Cisco Application :: To Enable SSL3 On Content Switch
May 23, 2011
I had meeting with security auditor for a customer, he told me that i need to enable SSL3 on content switch as his scanning found that all network is working on SSL2.I could not understand his view and then when i found the content switch documentation, it is mentioned that SSL3 is default enable on content switch."By default, the SSL version is SSL version 3 and TLS version 1. The SSL module sends a ClientHello that has an SSL version 3 header with the ClientHello message set to TLS version 1." Do i have to do some kind of configuration to enable SSL3 or its enable by default ?
View 3 Replies
ADVERTISEMENT
Mar 27, 2013
I have 2 pair of 11501 switches and 1 pair of 11503 switches on 3 sites(LA, China, Taiwan).Each site has a pair of 1105x switch running as redundancy between them and is a standalone which will not interact with others.Recently a series of interfaces(ports) down happened to every active 1150x switches without any reason and log.Especially today, it happened to active switches at 5:39 AM meanwhile on 3 sites.
View 3 Replies
View Related
Oct 4, 2011
I currently have a content group as follows;
content My_Group
add service blade1
add service blade2
add service blade3
vip address 1.2.3.4
advanced-balance arrowpoint-cookie
[code]...
So I have 3 blades which are proxy servers and user go first to an MS ISA server then the VIP of the CSS and then the rules processes them give them a blade and chuck them out onto the Internet.
I want to leave the above rule, but remove one blade create an additional content group with that blade and have it process requests for a particular site so, I would create the following
content My_Group2
add service blade3
vip address 1.2.3.4
advanced-balance arrowpoint-cookie
[code]...
So my question is can I do that having the same VIP's etc so if a request comes in and it matches www.thewebsite.com that the second content rule matches it 'better' and therefore processes it or would it still be caught by the "/*" content group. I don't want to create more VIPS as I have a real ache getting firewall rules done.
View 9 Replies
View Related
Oct 2, 2011
Is it possible on the CSS11503 to create a layer 5 content rule that matches a url "/*/_edit".
View 3 Replies
View Related
Feb 13, 2012
i need to enable snmp on Cisco CSS 11501.
View 1 Replies
View Related
Mar 9, 2011
I'm configuring ACE to enable the XML-HTTPS interface so I can import it into ANM, when I try to do a "match protocol xml-https any", I get a invalid command detected. When I tab at the match protocol command, I don't see xml-https listed (http, https, icmp, etc. is listed).
View 2 Replies
View Related
Mar 31, 2013
I was trying to upgrade IOS on my 3500XL series switch (24 port) Before doing this I connected my switch and deleted all the configs and flash. When I reconnect my switch this is the error message I am getting.
View 7 Replies
View Related
May 20, 2009
I am trying to enable IP SLA on a Cisco 4948 switch (running 'cat4500-ipbasek9-mz.122-46.SG.bin') to test CiscoWorks IPM using this swtich as a source device. But I can't run the command "ip sla monitor" on this switch. It just has "ip sla responder". Is it possible to configura IP SLA on this source switch? Or can I do it only on routers?
View 6 Replies
View Related
Nov 12, 2012
i would like to know how to set the following on cisco ws-c2960-24 ttl:
1. SSH CLI
2.PORT SECURITY REMOVAL: Limits MAC@per port with no shutdown
3.Set port to protect
4.Set RSTP
5. Finally how do i set up TFTP Server from windows server 2008
View 5 Replies
View Related
Nov 23, 2011
i have a switch 2960 24TC-L with c2960-lanbasek9-mz.150-1.SE.bin and SSH v1 enabled.When i try to enable SSH v2 the swith tell me that i have to create a crypto key rsa. I generated the crypto key rsa with 1024 bits and when i try to enable the SSH v2 i receive the same message.
View 10 Replies
View Related
May 16, 2013
I am looking to enable QOS on a 4500 Switch with the following specifications:
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3) /with Sup 7-E 10GE (SFP+), 1000BaseX (SFP) WS-X45-SUP7-E CAT1639L46S
I have configured QOS on the 3750 switches but this seems to be a bit different.
Another quick question when you enable QOS globally on a device does it automatically create the ingress and egress queues and the SRR information?
View 1 Replies
View Related
Nov 14, 2011
We have Cisco 6509 switch, in which DHCP is enabled and now we have WDS(Windows Deployment server) that needs option 60 to be enabled on DHCP scope for deplyoing OS remotley to PC's. Where to get sample configuration to enable the option 60.
View 1 Replies
View Related
Jan 30, 2013
We have 4507 distribution switch in our network.I am trying to enable ssh in those switches but seems that ssh command is not supporting. IOS version - cat4500e-universal.SPA.03.03.00.SG.151-1.SG.bin
View 1 Replies
View Related
Jan 6, 2013
I have been trying to get the http server enabled so I can access Cisco Network Assistant. I have my interfaces configured but for some reason the server in not running, port 80 is still closed. [code]
View 2 Replies
View Related
Dec 19, 2011
My son was using the computer early today and I got back on and could not get on the internet.Says "Wireless is turned off. Use the wireless ON/OFF switch to enable it" i have tried the Fn+F2 and just F2. I also tried looking for Quickset and I cannot find that either. Saw similar problems looking through other forums but I don't understand much about computers and can't quite figure out what the solutions are. I have a Latitude D620.
View 3 Replies
View Related
Feb 19, 2013
In my ongoing project i need to monitor cisco 3750-X port status (uplink/downlink) i.e. whenever there is some problem at a specific port. I need to monitor it through an OPC server and right now what i am doing is as follows: i am using Kepserver and i have added SNMP driver in it for that purpose i am not a networking expert but what i have learnt till now is that SNMP agent (that resides in switch) delivers the status of MIBs to SNMP manager ( which in my case is kepserver (opc server)) for the above purpose i am adding IF-MIB to monitor OID 1.3.6.1.2.1.2.2.1.8 (which shows port statuses) but when i add that in OPC server then it indicated that this OID is not available in the Switch ( it might be disabled) so i need to ask if there is any way to enable OID's in a switch,
View 0 Replies
View Related
Mar 19, 2012
can you enable dhcp service on a 3560 switch.
View 3 Replies
View Related
Sep 3, 2012
How to Enable IP Accounting in Cre switch 4000 Running cat OS and Cisc ASA 5510 (8.2 )
View 1 Replies
View Related
Jul 14, 2012
I`m looking to automate some functions in a web application.Functions like enable/disable interfaces on a Cisco 3550 switch.
View 5 Replies
View Related
Apr 12, 2005
Is it possible to enable login by http (web interface) to catalyst 4006 switch with WS-C4006 Software, Version NmpSW: 6.3(5) ?
View 21 Replies
View Related
Jun 13, 2013
I have 6500 with this STP configuration:
spanning-tree mode rapid-pvst
no spanning-tree vlan 1-4094
I need to enable STP on vlan 100 and vlan 103.
When I do "spanning-tree vlan 100,103 root primary" and then "show spanning-tree".I see that STP is not enable on these vlans (100,103).
I tried to do "no spanning-tree vlan 1-99,101,102,104-4094" and it is not work.
There is a way to enable STP on vlans 100,103 without to do "spanning-tree vlan 1-4094"
View 1 Replies
View Related
Dec 18, 2011
i want use CACTI for monitor my bandwidth so i have a question how can i enable snmp for a switch port ? or i shoudl just enable snmp from configuratiopn terminal and then in CACTI i will choose which port will be monitor? can i do something that CACTI connect to my switch with a encryption key ? i have cisco 2960 48 port switch
View 2 Replies
View Related
Nov 6, 2012
I have a 3750x 48port POE switch that I installed a second power supply in. But it doesnt power on. Am I supposed to enable it in the switch somewhere? I've plugged it into a couple different outlets so I know that's not the problem.
View 4 Replies
View Related
May 2, 2013
I have lost the "ENABLE" password on my 3750 switch.
View 5 Replies
View Related
Jul 30, 2011
The user "shreedhar" is getting authenticated locally and not through TACACS+ (Cisco ACS 1121 appliance running ACS 5.1).
In the switch, after entering credentials, the switch says, "Authentication failed - login using local mode". (Not the exact message but close enough!).
In ACS 5.1 -> Monitoring and Reports->Dashboard->My Favorite Reports->Authentications-TACACS+, I am getting the following error, "13011 Invalid TACACS+ request packet - possibly mismatched Shared Secrets".
Configuration in switch is as follows:
feature tacacs+
username admin password 5 $1$joEvYokP$5wZ1mtpBlxuoKMEWbFzRY1 role network-adminusername shreedhar password 5 $1$x8u5N4IR$NbVcY1u6CuoXYkMgXs60l/ role network-admin
tacacs-server key 7 "Ti!23456"ip tacacs source-interface loopback0acacs-server test username demo password demo123 idle-time 3 tacacs-server timeout 10tacacs-server deadtime 5tacacs-server host 192.168.31.11 key 7
[code]....
Is #the encrypted TACACS+ shared secret key from switch not being decrypted by ACS 5.1 as it requires a clear-text password? Could it be the reason for the above error?
View 1 Replies
View Related
Sep 17, 2012
I have a Cisco 6509 with IOS "s222-ipservicesk9_wan-mz.122-18.SXF16.bin"I need to enable dot1x on user's ports on the switch. each user is connected to the switch through the IP phone.
I just found out that I can not enabled dot1x on trunk port. I have tried to use "switchport voice vlan " but I got:
Switch(config-if)#switchport voice vlan 123
Command rejected: Gi7/20 is Dot1x enabled port.
let me know what should I do to get dot1x working?
Note: I have connected a laptop directly to the port and dot1x is working fine.
View 5 Replies
View Related
May 23, 2011
When we do self diagnostic test for WAE connected to the 6500 switch i get warning as below. Due to this alert there is no major acceleration benfits by the WAAS
Test WARN [tfo] WARN ASYMMETRIC Asymmetric routing is seen in the device Action: Check router's network configuration and WCCP redirection on the router.usevwa1#
6509 switches has only L2 capability and does not do WCCP redirection. The WCCP re-direction is done by 2821 routers.Is there any command which needs to be given in 6500 switch to solve the issue
View 1 Replies
View Related
Jun 13, 2011
We have a legacy client/server application, an OCR system. The server runs on Windows 2003 R2. We have client machines running happily on Windows XP.We have for a while had problems with getting the clients to run on Windows 7. Some machines wouldn't work, others worked intermittently, one worked consistently. By a process of elimination I discovered that the one working consitently was on a desk where we had put a small 8 port 3Com gigabit switch on the desk to give us more network ports. If I move this switch to any other desk to one of the non-working clients and connect them using the same uplink but going through the desktop switch they start working.The XP clients work fine using any of the network switches. None of the 100+ devices on our network (desktops, laptops, VoIP phones, printers etc) are showing any other signs of network issues, only this OCR application. The application was last updated in 2004, so was not designed for Vista or 7, essentially the vendor is no longer updating it, but say that as far as they are aware it works with Windows 7.why adding a 3Com 3c1670800B switch between the client and the rest of the network should make the application work with Windows 7. Whilst I have a workaround for the problem I'm uneasy that I don't understand the root cause, and if I was to press ahead and move the client machines to Win7, the whole system depends on a single piece of kit that's now discontinued and I only have one of. It all seems pretty counter-intuitive to me that an application should be sensitive to low level network hardware.
View 7 Replies
View Related
Jan 12, 2013
i have configure new ACE 30 module on top of 6500 core switch , the issues am facing whenver i want to access to https://ACE_IP and after i enter the user name and the password , it's forwared me to the follwoing page: is there anything should i configure to avoid this page ?
View 1 Replies
View Related
Jun 2, 2011
In change network topology, we are going to assign PC's Gateway as Switch (3750X) IP Address rather than server IP Address. Currently we have configured all Sytems's Gateway is Internet Server IP Address which we are going to replace with Switch IP as Gateway.Issue is while connecting specific application like team viewer in which application tried to send keepalive message to the live server and in case of switch/router IP as gateway. Connection doesn't established. However it is working fine when Internet Server IP treated as gateway.
View 1 Replies
View Related
Nov 12, 2012
In change network topology, we are going to assign PC's Gateway as Switch (3750X) IP Address rather than server IP Address. Currently we have configured all Sytems's Gateway is Internet Server IP Address which we are going to replace with Switch IP as Gateway. [code]
Issue is while connecting specific application like team viewer in which application tried to send keep alive message to the live server and in case of switch/router IP as gateway. Connection doesn't established. However it is working fine when Internet Server IP treated as gateway.
View 33 Replies
View Related
Sep 19, 2012
I am trying to do content-filtering over ssl VPN (clientless) on ASA 5505. [code]
View 2 Replies
View Related
Feb 1, 2012
how to remove content advisor
View 1 Replies
View Related
