Cisco AAA/Identity/Nac :: 3550 - ACS 5.1 With 802.1x IP Refresh
May 30, 2011
I have 802.1x configured on a 3550 switch with ACS 5.1 acting as the AAA policy server.
My problem is this. When my computer boots up, ACS authenticates the machine to AD slapping me in a guest VLAN with limited access to the network. Once I login though, I reauthenticate to AD via ACS which then puts me into an employee VLAN but my IP address doesn't refresh automatically. I have to run ipconfig /renew to get my IP in the correct VLAN or write a logon script that does the same thing everytime I log in.
Is there anyway for this to be done automatically outside of writing a logon script?
View 9 Replies
ADVERTISEMENT
Apr 29, 2012
I'm doing some testing with ACS server on my windows box and I can't seem to get a barebone radius authentication to work with ACS internal users. I tested the same configuration with TACACS and it works fine, so there's something missing or misconfigured in my setup.
I have a cisco 3550 switch that I want users to login using their ACS username/password.
SW1
username cisco password 0 cisco
username admin password 0 admin
[Code].....
View 2 Replies
View Related
Apr 20, 2005
I am configuring TACACS Authentication on Cisco 3550 switch .It has Version 12.2(25)SEA IOS image. A strange thing is happening, whenver I am enabling AAA new-model on this switch, and then after enabling I see ruuning-config . It shows me this
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
no tacacs-server directed-request
tacacs-server key 7 xxxxxx
radius-server source-ports 1645-1646
* included here to hide the specific information I dint specified any RADIUS server , why it is showing me radius-server source-ports 1645-1646 after enabling AAA New-Model As soon as i give "no aaa new-model", this parameter also vanishes. I think this is the only reason I am not able to do tacacs authentication.
View 9 Replies
View Related
Oct 14, 2012
After some time LMS stops to refresh network topology (not changing colors for devices which lost/found). However, if I restart topology services devices are refreshed.
Checked the processes. Everything is fine but there is a process named "1018". But I did not found any job with this number.
View 2 Replies
View Related
Feb 27, 2013
The various setup pages of the RV220W router have an auto-refresh interval. I can change the interval from the default 10 seconds to 60 seconds maximum.I cannot change the Dashboard to different than 10 seconds.Every time I try to work with these pages, they black out and refresh, stopping my work.How do I change the Dashboard auto refresh interval to 60 seconds?Can I change all the auto refresh intervals to 10 minutes?
View 2 Replies
View Related
May 20, 2013
I am working on a wlc 5508 in a lab environment doing snmp reporting & i was wondering if there is anyway to after the timing on how quick the snmp traps appear on the trap log page? I have looked through the gui but cant seem to find anything, so not too sure if there is a cli command, the traps come in very quickly on the nms way before they appear on the trap log page.
View 1 Replies
View Related
Mar 10, 2011
I've been having a problem with my wireless network connection. Whenever I try and hit the Repair function,it will get stuck on Renewing your IP address for a moment, then change to: Windows could not finishing repairing the problem because the following action cannot be completed: Connecting to the wireless network. I have internet connection on this same computer.Another point to make is that when I click Repair and navigate to the Network Connections window, then hit F5 ( refresh the window ), the wireless connection will quickly refresh and connect normally without error.I won't have to open the Network Connections page and hit F5 anytime I need to repair the connection? Also, as of right now, it's still "Acquiring network address" even though I'm connecting and typing this message.
View 10 Replies
View Related
Mar 14, 2012
I have a customer that have trouble with the update of the position of a client. Even if the clients walks across the whole building, the client will stay at the same place for several minutes. Is there any way to tune the refresh rate? When I push the load button in the map, the clients position will refresh, or it did when I was on the site, now they just test with an application.
The setup:
WiSM 7.0.220
WCS 7.0.220
MSE 7.0.220
They use the API for MSE to get the location information to the external application, and that will show the information on a cisco 7925 IP phone.know a way to increasing the refresh rate?
