Connection Cisco 6120 to a NX5000

Hello

Even if I know the way normal, I should have the FI to connect to a MDS.

But someone has Cisco 6120 FI successfully configured to connect to any 5000 series nexus, which is connected to a storage?

Should what additional steps I perform?

Thank you

Andy

Ensure that NPIV is enabled on the N5K. Obviously, you'll need create all areas & sets of areas like you would on an SDM, but the procedure is very similar. The N5K should NOT be in VAN mode.

Are you having any difficulties?

Robert

Tags: Cisco DataCenter

Similar Questions

Connection Cisco UCS 6120 FI directly to Cisco Catalyst 6500?

I watch a lot of design with the Cisco UCS solution guide and everywhere it is Cisco Nexus 5000/7000 connects to the uplink ports of Cisco UCS 6120 FI with the benefits of technology to the vPC.

How about connect Cisco UCS 6120 FI directly to 10GE ports in Cisco Catalyst 6500 (without VSS and VSS)? It is possible to design?

If I use C6500VSS there will be port-channel of the aggregation of the UCS Nx10GE all the bandwidth?

And what happens if I use C6500 (without VSS) - how it will be on the many links between UCS and two boxes C6500? It will be blocked by STP? A little on the other?

Please explain to me, because we have only C6500 switches in our data center and want to test a Cisco UCS schassis.

Yes, you can connect the 6120 s to cat6500s with or without vs. With VSS, you get a vPC as port channel where 2 links to a single 6120 can be connected to different 2 6500 s in a port LACP-channel.

VSS is not necessary, you can connect a 10 G uplinks / 1 G of 1 or more of a 6120 at cat6500s. I you have 2 cat6500s (non - vss) and 2 uplinks by 6120, then you want to connect 1 cat6500-1 and the other to cat6500-2. I would recommend going ahead and creating a single port-channel port so that you can easily add the uplinks in the furture without interruption of service.

Ideally, for non - vss, I would have 4 10 uplinks by 6120; 2 in a channel port cat6500-1 and 2 in a port in cat6500-2 channel

How to connect Cisco SG-300-10 L3 switch selector mode in Mode of L2 SG-300-20

Ladies and gentlemen, please forgive me if you find my question too basic. But, I would really appreciate your help. I have two Cisco switches (SG-300-10 and SG-300-20) and I am struggling to connect with each other.

Requirements: Switch Cisco SG-300-10 which is in needs of L3 mode to send the traffic of VLAN tagged to the switch Cisco SG-300-20, which is the mode of L2

What I've done so now

1 Cisco SG-300-10 (Mode L3) to the router directly connected and configured IP addresses, 192.168.0.21. The GVRP is configured for Port 5. Created the VLAN 1000 with interface IP (192.168.100.1) and configured the Port 5 trunk mode (1U, 1000 t)

2 connected Cisco SG-300-20 (L2 Mode) to the router and set up the IP address management, 192.168.0.22. The GVRP is configured for Port 5. 1000 of VLANS created and configured the Port 5 trunk mode (1U, 1000 t)

What does not work

I can't access the address of management of the L2 (192.168.0.22) switch. Note that the L2 switch only on the uplink, which is to the L3 switch. Since the Port 5 also receives no marked traffic of VLAN1 (192.168.1.1), I'm assuming that he would receive the network management of VLAN1.

Other Observations

When I connect the cable between the two switches Port5, I expect to exchange information of VLAN, by documentation. But the lights flash at all.

I tried other things

I tried to connect Port 2 (1U) L3 Switch switch 2 L3 Port (1U). Yet, I can't access to the management of the L2 switch port. However, when I connect 2-Port L3 switch to my laptop, I get an IP address. That tells me that I have to solve the problem of management network pair before the switches.

Hi Späti,

I think the confusion is the use of the address IP address to you and how you manage your computer.

VLAN 1 = 192.168.1.1

VLAN 1000 = 192.168.0.21

How I read that you connect layer 2 VLAN 1 on 192.168.0.21 switch to layer 3 of the same VLAN 1 interface to 192.168.1.1. It's confusing.

So first thing to do is this - change layer 2 switch network 192.168.1.x IP and confirm management works on VLAN 1.

If you want to layer 2 switch works on VLAN 1000, then you need to change the default VLAN 1000, then you can configure your uplink either as the way which you have 1u, 1000 t, or you can use 1000u.

Your management VLAN on the layer 2 switch is VLAN 1 still unless you changed it (which did you not?)

A next important thing for the layer 2 switch is going to be the default gateway. The switch of level 3, you need to specify the address IP of the VLAN 1000, which I think you did to 192.168.0.21/24. This 192.168.0.21 must be the default gateway for the layer 2 switch.

Finally, the computer you connect to layer 3 switch, what that either VLAN that you choose to connect to (1 unidentified), you need to set the IP and default gateway appropriate. So if you're going to VLAN 1 then your computer is 192.168.1.x with gateway 192.168.1.1

And for the comment extra, GVRP is a horrible Protocol and very pitiful, I don't recommend to use.

Cannot connect Cisco Network Assistant to 2911 router

I'm trying to connect my Cisco 2911 router to my community at the NAC. I can see the routers in terms of topology, but when I try to add to the community I get an error message indicating that the router is inaccessible (cannot connect). I can ping client device of soul. I can view the properties of the device to the card (device type: CISCO2911/K9). Telenet attempt connection, but we have only use SSH for connectivity (the same as all my switches that are connected to the community). 2911 is listed as a taken router supported on the Cisco site.

Any quesses what I am doing wrong?

Thanks in advance.

J

Hello
You must enable http for can work.

http://kirkpbm.WordPress.com/2008/07/13/Cisco-network-assistant-enabling...
Pls link for other instructions above check.

Rgds/DP
Sent by Cisco Support technique iPad App

Connection Cisco SG300-10-Core Cisco 6513 for ShoreTel phones

I have a new ShoreTel phone system will soon. Configure a dhcp, including option 156 scope which is required for ShoreTel to obtain the configuration on ShoreTel phones and in order to get on the vlan correct voice on the phone. I also created a new vlan 112 for the vlan voice. When I plug directly into the Cisco 6513 Core switch, the phone starts fine, it gets its configuration and on the VLAN correct 112.

We have a training room in which there will be a lot of users. I ordered 6 Cisco small business 10port SG-300 POE switches for this training room. I plugged the switch in a cable coming off the 6513 which is just an access port and in the vlan voice I created for phones shoretel VOIP:

interface FastEthernet10/11
switchport
switchport mode access
switchport voice vlan 112
priority queue queue-limit 20
WRR-queue random - detect min-threshold 1 30 40 50 60 70 80 90 100
WRR-queue random - detect min-threshold 2 30 40 50 60 70 80 90 100
WRR-queue random detection threshold min 3 30 40 50 60 70 80 90 100
WRR-queue random detection max-threshold 1 70 80 90 100 100 100 100 100
WRR-queue random detection max-threshold 2 70 80 90 100 100 100 100 100
WRR-queue random detection threshold 3 70 80 90 100 100 100 100 100 max
WRR-queue cos-map 1-3-1
WRR-queue cos-1 6 4 map
WRR-queue cos-map 2 6 0
WRR-queue cos-map 2 8 2
WRR-queue cos-map 3 1 7
WRR-queue cos-map 3 8 3 6
MLS qos trust dscp
Storm-control broadcasts 20 h 00
spanning tree portfast

When I plug a phone directly into this cable the phone works very well. When I plug a cheap cisco POE switch in I can get 3 phones works very well, but due to the amount of energy needed for this cheap a cisco switch it will give only 3 phones power.

The real problem here is plug into small business cisco SG300-10port POE managed switch. I thought I could just connect the switch to the port configured above right out of the box and plug in phones without a problem. When I plug the switch and start plugging in ShoreTel phones, they do not start coming in and upward and actually had a few phones upward but then finally there is no tone and also later, they appear on the screen as a service not available.

I have to configure a trunk port on a port on the SG300 and the Cisco 6513 for this to work? Also I will need to VLAN configuration manually on the SG300. Looks like that when I just plugged it in to the above configured the port on the SG300 it automatically create the vlan 112.

Any help would be appreciated

Thank you

Dave

Deleted

Cannot connect Cisco 2621 to AWS EC2 Openswan vpn site to site

Hello, I'm setting up Site to Site vpn between my Cisco 2621 router and Amazon EC2 instance running openswan.
I get on the following message on the openswan server: 'NO_PROPOSAL_CHOSEN '.
My router config Cisco 2621 and Openswan config are displayed below, I know im missing something small, but can't
understand what is :-) any help would be appreciated.

Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: STATE_MAIN_I3: sent MI3, expect MR3
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]. port/protocol Phase 1 ID payload is 17/0. agreed with port_floating NAT - T
' Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: hand mode peer ID is ID_IPV4_ADDR: ' 192.168.1.253.
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: transition of State STATE_MAIN_I3 of State STATE_MAIN_I4
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "House paulaga" #1: STATE_MAIN_I4: ISAKMP Security Association established {auth = PRESHARED_KEY oakley_3des_cbc_192 integ = md5 = MODP1536 group = cipher}
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga home" #2: quick launch Mode PSK + ENCRYPT + TUNNEL + PFS + UP + IKEV1_ALLOW + IKEV2_ALLOW + SAREF_TRACK + IKE_FRAG_ALLOW {using isakmp #1 proposal of msgid:17d23abf = default pfsgroup = OAKLEY_GROUP_MODP1536}
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: regardless of the payload information NO_PROPOSAL_CHOSEN, msgid = 00000000, length = 160
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]. ISAKMP Notification payload
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]. 00 00 00 a0 0e 00 00 00 01 03 04 00
Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: received and ignored the information message

The schema looks like this:
192.168.0.0/24:FA0/1[router]FA0/0 192.168.1.253 - 192.168.1.254 [Modem] 64.231.25.93 (pub ip attributed to my modem)

Cisco 2621 router configuration:

Current configuration: 2649 bytes
!
version 12.3
no cache Analyzer
no service timestamps debug uptime
no service the timestamps don't log uptime
encryption password service
!
cisco2600 hostname
!
boot-start-marker
start the system flash c2600-ik9o3s3 - mz.123 - 26.bin
boot-end-marker
!
logging buffered debugging 10000
no logging monitor
!
No aaa new-model
IP subnet zero
IP cef
!
!
name-server IP 192.168.0.10
!
Max-events of po verification IP 100
!

username admin privilege 15 password 7 01100F175804
!

crypto ISAKMP policy 10
BA 3des
md5 hash
preshared authentication
Group 5
ISAKMP crypto key mysecretkey address 52.39.49.77
!
life crypto ipsec security association seconds 28800
!
Crypto ipsec transform-set AMAZON-TRANSFORM-SET esp-3des esp-md5-hmac

!
11 INTERNET-CRYPTO ipsec-isakmp crypto map
! Incomplete
description Amazon EC2 instance
defined by peer 52.39.49.77
transformation-AMAZON-TRANSFORM-SET game
match address 111
!
!
!
!
interface FastEthernet0/0
Connection to the Bell Modem description
IP 192.168.1.253 255.255.255.0
NAT outside IP
automatic duplex
automatic speed
crypto CRYPTO-INTERNET card
!
interface Serial0/0
no ip address
!
interface FastEthernet0/1
Description of the connection to the local network
IP 192.168.0.254 255.255.255.0
192.168.0.10 IP helper-address
IP nat inside
automatic duplex
automatic speed
No cdp enable
!
interface FastEthernet0/1.2
Service Description Vlan
encapsulation dot1Q 2
IP 10.0.0.254 255.0.0.0
192.168.0.10 IP helper-address
IP nat inside
!
IP nat inside source list ACL - NAT interface FastEthernet0/0 overload
IP nat inside source static tcp 192.168.0.47 3389 interface FastEthernet0/0 3389
IP http server
local IP http authentication
no ip http secure server
no ip classless
IP route 0.0.0.0 0.0.0.0 192.168.1.254
!
!!
!
!
extended ACL - NAT IP access list
allow an ip
allow a full tcp
allow a udp
recording of debug trap
ease check syslog
record 192.168.0.47
access-list 111 allow ip 192.168.0.0 0.0.0.255 172.31.1.0 0.0.0.255
!
!
!
Dial-peer cor custom
!
!
!
Line con 0
password 7 05080F1C2243
opening of session
line to 0
line vty 0 4
privilege level 15
local connection
transport telnet entry
telnet output transport
line vty 5 15
privilege level 15
local connection
transport telnet entry
telnet output transport
!
!
end

Openswan Configuration:

file paulaga.secrets:

64.231.25.93 192.168.1.253 52.39.49.77: PSK "mysecretkey.

file paulaga.conf:

Conn paulaga-home
left = % defaultroute
subnet # EC2 My leftsubnet=172.31.0.0/16
leftid = 52.39.49.77 # EC2 my public ip
right = 64.231.25.93 # My Home Modem public ip
rightid = router 192.168.1.253 # My Home Cisco 2621 outside interface ip
rightsubnet=192.168.0.0/24 # My Home LAN Cisco 2621
authby secret =
PFS = yes
start = auto

Hello

Since we are getting the following error NO_PROPOSAL_CHOSEN could you please add the following on the router policies then check :

crypto ISAKMP policy 10
BA 3des
md5 hash
preshared authentication
Group 5

crypto ISAKMP policy 20
BA 3des
md5 hash
preshared authentication
Group 2

crypto ISAKMP policy 30
BA 3des
sha hash
preshared authentication
Group 2

crypto ISAKMP policy 40
BA aes
md5 hash
preshared authentication
Group 2

Please test with the latter and keep us informed of the results.

Kind regards

Aditya

Please evaluate the useful messages and mark the correct answers.

Fall of connection Cisco RV110W

Hi guys,.

I was wondering if someone could help me,

I bought a box of Cisco RV110W about a month ago and finally got around to setting up, but I have connection problems and have to reboot the box to make it work again, I am currently under the latest version of the firmware 1.2.0.10.

I have a PPPOE connection on the WAN port with the correct credentials as the status page shows my IP address internet and WAN light is green, I have also 4 VLAN is configured.

Trying to access the router outwardly I can't and I have to ask someone to restart while I can, but after a few minutes it will start to play. Y at - it somewhere I can access log files to see if the connection is down on the router.

Thanks, Nick

I am pleased to hear that it was a simple solution as the MTU. :)

I believe you must have a syslog server to obtain complete connects (especially when you have a problem of blocking/restart as you did), although looking at the logs incoming and outgoing can be good for the basic diagnostic. I hope that you can never look at the logs, now that everything works!

Cannot connect Cisco UCCX Appadmin

I'm running a Cisco Unified Voice Infrastructure where I can not connect to the UCCX server over https link to the IP address of the server. But I can ping the server, I can even connect using CLI mode. But I am not able to connect using the Web GUI. Using Firefox as browser it displays "Secure connection has no" - "an error occurred when connecting to 145.17.58.4:8443. SSL has received a low ephemeral Diffie-Hellman key in the handshake message exchange the server key. (Error code: ssl_error_weak_server_ephemeral_dh_key) ".

I use google, read the administration guide and sought the support of the community but could not find a specific remedy for the issue. How can I fix it and connect to the server?

Community rocks! Thanks in advance.

Hi Soledad,

It seems to be hitting bug id CSCuu83416 IE when you use Firefox to access a Web page that is affected by this issue, the following message may appear:

Error: An error occurred during a connection to :. SSL has received a low ephermeral Diffie-Hellman key in handshake of the server key exchange message. (error code: ssl_error_weak_ephermeral_dh_key)

You can try below workaround to solve this problem.

(1) in FireFox, enter "subject: config" in the URL field and press to enter.
(2) accept the warning "this might void your warranty!
(3) in the top search field, enter "security.ssl3.dhe_rsa_aes".
4) double-click on each result (128, 256) to pass the value to "false".

This should fix the problem.

Thank you!

Kunal

(Please indicate all useful posts)

IOS VPN will not respond to connections Cisco VPN Client.

Hi all

I'll put my routers fire here.

I have two 2921 SRI both with licenses of security concerning leased lines separated. I configured one to accept our workers to remote Client VPN Cisco VPN connections.

I have followed the set up process I used on another site with a router 1841/s and the same customers and I have also checked against the config given in the last guide of IOS15 EasyVPN.

With debugs all assets, all I see is

038062: 14:03:04.519 Dec 8: ISAKMP (0): received x.y.z.z dport-60225 Global (N) SA NEW 500 sport package
038063: 14:03:04.519 Dec 8: ISAKMP: created a struct peer x.y.z.z, peer port 60225
038064: 14:03:04.519 Dec 8: ISAKMP: new position created post = 0x3972090C peer_handle = 0x8001D881
038065: 14:03:04.523 Dec 8: ISAKMP: lock struct 0x3972090C, refcount 1 to peer crypto_isakmp_process_block
038066: 14:03:04.523 Dec 8: ISAKMP: (0): client setting Configuration parameters 3E156D70
038067: 14:03:10.027 Dec 8: ISAKMP (0): packet received x.y.z.z dport 500 sport 60225 Global (R) MM_NO_STATE

Here is the abbreviated config.

System image file is "flash0:c2900 - universalk9-mz.» Spa. 154 - 1.T1.bin.

AAA new-model
!
!
AAA authentication login default local
local VPNAUTH AAA authentication login
AAA authorization exec default local
local authorization AAA VPN network
!
!
!
!
!
AAA - the id of the joint session

crypto ISAKMP policy 10
BA aes
preshared authentication
Group 14

ISAKMP crypto group configuration of VPN client
key ****-****-****-****
DNS 192.168.177.207 192.168.177.3
xxx.local field
pool VPNADDRESSES
ACL REVERSEROUTE

Crypto ipsec transform-set aes - esp esp-sha-hmac HASH
tunnel mode

Profile of crypto ipsec IPSECPROFILE
the HASH transform-set value

dynamic-map crypto VPN 1
the HASH transform-set value
market arriere-route
!
!
list of authentication of card crypto client VPN VPNAUTH
card crypto VPN VPN isakmp authorization list
crypto map VPN client configuration address respond
card crypto 65535-isakmp dynamic VPN ipsec VPN
!
!
local IP VPNADDRESSES 172.16.198.16 pool 172.16.198.31

REVERSEROUTE extended IP access list
IP 192.168.0.0 allow 0.0.255.255 everything
Licensing ip 10.0.0.0 0.0.0.255 any

scope of IP-FIREWALL access list
2 allow any host a.b.c.d eq non500-isakmp udp
3 allow any host a.b.c.d eq isakmp udp
4 ahp permits any host a.b.c.d
5 esp of the permit any host a.b.c.d

If anyone can see anything wrong, I would be very happy and it would save the destruction of a seemingly innocent router.

Thank you

Paul

> I would be so happy and it would save the destruction of a seemingly innocent router.

No, which won't work! But instead of destroying the router, I can do it for you. Just send it to me... ;-)

OK, now more serious...
1. The default Cisco IPSec client uses only DH group 2, while you set up the 14. Try to use Group 2 in your isakmp policy.
2. You have your virtual model in place? She is not in the config.

connect Cisco VPN client v5 to asa 5505

I have remote vpn configuration issues between ASA5505 and Cisco VPN client v5. Successfully, I can establish a connection between the client Vpn and ASA and receive the IP address of the ASA. Statistical customer VPN windows shows that packets are sent and encrypted but none of the packages is received/decrypted.

Cannot ping asa 5505

Any ideas on what I missed?

Try adding...

ISAKMP nat-traversal crypto

In addition, you cannot ping the inside interface of the ASA vpn without this command...

management-access inside

Please evaluate the useful messages.

PPTP connected cisco VPN but Internet not working

What wrong with my setup but my device not "connected to the internet, I use ubuntu 12.04 LTS
Cisco 1841

version 12.4

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname Router

boot-start-marker

boot system flash c1841-ipbasek9-mz.124-24.T.bin

boot-end-marker

logging message-counter syslog

enable secret 5 $1$eb9Q$7kMUF5Am0kVn/QXwssfrD/

aaa new-model

aaa authentication login default local

aaa authentication ppp default local

aaa authorization network default local

aaa session-id common

dot11 syslog

no ip source-route

ip cef

ip name-server 202.134.1.10

ip name-server 202.134.0.155

multilink bundle-name authenticated

vpdn enable

vpdn-group PPTP

! Default PPTP VPDN group

accept-dialin

protocol pptp

virtual-template 1

username ala***n password 7 051B131C2A4343

username fa***ul privilege 15 password 7 03520B59565F701C16594B51

Connection Cisco 6120 to a NX5000

Similar Questions

Maybe you are looking for