Posts

Showing posts from December, 2017

No more 180 day trial licensing....thanks Cisco :(

Here are the new licensing options.  If you request a license type more than once, you will now only get offered a 30 day license unless you request approval for a longer license.

Post a Comment
Read more

Limitations of passing SQL across the Unified OS CLI

I have found that if you pass around 500 SQL updates via the CLI, you will get the following memory fault, 10.5.2, I have not yet tested with any other version:

Exception in thread "main" run(): caught exception Stream closed
java.lang.OutOfMemoryError: unable to create new native thread
        at java.lang.Thread.start0(Native Method)
        at java.lang.Thread.start(Thread.java:714)
        at com.cisco.cpi.common.util.cmExecCommand.exec(cmExecCommand.java:937)
        at com.cisco.cpi.common.util.cmExecCommand.exec(cmExecCommand.java:842)
        at com.cisco.iptplatform.cli.cmdBaseDbOSI.setDbLogMessageMethod(cmdBaseDbOSI.java:57)
        at com.cisco.iptplatform.cli.cmdBaseDbOSI.<init>(cmdBaseDbOSI.java:49)
        at com.cisco.iptplatform.cli.cmdRunSql.<init>(cmdRunSql.java:38)
        at sun.reflect.GeneratedConstructorAccessor8.newInstance(Unknown Source)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
        at java.lang.Class.newInstance(Class.java:383)
        at com.cisco.iptplatform.cli.cmdClassThread.setCmdInstance(cmdClassThread.java:105)
        at com.cisco.iptplatform.cli.CliClassLauncher.execute(CliClassLauncher.java:285)
        at sdMain.main(sdMain.java:1881)


 However, I wrote a script that simply splits the loop into 400 command segments and then logs out and back in.  I will look to see if the API has the same issue as well and update this post at a later time.
Post a Comment
Read more

ISE 2.3 for TACACS

This is just a quick post on how to get TACACS working in 2.3; using AD in this example.  For this, we will follow the guide provided here and supplement it below:

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200208-Configure-ISE-2-0-IOS-TACACS-Authentic.html

But for Configuring TACACS Authorization Policy, I am going to provide some screenshots in order.

Step 1

Step 2
Step 3

                        










Step 4

Post a Comment
Read more