The UCS Central appliance is on it’s way to be a proper centralized management platform for multiple UCS domains, but it’s not quite there yet. There are little simple things missing, such as custom SSL certificates. I had to get UCS Central using a proper SSL certificate the other day and couldn’t really find anything on how to do it. After figuring out how to do it, I decided to document it here!

I’m not getting into how you can generate a SSL private key, there are plenty of other tutorials covering those things. You’ve got two options; generate the … Read more


When you need to only the change the unified ports inside an expansion slot of a Nexus 5500, you do not have to reload the entire switch to activate the unified port changes. You can simply restart only the module like this:

nx5548up-a# config t
nx5548up-a(config)# slot 2
nx5548up-a(config-slot)# port 1-16 type fc
nx5548up-a(config-slot)# end
nx5548up-a# copy run start
nx5548up-a# poweroff module 2
nx5548up-a# no poweroff module 2

Read more

Brad Hedlund‘s blog is one of my favorite sources of excellent UCS (and other general) material. I just found the exceptional UCS videos, which deserved a re-share.


Part 1 – The Physical Architecture of UCS

In this video we take a look at the physical network architecture of Cisco UCS and incorporate the new capability of connecting both blade and rack mount servers to UCS Manager.


Part 2 – Infrastructure Virtualization & Logical Architecture

Here we look at how Cisco UCS virtualizes every significant component of the physical architecture; switches, cables, adapters, and servers. Then we look at how … Read more


When expanding your UCS environment, Cisco will deliver your new blades with the latest firmware. If you’re running an older firmware on your UCS setup, this could cause an issue with the blade discovery.

If the new blades are hung on the discovery process with BIOS POST issues, the following message can appear in the FSM tab of the server:

Waiting for BIOS POST completion from CIMC on server 1/1 (FSM-STAGE:sam:dme:ComputeBladeDiscover:BiosPostCompletion)

This can happen when then blades firmware is newer than the firmware available in the bundle installed in the UCS Manager. The easiest way to recover and complete your … Read more


I had a corrupted IOS image on a 3750E switch today and feared for a xmodem transfer to eat up my day, until I found that you can copy from TFTP. It’s very well hidden, but still possible. Here’s how:

When the switch has ‘booted’ without a proper IOS, you’ll be in the ‘switch: ‘ command line. In the following example, I will assume that the TFTP server has IP 192.168.0.10 and the switch will use 192.168.0.1.

Connect your TFTP server to the ethernet management port, then follow this sequence:

switch: set IP_ADDR 192.168.0.1/255.255.255.0
switch: set DEFAULT_ROUTER 192.168.0.10
switch: copy
Read more


For some reason a Cisco ME3400 doesn’t have both IPv4 and IPv6 routing enabled. Still wondering why, but this is how you enable it:

 

conf t
sdm prefer dual-ipv4-and-ipv6 routing
exit
wr mem
reload
Read more

If your replay window size has not been set to a number that is high enough for the number of packets received, you will receive a system message such as the following:

*Nov 17 19:27:32.279: %CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=xxx

To prevent this error, you can do following:

rtr(config)# crypto ipsec security-association replay window-size 1024

Read more