Diff btn CAT 4506 IOS and Supe IV IOS

Unanswered Question
Apr 24th, 2008

I have a CAT4506 that is currently loaded with cat4000-i9k91s-mz.122.25.EWA9 IOS. I also have a Sup IV mod installed but am unable to config the uplink ports on it. From what I have found here, I have to upgrade to at least 12.2(25)SG4 in order to utilize the uplink SUP4 functionality. I have d/l the newest in the tree 12.4(44)SG and it is now loaded in bootflash:. I was researching the SupIV card and saw that to enable CWI I need to have another IOS loaded (cat4000-k8.8-4-11-GLX.bin) on the supervisor IV flash. Are these two different bootflashes, one for the 4506 (bootflash:) and one for the sup IV mod (cat4000bootflash:) or are they the same? If they are the same, which one do I need? Any help is much appreciated!!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

The SupIV is an IOS module and requires just one image. Therefore, you cannot use the Catalyst Web Interface (CWI) to configure the switch. The GUI that you want to use with the 4500 series switches is called the Cisco Network Assistant.

I'm not sure what you're saying about the uplinks not working. Can you reply with the post that talks about the inactive uplinks?

glenn-mchenry Fri, 04/25/2008 - 07:12

We were running 12.2(25)EWA9 IOS. Prior to me starting with the company, a supe IV port was installed but they were unable to get the two GBIC uplink ports to work. It was turned over to me. From what I read on this site, the supe IV wasn't really supported until 12.2(25)SG4. We just upgraded today to 12.2(44)SG. Now somehow the enable secret password has changed and everyone around me says they didn't change it. I backed up everything prior to the restart so all should be good, and I see that the username is in the running config, but the password that I used to console in just prior to the reload isn't working. Does anyone know why this would be?

According to the release notes, support for the Sup IV was introduced in 12.1(12c)EW. I also saw nothing in the release notes about any gbic port issues. I'm not saying that your issue didn't exist, just that I'm not seeing anything on it so I can't help you there. But, if they're working OK now who cares right? :-)

Well the only way it would have changed is if someone changed the password or the login/aaa config, or if the correct password or login/aaa config was only present in the running config. Sounds like it may be time for a password recovery.

http://www.cisco.com/en/US/products/hw/switches/ps663/products_password_recovery09186a00800945f7.shtml

glenn-mchenry Fri, 04/25/2008 - 10:17

Right, no worries about the uplink ports being supported. I can see the log messages stating that I'm pulling the gbics in and out of the ports, before I wasn't getting any notifications. I figured as much with the password recovery and have the instructions ready to go but since everything else is working, I'm being told to wait to do a recovery. Figures doesn't it. Thanks for the advice and info. Here's the info that led me to believe that the ios we were using on our CAT4506 wasn't supporting the gbics/supIV:

Software Requirements

The Cisco Catalyst 4500 Series Supervisor Engine IV is supported only in Cisco IOS Software and

is not supported in the Cisco Catalyst OS Software. The minimum software versions are as

follows:

● Supervisor engine IV: Cisco IOS Software Release 12.2(25)SG or later

● Supervisor engine IV with the NetFlow daughter card: Cisco IOS Software Release

12.2(25)SG

This is from http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps4324/product_data_sheet0900aecd8035cf2b.pdf,

which is the link to the data sheet for the Supervisor Engine IV Module we have in slot 1.

glenn-mchenry Mon, 04/28/2008 - 09:34

I looked at the pdf and see what you were refering to. I tried the pw recovery but it failed and I think I know why. We are using aaa local and all the pw recovery did was redo the enable secret. Once I'm in priv exec mode, would I just do a " no username priv 15" then do a "username priv 15"? I'm gonna be doing it tomorrow morning prior to everyone coming in. Hopefully it will work. Otherwise I'll blow away the aaa and for now just set it for enable secret. I think I'm the only one going into the backbone anyway.

The password recovery isn't really specific to the password so much as it loads a default config so that you can load the startup config (or whatever config you want) and go from there. If you're using AAA local then yes you'll want to make the username/password changes that you've stated.

On my devices, I also create a unique admin un/password and seal it up and lock it away so that there's at least some way of getting into the switch (with it online) if I get hit by a piece of the ISS.

glenn-mchenry Mon, 04/28/2008 - 11:52

Yeah, still new to the civilian side of backbones...figured out that if there is aaa involved (its local) then changing the enable secret won't do anything for me. Found out that I need to do the recovery and once in, copy start run, then do a no username umptysquat, then a username umptysquat privilege 15 secret xxxxxxxx. I was reading on cisco's site irt the console port bypassing the auth by using "line con 0" "login authentication NO_AUTHEN". Does that sound familiar? Thanks jcoke for all your help!

Actions

This Discussion