for an application. steps to upgrade the SSL, stuffs need to be checked before and after the installation and how to verify the new certificates.

View 1 Replies View Related

Cisco Application :: ACE 20 Service-policy Out Of Service / Still Able To Connect To VIP

Feb 28, 2012

We have a situation where services are stopped on the real servers. The probes fail and we confirm the services are not running on the server. We cannot access the ports from the ACE directly. We can still however acces the VIP on the TCP port (L4 VIP class-map). So we can still telnet to the VIP on the port from thr Client side of the network.This is on ACE 20 Modules deployed in Routed mode. The version of software is A2(3.3).
 
Tried removing multi-match and loadbalance policies as well as class-map and re-applying then re-appyling the service policy to interface. Same behavior,This is a problem at another level as some services are being monitored by GSS via TCP keep-Alive and this obviuosly causes a problem as the service then never goes off-line.

View 10 Replies View Related

Cisco Application :: ACE Supports 4096-bit SSL Certificates?

Dec 12, 2012

I have some questions about the size of the certifcates in ACE module (ACE20). Reading the following link: [URL]
 
I can verify this text: 4096 (high security, level 4) - For software release A2(2.4) and later in the ACE module and software release A3(2.6) and later in the ACE appliance, you can use 4096-bit SSL certificates in chaingroups and authgroups. You can also import public certificates and keys that are 4096 bits in length.
 
We intend to use a certificate (CA) with keys of 4096 bits and according to the text of wiki, it's possible.
 
But if I check the guide [URL]
 
Somebody that already use certificates with 4096 bits in ACE20 module?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.4 Support Wildcard SSL Certificates?

Apr 29, 2013

Getting ready to order a SSL Certificate for my newly installed ACS 5.4 and before I did that i want to verify if ACS 5.4 supports Wildcard SSL's.

View 5 Replies View Related

Cisco Application :: SSL Certificates Update Error In ACE 4710

May 17, 2012

I am facing a problem while updating the SSL certificates in ACE 4710. Our certificate is expired and we have purchased a new certificate from CA. Moreover the common name of the certificate is also changed.
 
I tried importing the certificate to the repository and change the SSL proxy likewise to use the new certificate. but still the new certificate with new CN is not recognised by the clients. they can see the old certificate only. I even tried deleting and creating a new ssl proxy service with the new cert and attaching it to policy map.

View 2 Replies View Related

Cisco WAN :: Does 837 Router Support 2048 Bits Certificates

Oct 16, 2012

Does the Cisco837 router supports 2048 bits certificates?

View 1 Replies View Related

Cisco Application :: 4710 ACE Chain Certificates In Mobile Devices

Oct 2, 2012

I'm having an issue with intermediate certificates from GoDaddy when connecting from some browsers of mobile devices:Browser in Android 2.3.3;Safari in iOS 4.2.1;Chrome 18 in Android 4.0.In a PC there's no problem, only from the above mobile devices. The intermediate certificate isn't downloaded from the ACE 4710 resulting in a "SSL Certificate Not Trusted" error.Since GoDaddy has no instructions to resolve the issue from a Cisco ACE.

View 6 Replies View Related

Cisco :: Wrong IOS On A Switch Service Module?

Mar 11, 2013

I am having issues (nothing new there) I have a bad IOS on a switch module, and the config is set to boot to that IOS, and as such I get a nasty boot loop, I am trying to figure out how to get into rommon but all the documentation I can find for this just says go into rommon and never tells me how to get there on a switch module that thinks it has a good IOS. (The IOS is for our normal service module but this one is an odd-ball switch)

View 4 Replies View Related

Cisco WAN :: Service Ready Engine 910 Module

Jan 1, 2013

can I install and Cisco WAAS and Cisco Prime Network Analysis Module (NAM) together on a single Cisco Service-Ready Engine (SRE) 910 module? Or it can only run 1 of the software?

View 2 Replies View Related

Cisco WAN :: 2901 / 2911 Routers Service Module?

Dec 5, 2011

I have some confusion about some hardware components. I watched the video datasheet of cisco routers and switches. In cisco 2901  and 2911 models of routers there is service module . What is meant by service module. what does it do ? If we buy a new 6500 switch, what are the components we get bydefault.  Is there any special configuraton to be done for 6500 . like Sup engine config etc. What is the difference between ASIC and Sup engine ? In which slots, we need to insert Supervisor Engine ? does it vary with the model . (6503, 6505, 6509, 6513 etc). 

View 6 Replies View Related

Cisco WAN :: Service Module Installation In 3845 Router?

Jun 3, 2013

Is there any risk to install an HWIC-2FE card into a production 3845 router while it is in a powered up state?  Is it recommended to power it down first, then install it?

View 3 Replies View Related

Cisco Firewall :: Upgrade ASA Service Module On Cat 6504?

Mar 20, 2013

I just got 2 Cat6504 Chassis and 2 ASASM pluged in them. show version from submodule ASA as follow:

SVC-APP-HW-3#show ver
Cisco IOS Software, trifecta Software (trifecta-SP-M), Version 15.1(1)SY, RELEASE SOFTWARE (fc2)

[Code].....
 
I want to upgrade new OS for ASA to 8.5 (asa851-smp-k8.bin) but after copy this soft to the module, I can not "write" command or when I reload this box, everything was no changed. SVC-APP-HW-3#write startup-config file open failed (No such device)

View 2 Replies View Related

Cisco Switching/Routing :: Cat6500 SUP-2T Service Module

Apr 12, 2012

Using the new SUP-2T, need to clarify one query. If we are using the new SUP-2T in VSS mode, will the new ASA service module and NAM-3 are supported?  From Cisco site, ASA module FAQ:
 
Q. Will the ASA Services Module support the Cisco Catalyst Virtual Switching System (VSS) at FCS?

A. Yes, depending on which supervisor you use. The ASA Services Module supports VSS either as a single firewall or as a failover pair of firewalls, when used with the Supervisor 720-10G (VS-S720-10G-3C and VS-S720-10G-3CXL). Transparent and multi- context modes also work with the VSS in this configuration. However, though the SUP 720-3B (WS-SUP720-3B and WS-SUP720-3BXL) is supported by the ASA Services Module, it is not capable of supporting the VSS. No reference to Supervisor-2T.

View 2 Replies View Related

Cisco Switching/Routing :: 6500 - VSS And ASA Service Module

Mar 10, 2013

we are planning to implement a VSS solution with a 6500 series switches with sup 2T. We also need to include an ASA service module on the design, however the budget is not enough to buy two asa service modules. So i want to know if is possible run a VSS cluster, whit only one ASA service Module. and also i would like know what happens if the single ASA service module fails? can the switch cluster continue operating just as if there is not a firewall installed?

View 1 Replies View Related

Cisco Wireless :: 2811 Service Module Is Trying To Recover From Error

Mar 27, 2012

I am currently installing a NM-AIR -WLC 6  wireless module in a 2811 and its giving me the follwing errors below and status.I have checked the trouble shooting pdf and says might be possible hardware error. [code]

View 4 Replies View Related

Cisco Switching/Routing :: 1941W - Service Module Failed

Jul 25, 2012

we have approx. 70 Cisco 1941W routers deployed in our company. I used to be able to console into the internet wireless AP by issuing the below command:

service-module wlan-ap0 session
 
However lately this hasn't been working and AP just simply refuses connection. Here is what I have for Status. I have tried reseting the Service Module to no avail.
 
Router#service-module wlan-ap0 status
Service Module is Cisco wlan-ap0
Service Module supports session via TTY line 67
Service Module is failed
Service Module reset on error is disabled
Service Module heartbeat-reset is enabled
Service Module is in fail open
Service Module status is not available

View 3 Replies View Related

Cisco :: Application Layer Service The Same As Application Layer Software?

Apr 3, 2012

I am taking an introduction class to CCNA and we are focusing on the Application Layer,and I'm having some difficulty in understanding what is an Application Layer Service. Is the Application Layer Service the same as Application Layer Software?

View 3 Replies View Related

Cisco Switching/Routing :: How To Configure Sm-es2-16-p Service Module To Route Over 2911

Jun 17, 2012

Any example of how to configure an sm-es2-16-p service module to route over an Cisco 2911?

View 2 Replies View Related

Cisco Switching/Routing :: 6509 VSS Implementation As A Service Module Core

Jun 8, 2011

I m planning to implement VSS in core but want some inputs on IOS as i have FWSM as a service module Core :- Ii am running 12.2(33)SXH2a on my Core 6509  and i checkd cisco sites and Fwsm release notes but it states only  I-Train of IOS while mine is H-Train so can I directly upgrade to  I-Train or I was thinking of SXH8b IOS.

View 2 Replies View Related

Cisco Switching/Routing :: SM-ES2-24 - Installation Of Enhanced EtherSwitch Service Module

Dec 12, 2011

I have a 2911 ISR and want to install a SM-ES2-24 Enhanced EtherSwitch Service Module.
 
Do I need to power down the router?

View 4 Replies View Related

Cisco Switching/Routing :: 2921 / How To Quit Service-module Session

Jun 9, 2012

On 2921, how do you quite service-module session and get back to the router?

View 3 Replies View Related

Cisco Switching/Routing :: 2851 - Service Module Won't Accept IP Stating

Oct 18, 2012

[code]....
 
I can access the ACNS with this config.  The issue is that it will not cache anything when I enable WCCP on both ends.  I am unable to set the gateway to the IP (even when static) to the WAN interface IP with the error Network Unreachable by content engine. If I address it within the 192.168.2.X network and gateway to 2.1, it locks up when cache is enabled.  192.168.0.5 (the external wan int) is unreachable as a gateway. 
 
I've tried the unnumbered ip on the internal interface but then the service module won't accept an IP stating that the router side must have an IP set.
 
I had WCCP attempting to cache but timing out on everything without caching a thing.  I want/need to understand the IP routing before I get ahead of myself.

View 1 Replies View Related

Cisco Firewall :: Catalyst 6509E / Migrating From FWSM To ASA Service Module (ASASM)?

Jun 6, 2013

I'm migrating from a failover pair of FWSM modules across to a failover pair of ASA Service Modules. In order to avoid a "big bang" switchover I intend to migrate subnets from one to the other over a protracted period.With that in mind, whether there is any restriction on having FWSM and ASASM modules in the same chassis? A trawl of the relevant documentation hasn't revealed anything.In this specific case it is Catalyst 6509E VSS chassis pairs with Sup-2T.

View 1 Replies View Related

Cisco Application :: CSS 11503 SSL Service Suspended

Mar 24, 2013

i have two CSS-11503 in redundant mode running 8.20 code.  We had an incident in our network where a layer 2 loop caused some high traffic through the CSS' and had to shutdown some network gear(including the CSS) to clear the problem.  When the CSS' were powered back up, the SSL service was suspended, why this would occur?  There rest of the config appeared normal. I am the only person on these boxes, the configs were written, and I have never had a reason to suspend the ssl service.

View 1 Replies View Related

Cisco Application :: Monitor TPS Value For ACE-SSL-05K-K9 Module

Sep 1, 2011

I recently installed the license ACE-SSL-05K-K9  on ACE10 with multicontext solution.The license provides 5000 Maximum number of SSL transactions per second (TPS).The customer would like to track this to find out the correct size and in the case of services https upgrade licenses.Can I do it so through particular output or it's necessary monitoring with snmp service? In the second case, can you tell me the oid string to use?
 
In case the module should receive a higher number of connections to that provided by the license, what's the issue for new https connections?

View 3 Replies View Related

Cisco Application :: ACE 3.0 Module URI Rewriting?

Feb 16, 2010

We are using a Ace module running version 3.0?We do have a service which can now be reached by a url like https://www.xxx.com/yyy/ < notice the last /This is running via the Ace which terminates SSL and so on..
 
So now our client wants an url like  https://www.yyy.com . The backend realservers and place of virtual dirs on IIS stays the same.

So now /yyy/ needs to be added to the backend realserver request, so the correct virtual dir is used. Therfore I need to add this Uri towards the realserver.

View 4 Replies View Related

Cisco Application :: CSS 11501 Not Dropping Flows If Service Is Down

Oct 14, 2012

some misconfiguration (?) may be the reason for an undesired behaviour we are experiencing with our Cisco CSS 11501s. Balancing mechanisms work fine, however if a service transitions to the "down" state, the corresponding flows remain "alive" leading to a temporary outage of our service. Subsequent client requests are still being sent to the "down" frontend which is unresponsive.

View 4 Replies View Related

Cisco Application :: Ace 4710 SSL Proxy Service Using FQDN

Nov 28, 2012

I have an ACE4710 with a few basic farms running and it works great however I now need to implement an SSL proxy service for the first time. The requirement is that clients who are already using FQDN's need to be sent to diffent real server IP addresses as each client will have their own VM. All the clients will use the same global IP address with different A records.

View 1 Replies View Related

Cisco Application :: CSS11503 SAM Module On 99% Utilization

Jul 27, 2012

CSS11503 that has a SAM module having a 99-100% utilization. Can this affect the services if both the accelerator module cpu peak to 99%.
 
Kindly see below logs:
 
LPHGT11# show system-resources
System Resources for 1/1:
Installed Memory:   268,435,456 (256 MB)

[Code].....

View 2 Replies View Related

Cisco Application :: ACE 30 Module Configured For 250 Context?

Mar 28, 2012

I Just deployed some of these new modules and running A4.x code. How to configure an ACE with the maximum context?
 
We run in tranparrent mode with 110 Contexts, we found that with a base config for each context(80 lines of code) this would only leave us with 7% of available RAM. The Device begins to shut down services @ 5%.  like SSH and others.
  
So, Is this even possible to configure 250 contexts and still manage the device.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved