Cisco Switching/Routing :: 2911 - Capture User Who Execute Telnet / Show Line In Log?

Jan 21, 2013

We are running in our DC one of the  CISCO 2911 terminal server which is connected with HP ARC sight logger.
 
it is possible to capture user who execute ‘Telnet” or “show line” in the log, I mean all the command entries by user.
 
How to enable any config on 2911.

View 11 Replies


ADVERTISEMENT

Cisco Switching/Routing :: 6500 - Show Platform Capture ELAM Asic

May 29, 2012

I know that an ELAM can be setup on a 6500 running ipservices 12.2(33)SXJ, however I noticed that following commands are not available on a 6500 router running advipservices 12.2(33)SXJ:show platform capture elam asic etc
 
So I wanted to know if there is an alternate way to setup an ELAM for troubleshooting purposes?

View 1 Replies View Related

Cisco Switching/Routing :: Telnet Can't Login 2911 Router With Private Address

Jan 7, 2013

We have a cisco 2911 router configured with password for telnet login, but I always failed to login use telnet, does any one know any place need to be modify?

View 6 Replies View Related

Cisco :: ASA 5505 NAT - Execute The Ping It Will Show Timeout?

Dec 5, 2011

I have setup this firewall with a NAT, everything seem fine. I try pinging from my external translate IP to the internal IP address, on the ASDM Log i can see the traffic built and teardown but on the PC i used to execute the ping it will show timeout. My configuration as belows:

interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.10 255.255.0.0[code]....

View 3 Replies View Related

Cisco Switching/Routing :: Can't Execute (ip Wccp Redirect Out) On 3750 Switch

Mar 13, 2012

Today, my customer have 1 project that have to deploy Cisco 3750 to redirect wccpv2 to  Websense Security Gateway.However, i can't excute "ip wccp redirect out" on Cisco Catalyst 3750.

View 5 Replies View Related

Cisco :: Line Usage In Case Of Show Line On 2500 Series?

Oct 10, 2012

Cisco 2500 series access servers show line usage with the "show line" command:

View 2 Replies View Related

Cisco Firewall :: ASA 5505 - How To Store Show Capture Word Output

Apr 16, 2011

I have a cisco ASA 5505 . I need to store " show capture 'word' ( where is a variable) output  to syslog server for analyzing packet and port  .

View 2 Replies View Related

Cisco Switching/Routing :: 3750 - Show Interface Vlan (ID) Doesn't Show In / Out Traffic Rate

Mar 13, 2013

I have configured a vlan interface on a 3750 switch. there is aprox 4Mb active traffic flowing through the interface, but when I do a "show interface vlan (vlanid)" the output show zero bits in and zero bits out. Its a typical L3 config with one IP on the vllan interface acting as the gateway for the VLAN devices. Is this a normal behaviur ? and if so is there any way to get the traffic in/out stats. The end PC/devices are connected to this switch via an L2 TRUNK and I dont have access to the L2 switch on which the actual devices connect. so cant get the real time stats of those interfaces.

View 2 Replies View Related

Cisco Switching/Routing :: 2960 Don't Display Logging Trap Informational In Show Running / Show Startup

May 27, 2012

Facing issue with 2960G switch , where its do not display "logging trap informational " in show running and show startup .where its showing all other levels from 0 to 5 and 7 after configuration and save commands. [code] after config getting saved , it do not shows in show runn or in show startup while for all other levels it do show the config lines .I tried the same on 12.55.SE release also but its same results . Is this a limitaion of this platform, is there any doc explaining the same for reference. [code]

View 1 Replies View Related

Cisco Switching/Routing :: C6509-E / What Is Mean That Is Packet Capture?

Apr 1, 2013

I operate between c6509-E, what did you flooding? its just packet capture gi1/3 but  i dont know it and is it attack?also same seq no switch gots it?what is problem?

View 2 Replies View Related

Cisco Switching/Routing :: 3560x VACL Capture Support

Aug 1, 2012

Is there a way to configure a VACL capture on 3560-x, we need more than 2 SPAN sessions. Feature navigator indicates that this feature is supported but it seems like it's not implemented in the IOS yet.

View 1 Replies View Related

Cisco Switches :: Configure Line Telnet On SG300-10P?

Nov 12, 2012

configure Line Telnet on a Cisco SG300-10P switch.I am in config mode and enters line telnet,but when I do a show line,telnet still are disabled..

View 1 Replies View Related

Cisco WAN :: 2911 - No Conflicts With Multiple Telnet Sessions

Feb 27, 2011

We have a new 2911 that needs to be configured, unfortunately it's at a remote site.  I had installed the following config: [code]
 
Now, I do get a dhcp ip on the G0/0 interface and I can ping it from my remote network and the local router as well as the local lan.  The hands and eye guy is able to telnet from the local lan but I am unable to telnet from either my remote lan or the local router.The only error I receive is "connection refused by remote host".  All lines are clear so I have no conflicts with multiple telnet sessions.

