03-19-2009 01:26 AM - edited 03-04-2019 04:00 AM
I have attached a diagram of my connection. What I want to do is to use router A ip address to router B. Router A is located remotely that no one can handle it onsite. Im just doing remote connection to both routers. How I can use router A ip adr to router B w/o sacrificing router A connection. I heard of second ip, but i havent tried this one. Pls. help
03-19-2009 03:18 AM
To put a second IP Address, do this ...
int f0/0
ip address yada.yada.yada.yada blah.blah.blah.blah secondary
Then once that is done, telnet into the secondary address and remove the 1st IP Address.
Or you can create a loopback IP Address and telnet into that IP Address too.
03-19-2009 04:57 AM
we can't do as leolaohoo mention,
Router required to remove first secondary ip address before primary ip address.
03-19-2009 07:11 AM
Can you not use loopback ip address either?
03-20-2009 12:27 AM
is the loopback address which known via static route with next hop of 10.205.30.26 will also be unreachable once the ip addres of the interface was removed?
03-19-2009 02:55 PM
Gee ... Ok.
Presume you got this ...
int f 0/0
ip address 1.1.1.1 255.255.255.0
ip address 1.1.2.1 255.255.255.0 secondary
and you want to delete the first secondary, so you put another network there like "ip address 1.1.3.1 255.255.255.0", get out and telnet into the 1.1.3.1 and do a "no ip address 1.1.2.1 255.255.255.0 secondary".
Otherwise, create a loopback address and telnet into that and put the 1.1.3.1 secondary as well as remove the 1.1.2.1 address. Does this make sense to you?
03-20-2009 12:26 AM
but is the loopback address which is known only through the ip address of 10.205.30.26 will also be unreachable once the ip address of the interface was removed?
03-19-2009 07:30 AM
Hello Oliver,
a secondary ip address on a lan interface can fix this issue.
you still keep both the primary and secondary ip address.
to reach RA from another ip subnet a static route pointing to RB primary ip address can be used or a dynamic routing protocol like RIP or EIGRP to advertise the secondary ip address block
Hope to help
Giuseppe
03-21-2009 11:46 PM
Here is a generic process I have used many times to change the IP address of a remote router without loosing access. This works really well.
========================
PROCEDURE
========================
REMOTE - Enable telnet and ssh on VTY lines.
REMOTE - Remove any access class on VTY.
REMOTE - Schedule a reload for 10 minutes (In case something goes wrong, will restore access)
REMOTE - Add second static default route pointing out interface (ensure Unicast Reverse Path Forwarding isnt enabled on outbound interface first)
REMOTE - Remove any crypto map if applied. (Connectivity Lost)
HUB - Remove any crypto map from HUB if applied. (Connectivity Restored)
REMOTE - Change interface IP address. (Connectivity Lost)
HUB - Change interface iP address or VLAN assignment. (Connectivity restored)
REMOTE - Remove old static default route.
REMOTE - Add new static default using next hop instead of interface.
REMOTE - Remove static default that used interface.
REMOTE - Re-enable Unicast RPF if it was applied.
REMOTE - Re-apply crypto if used (Connectivity Lost)
HUB - Re-apply crypto if used (Connectivity Restored)
REMOTE - Add access class back to VTY.
REMOTE - Cancel Reload
REMOTE - Save Configurations.
09-12-2018 06:35 AM
I am still getting likes for the above, but this is actually a quite dated approach. A couple other options exist that are more viable:
1. Put all configuration changes you need to make into a text file on flash memory, just as if you were going to copy and paste them into the device. You can use TCL to write directly to flash memory as follows:
tclsh
puts [open flash:changes.txt w+] {
<insert changes here just as if you were typing into config mode>
}
tclquit
Then, when ready to execute, just copy from flash to running config as follows:
copy flash:changes.txt running-config
This will perform a merge of the changes in the text file with the existing running configuration. As always, I recommend scheduling a reload and removing VTY line ACLs and AAA as a safety precaution.
2. Similar to the above, the configuration changes can be put into an EEM script that is triggered with "event none", which means it must be manually run by the engineer. Then you just run the script. This is more useful in cases where you may need to make and revert changes regularly. For example, in an MPLS L3VPN environment, I have an EEM script that modifies BGP policy to route a given location to its alternate internet access point, and a second EEM script to revert those changes. I keep them on the device so that I can regularly execute re-routes for various testing scenarios (such as transparent cyber security systems at alternate egress locations, etc). Just do a little googling to get the syntax of the EEM script, but the most critical element is to disable command authorization for your script and to ensure you understand the cli for EEM needs to elevate (enable) and enter configuration mode (conf t) before you execute the commands you want to do (i.e. the first two lines of the EEM should include 'cli command "enable"' and 'cli command "config t"'). You'll get the hang of it quickly, just do some testing of your EEM before deploying (run CSR1000v in VirtualBox or something like that).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide