[c-nsp] ASA Policy locked under NAT section in CSM 3.3
Dear Friends I m getting the following error in ASA in CSM whenever i m clicking on Address Pools,Translation Options Translation Rules under NAT section. This data for this policy is locked by activity/user: abc. After couple of restart and performing steps in the following links (Locked Devices section) above error disappear but i m still having the following issue. https://supportforums.cisco.com/docs/DOC-14307#222_Locked_devices Whenever i m adding any entry in the following sections of NAT, that entry is not appearing in the particular section. I can add entries in other sections like Access rules, AAA rules etc I think policy is still locking under NAT section. Under NAT section in device view Address Pools Translation options Translatoin Rules CSM version is 3.3 When i m performing device discovery for the device (ASA), i m getting the following error. Description Discovery was unable to proceed because of the following policies locked by another user or activity PG.PLATFORM.PixSshPage Action To Identify why each policy is locked, select the policy in the Device view. The user or activity locking the policy will appear in a banner. once the locs are freed, discovery can be perfromed. For more information on locking, Please see the CS Manager Help. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] sh interfaces transceiver detail ouput
Hi All, Anyone please share his experience From: farooq_...@hotmail.com To: ttr...@activo.ca; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] sh interfaces transceiver detail ouput Date: Thu, 24 Jan 2013 23:06:42 +0500 Dear trask Thanks for the reply. I think it is something related to the voltage sensor. Anyone has any idea/experience Subject: RE: [c-nsp] sh interfaces transceiver detail ouput Date: Wed, 23 Jan 2013 15:57:08 -0500 From: ttr...@activo.ca To: farooq_...@hotmail.com; cisco-nsp@puck.nether.net I would guess that you don't have DOM support on your transceivers ? -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Farooq Razzaque Sent: Wednesday, January 23, 2013 3:53 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] sh interfaces transceiver detail ouput Hi All, Can any one help me in understanding the following output of show inter transceiver of Cat 6513. Why it is showing Volts = 0.00 and N/A in other fileds sh interfaces transceiver detail switch 1 Transceiver monitoring is disabled for all interfaces. mA: milliamperes, dBm: decibels (milliwatts), NA or N/A: not applicable. ++ : high alarm, + : high warning, - : low warning, -- : low alarm. A2D readouts (if they differ), are reported in parentheses. The threshold values are calibrated. High Alarm High Warn Low Warn Low Alarm Voltage Threshold Threshold Threshold Threshold Port (Volts) (Volts) (Volts) (Volts) (Volts) -- --- -- - - - Te1/7/4 0.00 N/A N/A N/A N/A Te1/7/5 0.00 N/A N/A N/A N/A Te1/9/1 0.00 N/A N/A N/A N/A Te1/9/2 0.00 N/A N/A N/A N/A Te1/9/3 0.00 N/A N/A N/A N/A Te1/9/4 0.00 N/A N/A N/A N/A Te1/9/5 0.00 N/A N/A N/A N/A Te1/9/6 0.00 N/A N/A N/A N/A Te1/9/7 0.00 N/A N/A N/A N/A Te1/9/8 0.00 N/A N/A N/A N/A Te1/10/1 0.00 N/A N/A N/A N/A Te1/10/2 0.00 N/A N/A N/A N/A Te1/10/3 0.00 N/A N/A N/A N/A Te1/10/4 0.00 N/A N/A N/A N/A Te1/10/5 0.00 N/A N/A N/A N/A Te1/10/6 0.00 N/A N/A N/A N/A Te1/10/7 0.00 N/A N/A N/A N/A Te1/10/8 0.00 N/A N/A N/A N/A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] sh interfaces transceiver detail ouput
Dear tim What DOM values are you getting? R u also getting N/A in the following fields High Alarm High WarnLow Warn Low Alarm Threshold Threshold Threshold Threshold (Volts)(Volts) (Volts)(Volts) Date: Sat, 26 Jan 2013 12:00:58 +0100 From: t...@haitabu.net To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] sh interfaces transceiver detail ouput On 23.01.2013 9:57 PM, TJ Trask wrote: I would guess that you don't have DOM support on your transceivers ? On my Cat6509 12.2(33)SXI10 I can see the DOM values with sh interfaces transceiver detail but the Voltage values are all N/A like at Farooq output. -tim ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] sh interfaces transceiver detail ouput
Dear Jeff The below metioned ouput of show interface tranceiver is from your Cat6500 or Cat3750 switches Date: Sat, 26 Jan 2013 13:43:36 -0500 From: jeff-k...@utc.edu To: t...@haitabu.net CC: farooq_...@hotmail.com; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] sh interfaces transceiver detail ouput I have similar values on 6500 / VS720 / 6716-10G mostly just transmit/receive power. Have never seen anything on a lesser/smaller Catalyst with one exception... we were trying some compatible optics on a link out of a 3750-12 stack. These particular compatibles show everything! All the other optics in this switch are Cisco-genuine and show nothing. It's pretty obviously an SFP-thing (I thought they just omitted the real stuff from 3750 IOS code before seeing this). Dorm-Core#sho int trans detail High Alarm High Warn Low Warn Low Alarm Temperature Threshold Threshold Threshold Threshold Port (Celsius) (Celsius) (Celsius) (Celsius) (Celsius) - -- -- - - - Gi1/0/7 50.5 100.0 95.0 -35.0 -40.0 Gi2/0/7 53.5 100.0 95.0 -35.0 -40.0 High Alarm High Warn Low Warn Low Alarm Voltage Threshold Threshold Threshold Threshold Port (Volts) (Volts) (Volts) (Volts) (Volts) - --- -- - - - Gi1/0/7 3.27 3.59 3.50 3.10 3.00 Gi2/0/7 3.31 3.59 3.50 3.09 2.99 Optical High Alarm High Warn Low Warn Low Alarm Transmit Power Threshold Threshold Threshold Threshold Port (dBm) (dBm) (dBm) (dBm) (dBm) - - -- - - - Gi1/0/7 -7.7 -1.0 -2.0 -15.0 -16.0 Gi2/0/7 -7.7 -1.0 -2.0 -15.0 -16.0 Optical High Alarm High Warn Low Warn Low Alarm Receive Power Threshold Threshold Threshold Threshold Port (dBm) (dBm) (dBm) (dBm) (dBm) --- - -- - - - Gi1/0/7 -12.2 -2.0 -3.0 -31.0 -32.2 Gi2/0/7 -9.6 -2.0 -3.0 -31.0 -32.2 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] sh interfaces transceiver detail ouput
Dear trask Thanks for the reply. I think it is something related to the voltage sensor. Anyone has any idea/experience Subject: RE: [c-nsp] sh interfaces transceiver detail ouput Date: Wed, 23 Jan 2013 15:57:08 -0500 From: ttr...@activo.ca To: farooq_...@hotmail.com; cisco-nsp@puck.nether.net I would guess that you don't have DOM support on your transceivers ? -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Farooq Razzaque Sent: Wednesday, January 23, 2013 3:53 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] sh interfaces transceiver detail ouput Hi All, Can any one help me in understanding the following output of show inter transceiver of Cat 6513. Why it is showing Volts = 0.00 and N/A in other fileds sh interfaces transceiver detail switch 1 Transceiver monitoring is disabled for all interfaces. mA: milliamperes, dBm: decibels (milliwatts), NA or N/A: not applicable. ++ : high alarm, + : high warning, - : low warning, -- : low alarm. A2D readouts (if they differ), are reported in parentheses. The threshold values are calibrated. High Alarm High Warn Low Warn Low Alarm Voltage Threshold Threshold Threshold Threshold Port (Volts) (Volts) (Volts) (Volts) (Volts) -- --- -- - - - Te1/7/4 0.00 N/A N/A N/A N/A Te1/7/5 0.00 N/A N/A N/A N/A Te1/9/1 0.00 N/A N/A N/A N/A Te1/9/2 0.00 N/A N/A N/A N/A Te1/9/3 0.00 N/A N/A N/A N/A Te1/9/4 0.00 N/A N/A N/A N/A Te1/9/5 0.00 N/A N/A N/A N/A Te1/9/6 0.00 N/A N/A N/A N/A Te1/9/7 0.00 N/A N/A N/A N/A Te1/9/8 0.00 N/A N/A N/A N/A Te1/10/1 0.00 N/A N/A N/A N/A Te1/10/2 0.00 N/A N/A N/A N/A Te1/10/3 0.00 N/A N/A N/A N/A Te1/10/4 0.00 N/A N/A N/A N/A Te1/10/5 0.00 N/A N/A N/A N/A Te1/10/6 0.00 N/A N/A N/A N/A Te1/10/7 0.00 N/A N/A N/A N/A Te1/10/8 0.00 N/A N/A N/A N/A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] sh interfaces transceiver detail ouput
Hi All, Can any one help me in understanding the following output of show inter transceiver of Cat 6513. Why it is showing Volts = 0.00 and N/A in other fileds sh interfaces transceiver detail switch 1 Transceiver monitoring is disabled for all interfaces. mA: milliamperes, dBm: decibels (milliwatts), NA or N/A: not applicable. ++ : high alarm, + : high warning, - : low warning, -- : low alarm. A2D readouts (if they differ), are reported in parentheses. The threshold values are calibrated. High Alarm High Warn Low Warn Low Alarm VoltageThreshold Threshold Threshold Threshold Port(Volts)(Volts) (Volts)(Volts)(Volts) -- ----- - - - Te1/7/4 0.00 N/A N/A N/AN/A Te1/7/5 0.00 N/A N/A N/AN/A Te1/9/1 0.00 N/A N/A N/AN/A Te1/9/2 0.00 N/A N/A N/AN/A Te1/9/3 0.00 N/A N/A N/AN/A Te1/9/4 0.00 N/A N/A N/AN/A Te1/9/5 0.00 N/A N/A N/AN/A Te1/9/6 0.00 N/A N/A N/AN/A Te1/9/7 0.00 N/A N/A N/AN/A Te1/9/8 0.00 N/A N/A N/AN/A Te1/10/10.00 N/A N/A N/AN/A Te1/10/20.00 N/A N/A N/AN/A Te1/10/30.00 N/A N/A N/AN/A Te1/10/40.00 N/A N/A N/AN/A Te1/10/50.00 N/A N/A N/AN/A Te1/10/60.00 N/A N/A N/AN/A Te1/10/70.00 N/A N/A N/AN/A Te1/10/80.00 N/A N/A N/AN/A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] supply voltage sensor alerts in LMS
Dear All I am getting following messages on Cisco prime LMS. These errors are generating in LMS for the different ports of the folloiwng modules of Cat 6513 1) WS-X6708-10GE 2) WS-Sup720-10GE 3) WS-X6748-GE-TX OutOfRange::Component=VOLT-10.x.x.x/11067 [Te2/7/5 Supply Voltage Sensor];ComponentClass=VoltageSensor;ComponentEventCode=1080;HighThreshold=5.0;Status=OK;CurrentValue=0.0; LowThreshold=1.0;entSensorValue=0;RelativeVoltageThreshold=0.0 % ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Power Supply 2 ouput has dropped
Hi I m getting the following power supply error frequently on 6513 switches operating in VSS mode. It seems to be the issue with the input of power supply 2. Below are the ouput of the show environment and show power . Anyone has experience this before 83559233: Dec 12 09:37:55.985 UAE: vs_raised_alarm_to_cardstate(): NULL threshold info for switch 1 power-supply 2 power-output-mode violation 83559234: Dec 12 09:37:55.949 UAE: %C6KPWR-SW1_SP-4-PSOUTPUTDROP: Power supply 2 output has dropped 83559235: Dec 12 09:37:55.949 UAE: %C6KPWR-SW1_SP-4-INPUTCHANGE: Power supply 2 input has changed. Power capacity adjusted to 2671.20W 83559236: Dec 12 09:37:55.989 UAE: %C6KPWR-SW1_SP-4-PSREDUNDANTMISMATCH: power supplies rated outputs do not match. 83559237: Dec 12 09:37:55.989 UAE: %C6KPWR-SW1_SP-4-PSNOREDUNDANCY: Power supplies are not in full redundancy, power usage exceeds lower capacity supply 83559238: Dec 12 09:37:57.997 UAE: %C6KPWR-SW1_SP-4-INPUTCHANGE: Power supply 2 input has changed. Power capacity adjusted to 5771.64W 83559239: Dec 12 09:37:58.001 UAE: %C6KPWR-SW1_SP-4-PSREDUNDANTBOTHSUPPLY: in power-redundancy mode, system is operating on both power supplies . 83559240: Dec 12 09:38:02.084 UAE: vs_raised_alarm_to_cardstate(): NULL threshold info for switch 1 power-supply 2 power-output-mode violation 83559241: Dec 12 09:38:02.045 UAE: %C6KPWR-SW1_SP-4-PSOUTPUTDROP: Power supply 2 output has dropped 83559242: Dec 12 09:38:02.045 UAE: %C6KPWR-SW1_SP-4-INPUTCHANGE: Power supply 2 input has changed. Power capacity adjusted to 2671.20W 83559243: Dec 12 09:38:02.089 UAE: %C6KPWR-SW1_SP-4-PSREDUNDANTMISMATCH: power supplies rated outputs do not match. 83559244: Dec 12 09:38:02.093 UAE: %C6KPWR-SW1_SP-4-PSNOREDUNDANCY: Power supplies are not in full redundancy, power usage exceeds lower capacity supply 83559245: Dec 12 09:38:04.112 UAE: %C6KPWR-SW1_SP-4-INPUTCHANGE: Power supply 2 input has changed. Power capacity adjusted to 5771.64W 83559246: Dec 12 09:38:04.112 UAE: %C6KPWR-SW1_SP-4-PSREDUNDANTBOTHSUPPLY: in power-redundancy mode, system is operating on both power supplies. SW01# sh environment switch 1 status power-supply 2 switch 1 power-supply 2: switch 1 power-supply 2 fan-fail: OK switch 1 power-supply 2 power-input: AC low switch 1 power-supply 2 power-output-mode: low switch 1 power-supply 2 power-output-fail: OK SW01#sh power system power redundancy mode = redundant system power redundancy operationally = non-redundant system power total = 5771.64 Watts (137.42 Amps @ 42V) system power used = 3451.56 Watts (82.18 Amps @ 42V) system power available = 2320.08 Watts (55.24 Amps @ 42V) Power-Capacity PS-Fan Output Oper PS Type Watts A @42V Status Status State -- --- -- -- -- - 1 WS-CAC-6000W 5771.64 137.42 OK OK on 2 WS-CAC-6000W 2671.20 63.60 OK OK on SW01# sh environment switch 1 status power-supply 2 switch 1 power-supply 2 fan-fail: OKswitch 1 power-supply 2: fan-fail: OK switch 1 power-supply 2 power-input: AC high switch 1 power-supply 2 power-output-mode: high switch 1 power-supply 2 power-output-fail: OK SW01#sh power system power redundancy mode = redundant system power total = 5771.64 Watts (137.42 Amps @ 42V) system power used = 3451.56 Watts (82.18 Amps @ 42V) system power available = 2320.08 Watts (55.24 Amps @ 42V) Power-Capacity PS-Fan Output Oper PS Type Watts A @42V Status Status State -- --- -- -- -- - 1 WS-CAC-6000W 5771.64 137.42 OK OK on 2 WS-CAC-6000W 5771.64 137.42 OK OK on ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ASA is not sending syslog
Dear Ryan Thanks for the reply. I have three syslog servers as mentioned below, first two syslog servers which are in management segment are working regardless of the order in the config. Only the syslog server 3 which is in inside segment is not working either at number 2 position or at number 3 position in the config. Previsouly it was working fine at number 2 position then we change the order of syslog server 3 at number 3 where it was not working then we change the order again at number 2 postition where is also not working.. logging host mgmt 1.x.x.1 --- Syslog server 1 logging host mgmt 2.x.x.2 --- Syslog server 2 logging host inside 3.x.x.3 --- Syslog server 3 From: rw...@zyedge.com To: farooq_...@hotmail.com; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] ASA is not sending syslog Date: Tue, 25 Dec 2012 23:18:32 + You can sniff to see if it’s sending syslog messages, but you’ll find that once it fails it will not recover on its own. Rebooting the box has fixed the issue. The issue we’ve faced is that the ASA will stop sending to a host and won’t recover, regardless of configuration changes. Hope that helps. -ryan From: Farooq Razzaque [mailto:farooq_...@hotmail.com] Sent: Tuesday, December 25, 2012 3:55 PM To: Ryan West; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] ASA is not sending syslog Hi Ryan Thanks for the reply. Have u faced the issue with ASA syslog ? If so, what issue you faced. Did it fix by reboot Can you elaborate the following Sniff it and look for the counters to increment. From: rw...@zyedge.com To: farooq_...@hotmail.com; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] ASA is not sending syslog Date: Tue, 25 Dec 2012 19:35:39 + On Tue, Dec 25, 2012 at 13:51:24, Farooq Razzaque wrote: Subject: [c-nsp] ASA is not sending syslog Hi All, I have ASA 5510 running on version 8.0(5)27. The ASA is not sending logs to syslog server 2. Previously it was sending logs to syslog server 2 (2.x.x.2). I changed the order in the config i.e i put the config of syslog server 3(3.x.x.3) at second number and then put the config of syslog server 2 (2.x.x.2) at third number after that ASA is not sending logs to syslog server 3 (3.x.x.3) which is at second number and syslog server 2 which is at third number I also remove the config of syslog (logging host mgmt 2.x.x.2 --- Syslog server 2) which was at third number. But still ASA is not seding logs to syslog at second number How can we check that ASA is sending syslogs out . Sniff it and look for the counters to increment. logging enable logging list VPN_Monitor level informational class abc logging list VPN_Monitor level informational class abcfo logging buffered informational logging trap informational logging asdm informational logging host mgmt 1.x.x.1 --- Syslog server 1 logging host mgmt 2.x.x.2 --- Syslog server 2 logging host inside 3.x.x.3 --- Syslog server 3 logging permit-hostdown logging class abc history informational logging class abcfo history informational # Others may have different experiences, but I've found that a reboot is the only fix sometimes. Removing all logging and adding it will not fix it when a configuration change is made. The logging feature is a little flaky. -ryan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] ASA is not sending syslog
Hi All, I have ASA 5510 running on version 8.0(5)27. The ASA is not sending logs to syslog server 2. Previously it was sending logs to syslog server 2 (2.x.x.2). I changed the order in the config i.e i put the config of syslog server 3(3.x.x.3) at second number and then put the config of syslog server 2 (2.x.x.2) at third number after that ASA is not sending logs to syslog server 3 (3.x.x.3) which is at second number and syslog server 2 which is at third number I also remove the config of syslog (logging host mgmt 2.x.x.2 --- Syslog server 2) which was at third number. But still ASA is not seding logs to syslog at second number How can we check that ASA is sending syslogs out . logging enable logging list VPN_Monitor level informational class abc logging list VPN_Monitor level informational class abcfo logging buffered informational logging trap informational logging asdm informational logging host mgmt 1.x.x.1 --- Syslog server 1 logging host mgmt 2.x.x.2 --- Syslog server 2 logging host inside 3.x.x.3 --- Syslog server 3 logging permit-hostdown logging class abc history informational logging class abcfo history informational # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ASA is not sending syslog
Hi Ryan Thanks for the reply. Have u faced the issue with ASA syslog ? If so, what issue you faced. Did it fix by reboot Can you elaborate the following Sniff it and look for the counters to increment. From: rw...@zyedge.com To: farooq_...@hotmail.com; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] ASA is not sending syslog Date: Tue, 25 Dec 2012 19:35:39 + On Tue, Dec 25, 2012 at 13:51:24, Farooq Razzaque wrote: Subject: [c-nsp] ASA is not sending syslog Hi All, I have ASA 5510 running on version 8.0(5)27. The ASA is not sending logs to syslog server 2. Previously it was sending logs to syslog server 2 (2.x.x.2). I changed the order in the config i.e i put the config of syslog server 3(3.x.x.3) at second number and then put the config of syslog server 2 (2.x.x.2) at third number after that ASA is not sending logs to syslog server 3 (3.x.x.3) which is at second number and syslog server 2 which is at third number I also remove the config of syslog (logging host mgmt 2.x.x.2 --- Syslog server 2) which was at third number. But still ASA is not seding logs to syslog at second number How can we check that ASA is sending syslogs out . Sniff it and look for the counters to increment. logging enable logging list VPN_Monitor level informational class abc logging list VPN_Monitor level informational class abcfo logging buffered informational logging trap informational logging asdm informational logging host mgmt 1.x.x.1 --- Syslog server 1 logging host mgmt 2.x.x.2 --- Syslog server 2 logging host inside 3.x.x.3 --- Syslog server 3 logging permit-hostdown logging class abc history informational logging class abcfo history informational # Others may have different experiences, but I've found that a reboot is the only fix sometimes. Removing all logging and adding it will not fix it when a configuration change is made. The logging feature is a little flaky. -ryan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] ASA not sending logs to more than two syslogs server
Hi, I have ASA 5510 running on version 8.0(5)27. The ASA is not sending logs to more than two syslogs server . It is only sending logs to first two servers (syslog server 1 syslog server 2) If i change the order inthe config i.e if i put the config of syslog server 3 at second number and then put the config of syslog server 2 at third number then the ASA will send the logs only to server 1 syslog serer 3 and not to syslog server 2. Any one has faced this problem. Is there any limition on this IOS logging enable logging list VPN_Monitor level informational class abc logging list VPN_Monitor level informational class abcfo logging buffered informational logging trap informational logging asdm informational logging host mgmt 1.x.x.1 --- Syslog server 1 logging host mgmt 2.x.x.2 --- Syslog server 2 logging host inside 3.x.x.3 --- Syslog server 3 logging permit-hostdown logging class abc history informational logging class abcfo history informational ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Shared Secret Key Encryption in ACS appliance
Hi All, While adding AAA client in ACS there is a filed to put shared secret key which should be same on AAA client (Router,switch) as well. In ACS device, shared secret key is appared in plain text, I want to know is there any way to encrypt this key means shared secret key should be appared as astrix (encrypted) and not in plain text I have ACS appliance with version 4.2 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco Switch (2960G-48TC-L) CPU Utilization
Hi All I would appriciate any feedback from anyone ? From: farooq_...@hotmail.com To: a.l.m.bu...@lboro.ac.uk CC: cisco-nsp@puck.nether.net Subject: RE: [c-nsp] Cisco Switch (2960G-48TC-L) CPU Utilization Date: Sun, 26 Feb 2012 15:05:45 +0500 Dear Alan I already checked the open/closed caveats for the IOS 12.2(52) SE but i did not find any releavent bug what do u think is this CPU is normal or Bug. Date: Sun, 26 Feb 2012 09:23:19 + From: a.l.m.bu...@lboro.ac.uk To: farooq_...@hotmail.com CC: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Cisco Switch (2960G-48TC-L) CPU Utilization hi, 12.2(52)SE ? hideously old and full of wierd little bugs - really, check the IOS release notes and the closed/resolved caveats for every release since that version... you might be suprised how it even worked at all... ;-) alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco Switch (2960G-48TC-L) CPU Utilization
Dear Alan I already checked the open/closed caveats for the IOS 12.2(52) SE but i did not find any releavent bug what do u think is this CPU is normal or Bug. Date: Sun, 26 Feb 2012 09:23:19 + From: a.l.m.bu...@lboro.ac.uk To: farooq_...@hotmail.com CC: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Cisco Switch (2960G-48TC-L) CPU Utilization hi, 12.2(52)SE ? hideously old and full of wierd little bugs - really, check the IOS release notes and the closed/resolved caveats for every release since that version... you might be suprised how it even worked at all... ;-) alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Switch (2960G-48TC-L) CPU Utilization
Dear Please have a look at the below switch's CPU utilization which is 100% (interrupt percentage) almost all the time. But CPU history is not reflecting this utilization. Please note that only the interrupt percentage (/99%) is increasing while the other part (0%) is zero which is showing the CPU utilization due to active system processes. This is the management switch and some network devices management interface is connected to this switch I may be the cosmetic bug in IOS Switch model: Cisco WS-C2960G-48TC-L http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/troubleshooting/cpu_util.html In this output, the CPU utilization for the last 5 seconds shows two numbers (5%/0%). •The first number, 5%, tells how busy the CPU was in the past 5 seconds. This number is the total CPU utilization for all the active system processes, including the percentage of time at the interrupt level. •The second number, 0%, shows the percentage of time at the interrupt level in the past 5 seconds. The interrupt percentage is the CPU time spent receiving packets from the switch hardware. The percentage of time at interrupt level is always less than or equal to the total CPU utilization. SW01#sh ver Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(52)SE, RELEASE SOFTWARE (fc3) Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Fri 25-Sep-09 08:49 by sasyamal Image text-base: 0x3000, data-base: 0x0150 ROM: Bootstrap program is C2960 boot loader BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1) DSSMGTSW01 uptime is 1 year, 19 weeks, 3 days, 15 hours, 59 minutes System returned to ROM by power-on System restarted at 20:36:11 UAE Fri Oct 8 2010 System image file is flash:c2960-lanbasek9-mz.122-52.SE/c2960-lanbasek9-mz.122-52.SE.bin This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to exp...@cisco.com. cisco WS-C2960G-48TC-L (PowerPC405) processor (revision E0) with 65536K bytes of memory. Processor board ID FOC1223Y0G1 Last reset from power-on 2 Virtual Ethernet interfaces 48 Gigabit Ethernet interfaces The password-recovery mechanism is enabled. 64K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address : 00:21:D7:B6:A6:00 Motherboard assembly number : 73-10300-08 Power supply part number: 341-0098-02 Motherboard serial number : FOC12225DP7 Power supply serial number : DCA121992TT Model revision number : E0 Motherboard revision number : A0 Model number: WS-C2960G-48TC-L System serial number: FOC1223Y0G1 Top Assembly Part Number: 800-27071-03 Top Assembly Revision Number: A0 Version ID : V03 CLEI Code Number: COM4A10BRC Hardware Board Revision Number : 0x01 Switch Ports Model SW VersionSW Image -- - - ---- *1 48WS-C2960G-48TC-L 12.2(52)SEC2960-LANBASEK9-M SW01#sh processes cpu history 100 90 80 70 60 50 40 30 20 10 051122334455 0505050505 CPU% per second (last 60 seconds)
[c-nsp] Dropped packets due to storm control
Hi All, I am getting following messages on C6500. Does anybody have any idea ? %PM_PLATFORM-5-PORTDROP: Port Gi7/2 Dropped packets due to storm control ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Resolve the FQDN of the URL published in web VPN in ASA
Dear All, I have the requirement to resolve the FQDN of the URL published in web VPN in ASA. When remote users connect to web vpn then they access one URL (https://fully qualified domain name:7004/console-selfservice) which is published in Web VPN and which is accessible through FQDN. So how i can resolve the FQDN against. Can we done this on ASA. or can we configure Web VPN so that when remote users connect to VPN they can get DNS server IP to resolve the FQDN ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] LMS-Purging Error
Dear All I am having the following error whenever i am running purging job and also purging is not successful Does anybody have any idea ? [ Sun Oct 16 14:05:02 GST 2011 ],INFO ,[main],Starting purge job 3975 [ Sun Oct 16 14:05:02 GST 2011 ],INFO ,[main], Its a force Purge job [ Sun Oct 16 14:05:03 GST 2011 ],ERROR,[main],culd not back up table :SYSLOG_20110431 com.cisco.nm.rmeng.sa.common.SAException: SQL Anywhere Error -821: Dbspace for table 'SYSLOG_20110431' not found at com.cisco.nm.rmeng.sa.db.RmeSaDbHandler.execute(RmeSaDbHandler.java:1020) at com.cisco.nm.rmeng.sa.db.RmeSaPurgeDbHandler.backupTable(RmeSaPurgeDbHandler.java:1053) at com.cisco.nm.rmeng.sa.db.RmeSaPurgeDbHandler.run(RmeSaPurgeDbHandler.java:349) at com.cisco.nm.rmeng.sa.RmeSaPurgeHandler.purge(RmeSaPurgeHandler.java:293) at com.cisco.nm.rmeng.sa.RmeSaPurgeHandler.main(RmeSaPurgeHandler.java:1051) [ Sun Oct 16 14:05:03 GST 2011 ],ERROR,[main],Drop table failed:SQL Anywhere Error -821: Dbspace for table 'SYSLOG_20110431' not found 13827 52W19 [ Sun Oct 16 14:05:04 GST 2011 ],ERROR,[main],Failed to send mailError in sending mail, connection to SMTP server failed (Connection refused: connect). [ Sun Oct 16 14:05:04 GST 2011 ],ERROR,[main],Failed to purge syslogs [ Sun Oct 16 14:05:04 GST 2011 ],ERROR,[main],Purge not successful ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Wireshark RTP Stream - Packet Lost in Neg value over the WAN
It is not allowing me to attach the file on the group b/c of size limitation. File size is 155 KB From: ramses.r...@hughes.com To: farooq_...@hotmail.com; cisco-nsp@puck.nether.net Date: Thu, 22 Sep 2011 19:24:20 -0400 Subject: RE: [c-nsp] Wireshark RTP Stream - Packet Lost in Neg value over the WAN Nothing attached. Could you send us a new copy? Ramsés Ríos De: cisco-nsp-boun...@puck.nether.net [cisco-nsp-boun...@puck.nether.net] En nombre de Farooq Razzaque [farooq_...@hotmail.com] Enviado el: jueves, 22 de septiembre de 2011 3:33 Para: cisco-nsp@puck.nether.net Asunto: [c-nsp] Wireshark RTP Stream - Packet Lost in Neg value over the WAN Hi All Attached is the screen shot of wireshark (capturing RTP stream). In Lost column it is showing -300% , -299.7% packet lost. Does anybody have any idea that are these packet loss is normal/abnormal over the WAN as there packet lost are in -neg. IP phones ( 172.20.24.x) are located in one bracnh and Recording machine (172.20.19.17) is located in other branch. These branches are connected via MPLS link For recording the calls, SPANing is happing over the WAN via L2TPV3. There is no issue with calls recording and quality. ! pseudowire-class bac encapsulation l2tpv3 ip local interface Loopback1 ! interface GigabitEthernet0/1 no ip address duplex auto speed auto no cdp enable xconnect 10.x.x.x 33 pw-class abc ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Wireshark RTP Stream - Packet Lost in Neg value over the WAN
Hi All Attached is the screen shot of wireshark (capturing RTP stream). In Lost column it is showing -300% , -299.7% packet lost. Does anybody have any idea that are these packet loss is normal/abnormal over the WAN as there packet lost are in -neg. IP phones ( 172.20.24.x) are located in one bracnh and Recording machine (172.20.19.17) is located in other branch. These branches are connected via MPLS link For recording the calls, SPANing is happing over the WAN via L2TPV3. There is no issue with calls recording and quality. ! pseudowire-class bac encapsulation l2tpv3 ip local interface Loopback1 ! interface GigabitEthernet0/1 no ip address duplex auto speed auto no cdp enable xconnect 10.x.x.x 33 pw-class abc ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Input errors, overrun unknown protocols drops on LAN interface
Dear Team I am facing the input errors, overrun unknown protocols drops on LAN interface-Gi0/0 (having sub-interface) on MPLS router. Can u anyone help me out on this. MPLS#sh int gi0/0 GigabitEthernet0/0 is up, line protocol is up Hardware is BCM1125 Internal MAC, address is 001c.f6e5.1780 (bia 001c.f6e5.1780) MTU 1500 bytes, BW 100 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 5/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set Keepalive set (10 sec) Full-duplex, 1000Mb/s, media type is RJ45 output flow-control is XON, input flow-control is XON ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters 21:56:59 Input queue: 0/75/3267688/769 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 22945000 bits/sec, 14956 packets/sec 5 minute output rate 5582000 bits/sec, 3560 packets/sec 375106437 packets input, 1359876325 bytes, 0 no buffer Received 29187401 broadcasts, 0 runts, 0 giants, 0 throttles 26601 input errors, 0 CRC, 0 frame, 26601 overrun, 0 ignored 0 watchdog, 7758302 multicast, 0 pause input 0 input packets with dribble condition detected 94343705 packets output, 1561205398 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 2650 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out interface GigabitEthernet0/0 no ip address duplex full speed 1000 media-type rj45 ! interface GigabitEthernet0/0.18 encapsulation dot1Q 18 ip address x.x.x.x x.x.x.x no ip proxy-arp ip accounting output-packets ip pim sparse-dense-mode h323-gateway voip interface h323-gateway voip bind srcaddr 172.20.21.250 ! interface GigabitEthernet0/0.42 encapsulation dot1Q 42 ip address x.x.x.x x.x.x.x ip accounting output-packets ip flow ingress ip flow egress ! interface GigabitEthernet0/0.223 encapsulation dot1Q 223 ip address x.x.x.x x.x.x.x no ip proxy-arp ip accounting output-packets ip flow ingress ip flow egress ip pim sparse-dense-mode ! interface GigabitEthernet0/0.224 encapsulation dot1Q 224 ip address x.x.x.x x.x.x.x no ip proxy-arp ip accounting output-packets ip flow ingress ip flow egress ip pim sparse-dense-mode ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface
Dear Nick Thanks for your reply. What does input error means ? I am also having the drops in Input queue Input queue: 0/75/3267688/769 (size/max/drops/flushes); Total output drops: 0 Date: Tue, 13 Sep 2011 12:18:05 +0100 From: n...@foobar.org To: farooq_...@hotmail.com CC: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface On 13/09/2011 10:13, Farooq Razzaque wrote: I am facing the input errors, overrun unknown protocols drops on LAN interface-Gi0/0 (having sub-interface) on MPLS router. port overruns mean that your router is receiving data faster than it can handle. You either need a faster router than a 3800 series or else larger input buffers. Unknown protocols means that your switch is sending data that the router doesn't understand. Maybe LLDP or something? Or some other odd LAN protocol? Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface
Dear David How can we resolve this then Subject: Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface From: david.roth...@gmail.com Date: Tue, 13 Sep 2011 14:04:57 +0100 CC: n...@foobar.org; cisco-nsp@puck.nether.net To: farooq_...@hotmail.com Input drops are usually caused by the input queue filling up and then tail drops occurring because there is no more space for new packets in the queue. I've seen this happen where you have an upstream device trying to send packets faster than the downstream device can process them. On 13 Sep 2011, at 13:54, Farooq Razzaque wrote: Dear Nick Thanks for your reply. What does input error means ? I am also having the drops in Input queue Input queue: 0/75/3267688/769 (size/max/drops/flushes); Total output drops: 0 Date: Tue, 13 Sep 2011 12:18:05 +0100 From: n...@foobar.org To: farooq_...@hotmail.com CC: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface On 13/09/2011 10:13, Farooq Razzaque wrote: I am facing the input errors, overrun unknown protocols drops on LAN interface-Gi0/0 (having sub-interface) on MPLS router. port overruns mean that your router is receiving data faster than it can handle. You either need a faster router than a 3800 series or else larger input buffers. Unknown protocols means that your switch is sending data that the router doesn't understand. Maybe LLDP or something? Or some other odd LAN protocol? Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface
Dear Nick what input queue size we can increase to for testing. Date: Tue, 13 Sep 2011 14:34:27 +0100 From: n...@foobar.org To: farooq_...@hotmail.com CC: david.roth...@gmail.com; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface On 13/09/2011 14:18, Farooq Razzaque wrote: How can we resolve this then I already told you: You either need a faster router than a 3800 series or else larger input buffers. The input buffers can be adjusted with the hold-queue command. But probably you just need a more powerful router. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface
Dear David I increased the hold on Queue to size 3500 but the input error and input queue drops are there . May be the frequency of increasing is reduced but it is still there. From: d...@dcptech.com To: farooq_...@hotmail.com; david.roth...@gmail.com CC: cisco-nsp@puck.nether.net Subject: RE: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface Date: Tue, 13 Sep 2011 09:40:49 -0400 To minimize the input drops you can increase the hold-queue. Another issue to look at is the buffers as well, most likely have misses and failures there. The flushes are caused by SPD, which are control plane packets that need to make it to the processor so they are put ahead of everything else in the input queue. David, a different one. -- http://dcp.dcptech.com -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Farooq Razzaque Sent: Tuesday, September 13, 2011 9:18 AM To: david.roth...@gmail.com Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface Dear David How can we resolve this then Subject: Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface From: david.roth...@gmail.com Date: Tue, 13 Sep 2011 14:04:57 +0100 CC: n...@foobar.org; cisco-nsp@puck.nether.net To: farooq_...@hotmail.com Input drops are usually caused by the input queue filling up and then tail drops occurring because there is no more space for new packets in the queue. I've seen this happen where you have an upstream device trying to send packets faster than the downstream device can process them. On 13 Sep 2011, at 13:54, Farooq Razzaque wrote: Dear Nick Thanks for your reply. What does input error means ? I am also having the drops in Input queue Input queue: 0/75/3267688/769 (size/max/drops/flushes); Total output drops: 0 Date: Tue, 13 Sep 2011 12:18:05 +0100 From: n...@foobar.org To: farooq_...@hotmail.com CC: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Input errors, overrun unknown protocols drops on LAN interface On 13/09/2011 10:13, Farooq Razzaque wrote: I am facing the input errors, overrun unknown protocols drops on LAN interface-Gi0/0 (having sub-interface) on MPLS router. port overruns mean that your router is receiving data faster than it can handle. You either need a faster router than a 3800 series or else larger input buffers. Unknown protocols means that your switch is sending data that the router doesn't understand. Maybe LLDP or something? Or some other odd LAN protocol? Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Host xxxx.xxxx.xxxx in vlan x is flapping between port Po1 and port Gi0/1
Hi All I noticed the following messages with different timestamp on IPT SW01 (connected to IPT servers - C2960G-24TC-L) %SW_MATM-4-MACFLAP_NOTIF: Host 001c.f6e5.17b0 in vlan 119 is flapping between port Po1 and port Gi0/1 Here : 1) Gi0/1 is connected to Voice Gateway router interface GigabitEthernet0/0 (Connected to IPT SW02 - Gi0/1) no ip address duplex auto speed auto media-type rj45 bridge-group 1 ! interface GigabitEthernet0/1 (Connected to IPT SW01 - Gi0/1) no ip address duplex auto speed auto media-type rj45 bridge-group 1 interface BVI1 ip address x ntp broadcast client ntp broadcast h323-gateway voip interface h323-gateway voip bind srcaddr x 2) Mac-address 001c.f6e5.17b0 is the address of interface Gi0/0 of Voice Gateway Router and same address for BVI1 GigabitEthernet0/0 is up, line protocol is up Hardware is BCM1125 Internal MAC, address is 001c.f6e5.17b0 (bia 001c.f6e5.17b0) GigabitEthernet0/1 is up, line protocol is up Hardware is BCM1125 Internal MAC, address is 001c.f6e5.17b1 (bia 001c.f6e5.17b1) BVI1 is up, line protocol is up Hardware is BVI, address is 001c.f6e5.17b0 (bia 001c.f6e5.17b0) 3) Po1 is the port channel on IPT SW01 (Gi0/22 and Gi0/23) and Core switch (VSS) interface GigabitEthernet0/22 description L2 Trunk to Coreswitch switchport trunk native vlan 999 switchport trunk allowed vlan 119 switchport mode trunk logging event trunk-status logging event bundle-status channel-protocol lacp channel-group 1 mode active ! interface GigabitEthernet0/23 description L2 Trunk to Coreswitch switchport trunk native vlan 999 switchport trunk allowed vlan 119 switchport mode trunk logging event trunk-status logging event bundle-status channel-protocol lacp channel-group 1 mode active Appreciate your help ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Re LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink)
Dear sethm R u taking about the username and password which is configure for ISDN. If username or password is different on both end then i believe isdn will not be triggered. In my case ISDN is triggering and i can access the router via telnet through the ISDN. i can also ping the branch LAN from HO by keeping the source IP as dialer of HO. But LAN (branch) to LAN (HO) traffic is not flowing and ping is not happing. Date: Tue, 26 Jul 2011 08:54:51 -0700 From: se...@rollernet.us To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Re LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink) On 7/26/11 6:01 AM, Farooq Razzaque wrote: Dear CJ Tanks for your reply yes the ISDN is up. Please find attached Topology observation during testing, show run of branch. You might want to go ahead and change your passwords, too. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink)
Hi All I have an issue in backup link connectivity (ISDN). During testing we shutdown the Primary MPLS link to switch the traffic to ISDN. ISDN is triggering but LAN(Branch) to LAN(HO) ping and traffic is not flowing. Attached is the debug ip packet which was captured from branch during testing. Following encapsulation failed error is also observed. Anyone can pls help me out. JZBRT#39.594 UAE: IP: s=10.1.47.21 (GigabitEthernet0/0.10), d=192.168.2.25 (Dialer1), len 48, encapsulation failed .Jun 28 18:05:38.466 UAE: IP: s=172.21.47.43 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), len 44, output JZBRT# feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:38.466 UAE: IP: s=172.21.47.43 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), g=172.20.18.20, len 44, forward .Jun 28 18:05:38.466 UAE: IP: s=172.21.47.43 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), len 44, encapsulation failed .Jun 28 18:05:38.466 UAE: IP: s=172.21.47.34 (GigabitEthernet0/0.20), d=172.20.18.20, len 44, input feature, MCI Check(66), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:38.466 UAE: IP: s=172.21.47.34 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), len 44, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:38.466 UAE: IP: s=172.21.47.34 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), g=172.20.18.20, len 44, forward .Jun 28 18:05:38.466 UAE: IP: s=172.21.47.34 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), len 44, encapsulation failed .Jun 28 18:05:38.758 UAE: IP: s=172.21.47.39 (GigabitEthernet0/0.20), d=172.20.1.31, len 44, input feature, MCI Check(66), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:38.758 UAE: IP: s=172.21.47.39 (GigabitEthernet0/0.20), d=172.20.1.31 (Dialer1), len 44, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:38.758 UAE: IP: s=172.21.47.39 (GigabitEthernet0/0.20), d=172.20.1.31 (Dialer1), g=172.20.1.31, len 44, forward .Jun 28 18:05:38.758 UAE: IP: s=172.21.47.39 (GigabitEthernet0/0.20), d=172.20.1.31 (Dialer1), len 44, encapsulation failed .Jun 28 18:05:39.594 UAE: IP: s=10.1.47.21 (GigabitEthernet0/0.10), d=192.168.2.25, len 48, input feature, MCI Check(66), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.594 UAE: IP: s=10.1.47.21 (GigabitEthernet0/0.10), d=192.168.2.25 (Dialer1), len 48, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.594 UAE: IP: s=10.1.47.21 (GigabitEthernet0/0.10), d=192.168.2.25 (Dialer1), g=192.168.2.25, len 48, forward .Jun 28 18:05: JZBRT#39.594 UAE: IP: s=10.1.47.21 (GigabitEthernet0/0.10), d=192.168.2.25 (Dialer1), len 48, encapsulation failed .Jun 28 18:05:39.594 UAE: IP: s=10.48.47.250 (local), d=224.0.0.10 (GigabitEthernet0/0.50), len 60, sending broad/multicast .Jun 28 18:05:39.594 UAE: IP: s=10.48.47.250 (local), d=224.0.0.10 (GigabitEthernet0/0.50), len 60, sending full packet .Jun 28 18:05:39.598 UAE: IP: s=10.1.47.250 (local), d=192.168.243.185 (Dialer1), len 576, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.602 UAE: IP: s=10.1.47.250 (local), d=192.168.243.185 (Dialer1), len 576, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.602 UAE: IP: s=10.1.47.250 (local), d=192.168.243.185 (Dialer1), len 576, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.602 UAE: IP: s=10.1.47.250 (local), d=192.168.243.185 (Dialer1), len 576, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.602 UAE: IP: s=10.1.47.250 (local), d=192.168.243.185 (Dialer1), len 576, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.606 UAE: IP: s=172.21.47.22 (GigabitEthernet0/0.20), d=172.20.18.20, len 44, input feature, MCI Check(66), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.606 UAE: IP: s=172.21.47.22 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), len 44, output feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:39.606 UAE: IP: s=172.21.47.22 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), g=172.20.18.20, len 44, forward .Jun 28 18:05:39.606 UAE: IP: s=172.21.47.22 (GigabitEthernet0/0.20), d=172.20.18.20 (Dialer1), len 44, encapsulation failed .Jun 28 18:05:39.606 UAE: IP: s=172.21.47.30 (GigabitEthernet0/0.20), d=172.20.18.20, len 44, input feature, Dialer idle reset(70), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .Jun 28 18:05:41.034 UAE: IP: s=172.21.47.45
Re: [c-nsp] Re LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink)
Dear CJ Tanks for your reply yes the ISDN is up. Please find attached Topology observation during testing, show run of branch. From: cjinfant...@gmail.com Date: Tue, 26 Jul 2011 08:44:57 -0400 To: cisco-nsp@puck.nether.net Subject: [c-nsp] Re LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink) On Tue, Jul 26, 2011 at 3:58 AM, cisco-nsp-requ...@puck.nether.net wrote: [c-nsp] LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink) I believe encapsulation failed is due to a layer two issue on the router. It is unable to complete the packet, ie. cannot find the mac address (if on ethernet). Is the ISDN up? What does your sho ip route look like? Take a look at the ISDN setup, it looks like a misconfiguration on the port. -- CJ http://convergingontheedge.com http://www.convergingontheedge.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ sh run Building configuration... Current configuration : 11217 bytes ! ! Last configuration change at 17:10:36 UAE Wed Jun 29 2011 by local ! version 15.0 service nagle no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption ! ! boot-start-marker boot-end-marker ! ! no aaa new-model clock timezone UAE 4 ! dot11 syslog no ip source-route ! ! ip cef no ip dhcp use vrf connected ip dhcp excluded-address 172.21.47.1 172.21.47.19 ip dhcp excluded-address 172.21.47.246 172.21.47.254 ! ip dhcp pool VOICE network 172.21.47.0 255.255.255.0 option 150 ip 172.20.1.30 default-router 172.21.47.250 ! ! no ip bootp server no ip domain lookup ip domain name rakbank.co.ae ip name-server 192.168.2.23 ip multicast-routing login block-for 120 attempts 5 within 30 login on-failure every 5 no ipv6 cef ! multilink bundle-name authenticated ! ! ! ! isdn switch-type basic-net3 ! ! voice call convert-discpi-to-prog voice rtp send-recv ! voice class codec 1 codec preference 1 g711ulaw codec preference 2 g711alaw codec preference 3 g729br8 ! voice-card 0 dsp services dspfarm ! license udi pid CISCO2851 sn FHK1444F1YB username local privilege 15 secret 5 $1$SsQl$gUAsMHeGAv5lnAIuWrhsE0 username rakadmin privilege 15 secret 5 $1$..6M$LrousJc.ehPwZjv59HkVG0 username HONWANRT02 password 7 111B180E15130507557878 ! redundancy ! ! ! ! crypto isakmp policy 100 encr 3des authentication pre-share group 2 crypto isakmp key dmRAK#1024!vpn address 0.0.0.0 0.0.0.0 crypto isakmp keepalive 30 ! ! crypto ipsec transform-set raktrans esp-3des esp-sha-hmac mode transport ! crypto ipsec profile DMVPN set security-association lifetime seconds 1800 set transform-set raktrans ! ! interface Tunnel1 description Primary DMVPN Cloud 1 bandwidth 4096 ip address 192.168.247.114 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip mtu 1400 no ip next-hop-self eigrp 100 ip nhrp authentication rakbank ip nhrp map multicast 192.168.241.2 ip nhrp map 192.168.247.5 192.168.241.2 ip nhrp network-id 101 ip nhrp holdtime 180 ip nhrp nhs 192.168.247.5 ip tcp adjust-mss 1360 no ip split-horizon eigrp 100 tunnel source GigabitEthernet0/1 tunnel mode gre multipoint tunnel key 1001 tunnel protection ipsec profile DMVPN shared ! ! interface Tunnel2 description Primary DMVPN Cloud 2 bandwidth 4096 ip address 192.168.246.114 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip mtu 1400 no ip next-hop-self eigrp 100 ip nhrp authentication rakbank ip nhrp map multicast 192.168.244.2 ip nhrp map 192.168.246.5 192.168.244.2 ip nhrp network-id 100 ip nhrp holdtime 180 ip nhrp nhs 192.168.246.5 ip tcp adjust-mss 1360 no ip split-horizon eigrp 100 tunnel source GigabitEthernet0/1 tunnel mode gre multipoint tunnel key 1000 tunnel protection ipsec profile DMVPN shared ! ! interface Tunnel3 description DR DMVPN Cloud 1 bandwidth 4096 ip address 192.168.248.114 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip mtu 1400 no ip next-hop-self eigrp 100 ip nhrp authentication rakbank ip nhrp map multicast 192.168.241.82 ip nhrp map 192.168.248.1 192.168.241.82 ip nhrp network-id 102 ip nhrp holdtime 180 ip nhrp nhs 192.168.248.1 ip tcp adjust-mss 1360 no ip split-horizon eigrp 100 tunnel source GigabitEthernet0/1 tunnel mode gre multipoint tunnel key 1002 tunnel protection ipsec profile DMVPN shared ! ! interface Tunnel4 description DR DMVPN Cloud 2 bandwidth 4096 ip address 192.168.249.114 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip mtu 1400 no ip next-hop-self eigrp 100 ip nhrp authentication rakbank ip nhrp map
[c-nsp] ANM Upgrade 3.2 to 4.2
Dear All, I am planning to upgrade the ANM 3.2 to ANM 4.2. Does anybody have any experience on this. What are the best practices, precautions etc. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] New ACE-20 module is not synching in ANM after replacing with existing module
Hi All Appreciate if someone provide feedback on this From: farooq_...@hotmail.com To: cisco-nsp@puck.nether.net Subject: New ACE-20 module is not synching in ANM after replacing with existing module Date: Sat, 4 Jun 2011 03:37:59 +0600 Hi All We replaced the Faulty ACE module with RMA module in cat 6500 chassis. ACE moudule is being managed by ANM. After replacing the module, while i am doing CLI synching option on this module, following error is displaying Device Discovery failed: serial number mismatch, expected SAD120407C OLD ACE) but got SAL1435SGAV (NEW ACE) ANM Version is 3.2(0) Can anyone let me know that do i need to delete and readd this module again. How it can be fixed i would appreciate your response in this regard ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] New ACE-20 module is not synching in ANM after replacing with existing module
Hi All We replaced the Faulty ACE module with RMA module in cat 6500 chassis. ACE moudule is being managed by ANM. After replacing the module, while i am doing CLI synching option on this module, following error is displaying Device Discovery failed: serial number mismatch, expected SAD120407C OLD ACE) but got SAL1435SGAV (NEW ACE) ANM Version is 3.2(0) Can anyone let me know that do i need to delete and readd this module again. How it can be fixed i would appreciate your response in this regard ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] GBIC_SECURITY_CRYPT-4-ID_MISMATCH: Identification check failed for GBIC in port [dec]
Hi All I am having the following error while inserting the GBIC module in the switch Error Message : GBIC_SECURITY_CRYPT-4-ID_MISMATCH: Identification check failed for GBIC in port [dec] Explanation ; This message means that the GBIC was identified as a Cisco GBIC, but the system was unable to verify its identity. [dec] is the interface in which the module is installed. Switch Ports Model SW VersionSW Image -- - - ---- *1 24WS-C2960G-24TC-L 12.2(44)SE6 C2960-LANBASEK9-M ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] FABRIC-SW1_SP-6-TIMEOUT_ERR and %EARL_L2_ASIC-SW1_SP-4-DBUS_HDR_ERR: EARL L2 ASIC #0 (Cat. 65013
Dear Team I noticed the following error message on Cat.6513 running in VSS mode. Does anybody experience these messages. Attached is the show logging 82356388: May 5 18:12:18.903 UAE: %EARL-SW1_SP-3-RESET_LC: Resetting module in slot 3. (Errorcode 1) 82356389: May 5 18:12:18.903 UAE: %OIR-SW1_SP-3-PWRCYCLE: Card in module 3, is being power-cycled 'off (EarlRecoveryPatch Reset)' 82356401: May 5 18:12:18.911 UAE: %C6KPWR-SW1_SP-4-DISABLED: power to module in slot 3 set off (EarlRecoveryPatch Reset) May 5 18:12:31.091 UAE: SW1_SP: Switch 1 Physical Slot 3 - Module Type LINE_CARD removed May 5 18:12:31.099 UAE: SW1_SP: Switch 1 Physical Slot 3 - Module Type LINE_CARD inserted 82356402: May 5 18:12:38.047 UAE: %FABRIC-SW1_SP-6-TIMEOUT_ERR: Fabric in slot 7 detected excessive flow-control on channel 10 (Module 4, fabric connection 0) 82356403: May 5 18:12:38.127 UAE: %FABRIC-SW1_SP-6-TIMEOUT_ERR: Fabric in slot 7 detected excessive flow-control on channel 14 (Module 6, fabric connection 0) 82356404: May 5 18:14:00.740 UAE: %EARL_L2_ASIC-SW1_SP-4-DBUS_HDR_ERR: EARL L2 ASIC #0: Dbus Hdr. Error occurred. Ctrl1 0xB88D0E3D 82356362: May 5 18:12:08.036 UAE: %FABRIC-SW1_SP-6-TIMEOUT_ERR: Fabric in slot 7 detected excessive flow-control on channel 1 (Module 3, fabric connection 0) 82356408: May 5 18:17:14.121 UAE: %DIAG-SW1_SP-6-DIAG_OK: Switch 1 Module 3: Passed Online Diagnostics 82356409: May 5 18:17:14.353 UAE: %OIR-SW1_SP-6-INSCARD: Card inserted in slot 3, interfaces are now online 82356410: May 5 18:17:20.261 UAE: %SSH-5-SSH2_SESSION: SSH2 Session request from 10.16.50.174 (tty = 1) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded May 5 18:17:16.381 UAE: SW1_SP: Card inserted in Switch_number = 1 , physical slot 3, interfaces are now online -- show logging -- Syslog logging: enabled (2435 messages dropped, 3159 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled) No Active Message Discriminator. No Inactive Message Discriminator. Console logging: disabled Monitor logging: level debugging, 5240 messages logged, xml disabled, filtering disabled Buffer logging: level debugging, 82355029 messages logged, xml disabled, filtering disabled Exception Logging: size (4096 bytes) Count and timestamp logging messages: disabled Persistent logging: disabled No active filter modules. ESM: 0 messages dropped Trap logging: level informational, 81259913 message lines logged Logging to 10.16.50.101 (udp port 514, audit disabled, authentication disabled, encryption disabled, link up), 81259898 message lines logged, 0 message lines rate-limited, 0 message lines dropped-by-MD, xml disabled, sequence number disabled filtering disabled Log Buffer (16384 bytes): witch_number = 1 , physical slot 3, interfaces are now online 82356320: May 4 14:58:32.041 UAE: %SVCLC-5-FWTRUNK: Firewalled VLANs configured on trunks 82356321: May 4 15:19:26.748 UAE: %SSH-5-SSH2_SESSION: SSH2 Session request from 10.16.50.174 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded 82356322: May 4 15:19:30.988 UAE: %SSH-5-SSH2_USERAUTH: User 'clephen' authentication for SSH2 Session from 10.16.50.174 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded 82356323: May 4 15:24:55.002 UAE: %SSH-5-SSH2_CLOSE: SSH2 Session from 10.16.50.174 (tty = 0) for user 'clephen' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed 82356324: May 4 18:00:27.709 UAE: %SSH-5-SSH2_SESSION: SSH2 Session request from 10.16.50.174 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded 82356325: May 4 18:00:38.061 UAE: %SSH-5-SSH2_USERAUTH: User 'clephen' authentication for SSH2 Session from 10.16.50.174 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Failed 82356326: May 4 18:00:38.061 UAE: %SSH-5-SSH2_CLOSE: SSH2 Session from 10.16.50.174 (tty = 0) for user 'clephen' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed 82356327: May 4 18:00:39.741 UAE: %SSH-5-SSH2_SESSION: SSH2 Session request from 10.16.50.174 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded 82356328: May 4 18:00:41.301 UAE: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: clephen] [Source: 10.16.50.174] [localport: 22] [Reason: Login Authentication Failed] at 18:00:41 UAE Wed May 4 2011 82356329: May 4 18:00:58.466 UAE: %SSH-5-SSH2_USERAUTH: User 'clephen' authentication for SSH2 Session from 10.16.50.174 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Failed 82356330: May 4 18:00:58.466 UAE: %SSH-5-SSH2_CLOSE: SSH2 Session from 10.16.50.174 (tty = 0) for user 'clephen' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1'
[c-nsp] Integration of Cisco CSM 3.3.1 with Cisco ACS 4.2
Dear I intergrated Cisco CSM 3.3.1 with Cisco ACS 4.2. After intergreting i am able to login with ACS users and user defined in system identity setup but i have don't have the sufficient previledge assiged (even i can't see the devices added in CMS). Also when CSM communicate first time with ACS it generated some roles in shared profile in ACS which is also missing in my case.. Pls help me out urgently ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] %SIBYTE-CFC10-3-CORRECTABLE_ECC_ERR (6500 switch)
Hi All I am getting the following errors on 6500 %SIBYTE-CFC10-3-CORRECTABLE_ECC_ERR: A correctable ECC error has occurred, A_BUS_L2_ERRORS: 0x0, A_BUS_MEMIO_ERRORS: 0xFF, A_SCD_BUS_ERR_STATUS: 0xC0DC3000 Attached is the outputs of show environment command. Apparently all the environment are normal . ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] %SIBYTE-CFC10-3-CORRECTABLE_ECC_ERR (6500 switch)
Hi U mean in (%SIBYTE-CFC10-3) 10 is the line card which is generating this error.. what number '3' is reflecting in this log.. From: farooq_...@hotmail.com To: cisco-nsp@puck.nether.net Date: Sun, 23 Jan 2011 16:49:06 +0500 Subject: [c-nsp] %SIBYTE-CFC10-3-CORRECTABLE_ECC_ERR (6500 switch) Hi All I am getting the following errors on 6500 %SIBYTE-CFC10-3-CORRECTABLE_ECC_ERR: A correctable ECC error has occurred, A_BUS_L2_ERRORS: 0x0, A_BUS_MEMIO_ERRORS: 0xFF, A_SCD_BUS_ERR_STATUS: 0xC0DC3000 Attached is the outputs of show environment command. Apparently all the environment are normal . ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] %SFF8472-5-THRESHOLD_VIOLATION: Te0/2: Rx power low warning; Operating value: -12.5 dBm, Threshold value -9.9 dBm
Hi All I am receiving the following errors on aggregation switch (WS-C3560E-12SD-E) which is connected with Core switch (Cat. 6513) %SFF8472-5-THRESHOLD_VIOLATION: Te0/2: Rx power low warning; Operating value: -12.5 dBm, Threshold value -9.9 dBm ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/