08-14-2012 06:03 AM
Hi Team,
We have 4710 ACE in our network and currently we are using software version A3 2.0.
Currently we are not able to access the ACE through web interface but Telnet is happening properly. Connection is establing while we are doing the telnet to ACE through port 80 and port 443. Kindly suggest what will be the Issue? Please find the below dummy configuration.
resource-class SLB_STICKY
limit-resource all minimum 0.00 maximum unlimited
limit-resource sticky minimum 10.00 maximum equal-to-min
access-list ANY_Traffic_Permit line 8 extended permit ip any any
access-list ANY_Traffic_Permit line 16 extended permit icmp any any
class-map type management match-any CM_Remote_MGMT
description *** Class-Map defined the permitted Protocol list for Remote Management ***
201 match protocol icmp any
202 match protocol telnet any
203 match protocol http any
204 match protocol https any
205 match protocol snmp any
policy-map type management first-match PM_Remote_MGMT
description *** Policy-Map defined the permitted Protocol list for Remote Management ***
class CM_Remote_MGMT
permit
interface vlan 60
ip address 10.160.7.3 255.255.255.0
alias 10.160.7.2 255.255.255.0
peer ip address 10.160.7.4 255.255.255.0
no normalization
no icmp-guard
access-group input ANY_Traffic_Permit
access-group output ANY_Traffic_Permit
service-policy input PM_Remote_MGMT
no shutdown
Thanks in advance..
Regards,
Ranjith
08-14-2012 06:57 AM
Hi Ranjith,
Did you get the login page when you access via GUI? or any error message?
there is a known bug just displays a blank after when you login
Regards,
Siva
08-14-2012 09:51 AM
Hi Siva,
We are not getting any login page while accessing ACE through webbrowser. We are getting the same responce after rebooted the ACE also.
Regards,
Ranjith
08-14-2012 11:18 AM
Hi Ranjith,
I dont see any problem with the config as per the doc.
What browser are you using? Did you atleast get a message to accept the SSL certificate as trusted when you access https://10.160.7.3
Regards,
Siva
08-14-2012 11:51 AM
Hi Siva,
We have tested with IE and Mozilla. We are not getting any certificate error while accesing ACE https://10.160.7.3.
Regards,
Ranjith
08-14-2012 12:09 PM
Ranjith,
Can you check if the DM is running.
switch/Admin# dm status
If you see that the status is "STOPPED," restart the Device Manager using the dm reload command, make it running then try accessing again.
Regards,
Siva
08-15-2012 03:03 AM
Hi Siva,
dm status command is not taking in Version A3(2.0). So how we can check device manager is running in A3(2.0)?
Regards,
Ranjith
08-15-2012 04:24 AM
Hi Ranjith,
Can you try "dm reload" first, its a hidden command so type the full command and then check the dm status.
Regards,
Siva
08-15-2012 04:39 AM
Hi Siva,
Whether box wil reboot after running this command?
Regards,
Ranjith
08-15-2012 04:40 AM
Hi Ranjith,
No.
Regards,
Siva
08-16-2012 12:25 AM
Hi Siva,
We have done the dm reload in Cisco ACE but now also we are getting the same responce. Please find the below mentioned output.
LB-01/Admin# dm status
DM ROOT:
DM HOME: /opt/CSCOanm
JAVA_HOME: /opt/CSCOanm/jre
MYSQL_HOME: /opt/CSCOanm/mysql
java is /opt/CSCOanm/jre/bin/java
ANM : RUNNING (8700)
MySQL : RUNNING (8661)
LB-01/Admin#
LB-01/Admin#
LB-01/Admin#
LB-01/Admin# dm reload
LB-01/Admin#
Regards,
Ranjith
08-16-2012 01:10 AM
Hi Ranjith,
You might require a TAC case to troubleshoot this further, if necessary to run some debugs. Before that I would recommend you to upgrade to a latest software version and see if it works.
Regards,
Siva
08-16-2012 04:12 AM
Hi Ranjith,
Do you have any proxy setting on the browsers?
Take a packet capture to see where it fails.
Raise a TAC case if the above does not help you.
regards,
Ajay Kumar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide