Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About sendalot7
Stats
Member since
10-02-2013
83
Posts
0
Helpful
0
Solutions
Created by
sendalot7
in Other Data Center Subjects
in Other Data Center Subjects
01-05-2018
04:06 PM
01-05-2018
04:06 PM
thank you for your time writing this.
... View more
Created by
sendalot7
in Other Data Center Subjects
in Other Data Center Subjects
11-30-2017
09:59 PM
11-30-2017
09:59 PM
I have a "NFVIS" ENCS-5408 router whose WAN port is connected via /30 address.
Now, this device doesn't seem as intuitive as regular IOS where I set default route for different networks.
How do I set different default-gw so that both mgmt and wan routes are functional?
Thanks.
## Version ##
Cisco Enterprise Network Function Virtualization Infrastructure Software (NFVIS)
NFVIS Version: 3.6.2-FC3
## Current routes ##
system settings hostname nfvis
system settings mgmt ip address 10.70.0.50 255.255.255.0
system settings wan ip address 192.168.200.128 255.255.255.252
system settings default-gw 10.70.0.1
networks network wan-net
bridge wan-br
!
networks network lan-net
bridge lan-br
!
... View more
Labels:
Created by
sendalot7
in Application Centric Infrastructure
in Application Centric Infrastructure
11-30-2017
11:23 AM
11-30-2017
11:23 AM
thank you that did it. now magically everyone discovered each other.
(none) login: admin ******************************************************************************** Fabric discovery in progress, show commands are not fully functional Logout and Login after discovery to continue to use show commands. ******************************************************************************** (none)#
... View more
Created by
sendalot7
in Application Centric Infrastructure
in Application Centric Infrastructure
11-30-2017
07:43 AM
11-30-2017
07:43 AM
So while it was NX-OS, I was able to use "show lldp" to see APIC(s).
Then I saw the post and booted NX into ACI mode. (as in "boot aci image")
I'll provide update soon.
Thanks for your time.
... View more
Created by
sendalot7
in Application Centric Infrastructure
in Application Centric Infrastructure
11-30-2017
07:25 AM
11-30-2017
07:25 AM
1# show ver Role Id Name Version ---------- ---------- ------------------------ -------------------- controller 1 crn1 2.2(1n)
also, booting NX into ACI mode.
does ACI get fetched by APIC-ACI?
it's not like conventional switch anymore where I console and setup?
(unless converting back to NX-OS mode?)
Thanks.
... View more
Created by
sendalot7
in Application Centric Infrastructure
in Application Centric Infrastructure
11-29-2017
10:35 PM
11-29-2017
10:35 PM
thanks for the continued help.
watched video and added serial #s of N9K to APIC ACI web-gui interface.
But still not discovering IPs of the N9K(s).
On the N9K(s), however, "show lldp nei" swhos all APIC ACI devices.
Do N9K(s) themselves need to be in TEP range with trunking to ACI?
thanks again.
... View more
Created by
sendalot7
in Application Centric Infrastructure
in Application Centric Infrastructure
11-29-2017
09:44 PM
11-29-2017
09:44 PM
thanks for your reply
"to fabric" ports connected.
is this port supposed be part of In-Band mgmt for clustering?
screenshots attached aftewards (out-of-band mgmt is reachable wihle in-band is trunked with vlan tagging).
... View more
Created by
sendalot7
in Application Centric Infrastructure
in Application Centric Infrastructure
11-29-2017
02:28 PM
11-29-2017
02:28 PM
Thank you both for your time.
This is a new setup I'm trying.
So I guess 1st eth is tied to OOB interface.
But how do I map TEP to 2nd eth then enable communication between them?
I can put 2nd eth(s) into their own vlan, but how do I map TEP to their eth(s)?
I'll look at the manual again for now.
Thank you again.
[Update: to phrase my question better, included a screenshot. I only see two NIC. Do I need more? 1/1,1/2,2/1/2/2 ?]
... View more
Created by
sendalot7
in Application Centric Infrastructure
in Application Centric Infrastructure
11-29-2017
02:16 PM
11-29-2017
02:16 PM
I have 3 ACI APIC UCS appliances.
1 of them is up and can be ssh-ed viva OOB mgmt.
Rest are not, although they can be pinged.
I used https://supportforums.cisco.com/t5/application-centric/how-can-i-make-a-apic-to-a-factory-default/td-p/2532218 as a guide to reset pw but still can't be login using admin via ssh nor console.
Can there be an instance where "passwd reset" doesn't go through?
