cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9760
Views
0
Helpful
19
Replies

3850 cannot connect in Cisco Network Assistant

SuperDragon
Level 1
Level 1

With my brand new Cisco 3850 Switch, I got it configured with a LAN IP.  Then, on my PC I opened up Cisco Network Assistant (version 5.8.5.1 which supports the 3850).  I went to add the 3850 to the community by discovering the device, and was prompted with the user/pass box.  The password I set was not allowing me to connect, and I realized it's because a username was required and I had not set up a username on the switch.  So, I then configured an admin user with level 15 privileges on the switch.  However, now when in CNA I try to add the 3850 to the community, it doesn't even prompt me for user/pass, it just says "unable to connect".

What do I need to do to add this 3850 to my community?

19 Replies 19

I finally got it to work...for the local login, I had:

username admin secret 4 xxxxxxxxx

I changed it to:

username admin privilege 15 secret 4 xxxxxx

Bingo.

excellent! Good find!

I already had this configured properly.  I had to give following command to enable

ip http authentication enable

I try that command (username admin privilege 15 secret 4 xxxxxx
) and get the following error:

 

ERROR: Can not have both a user password and a user secret.
Please choose one or the other.

 

What am I missing here?

I've seen the same error where the local user was set with a "secret" password vice just a "password".  Have to delete the user and then readd it in the format you want (i.e. regular password or secret password).

 

I'm having problems with the latest version of CNA 6.3.1.  Also having problems with 6.2.  Seems like the most stable version was 5.8.9.1.  We're upgrading to Win 10 and so I'm trying the latest version in hopes it will work with Win 10...

 

The documentation for CNA says it will try to discover on port 443 first then port 80.  But I can only get it to discover a switch if port 80 is on (i.e. ip http server).  I have also seen where I get failures to connect before it even asks me for credentials...  If I run a discover with:

no ip http server

ip http secure-server

 

I get nothing discovered or failures to connect.  Also, is CDP required to be on for CNA to discover switches?

 

It appears that you can't have "secure" switches and use CNA.  Anyone else seeing this and come up with a way to secure your switches (i.e. turn off port 80, turn off CDP, remove unnecessary services like telnet, dhcp, etc)?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: