Sunday, January 30, 2011

Cisco 1720 Reconfigure

I had the need to reconfigure a Cisco 1720. This router has two Ethernet WICs along with a BRI WIC. Ummm.... it's been a while since I have been in the Cisco IOS so I created a little refresher tutorial for myself as I went and did the work. Maybe you (someone) will find it useful.

A couple of notes: The router's name in all cases was set to JonahHex. I usually back up running-config via TFTP somewhere. You might see output cut and pasted from my Console that does not appear on yours. The version of the Cisco IOS might make a difference on the commands to copy/write/save. I basically wanted to blow the config away and start over. Don't get hung up on a minor difference below since I did this multiple times, so a minor setting might differ from print out to print out.

If you have some insight or correction to make, feel free to post comment. I will publish ASAP.

Have fun!

Delco


Instructions to Reset a Cisco Router Back to Factory Defaults

There are two main methods to return a Cisco router to its original factory defaults. These two methods are described below.

Method 1

This method uses the config-register 0x2102 command in global configuration mode.

1. Check the configuration register on the router by issuing the show version command.

The configuration register setting is displayed in the last line of the show version command output and should be set to 0x2102. If this is not the case, enter the config-register 0x2102 command once in global configuration mode.

In the example below, look the last line

**************** Cisco IOS Version *************************
JonahHex#show ver
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-Y-M), Version 12.3(5b), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Fri 16-Jan-04 05:16 by kellythw
Image text-base: 0x80008120, data-base: 0x809FA874

ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)

JonahHex uptime is 3 minutes
System returned to ROM by power-on
System restarted at 20:48:54 est Sun Jan 9 2011
System image file is "flash:c1700-y-mz.123-5b.bin"

cisco 1720 (MPC860T) processor (revision 0x601) with 24576K/8192K bytes of memory.
Processor board ID JAD05300KGG (76996103), with hardware revision 0000
MPC860T processor: part number 0, mask 32
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
1 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102

JonahHex#
***************************************************************
Because the line "Configuration register is 0x2102 it is all set.
If it is no there, then enter the commands below:

JonaHex#configure terminal
JonaHex#(config)#config-register 0x2102
JonaHex#(config)#end
JonaHex#reload

2. If the show version command is issued again, the same line in the command output will have '(will be 0x2102 at next reload)' appended to the current register setting.

3. Erase the current start-up configuration on the router with the write erase command.

JonahHex#write erase
JonaHex#show ver
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
Erase of nvram: complete
JonahHex#

4. Reload the router with the reload command. When prompted to save the configuration, DO NOT save.

JonaHex#reload

Proceed with reload? [confirm]

Press RETURN to get started!


Jan 9 20:53:59.795: %PQUICC_ETHER-1-LOSTCARR: Unit 0, lost carrier. Transceiver problem?
Jan 9 20:53:59.803: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
Jan 9 20:53:59.803: %LINK-3-UPDOWN: Interface Ethernet0, changed state to up
Jan 9 20:54:00.803: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
Jan 9 20:54:00.803: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to down
Jan 9 20:54:08.815: AUTOINSTALL: FastEthernet0 is assigned 192.168.10.49
Jan 9 20:54:08.819: AUTOINSTALL: Obtain siaddr 192.168.10.4 (as config server)
Jan 9 20:54:08.819: AUTOINSTALL: Obtain default router (opt 3) 192.168.10.1
Jan 9 20:54:16.967: %LINK-5-CHANGED: Interface BRI0, changed state to administratively down
Jan 9 20:54:17.967: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0, changed state to down
Jan 9 20:54:19.123: %LINK-5-CHANGED: Interface Ethernet0, changed state to administratively down
Jan 9 20:54:21.043: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-Y-M), Version 12.3(5b), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Fri 16-Jan-04 05:16 by kellythw
Jan 9 20:54:21.083: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold start

************************************************* This ends the reseting of the Cisco router to factory *******************************

Configure the router

5: After you hit Enter and got to the Router> prompt. Type Setup

Router>enable
Router#setup

--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:


6. Choosing yes gives you a wizard that gives you enough settings to get the router basic configurations.

At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.


Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system

Would you like to enter basic management setup? [yes/no]:

7. Enter Y (You should have some basic information for the router, like name of router, IP address for at least one interface, etc., ahead of time

Enter host name [Router]:JonahHex

The enable secret is a password used to protect access to
privileged EXEC and configuration modes. This password, after
entered, becomes encrypted in the configuration.
Enter enable secret:mycisco

The enable password is used when you do not specify an
enable secret password, with some older software versions, and
some boot images.
Enter enable password:mycisco2

The virtual terminal password is used to protect
access to the router over a network interface.
Enter virtual terminal password:mycisco
Configure SNMP Network Management? [no]:y
Community string [public]:public
Current interface summary

Interface IP-Address OK? Method Status Protocol
FastEthernet0 192.168.10.49 YES DHCP up up
Ethernet0 unassigned YES unset administratively down down
BRI0 unassigned YES unset administratively down down
BRI0:1 unassigned YES unset administratively down down
BRI0:2 unassigned YES unset administratively down down

Enter interface name used to connect to the
management network from the above interface summary:FastEthernet0
Configuring interface FastEthernet0:
Use the 100 Base-TX (RJ-45) connector? [yes]:y
Operate in full-duplex mode? [no]:y
Configure IP on this interface? [yes]:y
IP address for this interface [192.168.10.49]:192.168.10.6
Subnet mask for this interface [255.255.255.0] :

Configuring interface FastEthernet0:
Use the 100 Base-TX (RJ-45) connector? [yes]:
Operate in full-duplex mode? [no]:
Configure IP on this interface? [yes]:
IP address for this interface [192.168.10.49]: 192.168.10.6
Subnet mask for this interface [255.255.255.0] :
Class C network is 192.168.10.0, 24 subnet bits; mask is /24

The following configuration command script was created:

hostname JonahHex
enable secret 5 $1$u09L$HuPWT0sRNS.kwIQ8xMyWz0
enable password cisco2
line vty 0 4
password mycisco
snmp-server community mynet
!
no ip routing

!
interface Ethernet0
shutdown
no ip address
!
interface FastEthernet0
no shutdown
media-type 100BaseX
full-duplex
ip address 192.168.10.6 255.255.255.0
!
end


[0] Go to the IOS command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit.

Enter your selection [2]:

8. At this point select number 2

Enter your selection [2]:2

Building configuration...
[OK]
Use the enabled mode 'configure' command to modify this configuration.

JonahHex#

8. At this point you can do a:

JonahHex#show run

and a

JonahHex#show start

Both of this config files should be the same.

9. Test your configuration.

JonahHex#reload
Proceed with reload? [confirm]y

The router should reboot and reload.

10.When you see the message Press Enter to get started, press Enter. You will get to the prompt, then type enable, then enter the cosole password you set above mycisco

JonahHex>enable
Password:
JonahHex#

********************************** This ends the part about creating a basic cisco configuration *******************************

At this point I want to make sure any error or console messages are not appearing in the middle of the lines as I am typing.

11. At the # prompt type

JonahHex#config t
JonahHex(config)#line console 0
JonahHex(config-line)#JonahHex(config-line)#loggin sync level all

12. The following only do in a lab router or make sure you change later because it will leave console open forever if you walk away!!!
JonahHex(config-line)#Exec-timeout 0 0
JonahHex(config-line)#exit

13. If I am getting this message: %Error opening tftp://255.255.255.255/cisconet.cfg (Timed out)
JonahHex(config)#no service config

14. Backup my work to the startup-configuration, otherwise if you reboot you will lose all your work.

JonahHex#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
JonahHex#

15. I am a test crazy guy, so I again reload. If you are sure and don't want to, that is ok.

JonahHex#reload
Proceed with reload? [confirm]y

*********************************** End this part of the configuration ***********************************************************

Get the darn thing to route
16. After reload, and I am again in the router, and I am in privaleged mode by entering enable, and my console password, I want to get this thing to route.
This router has multiple interfaces, but I am only interested in two. FastEthernet0 and Ethernet0.
This is because I am routing IP over ethernet, not a WAN T1 or BRI (Isdn).

