Catalyst 2950 - Radius
Is it possible of crypter the password radius-server on a catalyst 2950. (example: "radius-server key 7 toto")?
Tagging on to this discussion from another thread in the forum:
Actually the answer to this question is very highly release dependent. Earlier releases did not support it. Current releases do. I am not sure where the change is and believe it may be a 12.3 (or maybe even a 12.3T) enhancement. I have quite a few routers (most with TACACS and some with Radius) where the key is encrypted. When I started with those routers the key was not encrypted. At some point in doing a software version upgrade the keys for TACACS/Radius started being encrypted.
The encryption of the TACACS/Radius key is part of the service password encryption. The service has been enhanced several times to increase the number of keys that it protects. If you have service password encryption enabled (and in a live network I hope that you do) and have a release that supports the new enhancement your TACACS/Radius key will be encrypted automatically. If your version of IOS does not support it yet the key will not be encrypted.
HTH
Rick
Similar Messages
-
Hello!
Please, could you help me? Is it possible to install ISE on Catalyst 2950? In Component Compatibility Guide
http://www.cisco.com/en/US/docs/security/ise/1.0.4/compatibility/ise104_sdt.html
Catalyst 2950 only support 802.1X and VLAN.
At first I need to know about VLAN change(from resticted to corporate). Is Catalyst 2950 support it?
Thaks for help!this would let both user and machine authenticate. for"5434Endpoint conducted several failed authentications of the same scenario" check Suppress Anomalous Clients option. This issue comes in to picture when endpoint attempts a couple of failed authentications and if Suppress Anomalous Clients option with Reject Requests After Detection is enabled then ISE Policy nodes protect themselves from overwhelming numbers of authentication requests by sending an immediate reject for suppressed clients as opposed to processing all the steps in a normal authentication. So if that user did some authentication failure, he will be locked for 1 hours (bydefault).
-
Hi,
I have a doubt about the Catalyst 2950 series, i need to pass both IP and OSI traffic trought a 2950 switch. Is it supported?
ThanksThe 2950 is a layer2 switch. Anything carried over ethernet will go, no matter which layer3 protocol is used.
Regards,
Leo -
Cluster Management Software on Catalyst 2950
Hi There,
I was wondering if anyone would be kind enough to provide me with some help on getting the CMS software running on a Cisco Catalyst 2950 Switch. I have followed all the instructions I could find on getting the software to load from the Switch, but it will not load. Can anyone help me?
Thank you in advance.
John Grikes
[email protected]You can start from: http://www.cisco.com/warp/public/473/59.html
-
Catalyst 2950 Switch flash_init error
Hi Everyone,
I'm new to Cisco products and have a small home lab set up. I have a Catalyst 2950 switch that I would like to restore to factory defaults. Here is the issue I'm having and can't figure out.
I pull the power, telnet into the console port, hold the mode button and restore power. The boot loader (Version 12.1(11r) starts and says the usual message the system was interrupted prior to flash initialization (Paraphrasing here)
I get to the switch: command line, enter flash_init. Flash states it initialized and then all I get is a < with an underscore under it prompt. Anything I try to type comes up as bizarre characters and I can not get back to a switch: prompt unless I reboot the switch manually. Unsure of what to do here.
Thanks in advance!
-Matt
Telnet session:
C2950 Boot Loader (C2950-HBOOT-M) Version 12.1(11r)EA1, RELEASE SOFTWARE (fc1)
Compiled Mon 22-Jul-02 18:57 by antonino
WS-C2950T-24 starting...
Base ethernet MAC Address: 00:06:52:bb:c9:40
Xmodem file system is available.
The system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
flash_init
load_helper
boot
switch: flash_init
Initializing Flash...
flashfs[0]: 4 files, 2 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 3726848
flashfs[0]: Bytes available: 4014592
flashfs[0]: flashfs fsck took 7 seconds.
...done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
õíííííí <---These characters appear no matter what keys I hit.Hi mattymattlynch
Check the workaround on the following documents:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-2950-series-switches/41845-192.html
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2950/software/release/12-1_22_ea11x/configuration/guide/scg/swtrbl.html
If no luck , the flash might be corrupted and requires a replacement.
Hope this helps
-Randy- -
Cisco Catalyst 2950/2960/3750 Multicast Traffic Preference
Hello all,
we, as a student company act as an ISP for university dormitories. We would like to (if it's possible) deploy QoS to prefer multicast traffic over all other types of traffic.
Devices used in network:
Acces layer: Cisco Catalyst 2950, 12.1(22)EA14
Dristribution layer: Cisco Catalyst 2960G, 12.2(58)SE1
Core layer: Cisco Catalyst 3750G, 12.2(52)SE
Do you see any possibility to solve this with these devices? We have almost no experience with QoS, therefore any help would be greatly appreciated.
Thanks in advance.Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Hmm, I think it should be doable although the 2950s, if non-E variants, are especially weak in QoS features. I.e. those might create some issues.
With the 2960G and 3750G, you often will create problems when you enable QoS because QoS, by default, allocates its buffers resources for 4 egress queues per port rather than using all for 1 egress queue per port. However, this can be countered by QoS parameter tuning, but that takes some QoS expertize to match to your traffic and your overall QoS policy. -
Trunking Catalyst 2950 to Catalyst 3750 problem
I cannot seem to figure out how to trunk a catalyst 3750 to a Catalyst 2950.
I've set
3750(config)#interface fastethernet 1/0/2
switchport mode trunk
switchport trunk encapsulation dot1q
BUT my Catalyst 2950 does not offer the "switchport trunk encapsulation dot1q" command
My 2950 is running IOS version 12.1(20)EA1a
is there a work around for this situation. Our network still employs a bunch of these 2950's.The Catalyst 2950 series can only do 802.1Q trunking. It's the default, and only, choice. So there's no need to specify it when trunking.
In fact, since you don't have a choice of which encapsulation to use, there's no need for a "switchport trunk encapsulation" command. Which is why it's missing from the Cat2950 switch IOS.
This took me by surprise too, when I first transitioned out of the 3500XL series into 2950 and 3550 switches. -
I have a Catalyst 2950 series 12 prt. switch. When the switch is booting I receive the following error: "00:00:13: POST: Packet DA mismatch on port: 9"
What does this message means? Can I still use this port?
Kind regards,This is part of the power on self test(POST).
The switch sets the interface to loopback and sends
a packet. If anything is wrong or changed with
the packet then you get an error. In this case
the DA (destination address) was changed on
the received packet. I assume since this is a
switch they are referring to the layer2 address.
I would think this would indicate a possible hardware
failure. -
IP Accounting on catalyst 2950
Hi all,
Is there a way to find out traffic information from source IP to destination IP, like ip accounting used on routers, on the catalyst 2950 switch. My switch has the standard image.
Also what performance impact would it have on the switch, if possible to implement.
Thanks,
GeorgeHi dukenukem,
no there is no way of interpreting flow information that way on a c2950. A c2950 is a L2 Device. Normally it doesn't really care about ip adresses.
Regards,
Sebastian -
DHCP on Cisco Catalyst 2950 Switch
Hello
I need to configure my cisco catalyst 2950 series switch in order to act as DHCP server for devices connected to its ports.
Please say me, how to do that ?
Thank you
NarekPlease find the sample DHCP configuration for one of the VLANs.
Interface Vlan1
description Cisco DHCP
ip address 10.10.2.1 255.255.255.0
ip dhcp pool cisco
network 10.10.2.0 255.255.255.0
default-router 10.10.2.1
domain-name mydomain.com
dns-server 10.10.2.10
netbios-name-server 10.10.2.15
lease 7
A 24 hour lease is the default if left out and the netbios-name-server is WINS in the Windows world.
If you want to use DHCP server for other VLANs as well create similar DHCP pools and assign the DG to the corresponding VLAN interface IP.
HTH, rate if it does
Narayan -
CATALYST 2950 SERIES - CLEAR OPT TABLE & DISABLE CASH
I have 2 cisco switches model - catalyst 2950 series, i recently had an network issue regarding an ip conflict with one of my member servers, after being on the phone with microsoft support for 6 days, we were able to resolve the problem by locating the correct mac address and clearing the "OPT table on the switches" by unplugging and replugging the power cord. In order to prevent this from happening again, Microsoft had asked me to contact cisco and ask the following questions, " Are these swiches managable via the gui? and we also need to make sure that the "Arp Cash is disabled on the switches" can anyone help in this matter? Thanks in advance.
Hi Arrowext289,
Thank you for your question. However the Small Business Support Community is limited to Cisco Small Business Products.
Your question below relates to a Cisco Classic Product which our community would not be able to help you with.
The best area for you to post your question would be at the Cisco NetPro forums switching area located here: https://supportforums.cisco.com/community/netpro/network-infrastructure/switching
Best regards,
Cindy
Cindy Toy
Small Business Community Manager
Customer Advocacy
Cisco Systems, Inc.
www.cisco.com/go/smallbizsupport -
Catalyst 2950 bandwidth limitation
Hello,
please, can anyone tell me if it is possible to limit bandwidth on Catalyst 2950 switch on per VLAN basis.
Thanks in advance.
Maxime FrolovHello Amit,
I'll try to clarify my problem. I have a 2950 (Standard Image) with a giga uplink to a 6500. On the 2950 I have a VLAN composed of 4 ports. I' like to limit the use of the uplink link of this VLAN or at least of one port to 20%. Would it be possible on 2950 SI or I'll have to upgrade to EI whitch implyes hardware changes ? Or it just impossible on 2950 and I'll have to migrate to 3750 ?
Regards.
Maxime Frolov -
RARP Server for Catalyst 2950 Switch
Is there a RARP Server capability for the Cisco Catalyst 2950 Switch? I know that Cisco Routers support an "ip rarp-server" command. Do Cisco Switches support RARP?
To the best of my knowledge, the RARP protocol is working with cisco 2950 switch and also it supports in most of the cisco products.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a00800f0804.shtml -
Catalyst 2950 Series - Monitoring Port
Do the catalyst 2950 series have a port that can be used to connect a device that is designed to monitor all traffic on the switch - we are looking to install Webspy to track network & internet usage. The Sentinal product would best be connected to the switch where it can record all traffic - it needs a monitor port or some such equivalent.
Hi,
The 2950 does indeed support that - the functionality is called Switch Port Analyzer (SPAN). The following link has details on how to configure it:
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84c5.html
Hope that helps - pls rate the post if it does.
Paresh -
Hello,
I am using a catalyst 2950 switch and connecting machines which have the operating system as TRU64 UNIX 5.1B (HP make DS25 servers) and WINDOWS XP Professional. The WINDOWS machines are getting connected on the network ( I am able to PING each other), but the UNIX machines are not getting connected on the network. The port LED on the switch is normal (GREEN). The netstat -r command on the UNIX machine shows default as defgw (/etc/routes) and the IP of defgw is defined in the /etc/hosts file. But there is actually no such gateway.
Please help me to get the UNIX machines connected on the network.
Thank You very Much
Best Regards
S R VijayanI wonder if the Windows machines are configured to use DHCP? If they are configured for DHCP and there is a DHCP server that is reachable, then it explains why the Windows machines have reachability to each other. If there is not a DHCP server available then the Windows machines are probably taking addresses in 169.254 (which is the default for Windows when it can not acquire from DHCP). This would also explain the ability of Windows machines to communicate with each other. Can the original poster clarify what IP addresses the Windows machines are using?
Then the question becomes how are the Unix machines configured? Are they supposed to use DHCP? Is so is the DHCP server reachable? If not how is the interface on the Unix box configured?
I also think that the suggestion about verifying whether the switch is configured with more than one VLAN is an excellent suggestion.
HTH
Rick
Maybe you are looking for
-
Problem with EventHandler in OIM 11g
Hi All, I followed the Part I(Chapters 6,7 & 30) in pdf file shown below http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14309.pdf I developed the plugin and registered the plugin for custom eventhandler. Iam not able to see the defined eventh
-
How do i get Apple Mac to sync to ICloud? Contacts are different on mac, iCloud to iPad
trying to get my apple mac and iPad to sync. I have an iCloud account but it is not backing up my mac and doesn't show my iPad if i log in from my mac. Contacts or photos not updating.
-
My contact setting is default for Netherland and want to resync with *228 but because of I'm not active account holder with Verizon, they can't reset it for me. I bought it from other people and I checked the ESN , its clean one with no contract. Wha
-
Hi All, Before i mention about the issue i am facing i would like to brief about my process. In HCM process and forms i have a form where user1 will modify the position and submit it. user2 will approve the request, which updates the records in back
-
ELVIS 1 AND ELVIS II LABVIEW VIs COMPATIBILITY
I am currently working on a project that was previously using Labview (8.5.1) vis built for elvis I, we have now moved on to Elvis II and are experiencing problems that are believed to be steming from the differences in channel configurations. Could