refine for cisco device logging

Similar Questions

• ISE version 1.0 - cannot get access to the administration for cisco devices

  Hi all

  I want to manage cisco all devices to read and write privilege with ISE 1.0.

  This feature is available in this version?

  I configured the 2960 switch.  Redius test switch is successful. When I telnet to the switch, he asks user name and password. But the message is authorization in the event of failure. But to the LSE, shows the authentication is successful.

  Is - this configuration problem or this function is not available in this version?

  Kind regards

  Sylvie

  Sylvie,

  You will need to create a profile for authorization to return the level of privilege for the user:

  Here are the attribute (cisco-av-pair), you will need to return:

  shell:priv-lvl=xx

• It is recommended to have a vulnerability for Cisco ASA device scan.

  Dear everybody.

  I have a doubt about the analysis of vulnerabilities for Cisco ASA device. Currently we have a vulnerability to network devices include firewalls. But after race for cisco ASA vulnerability scanning, found nothing in the analysis report.

  Is it is recommended to have a Cisco ASA vulnerability scanning and it will defeat the purpose of the firewall?

  I do not understand you ask you can set the ASA to allow an external user, run an analysis on the internal network?

  If so the answer is generally no. The ASA, by default, not allow incoming connections (or attempts of connections) that are not explicitly allowed in a list of inbound access (applied to the external interface). In most cases there should also be (NAT) network address translation rules configured.

  If you had a remote access VPN, you can allow external scanner to connect through that, then they would have the necessary access to analyze internal systems (assuming that allowed VPN access to all internal networks)

• Pulling back until configs for monitoring devices

  Hello

  I wanted to know if Foglight can plan and execute the recovery of the backup of configurations for Cisco (MCU-8710/8510) devices.

  -Christine

  HI Christine,

  We work well with most of the Cisco products out there. Best way to find out, is to discover the device, assign SNMP read/write credentials of the device and ensure that the policy they are, has selected Config Backup screen.

  Thank you!

• Network adapter 802.11n keeps stalling in Message' no. get error Windows 7 drivers are installed for this device. »

  Original title: 802.11n network adapter keeps dropping out

  My network card, Ralink 802.11n for Windows 7 Professional 64-bit, continues to stall as I have no connection to any network.  When I check the network card, he said, "no drivers are installed for this device."  If I try to update the driver, it indicates that the drivers are up to date.  The only way to get the device working properly is to shut down the laptop and restart.  When I do this the device manager says that the network card is working properly.  I looked at other solutions, but none of them seem quite fit.  I use a HP probook 4320 s laptop and I recently installed a I have to drive with the Windows 7 software pre-installed on the drive.

  Hello

  According to the description, I understand in your computer continues network to drop out of school and gives the error that "no drivers are installed for this device. I imagine the inconvenience that you are experiencing and will certainly help you in the right direction to solve the problem.

  This problem may occur because of corruption in the network driver or the network driver is not properly installed in your computer.

  Please follow the troubleshooting mentioned method below to check if his help.

  Method 1: run the network troubleshooter utility.

  The problem report contains one or more event logs. Administrators Network and technical support staff can use the information in the event logs to analyze connectivity problems or help interpret the findings. You can find this information by clicking on display of detailed information on the last page of the troubleshooting tool, or by following these steps:

  1. Open troubleshooting by clicking the Start button, on Panel configuration, and then, under system and security, clicking on find and fix problems.
  2. In the left pane, click View history.
  3. Right click on the troubleshooting report, and then click details.

  If the problem persists, follow the next method.

  Method 2: uninstall and reinstall the network driver.

  Please follow the steps below.

  1. Open Device Manager by clicking the Start button, click on the Control Panel, clicking system and Maintenance, and then clicking Device Manager.  If you are prompted for an administrator password or a confirmation, type the password or provide confirmation.
  2. In Device Manager, look for the network adapter.
  3. Right-click on the adapter and select uninstall.
  4. After uninstalling the network driver restart the driver.

