Cannot Telnet to 6500 switch

Similar Messages

• Cannot Telnet to ACE 4710 after upgrade to A4(2.3)

           I have a pair of ACE 4710s with 12 contexts sharing the load, running A4(2.1). Yesterday I upgraded one of them to A4(2.3)
  now I cannot telnet to the Admin context.Pings ok. I can telnet to other contexts on the box and everything seems to be working ok   
  when i do a " sh telnet"
  comes back with
  No Session Information is available
  sh telnet maxsessions
  telnet maxsessions 16
  Can anybody help?

  further this post, it was not a resource problem as had allocated 5% for the Admin context.
  I up graded IOS Saturday evening, could not Telnet in, tried again on Sunday same result,
  though this morning (Monday) Can now telnet in ok very strange
  I was connecting via the AUX line of a 2851 router to the console port.
  whe I disconnected this morning I saw the following message
  INIT: id "T0" respawning too fast : disabled for  5 minutes
  not sure if this is a 2851 message or an ACE message, but after getting that message is when I was able to Telnet in
  was it a coincidence
  anybody any ideas

• Switched video settings on my Mac Mini and now the bloody thing shows "Invalid Format" on my TV (used as monitor for years) and I cannot get it to switch back.

  Switched video settings on my Mac Mini and now the bloody thing shows "Invalid Format" on my TV (used as monitor for years) and I cannot get it to switch back.
  What can I do to get it to work again as more than an overpriced paperweight?

  Hello,
  Safe Boot from the HD, (holding Shift key down at bootup), see if you can set a good resolution.

• Configuring the Catalyst 6500 Switch for IPS Inline Operation of the IDSM

  I understand how to configure the Catalyst 6500 switch so that the monitoring ports are access ports in two separate VLAN's for inline operation.
  However, I don't see any documentation that describes how the desired VLAN traffic gets forced through the IPS.
  In promiscuous mode, you can use VACL's to copy/capture and forward the desired traffic to the IDSM for analysis. I'm not seeing how to get the desired traffic through the IPS.
  Note that the host 6500 is running native IOS 12.2(18)SXE.
  Thanks for any assistance.

  A tranparent firewall is a fairly good comparison.
  Let's say you have vlan 10 with 100 PCs and 1 Router for the network.
  If you want to apply a transparent firewall on that vlan you can not simply put one interface of the firewall on vlan 10. Nothing would go through the firewall.
  Instead you have to create a new vlan, let's say 1010. Now you place one interface of the firewall on vlan 10 and the other on vlan 1010. Still nothing is going through the firewall. So now you move that Router from vlan 10 to vlan 1010. All you do is change the vlan, the IP Address and netmask of the router stay the same.
  The transparent firewall bridges vlan 10 and vlan 1010. The PCs on vlan 10 ae still able to communicate to and through the router, but must go through the transparent firewall to do so.
  The firewall is transparent because it does not IP Route between 2 vlans, instead the same IP subnet exists on both vlans and the firewall transparently beidges traffic between the 2 vlans.
  The transparent firewall can do firewalling between the PCs on vlan 10 and the Router on vlan 1010. But is PC A on vlan 10 talks to PC B on vlan 10, then the transparent firewall does not see and can not block that traffic.
  An InLine sensor is very similar to the transparent firewall and will bridge between the 2 vlans. And similarly an InLine sensor is able to InLine monitor traffic between PCs on vlan 10 and the Router on vlan 1010, but will not be able to monitor traffic between 2 PCs on vlan 10.
  Now the router on one vlan and the PCs on the other vlan is a typical deployment for inline sensors, but your vlans do not Have to be divided that way. You could choose to place some servers in one vlan, and desktop PCs in the other vlan. You subdivide the vlans in what ever method makes sense for your deployment.
  Now for monitoring multiple vlans the same principle still applies. You can't monitor traffic between machines on the same vlan. So for each of the vlans you want to monitor you will need to create a new vlan and split the machines between the 2 vlans.
  In your case with Native IOS you are limited to only 1 pair of vlans for InLine monitoring, but your desired deployment would require 20 vlan pairs.
  The 5.1 IPS software has now the capability to handle the 20 pairs, but the Native IOS software does not have the capability to send the 40 vlans (20 pairs) to the IDSM-2.
  The Native IOS changes are in testing right now, but I have not heard a release date for those changes.
  Now Cat OS has already made these changes. So here is a basic breakdown of what you could do in Cat OS and you can use in preparation for a Native IOS deployment when it gets released.
  For vlans 10-20, and 300-310 that you want monitored you will need to break each of those vlans in to 2 vlans.
  Let's say we make it simple and add 500 to each vlan in order to create the new vlan for each pair.
  So you have the following pairs:
  10/510, 11/511, 12/512, etc...
  300/800, 301/801, 302/802, etc....
  You set up the sensor port to trunk all 40 vlans:
  set trunk 5/7 10-20,300-310,510-520,800-810
  (Then clear all other vlans off that trunk to keep things clean)
  In the IDSM-2 configuration create the 20 inline vlan pairs on interface GigabitEthernet0/7
  Nw on each of the 20 original vlans move the default router for each vlan from the original vlan to the 500+ vlan.
  At this point you should ordinarily be good to go. The IDSM-2 won't be monitoring traffic that stays within each of the original 20 vlans, but Would monitor traffic getting routed in and out of each of the 20 vlans.
  Because of a switch bug you may have to have an additional PC moved to the same vlan as the router if the switch/MSFC is being used as the router and you are deploying with an IDSM-2.

• Assigning multiple areas to SVI's created on 6500 Switch

  Hey, We are having Cisco 6500 Switch at aggregation layer where all our SVIs are created and we need to advertise them in OSPF for reachability purpose. Now we are using L2 campus model so access layer is not running any routing protocol but we need to segregate our SVIs traffic based on different buildings. We are doing this by assigning unique areas to a group of SVIs while advertising in OSPF. My question is, is this a recommended way ? or we have to advertise all the SVIs in Area 0? because we don't have multiple areas but still we are adding them while advertising at 6500 switch. Thanks.

  Having said that, i am still confused whether is it a good approach or we should advertise all our SVIs directly into OSPF Area0.
  Using an area per building seems unnecessary because all the L3 routing is done on the aggregation layer so it doesn't really make a lot of sense, at least to me.
  I think using one area for all SVIs may be a good idea because then you can simply advertise one summary for the all the SVI subnets into area 0 towards the core.
  This is assuming you can summarise all the aggregation IP subnets with one summary address.
  Even that may not be necessary as it depends on the rest of your topology.
  For example if your core connected multiple buildings as in a campus and each building had a distribution pair of switches connected back to the core then yes it would make sense to use an area per building/site and only advertise a summary to the core.
  Up to you really.
  Jon

• Who is anybody using a WISM with FWSM on a CAT 6500 Switch?

  Hi
  Who is anybody using a WISM with FWSM on CAT 6500 switch ?
  Are there any problem,if use?
  And How can I set them to connecting each other ?
  I have founded a document relate it on the cisco website that name is Integrating Cisco WiSM and Firewall Service Module.
  I have a question concern it.
  Why do I have make a VRF to communication each other ?
  Please let me know.

  As far as the FWSM is concerned you can have each of the wireless vlans come in to the same context of the FWSM and then just add those vlans to the FWSM as separate vlans.

• AP, WiSM module and 6500 switch

  Hi guys,
  1.How many WiSM modules can be installed in a 6500 switch?
  2.A module can support 300 APs. How many APs a 6500 switch with WiSM modules can support?
  3.How many APs in a cluster that some 6500 switches with WiSM modules can support?
  Thanks,
  yytellmey

  1. I believe a 6509 can handle 5 WiSMs, though I've found 4 more realistic when considering the need for uplinks and service modules.
  2. Based on 5 WiSMs, you can have 1500 per chassis. Again, I tend to stick with 4, or 1200 APs per chassis.
  3. There is no hard limit that I am aware of. WCS on a VERY high-end server can handle ~2500 APs when running Linux WCS. As with the above, this works well with 1 WCS per 2 chassis if each has 4 WiSMs.

• Cannot Telnet into 1921 router

  Please  Help, I cannot telnet into my 1921 router and not sure how to fix this.   See below.
  line con 0
   password 7 XXXXX
   logging synchronous
   login local
  line aux 0
  line 2
   no activation-character
   no exec
   transport preferred none
   transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
   stopbits 1
  line vty 0 4
   password 7 XXXXXX
   logging synchronous
   login local
   length 0
   transport input none

  Hello Brad,
  Try entering
  line vty 0 4
  transport input telnet
  Hope this helps,
  if so, please rate.

• Cannot Telnet back into standby ACE after upgrading to V4(2.1)

  I am in the process of upgrading from v3.2.5 to v4.2.1, i have been follwing the upgrade/downgrade guide forv4(2.0) for my redunanant pair of ACE 4710.
  everything ok, following procedure after the standby is reloaded and comes up to standby-warm, Iget the license incompatabilty message on the primary.
  but I cannot telnet back into the standby, i can ping it ok though.
  I am loathe to go any further, and do the 'ft Switchover all' and reload the primary incase I cannot telnet back into the primary when it comes back up.
  Is this a known problem? whats the fix?

  Hi, I have a similar problem, when I want to telnet to the ACE sometimes does not work, can you tell me how can I give to the admin context more resources?

• Intervlan Routing with 6500 switch

  I am designing an upgrade to our current network that will contain a 6500 switch and i wanted to setup vlans with the switch. I know that this switch has the ability to perform routing on its own so i do not need an external router to route between the vlans but if that is the case what default gateway do i give each vlan? Do i give the vlan ip address as the default gateway for the end devices or do i use an IP address in the switch somehow as the default gateway?
  Thanks.
  Pete

  Hi,
  Think of the MSFC as a router with many different interfaces. Your router itself would only have one default gateway for all those interfaces. For the clients, they will sit in each VLAN that you create. The clients default gateway will be the VLAN IP address (or HSRP address) on the 6500 that they sit. So, if you create vlan100 and put an IP address of 10.10.10.1 on the vlan100 interface..the 10.10.10.1 address would be the gateway for the clients in vlan 100. If you create a vlan200 and put an IP address of 10.11.11.1 on that interface..all the clients that are in vlan200 would have the gateway address of 10.11.11.1.
  Hope that helps.

• How to telnet to Edge Switch

  Dear Experts,
  I'm going to try configure on how to telnet to Edge switch but still no result. My Network topology is below:
  - 1 Core Switch 3560
  - 3 Edge Switch 2960
  I'm configured 4 VLAN:
  + Vlan 19: 10.19.10.0/24
  + Vlan 20: 10.20.10.0/24
  + Vlan 21: 10.21.10.0/24
  + Vlan 22: 10.22.10.0/24
  On each Vlan, I was assigned Vlan interface IP. 
  I'm using VTP mode (Server and client) to trunking VLAN and Core SW is standing a VTP Server. I can telnet to Core SW using VLAN Interface IP. 
  The question is how can I configure to telnet to Edge SW? 
  Has somebody help me on this?
  Thanks in advance!
  JH

  Hi,
  From looking at your topology, the configuration should work. You should be able to telnet into the edge switches from anywhere in the network using the ip addresses of the vlan interfaces on each switch.
  What exactly is the issue you're experiencing?
  Are you able to ping the switch ip addresses?
  Looking forward to hearing from you

• Can only telnet from other switches to a SG300 switch. Also can't access web interface.

  For whatever reason I can telnet from another switch to the SG300 switch but not directly to the switch. I also can't access the web interface or ping the switch. Any help would be appreciated. Here is the running config
  config-file-header
  WasteWaterSG30010MPP
  v1.3.5.58 / R750_NIK_1_35_647_358
  CLI v1.0
  set system mode switch
  file SSD indicator encrypted
  ssd-control-start
  ssd config
  ssd file passphrase control unrestricted
  no ssd file integrity control
  ssd-control-end xxxxxxxxxxxxxxxxxxxxxxxx
  vlan database
  default-vlan vlan 2
  exit
  vlan database
  vlan 2,75,200,999
  exit
  voice vlan id 200
  voice vlan oui-table add  ________
  voice vlan oui-table add _phone_____________
  voice vlan oui-table add ___________________
  voice vlan oui-table add ______________
  voice vlan oui-table add
  voice vlan oui-table add ___________
  voice vlan oui-table add ___
  voice vlan oui-table add ______________
  hostname WasteWaterSG30010MPP
  line console
  exec-timeout 0
  exit
  line telnet
  password 382fda4a4a26e6637edac0eb8b8ba4581087d32d encrypted
  exit
  line console
  password 382fda4a4a26e6637edac0eb8b8ba4581087d32d encrypted
  exit
  enable password level 15 encrypted 382fda4a4a26e6637edac0eb8b8ba4581087d32d
  username admin password encrypted 382fda4a4a26e6637edac0eb8b8ba4581087d32d privi
  lege 15
  snmp-server location XXXXXXXX
  snmp-server community String1 ro view Default
  sntp server 172.16.2.1
  ip telnet server
  interface vlan 2
   ip address 172.16.2.23 255.255.255.0
   no ip address dhcp
  interface gigabitethernet1
   storm-control broadcast enable
   storm-control broadcast level 10
   storm-control include-multicast
   port security max 10
   port security mode max-addresses
   port security discard trap 60
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
   macro description ip_phone_desktop
   !next command is internal.
   macro auto smartport dynamic_type unknown
  interface gigabitethernet2
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet3
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet4
   storm-control broadcast enable
   storm-control broadcast level 10
   storm-control include-multicast
   port security max 10
   port security mode max-addresses
   port security discard trap 60
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
   macro description ip_phone_desktop
   !next command is internal.
   macro auto smartport dynamic_type unknown
  interface gigabitethernet5
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet6
   spanning-tree portfast
   switchport mode access
  interface gigabitethernet7
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet8
   spanning-tree portfast
   switchport mode access
   switchport access vlan 999
  interface gigabitethernet9
   spanning-tree link-type point-to-point
   switchport trunk allowed vlan add 75,200,999
   switchport trunk native vlan 2
   macro description switch
   !next command is internal.
   macro auto smartport dynamic_type switch
  interface gigabitethernet10
   spanning-tree link-type point-to-point
   switchport trunk allowed vlan add 75,200,999
   switchport trunk native vlan 2
   macro description switch
   !next command is internal.
   macro auto smartport dynamic_type switch
  exit

  A member of which VLAN ID is that device from which you trying to reach that switch?
  Is that device directly connected to switch WasteWaterSG30010MPP? If yes, to which port?
  If you are connecting from different VLAN than VLAN2, are you using routing between VLANs? Where is that routing device connected to?
  > I also have another switch that connects to the network through this switch and am able to telnet to it.
  that second switch member of same VLAN 2? Or management is part of different VLAN?
  ..too few information to be able to give you final answer.

• How to count/determine downtime of Cisco 6500 switch?

  Hello,
  I work with cisco 6500 switches. now we need to evaluate the down time of all switces. now we using cacti to query system information to switches using SNMP, but some times cacti didnt get the data because of high cpu in switch so the switch stop di SNMP service. because of that, the data in Cacti not valid to determine our switch Downtime.
  Is there any tools or ather way to monitor Cisco switch downtime??
  Thanks a lot. 

  just like a reminding system. it can be send an email or some message.
  EEM can be configured to send someone an email when some kind of "event" is triggered, such as an uplink goes DOWN/UP.  
  However, the chassis can't send an email if it's down but can be configured to send out an email when the supervisor card boots up.  

• WISM Controller and 6500 Switch power cycled

  Has anyone come across this issue where if the 6500 switch is reloaded or power cycled that 8 out of 10 interfaces on the WISM become administratively down this does not happen if you reload just the wism or power cycle the controller.
  the softwear loaded on the switch is as follows.
  Supervisor Engine 720 10GE with f/w 8.5(2) and s/w 12.2(33)SXH
  WiSM WLAN Service Module with f/w 12.2(14r)S5 and s/w 12.2(33)SXH
  any suggestions as to how to sort this so it loads all the interfaces as up from the power cycle or reload of the switch would be welcome have already made sure the config is saved but still happens.
  Jeremy

  1. I believe a 6509 can handle 5 WiSMs, though I've found 4 more realistic when considering the need for uplinks and service modules.
  2. Based on 5 WiSMs, you can have 1500 per chassis. Again, I tend to stick with 4, or 1200 APs per chassis.
  3. There is no hard limit that I am aware of. WCS on a VERY high-end server can handle ~2500 APs when running Linux WCS. As with the above, this works well with 1 WCS per 2 chassis if each has 4 WiSMs.

• Cannot telnet

  Hi everyone,
  I have to work on a 1811 Series router at my work and scrub some configurations off of it and hand it to another company.
  As part of the process I had to configure a temporary easy telnet access and then leave the device to them so they can do what ever they want with it.
  Here is the erroe I get after I did the configuration
  telnet 10.x.x.x
  Trying 10.x.x.x ... Open
  [Connection to 10.x.x.x closed by foreign host]
  The line vty 0 4 and 5 15 are both configured with a pass, login is configured and both tranport input and output are configured on both. they routing on other devices on the network is fine and I can ping this device but cannot telnet to it. There is no access lest configured and no other special configuration going on.
  As you can see there is no message of password not set and it just says connection to 10.x.x.x is closed by foriedn host.
  If anyone could come with a clue I really appreciate it as this device is 4 hours drive from here and I would like to avoid that by any means.
  Best regards, 

  Did you perhaps configure aaa new-model on that router? and going a step further did you perhaps configure aaa authentication login on that router?
  Either of these could result in the symptoms that you describe.
  HTH
  Rick