Monday, February 23, 2015

Cisco IPS 4260 - To set Cli timeout

Cisco IPS 4260 - To set Cli timeout 

 hi Friends,

 small tip : how to set cli timeout on Cisco IPS

 By default , timeout is 0 hence, it never get timed out. you may face issue like

 Error: The maximum allowed CLI sessions are currently open, would you like to terminate one of the open sessions?[no]:

 Type Yes

CLI ID   User      Privilege
XXX     YYYY     ZZZZZZZ

 Enter the CLI ID to clear[]: XXX

 configuration:

 IPS# conf t
IPS(config)# service authentication
IPS(config-aut)# cli-inactivity-timeout 5000
IPS(config-aut)# show settings
   attemptLimit: 0 <defaulted>
   password-strength
   -----------------------------------------------
      size: 8-64 <defaulted>
      digits-min: 0 <defaulted>
      uppercase-min: 0 <defaulted>
      lowercase-min: 0 <defaulted>
      other-min: 0 <defaulted>
      number-old-passwords: 0 <defaulted>
   -----------------------------------------------
   permit-packet-logging: true <defaulted>
   cli-inactivity-timeout: 5000 default: 0
IPS(config-aut)# exit
Apply Changes?[yes]: yes
IPS(config)# end
IPS#


 i hope this information will help you.

Regards,
Manoj

Posted by at No comments:
Labels: , , ,

use "archive command" to save configuration of Cisco switches

use archive command to save configuration of Cisco switches

Hi Friends,

sometimes we worried about losing the configuration , while working on larger enterprise, we will have management and monitoring server which stores all the configurations however, sometime we may lose configuration which will be difficult situation to face in real time.

To avoid such kind of issues, we can use archive commands to take backup of the switch configuration whenever we typed write memory command.

i am using FTP server to archive the configuration. please type below commands

ip ftp username XXXXX
ip ftp password XXXX

archive
 log config
  logging enable
  notify syslog
  hidekeys
 path ftp://servername/Network_Backups_FTP/Access_Switch/admin_10.0.10.0/10.0.10.1_Backup_config
 write-memory
 time-period 10080

show archive

The maximum archive configurations allowed is 10.
The next archive file will be named ftp://servername/Network_Backups_FTP/Access_Switch/admin_10.0.10.0/10.0.10.1_Backup_config_-<timestamp>-2
 Archive #  Name
   1        :Error - Bad file number
   2        ftp://servername/Network_Backups_FTP/Access_Switch/admin_10.0.10.0/10.0.10.1_Backup_config <- Most Recent
   3
   4
   5
   6
   7
   8
   9
   10

Most probably 1 - you may face Bad file number error if any issue with configuration on FTP username or password or source interface or folder permission issues


Checklist if you face bad file number error

  •  please ensure username, password are correct by accessing FTP site through browser.


  • To change the source interface of the FTP, please issue below commands on configuration mode

                    ip ftp source-interface vlanXX
                    where xx vlan or interface IP address which having access to server
  • please ensure the username has read/write permission on the folder to create files. Best way to check - install filezilla client - logging with username and password , try to move or copy the files from your laptop.





Thanks for visiting my page..

i hope this information will help you.

Regards
Manoj



Posted by at No comments:
Labels: ,

Replacing Faulty Switch on Stack

Replacing Faulty Switch on Stack

Hi Friends,
i would like to provide you simple and easy method to replace the faulty switch on Stack without restarting all the switch.


Step 1: logging to stack switch ( Only Master switch accessible), and issue the command show switch

Switch#show switch
Switch/Stack Mac Address : 0000.0001.0001   
                                           H/W   Current
Switch#  Role   Mac Address     Priority Version  State
----------------------------------------------------------
*1       Master 0000.0001.0001    15     0       Ready              
 2       Member 0000.0001.0002     10     0       Ready              
 3       Member 0000.0001.0003     5      0       Ready              
 4       Member 0000.0001.0004     4      0       Ready

Please ensure priority must be high for Master switch. By default, all the switch will have priority 1.

Step 2 : Identity the switch to be replaced

Step 3 : unpack the new Switch , identify model and IOS version must be same replaced switch on that slot.

Step 4 : Note the stack port cable ( backside of the switch) must be connected to same port was connected.

Step 5:  power off faulty switch . this example assume Switch 4 is faulty. login to master switch , Type same command # show switch

Switch#show switch
Switch/Stack Mac Address : 0000.0001.0001   
                                           H/W   Current
Switch#  Role   Mac Address     Priority Version  State
----------------------------------------------------------
*1       Master 0000.0001.0001    15     0       Ready              
 2       Member 0000.0001.0002     10     0       Ready              
 3       Member 0000.0001.0003     5      0       Ready              
 4       Member 0000.0001.0004     4      0       removed

Step 6 : replace the faulty switch with new.

Step 7 : login to master switch , issue same command show switch
Switch#  Role   Mac Address     Priority Version  State
----------------------------------------------------------
*1       Master 0000.0001.0001    15     0       Ready              
 2       Member 0000.0001.0002     10     0       Ready              
 3       Member 0000.0001.0003     5      0       Ready              
 4       Member 0000.0001.0005    1     0       Ready

Switch priority will be shown as 1, it is best practice to change the priority to other value.

Switch#conf t
switch(conf)#switch 4 priority 4

switch has been successfully replaced


Regards,
Manoj









Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)