View 3 Replies
View Related
Jun 28, 2011
when using SNMP on our cisco 3845 the traffic logs are set to refresh every 1 second but the data seems to come in 5 sec burst.so does not some a real time status of the interface throughput.
View 2 Replies
View Related
Jun 2, 2012
I just got an EA3500 and I guess I don't understand what "Refresh" does when viewing the DHCP client table under the "Status", "Local Network" tab of the web interface, either that or it's not working. If I have active wired and wireless clients and I power off the EA3500, wait a few minutes, then power it back on, the table is blank. If I hit "Refresh" I would expect it to re-populate the table with the connected clients. For whatever reason, it doesn't. I have to physically disconnect and reconnect the E-net cable, or power cycle the wireless client to get them to reappear in the table. Is something wrong with the router or its s/w
View 9 Replies
View Related
Sep 27, 2011
Cisco 3550 and when I do a sh int fa0/1 and the status does not show last input or last output. Is a 3550 have a configuration that needs to be set?
View 0 Replies
View Related
Feb 13, 2013
Where would I find instrutions on how to import CA certified identity SSL wildcard certficate ( like *.company.net - ) in ASA?,The CSR for the wildcard certificate was not generated out of the ASA unit.
View 1 Replies
View Related
Mar 24, 2013
I have a Catalyst 3550 switch and 2610XM router connected with an ethernet cable. Currently I cannot get the port on the switch to open (lights are dark.) I run 'no shut' on the port (#13) but nothing happens. If I unplug the cable to the cisco router and plug in a Netgear router (that leads to the internet) into the same port, the port flickers amber for a while, then flickers green from then on.) I switched the cables, both work fine when connected between the switch and the Netgear router.
This was working at one point a couple of days ago. I had the Netgear router plugged into another port on the switch and could ping from the cisco router through the switch to the Netgear router. I thought I had figured things out, but a reboot disavailed me of that notion. (I know, I guess I didn't save my configuration, but I obviously still need to understand more, so its better that I didn't.) (I guess.)
When the problem is occuring, the below is what I am seeing on the two devices.
ROUTER status
====================================
FastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is 0017.9583.b740 (bia 0017.9583.b740)
Internet address is 192.168.1.90/24(code)
View 3 Replies
View Related
Jan 13, 2011
I have a 3550 I can boot into rommon, when I type flash_init the switch freezes and shows a weird ASCII character?
View 4 Replies
View Related
Dec 1, 2011
We have cisco 3550 switch i have configure 3 vlans in this switch. i have enable routing between this vlans but vlans not able to communicating with each other.
View 2 Replies
View Related
Oct 21, 2012
I have ASA config with DHCP and its providing IP to users. ASA is connected to 3550 switch it has direct connection or say default static route. From 3550 switch connection goes to Router and it does the NAT and has connection to outside world.
My question is do i need to configure the NAT inside and global (outside ) on the ASA or not? As per my understanding NAT is done by router which has connection to ISP.
View 11 Replies
View Related
Jul 6, 2008
In our network, we have a 3550 Switch in which the CPU Load is increasing and then decreasing. sometimes it raises to 100%. but there was no traffic during that time.
View 2 Replies
View Related
Jan 22, 2012
I finished the CCNA and CCNP classes last year but due to wife/school/excuse I did'nt have time to buckle down and study for the tests. So since time is flying buy and I got my new desk set up I figured I would set my lab up and get cracking.
On top I have a a Pix 506 and a 1900 switch. I need to find at least two more switches, hopefully 3550's or something close.Then I have 5 2600's with an assortment of cards, but I would like to replace most of them to either WIC 2T or HWIC 2FE's.
Not shown on the bottom are 2 2500's that will be configured as Frame Relay switches. I have a 3600 sitting on my bench in the shop and I was hoping to get something I could configure as a terminal server as well. I have GNS3 on my lab box and was planning on getting another network card and tying it into the hardware lab.
View 6 Replies
View Related
Jul 24, 2012
The situation include 2 cisco routers an 2 switch 3550
so we have Router A in Vlan x access ----->Sw1----Trunk----Sw2<------Vlan y Access Router B I 've to enable rip1 on guys A and B ONLY !!! Avoiding any kind of tunnel I though it was all around fallBAck bridging ... but after days of tries ...
View 3 Replies
View Related
Oct 25, 2011
We're looking at implementing a new phone system which will use voice over ip. Currently we have a mixture of Cisco 3750 and Cisco 3550 switches which don't support power over ethernet. Its been suggested we could continue using the current switches and power the new phones using power adapters.
Int terms of implementing qos (we don't have any at the moment) for the voice will a Cisco 3550 be OK and will having a mixture of different models using 3550 and 3750 pose any challenges with the qos policy for the voice. I believe there are differences in that the Cisco 3550 doesn't support srr-queues but having little experience with qos I'm not sure what impact this will have if any?
View 1 Replies
View Related
Oct 31, 2011
I am having issues working on my QOS between 4510 and 3550 switch connecting on layer 3 through a service provider. I have class maps and policy map setup on both sides and then policy map attached to interfaces however i dont see any traffic matching in policy map on 3550 switch, i do see some traffic matching on 4510 but the speed with which its increasing has my doubts about it. When i make voip calls ( VOIP switches are sitting behind 3550 and are mainly 3550 pwr 24 port switches with phone ports configured for auto qos voip cisco-phone and trusting cos) i rarely see the RTP matching in class under policy map.
View 5 Replies
View Related
Dec 26, 2012
We have a customer who has a network consisting of two ISPs, one as a primary and the other as a backup. The customer would like us to use HSRP for the failover. The problem is the customer wants the configuration done with the two ISP routers connected to a 3550. He is under the impression that it can be done this way. ISP 1 []--------[_]3550------[] ISP2. From my understanding of HSRP can only be done with Cisco router and not ISP routers.
View 3 Replies
View Related
Dec 7, 2010
We need rededunt uplink in Cisco 2960 from Cisco 3550 , one uplink is primary and one is for backup.As per current scenerio one uplink in Cisco 2960 interface fe0/1 from Cisco 3550 int fe0/1 through OFC cable configuration 2960 int fe0/1 interface fe0/1desciption *** Connect to Cisco 3550 port 1 ***switchport mode accessswitchport access vlan 2spanning-tree guard loop Configuration Cisco 3550 int fe0/1desciption *** Connect to Cisco 2960 port 1 ***switchport mode accessswitchport access vlan 2spanning-tree guard loop We have facing the problem when OFC cable down , so now we are considering anather OFC via anather route to connect same Cisco 2960 Switch in Fe0/2 from Cisco 3550 int fe0/2 so when primary uplink goes down then backup uplink which is connect to Cisco 2960 fe0/2 from Cisco 3550 fe0/2 it's up.what is the command we need configure as per my require in both the Cisco 2960 and 3550 swith in interface and global mode also.
View 10 Replies
View Related
Jan 17, 2013
im trying to install a ios 12.2v on my switch. when the screen prompt it does not show me the user move symbol " SW1> ". all i see is " SW:" and from there i can not enter the commands to download from tftp server !
View 7 Replies
View Related
Nov 23, 2011
I am using 3550 with c3550-ipservicesk9-mz.122-44.SE6.bin. Have successfully run ipv6 commands on global and interface, however getting below error while configuring "ipv6 router ospf 1" :SW1(config)#ipv6 router ospf 1 % Failed to create routing protocol ospf
Command syntax help says its configurable but its not configuring ipv6 OSPF.
View 3 Replies
View Related
Mar 24, 2005
i have a 3550 catalyst and i configured it for bandwidth controlling i have used POLICE command its work fine and i saw it limit the bandwidth but there is a little problem when i limit the bandwidth at 1024000 and i useing all the bandwidth and monitor the bandwidth i see it shows the network uses half bandwidth.
View 6 Replies
View Related
Jan 27, 2011
How to scan with tcp/ip setting with hp 3550?
View 1 Replies
View Related
Dec 5, 2012
I currently own 3 Dlink DWL-3200AP that are setup on MultiSSiD with Vlans 1 and 2. I just picked up 3 Cisco 3550 layer 3 switches. I also own a Cisco ASA 5505 (acting as a router) which is connected to the internet. The 3 switches are connected using the GiBi connectors to each other. They are across the campus from each other, one switch is in the room of the router. Each switch has 1 of the Access points on them.
What I am trying to do is setup the switches to take SSiD 1(Vlan1) to have access for the entire network and have SSiD 2(Vlan2) just hit the router for internet.
I have all static IP's setup on the SSiD 1(Vlan1) connections, and I want to have a DCHP server for the SSid 2(Vlan2).I setup in the Cisco Network Assistant, for the 3550's to have VLAN 1 be port 48 and VLan 2 be port 47 going to the router.
What is currently happening is that if I connect to the SSiD1(Vlan1) I can access all of the switches and the router no problem. When I connect to SSiD2(Vlan2) I cannot connect to anything, ping or otherwise. I figure it might be something in the Access Point but at this point I am hitting my head on a wall trying to figure out what is going on.
View 7 Replies
View Related
Jan 27, 2013
I've configured all my devices in the lab to use 115200 baud rate, so I can speed things up a little at the console. For whatever reason, I can't get my 3550 to save the 115500 baud rate. I power on the switch, hold the mode button, at the switch: prompt I type 'set BAUD 115200' followed by a reset. I power the cycle the switch once more, yet it still holds at 9600. I did the same process on my 3560's and it worked like a charm.
View 3 Replies
View Related
Feb 21, 2011
we are using the catalyst 3550 L3 for BGP routing. For e.g. Gi 0/4 is our internal interface tha we want "switch".
We need on Gi 0/5 the same network that is on gi 0/4.
How is it possible? Make it like a 2 port mini switch. Or make a bridge of these 2 interfaces without any complicated reconfiguration needed?
View 2 Replies
View Related
May 15, 2013
I would like to know how to stack 2 switch cisco 3550 that IOS C3550-ipservicesk9-mz.122-44.SE6
View 3 Replies
View Related
Aug 30, 2012
we have two core swiches 6506 and around 55 cat 3550 switches. currently we are on the process of replacing the cat 3550 switches to 3750 switches.We need 10/1000/1000 speed, ip base image with upgrade options. Our up links from cat 3550s(sfps) are single mode and dual mode fiber mode with 1 gbps ports on core switch.
At present we are not upgrading to 10 gb modules on core. Spread over 15 floors each floor needs 2 up links(single mode , and dual mode). since cat 3750 sfps are smaller in size existing gibics cannot be used. Looking for the best option of cat 3750 switches with 1 gb up links which can be upgraded to 10 gb later when we replace the modle on core. Requirements:
1- Cat 3750 switches 55 in no with sfps for 1 gb up link (dual mode fiber and single mode fiber)
2- stacking option
3- 10/100/1000 speed
4- ip base image upgradable to ip service image
5- ipv6 compatibaility. Network is spread over 15 floors so from each floor we need two sfp up links 1 gbps using dual mode and single mode
-6-Should be upgradable to 10 gb in future when we upgrade the core modules
Or is it better to go for 10 gb module in core as well as edge switches ? if so what should be the modules?
View 13 Replies
View Related
Jun 11, 2008
I have one 3550 switch and i upgraded from 12.1 to 12.2(44)SE . But "tclsh" command is not enabled on this version. As per Cisco, 12.2(25)S is enough to enable TCL interpreter.
View 5 Replies
View Related
