Re: [c-nsp] Local printer will not print when connected to Cisco VPN client or checkpoint..Please help

Does the printer have a default gateway as in able to see outside its own subnet? Can you ping/tracroute to it? -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Quinn Kuzmich Sent: Wednesday, 28 March 2012 12:04 PM To:

[c-nsp] Cisco 7201 rate-limit or aggregate policer

Hi, List! I need to rate-limit traffic on two subinterfaces facing a single customer. These two subifs used for building reliable connection to the customer using OSPF and two links with different vlans. On Cisco 7600 it culd be done using aggregate policer and one policy-map applied to two

Re: [c-nsp] Local printer will not print when connected to Cisco VPN client or checkpoint..Please help

Sorry I am pretty certain I total miss read this one. Split tunnelling will only work if you specify what is and is not interesting traffic for the VPN and local network. Depending on what client you are using you can enable local lan access in anyconnect (not certain if there is an option for

[c-nsp] Portchan ASR-2960

Hi Guys, Testing an ASR1006-2960 portchan, and portchan comes up, config vlan int on 2960 in vlan 88 and portchan1.88 and can see mac's but cannot pass data - If I change the config to bring down the portchan, and use physical interface on asr with dot1q subint, I have no issues? Bug? ASR:

Re: [c-nsp] Local printer will not print when connected to Cisco VPN client or checkpoint..Please help

On 28 March 2012 03:01, cisco-nsp-requ...@puck.nether.net wrote: Message: 8 Date: Tue, 27 Mar 2012 21:32:41 -0400 From: Renelson Panosky panocisc...@gmail.com To: cisco-nsp@puck.nether.net Subject: [c-nsp] Local printer will not print when connected to Cisco        VPN client or

Re: [c-nsp] N7K, NX-OS 6.0(2) link-local OSPFv3

On Mon, Mar 26, 2012 at 9:45 AM, Tim Durack tdur...@gmail.com wrote: This is not an obvious change from IOS to NX-OS. I'm also not sure that this follows rfc3484 Default Address Selection for Internet Protocol version 6 -- Tim: Cisco has confirmed the NX-OS IPv6 stack does not implement

Re: [c-nsp] Cisco 7201 rate-limit or aggregate policer

On 3/28/2012 9:00 AM, cisco-nsp-requ...@puck.nether.net wrote: -- Message: 1 Date: Wed, 28 Mar 2012 09:23:55 +0300 From: Artyom Viklenko ar...@aws-net.org.ua To: cisco-nsp@puck.nether.net Subject: [c-nsp] Cisco 7201

[c-nsp] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features Advisory ID: cisco-sa-20120328-mace Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT

[c-nsp] Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Advisory ID: cisco-sa-20120328-nat Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT

[c-nsp] Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability Advisory ID: cisco-sa-20120328-rsvp Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT

[c-nsp] Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall Vulnerabilities Advisory ID: cisco-sa-20120328-zbfw Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT

Re: [c-nsp] Cisco 7201 rate-limit or aggregate policer

On (2012-03-28 09:08 -0700), Chris Hunt wrote: interface GigabitEthernet0/1.310 encapsulation dot1Q 310 rate-limit input 1100 2062500 4125000 conform-action transmit exceed-action drop rate-limit output 1100 2062500 4125000 conform-action transmit exceed-action drop I would

Re: [c-nsp] Is Inter-AS option B supported on Catalyst 6500 SXI code?

On (2012-03-27 14:00 -0400), schilling wrote: I am trying to have catalyst 6500 w/ sup720 3BXL with 12.2(33)SXI5 to support ASBR exchanging VPN-IPv4, but 6500 is not allocating labels for prefixes learned from eBGP over address family vpnv4. Does anybody ever have this working? Any catch?

Re: [c-nsp] Is Inter-AS option B supported on Catalyst 6500 SXI code?

Thanks all for the advice. I figured out with TAC. The label is filtered by my label advertisement filter. Schilling On Wed, Mar 28, 2012 at 12:49 PM, Saku Ytti s...@ytti.fi wrote: On (2012-03-27 14:00 -0400), schilling wrote: I am trying to have catalyst 6500 w/ sup720 3BXL with

Re: [c-nsp] Apply service policy via Radius?

Just resurrecting an old thread. Anybody have any new information on Per-user QoS policies via RADIUS on 15.1? I have a 1941 running 15.1(4)M1 that I'd like to accept the above, but am unable to figure out the secret combo. Thanks, -c On Mon, Mar 8, 2010 at 3:00 AM, Reuben Farrelly

Re: [c-nsp] Apply service policy via Radius?

It works on 15.1M - at least on the 2800s and 7200s (I've got 15.1(4)M3 in production and planning 15.1(4)M4 which just came out a couple of days ago). The secret combo probably relates to how you are checking out the feature: rt1.nsw#show subscriber session username xxx@yyy Unique Session

Re: [c-nsp] Apply service policy via Radius?

Ah, that explains things. But for some reason all of my sessions do not have an Inbound Policy map applied, only Outbound. Snippit of debug: RADIUS: Vendor, Cisco [26] 59 RADIUS: Cisco AVpair [1] 53 ip:sub-qos-policy-in=512K_CIR-1536K_MIR-U RADIUS: Vendor, Cisco [26]

Re: [c-nsp] Cisco 7201 rate-limit or aggregate policer

On 28.03.2012 19:08, Chris Hunt wrote: On 3/28/2012 9:00 AM, cisco-nsp-requ...@puck.nether.net wrote: -- Message: 1 Date: Wed, 28 Mar 2012 09:23:55 +0300 From: Artyom Viklenkoar...@aws-net.org.ua To: cisco-nsp@puck.nether.net