Thinking Workshop”. Cisco Small Business is excited to invite its
Silicon Valley customers to an exclusive interactive one-day session
customers and product Managers. If you are interested in this
workshop, please fill out the Registration
For more information, please check out our FAQ
Get the latest new and information the November issue of the Cisco Small Business Monthly Newsletter
Here's the list of ports that need to be open (from the inside network hosting the ON100 connecting outwards towards the internet), from the OnPlus documentation:
Working DNS and port 11300 TCP are the most critical to the device showing online at the portal.
From Subsytem Status everythig is a go... would it give me an error if could not access those ports?
Account Status OK
PKI Subsystem Status OK
Settings Monitor Running
Service Announcement Running
Zeroconf Management Running
Time Service Running
Thanks for your reponse, port 11300 seems to be blocked. Is the address 1-dfw.cisco-onplus.com where the agent is trying to get out to, ip address 22.214.171.124?
I beleive it would be a good thing sto see in the status if the agent is able to get out the required ports.
The 'Status 2' led, once the device is activated, indicates the status of the heartbeat. In general, that's your first, best, check on the state of the connection. I can see that it might also be good to present that on the status page too, but as Mike noted, there's not too much there and it gets very little use in practice.
As for the IP address for 1-dfw.cisco-onplus.com, while that might be correct, our service has the ability to reconsitute with a different IP address during extreme service situations (never happened yet, but we're prepared). If you were thinking about doing an ACL to permit 11300 and 126.96.36.199, it might be better to target permitting the ON100 to use port 11300 without destination restriction, just for safety?
I'm having a simillar problem in the portal is shows Actiated/offline. But the device itself will not move past the activate screens. Despite going through the activate process a few times, it never brings me to a logon page.
I'm stuck at this point. (Firewall isn't blocking any traffic, ssl certs have been whitelisted)
I have a few questions for you.
Have you registered at www.cisco-onplus.com? When you say it doesn't bring you to the 'logon' page, which page are you referring to?
Has the device been activated previously? If so, you'll need to do a factory reset. To do this, hold down the reset button on the back panel for more than 10 seconds.
What is the LED status?
When you click 'Activate', what happens? Are you on the LAN with the ON100?
Could you tell us the error message you are seeing? Or take a screenshot?
The OnPlus Team
Which SSL certs were whitelisted?
Depending on your geographic location, your device may try to talk to one of many servers in the cloud to activate itself. Another option rather than whitelisting specific certificates might be to assign the ON100 a static IP address prior to activation, and configure the firewall to permit *all* 80/443 traffic to and from this IP, in addition to the ports listed above.
cisco.com and cisco-onplus.com are whitelisted (though I disabled ssl filtering already)
I can't have this device respond on 80/443 as I have RWW running on those ports. However our sonicwall doesn't block outgoing on those ports.
Ok, I see. Only outbound-initiated connections to 80/443 ports on the internet are needed. Aqib has some additional questions above that might shed light on the problem.