About davinci

davinci · 03-23-2021

Is a route-based VPN using IKEv2 supported on ASR1001X? If yes, can someone share a a basic config template or link for instructions? I'm having a hard time finding anything online for this scenario and specific requirements. hash-sha256authenticati...

davinci · 03-12-2021

Hello, I can authenticate into my 3560 switch but when I attempt to use my TACACS r/w account then I am receiving these errors below. EDIT: I can make changes with my external r/o and r/w accounts. All of my other switches are working without issue...

davinci · 10-06-2020

Our 6880X VSS pair was powered down for a move and now the secondary 6880X won't come back online. It seems to be stuck in a booting loop. Any idea what the problem is? I tried resetting the supervisor with reset button and hard rebooting a couple...

davinci · 08-18-2020

I want a select group of BGP routes to have inferior EIGRP metrics upon redistribution. Will this route map and set metric command work? Or will the metric from redistribute command override the settings? router eigrp 1redistribute bgp 65012 metric...

davinci · 08-10-2020

Hello, I have a pair of 5508 WLC setup in HA mode. What is the best way to change the IP addresses of the management and redundancy management interfaces on BOTH 5508 WLC? I also need to change IP addresses of all the WAPs too. Are there any pitfa...

davinci · 04-01-2021

can you redo SSH config without locking yourself out? which parts are you suggesting redoing?

davinci · 03-29-2021

Thanks for the links but something remains unclear. If I want to use a pre-shared key with FlexVPN, then do I use the Keyring feature or the commands below under IKEv2 profile? crypto ikev2 keyring abcpeer x.x.x.xaddress x.x.x.x pre-shared-key XYZ ...

davinci · 03-15-2021

i found the solution. I had to swap the order of the TACACS servers in the TACACS group list. Once I did that, normal authorization commenced.

davinci · 03-15-2021

I reduced the tacacs server list to one device, but now I only have r/o access regardless of the tacacs account I test with. After authenticationg, I'm not even able to do show run or show logging. switch# sh logging% Authorization failed.switch#...

davinci · 03-14-2021

This is the only switch running this version of IOS. Here are results of debug aaa authorization, debug aaa authentication and debug tacacs. For testing purposes, I logged in with my r/o tacacs account and then entered into global config mode. *M...

Member Since	‎04-19-2014 03:42 PM
Date Last Visited	‎04-23-2021 07:11 AM
Posts	92
Total Helpful Votes Received	28

User Statistics

User Activity

Route-based VPN using IKEV2 on ASR 1001X?

TACACS authorization failure

6880X VSS loading failure

How do I set inferior EIGRP metrics during redistribution?

change IP for mgmt/redundancy mgmt ports on 5508 cluster

Re: Unable to SSH to Switch - no matching mac found: client hmac-sha1 server hmac-sha1-96 error

Re: Route-based VPN using IKEV2 on ASR 1001X?

Re: TACACS authorization failure

Re: TACACS authorization failure

Re: TACACS authorization failure