INFORMATIONAL NOTES AND STATEMENTS
10/24/01 P/N: 9038090-17 CUSTOMER RELEASE NOTES Page: 30 of 34
F0615-F Subject to Change Without Notice
Terminal Access Controller Access Control System + (TACACS+) and RADIUS Manual
During system boot-up, if the user hits the “enter” key or attempts to connect using Telnet while
TACACS+ or RADIUS Authentication is enabled, the “last-resort” option will be exercised with the
following error message:
%CONS-W-AUTH_SUCCEED, contact TACACS+ [or RADIUS] server failed: last-resort ___
This may occur fort the following reasons:
1. The user is not giving the X-Pedition enough time to boot-up properly. Although the console
may give the “Press RETURN to activate console…” message, the X-Pedition may still be
bringing up interfaces or learning routes at this time. If the AAA server’s interface is not yet up,
or the route has not yet been learned, the X-Pedition may give up attempts to communicate with
the server and go to last resort.
2. The accounting system info option for the AAA server has been activated, and the deadtime
value is set. On boot-up, the X-Pedition will attempt to send accounting messages to the AAA
server; it will fail until the interface containing the X-Pedition has come up. If the deadtime value
is set, the AAA server will be flagged as dead, and the router will skip over it and automatically
go to last-resort.
Workaround:
• Give the X-Pedition more time to boot-up (this may take longer with larger numbers of interfaces
and/or more configuration).
• If the AAA server is connected to the X-Pedition through multiple hops, attempt to bring the
server closer to the router.
• Increase the retry count.
• If accounting system info is enabled, decrease the deadtime value.
NOTE: Until the system is fully booted, system messages will not be logged to the AAA server.
Virtual Local Area Network (VLAN) Manual
There are two special VLANs on the X-Pedition, the Default VLAN (ID=1) and the VLAN with
ID=4095. The Default VLAN contains all of the ports not used in other VLANs. When ports are
added to VLANs, they are removed from the Default VLAN. When ports are removed from a VLAN
with an ID other than 1, they are returned to the Default VLAN. The VLAN with the ID of 4095 (a.k.a.
the "blackhole VLAN") is used as the repository for all incoming frames with no destination.
These two VLANs have the following restrictions:
• Ports cannot explicitly be added to either of these VLANs.
• Layer 3 interfaces cannot be associated with the "Blackhole VLAN" (ID = 4095)
• IPX interfaces cannot be associated with the "Default VLAN" (ID = 1).
In order to pass all IBM protocol types, a unique VLAN must be configured for both the SNA and the
Bridged protocols.
Additional information can be found online at: http://www.enterasys.com/support/techbltn/tb1169-
9.html
Wide Area Network (WAN) Modules Manual
Port mirroring, ACL, and Layer-2 filtering are supported on a per-WAN-card basis, not a per-port
basis.
(5 Seiten)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern