Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I would like to use TACACS for logging into Stealthwatch's webUI. Per the user guide, I added ISE servers as authentication servers in the Stealthwatch Management Console. Also, I added the Stealthwatch server as a network device into ISE and confi...
Is it possible for client traffic originating in the fabric and destined to a non-fabric IP, to egress out the border node, without having to go through a fusion router? As far as I can tell, the only way for fabric clients to communicate with non-f...
On a Nexus 7K, I want to configure IP SLA ICMP Echo to track an IP across a fiber link and remove a route if the receive side doesn't respond to ping after x amount of time. Is 'timeout' the appropriate parameter to use to accomplish my goal? Let's...
I'm seeing packet loss on some UDP jitter monitors that I recently configured. The monitors are setup with a ToS of 184 and voice codec to simulate voice traffic conditions. I asked the ISP to check into the packet loss and they're dumbfounded that...
Is it normal to see PFC pause frames on a FEX fabric port? The 2148T FEX or any FEX connected devices shouldn't even be PFC capable from my understanding. So why would I see pause frames on the fabric port? SWITCH# show interface eth1/5 priority-fl...
It would be great if the second step of adding the user manually to the webUI wasn't necessary for TACACS to function, just like it's unnecessary to do on a switch, router, etc.
Thanks Martin! I apologize as my post wasn't very clear. I added the ISE servers under the Authentication Service, as pictured in you screenshot, but I did not add the user in the Stealthwatch WebUI, which was the missing piece of information. I just...
Thanks for the reply, Jayesh.
Let's assume your non-fabric part of the network doesn't have VRFs so everything is in the GRT. In this case a fusion router is required. However, if you have a VRF in your non-fabric network that is also in SDA, the...
Thanks for the reply.
I confirmed today that the fusion router is a requirement for routing client traffic to non-fabric IPs. The border router cannot perform this function.
Thanks for the reply, Francesco. The idea is to consistently send a ping to the remote device and remove the route if the device becomes unresponsive. I can't ping the device more than once per second as it has an ICMP rate limiter enabled and won't...
