Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,There:We're using a Cisco ACS server to do a enable authentication on the Console port of a ASA, see the below for configuation...The weird thing is that we are able to authenticate a user through the Console port,but failure enable authentication...
Hi,To aviod our network engineers enter router config mode by accident, we are looking for a way to let ACS server re-authenticate (popup a username & password prompt)users when they enter "configure terminal" command...Can you guys help me out ?Than...
Hi,there:We have a couple Cat6500 as our MPLS/VPN P, PE routers. But from the following first command output, we just only can see one label (VPN lable) 339 imposed,can't see the IGP label imposed.From the second command we can see both IGP and VPN l...
Hi,there:I don't understand the meaning of the number 0001400000012000 below, can anybody help me out? more details.Thanks,---lactometer#show mpls forwarding-table 10.200.254.4 detailLocal Outgoing Prefix Bytes tag Outgoing Next Hop...
Hi, there:Is there a way to let us monitor FWSM 2.3(3) throughput,like data rate per second based on a interface ? you know, show interface on FWSM just give us very limited information.I know show traffic on ASA platform can give us those great info...
Hi,Jgambhir:Thanks for your notes.But my point is that our engineers need full privileges including "config t" on routers to do some modification tasks during a maintenance window. What I want to do is that when they enter "config t", is there any wa...
Hi,Martin:Thanks for your reply.I tried these two commands, but just only could get IGP labels(20 and 224), no way to see the VPN label(339).Any idea ?Jerry----6500PE#sh ip cef 172.17.0.213 255.255.255.255 detail 172.17.0.213/32, version 1080, epoch ...
Thanks for your reply, really appreciated!But unfortunately we're in different case, in your case, you use profile shared on two tunnels of SPOKE router, but I'm talking about the two tunnels on HUB router shared by spoke routers.The good news is I ...
ip verify unicast reverse-path is a security feature, it's been Cisco IOS router and PIX firewall a long time.In a summary, this security feature just verify the packets the router receive on a port where respective retunning packets should be forwar...
Haha,,, finally, it works, it's great for me.So, Can you kindly paste your final configuration there, other people can easily benefit from your configuration, and I don't need to answer this similar question anymore :).Jerry
