Answer Questions

I think the whole DNA thing is BS and a way for Cisco to make more MRR. I saw some opt-out sku's for the 3800 series. Looks like they don't work in ccw though. Is there any way to opt out? (specifically for the Cat 9k line) I work at an MSP where a lot of the smaller clients only need layer 3 routing as far as licensing goes.

Hi, All Cisco & Partners. I want to ask something about Webex Contact Center Bandwidth Requirement.If we have 30 contact center agent with 5 supervisor, how many Bandwidth Required for Cube Connection to WXCC and Agent Connection. ThanksMuhammad S Ziyad 

Hi All,This is going to be difficult to explain but easy to replicate.  We have an internal 192.168.1* network address with both static and DHCP provided addresses in this /24 space.  The internet is accessed through a non Cisco gateway to an ASR 1002 router that has multiple subnets that are also internet accessible all static IPs.  We also have another set of internal machines that are on 192.168.0.* that are not internet facing and provide various services including iscsi, cctv, hypervisor hosts that have an internet address for their virtual ethernet nic but whose host port is on the 192.168.0* network and so on.  Some of these same machines have only a single Ethernet port but nevertheless need to be on a switch that ALSO needs to be connected to the same switch as the ASR1002 is also connected. Issue. IF I cable the 192.168.0.* switch to the switch patched to the ASR1002 along with the gateway natted NIC (internet facing nic) of the gateway supporting the 192.168.1.* network, the gateway is unable, (or the devices are unable) to receive renewed IP addresses.  It also happens that if we try to change the static IP addresses on any of the hosts on the 192.168.0.* network they appear as duplicate addresses UNTIL we unplug and plug back in the switch these hosts are directly connected at which time the addresses no longer are duplicate. Happy to provide any requested artifacts to determine why this behavior is the case.  We have replaced the gateway and can definitely verify the behavior is NOT exhibited in the event we remove the patch between the cisco switch supporting the 192.168.0.* network and the internet facing switch directly connected to the ASR1002.  And yes the 192.168.0.* switch is also connected to the switch port on the OTHER side of the gateway, (not internet facing port -- e.g. 192.168.1.* network switch). Bottom line.. DHCP works fine for 192.168.1.* when 192.168.0.* is NOT connected to the switch support

