Telnet Issue on Cisco 3850
Hello,
I'm experiencing issue with Telnet connections on my Cisco C3850-48P-S. The version is 3.3.3SE.
I haven't enabled Telnet on line VTY of my switch, but the switch is always available using telnet.
Here my configuration:
line vty 0 4
exec-timeout 20 0
logging synchronous
transport input ssh
Do you know if it's possible to disable telnet ?
Thanks in advance.
Regards
Nicolas
Hello Frank;
Thank for the reply.
Here below more informations about the issue:
- It does work sometimes, but it did never worked properly.
- the problem is there for both sending and receiving.
- for the PSTN transport, i have no idea.
- I tried to change the ATA by another, still the same problem.
- ATAs work properly for voice communication.
- when i call this fax number internally the signal comes along.
- the problem is when faxing internally, it isn't used for external faxing.
- the call flow for internal faxing is like this:
Analog fax (in site A) > ATA (in site A) > access switch (in site A) > core switch (in site A) > cucm (in site A) > Core switch (in site A) > router (in site A) > optical fiber > router (in site B) > core switch (in site B) > cucm (in site B) > core switch (in site B) > voice gateway 248 (in site B) > Analog fax (in site B).
the problem occures when sending internal fax between these two sites A and B, when calling site B from site A, the ringing tone comes aloso the fax signal, but when i try the send the paper the stange tone come along and only half of it pass and it get to the site B as a blank paper or a half blank paper.
for any more explanation, don't hesitate to ask me.
thanks again for your time.
Regards.
Similar Messages
-
Cisco 3850 Redundant Power Supply Reporting Issue
We have deployed several Cisco 3850's. Several are showing the following symptom
ont2-tc3-es01#sh env power
SW PID Serial# Status Sys Pwr PoE Pwr Watts
1A PWR-C1-715WAC DCB1702G0QU OK Good Good 715
1B PWR-C1-715WAC DCB1702G0G6 No Response Good Good 715
Every single switch at this particular location has the same status on the B power supply. The problem was there on the previous code level (3.2.2) and we recently upgraded to 3.3.5 to resolve some SNMP bugs on the switches we also expected the latest Assurewave version to fix this issue also. So couple questions:
1. Anyone else seeing this?
2. Anyone found a fix for it?
Thanks!
MartyHi Zabeel,
I did talk with TAC - per the engineer there are two bugs that cause the issue and one was fixed in 3.3.5 - so we upgraded all our 3850's to that code level. Unfortunately for us, that still didn't fix the issue. TAC suggested that it may be fixed in rev 3.7.0, but that has not officially been confirmed by Cisco's developers.
We're waiting for the official "fix" before going through another round of switch upgrades.
TAC did suggest reseating the power supply if you still have the issue after the upgrade to 3.3.5 - but that's not really an option for me since my switches are geographically spread out.
HTH
Marty -
Calling issue with Cisco 7937 conference station
Hi Friends,
I am facing issue wiht Cisco 7937 conference station, our customer have various branch offices accross the world. All branches are connected over MPLS through service provider( SIP service provider) . there is a centralized CUCM and remote office have SIP Voice gateways .
When making calls from once remote site to another using Cisco 6921 phones calls working fine
When making calls from once remote site to another using Cisco 7937 conference station to make call any phone at remote office, calls are getting disconneted, remote phone rings when calls, but its gets fast busy tone when other party picks up the phone and not able to talk.
I suspect the issue with Codec but we have configured transcoders in VG and registered with CUCM
Please help me if any one experience such issue earlier.
Regards
Sivahi Basant,
1. Actually tow phones A and B are registerd with centralized CUCM, A and B are located in two different locations, RTP traffic between And B pass through service provider.
Call Flow --> Phone A ---->CUCMRouterpattern--> SIP trunk ----> Voice gateway--->Service provider cloud---> Respective Voice Gateway---> CUCM -- Phone B
Show Run
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.02.27 15:14:52 =~=~=~=~=~=~=~=~=~=~=~=
sh run
Building configuration...
Current configuration : 12139 bytes
! Last configuration change at 06:35:59 UTC Tue Feb 25 2014
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname eucamvgw01
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.151-4.M5.bin
boot-end-marker
card type e1 0 0
logging buffered 51200 warnings
no logging console
no aaa new-model
no network-clock-participate wic 0
no ipv6 cef
ip source-route
ip traffic-export profile cuecapture mode capture
bidirectional
ip cef
ip multicast-routing
ip domain name drreddys.eu
ip name-server 10.197.20.1
ip name-server 10.197.20.2
multilink bundle-name authenticated
stcapp ccm-group 2
stcapp
stcapp feature access-code
stcapp feature speed-dial
stcapp supplementary-services
port 0/1/0
fallback-dn 5428025
port 0/1/1
fallback-dn 5428008
port 0/1/2
fallback-dn 5421462
port 0/1/3
fallback-dn 5421463
isdn switch-type primary-net5
crypto pki token default removal timeout 0
voice-card 0
dsp services dspfarm
voice call send-alert
voice call disc-pi-off
voice call convert-discpi-to-prog
voice rtp send-recv
voice service voip
ip address trusted list
ipv4 10.198.0.0 255.255.255.0
ipv4 152.63.1.0 255.255.255.0
address-hiding
allow-connections sip to sip
no supplementary-service h225-notify cid-update
no supplementary-service sip moved-temporarily
no supplementary-service sip refer
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
fax-relay ans-disable
sip
rel1xx supported "track"
privacy pstn
no update-callerid
early-offer forced
call-route p-called-party-id
voice class uri 100 sip
host 41.206.187.71
voice class codec 10
codec preference 1 g711alaw
codec preference 2 g711ulaw
codec preference 3 ilbc
codec preference 4 g729r8
codec preference 5 g729br8
voice class codec 20
codec preference 1 g729br8
codec preference 2 g729r8
voice moh-group 1
moh flash:moh/Panjo.alaw.wav
description MOH G711 alaw
multicast moh 239.1.1.2 port 16384 route 10.198.2.9
voice translation-rule 1
rule 1 /^012237280\(..\)/ /54280\1/
rule 2 /^012236514\(..\)/ /54214\1/
rule 3 /^01223651081/ /5428010/
rule 4 /^01223506701/ /5428010/
voice translation-rule 2
rule 1 /^00\(.+\)/ /+\1/
rule 2 /^0\(.+\)/ /+44\1/
rule 3 /^\([0-9].+\)/ /+\1/
voice translation-rule 3
rule 1 /^9\(.+\)/ /\1/
rule 2 /^\+44\(.+\)/ /0\1/
rule 3 /^\+\(.+\)/ /00\1/
voice translation-rule 4
rule 1 /^54280\(..\)/ /12237280\1/
rule 2 /^54214\(..\)/ /12236514\1/
rule 3 /^\+44\(.+\)/ /\1/
rule 4 /^.54280\(..\)/ /12237280\1/
rule 5 /^.54214\(..\)/ /12236514\1/
voice translation-rule 9
rule 1 /^\(....\)/ /542\1/
voice translation-rule 10
voice translation-rule 11
rule 1 /^\+44122372\(....\)/ /542\1/
rule 2 /^\+44122365\(....\)/ /542\1/
voice translation-rule 12
voice translation-rule 13
rule 1 /^\([18]...\)/ /542\1/
voice translation-rule 14
voice translation-profile MPLS-incoming
translate calling 10
translate called 9
voice translation-profile MPLS-outgoing
translate calling 11
translate called 12
voice translation-profile PSTN-incoming
translate calling 2
translate called 1
voice translation-profile PSTN-outgoing
translate calling 4
translate called 3
voice translation-profile SRST-incoming
translate calling 14
translate called 13
license udi pid CISCO2921/K9 sn FGL145110RE
hw-module ism 0
hw-module pvdm 0/0
username administrator privilege 15 secret 5 $1$syu5$DsxdOgfS7Wltx78o4PV.60
redundancy
controller E1 0/0/0
ip tcp path-mtu-discovery
ip scp server enable
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description internal LAN
ip address 10.198.2.9 255.255.255.0
duplex auto
speed auto
interface ISM0/0
ip unnumbered GigabitEthernet0/0
service-module ip address 10.198.2.8 255.255.255.0
!Application: CUE Running on ISM
service-module ip default-gateway 10.198.2.9
interface GigabitEthernet0/1
description to TATA NGN
ip address 115.114.225.122 255.255.255.252
duplex auto
speed auto
interface GigabitEthernet0/2
description SIP Trunks external
ip address 79.121.254.83 255.255.255.248
ip access-group SIP-InBound in
ip traffic-export apply cuecapture size 8000000
duplex auto
speed auto
interface ISM0/1
description Internal switch interface connected to Internal Service Module
no ip address
shutdown
interface Vlan1
no ip address
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.198.2.1
ip route 10.198.2.8 255.255.255.255 ISM0/0
ip route 41.206.187.0 255.255.255.0 115.114.225.121
ip route 77.37.25.46 255.255.255.255 79.121.254.81
ip route 83.245.6.81 255.255.255.255 79.121.254.81
ip route 83.245.6.82 255.255.255.255 79.121.254.81
ip route 95.223.1.107 255.255.255.255 79.121.254.81
ip route 192.54.47.0 255.255.255.0 79.121.254.81
ip access-list extended SIP-InBound
permit ip host 77.37.25.46 any
permit ip host 83.245.6.81 any
permit ip host 83.245.6.82 any
permit ip 192.54.47.0 0.0.0.255 any
permit icmp any any
permit ip host 95.223.1.107 any
deny ip any any log
control-plane
voice-port 0/1/0
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/1
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/2
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/3
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
no ccm-manager fax protocol cisco
ccm-manager music-on-hold bind GigabitEthernet0/0
ccm-manager config server 152.63.1.19 152.63.1.100 172.27.210.5
ccm-manager sccp local GigabitEthernet0/0
ccm-manager sccp
mgcp profile default
sccp local GigabitEthernet0/0
sccp ccm 10.198.2.9 identifier 3 priority 3 version 7.0
sccp ccm 152.63.1.19 identifier 4 version 7.0
sccp ccm 152.63.1.100 identifier 5 version 7.0
sccp ccm 172.27.210.5 identifier 6 version 7.0
sccp
sccp ccm group 2
bind interface GigabitEthernet0/0
associate ccm 4 priority 1
associate ccm 5 priority 2
associate ccm 6 priority 3
associate ccm 3 priority 4
associate profile 1002 register CFB_UK_CAM_02
associate profile 1001 register XCODE_UK_CAM_02
associate profile 1000 register MTP_UK_CAM_02
dspfarm profile 1001 transcode
codec ilbc
codec g722-64
codec g729br8
codec g729r8
codec gsmamr-nb
codec pass-through
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
maximum sessions 18
associate application SCCP
dspfarm profile 1002 conference
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 2
associate application SCCP
dspfarm profile 1000 mtp
codec g711alaw
maximum sessions software 200
associate application SCCP
dial-peer cor custom
name SRSTMode
dial-peer cor list SRST
member SRSTMode
dial-peer voice 100 voip
description *** Inbound CUCM ***
translation-profile incoming PSTN-incoming
incoming called-number .
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 500 voip
description *** Inbound TATA MPLS ***
translation-profile incoming MPLS-incoming
session protocol sipv2
session target sip-server
incoming called-number ....
incoming uri from 100
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 510 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 54[013-9]....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 520 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 5[0-35-9].....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 200 voip
description *** Inbound M12 *** 01223651081, 01223651440 - 01223651489
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 0122365....
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 201 voip
description *** Inbound M12 *** 012237280XX
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 012237280..
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 202 voip
description *** Inbound M12 *** 01223506701
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 01223506701
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 210 voip
description *** Outbound M12 ***
translation-profile outgoing PSTN-outgoing
destination-pattern +...T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 211 voip
description *** Outbound ISDN for SRST and emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 9.T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 212 voip
description *** Outbound ISDN for emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 11[02]
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 2000 voip
description *** Outbound to CUCM Primary ***
preference 1
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.19
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2001 voip
description *** Outbound to CUCM Secondary ***
preference 2
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.100
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2002 voip
description *** Outbound to CUCM Teritiary ***
preference 3
destination-pattern 542....
session protocol sipv2
session target ipv4:172.27.210.5
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 999010 pots
service stcapp
port 0/1/0
dial-peer voice 999011 pots
service stcapp
port 0/1/1
dial-peer voice 999012 pots
service stcapp
port 0/1/2
dial-peer voice 999013 pots
service stcapp
port 0/1/3
sip-ua
no remote-party-id
gatekeeper
shutdown
call-manager-fallback
secondary-dialtone 9
max-conferences 4 gain -6
transfer-system full-consult
ip source-address 10.198.2.9 port 2000
max-ephones 110
max-dn 400 dual-line no-reg
translation-profile incoming SRST-incoming
moh flash:/moh/Panjo.ulaw.wav
multicast moh 239.1.1.1 port 16384 route 10.198.2.9
time-zone 22
time-format 24
date-format dd-mm-yy
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 131
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
line vty 5 15
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
scheduler allocate 20000 1000
ntp server 10.1.30.1
end
eucamvgw01#
Sh SCCP
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.03.03 17:57:44 =~=~=~=~=~=~=~=~=~=~=~=
SCCP Admin State: UP
Gateway Local Interface: GigabitEthernet0/0
IPv4 Address: 10.198.2.9
Port Number: 2000
IP Precedence: 5
User Masked Codec list: None
Call Manager: 10.198.2.9, Port Number: 2000
Priority: 3, Version: 7.0, Identifier: 3
Call Manager: 152.63.1.19, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 4
Trustpoint: N/A
Call Manager: 152.63.1.100, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 5
Trustpoint: N/A
Call Manager: 172.27.210.5, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 6
Trustpoint: N/A
MTP Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1000
Reported Max Streams: 400, Reported Max OOS Streams: 0
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Transcoding Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1001
Reported Max Streams: 36, Reported Max OOS Streams: 0
Supported Codec: ilbc, Maximum Packetization Period: 120
Supported Codec: g722r64, Maximum Packetization Period: 30
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: gsmamr-nb, Maximum Packetization Period: 60
Supported Codec: pass-thru, Maximum Packetization Period: N/A
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
Conferencing Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1002
Reported Max Streams: 16, Reported Max OOS Streams: 0
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070080
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070081
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070082
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070083
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
eucamvgw01# -
Cisco 3850 Mobility Agent unable to connect clients
Hi
We are trying to use Cisco 3850 as Mobility agents with 5760. We can't seem to get the clients to authenticate to the radius server. We don't even see them appear in the radius logs.
We have defined the radius server and the profile
wlan Wireless 2 WAP
aaa-override
accounting-list Radius
client vlan wireless
security dot1x authentication-list Radius
session-timeout 1800
no shutdown
radius server Primary
address ipv4 x.x.x.x auth-port 1812 acct-port 1813
timeout 5
retransmit 2
key 7 ........
radius server Primary
address ipv4 x.x.x.x port 1812 acct-port 1813
timeout 5
retransmit 2
key 7 .........
The client appears to connect to the AP but can't authenticate so gets kicked off
If we do a test aaa group username password then it says that it's sucessful.
In the debug we get 802.1X required but then it never seems to get any further.Alright, so I finally figured out the issue with this. I had a Mobility Anchor set on the guest WLAN and once I removed that all started working again.
What is Mobility Anchor?
A. Mobility Anchor, also referred to as Guest tunneling or Auto Anchor Mobility, is a feature where all the client traffic that belongs to a WLAN (Specially Guest WLAN) is tunneled to a predefined WLC or set of controllers that are configured as Anchor for that specific WLAN. This feature helps to restrict clients to a specific subnet and have more control over the user traffic. Refer to the Configuring Auto-Anchor Mobility section of Cisco Wireless LAN Controller Configuration Guide, Release 7.0 for more information on this feature. -
Cisco 3850 Switch and Windows 7 IP Conflicts
Team,
Last evening (Christmas eve) we setup a pair of Cisco 3850 with IP Base version 3.3.35SE (recommended) and 3.7.0E (very latest).
We got these to replace a very old switch that had died. Attached to this network are windows 7 PC's with all the standard patches, service packs, etc.
with standard port configs - no PC would work - and in fact on each screen we got the windows 7 IP Conflict pop up box.
This seemed very odd to us, as we know these IP's are all static (no dhcp on this segment at all)
we went with a very vanilla config on each port
interface g1/0/1
switchport host
that is it - nothing special at all.
well, after hours of research we found the 3850 has a problem where its "ip device tracking" (even though disabled, by way of NOT being enabled on any interface) will effect the windows 7 PC's ip address in use detection port start up phase!
This is a very big problem. I am frankly SHOCKED Cisco would release a major switch that is going to not work when connected to the average network with windows 7 PC's.
we tried 3+ hours of prescribed work-arounds found when researching this issue -
ip device tracking probe delay 10 (global config)
ip device tracking max 0 (disabed, on interface)
finally,
nmsp attach suppress (interface, however this appears to be a default command in all IOS-XE versions we tried, as the command did NOT show in the show run) . this effected many different nic card vendors (laptops, desktops) and nic card drivers levels from old to very recent.
Finally,
we compared a 3850 in another location to this one - and we never got HIT by this problem before because that 3850 only as TRUNK ports and no windows 7 hosts directly attached.
Doing more research, I found out this also can effect vmware guests running windows SERVER.
this is now a huge issue as we have a scheduled deployment of 3850's throughout our network which is going to be put on hold.
the work-around I came up with which is not great is -
Make ALL the "access" ports connected to PC TRUNK ports and leave the NATIVE vlan (untagged) as the vlan you want the PC's to be in
interface g1/0/1
switchport mode trunk
switchport trunk native vlan 1
this is NOT an acceptable workaround as this presents security issues even with
switchport trunk allowed vlan 1, etc. as the only allowed vlan.
Note: this issue manifested itself and windows 7 PC's were UNABLE to use the network. if you do "ipconfig /all | more" you would see
192.168.0.140(duplicate) and the interface would actually use 169.254.0.239(duplicate) so the duplicate message appeared twice in the output.
1) With and without an SVI interface on each 3850 for the vlan where the windows 7 machines had a duplicate
2) when we had an SVI and the command ip device tracking probe use-svi (or whatever the hidden command is I forget now, but it took it)
3) when we had aaa new-model configured - and not configured - thinking this was some artifact of having aaa turn on something like 802.1x port state
4) when could confirm NO DHCP SNOOPING
5) when we DID not use static IP's - and had the switch assign DHCP addresses - the Windows 7 PC's STILL had duplicates and didnt work for their "Just leased" ip's.
6) when we could confirm ios-xe ip device tracking = disabled with show ip device tracking status, etc.
This is a major problem for this 3850 and unless we get a definitive answer on why this is happening and how we can rectify we are going to have to return our 3850's and get HP Procurve's something I would rather avoid doing. There is NO REASON I can imagine other than older switches who's ports default to ROUTED ports (i.e.. no ip switchport) where a switch should not at least function as a bare switch with essentially a default configuration out of the box.
Any ideas? I'm working well now with the ports ALL in trunking mode with vlan 1 native, but this is not a scalable workaround we can live with as we have security risks of a port not blocking certain vlans from going out ports to pc's, etc. that attackers could send tags on at that point, etc.
thanks,
Joe Brunner
#19366thanks for replying - i'm not onsite (its a standalone network) - but here is what it is -
Answers in line -
This all stems from a switch replacement correct?
yes a 10 year old Allied Telesyn switch was replaced that had no config - like a hub, just used for connectivity.
Are these 3850's in a stack?
>yes, tested all aspects of the stack many times.
Does it have a managment ip address -If so, is it using the old switch ip address
>old switch had no ip - i made a "management interface" on vlan 1 - BUT no ip on the built-in management interface on the switch.
What are they connecting to? (a router/L3 switch/anohter switch- cisco-HP etc..)
>various other devices - only 1 link back to a single 3750x stack. that switch is "hardened" so to speak to reveal or propagate very little by design.
How are they connected( L3 interface/L2 trunk/access port)
>all ports are left in trunk mode with vlan 1 as the active and untagged port. this was the workaround done to ever get the switch going. in "out of the box" or default mode as we initially wanted (no config) links to windows 7 PC's didnt work. links to linux or other devices non-windows did work!
Are thse switches performing inter-vlan routing or just acting as host switches?
>dumb flat network, no routing.
Is ip routing enabled?
>not unless enabled on 3850 by default. I didnt type "ip routing"
Do you have multiple vlans in your network and if so ar ethe being propergated to these new switches?
Your 7 pcs = are they just client pcs not servers?
client PC's - no servers OS per say.
can you confirm something like ICS isnt enabled (Internet connection sharing) on any of them?
>yes not enabled.
Are the just using one NIC each?
> one machine is dual homed - but we know where its "second nic" goes - to another cisco network which is NOT connected back to this one. we traced all our ports a few times thinking even perhaps some small hub was "reflecting" traffic back to us - like a blackbox. Strangest thing -
default config out of the box - with ALL ports SHUTDOWN EXCEPT the single windows 7 facing port - the windows 7 machine STILL registered an IP CONFLICT when connected to the 3850 - even when it had NO SVI's!!! (i know mind numbing). if you disconnected the pc and connected it to an old cisco switch - it worked fine!!! wow.
sh switch
2 identical 3850's in working stack. power and network stacked. both at same version, etc - upgraded each time with "software install file flash:<long ios name>.bin
tested all power and general 3850 stacking. saw no issues.
sh int trunk
>all ports are now trunks (hence the workaround used to get it up).
has 20 trunks to PC's and some single connected switches (far away on fiber) - all allow only vlan 1 - no other vlans were created - very very simple network. vlan 1 is native
sh vlan brief
>just vlan 1 - no vlans created, checked this many times - had vlan 100 at one point - made sure it was gone over a period of hours.
sh vtp status
not setup - left complete default; no vtp domain set - connected to all switches in transparent model if a switch connection exists.
sh cdp neighbours
cant post (for god and country LOL) but there is one link back to our "core" so to speak - that switch is hardened not to allow any settings to slip over to new switches so hence no vtp, cdp is one to help troubleshooting.
sh ip route
just the L and C routes for the vlan 1 ip address 192.168.17.1/24
no static routes
no vlan interfaces other than int vlan 1
no ip address on g0/0/0 -> the default 3850 management interface hard assigned to the 3850 VRF you cant remove.
int g0/0/0
ip vrf forwarding Switch_Mgmt
i can get over there if you think of anything else key to show the group.
thanks,
Joe -
Unable to change boot file on Cisco 3850
I was working on a Cisco 3850 24 port switch today and I read that it doesn't use the normal "boot system flash:XYZ.bin" but instead it's something like this:
"software install file flash:XYZ.bin new"
That changes the install package or something which makes it boot in the newly selected package which contains the new IOS. Anyway, when i put in that command I get something about "Failed to ...." or something. I'm sorry but I'm at home now and I don't have the device with me and it just occured to me to post this on the forum for possible help. Either way, it's specifically says "Failed..." as the first word which is not what it should normally say.
I used these directions:
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps12686/deployment_guide_c07-727067.html#wp9000169
I am in Install mode. Can anyone help me figure out why this is happening before my outage window on Sunday night? I've downloaded the new version of the IOS from Cisco.com and verified it is currently located in the flash of this device.
Thanks for any help you can provide!Joshua,
Plesae find quick guide on upgrading and booting, see below as a reference.
Recovering from a 3850 boot failure.
There are multiple reasons a 3850 may fail to boot correctly including a corrupt boot image, a corrupt packages.conf file, missing files, etc. Below are a few different possible recovery methods to try. I will also explain the two possible mode options, Install and bundle and why you might want to use one or the other.
Install vs. Bundle Mode
There are a few difference in the two modes, I would recommend reading over the config guide for more in-depth details. The recommended mode during operation is INSTALL mode because it allows for more features and requires fewer resources when booting.
++Install Mode
This is the out-of-the-box mode that your switch will be in. INSTALL mode uses a package provisioning file named packages.conf to boot the switch.
If you happen to be in bundle mode upon boot, you can simply boot your switch in install mode by booting the software package provisioning file that resides in flash. If packages.conf doesn�t exist in flash, you need to expand the bundle into the flash file system by running
Switch# software expand file flash: cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin to flash:
Once this completes, you will have all the needed files in flash. You can then change the boot statement to boot to packages.conf
Switch#Config t
Switch(config)# no boot system
Switch(config): boot system switch all flash:packages.conf (do not modify this file, unless necessary)
Switch#write memory
The provisioning file contains a list of software packages to boot, mount, and run. The ISO file system in each installed package is mounted to the root file system directly from flash.
NOTE **Auto-upgrade is disabled, by default. (once in install mode - execute the following command in global config: software auto-upgrade enable )
NOTE **Auto-upgrade includes an auto-copy process and an auto-extract process.
++Bundle Mode
As noted previously, bundle mode consumes more memory than booting in install mode because the packages are extracted from the bundle and copied to the RAM. If you decide to convert to bundle mode, you will first need to download the .bin file from CCO if you don�t already have it in flash. Once in flash, you can simply change your boot statement to point to the (.bin) file:
Switch#Config t
Switch(config)# no boot system
Switch(config): boot system switch all flash: cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
Switch#write memory
The provisioning file contained in a bundle is used to decide which packages to boot, mount, and run. Packages are extracted from the bundle and copied to RAM.
NOTE **Auto install and smart install functionality is not supported in bundle boot mode.
Recovery Methods
USB
The 3850 has a USB port on the front that can be used for both console access and also the ability to utilize a flash drive for image backup and recovery.
If you happen to be stuck at the switch: prompt with a corrupt image or .conf file, you can easily boot to a file stored on the USB drive.
1. Verify that the flashdrive is recognized and the .bin file exists
switch: dir usbflash0:
Directory of usbflash0:/
74 -rw- 223734376 cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
2. Boot to the USB image
switch: boot usbflash0:cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
Corrupt packages.conf
I�ve seen instances in which packages.conf continually calls files that no longer exist in flash. You can boot to an image from ROMMON just fine, however upon reload it will call packages.conf again and fail to boot. If this happens, I recommend backing up the existing packages.conf file by renaming it or deleting all together. NOTE: The previous step is mandatory as the next step will fail if a .conf file already exists. You can then run an BUNDLE extract which will create a new packages.conf file.
1. Once booted up (in BUNDLE mode) verify the files in flash
Switch#dir flash:
Directory of flash:/
15500 -rwx 1243 Aug 1 2013 07:04:02 +00:00 packages.conf
2. Copy or rename the existing packages.conf file
Switch#cp flash:packages.conf flash:packages.conf.badop flash:packages.conf flash:packages.conf.bad
Destination filename [packages.conf.bad]?
Copy in progress...C
1243 bytes copied in 0.140 secs (8879 bytes/sec)
Switch#dir flash:
Directory of flash:/
15500 -rwx 1243 Aug 1 2013 07:04:02 +00:00 packages.conf
15502 -rw- 1243 Aug 1 2013 11:53:51 +00:00 packages.conf.bad
3. Delete packages.conf
Switch#del flash:packages.conf
Delete filename [packages.conf]?
Delete flash:/packages.conf? [confirm]
4. Expand BUNDLE to create new packages.conf
Switch#software expand running switch 1 to flash:
Preparing expand operation ...
[1]: Expanding the running bundle
[1]: Copying package files
[1]: Package files copied
[1]: Finished expanding the running bundle
5. Verify boot
Switch#show boot
Switch 1
Current Boot Variables:
BOOT variable does not exist
Boot Variables on next reload:
BOOT variable = flash:packages.conf;
Manual Boot = no
Enable Break = no
6. Reload Switch
switch#reload
Reload command is being issued on Active unit, this will reload the whole stack
Proceed with reload? [confirm]
Emergency Recovery
If all else fails, the 3850 has a �trap door� method of recovering the system. All you need is a terminal connected to the management port of the 3850 running a tftp server. Download a valid image file from CCO and store it in the root of the tftp server.
On the switch, you are most likely stuck at the switch: prompt. If however you are in some sort of boot loop, you can use the �mode� button on the front of the switch to break the cycle. Simply hold the button for roughly 10 seconds and the switch should react by breaking the cycle and stopping at a switch: prompt. The following steps will walk you through the recovery:
1. Set the switch IP
switch: set IP_ADDR 192.0.2.123/255.255.255.0
2. Set the default gateway
switch: set DEFAULT_ROUTER 192.0.2.1
3.Test connectivity by pinging terminal (that contains the tftp server)
switch: ping 192.0.2.1
ping 192.0.2.1 with 32 bytes of data ...
Host 192.0.2.1 is alive.
4. Verify that the emergency files exist in the switches file system
switch: dir sda9:
Directory of sda9:/
2 drwx 1024 .
2 drwx 1024 ..
11 -rwx 18958824 cat3k_caa-recovery.bin
36903936 bytes available (20866048 bytes used)
5. Run the emergency install feature
switch: emergency-install tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
The bootflash will be erased during install operation, continue (y/n)?Y
Starting emergency recovery (tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin)...
Reading full image into memory......................done
Nova Bundle Image
Kernel Address : 0x6042f5d8
Kernel Size : 0x317ccc/3243212
Initramfs Address : 0x607472a4
Initramfs Size : 0xdc6546/14443846
Compression Format: .mzip
Bootable image at @ ram:0x6042f5d8
Bootable image segment 0 address range [0x81100000, 0x81b80000] is in range [0x80180000, 0x90000000].
File "sda9:cat3k_caa-recovery.bin" uncompressed and installed, entry point: 0x811060f0
Loading Linux kernel with entry point 0x811060f0 ...
Bootloader: Done loading app on core_mask: 0xf
### Launching Linux Kernel (flags = 0x5)
Initiating Emergency Installation of bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
Downloading bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Validating bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Installing bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Verifying bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Package cat3k_caa-base.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-drivers.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-infra.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-iosd-universalk9.SPA.150-1.EX2.pkg is Digitally Signed
Package cat3k_caa-platform.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-wcm.SPA.10.0.111.0.pkg is Digitally Signed
Preparing flash...
Syncing device...
Emergency Install successful... Rebooting
Restarting system.
Please let me know if you have any further questions.
HTH
Regards
Inayath -
Cisco 3850 Dual Power Supply - One No Response
Hey Guys,
I am getting multiple switches on my network showing "power supply failure" from Solarwinds.
I am running Cisco 3850s running v 03.02.03.SE cat3k_caa-universalk9 iOS, and they all have dual power supplies. When i do the sh env power, I get this output.
SWITCH1#sh env power
SW PID Serial# Status Sys Pwr PoE Pwr Watts
1A PWR-C1-715WAC xxxx OK Good Good 715
1B PWR-C1-715WAC xxxx No Response Good Good 715
SWITCH2#sh env power
SW PID Serial# Status Sys Pwr PoE Pwr Watts
1A PWR-C1-715WAC xxxx OK Good Good 715
1B PWR-C1-715WAC xxxx No Response Good Good 715
When I physically go down to look at the switches, they have green lights, so they are receiving power, but I keep getting the PSU failure alerts.
Do you think it is an iOS issue, and should I upgrade? Or has anyone else seen this?Hi,
I think below Bug could match with your issue.
"power supply B is not responding" reoccurring on Catalyst switches
https://tools.cisco.com/bugsearch/bug/CSCun41735/?reffering_site=dumpcr
And we can see workaround of this issue is HW workaround.
Thanks,
Jack -
Cisco prime 2.1 not showing wired clients connected to Cisco 3850 switches
Hello All,
I have around 80 Cisco 3850 switches at a customer network and they are using prime infrastructure 2.1.2 to manage these devices. Most of the features are working fine except that the prime does not show the wired clients connected to the switches. The wireless clients are shown properly but not the wired clients. Their core switches are nexus 7k. The SNMP configuration on the switches is as follows.
snmp-server group xxxx v3 priv write xxxx-VIEW-WR
snmp-server view xxx-VIEW-WR mib-2 included
snmp-server trap-source Vlan100
snmp-server host x.x.x.x version 3 priv testuser
Please help me to resolve this issue.
ShabeebI managed to get the end hosts connected in 3850 switches with the use of snmp context command. But now the issue is that prime is showing only the mac address of the device , not the IP address.
Is there anyway to resolve this issue? -
I have two Cisco 3850 switches that I cannot get to talk to one another over VLAN routing. I appear to have everything configured correctly but the VLAN traffic is not passing over the trunk. I have included both configurations. I cannotget traffic between VLAN 6 and 7.Any possible assistance is appreciated. =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2015.07.16 14:23:41 =~=~=~=~=~=~=~=~=~=~=~=
User Access VerificationPassword:
Switchen
Password:
Switch#sho ru w run
Building configuration...Current configuration : 5138 bytes
! Last configuration change at 17:58:01 UTC Thu Jul 16 2015
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
hostname Switch
boot-start-marker
boot-end-marker
vrf definition Mgmt-vrf
address-family ipv4
This topic first appeared in the Spiceworks CommunityHi
You can't register any AP to a 3850 unless those APs are directly connected to your 3850. So you won't able to register remote site's AP to central site 3850.
If you have directly connected APs & having issues with registering them to 3850, please refer below post.
http://mrncciew.com/2013/09/29/getting-started-with-3850/
HTH
Rasika
**** Pls rate all useful responses **** -
issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login
issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login
-
Directory Caching issue with Cisco Jabber client for Windows
Hi ,
I am facing cache issue with Cisco Jabber client for Windows. If I do any change related to modification or deletion of contacts in Active Directory/ Callmanager, it does not reflect in the Jabber. Because jabber takes the contacts from the locally stored cache file in the Windows system.
Every time I have to remove the cache file to overcome this issue, practically it's not possible to do the same with all the Widows users. As, if any employee leaves the company and still I can see his contact appears in the "Cisco Jabber client". I have not seen this issue with Android/Apple iOS.
Is there any automated way to remove the cache file?
Here is the detail of CUCM,Presence and Jabber.
CUCM version: 9.1.x
Presence : 9.1.X
Jabber : 10.5 and 10.6Hello
On our environment we had to install a dedicated Microsoft Certificate Authority "just for Cisco Jabber usage" to house the
Network Device Enrollment Service.
Our certificate for the CUPS were generated on this Certification Authority too.
I discussed this certificate matter with my colleagues this afternoon and nobody seems to remember how these certificates were deployed into the
Enterprise Trust store for the users.
But I think they asked all 400 users to accept the 3 certificates by answering "yes" to the popup instead of using a script deployed by GPO...
I wish you success with that deployment and really hope you have a technical partner that *Knows* this subject.
Our partner left us alone with that unfortunately.
Florent
EDIT: If the "Certutil script method" works, please let me know. This could be useful in our own deployment. -
Routing issue between Cisco Nexus and Cisco 4510 R+E Chassis
We have configured Cisco Nexus 7K9 as core and Cisco 4510 R+E as access switches for Server connectivity.
We are experiencing problem in terms of ARP learning and Ping issues between Cisco Nexus and end hosts.Hi,
So you have N7k acting as L3 with servers connected to 4510?.
Do you see the MAC associated with failing ARP in 4510?. Is it happening with all or few servers?. Just to verify if it is connectivity issue between N7k and 4510, you can configure an SVI on 4510 and assign address from same raneg (server/core range) and perform a ping.
This will help narrow down if issue is between server to 4510 or 4510 to N7k.
Thanks,
Nagendra -
MacBook and MacBook Pro with 10.6: Wireless Airport Issues with Cisco
Long Story but please bear with me:
Loaded SL on my daughters MacBook and my MacBook Pro. Internet worked flawlessly at our house (WEP encrypted) and on other public wifi. When my daughter went back to her sorority house at college 24 hours later, she could not access the internet using the sorority house network (Cisco Aironet 1800 router and Cisco Airo Access Points).
Her Airport on the MacBook appeared connected at full strength yet no internet. Two calls to Apple support (they were very nice) did not help. All the following were tried:
1. Reset PRAM
2. Deleted Airport and Safari plists
3. Edited locations
4. Removed Battery
5. Others I cannot now remember
Still no net. However, she could 'pirate' and hop on line with other identified public wifi adjacent to the sorority house. I drove to the sorority house today and tried to get on the network wirelessly using my MacBook Pro with SL. Same identical results to hers. Another MacBook without SL works great and gets right on the network.
Is this some SL influenced issue with the Airport card and the Cisco system? Weird that both of our laptops work great with several other wifi networks but not the one at the sorority house.
Could much of what we all our seeing with the internet access problem lie not with issues within our software or computers but with the routers and access points not being compatible? I have very little understanding of this stuff (as you all can probably tell) but the Apple Support people acted like it was a old firmware issue with Cisco and not with SL. Not actually what I wanted to hear.
Any ideas or suggestions?Your description there, particularly the last part, sounds like my problem. At home, we connect using Airport and ADSL which was OK, once SL had sorted out passwords.
At my office, where there are two wifi systems, I could not get on either, although did have IP numbers on both. The link to the outside world is via a proxy which uses a PAC file. Network Diagnostics reported each time (whatever I did) that the link to the server was OK, but the Internet was not.
I created a new Location with identical settings (typing them in and not copying) and the only visible difference is that the new location has no DNS numbers -- I had not noticed that before. The moment I pressed, Apply, the computer was online.
I was guessing that there was a conflict in a .plist file somewhere; but now I wonder if DNS might have been the reason (the DNS number usually used is the one from the router itself). -
Hello all)
I have the task to configure QoS for SSID. I have 1602E points and 4 SSIDs per point. I want to priorities one of them. APs are connected to cisco 3850. Please help me how can I do it?Bandwidth and Priority Management at SSID Level
The next step is to take care of the QoS policy at the SSID level. This step applies to both the Catalyst 3850 switch and to the 5760 controller. This configuration assumes that voice and video traffic is identified through the use of class-map and access-lists and is tagged properly. However, some incoming traffic that is not targeted by the access-list may not display its QoS marking. In that case, you can decide if this traffic should be marked with a default value or left untagged. The same logic goes for traffic already marked but not targeted by the class-maps. Use the default copy statement in a table-map in order to ensure that unmarked traffic is left unmarked and that tagged traffic keeps the tag and it not remarked.
Refer the link for the Complete Configuration : www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/116479-configure-qos-00.html#anc15 -
Issue with cisco ONS 15310. Slot with Ethernet ports, designed for bridging.
Hi, guys. I’ve got an issue with cisco ONS 15310 sdh optical network. I’ve got a special slot with Ethernet ports, designed for bridging. Assume, we’ve got to multiplexers, named A and B with ports A0 and B0 respectively. The ios console of these slots says, the configuration is as follows:
no ip address set on these ports
Ports are administratively up
Auto mdix
Bridge groups are the same on these ports.
Dot1q tunnel.
I’m trying to monitor a device with an ip-address connected to port B0. It answers ping if I connect the notebook directly to a device. But if I connect the notebook to port A0 and ping the device pluged in port B0 through the optical network, it doesn’t answer. I tried connections with straight and cross cable.
Guys, who set the network said, it should work as a point to point bridge with no extra configuration. But it doesn’t. I used wireshark sniffer to lookup what’s happening on port A0. All I see is cdp-s from port A0 and self-announcements of the notebook.
Any suggestions? Thank you in advance.B
Building configuration...
Current configuration : 3712 bytes
! Last configuration change at
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname B
boot-start-marker
boot-end-marker
enable password -
clock timezone -
ip subnet-zero
no ip domain-lookup
no mpls traffic-eng auto-bw timers frequency 0
bridge 100 protocol ieee
bridge 140 protocol ieee
bridge 141 protocol ieee
bridge 142 protocol ieee
bridge 143 protocol ieee
bridge 144 protocol ieee
interface Loopback0
ip address 192.x.0.x 255.255.255.255
interface FastEthernet0
description -
no ip address
mode dot1q-tunnel
bridge-group 140
bridge-group 140 spanning-disabled
interface FastEthernet1
description --- B0 ---
no ip address
mode dot1q-tunnel
bridge-group 141
bridge-group 141 spanning-disabled
interface FastEthernet2
description -
no ip address
mode dot1q-tunnel
bridge-group 142
bridge-group 142 spanning-disabled
interface FastEthernet3
description -
no ip address
mode dot1q-tunnel
bridge-group 143
bridge-group 143 spanning-disabled
interface FastEthernet4
description -
no ip address
mode dot1q-tunnel
bridge-group 144
bridge-group 144 spanning-disabled
interface FastEthernet5
no ip address
shutdown
interface FastEthernet6
no ip address
shutdown
interface FastEthernet7
description -
no ip address
shutdown
mode dot1q-tunnel
bridge-group 100
bridge-group 100 spanning-disabled
interface POS0
description -
no ip address
crc 32
interface POS0.1
encapsulation dot1Q 141
no snmp trap link-status
bridge-group 141
interface POS0.2
encapsulation dot1Q 142
no snmp trap link-status
bridge-group 142
interface POS0.3
encapsulation dot1Q 143
no snmp trap link-status
bridge-group 143
interface POS0.4
encapsulation dot1Q 144
no snmp trap link-status
bridge-group 144
interface POS0.5
description -
encapsulation dot1Q 140
no snmp trap link-status
bridge-group 140
interface POS1
no ip address
crc 32
interface POS1.1
encapsulation dot1Q 100
no snmp trap link-status
bridge-group 100
router ospf 100
log-adjacency-changes
network 192.x.0.x 0.0.0.0 area 0
ip default-gateway [x.x.x.x]
ip classless
no ip http server
snmp-server community public RO
snmp-server ifindex persist
snmp-server trap link ietf
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps config
snmp-server enable traps cpu threshold
snmp-server enable traps entity
snmp-server enable traps syslog
snmp-server enable traps hsrp
snmp-server enable traps config-copy
snmp-server enable traps bridge
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps bgp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps ipmulticast
snmp-server enable traps rtr
snmp-server enable traps mpls traffic-eng
snmp-server enable traps mpls ldp
snmp-server enable traps rsvp
snmp-server enable traps l2tun session
snmp-server enable traps mpls vpn
snmp-server host x.x.x.x public
control-plane
line con 0
line vty 0 4
password -
logging synchronous level 4
login
end
Maybe you are looking for
-
DMS_MASS_UPLOAD_HELP
Hello Team, We are implementing SAP in one of the client's place. He has been using other ERP but some how has been saving all drawing files in to PC. Now initially while implementing DMS how to do mass upload of all available drawings and link the m
-
How to remove oneself from discussion thread
how do you remove yourself from a discussion thread? i asked a question 6 months ago and i still get updates, i have checked my profile and every alert question i have selected no. ***?
-
Fujifilm s5 - lens correction - LR thinks S5 is fullframe
Hey, This more a bug-report than a question. I've been using the lens correction feature with my nikon d50. This summer I bought a used fujifilm s5 and found out that the lenscorrection does odd things. If I use the (aps-c) sigma 18-50 2.8 lens on th
-
Disable button when user clicks
Hi., I am using jdev 11.1.5 I need to disable button when user clicks the record which contain the value 'No' My scenario Id Value 1 Yes 2 No 3 YesThe button should get enabled for the first record which cont
-
I love my iPad, but am mostly a pc guy. I installed an app for a magazine, deleted the App as I only wanted to read one month, and now the app wants to update even though I no longer use it nor want it. On top of that I can not find clear information