Comments
-
jmlivingston, great question. Yes. Based on our investigation, the products that have/ship with a vulnerable version of OpenSSL are NOT using the library in a way that executes the vulnerable code - both for client-side or server-side vulnerabilities. Even so, we are still releasing hotfixes for the products that are…
-
You're right, this is a bug. We'll try to get this resolved in the next release. For internal folks, this is being tracked as #1484.
-
Thanks for the update. I should have thought to ask you to test it manually much earlier, so no worries Please keep us posted on what you find in chasing down the device side of things.
-
In reviewing the end of your trace again, I agree with Sham. It appears we are running the wrong command and perhaps there is some confusion on terminology: Upload Config - uploads a config FROM Cirrus TO the device Right-click node -> Upload Config Should see this is trace file: copy tftp://host/src_file nvram ======…
-
Does the 3002 support config backup via TFTP? I didn't see that option based on the menu prompts listed above. Currently, we only support menu-driven *indirect* transfers via TFTP. It appears that your device may require support of menu-driven *direct* transfers (i.e. line by line config transfer based on a "view config"…
-
We’re making progress! It looks like it’s getting hung up on the “more” prompt, which is also non-standard (“-Press Any Key For More-”). You have 2 options: 1) Disable paging (if possible) on IronPort so the entire config is displayed on the terminal at once 2) Try adding the following line to the device template <Command…
-
Can you post your session trace? Also, what type of Nortel switch is it? You may have to make some tweaks to your device command template to make this work. We're in the process of updating our OOTB Nortel templates, but those weren't included in the beta build.
-
Yes. You can probably remove the "menubased" and "virtualprompt", but leaving them in won't hurt anything. Once you've made that change, let me know how it works.
-
We're slow rolling the RC to customers. Please send Brandon or me a private email and we'll get you added to the list.
-
During upload, did you check the boxes to save to NVRAM and reboot?
-
See below for how I have this feature request currently outlined. I'm hoping that we can use a single Nightly Config Backup job to achieve the same effect as the two jobs (Nightly Backup + Config Change Report). Would you mind posting a version of the config change report you received with the previous Cirrus version to…
-
Can you try adding the following line to your template? <Command Name="PreCommand" Value="Y"/> If it's required to send CRLF after ‘Y’, please add this to precommand: <Command Name="PreCommand" Value="Y${CRLF}"/>
-
The ability to send pre-commands with SSH connections was added in 5.0 which resolves the issue I believe you are experiencing
-
No worries at all. I'm glad you raised this to our attention. We'd love to get your feedback on v5 when you get a chance.
-
The demo version is a fully functional evaluation, so that's not the issue. Is the Upload Config option there when you right-click on a configuration? When you configure TFTP as your transfer config option, Upload Config actually overwrites the configuration and achieves the "rollback" for you.
-
Ok, thanks for that clarification. Couple more questions: 1) What is the critical behavior difference you are seeing when checking last running config versus last 1 day config? Perhaps that's something we can more easily fix. 2) Is the reason you are running the Config Change Report (versus just using the change…
-
We believe we've resolved many of the SSH connectivity issues in 5.1, which is currently in QA. Please open a support ticket on this one so we can verify that the fix that worked for others also works for your case.
-
We definitely hear you. Unfortunately, this didn't make the NCM 5.5 release because the efforts to integrate the topology engine into Orion discovery database are still in progress. I can tell you this is the highest priority item on our list for the next Major release (NCM 6.0).
-
Please provide me a case number that you've opened on this issue and I'll check to see where this is at.
-
Tnx, i´ll give it a try. Ok, let us know how it goes. I guess you allready put this on the list of enhancements for the product ? (meaning: implementing a feature that can get more than 1 running and 1 startup config pr product) If so, please remember the other downloads we have been requesting, like route-table, arp etc.…
-
It's probably because paging is enabled and you've reached the equivalent of the "more" prompt. Do you know if there is a way to disable paging on your Ironport device?
-
Kathy, someone from support should be following up with you shortly. In the interim, would you be willing to verify that the 5.0 BETA build fixes your issue? v5 is coming out soon and we believe we resolved the SSH connectivity issues in this release.
-
That is very strange indeed. I've never seen that behavior before. Please open a new support case on this issue so we can investigate this further.
-
Is everyone in this thread using 2 jobs in this scenario? 1. Nightly Config Backup Job set to only save configs when changed 2. Config Change Report - show changes over the last 1 day And the expectated behavior is that the config change report should compare most recent download to the last downloaded (even if the last…
-
Yes, you can execute a download config job which will refresh the cache. There seems to be a lot of confusion regarding these charts. Most of it stems from the fact that they're not based on real-time system state. I'd like to propose moving to a real-time option by default. So, Running vs. Startup would based on the…
-
Are you trying to rollback to a particular configuration? If so, you'll need to use either Telnet or SSH with TFTP. As you are probably aware, Cisco CLI does not support a "rollback" of the config through the CLI....all command line config operations are additive (unless preceded by "no").
-
The default Cisco ASA template is included with the product. As noted above, you'll need to take the following steps: 1. Add a device instance for each virtual firewall (i.e. multiple copies of the same device). NCM only supports 1 running config and 1 startup config per device so this is a way of working around this…
-
No worries, it was probably a misunderstanding. I'm having QA try to repro and if it's a bug we'll see if we can't fix this in the next release.
-
Thanks for the session trace. I'll need to discuss with dev and determine why this isn't working. It may be that we cannot support the post-prompt. In the interim, you might try using a command script to backup the config instead.
-
Thanks Dave for posting back on this one. Yes, SP2 resolves the signature issue that was causing NCM services to not start in an environment without internet access or where a proxy is used to access the internet.
