Tech Blog

Unable to remove FortiManager from a FortiGate

In order to resolve a failed relationship between a FortiGate and FortiManager we needed to remove the FortiGate.  In FortiManager this worked fine, however in FortiGate the relationship still persisted (under Security Fabric -> Settings -> Central Management).

If we attempted to disable the Central Management toggle we received the following error:

Failed to save FortiManager settings

read more…

Outlook clients not authenticating, but OWA and ActiveSync work fine

We had an issue where a clients’ Outlook connectivity stopped working and they were continuously prompted for credentials.  Mysteriously OWA and ActiveSync were fine.  In the Security logs on the Exchange server we saw a lot of the following:

Source: Microsoft Windows security auditing.
Event ID: 4625
Failure Information:
Failure Reason: An Error occured during Logon.
Status: 0x80090302
Sub Status: 0xC0000418 read more…

CCAPI: Internal Error (Software Error)

We changed a customer from PRI to SIP trunk and after the change, the Exchange UM stopped working for calls coming in from the outside.  We found the following error in the logs:

%VOICE_IEC-3-GW: CCAPI: Internal Error (Software Error): IEC= on callID 78

Some posts mentioned upgrading the firmware (which we did with no effect).  The dial-peer pointed to Exchange had some volume adjustments on it.  Once we removed the adjustments, the error went away and calls went through. read more…

Escape Sequence for a SM-X switch module in a 4000 series ISR

On the pre 4000 series ISRs you would use the regular Cisco escape sequence to exit a service module — CTRL-SHIFT-6 followed by X.  In the 44xx and 43xx series routers the switch modules do not respond to the regular escape sequence from the console.  Instead, to escape back to the router console use — CTRL-A followed by CTRL-Q.

Restart a single context on an ASA with virtual instances

The Cisco ASA firewall can run as virtual host for multiple virtual ASA’s known as contexts.  We recently ran into an issue where a memory leak made one context inoperable.  Rather than reload the entire ASA and take out the other contexts we wanted to only restart the context that was having problems.  Unfortunately there is no way to reboot an individual context as the reload command does not exist inside a context.  The solution is to delete the context and recreate it.  This may sound daunting, but it takes a few seconds and your config is restored. read more…