How to hit the 32 interface nbar limit on an ASR? Our ASR1002 ESP5 is now grumbling: %NBAR-4-STILE_MAX_PD_INTF: NBAR protocol-discovery is enabled on maximum number of interfaces (32) supported by this platform..Is this expected to increase in future software revisions? (or is it a h/w limitation?)Is it the same limit regardless of ESP or will I get more (how many more?) if it is an e.g. ESP20?
View 1 RepliesI'm trying to upgrade NBAR protocol pack on my Cisco 1941 router, so i downloaded new NABR protocol pack (version 4.0.0) and transferred it into router flash via tftp. When i try to apply new protocol pack with command : ip nbar protocol-pack flash:[protocol-pack-name]
i got this error :
% NBAR Error : Advanced Protocol Pack can not be loaded on top of Standard Protocol Pack
The router is running IPBASE IOS with Security License, IOS image is c1900-universalk9-mz.SPA.153-1.T.bin. Does NBAR2 packages works on IO BASE images?
My TCOM guys say they do not see the ACE as a CDP neighbor on their switches. Is CDP enabled by default? I cannot find any documentation that suggests this is configuration (like on the Cisco CSS - where it can be enabled, but cannot see its' CDP neighbors).
BTW - The ACE 4710 Appliance documentation uses CDP as acronym for Certificate Revocation List Discovery Point (for SSL CRL's).
we use LMS 3.2 in our network. We have a couple of 6509-V-E Switches with mutiple interfaces (VLAN interfaces and Layer 3 interfaces) The problem is, campus manager discovers the switch by a interface randomly...one time its a lay3 Interface and another one its a vlan interface which none of them are in DNS hence no name resolution can be made.
Is there a way to "tell" CM to us for instance the VLAN Management IP of the switch?
Is the onboard interfaces on an ASR router (4x on ASAR1002, 6x on ASR1002-X) are fixed gigabit or are they 10/100/1000 ?
I assume the interfaces on the 8port Gigabit SPA module are fixed gigabit speed ports (why otherwise sell a 10/100 8port SPA module also ?) no ?
I have a Cisco router C1700 and it is presenting unknow errors on Serial 0/0 and fa0/0 interfaces. Why this counter is increasing?? Im not very sure if is by CDP neighbors or Vlans that are not configured on a switch attached.I undertand that the unknown protocol drops field displayed in the above example refers to the total number of packets dropped due to unknown or unsupported types of protocol. How to solve this unknown DROPS? [code]
View 4 Replies View RelatedI have two vlan interfaces, how to limit bandwidth on them ?I need than speed on each will be direrent.
View 1 Replies View RelatedI have a task of setting up bandwidth limit on the 2811 router Fastethernet interfaces.The scenario is:We have a 4MB Internet connection and would like to allocate bandwidth usage to users.
Fastethernet 0/0 needs to be set with 256KB output and 2048 input. This is going to be connected to a wireless router. Fastethernet 0/1 needs to be configured with 2048 output.I could also use SDM if that's easier than using CLI.
I have a Cisco 2801, IOS 12.4(24)T2 (C2801-IPBASEK9-M) on a WAN link to another 2801, which appears to be wrongly detecting our cross-site EMC replication traffic as Skype.
I am 100% sure that Skype isn't running on any of our PC's, yet the Skype protocol is by far the highest used out of everything. I have watched these traffic stats late at night when nobody is on the network and when the only traffic is replication, and this is the protocol which is constantly increasing.
If I run 'sh ip nbar port' , Skype isn't listed in the port-map. If I use ? at the end of the command, it lists Skype as option. The 'sh ip nbar protocol-discovery' show the following (among others):
FastEthernet0/1/0
Last clearing of "show ip nbar protocol-discovery" counters 6d10h
Input Output ----- ------ Protocol Packet Count Packet Count Byte Count Byte Count 5min Bit Rate (bps) 5min Bit Rate (bps) 5min Max Bit Rate (bps) 5min Max Bit Rate (bps) ------------------------ ------------------------ ------------------------ skype 76133998 146572068 6167477623 173614718864 0 0 1221000 8973000
EMC have informed me that the port used for replication is 8888, but I can't see how NBAR can think this is Skype.
why NBAR is detecting Skype traffic?!
Any comprehensive list of custom settings for NBAR V6 that will block most P2P traffic. The built in list seems incomplete. Either that or a way to better block P2P traffic at the router level.
View 1 Replies View RelatedI am trying to find out if NBAR is supported on the 4507 switches with a Sup 6L-E module - I can't seem to find any info.
View 2 Replies View RelatedI am planning to buy a router for my hotel and I would like to know is it possible to limit the bandwidth limit to the guests? And the admin computer can utilize the maximum speed? it it possible to create a login page paper when some one enters my wifi connection?
View 7 Replies View Relatedneed to know the OSPF best design. I have a customer currently running their OSPF only in two area. Area 0 is provider reside and area 1 reside 700 hundred over of router including HQ router and remote branch router connecting to metro-E 10Mbps networks. Is this design have any weakness? Area 1 about 800 hundred router reside in, the HQ model is cisco router 7200 and remote end is cisco router 1841.Let's say they want a solution, for 3G remote router connect back to the HQ using Lease line with a fixed IP. Using DMVPN and OSPF communicating back to HQ. What should we aware when designing and implementing for the OSPF best practice. They have 700 hundred over remote branch need to terminate back to their HQ. I read cisco recommend an area should not be more than 50 router and per-area no more than 28 area.
View 4 Replies View RelatedI am going to configure the NATing on ASR1002 and expecing to have near about 1Million nat translation. Will ASR1002 support 1million nat translations ? how many NAT translations are supportable on the ASR1002 ?I am going to configure NAT on ASR1002-5G/K9 U& have FLASR1-FWNAT-RED.
View 1 Replies View RelatedRight now I have a ASR1002 running a very old IOS version.Cisco IOS Software, IOS-XE Software (PPC_LINUX_IOSD-ADVENTERPRISEK9-M), Version 12.2(33)XNE, RELEASE SOFTWARE (fc1) asr1000rp1-ipbasek9.02.05.00.122-33.XNE.bin – 25-NOV-2009?
I am looking to upgrade to a newer version.I was wondering if there are any tricks when upgradeing this IOS. Is it as easy as loading the IOS onto the ASR and then changing the bootpath or is there an upgrade path I must follow? Also would there any need for a licence between 2.x and 3.x.
The loopback of the ASR1002 is 2.2.2.2. When I use a browser to access it, I got the authentication dialog box asking for username/password. I input the information and submit. But authentication box comes back again and ask for the username/password.
The username/password is test okay. But somehow, the web GUI just does not use it.
I am having trouble getting 1142 LAP to find the controller. We are running an ASA 5505 at our main campus where the 5508 is located. Each Of our distribution centers have a PIX501 and from there about 3-5 AP's each. The AP's that were primmed before instalation work great, however we need the ability to get the other ones that were already installed and not finding controller to work with out cycling them through main campus. I have opened up UDP ports 12222-12223 and 5246-5246 with no luck.
View 1 Replies View Relatedwe're evaulating the Cisco SM 4.2. After adding my ASA 5520 the Policies are discovered from the device except the RA VPN Policies.I tried to trigger the discovery process manually and i got this errormessage Please verify the device "IP address", "hostname", "domain name" and "port number" are correct, there is network connectivity between the CS Manager server and the device, and the device is configured to accept https connections, the device is running, and then retry this operation.which i don't understand because the other policies were retrieved just fine.
View 0 Replies View RelatedI have a problem discovering some ASA firewalls on a network. I have several ASA firewalls on this /24 network, but some of them I can't discover e.g 149.x.x.107 is discovered ok, but 149.x.x.20 I can't discover. It seems that it's not even trying to discover the devices I have problems with. Nothing is shown in the discovery log.
View 11 Replies View RelatedIs the GLC-LH-SM SFP compatible with the ASR1002 and how does it differ from the SFP-GE-L adapter?
View 4 Replies View RelatedWe have an ASR1002 with asr1000rp1-adventerprisek9.03.05.01.S.152-1.S1.bin software.I couldn't find any documentation on how to attach an L2 interface, in my case a subinterface with a single dot1q vlan, to a BDI interface.I'm able to create a bridge-domain interface but it's down down.The command bridge-domain on the subinterface url...
View 2 Replies View RelatedI'm aware ACL's are handled in hardware on the ASR platform but wondered if there was any way to inspect how many hits we get on each line of an ACL on the ASR, I can't seem to find a command to do this.
Using LOG is not possible due to the large number of hits.
One of our customer just purchased ASR1002 router, they have three internet links from different ISPs and they dont have any remote site, they have three different public IP pool as their respective ISPs. So, is it possible to load balance the internet traffic using all three link on Cisco ASR router ( IOS - Advance Enterprise Services)
View 3 Replies View RelatedWe have a cisco7206 router which is going to be replaced with an ASR1002 router. The 7206 has some interfaces in a BVI-group - the config of which i am trying to translate over into IOS XE (which runs on the ASR1002). How to translate this config from IOS to IOS XE.
View 3 Replies View RelatedWe are having an issue with BGP flapping peer. We have a ASR1002 as Route Reflector and it work fine with all peers except with 2 peers.
View 3 Replies View Relatedim trying to create a VPN between a Cisco ASA5510 and an ASR1002 when my Loopback interface is The Source IP . [code]
View 1 Replies View Relatedwhat command is required to configure ip accounting on an interface?
I would have thought to what is required is on the interface, turn on Ip accounting i.e.
int gi0/0/0
ip accounting
However, there is no ip accounting command within the interface. We are running version Version 15.1(1)S2.
During the boot ios we found the error messages below. How can i clear this messages?
Missing or illegal ip address for variable DEFAULT_GATEWAY Using midplane macaddr
Missing or illegal ip address for variable IP_ADDRESS
Missing or illegal ip address for variable IP_SUBNET_MASK
I've inherited a project building an internet connectivity solution for a large corporate. It has its own AS and its own PI space. They are putting in 100Mbit connections from 5 different Tier1's , taking full internet routing from each. Cisco ASR1002's have already been specified and purchased for the job. I'm not familiar with the ASR platform at all - is it up to the job with full routing tables? multiple instances of full tables ? (not likely to put all 5 into one box!)
View 2 Replies View RelatedLMS 4.2, W2K8 R2.I was having an issue with discovery adding devices to with corrupt information (seemingly random strings of characters in several fields). While I was trying to clean this up a scheduled discovery kicked off and further exacerbated the issues I was having. Frustrated, I deleted all entries from the discovery schedule until I could get things cleaned up.
Now I want to go back and troubleshoot the discovery process. Trouble is, I can't get discovery to do anything anymore. I disabled all modules but CDP. I added a single seed IP address under the CDP configuration. This is the address of a 3560V2 switch that is not in DCR. When I started discovery it completed in about 2 seconds and didn't discover anything, including the seed device. So I added another 3560V2 as a seed device under global settings. Same results. Thinking that it had been working using scheduled discovery, I set up a schedule and kicked it off that way. Same results. Finally I added one of these seed devices to DCR and let LMS fully learn about it. Ran another discovery. Still no joy.
I started an SNMP debug on the seed devices before starting discovery. I see the SNMP get coming from LMS, the switches respond and the discovery completes with 0 devices discovered.CS Discovery.log contains no meaningful information. Only messages about "No appenders could be found for logger".
my customer is using Cisco Prime 4.1 as an Upgrade from LMS 4.0 and has made a discovery of a new added Cat 4506E with a Sup 7E and Modules.All the devices have been discovered, excepted the module WS-X4712-SFP+E.Is this card not supported yet ?I could not find any detailled and actual information about the support or not of this module, or about the conditions for the Module support it in Prime 4.1..How ist it possible to proceed to having this module discovered ?
View 1 Replies View RelatedWe have just installed LMS 4.0.1 and started to discover parts of the network. After the discovery process finished successfully - 100+ new devices were added to DCR message - I was able to see the devices by clicking on their number but when I go to Inventory-Add/Import/Manage Devices I cannot see any device in the Group that I created.If I restart the CiscoWorks Daemon Manager process the newly discovered devices are added to the custom Group. This seems like a bug as I had a LMS 4.0 evaluation installation a few months ago and device discovery was working fine meaning the devices were added immediately to the Inventory.
View 4 Replies View Relatedi am installing a CWLMS 4.0 and everything was good until i have reached the discovery for the devices, i am dealing with a bank setup and the branches is connected using layer 3 MPLS, branches are located behind the ISP router, so as a cdp neighbor i cant see anything but the ISP router at my Core.
so i cant see the branches routers as neighbors to my (seed Device) Core, and i have tried to use the ping sweep and i could not reach them also. and also to add them manually as we were doing before in the earlier versions of CWLMS, using the Devices and Credintials, this option is removed from the LMS 4.0 as i have red in a document.
1- snmp is configured on all devices.
2- access-list is configured on all devices.
3- i am able to reach the LAN Devices without any problems and the configuration is the same on all of the devices.