05-17-2013 11:39 AM - edited 03-07-2019 01:25 PM
With my brand new Cisco 3850 Switch, I got it configured with a LAN IP. Then, on my PC I opened up Cisco Network Assistant (version 5.8.5.1 which supports the 3850). I went to add the 3850 to the community by discovering the device, and was prompted with the user/pass box. The password I set was not allowing me to connect, and I realized it's because a username was required and I had not set up a username on the switch. So, I then configured an admin user with level 15 privileges on the switch. However, now when in CNA I try to add the 3850 to the community, it doesn't even prompt me for user/pass, it just says "unable to connect".
What do I need to do to add this 3850 to my community?
06-18-2013 10:57 AM
I finally got it to work...for the local login, I had:
username admin secret 4 xxxxxxxxx
I changed it to:
username admin privilege 15 secret 4 xxxxxx
Bingo.
06-18-2013 10:59 AM
excellent! Good find!
08-14-2017 03:04 PM
I already had this configured properly. I had to give following command to enable
ip http authentication enable
09-28-2017 11:05 AM
I try that command (username admin privilege 15 secret 4 xxxxxx
) and get the following error:
ERROR: Can not have both a user password and a user secret.
Please choose one or the other.
What am I missing here?
11-08-2017 01:54 PM
I've seen the same error where the local user was set with a "secret" password vice just a "password". Have to delete the user and then readd it in the format you want (i.e. regular password or secret password).
I'm having problems with the latest version of CNA 6.3.1. Also having problems with 6.2. Seems like the most stable version was 5.8.9.1. We're upgrading to Win 10 and so I'm trying the latest version in hopes it will work with Win 10...
The documentation for CNA says it will try to discover on port 443 first then port 80. But I can only get it to discover a switch if port 80 is on (i.e. ip http server). I have also seen where I get failures to connect before it even asks me for credentials... If I run a discover with:
no ip http server
ip http secure-server
I get nothing discovered or failures to connect. Also, is CDP required to be on for CNA to discover switches?
It appears that you can't have "secure" switches and use CNA. Anyone else seeing this and come up with a way to secure your switches (i.e. turn off port 80, turn off CDP, remove unnecessary services like telnet, dhcp, etc)?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide