Manualshelf

Installation guide

ManualsBrandsCisco ManualsComputer equipment1805-D - 1805 Integrated Services Router
21222324252627282930
26
Release Notes for Cisco Configuration Professional 2.7
OL-29505-01
Important Notes
Step 10 Copy the configuration changes to the startup configuration by entering the following command:
yourname# copy running-config startup-config
When logging in to the router in the future, use the username and password that you created in Step 6.
Cisco Configuration Professional Merge and Replace Configuration Functions
Fail Under Some Conditions
The problem described here is caveat CSCsj21989. If you attempt to merge configuration changes made
using the Cisco Configuration Professional Config Editor feature, or replace the running configuration
with a configuration from the Config Editor, the router configuration will not be changed if there is a
network device with a Network Address Translation (NAT) IP address, or a cache engine in the
connection between the PC and the router. If you need to make changes to the router configuration that
you would normally make using the Cisco Configuration Professional Config Editor, use the Cisco IOS
CLI instead. Cisco Configuration Professional Security Dashboard may display threats unrelated to your
Cisco IOS IPS installation
Some (or all) of the top threats you obtain using the Cisco Configuration Professional Security
Dashboard may not pertain to your Cisco IOS IPS installation. After you deploy the signatures
applicable to the top threats displayed by the Cisco Configuration Professional Security Dashboard, the
dashboard may still display some (or all) top threats with a red icon because applicable signatures are
not found. Those remaining top threats are unrelated to your Cisco IOS IPS installation and are not a
danger to your router running Cisco IOS software.
Cisco Configuration Professional May Lose Connection to Network Access
Device
This note concerns the Network Admission Control (NAC) feature.
If the PC used to invoke Cisco Configuration Professional returns a posture state (Healthy, Infected,
Checkup, Quarantine, or Unknown) and if the group policy on the ACS server attached to the posture
token assigned to the PC has a redirect URL configured, the connection between Cisco Configuration
Professional and the router acting as the Network Access Device (NAD) may be lost. The same problem
can occur if an exception list entry attached to a policy with a redirect URL is configured with the IP
address or MAC address of the PC.
If you try to reinvoke Cisco Configuration Professional from this type of PC, you will not be able to do
so because the browser will be redirected to the location specified in the redirect URL.
There are two workarounds for this problem:
Ensure that the PC that you use to invoke Cisco Configuration Professional attains a posture token
that has an associated group policy on the ACS server that is not configured with a redirect URL.
Alternatively, use Cisco Configuration Professional to create a NAC exception list entry with the IP
address or MAC address of the PC you use to invoke Cisco Configuration Professional. Note that
the exception list entry created for the PC should be associated to an exception policy that does not
have a redirect URL configured in it.
For more information, see the links on the Cisco Configuration Professional NAC online help pages.