I was asked today by someone via email what the default password was for the ICX6430 Brocade switch. I responded back and got a failure to deliver response. So Im posting this in the hopes that the individual that emailed me gets this.
ANSWER: There is no default password when you pull the unit out of the box. The Brocade switches come with no default password. You just have to set one up for proper security to the box.
http://www.brocade.com/downloads/documents/html_product_manuals/FI_ICX6430_6450_07400a_IG/wwhelp/wwhimpl/common/html/wwhelp.htm#context=53_1002505_03_ICX6430_6450_Install_v07400a&file=ICX6430_6450_Configuration.06.4.html
Saturday, August 31, 2013
Friday, August 30, 2013
Brocade 7131 AP: Mesh Point-To-Point (P2P) Bridge Configuration
This was a slightly different configuration that the posts I have done before on point-to-point bridges between to APs. I think I actually prefer this config better, as I had no problems with this config at all. Below, you can see my line of sight from where my antenna was on my side (right on the outside wall from where I am) to the other side (in the top window in the left corner). The trees would have posed a problem if they were directly in between, but as you can see, its a clear shot. See below my configs for this mesh point-to-point bridge.
Portal Side:
! Configuration of BR7131 version 5.4.1.0-020R
!
!
version 2.1
!
!
ip access-list BROADCAST-MULTICAST-CONTROL
permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
firewall-policy default
no ip dos tcp-sequence-past-window
no stateful-packet-inspection-l2
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
qos trust dscp
qos trust wmm
!
radio-qos-policy default
!
wlan none
ssid none
vlan 1
bridging-mode tunnel
encryption-type tkip
authentication-type none
no broadcast-ssid
no answer-broadcast-probes
wpa-wpa2 psk 0 Passkey
wireless-client count-per-radio 0
!
wlan turnonradio
ssid turnonradio
vlan 1
bridging-mode tunnel
encryption-type tkip
authentication-type none
no broadcast-ssid
no answer-broadcast-probes
wpa-wpa2 psk 0 Passkey
wireless-client count-per-radio 0
!
smart-rf-policy mcx
smart-ocs-monitoring meshpoint 5GHz MPACS
smart-ocs-monitoring meshpoint 2.4GHz MPACS
!
!
management-policy default
no http server
https server
ssh
user admin password 1 4f88cdf3042d08b499b95e6954408123adfe65046bc95eee761ca0b631a2d433 role superuser access all
no snmp-server manager v2
snmp-server community 0 public ro
snmp-server community 0 private rw
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
banner motd Brocade Mobility Wireless
!
l2tpv3 policy default
!
profile br71xx default-br71xx
bridge vlan 1
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
bridge vlan 500
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
interface radio1
wlan none bss 1 primary
interface radio2
power 30
placement outdoor
mesh portal
mesh psk 0 Passkey
wlan turnonradio bss 1 primary
interface radio3
interface ge1
switchport mode trunk
switchport trunk native vlan 1
no switchport trunk native tagged
switchport trunk allowed vlan 1,500
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface ge2
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface vlan1
ip address 192.168.1.4/24
ip address zeroconf secondary
ip dhcp client request options all
interface wwan1
interface pppoe1
use firewall-policy default
service pm sys-restart
router ospf
!
rf-domain mcx
location somewhere
timezone Etc/GMT-6
country-code us
!
br71xx 74-8E-F8-88-39-9C
use profile default-br71xx
use rf-domain mcx
hostname PortalAP
country-code us
ip default-gateway 192.168.1.1
interface radio1
rf-mode 2.4GHz-wlan
channel smart
power smart
data-rates default
placement indoor
no mesh
mesh psk 0 default-mesh-psk
no preamble-short
interface radio2
rf-mode 5GHz-wlan
channel 60
power 30
placement outdoor
mesh portal
mesh psk 0 Passkey
no preamble-short
antenna-mode default
interface ge1
interface ge2
interface vlan1
ip address 192.168.1.4/24
logging on
logging console warnings
logging buffered warnings
!
!
end
PortalAP#
========================================================================
Client Side:
! Configuration of BR7131 version 5.4.1.0-020R
!
!
version 2.1
!
!
ip access-list BROADCAST-MULTICAST-CONTROL
permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
firewall-policy default
no ip dos tcp-sequence-past-window
no stateful-packet-inspection-l2
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
qos trust dscp
qos trust wmm
!
radio-qos-policy default
!
wlan turnonradio
ssid turnonradio
vlan 1
bridging-mode tunnel
encryption-type tkip
authentication-type none
no broadcast-ssid
no answer-broadcast-probes
wpa-wpa2 psk 0 Passkey
wireless-client count-per-radio 0
!
smart-rf-policy mcx
smart-ocs-monitoring meshpoint 5GHz MPBridge-Bridge
smart-ocs-monitoring meshpoint 2.4GHz MPBridge-Bridge
!
!
management-policy default
no http server
https server
ssh
user admin password 1 6c6333d2e71a9d96b882955c615bde8a34a589307f522ee1652d7ddcd192fb1d role superuser access all
no snmp-server manager v2
snmp-server community 0 public ro
snmp-server community 0 private rw
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
banner motd Brocade Mobility Wireless
!
l2tpv3 policy default
!
profile br71xx default-br71xx
bridge vlan 1
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
bridge vlan 500
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
interface radio1
interface radio2
power 30
mesh client
mesh psk 0 Passkey
wlan turnonradio bss 1 primary
interface radio3
interface ge1
switchport mode trunk
switchport trunk native vlan 1
no switchport trunk native tagged
switchport trunk allowed vlan 1,500
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface ge2
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface vlan1
ip address 192.168.1.8/24
ip address zeroconf secondary
ip dhcp client request options all
interface wwan1
interface pppoe1
use firewall-policy default
service pm sys-restart
router ospf
!
rf-domain mcx
location somewhereelse
timezone Etc/GMT-6
country-code us
use smart-rf-policy mcx
!
br71xx 74-8E-F8-88-34-CC
use profile default-br71xx
use rf-domain mcx
hostname ClientAP
country-code us
ip default-gateway 192.168.1.1
interface radio1
rf-mode 2.4GHz-wlan
channel smart
power smart
data-rates default
placement indoor
no mesh
mesh psk 0 default-mesh-psk
no preamble-short
antenna-mode default
interface radio2
rf-mode 5GHz-wlan
channel 60
power 27
placement outdoor
mesh client
mesh psk 0 Passkey
interface ge1
interface ge2
interface vlan1
ip address 192.168.1.8/24
logging on
logging console warnings
logging buffered warnings
!
!
end
ClientAP#
Portal Side:
! Configuration of BR7131 version 5.4.1.0-020R
!
!
version 2.1
!
!
ip access-list BROADCAST-MULTICAST-CONTROL
permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
firewall-policy default
no ip dos tcp-sequence-past-window
no stateful-packet-inspection-l2
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
qos trust dscp
qos trust wmm
!
radio-qos-policy default
!
wlan none
ssid none
vlan 1
bridging-mode tunnel
encryption-type tkip
authentication-type none
no broadcast-ssid
no answer-broadcast-probes
wpa-wpa2 psk 0 Passkey
wireless-client count-per-radio 0
!
wlan turnonradio
ssid turnonradio
vlan 1
bridging-mode tunnel
encryption-type tkip
authentication-type none
no broadcast-ssid
no answer-broadcast-probes
wpa-wpa2 psk 0 Passkey
wireless-client count-per-radio 0
!
smart-rf-policy mcx
smart-ocs-monitoring meshpoint 5GHz MPACS
smart-ocs-monitoring meshpoint 2.4GHz MPACS
!
!
management-policy default
no http server
https server
ssh
user admin password 1 4f88cdf3042d08b499b95e6954408123adfe65046bc95eee761ca0b631a2d433 role superuser access all
no snmp-server manager v2
snmp-server community 0 public ro
snmp-server community 0 private rw
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
banner motd Brocade Mobility Wireless
!
l2tpv3 policy default
!
profile br71xx default-br71xx
bridge vlan 1
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
bridge vlan 500
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
interface radio1
wlan none bss 1 primary
interface radio2
power 30
placement outdoor
mesh portal
mesh psk 0 Passkey
wlan turnonradio bss 1 primary
interface radio3
interface ge1
switchport mode trunk
switchport trunk native vlan 1
no switchport trunk native tagged
switchport trunk allowed vlan 1,500
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface ge2
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface vlan1
ip address 192.168.1.4/24
ip address zeroconf secondary
ip dhcp client request options all
interface wwan1
interface pppoe1
use firewall-policy default
service pm sys-restart
router ospf
!
rf-domain mcx
location somewhere
timezone Etc/GMT-6
country-code us
!
br71xx 74-8E-F8-88-39-9C
use profile default-br71xx
use rf-domain mcx
hostname PortalAP
country-code us
ip default-gateway 192.168.1.1
interface radio1
rf-mode 2.4GHz-wlan
channel smart
power smart
data-rates default
placement indoor
no mesh
mesh psk 0 default-mesh-psk
no preamble-short
interface radio2
rf-mode 5GHz-wlan
channel 60
power 30
placement outdoor
mesh portal
mesh psk 0 Passkey
no preamble-short
antenna-mode default
interface ge1
interface ge2
interface vlan1
ip address 192.168.1.4/24
logging on
logging console warnings
logging buffered warnings
!
!
end
PortalAP#
========================================================================
Client Side:
! Configuration of BR7131 version 5.4.1.0-020R
!
!
version 2.1
!
!
ip access-list BROADCAST-MULTICAST-CONTROL
permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
firewall-policy default
no ip dos tcp-sequence-past-window
no stateful-packet-inspection-l2
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
qos trust dscp
qos trust wmm
!
radio-qos-policy default
!
wlan turnonradio
ssid turnonradio
vlan 1
bridging-mode tunnel
encryption-type tkip
authentication-type none
no broadcast-ssid
no answer-broadcast-probes
wpa-wpa2 psk 0 Passkey
wireless-client count-per-radio 0
!
smart-rf-policy mcx
smart-ocs-monitoring meshpoint 5GHz MPBridge-Bridge
smart-ocs-monitoring meshpoint 2.4GHz MPBridge-Bridge
!
!
management-policy default
no http server
https server
ssh
user admin password 1 6c6333d2e71a9d96b882955c615bde8a34a589307f522ee1652d7ddcd192fb1d role superuser access all
no snmp-server manager v2
snmp-server community 0 public ro
snmp-server community 0 private rw
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
banner motd Brocade Mobility Wireless
!
l2tpv3 policy default
!
profile br71xx default-br71xx
bridge vlan 1
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
bridge vlan 500
bridging-mode tunnel
ip igmp snooping
ip igmp snooping querier
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
interface radio1
interface radio2
power 30
mesh client
mesh psk 0 Passkey
wlan turnonradio bss 1 primary
interface radio3
interface ge1
switchport mode trunk
switchport trunk native vlan 1
no switchport trunk native tagged
switchport trunk allowed vlan 1,500
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface ge2
ip dhcp trust
qos trust dscp
qos trust 802.1p
interface vlan1
ip address 192.168.1.8/24
ip address zeroconf secondary
ip dhcp client request options all
interface wwan1
interface pppoe1
use firewall-policy default
service pm sys-restart
router ospf
!
rf-domain mcx
location somewhereelse
timezone Etc/GMT-6
country-code us
use smart-rf-policy mcx
!
br71xx 74-8E-F8-88-34-CC
use profile default-br71xx
use rf-domain mcx
hostname ClientAP
country-code us
ip default-gateway 192.168.1.1
interface radio1
rf-mode 2.4GHz-wlan
channel smart
power smart
data-rates default
placement indoor
no mesh
mesh psk 0 default-mesh-psk
no preamble-short
antenna-mode default
interface radio2
rf-mode 5GHz-wlan
channel 60
power 27
placement outdoor
mesh client
mesh psk 0 Passkey
interface ge1
interface ge2
interface vlan1
ip address 192.168.1.8/24
logging on
logging console warnings
logging buffered warnings
!
!
end
ClientAP#
Thursday, August 29, 2013
Cisco CUE: How To Upgrade Cisco Unity Express (Voicemail) To Version 8.6.6 From 2.3
This post details how I upgraded the CUE from that UC500 that died not long ago. I needed to upgrade my CUE to accomplish a certain goal, and this was the process I went through in CLI. I had to download the image from Cisco.com and get my FTP server going on my laptop. Below is exactly what happened on that upgrade. Im going from version 2.3 to 8.6.6 directly.
User Access Verification
Username: shane
Password:
UC520>en
Password:
UC520#
UC520#
UC520#service-module integrated-Service-Engine 0/0 sess
Trying 10.1.10.2, 2002 ... Open
User Access Verification
Username: skillen
Password:
UC500-CUE>
UC500-CUE>
UC500-CUE> en
Password:
UC500-CUE# software install clean url ftp://192.168.1.110/CUE/cue-vm-k9.ise.8.6.6.pkg user shane pass none
WARNING:: This command will install the necessary software to
WARNING:: complete a clean install. It is recommended that a backup be done
WARNING:: before installing software.
Would you like to continue? [n] y
Downloading ftp cue-vm-k9.ise.8.6.6.pkg
Bytes downloaded : 262056
Validating package signature ... done
Downloading ftp cue-vm-installer-k9.ise.8.6.6.prt1
Bytes downloaded : 144420
Installer does not recognize package file format.
Attempting to upgrade installer...
starting_phase:
install-files.sh /dwnld/pkgdata/.installer_wo
add_file /dwnld/pkgdata/cue-vm-installer-k9.ise.8.6.6.prt1 1 / tgz
Installer upgrade successful
Restarting install process...
Software install using RAM
Downloading ftp cue-vm-k9.ise.8.6.6.pkg
Bytes downloaded : 262056
Validating package signature ... done
- Parsing package manifest files... complete.
Validating installed manifests ...........complete.
- Checking Package dependencies... complete.
Downloading ftp cue-vm-langpack.ise.8.6.6.pkg
Bytes downloaded : 1386351
Validating package signature ... done
Found Add-On Subsystem SID: e2e81cc6-39b5-47e1-9f83-b83c897fc50c Name: CUE Voicemail Language Support Version: 8.6.6
Found Add-On Subsystem SID: c28339fa-f7ae-4732-85ab-fa6c68b5de0c Name: CUE Voicemail Italian Version: 8.6.6
Found Add-On Subsystem SID: 49f09114-e0b0-4721-8b85-04be2064920c Name: CUE Voicemail European Spanish Version: 8.6.6
Found Add-On Subsystem SID: 27e5e2ab-1622-4c02-8a0a-cfad0d932148 Name: CUE Voicemail US English Version: 8.6.6
Found Add-On Subsystem SID: cf860289-67ac-4886-9295-a41e4c7a8487 Name: CUE Voicemail European French Version: 8.6.6
Found Add-On Subsystem SID: f0a41398-3917-4d49-b5ab-c2b39a80c121 Name: CUE Voicemail Latin American Spanish Version: 8.6.6
Found Add-On Subsystem SID: c4ca62e2-daff-40dc-b94e-bf20094bd700 Name: CUE Voicemail Mexican Spanish Version: 8.6.6
Found Add-On Subsystem SID: 88a84158-c090-4203-bde8-0d62eda200c7 Name: CUE Voicemail Arabic Version: 8.6.6
Found Add-On Subsystem SID: ab049397-cfad-4952-852a-8dfa69780cb8 Name: CUE Voicemail Dutch Version: 8.6.6
Found Add-On Subsystem SID: d60c3add-0c6b-4a99-8e5c-31019fe7939e Name: CUE Voicemail Swedish Version: 8.6.6
Found Add-On Subsystem SID: e1ed9919-31da-4c38-b029-9bbd8231d523 Name: CUE Voicemail Norwegian Version: 8.6.6
Found Add-On Subsystem SID: 683674a5-e6ef-4c97-8e05-efbba1e6fe47 Name: CUE Voicemail Canadian French Version: 8.6.6
Found Add-On Subsystem SID: c3d2409a-ae9a-47d3-baf0-3c1a3ff85d82 Name: CUE Voicemail Portuguese Version: 8.6.6
Found Add-On Subsystem SID: b18bcd35-5a37-46af-b230-0d9c27713dec Name: CUE Voicemail Turkish Version: 8.6.6
Found Add-On Subsystem SID: 3e72a8ae-45d2-4790-b0b5-9301600e886e Name: CUE Voicemail Hungarian Version: 8.6.6
Found Add-On Subsystem SID: fa803d25-9c89-4171-a14c-ec12d6ed6b8c Name: CUE Voicemail UK English Version: 8.6.6
Found Add-On Subsystem SID: 3f968fd0-6598-48e2-be1c-4af6c2e02e02 Name: CUE Voicemail German Version: 8.6.6
Found Add-On Subsystem SID: 09aa3e26-6efc-4bc4-a821-60d0fb238c74 Name: CUE Voicemail Hebrew Version: 8.6.6
Found Add-On Subsystem SID: 88f73a6c-884d-4838-b162-1b544dd6583f Name: CUE Voicemail Danish Version: 8.6.6
Found Add-On Subsystem SID: a2ba4f96-3452-40c3-83ad-c442cb6bf42f Name: CUE Voicemail Brazilian Portuguese Version: 8.6.6
Found Add-On Subsystem SID: e67d778d-53bd-4a2e-8dec-2c640f00bec0 Name: CUE Voicemail Traditional Chinese (Taiwan) Version: 8.6.6
Found Add-On Subsystem SID: ea206a88-e44f-488b-a660-114a3b179065 Name: CUE Voicemail Korean Version: 8.6.6
Found Add-On Subsystem SID: 372fa3fd-1efb-4353-9005-45876646a351 Name: CUE Voicemail Simplified Chinese (PRC) Version: 8.6.6
Found Add-On Subsystem SID: 6cdfed34-6d45-48fd-afe0-717e589c9aa9 Name: CUE Voicemail Japanese Version: 8.6.6
Found Add-On Subsystem SID: fa2e95d4-6be5-422d-a934-89a8e6d33e95 Name: CUE Voicemail Hong Kong Chinese Version: 8.6.6
Found Add-On Subsystem SID: 24cb0b00-ed1c-4463-bf6f-261b15dfb3e7 Name: CUE Voicemail Russian Version: 8.6.6
- Parsing package manifest files... complete.
- Checking Package dependencies... complete.
- Checking Manifest dependencies for subsystems in the install candidate list...
complete
Starting payload download
File : cue-vm-full-k9.ise.8.6.6.prt1 Bytes : 143453076
Validating payloads match registered checksums...
- cue-vm-full-k9.ise.8.6.6.prt1 .........................................................................................................................................verified
Extracting install scripts ...
Scripts extraction complete.
Remove scripts work order /dwnld/.script_work_order
Running Script Processor for ui_install
Maximum 2 language add-ons allowed for this platform.
Please select language(s) to install from the following list:
Language Installation Menu:
# Selected SKU Language Name (version)
----------------------------------------------------------------------
1 ITA CUE Voicemail Italian (8.6.6)
2 ESP CUE Voicemail European Spanish (8.6.6)
3 ENU CUE Voicemail US English (8.6.6)
4 FRA CUE Voicemail European French (8.6.6)
5 ESO CUE Voicemail Latin American Spanish (8.6.6)
6 ESM CUE Voicemail Mexican Spanish (8.6.6)
7 ARA CUE Voicemail Arabic (8.6.6)
8 NLD CUE Voicemail Dutch (8.6.6)
9 SVE CUE Voicemail Swedish (8.6.6)
10 NOR CUE Voicemail Norwegian (8.6.6)
11 FRC CUE Voicemail Canadian French (8.6.6)
12 PTG CUE Voicemail Portuguese (8.6.6)
13 TUR CUE Voicemail Turkish (8.6.6)
14 HUN CUE Voicemail Hungarian (8.6.6)
15 ENG CUE Voicemail UK English (8.6.6)
16 DEU CUE Voicemail German (8.6.6)
17 HBR CUE Voicemail Hebrew (8.6.6)
18 DAN CUE Voicemail Danish (8.6.6)
19 PTB CUE Voicemail Brazilian Portuguese (8.6.6)
20 CHT CUE Voicemail Traditional Chinese (Taiwan) (8.6.6)
21 KOR CUE Voicemail Korean (8.6.6)
22 CHS CUE Voicemail Simplified Chinese (PRC) (8.6.6)
23 JPN CUE Voicemail Japanese (8.6.6)
24 ZHH CUE Voicemail Hong Kong Chinese (8.6.6)
25 RUS CUE Voicemail Russian (8.6.6)
----------------------------------------------------------------------
Available commands are:
# - enter the number for the language to select one
r # - remove the language for given #
i # - more information about the language for given #
x - Done with language selection
Enter Command:3
Language Installation Menu:
# Selected SKU Language Name (version)
----------------------------------------------------------------------
1 ITA CUE Voicemail Italian (8.6.6)
2 ESP CUE Voicemail European Spanish (8.6.6)
3 * ENU CUE Voicemail US English (8.6.6)
4 FRA CUE Voicemail European French (8.6.6)
5 ESO CUE Voicemail Latin American Spanish (8.6.6)
6 ESM CUE Voicemail Mexican Spanish (8.6.6)
7 ARA CUE Voicemail Arabic (8.6.6)
8 NLD CUE Voicemail Dutch (8.6.6)
9 SVE CUE Voicemail Swedish (8.6.6)
10 NOR CUE Voicemail Norwegian (8.6.6)
11 FRC CUE Voicemail Canadian French (8.6.6)
12 PTG CUE Voicemail Portuguese (8.6.6)
13 TUR CUE Voicemail Turkish (8.6.6)
14 HUN CUE Voicemail Hungarian (8.6.6)
15 ENG CUE Voicemail UK English (8.6.6)
16 DEU CUE Voicemail German (8.6.6)
17 HBR CUE Voicemail Hebrew (8.6.6)
18 DAN CUE Voicemail Danish (8.6.6)
19 PTB CUE Voicemail Brazilian Portuguese (8.6.6)
20 CHT CUE Voicemail Traditional Chinese (Taiwan) (8.6.6)
21 KOR CUE Voicemail Korean (8.6.6)
22 CHS CUE Voicemail Simplified Chinese (PRC) (8.6.6)
23 JPN CUE Voicemail Japanese (8.6.6)
24 ZHH CUE Voicemail Hong Kong Chinese (8.6.6)
25 RUS CUE Voicemail Russian (8.6.6)
----------------------------------------------------------------------
Available commands are:
# - enter the number for the language to select one
r # - remove the language for given #
i # - more information about the language for given #
x - Done with language selection
Enter Command:x
ui_install scripts executed successfully.
Starting payload download
File : cue-vm-en_US-langpack.ise.8.6.6.prt1 Bytes : 31437748
Downloading payload(s) complete
Validating payloads match registered checksums...
- cue-vm-en_US-langpack.ise.8.6.6.prt1 ..............................verified
The system will be brought to offline state for a brief period
and will be brought back to online state automatically
Validating installed manifests ...........complete.
Clearing previous downgrade files ... complete.
The system is back in online state
Performing Hot install ...Sending an RBCP message to IOS notifying module reboot due do installation activitiy...
/bin/installer_shutdown.sh: line 23: /bin/rbcp_install_status: No such file or directory
Shutting down processes ... Please wait
.
EXITED: probe exit status 0
EXITED: SQL_startup.sh exit status 0
EXITED: LDAP_startup.sh exit status 0
EXITED: ntp_startup.sh exit status 137
EXITED: HTTP_startup.sh exit status 0
EXITED: superthread_startup.sh exit status 137
EXITED: ${ROOT}/usr/wfavvid/run exit status 137
EXITED: dwnldr_startup.sh exit status 137
Process shutdown complete.
clearing ////tmp/
bzsig ldbl -m freddo -t bzsig baQcK/vg+QpRcaIocbSymBwtahE46Vw8b+pYnWEu1eOE+AowbUaSNitVZBe1yJTnlYKL92UxIRJWsMwlpUjkEJ6FkBxRtGxADstSbLtmlN6V98aPeaOeSdkZMVVNi2dIkXOWlTEudE1oNe9/XF9CehJY05eXk2RNEow4+9n8uqo=
. Post install scripts were run for clean install. /lib/python2.3/installer/ScriptProcessor.py python
exec_script python /lib/python2.3/installer/ScriptProcessor.py
Post install scripts were run for clean install.. Return code is success.
Creating new nodes.
Performing final moves mnt_dir: /
INIT:
Rebooting ...
shutdown: sending all processes the TERM signal...
shutdown: sending all processes the KILL signal.
shutdown: turning off swap
shutdown: unmounting all file systems
Please stand by Restarting system.
ΓΏ
Cisco BootMon Version: 1.0.2
(Feb 27 2007 - 10:38:53) MPC83XX
Bootmon starts
Bootmon: cold reset.
System now booting.
Bootmon: reading primary bootloader image
Bootmon: calling bootloader
Cisco ServiceEngine Bootloader Version: 1.0.3
(Jul 6 2007 - 10:15:37) MPC83XX
Resetting devices ....Done.
mac address for internal ethernet 00:1b:a2:fe:32:be
Please enter '***' to change boot configuration:
ServicesEngine Bootloader Version : 1.0.3
kern_sz: 1128765
bl_boot_cf_cmd root=/dev/hda1 install_root=ide ro plat=freddo
## Booting image at 04000000 ...
Image Name: Linux-2.6.22-cisco-freddo
Image Type: PowerPC Linux Kernel Image (gzip compressed)
Data Size: 1128701 Bytes = 1.1 MB
Load Address: 00000000
Entry Point: 00000000
Verifying Checksum ... OK
Uncompressing Kernel Image ... OK
Linux version 2.6.22.10-vs2.2.0.5-cisco-freddo (drodrig@fndn-bld-system10) (gcc version 4.2.2) #1 Wed Jan 30 09:36:35 PST 2013
Zone PFN ranges:
DMA 0 -> 131072
Normal 131072 -> 131072
early_node_map[1] active PFN ranges
0: 0 -> 131072
Built 1 zonelists. Total pages: 130048
Kernel command line: root=/dev/hda1 install_root=ide ro plat=freddo
Platform: ise
IPIC (128 IRQ sources, 8 External IRQs) at fe000700
PID hash table entries: 2048 (order: 11, 8192 bytes)
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
Memory: 515840k available (1756k kernel code, 516k data, 92k init, 0k highmem)
in atrace_init
log_head: h: 914815, t: 914675, l: 5, w: 0, s: 1047488
Using existing trace log
log_head: h: 914815, t: 914675, l: 5, w: 0, s: 1047488
Mount-cache hash table entries: 512
NET: Registered protocol family 16
Generic PHY: Registered new driver
SCSI subsystem initialized
NET: Registered protocol family 2
IP route cache hash table entries: 16384 (order: 4, 65536 bytes)
TCP established hash table entries: 65536 (order: 7, 524288 bytes)
TCP bind hash table entries: 65536 (order: 6, 262144 bytes)
TCP: Hash tables configured (established 65536 bind 65536)
TCP reno registered
io scheduler noop registered
io scheduler anticipatory registered
io scheduler deadline registered
io scheduler cfq registered (default)
Cisco ContentEngine Flash Driver Version 0.03
Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ sharing disabled
serial8250.0: ttyS0 at MMIO 0xe0004500 (irq = 9) is a 16550A
serial8250.0: ttyS1 at MMIO 0xe0004600 (irq = 10) is a 16550A
RAMDISK driver initialized: 16 RAM disks of 32768K size 1024 blocksize
Gianfar MII Bus: probed
eth0: Gianfar Ethernet Controller Version 1.2, 00:1b:a2:fe:32:be
eth0: Running with NAPI enabled
eth0: 256/256 RX/TX BD ring size
eth1: Gianfar Ethernet Controller Version 1.2, 00:1b:a2:fe:32:bf
eth1: Running with NAPI enabled
eth1: 256/256 RX/TX BD ring size
Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
ide: Assuming 50MHz system bus speed for PIO modes; override with idebus=xx
hda: probing with STATUS(0x50) instead of ALTSTATUS(0x0a)
hda: STI Flash 7.4.2, CFA DISK drive
ide0 at 0xe1000000-0xe1000007,0xe100280d on irq 17
hda: max request size: 128KiB
hda: 2001888 sectors (1024 MB), CHS=1986/16/63
hda: cache flushes not supported
hda: hda1 hda2
i2c /dev entries driver
NET: Registered protocol family 26
TCP cubic registered
NET: Registered protocol family 1
NET: Registered protocol family 17
ReiserFS: hda1: found reiserfs format "3.6" with standard journal
ReiserFS: hda1: using ordered data mode
ReiserFS: hda1: journal params: device hda1, size 8192, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30
ReiserFS: hda1: checking transaction log (hda1)
ReiserFS: hda1: Using r5 hash to sort names
VFS: Mounted root (reiserfs filesystem) readonly.
Freeing unused kernel memory: 92k init
Cisco init
INIT: version 2.86 booting
mounting proc fs ...
mounting sys fs ...
mounting /dev/shm tmpfs ...
reiser root fs ...
Reiserfs super block in block 16 on 0x0 of format 3.6 with standard journal
Blocks (total/free): 248976/163485 by 4096 bytes
Filesystem is clean
Filesystem seems mounted read-only. Skipping journal replay.
Checking internal tree..finished
FILESYSTEM CLEAN
Remounting the root filesystem read-write...
kernel.sem = 1900 4000 32 100
vm.overcommit_memory = 1
vm.min_free_kbytes = 8192
Welcome to Cisco Service Engine
Setting the system time from system log
Fri Aug 9 21:03:00 UTC 2013
********** rc.aesop ****************
Populating resource values from /etc/freddo_rsrc_file
Populating resource values from /etc/default_rsrc_file
Populating resource values from /etc/products/cue/default_rsrc_file
Populating resource values from /etc/products/cue/freddo_rsrc_file
Processing manifests . . . . . . . . . . . . complete
==> Management interface is eth0
==> Management interface is eth0
Serial Number:
INIT: Entering runlevel: 2
********** rc.post_install ****************
Skipping post install...
executing app post_install
Skipping product specific post install... defaulting values
Setting Call Agent to CUCME
executing app post_install done
Creating Postgres database .... done.
INIT: Switching to runlevel: 4
INIT: Sending processes the TERM signal
STARTED: ntp_startup.sh
STARTED: LDAP_startup.sh
STARTED: SQL_startup.sh
STARTED: dwnldr_startup.sh
STARTED: HTTP_startup.sh
STARTED: probe
STARTED: superthread_startup.sh
STARTED: /usr/wfavvid/run-wfengine.sh
STARTED: /usr/bin/launch_ums.sh
Waiting 234 ...
Creating default Administrator account...
SYSTEM ONLINE
UC500-CUE#
UC500-CUE# sh license status application
voicemail enabled: 6 ports, 6 sessions, 65 mailboxes
ivr disabled, no unexpired installed ivr session license available
UC500-CUE# reload
****************************
*** Command aborted... ***
*** System state changed ***
****************************
UC500-CUE(offline)# reload
User Access Verification
Username: shane
Password:
UC520>en
Password:
UC520#
UC520#
UC520#service-module integrated-Service-Engine 0/0 sess
Trying 10.1.10.2, 2002 ... Open
User Access Verification
Username: skillen
Password:
UC500-CUE>
UC500-CUE>
UC500-CUE> en
Password:
UC500-CUE# software install clean url ftp://192.168.1.110/CUE/cue-vm-k9.ise.8.6.6.pkg user shane pass none
WARNING:: This command will install the necessary software to
WARNING:: complete a clean install. It is recommended that a backup be done
WARNING:: before installing software.
Would you like to continue? [n] y
Downloading ftp cue-vm-k9.ise.8.6.6.pkg
Bytes downloaded : 262056
Validating package signature ... done
Downloading ftp cue-vm-installer-k9.ise.8.6.6.prt1
Bytes downloaded : 144420
Installer does not recognize package file format.
Attempting to upgrade installer...
starting_phase:
install-files.sh /dwnld/pkgdata/.installer_wo
add_file /dwnld/pkgdata/cue-vm-installer-k9.ise.8.6.6.prt1 1 / tgz
Installer upgrade successful
Restarting install process...
Software install using RAM
Downloading ftp cue-vm-k9.ise.8.6.6.pkg
Bytes downloaded : 262056
Validating package signature ... done
- Parsing package manifest files... complete.
Validating installed manifests ...........complete.
- Checking Package dependencies... complete.
Downloading ftp cue-vm-langpack.ise.8.6.6.pkg
Bytes downloaded : 1386351
Validating package signature ... done
Found Add-On Subsystem SID: e2e81cc6-39b5-47e1-9f83-b83c897fc50c Name: CUE Voicemail Language Support Version: 8.6.6
Found Add-On Subsystem SID: c28339fa-f7ae-4732-85ab-fa6c68b5de0c Name: CUE Voicemail Italian Version: 8.6.6
Found Add-On Subsystem SID: 49f09114-e0b0-4721-8b85-04be2064920c Name: CUE Voicemail European Spanish Version: 8.6.6
Found Add-On Subsystem SID: 27e5e2ab-1622-4c02-8a0a-cfad0d932148 Name: CUE Voicemail US English Version: 8.6.6
Found Add-On Subsystem SID: cf860289-67ac-4886-9295-a41e4c7a8487 Name: CUE Voicemail European French Version: 8.6.6
Found Add-On Subsystem SID: f0a41398-3917-4d49-b5ab-c2b39a80c121 Name: CUE Voicemail Latin American Spanish Version: 8.6.6
Found Add-On Subsystem SID: c4ca62e2-daff-40dc-b94e-bf20094bd700 Name: CUE Voicemail Mexican Spanish Version: 8.6.6
Found Add-On Subsystem SID: 88a84158-c090-4203-bde8-0d62eda200c7 Name: CUE Voicemail Arabic Version: 8.6.6
Found Add-On Subsystem SID: ab049397-cfad-4952-852a-8dfa69780cb8 Name: CUE Voicemail Dutch Version: 8.6.6
Found Add-On Subsystem SID: d60c3add-0c6b-4a99-8e5c-31019fe7939e Name: CUE Voicemail Swedish Version: 8.6.6
Found Add-On Subsystem SID: e1ed9919-31da-4c38-b029-9bbd8231d523 Name: CUE Voicemail Norwegian Version: 8.6.6
Found Add-On Subsystem SID: 683674a5-e6ef-4c97-8e05-efbba1e6fe47 Name: CUE Voicemail Canadian French Version: 8.6.6
Found Add-On Subsystem SID: c3d2409a-ae9a-47d3-baf0-3c1a3ff85d82 Name: CUE Voicemail Portuguese Version: 8.6.6
Found Add-On Subsystem SID: b18bcd35-5a37-46af-b230-0d9c27713dec Name: CUE Voicemail Turkish Version: 8.6.6
Found Add-On Subsystem SID: 3e72a8ae-45d2-4790-b0b5-9301600e886e Name: CUE Voicemail Hungarian Version: 8.6.6
Found Add-On Subsystem SID: fa803d25-9c89-4171-a14c-ec12d6ed6b8c Name: CUE Voicemail UK English Version: 8.6.6
Found Add-On Subsystem SID: 3f968fd0-6598-48e2-be1c-4af6c2e02e02 Name: CUE Voicemail German Version: 8.6.6
Found Add-On Subsystem SID: 09aa3e26-6efc-4bc4-a821-60d0fb238c74 Name: CUE Voicemail Hebrew Version: 8.6.6
Found Add-On Subsystem SID: 88f73a6c-884d-4838-b162-1b544dd6583f Name: CUE Voicemail Danish Version: 8.6.6
Found Add-On Subsystem SID: a2ba4f96-3452-40c3-83ad-c442cb6bf42f Name: CUE Voicemail Brazilian Portuguese Version: 8.6.6
Found Add-On Subsystem SID: e67d778d-53bd-4a2e-8dec-2c640f00bec0 Name: CUE Voicemail Traditional Chinese (Taiwan) Version: 8.6.6
Found Add-On Subsystem SID: ea206a88-e44f-488b-a660-114a3b179065 Name: CUE Voicemail Korean Version: 8.6.6
Found Add-On Subsystem SID: 372fa3fd-1efb-4353-9005-45876646a351 Name: CUE Voicemail Simplified Chinese (PRC) Version: 8.6.6
Found Add-On Subsystem SID: 6cdfed34-6d45-48fd-afe0-717e589c9aa9 Name: CUE Voicemail Japanese Version: 8.6.6
Found Add-On Subsystem SID: fa2e95d4-6be5-422d-a934-89a8e6d33e95 Name: CUE Voicemail Hong Kong Chinese Version: 8.6.6
Found Add-On Subsystem SID: 24cb0b00-ed1c-4463-bf6f-261b15dfb3e7 Name: CUE Voicemail Russian Version: 8.6.6
- Parsing package manifest files... complete.
- Checking Package dependencies... complete.
- Checking Manifest dependencies for subsystems in the install candidate list...
complete
Starting payload download
File : cue-vm-full-k9.ise.8.6.6.prt1 Bytes : 143453076
Validating payloads match registered checksums...
- cue-vm-full-k9.ise.8.6.6.prt1 .........................................................................................................................................verified
Extracting install scripts ...
Scripts extraction complete.
Remove scripts work order /dwnld/.script_work_order
Running Script Processor for ui_install
Maximum 2 language add-ons allowed for this platform.
Please select language(s) to install from the following list:
Language Installation Menu:
# Selected SKU Language Name (version)
----------------------------------------------------------------------
1 ITA CUE Voicemail Italian (8.6.6)
2 ESP CUE Voicemail European Spanish (8.6.6)
3 ENU CUE Voicemail US English (8.6.6)
4 FRA CUE Voicemail European French (8.6.6)
5 ESO CUE Voicemail Latin American Spanish (8.6.6)
6 ESM CUE Voicemail Mexican Spanish (8.6.6)
7 ARA CUE Voicemail Arabic (8.6.6)
8 NLD CUE Voicemail Dutch (8.6.6)
9 SVE CUE Voicemail Swedish (8.6.6)
10 NOR CUE Voicemail Norwegian (8.6.6)
11 FRC CUE Voicemail Canadian French (8.6.6)
12 PTG CUE Voicemail Portuguese (8.6.6)
13 TUR CUE Voicemail Turkish (8.6.6)
14 HUN CUE Voicemail Hungarian (8.6.6)
15 ENG CUE Voicemail UK English (8.6.6)
16 DEU CUE Voicemail German (8.6.6)
17 HBR CUE Voicemail Hebrew (8.6.6)
18 DAN CUE Voicemail Danish (8.6.6)
19 PTB CUE Voicemail Brazilian Portuguese (8.6.6)
20 CHT CUE Voicemail Traditional Chinese (Taiwan) (8.6.6)
21 KOR CUE Voicemail Korean (8.6.6)
22 CHS CUE Voicemail Simplified Chinese (PRC) (8.6.6)
23 JPN CUE Voicemail Japanese (8.6.6)
24 ZHH CUE Voicemail Hong Kong Chinese (8.6.6)
25 RUS CUE Voicemail Russian (8.6.6)
----------------------------------------------------------------------
Available commands are:
# - enter the number for the language to select one
r # - remove the language for given #
i # - more information about the language for given #
x - Done with language selection
Enter Command:3
Language Installation Menu:
# Selected SKU Language Name (version)
----------------------------------------------------------------------
1 ITA CUE Voicemail Italian (8.6.6)
2 ESP CUE Voicemail European Spanish (8.6.6)
3 * ENU CUE Voicemail US English (8.6.6)
4 FRA CUE Voicemail European French (8.6.6)
5 ESO CUE Voicemail Latin American Spanish (8.6.6)
6 ESM CUE Voicemail Mexican Spanish (8.6.6)
7 ARA CUE Voicemail Arabic (8.6.6)
8 NLD CUE Voicemail Dutch (8.6.6)
9 SVE CUE Voicemail Swedish (8.6.6)
10 NOR CUE Voicemail Norwegian (8.6.6)
11 FRC CUE Voicemail Canadian French (8.6.6)
12 PTG CUE Voicemail Portuguese (8.6.6)
13 TUR CUE Voicemail Turkish (8.6.6)
14 HUN CUE Voicemail Hungarian (8.6.6)
15 ENG CUE Voicemail UK English (8.6.6)
16 DEU CUE Voicemail German (8.6.6)
17 HBR CUE Voicemail Hebrew (8.6.6)
18 DAN CUE Voicemail Danish (8.6.6)
19 PTB CUE Voicemail Brazilian Portuguese (8.6.6)
20 CHT CUE Voicemail Traditional Chinese (Taiwan) (8.6.6)
21 KOR CUE Voicemail Korean (8.6.6)
22 CHS CUE Voicemail Simplified Chinese (PRC) (8.6.6)
23 JPN CUE Voicemail Japanese (8.6.6)
24 ZHH CUE Voicemail Hong Kong Chinese (8.6.6)
25 RUS CUE Voicemail Russian (8.6.6)
----------------------------------------------------------------------
Available commands are:
# - enter the number for the language to select one
r # - remove the language for given #
i # - more information about the language for given #
x - Done with language selection
Enter Command:x
ui_install scripts executed successfully.
Starting payload download
File : cue-vm-en_US-langpack.ise.8.6.6.prt1 Bytes : 31437748
Downloading payload(s) complete
Validating payloads match registered checksums...
- cue-vm-en_US-langpack.ise.8.6.6.prt1 ..............................verified
The system will be brought to offline state for a brief period
and will be brought back to online state automatically
Validating installed manifests ...........complete.
Clearing previous downgrade files ... complete.
The system is back in online state
Performing Hot install ...Sending an RBCP message to IOS notifying module reboot due do installation activitiy...
/bin/installer_shutdown.sh: line 23: /bin/rbcp_install_status: No such file or directory
Shutting down processes ... Please wait
.
EXITED: probe exit status 0
EXITED: SQL_startup.sh exit status 0
EXITED: LDAP_startup.sh exit status 0
EXITED: ntp_startup.sh exit status 137
EXITED: HTTP_startup.sh exit status 0
EXITED: superthread_startup.sh exit status 137
EXITED: ${ROOT}/usr/wfavvid/run exit status 137
EXITED: dwnldr_startup.sh exit status 137
Process shutdown complete.
clearing ////tmp/
bzsig ldbl -m freddo -t bzsig baQcK/vg+QpRcaIocbSymBwtahE46Vw8b+pYnWEu1eOE+AowbUaSNitVZBe1yJTnlYKL92UxIRJWsMwlpUjkEJ6FkBxRtGxADstSbLtmlN6V98aPeaOeSdkZMVVNi2dIkXOWlTEudE1oNe9/XF9CehJY05eXk2RNEow4+9n8uqo=
. Post install scripts were run for clean install. /lib/python2.3/installer/ScriptProcessor.py python
exec_script python /lib/python2.3/installer/ScriptProcessor.py
Post install scripts were run for clean install.. Return code is success.
Creating new nodes.
Performing final moves mnt_dir: /
INIT:
Rebooting ...
shutdown: sending all processes the TERM signal...
shutdown: sending all processes the KILL signal.
shutdown: turning off swap
shutdown: unmounting all file systems
Please stand by Restarting system.
ΓΏ
Cisco BootMon Version: 1.0.2
(Feb 27 2007 - 10:38:53) MPC83XX
Bootmon starts
Bootmon: cold reset.
System now booting.
Bootmon: reading primary bootloader image
Bootmon: calling bootloader
Cisco ServiceEngine Bootloader Version: 1.0.3
(Jul 6 2007 - 10:15:37) MPC83XX
Resetting devices ....Done.
mac address for internal ethernet 00:1b:a2:fe:32:be
Please enter '***' to change boot configuration:
ServicesEngine Bootloader Version : 1.0.3
kern_sz: 1128765
bl_boot_cf_cmd root=/dev/hda1 install_root=ide ro plat=freddo
## Booting image at 04000000 ...
Image Name: Linux-2.6.22-cisco-freddo
Image Type: PowerPC Linux Kernel Image (gzip compressed)
Data Size: 1128701 Bytes = 1.1 MB
Load Address: 00000000
Entry Point: 00000000
Verifying Checksum ... OK
Uncompressing Kernel Image ... OK
Linux version 2.6.22.10-vs2.2.0.5-cisco-freddo (drodrig@fndn-bld-system10) (gcc version 4.2.2) #1 Wed Jan 30 09:36:35 PST 2013
Zone PFN ranges:
DMA 0 -> 131072
Normal 131072 -> 131072
early_node_map[1] active PFN ranges
0: 0 -> 131072
Built 1 zonelists. Total pages: 130048
Kernel command line: root=/dev/hda1 install_root=ide ro plat=freddo
Platform: ise
IPIC (128 IRQ sources, 8 External IRQs) at fe000700
PID hash table entries: 2048 (order: 11, 8192 bytes)
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
Memory: 515840k available (1756k kernel code, 516k data, 92k init, 0k highmem)
in atrace_init
log_head: h: 914815, t: 914675, l: 5, w: 0, s: 1047488
Using existing trace log
log_head: h: 914815, t: 914675, l: 5, w: 0, s: 1047488
Mount-cache hash table entries: 512
NET: Registered protocol family 16
Generic PHY: Registered new driver
SCSI subsystem initialized
NET: Registered protocol family 2
IP route cache hash table entries: 16384 (order: 4, 65536 bytes)
TCP established hash table entries: 65536 (order: 7, 524288 bytes)
TCP bind hash table entries: 65536 (order: 6, 262144 bytes)
TCP: Hash tables configured (established 65536 bind 65536)
TCP reno registered
io scheduler noop registered
io scheduler anticipatory registered
io scheduler deadline registered
io scheduler cfq registered (default)
Cisco ContentEngine Flash Driver Version 0.03
Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ sharing disabled
serial8250.0: ttyS0 at MMIO 0xe0004500 (irq = 9) is a 16550A
serial8250.0: ttyS1 at MMIO 0xe0004600 (irq = 10) is a 16550A
RAMDISK driver initialized: 16 RAM disks of 32768K size 1024 blocksize
Gianfar MII Bus: probed
eth0: Gianfar Ethernet Controller Version 1.2, 00:1b:a2:fe:32:be
eth0: Running with NAPI enabled
eth0: 256/256 RX/TX BD ring size
eth1: Gianfar Ethernet Controller Version 1.2, 00:1b:a2:fe:32:bf
eth1: Running with NAPI enabled
eth1: 256/256 RX/TX BD ring size
Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
ide: Assuming 50MHz system bus speed for PIO modes; override with idebus=xx
hda: probing with STATUS(0x50) instead of ALTSTATUS(0x0a)
hda: STI Flash 7.4.2, CFA DISK drive
ide0 at 0xe1000000-0xe1000007,0xe100280d on irq 17
hda: max request size: 128KiB
hda: 2001888 sectors (1024 MB), CHS=1986/16/63
hda: cache flushes not supported
hda: hda1 hda2
i2c /dev entries driver
NET: Registered protocol family 26
TCP cubic registered
NET: Registered protocol family 1
NET: Registered protocol family 17
ReiserFS: hda1: found reiserfs format "3.6" with standard journal
ReiserFS: hda1: using ordered data mode
ReiserFS: hda1: journal params: device hda1, size 8192, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30
ReiserFS: hda1: checking transaction log (hda1)
ReiserFS: hda1: Using r5 hash to sort names
VFS: Mounted root (reiserfs filesystem) readonly.
Freeing unused kernel memory: 92k init
Cisco init
INIT: version 2.86 booting
mounting proc fs ...
mounting sys fs ...
mounting /dev/shm tmpfs ...
reiser root fs ...
Reiserfs super block in block 16 on 0x0 of format 3.6 with standard journal
Blocks (total/free): 248976/163485 by 4096 bytes
Filesystem is clean
Filesystem seems mounted read-only. Skipping journal replay.
Checking internal tree..finished
FILESYSTEM CLEAN
Remounting the root filesystem read-write...
kernel.sem = 1900 4000 32 100
vm.overcommit_memory = 1
vm.min_free_kbytes = 8192
Welcome to Cisco Service Engine
Setting the system time from system log
Fri Aug 9 21:03:00 UTC 2013
********** rc.aesop ****************
Populating resource values from /etc/freddo_rsrc_file
Populating resource values from /etc/default_rsrc_file
Populating resource values from /etc/products/cue/default_rsrc_file
Populating resource values from /etc/products/cue/freddo_rsrc_file
Processing manifests . . . . . . . . . . . . complete
==> Management interface is eth0
==> Management interface is eth0
Serial Number:
INIT: Entering runlevel: 2
********** rc.post_install ****************
Skipping post install...
executing app post_install
Skipping product specific post install... defaulting values
Setting Call Agent to CUCME
executing app post_install done
Creating Postgres database .... done.
INIT: Switching to runlevel: 4
INIT: Sending processes the TERM signal
STARTED: ntp_startup.sh
STARTED: LDAP_startup.sh
STARTED: SQL_startup.sh
STARTED: dwnldr_startup.sh
STARTED: HTTP_startup.sh
STARTED: probe
STARTED: superthread_startup.sh
STARTED: /usr/wfavvid/run-wfengine.sh
STARTED: /usr/bin/launch_ums.sh
Waiting 234 ...
Creating default Administrator account...
SYSTEM ONLINE
UC500-CUE#
UC500-CUE# sh license status application
voicemail enabled: 6 ports, 6 sessions, 65 mailboxes
ivr disabled, no unexpired installed ivr session license available
UC500-CUE# reload
****************************
*** Command aborted... ***
*** System state changed ***
****************************
UC500-CUE(offline)# reload
Wednesday, August 28, 2013
Check Your Spelling Please
Ok, I know I'm not the best speller in the world, but here is what your public schools are putting out these days. Check this out below. Yes, there is such a place as a 'desert'. However, you don't eat a desert. You eat a 'dessert'. And yes, 'your' is a word. However, you don't own a 'very welcome'. 'You're' does, however, fit in correctly in the following sentence: 'You are very welcome'.
Tuesday, August 27, 2013
Cisco Router: Where Are The PVDM Slots In A Cisco Router
If you open the lid of a 2901 Cisco router, you will see the writing on the electronic board. I will be labeled PVDM0 and PVDM1. Here is a helpful image for you. You pull these out just like regular memory, by the push tabs on the sides of where the module goes.
Monday, August 26, 2013
Valcom VIP 8XX SIP Paging Units Small Review
Im really impressed with these little devices. Valcom makes a pretty good little product, and this SIP 801 unit is no different. I have put these in at several locations and found them very reliable. Its basically paging over IP (PgoIP?). These are really good if you need paging at a remote site when your phone system is at a main site. Pretty handy and very easy to setup. You can find setup manuals at www.valcom.com. They are very cost effective also.
One particular place of implementation I did this at was at a place Where Windstream promised multicast capability across the MPLS so that a Cistera box could be used for paging. However, it turns out Windstream couldnt deliver on their promise for multicast capability, and so this Valcom solution was put in instead. I much prefer the Valcom over Cistera for paging anyway.
One particular place of implementation I did this at was at a place Where Windstream promised multicast capability across the MPLS so that a Cistera box could be used for paging. However, it turns out Windstream couldnt deliver on their promise for multicast capability, and so this Valcom solution was put in instead. I much prefer the Valcom over Cistera for paging anyway.
Sunday, August 25, 2013
Cisco: 'UCM down, features disabled'
I came across a problem where a Cisco IP phone would slightly more than occasionally find itself unregistered with the CUCM. Below is what I would see:
Interesting problem for sure. What I found was there was this wireless print server attached to the phone in the PC port. Somehow, of which Im not sure at the moment, it would cause this phone to unregister with CUCM. When I took this little wireless print server off, all worked normal again without problem. I should have taken a picture of the wireless print server. Oh well.
Saturday, August 24, 2013
Barracuda Web Filter All LED On status
I had to troubleshoot a Barracuda web filter the other day and this below is what I arrived to.
So you see all the lights on, right? Well, thats not good. So I consoled into the unit and found this below, stuck at this point:
It didnt matter what I did, I couldnt get past this point. The client ran the internal diagnostics on the unit, but all hardware passed. Time to RMA the unit.
So you see all the lights on, right? Well, thats not good. So I consoled into the unit and found this below, stuck at this point:
It didnt matter what I did, I couldnt get past this point. The client ran the internal diagnostics on the unit, but all hardware passed. Time to RMA the unit.
Friday, August 23, 2013
Cisco Voice: Outlook Error -"Cannot create file: VoiceMessage.wav. Right-click the folder you want to create the file in, and then click Properties on the shortcut menu to check your permissions for the folder."
I had a client call me for our hosted VoIP services, telling me that they could not hear voicemail in their Outlook. When the email came in, they would attempt to play the message and got the following error message:
"Cannot create file: VoiceMessage.wav. Right-click the folder you want to create the file in, and then click Properties on the shortcut menu to check your permissions for the folder."
Ok, so I have never seen this message before, but here is what I did to correct this. After troubleshooting, I found that I needed to go into the registry to find out where the cache was. Here is the location I had to go to in regedit:
Key: HKEY_CURRENT_USER\Software\Microsoft\Office\14\Outlook\Security <--- 14 was the version (I think)
Value name: OutlookSecureTempFolder
So, the value above has a location. Go into Windows Explorer and to that location as stated in the Value. Then, delete all the .wav files that are in there. After I did this, I was able to go and listen to the voicemail messages again.
"Cannot create file: VoiceMessage.wav. Right-click the folder you want to create the file in, and then click Properties on the shortcut menu to check your permissions for the folder."
Ok, so I have never seen this message before, but here is what I did to correct this. After troubleshooting, I found that I needed to go into the registry to find out where the cache was. Here is the location I had to go to in regedit:
Key: HKEY_CURRENT_USER\Software\Microsoft\Office\14\Outlook\Security <--- 14 was the version (I think)
Value name: OutlookSecureTempFolder
So, the value above has a location. Go into Windows Explorer and to that location as stated in the Value. Then, delete all the .wav files that are in there. After I did this, I was able to go and listen to the voicemail messages again.
Thursday, August 22, 2013
Brocade ICX: How To Upgrade The POE Firmware On A ICX Series Switch
I have had to do this a lot to get the firmware up to date from a factory shipped ICX series switch. No big deal and this should be expected, as firmware updates come out all the time. POE is no different. You just need to do the update on the switch. Here is how to do this on the second unit in the stack, where 192.168.73.4 is my TFTP server:
Core#inline power install-firmware stack-unit 2 tftp 192.168.70.2 fcx_poeplus_02.1.0.fw
This will update the POE firmware on the second unit. Do the same for any other units you need to upgrade.
Core#inline power install-firmware stack-unit 2 tftp 192.168.70.2 fcx_poeplus_02.1.0.fw
This will update the POE firmware on the second unit. Do the same for any other units you need to upgrade.
Wednesday, August 21, 2013
Brocade: Troubleshooting A FCX Switch POE Problem Today (Firmware Version 00.0.0)
I was called today to come troubleshoot a switch problem. It was an FCX 48 port HPOE and they report that the switch will not provide power to the ShoreTel IP phones. So when I get there, I find I can run the power level down to a class 2, but it actually will not change the power level. Also, as you can see below, I have 13 ports that will show power availability. The rest show denied. If I plug a phone into port 2/1/1, and type in 'disable', I do loose Ethernet capability. However, when I do a 'no inline power', the POE stays on and the phone stays powered up. And, just the opposite for ports 2/1/14 through 2/1/48.
switch(config)#sh inl powe
Power Capacity: Total is 410000 mWatts. Current Free is 17000 mWatts.
Power Allocations: Requests Honored 14 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
2/1/1 On Off 0 30000 n/a n/a 3 n/a
2/1/2 On Off 0 30000 n/a n/a 3 n/a
2/1/3 On Off 0 30000 n/a n/a 3 n/a
2/1/4 On Off 0 30000 n/a n/a 3 n/a
2/1/5 On Off 0 30000 n/a n/a 3 n/a
2/1/6 On Off 0 30000 n/a n/a 3 n/a
2/1/7 On Off 0 30000 n/a n/a 3 n/a
2/1/8 On Off 0 30000 n/a n/a 3 n/a
2/1/9 On Off 0 30000 n/a n/a 3 n/a
2/1/10 On Off 0 30000 n/a n/a 3 n/a
2/1/11 On Off 0 30000 n/a n/a 3 n/a
2/1/12 On Off 0 30000 n/a n/a 3 n/a
2/1/13 On Off 0 30000 n/a n/a 3 n/a
2/1/14 On Denied 0 0 n/a n/a 3 n/a
2/1/15 On Denied 0 0 n/a n/a 3 n/a
2/1/16 On Denied 0 0 n/a n/a 3 n/a
2/1/17 On Denied 0 0 n/a n/a 3 n/a
2/1/18 On Denied 0 0 n/a n/a 3 n/a
2/1/19 On Denied 0 0 n/a n/a 3 n/a
2/1/20 On Denied 0 0 n/a n/a 3 n/a
2/1/21 On Denied 0 0 n/a n/a 3 n/a
2/1/22 On Denied 0 0 n/a n/a 3 n/a
2/1/23 On Denied 0 0 n/a n/a 3 n/a
2/1/24 On Denied 0 0 n/a n/a 3 n/a
2/1/25 On Denied 0 0 n/a n/a 3 n/a
2/1/26 On Denied 0 0 n/a n/a 3 n/a
2/1/27 On Denied 0 0 n/a n/a 3 n/a
2/1/28 On Denied 0 0 n/a n/a 3 n/a
2/1/29 On Denied 0 0 n/a n/a 3 n/a
2/1/30 On Denied 0 0 n/a n/a 3 n/a
2/1/31 On Denied 0 0 n/a n/a 3 n/a
2/1/32 On Denied 0 0 n/a n/a 3 n/a
2/1/33 On Denied 0 0 n/a n/a 3 n/a
2/1/34 On Denied 0 0 n/a n/a 3 n/a
2/1/35 On Denied 0 0 n/a n/a 3 n/a
2/1/36 On Denied 0 0 n/a n/a 3 n/a
2/1/37 On Denied 0 0 n/a n/a 3 n/a
2/1/38 On Denied 0 0 n/a n/a 3 n/a
2/1/39 Off Off 0 0 n/a n/a 3 n/a
2/1/40 On Denied 0 0 n/a n/a 3 n/a
2/1/41 On Denied 0 0 n/a n/a 3 n/a
2/1/42 On Denied 0 0 n/a n/a 3 n/a
2/1/43 On Denied 0 0 n/a n/a 3 n/a
2/1/44 On Denied 0 0 n/a n/a 3 n/a
2/1/45 On Denied 0 0 n/a n/a 3 n/a
2/1/46 On Denied 0 0 n/a n/a 3 n/a
2/1/47 On Off 0 3000 n/a n/a 3 n/a
2/1/48 On Denied 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 0 393000
switch(config)#int eth 2/1/1 to 2/1/48
switch(config-mif-2/1/1-2/1/48)#inlin power power-by-cl 2
Warning: Inline power configuration on port 2/1/1 has been modified.
Warning: Inline power configuration on port 2/1/2 has been modified.
Warning: Inline power configuration on port 2/1/3 has been modified.
Warning: Inline power configuration on port 2/1/4 has been modified.
Warning: Inline power configuration on port 2/1/5 has been modified.
Warning: Inline power configuration on port 2/1/6 has been modified.
Warning: Inline power configuration on port 2/1/7 has been modified.
Warning: Inline power configuration on port 2/1/8 has been modified.
Warning: Inline power configuration on port 2/1/9 has been modified.
Warning: Inline power configuration on port 2/1/10 has been modified.
Warning: Inline power configuration on port 2/1/11 has been modified.
Warning: Inline power configuration on port 2/1/12 has been modified.
Warning: Inline power configuration on port 2/1/13 has been modified.
Warning: Inline power configuration on port 2/1/14 has been modified.
Warning: Inline power configuration on port 2/1/15 has been modified.
Warning: Inline power configuration on port 2/1/16 has been modified.
Warning: Inline power configuration on port 2/1/17 has been modified.
Warning: Inline power configuration on port 2/1/18 has been modified.
Warning: Inline power configuration on port 2/1/19 has been modified.
Warning: Inline power configuration on port 2/1/20 has been modified.
Warning: Inline power configuration on port 2/1/21 has been modified.
Warning: Inline power configuration on port 2/1/22 has been modified.
Warning: Inline power configuration on port 2/1/23 has been modified.
Warning: Inline power configuration on port 2/1/24 has been modified.
Warning: Inline power configuration on port 2/1/25 has been modified.
Warning: Inline power configuration on port 2/1/26 has been modified.
Warning: Inline power configuration on port 2/1/27 has been modified.
Warning: Inline power configuration on port 2/1/28 has been modified.
Warning: Inline power configuration on port 2/1/29 has been modified.
Warning: Inline power configuration on port 2/1/30 has been modified.
Warning: Inline power configuration on port 2/1/31 has been modified.
Warning: Inline power configuration on port 2/1/32 has been modified.
Warning: Inline power configuration on port 2/1/33 has been modified.
Warning: Inline power configuration on port 2/1/34 has been modified.
Warning: Inline power configuration on port 2/1/35 has been modified.
Warning: Inline power configuration on port 2/1/36 has been modified.
Warning: Inline power configuration on port 2/1/37 has been modified.
Warning: Inline power configuration on port 2/1/38 has been modified.
Warning: Inline power configuration on port 2/1/39 has been modified.
Warning: Inline power configuration on port 2/1/40 has been modified.
Warning: Inline power configuration on port 2/1/41 has been modified.
Warning: Inline power configuration on port 2/1/42 has been modified.
Warning: Inline power configuration on port 2/1/43 has been modified.
Warning: Inline power configuration on port 2/1/44 has been modified.
Warning: Inline power configuration on port 2/1/45 has been modified.
Warning: Inline power configuration on port 2/1/46 has been modified.
Warning: Inline power configuration on port 2/1/47 has been modified.
Warning: Inline power configuration on port 2/1/48 has been modified.
switch(config-mif-2/1/1-2/1/48)#sh inl powe
Power Capacity: Total is 410000 mWatts. Current Free is 3000 mWatts.
Power Allocations: Requests Honored 16 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
2/1/1 On Off 0 30000 n/a n/a 3 n/a
2/1/2 On Off 0 30000 n/a n/a 3 n/a
2/1/3 On Off 0 30000 n/a n/a 3 n/a
2/1/4 On Off 0 30000 n/a n/a 3 n/a
2/1/5 On Off 0 30000 n/a n/a 3 n/a
2/1/6 On Off 0 30000 n/a n/a 3 n/a
2/1/7 On Off 0 30000 n/a n/a 3 n/a
2/1/8 On Off 0 30000 n/a n/a 3 n/a
2/1/9 On Off 0 30000 n/a n/a 3 n/a
2/1/10 On Off 0 30000 n/a n/a 3 n/a
2/1/11 On Off 0 30000 n/a n/a 3 n/a
2/1/12 On Off 0 30000 n/a n/a 3 n/a
2/1/13 On Off 0 30000 n/a n/a 3 n/a
2/1/14 On Denied 0 7000 n/a n/a 3 n/a
2/1/15 On Denied 0 7000 n/a n/a 3 n/a
2/1/16 On Denied 0 0 n/a n/a 3 n/a
2/1/17 On Denied 0 0 n/a n/a 3 n/a
2/1/18 On Denied 0 0 n/a n/a 3 n/a
2/1/19 On Denied 0 0 n/a n/a 3 n/a
2/1/20 On Denied 0 0 n/a n/a 3 n/a
2/1/21 On Denied 0 0 n/a n/a 3 n/a
2/1/22 On Denied 0 0 n/a n/a 3 n/a
2/1/23 On Denied 0 0 n/a n/a 3 n/a
2/1/24 On Denied 0 0 n/a n/a 3 n/a
2/1/25 On Denied 0 0 n/a n/a 3 n/a
2/1/26 On Denied 0 0 n/a n/a 3 n/a
2/1/27 On Denied 0 0 n/a n/a 3 n/a
2/1/28 On Denied 0 0 n/a n/a 3 n/a
2/1/29 On Denied 0 0 n/a n/a 3 n/a
2/1/30 On Denied 0 0 n/a n/a 3 n/a
2/1/31 On Denied 0 0 n/a n/a 3 n/a
2/1/32 On Denied 0 0 n/a n/a 3 n/a
2/1/33 On Denied 0 0 n/a n/a 3 n/a
2/1/34 On Denied 0 0 n/a n/a 3 n/a
2/1/35 On Denied 0 0 n/a n/a 3 n/a
2/1/36 On Denied 0 0 n/a n/a 3 n/a
2/1/37 On Denied 0 0 n/a n/a 3 n/a
2/1/38 On Denied 0 0 n/a n/a 3 n/a
2/1/39 Off Off 0 0 n/a n/a 3 n/a
2/1/40 On Denied 0 0 n/a n/a 3 n/a
2/1/41 On Denied 0 0 n/a n/a 3 n/a
2/1/42 On Denied 0 0 n/a n/a 3 n/a
2/1/43 On Denied 0 0 n/a n/a 3 n/a
2/1/44 On Denied 0 0 n/a n/a 3 n/a
2/1/45 On Denied 0 0 n/a n/a 3 n/a
2/1/46 On Denied 0 0 n/a n/a 3 n/a
2/1/47 On Off 0 3000 n/a n/a 3 n/a
2/1/48 On Denied 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 0 407000
Also, note this though below. Notice that on Stack unit 2, it shows the POE firmware version to be 0.00. That is not good. I have shorted this for brevity:
Woodshed#sh inl po det
POE Details Info. On Stack 1 :
General PoE Data:
+++++++++++++++++
Firmware
Version
--------
02.1.0
(shortened for brevity)...
POE Details Info. On Stack 2 :
General PoE Data:
+++++++++++++++++
Firmware
Version
--------
00.0.0
I think its time to upgrade the POE firmware.
Notice this though. When troubleshooting, I disable power. I disable the port. And I still get this below. Interesting.
Time to upgrade the POE firmware.
So I upgraded the POE firmware and I still get a Firmware version of 00.0.0. According to Brocade, its time to RMA the unit.
switch(config)#sh inl powe
Power Capacity: Total is 410000 mWatts. Current Free is 17000 mWatts.
Power Allocations: Requests Honored 14 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
2/1/1 On Off 0 30000 n/a n/a 3 n/a
2/1/2 On Off 0 30000 n/a n/a 3 n/a
2/1/3 On Off 0 30000 n/a n/a 3 n/a
2/1/4 On Off 0 30000 n/a n/a 3 n/a
2/1/5 On Off 0 30000 n/a n/a 3 n/a
2/1/6 On Off 0 30000 n/a n/a 3 n/a
2/1/7 On Off 0 30000 n/a n/a 3 n/a
2/1/8 On Off 0 30000 n/a n/a 3 n/a
2/1/9 On Off 0 30000 n/a n/a 3 n/a
2/1/10 On Off 0 30000 n/a n/a 3 n/a
2/1/11 On Off 0 30000 n/a n/a 3 n/a
2/1/12 On Off 0 30000 n/a n/a 3 n/a
2/1/13 On Off 0 30000 n/a n/a 3 n/a
2/1/14 On Denied 0 0 n/a n/a 3 n/a
2/1/15 On Denied 0 0 n/a n/a 3 n/a
2/1/16 On Denied 0 0 n/a n/a 3 n/a
2/1/17 On Denied 0 0 n/a n/a 3 n/a
2/1/18 On Denied 0 0 n/a n/a 3 n/a
2/1/19 On Denied 0 0 n/a n/a 3 n/a
2/1/20 On Denied 0 0 n/a n/a 3 n/a
2/1/21 On Denied 0 0 n/a n/a 3 n/a
2/1/22 On Denied 0 0 n/a n/a 3 n/a
2/1/23 On Denied 0 0 n/a n/a 3 n/a
2/1/24 On Denied 0 0 n/a n/a 3 n/a
2/1/25 On Denied 0 0 n/a n/a 3 n/a
2/1/26 On Denied 0 0 n/a n/a 3 n/a
2/1/27 On Denied 0 0 n/a n/a 3 n/a
2/1/28 On Denied 0 0 n/a n/a 3 n/a
2/1/29 On Denied 0 0 n/a n/a 3 n/a
2/1/30 On Denied 0 0 n/a n/a 3 n/a
2/1/31 On Denied 0 0 n/a n/a 3 n/a
2/1/32 On Denied 0 0 n/a n/a 3 n/a
2/1/33 On Denied 0 0 n/a n/a 3 n/a
2/1/34 On Denied 0 0 n/a n/a 3 n/a
2/1/35 On Denied 0 0 n/a n/a 3 n/a
2/1/36 On Denied 0 0 n/a n/a 3 n/a
2/1/37 On Denied 0 0 n/a n/a 3 n/a
2/1/38 On Denied 0 0 n/a n/a 3 n/a
2/1/39 Off Off 0 0 n/a n/a 3 n/a
2/1/40 On Denied 0 0 n/a n/a 3 n/a
2/1/41 On Denied 0 0 n/a n/a 3 n/a
2/1/42 On Denied 0 0 n/a n/a 3 n/a
2/1/43 On Denied 0 0 n/a n/a 3 n/a
2/1/44 On Denied 0 0 n/a n/a 3 n/a
2/1/45 On Denied 0 0 n/a n/a 3 n/a
2/1/46 On Denied 0 0 n/a n/a 3 n/a
2/1/47 On Off 0 3000 n/a n/a 3 n/a
2/1/48 On Denied 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 0 393000
switch(config)#int eth 2/1/1 to 2/1/48
switch(config-mif-2/1/1-2/1/48)#inlin power power-by-cl 2
Warning: Inline power configuration on port 2/1/1 has been modified.
Warning: Inline power configuration on port 2/1/2 has been modified.
Warning: Inline power configuration on port 2/1/3 has been modified.
Warning: Inline power configuration on port 2/1/4 has been modified.
Warning: Inline power configuration on port 2/1/5 has been modified.
Warning: Inline power configuration on port 2/1/6 has been modified.
Warning: Inline power configuration on port 2/1/7 has been modified.
Warning: Inline power configuration on port 2/1/8 has been modified.
Warning: Inline power configuration on port 2/1/9 has been modified.
Warning: Inline power configuration on port 2/1/10 has been modified.
Warning: Inline power configuration on port 2/1/11 has been modified.
Warning: Inline power configuration on port 2/1/12 has been modified.
Warning: Inline power configuration on port 2/1/13 has been modified.
Warning: Inline power configuration on port 2/1/14 has been modified.
Warning: Inline power configuration on port 2/1/15 has been modified.
Warning: Inline power configuration on port 2/1/16 has been modified.
Warning: Inline power configuration on port 2/1/17 has been modified.
Warning: Inline power configuration on port 2/1/18 has been modified.
Warning: Inline power configuration on port 2/1/19 has been modified.
Warning: Inline power configuration on port 2/1/20 has been modified.
Warning: Inline power configuration on port 2/1/21 has been modified.
Warning: Inline power configuration on port 2/1/22 has been modified.
Warning: Inline power configuration on port 2/1/23 has been modified.
Warning: Inline power configuration on port 2/1/24 has been modified.
Warning: Inline power configuration on port 2/1/25 has been modified.
Warning: Inline power configuration on port 2/1/26 has been modified.
Warning: Inline power configuration on port 2/1/27 has been modified.
Warning: Inline power configuration on port 2/1/28 has been modified.
Warning: Inline power configuration on port 2/1/29 has been modified.
Warning: Inline power configuration on port 2/1/30 has been modified.
Warning: Inline power configuration on port 2/1/31 has been modified.
Warning: Inline power configuration on port 2/1/32 has been modified.
Warning: Inline power configuration on port 2/1/33 has been modified.
Warning: Inline power configuration on port 2/1/34 has been modified.
Warning: Inline power configuration on port 2/1/35 has been modified.
Warning: Inline power configuration on port 2/1/36 has been modified.
Warning: Inline power configuration on port 2/1/37 has been modified.
Warning: Inline power configuration on port 2/1/38 has been modified.
Warning: Inline power configuration on port 2/1/39 has been modified.
Warning: Inline power configuration on port 2/1/40 has been modified.
Warning: Inline power configuration on port 2/1/41 has been modified.
Warning: Inline power configuration on port 2/1/42 has been modified.
Warning: Inline power configuration on port 2/1/43 has been modified.
Warning: Inline power configuration on port 2/1/44 has been modified.
Warning: Inline power configuration on port 2/1/45 has been modified.
Warning: Inline power configuration on port 2/1/46 has been modified.
Warning: Inline power configuration on port 2/1/47 has been modified.
Warning: Inline power configuration on port 2/1/48 has been modified.
switch(config-mif-2/1/1-2/1/48)#sh inl powe
Power Capacity: Total is 410000 mWatts. Current Free is 3000 mWatts.
Power Allocations: Requests Honored 16 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
2/1/1 On Off 0 30000 n/a n/a 3 n/a
2/1/2 On Off 0 30000 n/a n/a 3 n/a
2/1/3 On Off 0 30000 n/a n/a 3 n/a
2/1/4 On Off 0 30000 n/a n/a 3 n/a
2/1/5 On Off 0 30000 n/a n/a 3 n/a
2/1/6 On Off 0 30000 n/a n/a 3 n/a
2/1/7 On Off 0 30000 n/a n/a 3 n/a
2/1/8 On Off 0 30000 n/a n/a 3 n/a
2/1/9 On Off 0 30000 n/a n/a 3 n/a
2/1/10 On Off 0 30000 n/a n/a 3 n/a
2/1/11 On Off 0 30000 n/a n/a 3 n/a
2/1/12 On Off 0 30000 n/a n/a 3 n/a
2/1/13 On Off 0 30000 n/a n/a 3 n/a
2/1/14 On Denied 0 7000 n/a n/a 3 n/a
2/1/15 On Denied 0 7000 n/a n/a 3 n/a
2/1/16 On Denied 0 0 n/a n/a 3 n/a
2/1/17 On Denied 0 0 n/a n/a 3 n/a
2/1/18 On Denied 0 0 n/a n/a 3 n/a
2/1/19 On Denied 0 0 n/a n/a 3 n/a
2/1/20 On Denied 0 0 n/a n/a 3 n/a
2/1/21 On Denied 0 0 n/a n/a 3 n/a
2/1/22 On Denied 0 0 n/a n/a 3 n/a
2/1/23 On Denied 0 0 n/a n/a 3 n/a
2/1/24 On Denied 0 0 n/a n/a 3 n/a
2/1/25 On Denied 0 0 n/a n/a 3 n/a
2/1/26 On Denied 0 0 n/a n/a 3 n/a
2/1/27 On Denied 0 0 n/a n/a 3 n/a
2/1/28 On Denied 0 0 n/a n/a 3 n/a
2/1/29 On Denied 0 0 n/a n/a 3 n/a
2/1/30 On Denied 0 0 n/a n/a 3 n/a
2/1/31 On Denied 0 0 n/a n/a 3 n/a
2/1/32 On Denied 0 0 n/a n/a 3 n/a
2/1/33 On Denied 0 0 n/a n/a 3 n/a
2/1/34 On Denied 0 0 n/a n/a 3 n/a
2/1/35 On Denied 0 0 n/a n/a 3 n/a
2/1/36 On Denied 0 0 n/a n/a 3 n/a
2/1/37 On Denied 0 0 n/a n/a 3 n/a
2/1/38 On Denied 0 0 n/a n/a 3 n/a
2/1/39 Off Off 0 0 n/a n/a 3 n/a
2/1/40 On Denied 0 0 n/a n/a 3 n/a
2/1/41 On Denied 0 0 n/a n/a 3 n/a
2/1/42 On Denied 0 0 n/a n/a 3 n/a
2/1/43 On Denied 0 0 n/a n/a 3 n/a
2/1/44 On Denied 0 0 n/a n/a 3 n/a
2/1/45 On Denied 0 0 n/a n/a 3 n/a
2/1/46 On Denied 0 0 n/a n/a 3 n/a
2/1/47 On Off 0 3000 n/a n/a 3 n/a
2/1/48 On Denied 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 0 407000
Also, note this though below. Notice that on Stack unit 2, it shows the POE firmware version to be 0.00. That is not good. I have shorted this for brevity:
Woodshed#sh inl po det
POE Details Info. On Stack 1 :
General PoE Data:
+++++++++++++++++
Firmware
Version
--------
02.1.0
(shortened for brevity)...
POE Details Info. On Stack 2 :
General PoE Data:
+++++++++++++++++
Firmware
Version
--------
00.0.0
I think its time to upgrade the POE firmware.
Notice this though. When troubleshooting, I disable power. I disable the port. And I still get this below. Interesting.
Time to upgrade the POE firmware.
So I upgraded the POE firmware and I still get a Firmware version of 00.0.0. According to Brocade, its time to RMA the unit.
Tuesday, August 20, 2013
What Is The Maximum Cat5 Cable Length Allowed In An Ethernet Environment?
Well, its NOT 337 feet. It is 328 feet. But I personally wouldn't even do that far.
However, with that said, I do know of one customer of mine that does have one run of over 500 feet (from what they tell me).
Monday, August 19, 2013
Rainy Days In Alabama
We have had some good down pours lately. I just thought Id post a few of the storms I captured.
The first video is the storm coming my way. Im driving home (3 hours before sundown) and the storm is pretty severe. The next series is a down pour while in downtown Birmingham.
Downtown Birmingham:
The first video is the storm coming my way. Im driving home (3 hours before sundown) and the storm is pretty severe. The next series is a down pour while in downtown Birmingham.
Downtown Birmingham:
Sunday, August 18, 2013
Check Point: Maximum Concurrent Connections And Dropped Packets
I have seen this a couple of times before where a customer has reported dropped connections, timeouts, etc. This is a little frustrating to the customer to say the least. When you go into SmartView Monitor, you can see the the concurrent connections in real time. IF your Check Point is set to, say 50,000 concurrent connections, and you have anything above that number, you are going to see some negative results for sure. So, take a look at the screenshots below and keep an eye on how many concurrent connections you normally have. In this case, I had to run this up from 75,000 concurrent connections to 100,000 concurrent connections.
Saturday, August 17, 2013
Cisco: ESW-524 Switch Not Allowing Data/Voice Through The Network
This is a real pain, but I suppose Cisco would call this a 'feature'. Im not a big fan of this switch, but its a low cost answer for POE and Layer 2 switching (although not too powerful). I have had twice before communications stop (once) and work, then stop (once) because there is this thing called "port security".
So what I think this does is that it is to keep many devices from behind one port from being a problem. That doesnt sound right. I mean, it keeps you from adding a switch that has multiple devices riding on it. Im not sure that sounds right. One more try: I think it is to limit the amount of mac-addresses you can have behind your ESW-524 ports to prevent unwanted devices from being able to get on. In both scenarios, I had to go to the port security page (see below) and select "forward" instead of the default "discard". Once I did this, I was able to get the network back up in both cases. See below where to go to change this. Im thinking Cisco should not do this by default. I guess its like a Microsoft feature. They know better than you do, which is really annoying!
So what I think this does is that it is to keep many devices from behind one port from being a problem. That doesnt sound right. I mean, it keeps you from adding a switch that has multiple devices riding on it. Im not sure that sounds right. One more try: I think it is to limit the amount of mac-addresses you can have behind your ESW-524 ports to prevent unwanted devices from being able to get on. In both scenarios, I had to go to the port security page (see below) and select "forward" instead of the default "discard". Once I did this, I was able to get the network back up in both cases. See below where to go to change this. Im thinking Cisco should not do this by default. I guess its like a Microsoft feature. They know better than you do, which is really annoying!
Friday, August 16, 2013
Brocade Wireless: How To Add A SSID To A RFS 4000/6000/7000 Controller
I thought I would write up how to add an SSID to your Brocade controller. I find that a lot of companies want to go back after an implementation and add a SSID for one reason or another. So I took some screenshots and labeled them in order that you would do this, starting with number 1 and following to the end. Here is how you add a SSID to your controller.
Thursday, August 15, 2013
Wireless/Switch Troubleshooting: Vlan Status - "Vlan is up, line protocol is down"
I had this wireless problem (as reported to me) that no one could get on wireless. When I got onsite, I found that you could get on the wireless networks, but you could not get DHCP from the DHCP server. So, after troubleshooting the DHCP server (which was fine), the Brocade controller (which was fine), the switches connecting the APs to the network (which was fine) and the APs themselves (which were fine), I got back to the core switch (a Cisco 3550) to try to figure out what the problem was. I happened to notice in the 'show log' that the vlan did not come up. So, I did the following:
switch#sh int vlan 40
Vlan40 is up, line protocol is down
Ok, vlan up, line protocol down. So I thought I would go and put the "switchport access vlan 40" on a port that I knew had a connection to it. That is when I noticed the message "% Access VLAN does not exist. Creating vlan 40". Hmmmm. Now, this was working for a while now without any problems. What is up with that message?
switch(config-if)#int gig 0/7
switch(config-if)#switch mode acc
switch(config-if)#switch acc vlan 40
% Access VLAN does not exist. Creating vlan 40
switch(config-if)#no switch acc vlan 40
switch(config-if)#switch mode trunk
switch(config-if)#do sh int vlan 40
Vlan40 is up, line protocol is down
Ok, still up, down. So I go into the vlan database and verify it is in there. Vlan 40 is in there, but the other vlan (80) is not. So I create it. Then I go back into config mode and re-IP the vlan.
switch#vlan data
switch(vlan)#vlan 40
VLAN 40 modified:
switch(vlan)#vlan 80
VLAN 80 added:
Name: VLAN0080
switch(vlan)#exit
switch#config t
switch(config)#int vlan 40
switch(config-if)#ip address 192.168.40.1 255.255.248.0
switch(config-if)#ip helper-address 192.168.2.132
switch(config-if)#no shut
switch(config-if)#interface Vlan80
switch(config-if)# ip address 192.168.80.1 255.255.248.0
switch(config-if)# ip helper-address 192.168.2.132
switch(config-if)#no shut
switch(config-if)#exit
switch(config)#exit
switch#sh int vlan 40
Vlan40 is up, line protocol is up
And this fixed this problem. Im not sure why it lost only these two Vlans. I have seen switches loose all Vlans before, but not just a few. Very odd.
UPDATE*** So another engineer I work with noticed that VTP was set to 'server' on most of the switches. Apparently, Im assuming that when an update was done on another switch with an added vlan (for voice they are putting in), that did not have the wireless vlans on it, it updated to the core and caused this problem (I am assuming).
switch#sh int vlan 40
Vlan40 is up, line protocol is down
Ok, vlan up, line protocol down. So I thought I would go and put the "switchport access vlan 40" on a port that I knew had a connection to it. That is when I noticed the message "% Access VLAN does not exist. Creating vlan 40". Hmmmm. Now, this was working for a while now without any problems. What is up with that message?
switch(config-if)#int gig 0/7
switch(config-if)#switch mode acc
switch(config-if)#switch acc vlan 40
% Access VLAN does not exist. Creating vlan 40
switch(config-if)#no switch acc vlan 40
switch(config-if)#switch mode trunk
switch(config-if)#do sh int vlan 40
Vlan40 is up, line protocol is down
Ok, still up, down. So I go into the vlan database and verify it is in there. Vlan 40 is in there, but the other vlan (80) is not. So I create it. Then I go back into config mode and re-IP the vlan.
switch#vlan data
switch(vlan)#vlan 40
VLAN 40 modified:
switch(vlan)#vlan 80
VLAN 80 added:
Name: VLAN0080
switch(vlan)#exit
switch#config t
switch(config)#int vlan 40
switch(config-if)#ip address 192.168.40.1 255.255.248.0
switch(config-if)#ip helper-address 192.168.2.132
switch(config-if)#no shut
switch(config-if)#interface Vlan80
switch(config-if)# ip address 192.168.80.1 255.255.248.0
switch(config-if)# ip helper-address 192.168.2.132
switch(config-if)#no shut
switch(config-if)#exit
switch(config)#exit
switch#sh int vlan 40
Vlan40 is up, line protocol is up
And this fixed this problem. Im not sure why it lost only these two Vlans. I have seen switches loose all Vlans before, but not just a few. Very odd.
UPDATE*** So another engineer I work with noticed that VTP was set to 'server' on most of the switches. Apparently, Im assuming that when an update was done on another switch with an added vlan (for voice they are putting in), that did not have the wireless vlans on it, it updated to the core and caused this problem (I am assuming).
Wednesday, August 14, 2013
Cisco ASA: Load Balancing With Dual ISP - Separation Of VPN And Internet Traffic
Have you ever needed to run your VPN traffic across one ISP link and all your Internet (youtube, ESPN, etc) traffic across your other ISP link? I came across a customer that wanted to do just that. They wanted to keep the two types of traffic separate from each other. They wanted the DSL link to host the VPN traffic and let all other web browsing have the T1 link. As you know, the ASA does NOT do PBR (policy based routing). So, how do you overcome this small detail?
Through static routing. Thats the only way to do it. So you can 'cheat the system', so to speak, by doing static routing. But if you do that, you can forget ISP failover. So below is the topology and some highlights of the config to show you how to do this.
And now the config (unnecessary parts cut out for brievity) GREEN is DSL traffic config, while ORANGE is Internet traffic config:
sh run
: Saved
:
ASA Version 8.2(5)
!
hostname 5510ASA
!
interface Ethernet0/0
nameif outside
security-level 0
ip address pppoe
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.105.1 255.255.255.0
!
interface Ethernet0/3
speed 100
nameif main_net_T1
security-level 0
ip address 7.7.7.6 255.255.255.240
!
same-security-traffic permit inter-interface
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.150.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.150.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.105.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.105.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.105.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.106.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.106.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.106.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list secondremotesite extended permit ip 192.168.105.0 255.255.255.0 192.168.150.0 255.255.255.0
access-list secondremotesite extended permit ip 192.168.106.0 255.255.255.0 192.168.150.0 255.255.255.0
global (outside) 1 interface
global (main_net_T1) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0
route main_net_T1 0.0.0.0 0.0.0.0 7.7.7.7 1
route outside 8.8.8.9 255.255.255.255 12.12.12.25 1
route outside 45.45.45.45 255.255.255.255 12.12.12.25 1
route outside 192.168.200.0 255.255.255.0 12.12.12.25 1
route outside 192.168.201.0 255.255.255.0 12.12.12.25 1
route outside 192.168.202.0 255.255.255.0 12.12.12.25 1
route outside 192.168.203.0 255.255.255.0 12.12.12.25 1
route outside 192.168.150.0 255.255.255.0 12.12.12.25 1
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set 3DES esp-3des esp-none
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dyn_map 65535 set pfs
crypto dynamic-map dyn_map 65535 set transform-set ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 20 match address secondremotesite
crypto map outside_map 20 set peer 8.8.8.9
crypto map outside_map 20 set transform-set ESP-AES-256-SHA
crypto map outside_map 30 match address vpn-acl
crypto map outside_map 30 set peer 45.45.45.45
crypto map outside_map 30 set transform-set ESP-AES-256-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic dyn_map
crypto map outside_map interface outside
crypto map main_net_T1_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map main_net_T1_map interface main_net_T1
crypto isakmp identity hostname
crypto isakmp enable main_net_T1
crypto isakmp policy 10
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto isakmp policy 20
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption aes
hash md5
group 2
lifetime 86400
vpdn group ISP request dialout pppoe
vpdn group ISP localname DSL@att.net
vpdn username DSL@att.net password DSLpassword
tunnel-group 45.45.45.45 type ipsec-l2l
tunnel-group 45.45.45.45 ipsec-attributes
pre-shared-key password1
tunnel-group 8.8.8.9 type ipsec-l2l
tunnel-group 8.8.8.9 ipsec-attributes
pre-shared-key password2
!
Through static routing. Thats the only way to do it. So you can 'cheat the system', so to speak, by doing static routing. But if you do that, you can forget ISP failover. So below is the topology and some highlights of the config to show you how to do this.
sh run
: Saved
:
ASA Version 8.2(5)
!
hostname 5510ASA
!
interface Ethernet0/0
nameif outside
security-level 0
ip address pppoe
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.105.1 255.255.255.0
!
interface Ethernet0/3
speed 100
nameif main_net_T1
security-level 0
ip address 7.7.7.6 255.255.255.240
!
same-security-traffic permit inter-interface
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list nonat extended permit ip 192.168.105.0 255.255.255.0 192.168.150.0 255.255.255.0
access-list nonat extended permit ip 192.168.106.0 255.255.255.0 192.168.150.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.105.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.105.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.105.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.106.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.106.0 255.255.255.0 192.168.201.0 255.255.255.0
access-list vpn-acl extended permit ip 192.168.106.0 255.255.255.0 192.168.203.0 255.255.255.0
access-list secondremotesite extended permit ip 192.168.105.0 255.255.255.0 192.168.150.0 255.255.255.0
access-list secondremotesite extended permit ip 192.168.106.0 255.255.255.0 192.168.150.0 255.255.255.0
global (outside) 1 interface
global (main_net_T1) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0
route main_net_T1 0.0.0.0 0.0.0.0 7.7.7.7 1
route outside 8.8.8.9 255.255.255.255 12.12.12.25 1
route outside 45.45.45.45 255.255.255.255 12.12.12.25 1
route outside 192.168.200.0 255.255.255.0 12.12.12.25 1
route outside 192.168.201.0 255.255.255.0 12.12.12.25 1
route outside 192.168.202.0 255.255.255.0 12.12.12.25 1
route outside 192.168.203.0 255.255.255.0 12.12.12.25 1
route outside 192.168.150.0 255.255.255.0 12.12.12.25 1
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set 3DES esp-3des esp-none
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dyn_map 65535 set pfs
crypto dynamic-map dyn_map 65535 set transform-set ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 20 match address secondremotesite
crypto map outside_map 20 set peer 8.8.8.9
crypto map outside_map 20 set transform-set ESP-AES-256-SHA
crypto map outside_map 30 match address vpn-acl
crypto map outside_map 30 set peer 45.45.45.45
crypto map outside_map 30 set transform-set ESP-AES-256-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic dyn_map
crypto map outside_map interface outside
crypto map main_net_T1_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map main_net_T1_map interface main_net_T1
crypto isakmp identity hostname
crypto isakmp enable main_net_T1
crypto isakmp policy 10
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto isakmp policy 20
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption aes
hash md5
group 2
lifetime 86400
vpdn group ISP request dialout pppoe
vpdn group ISP localname DSL@att.net
vpdn username DSL@att.net password DSLpassword
tunnel-group 45.45.45.45 type ipsec-l2l
tunnel-group 45.45.45.45 ipsec-attributes
pre-shared-key password1
tunnel-group 8.8.8.9 type ipsec-l2l
tunnel-group 8.8.8.9 ipsec-attributes
pre-shared-key password2
!
Tuesday, August 13, 2013
Cisco Unity Express (CUE): Can Not Upload Script - "adding a script failed - Script upload failed"
Im not sure you if all have seen this or not, but when I was replacing that UC500 I talked about here, I had got the CME config done and was working on the CUE config piece. I went to upload the AA script and this time I found that I got this error message: "adding a script failed - Script upload failed"
So I also noticed I couldn't create a script either. This was the first time I have seen this.
So the resolution was that I had to upgrade the CUE. The unit came with CUE version 2.3. Needless to say, this version is no longer supported. So I upgraded to 8.6.6, which does look a little different, but it is essentially the same. Once I did the upgrade, I was able to upload my script for the AA and all was good after that.
So I also noticed I couldn't create a script either. This was the first time I have seen this.
So the resolution was that I had to upgrade the CUE. The unit came with CUE version 2.3. Needless to say, this version is no longer supported. So I upgraded to 8.6.6, which does look a little different, but it is essentially the same. Once I did the upgrade, I was able to upload my script for the AA and all was good after that.
Monday, August 12, 2013
Brocade: "There is no standby. Reason: u2: not operational"
I came upon this not long ago and found the following when doing a "show stack".
Core#sh stack
alone: standalone, D: dynamic config, S: static config
ID Type Role Mac Address Pri State Comment
1 S ICX6610-48P active 748e.f892.1234 0 local Ready
2 S ICX6610-24P member 748e.f8e7.4567 0 remote NON-OP: image mismatch
active
+---+ +---+
=2/1| 1 |2/6==2/1| 2 |2/6=
| +---+ +---+ |
| |
|------------------------|
Note: There is no standby. Reason: u2: not operational,
Current stack management MAC is 748e.f892.1234
Core#
Current stack management MAC is 748e.f892.1234
Core#Warning! put unit 2 MAC=748e.f8e7.4567 to non-operational, reason= config mismatch
Unit 1 loses all neighbors.
Active unit 1 deletes u2 but keeps its static config.
So the solution in this case was to make sure the images on both the ICXs were the same. They were not, as you can see from the first highlighted portion of the message. It shows the topology of the stack, but its non-operational. Upgrading the image resolved the problem here.
Core#sh stack
alone: standalone, D: dynamic config, S: static config
ID Type Role Mac Address Pri State Comment
1 S ICX6610-48P active 748e.f892.1234 0 local Ready
2 S ICX6610-24P member 748e.f8e7.4567 0 remote NON-OP: image mismatch
active
+---+ +---+
=2/1| 1 |2/6==2/1| 2 |2/6=
| +---+ +---+ |
| |
|------------------------|
Note: There is no standby. Reason: u2: not operational,
Current stack management MAC is 748e.f892.1234
Core#
Current stack management MAC is 748e.f892.1234
Core#Warning! put unit 2 MAC=748e.f8e7.4567 to non-operational, reason= config mismatch
Unit 1 loses all neighbors.
Active unit 1 deletes u2 but keeps its static config.
So the solution in this case was to make sure the images on both the ICXs were the same. They were not, as you can see from the first highlighted portion of the message. It shows the topology of the stack, but its non-operational. Upgrading the image resolved the problem here.
Subscribe to:
Posts (Atom)