I have recently up swapped out an 877 router for an 887 router and have copied the config template accross however it will not take 3 of my commands.
AAA accounting system default stop-mly group tacas+
ip inspect name firewall cuseeme timeout 3600
dsl operating -mode auto
i have 4507R with dual supervisors (WS-X4013+10GE) with IOS cat4500-ipbasek9-mz.122-46.SG.bin the supervisor module are in 3 and 4, and I want to connection port 5, but i have interface and line protocol down "inactive" error.
So I realized to use command "hw-module" to change the module to GE port. However, I am not able to use the command as" I cannot use the command "hw-module uplink" as well.
I was wondering about command of Linkset subcommand at ITP7613.I have been using the Cisco7613 chassis for the ITP(SIGTRAN) service.
However, i know that the "tx-queue-depth" command is used for sctp multihoming buffersize that between primary and secondary path at the Link sub-command mode. but i can't adjust the changeover buffersize(retrieval buffer) that between link and another link at the Linkset subcommand mode.
It's above my comprehension.
My guess is that related to "plan-capacity-rcvd" command. it's right?I want to know command that adjust the buffersize of Link changeover.
I am switching a switch connecting to the ASA5550 tomorrow. My current switch is using fiber connecting to the ASA. The new one only support copper. If I switch between fiber to copper on the ASA (change media-type command on interface) will it cause a down time? I have VPN tunnel on the ASA and don't want the session to reset.
View 2 Replies View RelatedI am currently setting up a 2800 Series router, and prefer a username/password type authentication rather than a single enable password. To do this, I did:
Router(config)# username <myuser> privilege 15 secret 0 <mypassword>
Router(config)# username2 <myuser> privilege 15 secret 0 <mypassword>
Router(config)# aaa new-model
Router(config)# aaa authentication login default local
This basically does what I want - when I connect to the router through console, it immediately asks me for a username and password. The thing is - as soon as I provide the right credentials, it takes me to USER EXEC mode (the default command mode). Is it possible to change that so that after entering the credentials, I go right into privileged exec mode?
Bonus question: As it is now, I just have no enable password, so when I login with my credentials, I issue "enable" to enter privileged exec mode without it prompting for an additional password. Is it safe to do it this way - having no enable password but requiring a username and password for login?
I am trying to run the int range command and i am getting this error
View 19 Replies View RelatedI want to configure this:
ip vrf TEST
rd 65500:1
route-target export 65500:1
route-target import 65500:1
bgp next-hop Loopback500
on IOS-XR 4.3.0
What is the equivalent command on IOS-XR?
route-policy TEST1
set next-hop 1.1.1.1
vrf TEST
address-family ipv4 unicast
import route-policy TEST1
why the command "source cpu rp" has been removed from IOS15.0(1)SY1. I can succesfully configure the following ERSPAN on 12.2 SXJ3 but not on ios 15.x. Did not understand why cisco has descoped this command.
monitor session 10 type erspan-source
shutdown
source cpu rp rx (--- 15.0 has no such option on 6500 )
destination
[code]....
I would like to implement a zone based firewall on my ASA5510. Is ZBF possible on ASA? or is it strictly for routers? I know we've implementd ZBF using Sonicwall firewalls before. A little confused here as to why my ASA doesnt have the right commands.Maybe my version of ASA software is too old? It's 8.2 if i remember right.
View 11 Replies View Relatedwhy using ping to test the functionality of an ACL could proove insufficient?
View 9 Replies View RelatedI am trying to change SNMPv2 community string on 6509 remotely, without using expect script. I tried EEM applet (we cannot use TCL scripts), but it does not work. EEM command "action 10 info snmp oid 1.3.6.1.2.1.1.4 get-type exact" is supposed to store the result into an environment variable. It does not. Or at least not in the one that is documented. Is it a bug? We have IOS 12.2(17r)SX5. To get EEM version i ran "sh event manager version" and got "eem: (v240_throttle) 2.21.32". Does it mean i have EEM version 2.21?
View 6 Replies View RelatedI was just brushing up few things in GNS3 and after setting up an SLA.Now when I want to set the track ip I get not option for sla why??I am running c3725-adventerprisek9-mz.124-15.T5 shouldn't it be available?
View 2 Replies View Relatedhow to apply one command "wr" to all my Cisco Devices Managed by LMS 4.2?
View 2 Replies View RelatedWe recently purchased the Cisco Router 2951 router with the IOS 15.0. I have tried to put in my VIC2-4FXO card in it. When I did show invetery, it detected the card.[code] When I tried to configure the voice port by typing voice port, it shows % Invalid input detected at '^' marker. I have tried to reset the cad and replace with another one.
View 3 Replies View RelatedWe have an issue with ACS server 5.1.0.44.X. We want make a one user with few commands: show ip route static-table(deny other show commands)configure terminal, terminal length 0 ip route (with all possible arguments). All works fine except ip route command, when i try to type it I see - "This command is not authorized".
View 1 Replies View RelatedI have recently bought cisco 2901 in order to replace it with our 1811W that we have at the moment.When I try to set a failover / backup with rtr; it seems like the function is not valid.Once I select rtr and set the object #, the reachability command is not available.Does that mean this function is not a part from the license package I have?
View 6 Replies View RelatedI am in the process of migrating a production firewall from PIX 6.3 to ASA 8.4(2). This is going to be a complete firewall rebuild and I will not be upgrading the configs because they have become out of date and very bloated. I am in the process of converting the NAT commands.[code] I am hoping these commands would be enough to replicate the previous functionality. I removed all the static identity NATs because NAT control is no longer in place so those rules are not required. Additionally I didn't re-create the rules that had NAT ID 0 or 1 because it didn't look like they were doing anything. correct way to do the static NAT commands at the bottom.
View 3 Replies View RelatedI have to created command set under "Policy Elements>Authorization and Permissions>Device Administration" for limited access user in ACS 5.3. Like i triyed to give them permission to only few show commands. I have set user priviledge 1, 7, 10 however either of the priviledge level user was able to run those commands. I works like the shell priviledge level.
View 1 Replies View RelatedI am designing a new NAT configuration for an ASA 8.4
On my PIX 8.0 configuration I needed to allow bidirectional traffic between interfaces with different security levels. For example, Inside at 100 and dmz at 50.To accomplish this in 8.0 I used a static NAT command along with any necessary ACLs.
I now need to apply this same 8.0 config for 8.4. With the static command not availablein 8.4 I am unsure of which NAT commands to use to achieve the bidirectional traffic.
I am trying to run the following commands on a 2801 router, but the commands are missing:
mls qos
mls qos map cos-dscp 0 8 16 40 32 46 48 56
The only QoS command i have in global config is (no MLS qos) :
REMOTE-ROUTER1(config)#qos ?
restore-show-output Restore old show output
shape-timer Set the HQF shape timer interval
The router is running IOS:
System image file is "flash:c2801-ipbasek9-mz.151-4.M5.bin"
Am i just running the incorrect IOS or am i missing somehting, i need to change the QoS Map for my Nortel VoIP. The VoIP phones connect to a 3750 PoE which used to conenct to a 2651XM to route VoIP and data traffic over the same copper pairs (WAN link to hub site) hence the need for a Service policy but being Nortel phones, require changing the cos-dscp map. the 2801 is going to replace the 2651XM using a new HWIC.
After logging in to the ACS, what is the command to launch the GUI on a Cisco ACS 5.x.
View 1 Replies View Relatedwhat the new command is for NAT in version 8.3?The config i have is from Version 7.2 and doesnt work on 8.3. [code]
View 12 Replies View RelatedI'm trying to set up a command set in Cisco ACS 5.3, I can't get i to work no mather who I try What I'm trying to accomplish is that some users, say Bob can run every priv. level 1 command + show run, or just to specify which commands Bob will be able to run, whatever is easiest to set up.
In my switch I have the commands:
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands
aaa authorization commands 1 default group tacacs+
aaa authorization commands 15 default group tacacs+ <--- tried diffrent apporaches whith priv level..
(and specied a tacacs server)
is the "default" under "aaa authorization commands 1x default group tacacs+" the name of the command set?
In the ACS I have specied a Authorization group and binded it to the command set, should the user have priv 15 for this to work or priv 1?(I have also specied a user and an identity group and specied ip ranges under "Network Devices and AAA Clients")
I have two C1941.The first C1941 does not support SNTP but the second C1941 supports SNTP. The only difference which I can spot is their license. The first C1941 does not have security license but the second C1941 has. What is the URL that has info on what IOS commands are supported on IPbase license, sec license..etc
First C1941
C1941_1(config)#do sh ver Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)Technical
[Code].....
I have a problem with the ACS 5.2 configuration: I am trying to use the AAA authorization to centralize privileges and commands but only the privilege level is sent to router, the command set aren't sent.
The test cenary is this:
ACS 5.2Router 2900 family IOS 15.0
The ACS is configured with:
Shell Profiles (to match with a privilege level), Command Sets (with the command list), Service Selection Rules (to set to one service) and Authorization (to assign one shell profile and one command set).
The router is configured with the follows commands:
[code]....
Attached is what i have done for command authorization for privilege level user 2
View 27 Replies View RelatedI have a 7606 router with sup 720-3bxl. IOS has been crashed recently and i can use only Roman mode now. Ive tried to upload ios image using tftp server but the command tftpdnld id not available in this router. I don't know why. Then i tried to boot from flash disk but finally it also shows an error like
System received a Software forced crash signal= 0x17, code= 0x24, context= 0x42359674 PC = 0x402d248c, Cause = 0x1020, Status Reg = 0x34008002
How to make the router in running condition.
I just purchase Cisco LAP-1042N for my office network expansion. When i console into the AP via serial. I am not able to used "configure terminal" command to set my AP name,static IP address.
I tried using "debug lwapp console cli" command it did not work. below is the capture screen of the error i am getting when assigning AP hostname. Error message : command is disable.
I'm coming from a 5505/5510 ASA to a 5512x. I see the following 7.2 commands are now set with the NAT command in 8.6:
-------------begin 7.2 commands---------------------
global (outside) 1 interfaceglobal (inside) 10 interfaceglobal (wireless) 1 interfacenat (inside) 0 access-list nonatnat (inside) 1 192.168.3.0 255.255.255.0static (inside,outside) tcp interface www 192.168.3.114 www netmask 255.255.255.255static (inside,outside) udp interface 5008 192.168.3.117 5008 netmask 255.255.255.255static (inside,outside) tcp interface 3390 192.168.3.101 3389 netmask 255.255.255.255static (inside,outside) tcp interface h323 192.168.3.118 h323 netmask 255.255.255.255
--------------end 7.2 commands----------------------
What is the command switch (the letter/s that you use withsign after the command) that can be used for displaying the per protocol statistics with the above command
View 1 Replies View RelatedI am using ASA 5520 Image in GNS3, when i come in Configuration Mode and try to create Tunnel through command "interface Tunnel 0", but this command doesn't exist. I need this command to create Tunnel for GRE Lab.
View 2 Replies View RelatedI have copied status codes from show ip bg command output and its explanation (from Cisco documentation site)., d and h (suppressed, dampened and history). I read somewhere that these are to control flapping routes. But not able to understand it completly.Raised this question in a couple of forums but didnt get a proper reply.The table entry is suppressed.??The table entry is dampened. ??The table entry history. The table entry is validThe table entry is the best entry to use for that network.
View 2 Replies View RelatedWith the network command you can inject routes from the routing table into the BGP process.Why the need to redistribute routes from another routing protocol into BGP using redistribution if you can do the job with the network command?
View 11 Replies View Related
