I've got a 1720 Router sandwiched between two PIX 506s. A workstation is also connected to each PIX. I am able to ping from one workstation to the other using a standard PIX-PIX VPN tunnel. If I down the PIX local to the workstation and reload it, the VPN tunnel is re-established when the local PIX comes back up. If I down the Remote PIX and bring it back up, I have to manually clear the SAs on the local PIX in order to re-establish the tunnel, or else restablish the tunnel by pinging back from the remote workstation. How do I get the PIXes to attempt to re-negotiate the tunnel automatically once it has been broken by the remote peer being reset.
If your remote pix is down, then you can try to enable isakmp keepalives in your environment. This would keep track of the remote pix, and once the remote pix is down, it will delete all the related IPSec SAs
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...