At the # type show run
JohanHex#show ver

Look at this part of the config file:

interface Ethernet0
no ip address
no ip route-cache
shutdown
half-duplex
!
interface FastEthernet0
ip address 192.168.10.6 255.255.255.0
no ip route-cache
speed auto
full-duplex

Look at the Ethernet0, there is no ip address and the interface is shutdown.

17. Configure IP address for Ethernet0 interface

JonahHex#config t
Enter configuration commands, one per line. End with CNTL/Z.
JonahHex(config)#int ethernet0
JonahHex(config-if)#ip address 192.168.20.6 255.255.255.0
JonahHex(config-if)#no shutdown
JonahHex(config-if)#exit
JonahHex(config)#exit
JonahHex#show run

Look for the following in the running-config

interface Ethernet0
ip address 192.168.20.6 255.255.255.0
no ip route-cache
half-duplex
!
interface FastEthernet0
ip address 192.168.10.6 255.255.255.0
no ip route-cache
speed auto
full-duplex

Notice now we have an ip address, and the interface is not shudown. If you do not have an ethernet cable in the port, you will get some messages about a possible transiever problem. Putting a loopback takes care of that, but then you get collisions messages. If you don't care about the messages, just ignore them right now.

18. I want to save run to start, and yes test again, you can skip reload if you like.

JonahHex#copy run start
JonahHex#reload

************************************************** End setting up the other Interace *********************************

Finish setting up routing

19. Well let's look at a couple of things. We have two interfaces set up on the router with different subnets 192.168.10.0, and 192.168.20.0.
If I ping each interface from the router, and if I ping one node on each subnet, I get echo back. See below:

JonahHex#
Jan 9 21:10:08.563: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up
JonahHex#ping 192.168.10.6

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
JonahHex#ping 192.168.20.6

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
JonahHex#ping 192.168.10.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/201/1000 ms
JonahHex#ping 192.168.20.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/200/1000 ms
JonahHex#

20. If I ping from 192.168.10.0 on some node to 192.168.20.6, I do not get a reply, and I cannot ping beyond it. In my case, this is where my main network is, and the gateway is set for the internet gateway.

21. If I ping from 192.168.20.0 on some node to 192.168.20.6, and 192.168.10.6, I do get a reply, but it will not go past 192.168.10.6
Make sure node on the 20.x network has the gateway set to 192.168.20.6.

22. We have to to tell the router to "route". Notice the show run line below were it says "no ip routing"

memory-size iomem 25
no aaa new-model
ip subnet-zero
no ip routing
!
--More--

23. Tell it to route

JonahHex#config t
JonahHex(config)#ip routing
JonahHex(config)#exit
JonahHex#show run

memory-size iomem 25
no aaa new-model
ip subnet-zero

Notice that the line "no ip routing" is gone

24. Add Gateway to router - this would be the existing gateway you are using now for internet or in cisco speak the gateway of last resort

JohanHex#config t
JonahHex(config)#ip route 0.0.0.0 0.0.0.0 192.68.10.1

25. Now if you do a show run again

JonahHex#show run
Building configuration...

Current configuration : 926 bytes
!
! Last configuration change at 21:26:40 UTC Sun Jan 9 2011
! NVRAM config last updated at 21:26:46 UTC Sun Jan 9 2011
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname JonahHex
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$u09L$HuPWT0sRNS.kwIQ8xMyWz0
enable password mycisco
!
memory-size iomem 25
no aaa new-model
ip subnet-zero
!
!
!
ip cef
!
!
!
!
interface BRI0
no ip address
shutdown
!
interface Ethernet0
ip address 192.168.20.6 255.255.255.0
half-duplex
!
interface FastEthernet0
ip address 192.168.10.6 255.255.255.0
speed auto
full-duplex
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.10.1
no ip http server
!
snmp-server community homenet RO
snmp-server enable traps tty
!
line con 0
exec-timeout 0 0
logging synchronous level all
line aux 0
line vty 0 4
password mycisco
login
!
no scheduler allocate
!
end

JonahHex#

You should be ok. If you need full routing to work, make sure that on the Gateway, you add route to the 192.168.20.0
route 192.168.20.0 255.255.255.0 192.168.10.6
********************** End of finish setting up routing ***************************************

No comments: