FVRF - cannot SSH into the router

Hello,
Does anybody know why after configuring a router for FVRF and IVRF I can no longer SSH into the box? As soon as the outside interface is placed in the FVRF I loose the remote connection and when try to reconnect the router refuses the SSH connection, what am I missing?
Thanks and best regards.
Remi

Hello.
Not clear what is your issue, but default behavior for ISR G1/G2 is to remove IP-address from the interface whenever you move it between VRFs.
To move interface between VRFs you either need second management interface or EMM script.

Similar Messages

  • I cannot get into my router setup using 10.0.1.1

    I cannot get into my router setup using 10.0.1.1
    I did ipconfig and got the address but cannot open it up to make it a server.

    This sounds like you are trying to use a web page setup for the AirPorts, which will not work.
    You are aware that you must use an application.....AirPort Utility.....on a Mac, PC or iPhone or iPad to set up and configure the Airport routers, correct? The Setup Guide is pretty clear about this.
    Is this a new AirPort Extreme that you have?  If yes, please review the System Requirements:
    Setup and Administration
    iPhone, iPad, or iPod touch with iOS 6 or later and AirPort Utility 1.3
    Mac with OS X Lion v10.7.5 or later and AirPort Utility 6.3
    If you have a previous version of the AirPort Extreme.....and you have not downloaded and installed AirPort Utility 5.6.1 for Windows - Support - Apple , now might be a good time.

  • AAA authentication when logging into the router via the web browser

    Hi group,
    I am trying to get access the a cisco 2621 via http and authentication
    via AAA but there is something I am not quite understand.
    I am using the freeware TACACS+ server running on RedHat Linux
    Enterprise Server 3.0. I setup the TACACS+ account for myself with
    enable privilege on the TACACS+ box. This account, let call it,
    ddt123, can telnet/ssh into the IOS router and the enable secret
    is associated with this account as setup in TACACS+.
    Here is my configuration looks like on the TACACS+ file:
    [root@dca2-LinuxES tacacs]# more tac_plus.cfg
    accounting file = /var/log/tac_plus.log
    key = zFgGkIooIsZ.Q
    user = ddt123 {
    member = admin
    name = "ddt 123"
    login = cleartext "exec123"
    user = $ddt123$ {
    member = admin
    name = "ddt 123"
    login = cleartext "privi123"
    group = admin {
    default service = permit
    [root@dca2-LinuxES tacacs]#
    Here is my configuration on the IOS device:
    aaa authentication login notac none
    aaa authentication login VTY group tacacs+ local
    aaa authentication login web local enable
    aaa authentication enable default group tacacs+ enable
    aaa authorization console
    aaa authorization config-commands
    aaa authorization exec notac none
    aaa authorization exec VTY group tacacs+ if-authenticated none
    aaa authorization commands 0 VTY group tacacs+ if-authenticated none
    aaa authorization commands 1 VTY group tacacs+ if-authenticated none
    aaa authorization commands 15 VTY group tacacs+ if-authenticated none
    aaa authorization network VTY group tacacs+ if-authenticated none
    aaa accounting exec VTY start-stop group tacacs+
    aaa accounting commands 0 VTY start-stop group tacacs+
    aaa accounting commands 1 VTY start-stop group tacacs+
    aaa accounting commands 15 VTY start-stop group tacacs+
    aaa accounting network VTY start-stop group tacacs+
    aaa accounting connection VTY start-stop group tacacs+
    tacacs-server host 192.168.15.10 key ***
    ip http server
    ip http authentication aaa login-authentication VTY
    line con 0
    exec-timeout 0 0
    authorization exec notac
    accounting commands 0 VTY
    accounting commands 1 VTY
    accounting commands 15 VTY
    accounting exec VTY
    logging synchronous
    login authentication notac
    line vty 0 15
    exec-timeout 0 0
    authorization commands 0 VTY
    authorization commands 1 VTY
    authorization commands 15 VTY
    authorization exec VTY
    accounting commands 0 VTY
    accounting commands 1 VTY
    accounting commands 15 VTY
    accounting exec VTY
    login authentication VTY
    The question I have is that when I open the browser and enter http://router_IP_address,
    the it prompts me for authetication, which password should I use, "exec123" or "privi123"?
    Can someone explain to me how this work, and if it works at all? Thanks.
    David

    here is the "debug aaa authen" and "debug aaa author" on the router:
    C2621#term mon
    C2621#
    Feb 25 23:11:33.967 UTC: AAA/AUTHOR/TAC+: (3081244823): send AV cmd-arg=monitor
    Feb 25 23:11:33.971 UTC: AAA/AUTHOR/TAC+: (3081244823): send AV cmd-arg=
    Feb 25 23:11:34.183 UTC: TAC+: (-1213722473): received author response status = PASS_ADD
    Feb 25 23:11:34.187 UTC: AAA/AUTHOR (3081244823): Post authorization status = PASS_ADD
    Feb 25 23:11:34.187 UTC: AAA/MEMORY: free_user (0x8276F8AC) user='ddt123' ruser='C2621' port='tty66' rem_addr='192.168.15.1' authen_type=ASCII service=NONE priv=0 vrf= (id=0)
    Feb 25 2007 23:11:36 UTC: %SEC-6-IPACCESSLOGP: list 111 permitted tcp 192.168.15.10(49) -> 192.168.15.1(24127), 1 packet
    Feb 25 2007 23:11:38 UTC: %SEC-6-IPACCESSLOGP: list 111 permitted tcp 192.168.15.10(49) -> 192.168.15.1(14840), 1 packet
    Feb 25 23:11:39.248 UTC: AAA/AUTHEN/LOGIN (00000000): Pick method list 'VTY'
    Feb 25 23:11:39.268 UTC: AAA/AUTHOR (00000000): Method=None for method list id=A0000003. Skip author
    Feb 25 2007 23:11:40 UTC: %SEC-6-IPACCESSLOGP: list 111 permitted tcp 192.168.15.10(49) -> 192.168.15.1(36781), 1 packet
    Feb 25 2007 23:11:41 UTC: %SEC-6-IPACCESSLOGP: list 111 permitted udp 192.168.4.10(2537) -> 192.168.15.1(161), 1 packet
    Feb 25 23:11:42.553 UTC: AAA/AUTHEN/LOGIN (00000000): Pick method list 'VTY'
    Feb 25 2007 23:11:43 UTC: %SEC-6-IPACCESSLOGP: list 111 permitted tcp 192.168.15.10(49) -> 192.168.15.1(19535), 1 packetu
    All possible debugging has been turned off
    C2621#
    Feb 25 23:11:46.552 UTC: AAA: parse name=tty66 idb type=-1 tty=-1
    Feb 25 23:11:46.552 UTC: AAA: name=tty66 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=66 channel=0
    Feb 25 23:11:46.552 UTC: AAA/MEMORY: create_user (0x8276AD88) user='ddt123' ruser='C2621' ds0=0 port='tty66' rem_addr='192.168.15.1' authen_type=ASCII service=NONE priv=0 initial_task_id='0', vrf= (id=0)
    Feb 25 23:11:46.556 UTC: tty66 AAA/AUTHOR/CMD(1541751897): Port='tty66' list='VTY' service=CMD
    Feb 25 23:11:46.556 UTC: AAA/AUTHOR/CMD: tty66(1541751897) user='ddt123'
    Feb 25 23:11:46.556 UTC: tty66 AAA/AUTHOR/CMD(1541751897): send AV service=shell
    Feb 25 23:11:46.556 UTC: tty66 AAA/AUTHOR/CMD(1541751897): send AV cmd=undebug
    Feb 25 23:11:46.556 UTC: tty66 AAA/AUTHOR/CMD(1541751897): send AV cmd-arg=all
    Feb 25 23:11:46.556 UTC: tty66 AAA/AUTHOR/CMD(1541751897): send AV cmd-arg=
    Feb 25 23:11:46.556 UTC: tty66 AAA/AUTHOR/CMD(1541751897): found list "VTY"
    Feb 25 23:11:46.556 UTC: tty66 AAA/AUTHOR/CMD(1541751897): Method=tacacs+ (tacacs+)
    Feb 25 23:11:46.560 UTC: AAA/AUTHOR/TAC+: (1541751897): user=ddt123
    Feb 25 23:11:46.560 UTC: AAA/AUTHOR/TAC+: (1541751897): send AV service=shell
    Feb 25 23:11:46.560 UTC: AAA/AUTHOR/TAC+: (1541751897): send AV cmd=undebug
    Feb 25 23:11:46.560 UTC: AAA/AUTHOR/TAC+: (1541751897): send AV cmd-arg=all
    Feb 25 23:11:46.560 UTC: AAA/AUTHOR/TAC+: (1541751897): send AV cmd-arg=
    Feb 25 23:11:46.768 UTC: TAC+: (1541751897): received author response status = PASS_ADD
    Feb 25 23:11:46.772 UTC: AAA/AUTHOR (1541751897): Post authorization status = PASS_ADD
    Feb 25 23:11:46.772 UTC: AAA/MEMORY: free_user (0x8276AD88) user='ddt123' ruser='C2621' port='tty66' rem_addr='192.168.15.1' authen_type=ASCII service=NONE priv=0 vrf= (id=0)no
    Feb 25 2007 23:11:47 UTC: %SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 976 packets
    C2621#
    David

  • HT1414 Hello, do you know what I can do when my Iphone is blocked with the apple appearing ? I cannot enter into the phone and I don't know what to do ? Thank you

    Hello,
    Do you know what I can do when my Iphone is blocked with the apple appearing ?
    I cannot enter into the phone and I don't know what to do ?
    Thank you for your help
    AMGSO

    Basics from the manual are restart,  reset, and restore.
    Have you tried these?

  • I cannot get into the app store my apple id is not working

    i cannot get into the apple store via i tunes would not allow me to sign in

    Its possible the App is not available in the Canadian store if the link doesn't work for you.
    https://itunes.apple.com/us/app/xfinity-connect/id320788270?mt=8

  • I cannot log into the game center as I forgot my password and am not able to reset it.

    I cannot log into the game center as I forgot my password and am not able to reset it because I keep getting the error that the info I submitted is incorrect.  If I ask for an email message, it doesn't come thru but friend requests are received on that same email.  If I use my second account, I can't use the same nickname and all my info is lost.  Any suggestions?

    here
    http://support.apple.com/kb/index?page=search&src=support_site.home.search_sugge sted.search&locale=en_US&q=game%20center%20support

  • HT1174 On the opening screen of my ipad2 the itunes apple icon and the usb cord are displayed.  What do I do to delete them?  Do not tell  ll me to download something, as I cannot get into the ipad

    On the opening screen of my 1pad2 the itunes apple icon and usb cord are displayed.  How do I delete them?  Do NOT tell me to download anything, as I CANNOT GET INTO THE IPAD.

    You can't get rid of those icons because that means that you MUST connect the iPad to your computer's iTunes and restore the device. You have no choice. There is no way to remove that from the screen. Something went wrong on the iPad and you need to restore it now.
    iTunes: Restoring iOS software

  • HT4061 In cannot retrive my serial number because i cannot get into the phone

    In cannot retrive my serial number because i cannot get into the phone

    Please eject the Sim tray and underneath u would see the Serial # as well IMEI #.
    Happy New YEAR

  • I can open my iTunes and play my purchased music, but I cannot get into the iTunes store.  btw, I just downloaded the new version of iTunes

    I downloaded the new version of iTunes, and now, I cannot get into the iTunes Store. 

    many thanks.
    I am in my iTunes application and when I press the link to connect to the iTunes Store, it starts churning, and churning, but never connects. It has churned for hours and when I finally click the "X" to close it, I get error code 11222.
    I'd try the following document: 
    Apple software on Windows: May see performance issues and blank iTunes Store
    (If there's a SpeedBit LSP showing up in Autoruns, it's usually best to just uninstall your SpeedBit Video Accelerator.)

  • How do I limit access of a computer that is plugged directly into the router?

    I have an AirPort Extreme, Version 7.6.1  I need to limit access of a computer that's plugged by usb directly into the router.  I have the MAC address for this computer and have had restrictions on it the in the past, but it was connected by WiFi then.  How do I do this?  Do I limit access to the Ethernet ID?  I don't want to lock myself out trying to figure it out; I did that last night.  Can someone advise please.

    You could use OpenDNS's parental controls:
    http://www.opendns.com/home-solutions/parental-controls
    It can restrict access according to your specifications for everyone on your network.
    It's free.

  • I cannot log into the oracle account using GNOME interface

    I'm receiving the following message when trying to log into the oracle OS account with the GNOME interface turned on:
    GDM could not write to your authorization file. This could mean that you are out of disk space or that your home directory could not be opened for writing. In any case, it is not possible to log in. Please contact your system administrator.
    I can successfully ssh into the oracle account via a terminal window session.
    df -h on the host does not show a problem with disk space:
    [root@oel1 ~]# df -h
    Filesystem Size Used Avail Use% Mounted on
    /dev/mapper/VolGroup00-LogVol00
    3.9G 2.6G 1.1G 71% /
    /dev/xvda1 99M 13M 81M 14% /boot
    tmpfs 513M 0 513M 0% /dev/shm
    /dev/mapper/VolGroup00-u02
    20G 173M 19G 1% /u02
    /dev/mapper/VolGroup00-u03
    20G 1.9G 17G 10% /u03
    /dev/mapper/VolGroup00-u01
    20G 44M 19G 1% /u01
    /dev/mapper/VolGroup00-orabin
    7.9G 147M 7.4G 2% /orabin
    /dev/mapper/VolGroup00-tmp
    2.0G 68M 1.9G 4% /tmp
    /dev/mapper/VolGroup00-home
    2.0G 68M 1.9G 4% /home
    Some searching on the internet indicated that the .Xauthority file was the problem.
    I noticed that there was no .Xauthority file in the /home/oracle directory. I logged into the oracle OS account via a terminal session and issued the command mkxauth -c. This created an .Xauthority file in my /home/oracle directory. The file has the following permissions which look like they match other hosts we have the Oracle Database running on:
    -rw------- 1 oracle oinstall 265 2011-03-08 13:32 /home/oracle/.Xauthority
    Any heal is greatly appreciated.
    JS

    Thanks for the replies. I obviously had something screwed up in my environment in terms of file permissions.
    I decided that since I am new to Oracle VM and management of the Oracle Enterprise Linux VM templates, and that this was a new instance of the OEL5 template installation, I would start over. So I unzipped the OEL5 template, copied over my vm.cfg file which configures the template instance and brought up a new copy of the OEL5 VM instance. I then logged into it as root, changed the oracle account password and started the GNOME interface with telinit 5 command.
    I was then able to log in successfully to the oracle account via the GNOME interface.
    Thanks for the replies.
    John S.

  • HT1338 I have just bought a new MacBook Pro, switch it on and followed the Setup Assistant. Now the Mac is asking me for a password to access the computer. Assistant Setup did cover a password to access Mac. Not a good start, as I cannot get into the driv

    Just open up the box to my new MacBook Pro. Have gone through Assistant Setup. The Mac is asking for a password. Assistant Setup did not ask for a password to be setup. I cannot get into the computer as its requires a password that I did not set up? Why it is doing this I have no idea. I tried my Apple ID password, no luck. Any other options?

    At the risk of asking the obvious, Have you tried not entering anything and then hitting "Return"?
    Hope this helps

  • HT4113 My daughters iPod touch asks for her pass code but when she types it in the cursor does not move or input any characters so,she cannot get into the iPod. This has suddenly happened for no apparent reason

    My daughters iPod touch asks for her pass code but when she types it in the cursor does not move or input any characters so,she cannot get into the iPod. This has suddenly happened for no apparent reason, what can we do? Can anyone help please?

    Try:
    - iOS: Not responding or does not turn on
    - Also try DFU mode after try recovery mode
    How to put iPod touch / iPhone into DFU mode « Karthik's scribblings
    - If not successful and you can't fully turn the iOS device fully off, let the battery fully drain. After charging for an least an hour try the above again.
    - Try on another computer
    - If still not successful that usually indicates a hardware problem and an appointment at the Genius Bar of an Apple store is in order.
    Apple Retail Store - Genius Bar       

  • I have a Cisco/Linksys WRT-54G wireless router and 2 Airport Extremes (the small ones that plug directly into the wall). Is it possible to extend the network from the router using these two AEs? I have a DVD player and Ext HD plugged into the router too..

    I have a Cisco/Linksys WRT-54G wireless router and 2 Airport Extremes (the small ones that plug directly into the wall). Is it possible to extend the network from the router using these two AEs? I have a DVD player and Ext HD plugged into the router too. Any ideas? I'm guessing the only way is to do what I've seen in these community pages which states that it can be done but it will drop the bandwidth by 50%. Thoughts?? Thanks!

    The Cisco/Linksys WRT-54G was one of the very few routers said to be compatible with Apple's implementation of WDS (Wireless Distribution System) settings.
    The info that I have on file indicates that only the WRT-54G versions 4 and under were compatible, so that would be one bridge to cross.
    Even if you find that your Cisco/Linksys might be the right version, Apple never published instructions on how to configure the Express devices with other manufactures, so users were left to their own devices to try to figure out how to get things working. Apple's instructions to connect to other Apple devices are in the link below:
    WDS network
    If you were hoping to use 2 Express devices in this type of configuration...even if it works...the bandwidth penalties will be extremely severe.
    The first Express drops the bandwidth (and speed) on the entire network in half and the second halves everything again. So, the result, in effect would be a "g" wireless network running at 25% speed. Few users would consider installing this type of network.
    At this point, it becomes one of those things where the fact that you might be able to do something does not mean that there would be much value in doing so. But, it is your decision to decide if you want to try to proceed.

  • I cannot sign into the App Store...

    I cannot sign into the App Store, update apps or use apps purchased. How can I fix this.
    I can sign into iTunes.
    I am using a 3 month old MacBook Pro 17"
    running Snow Lep.  10.6.8

    Hi Carolyn,
    thank you for quick answer.
    I've logged out from iTunes but nothing is changed with App Store.
    It says that is impossible to connect.
    Do you have other suggestions?
    Sorry, what is the OP ?
    Domes

Maybe you are looking for

  • HT2715 How can I get a playlist from my iPod to iTunes without syncing to my whole iTunes library?

    iTunes on our computer has at least 2000 songs and I previously went through it and made a playlist of about 700 of songs that I like, so everytime I wanted to add the songs that I like onto another device I would not have to go through 2000 songs ag

  • Getting error in XI"RFC Program Not Found"

    Hi All, I am getting error in SXMB_MONI "RFC Program not found via SAP XI". So please suggest me what is the problem behind this..For these SAP XI and R/3 i made 3 to 4 RFC program but only 1 RFC program name not getting Via SAP XI. Thanks Amit

  • LSMW and RFBIBL00

    Hi, I am using RFBIBL00 in LSMW to upload AP/AR open items. When I run the job in the foreground, I am getting an error as the second line item is not filled (empty). I think that the structure of my upload file is not correct. Do you have sample upl

  • Exception while connecting to Content  server from JDeveloper

    I am getting following exception while connecting from jDeveloper java.lang.NullPointerException      at oracle.stellent.wcm.jdev.shared.connection.ConnectionContext.<init>(ConnectionContext.java:53)      at oracle.stellent.wcm.jdev.features.rescat.I

  • Close popup - end recording???

    I have a colleague who's experiencing some strange behavior recording using C2. He's recording a web based application in IE with buttons and links that cause secondary windows to popup (e.g., calendar applet to select date). When he clicks the Close