Cisco

23K

Solutions

14K

Contributors

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Share tech news, updates, or what's on your mind.

Sign up to Post

Scenario 10
This article is about building Dynamic Multipoint VPN tunnels in Cisco CSR1000V router with IOS XE. There are two CSR1000V hub routers configured with dual hub dual cloud Phase 3 DMVPN.
0
Upgrade your Question Security!
LVL 12
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Scenario 9
This article is about building Dynamic Multipoint VPN tunnels in Cisco CSR1000V router with IOS XE. There are two CSR1000V hub routers configured with single tier Phase 3 DMVPN Cloud.
0
Scenario 8
This article is about building Dynamic Multipoint VPN tunnels in Cisco CSR1000V router with IOS XE. There are two spoke routers connected to single tier Phase 3 DMVPN Cloud hosted on CSR1000V router.
0
Scenario 7
This article is about building Dynamic Multipoint VPN tunnels in Cisco CSR1000V router with IOS XE. There are two spoke routers connected to single tier Phase 1 DMVPN Cloud hosted on CSR1000V router.
0

If you're having problems where a lot of messages that Cisco Cloud Email Security would normally filter out have been coming in, it appears to be the result of an upgrade gone wrong. In our case, it took a P1 ticket to get resolved.


We found evidence of an issue by looking at the incoming mail policies (accessible by going to Mail Polices > Incoming Mail Policies):



You will notice that the Anti-Spam, Anti-Virus, and Graymail columns are all showing "Not Available". That is because they are all disabled. These all need to be enabled to get things working normally again.


When we accessed the Cisco IronPort Anti-Spam settings, it showed that it was globally turned off. (This can be accessed by going to Security Services > IronPort Anti-Spam).



However, we were completely unable to turn anything on, regardless of access level (I'm a Cloud Administrator, but my coworker is an Administrator).


The cause of the problem: Cisco upgrading our appliance, and it turned out the feature keys somehow got blown out. In setting them back in, there is a requirement of accepting an End User License Agreement. Somewhere within this area is where Cisco failed to properly handle things.


Resolving this required creating a ticket with Cisco (initially a P3 ticket, which eventually got escalated to P1). If you're seeing yourself with this exact same issue, know you're not alone. Hopefully, Cisco fixes this for all of their CES customers in one swoop, but just watch out for this just in case. 


This problem started this past Friday morning for us but has just gotten resolved as I'm creating this post. While getting the ticket resolved, I highly recommend requesting that Cisco adds an email address from your organization to Atlas so that you're notified of when upgrades are planned to take place.

1
Scenario 6
This article is about building a Route Based site to site VPN tunnels with Redundant Routers in DC (HUB) in Cisco CSR1000V router with IOS XE. There are four Route Based IPsec VPN tunnels configured on two CSR1000V routers as redundant routers pair.
0
Scenario 5
This article is about building a Route Based site to site VPN tunnels with VRF and dynamic routing protocol (OSPF) in Cisco CSR1000V router with IOS XE. There are two Route Based IPsec VPN tunnels configured on CSR1000V router, traffic from app server is with NAT and rest is without NAT.
0
Scenario 4
This article is about building a Route Based site to site VPN tunnels with dynamic routing protocol (OSPF) in Cisco CSR1000V router with IOS XE. There are two Route Based IPsec VPN tunnels configured on CSR1000V router, traffic from app server is with NAT and rest is without NAT.
0
Scenario 3
This article is about building a Route Based site to site VPN tunnels in Cisco CSR1000V router with IOS XE. There are two Route Based IPsec VPN tunnels configured on CSR1000V router, traffic from app server is with NAT and rest is without NAT.
0
Scenario 2
This article is about building a VRF-Aware site to site VPN tunnels in Cisco CSR1000V router with IOS XE. There are two VRF-Aware Policy Based IPsec VPN tunnels configured on CSR1000V router one with NAT and another without NAT.
0
The Ultimate Tool Kit for Technolgy Solution Provi
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Scenario 1
This article is about building a site to site VPN tunnels in Cisco CSR1000V router with IOS XE. There are two Policy Based IPsec VPN tunnels configured on CSR1000V router one with NAT and another without NAT.
0

Expert Comment

by:Isaivani Venkat
Comment Utility
ip nat outside source static 192.168.10.10 172.17.10.10 this NAT statement really required ???
0
LVL 4

Author Comment

by:Santosh Salunke
Comment Utility
Hi Isaivani Venkat

ip nat outside source static 192.168.10.10 172.17.10.10

This NAT is to change branch user IP from 172.17.10.10 to 192.168.10.10. I had used this to demonstrate how to do 'Destination IP NAT'.
0
Have a Cisco router that you forgot the password or maybe you bought a used router that is locked with a password? This article will guide you through the steps on how to recover the password on your Cisco gear.
0
Just after setting up Cloud PBX connectivity and migrated Skype users to SFBO, we noticed inbound calls not working but outbound calls would work.
0
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
1
Considering cloud tradeoffs and determining the right mix for your organization.
0
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure.
1
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
0
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be configured.
1
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
2

Expert Comment

by:Ranjit Shankar
Comment Utility
Great article! Useful links, also the important points "Bandwidth, Objectivity, Expertise, Strategy, ROI" and the details about the points are very much clear... "it is not only worth the discussion, but it’s likely worth doing a more detailed assessment..." - very true! Also, you are right i.e. checking the reviews is more significant before going with any cloud computing consulting services provider for a long-term relationship... Thank you!
0
Powerful Yet Easy-to-Use Network Monitoring
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

Flash Dir Head

WARNING:  If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!!


I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TAC.  The basic problem was that I couldn't get the routers to route traffic in this kind of environment:



I wasn't using the firewall feature; just routing.  (The firewalls in the diagram were ASAs).

Well, the Cisco engineer couldn't figure out what was wrong, so I pulled a couple of routers out of the network and set up a small lab so the engineer could remote in and play with it.  The lab environment looked like this:



The networks were all connected with a Cisco 2950 24-port switch using VLAN and a Cisco 2601 configured as a router-on-a-stick.


I know... really old hardware, but it was just lying around collecting dust and it could do what I needed, so why not?


When I attempted to blank out the config, I couldn't get rid of the VLANs... which reminded me how frustrating VTP can be.


For example, years ago, I borrowed one of these 2950's from the datacenter where I have a few cabinets.  Before I returned it, I wiped the config.  Six months later, I get a call from their head engineer informing me that I had taken down the entire datacenter.


VTP configuration information is stored in the VLAN database, which is NOT deleted when one clears the config.  I had actually used VTP in my network, but they didn't and the VTP operating mode of all of their switches were still the default - "server".  So, when they put that switch back into production, my VTP config was pushed out across their network and every single VLAN database on every single switch was overwritten with my VLAN config.


The VLAN database is stored as a file in the flash memory.  To see it, go into privileged mode and issue a directory command for flash:



The VLAN database is stored in the file "vlan.dat".


Since Cisco represents the state-of-the-art for networking equipment, one could assume the VTP configuration could be reset by issuing a command such as "clear config vtp".  Of course, one would assume incorrectly.


You actually have to delete the file:

 


Once you've done that, you should be good to go.  Reload the switch and you'll find the VTP (and VLAN) configuration has been removed.


If you found this helpful, please click the blue "thumbs up" below!

1
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
1
Powerful tools can do wonders, but only in the right hands. Nowhere is this more obvious than with the cloud.
0
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
1
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
1
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
0

Cisco

23K

Solutions

14K

Contributors

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).