Service Related Knowledge
Capturing a Configuration at the Cisco Console:
A Cisco router or switch configuration is nothing more than a plain text ascii config loaded into RAM. When a router or switch is replaced with a new device, the configuration on the old device can be transferred to the new device by performing the following tasks without the need to configure the new device from scratch. Save the configuration Edit the configuration Restore the configuration Perform the following steps to capture and save the old device system configuration to a text file. 1. Start a Tera Term session and establish console connection to the device frm which you are planning to copy the configuration. 2. At the prompt, type enable, and provide the password when prompted. The prompt changes to Device#, indicating the router is now in privileged mode. 3. At the Device# prompt, type Terminal Length 0 to force the router to return the entire response at once, rather than a screen at a time. 4. On the Tera Term menu, select File > Log... The Log window appears 5. Name this file "config.txt" optionally browse to an alternative directory in which to save the file, or simply accept the default location. 6. Click Save to dismiss the Log window and begin the capture. 7. On the Tera Term menu, select File > Show Log Dialog... the Log Dialog window appears 8. At the Device# prompt, type show start. Allow time for the router to complete its response. 9. On the Tera Term Log Dialog window, click close to stop capture 10. At the Device# prompt, type Terminal Length 24 to reset the terminal display length to its default value (24 lines per screen).
Cisco IOS Configuration Sources:
An administrator can access a Cisco device to make configuration changes without being connected to the network. They can either use a terminal connection plugged directly into the console port or dial into the console port or auxiliary port using a modem. These are referred to as out of band configuration options. After the initial configuration of the Cisco devices, administrators can then access and configure the device by establishing a terminal session using Telnet or SSH. Alternatively, administrators can download a previously written configuration file using a Trivial File Transfer Protocol (TFTP) server or use a network management software application such as Cisco Works LAN Management Solution on the network. These methods are referred to as in band options because they require IP connectivity across the network.
Speed Related issues:
Another common layer 1 problem in a LAN is a speed mismatch between two Ethernet devices. Cisco routers and switch Ethernet ports have several speed options. Some models support up to 100 megabit per second speeds, some models support up to 1, 10, 40, and 100 Gigabit per second speeds. When you configure an Ethernet device, you typically have 4 speed choices: 10, 100, gigabit, or auto. Combinations of these options have varying results: · If one end of the connection is manually set to one speed and the other manually set to another, it results in a mismatch · If one end is set to a higher speed and auto negotiation enabled in the other, and auto negotiation fails, the auto negotiation end revers to its lowest speed. The result is a speed mismatch · If auto negotiation is set on both ends and auto negotiation fails on both ends, both revert to their lowest speed which means there is no mismatch, but the speed will be the lowest that the port supports.
Downloading a Configuration From a FTP Server:
Another very common network server application to download a configuration to a Cisco router or switch is FTP, File Transfer Protocol. For security reason, FTP is used with user based password authentication, but anonymous user access may be allowed as well. Some well known FTP server utilities include FileZilla, CrossFTP, Xlight. Once a FTP server is started and running and the files that are to be downloaded are in the FTP server's root directory, the configuration can be downloaded. First, open the terminal sessions window with the Cisco router or switch. Since FTP usually requires authentication, the Cisco router or switch must be configured with the appropriate username and password. In this example, the username is webex and the password is classfiles. Once the login credentials have been configured, then download the config file with the command copy ftp start. If the config file is copied into the running-config with the command copy FTP running rather than the startup config, the config file will merge with the running-config and not override it. When prompted, type in the FTP server's IP address and the name of the configuration file that is being downloaded. When asked for destination filename, simply press the enter key. The config file will then be downloaded into NVRAM become the startup config file. Now to load the downloaded configuration into RAM without merging the running config, restart the Cisco device using the reload command and press enter. When prompted to confirm the reload, simply press the enter key again.
Performing Cisco IOS Image Backup and Download via FTP:
Before performing Cisco IOS image backup and download on the Cisco device via FTP server, make sure there is access to the FTP server. Ping the FTP server from the Cisco device to verify connectivity. Since FTP usually requires authentication, the Cisco router or switch must be configured with the appropriate username and password. In this example, the username is webex and the password is classfiles. Use the show flash: command on the Cisco Device to determine the filename of the IOS image file being backed up and its size. Verify that the FTP server has sufficient disk space to store the IOS image. To back up the system file from the Cisco Device to the FTP server, use the following commands in the privileged EXEC mode: · Copy flash: [the name of the IOS image] FTP · When prompted, type in the FTP server's IP address and the name of the IOS file that is being uploaded. · When asked for the destination filename, keep the default filename and simply press the enter key · The IOS image file will then be uploaded from flash to the FTP server. · The exclamation points indicate the successful copying process from the flash memory of the Cisco device to the FTP server. · To download the system image file from the FTP server to flash memory on the Cisco device, use the following command in the privileged EXEC mode: · Issue the command copy ftp flash: · When prompted, type in the FTP server's IP address and the name of the IOS file that is being downloaded. · When asked for the destination filename, keep the default filename and simply press the enter key. · The IOS image file will then be downloaded from the FTP server into the Cisco device's flash · With some combinations of model and IOS version, the Cisco device may prompt the administrator to erase flash. · If there is sufficient storage in flash, the administrator is able to answer "no" and have multiple files in flash memory. · The exclamation points indicate the successful copying process from the server to the Cisco device.
Performing Cisco IOS Image Backup and Download via TFTP:
Before performing Cisco IOS image backup and download on the Cisco device via TFTP server, make sure there is access to the TFTP server. Ping the TFTP server from the Cisco device to verify connectivity. Use the show flash: command on the Cisco Device to determine the filename of the IOS image file being backed up and its size. Verify that the TFTP server has sufficient disk space to store the IOS image. To back up the system image file from the Cisco Device to the TFTP server, use the following command in the privileged EXEC mode: · Copy flash: [the name of the IOS image file] TFTP · When prompted, type in the TFTP server's IP address and the name of the IOS file that is being uploaded. · When asked for the destination filename, keep the default filename and simply press the enter key · The IOS image file will then be uploaded from flash to the TFTP server · The exclamation points indicate the successful copying process from the flash memory of the Cisco Device to the TFTP server. To download the system image file from the TFTP server to flash memory on the Cisco Device, use the following command in the privileged EXEC mode: · Issue the command copy tftp flash: · When prompted, type in the TFTP server's IP address and the name of the IOS file that is being downloaded. · When asked for the destination filename, keep the default filename and simply press the enter key. · The IOS image file will then be downloaded from the TFTP server into the Cisco's Device's flash · With some combinations of model and IOS version, the Cisco device may prompt the administrator to erase flash · If there is sufficient storage space in flash, the administrator is able to answer "no" and have multiple files in flash memory · The exclamation points indicate the successful copying process from the server to the Cisco Device.
Performing a Password Recovery on a Cisco Switch:
For circumstances in which a switch has an unknown enable password to get to privileged exec mode, yet the configuration must still be maintained, follow these steps: 1. Unplug the power cable to the switch 2. Reconnect the power cable to the switch 3. Hold down the mode button on the front of the switch while the switch boots 4. Release the Mode button after approximately 15 second when the console displays the first 4 lines of the bootup process. 5. The switch displays the first command that is needed to continue with the password recovery 6. Issue the command "flash_init". 7. Once the switch: prompt has returned, the switch's current config with the unknown password must be renamed so it is not loaded on the next power cycle. 8. Type "rename flash:config.text flash:config.old" to rename the configuration file 9. Issue the "boot" command to boot the system Once the switch has rebooted and you do not proceed with the configuration dialog, 1. At the switch prompt, type "enable" to enter privileged exec mode 2. Now load the switch's configuration with the unknown password to become the active running config using the command "copyflash:configold system:running-config". 3. Change the unknown password of the running config file to a new password you will remember 4. Next, save the running config with the new password to the startup config overwriting the old unknown password.
Performing IOS Image Replacement Without an Operational IOS (Flash Card or USB):
For system that have a removable flash card and to assist in disaster recovery when the IOS image has become corrupted, the removable flash card can be inserted into a compact flash card reader of a laptop and the IOS file copied from the hard drive to the flash card. The flash card then can be removed from the laptop and placed back into the device and booted simplifying disaster recovery. But the primary method to recover or upgrade a network device system image is via the USB port if the devices is so equipped. The IOS is copied from a laptop to a USB flash memory stock then moved to the network device's USB port and booted from there. To recover the device using the USB port from the rommon prompt, do the following: · Issue the dev command to see which memory devices are available. · Issue the command "boot usbflash0:IOS image name.bin" or "boot usbflash1:IOS image name.bin" to boot the device with the IOS image copied from the laptop. · After the device has fully booted to normal operation, copying IOS to the internal flash is done simply by using the command "copy usbflash0:IOS image name.binflash:IOS image name.bin" or "copy usbflash1:IOS image name.binflash:IOS image name.bin".
