Cisco VPN :: 891 - VTI Failing And Not Reinitializing

May 1, 2011

I'm running a Cisco 891 it has both crypto maps and ipsec VTI's running on the external interface. The cryto maps are for sites that do not have a cisco router and the Tunnels are for the sites that use crypto maps work perfectly fine. But I much prefer using unnels as it gives a routable interface, ospf works ect.
 
The tunnel interfaces will periodicly fail (Line protocol down) at no set interval, they will then not come back up again. To bring them back up I either have to shutdown and then re-enable the interface or run "clear cry ses rem *.*.*.*"
 
Logging with isakmp and ipsec errors provides the following:
55801: *May  1 10:31:16.015: ISAKMP:(0):Can't decrement IKE Call Admission Control stat incoming_active since it's already 0.55802: *May  1 10:31:16.015: ISAKMP:

[Code].....

View 3 Replies


ADVERTISEMENT

Cisco :: LMS 3.2 Job Browser Failing

Jan 13, 2011

When I select Job Broser I get the following crash, LMS 3.2, server has been restarted but I continue to get the error. [code]

View 4 Replies View Related

Cisco :: VRF Collector Job Failing (LMS 4.0)

Nov 29, 2012

My VRF Collector job has started failing. I have attached the contents of the vnmcollector.log file after setting debug level to DEBUG.

View 1 Replies View Related

Cisco :: Boot From Tftp Failing?

Aug 5, 2011

I've got a fully working 877w that I'm trying to get to boot from tftp, but I just can't seem to get that going.I have a tftp server running and can copy images back and forth without any trouble.I have this in my config:boot-start-markerboot system tftp c870-advipservicesk9-mz.124-24.T2.bin 192.168.1.200boot-end-markerDuring the boot process I get an error message that says there is a missing or illegal ip but I really don't see how that can be as my tftp server is 192.168.1.200 just like my config says.

View 16 Replies View Related

Cisco :: VPN Failing Between Two Pix Devices (DEBUG)

Oct 3, 2012

My tunnel had been running fine for a couple of months. Now, not so much.Here is some debug.

View 6 Replies View Related

Cisco WAN :: 1921 IOS Upgrade Failing

Mar 31, 2013

Any issues upgrading the IOS on a 921 router.How can i create a certificate for the new IOS? I've never had to do this for other IOS 15 upgrade?I've confirmed the IOS is not corrupt and if i upgrade the router in ROMMON the router boots correctly.

View 1 Replies View Related

Cisco Firewall :: ASA 5520 Not Failing Over

Mar 13, 2013

Im preparing a lab and I have 2 ASA 5520's. I have configured them for failover so the Primarys config will replicate over to the Secondary. They are connected via a 3560 switch. the switch ports are configured as access ports on vlan 1. Spanning-tree portfast is enabled
 
Firewall (Primary) 
Cisco Adaptive Security Appliance Software Version 9.1(1) Device Manager Version 7.1(2)
Compiled on Wed 28-Nov-12 10:38 by buildersSystem image file is "disk0:/asa911-k8.bin"Config file at boot was "startup-config"

[Code].....

View 5 Replies View Related

Cisco :: LMS 3.2 Archive Management Failing?

Sep 4, 2011

config collection is failing.in detail its partial success(config fetch is success but archieve is failed).

View 1 Replies View Related

Cisco :: 871 - LMS 4.1 Software Distribution Failing

Mar 20, 2012

I'm currently unable to upgrade certain devices since Cisco Prime incorrect believes there is not enough room in the flash partition.For example.

Getting the following error messsage trying to upgrade some Cisco 871 routers: "Catastrophic - SWIM1200: Selected Flash partition requires minimum (28 MB) to upgrade selected software/image."The images are around 18 MB in size. Why does Cisco Prime thinks its 28 MB in size? Bug?

View 1 Replies View Related

Cisco Routers :: Failing RV016 Or ISP?

Jan 22, 2010

I have a rv016 that's been in 24x7 operation since I bought it a few years back.  It is out of warranty.  It is connected to three cable modems on WANs 1-3.  Behind it are a bunch of PCs getting IPs via DHCP.  There is a gateway to gateway vpn tunnel setup on wan3 to a rv082 at another site.  There is a forwarding entry for http to an internal http server.  Everything else is pretty much default.
 
The router is primarily used to aggregate bandwidth for uploading large numbers of photos.  The systems behind the router initiate the uploads and the router automatically load balances the outgoing bandwidth.
 
This was all working fine until just recently.  The ISP is Knology who is upgrading each of the 8m/768k cable modems to 25m/5m.  They are also moving from DOCSIS 1 to DOCSIS 3.  They are currently in the middle of this upgrade and have upgraded the modems to DOCSIS 3 as well as the speeds to 12m/2m.  The problem is that the rv016 Network Service Detection, which is set to "Default Gateway" indicates that the modems fail randomly.  Usually only one will be failed, but up to two will fail the Network Service Detection simultaneously.
 
Knology insists that there is nothing wrong with their modems.  I have removed a modem from the rv016 when Network Service Detection indicates it is in a failed state and connected it directly to a computer.  It will work, but it has a different IP address and default gateway.  As soon as I connect it back to the rv016, it works there too, but on the original IP address and gateway.  I've only tried this test this twice so far, so it is a bit inconclusive.
 
Speed tests behind the rv016 are the same as directly connected to one of the cable modems.  The router works normally as it has for years.  Nothing else is acting funny.
 
So my question is, is the rv016 failing or is the ISP having problems? 

View 17 Replies View Related

Cisco :: LMS 4.2 Backup Failing Randomly

Jun 4, 2012

Backup failed on 2012/06/03 at 22:02:52. REASON: Unable to proceed with the backup operation as some files are being accessed by jobs. Reschedule the jobs such that the backup job does not coincide with other jobs.
                  
Randomly the backup for lms 4.2 is failing. it has suceeded but majority of the time its failing. i have tried changing times but nothing seems to work.  previously we were running 4.0.1 and had noproblems with the backup time.

Just found the bug
CSCtz29665
URL

View 14 Replies View Related

SFTP Connection Failing?

Dec 4, 2012

I set up a connection from a laptop (Windows 7) that goes through a LAN proxy server to a secure ftp server (Windows Server 2003).The sftp server is assigned a public ip address.I opened the firewall at the destination and allowed port 22 traffic to the sftp server. Well, the connection is failing.I know for a fact the connection from the client laptop is making it to the sftp server.If I issue this command on the client laptop:

telnet sftpserver 22

The DOS screen clears and tells me the type of SSH server I'm connecting to. While this connection is still active, I logged into the destination sftp server and did a netstat command. I can see the address of the proxy server in the "Foreign Address" column of the netstat results. I also can see the proxy server address when I look at the Application Log on the sftp server, so I know the connection is making it to the sftp server.

I beleive the problem is the control port (return traffic) from the server back to the client. Something is being blocked or is misconfigured. I always thought the router negotiated the control port, and that the control port didn't need to be put into any firewalls.

View 1 Replies View Related

Internet Failing On Certain Devices?

Dec 16, 2012

For everybody else in the house the internet works fine on their devices, however, on my laptop and ipod it will often not allow me to connect for ages, but then finally connecting (without me changing anything)

View 3 Replies View Related

Browser Keeps Failing To Recognize DNS

Oct 18, 2011

I am able to use the lap top but not my desk PC.Browser keeps "failing" to recognize the DNS ? or my ports are blocked by a previous firewall ?

View 19 Replies View Related

D-Link DIR-655 :: UPnP Failing In 2.07 And 2.10?

Jan 14, 2013

UPnP seems to be failing somewhere between a few hours and a few days.  It will work as expected for a while after starting or restarting the router, but then trying to create any new UPnP mappings will fail, and the ones that have been already created usually stop working.  The commandline client upnpc fails to locate the router automatically, and manually navigating to http://192.168.0.1:65530/rootDesc.xml in Chrome returns a connection reset error instead of the expected XML device description.I turned on debug messages in the logs, but there doesn't seem to be anything useful in there (though they also seem to be flooded with a bunch of IPv6 mDNS network hopping, so I'm going to try disabling that for a while and see if that works).  I did update to 2.10 and still had the same issue with UPnP, however my wireless network kept going down (I guess a known issue) so I downgraded back to 2.07.  After the downgrade, I reset the router and manually re-entered all my settings (i.e. I didn't import them).

View 14 Replies View Related

Cisco :: Active Directory Authentication Failing?

Feb 16, 2012

I am not sure why but when I try to connect with my IPSEC VPN client, authentications are failing. The ldap test passes on the ASA but when I try to login, the VPN client gives me authentication failure even though debugs show authentication was successful.User 'test1' should be able to authenticate based on group membership.User 'test2' shouldn't be able to.I already removed the attribute-map to see if that was the problem but I am still failing authentication.

View 9 Replies View Related

Cisco :: Identify The Point At Which A Connection Is Failing?

Jul 31, 2012

I've got an application running on a Windows 2008 server that I have verified as live on port 8085 at localhost. I've also verified on the server itself that port 8085(and in fact, all ports) are open right now. Despite this, I have no connection to this port on the server. Let me back up a bit an explain the architecture I'm working with.windows_server >> Switch >> Firewall >> Firewall >> InternetEverything but my server is managed by my hosting company who is insistent that this is a server issue. Is there a way to find out at what point my connection to port 8085 is failing? I feel like it's stopping at one of the Firewalls but need proof of this theory to get something done about it

View 3 Replies View Related

Cisco VPN :: PIX 515e VPN To ASA Failing After Several Hours Following Upgrade?

Feb 13, 2011

I've got a PIX 515e firewall on a branch site running version 7.2.4.7(LD) connecting via a VPN to an ASA at the HQ with 7.2.5 code running. After several hours it is no longer possible to ping either the PIX or hosts behind it on the branch LAN though the tunnel still shows as being up.  In order to bring the link back up the local PIX has to be rebooted.The connection used to work with no problems when I was running PIX version 7.2.1 software but this had to be upgraded to 7.2.4 to support the new TCP normalization commands. VPN connections to other branch sites running PIX 7.2.1 remain active with no problems. The reason for the upgrade is to implement WAN acceleration between the sites however I still encounter this problem even when the WAN acceleration hosts are not installed.In addition to the software upgrade I added the following configuration to both the ASA and the PIX: 
 
tcp-map wanx_tcpmap
 synack-data allow
 invalid-ack allow
 seq-past-window allow
tcp-options range 28 28 allow

[code]....
 
The ASA originally had this code but the PIX did not and the VPN was stable, after upgrading the PIX and adding the code the link was no longer stable.

View 1 Replies View Related

Cisco :: Ap1242 - Bridge Connectivity Failing

Jan 14, 2013

I am having trouble getting the bridge to work. The setting is as follows: I have to buildings, separated by a road. Distance is apx 35-40 meters. From the main building there is a network which I am trying to extend to the other building by a wireless bridge. I am using two 1242 (autonomous)  for this. I have also external directional antennas (7Db) mounted on a pole 8 meters above ground on each buildings. These are of course directed to eachother. The antennacabel used between the ap's are shielded Cisco-cables.
 
The config on the root AP: 
 
dot11 ssid Valhalla01
authentication open
authentication key-management wpa version 1

[Code].....

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 1113 SE Upgrade From 4.0.1.44 To 4.1.1.24 Failing

May 2, 2011

we have a Cisco ACS 1113 SE running v4.0.1.44 and are trying to upgrade it to v.4.2.0.124 following the instructions to upgrade it to v4.1.1.24 first.
 
We are using the following CD "ACS SE Overall Upgrade CD ACS 3.3.4 and 4,1,1,24 Upgrades"
 
We can download the 4.1.1.24 image to the ACS appliance via distribution server but the upgrade fails- we obtained the following console output when attempted upgrade was tried;
 
Upgrade package was not verified
Applying this upgrade package may corrupt the appliance
Continue at your own risk!

[Code].....

View 5 Replies View Related

Cisco :: LMS 4.2.3 Device And System Update Failing?

Jan 10, 2013

I have upgraded to prime LMS 4.2.2 (from 4.0.1) and can not perform system or device upgrade. Using wireshark I can see why. it looks like LMS is trying to go to this old web [URL] to get software. I believe this was fixed years ago in bug CSCto46927.
 
Can I reapply bug fix CSCto46927 on 4.2.3 or is there another fix?

View 32 Replies View Related

Cisco WAN :: 2600XM Failing With Booting / End Up Being In ROMmon

Feb 4, 2012

I have recently bought a used 2600XM, I was trying to boot it, I get some errors and end up being the ROMMON mode:

ystem Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
Copyright (c) 2003 by cisco Systems, Inc.
C2600 platform with 262144 Kbytes of main memory
 getdirent: bad file magic number, possibly out of sync
boot: cannot determine first file name on device "flash:"

[code]...

View 1 Replies View Related

Cisco Switching/Routing :: C2900 Inward NAT Failing

Nov 11, 2011

Previously posted as C2900 - inward NAT partial success...
 
Running C2900-UNIVERSALK8-M, Version 15.0(1)M3 RELEASE SOFTWARE (fc2)
 
I have several sets of inward NAT defined (51001-51007, 52001-52007. 53001-53007),all to various internal addresses. When I attempted to add another set, the new onesdo not work and get a "timeout" error.
 
When I tried port 51008, it gets a timeout.  When I changed 51008 to 51010, the 51010 now gets a timeout, and 51008 now gets "connection refused" (which I expect).The original sets all work, the new ones (added at the end of the lists) do not.When I am on any of the internal machines, the target (192.168.1.21) works fine.When I am "in the router", I can connect via the ssh command, so I know that therouter can talk to 192.168.1.21 on port 22 as expected.

View 1 Replies View Related

Cisco :: NCS 1.1.0.58 Failing To Gather Current Clients From APs

Apr 24, 2012

We're running NCS 1.1.0.58. Since updating to this release from the 1.0 release, the 'Autonomous AP Client Status' and 'Lightweight Client Status' background tasks have been failing with message 'java.lang.NullPointerException'.  I believe as a result of this that the 'Current Clients' tab on an AP monitoring screen just reports 'No data available'.

View 2 Replies View Related

Cisco :: Scheduled Configure Collection Job Is Failing / LMS 3.2

Jun 13, 2011

Usually the configuration files are fetched once every week. Lately, the Scheduled Config collection job is failing for all the devices. I have tried to “sync Archive” from LMS 3.2 on some devices but nothing happens. The switches out there are C3750, 2960, 2950, 3550, 3650 and some routers.The server is Win Ser 2003.

[URL]

View 9 Replies View Related

Cisco Switches :: Sf-300 48port Failing 802.1x Re-authentication?

May 11, 2011

I have an issue with the sf-300 switch model, which i am depolying in lapsafe trolleys. The approach is to wake the laptops from the guest VLAN (20) with WOL have them authenticate with 802.1x and use DVA to put the ports in VLAN14 so updates can be pushed to them over night.
 
I have configured 802.1x, guest vlan and DVA which works initially, all host wake from WOL, the laptops successfully authenticate and are assigned to the VLAN (14). This remains stable for a time then the hosts fail reauthentication. I have also noticed that when a host is disconnected from a port and patched into another port the initial port remains in the authenticated state and the new port authenticates the client but the hostnames are missing on the 'authenticated hosts' page of the GUI, DVA fails. The ports display a port-failure message for a time then moves to failed reauthentication.
 
The only way I can get it to work again is to reboot the box. From the logs I can see the macs of laptops being rejected and I can also see attribute 26 being ignored. See log below. I am unsure as to why host are initially authenticated but reauthentication fails, is it not the same process?.
 
I have 11 of these switches and have configured 6 which all display the same behaviour. These switches are not CISCO I do not understand why they have badged them. The protocols/standards are implemented differently. If you incuded 'general ports' as an answer in a CISCO exam you would fail. There are also other issues I have noticed with these boxes, I am not impressed!.

View 3 Replies View Related

Cisco WAN :: 1941 - Multiple VRF BGP / GRE / IPsec Failing

May 17, 2011

I'm trying to configure a Cisco 1941 to connect to multiple Amazon VPC instances. Each VPC instance brings up 2 x IPsec over GRE tunnels with BGP in to the EC2 cloud and enables flat extension of the corporate LAN. Basically. you can spin up EC2 instances in a private subnet and route to them across the VPC link from the corporate LAN.
 
The Amazon configuration is templated and not designed to support multiple instances on one customer access gateway - however, I want to overcome this and find a technical solution around bringing up a second physical router. I've got VRF configured and working for the first instance, but when we add a second VRF to the configuration IPsec fails. The second VRF is essentially identical to the first.
 
We're potentially looking at a licensing issue with IOS 15.x, the version we're running is... 

ipbase        ipbasek9      Permanent     ipbasek9
security      securityk9    Permanent     securityk9
data          None          None          None

[Code]....
 
However, the IPsec configuration is complete and all keychains etc. are in place as they should be.

View 13 Replies View Related

Cisco VPN :: ASA 5540 Remote VPN With DHCP Failing

Feb 28, 2013

I am currently running an ASA5540 version 8.3(2). I have multiple remove vpn users currently working on this server. Lately, I have had issues with people getting booted or not being able to route anywhere and it appears to be cause they keep fighting for the same IP address using the local pool, so I decided to attempt to do DHCP instead (I have no idea why it keeps overlapping IPs, we have tons in the pool and they keep fighting for the same one). This just started about a month ago, we are only using maybe 3-5 IPs out of the /24 block. The only thing that has changed was we have hired more people, but we have separate groups for corporate vs operations team.
 
So, I setup the dhcp-network-scope for the subnet and the dhcp-server under the policies. I see the request going to the server, but it seems to be putting the ASA MAC into the Client Hardware Address field of the DHCP header. I have attached the PCAP from the ASA showing this.

View 7 Replies View Related

Continuously Failing ISP / Internet / Network?

Oct 7, 2012

I have recently moved in a new apartment. At the building there is something like a centralized internet. There is a huge machine which is connected to every apartment of building via a cable modem(Netsys nh-300sp). Here is an image of system. And when I first came to apartment they gave me a username and password which I made login when i firstly opened a page on safari. When I plug in an ethernet cable to my macbook-air it connects and everything s good for a moment then it starts to kick me out randomly and continuously. When I look to Network Diagnostics: ISP is red, internet and network are yellow.I tried also using a manual DHPC address, but then ISP is green but Internet and server are red or yellow. I cant even reach to modems admin panel, maybe because of the system of building.

View 1 Replies View Related

All HTTPS Sites Failing Validation

Apr 1, 2011

I just put together a new computer. After putting it together I installed Windows 7 64-bit. My problem is that every "https" website I go to fails at its certificate validation. Every browser I use (Firefox 4, Chrome, IE9) warns me that the security certificate failed the validation. If I click "continue anyway" the browser shows a blank page. This happens for every https site. I have tried mail.live.com, mail.google.com, bankofamerica.com, etc. I can't even connect to windows update (which is really bad). The problem is limited to this computer. All my other computers (2 laptops with windows 7 32 bit) connect to websites using https just fine. My computer is freshly installed, but I scanned for spyware/viruses/trojans and came up empty.

View 1 Replies View Related

Wired Network Connection Keeps Failing

Nov 6, 2012

To start off with, I own the network, and every system connected to it. I run and admin it, so the chances that anyone else has changed anything is essentially zero.This computer has a wired network connection (The issue) and a wireless one. They are connected to two separate networks. A few days ago the wired card stopped getting an IP address from my router, always ended up with a 169 address. Eventually I just disabled it, and installed a PCI network card.

Now what happens is that all works fine for a while, then stops. Suddenly I am "Not connected to network" despite the fact my ip address hasn't changed. I run the network troubleshooter, it tells me the "Gateway is unreachable" Resets the network card, and all is good. Then after a while the network fails again. I did already scan with malwarebytes, and everything is fine as fat as its concerned.

View 4 Replies View Related

D-Link DIR-615 :: Router Failing To Connect

Jan 24, 2012

I purchased the D Link 615 router initially so that I could simply use it with my Net Talk telephone which required the use of a router to simply plug into.  Since then I have acquired and use a Kindle and an Acer tablet which both use Wi-Fi.  My connection to the wireless service is sporadic.   I have been able to connect for two or three days in a row, but inevitably I will receive a message that the connection cannot be established.    On my initial post for my problem it was suggested that I do as follows:

[code]...

I have tried to do all the above, but in many cases the terms used were different and the menu choices were sometimes not available.  I did adhere to any of the above advice I could like choosing WPA-Personal. However, my problem persists and I do not know what to do. Is the 615 an inferior router?  It is about 2 years old. According to Cnnet the Linksys E 1200 is the best.

View 4 Replies View Related

D-Link DIR-615 :: Upload Failing By Half?

Oct 4, 2012

I have a DIR-615. My cable connection is 10M and my upload velocity it's about 800K.

If I plug my cable modem right through to the computer, the upload velocity it's 800k indeed.

But when I access the internet through the router plugged on the cable modem, the velocity drops down to 400K.

That is a big problem for play games like fifa. I have a huge delay on the commands and I think that it's caused for the low upload velocity.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved