cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
762
Views
0
Helpful
5
Replies
rajesh.kumar
Enthusiast

Cisco Profile 42" syslog, Console and SSH access

Hi

I have Profile 42" with software version TCNC 4.2.1265253

I have below query on Cisco Profile 42" and 52"

(1) On Profile 42", I have enabled Serial Port Mode "on"

but I am not able to connect Profile 42" (inside codec may be c20)   via Console with baud rate 38400 onCOM1

Is it disabled in Profile 42" code ?

(2) I have configured Security->Audit->Server IP of syslog and Logging -> External

But any configuration modification I do on Profile 42" is not loggin to syslog server.

But other devices, like VCS and MCU are sending syslog message to syslog server.

I have attached screenshot of Profile 42", is there anything else required for syslog ?

(3) Profile 42" with software version TCNC 4.2.1265253 - SSH is not supported ?

even if I enable SSH mode "on" I am not able to ssh to the device.

(4) We have another endpoint Profile 52" with software version TC4.2.1.265253 encryption enabled software.

I am able to connect via SSH, but problem is, it is accepting the connection without asking for username and Password....!

I have attached the Profile 42" GUI config screenshot

Pls. suggest, if you have solution for any of these issues.

Thanks

Rajesh

1 ACCEPTED SOLUTION

Accepted Solutions

Hello,

I tried it on my SX20 and I see messages being sent to TCP port 514 :

[dderidde-sx20:/var/log/eventlog] $ tcpdump tcp port 514 -vv -X

10:27:03.870003 IP (tos 0x0, ttl 64, id 2654, offset 0, flags [DF], proto TCP (6), length 145)

    dhcp-dgm2-vl300-144-254-13-42.cisco.com.53345 > drop.cisco.com.514: Flags [P.], cksum 0xe629 (correct), seq 1:94, ack 1, win 137, options [nop,nop,TS val 45532890 ecr 3096889259], length 93

0x0000:  4500 0091 0a5e 4000 4006 e792 90fe 0d2a  E....^@.@......*

0x0010:  0a30 a01e d061 0202 dd1b cc8c 014d 3b09  .0...a.......M;.

0x0020:  8018 0089 e629 0000 0101 080a 02b6 c6da  .....)..........

0x0030:  b896 c7ab 3c38 363e 4a61 6e20 3233 2031  ....<86>Jan.23.1

0x0040:  303a 3236 3a31 3720 286e 6f6e 6529 2073  0:26:17.(none).s

0x0050:  7368 645b 3233 3039 345d 3a20 7061 6d5f  shd[23094]:.pam_

0x0060:  756e 6978 2873 7368 643a 7365 7373 696f  unix(sshd:sessio

0x0070:  6e29 3a20 7365 7373 696f 6e20 636c 6f73  n):.session.clos

0x0080:  6564 2066 6f72 2075 7365 7220 726f 6f74  ed.for.user.root

0x0090:  0a 

I found this ddts which tells me to use TCP as "workaround".

CSCts98937 - EX60/EX90 and C90/C60 unable to get Syslog working

Symptom:

Not seeing SNMP or Syslog traffic on UDP port 514.

Conditions:

Normal operating.

Workaround:

Use TCP port 514..

Note:

Ensure to restart the codec after enabling Syslog.

Will contact engineering/documentation whether TCP is only transport method.

View solution in original post

5 REPLIES 5
Saurabh Gupta
Participant

Hi Rajesh,

To Answer your queries :-

1.) You need to be sure which codec is there under this profile Series, you can find that by logging in web interface.The reason being , if it is C20, then you cannot use simple console cable as there is no Serial Port on C20 and you have to use special Y Cable which gets connected on the Camera Port on C20. If it is C40,C60, then you would be able to connect Serial Cable.

2.) I Have never tried Syslog on EP, so I am unsure of this problem.

3.) Since you are using TCNC Software which is encrypted one , so SSH is not supported on this software version.

4.) By Default, it accepts the connection if the default admin username and Password are not changed. Please change the admin password, then it would ask you for password.

Thanks,

Saurabh

For the syslog issue, I think this is perhaps due to the fact that syslog uses TCP as the transport.

Most syslog servers listen on UDP ports.

If you do tcpdump on the codec for tcp port 514 you should see messages.

Can we verify this ?

E.g. from root access do :

tcpdump tcp port 514 -X -vv

Danny.

Dear Danny

Since there is no SSH access, I wont be able to get root access, probably I will try with telnet access.

Can we change tcp to udp. my syslog uses udp.

Rgds

Rajesh

Hello,

I tried it on my SX20 and I see messages being sent to TCP port 514 :

[dderidde-sx20:/var/log/eventlog] $ tcpdump tcp port 514 -vv -X

10:27:03.870003 IP (tos 0x0, ttl 64, id 2654, offset 0, flags [DF], proto TCP (6), length 145)

    dhcp-dgm2-vl300-144-254-13-42.cisco.com.53345 > drop.cisco.com.514: Flags [P.], cksum 0xe629 (correct), seq 1:94, ack 1, win 137, options [nop,nop,TS val 45532890 ecr 3096889259], length 93

0x0000:  4500 0091 0a5e 4000 4006 e792 90fe 0d2a  E....^@.@......*

0x0010:  0a30 a01e d061 0202 dd1b cc8c 014d 3b09  .0...a.......M;.

0x0020:  8018 0089 e629 0000 0101 080a 02b6 c6da  .....)..........

0x0030:  b896 c7ab 3c38 363e 4a61 6e20 3233 2031  ....<86>Jan.23.1

0x0040:  303a 3236 3a31 3720 286e 6f6e 6529 2073  0:26:17.(none).s

0x0050:  7368 645b 3233 3039 345d 3a20 7061 6d5f  shd[23094]:.pam_

0x0060:  756e 6978 2873 7368 643a 7365 7373 696f  unix(sshd:sessio

0x0070:  6e29 3a20 7365 7373 696f 6e20 636c 6f73  n):.session.clos

0x0080:  6564 2066 6f72 2075 7365 7220 726f 6f74  ed.for.user.root

0x0090:  0a 

I found this ddts which tells me to use TCP as "workaround".

CSCts98937 - EX60/EX90 and C90/C60 unable to get Syslog working

Symptom:

Not seeing SNMP or Syslog traffic on UDP port 514.

Conditions:

Normal operating.

Workaround:

Use TCP port 514..

Note:

Ensure to restart the codec after enabling Syslog.

Will contact engineering/documentation whether TCP is only transport method.

View solution in original post

Dear Danny

Thanks a lot. Usually it is difficult to arrange TCP for syslog.

Thanks for your support.

Since you are expert in the subject, i have posted another discussion

Cisco Profile 42" QoS DCSP marking issue for Signalling packet

appreciate, if you can suggest on the same.

Content for Community-Ad

Spotlight Awards 2021