got an error when I try to my ESXi host to N1K

Today I got this error when I try to my ESXi host to N1K

vDS operation failed on host, An error occurred during host configuration. got (vim.fault.PlatformConfigFault) exception

I will resolve this and update my fix soon.


Posted in CISCO Switch, Virtualization, Vmware | Leave a comment

VTP Modes – VTP operates in one of three modes – This is for those who are learning about switches…

VTP Modes - VTP operates in one of three modes:

  • Server – In this VTP mode you can create, remove, and modify VLANs. You can also set other configuration options like the VTP version and also turn on/off VTP pruning for the entire VTP domain. VTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on messages received over trunk links. VTP server is the default mode. The VLANs information are stored on NVRAM and they are not lost after a reboot.
  • Client – VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on the local device. In VTP client mode, VLAN configurations are not saved in NVRAM.
  • Transparent – When you set the VTP mode to transparent, then the switches do not participate in VTP. A VTP transparent switch will not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received messages. VLANS can be created, changed or deleted when in transparent mode. In VTP version 2, transparent switches do forward VTP messages that they receive out their trunk ports.
Posted in CISCO Switch | Leave a comment

Commands to reset VPN in PIX 515E

Note: These commands I use to use  roughly 6 to 7 years to reset my VPN.


no crypto map mymap interface outside
no isakmp enable outside
clear crypto isakmp sa
crypto map mymap interface outside
isakmp enable outside

Posted in CISCO Firewall ASA, CISCO Security, Security | Leave a comment

Host profile bug in ESXi 4.x

I have installed 20 ESXi server and kept in a cluster. I configured vmkernel ports for vmotion, nfs traffic in first   ESXi server. So totally I got 3 vmkernel ports.

1. vmkernel port for management (management checked)
2. vmkernel port for vmotion (vmotion checked)
3. vmkernel port for NFS traffic.

I took host profile of the first host and applied to remaining 19 hosts. You know what happened!! for the remaining 19 hosts order messed (note: there is no order – as long as management/vmotion checked properly) and console was showing  either IP of vmotion or NFS! As well management traffic was going through either vmotion or nfs subnet! When check the host management network radio button properly checked. This is very strange bug!!

In my case I have configured N1K and moved to N1K too.

Final Solution from Vmware support:

This is known bug from ESXi 4.x – this will be fixed in ESXi 4.3 and above (as of today ESXi 5).

~~~~~~~~~~~~~~~~~ From VMware ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Yes, so it is a known issue scheduled to be fixed in the esx5.x or the future release of the 4.2.

When applying Host Profiles to an ESX/ESXi host, the network configuration of the ESX/ESXi hosts changes
For example, the network configuration for an ESX/ESXi host from which the Host Profile is created looks like:

vmk0: Management
vmk1: VMotion

After applying the host profile, the network configuration of the ESX/ESXi host looks like:

vmk0: VMotion
vmk1: Management

IP address of the host as displayed on the DCUI will change to whatever IP is associated with vmk0 (e.g. the vmotion IP address) so the host will appear to have the wrong IP address after applying the host profile.
If you have three or four vmkernel interfaces, when you capture or update the host profile from a reference host, you see that the vmkernel interfaces are reversed.


This issue occurs because the Host Port Profile in the Host Profile list has vMotion before Management and it gets applied in that order.

To work around this issue, delete vMotion from the Host Profile list and then readd it, so that it comes below Management.

Alternatively, create a host profile from an ESXi/ESX host that lists the Management PortGroup before the vMotion PortGroup or other PortGroups. When you edit the Host Profile, you can find the sub folder (where the workaround be applied) under Networking configuration > Host Port Group.


In my case, instead of host profile I used VMA / PowerCLI to cross this issue.

Posted in Virtualization | Leave a comment

Showing version from one of my ASA 5580

vmgenie-dmz-fw1# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(1)
Device Manager Version 6.1(5)

Compiled on Tue 05-May-09 23:45 by builders
System image file is “disk0:/asa821-smp-k8.bin”
Config file at boot was “startup-config”

vmgenie-dmz-fw1 up 20 days 15 hours
failover cluster up 112 days 23 hours

Hardware:   ASA5580-40, 12288 MB RAM, CPU AMD Opteron 2600 MHz
            4 CPUs, 8 cores
Internal ATA Compact Flash, 1024MB
BIOS Flash MX29LV320 @ 0xffc00000, 4096KB

Encryption hardware device : Cisco ASA-5580 on-board accelerator (revision 0×0)
                             Boot microcode   : CNPx-MC-BOOT-2.00
                             SSL/IKE microcode: CNPx-MC-SSL-PLUS-0002
                             IPSec microcode  : CNPx-MC-IPSEC-MAIN-0002
Baseboard Management Controller (revision 0×1) Firmware Version: 1.80

 0: Ext: Management0/0       : address is 001f.29e4.d440, irq 11
 1: Ext: Management0/1       : address is 001f.29e4.d442, irq 10
 2: Ext: TenGigabitEthernet5/0: address is 001b.212e.cb15, irq 11
 3: Ext: TenGigabitEthernet5/1: address is 001b.212e.cb14, irq 5
 4: Ext: TenGigabitEthernet7/0: address is 001b.212e.cb0d, irq 11
 5: Ext: TenGigabitEthernet7/1: address is 001b.212e.cb0c, irq 5
 6: Ext: TenGigabitEthernet8/0: address is 001b.212e.cb4d, irq 5
 7: Ext: TenGigabitEthernet8/1: address is 001b.212e.cb4c, irq 11
Licensed features for this platform:
Maximum Physical Interfaces  : Unlimited
Maximum VLANs                : 250     �
Inside Hosts                 : Unlimited
Failover                     : Active/Active
VPN-DES                      : Enabled �
VPN-3DES-AES                 : Enabled �
Security Contexts            : 2       �
GTP/GPRS                     : Disabled�
SSL VPN Peers                : 2       �
Total VPN Peers              : 10000   �
Shared License               : Disabled
AnyConnect for Mobile        : Disabled�
AnyConnect for Linksys phone : Disabled�
AnyConnect Essentials        : Disabled�
Advanced Endpoint Assessment : Disabled�
UC Phone Proxy Sessions      : 2       �
Total UC Proxy Sessions      : 2       �
Licensed Cores               : 8       �
Botnet Traffic Filter        : Disabled�
This platform has an ASA5580-40 VPN Premium license.
Serial Number: xxxxxxxxx
Running Activation Key: xxxxxxxxxx xxxxxxxxxx xxxxxxxxxxxx xxxxxxxxxxx
Configuration register is 0×1
Configuration last modified by enable_15 at 12:48:07.748 PDT Wed Apr 20 2011

Posted in CISCO Firewall ASA, Security | Leave a comment

Vmware VCP 5

I have completed VCP 5 successfully!.

I got interesting and very rare question and I would like to share whatever I remember from that question.

1. What is Agent Virtual Machine?
      1. Don’t Remember
      2. 1 to 1 connection with Client VM
      3. Tied with ESXi host
      4. Dont Remember

I am giving some of the link for reference..

Posted in Virtualization, Vmware | Tagged , | Leave a comment

ESXi 5 – Logging Information – locations /porpose

 Logging Information – locations /porpose

VMkernel Logging:
• Location: /var/log/vmkernel (ESX Classic) or /var/log/messages (ESXi)
• Purpose: This log file contains informational messages, alerts, and warnings for various pieces of code that execute via the vmkernel. It also contains log entries dumped from module logging (Qlogic, Emulex, S/W iSCSI, etc)
• Iterations: By default, this log has 36 rotations excluding the base log (vmkernel to vmkernel.36)
• Related logs: Alert and warning VMkernel events are copied to /var/log/vmkwarning

Service Console Logging (ESX Classic)
• Location: Various logs under /var/log/
• Purpose: These logs would also appear in RHEL and contain the same type of log information you would expect from that OS (aside from vprobs in ESX 4.0)
• Log files: boot, secure, messages, rpm, etc

Hostd Logging:
• Location: /var/log/vmware
• Purpose: This log contains entries from hostd operations including NFC (network file copy) operations.
• Iterations: By default, this log has 10 rotations which wrap (hostd-0 to hostd-9). Pay attention to the timestamp of the log to determine which log you wish to review

Vpxa Logging
• Location: Various logs under /var/log/vmware/vpx
• Purpose: This log contains requests/communication between the host and vCenter or vCenter and the host
• Iterations: By default, this log has 10 rotations which wrap (vpxa-0 to vpxa-9). Pay attention to the timestamp of the log to determine which log you wish to review

Esxcfg-boot Logging:
• Location: /var/log/vmware
• Purpose: This log contains esxcfg-boot command information and results from the esxcfg-boot command when it is run.
• Iterations: There are 4 log iterations

Posted in Virtualization, Vmware | 1 Comment