Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Backup CSS11503 Ether-Mgnt Interface access

I have box to box redundancy and I would like to access the ethernet-management interface on the backup CSS. The interface is configured and I have also performed commit_redundancy between CSS's, but, I cannot access the B/U CSS. Is the link not accessable because it is backup?

thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Backup CSS11503 Ether-Mgnt Interface access

Hi,

The solution in this case will be to isolate the way you get to the management port or to use the command virtual authentication secondary local in case TACACS is not available.

Also there is another thing you might want to take into account and it is that TACACS routed through the management port is currently not supported according to:

http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_810/getstart/setup.htm#wp1160987

7 REPLIES
Cisco Employee

Re: Backup CSS11503 Ether-Mgnt Interface access

Hello,

The management port on the CSS is 10 Half Duplex please make sure you are connecting with the proper settings to it.

Also keep in mind that in order to apply changes to the management port you need to reboot the device. The interface should be accesible even if the box is backup.

I hope this helps.

New Member

Re: Backup CSS11503 Ether-Mgnt Interface access

I can connect to the Backup CSS11503 through the Ether-mgmt interface to the Username prompt after setting ip managagement route.

Now I cannot authenticate and I'm using Telnet.

Is there another setting?

Cisco Employee

Re: Backup CSS11503 Ether-Mgnt Interface access

Are you using any kind of authentication scheme like TACACS? or are you using the local authentication database of the CSS?

New Member

Re: Backup CSS11503 Ether-Mgnt Interface access

I have the same configuration and have been able to login to the backup css. I don't think it is possible but if you get a way to do so please let me know as well.

Steve

New Member

Re: Backup CSS11503 Ether-Mgnt Interface access

I'm using TACACS and the interface to the upstream router on interface 1/1 is down because backup. I assume you would need a local account for logon which my company does not allow.

I have the next hop on the Ether-mgmt interface set for that subnet next hop router and unless TACACS can be used for authentication I cannot logon.

I keep my configs updated using commit-redun so I know if the master goes down the backup has a working config.

Thanks

Cisco Employee

Re: Backup CSS11503 Ether-Mgnt Interface access

Hi,

The solution in this case will be to isolate the way you get to the management port or to use the command virtual authentication secondary local in case TACACS is not available.

Also there is another thing you might want to take into account and it is that TACACS routed through the management port is currently not supported according to:

http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_810/getstart/setup.htm#wp1160987

New Member

Re: Backup CSS11503 Ether-Mgnt Interface access

Thank you for the information. I use virtual authentication TACACS, but local is not allowed for security reasons.

The last comment is contrary in regards to my Master box, I can login/authenticate to the Ether-mgmt using TACACS or the 1/1 interface with TACACS, two differnt IP's and VLANS.

Thanks

142
Views
0
Helpful
7
Replies