View 8 Replies View Related

Cisco Switching/Routing :: Port Monitoring On A 2901 For Purpose Of Packet Capture?

Jul 26, 2012

I have always done my port monitoring (SPAN) on Cisco layer 3 switches with no issues. This time I am trying to do this on a Cisco 2901 router:

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M2, RELEASE SOFTWARE (fc1)
System image file is "flash0:c2900-universalk9-mz.SPA.151-4.M2.bin
 
I need to have the source port gig0/0 and destination port gig0/1. There is something about the gig port enumeration (slot/port#) that makes the command rejected. It is self explanatory:
 
#sh ip int brie
Interface                  IP-Address      OK? Method Status                Protocol
Embedded-Service-Engine0/0 unassigned      YES NVRAM  administratively down down   
GigabitEthernet0/0         xxx.xxx.xxx.xxx      YES NVRAM  up                    up     
GigabitEthernet0/1         unassigned      YES NVRAM  up                    up     
Serial0/0/0:0              unassigned      YES unset  up                    up     

[code]....
 
It doesn't matter what slot or port number I use, it is always rejected. The command is rejected for Both destination and source gig interfaces. I tried a wide variety of slot/port numbers. To my best understanding the complete port names are: GigabitEthernet0/0 and GigabitEthernet0/1, so why does it think there has to be another digit after 0/0 or 0/1? Does it have anything to do with the Embedded-Service-Engine0/0 being administratively down?

View 4 Replies View Related

Cisco WAN :: 2911 - Cannot Open External Webpages But Ping Or Telnet Is Fine

Dec 10, 2010

I have some issues with router configuration. I cannot open any external web pages, but ping or telnet is just fine. Im using router-on-a-stick scenario. Router connected to LAN trough EtherSwitch module. Config attached.

View 8 Replies View Related

Cisco Switching/Routing :: Nexus 5010 - Capture From Source To Destination Port On Same Switch

May 19, 2013

Basically I am trying to use Wireshark to do a packet capture on a Nexus 5010. I want to do a monitor session on on the switch so I can capture from a source port to a destination port on the same switch. I can configure the source port but when I go to configure the destination port I get "ERROR: Eth102/1/4: Configuration not allowed on fex interface". I have tried to reconfigure this port as a switchport but "switchport mode access" command does not take. I don't want to make any changes to any other ports but this one.

View 1 Replies View Related

Cisco :: 2911 Connecting To A Leased Line?

Aug 3, 2012

I have a cisco 2911 set up at one of my sites and it is configured with sub-interfaces as this provides a default gateway to each of the offices.I have just had a 100mb leased line put in and i have a couple of questions regarding the config.let me start by telling you how it is set up .I have 3 HP Procurve switches connected together then that connects to the Cisco and the Cisco connects to a Zywall

HP Switches > Cisco 2911 > Zywall > Internet

We are wanting to remove the Zywall and connect the Cisco to the Leased line box

HP Switches > Cisco 2911 > Leased Line > Internet

The config of the cisco is

G0/0 - is up but no cable connected as this holds the sub-interfaces
G0/1 - Connects the Zywall - 192.168.1.1 (this has firewall rules to forward traffic through)
G0/2 - Leased Line

The way i have configured the sub interfaces is with its own DHCP pool and default router, some of the offices have there own ADSL router and hold there own Internet connection and the default gateway for that is 192.168.xxx.253 and the offices that use the Cisco use default gateway of 192.168.xxx.254

Now my question is how would I move everyone onto the Leased line and get rid of the Zywall ? Would it be as simple as giving the leased line an address and put in a static route to forward all traffic through that connection ? Or am i missing a trick or 2.

View 2 Replies View Related

Cisco :: Setting Up A Local User But Denying Telnet / Ssh?

Mar 14, 2012

A quick query regarding setting up a local user on a Cisco 2811. I have setup a few users as they need to have remote VPN access into our edge router, this works fine and I'm happy with it. The only thing is that when they come into the office they now have logins to get onto the router, they do not have the enable secret so they can't exactly do a lot (plus I've created them with privilege 0 which cuts a few extra CLI options) but I'd rather not allow them access at all if possible.If they weren't on DHCP then I could setup an access-list but this isn't really an option, I could also set me up statically and deny everyone else, but yet again I'd rather not.Is there anyway to restrict telnet/ssh access based on user alone? So when they put in their login it just boots them out. I could setup something like RADIUS (and therefore remove the local users completely) but I think it will be a bit over kill for the sake of a couple of users.

View 1 Replies View Related

Cisco WAN :: 2911 - DMVPN Tunnel 0 Up - Line Protocol Down

Jul 8, 2011

We have a 6 spoke DMVPN setup. Five of the six spokes work fine. On the 6th spoke, a 2911, we have created a Tunnel0. Other spokes and the hubs can ping it's ip, but it can't ping itself. When we do a show interface it shows the Tunnel 0 is up, but the protocol is down. What does that mean?

View 4 Replies View Related

Cisco Infrastructure :: 2911 TS Causing A-sync Line Lock Out

Oct 31, 2011

I have a brand new 2911-TS running 2900-universalk9-mz.SPA.151-4.M1.  I have connected the async lines to several devices including ASA5510's, 7206V XR and 6506es.  I'm experiencing issues where I go to connect to the console port of one of my devices and my access is denied as if the port was already in a session.  I clear the line and try again, same response.  If I swap that line with a known functioning line I see lines and lines of output as if the device I was trying to connect to was constantly sending data to the console port.  I've not had this problem on any of my older Cisco terminal servers.  I opened a TAC case and they had me RMA the HWIC module.  I cannot find any information about setting some sort of buffer limit or session timeout.  I feel this is a configuration, or mis-configuration issue. 

View 8 Replies View Related

Cisco WAN :: 2911 - Test Load On Line / Big Datagram Size?

Jan 12, 2012

Network 
 
                        2 Bundled T1(3Mbps)
2911---------------------------------------------------------2911
 
 
I am pinging across the Wan to test the circuit and it is pinging fine with the default extended ping 5 repeat count and 100 Datagram size. I was told that I need to up the repeat count to 1000 and the datagram size to 17999 to test the line. Also when performing this test Txload is 255/255.Is this really needed to test the load on the line, that big of a datagram size?

View 5 Replies View Related

Cisco WAN :: 2911 - Need PVDM When Use HWIC-2CE1T1-PRI For Leased Line

Oct 11, 2012

We plan migrate an old existing WAN architecture based on legacy data serial links. These links will be consolidated on a E1 channalized card.
 
My question :
 
Is the HWIC-2CE1T1-PRI need a PDVM DSP ressources on router  to oparate for data leased lines or no?
 
The VWIC3-1MFT-T1/E1 will be used for the backup dial in ISDN connexions? this type of cards a PVDM DSP ressources for data connexions or no?
 
ISR router are 2911.

View 5 Replies View Related

Cisco Firewall :: 5570 - How To Change Telnet And Enable VPN User Password

Jun 17, 2011

how do i change the telnet and enable and vpn user password on asa 5570.

View 4 Replies View Related

Cisco Switching/Routing :: IOS AAA And Telnet 1800 Configuration

Mar 1, 2012

I have aaa new model configured on a number of isr's(1800, 1900, 2900, 3800 etc).  When i have aaa configured, the telnet logins use that authentication and not the password in the line vty portion.  Is this by design.  would disabling aaa enable both telnet and aaa authentications, essentially making it a dual login. 

View 3 Replies View Related

Cisco Switching/Routing :: C3560 / Can't Disable Telnet For Vty Lines

Oct 24, 2012

#sh run | inc user
!
username USER0 secret 5 $1$passwordusername USER1 privilege 15 secret 5 $1$passwordusername USER2 privilege 15 secret 5 $1$password
!
#sh run | inc aaa
!
aaa new-modelaaa authentication login local_authen localaaa authentication login radius_authen group radius localaaa authorization consoleaaa authorization exec local_author localaaa authorization exec radius_author group radius localaaa session-id common
!
#sh run | begin line vty
!
line vty 0 4access-class 3 inexec-timeout 15 0authorization exec radius_authorlogging synchronouslogin authentication radius_authentransport input sshline vty 5 15!sh verCisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE6, RELEASE SOFTWARE (fc1)
 
the intent of the above is that management connections will only be accepted via SSH, and all of those will be authenticated via RADIUS, unless it's down, then it will use the local username/pw combinations, most of which are given Privledge level 15. Telnet should never work.SSH works as expected (authenticates via RADIUS), but the problem is that Telnet also works, will ONLY use the local database (never RADIUS), and, for some reason, leaves the users at Privledge level 1, instead of the configured 15.Essentially, it seems that at every point I have told it to do something that isn't the default with regards to telnet, it ignores me.Prior to a recent IOS upgrade, the switch didn't support SSH, so the previous config was Telnet with RADIUS, and that worked fine.

View 10 Replies View Related

Cisco Switching/Routing :: 3570C - Cannot Remote Telnet To Switch

Mar 4, 2012

I have set up a newly switch, cisco 3570C. Its in v15 and the only configuration i did is:
 
-set up interface ip add. 10.132.16.111
-set up telnet
 
I am able to telnet within LAN environment. I cant ping or telnet the switch in a WAN enviornment. Is there any setting i should confgure on the switch?

View 12 Replies View Related

Cisco Switching/Routing :: 2960-S - Can't Telnet / Ping Into Switch

Sep 4, 2012

I have a Cisco 2960-S Switch, It is connected to a jack in the building to check the settings, Interface VLAN 1 has an ip, there is a default gateway, Any host connected to switch can access the network resources. But the problem is that I have to use Serial Cable to configure it. I cant ping or telnet into it from any other device. PC's are on different subnets/VLANS.
 
Basically this switch is connected to a port in a different switch, Do i have to make a trunk?

View 8 Replies View Related

Cisco Switching/Routing :: 6500 - How To Set Up SSH In CatOS And Disable Telnet

May 27, 2013

I am trying to Disable Telnet and enable SSH in CatOS for 6500 .

View 12 Replies View Related

Cisco Switching/Routing :: 877 Reverse Telnet With No Aux Port For No Cross Contamination

Dec 21, 2011

I have a new 877 that I am using for internet traffic for 3-4 internet only devices.I also have a clean network that i want to insure no cross contamination. However I plan on rolling this out to many sites, but for management I was hoping to set up a reverse telnet to the console port from our one of my clean switches. which should allow me to keep the units seperated and allow me to manage changes etc remotely. Unfortunatly there is no Aux port on the clean switch (3560). Is there still a way to acheive this? can i configure one of the ethernet ports to connect to the console of the 877?

View 2 Replies View Related

Cisco Switching/Routing :: Telnet On Port 6066 To Configure Router

Apr 23, 2012

We have several routers that can only be accessed on telnet port 6066 (vice 23). I have no global exec privilege so I can not provide config.So my question is: how do you configure the router to accept port 6066 for telnet and deny port 23?

View 4 Replies View Related

Cisco Switching/Routing :: 3750 Telnet Still Working When Accessing This Switch

Apr 12, 2012

I only want SSH to be allowed when accessing this switch, but telnet is still allowed, why?  Whe authenticate via radius.version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname 3750!boot-start-markerboot-end-marker!logging buffered 64000logging console informationallogging monitor informationalenable secret 5 $1$1K$!username admin privilege 15 secret 5 $1$Bs$cLHusername users view priv3 secret 5 $1$Jfnviwp!!aaa new-model!!aaa authentication login default group radius localaaa authentication enable default lineaaa authorization consoleaaa authorization exec default group radius local !!!aaa session-id commonclock timezone GMT 0clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 3:00switch 1 provision ws-c3750g-12sswitch 2 provision ws-c3750g-12ssystem mtu routing 1500udld aggressiveno ip domain-lookupip domain-name CB!!login on-failure loglogin on-success log!!crypto pki trustpoint TP-self-signed-3817403392enrollment selfsignedsubject-name cn=IOS-Self-Signed-Certificate-3817403392revocation-check nonersakeypair TP-self-signed-3817403392!!crypto pki certificate chain TP-self-signed-3817403392certificate self-signed 01  3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030   31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274   69666963 6174652D 33383137 34303333 3932301E 170D3132 30343133 31303539   33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649   4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38313734   30333339 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281   8100C31D AE6DD8B5 56245317 AD96F4F4 727385D4 97A5B138 488A215E 4294FC40   1C5B2F26 2B75E1CF E562F240 118F2F50 0CFF2449 16EC66EA 2D489F5F F36BFD05   ACCC79CA DDDA984D 4CB7AB DD95A5E0 9274A225 3F5A3634 DEBF1A2A 416E2189   B35B4473 C7D5EE2C E3D41675 A86F31CD.

View 3 Replies View Related

Cisco Switching/Routing :: Telnet From 6513 On Port 2821 Fails

Jan 21, 2012

I am having issues with 'telnet' on port 2821 to a range of servers connecting through vlan interface from my core switch 6513 running s72033_rp-DVIPSERVICESK9_WAN-VM) version 12.2(33)SXH7, RELEASE SOFTWARE (fc3). The telnet on port 1556 and 13724 is ok.

View 1 Replies View Related

Cisco Switching/Routing :: 2960 / 3750 - Can't Ping Or Telnet Into Switch

Sep 17, 2012

I have 2 switches. 2960 and 3750.  I have trunk on both ports of the switch.  there are couple of vlans and ports are assigned to those vlans. examples are management, voice and data. int vlan 1 has ip   there is default gateway  the hosts are able to connect to the internet when connected to the switch.  

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved