Exchange Transport rule based on the recipient — which is a group

For Exchange Server, a transport rule can apply actions to messages based on the recipient address.  If you however attempt to use a Distribution List (group) the rule will not save, giving you the following error message:   SentTo predicate does not allow distribution groups. ‘My Group’.     The workaround to this is to instead chose “The Message -> To box contains this person” and then select your group and it should now let you save.  ...

Escape Sequence for a SM-X switch module in a 4000 series ISR

On the pre 4000 series ISRs you would use the regular Cisco escape sequence to exit a service module — CTRL-SHIFT-6 followed by X.  In the 44xx and 43xx series routers the switch modules do not respond to the regular escape sequence from the console.  Instead, to escape back to the router console use — CTRL-A followed by...

Restart a single context on an ASA with virtual instances

The Cisco ASA firewall can run as virtual host for multiple virtual ASA’s known as contexts.  We recently ran into an issue where a memory leak made one context inoperable.  Rather than reload the entire ASA and take out the other contexts we wanted to only restart the context that was having problems.  Unfortunately there is no way to reboot an individual context as the reload command does not exist inside a context.  The solution is to delete the context and recreate it.  This may sound daunting, but it takes a few seconds and your config is restored.  First login to the ASA and change to the context that’s having problems and save the config.  In our case the context named “transparent” was the one that stopped working.  (You may not want to save the config if a configuration issue broke the context.  If so this step is optional.) login as: admin admin@10.10.10.1’s password: Type help or ‘?’ for a list of available commands. ASA5525/admin> ASA5525/admin> en Password: ************ ASA5525/admin# changeto context transparent ASA5525/transparent# wr mem Then switch to the system context (the hypervisor layer) and show the context information.  In our case we have three contexts: admin, customer and transparent. ASA5525/transparent# changeto system ASA5525# show run context ! admin-context admin context admin   allocate-interface GigabitEthernet0/0   allocate-interface GigabitEthernet0/1   allocate-interface GigabitEthernet0/1.2   allocate-interface Management0/0   config-url disk0:/admin.cfg ! context customer   allocate-interface GigabitEthernet0/0   allocate-interface GigabitEthernet0/1.499   config-url disk0:/customer.cfg ! context transparent   allocate-interface GigabitEthernet0/3 outside   allocate-interface GigabitEthernet0/4 inside   config-url disk0:/transparent.cfg ! Copy the config for the context causing you problems.  Then remove the context. ASA5525# conf t ASA5525(config)#...

Troubleshoot Ruckus AP not connecting to Virtual SmartZone cloud controller

Here are a list of things to troubleshoot when a Ruckus AP is not registering to a Virtual SmartZone (VSZ) cloud controller. Ensure that the public IP address of the site where the AP resides is permitted through the firewall protecting the VSZ. Check that the AP has a valid private IP address and is pingable from the router at that site. SSH into the AP.  default credentials are super/sp-admin).  If those credentials don’t work then the AP has received its config from the controller and the zone credentials must be used. Ping an external IP address to confirm the AP can reach the internet. Run “get scg” rkscli: get scg ------ SCG Information ------ SCG Service is disabled. AP is not managed by SCG. State: Not Available - busy or not running. SCI is disabled. Server List: (IP or FQDN of VSZ shows here) No SSH tunnel exists Failover List: Not found Failover Max Retry: 2 DHCP Opt43 Code: 6 Server List from DHCP (Opt43/Opt52): Not found SCG default URL: RuckusController SCG config|heartbeat|mesh status|status intervals: 300|30|300|900 SCG gwloss|serverloss timeouts: 1800|7200 ---------------------------- If you see “SCG Service is disabled” Then run “set scg enable” and this should start the SCG service. If the Server List is incorrect or empty run “set scg ip {IP or FQDN goes here}” to point the AP to the VSZ...

Upgrading IOS-XE firmware on a 4000 series router

Had an issue where I was not able to successfully upgrade the IOS firmware on a Cisco 4351 router.  This model of router runs IOS-XE and has some slight differences in feature set compared to legacy IOS.  For example “ip dns server” was not an available command in the version the customer was running and so we needed to upgrade to the latest version which had support for running a DNS server. I had uploaded the firmware (which was a whopping 470MB) to the flash and then entered in: boot system flash isr4300-universalk9.03.16.00c.S.155-3.S0c-ext.SPA.bin I then saved and rebooted the device, but the old firmware was still loaded.  I discovered that the proper syntax for this series of router needs to be: boot system bootflash:/isr4300-universalk9.03.16.00c.S.155-3.S0c-ext.SPA.bin After a save and reboot we were on the new firmware and sure enough “ip dns server” was now a supported...