Cisco Switching/Routing :: Nexus 7K Shows Continuous Tacacs Error Message?
Dec 10, 2012
I have Nexus 7K installations in 2 locations. Both of them have multiple VDCs. In default VDC there are continous tacacs error message though tacacs is not configured. The requests are from various public IPs where thsi VDC is not exposed to Internet at all. What would be t he cause of it?
%AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user root from 195.2.219.2
2012 Dec 11 16:25:28 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226
- sshd[25797]
2012 Dec 11 16:25:34 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226
- sshd[25799]
[code]....
View 1 Replies
ADVERTISEMENT
Sep 8, 2012
I have a Cisco 2800 series and it doesn't boot, only shows this message in the CLI>
Bad RAM at location 0xA0000304: wrote 0xA0000304, read 0xA0000004
What means this? I have to change the RAM?
View 2 Replies
View Related
May 27, 2013
I have in logs following error message:
%DEVICE_TEST-2-PWR_MGMT_BUS_FAIL: Module 1
Has failed test SpineControlBus 20 times on device Power Mgmt Bus on slot 10 due to error Spine control test failed error number 0x00000002.
View 3 Replies
View Related
Nov 12, 2012
NEXUS 7000 Octopus internal error in device 78 message. I got this on NEXUS 7000 logs:
Nov 12 22:05:14 smale-outside : 2012 Nov 12 21:05:14 BRST: %MODULE-2-MOD_DIAG_FAIL: Module 2 (serial: JAF1548AMKB) reported failure on ports 2/1-2/32 (Ethernet) due to Octopus internal error in device 78 (device error 0xc4e0025b)
Nov 12 22:05:17 smale-outside : 2012 Nov 12 21:05:17 BRST: %MODULE-2-MOD_FAIL: Initialization of module 2 (serial: JAF1548AMKB) failed
Nov 12 22:05:18 smale-outside : 2012 Nov 12 21:05:18 BRST: %MODULE-2-MOD_FAIL: Initialization of module 2 (serial: JAF1548AMKB) failed
[code]....
I only have found:
[URL]
which does not match reality : No one was configuring Vlans.
View 5 Replies
View Related
Aug 20, 2012
I am having a problem with my cisco 3660 router. I have installed a wic 2T interface card and every time i set it to "no shutdown" the interface always went down and keep getting the following message " %FECPM-2-SCCFAIL: Init of SCC2 for int 0/0 failed to do fecpm_dma_init" .
View 2 Replies
View Related
Oct 8, 2012
I have a little problem. My customer is using TACP-PLUS ALPHA (F4.0.3.alpha.v9). Well, the same user than have access to another Cisco equipment, with user test1 by sample, can configure anything in the equipment. But in the nexus 5000, el command "show user-account" indicate just the "network-operator" role. Well, I patch this situation with the next commands:
aaa authorization config-commands default group TACSERVER local
aaa authorization commands default group TACSERVER local
Well, when I do a telnet into the nexus, I can shut the interfaces, config and anything. But, when I ingress by console, I can not to configure the interfaces.I understand that the Nexus 5000 the Tacacs configuration is global for VTY and Console (different in the Cisco equipment Routers by sample).
View 1 Replies
View Related
Dec 12, 2011
I am working for an Air Force client and am adding a handful of 5548s into their network. My question is how Tacacs+ is configured. My hands are tied in regards to testing in an operational environment so I want to ensure the configs are correct prior to deployment/maintenance window and avoid any remote issues.
I have read the "Cisco Press - TACACS+" config guide and it was somewhat vague in regards to operational deployment.
My basic NX-OS configs are as follows:
- feature tacacs+- tacacs-server key 7 "002A52xxxxxxxxxxxxxxxx8"- tacacs-server host 128.xx.xx.xx timeout 10- tacacs-server host 128.xx.xx.xx timeout 10- tacacs-server directed-request
When I try to set the following command string, aaa authentication login default group tacacs+ local, the NX-OS asks me the input a "server group name". There are no server groups configured. Do I need them? Can I get by without configuring a group name because the client probably will not.
The Cisco IOS devices are configured with normal aaa authentication/authorization parameters. Also, do the VTY ports default to sshv2 and the correct tacacs+ parameters with the "transport input ssh" command (not available)?
View 3 Replies
View Related
Jan 2, 2008
I have this system: IOS (tm) C3750 Software (C3750-I5-M), Version 12.1(19)EA1d, RELEASE SOFTWARE (fc1
An error appear in console (many times in one minute):
Jan 3 16:25:37: %LINK-3-BADMACREG: Interface StackPort1, non-existent MACADDR registry for link 0
-Process= "<interrupt level>", ipl= 4
-Traceback= 20A364 187F04 58D6FC 58B950 2D7CE0 2E00C8 2E2BEC 2E2F24 2B0BF8
What is the problem? What is the solution?
View 2 Replies
View Related
May 8, 2011
I've taken 2 4507's fresh out of the box running CAT4500E-ENTSERVICESK9-MZ.122-53.SG2.BIN which was upgraded from CAT4500E-IPBASEK9-MZ.122-53.SG2.BIN
I'm getting constant %C4K_S2W-4-WRITECALENDARERR: Calendar write operation Failed errors on the console. I was also getting them on the original IOS version.
Anything I've seen say's to ignore them but their very frequent filling up the logs.
There's very little return on google and no bugs to report on Cisco?
View 8 Replies
View Related
May 14, 2012
I upgraded IOS-XE on 4500E (SUP7L-E) to cat4500e-universalk9.SPA.03.03.00.SG.151-1. I encounter the log when i try to issue write mem commad
% VRF table-id 0 not activeCompressed configuration from 8947 bytes to 2140 bytes[OK].
View 3 Replies
View Related
Nov 15, 2012
I get a unclear log entry in a VSS system.
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
[code]....
View 1 Replies
View Related
Jan 6, 2013
Have a small stack of two 3750 routers. Get the following error message every few secounds:
%STACKMGR-4-STACK_LINK_CHANGE: Stack Port 1 Switch 1 has changed to state DOWN
%STACKMGR-4-STACK_LINK_CHANGE: Stack Port 1 Switch 1 has changed to state UP
Now I replaced the stacking cables but no joy. It was ok for an hr or so but then the error messages popped up again. Also random links on this stack back to access layer user switches have been going up and down randomly. So I have decided to take the next step and upgrade the IOS.
Although when I try and copy a new IOS I get the following error:
%Error writing flash:/c3750-ipservicesk9-mz.122-55.SE6.bin (No space left on device)
Seems this image is 130MB while the image that is currently on it is 74MB and free space is 54MB. How do I get the image onto the router? If I delete the current image from flash will that cause the router to stop functioning?
Also I noticed there seems to be more than one flash directory. See below:
copy tftp: ?
flash1: Copy to flash1: file system
flash2: Copy to flash2: file system
flash: Copy to flash: file system
null: Copy to null: file system
nvram: Copy to nvram: file system
running-config Update (merge with) current system configuration
startup-config Copy to startup configuration
system: Copy to system: file system
vb: Copy to vb: file system
The current router image seems to be in flash1 and flash 2 also. Could I delete the image from flash1. Upload it there and then boot the router from flash1?
View 16 Replies
View Related
Jun 5, 2011
my MSFC2 sent this strange log message. %DATACORRUPTION-SP-1-DATAINCONSISTENCY: copy error, The error message decoder tool says: "NOT FOUND". The level is "alert".
View 8 Replies
View Related
Dec 20, 2010
We are running a small network business and as funs of ciscos we own a some of the 4948s.We are facing an issue with couple of them as we get the below error message
C4K_CHASSIS-3-INSUFFICIENTPOWERSUPPLIESDETECTED:Insufficient power
supplies present for specified configuration
First thought to replace the power supply didn't actually work as we did that with no result.Power consumption is not an issue as well because all other 4948s work fine with 1 power supply (forgot to mention is 1 power supply in all of them).
View 6 Replies
View Related
Sep 15, 2012
I recently upgraded my network to have two 3750x core, one interface on the Cisco is connecting to a Net gear switch via a fiber converter. I am keep getting the vlan flapping error message in my log as below.
003396: Sep 17 01:46:16.328: %SW_MATM-4-MACFLAP_NOTIF: Host 5c0e.8ba7.0a5c in vlan 2 is flapping between port Gi2/0/15 and port Gi2/0/13
003397: Sep 17 01:46:19.843: %SW_MATM-4-MACFLAP_NOTIF: Host 5c0e.8ba7.0a5c in vlan 2 is flapping between port Gi2/0/15 and port Gi2/0/13
003400: Sep 17 01:49:58.769: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/17, changed state to down
[Code] .....
After my research i think this is a looping issue but I'm unsure how to address it.
View 2 Replies
View Related
Aug 27, 2012
I am receiving the following error message on a Cisco 3750 switch stack. Need troubleshooting this error message.
00:03:13: %SW_MATM-4-MACFLAP_NOTIF: Host 00d0.7400.2730 in vlan 600 is flapping between port Gi2/0/3 and port Gi2/0/2
View 3 Replies
View Related
Dec 6, 2012
I am receiving this error after connecting a copper adapter on a GBIC blade in a 6509. Here are the results from the show Interface. I am waiting to confirm the device on the other side settings but as far as I see I get UP and Up for protocol and line respectively.
GigabitEthernet2/11 is up, line protocol is up (connected)
Hardware is C6k 1000Mb 802.3, address is 0009.11e4.f3ce (bia 0009.11e4.f3ce)
Description: RCPBSDEV
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
[code]....
View 3 Replies
View Related
Feb 9, 2013
When i connect the Router 2821 through the Consol get error message at regular interval of time %ENVMON-4-FAN_LOW_RPM: Fan 1 service recommended.
View 2 Replies
View Related
Sep 4, 2012
I encountered problem while trying to copy file from Nexus 5548 to my ftp server (proteus - 192.168.12.220 - the Nexus switch is able to resolve name proteus correctly to 192.168.12.220). See below the working and not working scenarios. I have serached through Cisco Bug Database but unable to find any related bug associated to this problem. This Nexus is running the following NX-OS version.
n5000-uk9-kickstart.5.1.3.N1.1a.bin
n5000-uk9.5.1.3.N1.1a.bin
Working (without specifying the username and full path)
[Code].....
View 1 Replies
View Related
Mar 4, 2013
I'm facing a problem regarding loss of ping packets when i do ping test from nexus3k to another nexus3k connected directly.however there is no error counters on the interfaces on both of devices.the ping failutre is occurring only whenever i do ping test with a large number of ping packets.I don't see the ping loss symptom with default ping test (default ping test is 5 packets).
H/W : N3K-C3548P-10G
S/W : 5.0(3)A1(1)
nexus3k# ping 1.1.1.2
PING 1.1.1.2 (1.1.1.2): 56 data bytes
64 bytes from 1.1.1.2: icmp_seq=0 ttl=254 time=2.732 ms
64 bytes from 1.1.1.2: icmp_seq=0 ttl=254 time=2.732 ms
[code].....
View 2 Replies
View Related
Nov 21, 2012
We are getting some error logs on Nexus VDC,as follows:2012 Nov 23 08:49:11 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 6 times 2012 Nov 23 08:50:21 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 7 times 2012 Nov 23 08:49:11 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 6 times2012 Nov 23 08:50:21 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 7 times.
View 1 Replies
View Related
Oct 19, 2012
We inserted GLC-T modules and on Nexus 5548 they are showing SFP validation Failed , as per Cisco doc GLC-T is support . Since we have 28 such modules and all after inserting showing same error. please see the below details. I also try configuring speed and inserting modules but no result ..let me know whether my GLC-T module is supported on Nexus 5548
INMUMFDS1SWCORE01# show module
Mod Ports Module-Type Model Status
--- ----- -------------------------------- ---------------------- ------------
1 32 O2 32X10GE/Modular Supervisor N5K-C5548P-SUP active *
2 16 O2 16X10GE Ethernet Module N55-M16P ok
3 0 O2 Daughter Card with L3 ASIC N55-D160L3 ok
[code]
View 6 Replies
View Related
Aug 28, 2012
I have 2 datacenters running same equipement (two Nexu 5596 with FEX).I just took a look at the log just to see if everything is ok and I saw that I have the same error message (a lot of times) at both location :
%SYSMGR-FEX100-5-HEARTBEAT_LOSS: Service "satctrl" heartbeat loss 2 ,max 7,I though it was a problem with my peerklink-keepalive connection but I see the word FEX ....so i'm not sure...
Note that at both locations, my Nexus are connected back to back through the management port using transceivers. So it's a copper cable from the first nexus, going into a transceiver, going to another transceiver in fiber and then back to copper to the other nexus.
View 2 Replies
View Related
Jan 27, 2013
We have purchased two new Nexus 3548 switches. According to documenation the Nexus 3K does support vPC. When trying to enable the feature I get this:
nexus(config)# feature vpc
Error: vPC feature is not supported
nexus(config)#
We are running software version version 5.0(3)A1(1) and it looks like the latest version is 5.0(3)A1(2) so that's not much of a difference.Am I missing something here?
View 4 Replies
View Related
Oct 29, 2012
We are getting some error logs on Nexus switch 7K.
Loggs:
----------
2012 Oct 30 22:36:07 SWITCH %CMPPROXY-STANDBY-2-LOG_CMP_UP: Connectivity Management processor(on module 6) is now UP
2012 Oct 30 22:36:40 SWITCH %SYSMGR-2-GSYNC_SNAPSHOT_SRVFAILED: Service "ipqosmgr" on active supervisor failed to sto
re its snapshot (error-id 0x40480005).
2012 Oct 30 22:36:40 SWITCH %SYSMGR-2-STANDBY_BOOT_FAILED: Standby supervisor failed to boot up.
2012 Oct 30 22:36:42 SWITCH %PLATFORM-2-MOD_REMOVE: Module 6 removed (Serial number JAF1550ATBR)
2012 Oct 30 22:42:08 SWITCH %BOOTVAR-5-NEIGHBOR_UPDATE_AUTOCOPY: auto-copy supported by neighbor supervisor, starting
[code]....
View 8 Replies
View Related
Jul 9, 2012
I've Nexus 7010 switch installed in my DC. I've conncected Cisco router to one of the Ports. On the same port I'm getting following error message and hence, unable to form EIGRP neighborship.
DR-CORE-SW-S01-NEXUS7K %MODULE-2-MOD_SOMEPORTS_FAILED:
Module 1 (serial: JAF*******NGK) reported failure on ports 1/2-1/2 (Ethernet) due
to R2D2 : Speed patch failed - no frames transmitted in device 143 (error 0xc8f0
1273)
View 1 Replies
View Related
May 15, 2013
I am getting continous logs on my 4507 Switch :
May 16 12:45:09.000: %C4K_RKNOVA-4-INVALIDTOKENEXPIRED: STANDBY: Suppressed 302 times)Expired token 16490 in the invalid token list (NumEntries: 6) of type IrmPortId other id == 4294967287
May 16 12:45:09.000: %C4K_RKNOVA-4-INVALIDTOKENEXPIRED: STANDBY: Suppressed 302 times)Expired token 16490 in the invalid token list (NumEntries: 6) of type IrmPortId other id == 4294967287
does it lead to high CPU utilisation as well ??
View 1 Replies
View Related
Apr 21, 2011
my ps3 shows a message saying 8003121 what time round about is it gunner be fixed
View 1 Replies
View Related
Apr 3, 2012
We are running a stack of 2 WS-C3750X-24S-E's with IOS version 12.2(58)SE2 and we are seeing continuous high processor utilization involving the hl3mm process. The stack is configured for PIM Sparse mode, with 2 upstream Nexus 5596'es acting as both RP candidates and as BSRs. The hl3mm process generally runs at about 19% but can spike up into the 60% range.Symptoms on the 3750X are spiking latency and sluggish CLI perfformance. I thought at first that we might be running into SDM limits, but the "show platform tcam utilization" show that we are far under the limits of the default SDM template. Performing the "show ip pim (vrf name) bsr-router" command freezes the system and takes 20-30 seconds to return results. Similiarly configured WS-C3750G-12S running 12.2(55)SE3 does not exhibit these same issues.
View 4 Replies
View Related
Jul 24, 2011
I have faced some problem with Cisco 1520 Series APs. Since few days, We got the log in wlc 5508 like this
"AP 'MAPNSY#WMI3', MAC: ac:a0:16:5c:45:00 disassociated previously due to AP Reset. Uptime: 0 days, 00 h 22 m 52 s . Last reset reason: operator changed 11g mode."
& then AP is rebooted. Here, I attached the screenshot of WLC 5508 Log.
View 5 Replies
View Related
Jan 3, 2012
I am having an issue with authorization on the Nexus 5548. Note: The tacacs configuration has and still works correctly with all non-Nexus gear.
Authentication succeeds, and initiatial authorization passes. However, all sh and config commands fail, though AAA Autho Config-Commands .... and Commands Default Group <Grp Name), are configured.
ACS generates the following error: 13025 Command failed to match a Permit rule. The Selected Command Set is DenyAllCommands. I created an AllowAll, but am unclear how to associate this with Access Policy.
View 1 Replies
View Related
Sep 29, 2012
Laptop connects to wifi network. But it shows "No Internet Access" message.My Macbook connects to the internet just fine and the wifi on my iphone works as well.The ethernet on the laptop works and I am able to access the internet this way. The laptop does connect to some of the other access points but I've had issues with my router.I tried the usual debugging mechanisms - disable/enable adapter, reset the router, reset the tcp/ip stack. [code]
View 1 Replies
View Related
Jul 18, 2011
how to add tacacs custom attribute to ACS 4.2 for Nexus 1000V:shell:roles="network-admin admin-vdc"In the interface configuration I've added new service, service - shell, protocol - tacacs+.In the group settings I've enabled this attribute configuration. And it is not works. Default privilege level is assigned to any user with access allowed.
View 8 Replies
View Related
