LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

April 2008

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS April 2008

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: OOB error help?
From:	"Osborne, Bruce W. (NS)" <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Wed, 23 Apr 2008 13:42:46 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (69 lines)

Bill,

There was an SNMP bug in IOS that prevented us from deploying OOB on
3750 stacks. That bug was fixed in release 12.2(35)SE. 

We are currently running 12.2(37)SE, 12.2(40)SE, 12.2(44)SE, and
12.2(44)SE1 & CCA 4.1.1 Virtual GW OOB with no problems. We are
primarily using WS-C3750G-48PS-S switches.

I also notice that there is Bug ID CSCsk66548 where switch ports can get
reverted to their default vlan, but that does not seem to fit your
issue.

What CCA & IOS versions are you running?


Bruce Osborne
Liberty University

-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Bill Davis
Sent: Wednesday, April 23, 2008 1:21 PM
To: [log in to unmask]
Subject: Re: [CLEANACCESS] OOB error help?

We have just experienced a 5th general loss of service since deploying
our
Clean Access in Out-of-Band mode last August. Each failure has lasted
over 2
hours and nothing we do helps.  Users who are not already logged in are
unable to do so because the CCA Manager cannot successfully change the
authentication vlan to the access vlan because the switch does not
respond
to any SNMP request from the manager.

Is there anyone else who has deployments in OOB mode using stacked Cisco
3750 switches?
If so, have you seen this behavior?

We have found out that only switch stacks with 4 or more elements are
affected, with only one exception.

Cisco TAC currently thinks this is a high CPU issue and that since the
SNMP
process has a lower priority, something else may be starving it of
resources.  We have read that any change to the running configuration of
the
switch stack (as is done each time a user logs in via Clean Access), the
configuration is replicated to each element in the stack using lots of
CPU
so this occurs frequently, but this general SNMP failure occurs at
seemingly
random times.

Our Cisco TAC case has been open since late January with no resolution
as yet.

If anyone else is experiencing this, or has ideas on what may trigger
the
event, please let me know.

Thanks!

-Bill
[log in to unmask]
Network Security Administrator
Colorado State University

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU