Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About Eugen Serban
Stats
Member since
06-27-2013
10
Posts
0
Helpful
0
Solutions
06-29-2017
09:00 AM
Hello guys,
We are in the middle of deploying our brand-new IWAN infrastructure and we will start activating the on board ISR-WAASes.
During the POC phase we did it “by hand”. During the deployment we started using the EzConfig method, but it still takes a lot and someone is required to monitor the process.
I was wondering if there is a modern way of doing it via RESTful APIs.
I found this link http://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/restapi/restapi/RESTAPIglobal.html , but there’s no mention of ISR-WAAS installation or any virtual services…
Thanks,
Eugen
... View more
Labels:
04-12-2017
08:49 AM
Edit 6h after :)
I have found the issue. The source was behind a nat and when I was doing a sh ip mroute I could see the group twice from both IPs (original and natted).
I suspect that's why the RPF failed. When I moved the source outside of the NAT, the CPU is normal.
Eugen
[ORIGINAL MESSAGE]
Hello,
I have the same problem with the same version, the differece is that I don't have any GRE tunnels on the switch.
When I do a show ip mfib, the (*,G) shows SW forwarding with RPF failed. I don't know if this might be a problem...
BTW, I have verified all the interfaces and there are no drops.
Have you found a solution?
Regards,
Eugen
... View more
10-27-2016
05:08 AM
I applied the change and now it's behaving like it should :)
Thanks again!
Eugen
... View more
10-27-2016
01:34 AM
On the anchor, we do, yes. On the remote sites we don't.
This is indeed a proper solution. Thanks!
... View more
10-26-2016
02:31 PM
Hello,
Yes, when connected to the guest network, I am able to ping 1.1.1.1 and ssh to it. As I have the credentials for the WLC, I was able to log in.
... View more
10-26-2016
07:34 AM
Hello, I just found out that when connecting to a guest network I can ssh to 1.1.1.1. If I have the username and password, I can log in and wreck havoc in the network. Of course, an attacker will find the 1.1.1.1 address (or whatever) and try to exploit it: it's in the web portal or shown as the dhcp server when doing an ipconfig. My idea was to create a CPU acl that blocks ssh and telnet to 1.1.1.1, but would this be enough? Will I break other stuff? Any ideas are greatly appreciated. Btw, is there a guide regarding hardening the guest network? Regards, Eugen
... View more
Labels:
08-18-2016
08:16 AM
Hello,
I'm also trying to redistribute that /32 route without success. I had the same idea as you: creating a static to null0 and then redistribute static in bgp, but it does not work.
It redistributes all my other static routes, but not that one.
If someone has an idea, please share!
Thanks
... View more
NCS web interface crashed
in Wireless Security and Network Management
07-16-2013
06:17 AM
07-16-2013
06:17 AM
hi, I didn't say that it doesn't work. I said that cisco recomends not to use it in production. Thanks for the hint, though, I will try it in our test lab.
... View more
Re: NCS web interface crashed
in Wireless Security and Network Management
07-16-2013
05:57 AM
07-16-2013
05:57 AM
I also tried the root stuff, but it gave me: % Error : root patch password not set I searched for this in the manual and it sais that the comand is not for end users. we use it for our production infrastructure and i don't want to mess with it. http://www.cisco.com/en/US/docs/wireless/ncs/1.0/command/reference/cli_app_a.html
... View more
Re: NCS web interface crashed
in Wireless Security and Network Management
07-16-2013
05:51 AM
07-16-2013
05:51 AM
Hi, I have restarted the application and it return to normal. Apparently we have version 1.2. It's annoying to have to restart it, even though it doesn't impact the users... #sh version Cisco Application Deployment Engine OS Release: 2.0 ADE-OS Build Version: 2.0.1.038 ADE-OS System Architecture: x86_64 Copyright (c) 2005-2010 by Cisco Systems, Inc. All rights reserved. Hostname: XXXXXX Version information of installed applications --------------------------------------------- Cisco Prime Network Control System ------------------------------------------ Version : 1.2.0.103
... View more
06-29-2017
Hello guys, We are in the middle of deploying our brand-new IWAN
infrastructure and we will start ac...
04-12-2017
Edit 6h after :) I have found the issue. The source was behind a nat and
when I was doing a sh ip mr...
10-27-2016
On the anchor, we do, yes. On the remote sites we don't. This is indeed
a proper solution. Thanks!
10-26-2016
Hello, Yes, when connected to the guest network, I am able to ping
1.1.1.1 and ssh to it. As I have ...
10-26-2016
Hello,I just found out that when connecting to a guest network I can ssh
to 1.1.1.1. If I have the u...
08-18-2016
Hello, I'm also trying to redistribute that /32 route without success. I
had the same idea as you: c...
Created by
Eugen Serban
in Wireless Security and Network Management
07-16-2013
07-16-2013
hi,I didn't say that it doesn't work. I said that cisco recomends not to
use it in production.Thanks...
Created by
Eugen Serban
in Wireless Security and Network Management
07-16-2013
07-16-2013
I also tried the root stuff, but it gave me:% Error : root patch
password not setI searched for this...
Created by
Eugen Serban
in Wireless Security and Network Management
07-16-2013
07-16-2013
Hi,I have restarted the application and it return to normal.Apparently
we have version 1.2. It's ann...
Public Statistics
| Date Registered | 06-27-2013 02:20 AM |
| Date Last Visited | 09-07-2018 12:03 AM |
| Total Messages Posted | 10 |
