It should be the eth1 service ip address.
Thanks,
--Jackie
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Speight, Howard
Sent: Wednesday, January 03, 2007 12:39 PM
To: [log in to unmask]
Subject: Re: delaying upgrade to 4.0.4
I made the changes will let you know if that fixes it. We removed the
AP's from the WLC just to get them back online. Need to hook up another
test AP.
Should that be eth0 instead of eth1 when using HA mode? See
DHCPoption54.jpg. The service IP manages the eth0 interfaces, right?
Thank you very much for posting that URL, I remember reading it, but
after ten or so hours most everything just blew right by...
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Jackie Cheng
(jaccheng)
Sent: Wednesday, January 03, 2007 13:07
To: [log in to unmask]
Subject: Re: delaying upgrade to 4.0.4
I think
http://www.cisco.com/en/US/products/ps6128/prod_release_note09186a008070
866a.html#wp42539 could be related to your WLC issue. Let us know if it
works for you.
Regards,
--Jackie
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Speight, Howard
Sent: Wednesday, January 03, 2007 9:40 AM
To: [log in to unmask]
Subject: Re: delaying upgrade to 4.0.4
Upgraded Wireless (4 machines) and Residence Hall (8 machines) CCA from
3.5.10 HA to 4.0.4 HA.
The wireless upgrade went perfectly, shared secret and all console and
web passwords transferred without incident. One problem (still
unresolved), we had a WLC in test mode managing two AP's, clients using
either of those AP's could not pick up an IP address after upgrade. I'll
open up a TAC case for that problem.
The Residence Hall upgrade 3.5.10 HA to 4.0.4 HA was a different story
but it wasn't all CCA. Had one hardware problem that took several hours
to resolve, no fault of CCA. None of the CAS came on-line after the
upgrade; this was because of the shared secret. The TAC engineer
regenerated certs for one CAS pair and the CAM and that CAS came
on-line. Rather than regenerate the certs for the other two pair, I ran
service perfigo config on the CAM, changed the shared secret to the
previous value, imported the cert and private key for the CAM and the
other two CAS pair came on-line. Now the other CAS was messed up,
imported the cert and private key for the CAS, ran service perfigo
config and got it's shared secret fixed, it came on-line but lost the
DHCP mode (defaulted to none) and related information. Changed to DHCP
(previous setting) and the CAS picked up ALL the lost information,
pretty cool.
Bottom line, I "believe" if I had run service perfigo config on the CAM
and fixed the shared secret everything else would have fell into place?
The process was a good learning experience! :-)
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of WENDY SHIH
Sent: Wednesday, January 03, 2007 11:06
To: [log in to unmask]
Subject: delaying upgrade to 4.0.4
Since other network projects are scheduled before 4.0.4 released, we may
not be able to upgrade till summer from current version 3.5.9 HA. From
what you can tell besides Vista vulnerability (if we let it bypass), can
you foresee any impact this may cause? I don't want the delay to
cause
more issues and wish we have done the upgrade in the next few months.
Has anyone done the upgrade from 3.59 HA to 4.04? Any issues?
Thanks a lot.
|
