Cisco Switching/Routing :: 877 Reverse Telnet With No Aux Port For No Cross Contamination
Dec 21, 2011
I have a new 877 that I am using for internet traffic for 3-4 internet only devices.I also have a clean network that i want to insure no cross contamination. However I plan on rolling this out to many sites, but for management I was hoping to set up a reverse telnet to the console port from our one of my clean switches. which should allow me to keep the units seperated and allow me to manage changes etc remotely. Unfortunatly there is no Aux port on the clean switch (3560). Is there still a way to acheive this? can i configure one of the ethernet ports to connect to the console of the 877?
View 2 Replies
ADVERTISEMENT
Aug 1, 2011
We have a router that was installed a few months ago which has the following version: 15.1(3)T
I am unable to reverse telnet to a new ASA firewall, however when I move the console to a second older router with an older version of code I am able to reverse telnet
Are there any known bugs, issues with version 15.1. I use the following command as normal: telnet x.x.x.x 2001
View 5 Replies
View Related
Apr 23, 2012
We have several routers that can only be accessed on telnet port 6066 (vice 23). I have no global exec privilege so I can not provide config.So my question is: how do you configure the router to accept port 6066 for telnet and deny port 23?
View 4 Replies
View Related
Jan 21, 2012
I am having issues with 'telnet' on port 2821 to a range of servers connecting through vlan interface from my core switch 6513 running s72033_rp-DVIPSERVICESK9_WAN-VM) version 12.2(33)SXH7, RELEASE SOFTWARE (fc3). The telnet on port 1556 and 13724 is ok.
View 1 Replies
View Related
May 22, 2013
We are configuring a new EMC VNX, and plan to use Ether channel with our 3750x stack. We would like to configure it for both additional bandwidth and for redundancy. What is the best configuration to use? Should we trunk the channel or use switch port mode access, and use channel-group on or protocol LACP (which state active or passive)?
View 1 Replies
View Related
Mar 18, 2012
I have c3750 and c4500 switches. I want to cross connect 2 v LAN so I need connection 2 different v LAN s. Can you provide example configurations?
Whatever other case, I want to cross connect between c7200 and c3750 2 different v LAN. It's possible?
View 3 Replies
View Related
Oct 20, 2011
Long time since I have had to configure a router and have a small project
Here is what I have in a simple diagram:
PC(static IP)--to--Switch--to--(Ethernet0 int, WIC0)1721 router(FastEthernet0 int, built-in)--to--Switch--to--PC(DHCP)
I need static IP PC to be able to ping the DHCP client. Static IP units 10.1.1.x/16, DHCP clients 10.1.3.x/16.
I have found these overlap and thus give errors and will even shutdown the interface if I enable certain things like routing or bridging.
So I gather I need to change one interface IP range, which would be the DHCP side, I need to stay 10.1.1.x/16 for static side.
View 7 Replies
View Related
Mar 25, 2013
We have a pair of WS-C3750X-24T-S in a stack and four WS-C2960S-48TS-L in a stack of their own. There is not really anything too fancy configured (no special VLAN configuration/trunks or etc.) but the 3750 do have two ports configured as L3 for routing. We are not trying to use those ports for EtherChannel. These devices are running IOS 12.2(55)SE3 Essentially we are attempting to make an EtherChannel group using port 48 on all four of the 2960's in their stack (four ports). On the 3750 we will configure an EtherChannel group using port 23 and 24 on both switches (four ports). We then connect them up to form a four member EtherChannel.The ports on both ends are configured as mode ON and they are all 1Gb ports. I elected mode on because I understand at least one of the EtherChannel protocols will not work cross stack. What I would like to ask is whether the above configuration is possible or are we hitting some sort of limitation of EtherChannel cross stack, etc..? I cannot find anything to suggest this configration is invalid, but thought I would ask to see if I missed something in the EtherChannel articles.
View 3 Replies
View Related
Oct 23, 2012
I am running out of ports on a 4507R and would like to use a 3750G-24TS stack that I already have to expand capacity. Is it possible to configure EtherChannel between the 4507R and the 3750G stack and if so what is the best way to do it? without LACP, with active-active mode LACP or passive-active mode LACP...
This is what I have in mind:On the 4507R side I would like to use interface GigabitEthernet3/5 and interface GigabitEthernet4/5 where modules 3 and 4 on the 4507R are "6 1000BaseX (GBIC) (WS-X4306-GB)". On the 3750G side I would like to use ports 28 on both switches in the stack which are equipped with Cisco GLC-T= 1000BASE-T SFP transceiver module for Category 5 copper wire with RJ-45 connector. [URL] Cross-Stack EtherChannel Without PAgP or LACP should look like this:
3750switchstackA(config)#interface gigabitethernet 1/0/28
3750switchstackA(config-if)#channel-group 1 mode on
3750switchstackA(config-if)#switchport trunk encapsulation dot1q
3750switchstackA(config-if)#switchport mode trunk
3750switchstackA(config)#interface gigabitethernet 2/0/28
3750switchstackA(config-if)#channel-group 1 mode on
[code]....
is that what I should be doing? is there any benefit to the active-active mode LACP or passive-active mode LACP and which are applicable to the case above?
View 1 Replies
View Related
Jan 28, 2012
According to the following Cisco webpage, cross-stack 10-Gigabit EtherChannel is possible on the 3750 with up to two 10-Gigabit modules, using LACP: url...However, the webpage doesn't confirm if this functionality is restricted to a particular 3750 model, such as 3750E, or if it applies to all models. It also doesn't specify any particular IOS feature set. I've tried Cisco Software Advisor but it doesn't list this feature on either the 3750E or 3750-X. This is possible on the 2960-S switches (i.e. cross-stack 10gig EtherChannel)?
View 23 Replies
View Related
Feb 22, 2012
i want to realize a 20gb ring stp with 6 3750x stacked by 2. I want to install 2 3750x stacked configured in hsrp mode with other 2 3750 stacked. These 2 different stack are interconnected by a cross-stack ether channel 20Gb fiber. On the other side of the room i want to create a new stack with 2 3750x with cross-stack ether channel 20gb connected with the previous 2 stacks. So, in total 3 different cross-stack ether channel 20Gb stacks interconnected creating a ring stp of 20 Gb.
View 4 Replies
View Related
Mar 3, 2013
configuring EtherChannel between 3750-X cross-stack and 6509E switch. I use two ports on 3750s, and two ports on 6509. I just need it as a trunk. For some elusive reason one port on 3750 keeps being err-disabled, and one on 6509 notconnected.
Here is what I did so far.
3750
!
interface GigabitEthernet1/0/22
description ***VSS-RNOC-link***
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2
[code]....
Problem with :
GigabitEthernet1/0/22 is down, line protocol is down (err-disabled)
GigabitEthernet2/1/29 is down, line protocol is down (notconnect)
I tried shutting them down, then no shutting them again. Didn't work.
View 11 Replies
View Related
Jan 8, 2013
I am trying to implement in the lab. I have 2 switches 3550 and 3750. my questions are:
1. why i can't see vlans in the running config on switch 3750 even after i created 3 vlans?
2. the 3750 is power over ethernet switch and i am trying to connect 3550 and 3750 thru cross over cable trunk link and the ports doesn't show up no light nothing. is it the right way of cabling.
View 6 Replies
View Related
May 16, 2013
We have a singe IP Address in the Internet and want to forward SMTP traffic that hits our ASA Outside Interace to the internal Mailserver.And we like to forward Http Traffic to our Webserver.
Example.
212.23.23.23 Port 25 -> 192.168.1.100 Port 25
212.23.23.23 Port 80 -> 192 168.1.200 Port 80
How do i acomplish that. Which NAT rules do in need?
View 12 Replies
View Related
Mar 1, 2012
I have aaa new model configured on a number of isr's(1800, 1900, 2900, 3800 etc). When i have aaa configured, the telnet logins use that authentication and not the password in the line vty portion. Is this by design. would disabling aaa enable both telnet and aaa authentications, essentially making it a dual login.
View 3 Replies
View Related
Oct 24, 2012
#sh run | inc user
!
username USER0 secret 5 $1$passwordusername USER1 privilege 15 secret 5 $1$passwordusername USER2 privilege 15 secret 5 $1$password
!
#sh run | inc aaa
!
aaa new-modelaaa authentication login local_authen localaaa authentication login radius_authen group radius localaaa authorization consoleaaa authorization exec local_author localaaa authorization exec radius_author group radius localaaa session-id common
!
#sh run | begin line vty
!
line vty 0 4access-class 3 inexec-timeout 15 0authorization exec radius_authorlogging synchronouslogin authentication radius_authentransport input sshline vty 5 15!sh verCisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE6, RELEASE SOFTWARE (fc1)
the intent of the above is that management connections will only be accepted via SSH, and all of those will be authenticated via RADIUS, unless it's down, then it will use the local username/pw combinations, most of which are given Privledge level 15. Telnet should never work.SSH works as expected (authenticates via RADIUS), but the problem is that Telnet also works, will ONLY use the local database (never RADIUS), and, for some reason, leaves the users at Privledge level 1, instead of the configured 15.Essentially, it seems that at every point I have told it to do something that isn't the default with regards to telnet, it ignores me.Prior to a recent IOS upgrade, the switch didn't support SSH, so the previous config was Telnet with RADIUS, and that worked fine.
View 10 Replies
View Related
Mar 4, 2012
I have set up a newly switch, cisco 3570C. Its in v15 and the only configuration i did is:
-set up interface ip add. 10.132.16.111
-set up telnet
I am able to telnet within LAN environment. I cant ping or telnet the switch in a WAN enviornment. Is there any setting i should confgure on the switch?
View 12 Replies
View Related
Sep 4, 2012
I have a Cisco 2960-S Switch, It is connected to a jack in the building to check the settings, Interface VLAN 1 has an ip, there is a default gateway, Any host connected to switch can access the network resources. But the problem is that I have to use Serial Cable to configure it. I cant ping or telnet into it from any other device. PC's are on different subnets/VLANS.
Basically this switch is connected to a port in a different switch, Do i have to make a trunk?
View 8 Replies
View Related
May 27, 2013
I am trying to Disable Telnet and enable SSH in CatOS for 6500 .
View 12 Replies
View Related
Apr 12, 2012
I only want SSH to be allowed when accessing this switch, but telnet is still allowed, why? Whe authenticate via radius.version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname 3750!boot-start-markerboot-end-marker!logging buffered 64000logging console informationallogging monitor informationalenable secret 5 $1$1K$!username admin privilege 15 secret 5 $1$Bs$cLHusername users view priv3 secret 5 $1$Jfnviwp!!aaa new-model!!aaa authentication login default group radius localaaa authentication enable default lineaaa authorization consoleaaa authorization exec default group radius local !!!aaa session-id commonclock timezone GMT 0clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 3:00switch 1 provision ws-c3750g-12sswitch 2 provision ws-c3750g-12ssystem mtu routing 1500udld aggressiveno ip domain-lookupip domain-name CB!!login on-failure loglogin on-success log!!crypto pki trustpoint TP-self-signed-3817403392enrollment selfsignedsubject-name cn=IOS-Self-Signed-Certificate-3817403392revocation-check nonersakeypair TP-self-signed-3817403392!!crypto pki certificate chain TP-self-signed-3817403392certificate self-signed 01 3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33383137 34303333 3932301E 170D3132 30343133 31303539 33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38313734 30333339 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100C31D AE6DD8B5 56245317 AD96F4F4 727385D4 97A5B138 488A215E 4294FC40 1C5B2F26 2B75E1CF E562F240 118F2F50 0CFF2449 16EC66EA 2D489F5F F36BFD05 ACCC79CA DDDA984D 4CB7AB DD95A5E0 9274A225 3F5A3634 DEBF1A2A 416E2189 B35B4473 C7D5EE2C E3D41675 A86F31CD.
View 3 Replies
View Related
Sep 17, 2012
I have 2 switches. 2960 and 3750. I have trunk on both ports of the switch. there are couple of vlans and ports are assigned to those vlans. examples are management, voice and data. int vlan 1 has ip there is default gateway the hosts are able to connect to the internet when connected to the switch.
View 5 Replies
View Related
Feb 9, 2012
I can't to connect on my switch (WS-C2950G-48-EI) with Telnet or HTTP.When to connect with console, i have a error [code]
View 4 Replies
View Related
Mar 7, 2013
I have a catalyst 3550 and will be using it to run my cisco 7940 and 7960 ip phones with POE. When I plug the phones into the switch they power up just fine but the phones will not dial out as they have little x's by the line. I have also tried going through the set up of the 3550 but get stuck in one place. When I go to the 10.0.0.0, the screen will not allow me to enter the telnet page or allow me to enter any information. In the manual it shows a pic of what the screen should look like when I go to 10.0.0.1, but I am getting an entirely different page.
What I need to do to get everything set up correctly?
View 5 Replies
View Related
Jan 7, 2013
We have a cisco 2911 router configured with password for telnet login, but I always failed to login use telnet, does any one know any place need to be modify?
View 6 Replies
View Related
Dec 18, 2011
I'm using a radius server to authenticate ssh when connecting to my company's switches (a 3560 + several 2960s).
Everywhere I've looked claims that using the line 'transport input ssh' in my switch config should disable telnet access and allow ssh only. But after changing 'transport input ssh telnet' to 'transport input ssh' I can still connect to all of the switches from telnet. I can't block telnet with ACLs either because my company uses a telnet based terminal client to do most of their work.
I don't have much experience with radius. How do I stop telnet connections when using radius to authenticate?
View 5 Replies
View Related
Apr 10, 2012
We got a switch issue here for 4507R-E with two sup6l-e supervisor running sso redudant. and we found that sometimes client can't ping through the local vlan ip add on the switch , can't logon the cli by telnet too. In the direct connected network device such as access switch and ASA , can't ping or telnet the 4507R too. when we made a forceswitch to sso standby supervisor from console , the problem solve and everything get fine . after that, we switch angin back to the origin supervisor , fine too.
before we made the supervisor forceswitch , we had check the system cpu usage is 15 - 20 % from console . also we had creat a new vlan 200, attach the notebook to 4507's vlan 200 port , the notebook can't ping or telnet the vlan 200 ip interface too.
View 1 Replies
View Related
Feb 27, 2013
Any issues with pasting scripts into a Nexus 7K and having the scripts get all messed up even though they are logically correct? I've had this issue over the years with IOS devices and the console port and tweaking some of the line feed/character delays fixes the issue but that was always with the console port and not a telnet session. Telnet has always worked flawlessly on IOS.
I've determined that if I tweak my line feed delay up to 1000ms it seems to work fine, but it just doesn't make sense to me that I have to do that.I have a customer with 3300 ACL lines that need to be put into a Nexus as part of a migration from 6500 to Nexus. And yes, I've already tried to convice them to offload these VLANs behind an ASA!
View 1 Replies
View Related
Jan 21, 2013
We are running in our DC one of the CISCO 2911 terminal server which is connected with HP ARC sight logger.
it is possible to capture user who execute ‘Telnet” or “show line” in the log, I mean all the command entries by user.
How to enable any config on 2911.
View 11 Replies
View Related
Feb 7, 2012
The network is set up like this.
Host -----> 3750 (classic) running IPSERVICES stack ----> 3550 router -----> VPN 3005 Concentrator.
IP routing is disabled on the 3750 (it's acting solely as a switch) IP routing is enabled with an EIGRP process running on the 3550 router that has the network for the 3005 broadcasting.
I can ping the vpn 3005 concentrator from a telnet session in the 3550 but not from the 3750.I can ping between the 3750 and the 3550 vlan management interfaces. Visually speaking it's like this
3750 ------> 3550 [Success!!!!]
3550 ------> VPN 3005 Concentrator [Success!!!!]
3750 ------> 3550 --xxxx--> VPN 3005 Concentrator [Timeout....]
I know this because I tracerout to the 3005 from the 3750 and it resolved the default gateway configured for the 3550 properly but then started timing out.
The 3750 is trunked to the 3550.
3750 is vtp client mode
3550 is vtp server mode
I'm wondering if there's a layer 2 issue involved here as it is a VTP domain and maybe it's not returning properly.
View 2 Replies
View Related
Aug 20, 2012
I have configured the ip telnet source-interface Loopback 0 command on a Nexus7010, but when I telnet to another device and do a show users, the ip address is of the closest interface to the device I telnet to, not the ip address of the Loopback. All interfaces are in vrf default. I am running 5.1(6) NXOS.
View 6 Replies
View Related
Nov 17, 2012
I was testing on 802.1x function on Catalyst 2950. the funtion itself work fine with my radius. but after I have setup the aaa new-model, I have no access to my switch!everytime I telnet it prompt me username, but I didn't create any user!!
how to recover to the origianl status, just prompt to input password but not username needed, and with 802.1x enable ofcause. [code]
View 10 Replies
View Related
Apr 18, 2013
I have a pair of OLD Cat6500's running CatOS:
WS-C6509 Software, Version NmpSW: 7.6(16)
Copyright (c) 1995-2005 by Cisco Systems
NMP S/W compiled on Dec 22 2005, 16:37:19
System Bootstrap Version: 7.1(1)
System Boot Image File is 'bootflash:cat6000-sup2k8.7-6-16.bin'
System Configuration register is 0x2
I know these are no longer supported, but I have to ready them for migration. Recently a problem began with these switches. What happens is that when I telnet to them, I cannot authenitcate via TACACS. This works fine for all our other IOS equipment, just not for these 2 switches. The error is:" % Error in authentication" and then I get kicked back to the login prompt.
The odd thing is that when I connect to the switch via the console port, I can authenticate fine with TACACS.
CMS> /c 14
[Code].....
View 2 Replies
View Related
Mar 8, 2011
I was unable to telnet in to a SQL server on port 1433 to test the connection from the client PC.the application could connect and this alone verifies it is working on port 1433 for sql.My question is how can a telnet command on a specific port be blocked ?
View 3 Replies
View Related
