05-15-2020 08:45 AM
hi
i have this error when i trying to access any device connected to the terminal server
can any one help me ?
CS2900-AS02#r10
% Unknown command or computer name, or unable to find computer address
CS2900-AS02#r11
% Unknown command or computer name, or unable to find computer address
CS2900-AS02#sho running-config
Building configuration...
Current configuration : 6445 bytes
!
! Last configuration change at 09:56:43 UTC Fri May 15 2020
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CS2900-AS02
!
boot-start-marker
boot-end-marker
!
!
enable password 7 00403E23474B
!
aaa new-model
!
!
aaa group server radius aapdnservers
server-private 212.x.x.x key 7 0324080A12
!
aaa authentication login default line
aaa authentication login console enable
aaa authentication login aapdnvty group aapdnservers enable
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no ip bootp server
no ip domain lookup
ip domain name ABCDEF
ip host r14 2014 192.168.0.1
ip host Nokia- 2004 192.168.0.1
ip host r9 2009 192.168.0.1
ip host r10 2010 192.168.0.1
ip host CS7200-SL01 2015 192.168.0.1
ip host r12 2012 192.168.0.1
ip host r3 2003 192.168.0.1
ip host r5 2005 192.168.0.1
ip host r6 2006 192.168.0.1
ip host r7 2007 192.168.0.1
ip host CS4500-GS01 2013 192.168.0.1
ip host StadWIFI7200 2011 192.168.0.1
ip host 7200-1 2018 192.168.0.1
ip host 7200-GCC 2017 192.168.0.1
ip host 3560-2 2016 192.168.0.1
ip host r8 2008 192.168.0.1
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
cts logging verbose
!
!
voice-card 0
!
!
!
!
!
!
!
!
license udi pid CISCO2901/K9 sn FCZ1718C457
license accept end user agreement
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package uck9
license boot module c2900 technology-package datak9
!
!
username cisco privilege 15 password 7 0242297E48162F2
!
redundancy
!
!
!
!
!
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
!
!
!
!
!
!
!
interface Loopback1
ip address 192.168.0.1 255.0.0.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description Connected to IT LAN
ip address 172.20.228.48 255.255.252.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Async0/0/0
no ip address
encapsulation slip
!
interface Async0/0/1
no ip address
encapsulation slip
!
interface Async0/0/2
no ip address
encapsulation slip
!
interface Async0/0/3
no ip address
encapsulation slip
!
interface Async0/0/4
no ip address
encapsulation slip
!
interface Async0/0/5
no ip address
encapsulation slip
!
interface Async0/0/6
no ip address
encapsulation slip
!
interface Async0/0/7
no ip address
encapsulation slip
!
interface Async0/0/8
no ip address
encapsulation slip
!
interface Async0/0/9
no ip address
encapsulation slip
!
interface Async0/0/10
no ip address
encapsulation slip
!
interface Async0/0/11
no ip address
encapsulation slip
!
interface Async0/0/12
no ip address
encapsulation slip
!
interface Async0/0/13
no ip address
encapsulation slip
!
interface Async0/0/14
no ip address
encapsulation slip
!
interface Async0/0/15
no ip address
encapsulation slip
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 172.20.228.81
!
ip access-list standard snmp_list
permit 212..x.x.x
permit 82..x.x.x
permit 212..x.x.x
ip access-list standard vty_list
permit 83.x.x.x
permit 83.x.x.x
permit 83.x.x.x
logging host 212.x.x.x
logging host 212.x.x.x
logging host 212.x.x.x
!
!
snmp-server community wswseweq RO snmp_list
snmp-server community @swsewewq RW snmp_list
snmp-server queue-limit notification-host 1000
snmp-server enable traps snmp linkdown linkup coldstart warmstart
snmp-server enable traps flash insertion
snmp-server enable traps flash removal
snmp-server enable traps entity
snmp-server enable traps cpu threshold
snmp-server enable traps syslog
snmp-server host 212.x.x.x version 2c weweqwqw
snmp-server host 212.x.x.x version 2c weweqwqw
access-list 140 permit ip 212.x.x.x 0.0.0.255 any
!
!
!
control-plane
!
!
!
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
!
line con 0
password 7 0908632C5A15371C
line aux 0
password 7 0908632C5A15371C
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 0/0/0 0/0/1
no exec
transport input all
transport output all
speed 115200
flowcontrol hardware
line 0/0/2 0/0/5
session-timeout 20
exec-timeout 0 0
no exec
transport input all
transport output all
line 0/0/6 0/0/7
session-timeout 20
exec-timeout 0 0
no exec
transport input all
transport output all
speed 115200
flowcontrol hardware
line 0/0/8 0/0/15
session-timeout 20
exec-timeout 0 0
no exec
transport input all
transport output all
line vty 0 4
session-timeout 20
exec-timeout 60 0
password 7 041F26234C316C
transport input all
transport output none
line vty 5 15
exec-timeout 60 0
password 7 041F26234C316C4
transport input all
transport output none
!
scheduler allocate 20000 1000
ntp server 212.x.x.x
!
end
05-15-2020 09:16 AM - edited 05-15-2020 09:17 AM
from this device are you able to ping that routers
ping r11 and r11
also try to connect telnet before using hostname ? and see if that works
here is good reference guide :
https://www.ciscopress.com/articles/article.asp?p=27650&seqNum=5
05-15-2020 10:19 AM
hi Balaji
thank you for your support
yes can i ping to routers successfully but i cant log in to that router since it connect to the console for emergence issues on r11
S2900-AS02#ping r11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
05-15-2020 12:59 PM
I do not see your r11 mapping here, did i miss here ? try manually IP address and port
telnet x.x.x.x port before you going to use host mapping.
ip host r14 2014 192.168.0.1
ip host Nokia- 2004 192.168.0.1
ip host r9 2009 192.168.0.1
ip host r10 2010 192.168.0.1
ip host CS7200-SL01 2015 192.168.0.1
ip host r12 2012 192.168.0.1
ip host r3 2003 192.168.0.1
ip host r5 2005 192.168.0.1
ip host r6 2006 192.168.0.1
ip host r7 2007 192.168.0.1
ip host CS4500-GS01 2013 192.168.0.1
ip host StadWIFI7200 2011 192.168.0.1
ip host 7200-1 2018 192.168.0.1
ip host 7200-GCC 2017 192.168.0.1
ip host 3560-2 2016 192.168.0.1
ip host r8 2008 192.168.0.1
05-15-2020 01:23 PM
05-16-2020 12:14 AM
here is the error - you do not hve transport enabled to telnet.
CS2900-AS02#telnet 7200-1
% telnet connections not permitted from this terminal
here is the config add appropriate device and test and let us know.
05-16-2020 02:51 AM
05-16-2020 03:30 AM
You getting "% Authentication failed" , since we dont know other side device config, configure authentication as per the below document, has clear step by steps.
https://www.ciscopress.com/articles/article.asp?p=27650&seqNum=5
still has issue post the full config, the device you do not get authenticated to correct the config.
05-18-2020 12:57 AM
05-18-2020 02:38 PM
You need to Look VTY Line config to work. Example as below.
line con 0 login line 1 16 line aux 0 line vty 0 4 exec-timeout 15 0 password 7 XXXXXXXXXXXXXXXXXXXX login
06-03-2020 01:48 AM
Hi sorry for late response
i check again and I thing this related to aaa server, i don't need to make the ASYNC line to connect the AAA
CS2900-AS02#sho run
Building configuration...
Current configuration : 6617 bytes
!
! Last configuration change at 13:19:27 UTC Tue Jun 2 2020 by murad
! NVRAM config last updated at 13:09:42 UTC Sun May 31 2020 by murad
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CS2900-AS02
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$wo6x$EMHt8
!
aaa new-model
!
!
aaa group server radius ppdnserversabc
server-private x.x.x.x auth-port 1646 acct-port 1645 key 7 1532580
!
aaa authentication login ppdnvty group pdnserversabc enable
!
aaa session-id common
no ip bootp server
no ip domain lookup
ip domain name P000
ip host 3560-2 2016 192.168.0.1
ip host r14 2014 192.168.0.1
ip host Nokia-SR-12 2004 192.168.0.1
ip host r9 2009 192.168.0.1
ip host r10 2010 192.168.0.1
ip host CS7200-SL01 2015 192.168.0.1
ip host r12 2012 192.168.0.1
ip host r3 2003 192.168.0.1
ip host r5 2005 192.168.0.1
ip host r6 2006 192.168.0.1
ip host r7 2007 192.168.0.1
ip host CS4500-GS01 2013 192.168.0.1
ip host StadWIFI7200 2011 192.168.0.1
ip host 7200-1 2018 192.168.0.1
ip host 7200-GCC 2017 192.168.0.1
ip host r8 2008 192.168.0.1
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
cts logging verbose
voice-card 0
license udi pid CISCO2901/K9 sn FCZ171
license accept end user agreement
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package uck9
license boot module c2900 technology-package datak9
!
!
username muradove password 7 13413A37481C242
!
redundancy
!
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh rsa keypair-name ssh
!!
interface Loopback1
ip address 192.168.0.1 255.0.0.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description Connected to IT LAN
ip address 172.20.228.48 255.255.252.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Async0/0/0
no ip address
encapsulation slip
!
interface Async0/0/1
no ip address
encapsulation slip
!
interface Async0/0/2
no ip address
encapsulation slip
!
interface Async0/0/3
no ip address
encapsulation slip
!
interface Async0/0/4
no ip address
encapsulation slip
!
interface Async0/0/5
no ip address
encapsulation slip
!
interface Async0/0/6
no ip address
encapsulation slip
!
interface Async0/0/7
no ip address
encapsulation slip
!
interface Async0/0/8
no ip address
encapsulation slip
!
interface Async0/0/9
no ip address
encapsulation slip
!
interface Async0/0/10
no ip address
encapsulation slip
!
interface Async0/0/11
no ip address
encapsulation slip
!
interface Async0/0/12
no ip address
encapsulation slip
!
interface Async0/0/13
no ip address
encapsulation slip
!
interface Async0/0/14
no ip address
encapsulation slip
!
interface Async0/0/15
no ip address
encapsulation slip
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
!
line con 0
access-class vty_list in
exec-timeout 5 0
password 7 0908632C5A15371C
stopbits 1
line aux 0
password 7 0908632C5A1537
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 0/0/0 0/0/1
no exec
transport input telnet
transport output all
speed 115200
flowcontrol hardware
line 0/0/2 0/0/5
session-timeout 20
exec-timeout 0 0
no exec
transport input telnet
transport output all
line 0/0/6 0/0/7
session-timeout 20
exec-timeout 0 0
no exec
transport output none
speed 115200
flowcontrol hardware
line 0/0/8 0/0/15
session-timeout 20
exec-timeout 0 0
no exec
transport input all
transport output all
line vty 0 4
session-timeout 5
exec-timeout 0 0
password 7 041F26234C316C40
logging synchronous
login authentication pdnvty
transport input telnet ssh
transport output all
line vty 5 15
session-timeout 5
exec-timeout 0 0
password 7 041F26234C31
logging synchronous
login authentication pdnvty
transport input all
transport output all
!
scheduler allocate 20000 1000
ntp server 212.
!
end
CS2900-AS02#
CS2900-AS02#3560-2
Translating "3560-2"
Trying 3560-2 (192.168.0.1, 2016)... Open
User Access Verification
Username: muradove (aaa account)
Password:(aaa account password)
% Authentication failed
Username: muradove
Password:(enable password )
% Authentication failed
Username: muradove
Password: (telnet, ssh password)
% Authentication failed
[Connection to 3560-2 closed by foreign host]
i debug this request and i found this logs
Jun 2 13:06:14.568: AAA/BIND(0000009A): Bind i/f Async0/0/13
Jun 2 13:06:14.568: AAA/AUTHEN/LOGIN (0000009A): Pick method list ' Permanent Local'
Jun 2 13:06:26.020: AAA/AUTHEN/LOGIN (0000009A): Pick method list ' Permanent Local'
Jun 2 13:08:24.996: AAA/BIND(0000009B): Bind i/f Async0/0/12
Jun 2 13:08:24.996: AAA/AUTHEN/LOGIN (0000009B): Pick method list ' Permanent Local'
Jun 2 13:09:07.872: AAA/BIND(0000009C): Bind i/f Async0/0/12
Jun 2 13:09:07.876: AAA/AUTHEN/LOGIN (0000009C): Pick method list ' Permanent Local'
Jun 2 13:09:18.248: AAA/AUTHEN/LOGIN (0000009C): Pick method list ' Permanent Local'
Jun 2 13:13:06.876: AAA/BIND(0000009D): Bind i/f Async0/0/12
Jun 2 13:13:06.880: AAA/AUTHEN/LOGIN (0000009D): Pick method list ' Permanent Local'
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide