Cisco Security :: Migrating From 3030 To ASA Platform?
Jun 13, 2007Is there any way to auto migrate my 3030 VPN configuration to an ASA platform?
View 3 Replies
ADVERTISEMENT
Cisco Security :: Migrating Existing SSL Certificate From Win 3.2 To 4.2 ACS
Apr 15, 2011We have the acs server which has the ssl certficate(certifcate authority) running in acs 3.2 windows version for eap-tls enduser authentication.
We want the same to be migrated to acs 4.2(appliance) application. I have tried in different ways to push the certificate but i couldn't.
I have tried Thru System Configuration --> ACS Certificate Setup --> Install ACS certificate --> Download certficate file In that i have mentioned the FTP server IP address, credentials, path and file name
But if i submit the request its giving the directory not found or credentials wrong.
In FTP logs its showing like this
Apr 15, 2011 19:41:55 Session 4, Peer 10.190.249.40 PASS welcome2acsApr 15, 2011 19:41:55 Session 4, Peer 10.190.249.40 230 User logged inApr 15, 2011 19:41:55 Session 4, Peer 10.190.249.40 FTP: Login successfulApr 15, 2011 19:41:55 Session 4, Peer
[Code].....
Cisco Security :: Migrating From ACS 1113 Appliance To ACS 1121
Mar 18, 2013We are currently running a ACS 1113 with version 4.2 software. We are going to replace the 1113 ACS with two 1121 ACS.
View 1 Replies View RelatedCisco Security :: Migrating Existing Database From ACS Win 3.3 To ACS Appliance 4.2.15?
Apr 17, 2011how to migrate the db from acs windows 3.3 to acs appliance 4.2.15.We are replacing win 3.3 to appliance 4.2.15 as a part of end of life. So we have the eap-tls/peap authentication.It has the huge records. So suggest me the steps to migrate the db from win 3.3 to appl 4.2.15.Do we need to upgrade to win 3.3 to win 4.0 to win 4.2 & then to migrate to appl 4.2 ?
View 4 Replies View RelatedCisco VPN :: 3030 - How To Filter Web Traffic
May 29, 2013Most of our VPN connections are done with our Cisco 3030 and the internet goes out the ASA. We are able to filter all web traffic by doing a a span port for web traffic.
When we move VPN connections to the ASA we will loose the ability to span web traffic becuase its coming in and going out the same interface on the ASA. We will loose the ability to filter web traffic when this happens.
How we can filter web traffic on VPN connections on the ASA. We are using websense. I know there is some integration that can be done with the ASA and websense but it doesn't have all the capabilities as doing a span port for websense to monitor.
Cisco VPN :: 3030 - Connectivity Between L2Ls
May 10, 2012I am writing to be given some support related to a issue that I am having. The fact is that I am trying to give connectivity between two companies that are connected to mine through the same Cisco VPN 3030 device (I know that it would be better that they access directly between them and not through my Concentrator, but due to some security reasons it is not possible).
The problem that I found is how to route the destination network through one specific L2L, because the static routes can only be configured to IP addresses or Interfaces (in my case just Internal-LAN and External-Internet).
Cisco VPN :: 3030 - AnyConnect Connection Profile - Clear Username
Apr 30, 2013how we can clear the username in the Anyconnect Connection Profile on a users laptop? Currently it defaults to the last username used but our security group would like that cleared so that the field comes up blank every time. This feature was available in the old Cisco 3030's but I can't find it in the ASA.
View 3 Replies View RelatedCisco Switching/Routing :: Stack Trace Errors / Catalyst 3030
Nov 21, 2012I know the Catalyst 3030 is EOL/EOS and I am probably SOL.
Cisco IOS Software, CBS30X0 Software (CBS30X0-LANBASE-M), Version 12.2(25)SEE2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Fri 28-Jul-06 11:05 by yenanh
Image text-base: 0x00003000, data-base: 0x00AB4EB8
[code]....
I would like to put the below into the "stack trace" tool, but all links appear to be dead.
%PLATFORM-1-CRASHED: Program Exception (0x0700)!
%PLATFORM-1-CRASHED: SRR0 = 0xFEA10EC0 SRR1 = 0x00029210 SRR2 = 0x0043CD70 SRR3 = 0x00021200
%PLATFORM-1-CRASHED: ESR = 0x08000000 DEAR = 0x00000000 TSR = 0x8C000000 DBSR = 0x00000000
%PLATFORM-1-CRASHED:
[code]....
Cisco Switching/Routing :: Standby Blade Switch 3030 Upstream Port-channel Flapping Up-down
Apr 30, 2012show logging
May 1 16:00:30: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/12, changed state to down
May 1 16:00:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/12, changed state to up
May 1 16:17:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/12, changed state to down
May 1 16:17:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/12, changed state to up
May 1 16:25:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/11, changed state to down
May 1 16:25:37: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/11, changed state to up
May 1 17:19:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/11, changed state to down
Configuration as below:
macro name vmware
switchport trunk encapsulation dot1q
switchport mode trunk
no switchport access vlan
[code].....
Note:Both active blade switch and standby one are connecting to same aggregate switch 3750. Yet the active one, with same config as standby one, has not occurred this issue.
Cisco VPN :: Establish Site To Site IPSec Tunnel Between ASA 5520 And 3030?
Feb 17, 2013We have configured a site to site tunnel from our ASA to another organizations Cisco 3030. It appears to have just one way initiation. We can do a ping to a device on the remote site and it will ping just fine. however, when the tunnel needs to be initiated from the remote site, it will not work until we have initiated the tunnel and then everything works.
I continue to see Error processing payload: Payload ID: 1 errors on the ASDM logs.It appears that all the configuration is in place because we can in fact establish the IPSec tunnel unidirectional. And once established, traffic can flow bidirectional.
Cisco WAN :: Migrating From A PIX 501 To ASA5505
Jan 22, 2011 We are pulled the plug on our PIX 501 as its not letting us use all 100Mbit that our cable provider is now piping to us. I read the conversion guide but it made no mention of the 501's. Only the 515's or newer.The ASA5505 is putting up a little bit of a fight (This what I get for failing my CCNA??)After refusing to configure the LAN ip address to something other than what it was shipped with, I broke down and connected to the management console and forced an IP address on the LAN side. Now I reset my default config and everyone can get on the internet.Until the ISP cuts you off because you forgot to set your static IP. Oh, and by the way, they dont support Cisco gear.
When I attempt to assign the IP to the outside interface, it accepts without a hitch, but everything grinds to a halt. I cannot have this, as I have off-site users that operate with dedicated ports using Remote Desktop. I've attempted to set the IP via both ASDM and management console. I've tried setting a static route, but that doesnt give me any love either. Im running ASA Version 8.2(1) and ASDM Version 6.2(1)Once I get the static IP set and working properly, I can tackle moving the port configs.
Cisco AAA/Identity/Nac :: Migrating From ACS 4.2.0 To 4.2.1?
May 29, 2012we are running acs 4.2.0.124.16 on cisco appliance 1113.We need to uprade it to 4.2.1.15 which is the latest release.and need to know the dependencies whether any license required?
View 6 Replies View RelatedCisco :: Migrating DFM Data From LMS 3.1 To 4.2.3
Feb 18, 2013I need to migrate DFM alarm settings data from LMS 3.1 to LMS 4.2.3 and I want to use this method, [URL] , to extract the data from 3.1 and then inport it into 4.2.3.
I successfully performed it for IP settings, it was easy since the data format was the same.
But the format differs quite alot for Interface and Port data, here is an example:
export from LMS 3.1
IF-hostname/17 [Gi0/0.524] [10.55.254.3]; INTERFACE:;IF-hostname/17; MANAGED_STATE:;EXPLICITLY_UNMANAGED
export from LMS 4.2.3
INTERFACE:IF-hostname/17 MANAGED_STATE:MANAGED GigabitEthernet0/0.524
It looks like I have convert interface names, sort and delete stuff to make it look the same.
Cisco :: Migrating From NCS 1.1.2 To Prime 1.2?
May 8, 2013[URL] it mentions that migrating from NCS 1.1.2 to CPI 1.2 isn't possible.
How can I get around this?
Cisco VPN :: Migrating From PIX 515e To ASA 5510
Jan 28, 2011I have recently migrated from a PIX 515e to an ASA 5510. In the main this was successful. However, I have a number of L2L VPN's (all connecting to Cisco PIX 501 or 505). The majority of these VPN's are working fine. However, I have a couple of VPN's that are causing me a problem. It seems like the tunnel is established for anything between 10 minutes and 4 hours before going 'down'. I cannot initiate the tunnel again from the hub end (ASA 5510) of the VPN.However, if the remote end reboots the PIX, the tunnel is re-established.The ASA is running 8.3(1) and the remote PIX's will be running various versions of code but will all be 6.3(x). The strange thing here is that the majority of the sites are working and the config for each tunnel is identical other than the access-lists for interesting traffic and peer address.
View 7 Replies View RelatedCisco WAN :: Migrating ASA 5510 To ASA 5505?
May 7, 2013for testing purposues i wanted to exchange a running ASA 5510 with a ASA 5505. I included the running configs from both the ASA 5510 and the new configured ASA 5505.
On the running ASA 5510 there is:
one interface for WEB
static IP xx.xxx.xxx.178
route 0.0.0.0 xx.xxx.xxx.177
[Code].....
Cisco Firewall :: Migrating To New ISP - ASA 5510
Jan 4, 2012I currently have the following set up (excuse my quick drawing):
--------------Vendors VPN Router----
| ------Cisco 3000 VPN------ |
| | | |
Private Network-------ASA5510---------Pub Switch------Cisco Router 2x T1
I've been tasked with migrating to the new ISP, which provides us with Cisco ME-3400E switch and /26 public subnet. I currently have 15 static NATs and 14 L-2-L VPN tunnels configured in ASA. Is there a way to configure additional Outside int on ASA and use it to migrate the existing VPN tunnels and static NATs? I'm trying to avoid downtime and hope to do it step by step. I'm thinking about adding additional Public switch, so I can also migrate vendor's router and VPN concentrator, which need to be in parallel to ASA. Assuming that this is possible I'd would like to do the following:
1.Configure and connect additional Outside Interface on ASA - public IP address and ACLs
2.Connect it to additional "Public switch", which would be configured with public IP address and connected to new ISP's Cisco ME-3400E.
3.Migrate my VPN tunnels and static NATs.
4.Migrate vendors equipment/VPN concentrator
5.Update my global NAT pool
6.Shut down old ISP
Cisco :: Migrating From NCS 1.0 To Prime Infrastructure 1.2
Feb 12, 2013I have NCS 1.0 with 100 devices support license installed. Now knowing it has reached end of sale, and also for the fact that Prime does cover devices like routers, i went ahead to the upgrade path via PUT (Product Upgrade Tool). Finally I received an email (OBA) advising my order is ready. This email included two items in the shipment,
L-N-PI12-100-M=
NCS 1.0 to Prime Infrastructure 1.2 Minor Upg 100 Device
L-PILMS42-100-M
Prime Infrastructure LMS 4.2 - 100 Device Upgrade Lic
When i click to the link in the same email to download the license, it only shows me one file which is L-PILMS42-100-M I tried using this file and installing on the NCS1.0 but it gives me error that this file is not a license file. The license name suggests me that it is not the license to be installed on the NCS. The file should be L-N-PI12-100-M=
Cisco :: Migrating APs From WLC 4400 V.4.0.179.11 To WLC 5508 V.7.2.110.0
Jun 11, 2012I am replacing an old 4400 series WLC running version 4.0.179.11 to a new 5508 WLC running version 7.2.110.0.
We currently have 70 x 1131 Access points on the 4400 WLC.
With this upgrade, do i need to upgrade the old 4400 to version 6.0 so the AP's get an up to date IOS or can i directly migrate all AP's over to the new 5508 without any version incompatabilities on the AP's?
I am abit worried that the AP's are running a very old IOS on the 4400 v.4.0.179.11 to go straight to the new 5508 v.7.2.110.0.
Cisco VPN :: Client Not Working After Migrating From PIX 6.3 To ASA 8.4?
Mar 11, 2013I have a situation here where after migrating from PIX 6.3 to ASA 8.4, VPN connection from window server 2003 and 2008 fail to connect. Strangely, win7 or win 8 works perfectly well.
It failed due to
reason=DEL_REASON-IKE_NEG_FAILED
The diff we can see is win 7 is 32 bits and the server client version is 64bits.
Cisco Firewall :: Migrating PIX Configuration To ASA 8.4(2)
Aug 28, 2011I am migrating my PIX configuration to ASA 8.4(2) with my old nat configuration.I don't want the traffic match ACL inside_outbound_nat_acl from inside interface with NAT [code]
when I configured "any" in "nat (inside,any)", I cannot type the "route-lookup" command but when I change like "nat (inside,outside)" then I can type the "route-lookup" command.so what's mean of "any" in this command?
Cisco Switching/Routing :: 6509 / Migrating From IOS To NX-OS
Aug 7, 2011I am migrating from Cisco 6509 IOS (12.2) to Nexus 7000 NX-OS (5.1(1)).I am looking for a equivalente NX-OS command for permit ipinip on IOS.
View 2 Replies View RelatedCisco :: WCS 7.0.172.0 Upgrade Stall Migrating Data
Apr 18, 2011I have a 7.0.164.0 WCS that I am trying to upgrade to 7.0.172.0 In the system infrastructure we have three 4400-50 controllers with a total of about 90 access points (1231's, 1131's, 1142's, and 3500's) The server is a VM with 2GB of ram and about 4GB of free hard drive space (the WCS software is installed on the D: partition). The WCS installer goes through the initial setup and gets to the point of "Migrating Data" and basically stalls. I started the upgrade Friday at 11:30AM and finally killed it at about 9:00AM on Monday (almost 3 full days).
I then uninstalled the partial 7.0.172.0 installation, and also uninstalled the 7.0.164.0 installation. I then did a clean install of 7.0.164.0 and imported my backup. After i verified that everything was working correctly I then tried the 7.0.172.0 upgrade again. Currently its almost at 24 hours of sitting at "Migrating Data"
Cisco Wireless :: Migrating From WISM-1 To 5508?
Feb 5, 2013We are currently upgrading from WISM-1's to individual 5508 WLC's. Is it possible to export the config from controller on the WISM to the 5508?
View 5 Replies View RelatedCisco WAN :: Migrating Sup720 Configuration To Sup2T?
Jul 4, 2012migration of an existing Sup720 configuration to a new Sup2T. At present we have a Sup2T chassis in the lab running 15.0(1)SY1 and a production Sup720 chassis running 12.2(33)SXI5.I've taken a copy of the production startup-config, renamed it to 'startup-config-BGFL_6509_MBAS-020712' and copied it to the bootdisk (and slave bootdisk) of the new Sup2Ts.I've then added the command 'boot config bootdisk:startup-config-BGFL_6509_MBAS-020712' in an attempt to boot from that config and have the Sup2T migrate it to the new config standards (particularly from a QoS perspective as mentioned here :[URL]
!
boot-start-marker
boot system flash bootflash:s2t54-advipservicesk9-mz.SPA.150-1.SY1.bin
boot config bootdisk:startup-config-BGFL_6509_MBAS-020712
...
Router#sh bootvar
BOOT variable = bootflash:s2t54-advipservicesk9-mz.SPA.150-1.SY1.bin,1;
[code]....
Cisco WAN :: 3745 / Migrating Configuration To New Router With Different IOS?
