We are using Cisco Works LMS 4.0.1. Acquisition info reports last acquisition end time 19 July and Campus data collection running. Number of host entries is 68 but we have two thousands PCs. When we try to perform an acquisition action with scope all hosts and users, we receive this message;
Failed to start acquisition: Construction of XML data required for UT is in progress.Please try after some time.
I am having problems with a customer's ASA 5505 with Anyconnect 3.1 - it is generating captive portal false-alerts which are stopping users from connecting. This issue began when I upgraded from Anyconnect 2.4 to 3.1, and it appears like this: A user downloads and installs the Anyconnect client and is able to connect fine, to begin with. However, once they reboot their computer and try to reconnect, the VPN session will not come up and they receive the error message below."The service provider in your current location is restricting access to the internet. You need to log on with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser."
Reading other posts, it seems this message appears when a captive portal is restricting internet access. It must be a false alert in this case as there is nothing of the sort here. Apparently, Anyconnect 3.1 can generate a false alert like so if the name of the firewall's SSL certificate doesn't match the CName listed on the Client Profile. I've set this up to match, to no avail. Although users can connect by reauthenticating through the SSL VPN login web page, I am stumped as to how to get rid of this captive portal error that pops up when they try to use the Anyconnect client.
We running ACS 5.2.x and need to collect the below log file:
var/log/ade/ADE.log
I know this should be taken while loging to ADE/Linux root, but I'm remember how to loging as I havent created and service account (as IPS).
ACE is configured to point accounting to ACS servers but ACS servers are not seeing all the accounting logs. I can only see accounting logs from ACE for watchdog, start and stop.
View 5 Replies View Relatedvlan.dat file fetch.
I'm using Cisco Prime 4.2 and VLAN fetch for all devices is currently going over TFTP. Devices managed by LMS are 2960, 4500, 6500 series. All devices are using SSH v2. ACS server is configured on all devices and SSH credentials are OK.
This is the error message I get when i select SCP: "SCP user credentials not available. Configure the SCP user credentials and try again Action: Check if protocol is supported by device and required device package is installed."
Is it possible to use SCP as VLAN fetch protocol? How to configure this on a devices and how to enter SCP credentials in LMS?
I am using Cisco Works LMS 4.0 for collecting configurations of the devices. After changing the configuration of the device what is the minimum time that LMS detects the configuration was changed and save (make archive) the new configuration in the LMS database ? (Periodic Collection and Polling are disabled). Which mechanism drive this process, SNMP Trap?
View 4 Replies View RelatedCisco ACS 5.2 secondary server is configured as a log collector for both primary and secondary server .Now i am facing problem in log collection from primary server .ACS secondary server is not collecting any logs from primary .
View 2 Replies View RelatedHow to get into the ip hosts on vista?
View 1 Replies View RelatedSo we have a cisco asa 5505. Once a day now (random times) it will suddenly be unreachable along with the hosts connected. If I console in and ping a host from the asa, suddenly it becomes reachable from the outside world again. My job prohibits me from posting the configuration online.
View 10 Replies View RelatedI'm new to this site, fully Microsoft certified but only just getting in cisco and looking to pass my CCNA later this year. Actual commands and general use on Cisco's im quite good at but general networking knowledge on networking (subnetting and network layers) I kinda suck at so will be studying a lot on this side of things[CODE]
View 5 Replies View RelatedSeems like something simple, but can't find on Cisco.com. What are the max SNMP hosts allowed on an ASA 8.2 code? That would be Polls and Traps?
View 1 Replies View RelatedI know that 255.255.255.255 is the broadcast address to send message to all hosts that are in LAN. what i want here is, i want to send a mail to all hosts using this address.
View 9 Replies View RelatedI need a tool to find all the hosts connected on my network. I need something that will tell me the MAC and host type/name. I ran an IP Address tracker and got all the IPs in use, but that doesn't tell much beyond the IP address. Don't really need to do a full in-depth nmap port scan. My concern about using nmap is it can bog down a router...Although I can't say for sure if there are ways to scale the scan back in nmap so it won't cause any issues?
View 17 Replies View RelatedI have several Cisco switches connecting our network. Switch N connects to the gateway, Switches Y & Z connect to some hosts. Switch N connects to Y and Y connects to Z. Assume our gateway IP is a Class B address with a netmask of 255.255.254.0 and all the hosts attached on switches Y & Z have static IP addresses assigned to them. This gateway connects to the internet.In addition to this IP address, some of the hosts also have a second IP address assigned to the same NIC. This IP is Class A (10.0.###.###) and have a netmask of 255.255.0.0 A second gateway address is not defined.
The hosts that have 2 IP's bound to their nic, use the 10. address to communicate with each other. (Programs running on the hosts are specifically configured to use 10. address).I have several questions regarding this setup:
1) Assume Host has only 1 IP (Class B) - if the destination is on the same network, does the host system send the packet to the gateway first to find the destination on the network or does the host send a "where are u" packet to the broadcast address to find the destination?
2) Assume Host as 2 IPs (Class A & B) - if the destination is a 10. address, how does the host go about finding it?
Since there is no Gateway defined for the Class A address, does the host simply send out a packet to the broadcast address for the Class A network? or does it go to the gateway defined in the Class B network as it was defined first (i'm assuming primary connection)
3) Assume Switch N's connection to Switch Y is disabled - how will this affect communication between hosts on Switches Y & Z that have a 10. IP trying to share data with each other, using the 10. Address. If the answer is this should not affect it, what additional circumstances are required that may cause the systems with a 10. address to be unable to communicate when the connection from Switch Y to N is terminated?]
I am working on a Perl script to be ran on our different subnets to see what hosts are down (and make the assumption that if the host is down the IP address is free to be used). This is not being ran on a Linux system, so I can't use grep to filter out everything except down hosts. I know there are modules for Nmap that would make this task easier, but my plan is to install Nmap to our network monitoring server, compile the script for Windows, and have it create the report for what addresses are down. I don't want each person running the script to have to have all the modules installed, etc. Or can you compile the script with the modules in it?
View 6 Replies View RelatedWe have a modified hosts file on each of the computers here at work. This way we can have multi servers, in multi locations that can all be used by everyone for email & our finance program.However, there is one user who the hosts file keeps disappearing. Over the last 2 days it has disappeared 3 times (at least).The user has ran the symantec corp antivirus (at least a couple of times). All risks found have been quarentined and deleted, ran again and nothing found. Also ran Malwarebytes, which was clean. And ran ComboFix.At this point the hosts file has been fixed after running ComboFix.
View 14 Replies View RelatedI am trying to block access to facebook and twitter on my router, to a certain range of ips, 192.168.1.8 - 254. I have been digging around and trying stuff but all I do seems to restrict everyone access to the internet.
View 5 Replies View RelatedWhy it makes problems to use a default route on a BGP-router (cisco 6500 with sup720 3bxl).Only a very few amount of hosts have that kind of problem and the 50% paket loss is only between this hosts. So another host has no loss to any of the affected hosts. looks for me like there is a problem in the CEF-table.The router has a BGP-fulltable. The gateway of last resort is only set for cases like a flapping BGP-route, so that the traffic is sent to a default next hop, because sometimes he knows a better route which isnt flapping.
View 1 Replies View Relatedyou can subnet to meet the number of networks required, or you can subnet to meet the number of hosts required. In which circumstances would you use either one? or are they both the same? am kinda confused.Is subnetting according to the number of hosts VLSM? and subnetting according to the number of networks required is not VLSM subnetting? Also I'm on CCNA 1 chapter 6, if the other CCNA 2, 3 and 4 has chapters explaining subnetting better cos It's totally confusing me atm.Also, is my understanding correct, when a company wants a LAN made, a network designer see's how many hosts they require in each of their LANS and then chooses an appropriate address class and subnets it? and to connect the LAN to the internet he implements NAT on the router that connects to the internet, and that router translates the internal addressing scheme that was created into a public registered IP address from an ISP? Also does he just make the address up? for example if he decides to use class C, he just picks any random number in the class C range and subnets it?
View 6 Replies View RelatedI am struggling to get successfull pings beween asa and inside hosts but couldn't succeed. Done packet tracer result is acl-drop
Here is the running config
Prem-ASA(config)# sh run
: Saved
:
[Code].....
configuring ASA 5505 to be able to ping remote host.Setup - We have a site-to-site (192.168.1.0/24 - 192.168.2.0/24) VPN setup with client VPN access (IP Pool, 172.16.50.0/24) on 192.168.1.0 ASA 5505.Issue - Not able to ping host on 192.168.2.0 from VPN client 172.16.50.0 but able to ping 192.168.1.0 host.
View 8 Replies View RelatedI have a site to site vpn connection between ASA 5510 and PIX 515 which is working fine. There is no problem for hosts on any side of the tunnel to access a cross. However the local ip (192.168.20.1) on the client interface of my PIX is not allowed to access hosts on the other side of the tunnel. [code]
View 2 Replies View RelatedI'm testing upgrading an ASA from 8.2.5 to 8.4.4. During the the upgrade, it change all of my ACL host entries to objects. But I noticed that the keyword "host" is still a valid option when creating an ACL.
I'm trying to understand why this change is made during the migration.
Looks like I still have an issue with LMS to recognize the IP Phones in UT as IP Phones. SNMP RO on Call Manager is enabled and is green in CM (e.g. topology) - so SNMP get is basically fine. The Phones are recognised as End Devices in UT.
As far as I understand, now if I start a Phone Aquisition, the CUCM is polled by LMS to gather additional information about the phones. So it seems there is a problem with the SNMP polling of the Call manager?
DNS resolution works and I can surf the web without fail. But if I try to ping any external hosts (I can ping inside interface of ASA fine) from the LAN I get timeouts. I can ping anything from the ASA without fail.
ASA Version 8.4(1)
!
hostname fw1-nat-ann
domain-name inmd.infoblox.com
enable password anWLNen9CTFp7B/X encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
I'm having an issue where internal hosts cannot access the internet but I am able to ping external hosts when I console into the router. The router is a 2800 series. [code]
View 3 Replies View RelatedI am able to reach VPN clients (Anyconnect) only from hosts directly connected to the ASA's inside interface subnet. However, hosts on other internal subnets (177.1.10.0 & 177.1.11.0) are unable to connect to clients on VPN. The ASA is running ver 8.4. [code]
View 8 Replies View RelatedASA is running 8.4.
Internal interface: 172.16.1.1
External interface: 172.16.2.1
Routing to 192.168.0.0 via internal host.I've got some static NATs, e.g:
object network obj-192.168.0.1
nat (inside,outside) static obj-172.16.2.1
object network obj-192.168.0.3
nat (inside,outside) static obj-172.16.2.2
I also want in internal NAT, but only for certain external hosts, so when they connect to any of the above, their source address is changed. I've attempted the following so an external host (172.16.2.254), has it's source changed to 172.16.1.100.
nat (outside,inside) source static obj-172.16.2.254 obj-172.16.1.100
But it's source remains unchanged.What am I missing?
I have two hosts behind an ASA on a private network. Both hosts are NAT'ed (each has a unique public IP). I need Host A to be able to talk to Host B through their respective external IP's.
View 5 Replies View RelatedI am able to connect to my Cisco ISR 891 via VPN with the Cisco VPN Client 5.0.07.0440, but once connected I cannot access hosts on the inside. If I ping a host on the inside by name, nothing resolves. If I ping by IP, I get a reply from the public IP of the router. [code]
View 2 Replies View RelatedI've been attempting to fix this issue or confirm the issue is not with the firewall and I have kind of run into a road block. This is my problem as I understand it. A client of mine has a VPN tunnel built over a point to point connection of some kind (this client is fairly new to me) and is unable to access some hosts on the remote end of the VPN tunnel from the LAN side of the firewall. The LAN IPs are NAT'd as they leave the network from the HPH-Point-to-Point interface to the remote end. Just as a point of reference, the LAN IP of 129.200.11.19 is said to be working, however the range of 129.200.20.25 - .50 is not. I've tried packet-tracer but with the NAT happening over a VPN tunnel I am not sure if I am doing it correctly.
View 1 Replies View RelatedDo you have any suggest for network scanning software?Something who can find IP address and hosts in the network?
View 11 Replies View Relatedfor network 192.168.7.128/26 what is the first usable host IP address in decimal? What is the last usable host IP address in decimal?
View 1 Replies View Related