  After the computer restarts, Windows will automatically try to install the driver real network. If not, I recommend you download the latest driver available from the manufacturer's Web site and check if its help.

  Please follow the below link to download the driver from the manufacturer websites (HP) network.

  http://h20565.www2.HP.com/hpsc/SWD/public/readIndex?sp4ts.Oid=4145372&swLangOid=8&swEnvOid=4059

  Hope this information is useful, if the problem persists please write us back with the quick information so that we can help you further.

• BlackBerry 10 latest Blackberry Device Software for my device

  where can I find what is the latest version of the software for my device and what has changed (change log)

  In many ways it is the expression use the latest OS Version (besides sometimes errors returned in later versions)

  My administrator has disabled the OS-updates so now the device is not possible.
  Also a log of the changes appear not so that I wouldn't have any idea if the update would give me a chance to solve a practical problem.

  My camera is a Z30 and OS-Version 10.3.1.1784

  concerning

  Guenther

  Hello and welcome to the community!

  'Later' is a variable term, not a constant. Many entities control releases of OS packages to end users. BB releases all OS packages all over the world at the same time, but others (often the carriers) control the last stage of the release to their end-users. Therefore, 'later' is often different for different people, even on the same exact device.

  In addition, your situation is complicated by the administrator... we have to assume, you are a user of enterprise/BES, and as such, your administrator is indeed even more control over what is put at your disposal. You must never proceed without their cooperation... it is quite possible that there is some specific reason that they prohibit updates (for example, they might have internal special applications that require a specific device OS in order to work). But, despite everything, you work with them for all of your needs to update the device.

  So, with all that as preface, the only answer we can provide is that 'later' BB's OS 10.3.2.2813, but it has so far adopted only by a single carrier (Sprint in the USA) and only for a single device (Q10). But, as always, there are utilities created by users smart to allow anyone on any medium and with any device to adopt more "later" that BB was released.

  Regarding the change, who are notoriously difficult to find logs. Here are the most recent that I found:

  • https://help.BlackBerry.com/en/release-notes/latest/

  Note that, as with all official documentation, it is listed not by the real value of the OS, but rather by the value of the version of the software. If you need to understand the difference to be sure that you look at the correct things. Reference:

  • http://support.BlackBerry.com/kb/articleDetail?ArticleNumber=000023393

  So, even once, you very much to include your administrator in your decision-making process. This is especially true if you decide to switch to the 10.3.2 management of the OS, because that adds to the significant complication of the protection feature against theft, which requires that you 100% know your BBID credentials... If you do not, then you can restore your useless device to anyone, including yourself. Reference:

  • http://support.BlackBerry.com/kb/articleDetail?articleNumber=000036418&language=English
  • http://blogs.BlackBerry.com/2015/06/getting-started-with-anti-theft-protection-in-BlackBerry-10-OS-v...

  Good luck!

• License problem of security context for Cisco ASA 5585

  Hello

  Can someone help me in license number for the ASA 5585 security environment,

  We recently purchased a box ASA (5585) which has 2 default security context and we had like to have context for this ASA 25 permit and we got two codes PAK of Cisco for 20 licenses and 5 respectively.

  When we generate the license key by combining the two codes Portal Cisco PAK and apply the same on ASA, do not see the 25; Instead, it shows only 20.

  Is it really possible to stack context like 20 + 5 licenses or to buy a PAK code for any license 25 context?

  Please advise me on this.

  Thanks in advance!

  Kind regards

  Kam

  Hello

  This should probably not be handled with Cisco directly or through the company that got you the license.

  To my knowledge, there is a possibility that the you have everything first to install a license key and the other licence could be upgraded from the previous license until the following limit of function under license.

  I had several occasions where I was provided with the wrong license and had to communicate with Cisco/provider to get licenses appropriate for my device.

  While I was announcing this response I checked the document of licensing for ASA models. It seems to me that there is no security content license 25 for the SAA. The deadline is 20 and license of SC 50 SC

  Check this document:

  http://www.Cisco.com/en/us/docs/security/ASA/asa84/configuration/guide/intro_license.html#wp1230400

  -Jouni

• Is there an SSH for Cisco LMS interface?

  Hello

  Is there an SSH for Cisco LMS interface? Now when I try SSHing in I'm just met a guest for ciscoworks scp. I am trying to access so that I can add new devices by using the dcrcli command without having to RDP in the machine that is running on LMS.

  In addition, is accessible for LMS api soap from the outside? I tried to make it work using soapui but ended up which put on hold after that I read somewhere else that the API is not available outside, I thought I'd check here if to see if it's actually true.

  Thank you

  When LMS runs on one machine virtual ('soft machine'), ADE-OS based on Linux is exposed through ssh.

  When LMS is running on a windows server, there is no interface to ssh for the application of the LMS.

  In this case, the command line utilities are more or less accessible via a Windows command prompt that would require the native console or server access to the RDP.

  The different functions available cli are detailed here:

  http://www.Cisco.com/c/en/us/TD/docs/net_mgmt/ciscoworks_lan_management _...

  I've never seen someone try to use LMS via the API if you are in a very small set of users there. LMS being in its sunset, I wouldn't hold much hope for us to open.

• AnyConnect licenses for Cisco RV110W

  Hi all

  Thank you in advance for taking the time to respond - I tried for the last hour and seek more information on the AnyConnect client for an entry level firewall - CiscoRV110W, but I'm still confused.

  To say simple things, my questions are:

  If I buy this firewall of entry-level VPN connections supports 5 + 5, can users download the AnyConnect client and connect to the VPN for free (once it is set up), or do I have to pay extra for the AnyConnect licenses? How much would that cost?

  My experience with AnyConnect has been so far limited to the end user, use it to connect to the network through the VPN at work, but now I take into account set up something similar for a small office with a few teleworkers.

  Connection of the device:

  http://www.Cisco.com/c/en/us/products/collateral/routers/RV110W-wireless...

  I already read the FAQ for AnyConnect, but it is still is not clear.

  Thank you for your time!

  Hi mmihai.toma,

  As far as I know, is not supported on devices RV Anyconnect.  If you want to use Anyconnect you must have a Firewall ASA or IOS, router IO - XE.

  According to the documentation it looks like the only VPN options for the device of RV are: quick VPN, Site to Site, and PPTP.

  It may be useful

  -Randy-

• With the help of Cisco ACS 5.2 (GANYMEDE +) with other than Cisco devices

  Hi all

  I was hoping that someone could help me with what might be a silly question. I'm trying to implement a solution whereby an operator can control all their nodes (other than Cisco) network via GANYMEDE + involved nodes are

  Juniper M10i running Junos 9.2, M120

  M320 running Junos 8.5 Juniper

  Extremes of BD8810 and BD8806 running 12.4.1.17 XOS

  3804 Alpine extreme Extremeware 7.8.3.5 running

  My question is, can I use Cisco ACS 5.2 (or 4.2) to authenticate using GANYMEDE + to these other than Cisco devices. Has anyone else done this or I have to use RADIUS? If someone has done this are problems of interoperability with Cisco CS and Junos or XOS extreme. Thank you

  / John

  John,

  We have a very large deployment of Juniper (T-series, series MX, etc.). We use Cisco ACS and GANYMEDE to manage these devices. The configuration of the ACS is fairly simple. You'll want to create users to connect and match them to the classes on your JUNOS routers. Here is an example:

  set system login user uid of engineering 2000
  Set system login user engineering genius-class class
  set the connection user uid to NOC 2001 System
  Set system login user AC AC-class class

  define the system connection Engineering-class idle-timeout 15
  define a connection system class engineering-class permissions all
  define the system connection AC-class idle-timeout 15
  define the connection class AC system class view permissions
  Set connection AC-class permissions see the system configuration

  We use two classes of genius and NOC. One is defined as a read / write and the second read-only. This is in turn then mapped in ACS (in our case version 4.2) by user or group (preferred). First, you change the configuration of the interface and add a Ganymede junos-exec service and do not enter the Protocol field. Then, you change the attributes of the user group. I've attached screenshots for both on this subject.

  Hope this helps.

  Derek

• No hardware compatible/ID available for this device. ROOT\ACPI_HAL\0000.

  Original title: OF BUG or NOT of BEING SLAMMED

  is it ok info pilot? This is a log of a time where I couldn't then discovered online a virus was the culprit twatty. Its the "HAL" bit. Maybe its me? is normally! Val ROOT\LEGACY_KSECDD\0000 name: KSecDD hardware compatible/ID available for this device. ROOT\ACPI_HAL\0000 name: ACPI-based x 64 PC Hardware ID: acpiapic compatible ID: DETECTEDInternal\ACPI_HAL DETECTED\ACPI_HAL ACPI\PNP0303\4 & 1A8A2F7F & 0

  Hi Andy,.

  1. What is the brand and model of the computer?

  2 have you tried to update all the drivers?

  This problem may occur because of recent material changes or due to virus infections.

  Method 1:

  Since there is no compatible hardware / codes available for the device, you can review the article and analysis complete on your computer by using the Microsoft Safety Scanner.

  Microsoft safety scanner

  Note: The data files that are infected must be cleaned only by removing the file completely, which means that there is a risk of data loss.

  Method 2:

  We may also refer to article and check if it helps to solve the problem.

  What to do when a device is not installed correctly

  Hope the helps of information. Let us know if you need help with Windows related issues. We will be happy to help you.

• Hardening of the cisco devices

  Hello

  I'm looking for some documentation how to 'strengthen' a Cisco Cisco device. I am after those on the routers, IOS, PIX firewall, command SET switches and also IOS command switches. A search on CCEL, but did not find anything useful. Thanks in advance for your help.

  IOS:

  http://www.cisecurity.org/bench_cisco.html

  http://www.NSA.gov/SNAC/downloads_cisco.cfm?menuid=scg10.3.1

  I'm not aware of all these guides for devices os pixen or catalyst, but many of the ideas are the same (i.e. to assess who you allow admin/snmp/etc access by ip address, etc.

• LMS with UM for 5000 devices

  Hello

  We will install an LMS with UM for 5000 devices. We can see in the hardware requirements doc that "UM and CS must be installed on a stand-alone server, which manages 1000 devices.

  My questions are:

  1 and 4000 other devices?

  2. is it mandatory to install CS and HUM in a separate server?

  3 - What are the hardware requirements for this server with UM and CS?

  4 - is possible to configure the CiscoWorks LMS master and the server with UM and CS as slave?

  Thank you very much.

  UM can't stand up to 1000 devices. See http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_health_and_utilization_monitor/1.2/Install/guide/HUMprqst.html#wp1058394 for the hardware and software configuration.

• FireFox 39 Incompatible with all Cisco devices

  With the last update access to all devices Cisco via FireFox is no longer supported. Now, I get the following errors:

  The secure connection failed
  An error occurred during a connection to [IP]. SSL has received a low ephemeral Diffie-Hellman key in the handshake message exchange the server key. (Error code: ssl_error_weak_server_ephemeral_dh_key)
  The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  Contact the Web site owners to inform them of this problem.

  Is there a way to roll back the version to avoid this or a permanent fix? FireFox is currently the only browser that works very well with Cisco devices, and now it won't work at all.

  What happens if you set these false in two: config:

  Security.SSL3.dhe_rsa_aes_128_sha
  Security.SSL3.dhe_rsa_aes_256_sha

  Are you able to connect with disabled ciphers?

• Can I purchase care from apple for a device I bought by a third party such as Best Buy or Groupon retailer?

  Can I purchase care from apple for a device I bought by a third party such as Best Buy or Groupon retailer?

  Yes, if it's new.