cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1372
Views
0
Helpful
5
Replies
joseph.neal
Beginner

Nexus 5020 questions

I have 2 questions...

1) How do I disable the web server? It appears to be the FC side of the box since it's titled "Cisco MDS 9000 Management". The standard "no ip http server" command doesn't work. I have looked through the command line documentation and don't see any relevant commands.

2) Is there a method to determine the SNMP ifIndex of each ethernet interface -- equivalent to the "show snmp mib ifmib ifindex" in IOS?

5 REPLIES 5
nate-miller
Beginner

Good question on the Cisco Device Manager- I can't find a way to disable it, either. Writing an ACL to drop port 80 traffic seems kludgy.

As for the ifindex translateions, I haven't had much luck either.

Management is at OID.83886080

port channels start at OID.369098751 (+PC#)

Ethernet1/1 is at OID.486539264, and each sucessive port is at intervals of 4096.

Module 2 starts at 4096*128 + 1/1.

I assume Mod3 starts at 4096*128 * 2 + 1/1.

I've been running into the same problem with the 7k- cisco hasn't created anything in the private enterprise range so you can do any sort of easy translations, or calls to an OID.., so I'm unable to make much use of our tools to actually accomplish anything.

If anybody can show me what I'm obviously missing, I'd appreciate it.

Upon further thought, I'm guessing that the engineers on the Nexus team felt that if they could remove the uncertainty surrounding index numbers, there'd be no need for a lookup table.

It's pretty smart- I can guarantee that an interface on a 7k is going to have the same index number regardless of when it was inserted, if it's rebooted, which 7k it is, etc. There's no need for a translation table if you can programatically look up an interface and be correct 100% of the time.

But as for the people used to using the translations, it's a tough adjustment- the tools I have in place need to query legacy devices in the way they're "used to", and break out to this programatically superior way to query the new Nexus family of stuff.

And I don't know if this is going to be the way and the light for all cisco products going forward, or if it'll change with the next new product.

where do i even start, wow lets start most imported move down 1) lic server is not working throw pak are installed it shows they not installed, there is no grace perod and time dose not count down, it to is broken, some comands come up with broken pipe unable to fix, http server get blank page, unit will not alow internet talk throw firewall been set to alow trafic. so we talk about the most imported, down loading mib files i discover that this unit had perment lic, perment but once the contack was closed cisco deam to remove all lic from the unit and in fack the snmb log show what lic and day they was removed, i also discover that there was and is hidden accounts on unit, all going back to cisco, wich i have sceen shots of they now gone, now why dose cisco have such access to my unit that they can add and remove users, under terms there is nothing in it that gives cisco the right to montor the unit to upload the config file to upload user and password files but cisco is doing just this, now i am shure and i most willing to bet cisco will remove all traces of this off my unit u see cisco figer prints the unit, that no matter where it is what ip address is cisco can target the unit, most it people do not understand this nor has this be press in cort as few people know of it , i frist learn of it useing enterprize wifi it in fack did same thing, it figger printed each device log on to it, so if a hacker try get access and it was not part of this area if u will did not matter if they had password would refuse them access, guss what this was not a cisco wifi , figer printing computers been done for last 10 years, what they do is they catlog everything in unit , so no matter what u do with it they find it, unless and this is funning part unless unit cant get to cisco, for some odd reason the lic server cant find cisco, throw i have no clue why they deman the unit be on the internet wich all it people understand is big no no, i also discover mib files auto load on device, so rewriteing them is not hard, as there nothing in user agreement of rewriteing them i decied try see if would work guss what work now be frank u dont know what its doing it some how down loaded the lic from cisco but the server cant see it but it knows it there, so software works, can this be any more confuseing, now cisco wants me send them information why they have the abuilty to target the unit , they can send scrip down and fix the probems, and restore the perment lic that was removed but they have what i beleave just lock the unit insted of giveing me the lic they just put verchal keys in the unit, but none of them are working, or shall i say the system clames they do not work and if this get any more confuseing i dont know what do. do look at the photos they most telling and i got no idea how fix

where do i even start, wow lets start most imported move down 1) lic server is not working throw pak are installed it shows they not installed, there is no grace perod and time dose not count down, it to is broken, some comands come up with broken pipe unable to fix, http server get blank page, unit will not alow internet talk throw firewall been set to alow trafic. so we talk about the most imported, down loading mib files i discover that this unit had perment lic, perment but once the contack was closed cisco deam to remove all lic from the unit and in fack the snmb log show what lic and day they was removed, i also discover that there was and is hidden accounts on unit, all going back to cisco, wich i have sceen shots of they now gone, now why dose cisco have such access to my unit that they can add and remove users, under terms there is nothing in it that gives cisco the right to montor the unit to upload the config file to upload user and password files but cisco is doing just this, now i am shure and i most willing to bet cisco will remove all traces of this off my unit u see cisco figer prints the unit, that no matter where it is what ip address is cisco can target the unit, most it people do not understand this nor has this be press in cort as few people know of it , i frist learn of it useing enterprize wifi it in fack did same thing, it figger printed each device log on to it, so if a hacker try get access and it was not part of this area if u will did not matter if they had password would refuse them access, guss what this was not a cisco wifi , figer printing computers been done for last 10 years, what they do is they catlog everything in unit , so no matter what u do with it they find it, unless and this is funning part unless unit cant get to cisco, for some odd reason the lic server cant find cisco, throw i have no clue why they deman the unit be on the internet wich all it people understand is big no no, i also discover mib files auto load on device, so rewriteing them is not hard, as there nothing in user agreement of rewriteing them i decied try see if would work guss what work now be frank u dont know what its doing it some how down loaded the lic from cisco but the server cant see it but it knows it there, so software works, can this be any more confuseing, now cisco wants me send them information why they have the abuilty to target the unit , they can send scrip down and fix the probems, and restore the perment lic that was removed but they have what i beleave just lock the unit insted of giveing me the lic they just put verchal keys in the unit, but none of them are working, or shall i say the system clames they do not work and if this get any more confuseing i dont know what do. do look at the photos they most telling and i got no idea how fix
johgill
Beginner

Watch CSCsx15633 to disable HTTP server.

"show interface snmp-ifindex" is available for the next release, 4.1(3).

Note NX-OS always uses persistent indicies, so an snmpwalk should yield the same information.

Content for Community-Ad