Cisco Application :: Root Password For ANM 4.2 Virtual Appliance
Sep 18, 2011
The upgrade process for ANM virtual appliance 4.2 involves doing a backup and restore as root user. I have looked through the documentation and have even reinstalled the virtual appliance to see if the install script gives away the root password for the OS but without luck.
How to set/find the root password?
View 2 Replies
ADVERTISEMENT
Oct 12, 2011
We have an ACE Appliance in a DMZ and the ACE Appliance's Admin Context IP is translated between ACE and ANM. The ANM Server does not get translated. It is just the opposite then in another Community discussion.
Our Problem: When adding the ACE4710 Appliance to the ANM imported Device List, we use the ACE's NATed Admin Context IP. Import works well, but ANM reflects the Admin Context IP with it's real configured IP. Polling the ACE Appliance does not work therefore.
Is there a possibility of telling the ANM, that the ACE has to be polled through a NATed IP? I could not find a field to set a NATed Mgmt IP.
Configured IP on ACE Admin Context: 192.168.0.10
NATed ACE Admin Context IP: 172.16.0.10
Imported ACE with IP 172.16.0.10 into ANM, but ANM polls for Rserver, Vserver, Probes, etc. via 192.168.0.10 - which is not reachable from the ANM.
View 2 Replies
View Related
Jun 15, 2012
We have an ANM Virtual Appliance, version 5.2, were we login and can go no further. This was working for fine for approximately two and half weeks. We created a backup and re-loaded the system via CLI with the same result. We logged in again via SSH and we have noted the following:
cscoanmsa/admin# sh disk
temp. space 4% used (141244 of 4951688)
disk: 7% used (353916 of 5935604)
Internal filesystems:
warning - /var is 100% used (89219000 of 89258112)
cscoanmsa/admin# sh application status ANM
[code]....
Is there any way to access and clean out the /var directory from the CLI. is this achieved simply via the "delete" command with the full path ?
View 5 Replies
View Related
Sep 5, 2011
currently have LMS 3.2 on a Windows server. I'd like to upgrade to 4.1 on a virtual appliance. I don't care about migrating data and would probably like to just start fresh. My question is If I were to download the 4.1 evaluation virtual appliance and also purchase the 3.2 to 4.1 upgrade license would I be able to apply that license to the evaluation?
View 6 Replies
View Related
Dec 18, 2012
I am low on available disk space to perform backups on my LMS 4.2 installation. Is there a way to force the appliance to recognize the increased disk space allocated by ESX VMware?
View 2 Replies
View Related
May 8, 2013
trying to get my ducks in a row for replacing a Cisco 5510 and a Barracuda Link Balancer with a virtual pfSense appliance. This is partially due to eliminating support contract costs (nearly $3k annually between both appliance) and partially to utilize the redundancy and fault tolerance that our virtual environment can provide. I'm also implementing a colo site for replication/DR this year so doing a tunnel from site to site would make it a lot easier with like for like virtual appliance firewalls.
The VPN aspect. We are currently doing Cisco VPN with Radius auth on the back end, this is seamless to setup from an end user perspective as they just hit a URL, download/install the ANyConnect client, and log in with their credentials. Is there a comparable alternative in pfSense? I'm leaning toward IPsec but it still doesn't seem as seamless as what we currently have in the ASA.
View 8 Replies
View Related
May 3, 2013
We have a problem with a Cisco 1400 Bridge. This equipment can not bridge to the other root or not root mode. I can see a message "Interface Dot11Radio0 Radio transmit power out of range" and the MAC Address of Dot11Radio0 appears with 0000.0000.0000.I set the local power to 18 but the MAC Address is still in 0000.0000.0000.
View 1 Replies
View Related
Oct 18, 2011
i got the problem with 1300 bridges,root bridge with omni antenna and non root with sector antenna , it can associate and can pin each other , but whenever i try to browse several web pages its get timed out and radio was down.
View 5 Replies
View Related
Jul 18, 2011
Any working configuration between two BR1310's in Root/Non-root mode? The documentation is vary vague and i can't find anything more secure than WEP. Is it possible to use WPA with radius authentication?
View 1 Replies
View Related
Feb 11, 2013
Do you know if it is possible in ACE 4710 appliance to configure a SIP TLS ?The SIP probe we have in the configuration guide it is only for clear text. for Lync 2013 we need to establish first a TLS session and then within it, send an SIP request..IS it possible in any version? I tried also to configure a HTTPS probe but it fails as it sends a GET which the Lync SIP server doesn't understand.
View 1 Replies
View Related
Jun 21, 2012
In 2008-2010 timeframe, I used the ace 4710 appliances at one customer and kind of liked them. The deployment was not too SSL intensive and B/W requirements were low, but I configured a few HA pairs and that worked well. The configuration was pretty comparable to other Cisco devices; so easy to learn/pick-up.Fast forward to 2011: stepped into an environment, where customer purchased 3 - ACE 20 modules (before I got here), and had multiple issues with them. I found 4 documented TAC cases, and 1 was still open. I started working from December 2011 on getting Cisco to own-up WRT modules but customer by that time had had enough.
The most serious issue was a random reboot, hang or lockup. I wasn’t here to work with them to verify, but that’s eventually what the deal breaker was. Around the February 2012 timeframe, talking to Cisco SE, he revealed Cisco had an independent lab in Switzerland verify that some hardware component on the device had a terminal defect, in which a bit would flip, and force the device to lock or reboot - subject ot radioactive decay or interference.Cisco and the lab attributed this to improper shielding, coupled with defective material in the electronic component; hence the device was highly susceptible to radiation-type errors. This is the kind of stuff you read in doomsday reports! As a result, Cisco was EOL-ing the ACE-20 module. I am trying to get Cisco to replace the ACE-20 modules with something else, but they haven’t been too cooperative. They have also limited their SE/Salseperson presence where I work (Pacific Northwest); and are not too responsive.
I have gotten a verbal agreement to get a credit on prior purchases for the amount this customer spent on the ACE-20 modules. However, the credit is only a few points off their normal discounting model. And Cisco will not go into loss on new product sales. Using example, $100 product would cost me $55 with standard Cisco discounting. Cisco’s cost might be $45 so I will only get another $10 credit on this new purchase.The 3 Cisco ACE-20’s originally cost customer about $100K, so to dwindle this credit down, we would need to purchase about $1-$2 million of new hardware - that's a lot of new gear! And I don’t have any real way of knowing that Cisco is applying the credit honestly, and they won’t put anything in writing. This entire issue has really dampened customer’s impression of Cisco. They had smartnet on the ACE-20’s for 2+ years, but then dumped that after losing faith in the product. Now I am trying to resurrect smartnet to see if Cisco will give us an alternate product.
And to cap it all off, the original Cisco salesperson (who sold customer the ACE’s), has left and went to work for F5! And yes, he has been calling on customer to try to sell some big-IP's! At least there is some humor in all of this. So... Has anyone else had bad experience with ACE-20 module? How about ACE 4710? How to get a reliable working ACE module from Cisco?
View 6 Replies
View Related
May 26, 2011
My TCOM guys say they do not see the ACE as a CDP neighbor on their switches. Is CDP enabled by default? I cannot find any documentation that suggests this is configuration (like on the Cisco CSS - where it can be enabled, but cannot see its' CDP neighbors).
BTW - The ACE 4710 Appliance documentation uses CDP as acronym for Certificate Revocation List Discovery Point (for SSL CRL's).
View 2 Replies
View Related
Jan 21, 2013
I have a pair of ACE 4710's that I am deploying within a datacenter. The primary and secondary ACE appliances have identical configurations except for the IP addressing and priorities for FT. The FT peer is going into a TL error state.
On the primary ACE appliance, I am able to ping and telnet from/to it without any issues. All of the routing works as it should and everything is seen in the ARP table as it should. The secondary appliance is able to ping everywhere, but telnet out of or into that appliance does not work.
I am able to see the IP addresses in the arp table and can successfully ping end to end from the secondary device, just unable to telnet into or out of it. When I try to telnet out of the secondary device, it reports that there is no route, even though the IP's I am trying to telnet to are directly connected and those interfaces are up and working (otherwise ping would fail). The exact same filters (access-lists, service-policies) are configured in the exact same format and applied to the exact same interfaces.
I tried removing all of the fault tolerance configurations and just created a Layer 3 vlan interface for management and I am still unable to telnet into or out of the appliance. This is not a complicated setup and I have to think there is something obvious that I'm missing, but I'm hung up on the fact that the config's are almost identical while one works exactly as intended and the other reports no route to host for a directly connected interface.
View 2 Replies
View Related
Mar 10, 2013
We have several 474 and 594 class WAAS appliances in the field. When power is lost to a given location, almost all of the other devices we have at these sites will start themsleves back up upon the restoration of power. Since the 474 and 594 WAAS appliances are basically PC based devices they do not seem to have the ability to start themselves back up when power is restored. What we would like is to have a solution wherein the WAAS device powers up on its own once power is restored much like the routers, switches, servers and PBX devices at the same location.
View 1 Replies
View Related
Sep 6, 2011
I've got basic connectivty to our ACE30 module and when I try connecting to the management IP address (attached to the Admin context), I see a very basic GUI which only lists the CSM to ACE config conversion tool. I don't see a GUI as detailed in the document: url...How do I get the ACE Applicance Device Manager GUI working so that I can then configure real servers, serverfarms etc rather than via the GUI?Having read through copious amount of documentation I can't seem to find a refrence that would ne useful here. This should be a fairly straight forward exercise - do I need to install some other software to get the full fledged GUI working?
View 2 Replies
View Related
Mar 19, 2012
what is that mean-"Redundancy is not supported between an ACE module and an ACE appliance operating as peers" I'm designing network in which I plan to use ACE-4710-0.5F-K9 appliances.
View 1 Replies
View Related
Feb 5, 2012
disable telnet for ACS 1120 Appliance version 5.0.0.21 .is there anway to do it , not able to login via telnet and ssh it says wrong credentials but webgui is working fine with same user and password.
View 1 Replies
View Related
Sep 25, 2011
i have a 4710 appliance (one armed) and i am load balancing with two webservers. In the URL, there are links that need to be redirected to https:
[URL]
i am using the
rserver redirect REDIRECT-TO-HTTPS[URL]
The https is working but i have a problem. when i access the Main link "first" it is redirected to https to the Main link.But if i access one of the Sublinks directly(without having to click on the main link first) the page is redirected to https but to the Main Link. i have to click the Sublink again in order to get the page.How can i redirect to https and stay on the same page? What might be the general link in the webserver-redirection?
View 4 Replies
View Related
Jan 9, 2013
I would just like to double-check a point with the forum on licensing on 4710 Appliance.If with version 4.2 and above 2Gbps Bandwidth licence is required, the output of the sho license status should be?
View 1 Replies
View Related
Feb 14, 2012
I am completely new to the Cisco ACE devices but have been asked to look at deploying them. I have read the ACE virtual partioning paper which covers the ACE module, and it mentions the following;"In an active/active high-availability design, both the primary and backup Cisco ACE modules are active simultaneously. The active virtual partitions are distributed across both modules, such that approximately half are active on the primary module and the remaining are active on the backup module."does the same resilience model work the same using the Cisco 4710 appliances? I.e. can we split virtual partions across two physical devices thereby having an active/active scenario.
View 4 Replies
View Related
Apr 27, 2013
I have a single cisco 11503 load balancer.There is a single Banner student information system which is load balanced on it with Virtual ip 10.3.20.101 which is working fine without any issues .I am now trying to add an Oracle ERP application with virtual IP 10.3.20.230 and physical ips 10.3.19.22 and 10.3.19.23 all on port 8003.When I just make the group ERP-Apps-Grp active , the vitual ip address 10.3.20.230 is pingable , but when I make the the content Erp_IAT active it stops pinging. [code]
View 6 Replies
View Related
Nov 25, 2012
I'm trying to set up a load balancer within an OVH (hoster) infrastrcture, I've followed their instructions [URL] I'm using a RIPE block (5.135.193.xxx/28) and would like the first 8(5.135.193.xxx/29) to be used as the virtual server.vlan 2676 is the local one, and vlan 1227 is the public one.After all the config steps, none of these IPs are responding to a ping, nor a direct http request.
the full configuration is :
=============================================
ssh maxsessions 1
access-list ANY line 8 extended permit icmp any any
access-list ANY line 16 extended permit ip any any
probe tcp PROBE_TCP
passdetect interval 30
[code]....
View 5 Replies
View Related
Jan 5, 2011
I have a question regarding CSS loadbalancer. Let's say there are 2 vlans in CSS:
1. Vlan 10: 10.1.1.0/24 as external interface, interface where most of the clients are coming from.
2. Vlan 20: 10.1.2.0/24 for real server vlan.
Virtual IP 10.1.1.10 is created in CSS on behalf of two real servers (10.1.2.11 & .12) in Vlan 20. Client from Vlan 10 can http access to 10.1.1.10 successfully.
In Vlan 20 there's also few clients which need to access servers via virtual IP. Vlan 20 Client PC (10.1.2.101) can ping 10.1.1.10, but can't access 10.1.1.10 http service.
Is there any way for CSS to forward service request coming from Server vlan to be send back to the same segment?
View 9 Replies
View Related
Jun 3, 2012
I am in the process of configuring load balancing on ACE module but struggling to configure virtual IP address for ACE module. I'm working on ACE30 module and using software version A5 (1.2). ACE module is in slot of Catalyst 6504 switch.
View 5 Replies
View Related
Apr 25, 2011
I am trying to reimage a Cisco MARS 25 appliance for the pnadmin password recovery procedure. I am trying to boot the system with Recovery DVD (Version 5.3.2) shipped with the appliance. I connected a VGA monitor and USB keyboard to the appliance and when I do a reboot, I can see the Installation options. Please Choose A MARS Model To Install...
1. Distributed Mars - Local Controller But I am not able to select the Option 1 for the reimaging of Local Controller since my keyboard is not responding for the selections. During the LILO boot process, I can see some error message that 'Keyboard Not Present'. I tried to connect the keyboard to different USB ports and the PS/2 port using a USB to PS/2 adapter. Still keyboard is not functioning.I am able to select the BIOS options while connecting the USB keyboard to appliance. But it is not functioning when booting from Recovery DVD. Also the keyboard is functioning if I boot the appliance directly with previous image. Unfortunately I dont have any PS/2 keyboard available for connecting and admin password for Login.Is there any workaround/solution for supporting the USB keyboard during the Recovery Procedure ?I tried the serial connection with hyperterminal but some junk charaters appear even after setting the recomended Baud rate, parity, flow control etc.The Ethernet console seems not working with the default IP address 192.168.0.101 for eth1.
2. Distributed Mars - Global Controller
3. Mars Operating System Recovery
4. Quit
View 5 Replies
View Related
Apr 24, 2012
Can I associate the non-root bridge model 1310 to the root bridge model 1400? Is there any problems on the configuration I need to be aware of?
View 7 Replies
View Related
Dec 27, 2011
I have an ACE10-6500-K9 (Application Control Engine service module for Catalyst 6500) but I can't access it because I lost the admin password.I would like to know how to perform a Password Recovery Procedure on this device.Is it similar to the password recovery procedure on an ACE 4700 appliance?
View 2 Replies
View Related
Jun 23, 2012
I am currently working on an example for a CCNP Spanning Tree Protocol example.I have some lectures on video and getting confused with an example they have provided. It has me baffled as I have compared it against numerous other websites, trawled forums and tried to get other examples to compare it against.Anyway, I have posted screenshots of the topology. They are as follows:
1) topology showing links so can assign costs (100mbps = STP cost 19, 1000mbps = STP cost 4)
2) topology show priority and MAC addresses (priority left at default so root bridge elected by lowest MAC address)
3) topology showing elected root ports **which I do not agree with for switches E & F**
4) topology showing subsequent blocked ports **which I do not agree with for switches D & F, even if I accepted the previous given root port election*** I understand for same cost paths to root bridge that lowest bridge ID wins. So here are my queries:
1) switch E has 2 equal cost paths to root bridge (A):
-via: E > D > A (4 + 19)
-via: E > C > A (4 + 19)
so I think pick the next hop switch with lower bridge ID. Switch C right? In this example it says pick port going to switch D. I am confused! Why pick port going toward switch D?
2) switch F has 2 equal cost paths to root bridge (A):
-via: F > C > A (4 + 19)
-via: F > D > A (4 + 19)
so I think pick the next hop switch with lower bridge ID. Switch C right? In this example it says pick port going to switch D. I am confused! Why pick port going toward switch? tell if the example in the diagram (topology 3) is wrong? If it is correct explain why?Now on to issue number 2...If I accept the root port election given in the topology, I go through the process of assigning designated ports and blocked ports.I understand for each link there is at least 1 designated port. If it is a redundant link, one side will be designated, one side blocked. The designated port will be on the side of the lowest bridge ID (priority + MAC address). So here are my queries:
1) there is a redundant link between switch C and switch F
-one side must be designated
-one side must be blocked
-pick the side with lowest bridge ID (priority + MAC address) for designated port
-switch C has same priority as switch F, so based off MAC address, switch C wins i.e. designated port on switch C side, blocked port switch F side.
-In this example it says port from switch C is blocked and port from switch F designated. I am confused! Why pick port going from switch F as designated?
2) there is a redundant link between switch D and switch C
-one side must be designated
-one side must be blocked
-pick the side with lowest bridge ID (priority + MAC address) for designated port
-switch C has same priority as switch D, so based off MAC address, switch C wins i.e. designated port on switch C side, blocked port switch D side.
-In this example it says port from switch C is blocked and port from switch D designated. I am confused! Why pick port going from switch D as designated?
View 1 Replies
View Related
Sep 16, 2012
I am trying to configure repeater mode on an AP, but the authentication is not working.It seems the authentication is seen as EAP-TLS on the ACS 5.2, but im trying to do LEAP.
Relevant config root AP:
!
dot11 ssid Auto3
authentication open eap eap_methods
authentication network-eap eap_methods1
guest-mode
infrastructure-ssid
[code].....
View 8 Replies
View Related
Feb 10, 2013
I have a very problematic situation here.I have configure on a Cisco 2960 the vty line in a wrong manner and now I am stock.To configure those vty to enable ssh I have typed :
line vty 0 4
login local
password xxxx
line vty 5 15
login local
password xxxx
exit
Problem, I work remotely (I was on telnet while doing this). I have no username configure as I thought that root user would work.Now when I issue an ssh to my switch, I always failed authentication.how I could recover access to my switch without being physically there ? I have write the config in memory, otherwise it would have been too easy.
View 5 Replies
View Related
Oct 20, 2011
I'm currently trying to set up a new infrasturcture with PEAP.
So, i've got redundant CA routers (c1921), an ACS server and 1262 AP's. Everything is working fine and as i want it to.Certificates are autoenrolled and so on, but if the CA root certificate expires, how to tell the AP to get the new root CA cert.
The root-certs are made by auto-rollover, and rolled on the CA router, but I got no change to get this root-cert on the AP.Is there a way to get them in an automated way, like rollover or enrollment?
View 3 Replies
View Related
Feb 27, 2013
I have installed Windows Server 2008R2 on a virtual machine and have setup AD and a domain name called nuggetlab.com and is the first DC. I've created another VM and again installed Windows Server2008r2 and want to add a second DC to the forest root domain. When i run dcpromo and at the option 'Choose deployment conifiguration' wizard i select Existig forest >Add a domain controller to an existing domain > Next, the next screen appears and i type in the domain as nuggetlab.com but when i enter the credentials under 'Alternatate credentials' and enter the admin username and password, i receive an error saying that it cannot be contacted. When i press the details button i can see the description[CODE]
View 5 Replies
View Related
Mar 22, 2012
how can I root my Toshiba thrive 31.5.003 without messing anything up cuz I'm tablet eleterate an its brand new
View 1 Replies
View Related