I'm running LMS 4.0 as an evaluation and I'm only discovering 86 devices, using the auto discovery. I've added a seed and although it sees lots of neighbours on that seed it only goes on to discover devices off a particular range. All the devices are set up the same way (standard config) so it should see them as well.
I know it has a limit on the number of managed devices of 100, and I could understand if it hit 100 and then stopped. We have around 500 devices in total (not including phones, DMPs, etc).
I've just added the seed and selected cdp as discovery method and set the snmp target as *.*.*.*. Is there anything else I should be doing?
I've setup a Cisco Secure ACS server 5.1 in VMware ESXi everything seems to be working fine, however under the options for Policy Elements > Authorization and Permissions > Device Administration > Command Sets there is a command called "DenyAllCommands" that was there when i first installed the ACS. Is there any way to remove this? When I try to remove it i get an error that thats it can't be removed or modified. I'm writing a report on the Cisco ACS for university, if this is a limitation of the evaluation licence I will need to reference it. If this is a limitation and provide a link to a cisco page that confirms this.
Cisco release the Cisco Prime LMS 4.1 on Aug. 2011. I download the lms4.1 from cisco and install it, but the lms4.1's evaluation license expire date is Oct. 28 2009. So my license already expired after I install the LMS4.1.
we have installed an evaluation version of Cisco Works LMS 4.0.1. Now we have purchased a license, but the evaluation period is over and I can't start the application anymore. Is there any possibility to install the license file after the evaluation period?
I have downloaded the 90 day ISE evaluation to a vmware platform I have it successfully authenticating local user(s) onto a Cisco 2940 device (12.1) IOS I am trying to follow a TrustSEC design guide [URL] but my LAB 2940 does not support many of the commands shown in this document What I want to try to do is be able to familiarise and demonstrate in the lab the use of ISE to control access to the network using 802.1X and or VPN access from remote vpn clients?
I want to turn on EIGRP functionality on my layer 3 3750 stack. I noticed I was only running an IPBASE license. When I do show license all I notice I have an evaluation of IP SERVICES image (see output below). Can I use this evaluation license? Would it be same as the full license or would it have limited functionality? Also, how do I make it the active license?
Q9-Switch#sh license all License Store: Primary License Storage Store Index: 0 Feature: ipbase Version: 1.0 License Type: Permanent License State: Active, In Use License Priority: Medium License Count: Non-Counted
License Store: Evaluation License Storage Store Index: 0 Feature: ipservices Version: 1.0 License Type: Evaluation License State: Active, Not in Use, EULA not accepted Evaluation total period: 8 weeks 4 days Evaluation period left: 8 weeks 4 days License Priority: None License Count: Non-Counted
I have 50 SSL Premium licenses on my ASA 5520 running 8.4. I want to run Anyconnect on IPAD- and IPHONE-devices but it seems that this requires a Mobile-license on top of the premium-license. Is it possible to receive an evaluation-license for this? It will take a few days to receive permanent licenses and I want to user this now.
I have a D610 Laptop with integrated Bluetooth and Wifi. The evaluation period has expired. Please obtain a license for this version of Bluetooth Stack for Windows by Toshiba."
I had called Gold Support last week and was asked to download/install the driver from the support downloads site and then download/install the patch as well. The bluetooth manager does not come up when this popup shows.
Due to a bug int the IOS (F4 loosing routing information) i needed to upgrade the IOS from 15.0.1-M4 to the latest one which is 15.1.Is it ok to do without valid Smartnet contract? Cisco website allowed me to download the IOS and then put it on the router.Due you need some sort of a license to upgrade the IOS?
I have a customer that purchased an LMS 3.0 package and later upgraded it to LMS 3.2 using same license for 300 devices.Now the customer wants to upgrade to LMS 4.1 and is asking if they can get a similar free upgrade as before, especially since their current LMS is covered under an SP Base contract.
Do you know if the SP Base contract will qualify them for this? I have tried discussing it with a TAC licensing Engineer and the Local Accounts team both have not given me a solid answer.
I will attempt to explain the history of our wireless controller configurations as best I can. We are currently using a 4400 controller running 7.x software which authenticates to and ACS 4.1 appliance. All of this was set up prior to my arrival on the job and the previous engineers had already left with no documentation in place so I'm trying to piece it together. The ACS is setup to map to AD for specific groups.
In the controller we have an SSID called triton which is our corporate SSID that all internal users connect to. Three different interfaces have been defined, a general one for most users and two others( lets call them INT1 and INT2) that place users on separate ip networks. The reason for this is those ip networks can reach certain services that are not allowed for general users. ACS maps those users upon authentication to the Vlans associated with those separate ip networks.
Problem 1. When I first took this job, users could not map drives or any services because only user authentication was taking place..After some troubleshooting and realization that ACS was authenticating, placing the "Domain Computers" group as an ACS group mapping fixed that issue, allowing the computers to authenticate prior and therefore execute the login script
Problem 2. Recently it has come to my attention that some of the users on one of the other interfaces (INT1 and INT2) that should be placed in the vlans associated with their AD group mapping are not. Upon further investigation it was discovered that the reason they are not is that the authentication is not correct. When the computer first authenticates before the user logs on its shows in ACS as host/xxxxx.yyyy.org where the user authentication shows as xxxxx/username . So some of the computers never change from authenticating as a host to a user and the ip address ends up in the wrong vlan.
My main goal i want to filter certain sites including facebook not to be accessible within the network and block all torrets including maliciuos site. I was advised to get Cisco ASA 5505 which i already got a quote. But now i want to know if is the ASA 5505 good enough for this purpose, is there anything additional required to succesfully overcome my main goal?
setting up IPsec for a DMVPN between a 2811 and 2951s in a test lab. I have enabled IPsec on the hub (2811) but I am unable to do so on either of the 2951s. After researching, it seems that I may have the incorrect IOS for this, but I am at a loss which IOS I should be using. Currently the 2951s are on "c2951-universalk9-mz.SPA.151-2.T2.bin" and the only crypto options.
I am very confused on how I setup a Pix 515 that I just got to route traffic out a cable modem. First, let me give you a little details on my current network setup and what I am trying to accomplish with this Pix 515. Currently all my users go out the proxy for any internet access, however I have certain users that need to go out the cable modem instead of the proxy server. Below is an example of the current IP setup of a user A:The cable modem that we currently have has DHCP so I would need the external PIX address to accept a DHCP address. I also don't really understand what else I need to setup so if I have say four users hitting the cable modem through the pix how do I direct their web traffic to the correct computer (NAT ?),I will be plugging the PIX into a cisco switch that all ports are in VLAN 48 so hopefully a static internal address on the pix of 10.24.48.254 will keep me from having to do any routes since all traffic will be originating from the 10.24.48.0 network.
I have modified my radius accounting reports using "interactive viewer" and saved successfully but the exported report doesn't reflect these changes. I'm just wondering what's the point of being able to modify the reports if you can't export your changes or there is something I'm missing?
I have two ASA 5510 with Security Plus license and Shared SSL VPN licensing enabled.
The problem is that the client get “Session could not be established: session limit of 25 reached” but ther is only 6 ssl vpn user connected with AnyConnect.The software on the firewall’s is 8.2(1)Is there any BUG in this software related to this problem?
I want to directly connect two Win XP machines together to transfer large files.Both have "Gigabit Ethernet".Its been years since I last did this, and used to need a special cable called a crossover cable to accomplish this, but reading up to refresh my memory I believe I no longer need the special cable, but can use the cable that now connects my cable modem to my computer, as the Gigabit specification eliminates the need for a crossover cable.
I have a DIR-825 coming. Do I really need that long to setup something? When I got my Netgear all I did was plug the sucker in. Two ethernet cables in the back. Done. Later on I added a wireless device in the living room so I setup a name and key. Done.I still have the same devices, except going to add my Girlfriends Daughter and QOS her bandwidth.
We are looking at buying an ASR1001 but I'm confused by the Licenses and I've struggled to find the information in the cisco data sheets. The router will need to run IPSEC on gre tunnels and I figure that I need the IPSEC license (FLSASR1-IPSEC) do I also require the Advanced IP Services license? or is all that is required the IPSEC license? Is there some sort of list that shows the feature set of each license, they cost the same amount so I'm not sure which license fits what we require best or if we need both.
We have a problem with AIR-LAP1142N access points.
AIR-LAP1142N-E-K9 Version 12.4(21a)JA
LAP's are not assotiated with controller yet. They get the ip address via dhcp, they are reachable by icmp.When I try to telnet, I get Password required, but none set? Is there any chance to get access to them without using serial port?
I am trying to set up my Cisco 520 router with a firewall that will: Allow port 80 traffic to the vlan 20,Block all other incomming ports to vlan 20 (unless initalised from inside),Allow all outgoing ports on vlan 20,Block all access from vlan 20 to vlan 10 (unless initalised from vlan 10)
Is there a guide to setup a VPN connection using this router? I've follow the setup guide provided by cisco but I'm having issues. When attempting to connect using the quick vpn client, I get error messages.
Im loosing my patience with my home setup im running. My ISP has given me a /29 static range which I have correctly applied. I have statically mapped a external IP to a device on the LAN without any issues. When checkign external ip on the device it appears as it shoud and everythgin else appears as the external address of the PIX. When I try to access anything past the router externally I cannot. I can ping the dialer and vlan1 interface on the 857w but cannot see anything past that. All I want the router to do is route, and control everything from the pix. Have i left out a command somewhere?
I have Cisco 7609 router and we have observed that router is rebooted due to the following error ;SLOT 3: Apr 13 16:06:26.621: %CARDMGR-2-ESF_DEV_ERROR: An error has occurred on Egress ESF Engine: Control Store Parity Error SLOT 3: Apr 13,Slot -3 we have SIP-400 card. We would like to know if there is any MIB which can monitir such reboots.