Cisco Switch listening on tcp 25, 110, 143

Similar Messages

• Access to Cisco Switch Modbus Register Map? via Modbus TCP or Modbus RTU

  Hello Folks, I have been trying to find out how to access the Modbus Register Map(s) of Cisco switches, of particular interest is that of an IE 3000 as it is din rail mountable (but for models 2960s, 3560s are also of interest).  A google search for: Cisco Switch Modbus TCP results in (if I may) how to configure a Cisco 2520 to do what I am trying to do.  I would be very grateful for any hints anybody might have.  Thanks

  Though I am not familiar with the specific drives in question, I have used Modbus/TCP in LabVIEW a few times recently.
  As the previous posters pointed out, there are a couple of VI libraries available.  LabVIEW 2014 added Modbus VI's with the DSC and LabVIEW Real-Time.  The others you would have to get and add in yourself.
  Another option is to use LabVIEW I/O Servers; as long as you have DSC or Real-Time, you can create Modbus I/O Servers as library items and deploy to a target.  You don't get as much direct control in this way (and may run into difficulties if you need them to be field-configurable and do not have DSC) and use bound network shared variables, but they are very fast and easy to setup and I have yet to have any issues with using them in my applications.
  A tutorial on setting up a Modbus I/O Server: http://www.ni.com/tutorial/13911/en/
  A tidbit on deciding between Modbus VI's and a Modbus I/O Server: http://zone.ni.com/reference/en-XX/help/370622M-01/lvmve/choose_modbus_ioserver_vi/
  As for using an Ethernet switch to connect multiple devices, I have used this approach many times to simultaneously connect and control numerous PC's, real-time controllers, and drives without issue.  I would not expect there to be any problems unless you have extenuating circumstances.  In fact, if you only have one network interface on your device at the moment, I would recommend against adding a second, as this would mean that you / your controller would have to be extra aware of which interface everything is assigned to go through.

• Cisco Switch TCL SMTP timeout

  Hello I have some problem with cisco switch if i use SMTP event over TCL.
  My TCl scrip contain code:
  if [catch {smtp_send_email $mail_msg} result] {
  error $result $errorInfo
  #code for dump to file
  } else {#code if all ok}
  If internet is work script work fine. but if internet is down switch try send message long time and script "Process Forced Exit"
  I have error
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: Process Forced Exit- MAXRUN timer expired.
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:     while executing
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: "error $result $errorInfo"
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:     invoked from within
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: "$slave eval $Contents"
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:     (procedure "eval_script" line 7)
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:     invoked from within
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: "eval_script slave $scriptname"
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:     invoked from within
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: "if {$security_level == 1} {       #untrusted script
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:      interp create -safe slave
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:      interp share {} stdin slave
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:      interp share {} stdout slave
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: ..."
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl:     (file "tmpsys:/lib/tcl/base.tcl" line 50)
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: Tcl policy execute failed:
  Jul 12 23:35:10: %HA_EM-6-LOG: event.tcl: Process Forced Exit- MAXRUN timer expired.
  I try change Maxrun timer but it not help (i have same error but it not print before time not end).
  I try ios for switch 150-2.SE4 | 122-55.SE8 | 122-44.6
  I try this code on cisco router, it work fine(if smtp server not avalable script print error 1-2sec).
  Thank you.

  If the mailer server is not listening on tcp/25 or otherwise refuses the connection, then the socket attempt should die quickly.  If the mail server is truly unreachable, then the socket will never timeout until the EEM policy terminates.  This holds true on the latest version of EEM on routers as well.

• Changing SSH port in Cisco switches

  Hello everyone 
  I have switches with different platforms 2950 , 3750 , 3560  ...... I want to change the port of SSH , but the command ip ssh port not found ... be informed that the IOS is ipservice type for layer 3 switches

  Sorry but you cannot change the port (tcp/22) used by ssh on Cisco switches.
  The best practices for securing it it include:
  - enforce ssh version 2,
  - apply an access-list to your vty lines,
  - set a timeout and retry lockout, and
  - possibly control plane policing.

• How to get info over snmp on cisco switch whether native vlan on a port is tagged or not?

  Hi!
  I want to know which oid(s) should I query to know whether native vlan on trunk port on cisco switch is tagged or not?
  I am querying the oid .1.3.6.1.4.1.9.9.46.1.6.3.0 (vlanTrunkPortsDot1qTag) on cisco 3560 (E Series) and I am getting global value. Also, this OID is showing as deprecated. So I query .1.3.6.1.4.1.9.9.246.1.6 (cltcDot1qAllTagged) and its subtree, but no value is returned.
  Switch Version is
  Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(50)SE2

  Keep in mind that DHCP is a broadcast packet to start. So the AP can only listen in the subnet that it has an IP address for.
  Now, for any other subnet you can use the AP for DHCP but you have to have an IP helper address on your L3 pointing back to the AP.
  That being said, I wouldn't use the DHCP server on the AP as it is limited. You'd be better off using a Microsoft server or some other device that is designed for DHCP.
  HTH,
  Steve

• Windows 7 LLDP and Cisco Switches

  Does Windows 7 support IEEE LLDP (not to be confused with MS LLTP). We have LLDP enabled on are Cisco Switches and want to be able to see are what ports the Windows 7 devices are connected to. Using the Cisco Show LLDP neighbors.

  Hi,
  I suggest you refer to the following article in MSDN blog:
  Link Layer Topology Discovery Protocol Specification
  http://msdn.microsoft.com/en-us/library/windows/hardware/gg463061.aspx
  Thanks,
  Vincent Wang
  TechNet Community Support

• Rrack mounting brackets for Cisco switch SF300-48P ?

  Does anyone know how to get rack mounting brackets for Cisco switch SF300-48P ?

  You might be able to get them through Cisco support.  Check this thread: https://supportforums.cisco.com/discussion/11201291/sf-300-series-rack-mount-brackets

• Has anyone develped an EM plug-in for Cisco switches or routers

  Folks,
  Has anyone develped an EM plug-in for Cisco switches or routers? Please reply to this thread if you have developed one and would like to share your experience in developing this plug-in?
  Thanks,

  It's probably not the conversion from CMYK to RGB that's causing the problem, but color profile (ICC) embedding in Photoshop. Fireworks doesn't read color profiles. You might be able to create an action to remove the color profile in Photoshop and then batch process the images with it.

• NPS Discarding RADIUS request from Cisco switch (802.1x)

  Last few weeks I've been busy to get the following to work:
  - Cisco 2960 switch as the suppliant
  - Another Cisco 2960 as the authenticator switch
  - The supplicant is only able to send MS-EAP MS-ChapV2 requests
  - The NPS server is Windows 2008 R2 (and also tested on 2012 R2)
  This is called "NEAT" by Cisco; which does seem to work with Cisco ISE (http://www.cisco.com/c/en/us/support/docs/lan-switching/8021x/116681-config-neat-cise-00.html)
  but I'd like to get it to work with Windows NPS.
  Within NPS I've setup the following Connection Request policy:
  - NAS Port Type: Ethernet
  I'm using the following Network Policy:
  - User Group: DOMAIN\Switches (the useraccount used by the switch is part of this group)
  - NAS Port Type: Ethernet
  - Autehntcation Type: EAP
  Now the request sent by the switch is discarded. The actual error is the following (excluded irrelevant information):
  User:
  Account Name: Rotterdam-Switch-8-1
  Account Domain: DOMAIN
  Authentication Details:
  Connection Request Policy Name: Secure Wired Connections
  Network Policy Name: Switches Allowed
  Authentication Provider: Windows
  Authentication Server: SERVER.DOMAIN.local
  Authentication Type: EAP
  EAP Type: -
  Account Session Identifier: -
  Reason Code: 1
  Reason: An internal error occurred. Check the system event log for additional information.
  Wireshark on the NPS server shows:
  1. The RADIUS Access-Request (1) being received by the NPS Server
  2. The NPS Server sending out a RADIUS Access-Challenge (11) to the authenticator switch
  3. Another RADIUS Access-Request (1) is beging received by the NPS Server
  Packet 2 has an t=EAP-Message(79) with type MS-EAP-Authentication [Palekar](26) and MS-CHAPv2-ID set to 2 and OpCode 1 (Challange)
  Packet 3 has an t=EAP-Message(79) with type MS-EAP-Authentication [Palekar](26) and MS-CHAPv2-ID set to 2 and OpCode 2 (Response)
  I've also tried the following:
  - I've also tested with an invalid username/password. The request is correctly denied
  - I've also tested by added ALL EAP Types as condition to the Network Policy. The request isn't pickup by this policy anymore.
  Any help would be greatly appriciated ofcourse.
  Kind regards,
  Peter

  It only took like.. uhm.. forever.. but there's an answer which is "OK ish..".
  Cisco 2960 switches support EAP-MSCHAP; but it seems that NPS only supports EAP-MSCHAP for VPN Connections and not for Wired/Wirelss authentication. Something to do with inner and outer methods and NPS requireing PEAP as an outer method for Wired/Wirelss
  authentication.
  End result is that both the Cisco switches and NPS do support EAP-MD5. Though it's definitly not as secure (at all), it's definitly a step in the right direction and it's something that we'll be implementing.
  Now it seems that NPS doesn't support EAP-MD5 (which is supposidly depricated), it's possible to re-enable it. Using the following articles.
  http://support.microsoft.com/kb/922574/en-us
  Microsft mentioned me that "Though this article says it applies to Windows Vista only, it does apply to Server 2008R2 as well. Also I would suggest you the following link:
  http://support.microsoft.com/kb/981190"
  Please note that you'll have to enable 'Store password using reversible encryption’  on the accounts that will be used for NEAT authentication.
  All though I would have hoped EAP-MSCHAPv2 would work, I feel I do need to clarify that I understand Microsoft's point of view on this as well. They feel EAP methods without PEAP are simply not safe; which is understandable, espcially for EAP-MD5 which
  could be sniffer using a hub/repeater/etc.
  Kind regards,
  Peter

• DACL does not get downloaded to Cisco Switch from ISE

  Hello,
  I have a cisco switch with ios: c3550-ipbasek9-mz.122-44.SE6.bin
  I am trying to push dACL fro my ISE device into the switch, but it is not getting applied to switch.   dynamic vlan assignment workds fine, but dACL doesnot apply
  Any instruction plz?

  Hi Jatin,
  ISE is properly configured for dACL,   i think there is some compatibility issue on cisco switch ios.
  following is the debug output>>
  06:36:43: dot1x-packet:Received an EAP packet on interface FastEthernet0/11
  06:36:43: EAPOL pak dump rx
  06:36:43: EAPOL Version: 0x1  type: 0x0  length: 0x0006
  06:36:43: dot1x-packet:Received an EAP packet on the FastEthernet0/11 from mac 0019.b981.e812
  06:36:43: dot1x-sm:Posting EAPOL_EAP on Client=1D68028
  06:36:43:     dot1x_auth_bend Fa0/11: during state auth_bend_request, got event 6(eapolEap)
  06:36:43: @@@ dot1x_auth_bend Fa0/11: auth_bend_request -> auth_bend_response
  06:36:43: dot1x-sm:Fa0/11:0019.b981.e812:auth_bend_response_enter called
  06:36:43: dot1x-ev:dot1x_sendRespToServer: Response sent to the server from 0019.b981.e812
  06:36:43: dot1x-sm:Fa0/11:0019.b981.e812:auth_bend_request_response_action called
  06:36:43: RADIUS/ENCODE(00000049):Orig. component type = DOT1X
  06:36:43: RADIUS(00000049): Config NAS IP: 192.168.2.250
  06:36:43: RADIUS/ENCODE(00000049): acct_session_id: 73
  06:36:43: RADIUS(00000049): sending
  06:36:43: RADIUS(00000049): Send Access-Request to 192.168.2.231:1812 id 1645/99, len 267
  06:36:43: RADIUS:  authenticator 5B 61 1D 64 D3 D5 9F AD - 23 E0 11 11 B3 C3 5C 81
  06:36:43: RADIUS:  User-Name           [1]   6   "test"
  06:36:43: RADIUS:  Service-Type        [6]   6   Framed                    [2]
  06:36:43: RADIUS:  Framed-MTU          [12]  6   1500
  06:36:43: RADIUS:  Called-Station-Id   [30]  19  "00-11-5C-6E-5E-0B"
  06:36:43: RADIUS:  Calling-Station-Id  [31]  19  "00-19-B9-81-E8-12"
  06:36:43: RADIUS:  EAP-Message         [79]  8
  06:36:43: RADIUS:   02 7A 00 06 0D 00                 [ z]
  06:36:43: RADIUS:  Message-Authenticato[80]  18
  06:36:43: RADIUS:   A6 AB 5A CA ED B8 B4 1E 36 00 9D AB 1A F6 B9 E0                [ Z6]
  06:36:43: RADIUS:  Vendor, Cisco       [26]  49
  06:36:43: RADIUS:   Cisco AVpair       [1]   43  "audit-session-id=C0A802FA0000006F016B36D8"
  06:36:43: RADIUS:  NAS-Port-Type       [61]  6   Ethernet                  [15]
  06:36:43: RADIUS:  NAS-Port            [5]   6   50011
  06:36:43: RADIUS:  NAS-Port-Id         [87]  18  "FastEthernet0/11"
  06:36:43: RADIUS:  State               [24]  80
  06:36:43: RADIUS:   33 37 43 50 4D 53 65 73 73 69 6F 6E 49 44 3D 43  [37CPMSessionID=C]
  06:36:43: RADIUS:   30 41 38 30 32 46 41 30 30 30 30 30 30 36 46 30  [0A802FA0000006F0]
  06:36:43: RADIUS:   31 36 42 33 36 44 38 3B 33 35 53 65 73 73 69 6F  [16B36D8;35Sessio]
  06:36:43: RADIUS:   6E 49 44 3D 69 73 65 2D 73 65 72 76 65 72 2D 31  [nID=ise-server-1]
  06:36:43: RADIUS:   2F 31 37 31 30 32 35 39 38 38 2F 32 34 3B    [ /171025988/24;]
  06:36:43: RADIUS:  NAS-IP-Address      [4]   6   192.168.2.250
  06:36:43: %LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to up
  06:36:43: RADIUS: Received from id 1645/99 192.168.2.231:1812, Access-Challenge, len 1134
  06:36:43: RADIUS:  authenticator 78 36 A3 38 30 1C F0 7A - 19 83 93 81 B4 6B FF 9E
  06:36:43: RADIUS:  State               [24]  80
  06:36:43: RADIUS:   33 37 43 50 4D 53 65 73 73 69 6F 6E 49 44 3D 43  [37CPMSessionID=C]
  06:36:43: RADIUS:   30 41 38 30 32 46 41 30 30 30 30 30 30 36 46 30  [0A802FA0000006F0]
  06:36:43: RADIUS:   31 36 42 33 36 44 38 3B 33 35 53 65 73 73 69 6F  [16B36D8;35Sessio]
  06:36:43: RADIUS:   6E 49 44 3D 69 73 65 2D 73 65 72 76 65 72 2D 31  [nID=ise-server-1]
  06:36:43: RADIUS:   2F 31 37 31 30 32 35 39 38 38 2F 32 34 3B    [ /171025988/24;]
  06:36:43: RADIUS:  EAP-Message         [79]  255
  06:36:43: RADIUS:   4D 5D 13 47 FC 46 16 EE 62 76 40 09 77 48 31 B6 01 6B 5E 52 33 56 A2 1E 34  [M]GFbv@wH1k^R3V4]
  06:36:43: RADIUS:   02 32 39 FA 4D CA 79 18 4A 42 A2 4E 5C BD AE 29 D2 3D D1 5A FC C2 ED 3E E5 FB C6 B8 D8 DE A8 75 EB 3A A5 7D 02 03 01 00 01 A3 81 CD 30  [29MyJBN\)=Z>u:}0]
  06:36:43: RADIUS:   81 CA 30 0B 06 03 55 1D 0F 04 04 03 02 01 86 30 0F 06 03 55 1D 13 01 01 FF 04 05 30 03 01 01 FF 30 1D 06 03 55 1D 0E 04 16 04 14 C4 56 80 A7 C9 18 50 92 EE CC 91 D4 E1 EC DB AD E7 1E 70 A8 30 79 06 03 55 1D 1F 04 72 30 70  [0U0U00UVPp0yUr0p]
  06:36:43: RADIUS:   30 6E A0 6C A0 6A 86 32 68 74 74 70 3A 2F 2F 73 79 73 6C  [0nlj2http://sysl]
  06:36:43: RADIUS:   6F 67 2D 73 65 72 76 65 72 2F 43 65 72 74 45 6E  [og-server/CertEn]
  06:36:43: RADIUS:   72 6F 6C 6C 2F 46 4D 46 42 5F 54 72 75 73 74 65  [roll/FMFB_Truste]
  06:36:43: RADIUS:   64 43 41 2E 63 72 6C 86 34 66 69 6C 65 3A 2F 2F 5C  [dCA.crl4file://\]
  06:36:43: RADIUS:   5C 73 79 73 6C 6F 67 2D 73 65 72 76 65 72 5C 43  [\syslog-server\C]
  06:36:43: RADIUS:   65 72 74 45 6E 72 6F 6C 6C 5C 46 4D 46 42 5F 54  [ertEnroll\FMFB_T]
  06:36:43: RADIUS:   72 75 73 74 65 64 43 41 2E         [ rustedCA.]
  06:36:43: RADIUS:  EAP-Message         [79]  251
  06:36:43: RADIUS:   63 72 6C 30 10 06 09 2B 06 01 04 01 82 37 15 01 04 03 02 01 00 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82 01 01 00 63 BA F8 CE D5 8B 0E 94 77 AE 86 6C 37 AB 2F 36 9A B2 85 D5 4A  [crl0+70*Hcwl7/6J]
  06:36:43: RADIUS:   74 8C 33 F5 93 06 A6 57 8D 39 56 8F 02 08 97 CB C6 08 70 8C 22 1E 5D 1F A8 26 6D 60 1F 05 62 D1 24 AB 03 8C 41 F8 1C F1 F8 C2 87 8B 97 02 71 FC 6A  [t3W9Vp"]&m`b$Aqj]
  06:36:43: RADIUS:   EB 12 FC DD 8C 5C 9C 2D AF D2 C4 1C 18 1B 40 BE 78 B0 54 55 59 89 03 1B B7 FB 91 85 EE CA C0 18 1C 78 5D 4D BA FA 9E 44 D3 45 53 A3 BE 46 8A FB 81 BD F1 4C B3 3B  [\-@xTUYx]MDESFL;]
  06:36:43: RADIUS:   D6 66 7E 5B 79 9F 83 53 5E 49 92 B5 7F E5 1A E2 86 8C 83 96 7D 75 A5 1D 08 4E 32 C3 5E EC BF 28 53 EC 53 8A C3 E0 36  [f~[yS^I}uN2^(SS6]
  06:36:43: RADIUS:   82 EE AA 0D 38 3E BA 9C 1D D9 24 BD 48 A6 EE 44 BD 95 68 85 CA 8C 44 F8 E8 A2 FB 94 BC 6F 7C F2 06 91 6C A0 A6 BB 7B 7F 56 BD 15 32 A4     [ 8>$HDhDo|l{V2]
  06:36:43: RADIUS:  Message-Authenticato[80]  18
  06:36:43: RADIUS:   DD 82 F7 10 3F C7 B5 62 9B 2A BB 24 16 A7 59 33            [ ?b*$Y3]
  06:36:44: RADIUS(00000049): Received from id 1645/99
  06:36:44: RADIUS/DECODE: EAP-Message fragments, 253+253+253+249, total 1008 bytes
  06:36:44: dot1x-packet:Received an EAP request packet from EAP for mac 0019.b981.e812
  06:36:44: dot1x-sm:Posting EAP_REQ on Client=1D68028
  06:36:44:     dot1x_auth_bend Fa0/11: during state auth_bend_response, got event 7(eapReq)
  06:36:44: @@@ dot1x_auth_bend Fa0/11: auth_bend_response -> auth_bend_request
  06:36:44: dot1x-sm:Fa0/11:0019.b981.e812:auth_bend_response_exit called
  06:36:44: dot1x-sm:Fa0/11:0019.b981.e812:auth_bend_request_enter called
  06:36:44: dot1x-packet:dot1x_mgr_send_eapol :EAP code: 0x1  id: 0x7B length: 0x03F0 type: 0xD  data: @Cfui[ab2,Jt1){                                                                                                                              2]g&GZ1pIbu;+Ga;iF"jy#
  oohuV.aFZ4_|
  P0`At   )B
  06:36:44: dot1x-ev:FastEthernet0/11:Sending EAPOL packet to group PAE address
  06:36:44: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/11.
  06:36:44: RADIUS:  Message-Authenticato[80]  18
  06:36:44: RADIUS:   F5 B0 56 D3 C6 87 BD 10 6E C7 4A 72 5B 5C 60 C5           [ VnJr[\`]
  06:36:44: RADIUS:  Vendor, Cisco       [26]  49
  06:36:44: RADIUS:   Cisco AVpair       [1]   43  "audit-session-id=C0A802FA0000006F016B36D8"
  06:36:44: RADIUS:  NAS-Port-Type       [61]  6   Ethernet                  [15]
  06:36:44: RADIUS:  NAS-Port            [5]   6   50011
  06:36:44: RADIUS:  NAS-Port-Id         [87]  18  "FastEthernet0/11"
  06:36:44: RADIUS:  State               [24]  80
  06:36:44: RADIUS:   33 37 43 50 4D 53 65 73 73 69 6F 6E 49 44 3D 43  [37CPMSessionID=C]
  06:36:44: RADIUS:   30 41 38 30 32 46 41 30 30 30 30 30 30 36 46 30  [0A802FA0000006F0]
  06:36:45: dot1x-ev:FastEthernet0/11:Sending EAPOL packet to group PAE address
  06:36:45: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/11.
  06:36:45: dot1x-registry:registry:dot1x_ether_macaddr called
  06:36:45: dot1x-ev:dot1x_mgr_send_eapol: Sending out EAPOL packet on FastEthernet0/11
  06:36:45: EAPOL pak dump Tx
  06:36:45: EAPOL Version: 0x2  type: 0x0  length: 0x0039
  06:36:45: EAP code: 0x1  id: 0x7E length: 0x0039 type: 0xD
  06:36:45: dot1x-packet:dot1x_txReq: EAPOL packet sent to client (0019.b981.e812)
  06:36:45: dot1x-sm:Fa0/11:0019.b981.e812:auth_bend_response_request_action called
  06:36:46: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/11.
  06:36:46: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
  06:36:46: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
  06:36:46: EAPOL pak dump rx
  06:36:46: EAPOL Version: 0x1  type: 0x0  length: 0x0006
  06:36:46: dot1x-ev:
  dot1x_auth_queue_event: Int Fa0/11 CODE= 2,TYPE= 13,LEN= 6
  06:36:46: dot1x-packet:Received an EAPOL frame on interface FastEthernet0/11
  06:36:46: dot1x-ev:Received pkt saddr =0019.b981.e812 , daddr = 0180.c200.0003,
                      pae-ether-type = 888e.0100.0006
  06:36:46: dot1x-ev:dot1x_auth_process_eapol: EAPOL flag status of the port  Fa0/11 is TRUE

• Cisco switches and virtual ip address(load balancing address) on xenapp portals

  Hi I am quite new in configuring cisco switches and stumble across an issue after installing xenapp7.6 with load balanced portal to the ddc`s
  It seems i only can ping or get access to portal if using real ip address behind cisco switch from other subnets in my network.
  I can ping ddc01 and ddc02 and connect to the portal with http without problem. However when i triy to access the load balancing address of the ddc`s
  it wont answer to ping or http
  In same subnett it is no problem connecting to the load balancing address of the ddc`s, but in loactions on other subnets i only can access real server ip
  eks
  dd01   192.168.1.4    ok ping and access behind cisco switch from subnets
  ddc02 192.168.1.5   ok to ping  access behind cisco switch from subnets
  load balancing for both ddc 192.168.1.6 not able to get answer og access from subnets, only in same subnett
  Is there any way to configure switch to access the load balancing address of the ddc`s ?
  Regards
  Pål Arne Røberg

  Wrong forum. This forum is dedicated to feedback related to CSC framework itself. You should not wish for response here.
  Moved by moderator, no longer apply.

• Collecting information from Cisco switchs using SNMP

  Dear All,
  I have a wide network with more than 250 sites connected using the DSL. the WAN devices are under the provider responsability and the LAN devices are directly in my responsability. In each site, I have :
  1 or 2 Cisco switchs (2960 or 3560), connecting via fibr.
  or
  Linksys switch connected via ethernet cable
  and
  cisco 877 router connected to switch
  cisco 881G router conected to switch
  pc and printers
  In order to improve the availibilty of our network, we lauch every day a script from local pc to test connectivity of LAN equipements :
  ping to switchs (Vlan 1), ping to ip fa0/0 cisco router1, ip cisco router2, ping to HSRP address (of two router). the resulting ini file will be inserted in a database and exported to excel for analysing.
  I'm asking if someone can help in order to implement SNMP and let me know the name of cisco MIB to implement to :
  - to have from SNMP information, the result of show cdp nei, show interface status, show ip int brief,...
  - to have if wan router LAN interface are up,connected
  -  others usefuls informations.
  Thanks and regards,
  AA

  Hi,
  the basic SNMP config for 2960 and 3560 is:
       snmp-server community <> RO
  The configuration for SNMP traps to get alerts from the device if there is for example a failure with a fan is:
            snmp-server enable traps
            snmp-server host <> <>
  This enables all traps available with your IOS version. You can the disable not wanted traps by using the "no"-command like this.
  Example for dot1x traps:
            no snmp-server enable traps dot1x
  With a snmp client you can then do a snmpwalk (or snmp get) without a specific OID to get all the SNMP information from the device:
  On a Linux server the following command should work:
       snmpwalk -v 2c -c <> -T <>
  -v = use SNMP version 2c
  -c = use the community string you configured on the device
  -T = output in the dotted decimal format
  But be careful, this will be a lot of data output.
  Here you will find a docu for configuring SNMP on a Cisco device:
  http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html
  Sven

• What's "SAVE" configuration command for Cisco switch/ router?

  What's "SAVE" configuration command for Cisco switch / router? I know Switch#copy running-config startup-config works well,
  but so long, any other command that easy to remenber?

  What's "SAVE" configuration command for Cisco switch / router? I know Switch#copy running-config startup-config works well, but so long,
  any other command that easy to remenber?
  yes, here: Switch#write,and want to know more about the Cisco switch, please visit:http://www.3anetwork.com/cisco-switches-price_c1

• SIP 7960 to non-Cisco Switch

  Does anyone know if a 7960 (SIP) phone can connect to a non-Cisco switch and separate the Voice traffic from the access port traffic?
  I tried connecting a 7960 to a baystack 450T, configuring the switchport as a "tagged trunk", and then changing the Admin Vlan ID on the phone to the desired voice vlan. It looks as though the switch wants the access port traffic to be tagged as well.
  Any help would be greatly appreciated!
  Thanks,
  Darin

  Hi !
  You need to configure a 802.1q trunk on your non-cisco switch. The 802.1q native vlan should be the one the PC is in. The voice vlan will be tagged.
  Configure all parameters (like voice-vlan-id etc) on the phone manually (obviously CDP does not work). I have done it and it works fine (but i never tried on the switch you mentioned).
  Inline Power will also not work because the 7960 is not 802.3af compliant (yet).
  Mike

• How to view the login log in window NPS after login cisco switch and without SQL server database

  how to view the login log in window NPS after login cisco switch and without SQL server database
  in summary 
  there is only log with event id 4400
  A LDAP connection with domain controller XCPAWS20.cyberport.noc for domain NOC2 is established.

  Hi adil,
  For your issue, you can create a custom security token service (STS) and then set up a trust relationship between a SharePoint 2010 farm and the custom STS.
  For more information, you can refer to the articles:
  http://forums.asp.net/t/1335229.aspx?Sharing+Authentication+Ticket+Between+ASP+NET+and+Sharepoint
  https://msdn.microsoft.com/en-us/library/office/ff955607(v=office.14).aspx
  http://www.paraesthesia.com/archive/2011/02/01/working-with-windows-identity-foundation-in-asp-net-mvc.aspx/
  Best Regards,
  Eric
  Eric Tao
  TechNet Community Support