Also, if configured correctly within one subnet, do rest of APIC controllers automatically join the 1st one?
Thanks.
... View more
Labels:
Created by
sendalot7
in Policy and Access
in Policy and Access
05-27-2017
04:35 PM
05-27-2017
04:35 PM
Because I see some deme/dummy tests, I assume CentOS-7's free-radius is working correctly, but something wrong on ISR 2921.
Still can't ssh with free-radius credentials.
## Log on 2921 ##
May 27 21:18:34.799: %RADIUS-4-RADIUS_ALIVE: RADIUS server 10.20.30.100:1812,1813 is being marked alive. May 27 21:30:42.837: %RADIUS-4-RADIUS_ALIVE: RADIUS server 10.20.30.100:1812,1813 is being marked alive. ISR-2921#
## Log on cent-7 ##
[root@free-radius 10.20.30.1]# cat detail-20170527 Sat May 27 14:18:34 2017 User-Name = 'dummy' Acct-Status-Type = Interim-Update Acct-Session-Id = '00000000' Acct-Authentic = RADIUS Service-Type = Framed-User NAS-IP-Address = 10.20.30.1 Acct-Delay-Time = 15 Event-Timestamp = 'May 27 2017 14:18:19 PDT' Acct-Unique-Session-Id = '99c501164df6390fd6764fea1dff5aa8' Timestamp = 1495919914 Sat May 27 14:30:42 2017 User-Name = 'freeRADIUS' Acct-Status-Type = Interim-Update Acct-Session-Id = '00000000' Acct-Authentic = RADIUS Service-Type = Framed-User NAS-IP-Address = 10.20.30.1 Acct-Delay-Time = 0 Event-Timestamp = 'May 27 2017 14:30:42 PDT' Acct-Unique-Session-Id = 'ba1171226b1950324d13959f95b82db7' Timestamp = 1495920642 [root@free-radius 10.20.30.1]# ls detail-20170527 [root@free-radius 10.20.30.1]#
## config on 2921 ##
! aaa new-model ! ! aaa group server radius RASERV server name RASERV-1 retransmit 5 timeout 10 ! aaa authentication login default group radius local-case aaa authentication login use-radius group radius local aaa authentication login vty group radius local aaa authentication ppp user-radius if-needed group radius aaa authentication dot1x default group RASERV aaa authorization exec default group radius local aaa authorization network default group radius if-authenticated aaa accounting dot1x default start-stop group RASERV aaa accounting exec default start-stop group radius aaa accounting system default start-stop group radius ! ! ip radius source-interface GigabitEthernet0/2.888 ! ! access-list 1 permit any ! radius server RASERV-1 address ipv4 10.20.30.100 auth-port 1812 acct-port 1813 automate-tester username freeRADIUS probe-on key 7 110D778223 ! line vty 0 4 login authentication vty transport input ssh !
## config on cent-7 ##
[root@free-radius 10.20.30.1]# cat /etc/raddb/clients.conf client 10.20.30.1 { ipaddr = 10.20.30.1 secret = 1ass341 require_message_authenticator = no nas_type = other } [root@free-radius 10.20.30.1]# cat /etc/raddb/users freeCISCO Auth-Type := System Service-Type = NAS-Prompt-User, cisco-avpair = "shell:priv-lvl=15"
... View more
- Tags:
- #AAA
Labels:
05-06-2017
03:19 PM
(7.3.1.D1.1.1) any clue on how to retrieve RPM(s) for nexus would be great!
Thanks.
... View more
05-04-2017
09:19 AM
Struggling to find/install/activate telemetry on NX. "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/programmability/guide/b_Cisco_Nexus_9000_Series_NX-OS_Programmability_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Programmability_Guide_7x_chapter_011000.html#id_39852" says I need to find a rpm for it but I'm having no luck. Anyone had success with this? NX9K-2(config)# feature tele ? ^ % Invalid parameter detected at '^' marker. NX9K-2(config)# feature bash-shell NX9K-2(config)# NX9K-2(config)# end NX9K-2# run bash bash-4.2$ bash-4.2$ ls /rpms bfd-2.0.0-7.0.3.I4.5.lib32_n9000.rpm lacp-2.0.0-7.0.3.I4.5.lib32_n9000.rpm rip-2.0.0-7.0.3.I4.5.lib32_n9000.rpm bgp-2.0.0-7.0.3.I4.5.lib32_n9000.rpm lldp-2.0.0-7.0.3.I4.5.lib32_n9000.rpm snmp-2.0.0-7.0.3.I4.5.lib32_n9000.rpm eigrp-2.0.0-7.0.3.I4.5.lib32_n9000.rpm ntp-2.0.0-7.0.3.I4.5.lib32_n9000.rpm svi-2.0.0-7.0.3.I4.5.lib32_n9000.rpm eth-2.0.0-7.0.3.I4.5.lib32_n9000.rpm nxos-ssh-2.0.0-7.0.3.I4.5.lib32_n9000.rpm tacacs-2.0.0-7.0.3.I4.5.lib32_n9000.rpm fcoe-2.0.0-7.0.3.I4.4.lib32_n9000.rpm ospf-2.0.0-7.0.3.I4.5.lib32_n9000.rpm vtp-2.0.0-7.0.3.I4.5.lib32_n9000.rpm isis-2.0.0-7.0.3.I4.5.lib32_n9000.rpm repodata bash-4.2$ I was able to locate `/rpms` in bash mode so far.
... View more
- Tags:
- telemetry
Labels:
04-04-2017
10:05 PM
Trying to enable ssh on ASR-9K via vrf management interface. Doesn't seem as straight forward as regular IOS or NX-OS. Help appreciated. ############# RP/0/RSP0/CPU0:asr#show run Tue Apr 4 21:54:55.407 UTC Building configuration... !! IOS XR Configuration 5.3.3 !! Last configuration change at Tue Apr 4 17:55:46 2017 by admin ! hostname asr domain name cislab.com username su password 7 5333444 ! vrf mgmt ! line default transport input ssh ! ipv4 access-list 10 10 permit ipv4 any any ! interface MgmtEth0/RSP0/CPU0/0 vrf mgmt ipv4 address 10.7.0.38 255.255.255.0 ! interface MgmtEth0/RSP0/CPU0/1 shutdown ! interface GigabitEthernet0/0/0/0 shutdown ! interface GigabitEthernet0/0/0/1 shutdown ! interface TenGigE0/0/2/2 shutdown ! interface TenGigE0/0/2/3 shutdown ! router static vrf mgmt address-family ipv4 unicast 0.0.0.0/0 10.7.0.1 ! ! ! ssh server vrf default end RP/0/RSP0/CPU0:asr# #############
... View more
- Tags:
- #asr
Labels:
Created by
sendalot7
in Network Management
in Network Management
04-04-2017
04:21 PM
04-04-2017
04:21 PM
I see that regular IOS & NX-OS & ASR(IOS-XE) have different ways of setting out-of-band management interface.
Below is brief config.
I can ping my immediate default gw but can't ping anything outside of my vlan/subnet.
Help appreciated, thanks!
#################################################################################
#################################################################################
RP/0/RSP0/CPU0:ios#show run Tue Apr 4 16:17:55.079 UTC Building configuration... !! IOS XR Configuration 5.3.3 !! Last configuration change at Tue Apr 4 15:58:22 2017 by admin ! vrf mgmt ! interface MgmtEth0/RSP0/CPU0/0 ipv4 address 10.7.0.38 255.255.255.0 ! interface MgmtEth0/RSP0/CPU0/1 shutdown ! ! router static address-family ipv4 unicast 0.0.0.0/8 10.7.0.1 ! vrf mgmt address-family ipv4 unicast 0.0.0.0/0 10.7.0.1 !
... View more
Labels:
03-28-2016
08:00 PM
Thank you and http is running per below:
s#show adjacency tunnel 0 detail Protocol Interface Address IP Tunnel0 10.4.1.12(3) connectionid 1 16 packets, 1376 bytes epoch 0 sourced in sev-epoch 35 Encap length 28 4500000000000000FF2F0545AC1BFF5E 0A04010C0000883E00000000 Tun endpt Next chain element: IP adj out of GigabitEthernet0/2.10, addr 10.4.1.12
But now how do I put https through it as well?
Guides say I need to create CA and do all that SSL proxying. But I don't need to decrypt or intercept. Can I somehow put 443 behind 80?
Thanks a lot!
... View more
Public Statistics
| Date Registered | 10-02-2013 10:03 PM |
| Date Last Visited | 01-08-2018 11:51 PM |
| Total Messages Posted | 83 |
Helpful Votes Given To
| User | Helpful Count |
|---|---|
| 13 | |
| 5 | |
| 5 | |
| 4 | |
| 4 |
.jpg "Hall of Fame Guru"){kind=icon}
