Dear All,
During my rack session, after booting the server when I do the KVM session I could not find KVM or Virtual media tab.
I do not think this could be a configuration related issue as I could see my initiator and targets on the flogi database.
Could someone help me to understand what I am missing.
I was doing an ATC Lab tonight "VRF Aware DMVPN" and the Lab answer guide used the following command.
crypto keyring DMVPN vrf UNDERLAY_TRANSPORT
pre-shared-key address 0.0.0.0 0.0.0.0 key DMVPN_PSK
One of the requirements for the lab is as follows
So I used the following command
crypto keyring DMVPN vrf UNDERLAY_TRANSPORT
local-address Loopback6
pre-shared-key address 0.0.0.0 0.0.0.0 key DMVPN_PSK
So everything came up fine with either command which got me thinking. The lab requirement has you use a specific Loopback as the source, in this case 6.6.6.6 or loopback 6.
After doing a debug I don’t understand why the first command without the local address keyword is working. I see everything is going to and coming from 6.6.6.6. I don’t understand why this is working without the local-address keyword. I would assume the remote router would send a request to 6.6.6.6 but the Hub router (6.6.6.6) would respond back with the local interface address, (in this case 155.1.146.6) which should break phase 1.
ISAKMP:(0): sending packet to 6.6.6.6 my_port 500 peer_port 500 (I) MM_SA_SETUP
ISAKMP:(0):Send
R5#ing an IKE IPv4 Packet.
ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
ISAKMP:(0):Old State = IKE_I_MM2 New State = IKE_I_MM3
ISAKMP (0): received packet from 6.6.6.6 dport 500 sport 500 UNDERLAY_TRANSPORT (I) MM_SA_SETUP
ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
ISAKMP:(0):Old State = IKE_I_MM3 New State = IKE_I_MM4
What am I missing here?
Hi,
I've been trying to find out what the difference is between creating an interface vfc-port-channel and using a regular interface vfc when aggregating two links while doing FCoE. You bind an Ethernet port-channel to it in both cases.
At first I thought that a vfc-port-channel interface should be used on the N7K side and the regular vfc interface at the N5K side. Now I'm confused because I've found no documentation or post that talks about it.
The only doc that I've seen is one where they show a sample Multihop FCoE config between a N5K and a N7K, but it doesn't explain the difference between both types of interfaces.
Can anyone help?
Dears,
I was trying to profile the Test-PC-B as microsoft workstation using RADIUS probe and i found at the end that it is profiled as a Cisco Device due to the linksys NIC adapter.
What do i have to do in order to profile it as Microsoft-Workstation?
Hi,
I wanted to know what was the main between using NPV and FCOE-NPV. I know that one erases all the configs and reloads the switch and the other enables the feature and does not erase the configs or reload the switch. But when would you use one over the other? Besides what I mentioned above and the fact they require different license are there any other differences as well? Thank you
Dears,
I was testing the CWA task in Tech Workbook and i followed all the steps. I have a problem that the PC is still not authorized. I can see that the correct profile (authenticationstatus eq unknownUser) is sent from the ISE to the switch and in the debug aaa authorization and debug aaa attribute, i can see that the Redirect_ACL, DACL, and redirect url are sent to the switch but it stillnot applied to the user. The phone is getting its authorization successfully. Please advise.
Here is below the switch config, show authen session int f1/0/5 and debug output:
----------------------------------------------------------------------------------
Sw1#sh run
aaa new-model
!
!
aaa authentication dot1x default group radius
aaa authorization network default group radius
!
aaa server radius dynamic-author
client 172.16.3.100 server-key cisco
!
ip device tracking
!
interface FastEthernet1/0/5
switchport access vlan 100
switchport mode access
switchport voice vlan 10
authentication host-mode multi-auth
authentication port-control auto
authentication periodic
mab
dot1x pae authenticator
spanning-tree portfast
!
interface Vlan1
ip address 172.16.3.10 255.255.255.0
!
ip http server
ip http secure-server
!
!
ip access-list extended REDITECT_ACL
permit tcp any any eq www
permit tcp any any eq 443
!
radius-server attribute 6 on-for-login-auth
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server host 172.16.3.100 auth-port 1645 acct-port 1646 key cisco
radius-server vsa send accounting
radius-server vsa send authentication
!
--------------------------------------------------------------------------------------
Sw1(config)#do sh auth session int f1/0/5
Interface: FastEthernet1/0/5
MAC Address: 0007.eb64.545f
IP Address: Unknown
User-Name: 00-07-EB-64-54-5F
Status: Authz Success
Domain: VOICE
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
ACS ACL: xACSACLx-IP-PERMIT_ALL_TRAFFIC-51134bb2
Session timeout: 3600s (local), Remaining: 3409s
Timeout action: Reauthenticate
Idle timeout: N/A
Common Session ID: AC10030A00000012004D0D1F
Acct Session ID: 0x00000015
Handle: 0xAA000012
Runnable methods list:
Method State
mab Authc Success
----------------------------------------
Interface: FastEthernet1/0/5
MAC Address: 0050.b60b.e523
IP Address: Unknown
User-Name: 00-50-B6-0B-E5-23
Status: Authz Failed
Domain: DATA
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
Session timeout: N/A
Idle timeout: N/A
Common Session ID: AC10030A00000013004D1140
Acct Session ID: 0x00000016
Handle: 0x42000013
Runnable methods list:
Method State
mab Authc Success
--------------------------------------------------------------------------------------
Debugs output:
Sw1(config-if)#
*Mar 1 01:27:37.887: %AUTHMGR-5-START: Starting 'mab' for client (0007.eb64.545f) on Interface Fa1/0/5 AuditSessionID AC10030A0000001400503A53
*Mar 1 01:27:37.887: RADIUS/ENCODE(0000001A):Orig. component type = DOT1X
*Mar 1 01:27:37.887: RADIUS(0000001A): Config NAS IP: 0.0.0.0
*Mar 1 01:27:37.887: RADIUS/ENCODE(0000001A): acct_session_id: 23
*Mar 1 01:27:37.887: RADIUS(0000001A): sending
*Mar 1 01:27:37.887: RADIUS/ENCODE: Best Local IP-Address 172.16.3.10 for Radius-Server 172.16.3.100
*Mar 1 01:27:37.887: RADIUS(0000001A): Send Access-Request to 172.16.3.100:1645 id 1645/99, len 208
*Mar 1 01:27:37.887: RADIUS: authenticator EE 13 7A 20 CD B0 49 1A - D7 D0 88 12 8A E3 EF CE
*Mar 1 01:27:37.887: RADIUS: User-Name [1] 14 "0007eb64545f"
*Mar 1 01:27:37.887: RADIUS: User-Password [2] 18 *
*Mar 1 01:27:37.887: RADIUS: Service-Type 
6 Call Check [10]
*Mar 1 01:27:37.887: RADIUS: Framed-MTU [12] 6 1500
*Mar 1 01:27:37.887: RADIUS: Called-Station-Id [30] 19 "00-19-2F-0E-08-07"
*Mar 1 01:27:37.887: RADIUS: Calling-Station-Id [31] 19 "00-07-EB-64-54-5F"
*Mar 1 01:27:37.895: RADIUS: Message-Authenticato[80] 18
*Mar 1 01:27:37.895: RADIUS: 51 A3 CE 1D 5B 46 E5 26 3B 7A 23 16 B6 B0 01 52 [ Q[F&;z#R]
*Mar 1 01:27:37.895: RADIUS: EAP-Key-Name [102] 2 *
*Mar 1 01:27:37.895: RADIUS: Vendor, Cisco [26] 49
*Mar 1 01:27:37.895: RADIUS: Cisco AVpair [1] 43 "audit-session-id=AC10030A0000001400503A53"
*Mar 1 01:27:37.895: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
*Mar 1 01:27:37.895: RADIUS: NAS-Port [5] 6 50105
*Mar 1 01:27:37.895: RADIUS: NAS-Port-Id [87] 19 "FastEthernet1/0/5"
*Mar 1 01:27:37.895: RADIUS: NAS-IP-Address [4] 6 172.16.3.10
*Mar 1 01:27:37.895: RADIUS(0000001A): Started 5 sec timeout
*Mar 1 01:27:37.903: RADIUS: Received from id 1645/99 172.16.3.100:1645, Access-Accept, len 294
*Mar 1 01:27:37.912: RADIUS: authenticator 39 DB D2 84 92 60 2F 3F - 1A 0F 0C 72 1A 17 1A AD
*Mar 1 01:27:37.912: RADIUS: User-Name [1] 19 "00-07-EB-64-54-5F"
*Mar 1 01:27:37.912: RADIUS: State [24] 40
*Mar 1 01:27:37.912: RADIUS: 52 65 61 75 74 68 53 65 73 73 69 6F 6E 3A 41 43 [ReauthSession:AC]
*Mar 1 01:27:37.912: RADIUS: 31 30 30 33 30 41 30 30 30 30 30 30 31 34 30 30 [10030A0000001400]
*Mar 1 01:27:37.912: RADIUS: 35 30 33 41 35 33 [ 503A53]
*Mar 1 01:27:37.912: RADIUS: Class [25] 49
*Mar 1 01:27:37.912: RADIUS: 43 41 43 53 3A 41 43 31 30 30 33 30 41 30 30 30 [CACS:AC10030A000]
*Mar 1 01:27:37.912: RADIUS: 30 30 30 31 34 30 30 35 30 33 41 35 33 3A 49 53 [0001400503A53:IS]
*Mar 1 01:27:37.912: RADIUS: 45 31 2F 32 31 33 33 37 36 33 32 39 2F 38 33 [ E1/213376329/83]
*Mar 1 01:27:37.912: RADIUS: Termination-Action [29] 6 1
*Mar 1 01:27:37.912: RADIUS: Message-Authenticato[80] 18
*Mar 1 01:27:37.912: RADIUS: 89 35 35 6E 96 10 B6 61 02 BF DD 2A 81 5E 81 A2 [ 55na*^]
*Mar 1 01:27:37.912: RADIUS: Vendor, Cisco [26] 34
*Mar 1 01:27:37.912: RADIUS: Cisco AVpair [1] 28 "device-traffic-class=voice"
*Mar 1 01:27:37.912: RADIUS: Vendor, Cisco [26] 75
*Mar 1 01:27:37.912: RADIUS: Cisco AVpair [1] 69 "ACS:CiscoSecure-Defined-ACL=#ACSACL#-IP-PERMIT_ALL_TRAFFIC-51134bb2"
*Mar 1 01:27:37.912: RADIUS: Vendor, Cisco [26] 33
*Mar 1 01:27:37.912: RADIUS: Cisco AVpair [1] 27 "profile-name=Cisco-Device"
*Mar 1 01:27:37.912: RADIUS(0000001A): Received from id 1645/99
*Mar 1 01:27:37.912: RADIUS/DECODE: parse unknown cisco vsa "profile-name" - IGNORE
*Mar 1 01:27:37.912: %MAB-5-SUCCESS: Authentication successful for client (0007.eb64.545f) on Interface Fa1/0/5 AuditSessionID AC10030A0000001400503A53
*Mar 1 01:27:37.912: %AUTHMGR-7-RESULT: Authentication result 'success' from 'mab' for client (0007.eb64.545f) on Interface Fa1/0/5 AuditSessionID AC10030A0000001400503A53
*Mar 1 01:27:37.929: RADIUS/ENCODE(00000000):Orig. component type = INVALID
*Mar 1 01:27:37.929: RADIUS(00000000): Config NAS IP: 0.0.0.0
*Mar 1 01:27:37.929: RADIUS(00000000): sending
*Mar 1 01:27:37.929: RADIUS/ENCODE: Best Local IP-Address 172.16.3.10 for Radius-Server 172.16.3.100
*Mar 1 01:27:37.929: RADIUS(00000000): Send Access-Request to 172.16.3.100:1645 id 1645/100, len 147
*Mar 1 01:27:37.929: RADIUS: authenticator 97 BA D9 C1 B3 DF DB 1A - FB 39 16 5E EA D4 E8 2B
*Mar 1 01:27:37.929: RADIUS: NAS-IP-Address [4] 6 172.16.3.10
*Mar 1 01:27:37.929: RADIUS: User-Name [1] 41 "#ACSACL#-IP-PERMIT_ALL_TRAFFIC-51134bb2"
*Mar 1 01:27:37.929: RADIUS: Vendor, Cisco [26] 32
*Mar 1 01:27:37.929: RADIUS: Cisco AVpair [1] 26 "aaa:service=ip_admission"
*Mar 1 01:27:37.929: RADIUS: Vendor, Cisco [26] 30
*Mar 1 01:27:37.929: RADIUS: Cisco AVpair [1] 24 "aaa:event=acl-download"
*Mar 1 01:27:37.929: RADIUS: Message-Authenticato[80] 18
*Mar 1 01:27:37.929: RADIUS: A8 6F E6 88 B7 42 0C 46 AB 32 B1 24 F1 45 6C 7B [ oBF2$El{]
*Mar 1 01:27:37.937: RADIUS(00000000): Started 5 sec timeout
*Mar 1 01:27:37.937: RADIUS: Received from id 1645/100 172.16.3.100:1645, Access-Accept, len 210
*Mar 1 01:27:37.937: RADIUS: authenticator 2A 84 16 23 81 87 81 5C - 0F EC EF AD EF 5D 70 12
*Mar 1 01:27:37.937: RADIUS: User-Name [1] 41 "#ACSACL#-IP-PERMIT_ALL_TRAFFIC-51134bb2"
*Mar 1 01:27:37.937: RADIUS: State [24] 40
*Mar 1 01:27:37.937: RADIUS: 52 65 61 75 74 68 53 65 73 73 69 6F 6E 3A 61 63 [ReauthSession:ac]
*Mar 1 01:27:37.937: RADIUS: 31 30 30 33 36 34 30 30 30 30 30 30 32 42 35 34 [1003640000002B54]
*Mar 1 01:27:37.937: RADIUS: 45 30 41 30 42 35 [ E0A0B5]
*Mar 1 01:27:37.937: RADIUS: Class [25] 49
*Mar 1 01:27:37.937: RADIUS: 43 41 43 53 3A 61 63 31 30 30 33 36 34 30 30 30 [CACS:ac100364000]
*Mar 1 01:27:37.937: RADIUS: 30 30 30 32 42 35 34 45 30 41 30 42 35 3A 49 53 [0002B54E0A0B5:IS]
*Mar 1 01:27:37.937: RADIUS: 45 31 2F 32 31 33 33 37 36 33 32 39 2F 38 34 [ E1/213376329/84]
*Mar 1 01:27:37.937: RADIUS: Termination-Action [29] 6 1
*Mar 1 01:27:37.937: RADIUS: Message-Authenticato[80] 18
*Mar 1 01:27:37.937: RADIUS: B8 40 96 B5 D9 6D 64 04 3A 7B 5C 06 B2 F3 CF CA [ @md:{\]
*Mar 1 01:27:37.937: RADIUS: Vendor, Cisco [26] 36
*Mar 1 01:27:37.937: RADIUS: Cisco AVpair [1] 30 "ip:inacl#1=permit ip any any"
*Mar 1 01:27:37.937: RADIUS(00000000): Received from id 1645/100
*Mar 1 01:27:38.944: %AUTHMGR-5-SUCCESS: Authorization succeeded for client (0007.eb64.545f) on Interface Fa1/0/5 AuditSessionID AC10030A0000001400503A53
*Mar 1 01:27:39.707: %AUTHMGR-5-START: Starting 'mab' for client (0050.b60b.e523) on Interface Fa1/0/5 AuditSessionID AC10030A00000015005041BB
*Mar 1 01:27:39.707: RADIUS/ENCODE(0000001B):Orig. component type = DOT1X
*Mar 1 01:27:39.707: RADIUS(0000001B): Config NAS IP: 0.0.0.0
*Mar 1 01:27:39.707: RADIUS/ENCODE(0000001B): acct_session_id: 24
*Mar 1 01:27:39.707: RADIUS(0000001B): sending
*Mar 1 01:27:39.707: RADIUS/ENCODE: Best Local IP-Address 172.16.3.10 for Radius-Server 172.16.3.100
*Mar 1 01:27:39.707: RADIUS(0000001B): Send Access-Request to 172.16.3.100:1645 id 1645/101, len 208
*Mar 1 01:27:39.707: RADIUS: authenticator F4 DB F7 23 F6 5B D2 AB - 86 DE E0 13 40 12 97 E5
*Mar 1 01:27:39.707: RADIUS: User-Name [1] 14 "0050b60be523"
*Mar 1 01:27:39.707: RADIUS: User-Password [2] 18 *
*Mar 1 01:27:39.707: RADIUS: Service-Type 6 Call Check [10]
*Mar 1 01:27:39.707: RADIUS: Framed-MTU [12] 6 1500
*Mar 1 01:27:39.707: RADIUS: Called-Station-Id [30] 19 "00-19-2F-0E-08-07"
*Mar 1 01:27:39.707: RADIUS: Calling-Station-Id [31] 19 "00-50-B6-0B-E5-23"
*Mar 1 01:27:39.707: RADIUS: Message-Authenticato[80] 18
*Mar 1 01:27:39.707: RADIUS: 26 67 F1 2A B2 A4 C4 D7 12 FA DB 23 2B 06 3F A1 [ &g*#+?]
*Mar 1 01:27:39.707: RADIUS: EAP-Key-Name [102] 2 *
*Mar 1 01:27:39.707: RADIUS: Vendor, Cisco [26] 49
*Mar 1 01:27:39.707: RADIUS: Cisco AVpair [1] 43 "audit-session-id=AC10030A00000015005041BB"
*Mar 1 01:27:39.707: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
*Mar 1 01:27:39.707: RADIUS: NAS-Port [5] 6 50105
*Mar 1 01:27:39.707: RADIUS: NAS-Port-Id [87] 19 "FastEthernet1/0/5"
*Mar 1 01:27:39.707: RADIUS: NAS-IP-Address [4] 6 172.16.3.10
*Mar 1 01:27:39.715: RADIUS(0000001B): Started 5 sec timeout
*Mar 1 01:27:39.724: RADIUS: Received from id 1645/101 172.16.3.100:1645, Access-Accept, len 369
*Mar 1 01:27:39.724: RADIUS: authenticator 30 B6 D9 FD E1 10 D6 D3 - 4A 60 11 89 2A 98 87 C3
*Mar 1 01:27:39.724: RADIUS: User-Name [1] 19 "00-50-B6-0B-E5-23"
*Mar 1 01:27:39.724: RADIUS: State [24] 40
*Mar 1 01:27:39.724: RADIUS: 52 65 61 75 74 68 53 65 73 73 69 6F 6E 3A 41 43 [ReauthSession:AC]
*Mar 1 01:27:39.724: RADIUS: 31 30 30 33 30 41 30 30 30 30 30 30 31 35 30 30 [10030A0000001500]
*Mar 1 01:27:39.724: RADIUS: 35 30 34 31 42 42 [ 5041BB]
*Mar 1 01:27:39.724: RADIUS: Class [25] 49
*Mar 1 01:27:39.724: RADIUS: 43 41 43 53 3A 41 43 31 30 30 33 30 41 30 30 30 [CACS:AC10030A000]
*Mar 1 01:27:39.724: RADIUS: 30 30 30 31 35 30 30 35 30 34 31 42 42 3A 49 53 [00015005041BB:IS]
*Mar 1 01:27:39.724: RADIUS: 45 31 2F 32 31 33 33 37 36 33 32 39 2F 38 35 [ E1/213376329/85]
*Mar 1 01:27:39.724: RADIUS: Termination-Action [29] 6 1
*Mar 1 01:27:39.724: RADIUS: Message-Authenticato[80] 18
*Mar 1 01:27:39.724: RADIUS: 0D F4 76 E4 30 AA E2 54 6B 00 E6 A9 F4 ED 64 8E [ v0Tkd]
*Mar 1 01:27:39.732: RADIUS: Vendor, Cisco [26] 37
*Mar 1 01:27:39.732: RADIUS: Cisco AVpair [1] 31 "url-redirect-acl=REDIRECT_ACL"
*Mar 1 01:27:39.732: RADIUS: Vendor, Cisco [26] 117
*Mar 1 01:27:39.732: RADIUS: Cisco AVpair [1] 111 "url-redirect=https://ISE1.inelab.local:8443/guestportal/gateway?sessionId=AC10030A00000015005041BB&action=cwa"
*Mar 1 01:27:39.732: RADIUS: Vendor, Cisco [26] 63
*Mar 1 01:27:39.732: RADIUS: Cisco AVpair [1] 57 "ACS:CiscoSecure-Defined-ACL=#ACSACL#-IP-B4_CWA-54e09a5e"
*Mar 1 01:27:39.732: RADIUS(0000001B): Received from id 1645/101
*Mar 1 01:27:39.732: %MAB-5-SUCCESS: Authentication successful for client (0050.b60b.e523) on Interface Fa1/0/5 AuditSessionID AC10030A00000015005041BB
*Mar 1 01:27:58.598: %SYS-3-MSGLOST: 86 messages lost because of queue overflow
*Mar 1 01:27:39.766: RADIUS: Cisco AVpair [1] 39 "ip:inacl#4=permit tcp any any eq 8443"
*Mar 1 01:27:39.766: RADIUS: Vendor, Cisco [26] 43
*Mar 1 01:27:39.766: RADIUS: Cisco AVpair [1] 37 "ip:inacl#5=permit udp any any eq 53"
*Mar 1 01:27:39.766: RADIUS: Vendor, Cisco [26] 38
*Mar 1 01:27:39.766: RADIUS: Cisco AVpair [1] 32 "ip:inacl#6=permit icmp any any"
*Mar 1 01:27:39.791: RADIUS(00000000): Received from id 1645/103
*Mar 1 01:28:00.611: %SYS-3-MSGLOST: 1 messages lost because of queue overflow
Wondering if anyone has ideas. Here is the scenario that I'm experiencing:
Call from 2002(hqcucm) to 4001(cme) across sip trunk completes successfully at G711. When placing on hold from 4001, hold music streams. When reversing the hold - resuming the call and placing on hold from 2001, no audio is heard. Verified in RTMT multicast resource is turning on. Here's what I've done to troubleshoot:
ip multicast routing enabled on R1 and R3.
ip pim dense-mode on all interfaces with IP addresses including vlans and loopbacks
ccm-manager music-on-hold running on both R1 and R3
verified in service parameters that 729 adn 711 are allowed on the server.
Another odd thing I see is there is no ip igmp snoop groups:
R1#sh ip igmp snoop group
Vlan Group Version Port List
---------------------------------------------------------
R1#
R3#sh ip igmp snoop group
Vlan Group Version Port List
---------------------------------------------------------
R3#
R1#sh run | s ip pim|multi
ip multicast-routing
multilink bundle-name authenticated
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim rp-address 11.11.11.1
R3#sh run | s ip pim|multi
ip multicast-routing
multilink bundle-name authenticated
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim dense-mode
ip pim rp-address 11.11.11.1
multicast moh 239.1.1.1 port 16384 route 11.102.66.254 11.11.11.3
R3#
Still troubleshooting, but open to thoughts. Thanks for any help.
Vocie track will be retired. new name and new exams are called CCNA Collaboration certification
The CCNA Voice Certification is being retired. The last day to test for the CCNA Voice certification will be August 14, 2015. No new certifications will be issued beginning August 15, 2015. Candidates should review the Certification Exam Migration announcement to determine the transition path to CCNA Collaboration certification.
The CCNA Video Certification is being retired. The last day to test for the CCNA Video certification will be August 14, 2015. No new certifications will issued beginning August 15, 2015. Candidates should review the Certification Exam Migration announcement to determine the transition path to CCNA Collaboration certification.
NO date yet but if u study for those 5 exams, better hurry up and finish track before u r out cold.
CCNP Voice Certification is being retired. Candidates should review the Certification Exam Migration announcement to determine the migration path to the CCNP Collaboration certification portfolio. The retirement date will be communicated at a later time.
CCNP Collaboration Training Course and Exam Summary *
Required Exam(s)
| |
|---|---|
300-070 CIPTV1 | Implementing Cisco IP Telephony and Video, Part 1 (CIPTV1) |
300-075 CIPTV2 | Implementing Cisco IP Telephony and Video, Part 2 (CIPTV2) |
300-080 CTCOLLAB | Troubleshooting Cisco IP Telephony and Video (CTCOLLAB) |
300-085 CAPPS | Implementing Cisco Collaboration Applications (CAPPS) |
Use this thread for discussion on building INE's CCIE RSv5 topology using the Cloud Services Router 1000v (CSR1000v).
Details of INE's RSv5 topology can be found here.
Details on CSR1000v can be found here.
Check the CSR1000v Data Sheets for specific platform requirements.
This thread is a continuation of the original RSv5 build thread that can be found here.
PLEASE DO NOT POST REQUESTS FOR IOS IMAGES, IT IS ILLEGAL TO PROVIDE YOU WITH THEM UNLESS YOU ALREADY HAVE A VALID CISCO SERVICE CONTRACT.
hi all
int fas 0/0
no ip redirects
as I understand, if a router received somehow a pcaket destined somewhere, and the received interface suppose to be the best route while currently it is not, then this router will send IP redirect message to the host to direct its routing path and use the optimal route.
now, I also read that if IP routing enabled, it will never process IP redirct messages !?
then what is the use !?
if the ment by "host" as a end-user computer, it does not make sense at all since the computer always use the default gateway.
??
thanks,
Hi all;
I wonder if OSPFv3 supports capability transit or something with the same results.
Dears,
I am trying to configure GetVPN Multicast rekeying through cisco ASA in signle context/routed mode:
My topology is as follows:
KS----[inside]ASA[outside]----GM
Please note that I added the config as follows:
KS:
ip multicast-routing
ip pim rp-address KS-IP
int e0/0
ip pim sparse-mode
ASA:
ip multicast-routing
ip pim rp-address KS-IP
int e0/0
nameif outside
pim
int e0/1
nameif inside
pim
access-list test permi ip any any
access-g test in int outside
access-g test in int inside
GM:
ip multicast-routing
ip pim rp-address KS-IP
int e0/1
ip pim sparse-mode
I can see that the GM is receiving the Rekey and incremented but on KS it is not incremented. How can i know where the problem is?
here are below the logs from both routers:
KS:
----
R1#
*Feb 20 12:29:44.387: %GDOI-5-KS_SEND_MCAST_REKEY: Sending Multicast Rekey for group gdoi from address 192.168.1.1 to 239.5.5.5 with seq # 2
R1#sh cry gdoi ks rek
Group gdoi (Multicast)
Number of Rekeys sent : 4
Number of Rekeys retransmitted : 7
KEK rekey lifetime (sec) : 300
Remaining lifetime (sec) : 287
Retransmit period : 10
Number of retransmissions : 3
IPSec SA 1 lifetime (sec) : 3600
Remaining lifetime (sec) : 3288
Number of registrations after rekey : 0
Multicast destination address : 239.5.5.5
GM:
----
R2(config)#
*Feb 20 12:29:34.175: %GDOI-5-GM_RECV_REKEY: Received Rekey for group gdoi from 192.168.1.1 to 239.5.5.5 with seq # 1
Router(config)#do sh cry gdoi gm rek
Group gdoi (Multicast)
Number of Rekeys received (cumulative) : 1
Number of Rekeys received after registration : 1
Rekey (KEK) SA information :
dst src conn-id my-cookie his-cookie
New : 239.5.5.5 192.168.1.1 1006 C886608A F4C8F8BC
Current : --- --- --- --- ---
Previous: --- --- --- --- ---
Hi I have question source IP and destination IP
In senacio "iBGP Route Reflection", I could not establish ibgp peer between R1 and R7.
Changing neighbor IP or adding update-source solved issue.
I know that BGP is working as server and client and server is using port 179.
The question is if there are many active interface in router how BGP decide source IP.
Hello all... I have a setup with a UCS B series and FIs running Fcoe uplinks in endhost NPV mode towards 5ks running npiv. At what point of he vhba creation process will the UCS B series start generating Flogi messages towards the FI?
hi,
can i have one route-map used by to diffrent process or protocals
example:
route-map LOOPBAK0 permit 10
match interface loopback0
!
router ospf 1
redstirbute connected subnets route-map LOOBBACK0
!
router rip
redisterbute connected metric 1 route-map LOOPBACK0
!
thanks
IPX hast just released a post on their facebook page about INE. Interesting...
Has anyone heard the same thing that we're hearing? Supposedly INE / Internetwork Expert is getting partially acquired, and will no longer have their AAP or self-study materials. Supposedly, Mark Snow quit in December due to lack of payments to him, and now "the Brians" have fallen out, and they've supposedly given up on Collaboration, Security and SP ILT, and I assume CCDE too. I've heard a rumor that Brian McGahan is done teaching April 1st, and the entire CCIE community knows that Brian Dennis hasn't lifted a finger within the company in almost 2 years. Does anyone know about this, because if it's true - we will be offering an ABSOLUTELY AMAZING transition program from INE to . Gary Eimerman do you know anything about this? Very crazy news, I don't know what to think about it.
All,
What is a good time to complete a FS Lab??
Paulo
Hi Guys,
I am trying to test some stuff with accounting on a 3560. I basically would like to log all the commands entered on the shell towards my switch. I am using a WS-C3560G-24TS with 15.0 code, but I can't seem to log accounting commands to a radius server (it appears to be only supported by tacacs). Am I missing something in the configuration here? In the output below, I do not have radius as an option.
Switch(config)#aaa accounting commands 15 default start-stop group ?
WORD Server-group name
tacacs+ Use list of all Tacacs+ hosts.
Backup running configuration on Cisco IOS using python and send email in case of any changes