Wednesday, September 10, 2008
Tuesday, August 12, 2008
Generate an RSA key
You need to generate an RSA key after defaulting a router to enable SSH access.
Router(config)# crypto key generate rsa
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfssh.html
Friday, June 27, 2008
Cisco Commands - Show difference between running config and startup config
show archive config differences nvram:startup-config system:running-config
router#show archive config differences nvram:startup-config system:running-config
Contextual Config Diffs:
+ip access-list extended test
120651-149720#
More Info:
http://www.2000trainers.com/cisco-ccna-07/ccna-router-configuration-files/
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_diff.html
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_diff.html#wp1068464
Cisco Commands - Archive and Archive Config
Automated backups/revisions of configs on Cisco routers.
http://www.cisco.com/en/US/docs/ios/12_3t/fun/command/reference/cfrgt_01.html#wp1094316
archive
To enter archive configuration mode, use the archive command in global configuration mode.
archive
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values
Command Modes
Global configuration
Command History
Release | Modification |
|---|---|
12.3(4)T | This command was introduced. |
12.2(25)S | This command was integrated into Cisco IOS Release 12.2(25)S. |
Examples
The following example shows how to place the router in archive configuration mode:
Router(config)# archive
Router(config-archive)# path disk0:myconfig
Related Commands
archive config
To save a copy of the current running configuration to the Cisco IOS configuration archive, use the archive config command in privileged EXEC mode.
archive config
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Release | Modification |
|---|---|
12.3(7)T | This command was introduced. |
12.2(25)S | This command was integrated into Cisco IOS Release 12.2(25)S. |
Usage Guidelines
Note 
Before using this command, you must configure the path command in order to specify the location and filename prefix for the files in the Cisco IOS configuration archive.
The Cisco IOS configuration archive is intended to provide a mechanism to store, organize, and manage an archive of Cisco IOS configuration files in order to enhance the configuration rollback capability provided by the configure replace command. Before this feature was introduced, you could save copies of the running configuration using the copy running-config destination-url command, storing the target file either locally or remotely. However, this method lacked any automated file management. On the other hand, the Configuration Replace and Configuration Rollback feature provides the capability to automatically save copies of the running configuration to the Cisco IOS configuration archive. These archived files serve as checkpoint configuration references and can be used by the configure replace command to revert to previous configuration states.
The archive config command allows you to save Cisco IOS configurations in the configuration archive using a standard location and filename prefix that is automatically appended with an incremental version number (and optional timestamp) as each consecutive file is saved. This functionality provides a means for consistent identification of saved Cisco IOS configuration files. You can specify how many versions of the running configuration will be kept in the archive. After the maximum number of files has been saved in the archive, the oldest file will be automatically deleted when the next, most recent file is saved. The show archive command displays information for all configuration files saved in the Cisco IOS configuration archive.
Examples
The following example shows how to save the current running configuration to the Cisco IOS configuration archive using the archive config command. Before using the archive config command, you must configure the path command in order to specify the location and filename prefix for the files in the Cisco IOS configuration archive. In this example, the location and filename prefix is specified as disk0:myconfig as follows:
Router# configure terminal
Router(config)# archive
Router(config-archive)# path disk0:myconfig
You then save the current running configuration in the configuration archive as follows:
Router# archive config
The show archive command displays information on the files saved in the configuration archive as shown in the following sample output:
Router# show archive
There are currently 1 archive configurations saved.
The next archive file will be named disk0:myconfig-2
Archive # Name
0
1 disk0:myconfig-1 <- Most Recent
2
3
4
5
6
7
8
9
10
Related Commands
Cisco Commands - config replace
More info:
http://articles.techrepublic.com.com/5100-10878_11-6184709.html
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtrollbk.html
Configuration Replace
The configure replace command provides the capability to replace the current running configuration with any saved Cisco IOS configuration file. This functionality can be used to revert to a previous configuration state, effectively rolling back any configuration changes that were made since the previous configuration state was saved.
When using the configure replace command, you must specify a saved Cisco IOS configuration as the replacement configuration file for the current running configuration. The replacement file must be a complete configuration generated by a Cisco IOS device (for example, a configuration generated by the copy running-config destination-url command), or, if generated externally, the replacement file must comply with the format of files generated by Cisco IOS devices. When the configure replace command is entered, the current running configuration is compared with the specified replacement configuration and a set of diffs is generated. The algorithm used to compare the two files is the same as that employed by the show archive config differences command. The resulting diffs are then applied by the Cisco IOS parser to achieve the replacement configuration state. Only the diffs are applied, avoiding potential service disruption from reapplying configuration commands that already exist in the current running configuration. This algorithm effectively handles configuration changes to order-dependent commands (such as access lists) through a multiple pass process. Under normal circumstances, no more than three passes are needed to complete a configuration replace operation, and a limit of five passes is performed to preclude any looping behavior.
The Cisco IOS copy source-url running-config command is often used to copy a stored Cisco IOS configuration file to the running configuration. When using the copy source-url running-config command as an alternative to the configure replace target-url command, the following major differences should be noted:
•The copy source-url running-config command is a merge operation and preserves all the commands from both the source file and the current running configuration. This command does not remove commands from the current running configuration that are not present in the source file. In contrast, the configure replace target-url command removes commands from the current running configuration that are not present in the replacement file and adds commands to the current running configuration that need to be added.
•The copy source-url running-config command applies every command in the source file, whether or not the command is already present in the current running configuration. This algorithm is inefficient and, in some cases, can result in service outages. In contrast, the configure replace target-url command only applies the commands that need to be applied—no existing commands in the current running configuration are reapplied.
•A partial configuration file may be used as the source file for the copy source-url running-config command, whereas a complete Cisco IOS configuration file must be used as the replacement file for the configure replace target-url command.
Tuesday, May 27, 2008
Wacky Cisco 1721 Errors
System Bootstrap, Version 12.2(7r)XM2, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 2003 by cisco Systems, Inc.
C1700 platform with 98304 Kbytes of main memory
program load complete, entry point: 0x80008000, size: 0xded8f8
Self decompressing the image : ################################################# ################################################################################ ################################################################################ ############################# [OK]
Smart Init is enabled
smart init is sizing iomem
ID MEMORY_REQ TYPE
MainBoard 0X00027A80 1721
0X000F3BB0 public buffer pools
0X00211000 public particle pools
VPN 0X00030C0C VPN Module Buffers
0X0011 0X0000DC00 Card in slot 1
TOTAL: 0X0036AE3C
If any of the above Memory Requirements are
"UNKNOWN", you may be using an unsupported
configuration or there is a software problem and
system operation may be compromised.
Allocating additional 8063910 bytes to IO Memory.
PMem allocated: 89015838 bytes; IOMem allocated: 11647458 bytes
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-ENTSERVICESK9-M), Version 12.3(26), RELEASE SOFTW ARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:24 by dchih
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco 1721 (MPC860P) processor (revision 0x300) with 86929K/11375K bytes of memo ry.
Processor board ID FOC08031ZU0 (3546652159), with hardware revision 0000
MPC860P processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
1 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
WIC T1-DSU
32K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)
Press RETURN to get started!
*Mar 1 00:00:03.267: %C1700-3-BADIMAGE: The IOS image loaded supports voice. T he platform you are running is not voice capable.
*Mar 1 00:00:03.267: %C1700-3-BADIMAGE: The IOS image loaded supports voice. T he platform you are running is not voice capable.
*Mar 1 00:00:05.311: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar 1 00:00:06.319: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern et0, changed state to up
*Mar 1 00:00:11.167: SERVICE_MODULE(Serial0): self test finished: Passed
*Mar 1 00:00:12.691: %PA-3-NOTSUPPORTED: PA in slot3 (Unknown (type 65535)) is not supported on this image.
Please issue "show diag" in fully loaded IOS image
to get the PA's information and verify if it is supported
by this image, a newer version may be needed.Error: Unknown PM type
*Mar 1 00:00:16.483: %LINK-3-UPDOWN: Interface Serial0, changed state to down
*Mar 1 00:00:17.503: %SYS-5-CONFIG_I: Configured from memory by console
*Mar 1 00:00:17.587: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, c hanged state to down
*Mar 1 00:00:17.587: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern et0, changed state to down
*Mar 1 00:00:19.219: %LINK-5-CHANGED: Interface FastEthernet0, changed state to administratively down
*Mar 1 00:00:19.219: %LINK-5-CHANGED: Interface Serial0, changed state to admin istratively down
*Mar 1 00:00:19.767: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-ENTSERVICESK9-M), Version 12.3(26), RELEASE SOFTW ARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:24 by dchih
*Mar 1 00:00:19.791: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold start
Router>ena
Router#sh diag
Slot 0:
C1721 1FE Mainboard Port adapter, 2 ports
Port adapter is analyzed
Port adapter insertion time unknown
EEPROM contents at hardware discovery:
Hardware Revision : 3.0
PCB Serial Number : FOC08031ZU0
Part Number : 73-7546-03
Board Revision : B0
Fab Version : 04
Product (FRU) Number : CISCO1721
EEPROM format version 4
EEPROM contents (hex):
0x00: 04 FF 40 03 5A 41 03 00 C1 8B 46 4F 43 30 38 30
0x10: 33 31 5A 55 30 82 49 1D 7A 03 42 42 30 02 04 FF
0x20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x30: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
WIC/VIC Slot 1:
FT1 8360
Hardware revision 1.5 Board revision G0
Serial number 0029877529 Part number 800-03279-04
FRU Part Number WIC-1DSU-T1=
Test history 0x00 RMA number 00-00-00
Connector type WAN Module
EEPROM format version 2
EEPROM contents (hex):
0x20: 02 11 01 05 01 C7 E5 19 50 0C CF 04 00 00 00 00
0x30: 80 00 00 00 03 03 23 01 FF FF FF FF FF FF FF FF
Slot 3:
Unknown (type 65535) Port adapter
Port adapter is disabled
Port adapter insertion time unknown
EEPROM contents at hardware discovery:
EEPROM format version 4
EEPROM contents (hex):
0x00: 04 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x10: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x20: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x30: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
Tuesday, April 8, 2008
Cisco Awesomness
Router(config)#alias exec ipi sh ip int brief
Router(config)#alias exec sr sh run
Router(config)#alias exec srb show run | begin
Apparently the Redback SE400s do as well!
http://articles.techrepublic.com.com/5100-1035_11-5842782.html
http://articles.techrepublic.com.com/5100-1035_11-5855141.html
http://ciscofaq.blogspot.com/2005/05/how-to-i-reverse-telnet-out-my-aux.html
Wednesday, February 13, 2008
Word of the Day
Definitions of suppuration on the Web:
www.kented.org.uk/ngfl/subjects/history/medhist/page45_glossary.html
www.colonrectal.org/patientinfo/definitions/definitions.htm