Cisco Switching/Routing :: AAA Authentication On 6509 Switch?
Apr 1, 2013
I am trying to use a Tekradius Windows2008 server to aaa authenticate switch admin logins. The Radius server and 6509 loop0 are in a management VRF "netman". I can happily ping to and from the Server and loopback0 interface without issue. I have also tested the radius server account using RadiusNT on a workstation. I get an accept reply with the following variables..
shell:priv-lvl=15
NAS-Prompt
Here are the relevant parts of my config as far as I can see..
aaa new-model
aaa group server radius SRADIUS
server-private 192.168.1.101 auth-port 1812 acct-port 1813 key cisco
ip vrf forwarding netman
ip radius source-interface Loopback0
!
aaa authentication login default group SRADIUS local
[code]...
View 1 Replies
ADVERTISEMENT
Sep 20, 2012
Im having a strange problem on a 6509 switch. I am trying to use a Tekradius Windows2008 server to aaa authenticate switch admin logins. The Radius server and 6509 loop0 are in a management VRF "netman". I can happily ping to and from the Server and loopback0 interface without issue. I have also tested the radius server account using RadiusNT on a workstation. [code]
View 8 Replies
View Related
Jan 21, 2013
I have a 6509 running catOS that i had to do some routing changes on this weekend. I guess i forgot to set the default route so now I can't login or ping from outside the local subnet and because of acl restrictions on the vty lines can't login from a device within the local subnet. I can login to the sup module so i'm trying to figure out if there is way to get to the switch from the sup like you would access the sup from the switch by inputting the command session 15 or session 16, is there a way to do the reverse to get to the switch from the sup?
View 1 Replies
View Related
Feb 6, 2013
I have number of 6500 switches and we are in the process of getting support contract renewed now when i buy support for my 6500 series switches i have to inform main module serial numbers (Only this one). or do i also have to inform about sub module serial numbers to my support vendor?
View 1 Replies
View Related
Jul 31, 2012
Suffered a big outage on the network, the fix was to reload the module 3 on the 6509 switch, we had these errors on the log %CONST_DIAG-SW1_SP-3-HM_PORT_TEST_FAIL: Switch 1 Module 3 TestUnusedPortLoopback Port(s)[24,46] failed. System operation continues.in the end, we reloaded the card and it was all ok. is there anything I can do to check the card / or any deeper logs? would that error cause the card to crash?
View 1 Replies
View Related
Aug 28, 2012
I have a 6509-E chassis that was prevoius in a VSS configuration. Due to some VSL failures I had to cobvert it to a standalone chassis but would like to bring it back to a virtual system.
Whenever I try to convert it by using the command "switch convert mode virtual" I get the msg %Please configure local switch number first". After doing so by entering the CLI cmd "switch set switch_num 1 local" I still get the same message.
View 1 Replies
View Related
Feb 21, 2012
in my 6509 switch while i checked is showing some thing like this RDCCI65F0#sh environment
environmental alarms:
no alarms
backplane:
operating clock count: 2
[Code].....
View 2 Replies
View Related
Jan 13, 2012
I have configured cisco 6509 to do nating and its not working. Static nat is perfectly working fine below is the config.
View 6 Replies
View Related
May 16, 2010
I have one CISCO 6509 Switch in my store. I tired to login in that switch but couldnt.. Once it's booted it's asking me: rd: . Find the attachment. I recover the password by changing confreg value but that also failed.
View 8 Replies
View Related
Dec 11, 2012
How a 6509 pair handles the loss of the other vss switch, and what happens when the other comes back on ?
View 1 Replies
View Related
May 19, 2012
I have a 6509 that has dual SUP32's.Just want to make sure and give a reason(if there is one). Slot 6 always becomes the active hot on a full reboot. Meaning from no power to the whole switch to powered on. What is the election process for Supervisors?
View 5 Replies
View Related
Feb 6, 2013
I am doing a deployment of a cat 6509
Any checklists that they fill in pre deployment, ie card failover tests etc ?
View 1 Replies
View Related
May 8, 2012
If I dual connect my access switch to my 6509s running vss, what will happen, will spanning tree still block one of the ports if I don't set up an etherchannel?
View 1 Replies
View Related
Jul 5, 2012
I was trying to uplink a switch today on a 1500m run of SMF. I have a 6509 core switch with a 16 port GBIC module. On that end I have a WS-G5486-LX with a 3m SC to LC patch cable.On the other end I have a 3750G with a GLC-LH-SM SFP. I have checked my fiber path and it seems good, (by sight, did not have an OTDR avialable).I can't get the link up at all. Tried swapping Tx Rx at one end, Tried different transceivers. Tried different patch cables. Nothing worked. At about the mid-point of my fiber run the cable passes through another network closet with a core switch for a separate network. If I break my fiber path there and try to connect in either direction it works. The only differences are the length of the fiber run and that the core switch on the other network has a CLC-LX-SM SFP.Is it the distance? Or is there some issue connecting a GLC-LH-SM to a WS-G5486-LX?
View 7 Replies
View Related
Apr 16, 2012
i have one of my switch modules that shows PwrDown when i issue the command show mod.
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 9 Supervisor Engine 32 8GE (Active) WS-SUP32-GE-3B SAD09120263
2 48 48 port 10/100/1000mb EtherModule WS-X6148-GE-TX SAL1029VWZ5
[Code]....
i tried disabling the diagnostic monitor for the module, did a power enable module command and then reset it but it still fails. this is the third blade that i am replacing in a few weeks and i still get the same error. i am persuded that it is not a hardware since it is the third blade in a matter of weeks. after the module reset, i receive this error % module 3 is operationally off (FRU-power failed)
could an ios upgrade solve this issue? are there any ios related bugs?
View 10 Replies
View Related
Feb 20, 2012
We have a network of 30 VLANS and currently all the vlans have access to everything. We are using Cisco 6509 switch for Layer3 routing.I would like to prevent some VLANs accessing the server VLANs. How can I restrict access to the server VLANs?Do i need to implement access-lists on the 6500 switch? or do i need to create VLANS on the firewall so that all traffic i filtered ?
View 9 Replies
View Related
Nov 28, 2012
We have a cisco catalyst 6509 with Supervisor Engine . After power outage, the switch always start in Rommon mode. Configuration register is 0X2102, we want to it always start in normal mode. What should i do?
View 3 Replies
View Related
Nov 30, 2012
I need to replace a faulty fan unit on the catos WS-6509 switch. this Catos switch does not support show inventory so any other catos commands which will show me this part id?
View 2 Replies
View Related
Jan 25, 2012
i'm already has one internet connection is conecting directily to the Core Switch 6509, and the Switch is route any internet request with default route:
SW6509-conf)# ip route 0.0.0.0 0.0.0.0 10.170.10.10
10.170.10.10 is --> Next hop for the DSL router internal IP, and it's working fine.
We have a new internet connection with another ISP/ with another DSL router, how to connect both of them to exit from the Core Switch 6509.
is it ok if i make another default route to the Next hop to the new DSL router as:
SW6509-conf)# ip route 0.0.0.0 0.0.0.0 10.80.10.10
10.80.10.10 is --> Next hop for the new DSL router internal IP.
View 6 Replies
View Related
Oct 14, 2012
I recently ran an upgrade on my 6509-E's and when the first switch came back up, 3 of the 10/100 switches that were in the chassis did not power on. After further investigation, these models are not supported by this latest IOS version. The module # is : WS-X6248-RJ-45
We have one WS-X6348-RJ-45 and since it was a few weeks ago I did this I can't remember for sure but I believe this one came up.
Where can I found the information regarding this being unsupported but I know it is out there and any page that showed me that this was unsupported with the latest stable IOS of 12.(33).
In addition to this question, I have approval to purchase some newer gigabit switches that will be supported by this new IOS version and hopefully at least the next few over the next few years. Which specific gig models are currently and hopefully should be supported for the next few years? I don't need PoE or anything spectacular, just regular switches that are attached to either servers or virtual hosts. I've been looking at the lists of what is out there and it seems like there are hundreds of different models and it is becoming difficult to determine what is what.
View 1 Replies
View Related
Aug 15, 2012
I have seen links out there for a conversion tool to convert commands on a Catalyst type switch (6509) to newer IOS type switches(4500-e) switches but they all error out on me on a 404. Any link where I can get this conversion tool?
View 1 Replies
View Related
Mar 16, 2013
I am getting very slow window file transfer speed (4 Mbps per second) between two connecting servers in Cisco 6509 switch. I have connect the two laptops in 6509 switch in same module using the same vlan and try to copy the files from one laptop to another and vice versa and got the same speed on 4 to 5 Mbps per second. Switch utilization is not more than 10% and both the laptops are connected in 1 Gbps full duplex.
I have checked by removing the gateway in both laptop but the output is same.
View 7 Replies
View Related
Feb 2, 2013
I am planning to upgrade the current core switch(3750) to 6509 series switch. Since we have a production network running we have to plan for an online core switch upgrade.
View 7 Replies
View Related
Oct 23, 2011
What is PIM? give me an example when I will use and not use the PIM command.
View 4 Replies
View Related
May 3, 2013
I am trying to configure 802.1x RADIUS Authentication on cisco 2950-24TT-L Switch. I am using following set of command as given below
Switch# configure t
Switch(config)# aaa new-model
Switch(config)# aaa authentication dotx default group redius
Switch(config)# dot1x system-auth-control
Switch(config)# inter fasteth 0/1
Switch(config)#dot1x port-control atuo
I am facing problem dot1x command is not working on interface.
View 1 Replies
View Related
Feb 20, 2012
How much is the limit for the creation of PortChanel in a Core Switch 6509 and 6513?Is there a limitation byu hardware?
View 7 Replies
View Related
Sep 17, 2012
I have a Cisco 6509 with IOS "s222-ipservicesk9_wan-mz.122-18.SXF16.bin"I need to enable dot1x on user's ports on the switch. each user is connected to the switch through the IP phone.
I just found out that I can not enabled dot1x on trunk port. I have tried to use "switchport voice vlan " but I got:
Switch(config-if)#switchport voice vlan 123
Command rejected: Gi7/20 is Dot1x enabled port.
let me know what should I do to get dot1x working?
Note: I have connected a laptop directly to the port and dot1x is working fine.
View 5 Replies
View Related
Mar 9, 2010
Is it possible to have multiple dhcp pools for multiple VLANs? The switch is a 6509 and/or 4506 catalyst. I don't want to use server-based products.
View 5 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Jan 11, 2012
we've had an issue with our network, we have 2 6509 connected with redundancy, which are connected with 2 x 4900 Switches, from which are connected to a ESX Chassis for visualization, the thing is that the ESX stopped working, and the 4900 switches, and the main core were suffering from overload, they hang on it very well, in order to stop the overload, one of the links to the ESX Chassis were disconnected from one of the 4900 switches. The CPU usage from the 4900 and the core(6509) went down below 40%, and then they started to migrate the virtual servers from the chassis to another 2 chassis that were added right after. They were actually working well, but suddenly the 6509 changed to the other supervisor after everything was OK. We were wondering what could have been the cause of this, maybe the virtual servers migrations, maybe the overload from the ESX ? We also had a few question, is there any need to reload the cores every few months as a planned task ? Because the cores have been up for more than 1 year. And also is there any kind of of tool to monitor the CPU status, or the status overall from the cores or the switches ?
View 3 Replies
View Related
Apr 11, 2012
The have around 80 staff and I think the current infrastructure is overkill for the size of the company. The current kit is old and they have no GB ethernet ports. They currently have:-
Core Switch:
1x Cisco c6509with a 48 port fast ethernet module (WS-X6248-RJ-45)
and an 8 port fibre module (WS-X6408A-GBIC)
I'm looking to replace this with something with 72 ethernet ports and 8 fibre ports
Access Switches:
2x 3500Replacement needs at least 48 ports and 2 fibre modules each
and 2x 5500Replacement needs at least 72 ports and 2 fibre modules each.
View 13 Replies
View Related
Feb 26, 2012
If client gateway = 192.168.64.9 then next-hop = 192.168.64.8 else use default-route 0.0.0.0
I know it's possible to do a route-map match ip-address ACL list. But is it possible to match on gateway?
Some info about hardware and config:
6509-E in VSS (IOS 12.2(17r)SX5) withVS-S720-10G supervisor.
All routes are static, IP for 192.168.64.9 is on SVI vlan.
View 3 Replies
View Related