I know there have been a lot of similar questions recently regarding this topic
but has anyone had good/bad experience with ACP - Memory Upgrades X2 - 1 x
10Gbase-SR in a 6708 blade? It is suppose to be a compatible 10GB SR X2
Transceiver. The manufacturer is ACP-EP at
Just a quick consensus.
Have many people experienced chassis/backplane failure in the 45xx/65xx/76xx
lines? I have not yet (knock on wood) and I would just like to know if people
have experienced this and how often. I have read a few posts where this has
happened.
Thanks in advance.
You might be able to do this with RANCID if you modify the script to add the
show power detail command or something similar.
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Peter Pauly
Sent: Tuesday, February 23, 2010
I use this but it isn't an automatic update. The user is presented with a
message box once they sign in and it lets them know that an update is
available. It is up to the user to click the box to update. If you are
concerned about users using old clients you could always restrict the version
Tony,
As a side note, have you had the issue of traffic blowing by an ACE? :)
What you referring to here? I run both the FWSM and ACE module. We have had a
plethora of problems with the ACE. The best is it just stops responding and
passing traffic and it doesn't failover when that happens.
Oops..sorry for the confusion.
We are working with TAC and the BU directly with this. They are aware of the
issue and acknowledge that it is happening across all code releases
A2(1.x/2.x/3.x)
Unfortunately when this happens you can't even run any diag commands. I have a
plugin from TAC
Does anyone know of a way or if it is possible to have the Shrew client send
its client type and version. I use client access rules so I would like to
restrict this to specific versions. Currently it doesn't send anything.
Thanks,
Nick
-Original Message-
From:
Chris,
Is it possible that you need the WS-CF-UPG aka CF-ADAPTER-SP for your older
SUP. I think it is included in the newer 720s
Nick
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Scott
Sent: Thursday, December
Just a quick question or two. Does anybody have good/bad experience with a
7600-ES20-10G3CXL in a 7606 with 720-3bxl? I am looking to terminate a 1310nm
or 1550nm 10Ge from another provider. No dense or coarse wave.
Also I am trying to figure out if the XFP-10GLR-OC192SR module will work
Ryan,
I have similar problems with 4500s so I keep a close eye on the detailed
counters. In particular I watch the transmit drops and also the receive buffer
stats. Pauses frames also indicate a problem in our environment and I would
expect in some other environments. It's a long output but
Try Netdisco.
http://netdisco.org/
Nick
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Scott Granados
Sent: Friday, October 30, 2009 2:09 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Good way of finding
David,
It appears that I might have misunderstood the original question since it was
only pertaining to traffic from the FWSM. My apologies.
Thanks,
Nick
From: David White, Jr. (dwhitejr) [mailto:dwhit...@cisco.com]
Sent: Tuesday, October 27, 2009 10:32 PM
To: Nicholas Maio
Cc:
No the command changes the algorithm for all port channels configured in the
chassis. I believe the fwsm portchannel is 278 at least it is on my two.
If you have other etherchannels configured in the chassis the algorithm is
changed for those as well...the change is global.
You have the same options that you normally do with all other etherchannels.
Use the following command to change the hashing algorithm.
Keep in mind this affects all etherchannel in the chassis.
Router(config)# port-channel load-balance {dst-ip | dst-mac | dst-port |
src-dst-ip |
David,
The section named Customizing the FWSM Internal Interface in the following
page
http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/switch_f.html
would be helpful.
As you stated you would need to know the traffic profile to detemine the
correct algorithm but why
Obviously everybody's experience has been different but I have been running
very nicely on 8.0.x code. I am running on the latest interim code on both
ASAs and PIXs due to a security flaw though.(knock on wood) It has been
very stable. 7.2.4 code was very buggy for me. I was upgrading
Justin,
I definitely see your point but it might be hard to generalize that all CF
chips fail at 1 writes. Unless you know that Cisco uses a specific type of
flash and the MTBF of that chip is 1 writes. Some CF chips are rated much
higher than that.
Regardless it is good that Cisco
Scott,
Not sure if is a concern for you but upgrading from 7.0 to 7.2 does not allow a
zero downtime upgrade. Check out the section Performing Zero Downtime
Upgrades for Failover Pairs on the following link:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/mswlicfg.html
Yes that is the recommended procedure.
You can upgrade from the last minor release of the previous version to the
next major release.
For example, you can upgrade from 7.9 to 8.0, assuming that 7.9 is the last
minor version in the 7.x release.
Nick
-Original Message-
From: Scott
Oops wrong quote.
This is the one I intended to send you since you are not going to 8.x code.
For example, you can upgrade from 7.0 to 7.1. Upgrading from 7.0 directly to
7.2 is not supported for zero-downtime upgrades; you must first upgrade to 7.1.
-Original Message-
From: Nicholas
Does anybody know if it is possible to run the AnyConnect Essentials license
and a small 10 user ssl license to allow only 10 people access to the webportal
but all the rest to use the AnyConnect client.
___
cisco-nsp mailing list
Thank you. Exactly what I was looking for.
-Original Message-
From: David White, Jr. (dwhitejr) [mailto:dwhit...@cisco.com]
Sent: Wednesday, September 16, 2009 10:04 AM
To: Nicholas Maio
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] ASA Licensing
That is not currently possible.
Does anybody know of an open source alternative to Websense or Secure Computing
Smartfilter? Transparent proxying with Squid works but we would like something
like url filtering through a Websense equivalent box.
Thanks in advance.
Nick
___
cisco-nsp
Frank,
Thanks for the link though this is an inline solution which would be
problematic.
Thank you for the suggestion though.
Nick
From: Frank Bulk [frnk...@iname.com]
Sent: Tuesday, September 08, 2009 5:42 PM
To: Nicholas Maio;
Does anybody know why when using EEM to write to syslog after an event there is
an extra blank line written? And if so how to stop that from happening.
I have an quick applet that just checks to see if the routers was configured by
snmp and then writes a log message but every time it also
Found the problem with the print sever to actually be a broadcast NTP packet
sent from the print server which in turn made the machines on the subnet do an
arp request which in turn made the print server send arp responses. The arp
responses were the reason the port would exceeded the
William,
Thanks for the response. Funny you mention the print server because
that happens to be one device port I need to tweak since it occasionally
exceeds the 15 pps.
Thanks again,
Nick
-Original Message-
From: Murphy, William [mailto:william.mur...@uth.tmc.edu]
Sent: Tuesday,
Just a quick question.
Taking into account that everyone's network is different and to find the
best limit you need to study a trace.does anyone use a rule of thumb
for configuring the rate limit for arp inspection. Does anyone find the
default 15 pps too low on ports other than
28 matches
Mail list logo