CCNA and CCNP candidates need to know all about Setup Mode, why a router goes into that mode, and as you'll see, how to get out of that mode. Practicing Setup Mode at work is a good way to get fired, though, so you need to practice this on your CCNA / CCNP home lab or rack rental. In this article, we'll take a look at a Cisco 2500 router going into setup mode and a few tips that will help you pass the exams and excel at your job.
First, why does a router go into Setup Mode in the first place? When a Cisco router boots up, the router looks into Non-Volatile RAM (NVRAM) for the startup configuration file. If such a file is not found, and the router has not been programmed to look to a TFTP server for this file, the router enters setup mode.
The most common reason for a router not to have a startup configuration file is that the file's been erased. We will now erase this file on our 2500 router. As you'll see, the Cisco router warns us about erasing NVRAM and makes us confirm this choice, which it acknowledges with the OK message.
R1#write erase
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
R1#
The router will now be reloaded. There is a slightly misleading message displayed during reboot:
R1#reload
Proceed with reload? [confirm]
00:15:21: %SYS-5-RELOAD: Reload requested
System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1997 by cisco Systems
2500 processor with 14336 Kbytes of main memory
Notice: NVRAM invalid, possibly due to write erase.
That notice doesn't mean the NVRAM is corrupt or unusable; this message means the NVRAM doesn't have a startup configuration file.
The router will continue to boot and finally present you with this prompt:
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:
Almost every WAN engineer I know answers "no" to this question, because Setup Mode is a long, clumsy way to set up a router (in my humble opinion). We will answer "yes" in order to see this mode in action.
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: y
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system
Would you like to enter basic management setup? [yes/no]: y
Configuring global parameters:
Enter host name [Router]: R1
The enable secret is a password used to protect access to
privileged EXEC and configuration modes. This password, after
entered, becomes encrypted in the configuration.
Enter enable secret:
% No defaulting allowed
Enter enable secret:
Already, there's something about Setup Mode that you might not like. This mode forces you to set an enable password and an enable secret password. As you continue in this mode, you'll see this mode ask you questions about every single interface on the router, even if you're not planning to use that interface. Using Setup Mode really does get quite old after a while, again in my opinion.
One of the most important things about Setup Mode is knowing how to get out of it without saving the configuration. One way is at the very end of this mode, where you can answer "no" to "Do you want to save this configuration?" I personally never make it that far! Instead of waiting until the end of Setup Mode, we can use the CTRL-C key combination to abort this mode and ignore the changes.
Configuration aborted, no changes made.
Press RETURN to get started!
Setup Mode is not a mode that CCNA and CCNP candidates get a great deal of practice with, but you will be tested on your knowledge about it both in the exam room and on the job. And once you start configuring a router with this mode, you'll be glad you know how to get out of it!
Showing posts with label 2500. Show all posts
Showing posts with label 2500. Show all posts
Saturday, December 27, 2008
Thursday, December 25, 2008
Cisco CCNA Exam Tutorial: Password Recovery Procedures
It might happen on your CCNA exam, it might happen on your production network - but sooner or later, you're going to have to perform password recovery on a Cisco router or switch. This involves manipulating the router's configuration register, and that is enough to make some CCNA candidates and network administrators really nervous!
It's true that setting the configuration register to the wrong value can damage the router, but if you do the proper research before starting the password recovery process, you'll be fine.
Despite what some books say, there is no "one size fits all" approach to Cisco password recovery. What works on a 2500 router may not work on other routers and switches. There is a great master Cisco document out on the Web that you should bookmark today. Just put "cisco password recovery" in your favorite search engine and you should find it quickly.
The following procedure describes the process in recovering from a lost password on a Cisco 2500 router. As always, don't practice this at home. It is a good idea to get some practice with this technique in your CCNA / CCNP home lab, though!
The password recovery method examined here is for 2500 routers.
An engineer who finds themselves locked out of a router can view and change the password by changing the configuration register.
The router must first be rebooted and a “break” performed within the first 60 seconds of the boot process. This break sequence can also vary depending on what program is used to access the router, but is the usual key combination.
The router will now be in ROM Monitor mode. From the rom monitor prompt, change the default configuration register of 0x2102 to 0x2142 with the o/r 0x2142 command. Reload the router with the letter i. (As you can see, ROM Monitor mode is a lot different than working with the IOS!)
This particular config register setting will cause the router to ignore the contents of NVRAM. Your startup configuration is still there, but it will be ignored on reload.
When the router reloads, you’ll be prompted to enter Setup mode. Answer “N”, and type enable at the router> prompt.
Be careful here. Type configure memory or copy start run. Do NOT type write memory or copy run start!
Enter the command show running-config. You’ll see the passwords in either their encrypted or unencrypted format.
Type config t, then use the appropriate command to set a new enable secret or enable password.
Don’t forget to change the configuration register setting back to the original value! The command config-register 0x2102 will do the job. Save this change with write memory or copy run start, and then run reload one more time to restart the router.
This process sounds hard, but it's really not. You just have to be careful, particularly when you're copying the startup config over the running config. You don't want to get that backwards! So take your time, check the online Cisco documentation before starting, get some practice with this procedure with lab equipment, and you'll be ready for success on the CCNA exam and in your production network!
It's true that setting the configuration register to the wrong value can damage the router, but if you do the proper research before starting the password recovery process, you'll be fine.
Despite what some books say, there is no "one size fits all" approach to Cisco password recovery. What works on a 2500 router may not work on other routers and switches. There is a great master Cisco document out on the Web that you should bookmark today. Just put "cisco password recovery" in your favorite search engine and you should find it quickly.
The following procedure describes the process in recovering from a lost password on a Cisco 2500 router. As always, don't practice this at home. It is a good idea to get some practice with this technique in your CCNA / CCNP home lab, though!
The password recovery method examined here is for 2500 routers.
An engineer who finds themselves locked out of a router can view and change the password by changing the configuration register.
The router must first be rebooted and a “break” performed within the first 60 seconds of the boot process. This break sequence can also vary depending on what program is used to access the router, but
The router will now be in ROM Monitor mode. From the rom monitor prompt, change the default configuration register of 0x2102 to 0x2142 with the o/r 0x2142 command. Reload the router with the letter i. (As you can see, ROM Monitor mode is a lot different than working with the IOS!)
This particular config register setting will cause the router to ignore the contents of NVRAM. Your startup configuration is still there, but it will be ignored on reload.
When the router reloads, you’ll be prompted to enter Setup mode. Answer “N”, and type enable at the router> prompt.
Be careful here. Type configure memory or copy start run. Do NOT type write memory or copy run start!
Enter the command show running-config. You’ll see the passwords in either their encrypted or unencrypted format.
Type config t, then use the appropriate command to set a new enable secret or enable password.
Don’t forget to change the configuration register setting back to the original value! The command config-register 0x2102 will do the job. Save this change with write memory or copy run start, and then run reload one more time to restart the router.
This process sounds hard, but it's really not. You just have to be careful, particularly when you're copying the startup config over the running config. You don't want to get that backwards! So take your time, check the online Cisco documentation before starting, get some practice with this procedure with lab equipment, and you'll be ready for success on the CCNA exam and in your production network!
Wednesday, December 24, 2008
Cisco CCNA / CCNP Home Lab Tutorial: Planning Ahead For IE Study
Candidates preparing to pass the CCNP exams are putting together Cisco home labs like never before. With CCNA and CCNP home lab equipment more affordable than ever, candidates have realized the importance of working on real Cisco routers and switches on the way to earning their certifications.
One question I get often from CCNP candidates is goes something like this: "I'm planning on pursuing the CCIE after I get my CCNP. What kind of routers and switches should I buy now in order to use the same equipment in my CCIE home lab?"
This is going to sound strange coming from me, because I'm the #1 proponent of CCNA and CCNP candidates buying their own home labs. When it comes to the CCIE, though, I have to say that you're probably better off using rack rentals instead of investing big money now to buy more expensive equipment with which to earn your CCNP.
There are plenty of 2500 and 2600 routers out there that you can buy to prepare fully for your CCNA and CCNP exams that may not have the capability needed for IE preparation. (For instance, while 2500 routers are fantastic for CCNA and NP study, they shouldn't be used for IE study.) The issue with buying more expensive equipment is that Cisco rightfully updates the CCIE lab equipment list twice a year, and these moves can prove very costly for those who get caught in the middle of these changes.
Let me give you an example that I lived through myself. When I began pursuing the CCIE, Catalyst switches were in use in the lab. I had a Cat 5000 that I used for practice. When I was in the middle of my preparation, Cisco introduced L3 switched to the lab in the form of TWO 3550 switches. Not only was the Cat now almost useless for IE study, the new switches went for about $5500 apiece, so if I wanted to keep up with the new lab changes, it was going to cost me $11,000.
Again, I know that it's vitally important for today's CCNA and CCNP candidates to get hands-on experience with home labs. It's also great to think ahead when you're earning your CCNP, and pursuing the CCIE is one of the best decisions you'll ever make. Just keep this regular CCIE lab update in mind. I recommend that you keep your CCNP budget down while not investing in more expensive routers with the IE in mind, and wait until you have passed the CCNP and are actively engaged in CCIE study before making the decision between rack rentals and putting together your own IE lab.
One question I get often from CCNP candidates is goes something like this: "I'm planning on pursuing the CCIE after I get my CCNP. What kind of routers and switches should I buy now in order to use the same equipment in my CCIE home lab?"
This is going to sound strange coming from me, because I'm the #1 proponent of CCNA and CCNP candidates buying their own home labs. When it comes to the CCIE, though, I have to say that you're probably better off using rack rentals instead of investing big money now to buy more expensive equipment with which to earn your CCNP.
There are plenty of 2500 and 2600 routers out there that you can buy to prepare fully for your CCNA and CCNP exams that may not have the capability needed for IE preparation. (For instance, while 2500 routers are fantastic for CCNA and NP study, they shouldn't be used for IE study.) The issue with buying more expensive equipment is that Cisco rightfully updates the CCIE lab equipment list twice a year, and these moves can prove very costly for those who get caught in the middle of these changes.
Let me give you an example that I lived through myself. When I began pursuing the CCIE, Catalyst switches were in use in the lab. I had a Cat 5000 that I used for practice. When I was in the middle of my preparation, Cisco introduced L3 switched to the lab in the form of TWO 3550 switches. Not only was the Cat now almost useless for IE study, the new switches went for about $5500 apiece, so if I wanted to keep up with the new lab changes, it was going to cost me $11,000.
Again, I know that it's vitally important for today's CCNA and CCNP candidates to get hands-on experience with home labs. It's also great to think ahead when you're earning your CCNP, and pursuing the CCIE is one of the best decisions you'll ever make. Just keep this regular CCIE lab update in mind. I recommend that you keep your CCNP budget down while not investing in more expensive routers with the IE in mind, and wait until you have passed the CCNP and are actively engaged in CCIE study before making the decision between rack rentals and putting together your own IE lab.
Subscribe to:
Posts (Atom)