Hello everyone, I am currently working on a Hub and Spoke model network, connecting the branches with an IPSEC tunnel. ISAKMP turns on when I'm done configuring, but I can't seem to ping any other branch, or generate traffic between them. I've been troubleshooting this for a few days, but I could really use a new set of eyes. I'll attach the output of "show crypto ipsec" from my Hub(LA) and the configuration files for LA and the first branch SF.logical topology Any help or push in the right direction would be greatly appreciated.!!FW_LA_R enable configure terminal hostname FW_LA_R ! Int g0/0 Ip add 2.2.1.1 255.255.255.248 Ip nat outside No shut Int g0/1 Ip add 10.10.1.1 255.255.255.0 Ip nat inside No shut ip access-list extended IPSEC_LIST_SF permit ip 10.10.0.0 0.0.255.255 10.20.0.0 0.0.255.255 permit ip 10.30.0.0 0.0.255.255 10.20.0.0 0.0.255.255 permit ip 10.128.0.0 0.0.255.255 10.20.0.0 0.0.255.255 ip access-list extended IPSEC_LIST_SD permit ip 10.10.0.0 0.0.255.255 10.30.0.0 0.0.255.255 permit ip 10.20.0.0 0.0.255.255 10.30.0.0 0.0.255.255 permit ip 10.128.0.0 0.0.255.255 10.30.0.0 0.0.255.255 ip access-list extended IPSEC_LIST_NY permit ip 10.10.0.0 0.0.255.255 10.128.0.0 0.0.255.255 permit ip 10.20.0.0 0.0.255.255 10.128.0.0 0.0.255.255 permit ip 10.129.0.0 0.0.255.255 10.128.0.0 0.0.255.255 ip access-list extended NAT_LIST deny ip 10.10.0.0 0.0.255.255 10.20.0.0 0.0.255.255 deny ip 10.30.0.0 0.0.255.255 10.20.0.0 0.0.255.255 deny ip 10.128.0.0 0.0.255.255 10.20.0.0 0.0.255.255 ! deny ip 10.10.0.0 0.0.255.255 10.30.0.0 0.0.255.255 deny ip 10.20.0.0 0.0.255.255 10.30.0.0 0.0.255.255 deny ip 10.128.0.0 0.0.255.255 10.30.0.0 0.0.255.255 ! deny ip 10.10.0.0 0.0.255.255 10.128.0.0 0.0.255.255 deny ip 10.20.0.0 0.0.255.255 10.128.0.0 0.0.255.255 deny ip 10.129.0.0 0.0.255.255 10.128.0.0 0.0.255.255 ! permit ip 10.10.0.0 0.0.255.255 any ip nat inside source list NAT_LIST int g0/0 overload ! ! ! ! ip route 0.0.0.0 0.0.0.0 2.2.1.2 ip route 10.10.0.0 255.255.0.0 10.10.1.2 ! !! IPSec Phase 1 ! crypto isakmp enable crypto isakmp policy 10 authentication pre-share encryption aes 256 hash sha group 5 crypto isakmp key ABC12345 address 2.2.2.1 crypto isakmp key ABC12345 address 2.2.3.1 crypto isakmp key ABC12345 address 4.4.128.1 ! IPSec Phase 2 ! IPSec Phase 2 crypto ipsec transform-set ABCSET esp-aes 256 esp-sha-hmac crypto map ABCMAP 10 ipsec-isakmp match address IPSEC_LIST_SF set peer 2.2.2.1 set transform-set ABCSET crypto map ABCMAP 20 ipsec-isakmp match address IPSEC_LIST_SD set peer 2.2.3.1 set transform-set ABCSET crypto map ABCMAP 30 ipsec-isakmp match address IPSEC_LIST_NY set peer 4.4.128.1 set transform-set ABCSET interface g0/0 crypto map ABCMAP router ospf 1 default-information originate network 10.0.0.0 0.127.255.255 area 0 network 10.128.0.0 0.127.255.255 area 0 !LA_3650 enable configure terminal hostname LA_3650 ! ip routing vtp mode server vtp domain MAIN Vlan 99 name management Vlan 10 name Server Vlan 20 name IT Vlan 30 name Users interface G0/0 no switchport ip address 10.10.1.2 255.255.255.0 no shutdown interface vlan 99 ip address 10.10.99.1 255.255.255.0 no shutdown interface vlan 10 ip address 10.10.10.1 255.255.255.0 interface vlan 20 ip address 10.10.20.1 255.255.255.0 interface vlan 30 ip address 10.10.30.1 255.255.255.0 no shutdown interface g0/1 switchport mode access switchport access vlan 10 interface g0/2 switchport mode access switchport access vlan 20 interface g0/3 switchport mode access switchport access vlan 30 router ospf 1 network 10.0.0.0 0.127.255.255 area 0 network 10.128.0.0 0.127.255.255 area 0 !FW_SF_R enable configure terminal hostname FW_SF_R ! interface g0/0 ip address 2.2.2.1 255.255.255.252 ip nat outside no shutdown interface g0/1 ip address 10.20.1.1 255.255.255.0 ip nat inside no shutdown ip route 0.0.0.0 0.0.0.0 2.2.2.2 ip nat inside source list NAT_LIST interface g0/0 overload ip access-list extended IPSEC_LIST permit ip 10.20.0.0 0.0.255.255 10.10.0.0 0.0.255.255 permit ip 10.20.0.0 0.0.255.255 10.30.0.0 0.0.255.255 permit ip 10.20.0.0 0.0.255.255 10.129.0.0 0.0.255.255 permit ip 10.20.0.0 0.0.255.255 10.128.0.0 0.0.255.255 ip access-list extended NAT_LIST deny ip 10.20.0.0 0.0.255.255 10.10.0.0 0.0.255.255 deny ip 10.20.0.0 0.0.255.255 10.30.0.0 0.0.255.255 deny ip 10.20.0.0 0.0.255.255 10.129.0.0 0.0.255.255 deny ip 10.20.0.0 0.0.255.255 10.128.0.0 0.0.255.255 permit ip 10.20.0.0 0.0.255.255 any crypto isakmp enable crypto isakmp policy 10 authentication pre-share encryption aes 256 hash sha group 5 crypto isakmp key ABC12345 address 2.2.1.1 crypto ipsec transform-set ABCSET esp-aes 256 esp-sha-hmac crypto map ABCMAP 10 ipsec-isakmp match address IPSEC_LIST set peer 2.2.1.1 set transform-set ABCSET interface g0/0 crypto map ABCMAP router ospf 1 default-information originate network 10.0.0.0 0.127.255.255 area 0 network 10.128.0.0 0.127.255.255 area 0 !SF_3650 enable configure terminal hostname SF_3650 ! ip routing vtp mode server vtp domain SF Vlan 99 name management Vlan 30 name Users interface G0/0 no switchport ip address 10.20.1.2 255.255.255.0 no shutdown interface vlan 99 ip address 10.20.99.1 255.255.255.0 no shutdown interface vlan 30 ip address 10.20.30.1 255.255.255.0 no shutdown interface g0/3 switchport mode access switchport access vlan 30 router ospf 1 network 10.0.0.0 0.127.255.255 area 0 network 10.128.0.0 0.127.255.255 area 0 !FW_SD_R enable configure terminal hostname FW_SD_R ! interface g0/0 ip address 2.2.3.1 255.255.255.252 ip nat outside no shutdown interface g0/1 ip address 10.30.1.1 255.255.255.0 ip nat inside no shutdown ip route 0.0.0.0 0.0.0.0 2.2.3.2 ip nat inside source list NAT_LIST interface G0/0 overload ip access-list extended IPSEC_LIST permit ip any 10.0.0.0 0.127.255.255 permit ip any 10.0.0.0 0.127.255.255 ip access-list extended NAT_LIST permit ip any 10.0.0.0 0.127.255.255 permit ip any 10.0.0.0 0.127.255.255 permit ip any any crypto isakmp enable crypto isakmp policy 10 authentication pre-share encryption aes 256 hash sha group 5 crypto isakmp key ABC12345 address 2.2.1.1 crypto ipsec transform-set ABCSET esp-aes 256 esp-sha-hmac crypto map ABCMAP 10 ipsec-isakmp match address IPSEC_LIST set peer 2.2.1.1 set transform-set ABCSET interface g0/0 crypto map ABCMAP router ospf 1 default-information originate network 10.0.0.0 255.128.0.0 area 0 network 10.128.0.0 255.128.0.0 area 0FW_LA_R(config-router)#do show crypto ipsec sa interface: GigabitEthernet0/0 Crypto map tag: ABCMAP, local addr 2.2.1.1 protected vrf: (none) local ident (addr/mask/prot/port): (10.129.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.128.0.0/255.255.0.0/0/0) current_peer 4.4.128.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 4.4.128.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.20.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.30.0.0/255.255.0.0/0/0) current_peer 2.2.3.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 2.2.3.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.30.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.20.0.0/255.255.0.0/0/0) current_peer 2.2.2.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 2.2.2.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.10.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.30.0.0/255.255.0.0/0/0) current_peer 2.2.3.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 2.2.3.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.10.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.20.0.0/255.255.0.0/0/0) current_peer 2.2.2.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 2.2.2.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.10.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.128.0.0/255.255.0.0/0/0) current_peer 4.4.128.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 4.4.128.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.20.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.128.0.0/255.255.0.0/0/0) current_peer 4.4.128.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 4.4.128.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.128.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.20.0.0/255.255.0.0/0/0) current_peer 2.2.2.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 2.2.2.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: protected vrf: (none) local ident (addr/mask/prot/port): (10.128.0.0/255.255.0.0/0/0) remote ident (addr/mask/prot/port): (10.30.0.0/255.255.0.0/0/0) current_peer 2.2.3.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 2.2.1.1, remote crypto endpt.: 2.2.3.1 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas:

Hello,     I found WMIC 3201 shut down its wireless in -20℃ (environment temperature), and its internal temperature is at -2℃. I need to modify the configuration to let it work in at least -30℃, but I don't know how to do. Please give me some suggestions! Thanks! Best wishes,            Yang

We have a C240 M5 with a VIC 1457. We want to use this as a standalone server connected to a 9300 switch with 2 x 10g network ports. how in the world do you configure the VIC card ports in access mode? i've removed the default port channel option and changed the vnic settings in CIMC. right now the only way to get any network connection is to use it in port in trunk mode and set a native vlan on the switch. anyone else get this working in access mode? is this documented somewhere? I really don't want to this to break on the next upgrade thanks Gd

I know many times you must change the MTU to less than the default otherwise certain Aps, sites, etc. the traverse the tunnel have poor performance, but are there instances where MTU could play a part in just establishing Ikev1 tunnels between two routers? Don't have the debugs right (to verify where it is failing or what errors seen) here but all parameters are the same on both ends, keys, etc., IPSEC negotiation traffic makes it to both ends, wondering if MTU could play a part just on tunnel negotiations. 

I'm a hobbyist. I use my Cisco 525G2 with a small private Asterisk server.I'm trying to configure a Plantronics CS-540 with APC-45 cable to work with my phone.I have enabled Electronic HookSwitch in the settings on the phone.I can't get the headset to work. I mean, I can't get it to communicate with the phone. Pressing the button on the headset I hear the click but it doesn't seem to communicate with the phone and activate the HookSwitch, same in reverse, I press the headset button and it doesn't activate the headset. I get no dial tone. I must be doing something wrong? Maybe a setting I don't know about, or maybe there's something wrong with the headset or the phone? I have tried also switching out the cable thinking that was the problem. Any suggestions appreciated.

Is it possible to exclude hidden folders in Cisco AMP? We have app developers who create windows 10 apps and these apps run from program files->windowsapps. I tried to exclude this folder as Path in the exclusions folder but when we try to run the application they automatically crash. We have noticed that turning off TETRA allows the application to run without issue, but we don't want to disable TETRA in our environment.

I'm on Cox Cable in Phoenix and I have three Cisco STA1520 tuning adapters.  In July of 2020 something happened and my tuning adapters started rebooting several times a day.  When this happens it cancels my recordings and interrupts my feed for about 10 minutes.  All three tuning adapters (in different rooms) boot together at the same moment.  I've spent countless hours with Cox and TiVo trying to resolve the issue. I've had Cox technicians at my location no less than a dozen times.  I've replaced all equipment, cables, and power cords with no improvement.  I'm a software developer and I noticed that the firmware version on the tuning adapters is STA1.0.0_1520_BDSG.LR_F.1601   It appears there is at least one newer firmware version.  I've had two trouble tickets over the last three weeks with Cox about the firmware and they have closed both without explanation. I have three questions:1) Could the outdated firmware cause the tuning adapters to reset many times a day? 2) I have access to the tuning adapter diagnostics page.  Is there an item that lets me know why it rebooted?2) Is there any way that I could update the firmware myself?  I searched for instructions on this and couldn't find any. Any help is appreciated.

I started to receive this error message,  An application fault occurred: ('egg/command_client.py call|242', "<type 'exceptions.TypeError'>", "'NoneType' object is not iterable", '[_coro.pyx coro._coro._wrap1 (coro/_coro.c:8505)|757] [updater/updaterd.py alert_autoupdate_disabled|1329] [shared/UpdateSupport.py __init__|538] [shared/UpdateSupport.py init_service_overview|547] [shared/UpdateSupport.py get_available_engine_updates|185] [egg/command_client.py call|242]') I was looking online and  find a similar message related to a bug: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv33888/?rfs=iqvred),   Version: 13.0.0-392 Someone have any idea what could be the root cause o this error message. 

Hello. I need some help with configuring my Cisco router. I am hosting a web server in my network and I am using IPSec for some remote stuff. The problem is, my WAN is tagged (VLAN ID: 5) and the router (2.1) does not want to route traffic to my server for users connected through the IPSec. Instead, it tries to handle the requests on its own, serving the web management site (192.168.2.1:80) instead of the one hosted in my network (192.168.2.100:80). My temporary solution was to add another router in front of it (3.1) that redirects all traffic to the router with IPSec, but without any tagged packets. This configuration works, but it is far from ideal. Is it possible to configure it all on one router? Please help, I have ran out of ideas.

Tengo un router Cisco C1111-4P con el siguiente IOSCisco IOS XE Software, Version 16.08.01Cisco IOS Software [Fuji], ISR Software (ARMV8EB_LINUX_IOSD-UNIVERSALK9_IAS-M),Version 16.8.1, RELEASE SOFTWARE (fc3) Al aplicar configuración de AAA asociado a tacacs equipo se reinicia se aplico configuración 2 veces y pasa lo mismo, al realizar un show ver muestra lo siguiente luego del reinicio. XXXXXXX  uptime is 18 minutesUptime for this control processor is 20 minutesSystem returned to ROM by Critical software exception, check bootflash:crashinfo_RP_00_00_20210127-19402 7-UTCSystem image file is "bootflash:c1100-universalk9_ias.16.08.01.SPA.bin"Last reload reason: Critical software exception, check bootflash:crashinfo_RP_00_00_20210127-194027-UTC Pero equipo sigue reiniciando ahora que ejecuto el comando show version u otro comando me pasa lo mismo con otros equipos con el mismo modelo que al aplicar un comando realiza el reinicio. Desde mi punto de vista es problema de IOS pero no localizo algun bug de sistema operativo por alguna recomendación. 

I've registered a new application in Cisco API Developer Portal.  I can successfully generate an access token but I receive an "Access Denied" message (403 Forbidden) when I access the following endpoint: https://apx.cisco.com/cs/api/v1/customer-info/customer-details.  I'm trying to obtain the customerId for my customer so I can access the other Services API endpoints. Credentials are working fine for other APIs such as serial number to info and eox that i have added to the application 

Hi All!   Hello! Does NSO 5.4 support Alarms for HA events? For example: failure of master or slave node..? I saw one conversation which says tailf-hcc used to generate node-failure alarm atleast until nso 5.3.. but I can’t find any alarm type for HA in NSO 5.4   Also in nso 5.4.1 nso_admin_guide - ch11s10s02.html it mentions about node-failure alarm but I can't find that in any YANG model.    I see in tailf-hcc 4.x projects there are 3 alarms: identity node-failure {base hcc-alarm;description"The node lost HA connection with its master";} identity device-node-failure {base hcc-alarm;description"A service node noticed one of its device nodes lostHA connection with its master";} identity bgp-failure {base hcc-alarm;description"A service node noticed it lost its BGP prefix path toits master";}}     but this tailf-hcc-alarms.yang is not even present in tailf-hcc 5.x projects.   Any help appreciated!   Thanks, Neetika

Hello all,Is there any way to load files into the flash or to running-config during the startup?We deploy cisco ASAv with terraform, but since there is a 16K limitation on the config template, we're looking for an option how to load the missing configuration from AWS S3 bucket with "copy /noconfirm https://s3-bucket/..... running-config"Is there any chance that "copy" command in startup-config would run? (testing so far shows that this is not working).Does anyone have any other idea/experience on how to load the missing config and all the files (hostscan, anyconnect images, profile XMLs....) automatically after/during the startup - so that we don't have to login and run the "copy" by ourselves?Thank you very much   

We are holding a joint WebEx event with another company. We wondered whether it was possible to create two registration links for the same event, so that each company can track how many attendees registered through separate marketing campaigns?

One of my service-packages got a broken xml template.If I start NSO with "--with-package-reload" the service package with the broken xml template loads into NSO and NSO shows "oper-status up" for this package.But if I run "package reload" via NCS_CLI again, then the service-package changes to "oper-status file-load-error" with error message "Unknown namespace" in xml file. Why NSO doesn't recognize the broken XML template at start of NSO directly?Does exist a solution to catch the broken XML file at beginning? NSO version: 5.2.3Java: 1.8.0_242Python: 3.6.8  Thanks.

Hello All, I have a UCCX environment that has two call control groups.   One that contains 40 CTI ports for inbound calling and one that contains 20 CTI ports for callbacks.   I'm trying to figure out how I can report on each of the call control groups separately so I know if my port counts are balanced correctly.   The only report I have seen that shows port utilization is the license utilization hourly report which doesn't break it down into individual call control groups.   Do I have any options either through CUIC or CUCM CDR? Thanks,Glenn

Hello, We are using WAP571 Wireless-AC/N Premium Dual Radio Access Point with PoEFirmware: Version : 1.1.0.3 We experience very slow wifi connection on laptop and mobile phone on specific website and vpn services.Please note that speedtest result is good 100Mbps / 100Mbps For example I can connect with the same VPN client to different site with a good connection.However others are very slow like 15s delay after a click. Best example for website is youtube where through wifi it switch to lowest quality and buffer a lot. Please note that when I switch to ethernet there is no slow behavior for the same VPN and website.So I believe this is not related to the Internet provider or router as the ethernet works fine. Do you have any action or idea that could help me to find the root cause of that bad experience? Regards,Alexandre

Hi there, My customer has some wrong information about "contract end date" in his active SNT contracts on Portal Smart Net Total Care. Can somebody help, please? Regards

We are running 10 ESAs and 1 SMA in our CES environment. I am able to open up a CLI connection to each server independently using putty. Unfortunately due to the method in which you have to open up a 'proxy' connection first, then the connection to the server, I am unable to have multiple sessions open at the same time. Has anyone come across a method to do this? Thanks, Simon