Sep 28, 2011One of my clients has an older 3745 running IOS 12.3 and we are looking at replacing it with a new 3945 that runs IOS 15.0. This router is also configured with CME. Is it possible to migrate the current 12.3 config to load on the new 15.0 IOS? This will be my first encounter with 15.0 so I don't know what I am up against at this time. I am just hoping I don't have to retype all the ephone config, dial-peers, etc
View 2 Replies View RelatedCisco :: Migrating ACS 4.0 In Windows Server To ACS 5.4 VMware
Dec 4, 2012We have 2 separate ACS 4.0 servers installed on windows 2003 server(2 separate location) Both these servers are Integrated with Cisco WLSE and Corporate AD.
Now, we are planning for Migrating to ACS 5.4 on VmWare ESXi 5.1. And need to Integrated with Cisco WLSE and Corporate AD.
Can we import the datas from 2 x ACS 4.0 server to this new Single ACS 5.4 vmware server?
Cisco WAN :: 64530 - Migrating BGP Private ASN To Public
Oct 9, 2012I have two link on two edge routes from same ISP for Active/Standby. I am using the private AS and ISP provided IPs, now i got own Public IPs and AS number. I want to publish my IPs and migrate the AS number from private to Public. But currently i do not want migrate my device IPs. just want to publish network and ASN.
current config is :-
Router 1
router bgp 64530
no synchronization
bgp log-neighbor-changes
[Code].....
Cisco AAA/Identity/Nac :: C220 ISE On UCS Platform With UC
Mar 7, 2013We are looking to deploy ISE supporting 5000 devices and would like to use the Cisco UCS platform to host this. Looking at the spec required a C22 M3 would be sufficient; however we would also like to host some UC applications on the same server if resources allow.
Therefore we would like to deploy ISE on a C220 M3 server and connect the associated NIC to a DMZ. We would then like to deploy UC applications such as CUCM and CUPS on the same UCS server with a NIC attached to the internal network.
Also while the UC application would require a UC Foundation License (R-VMW-UC-FND5-K9) whould this also meet the requirements for ISE?
Cisco Switching/Routing :: 6500 Migrating L2 To L3 With OSPF In LAN
Feb 4, 2013We have an existing network with a core 6500 as a VSS connecting 4 buildings with 4500 chassis under which number of L2 switches are connected. Currunlty we are using RSTP in ring for redundancy but we want to use OSPF in LAN for faster conversion.All the VLAN's are created on 6500.
View 4 Replies View RelatedCisco WAN :: Migrating Router Configuration From 3725 To 3945e
May 30, 2013I'm trying to migrate the running-config from our old 3725 router to our new 3945e router. Almost all of the config is copied over except for a few lines that come up as unrecongnized commands. So it looks like these commands were either removed or changed to something new.
View 12 Replies View RelatedCisco Switching/Routing :: Migrating Cat 6503-E VSS To Cat 6509E VSS
Aug 7, 2012I want to migrate a Cat 6503-E VSS to Cat 6509E VSS. We plan to use the same supervisor that we have on the Cat6503E, for minimizing the configuration change on the Doing this, the vss link will need to be changed, due to the fact that the supervisor slot will change with the Cat 6509, slot 5 instead of 1.
Question: is there a way to just change the vsl-link interface on a existing VSS ?
Cisco Wireless :: Migrating From 4402 To 5508 - AP Compatibility
May 30, 2013We currently run six 4402 Wireless lan controllers - these are managed by a WCS server - soon to be replaced by Cisco Prime. We run a mixture of LAP1242 and LAP1142 wireless access points. I need to add more but have been told by my supplier that the both these AP's are now end of sale and cannot be purchased.
The replacement AP's are the 2600 series - but I have been told that these are not compatible with my existing 4402 controllers.
To make matters worse I was then advised that if I purchase the new 5580 controllers the older LAP1242 access points will not work with it and require replacing - this, for me, is a lot of access points.
What I need to know is:
What access points, if any, are currently available that are compatible with my 4402 controllers and a future 5508 installation?
I ssem to be in a situation now where I cannot buy any access points that will work with my 4402's but if I upgrade all my current 1242's will not funtion with the new 5508 controller!