Performing IOS Image Replacement with xmodem:
If a Cisco router fails to find a viable IOS to boot from when powered on, the router will eventually load the diagnostics program in ROM called rom monitor also known as "rommon". The router indicates it is in this mode by displaying a rommon prompt. With routers have removable flash memory or with USB flash support, a new IOS can simply be copied from a PC onto the flash card or USB disk, placed in the flash slot or USB port on the router, and that IOS would be loaded when the router is re-started. However, if a flash card and USB port are defective or not even available, the router must load an IOS image using other means. One way of performing an IOS image replacement without an operational IOS is through the router console port via the xmodem protocol. To load a Cisco IOS image through the Cisco device console port via xmodem, follow these steps: · First, prepare the router for the IOS file: o Open a terminal session with the router's console port using a terminal application. o From the router's rommon prompt, use the confreg command to change the console baud rate from 9600 bps to 115200 bps to speed up the download time. o When asked if you wish to change the configuration, answer "yes" o Press Enter to accept No as the default answer for the next six questions o When asked change console baud rate, answer "yes" and enter 7 to select 115200 bps. o Press Enter to accept No as the default answer to the next two questions o From the rommon prompt, type reset to reset the router. · Once the router boots up in rommon, the Tera Term session starts to display illegible characters. Use the following Tera Term options to change serial port baud rate to 115200 bps to match the console rate: o From the Tera Term VT window, click Setup then click Serial port o In the Baud rate field choose 115200 from the dropdown box, click OK o From the Tera Term terminal window press the enter key. The rommon prompt should appear. · To start the router for the xmodem transfer, complete these steps: o From the router's rommon prompt, type xmodem - ?, which shows that there are several distinct parameters of the xmodem command. o The parameter of -c has the router use a better checksum verification technique to ensure that the file is copied to the router without errors § Issue the command xmodem -c and the filename of the stored Cisco IOS image to be copied to the router. § When asked if you want to continue click Yes o The router indicates that it is ready to receive the file. § From the Tera Term's menu bar, choose File > Transfer > XMODEM > Send § In the Send File window, click Browse and navigate to the folder containing the Cisco IOS image file § Highlight the filename and click Open to start the transfer. o Verify that the transfer process has begun by making sure that the numbers in the Number of Packets counter and the Number of Bytes Sent counter are increasing. When the transfer is complete the router decompresses the image and boots automatically. When the system IOS image is loaded, complete the following steps to restore the router console port speed and configuration register to the default value: § Log into the router § Change the console port speed to the default, 9600bps § Change the Tera Term serial port baud rate to 9600 bps § From the Tera Term terminal window, press Enter. The router prompt is displayed § Change the router configuration register to the default value, 0x2102. § Save the running configuration to startup-configuration o For some router models, a manual restart of the router may be required after the xmodem transfer is complete. To manually restart the router with the new Cisco IOS image from the rommon prompt, do the following: § From the rommon prompt, type reset § Type I for "initialize" § Verify that the router will reboot normally by setting the configuration register back to its default value of 0x2102. This action restores the console port speed to the default 9600 bps when the system is reset. § Type the command reset again to restart the router and load the newly transferred Cisco IOS image. § Change the Tera Term serial port baud rate to 9600 bps § From the Tera Term terminal window, press enter a few times. The router IOS boot message is displayed.
Performing IOS Image Replacement with tftpdnld
If a Cisco router follows the process of finding and loading its operating system when powered on, but fails to find a viable Cisco IOS image to boot from, the router eventually loads the ROM monitor. The router indicates that it is in the mode by displaying the rommon prompt. With routers having removable flash memory, you can copy a new Cisco IOS image from a PC onto the flash card and place it in the flash slot on the router, and that image is loaded when the router is restarted. However if a flash card is defective or unavailable, the router must load a Cisco IOS image using some other means. One way to perform a Cisco IOS image replacement without an operational Cisco IOS image is to use the tftpdnld utility of the Cisco router, which means that you can download a Cisco IOS image from a network TFTP server. To load a Cisco IOS image with the tftpdnld utility, follow these steps: · Set up the router's parameters for the Cisco IOS download with TFTP: o From the command prompt, o Sets IP_ADDRESS equals the address of this router receiving the downloaded the Cisco IOS image. o Sets IP_SUBNET_MASK equals the mask of the router o Sets DEFAULT_GATEWAY equals the router's default gateway if it is trying to reach a TFTP server that is not in its local network o Sets TFTP_SERVER equals the address of TFTP server from which the Cisco IOS image will be downloaded o Sets TFTP_FILE equals the filename of the Cisco IOS image that is to be downloaded from the TFTP server's base directory · Type tftpdnld to start the download, and answer yes, which is case sensitive. · Answer yes at the prompt to continue.
Local Loopback Testing with a 56K Loopback Plug:
Local loopback test the customer premises equipment, the router, serial cable and CSU/DSU. To do so, the local circuit will be looped back from the CSU/DSU to the router using a loopback plug. Complete these steps to create a loopback plug for a 56K circuit: · Use wire cutters to create a working RJ45 cable that is 5 inches long with an attached connector. · Strip the wires. · Twist the wires from pins 1 and 7 together · Twist the wires from pins 2 and 8 together. · Leave the rest of the wires alone.
Local Loopback Testing with a T1 Loopback Plug:
Local loopbacks test the customer premises equipment, the router, serial cable and CSU/DSU. To do so, the local circuit will be looped back from the CSU/DSU to the router using a loopback plug, Complete these steps to create a loopback plug for a T1 CSU/DSU: · Use wire cutters to create a working RJ45 cable that is 5 inches long with an attached connector · Strip the wires · Twist the wires from pins 1 and 4 together · Twist the wires from pins 2 and 5 together · Leave the rest of the wires alone. The hardware loopback plug test is used to see if the router and the entire CSU/DSU have any faults. If a router passes a hardware loopback plug test, then the problem exists elsewhere on the line. Once the loopback plug has been created, insert the plug into the network (Telco) side of the CSU/DSU. To complete local loopback testing with a plug, perform an extended ping and monitor the show interface serial command for errors on the interface. First verify that the router interface has been looped. The show interface serial command should display the status of the interface as up/up and looped. The next step is to clear the interface counters and perform the extended ping. Once the loopback plug has been inserted, and the serial interface status shows looped, use the clear counters command to clear the interface counters. Then Perform the extended ping test by following these steps: · Type "ping IP" · For Target address, enter the IP address of the local serial interface to which the loopback plug is attached. · Increase Repeat count to a value such as 50 · Increase Datagram size to a value of 1500 · Press Enter to answer all further options. Examine the show interface serial command output to verify packets have been received and to determine whether input errors have increased. If input errors and the cyclic redundancy check (CRC) counters have not increased, the local hardware such as the CSU/DSU, cable, router, and interface card is probably in good condition. Therefore, remove the loopback plug from the CSU/DSU and move on to the next test to be performed. Other loopback tests would include a Telco assisted loopback test to verify the local circuit to the provider is functioning properly.
Installing a TFTP Server to Download a Configuration:
Once a Cisco router or switch configuration has been successfully copied to a network server, it can just as easily be downloaded to an installed replacement device. A very common network server application to do so is TFTP, Trivial File Transfer Protocol. TFTP is a simple protocol to transfer files. It is designed to be small and easy to implement, and therefore, lacks most of the features of the FTP protocol. TFTP only reads and writes files to and from a server. It cannot list directories and it has no provision for user authentication. Transferring files via TFTP requires a TFTP server application. Some well known TFTP server applications include SolarWinds TFTP server, TFTP Desktop, TFTPd64 and TFTPd32. TFTPd32 is a freeware application which can be easily downloaded from the Internet. Once downloaded, to install: · Navigate to the folder in which the tftpd32 application was saved and double click the Tftpd32-4.52-setup.exe executable file · In the window, which appears, click the I Agree button for license agreement · Click Next, then Install to install the tftpd32 application · Double click the tftpd32.exe file to start the server · Once opened, configure the root directory of the TFTP server by clicking the browse button next to the field labeled Current Directory · Select the appropriate Ethernet interface being used by tftpd32. · Navigate to the folder which contains the configuration file that will be downloaded to the router or switch. Highlight that folder, and click OK.
Downloading a Configuration From a TFTP Server:
Once a TFTP server has been installed, its services started, and the files which are to be downloaded are in the TFTP server's root directory, then the configuration can be downloaded. · First verify the TFTP server is started and double check the name of the config file to be downloaded by clicking the show directory button. · Open the terminal sessions window with the Cisco router or switch · From the device's command prompt, ping the server's IP address to test connectivity with the TFTP server. · Then download the config file with the command copy TFTP start · If the config file is copied into the running-config with the command copy TFTP running rather than the startup config, the config file will merge with the running config and not override it. · When prompted, type in the TFTP server's IP address and the name of the configuration file that is being downloaded · When asked for destination filename, simply press the enter key · The config file will then be downloaded into NVRAM becoming the startup config file · The exclamation points indicate the successful copying process from the TFTP server to the router. A quick show startup-config command will verify that the device configuration is present before proceeding. Now to load that downloaded configuration into RAM without merging with the running-config, restart the Cisco device using the reload command and press enter. If prompted to Save the running config, enter No at this point. When prompted to confirm the reload, simply press the enter key again or just simply turn the device off for 30 seconds, and turn it back on. The startup config will be loaded from NVRAM.
Understanding the Cisco Device Interface Status:
One of the most important elements of the show interfaces command output is the display of the line and datalink protocol status. The parameter refers to the physical layer of the OSI model and essentially reflects whether the interface is receiving CD (Carrier Detect). The second parameter refers to the data link layer of the OSI model, layer 2. This parameter reflects whether the data link layer protocol keepalives are being recovered. The output of the show interfaces serial exec command displays information specific to serial interfaces and can be used to diagnose serial line connectivity problems in a WAN environment. · If both the line protocol and the interface are up, this is the proper status line condition. · If the interface is up and the link protocol is up (looped), a loop exists in the circuit · If the interface is up and the line protocol is down, a problem exists at layer 2. Some possible causes include a remote router is misconfigured, the far side router or provider WAN switch has keepalives disabled, or a timing problem has occurred on the cable. · If both the line protocol and the interface are down, a physical layer 1 problem exists. For example, a cable might not be attached properly, or the router may not be receiving a CD signal from the Telco provider in a WAN, or the CSU/DSU Hardware failure has occurred. · If the interface is administratively down and the line protocol is down, it has been manually disabled (the shutdown interface command has been issued) in the active configuration. The output of the show interfaces Ethernet exec command displays information specific to Ethernet interfaces and can be used to diagnose Ethernet line connectivity problems in a local area network (LAN) environment. · If the interface is up and the line protocol is down, a problem exists at layer 2. Some possible causes include a layer 2 mismatch in encapsulation type, meaning the routers' frame formats differ, or a hardware failure has occurred. · If both the line protocol and the interface are down, a physical layer 1 problem exists. For example, a cable might not be attached properly, or there is a speed or duplex mismatch with another LAN device. · If the interface is administratively down, it has been manually disabled (the shutdown command has been issued) in the active configuration.
Using SSH to Connect to Cisco Devices:
SSH: Secure Shell, is a virtual terminal protocol that is part of the TCP/IP suite. Like Telnet, it allows connections and remote console sessions from one network device like a PC host to another remote device like a router or switch. But unlike Telnet, SSH as a remote administration tool sends all traffic between the hosts in encrypted format. Also unlike Telnet, Cisco devices need an appropriate version of IOS and need to be configured to be able to support SSH connections. Establishing a SSH session can be done from a SSH client application. Some well known remote administration utilities which support SSH include PuTTy, Secure CRT, and TeraTerm. · Navigate to the folder in which the putty application was saved and double click the putty.exe executable file. · In the putty configuration window type the IP address of the Cisco router or switch being administered. · Verify that the SSH option has been chosen, and that the port is 22, the default port of the SSH application and then click ok. · In the Putty SSH session window, type in the appropriate username and password when prompted. · Press the enter key and the SSH sessions router or switch command prompt should appear.
Telco Assisted Loopback:
Telco Assisted Loopback: Assisted loopback tests are done with the help of the Telco provider, but are not done independently by the Telco. For these loopback tests, the Telco must provide loopbacks toward your premises from the Telco switches in its network. The Telco will "split the circuit" at the Telco switch closest to the CPE router by supplying a looped circuit back towards the router. In this way only the portion of the circuit between the first Telco switch and the CSU/DSU and router is being tested. The looped circuit can then be monitored from the router using an extended ping and monitoring the show interface serial command for errors in the interface. Use the clear counters command to clear the interface counters. Then perform the extended ping test by following these steps: · Type "ping ip" · For Target address, enter the IP address of the local serial interface to which the IP address was just assigned · Increase Repeat count to a value such as 50 · Increase Datagram size to a value of 1500 · Press Enter to answer all further options. Examine the show interface serial command output to determine whether input errors have increased. If the ping was successful, and the input errors and the cyclic redundancy check (CRC) counters have not increased, the local circuit from the router to the Telco's provider's first switch is probably in good condition. If so, move on to the next loopback test to be performed such as another Telco assisted loopback test on the far side of the connection to verify its local circuit to its provider is also functioning properly. If it is clean, you can use this information to conclude that the problem is within the Telco cloud.
PING Test and Telnet Connection:
The fundamental command to verify that two devices have obtained IP connectivity is PING. PING (Packet InterNet Groper) operates by sending echo request packets to the target hose and waits for an echo response message. In the process, the PING utility measures the round-trip time of each of 4 packets it sends and it also records any packet loss. Verifying IP connectivity with PING on a Microsoft Windows client will be done from the host's command prompt. · Open a command prompt window · From the Windows desktop choose the start button from the taskbar · Choose run · In the field labeled open, type CMD and click ok. CMD is the name of an executable which opens a command window · Once the command window opens, from the command prompt, type the command PING and the IP address of the destination device and press the enter key. This may be a directly connected Cisco router or switch that is being configured. The results display the success rate of the 4 PING packets generated and sent by the PC. Telnet: a virtual terminal protocol that is part of the TCP/IP suite. It allows connections and remote console sessions from one network device like a PC host to another remote device like a router or switch. One of the major drawbacks of telnet as a remote administration tool is all traffic between the hosts are sent in clear text. Telnetting from a Microsoft Windows host can be done from the host's command prompt or from another vendor's telnet client application. Some well-known remote administration utilities which support telnet include PuTTy, Secure CRT, and Tera Term. To use the Tera Term telnet client, open a command prompt window: · From the Windows desktop choose the start button from the taskbar · From the following menus, choose All Programs, Tera Term, and Tera Term · Once the Tera Term window open, from the New connection dialog box, select Telnet and enter the IP address of the router or switch to be administered and click OK. · During the connection process, the telnet client may be prompted for a password and once authenticated, the Cisco router or switch command prompt should appear.
Configure PC IP Settings and Verify Connection:
To administer a Cisco router or switch by using a network connection, you must configure the PC client with IP. To configure the IP settings of a Microsoft Windows PC, complete these steps: 1. From the Windows 10 PC, right click the Start button and choose Network Connections. Alternatively type view network connections in the search box in the taskbar, and then choose View network connections at the top of the list. 2. Right-click the click the connection that you want to change, and then choose Properties. 3. Click the Networking tab. Under this connection uses the following items, choose Internet Protocol Version 4 (TCP/IPv4) and then click the Properties button. 4. In a subsequent window, choose the "use the following" address options and type the appropriate IP address and subnet mask. If the PC is plugged directly into the Cisco router or switch that is being administered, the PC's IP address should be in the same subnet as the Cisco device. 5. Click OK and then click OK again. Verify a PC's IP settings on a Microsoft Windows client from the host's command prompt, using the command IPCONFIG as follows: 1. Open a command prompt window 2. From the Windows 10 PC, right click the Start button and choose Command Prompt. The results display the PC's IP settings which include the IP address, subnet mask, and default gateway.
Cisco IOS Configuration Through USB Console Connection:
To make a physical connection from a PC to the USB console port of a Cisco device, use the following steps with a USB 5-pin mini Type B to Type A cable: 1. Obtain Cisco Microsoft Windows USB Device Driver from cisco.com website and install it on the PC 2. Connect the USB 5-pin mini Type B end of the console cable to the USB console port of the Cisco router or switch 3. Connect the USB Type A end of the console cable to the USB port of the PC. A USB-C to RJ45 Console Cable is used to connect from a PC USB-C to the RJ45 console port of a Cisco switch or router. This rollover cable connects a PC to a Cisco switch or router console port for configuration and management.
Pasting a Configuration at the Cisco Console:
To paste the modified configuration to the replacement device: 1. Establish Console connection to the replacement device 2. Type the necessary passwords to gain access to User Privileges mode then to EXEC Privileges mode 3. Open the modified configuration text file you will use to upload the configuration to the replacement device 4. Highlight several lines (one or two sections) of the configuration file 5. Copy the selected text to the Windows clipboard. Copying can be performed either by selecting Edit > Copy from the text editor's menu, or by holding down the CTRL key and simultaneously pressing the letter C (CTRL+C) 6. Switch to the Tera Term window, and type config t at the Router# prompt and press Enter, this will put the replacement device into configuration mode. 7. Paste the configuration file into the replacement device by selecting Edit > Paste to Host on the Tera Term menu. 8. For the next section of the configuration, repeat steps 4, 5, and 7 until you have pasted the entire contents of the configuration file into the replacement device. After the configuration has finished pasting and the replacement device brings you back to the config prompt, type copy run start to write the configuration into memory. Type show run, and compare the output with the original configuration text file you have on your laptop.
Terminal Application Configuration for Console Connection:
To prepare a PC to become the terminal for configuring the Cisco router or switch through the console port, you must first open a terminal application like Tera Term or PuTTy. View the following steps to configure the COM port settings using Tera Term: · From the Windows desktop, choose the start button from the taskbar · From the following menus, choose all programs, Tera Term and Tera Term Once Tera Term opens, the New Connection window appears. In the dialog box choose Serial, the appropriate COM port, and click OK. When the Tera Term VT window appears, click "Setup", serial port. Next, configure the serial com port settings: · In the "Baud rate" field choose 9600 from the dropdown box. This is the default speed of the Cisco device console port. · In the Flow Control field choose None from the dropdown box. Leave all other unchanged and click OK. Finally from the Tera Term terminal window, test connectivity with the Cisco console port by pressing the enter key. The Cisco device prompt should appear.
Editing a Configuration at the Cisco Console:
Typically a router or switch will contain passwords and other security commands (aaa, tacacs, etc) within the configuration. It is a best practice to remove any configured security commands before placing the configuration on a replacement device. This process provides an uninterrupted console session during the configuration restoration of the replacement device. Perform the following procedures to edit the configuration file for reuse in the replacement device. · Open the configuration text file which was captured from an old device with any text editor, Microsoft Notepad for example. · Save the configuration file with a different name to have the original configuration file available for reference if needed · Search for and remove commands that start with 'banner' , 'aaa' , 'access-list' , 'tacascs' , 'radius' , 'username' , or the 'enable secret' & 'enable password' commands · Remove all configuration under the following sections: o Line con 0 o Line vty 0 4 o Line vty 4 15 (applies to switches only) o Line aux 0 (applies to routers only) · Add the command 'enable secret cisco'. This sets the enable password to 'cisco'. · Add the command syntax: line vty 0 4, password cisco, login. This sets the telnet password to 'cisco'. · Add a 'no shutdown' command to interfaces in the configurations that are not explicitly configured with a 'shutdown' command. · Save the file.
Saving Configurations:
When a change to a Cisco Router or Switch is made, it affects the active, current running-config stored in RAM. To save those configuration changes, you must do so manually. If the Cisco device were to lose power before the changes were saved, those changes would be lost. To save Cisco router or switch configuration, you copy the running-config top the startup-config. When prompted for the destination filename, the device suggests a destination filename of "startup-config". Simply press the enter key to complete the save.
Performing a Password Recovery on a Cisco Router:
When a router has an unknown enable password for accessing the privileged exec mode but the configuration must be maintained, you must first configure the router to no load the startup configuration file containing the unknown password when the router performs its next power cycle. Follow these steps: 1. On the terminal keyboard, within the first 60 seconds of power on for entering the router into the ROMMON mode, press on of the following: Break, Ctrl-C or Ctrl-B (on new laptops) 2. At the rommon prompt, type confreg 0x2142 to bypass loading the startup configuration. 3. Type the command reset. When the router has rebooted and you do not proceed with the configuration dialog box, do the following: 1. At the router prompt, type enable to enter the privilege exec mode. 2. Load the router's configuration with the unknown password to become the active running configuration by using the command copy start run. 3. Change the unknown password of the running configuration file to a new password that you will remember. The unknown password could be one or all of the following: enable password, Console password, VTY passwords, or the Enable secret. 4. Change the configuration register back to its default with the command config-register 0x2102. 5. All interfaces that are to be active must have the no shutdown command performed on them to make them active. 6. Use the command copy running-config startup-config to save the running configuration to the startup configuration. This action completes the password recovery procedure.
Identifying WAN Media Issues:
When a serial line does not come up, the show interface command may display a status of down/down. The best way to troubleshoot the circuit is to perform loopback tests. Loopback tests allow you to isolate pieces of the circuit, and test them separately. Proper testing begins with local loopback testing with a CSU/DSU loopback plug. Then testing should precede to Telco-assisted loopback tests that involve the provider. Remember, all loopback testing is intrusive to the circuit. Therefore, traffic will be unable to pass across that link while troubleshooting the circuit.
Cisco IOS Configuration Through a TCP/IP Network Connection:
When configuring the Cisco router or switch across a network, the client PC can be physically located anywhere it has IP connectivity with the device, even across the Internet. Configuring a Cisco device across a network connection can also be accomplished with the client PC connected directly to the device's Ethernet network ports. The equipment needed to configure a Cisco device through a directly connected network connection include: · PC with a working Ethernet interface · An available Ethernet network port on the Cisco router or switch · Remote administration software like a Telnet or SSH application installed on the PC · A UTP straight-thru cable to configure a switch or a UTP crossover cable to configure a router To make a physical network connection directly into a Cisco switch, connect one end of a UTP straight-thru cable to the Ethernet RJ45 port of the PC. Connect the other end of the straight-thru cable to one of the available Ethernet ports of the switch. To make a physical network connection directly into a Cisco router, connect one end of a UTP crossover cable to the Ethernet RJ45 port of the PC. Connect the other end of the crossover cable to one of the available Ethernet ports of the router.
Duplex Related Issues:
When you configure an Ethernet device, you typically have 3 duplex choices: half, full, or auto negotiate. Combinations of these options have varying results: · If one end of the connections is manually set to full duplex and the other end manually set to half duplex, it results in a mismatch. · If one end of the connection is manually set to full duplex and auto negotiation configured on the other end, and auto negotiation fails to half duplex, it results in a mismatch. · If one end of the connection is manually set to half duplex and auto negotiation set on the other, and auto negotiation fails to half duplex, there is no mismatch, but both ends are half duplex mode. · If auto negotiation is set on both ends of the connection and one end fails to full duplex and other fails to half duplex it results in a mismatch.
To make a physical connection to the Cisco device console:
· Connect the terminal adapter to the DB9 serial COM port of the PC · Connect on end of the console cable to the RJ-45 port of the terminal adapter · Connect the other end of the console cable to the console port of the Cisco router or switch For laptop users without serial ports, a DB9 to USB adapter may need to be used. In this case, connect the USB end of the adapter to the laptop USB port, and connect the DB9 end of the console cable to the DB9 end of the adapter.
Equipment needed to configure a Cisco device through a console connection:
· PC · Terminal emulation application software installed on the PC · Cisco Microsoft Windows USB Device Driver installed on the PC · A console cable, sometimes referred to as a rollover cable or null modem · DB9 to RJ45 terminal adapter marked with the work "terminal" or a USB to DB9 Male Serial Adapter A Cisco console cable can be a flat blue or black RJ45 rollover cable, a DB9 to RJ45 rollover cable, or a USB 5-pin mini USB Type-B to USB Type-A rollover cable. With a RJ45 rollover cable, the 8 wires of the cable are completely flipped - pin 1 becomes 8 on the other end, 2 goes to 7, 3 to 6, 4 to 5. Instead of a separate rollover cable and a terminal adaptor, Cisco now ships a DB9 to RJ45 console cable or a USB 5-pin mini USB Type-B to USB Type-A console cable with its devices.