Cisco Firewall :: FWSM 3.2.6 / Unable To Access From Switch Console
Aug 15, 2011
I am having FWSM in active /standby mode deployed on two different cat 6k chassis. Unable to access the fwsm module from switch using ' session module mod_no processor 1 ", it throws error " % telnet connections not permitted from this terminal" Running Version 3.2.6 on fwsm, Cat 6k is running 12.2.33.SXH1,
switch#session slot 3 processor 1
The default escape character is Ctrl-^, then x.
You can also type 'exit' at the remote prompt to end the session
% telnet connections not permitted from this terminal
---------------------------------------------------------------------------
have allowed telnet on line vty, configuration on Line vty is simple allowing all transport protocols
line vty 0 4
exec-timeout 5 0
transport input all
transport output all
line vty 5 15
exec-timeout 5 0
transport input all
transport output all
View 3 Replies
ADVERTISEMENT
Dec 27, 2012
I have 2960 switch and i can't access it using my console cable .I can access other switches in my network ( 3560 & 2960 ) but i can't access only this switch.may be the console port in the switch damaged? or it's a bug ?? !!! although the switch is worked normally.
View 11 Replies
View Related
Apr 13, 2011
I am having two dc switches with FWSM modules installed. DC switch1 FWSM (Ver 3.2(12) is wokring as active and Secondary DC switch2 FWSM (ver 3.2.(12) is in standby mode.
From yesterday I am trying to login primary FWSM, It is accepting my username and credentials but prompting again for username please refer below
DXB-DC1>session slot 5 p 1The default escape character is Ctrl-^, then x.You can also type 'exit' at the remote prompt to end the sessionTrying 127.0.0.51 Open. [code]
View 1 Replies
View Related
May 2, 2012
I have linksys ADSL Router which is having one line port for Phone Line and 4 Ethernet Ports.The Router IP is 192.168.1.1. When i connect this Router through one of its Ethernet Port to one of the Network Point(which is DHCP enabled)is working fine. I get the IP 192.168.3.x from my existing DHCP not from the ADSL Router which is enabled.Secondly, Although i can Ping the Router IP 192.168.1.1 from Wifi client 192.168.3.X, But when i try to open the Router Console a Login window open and is says " your are trying to access the Router in an insecure ways and it doesnt not authenticate ID and PWD.When i directly connect Router to my Laptop then am able to do so.
View 1 Replies
View Related
Apr 9, 2013
I can access the web console, and also have telnet access but only to a VT100 menu system - How do I access the full console command prompt (without using the serial console connection)?
View 4 Replies
View Related
Jan 4, 2013
I can not access the switch through the console. The web interface is working properly.
Model: SRW224g4
Below some pictures. The Hyper Terminal settings. Error:
View 6 Replies
View Related
Feb 17, 2012
I have 2 modules of FWSM in 6500 switch (failover). I need 5 context. When I use in routed mode (like in the picture) , I cannot ping the servers behind the firewall. (I have ping to FW context) In transparent mode, it is not happening.
View 1 Replies
View Related
May 2, 2012
My Linksys Routers IP is 192.168.1.1 am unable to access the console, although i changed the computers IP 192.168.x.y. i have tried by Hard Resetting the Router but still the same?
View 1 Replies
View Related
Jan 18, 2013
Although I hasten to point out that I have owned and used an 'IBM' type PC since 1988 and have always managed to get things configured correctly until NOW!
Apart from the last time I tried to use a Linksys product. I had the WRVS4400N recommended to us by a friend as we run a small FTP server to share promotional materials amongst sales operatives around the world, wanted to protect it from intrusion and was told that a Cisco Linksys product with a VPN was the way to go.
I duly purchased a WRVS440N and have been trying to log into the admin console via both browsers (IE9 and Google Chrome) that are installed on a laptop running Win7 which in turn is the only thing connected to the stated device via ethernet port 1... I have tried accessing it via http://192.168.1.1 and have even tried a suggestion from another forum to try https://192.168.1.1 - this only results in my being told that the address does not have a trusted certificate and I even tried every suggested workaround...
I have tried all kinds of reset periods from 10 seconds to a minute, both hot and cold and each time the result is the same - I type in 'admin' and 'admin' in the appropriate boxes and the dialogue box continues to return to the browser window with empty fields...
The shame is that I have managed to re-flash a BT Voyager 190 ethernet modem successfully with DynaLink v3.29a firmware (which allows it to be used with any ISP besides AOL [for whom this modem was solely intended]) and can set it up as a DHCP server, non-DHCP with a single link to another server or non-DHCP and no link.... The point is the modem works... I'm using it right now to type this! We have a single static IP from our ISP and the BT modem is working just fine (as is the TP-Link wireless modem/router that the WRVS4400N was intended to replace)... there are other options in it's firmware for port forwarding, etc and I'm convinced that it wil be adequate for use in conjunction with the WRVS4400N.
I have to concede that the WRVS4400N was not sold to us as NIB; it was sold as re-conditioned and was shipped to or via Ingram Micro Distribution from Cisco Systems, Veldweg 3, Herkenbosch 6075 NL (Holland) via UPS on or about the 31st of July, 2012... there is a shipping label on the original packaging that tells me that so it has in fact been back to Cisco at some point and for some reason.
View 3 Replies
View Related
Jun 17, 2012
It is my understanding that the FWSM for the 6500 series switches uses a 6 port Etherchannel on the backplane to communicate with the 6500 series switch.Can you shutdown vlan1 on the switch and still communicate with the FWSM? I was under the impression that you could not (although I am looking at a config with it shutdown)
View 1 Replies
View Related
Dec 6, 2009
I am trying to make the multicast working between few hosts inside a single vlan. Host are running mysql cluster and Multicast is used to send master/slave status information to the IP 228.10.10.10 on port 45566.The vlan is defined in FWSM and the host are connected via the core-switch(6513). (hosts-->core-sws--->fwsm)I have tried searching the documentation, but couldn't find specific info to enable multicast between hosts residing in same vlan. FWSM is running code 3.1(4). since the hosts are residing in the same vlan, I am thinking of applying the <multicast-routing> just for that SVI in FWSM.
View 6 Replies
View Related
May 7, 2013
We are having a hard time to console into to the APs using the serial connection (USB to serial converter).We have tried the recommended settings (9600, 8 bits, no parity, 1 stop bit, no flow control (also tried XON/XOFF)) without any success.We are able to connect to 3560 series switches and 5508 WLCs using the same cables, notebook and application (putty, hyperterminal & secureCRT).
View 4 Replies
View Related
Jan 11, 2012
I not able to access cisco 2811 router (AC operated) through console port when I try to access it by selecting COM Port, but I able to access by selecting the TCP/IP option.
View 5 Replies
View Related
Mar 14, 2012
We are running a FWSM and have created ACL's for a new Lync install. One of the rules needs to have port 5061 access from any source to our front edge server for communication. When looking at the logs I see a hit on the ACL but nothing ever actually connects.
One possible issue I see is possibly in the inspect:
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect sqlnet
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect pptp
class class_sip_tcp
inspect sip
In the inspect sip this is only for port 5060. How do I set this up to allow port 5061?
View 1 Replies
View Related
Mar 6, 2011
I need to enable Management access to FWSM using CA ssl certificate.
FWSM Version 3.2(5) in Cisco 6509 switch.
Got to know how to generate, import and export certificate but my query is how to get it applied to the management ip do i need to apply in the management interface.
View 1 Replies
View Related
Apr 24, 2012
Today i received FWSM from cisco (RMA), I need to configure it as standby unit for existing FWSM active/standby setup.
IOS on RMAed FWSM is 2.3.4 and cisco VSS supports FWSM IOS 4.0.4 and later.My issue is, I cannot access FWSM (IOS 2.3.4) via session command from cisco 6513 but could successfully consoled it without any problem. I have reloaded it twice and also tried to disable and enable power on it.
VSS#sh module switch 2
Switch Number: 2 Role: Virtual Switch Standby
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
2 6 Firewall Module WS-SVC-FWM-1 -----------
[code]....
why I cannot access FWSM through session command ?Whether this is because of older IOS ? If yes then how to upgrade its IOS ?Is it possible to upgrade IOS via FWSM console ? if yes, Do i need to test on different slot ?
View 2 Replies
View Related
Jun 14, 2011
we have two pix535 one is ur other is FO license.
once a time i found can't access FO pix535 console, i'm sure console cable is ok. when i unplug failover serial cable from FO pix535, i can access pix 535 console.
View 3 Replies
View Related
Feb 9, 2012
I have an asa 5585x cluster. I get ssh access but no console access on the standby unit.
On the active unit, when I try console access, ASA ask for a password. I have tried all the one that I have configured, but without success.
View 5 Replies
View Related
Dec 10, 2011
I am trying to remove a line in a particular access-list configured in a FWSM module using this command "no access-list <acl> line 19 x x x x" but it doesn't work. See below:
FWSM/xxx03(config)# no access-list ?
configure mode commands/options:
alert-interval Specify the alert interval for generating syslog message
106001 which alerts that the system has reached a deny
[code]...
How can I remove a line from the access-list without clearing the entire access-list?
View 3 Replies
View Related
Feb 11, 2013
i have been facing this problem as i cannot see any log messages via my console port,except by looking at logs manually by "show log" command,
View 3 Replies
View Related
Nov 17, 2012
I have a vlan defined in FWSM for server farm there is a one server with two IP addresses and teaming has done on it how ever from FWSM i am able to ping both IP addresses but from core 6509 switch i am only able to ping one ip address. from FWSM show ARP command displays the same virtual mac addresses against both IPS of the same server.
View 2 Replies
View Related
Aug 9, 2012
I have a 6513 with redundant sup 720-3B's that I cannot get onto. In short, one of the power supplies failed, it still passes traffic but I can't console or ssh to the box. Other than the two sup 720's, I have a 4 port 10gig card, a 16 port GBIC Card and an IDS module. I have tried removing the 10Gig, IDS and one of the sup's but still don't get anything on the console. I have rebooted the entire chassis and don't get anything on my console while booting. I have tried changing the speed of my terminal to every setting available incase someone has changed it at some stage but to no avail. I have tried swapping sup's, using only one at a time in the chassis but not getting anything. Is there anything else I can try to get onto this chassis? The power supply is a 3000w with a 32amp input. The failed power supply had tripped a switch, when i brought it back up, the power supply came out but the output failed LED is on. My #questions are, is there anything else I can do to try get onto the console, and is the power supply goosed when the RED LED is lit? I have reseated the power supply also but the same result.
View 2 Replies
View Related
Jul 9, 2012
We are having a problem with our ACS and switch configuration.Basically if the switches lose connectivity to the ACS server the switches completely lock up, you can’t even console onto the switches.We want them to use the fall back username and password when this happens.
View 1 Replies
View Related
May 3, 2011
We have 2 FWSM modules in each 6500 switches. 1st module is having 04 firewall vlan groups with 18 vlan interfaces in a single context firewall. All are working fine with no issues. Recently we create one more vlan on MFSC and add into the same firewall module. However newly created vlan inside the FW is not able to communicate with outside and also outside users not able to reach newly created subnet. But within the firewall zones (other interfaces) it can communicate. Once we did packet capture we noticed that its hitting firewall outside interface only and when we ping we got TTL expired error. we have default routes to outside and there's no any route inside as new segment is within the firewall (no any hop).
I guess there's no limitation on number of vlans that we can assign on one firewall eventhough there is a limitation for number of vlan-group which is 16 max (but we are within that limit).
View 2 Replies
View Related
Mar 9, 2007
how to configure FWSM module in cisco core switch 6500
View 2 Replies
View Related
Feb 26, 2013
I have some problem with the ASA 5510 ver 7.0(6). My manager wants to keep this as backup. tried lots of things but still users not able to access internet nor can i ping anywhere.For example when i ping 4.2.2.2 i dont get any reply.The runing config is below for ur ref :
HQ-ASA-01# show running-config
: Saved
:
[Code]......
View 9 Replies
View Related
Feb 24, 2011
I have a normal setup of ASA5505 (without security license) connected behind an internet router. From the ASA5505 console I can ping the Internet. However, users behind the Firewall on the internal LAN, cannot ping the Internet even though NATing is configured. The users can ping the Inside interface of the Firewall so there is no internal reachability problem. In addition, I noticed that the NAT inside access list is not having any hit counts at all when users are trying to reach the internet.
When i replace the ASA5505 with a router with NAT overload configuration on it, the setup works normally and users are able to browse the internet.
The ASA5505 configuration is shown below.
hostname Firewall
interface Ethernet0/0
description Connected To Internet Router
switchport access vlan 10
[Code].....
View 2 Replies
View Related
Jun 2, 2013
I want to configure my SRW248G4 switch thru console port. Unfortunately in this switch there is no RJ45 console port input, I can only see cosole port that is look like RS232 input. I bought two standard cisco console cables that have one end with db9 and one with RJ45.
Now I have and idea to put one end of one cable (db9) to switch, and one end (db9) of second cable in my computer (COM input/output)
I need to connect two RJ45 together - this is not a problem, I know how to do this. Here is the question :I know how pinout in my computer look like but i can't find pinout of console port in my SRW248G4. There is many pictures in Internet, for many Cisco devices but this isn't working. Maybe in LINKSYS pinout look different ?
View 3 Replies
View Related
Nov 13, 2011
I have a client whom has asked me to enable web management on some of his 2960 switches. I did not think this was going to be an issue, and so I told the customer I would set this up for him.
Much to my dismay, I have been able to get http and https enabled, and then authenticating locally for the HTTP access. I then come to the screen once authenticated which is shown below:
The issue is that when I select "Web Console", it gives me a "Web Page Cannot be found".
View 11 Replies
View Related
Mar 18, 2013
I can't connect to the console of switch cisco sge2010, I tried several console cables and none worked for me, I followed step by step manuals and nothing.
Also try the web 192.168.1.254 according to the manual but when I connect from the laptop to do ping to the switch doesnt work.
View 3 Replies
View Related
Mar 1, 2012
I am going to purchase SF 300 24p POE Switch and if this Switch supports the configuration via console? As i have ESW-500 Series switches and it does not support console.
View 4 Replies
View Related
Sep 10, 2012
I have stack of 2960 S switches.I can console only from Master not from memember switches is this default behaviour?
View 1 Replies
View Related
Jan 25, 2012
I use a C2950-24 switch, with IOS 12.1(22)EA12 release.When I try to connect in console mode, I can see the "Press RETURN to get started!" message, but it's not possible to me to have the # prompt.An "authorization failed" message is displayed. And the same message is prompted.
I try to recover password by following the recovery procedure. After the boot command, I never see the message "Continue with the configuration dialog? [yes/no]: ".
View 6 Replies
View Related
